picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Systemd/src/cryptsetup/cryptsetup-generator.c

517 lines
16 KiB
C
Raw Normal View History

cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
/***
This file is part of systemd.
Copyright 2010 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
relicense to LGPLv2.1 (with exceptions) We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-12 00:20:58 +02:00
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
relicense to LGPLv2.1 (with exceptions) We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-12 00:20:58 +02:00
Lesser General Public License for more details.
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
relicense to LGPLv2.1 (with exceptions) We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-12 00:20:58 +02:00
You should have received a copy of the GNU Lesser General Public License
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <errno.h>
util-lib: split out allocation calls into alloc-util.[ch]
2015-10-27 03:01:06 +01:00
#include "alloc-util.h"
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
#include "dropin.h"
util-lib: split out fd-related operations into fd-util.[ch] There are more than enough to deserve their own .c file, hence move them over.
2015-10-25 13:14:12 +01:00
#include "fd-util.h"
util-lib: move more file I/O related calls into fileio.[ch]
2015-10-26 18:05:03 +01:00
#include "fileio.h"
util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.
2015-10-24 22:58:24 +02:00
#include "fstab-util.h"
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
#include "generator.h"
#include "hashmap.h"
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
#include "log.h"
rename basic.la to shared.la and put selinux deps in shared-selinx.la Only 34 of 74 tools need libselinux linked, and libselinux is a pain with its unconditional library constructor.
2012-04-10 21:54:31 +02:00
#include "mkdir.h"
util-lib: split string parsing related calls from util.[ch] into parse-util.[ch]
2015-10-26 16:18:16 +01:00
#include "parse-util.h"
cryptsetup: don't add unit dependency on /dev/null devices when it is listed as password file As special magic, don't create device dependencies for /dev/null. Of course, there might be similar devices we might want to include, but given that none of them really make sense to specify as password source there's really no point in checking for anything else here. https://bugs.freedesktop.org/show_bug.cgi?id=75816
2014-06-23 19:18:44 +02:00
#include "path-util.h"
util-lib: move /proc/cmdline parsing code to proc-cmdline.[ch]
2015-10-27 00:06:29 +01:00
#include "proc-cmdline.h"
util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.
2015-10-24 22:58:24 +02:00
#include "string-util.h"
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
#include "strv.h"
#include "unit-name.h"
#include "util.h"
typedef struct crypto_device {
char *uuid;
cryptsetup-generator: Add support for UUID-specific key files on kernel command line
2014-12-02 18:49:29 +01:00
char *keyfile;
cryptsetup-generator: Add support for naming luks devices on kernel cmdline
2014-12-02 18:49:30 +01:00
char *name;
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
char *options;
bool create;
} crypto_device;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
static const char *arg_dest = "/tmp";
static bool arg_enabled = true;
static bool arg_read_crypttab = true;
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
static bool arg_whitelist = false;
static Hashmap *arg_disks = NULL;
static char *arg_default_options = NULL;
static char *arg_default_keyfile = NULL;
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
static int create_disk(
const char *name,
const char *device,
const char *password,
const char *options) {
cryptsetup: allow x-systemd.device-timeout https://bugs.freedesktop.org/show_bug.cgi?id=54210
2014-07-01 00:41:17 +02:00
_cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *to = NULL, *e = NULL,
*filtered = NULL;
move _cleanup_ attribute in front of the type http://lists.freedesktop.org/archives/systemd-devel/2013-April/010510.html
2013-04-18 09:11:22 +02:00
_cleanup_fclose_ FILE *f = NULL;
cryptsetup-generator: don't create tmp+swap units
2013-08-15 02:47:59 +02:00
bool noauto, nofail, tmp, swap;
cryptsetup: some fixes
2014-03-06 02:26:52 +01:00
char *from;
int r;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
assert(name);
assert(device);
Support negated fstab options We would ignore options like "fail" and "auto", and for any option which takes a value the first assignment would win. Repeated and options equivalent to the default are rarely used, but they have been documented forever, and people might use them. Especially on the kernel command line it is easier to append a repeated or negated option at the end.
