d351541ee6
make host_fs_types a hashmap
...
This requires bash >= 4, but hash maps are so much more comfortable
2013-03-11 18:58:32 +01:00
cf24ac8c19
crypt, dmraid, mdraid: use for_each_host_dev_and_slaves_all()
...
To catch _all_ UUIDs and not only the first one, use
for_each_host_dev_and_slaves_all
2013-03-07 16:00:00 +01:00
5ac8420abc
crypt/parse-crypt.sh: don't generate luks rules in systemd mode
2013-03-06 17:29:11 +01:00
e9020221a7
crypt: do not cleanup in systemd mode
2013-03-06 17:29:11 +01:00
fdeae2a3ac
crypt/crypt-run-generator.sh: do not timeout for LUKS passwords with systemd
2012-12-14 09:04:55 +01:00
329bbd797f
crypt/crypt-run-generator.sh: fixup last commit 065fc56ab2
2012-11-21 16:36:37 +01:00
065fc56ab2
Make short uuid specification for allow-discards work
...
1) strstr " $discarduuids " did not remove the optional
'luks-' prefix from the argument as the documentation says.
2) The lookup seems backwards. $luksdev ($luks in the other code copy)
is the full uuid and thus one should check whether the user-supplied
argument (short form) is contained therein, not the other way around.
Before this commit, the only way to trigger allow-discards was to
specify the full uuid without the 'luks-' prefix.
2012-11-21 16:01:45 +01:00
585b3b37c0
90crypt: call systemd commands only if systemd binaries are there
2012-10-08 03:28:43 -04:00
e064127729
add "rd.auto" parameter and switch off automatic assembly
...
No automatic assembly is done anymore by default. You will have to
specify exactly what devices to assemble
("rd.md.uuid=" "rd.luks.uuid" ...)
or use "rd.auto=1" or "rd.auto" on the kernel command line.
For big servers with thousands of disks we don't want to assemble
everything by default (error prone, slow).
2012-09-27 14:05:50 +02:00
3722020071
crypt/crypt-run-generator.sh: add allow-discards to options in crypttab
2012-09-26 11:49:28 +02:00
3d12d7a2cc
crypt: install /etc/crypttab only in host-only mode
2012-09-24 13:15:08 +02:00
8a7f561ee5
crypt: do not run systemd crypt generator
...
"systemctl daemon-reload" does it already for us
2012-09-04 09:49:45 +02:00
3d3c192621
crypt/crypt-run-generator.sh: check if crypttab exists
2012-07-30 22:29:47 +02:00
92b3ee855f
removed finished-ask-password.sh
2012-07-30 22:29:42 +02:00
3f7e5358e5
crypt/crypt-run-generator.sh: do not add already existing luks
2012-07-30 20:41:16 +02:00
3d352f5228
crypt: add systemd crypt support
2012-07-30 17:08:52 +02:00
aefea76cf8
set DRACUT_SYSTEMD for systemd mode in the initramfs
2012-07-30 17:08:51 +02:00
68e7661ca7
deprecate old command line options
2012-07-25 10:32:42 +02:00
e88e3b2797
91crypt-loop: replace basename calls with string matching
2012-07-25 10:31:43 +02:00
df68781fca
91crypt-loop: use initqueue for cleanup strategy
2012-07-25 10:31:43 +02:00
c5758f2090
90crypt: enhance crypt-lib keydev mounting
...
Combining $keydev and $keypath should result in a unique, re-usable keydev
mountpoint. mkuniqdir doesn't seem to have any an advantage here and lacks
reusability. Is there ever a use case where these are true:
* there are more than one rd.luks.key=$keypath:$keydev
* one is actually different from the other
2012-07-25 10:31:43 +02:00
3e9b4330a9
90crypt: recognize .img as loop key container
2012-07-25 10:31:43 +02:00
53fe81e752
modules.d/*/module-setup.sh: combine and specify type for installs
...
To speedup image creation, combine dracut_install calls and specify the exact type.
E.g. inst_script instead of the generic inst.
