Bug#325028: LUKS Support

Florian Frank Thu, 25 Aug 2005 09:49:21 -0700

Package: libpam-mount
Version: 0.9.25-2
Severity: wishlist
Tags: patch

Support for LUKS in mount.crypt and umount.crypt would be nice.


I wrote a litte dpatch, which I use on my system to use LUKS with
libpam-mount.

Regards
Flo

#! /bin/sh /usr/share/dpatch/dpatch-run
## 35_mount_crypt_luks.dpatch by Florian Frank
##
## All lines beginning with `## DP:' are a description of the patch.

@DPATCH@
diff -urNad ./scripts/mount.crypt_old /tmp/scripts/mount.crypt
--- ./scripts/mount.crypt       2005-08-25 17:24:51.206740896 +0200
+++ /tmp/scripts/mount.crypt    2005-08-25 17:24:21.564247240 +0200
@@ -140,8 +140,21 @@
 # FIXME: blind replacement of / with _ may be a bad idea.
 DMDEVICE=`echo $DMDEVICE | sed 's/\//_/g'`
 
-$CRYPTSETUP -c ${CIPHER:-aes} -h ${HASH:-ripemd160} -s ${KEYSIZE:-256} \
-       create $DMDEVICE $DEVICE
+# check for luks
+$CRYPTSETUP isLuks $DEVICE 2>/dev/null
+
+if [ $? -eq 0 ]; then
+       LUKS=true
+else
+       LUKS=false
+fi
+
+if [ x"$LUKS" = xtrue ]; then
+       $CRYPTSETUP luksOpen $DEVICE $DMDEVICE
+else
+       $CRYPTSETUP -c ${CIPHER:-aes} -h ${HASH:-ripemd160} -s ${KEYSIZE:-256} \
+               create $DMDEVICE $DEVICE
+fi
 
 if [ $? -ne 0 ]; then
        echo "${0##*/}: error creating $DMDEVICE" >&2
@@ -153,7 +166,11 @@
        $FSCK -p /dev/mapper/$DMDEVICE
        if [ $? -gt 1 ]; then
                echo "${0##*/}: filesystem $DMDEVICE has errors" >&2
-               $CRYPTSETUP remove $DMDEVICE
+               if [ x"$LUKS" = xtrue ]; then
+                       $CRYPTSETUP luksClose $DMDEVICE
+               else
+                       $CRYPTSETUP remove $DMDEVICE
+               fi
                [ x"$LOOP" = xtrue ] && $LOSETUP -d $DEVICE
                exit 1
        fi
@@ -163,7 +180,11 @@
 $MOUNT ${MOUNTOPTIONS:+-o $MOUNTOPTIONS} /dev/mapper/$DMDEVICE $MOUNT_POINT
 if [ $? -ne 0 ]; then
        echo "${0##*/}: error mounting $DMDEVICE" >&2
-       $CRYPTSETUP remove $DMDEVICE
+       if [ x"$LUKS" = xtrue ]; then
+               $CRYPTSETUP luksClose $DMDEVICE
+       else
+               $CRYPTSETUP remove $DMDEVICE
+       fi
        [ x"$LOOP" = xtrue ] && $LOSETUP -d $DEVICE
        exit 1
 fi
diff -urNad ./scripts/umount.crypt /tmp/scripts/umount.crypt
--- ./scripts/umount.crypt      2005-08-25 17:24:54.808193392 +0200
+++ /tmp/scripts/umount.crypt   2005-08-25 17:24:30.440897784 +0200
@@ -55,7 +55,21 @@
        exit 1
 fi
 
-$CRYPTSETUP remove $DMDEVICE
+# check for luks
+$CRYPTSETUP isLuks $DEVICE 2>/dev/null
+
+if [ $? -eq 0 ]; then
+       LUKS=true
+else
+       LUKS=false
+fi
+
+if [ x"$LUKS" = xtrue ]; then
+       $CRYPTSETUP luksClose $DMDEVICE
+else
+       $CRYPTSETUP remove $DMDEVICE
+fi
+
 if [ $? -ne 0 ]; then
        echo "${0##*/}: error removing $DMDEVICE" >&2
        exit 1

Bug#325028: LUKS Support

Reply via email to