unset name dev rest
fi
-LUKS=$(getargs rd_LUKS_UUID=)
-ask=1
-num=0
-if [ -n "$LUKS" ]; then
- ask=0
- luuid=${2##luks-}
- for luks in $LUKS; do
- num=$(($num+1))
- luks=${luks##luks-}
- if [ "${luuid##$luks}" != "$luuid" ] || [ "$luksname" = "$luks" ]; then
- ask=1
- fi
- [ $num -ge 2 -a "$ask" = "1" ] && break
- done
+prompt="Password [$device ($luksname)]:"
+if [ ${#luksname} -gt 8 ]; then
+ sluksname=${sluksname##luks-}
+ sluksname=${luksname%%${luksname##????????}}
+ prompt="Password for $device ($sluksname...)"
fi
-unset LUKS luks luuid
-if [ $ask -gt 0 ]; then
- info "luksOpen $device $luksname"
- if [ $num -eq 1 ]; then
- prompt="Password for filesystem"
- else
- prompt="Password [$device ($luksname)]:"
- if [ ${#luksname} -gt 8 ]; then
- sluksname=${sluksname##luks-}
- sluksname=${luksname%%${luksname##????????}}
- prompt="Password for $device ($sluksname...)"
- fi
- fi
- # flock against other interactive activities
- { flock -s 9;
- /bin/plymouth ask-for-password \
- --prompt "$prompt" \
- --command="/sbin/cryptsetup luksOpen -T1 $device $luksname"
- } 9>/.console.lock
-fi
+# flock against other interactive activities
+{ flock -s 9;
+ /bin/plymouth ask-for-password \
+ --prompt "$prompt" \
+ --command="/sbin/cryptsetup luksOpen -T1 $device $luksname"
+} 9>/.console.lock
+
unset ask device luksname
# mark device as asked
#!/bin/sh
# close everything which is not busy
+rm -f /etc/udev/rules.d/70-luks.rules >/dev/null 2>&1
+
for i in /dev/mapper/luks-*; do
cryptsetup luksClose $i >/dev/null 2>&1
done
unset name dev rest
fi
-LUKS=$(getargs rd_LUKS_UUID=)
-ask=1
-if [ -n "$LUKS" ]; then
- ask=0
- luuid=${2##luks-}
- for luks in $LUKS; do
- luks=${luks##luks-}
- if [ "${luuid##$luks}" != "$luuid" ] || [ "$luksname" = "$luks" ]; then
- ask=1
- break
- fi
- done
-fi
-unset LUKS luks luuid
-
-if [ $ask -gt 0 ]; then
- info "luksOpen $device $luksname"
- # flock against other interactive activities
- { flock -s 9;
- echo -n "$device ($luksname) is password protected"
- cryptsetup luksOpen -T1 $1 $luksname
- } 9>/.console.lock
-fi
+info "luksOpen $device $luksname"
+# flock against other interactive activities
+{ flock -s 9;
+ echo -n "$device ($luksname) is password protected"
+ cryptsetup luksOpen -T1 $1 $luksname
+} 9>/.console.lock
# mark device as asked
>> /tmp/cryptroot-asked-$2
if getarg rd_NO_LUKS; then
info "rd_NO_LUKS: removing cryptoluks activation"
rm -f /etc/udev/rules.d/70-luks.rules
+else
+ {
+ echo 'SUBSYSTEM!="block", GOTO="luks_end"'
+ echo 'ACTION!="add|change", GOTO="luks_end"'
+ } > /etc/udev/rules.d/70-luks.rules
+ LUKS=$(getargs rd_LUKS_UUID=)
+ if [ -n "$LUKS" ]; then
+ for luksid in $LUKS; do
+ printf 'ENV{ID_FS_TYPE}=="crypto_LUKS", ENV{ID_FS_UUID}=="*%s*", RUN+="/sbin/initqueue --unique --onetime --name cryptroot-ask-%%k /sbin/cryptroot-ask $env{DEVNAME} luks-$env{ID_FS_UUID}"\n' $luksid \
+ >> /etc/udev/rules.d/70-luks.rules
+ done
+ else
+ echo 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/sbin/initqueue --unique --onetime --name cryptroot-ask-%k /sbin/cryptroot-ask $env{DEVNAME} luks-$env{ID_FS_UUID}"' \
+ >> /etc/udev/rules.d/70-luks.rules
+ fi
+ echo LABEL="luks_end" >> /etc/udev/rules.d/70-luks.rules
+
fi