linhes/mkinitcpio-openswap/openswap.install


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

build ()
{
    grep "swap_device="      /etc/openswap.conf  > "$BUILDROOT/openswap.conf"
    grep "crypt_swap_name="  /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
    grep "keyfile_device="   /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
    grep "keyfile_filename=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
    grep "keyfile_device_mount_options=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
    grep "cryptsetup_options=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
    grep "keyfile_block_number=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
    grep "unlock_method=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
    grep "keyfile_length=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"

    source "$BUILDROOT/openswap.conf"

    if [ -z "$unlock_method" ]; then
      # unlock_method is not set, determine it based on keyfile_device and keyfile_filename
      # for backward compatibility.
      if [ -z "$keyfile_device" ] || [ -z "$keyfile_filename" ]; then
        unlock_method="password"
      else
        unlock_method="keyfile"
      fi
    fi
    echo "unlock_method=$unlock_method" >> "$BUILDROOT/openswap.conf"

    if [ -z "$swap_device" ]; then
      warning "swap_device variable is not set"
    fi

    if [ -z "$crypt_swap_name" ]; then
      warning "crypt_swap_name variable is not set"
    fi

    if [ "$unlock_method" = "keyfile" ]; then
      warning "you are using potentially dangerous unlock_method keyfile, please make sure you know what you are doing"
      warning "https://docs.kernel.org/power/swsusp.html"
      warning "https://wiki.archlinux.org/title/Dm-crypt/Swap_encryption#busybox-based_initramfs"
      if [ -z "$keyfile_device" ]; then
        warning "keyfile_device variable is not set and unlock_method is set to keyfile"
      fi
      if [ -z "$keyfile_filename" ]; then
        warning "keyfile_filename variable is not set and unlock_method is set to keyfile"
      fi

      if [ -z "$keyfile_device_mount_options" ]; then
        warning "keyfile_device_mount_options variable is not set and unlock_method is set to keyfile"
      fi
    fi

    if [ "$unlock_method" = "keyfile_raw" ]; then
      if [ -z "$keyfile_device" ]; then
        warning "keyfile_device variable is not set and unlock_method is set to keyfile_raw"
      fi
      if [ -z "$keyfile_block_number" ]; then
        warning "keyfile_block_number variable is not set and unlock_method is set to keyfile_raw"
      fi
      if [ -z "$keyfile_length" ]; then
        warning "keyfile_length variable is not set and unlock_method is set to keyfile_raw"
      fi
    fi

    # check if unlock_method is valid
    if [ "$unlock_method" != "password" ] && [ "$unlock_method" != "keyfile" ] && [ "$unlock_method" != "keyfile_raw" ]; then
      error "unlock_method is set to $unlock_method, but it can only be password, keyfile or keyfile_raw"
      error "please change the unlock_method variable in /etc/openswap.conf"
      exit 1
    fi

    add_runscript
}
help ()
{
cat<<HELPEOF
  This hook opens a swap at boot time
HELPEOF
}