2015-01-11 06:04:00 +01:00
noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0");
nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0");
cryptsetup-generator: remove duplicated function
2015-01-11 05:06:52 +01:00
tmp = fstab_test_option(options, "tmp\0");
swap = fstab_test_option(options, "swap\0");
cryptsetup-generator: don't create tmp+swap units
2013-08-15 02:47:59 +02:00
if (tmp && swap) {
log_error("Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", name);
return -EINVAL;
}
mount,crypto: rework meaning of noauto/nofail
2011-04-20 00:45:22 +02:00
cryptsetup: some fixes
2014-03-06 02:26:52 +01:00
e = unit_name_escape(name);
if (!e)
return log_oom();
core: rework unit name validation and manipulation logic A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-30 20:21:00 +02:00
r = unit_name_build("systemd-cryptsetup", e, ".service", &n);
if (r < 0)
return log_error_errno(r, "Failed to generate unit name: %m");
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
tree-wide: drop NULL sentinel from strjoin This makes strjoin and strjoina more similar and avoids the useless final argument. spatch -I . -I ./src -I ./src/basic -I ./src/basic -I ./src/shared -I ./src/shared -I ./src/network -I ./src/locale -I ./src/login -I ./src/journal -I ./src/journal -I ./src/timedate -I ./src/timesync -I ./src/nspawn -I ./src/resolve -I ./src/resolve -I ./src/systemd -I ./src/core -I ./src/core -I ./src/libudev -I ./src/udev -I ./src/udev/net -I ./src/udev -I ./src/libsystemd/sd-bus -I ./src/libsystemd/sd-event -I ./src/libsystemd/sd-login -I ./src/libsystemd/sd-netlink -I ./src/libsystemd/sd-network -I ./src/libsystemd/sd-hwdb -I ./src/libsystemd/sd-device -I ./src/libsystemd/sd-id128 -I ./src/libsystemd-network --sp-file coccinelle/strjoin.cocci --in-place $(git ls-files src/*.c) git grep -e '\bstrjoin\b.*NULL' -l|xargs sed -i -r 's/strjoin\((.*), NULL\)/strjoin(\1)/' This might have missed a few cases (spatch has a really hard time dealing with _cleanup_ macros), but that's no big issue, they can always be fixed later.
2016-10-23 17:43:27 +02:00
p = strjoin(arg_dest, "/", n);
cryptsetup-generator: use _cleanup_ where possible
2013-03-08 10:50:33 +01:00
if (!p)
return log_oom();
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup: a few simplifications
2012-05-21 17:22:36 +02:00
u = fstab_node_to_udev_node(device);
cryptsetup-generator: use _cleanup_ where possible
2013-03-08 10:50:33 +01:00
if (!u)
return log_oom();
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
core: rework unit name validation and manipulation logic A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-30 20:21:00 +02:00
r = unit_name_from_path(u, ".device", &d);
if (r < 0)
return log_error_errno(r, "Failed to generate unit name: %m");
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup: a few simplifications
2012-05-21 17:22:36 +02:00
f = fopen(p, "wxe");
treewide: another round of simplifications Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28 19:57:32 +01:00
if (!f)
return log_error_errno(errno, "Failed to create unit file %s: %m", p);
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
fputs("# Automatically generated by systemd-cryptsetup-generator\n\n"
"[Unit]\n"
"Description=Cryptography Setup for %I\n"
"Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)\n"
"SourcePath=/etc/crypttab\n"
"DefaultDependencies=no\n"
"Conflicts=umount.target\n"
"BindsTo=dev-mapper-%i.device\n"
"IgnoreOnIsolate=true\n"
"After=cryptsetup-pre.target\n",
f);
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
mount,crypto: rework meaning of noauto/nofail
2011-04-20 00:45:22 +02:00
if (!nofail)
fprintf(f,
"Before=cryptsetup.target\n");
cryptsetup: add RequiresMountsFor for keyfile This ensures that the keyfile is available during the opening of the encrypted device. Also dropped the explicit ordering Before=local-fs.target, as the containers are ordered implicitly by their content.
2013-03-29 23:01:12 +01:00
if (password) {
cryptsetup: some fixes
2014-03-06 02:26:52 +01:00
if (STR_IN_SET(password, "/dev/urandom", "/dev/random", "/dev/hw_random"))
Fix obsolete references to systemd-random-seed-load.service This service was merged with systemd-random-seed-save.service in c35b956d34bbb8bb208e49e45de2c103ca11911c.
2013-09-22 20:38:24 +02:00
fputs("After=systemd-random-seed.service\n", f);
cryptsetup-generator: auto add deps for device as password If the password is a device file, we can add Requires/After dependencies on the device rather than requiring the user to do so.
2014-02-08 18:54:58 +01:00
else if (!streq(password, "-") && !streq(password, "none")) {
cryptsetup: some fixes
2014-03-06 02:26:52 +01:00
_cleanup_free_ char *uu;
uu = fstab_node_to_udev_node(password);
if (!uu)
cryptsetup-generator: auto add deps for device as password If the password is a device file, we can add Requires/After dependencies on the device rather than requiring the user to do so.
