blob: d184a9c2cb75751be92508ebd9b92a96fdf48a10 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
#!/bin/bash
#
# #RCDDIR#/cryptfs: mount/umount encrypted partitions
#
set -o pipefail
cryptTab="$(grep -v "^\s*\(#\|\$\)" #ETCDIR#/crypttab | sed "s/^\s*//")"
fsTab="$(grep -v "^\s*\(#\|\$\)" #ETCDIR#/fstab | sed "s/^\s*//")"
cryptedFss="$(echo "${cryptTab}" | awk '{print "/dev/mapper/"$1}')"
neededKeyFss="$(
for fs in $(echo "${fsTab}" | awk '{print $2}' | grep "^/")
do
if echo "${cryptTab}" | grep -q "^\S\+\s\+\S\+\s\+${fs}\(/\|\s\)"
then
echo "${fs}"
fi
done
)"
case $1 in
start)
for neededKeyFs in ${neededKeyFss}
do
if ! mount | grep -q "^\S\+\s\+on\s\+${neededKeyFs}\s"
then
if echo "${fsTab}" | grep -q "^\(ssh\|ftp\)fs#\S*\s\+${neededKeyFs}\s"
then
maxWait=120
while ! ip addr | grep -v "127\.0\.0\.1" | grep -q "^\s*inet\s[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+/"
do
>&2 echo -ne "."
sleep 1
maxWait=$[${maxWait}-1]
done
fi
mount ${neededKeyFs} || exit $?
fi
done
for ((cryptDeviceNum=0; cryptDeviceNum<$(echo "${cryptTab}" | wc -l); cryptDeviceNum++))
do
zeile="$(echo "${cryptTab}" | head -n$[${cryptDeviceNum}+1] | tail -n1)"
name="$(echo "${zeile}" | awk '{print $1}')"
device="$(echo "${zeile}" | awk '{print $2}')"
if [[ "${device}" == "UUID="* ]]
then
device="#UUIDDIR#/${device#UUID=}"
fi
keyfile="$(echo "${zeile}" | awk '{print $3}')"
if [ ! -b "#MAPDIR#/${name}" ]
then
cryptsetup luksOpen "${device}" "${name}" --key-file="${keyfile}" || exit $?
fi
done
for cryptedFs in ${cryptedFss}
do
if ! mount | grep -q "^${cryptedFs}\s"
then
e2fsck ${cryptedFs}
mount ${cryptedFs} || exit $?
fi
done
;;
stop)
for cryptedFs in ${cryptedFss}
do
if mount | grep -q "^${cryptedFs}\s"
then
umount ${cryptedFs} || exit $?
fi
done
for name in $(echo "${cryptTab}" | awk '{print $1}')
do
if [ -b "#MAPDIR#/${name}" ]
then
cryptsetup luksClose "${name}" || exit $?
fi
done
for neededKeyFs in ${neededKeyFss}
do
if [ ! "${neededKeyFs}" == "/" ] && mount | grep -q "^\S\+\s\+on\s\+${neededKeyFs}\s"
then
umount ${neededKeyFs} || exit $?
fi
done
;;
restart)
$0 stop
sleep 2
$0 start
;;
*)
echo "usage: $0 [start|stop|restart]"
;;
esac
# End of file
|