| View previous topic :: View next topic |
| Author |
Message |
die4me
n00b
Joined: 26 Apr 2008
Posts: 17
Location: Woldegk
|
 Posted: Wed May 25, 2011 8:12 pm Post subject: [gelöst] initramfs wird nicht ausgeführt |
 |
|
Hallo,
ich habe heute angefangen meine HDD nach folgendem Vorbild zu verschlüsseln. http://en.gentoo-wiki.com/wiki/DM-Crypt_with_LUKS
Nur ist es irgendwie komisch, dass das init-script nicht ausgeführt wird.
Ich habe das initramfs noch ein bisschen erweitert. Zum einen ist v86d(static) mit enthalten, ebenso mein splashscreen (powered_by_gentoo)
Am bessten ein mal hier die Übersicht über alle Dateien in dem initramfs
http://paste.pocoo.org/show/395099/
Das Verzeichnis habe ich dann später in den Kernel mit integriert. Jedoch ist auch ein Versuch fehlgeschlagen das initramfs selber zu bauen und dann mittels initrd aus der Grub zu laden. Es gab dabei jeweils das gleiche Ergebnis. Weiterhin möchte ich euch meine Kernelconfig nicht vorenthalten, webensowenig wie die grub.conf.
kernelconf
http://paste.pocoo.org/show/395097/
grub.conf
| Quote: | # This is a sample grub.conf for use with Genkernel, per the Gentoo handbook
# http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1&chap=10#doc_chap2
# If you are not using Genkernel and you need help creating this file, you
# should consult the handbook. Alternatively, consult the grub.conf.sample that
# is included with the Grub documentation.
default 0
timeout 5
splashimage=/boot/grub/powered_by_gentoo-splash.xpm.gz
title Gentoo Linux (2.6.36)
root (hd0,1)
kernel /boot/kernel/gentoo-2.6.36-r8 root=/dev/sda6 video=uvesafb:1280x800-32,ywrap,mtrr:3 splash=silent,kdgraphics,theme:powered_by_gentoo,tty:13 console=tty1 quiet ikey_root=gpg:/dev/sdc1:/rootkey.gpg ikmap=de-latin1-nodeadkeys.bin
title Windows 7 Professional
root (hd0,0)
makeactive
chainloader +1
# vim:ft=conf: |
Das init-Script sieht dann wie folgt aus:
http://paste.pocoo.org/show/395101/
Wenn ich nun mit dieser Konfiguration starte, dann wird mir der FBSplash angezeigt und ich sehe die Kernel Parameter. Eine weitere Ausgabe gibt es nicht. Wenn ich in der Kernel-Zeile von grub das Quiet raus nehme ist ebenso kein Fehler zu sehen. Dort sind die letzte Zeilen:
| Quote: | [ 0.674820] Console: switching to colour frame buffer device 160x50
[ 0.735345] fbcondecor: console 0 using theme 'powered_by_gentoo'
[ 0.766434] fbcondecor: switched decor state to 'on' on console 0 |
Also eigentlich scheint meiner Meinung nach alles laut den Meldungen in Ordnung zu sein. Nur kommt danach nichts mehr. Was nicht in Ordnung ist. Ich hoffe ihr könnt mir da helfen.
Last edited by die4me on Tue May 31, 2011 11:36 am; edited 1 time in total |
|
| Back to top |
|
 |
firefly
Watchman
Joined: 31 Oct 2002
Posts: 5329
|
| Posted: Thu May 26, 2011 6:32 am Post subject: |
|
|
Wie hast du das initramfs image erstellt? Ist es eine separate Datei oder fest im kernel integriert?
_________________
Ein Ring, sie zu knechten, sie alle zu finden,
Ins Dunkel zu treiben und ewig zu binden
Im Lande Mordor, wo die Schatten drohn. |
|
| Back to top |
|
|
Max Steel
Advocate
Joined: 12 Feb 2007
Posts: 2272
Location: My own world! I and Gentoo!
|
| Posted: Thu May 26, 2011 7:29 am Post subject: |
|
|
| firefly wrote: | | Wie hast du das initramfs image erstellt? Ist es eine separate Datei oder fest im kernel integriert? |
Schrieb er, er hat beides ausprobiert.