2014-02-08 18:54:58 +01:00
return log_oom();
cryptsetup: don't add unit dependency on /dev/null devices when it is listed as password file As special magic, don't create device dependencies for /dev/null. Of course, there might be similar devices we might want to include, but given that none of them really make sense to specify as password source there's really no point in checking for anything else here. https://bugs.freedesktop.org/show_bug.cgi?id=75816
2014-06-23 19:18:44 +02:00
if (!path_equal(uu, "/dev/null")) {
cryptsetup: some fixes
2014-03-06 02:26:52 +01:00
cryptsetup: don't add unit dependency on /dev/null devices when it is listed as password file As special magic, don't create device dependencies for /dev/null. Of course, there might be similar devices we might want to include, but given that none of them really make sense to specify as password source there's really no point in checking for anything else here. https://bugs.freedesktop.org/show_bug.cgi?id=75816
2014-06-23 19:18:44 +02:00
if (is_device_path(uu)) {
core: rework unit name validation and manipulation logic A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-30 20:21:00 +02:00
_cleanup_free_ char *dd = NULL;
cryptsetup-generator: auto add deps for device as password If the password is a device file, we can add Requires/After dependencies on the device rather than requiring the user to do so.
2014-02-08 18:54:58 +01:00
core: rework unit name validation and manipulation logic A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-30 20:21:00 +02:00
r = unit_name_from_path(uu, ".device", &dd);
if (r < 0)
return log_error_errno(r, "Failed to generate unit name: %m");
cryptsetup: don't add unit dependency on /dev/null devices when it is listed as password file As special magic, don't create device dependencies for /dev/null. Of course, there might be similar devices we might want to include, but given that none of them really make sense to specify as password source there's really no point in checking for anything else here. https://bugs.freedesktop.org/show_bug.cgi?id=75816
2014-06-23 19:18:44 +02:00
fprintf(f, "After=%1$s\nRequires=%1$s\n", dd);
} else
fprintf(f, "RequiresMountsFor=%s\n", password);
}
cryptsetup-generator: auto add deps for device as password If the password is a device file, we can add Requires/After dependencies on the device rather than requiring the user to do so.
2014-02-08 18:54:58 +01:00
}
cryptsetup: add RequiresMountsFor for keyfile This ensures that the keyfile is available during the opening of the encrypted device. Also dropped the explicit ordering Before=local-fs.target, as the containers are ordered implicitly by their content.
2013-03-29 23:01:12 +01:00
}
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup: RequiresMountsFor if source is a file Fixes: https://bugzilla.novell.com/show_bug.cgi?id=730496 https://bugs.freedesktop.org/show_bug.cgi?id=60821
2013-03-29 23:01:11 +01:00
if (is_device_path(u))
fprintf(f,
"BindsTo=%s\n"
"After=%s\n"
"Before=umount.target\n",
d, d);
else
fprintf(f,
"RequiresMountsFor=%s\n",
u);
cryptsetup: allow x-systemd.device-timeout https://bugs.freedesktop.org/show_bug.cgi?id=54210
2014-07-01 00:41:17 +02:00
r = generator_write_timeouts(arg_dest, device, name, options, &filtered);
if (r < 0)
return r;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
fprintf(f,
"\n[Service]\n"
"Type=oneshot\n"
"RemainAfterExit=yes\n"
crypto: let the cryptsetup binary handles its own configurable timeouts
2011-04-14 02:36:02 +02:00
"TimeoutSec=0\n" /* the binary handles timeouts anyway */
cryptsetup: support non-LUKS crypto partitions
2010-11-14 01:53:46 +01:00
"ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n"
cryptsetup: hook up tool with ask-password
2010-11-12 00:39:17 +01:00
"ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n",
cryptsetup: allow x-systemd.device-timeout https://bugs.freedesktop.org/show_bug.cgi?id=54210
2014-07-01 00:41:17 +02:00
name, u, strempty(password), strempty(filtered),
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
name);
cryptsetup-generator: don't create tmp+swap units
2013-08-15 02:47:59 +02:00
if (tmp)
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
fprintf(f,
cryptsetup: add trailing \n
2011-04-13 22:22:10 +02:00
"ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n",
cryptsetup: call mkswap on dm device, not on source device
2011-01-04 02:12:07 +01:00
name);
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: don't create tmp+swap units
2013-08-15 02:47:59 +02:00
if (swap)
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
fprintf(f,
cryptsetup: add trailing \n
2011-04-13 22:22:10 +02:00
"ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n",
cryptsetup: call mkswap on dm device, not on source device
2011-01-04 02:12:07 +01:00
name);
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
Use fflush_and_check() in more places
2015-05-17 00:11:12 +02:00
r = fflush_and_check(f);
if (r < 0)
return log_error_errno(r, "Failed to write file %s: %m", p);
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
util: rework strappenda(), and rename it strjoina() After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary.