2012-06-29 12:41:27 +02:00
4d0f1d7b28
modules.d/*/module-setup.sh: no more sourcing of dracutfunctions
2012-06-29 12:41:26 +02:00
5ad3803dac
crypt: add rd.luks.allow-discards and honor options in crypttab
...
also fixed the retry loop for rd.luks.key
2012-05-31 12:01:19 +02:00
eef7649e71
merge "cleanup" and "pre-pivot-cleanup" hooks
2012-04-23 11:32:45 +02:00
1bd76bf981
move cleanup scripts to pre-pivot-cleanup hook
...
below cleanup scripts is moved:
40network: kill-dhclient.sh
90crypt: crypt-cleanup.sh
90multipath: multipathd-stop.sh
95iscsi: cleanup-iscsi.sh
95nfs: nfsroot-cleanup.sh
Signed-off-by: Dave Young <dyoung@redhat.com>
2012-04-19 11:59:45 +02:00
8d021e4b8a
90crypt/parse-crypt.sh: simplify rd.luks.uuid testing
2012-02-29 16:20:02 +01:00
004fd0557d
host-only checks corrected and kernel_only mode
...
In kernel_only mode, we don't want to write /etc/cmdline.d
Correctly return the check functions, so we have a valid return of
for_each_host_dev_fs().
mdraid and dmraid functions had wrong checkings for the filesystem
type.
2012-02-22 19:29:57 +01:00
fb67e4aa36
shutdown on demand
...
Do not save and restore the initramfs, but instead, just unpack the
default initramfs for shutdown on shutdown.
2012-02-13 07:08:08 +01:00
96b8d60a9b
dracut: precreate "${initdir}/etc/cmdline.d"
2012-02-07 18:48:04 +01:00
6aafdc5c04
90crypt/crypt-cleanup.sh: send unneeded output to /dev/null
2012-02-07 11:23:42 +01:00
5f282199c8
90crypt/module-setup.sh: prepend "luks-" to hostonly cmdline file
2012-01-23 13:50:27 +01:00
1b7fd0fa3e
Check module dependencies of mount points
...
Like -H, we need to poll every module to check if it is needed
to mount a specific device in '--mount'.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
2012-01-13 11:35:49 +01:00
480d772f22
*/module-setup.sh: use host_fs_types host_devs
...
For the $hostonly case, use $host_fs_types and $host_devs to determine,
if a module has to be included in the initramfs.
2011-12-15 14:49:03 +01:00
1939a4f96e
99fs-lib/fs-lib.sh: accept "UUID=" and "LABEL=" for fsck_single
...
with the reuse of crypt-lib.sh devnames() and putting it in
dracut-lib.sh, fsck_single() can use more generic names from /etc/fstab
2011-12-15 08:54:48 +01:00
4e05cb4023
cryptroot-ask.sh: use key file, if specified in crypttab and present
...
if a key file is specified in crypttab and present in the initramfs use
it to open the device.
https://bugzilla.redhat.com/show_bug.cgi?id=751640
2011-11-16 11:42:09 +01:00
2c0b5281f5
90crypt/parse-crypt.sh: also accept the beginning of the LUKS UUID
...
2e0c003435
2011-08-30 14:43:57 +02:00
2e0c003435
luks key on ext dev - wait for luks
...
This really waits for the luks mapper device, so luksOpen can do it job
2011-08-22 11:27:00 +02:00
1f735f82cc
crypt: changed cmdline arg name from rd.luks.tout to rd.luks.key.tout
2011-08-22 11:19:22 +02:00
c70f6415f8
luks key on ext dev - wait for luks
...
This asks for the luks passphrase if key is not found for defined time (if defined with rd.luks.tout cmd line):
modules.d/90crypt/cryptroot-ask.sh | 21 ++++++++++++++++++---
modules.d/90crypt/parse-crypt.sh | 5 +++--
2 files changed, 21 insertions(+), 5 deletions(-)
2011-08-22 11:19:22 +02:00
581dd40e73
90crypt: ask_for_password pings plymouthd
...
