kernel
/
dracut
mirror of https://git.kernel.org/pub/scm/boot/dracut/dracut.git/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Support root on LUKS (dm-crypt) 

Support having root on LUKS with the password prompting handled by plymouth.
This requires ensuring our input is from /dev/console and also requires that
we import vol_id info about all block devices rather than ignoring dm devs
(which is what the persistent storage rules do by default)
master
Jeremy Katz 16 years ago
parent
f39a104630
commit
eb25ff7a27
4 changed files with 19 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      generate.sh
  2. 3
      init
  3. 13
      rules.d/63-luks.rules
  4. 1
      rules.d/64-lvm.rules

7
generate.sh
Unescape View File

@ -15,21 +15,22 @@ fi @@ -15,21 +15,22 @@ fi
tmpdir=$(mktemp -d)

# executables that we have to have
exe="/bin/bash /bin/mount /bin/mknod /bin/mkdir /sbin/modprobe /sbin/udevd /sbin/udevadm /sbin/nash /bin/kill /sbin/pidof /bin/sleep"
exe="/bin/bash /bin/mount /bin/mknod /bin/mkdir /sbin/modprobe /sbin/udevd /sbin/udevadm /sbin/nash /bin/kill /sbin/pidof /bin/sleep /bin/echo"
lvmexe="/sbin/lvm"
cryptexe="/sbin/cryptsetup"
# and some things that are nice for debugging
debugexe="/bin/ls /bin/cat /bin/ln /bin/ps /bin/grep /usr/bin/less"
# udev things we care about
udevexe="/lib/udev/vol_id"

# install base files
for binary in $exe $debugexe $udevexe $lvmexe ; do
for binary in $exe $debugexe $udevexe $lvmexe $cryptexe ; do
inst $binary $tmpdir
done

# FIXME: would be nice if we didn't have to know which rules to grab....
mkdir -p $tmpdir/lib/udev/rules.d
for rule in /lib/udev/rules.d/40-redhat* /lib/udev/rules.d/60-persistent-storage.rules /lib/udev/rules.d/61*edd* /lib/udev/rules.d/64* /lib/udev/rules.d/80* /lib/udev/rules.d/95* rules.d/*.rules ; do
for rule in /lib/udev/rules.d/40-redhat* /lib/udev/rules.d/50* /lib/udev/rules.d/60-persistent-storage.rules /lib/udev/rules.d/61*edd* /lib/udev/rules.d/64* /lib/udev/rules.d/80* /lib/udev/rules.d/95* rules.d/*.rules ; do
cp -v $rule $tmpdir/lib/udev/rules.d
done


3
init
Unescape View File

@ -21,7 +21,7 @@ export TERM=linux @@ -21,7 +21,7 @@ export TERM=linux

# /dev/console comes from the built-in initramfs crud in the kernel
# someday, we may need to mkdir /dev first here
exec > /dev/console 2>&1
exec > /dev/console 2>&1 < /dev/console

# mount some important things
mount -t proc /proc /proc
@ -29,7 +29,6 @@ mount -t sysfs /sys /sys @@ -29,7 +29,6 @@ mount -t sysfs /sys /sys
mount -t tmpfs -omode=0755 udev /dev

# FIXME: what device nodes does plymouth really _need_ ?
mknod /dev/console c 5 1
mknod /dev/null c 1 3
mknod /dev/kmsg c 1 11
mknod /dev/ptmx c 5 2

13
rules.d/63-luks.rules
Unescape View File

@ -0,0 +1,13 @@ @@ -0,0 +1,13 @@
# hacky rules to try to try unlocking dm-crypt devs
#
# Copyright 2008, Red Hat, Inc.
# Jeremy Katz <katzj@redhat.com>


SUBSYSTEM!="block", GOTO="luks_end"
ACTION!="add|change", GOTO="luks_end"

ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/bin/plymouth ask-for-password --command '/sbin/cryptsetup luksOpen $env{DEVNAME} luks-$env{ID_FS_UUID}"


LABEL="luks_end"

1
rules.d/64-lvm.rules
Unescape View File

@ -7,6 +7,7 @@ @@ -7,6 +7,7 @@
SUBSYSTEM!="block", GOTO="lvm_end"
ACTION!="add|change", GOTO="lvm_end"

KERNEL!="sr*", IMPORT{program}="vol_id --export $tempnode"
ENV{ID_FS_TYPE}=="LVM2_member", RUN+="/sbin/lvm vgchange -ay"



Write Preview
Loading…
Cancel
Save