5ad3803dac
crypt: add rd.luks.allow-discards and honor options in crypttab
...
also fixed the retry loop for rd.luks.key
2012-05-31 12:01:19 +02:00
eef7649e71
merge "cleanup" and "pre-pivot-cleanup" hooks
2012-04-23 11:32:45 +02:00
1bd76bf981
move cleanup scripts to pre-pivot-cleanup hook
...
below cleanup scripts is moved:
40network: kill-dhclient.sh
90crypt: crypt-cleanup.sh
90multipath: multipathd-stop.sh
95iscsi: cleanup-iscsi.sh
95nfs: nfsroot-cleanup.sh
Signed-off-by: Dave Young <dyoung@redhat.com>
2012-04-19 11:59:45 +02:00
8d021e4b8a
90crypt/parse-crypt.sh: simplify rd.luks.uuid testing
2012-02-29 16:20:02 +01:00
004fd0557d
host-only checks corrected and kernel_only mode
...
In kernel_only mode, we don't want to write /etc/cmdline.d
Correctly return the check functions, so we have a valid return of
for_each_host_dev_fs().
mdraid and dmraid functions had wrong checkings for the filesystem
type.
2012-02-22 19:29:57 +01:00
fb67e4aa36
shutdown on demand
...
Do not save and restore the initramfs, but instead, just unpack the
default initramfs for shutdown on shutdown.
2012-02-13 07:08:08 +01:00
96b8d60a9b
dracut: precreate "${initdir}/etc/cmdline.d"
2012-02-07 18:48:04 +01:00
6aafdc5c04
90crypt/crypt-cleanup.sh: send unneeded output to /dev/null
2012-02-07 11:23:42 +01:00
5f282199c8
90crypt/module-setup.sh: prepend "luks-" to hostonly cmdline file
2012-01-23 13:50:27 +01:00
1b7fd0fa3e
Check module dependencies of mount points
...
Like -H, we need to poll every module to check if it is needed
to mount a specific device in '--mount'.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
2012-01-13 11:35:49 +01:00
480d772f22
*/module-setup.sh: use host_fs_types host_devs
...
For the $hostonly case, use $host_fs_types and $host_devs to determine,
if a module has to be included in the initramfs.
2011-12-15 14:49:03 +01:00
1939a4f96e
99fs-lib/fs-lib.sh: accept "UUID=" and "LABEL=" for fsck_single
...
with the reuse of crypt-lib.sh devnames() and putting it in
dracut-lib.sh, fsck_single() can use more generic names from /etc/fstab
2011-12-15 08:54:48 +01:00
4e05cb4023
cryptroot-ask.sh: use key file, if specified in crypttab and present
...
if a key file is specified in crypttab and present in the initramfs use
it to open the device.
https://bugzilla.redhat.com/show_bug.cgi?id=751640
2011-11-16 11:42:09 +01:00
2c0b5281f5
90crypt/parse-crypt.sh: also accept the beginning of the LUKS UUID
...
2e0c003435
2011-08-30 14:43:57 +02:00
2e0c003435
luks key on ext dev - wait for luks
...
This really waits for the luks mapper device, so luksOpen can do it job
2011-08-22 11:27:00 +02:00
1f735f82cc
crypt: changed cmdline arg name from rd.luks.tout to rd.luks.key.tout
2011-08-22 11:19:22 +02:00
c70f6415f8
luks key on ext dev - wait for luks
...
This asks for the luks passphrase if key is not found for defined time (if defined with rd.luks.tout cmd line):
modules.d/90crypt/cryptroot-ask.sh | 21 ++++++++++++++++++---
modules.d/90crypt/parse-crypt.sh | 5 +++--
2 files changed, 21 insertions(+), 5 deletions(-)
2011-08-22 11:19:22 +02:00
581dd40e73
90crypt: ask_for_password pings plymouthd
...
If plymouthd is not started, ask_for_password shouldn't try to prompt
for password with GUI and should use text prompt instead.
2011-08-19 15:18:04 +02:00
4a049ce556
add x-bit to *.sh
2011-08-12 16:29:28 +02:00
e59f58f854
use inst_simple to install non-binary files
2011-08-12 13:11:30 +02:00
b52294d00b
crypt: dropped plymouth --has-active-vt check on passwd prompt
...