If plymouthd is not started, ask_for_password shouldn't try to prompt
for password with GUI and should use text prompt instead.
2011-08-19 15:18:04 +02:00
4a049ce556
add x-bit to *.sh
2011-08-12 16:29:28 +02:00
e59f58f854
use inst_simple to install non-binary files
2011-08-12 13:11:30 +02:00
b52294d00b
crypt: dropped plymouth --has-active-vt check on passwd prompt
...
As Ray Strode explains, plymouth --has-active-vt may fail if the user
passes console=ttyS0 or something other not corresponding to
console=tty0, because plymouth is outputing to the serial console and
not a VT in this case.
2011-07-01 10:15:26 +02:00
565f6fb675
crypt/crypt-lib.sh: s/.console.lock/.console_lock/g
...
In the initrd, the init script and the sbin/cryptroot-ask script use
flock with different lock files for the console: /.console_lock and
/.console.lock respectively
2011-06-17 13:44:08 +02:00
29b10e65b1
dracut-functions: make local vars local and prefix with "_"
2011-05-12 11:06:47 +02:00
3b403b32fc
removed trailing whitespaces
2011-05-10 11:56:09 +02:00
3909d7edfc
crypt: functions for ask-for-password and reading key
...
Asking for password and reading key parts are moved to separate
functions in crypt-lib.sh: ask_for_password and readkey.
2011-05-06 12:23:52 +02:00
2f95d699dc
crypt-lib.sh: 'command -v' preferred over 'type'
2011-05-06 12:23:51 +02:00
f024bf0dcd
base, crypt: install umount, because it is used
2011-04-20 16:51:39 +02:00
8234b92d85
crypt/cryptroot-ask.sh: check and use NEWROOT
2011-04-11 13:34:58 +02:00
6730280c5b
crypt/parse-crypt.sh: fixed rule creation
...
"\n" was missing
create rules file on tmp file and rename it later
2011-04-08 13:50:10 +02:00
fb59f4c967
get rid of absolute PATHs
2011-04-08 13:49:06 +02:00
ea8ca78af0
crypt/parse-crypt.sh: fix udev rule creation
2011-04-08 10:23:58 +02:00
0b53ca70b6
Move all hooks to "$hookdir"
...
hookdir=/lib/dracut/hooks for now, to keep the root directory clean
2011-03-25 16:10:46 +01:00
c9f1e3d1f4
check for getarg() function before sourcing dracut-lib.sh
...
make use of "type getarg" to check, if we really need to source
dracut-lib.sh
2011-03-25 16:10:46 +01:00
6927f09e1c
cryptoroot-ask: limit number of plymouth password requests
...
Set number ot retries to 5 to align with non-plymouth case.
Signed-off-by: Andrey Borzenkov <arvidjaar@gmail.com>
2011-03-11 11:44:02 +01:00
96d1d01572
cryptroot-ask: check that plymouth is running before use
...
Otherwise there is no way to skip pasword prompt. --has-active-vt
seems to correctly catch also the case when plymouthd is started
but splash is disabled.
Signed-off-by: Andrey Borzenkov <arvidjaar@gmail.com>
2011-03-11 09:43:44 +01:00
9fe4f5ff25
crypt: installing all crypto kernel modules instead of few selected
2011-03-09 18:09:23 +01:00
b20ff981c4
crypt-lib.sh: moved IFS=: from before 'read' to before 'while'
...
Some versions of dash don't behave as expected with code like this:
while IFS=: read a b c; do
blah
done
Thanks to Eric Mertens who identified the issue.
2011-03-07 13:56:41 +01:00
fcbcc89bb2
crypt: fix emergency script generation
...
[ forward port of e45a2dba]
2011-03-07 13:37:20 +01:00
7d4f1101bc
add missing editor format commands
2011-02-23 09:41:08 +01:00
71df3c4329
renamed module-info.sh to module-setup.sh
2011-02-02 16:35:18 +01:00
95d2dabc25
replaced check,install,installkernel with module-info.sh
2011-02-02 13:56:03 +01:00
91f4d45f93
crypt: change /tmp/luks.keys seperator from "|" to ":"
...
