blob: eb7f5d3a2dc92242e85084b468d8ed3e2f25440d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
#!/bin/busybox sh
ROOT_DEV=/dev/disk/by-label/rootfs
# USB stick w/ keys
USB_KEY_ID=0781:5567
USB_KEY_DEV=/dev/disk/by-uuid/953f675b-5c6c-4ae9-ab1b-189e923c945d
# encrypted home
HOME_KEY_FILE_NAME=.bogues-home.key
HOME_DEV=/dev/disk/by-uuid/092fdc4a-4356-47d9-9272-9a5f58e33bbf
# encrypted sdcard
EXT_SD_KEY_FILE_NAME=.bogues-ext_sd.key
EXT_SD_DEV=/dev/disk/by-uuid/c3834c30-2f8e-4955-a682-cf898979b41f
prep_dev()
{
for opt in `cat /proc/cmdline`; do
name=$(echo $opt | cut -d= -f 1)
if [ $name == "root" ] || [ $name == "home" ] || [ $name == "ext_sd" ] || [ $name == "usb_key" ]; then
type=$(echo $opt | cut -d'=' -f 2)
id=$(echo $opt | cut -d= -f 3)
if [ $type == LABEL ]; then
prefix="/dev/disk/by-label";
elif [ $type == UUID ]; then
prefix="/dev/disk/by-uuid"
fi
mkdir -p $prefix
full="$prefix/$id"
if [ ! -e $full ]; then
ln -s $(findfs "$type=$id") $full
fi
fi
done
}
rescue_shell()
{
echo "Something went wrong. Dropping you to a shell."
busybox --install -s
exec /bin/sh
}
cryptsetup_do()
{
echo "cryptsetup $1 $2"
mkdir -p /run/cryptsetup
if [ -f $3 ]; then
cryptsetup luksOpen $1 $2 --key-file $3
else
cryptsetup -T 3 luksOpen $1 $2
fi
}
mount_root()
{
echo "mount root $1"
mount $1 /newroot
}
mkdir -p /dev /proc /sys /newroot /etc /key
touch /etc/mtab
mount -t devtmpfs none /dev
mount -t proc none /proc
mount -t sysfs none /sys
# wait for USB stick w/ keys on it
for _ in {1..3}; do
sleep 3
lsusb | grep $USB_KEY_ID 2>&1 /dev/null
if [[ $? == 0 ]]; then break; fi
done
prep_dev
# `resume` is currently not used
#resume
mount_root $ROOT_DEV || rescue_shell
if [ -e $USB_KEY_DEV ]; then
mount $USB_KEY_DEV /key 2>&1 > /dev/null
fi
cryptsetup_do $HOME_DEV home /key/$HOME_KEY_FILE_NAME
cryptsetup_do $EXT_SD_DEV ext_sd /key/$EXT_SD_KEY_FILE_NAME
umount /dev
umount /proc
umount /sys
umount /key 2>&1 > /dev/null
exec switch_root /newroot /sbin/init
|
