diff options
author | Dmitry Baranov <reagentoo@gmail.com> | 2020-12-29 23:10:50 +0300 |
---|---|---|
committer | Dmitry Baranov <reagentoo@gmail.com> | 2021-08-07 20:20:10 +0300 |
commit | efdf4d0affb587655d703140db86d45ffd2a1ede (patch) | |
tree | 0973f7c658cfe85ae04e000622b6559fba404e4e | |
parent | genkernel: Bump to v4.2.3 (diff) | |
download | genkernel-efdf4d0affb587655d703140db86d45ffd2a1ede.tar.gz genkernel-efdf4d0affb587655d703140db86d45ffd2a1ede.tar.bz2 genkernel-efdf4d0affb587655d703140db86d45ffd2a1ede.zip |
defaults/initrd.scripts: Get rid of extra padding
Simplify conditional blocks where 'continue' is present.
Signed-off-by: Dmitry Baranov <reagentoo@gmail.com>
-rw-r--r-- | defaults/initrd.scripts | 184 |
1 files changed, 92 insertions, 92 deletions
diff --git a/defaults/initrd.scripts b/defaults/initrd.scripts index cdee2a4..33a48b3 100644 --- a/defaults/initrd.scripts +++ b/defaults/initrd.scripts @@ -1882,119 +1882,119 @@ openLUKS() { bad_msg "The LUKS device ${LUKS_DEVICE} does not contain a LUKS header" ${CRYPT_SILENT} DEV_ERROR=1 continue - else - if [ -n "${cryptsetup_options}" ] - then - good_msg "Using the following cryptsetup options for ${LUKS_NAME}: ${cryptsetup_options}" ${CRYPT_SILENT} - fi + fi - # Handle keys - if [ -n "${LUKS_KEY}" ] + if [ -n "${cryptsetup_options}" ] + then + good_msg "Using the following cryptsetup options for ${LUKS_NAME}: ${cryptsetup_options}" ${CRYPT_SILENT} + fi + + # Handle keys + if [ -n "${LUKS_KEY}" ] + then + local REAL_LUKS_KEYDEV="${LUKS_KEYDEV}" + if [ ! -e "${mntkey}${LUKS_KEY}" ] then - local REAL_LUKS_KEYDEV="${LUKS_KEYDEV}" - if [ ! -e "${mntkey}${LUKS_KEY}" ] + REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") + if [ -b "${REAL_LUKS_KEYDEV}" ] then - REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") - if [ -b "${REAL_LUKS_KEYDEV}" ] + good_msg "Using key device ${REAL_LUKS_KEYDEV}." ${CRYPT_SILENT} + else + good_msg "Please insert removable device ${LUKS_KEYDEV} for ${LUKS_NAME}" ${CRYPT_SILENT} + # abort after 10 secs + local count=10 + while [ ${count} -gt 0 ] + do + count=$((count-1)) + sleep 1 + REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") + if [ -b "${REAL_LUKS_KEYDEV}" ] + then + good_msg "Removable device ${REAL_LUKS_KEYDEV} detected." ${CRYPT_SILENT} + break + fi + done + if [ ! -b "${REAL_LUKS_KEYDEV}" ] then - good_msg "Using key device ${REAL_LUKS_KEYDEV}." ${CRYPT_SILENT} - else - good_msg "Please insert removable device ${LUKS_KEYDEV} for ${LUKS_NAME}" ${CRYPT_SILENT} - # abort after 10 secs - local count=10 - while [ ${count} -gt 0 ] - do - count=$((count-1)) - sleep 1 - REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") - if [ -b "${REAL_LUKS_KEYDEV}" ] - then - good_msg "Removable device ${REAL_LUKS_KEYDEV} detected." ${CRYPT_SILENT} - break - fi - done + eval CRYPT_${TYPE}_KEY=${LUKS_KEY} + bootstrapKey ${TYPE} + eval LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' + REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") if [ ! -b "${REAL_LUKS_KEYDEV}" ] then - eval CRYPT_${TYPE}_KEY=${LUKS_KEY} - bootstrapKey ${TYPE} - eval LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' - REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") - if [ ! -b "${REAL_LUKS_KEYDEV}" ] - then - KEYDEV_ERROR=1 - bad_msg "Removable device ${LUKS_KEYDEV} not found." ${CRYPT_SILENT} - continue - fi - # continue otherwise will mount keydev which is mounted by bootstrap + KEYDEV_ERROR=1 + bad_msg "Removable device ${LUKS_KEYDEV} not found." ${CRYPT_SILENT} continue fi + # continue otherwise will mount keydev which is mounted by bootstrap + continue fi + fi - # At this point a device was recognized, now let's see if the key is there - [ ! -d "${mntkey}" ] && mkdir -p "${mntkey}" >/dev/null 2>&1 + # At this point a device was recognized, now let's see if the key is there + [ ! -d "${mntkey}" ] && mkdir -p "${mntkey}" >/dev/null 