2015-02-03 02:05:59 +01:00
from = strjoina("../", n);
cryptsetup: automatically start cryptsetup when looking for mount source
2010-11-12 03:04:10 +01:00
mount,crypto: rework meaning of noauto/nofail
2011-04-20 00:45:22 +02:00
if (!noauto) {
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
tree-wide: drop NULL sentinel from strjoin This makes strjoin and strjoina more similar and avoids the useless final argument. spatch -I . -I ./src -I ./src/basic -I ./src/basic -I ./src/shared -I ./src/shared -I ./src/network -I ./src/locale -I ./src/login -I ./src/journal -I ./src/journal -I ./src/timedate -I ./src/timesync -I ./src/nspawn -I ./src/resolve -I ./src/resolve -I ./src/systemd -I ./src/core -I ./src/core -I ./src/libudev -I ./src/udev -I ./src/udev/net -I ./src/udev -I ./src/libsystemd/sd-bus -I ./src/libsystemd/sd-event -I ./src/libsystemd/sd-login -I ./src/libsystemd/sd-netlink -I ./src/libsystemd/sd-network -I ./src/libsystemd/sd-hwdb -I ./src/libsystemd/sd-device -I ./src/libsystemd/sd-id128 -I ./src/libsystemd-network --sp-file coccinelle/strjoin.cocci --in-place $(git ls-files src/*.c) git grep -e '\bstrjoin\b.*NULL' -l|xargs sed -i -r 's/strjoin\((.*), NULL\)/strjoin(\1)/' This might have missed a few cases (spatch has a really hard time dealing with _cleanup_ macros), but that's no big issue, they can always be fixed later.
2016-10-23 17:43:27 +02:00
to = strjoin(arg_dest, "/", d, ".wants/", n);
cryptsetup-generator: use _cleanup_ where possible
2013-03-08 10:50:33 +01:00
if (!to)
return log_oom();
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
mkdir: append _label to all mkdir() calls that explicitly set the selinux context
2012-05-31 12:40:20 +02:00
mkdir_parents_label(to, 0755);
treewide: another round of simplifications Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28 19:57:32 +01:00
if (symlink(from, to) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", to);
cryptsetup: automatically order crypt partitions before cryptsetup.target
2010-11-18 02:16:36 +01:00
free(to);
mount,crypto: rework meaning of noauto/nofail
2011-04-20 00:45:22 +02:00
if (!nofail)
tree-wide: drop NULL sentinel from strjoin This makes strjoin and strjoina more similar and avoids the useless final argument. spatch -I . -I ./src -I ./src/basic -I ./src/basic -I ./src/shared -I ./src/shared -I ./src/network -I ./src/locale -I ./src/login -I ./src/journal -I ./src/journal -I ./src/timedate -I ./src/timesync -I ./src/nspawn -I ./src/resolve -I ./src/resolve -I ./src/systemd -I ./src/core -I ./src/core -I ./src/libudev -I ./src/udev -I ./src/udev/net -I ./src/udev -I ./src/libsystemd/sd-bus -I ./src/libsystemd/sd-event -I ./src/libsystemd/sd-login -I ./src/libsystemd/sd-netlink -I ./src/libsystemd/sd-network -I ./src/libsystemd/sd-hwdb -I ./src/libsystemd/sd-device -I ./src/libsystemd/sd-id128 -I ./src/libsystemd-network --sp-file coccinelle/strjoin.cocci --in-place $(git ls-files src/*.c) git grep -e '\bstrjoin\b.*NULL' -l|xargs sed -i -r 's/strjoin\((.*), NULL\)/strjoin(\1)/' This might have missed a few cases (spatch has a really hard time dealing with _cleanup_ macros), but that's no big issue, they can always be fixed later.
2016-10-23 17:43:27 +02:00
to = strjoin(arg_dest, "/cryptsetup.target.requires/", n);
mount,crypto: rework meaning of noauto/nofail
2011-04-20 00:45:22 +02:00
else
tree-wide: drop NULL sentinel from strjoin This makes strjoin and strjoina more similar and avoids the useless final argument. spatch -I . -I ./src -I ./src/basic -I ./src/basic -I ./src/shared -I ./src/shared -I ./src/network -I ./src/locale -I ./src/login -I ./src/journal -I ./src/journal -I ./src/timedate -I ./src/timesync -I ./src/nspawn -I ./src/resolve -I ./src/resolve -I ./src/systemd -I ./src/core -I ./src/core -I ./src/libudev -I ./src/udev -I ./src/udev/net -I ./src/udev -I ./src/libsystemd/sd-bus -I ./src/libsystemd/sd-event -I ./src/libsystemd/sd-login -I ./src/libsystemd/sd-netlink -I ./src/libsystemd/sd-network -I ./src/libsystemd/sd-hwdb -I ./src/libsystemd/sd-device -I ./src/libsystemd/sd-id128 -I ./src/libsystemd-network --sp-file coccinelle/strjoin.cocci --in-place $(git ls-files src/*.c) git grep -e '\bstrjoin\b.*NULL' -l|xargs sed -i -r 's/strjoin\((.*), NULL\)/strjoin(\1)/' This might have missed a few cases (spatch has a really hard time dealing with _cleanup_ macros), but that's no big issue, they can always be fixed later.
