diff options
| author | Britney Fransen <brfransen@gmail.com> | 2025-07-18 14:26:22 (GMT) |
|---|---|---|
| committer | Britney Fransen <brfransen@gmail.com> | 2025-07-18 14:26:22 (GMT) |
| commit | b3db12d705ab44a97cba72af5d4730d2ac4519e0 (patch) | |
| tree | c9f881a4a4aba9feb1bfc6bcc31f8e4b6add8f9b /linhes/mkinitcpio-openswap/openswap.install | |
| parent | efcc38efc4c2b1abb611a8473a1cddaef99a2386 (diff) | |
| download | linhes_pkgbuild-b3db12d705ab44a97cba72af5d4730d2ac4519e0.zip linhes_pkgbuild-b3db12d705ab44a97cba72af5d4730d2ac4519e0.tar.gz linhes_pkgbuild-b3db12d705ab44a97cba72af5d4730d2ac4519e0.tar.bz2 | |
mkinitcpio-openswap: update to 0.1.1
Diffstat (limited to 'linhes/mkinitcpio-openswap/openswap.install')
| -rw-r--r-- | linhes/mkinitcpio-openswap/openswap.install | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/linhes/mkinitcpio-openswap/openswap.install b/linhes/mkinitcpio-openswap/openswap.install index 95d59a3..65dab09 100644 --- a/linhes/mkinitcpio-openswap/openswap.install +++ b/linhes/mkinitcpio-openswap/openswap.install @@ -6,9 +6,23 @@ build () grep "keyfile_filename=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" grep "keyfile_device_mount_options=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" grep "cryptsetup_options=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" + grep "keyfile_block_number=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" + grep "unlock_method=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" + grep "keyfile_length=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" source "$BUILDROOT/openswap.conf" + if [ -z "$unlock_method" ]; then + # unlock_method is not set, determine it based on keyfile_device and keyfile_filename + # for backward compatibility. + if [ -z "$keyfile_device" ] || [ -z "$keyfile_filename" ]; then + unlock_method="password" + else + unlock_method="keyfile" + fi + fi + echo "unlock_method=$unlock_method" >> "$BUILDROOT/openswap.conf" + if [ -z "$swap_device" ]; then warning "swap_device variable is not set" fi @@ -17,6 +31,41 @@ build () warning "crypt_swap_name variable is not set" fi + if [ "$unlock_method" = "keyfile" ]; then + warning "you are using potentially dangerous unlock_method keyfile, please make sure you know what you are doing" + warning "https://docs.kernel.org/power/swsusp.html" + warning "https://wiki.archlinux.org/title/Dm-crypt/Swap_encryption#busybox-based_initramfs" + if [ -z "$keyfile_device" ]; then + warning "keyfile_device variable is not set and unlock_method is set to keyfile" + fi + if [ -z "$keyfile_filename" ]; then + warning "keyfile_filename variable is not set and unlock_method is set to keyfile" + fi + + if [ -z "$keyfile_device_mount_options" ]; then + warning "keyfile_device_mount_options variable is not set and unlock_method is set to keyfile" + fi + fi + + if [ "$unlock_method" = "keyfile_raw" ]; then + if [ -z "$keyfile_device" ]; then + warning "keyfile_device variable is not set and unlock_method is set to keyfile_raw" + fi + if [ -z "$keyfile_block_number" ]; then + warning "keyfile_block_number variable is not set and unlock_method is set to keyfile_raw" + fi + if [ -z "$keyfile_length" ]; then + warning "keyfile_length variable is not set and unlock_method is set to keyfile_raw" + fi + fi + + # check if unlock_method is valid + if [ "$unlock_method" != "password" ] && [ "$unlock_method" != "keyfile" ] && [ "$unlock_method" != "keyfile_raw" ]; then + error "unlock_method is set to $unlock_method, but it can only be password, keyfile or keyfile_raw" + error "please change the unlock_method variable in /etc/openswap.conf" + exit 1 + fi + add_runscript } help () |