Do it like on the kernel command line, so we only have one forbidden
character.
2010-11-12 14:11:33 +01:00
8844cd6b6c
90crypt: probe for keydev asynchronously; changed kernel arg
...
New kernel argument syntax for LUKS-keydev is introduced:
rd.luks.key=<key_path>[:<key_dev>[:<luks_dev>]]
Unfolding <key_dev> in BNF:
<key_dev> ::= "UUID=" <uuid> | "LABEL=" <label> | <kname>
Where <kname> matches following regular expression:
^/dev/.*
<kname> need to be a character device and not a symlink for now.
For every rd.luks.key argument udev rule is created. That rule runs
test to check whether matching device contains <key_path>. If it does
it's applied to matching <luks_dev>.
2010-11-12 14:08:08 +01:00
fa7ada31d0
new parameter option names with "rd.*" namespace
...
Renamed Options
Here is a list of options, which were used in dracut prior to
version 008, and their new replacement.
rdbreak
rd.break
rd_CCW
rd.ccw
rdcopystate
rd.copystate
rd_DASD_MOD
rd.dasd_mod.dasd
rd_DASD
rd.dasd
rdinitdebug rdnetdebug
rd.debug
rd_NO_DM
rd.dm=0
rd_DM_UUID
rd.dm.uuid
rdblacklist
rd.driver.blacklist
rdinsmodpost
rd.driver.post
rdloaddriver
rd.driver.pre
rd_NO_FSTAB
rd.fstab=0
rdinfo
rd.info
check
rd.live.check
rdlivedebug
rd.live.debug
live_dir
rd.live.dir
liveimg
rd.live.image
overlay
rd.live.overlay
readonly_overlay
rd.live.overlay.readonly
reset_overlay
rd.live.overlay.reset
live_ram
rd.live.ram
rd_NO_CRYPTTAB
rd.luks.crypttab=0
rd_LUKS_KEYDEV_UUID
rd.luks.keydev.uuid
rd_LUKS_KEYPATH
rd.luks.keypath
rd_NO_LUKS
rd.luks=0
rd_LUKS_UUID
rd.luks.uuid
rd_LUKS_UUID
rd.luks.uuid
rd_NO_LVMCONF
rd.lvm.conf
rd_LVM_LV
rd.lvm.lv
rd_NO_LVM
rd.lvm=0
rd_LVM_SNAPSHOT
rd.lvm.snapshot
rd_LVM_SNAPSIZE
rd.lvm.snapsize
rd_LVM_VG
rd.lvm.vg
rd_NO_MDADMCONF
rd.md.conf=0
rd_NO_MDIMSM
rd.md.imsm=0
rd_NO_MD
rd.md=0
rd_MD_UUID
rd.md.uuid
rd_NFS_DOMAIN
rd.nfs.domain
rd_NO_PLYMOUTH
rd.plymouth=0
rd_retry
rd.retry
rdshell
rd.shell
rd_NO_SPLASH
rd.splash
rdudevdebug
rd.udev.debug
rdudevinfo
rd.udev.info
rd_NO_ZFCPCONF
rd.zfcp.conf=0
rd_ZFCP
rd.zfcp
2010-10-28 17:11:27 +02:00
cc02093d69
reformat source code
...
removed tabs and set indention to 4 spaces
added emacs and vi format headers
2010-09-10 15:34:36 +02:00
7254c24a76
Merged cryptroot-ask.sh from plymouth to crypt module.
...
First, it's duplicate code.
Second, it did not allow those who had plymouth installed to use other
methods, like the new usb key file. When building the initram,
it would install the plymouth cryptroot-ask script, and not
the crypt module one.
Added these new items to crypt module's cryptroot-ask.sh:
- 'unset' for used variables
- udevsettle
The non-plymouth cryptsetup prompt was using $1 instead of $device.
Changed prompt number from 1 to 5, as this is much nicer.
I believe plymouth already does infinite prompts.
Also added unset for usb key. Just saw it didn't unset its vars.
