blob: 4ab9abc8d367f7c96cac36225f444e0691f6c3aa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
#!/bin/sh
#
# This file, originally written by Garrett A. Wollman, is in the public
# domain.
#
# $FreeBSD$
#
# PROVIDE: disks
# KEYWORD: nojail
. /etc/rc.subr
name="gbde"
start_precmd="find_gbde_devices start"
stop_precmd="find_gbde_devices stop"
start_cmd="gbde_start"
stop_cmd="gbde_stop"
# Change every ${_src} in ${_str} to ${_dst}.
local_tr()
{
_str=$1
_src=$2
_dst=$3
_out=""
IFS=${_src}
for _com in ${_str}; do
if [ -z "${_out}" ]; then
_out="${_com}"
else
_out="${_out}${_dst}${_com}"
fi
done
echo "${_out}"
}
find_gbde_devices()
{
case "${gbde_devices-auto}" in
[Aa][Uu][Tt][Oo])
gbde_devices=""
;;
*)
return 0
;;
esac
case "$1" in
start)
fstab="/etc/fstab"
;;
stop)
fstab=$(mktemp /tmp/mtab.XXXXXX)
mount -p >${fstab}
;;
esac
#
# We can't use "mount -p | while ..." because when a shell loop
# is the target of a pipe it executes in a subshell, and so can't
# modify variables in the script.
#
while read device mountpt type options dump pass; do
case "$device" in
*.bde)
# Ignore swap devices
case "$type" in
swap)
continue
;;
esac
case "$options" in
*noauto*)
if checkyesno gbde_autoattach_all; then
gbde_devices="${gbde_devices} ${device}"
fi
;;
*)
gbde_devices="${gbde_devices} ${device}"
;;
esac
;;
esac
done <${fstab}
case "$1" in
stop)
rm -f ${fstab}
;;
esac
return 0
}
gbde_start()
{
for device in $gbde_devices; do
parent=${device%.bde}
parent=${parent#/dev/}
parent_=`local_tr ${parent} '/' '_'`
eval "lock=\${gbde_lock_${parent_}-\"${gbde_lockdir}/${parent_}.lock\"}"
if [ -e "/dev/${parent}" -a ! -e "/dev/${parent}.bde" ]; then
echo "Configuring Disk Encryption for ${parent}."
count=1
while [ ${count} -le ${gbde_attach_attempts} ]; do
if [ -e "${lock}" ]; then
gbde attach ${parent} -l ${lock}
else
gbde attach ${parent}
fi
if [ -e "/dev/${parent}.bde" ]; then
break
fi
echo "Attach failed; attempt ${count} of ${gbde_attach_attempts}."
count=$((${count} + 1))
done
fi
done
}
gbde_stop()
{
for device in $gbde_devices; do
parent=${device%.bde}
parent=${parent#/dev/}
if [ -e "/dev/${parent}.bde" ]; then
umount "/dev/${parent}.bde" 2>/dev/null
gbde detach "${parent}"
fi
done
}
load_rc_config $name
run_rc_command "$1"
|