ubiquity 2.18.7 / lib / partman / finish.d / 55crypto_config

This file is indexed.

/lib/partman/finish.d/55crypto_config is in ubiquity 2.18.7.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
#!/bin/sh

# This script does the following:
# dm-crypt:  creates /etc/crypttab entries

. /lib/partman/lib/base.sh

crypttab_add_entry () {
	local realdev realdevdir cryptdev cryptdevdir keytype keyfile opts
	local method mnt target source
	realdev=$1
	realdevdir=$2
	cryptdev=$3
	cryptdevdir=$4
	keytype=$(cat $realdevdir/keytype)

	# Set basic options
	if [ $keytype = passphrase ]; then
		opts="luks"
	else
		for opt in cipher ivalgorithm keyhash keysize; do
			eval local $opt
			if [ -r "$realdevdir/$opt" ]; then
				eval $opt=$(cat $realdevdir/$opt)
			else
				return 1
			fi
		done
		opts="cipher=$cipher-$ivalgorithm,size=$keysize"
		if [ $keytype != random ] && [ -n "$keyhash" ]; then
			opts="$opts,hash=$keyhash"
		fi
	fi

	# Set key source
	if [ $keytype = random ]; then
		keyfile="/dev/urandom"
	elif [ $keytype = passphrase ]; then
		keyfile="none"
	elif [ -f $realdevdir/keyfile ]; then
		keyfile=$(cat $realdevdir/keyfile)
	else
		return 1
	fi

	# Check for special mounts
	method=$(cat $cryptdevdir/method)
	mnt=""
	if [ -f $cryptdevdir/mountpoint ]; then
		mnt=$(cat $cryptdevdir/mountpoint)
	fi
	if [ $method = swap ]; then
		opts="$opts,swap"
	elif [ "$mnt" = /tmp ] && [ $keytype = random ]; then
		opts="$opts,tmp"
	fi

	# Allow TRIM operations
	opts="$opts,discard"

	# Check mapping name
	target=$(basename $cryptdev)

	# Check source device
	source=$realdev

	# Use UUID for LUKS devices
	if cryptsetup isLuks "$source"; then
		local uuid=$(cryptsetup luksUUID "$source")
		source="UUID=$uuid"
	fi

	# Add entry to crypttab
	echo "$target $source $keyfile $opts" >> /target/etc/crypttab
}

for dev in $DEVICES/*; do
	[ -d "$dev" ] || continue
	cd $dev
	# skip unless encrypted
	[ -f crypt_realdev ] || continue

	partitions=
	open_dialog PARTITIONS
	while { read_line num id size type fs path name; [ "$id" ]; }; do
		[ "$fs" != free ] || continue
		partitions="$partitions $id,$path"
	done
	close_dialog

	for part in $partitions; do
		id=${part%,*}
		path=${part#*,}

		r=$(cat crypt_realdev)
		set -- $(IFS=: && echo $r)
		realdev=$1
		realdevnum=$2
		realdevdir=$3
		cryptdevdir=$dev/$id

		[ -f $realdevdir/cipher ] || continue
		[ -f $realdevdir/crypto_type ] || continue
		[ -f $realdevdir/keytype ] || continue
		[ -f $id/method ] || continue

		# skip unless swap, to be mounted or lvm on dm-crypt
		method=$(cat $id/method)
		type=$(cat $realdevdir/crypto_type)
		if [ "$method" != swap ] && [ "$method" != lvm ] && \
		   [ ! -f $id/mountpoint ]; then
			continue
		fi
		if [ "$method" = lvm ] && [ "$type" != dm-crypt ]; then
			continue
		fi

		realdev=$(mapdevfs $realdev)
		cryptdev=$(mapdevfs $path)

		case $type in
		dm-crypt)
			crypttab_add_entry $realdev $realdevdir $cryptdev $cryptdevdir
			;;
		esac
	done
done

APT Browse - Built by Thomas Orozco.