As Ray Strode explains, plymouth --has-active-vt may fail if the user
passes console=ttyS0 or something other not corresponding to
console=tty0, because plymouth is outputing to the serial console and
not a VT in this case.
2011-07-01 10:15:26 +02:00
565f6fb675
crypt/crypt-lib.sh: s/.console.lock/.console_lock/g
...
In the initrd, the init script and the sbin/cryptroot-ask script use
flock with different lock files for the console: /.console_lock and
/.console.lock respectively
2011-06-17 13:44:08 +02:00
29b10e65b1
dracut-functions: make local vars local and prefix with "_"
2011-05-12 11:06:47 +02:00
3b403b32fc
removed trailing whitespaces
2011-05-10 11:56:09 +02:00
3909d7edfc
crypt: functions for ask-for-password and reading key
...
Asking for password and reading key parts are moved to separate
functions in crypt-lib.sh: ask_for_password and readkey.
2011-05-06 12:23:52 +02:00
2f95d699dc
crypt-lib.sh: 'command -v' preferred over 'type'
2011-05-06 12:23:51 +02:00
f024bf0dcd
base, crypt: install umount, because it is used
2011-04-20 16:51:39 +02:00
8234b92d85
crypt/cryptroot-ask.sh: check and use NEWROOT
2011-04-11 13:34:58 +02:00
6730280c5b
crypt/parse-crypt.sh: fixed rule creation
...
"\n" was missing
create rules file on tmp file and rename it later
2011-04-08 13:50:10 +02:00
fb59f4c967
get rid of absolute PATHs
2011-04-08 13:49:06 +02:00
ea8ca78af0
crypt/parse-crypt.sh: fix udev rule creation
2011-04-08 10:23:58 +02:00
0b53ca70b6
Move all hooks to "$hookdir"
...
hookdir=/lib/dracut/hooks for now, to keep the root directory clean
2011-03-25 16:10:46 +01:00
c9f1e3d1f4
check for getarg() function before sourcing dracut-lib.sh
...
make use of "type getarg" to check, if we really need to source
dracut-lib.sh
2011-03-25 16:10:46 +01:00
6927f09e1c
cryptoroot-ask: limit number of plymouth password requests
...
Set number ot retries to 5 to align with non-plymouth case.
Signed-off-by: Andrey Borzenkov <arvidjaar@gmail.com>
2011-03-11 11:44:02 +01:00
96d1d01572
cryptroot-ask: check that plymouth is running before use
...
Otherwise there is no way to skip pasword prompt. --has-active-vt
seems to correctly catch also the case when plymouthd is started
but splash is disabled.
Signed-off-by: Andrey Borzenkov <arvidjaar@gmail.com>
2011-03-11 09:43:44 +01:00
9fe4f5ff25
crypt: installing all crypto kernel modules instead of few selected
2011-03-09 18:09:23 +01:00
b20ff981c4
crypt-lib.sh: moved IFS=: from before 'read' to before 'while'
...
Some versions of dash don't behave as expected with code like this:
while IFS=: read a b c; do
blah
done
Thanks to Eric Mertens who identified the issue.
2011-03-07 13:56:41 +01:00
fcbcc89bb2
crypt: fix emergency script generation
...
[ forward port of e45a2dba]
2011-03-07 13:37:20 +01:00
7d4f1101bc
add missing editor format commands
2011-02-23 09:41:08 +01:00
71df3c4329
renamed module-info.sh to module-setup.sh
2011-02-02 16:35:18 +01:00
95d2dabc25
replaced check,install,installkernel with module-info.sh
2011-02-02 13:56:03 +01:00
91f4d45f93
crypt: change /tmp/luks.keys seperator from "|" to ":"
...
Do it like on the kernel command line, so we only have one forbidden
character.
2010-11-12 14:11:33 +01:00
8844cd6b6c
90crypt: probe for keydev asynchronously; changed kernel arg
...