2016-10-23 17:43:27 +02:00
to = strjoin(arg_dest, "/cryptsetup.target.wants/", n);
cryptsetup-generator: use _cleanup_ where possible
2013-03-08 10:50:33 +01:00
if (!to)
return log_oom();
cryptsetup: automatically order crypt partitions before cryptsetup.target
2010-11-18 02:16:36 +01:00
mkdir: append _label to all mkdir() calls that explicitly set the selinux context
2012-05-31 12:40:20 +02:00
mkdir_parents_label(to, 0755);
treewide: another round of simplifications Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28 19:57:32 +01:00
if (symlink(from, to) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", to);
cryptsetup: a few simplifications
2012-05-21 17:22:36 +02:00
}
cryptsetup: automatically start cryptsetup when looking for mount source
2010-11-12 03:04:10 +01:00
cryptsetup-generator: add a missing OOM check
2013-03-25 23:49:13 +01:00
free(to);
tree-wide: drop NULL sentinel from strjoin This makes strjoin and strjoina more similar and avoids the useless final argument. spatch -I . -I ./src -I ./src/basic -I ./src/basic -I ./src/shared -I ./src/shared -I ./src/network -I ./src/locale -I ./src/login -I ./src/journal -I ./src/journal -I ./src/timedate -I ./src/timesync -I ./src/nspawn -I ./src/resolve -I ./src/resolve -I ./src/systemd -I ./src/core -I ./src/core -I ./src/libudev -I ./src/udev -I ./src/udev/net -I ./src/udev -I ./src/libsystemd/sd-bus -I ./src/libsystemd/sd-event -I ./src/libsystemd/sd-login -I ./src/libsystemd/sd-netlink -I ./src/libsystemd/sd-network -I ./src/libsystemd/sd-hwdb -I ./src/libsystemd/sd-device -I ./src/libsystemd/sd-id128 -I ./src/libsystemd-network --sp-file coccinelle/strjoin.cocci --in-place $(git ls-files src/*.c) git grep -e '\bstrjoin\b.*NULL' -l|xargs sed -i -r 's/strjoin\((.*), NULL\)/strjoin(\1)/' This might have missed a few cases (spatch has a really hard time dealing with _cleanup_ macros), but that's no big issue, they can always be fixed later.
2016-10-23 17:43:27 +02:00
to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n);
cryptsetup-generator: use _cleanup_ where possible
2013-03-08 10:50:33 +01:00
if (!to)
return log_oom();
cryptsetup: automatically start cryptsetup when looking for mount source
2010-11-12 03:04:10 +01:00
mkdir: append _label to all mkdir() calls that explicitly set the selinux context
2012-05-31 12:40:20 +02:00
mkdir_parents_label(to, 0755);
treewide: another round of simplifications Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28 19:57:32 +01:00
if (symlink(from, to) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", to);
cryptsetup: automatically start cryptsetup when looking for mount source
2010-11-12 03:04:10 +01:00
cryptsetup-generator: add JobTimeoutSec=0 for the decrypted crypt devices The password query for a crypto device currently times out after 90s, which is too short to grab a cup of coffee when a machine boots up. The resulting decrypted device /dev/mapper/luks-<uuid> might not be a mountpoint (but part of a LVM PV or raid array) and therefore the timeout cannot be controlled by the settings in /etc/fstab. For this reason this device should not carry its own timeout. Also the encrypted device /dev/disk/by-*/* already has a timeout and additionally the timeout for the password query is set in /etc/crypttab. This patch disables the timeout of the resulting decrypted devices by creating <device-unit>.d/50-job-timeout-sec-0.conf files with "JobTimeoutSec=0".
