diff options
Diffstat (limited to 'source/a/sysvinit-scripts/scripts/rc.S')
-rw-r--r-- | source/a/sysvinit-scripts/scripts/rc.S | 109 |
1 files changed, 21 insertions, 88 deletions
diff --git a/source/a/sysvinit-scripts/scripts/rc.S b/source/a/sysvinit-scripts/scripts/rc.S index 6cb7e3915..7c004e6f5 100644 --- a/source/a/sysvinit-scripts/scripts/rc.S +++ b/source/a/sysvinit-scripts/scripts/rc.S @@ -105,81 +105,9 @@ if [ -z "$container" ]; then fi fi -# Open any volumes created by cryptsetup. -# -# Some notes on /etc/crypttab in Slackware: -# Only LUKS formatted volumes are supported (except for swap) -# crypttab follows the following format: -# <luks_name> <device> <password> <options> -# -# <luks_name>: This is the name of your LUKS volume. -# For example: crypt-home -# -# <device>: This is the device containing your LUKS volume. -# For example: /dev/sda2 -# -# <password>: This is either the volume password in plain text, or the name of -# a key file. Use 'none' to interactively enter password on boot. -# -# <options>: Comma-separated list of options. Note that there must be a -# password field for any options to be picked up (use a password of 'none' to -# get a password prompt at boot). The following options are supported: -# -# discard -- this will cause --allow-discards to be passed to the cryptsetup -# program while opening the LUKS volume. -# -# ro -- this will cause --readonly to be passed to the cryptsetup program while -# opening the LUKS volume. -# -# swap -- this option cannot be used with other options. The device given will -# be formatted as a new encrypted volume with a random key on boot, and used as -# swap. -# -if [ -f /etc/crypttab -a -x /sbin/cryptsetup -a -z "$container" ]; then - # First, check for device-mapper support. - if ! grep -wq device-mapper /proc/devices ; then - # If device-mapper exists as a module, try to load it. - # Try to load a device-mapper kernel module: - /sbin/modprobe -q dm-mod - fi - # NOTE: we only support LUKS formatted volumes (except for swap)! - cat /etc/crypttab | grep -v "^#" | grep -v "^$" | while read line; do - eval LUKSARRAY=( $line ) - LUKS="${LUKSARRAY[0]}" - DEV="${LUKSARRAY[1]}" - PASS="${LUKSARRAY[2]}" - OPTS="${LUKSARRAY[3]}" - LUKSOPTS="" - if echo $OPTS | grep -wq ro ; then LUKSOPTS="${LUKSOPTS} --readonly" ; fi - if echo $OPTS | grep -wq discard ; then LUKSOPTS="${LUKSOPTS} --allow-discards" ; fi - # Skip LUKS volumes that were already unlocked (in the initrd): - /sbin/cryptsetup status $LUKS 2>/dev/null | head -n 1 | grep -q "is active" && continue - if /sbin/cryptsetup isLuks $DEV 2>/dev/null ; then - if [ -z "${LUKSOPTS}" ]; then - echo "Unlocking LUKS encrypted volume '${LUKS}' on device '$DEV':" - else - echo "Unlocking LUKS encrypted volume '${LUKS}' on device '$DEV' with options '${LUKSOPTS}':" - fi - if [ -n "${PASS}" -a "${PASS}" != "none" ]; then - if [ -f "${PASS}" ]; then - # A password was given a key-file filename - /sbin/cryptsetup ${LUKSOPTS} --key-file=${PASS} luksOpen $DEV $LUKS - else - # A password was provided in plain text - echo "${PASS}" | /sbin/cryptsetup ${LUKSOPTS} luksOpen $DEV $LUKS - fi - else - # No password was given, or a password of 'none' was given - /sbin/cryptsetup ${LUKSOPTS} luksOpen $DEV $LUKS </dev/tty0 >/dev/tty0 2>&1 - fi - elif echo $OPTS | grep -wq swap ; then - # If any of the volumes is to be used as encrypted swap, - # then encrypt it using a random key and run mkswap: - echo "Creating encrypted swap volume '${LUKS}' on device '$DEV':" - /sbin/cryptsetup --cipher=aes --key-file=/dev/urandom --key-size=256 create $LUKS $DEV - mkswap /dev/mapper/$LUKS - fi - done +# Open any volumes created by cryptsetup: +if [ -x /etc/rc.d/rc.luks -a -f /etc/crypttab -a -x /sbin/cryptsetup -a -z "$container" ]; then + /etc/rc.d/rc.luks start fi # Enable swapping: @@ -360,7 +288,11 @@ fi # Check all the non-root filesystems: if [ ! -r /etc/fastboot -a -z "$container" ]; then echo "Checking non-root filesystems:" - /sbin/fsck $FORCEFSCK -C -R -A -a + if [ -z "$FORCEFSCK" ]; then + /sbin/fsck -C -M -R -A -a + else + /sbin/fsck $FORCEFSCK -C -R -A -a + fi fi # Mount usbfs only if it is found in /etc/fstab: @@ -374,21 +306,22 @@ if [ -z "$container" ]; then fi fi -# Mount non-root file systems in fstab, but not NFS or SMB -# because TCP/IP is not yet configured, and not proc or sysfs -# because those have already been mounted. Also check that -# devpts is not already mounted before attempting to mount -# it. With a 2.6.x or newer kernel udev mounts devpts. +# Mount non-root file systems in fstab, but not NFS or SMB because TCP/IP is +# not yet configured, and not proc or sysfs because those have already been +# mounted. Also check that devpts is not already mounted before attempting to +# mount it. if [ -z "$container" ]; then - echo "Mounting non-root local filesystems:" + SKIPFS="nonfs,nosmbfs,nocifs,noproc,nosysfs" if /bin/grep -wq devpts /proc/mounts ; then - # This pipe after the mount command is just to convert the new - # mount verbose output back to the old format that contained - # more useful information: - /sbin/mount -a -v -t nonfs,nosmbfs,nocifs,noproc,nosysfs,nodevpts | grep successfully | cut -f 1 -d : | tr -d ' ' | while read dev ; do mount | grep " ${dev} " ; done - else - /sbin/mount -a -v -t nonfs,nosmbfs,nocifs,noproc,nosysfs | grep successfully | cut -f 1 -d : | tr -d ' ' | while read dev ; do mount | grep " ${dev} " ; done + SKIPFS="${SKIPFS},nodevpts" fi + echo "Mounting non-root local filesystems:" + # This pipe after the mount command is just to convert the new + # mount verbose output back to the old format that contained + # more useful information: + ( /sbin/mount -a -v -o remount -O ro -v -t ${SKIPFS} ; /sbin/mount -a -v -t ${SKIPFS} ) | \ + grep successfully | cut -f 1 -d : | tr -d ' ' | \ + while read dev ; do mount | grep " ${dev} " ; done fi # Make sure that /var/run is a symbolic link pointing to /run: |