misc/dracut_90reencrypt/reencrypt.sh

   1 #!/bin/sh
   2
   3 [ -d /sys/module/dm_crypt ] || modprobe dm_crypt
   4
   5 [ -f /tmp/reencrypted ] && exit 0
   6
   7 . /lib/dracut-lib.sh
   8
   9 # if device name is /dev/dm-X, convert to /dev/mapper/name
  10 if [ "${1##/dev/dm-}" != "$1" ]; then
  11     device="/dev/mapper/$(dmsetup info -c --noheadings -o name "$1")"
  12 else
  13     device="$1"
  14 fi
  15
  16 PARAMS="$device -T 1 --use-fsync -B 32"
  17 if [ -n "$2" ]; then
  18     PARAMS="$PARAMS --device-size $2"
  19 fi
  20
  21 info "REENCRYPT $device requested"
  22 # flock against other interactive activities
  23 { flock -s 9;
  24     CURR=$(pwd)
  25     cd /tmp
  26     /bin/plymouth ask-for-password --prompt "LUKS password for REENCRYPTING $device" \
  27       --command="/sbin/cryptsetup-reencrypt $PARAMS"
  28     cd $CURR
  29 } 9>/.console.lock
  30
  31 # do not ask again
  32 >> /tmp/reencrypted
  33
  34 exit 0