summaryrefslogtreecommitdiffstats
path: root/misc/dracut_90reencrypt/parse-reencrypt.sh
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 17:44:12 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 17:44:12 +0000
commit1be69c2c660b70ac2f4de2a5326e27e3e60eb82d (patch)
treebb299ab6f411f4fccd735907035de710e4ec6abc /misc/dracut_90reencrypt/parse-reencrypt.sh
parentInitial commit. (diff)
downloadcryptsetup-upstream.tar.xz
cryptsetup-upstream.zip
Adding upstream version 2:2.3.7.upstream/2%2.3.7upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rwxr-xr-xmisc/dracut_90reencrypt/parse-reencrypt.sh38
1 files changed, 38 insertions, 0 deletions
diff --git a/misc/dracut_90reencrypt/parse-reencrypt.sh b/misc/dracut_90reencrypt/parse-reencrypt.sh
new file mode 100755
index 0000000..5fec191
--- /dev/null
+++ b/misc/dracut_90reencrypt/parse-reencrypt.sh
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+REENC=$(getargs rd.luks.reencrypt=)
+# shellcheck disable=SC2086
+REENC_DEV=$(echo $REENC | sed 's/:.*//')
+# shellcheck disable=SC2086
+REENC_SIZE=$(echo $REENC | sed -n 's/.*://p')
+
+REENC_KEY=$(getargs rd.luks.reencrypt_key=)
+if [ -z "$REENC_KEY" ] ; then
+ REENC_KEY=none
+fi
+
+REENC_SLOT=$(getargs rd.luks.reencrypt_keyslot=)
+if [ -z "$REENC_SLOT" ] ; then
+ REENC_SLOT=any
+fi
+
+# shellcheck disable=SC2086
+# shellcheck disable=SC1004
+# shellcheck disable=SC2016
+if [ -n "$REENC_DEV" ] ; then
+{
+ printf 'SUBSYSTEM!="block", GOTO="reenc_end"\n'
+ printf 'ACTION!="add|change", GOTO="reenc_end"\n'
+ printf 'KERNEL=="%s", ' $REENC_DEV
+ printf 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/sbin/initqueue \
+ --unique --onetime --settled --name crypt-reencrypt-%%k \
+ /sbin/reencrypt $env{DEVNAME} %s"\n' "$REENC_KEY $REENC_SLOT $REENC_SIZE"
+
+ printf 'ENV{ID_FS_UUID}=="*%s*", ' $REENC_DEV
+ printf 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/sbin/initqueue \
+ --unique --onetime --settled --name crypt-reencrypt-%%k \
+ /sbin/reencrypt $env{DEVNAME} %s"\n' "$REENC_KEY $REENC_SLOT $REENC_SIZE"
+ printf 'LABEL="reenc_end"\n'
+} > /etc/udev/rules.d/69-reencryption.rules
+ initqueue --unique --finished --name crypt-reencrypt-finished-${REENC_DEV} [ -e /tmp/reencrypted ]
+fi