2013-03-01 15:13:43 +01:00
if (!noauto && !nofail) {
cryptsetup: Fix timeout on dm device. Fix a bug in systemd-cryptsetup-generator which caused the drop-in setting the job timeout for the dm device unit to be written with a name different than the unit name. https://bugs.freedesktop.org/show_bug.cgi?id=84409
2014-09-28 03:05:41 +02:00
_cleanup_free_ char *dmname;
tree-wide: drop NULL sentinel from strjoin This makes strjoin and strjoina more similar and avoids the useless final argument. spatch -I . -I ./src -I ./src/basic -I ./src/basic -I ./src/shared -I ./src/shared -I ./src/network -I ./src/locale -I ./src/login -I ./src/journal -I ./src/journal -I ./src/timedate -I ./src/timesync -I ./src/nspawn -I ./src/resolve -I ./src/resolve -I ./src/systemd -I ./src/core -I ./src/core -I ./src/libudev -I ./src/udev -I ./src/udev/net -I ./src/udev -I ./src/libsystemd/sd-bus -I ./src/libsystemd/sd-event -I ./src/libsystemd/sd-login -I ./src/libsystemd/sd-netlink -I ./src/libsystemd/sd-network -I ./src/libsystemd/sd-hwdb -I ./src/libsystemd/sd-device -I ./src/libsystemd/sd-id128 -I ./src/libsystemd-network --sp-file coccinelle/strjoin.cocci --in-place $(git ls-files src/*.c) git grep -e '\bstrjoin\b.*NULL' -l|xargs sed -i -r 's/strjoin\((.*), NULL\)/strjoin(\1)/' This might have missed a few cases (spatch has a really hard time dealing with _cleanup_ macros), but that's no big issue, they can always be fixed later.
2016-10-23 17:43:27 +02:00
dmname = strjoin("dev-mapper-", e, ".device");
cryptsetup: Fix timeout on dm device. Fix a bug in systemd-cryptsetup-generator which caused the drop-in setting the job timeout for the dm device unit to be written with a name different than the unit name. https://bugs.freedesktop.org/show_bug.cgi?id=84409
2014-09-28 03:05:41 +02:00
if (!dmname)
return log_oom();
r = write_drop_in(arg_dest, dmname, 90, "device-timeout",
cryptsetup: allow x-systemd.device-timeout https://bugs.freedesktop.org/show_bug.cgi?id=54210
2014-07-01 00:41:17 +02:00
"# Automatically generated by systemd-cryptsetup-generator \n\n"
"[Unit]\nJobTimeoutSec=0");
treewide: more log_*_errno + return simplifications
2014-11-28 18:23:20 +01:00
if (r < 0)
return log_error_errno(r, "Failed to write device drop-in: %m");
cryptsetup-generator: add JobTimeoutSec=0 for the decrypted crypt devices The password query for a crypto device currently times out after 90s, which is too short to grab a cup of coffee when a machine boots up. The resulting decrypted device /dev/mapper/luks-<uuid> might not be a mountpoint (but part of a LVM PV or raid array) and therefore the timeout cannot be controlled by the settings in /etc/fstab. For this reason this device should not carry its own timeout. Also the encrypted device /dev/disk/by-*/* already has a timeout and additionally the timeout for the password query is set in /etc/crypttab. This patch disables the timeout of the resulting decrypted devices by creating <device-unit>.d/50-job-timeout-sec-0.conf files with "JobTimeoutSec=0".
2013-03-01 15:13:43 +01:00
}
cryptsetup-generator: use _cleanup_ where possible
2013-03-08 10:50:33 +01:00
return 0;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
}
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
static void free_arg_disks(void) {
crypto_device *d;
while ((d = hashmap_steal_first(arg_disks))) {
free(d->uuid);
cryptsetup-generator: Add support for UUID-specific key files on kernel command line
2014-12-02 18:49:29 +01:00
free(d->keyfile);
cryptsetup-generator: Add support for naming luks devices on kernel cmdline
2014-12-02 18:49:30 +01:00
free(d->name);
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
free(d->options);
free(d);
}
hashmap_free(arg_disks);
}
static crypto_device *get_crypto_device(const char *uuid) {
int r;
crypto_device *d;
assert(uuid);
d = hashmap_get(arg_disks, uuid);
if (!d) {
d = new0(struct crypto_device, 1);
if (!d)
return NULL;
d->create = false;
cryptsetup-generator: Add support for naming luks devices on kernel cmdline
2014-12-02 18:49:30 +01:00
d->keyfile = d->options = d->name = NULL;
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
d->uuid = strdup(uuid);
tree-wide: use mfree more
2016-10-17 00:28:30 +02:00
if (!d->uuid)
return mfree(d);
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
r = hashmap_put(arg_disks, d->uuid, d);
if (r < 0) {
free(d->uuid);
tree-wide: use mfree more
2016-10-17 00:28:30 +02:00
return mfree(d);
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
}
}
return d;
}
tree-wide: allow state to be passed through to parse_proc_cmdline_item No functional change.
2016-10-22 20:24:52 +02:00
static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
_cleanup_free_ char *uuid = NULL, *uuid_value = NULL;
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
crypto_device *d;
int r;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
if (streq(key, "luks")) {
util: move more intellegince into parse_proc_cmdline() Already split variable assignments before invoking the callback. And drop "rd." settings if we are not in an initrd.