New kernel argument syntax for LUKS-keydev is introduced:
rd.luks.key=<key_path>[:<key_dev>[:<luks_dev>]]
Unfolding <key_dev> in BNF:
<key_dev> ::= "UUID=" <uuid> | "LABEL=" <label> | <kname>
Where <kname> matches following regular expression:
^/dev/.*
<kname> need to be a character device and not a symlink for now.
For every rd.luks.key argument udev rule is created. That rule runs
test to check whether matching device contains <key_path>. If it does
it's applied to matching <luks_dev>.
2010-11-12 14:08:08 +01:00
fa7ada31d0
new parameter option names with "rd.*" namespace
...
Renamed Options
Here is a list of options, which were used in dracut prior to
version 008, and their new replacement.
rdbreak
rd.break
rd_CCW
rd.ccw
rdcopystate
rd.copystate
rd_DASD_MOD
rd.dasd_mod.dasd
rd_DASD
rd.dasd
rdinitdebug rdnetdebug
rd.debug
rd_NO_DM
rd.dm=0
rd_DM_UUID
rd.dm.uuid
rdblacklist
rd.driver.blacklist
rdinsmodpost
rd.driver.post
rdloaddriver
rd.driver.pre
rd_NO_FSTAB
rd.fstab=0
rdinfo
rd.info
check
rd.live.check
rdlivedebug
rd.live.debug
live_dir
rd.live.dir
liveimg
rd.live.image
overlay
rd.live.overlay
readonly_overlay
rd.live.overlay.readonly
reset_overlay
rd.live.overlay.reset
live_ram
rd.live.ram
rd_NO_CRYPTTAB
rd.luks.crypttab=0
rd_LUKS_KEYDEV_UUID
rd.luks.keydev.uuid
rd_LUKS_KEYPATH
rd.luks.keypath
rd_NO_LUKS
rd.luks=0
rd_LUKS_UUID
rd.luks.uuid
rd_LUKS_UUID
rd.luks.uuid
rd_NO_LVMCONF
rd.lvm.conf
rd_LVM_LV
rd.lvm.lv
rd_NO_LVM
rd.lvm=0
rd_LVM_SNAPSHOT
rd.lvm.snapshot
rd_LVM_SNAPSIZE
rd.lvm.snapsize
rd_LVM_VG
rd.lvm.vg
rd_NO_MDADMCONF
rd.md.conf=0
rd_NO_MDIMSM
rd.md.imsm=0
rd_NO_MD
rd.md=0
rd_MD_UUID
rd.md.uuid
rd_NFS_DOMAIN
rd.nfs.domain
rd_NO_PLYMOUTH
rd.plymouth=0
rd_retry
rd.retry
rdshell
rd.shell
rd_NO_SPLASH
rd.splash
rdudevdebug
rd.udev.debug
rdudevinfo
rd.udev.info
rd_NO_ZFCPCONF
rd.zfcp.conf=0
rd_ZFCP
rd.zfcp
2010-10-28 17:11:27 +02:00
cc02093d69
reformat source code
...
removed tabs and set indention to 4 spaces
added emacs and vi format headers
2010-09-10 15:34:36 +02:00
7254c24a76
Merged cryptroot-ask.sh from plymouth to crypt module.
...
First, it's duplicate code.
Second, it did not allow those who had plymouth installed to use other
methods, like the new usb key file. When building the initram,
it would install the plymouth cryptroot-ask script, and not
the crypt module one.
Added these new items to crypt module's cryptroot-ask.sh:
- 'unset' for used variables
- udevsettle
The non-plymouth cryptsetup prompt was using $1 instead of $device.
Changed prompt number from 1 to 5, as this is much nicer.
I believe plymouth already does infinite prompts.
Also added unset for usb key. Just saw it didn't unset its vars.
2010-08-23 11:55:11 +02:00
f3af7bd66b
use 'type' built-in instead of external cmd 'which' in every Bash script
2010-08-23 11:54:09 +02:00
85ab21a6e0
We are precise about hostonly checking these days.
...
So get rid of the comment in 90crypt/check.
Also do a bit of trivial bashification.
2010-08-23 11:51:35 +02:00
9c7f67a94d
crypt: depend on dm
2010-08-09 13:24:08 +02:00
8e102a2487
crypt: fix printf
2010-08-02 14:17:58 +02:00
Harald Hoyer