diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 17:44:12 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 17:44:12 +0000 |
commit | 1be69c2c660b70ac2f4de2a5326e27e3e60eb82d (patch) | |
tree | bb299ab6f411f4fccd735907035de710e4ec6abc /misc/dracut_90reencrypt/parse-reencrypt.sh | |
parent | Initial commit. (diff) | |
download | cryptsetup-upstream.tar.xz cryptsetup-upstream.zip |
Adding upstream version 2:2.3.7.upstream/2%2.3.7upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rwxr-xr-x | misc/dracut_90reencrypt/parse-reencrypt.sh | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/misc/dracut_90reencrypt/parse-reencrypt.sh b/misc/dracut_90reencrypt/parse-reencrypt.sh new file mode 100755 index 0000000..5fec191 --- /dev/null +++ b/misc/dracut_90reencrypt/parse-reencrypt.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +REENC=$(getargs rd.luks.reencrypt=) +# shellcheck disable=SC2086 +REENC_DEV=$(echo $REENC | sed 's/:.*//') +# shellcheck disable=SC2086 +REENC_SIZE=$(echo $REENC | sed -n 's/.*://p') + +REENC_KEY=$(getargs rd.luks.reencrypt_key=) +if [ -z "$REENC_KEY" ] ; then + REENC_KEY=none +fi + +REENC_SLOT=$(getargs rd.luks.reencrypt_keyslot=) +if [ -z "$REENC_SLOT" ] ; then + REENC_SLOT=any +fi + +# shellcheck disable=SC2086 +# shellcheck disable=SC1004 +# shellcheck disable=SC2016 +if [ -n "$REENC_DEV" ] ; then +{ + printf 'SUBSYSTEM!="block", GOTO="reenc_end"\n' + printf 'ACTION!="add|change", GOTO="reenc_end"\n' + printf 'KERNEL=="%s", ' $REENC_DEV + printf 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/sbin/initqueue \ + --unique --onetime --settled --name crypt-reencrypt-%%k \ + /sbin/reencrypt $env{DEVNAME} %s"\n' "$REENC_KEY $REENC_SLOT $REENC_SIZE" + + printf 'ENV{ID_FS_UUID}=="*%s*", ' $REENC_DEV + printf 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/sbin/initqueue \ + --unique --onetime --settled --name crypt-reencrypt-%%k \ + /sbin/reencrypt $env{DEVNAME} %s"\n' "$REENC_KEY $REENC_SLOT $REENC_SIZE" + printf 'LABEL="reenc_end"\n' +} > /etc/udev/rules.d/69-reencryption.rules + initqueue --unique --finished --name crypt-reencrypt-finished-${REENC_DEV} [ -e /tmp/reencrypted ] +fi |