2014-03-06 17:05:55 +01:00
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
r = value ? parse_boolean(value) : 1;
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
if (r < 0)
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
log_warning("Failed to parse luks= kernel command line switch %s. Ignoring.", value);
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
else
arg_enabled = r;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
} else if (streq(key, "luks.crypttab")) {
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
r = value ? parse_boolean(value) : 1;
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
if (r < 0)
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
log_warning("Failed to parse luks.crypttab= kernel command line switch %s. Ignoring.", value);
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
else
arg_read_crypttab = r;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
} else if (streq(key, "luks.uuid")) {
if (proc_cmdline_value_missing(key, value))
return 0;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
d = get_crypto_device(startswith(value, "luks-") ? value+5 : value);
if (!d)
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
return log_oom();
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
d->create = arg_whitelist = true;
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
} else if (streq(key, "luks.options")) {
if (proc_cmdline_value_missing(key, value))
return 0;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
r = sscanf(value, "%m[0-9a-fA-F-]=%ms", &uuid, &uuid_value);
if (r == 2) {
d = get_crypto_device(uuid);
if (!d)
return log_oom();
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
free_and_replace(d->options, uuid_value);
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
} else if (free_and_strdup(&arg_default_options, value) < 0)
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
return log_oom();
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
} else if (streq(key, "luks.key")) {
if (proc_cmdline_value_missing(key, value))
return 0;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Add support for UUID-specific key files on kernel command line
2014-12-02 18:49:29 +01:00
r = sscanf(value, "%m[0-9a-fA-F-]=%ms", &uuid, &uuid_value);
if (r == 2) {
d = get_crypto_device(uuid);
if (!d)
return log_oom();
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
free_and_replace(d->keyfile, uuid_value);
cryptsetup-generator: Properly check return code
2015-09-10 10:23:49 +02:00
} else if (free_and_strdup(&arg_default_keyfile, value) < 0)
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
return log_oom();
cryptsetup-generator: allow specifying options in /proc/cmdline The main usecase for this is to make it possible to use cryptsetup in the initrd without it having to include a host-specific /etc/crypttab. Tested-by: Thomas Bächler <thomas@archlinux.org>
2013-08-18 08:59:00 +02:00
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
} else if (streq(key, "luks.name")) {
if (proc_cmdline_value_missing(key, value))
return 0;
cryptsetup-generator: Add support for naming luks devices on kernel cmdline
2014-12-02 18:49:30 +01:00
r = sscanf(value, "%m[0-9a-fA-F-]=%ms", &uuid, &uuid_value);
if (r == 2) {
d = get_crypto_device(uuid);
if (!d)
return log_oom();
d->create = arg_whitelist = true;
free(d->name);
d->name = uuid_value;
uuid_value = NULL;
} else
log_warning("Failed to parse luks name switch %s. Ignoring.", value);
stop complaining about unknown kernel cmdline options Also stop warning about unknown kernel cmdline options in the various tools, not just in PID 1
2014-06-19 16:55:20 +02:00
}
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: use _cleanup_ where possible
2013-03-08 10:50:33 +01:00
return 0;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
}
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
static int add_crypttab_devices(void) {
struct stat st;
unsigned crypttab_line = 0;
move _cleanup_ attribute in front of the type http://lists.freedesktop.org/archives/systemd-devel/2013-April/010510.html
2013-04-18 09:11:22 +02:00
_cleanup_fclose_ FILE *f = NULL;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (!arg_read_crypttab)
return 0;
f = fopen("/etc/crypttab", "re");
if (!f) {
if (errno != ENOENT)
log_error_errno(errno, "Failed to open /etc/crypttab: %m");
return 0;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
}
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (fstat(fileno(f), &st) < 0) {
log_error_errno(errno, "Failed to stat /etc/crypttab: %m");
return 0;
}
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
for (;;) {
int r, k;
char line[LINE_MAX], *l, *uuid;
crypto_device *d = NULL;
_cleanup_free_ char *name = NULL, *device = NULL, *keyfile = NULL, *options = NULL;
umask: change default umask to 0022 just to be sure, and set it explicitly in all binaries, in order to make sure it is set when started from the terminal
2011-08-01 20:52:18 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (!fgets(line, sizeof(line), f))
break;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
crypttab_line++;
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
l = strstrip(line);
if (*l == '#' || *l == 0)
continue;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
k = sscanf(l, "%ms %ms %ms %ms", &name, &device, &keyfile, &options);
if (k < 2 || k > 4) {
log_error("Failed to parse /etc/crypttab:%u, ignoring.", crypttab_line);
continue;
}
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
uuid = startswith(device, "UUID=");
if (!uuid)
uuid = path_startswith(device, "/dev/disk/by-uuid/");
if (!uuid)
uuid = startswith(name, "luks-");
if (uuid)
d = hashmap_get(arg_disks, uuid);
cryptsetup: warn if /etc/crypttab is world-readable
2013-04-30 00:48:03 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (arg_whitelist && !d) {
log_info("Not creating device '%s' because it was not specified on the kernel command line.", name);
continue;
cryptsetup: warn if /etc/crypttab is world-readable
2013-04-30 00:48:03 +02:00
}
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
r = create_disk(name, device, keyfile, (d && d->options) ? d->options : options);
if (r < 0)
return r;
cryptsetup: warn if /etc/crypttab is world-readable
2013-04-30 00:48:03 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (d)
d->create = false;
}
cryptsetup: warn if /etc/crypttab is world-readable
2013-04-30 00:48:03 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
return 0;
}
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
static int add_proc_cmdline_devices(void) {
int r;
Iterator i;
crypto_device *d;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
HASHMAP_FOREACH(d, arg_disks, i) {
const char *options;
cryptsetup-generator: Add support for naming luks devices on kernel cmdline
2014-12-02 18:49:30 +01:00
_cleanup_free_ char *device = NULL;
cryptsetup: allow configuration of LUKS disks via the kernel cmdline This generalizes a bit of the functionality already available in dracut.
