[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1
From: |
Conraid |
Subject: |
Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1 |
Date: |
Thu, 13 Nov 2008 16:11:15 +0100 |
User-agent: |
Mutt/1.5.18 (2008-05-17) |
* Diario del capitano. Data astrale 13 November 2008.
rikofert ha scritto:
> Marco Bonetti ha scritto:
> > ti assicuro che funziona. hai seguito alla lettera le istruzioni
> > http://slackware.osuosl.org/slackware-12.1/README_CRYPT.TXT
>
> ma tu lo usi? hai filesystem cryptati e ti presenta "Enter passphrase: "
> prompt all'avvio?
io lo uso e funziona. Anche se adesso ho la -current.
E secono me quel fi va bene
Questo è della 12.1
# Open any volumes created by cryptsetup:
if [ -f /etc/crypttab -a -x /sbin/cryptsetup.static ]; then
# First, check for device-mapper support.
if ! grep -wq device-mapper /proc/devices ; then
# If device-mapper exists as a module, try to load it.
# Try to load a device-mapper kernel module:
/sbin/modprobe -q dm-mod
fi
# NOTE: we only support LUKS formatted volumes (except for swap)!
cat /etc/crypttab | grep -v "^#" | grep -v "^$" | while read line; do
LUKS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f1 -d' ')
DEV=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f2 -d' ')
PASS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f3 -d' ')
OPTS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f4 -d' ')
LUKSOPTS=""
if echo $OPTS | grep -wq ro ; then LUKSOPTS="${LUKSOPTS} --readonly"
; fi
# Skip LUKS volumes that were already unlocked (in the initrd):
/sbin/cryptsetup.static status $LUKS 1>/dev/null 2>/dev/null &&
continue
if /sbin/cryptsetup.static isLuks $DEV 2>/dev/null ; then
echo "Unlocking LUKS crypt volume '${LUKS}' on device '$DEV':"
if [ -n "${PASS}" ]; then
if [ -f ${PASS} ]; then
/sbin/cryptsetup.static ${LUKSOPTS} --key-file=${PASS}
luksOpen $DEV $LUKS
elif [ "${PASS}" != "none" ]; then
# A password field of 'none' indicates a line for swap:
echo "${PASS}" | /sbin/cryptsetup.static ${LUKSOPTS} luksOpen
$DEV $LUKS
fi
else
for i in seq 1 3 ; do
/sbin/cryptsetup.static ${LUKSOPTS} luksOpen $DEV $LUKS
</dev/tty0 >/dev/tty0 2>&1
[ $? -eq 0 ] && break
done
fi
elif echo $OPTS | grep -wq swap ; then
# If any of the volumes is to be used as encrypted swap,
# then encrypt it using a random key and run mkswap:
echo "Creating encrypted swap on device '$DEV' mapped to
'${LUKS}':"
/sbin/cryptsetup.static --cipher=aes --key-file=/dev/urandom
--key-size=256 create $LUKS $DEV
mkswap /dev/mapper/$LUKS
fi
done
fi
Questo è della current
# Open any volumes created by cryptsetup:
if [ -f /etc/crypttab -a -x /sbin/cryptsetup.static ]; then
# First, check for device-mapper support.
if ! grep -wq device-mapper /proc/devices ; then
# If device-mapper exists as a module, try to load it.
# Try to load a device-mapper kernel module:
/sbin/modprobe -q dm-mod
fi
# NOTE: we only support LUKS formatted volumes (except for swap)!
cat /etc/crypttab | grep -v "^#" | grep -v "^$" | while read line; do
LUKS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f1 -d' ')
DEV=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f2 -d' ')
PASS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f3 -d' ')
OPTS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f4 -d' ')
LUKSOPTS=""
if echo $OPTS | grep -wq ro ; then LUKSOPTS="${LUKSOPTS} --readonly"
; fi
# Skip LUKS volumes that were already unlocked (in the initrd):
/sbin/cryptsetup.static status $LUKS 1>/dev/null 2>/dev/null &&
continue
if /sbin/cryptsetup.static isLuks $DEV 2>/dev/null ; then
echo "Unlocking LUKS crypt volume '${LUKS}' on device '$DEV':"
if [ -n "${PASS}" ]; then
if [ -f ${PASS} ]; then
/sbin/cryptsetup.static ${LUKSOPTS} --key-file=${PASS}
luksOpen $DEV $LUKS
elif [ "${PASS}" != "none" ]; then
# A password field of 'none' indicates a line for swap:
echo "${PASS}" | /sbin/cryptsetup.static ${LUKSOPTS} luksOpen
$DEV $LUKS
fi
else
for i in seq 1 3 ; do
/sbin/cryptsetup.static ${LUKSOPTS} luksOpen $DEV $LUKS
</dev/tty0 >/dev/tty0 2>&1
[ $? -eq 0 ] && break
done
fi
elif echo $OPTS | grep -wq swap ; then
# If any of the volumes is to be used as encrypted swap,
# then encrypt it using a random key and run mkswap:
echo "Creating encrypted swap on device '$DEV' mapped to
'${LUKS}':"
/sbin/cryptsetup.static --cipher=aes --key-file=/dev/urandom
--key-size=256 create $LUKS $DEV
mkswap /dev/mapper/$LUKS
fi
done
fi
E ti assicuro che funzionano.
Mi compare la richiesta password e monta la partizione /home, nonché la
swap automaticamente (cioè senza chiedere password)
--
Io sono per la liberta' di parola: basta che stiano zitti.
- "Il pianeta delle scimmie"