2>&1 - # determine fs -- 'auto' will not trigger module loading! - LUKS_KEYDEV_FSTYPE=$(determine_fs "${REAL_LUKS_KEYDEV}" "${LUKS_KEYDEV_FSTYPE}") + # determine fs -- 'auto' will not trigger module loading! + LUKS_KEYDEV_FSTYPE=$(determine_fs "${REAL_LUKS_KEYDEV}" "${LUKS_KEYDEV_FSTYPE}") - if ! run mount -n -t ${LUKS_KEYDEV_FSTYPE} -o ro ${REAL_LUKS_KEYDEV} ${mntkey} >/dev/null 2>&1 - then - KEYDEV_ERROR=1 - bad_msg "Mounting of device ${REAL_LUKS_KEYDEV} failed." ${CRYPT_SILENT} - continue - else - good_msg "Removable device ${REAL_LUKS_KEYDEV} mounted." ${CRYPT_SILENT} - sleep 2 - # keyfile exists? - if [ ! -e "${mntkey}${LUKS_KEY}" ] - then - run umount -n "${mntkey}" >/dev/null 2>&1 - KEY_ERROR=1 - KEYDEV_ERROR=1 - bad_msg "Key {LUKS_KEY} on device ${REAL_LUKS_KEYDEV} not found." ${CRYPT_SILENT} - continue - fi - fi + if ! run mount -n -t ${LUKS_KEYDEV_FSTYPE} -o ro ${REAL_LUKS_KEYDEV} ${mntkey} >/dev/null 2>&1 + then + KEYDEV_ERROR=1 + bad_msg "Mounting of device ${REAL_LUKS_KEYDEV} failed." ${CRYPT_SILENT} + continue fi - # At this point a candidate key exists (either mounted before or not) - good_msg "${LUKS_KEY} on device ${REAL_LUKS_KEYDEV} found" ${CRYPT_SILENT} - if [ "$(echo ${LUKS_KEY} | grep -o '.gpg$')" = ".gpg" ] + good_msg "Removable device ${REAL_LUKS_KEYDEV} mounted." ${CRYPT_SILENT} + sleep 2 + # keyfile exists? + if [ ! -e "${mntkey}${LUKS_KEY}" ] then - if ! hash gpg >/dev/null 2>&1 - then - bad_msg "GPG-encrypted key file provided but gpg program is missing. Was initramfs built without --gpg parameter?" - bad_msg "Falling back to passphrase usage!" - else - [ -e /dev/tty ] && run mv /dev/tty /dev/tty.org - run mknod /dev/tty c 5 1 - cryptsetup_options="${cryptsetup_options} -d -" - gpg_cmd="gpg --logger-file /dev/null --quiet --decrypt ${mntkey}${LUKS_KEY} |" - fi - else - cryptsetup_options="${cryptsetup_options} -d ${mntkey}${LUKS_KEY}" + run umount -n "${mntkey}" >/dev/null 2>&1 + KEY_ERROR=1 + KEYDEV_ERROR=1 + bad_msg "Key {LUKS_KEY} on device ${REAL_LUKS_KEYDEV} not found." ${CRYPT_SILENT} + continue fi fi - # At this point, keyfile or not, we're ready! - crypt_filter "${gpg_cmd}cryptsetup ${cryptsetup_options} luksOpen ${LUKS_DEVICE} ${LUKS_NAME}" - crypt_filter_ret=$? - - [ -e /dev/tty.org ] \ - && run rm -f /dev/tty \ - && run mv /dev/tty.org /dev/tty + # At this point a candidate key exists (either mounted before or not) + good_msg "${LUKS_KEY} on device ${REAL_LUKS_KEYDEV} found" ${CRYPT_SILENT} - if [ ${crypt_filter_ret} -eq 0 ] + if [ "$(echo ${LUKS_KEY} | grep -o '.gpg$')" = ".gpg" ] then - run touch "${OPENED_LOCKFILE}" - good_msg "LUKS device ${LUKS_DEVICE} opened" ${CRYPT_SILENT} - break - elif [ ! -e "${OPENED_LOCKFILE}" ] - then - bad_msg "Failed to open LUKS device ${LUKS_DEVICE}" ${CRYPT_SILENT} - DEV_ERROR=1 - KEY_ERROR=1 - KEYDEV_ERROR=1 + if ! hash gpg >/dev/null 2>&1 + then + bad_msg "GPG-encrypted key file provided but gpg program is missing. Was initramfs built without --gpg parameter?" + bad_msg "Falling back to passphrase usage!" + else + [ -e /dev/tty ] && run mv /dev/tty /dev/tty.org + run mknod /dev/tty c 5 1 + cryptsetup_options="${cryptsetup_options} -d -" + gpg_cmd="gpg --logger-file /dev/null --quiet --decrypt ${mntkey}${LUKS_KEY} |" + fi + else + cryptsetup_options="${cryptsetup_options} -d ${mntkey}${LUKS_KEY}" fi fi + # At this point, keyfile or not, we're ready! + crypt_filter "${gpg_cmd}cryptsetup ${cryptsetup_options} luksOpen ${LUKS_DEVICE} ${LUKS_NAME}" + crypt_filter_ret=$? + + [ -e /dev/tty.org ] \ + && run rm -f /dev/tty \ + && run mv /dev/tty.org /dev/tty + + if [ ${crypt_filter_ret} -eq 0 ] + then + run touch "${OPENED_LOCKFILE}" + good_msg "LUKS device ${LUKS_DEVICE} opened" ${CRYPT_SILENT} + break + elif [ ! -e "${OPENED_LOCKFILE}" ] + then + bad_msg "Failed to open LUKS device ${LUKS_DEVICE}" ${CRYPT_SILENT} + DEV_ERROR=1 + KEY_ERROR=1 + KEYDEV_ERROR=1 + fi fi done |