2012-06-22 10:11:06 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (!d->create)
continue;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Add support for naming luks devices on kernel cmdline
2014-12-02 18:49:30 +01:00
if (!d->name) {
d->name = strappend("luks-", d->uuid);
if (!d->name)
return log_oom();
}
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
device = strappend("UUID=", d->uuid);
if (!device)
return log_oom();
cryptsetup-generator: allow specifying options in /proc/cmdline The main usecase for this is to make it possible to use cryptsetup in the initrd without it having to include a host-specific /etc/crypttab. Tested-by: Thomas Bächler <thomas@archlinux.org>
2013-08-18 08:59:00 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (d->options)
options = d->options;
else if (arg_default_options)
options = arg_default_options;
else
options = "timeout=0";
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
cryptsetup-generator: Add support for naming luks devices on kernel cmdline
2014-12-02 18:49:30 +01:00
r = create_disk(d->name, device, d->keyfile ?: arg_default_keyfile, options);
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (r < 0)
return r;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
}
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
return 0;
}
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
int main(int argc, char *argv[]) {
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
int r;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (argc > 1 && argc != 4) {
log_error("This program takes three or no arguments.");
return EXIT_FAILURE;
}
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (argc > 1)
arg_dest = argv[1];
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
log_set_target(LOG_TARGET_SAFE);
log_parse_environment();
log_open();
cryptsetup-generator: fix the kernel command line strategy for luks.uuid If rd.luks.uuid or luks.uuid is specified on the kernel command, only generate units for these UUIDs. Additionally use the information in /etc/crypttab unless rd.luks.crypttab=0 or luks.crypttab=0 is specified.
2013-03-01 11:33:14 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
umask(0022);
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
arg_disks = hashmap_new(&string_hash_ops);
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
if (!arg_disks) {
r = log_oom();
goto finish;
}
cryptsetup-generator: allow specifying options in /proc/cmdline The main usecase for this is to make it possible to use cryptsetup in the initrd without it having to include a host-specific /etc/crypttab. Tested-by: Thomas Bächler <thomas@archlinux.org>
2013-08-18 08:59:00 +02:00
util-lib: various improvements to kernel command line parsing This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-12 18:29:15 +01:00
r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, PROC_CMDLINE_STRIP_RD_PREFIX);
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (r < 0) {
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
log_warning_errno(r, "Failed to parse kernel command line: %m");
goto finish;
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
}
cryptsetup-generator: allow specifying options in /proc/cmdline The main usecase for this is to make it possible to use cryptsetup in the initrd without it having to include a host-specific /etc/crypttab. Tested-by: Thomas Bächler <thomas@archlinux.org>
2013-08-18 08:59:00 +02:00
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
if (!arg_enabled) {
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
r = 0;
goto finish;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
}
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
r = add_crypttab_devices();
if (r < 0)
goto finish;
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
r = add_proc_cmdline_devices();
if (r < 0)
goto finish;
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
r = 0;
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
finish:
cryptsetup-generator: Split main() into more functions and use hasmaps
2014-12-02 18:49:28 +01:00
free_arg_disks();
free(arg_default_options);
free(arg_default_keyfile);
Extract looping over /proc/cmdline into a shared function In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-16 00:08:59 +01:00
cryptsetup: various coding style improvements No functional changes.
2016-12-16 13:15:31 +01:00
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
cryptsetup: minimal cryptsetup unit generator
2010-11-08 05:02:45 +01:00
}