Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/ash
- run_hook() {
- #######################
- KEYS="/keys"
- KEYSIMG="/etc/keys.img"
- #######################
- error=0
- mountcrypt() {
- NAME="$1"
- DEVICE="$2"
- KEYFILE="$3"
- if [ -b "$DEVICE" ]; then
- if [ -b "/dev/mapper/$NAME" ]; then
- echo "$NAME: DEVICE ALREADY MOUNTED"
- else
- echo "$NAME: mounting..."
- if [ "$KEYFILE" == "NO" ]; then
- cryptsetup luksOpen "$DEVICE" "$NAME"
- else
- cryptsetup luksOpen -d "$KEYFILE" "$DEVICE" "$NAME"
- fi
- if [ -b "/dev/mapper/$NAME" ];then
- echo "$NAME: mounted."
- else
- echo "$NAME: UNABLE TO MOUNT."
- error=1
- fi
- fi
- else
- echo "$NAME: DEVICE NOT FOUND"
- error=1
- fi
- }
- #######################
- # Mount keyfiles
- if [ ! -f "$KEYS/.mounted" ];then
- if [ ! -b "/dev/mapper/keys" ];then
- cryptsetup luksOpen "$KEYSIMG" keys
- fi
- if [ ! -d "$KEYS" ];then
- mkdir -p "$KEYS"
- fi
- mount -t ext2 -o ro /dev/mapper/keys "$KEYS"
- fi
- if [ -f "$KEYS/.mounted" ];then
- # Parse crypttab and start mounting
- while read line; do
- if [ "${line:0:1}" != "#" ];then
- NAME="$(echo $line | awk -F' ' '{print $1}')"
- DEVICE="$(echo $line | awk -F' ' '{print $2}')"
- KEYFILE="$(echo $line | awk -F' ' '{print $3}')"
- if [ "$KEYFILE" == "NO" ]; then
- mountcrypt $NAME $DEVICE $KEYFILE
- elif [ "$KEYFILE" == "YES" ]; then
- KEYFILE="$KEYS/$NAME.key"
- if [ -f "$KEYFILE" ]; then
- mountcrypt $NAME $DEVICE $KEYFILE
- else
- echo "$NAME: KEYFILE NOT FOUND"
- error=1
- fi
- else
- echo "$NAME: KEYFILE VALUE IS INCORRECT."
- error=1
- fi
- fi
- done < /etc/earlycrypttab
- else
- echo COULD NOT MOUNT KEYFILES IMAGE
- error=1
- fi
- if [ -f "$KEYS/.mounted" ];then
- umount /keys
- fi
- if [ -b "/dev/mapper/keys" ];then
- #echo CLOSING KEYS IMAGE
- cryptsetup luksClose keys
- fi
- if [ $error != 0 ];then
- echo "ERROR. Press ENTER to continue, or restart the computer."
- read
- fi
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