_________________
mfg
Steel
___________________
Heim-PC: AMD Ryzen 5950X, 64GB RAM, GTX 1080
Laptop: Intel Core i5-4300U, 16GB RAM, Intel Graphic
Arbeit-PC: Intel i5-1145G7, 16GB RAM, Intel Iris Xe Graphic (leider WSL2) |
|
| Back to top |
|
|
firefly
Watchman
Joined: 31 Oct 2002
Posts: 5329
|
| Posted: Thu May 26, 2011 9:36 am Post subject: |
|
|
| Max Steel wrote: | | firefly wrote: | | Wie hast du das initramfs image erstellt? Ist es eine separate Datei oder fest im kernel integriert? |
Schrieb er, er hat beides ausprobiert. |
stimmt überlesen.
@die4me : als du die initramfs als separate datei hattest, hattest du in der grub.conf eine initrd zeile drinnstehen?
_________________
Ein Ring, sie zu knechten, sie alle zu finden,
Ins Dunkel zu treiben und ewig zu binden
Im Lande Mordor, wo die Schatten drohn. |
|
| Back to top |
|
|
die4me
n00b
Joined: 26 Apr 2008
Posts: 17
Location: Woldegk
|
| Posted: Thu May 26, 2011 11:49 am Post subject: |
|
|
| firefly wrote: | | @die4me : als du die initramfs als separate datei hattest, hattest du in der grub.conf eine initrd zeile drinnstehen? |
Jo, das hatte ich. Ich habe mir nun mal ein kleines eigenes initramfs geschrieben. Auch mit gpg und so weiter und so fort. Dort sieht die Struktur ähnlich aus.
http://pastebin.com/1qCs2Pgi
Das init-Script ist dort klein und murkelig. Aber erst einmal um wieder ohne Livecd zu starten geht das.
| Code: | #!/bin/sh -x
rescue_active=0
parse_cmdl_args() {
local x
CMDLINE=`cat /proc/cmdline`
for param in ${CMDLINE}; do
case "${param}" in
rescue)
rescue_active=1
;;
ikmap=*)
keymap="`echo "${param}" | cut -d'=' -f2`"
;;
esac
done
}
load_keymap() {
if [ -n "${keymap}" ]; then
if [ -e "/etc/keymaps/${keymap}.bin" ]; then
loadkmap < "/etc/keymaps/${keymap}.bin"
else
die "Error: keymap "${keymap}" does not exist on /etc/keymaps"
fi
fi
}
main() {
export PATH=/bin:/sbin:/usr/bin:/usr/sbin
umask 0077
mount -t proc proc /proc -n
mount -t sysfs sysfs /sys -n
busybox --install -s
parse_cmdl_args
load_keymap
exec /bin/sh
}
main |
Dies kann ich auch in den Kernel, bzw beim Grub mit angeben, dort startet er immer hin.
Jedoch mag das große init-Script noch nicht.
Ich habe nun mal insgesamt durch geschaut was für befehle dort benötigt werden und habe diese mal alle zusammen gesucht. Ein teuil war schon mit gnupg kurios. Dieser brauchte (obwohl static) gpg-agent und pinentry. Nachdem ich dort lange probiert habe, hab ich mich dann entschlossen die 1.4.11er Version zu nehmen. Ich geb euch noch mal eine Übersicht.
http://pastebin.com/Wxmgqr3X
An dem langen init-Script hat sich jedoch nichts geändert. Aber ich bekomme ohne Splash und quiet nun einen Kernel-Panic.
| Quote: | | Kernel panic: no init found. Try passing init= option to kernel |
Bauen tue ich das initramfs mit:
| Quote: | # mount /boot
# cd /usr/src/initramfs/
# find . -print0 | cpio --null -ov --format=newc | gzip -9 > /boot/kernel/initramfs-gentoo-crypt.new
# touch /boot/kernel/initramfs-gentoo-crypt.new |
Die Grub sieht wie folgt aus.