2010-08-23 11:55:11 +02:00
f3af7bd66b
use 'type' built-in instead of external cmd 'which' in every Bash script
2010-08-23 11:54:09 +02:00
85ab21a6e0
We are precise about hostonly checking these days.
...
So get rid of the comment in 90crypt/check.
Also do a bit of trivial bashification.
2010-08-23 11:51:35 +02:00
9c7f67a94d
crypt: depend on dm
2010-08-09 13:24:08 +02:00
8e102a2487
crypt: fix printf
2010-08-02 14:17:58 +02:00
606852a4a6
crypt: loop until all non-busy crypt devs closed
2010-08-02 09:59:10 +02:00
3f62b2637c
crypt: strip "luks-" from rd_LUKS_UUID
2010-07-29 16:35:31 +02:00
e5c6cb2a8c
crypt: remove emergency source of dracut-lib.sh
2010-07-23 12:26:42 +02:00
2926b5b35d
90crypt: keys on external devices support
...
99base/dracut-lib.sh: new fun.: getoptcomma, foreach_uuid_until
2010-07-21 13:38:47 +02:00
ed61aae141
cryptroot-ask: s/getargs rd_NO_CRYPTTAB/getarg rd_NO_CRYPTTAB/g
2010-07-12 18:47:08 +02:00
e9ef52b460
crypt: wait for all rd_LUKS_UUID disks to appear
...
Also give a hint in emergency, if one disk is not found.
2010-07-12 16:16:39 +02:00
ecee64bffa
crypt/parse-crypt.sh: fix end label for luks udev rules
2010-07-12 14:43:11 +02:00
540eb97162
crypt: removed default 70-luks.rules
2010-07-12 14:33:43 +02:00
013986a8ad
crypt: assemble 70-luks.rules dynamically
2010-07-12 14:31:21 +02:00
95c1941ce5
crypt: add fpu kernel module
2010-06-21 20:47:01 +02:00
b48d98dda3
crypt: install more aes modules
2010-06-11 12:52:16 +02:00
be0921a413
90crypt: 'crypto_LUKS' identifier corrected
2010-06-09 11:04:02 +02:00
2974f382f8
Have cryptroot-ask load dm_crypt if needed.
2010-06-09 10:46:38 +02:00
6a4f980921
Just look for cryptroot instead of /sbin/cryptroot
...
We know what the path is and what it contains in the initrd, and
not everyone puts cryptroot in /sbin
2010-06-09 10:46:38 +02:00
dc40ea7fa1
crypt/dm: move dmeventd to dm module
2010-01-13 16:33:40 +01:00
bb2200ffca
cryptroot-ask.sh: fixed luks handling
...
see https://bugzilla.redhat.com/show_bug.cgi?id=530898#c16
2010-01-12 14:55:09 +01:00
2c2e3ad860
cryptroot-ask.sh: s/==/=/g (bug #542081 )
2009-12-21 15:15:23 +01:00
2e6b98c7f6
All module scripts should have a shebang
2009-11-27 14:07:21 +01:00
394f30d8d4
crypt: ignore devices in /etc/crypttab (root is not in there)
2009-11-12 14:56:36 +01:00
349bac4214
crypt: install /etc/crypttab and honor crypttab entries
2009-11-05 17:06:26 +01:00
c3844cbf4a
crypt: refix rd_LUKS_UUID handling
...
https://bugzilla.redhat.com/show_bug.cgi?id=533177
2009-11-05 17:06:26 +01:00
b9c4654a63
devicemapper: add dmeventd and new rules for device mapper
2009-09-23 16:52:14 -07:00
3329f92136
90crypt/70-luks.rules: set unique name for initqueue job
2009-09-15 15:00:24 +02:00
650da7bada
removed initrdargs from parse-*.sh
2009-09-10 17:34:15 +02:00
273b197d75
added initqueue-settled and refactored code
2009-09-07 19:12:01 +02:00
e4dec3d6b6
{crypt,dmraid,lvm,mdraid}: cleanup with pre-pivot 30 and 31
2009-09-03 17:11:57 +02:00
Harald Hoyer