| Quote: | # cat /boot/grub/grub.conf
# This is a sample grub.conf for use with Genkernel, per the Gentoo handbook
# http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1&chap=10#doc_chap2
# If you are not using Genkernel and you need help creating this file, you
# should consult the handbook. Alternatively, consult the grub.conf.sample that
# is included with the Grub documentation.
default 0
timeout 5
splashimage=/boot/grub/powered_by_gentoo-splash.xpm.gz
title Gentoo Linux (Rettung)
root (hd0,1)
kernel /boot/kernel/gentoo-2.6.36-r8 root=/dev/sda6 video=uvesafb:1280x800-32,ywrap,mtrr:3 rescue ikmap=de-latin1-nodeadkeys
initrd /boot/kernel/initramfs-gentoo-crypt
title Gentoo Linux (2.6.36)
root (hd0,1)
kernel /boot/kernel/gentoo-2.6.36-r8 root=/dev/sda6 video=uvesafb:1280x800-32,ywrap,mtrr:3 splash=verbose,kdgraphics,theme:powered_by_gentoo,tty:13 console=tty1 quiet ikey_root=gpg:/dev/sdc1:/rootkey.gpg ikmap=de-latin1-nodeadkeys
initrd /boot/kernel/initramfs-gentoo-crypt.new
title Windows 7 Professional
root (hd0,0)
makeactive
chainloader +1
# vim:ft=conf: |
Der erste Eintrag ist der wo das kleine init-Script drin ist und welches funktioniert. |
|
| Back to top |
|
|
die4me
n00b
Joined: 26 Apr 2008
Posts: 17
Location: Woldegk
|
| Posted: Tue May 31, 2011 11:35 am Post subject: [gelöst] fehlerhaftes init-Script |
|
|
Hey,
ich habe nun zwischenzeitlich das Problem gelöst. Es lag an dem init-Script. Dort gab es ein Fehler.
Die korrigierte Version stelle ich natürlich gerne zur Verfügung. Gleichzeitig sind noch ein paar kleine Änderungen eingeflossen. Bsp dass der Schlüssel auf einem RAM-Laufwerk ausgelagert werden kann. Somit kann ich dann ein weiteres Laufwerk mit dem gleichen Schlüssel via dm-crypt entschlüsseln. Dazu habe ich auch das dm-crypt-start.sh erweitert. Denn nach dem erfolgreichen entschlüsseln mache ich das RAM-Laufwerk wieder leer. Also, hier das init-Script:
| Code: | #!/bin/sh
# revision of 2011-05-22
#
# WARNING: USE AT YOUR OWN RISK!
#
# Arguments:
# init script supports the following:
# init specific:
# * iroot=<device|VG_name-LV_name> root device (required).
# * imtopt=[<ro,inode64,...>] mount options args for root e.g. something like:
# imtopt=barrier,inode64,logdev=/dev/<vg>/loga or imtopt=ro,inode64,barrier
# * ikmap=<kmap>[:<font>] Load kmap and font(optional).
# * rescue Drops you into a minimal shell
# * iswap=<type>:<device|vg_name-lv_name>[:swapfile signature]
# swap device (eg: file:sda2:0x4400).
# * iresume=<type>:<device|vg_name-lv_name>[:swapfile signature]
# * ichkpt=<n> Interrupts init and drops to shell.
# * ikey_root=<mode>:<device>:</path/to/file>
# * ikey_swap=<mode>:<device>:</path/to/file>
# * ikey_resume=<mode>:<device>:</path/to/key/file>
# * isqfsd=<y|n>,<y|n|a>,<dir 1>:<dir 2> Mount squashed (squashfs+aufs2) directories, see below for more info.
# * ilvm=<vgU-sdaZ:vgX-sdbY:vgX-sdcX>,<vgV-sdaX:vgU-sddX:vgU-sdbX>,<vgW-sdbZ:vgW-sdh>
#
# NOTE on ilvm args: Actually a PV in a group, respectively root, swap, resume is given by <mapping-sd<xy>,
# the mmapping being a mapping for cryptsetup, and sd<xy> being a block device without the `/dev/' prefix.
#
# == About mount options ==
# imtopt=<root mount options>
# Say, you have a rootfs=xfs|jsf|reiser|ext* and want to mount your root specific opts. In case of xfs, for exemple,
# just create your log LV on a different PV than what you're logging from.
#
# == About key files ==
# For partitions that are encrypted with a key, you must set 'ikey_root' and/or 'ikey_swap' properly,
# otherwise you'll be asked for a passphrase as fall back.
# This information is then used to obtain each key file from the specified removable media.
#
# <mode> - defines how the init script shall treat the supplied keyfile(see below).
# Supported modes:
# * gpg -> indicates keyfile is gpg-protected
# * ldk -> indicates keyfile is luks encrypted, via loop back device.
# * reg -> indicates keyfile is regular file
# * pwd -> indicates root is encrypted on regular passphrase, if no argumenti in ikey_root=, fallback will be luks+passwd.
# * none -> indicates root will be mounted on unencrypted fs, this argument should be explicitely set.
# <device> - the device that will be assigned to the removable media e.g. sda, sdb or the likes.
#
# NOTE on '/dev/' prefix: And there's no need to provide the '/dev/' prefix for root|swap|resume. In fact, if you do
# provide a '/dev/' prefix for any of those init args, processing those args may fail. cryptsetup_exec() check for that,
# and if there's not '/dev/' prefix, append it. This was done to limit the length of the init args.
#
# </path/to/file> - full path to file inside the removable media.
# </path/to/host/dev/key/file> - fulpathh to the host partition key file inside the the removable device.
# </path/to/swap|resume/file> - fulpath to the swap and/or resume file inside the host partition.
# <vgZYX-sdYX> - each device or partition of a given VG is given with <cryptsetup mapping>-<device|partition>.
# the mapping scheme is up to you, I decided not to use fixed mapping in the script,
# however you're free to modify the script to do so.
#
# == About squashed directories or rootfs ==
# You can use squashfs+aufs2 to 'squash' your root partition or preferably directories like usr/portage, var/lib/layamn,
# system related directories like usr lib{32,64} and bin/sbin. The benefit will be a really fast system.
#
# o isqfsd=n,y,/sqfsdir[,<dir 1>:<dir n>] - here you're using uv_sqfsd but not uv_sqfsdir, so you have to provide a sqfsdir,
# hence the required sqfsdir.
# o isqfsd=/sqfsdir,<dir 1>:<dir n> - you're not using neither uv_sqfsdir nor uv_sqfsd, so you can threw away the n,n.
# o isqfsd=y,y - of course using uv_sqfsd and uv_sqfsdir so no additional argument is riquired.
# o isqfsd=y,a,<dir 1>[:<dir n>] - same as above, however, <dir 1> is appended to sqfsd.
#
# The leading '/' slash is only required for [uv_]sqfsdir, else mounting squashed dirs will fail. But it's not for squashed dirs
# i.e. you provide the value like this: [uv_]sqfsdir=/sqfsd and [uv_]sqfsd=usr:opt:bin:sbin or isqfsd=/sqfsd,usr:opt or the likes.
#
# == Notes on keys ==
# o gpg encrypted key-file --> This mode doesn't work anymore or I can't get it working with gnupg-2.x or 1.4.x.
# I don't know what is happening but, the gpg fail to even ask for a password to begin with.
# I leave the very few lines if somebody can get it working.
# o ldk encrypted key-file --> will be passed to cryptsetup as /dev/mapper/<name of your key file> (key-file) after being decrypted
# via a loop back device+LUKS.
# Now, there's a warning `Warning: exhausting read requested, but key file is not a regular file,
# function might never return.' that I can't figure out the source after googling. However, decryption
# goes as expected, it seems. No issue atm.
# o regular key-file --> will be passed to cryptsetup as --key-file <file>.
# o pwd --> now, you can, because it's not a mandatory, you don't even have to put any ikey_root=*
# argument to be prompted for a password as a fallback, set ikey_root=pwd for... However...
# o none --> it should be explicitely appended to mount an unencrypted root partition.
# I added this mode for testing purpose for those, like me,
# who have a working system before encrypting root with LUKS.
#
# WARNING: Back up your data! else... you may lost a few of 'em.
#
# == Kernel parameters example ==
# o) Root--no key--unencrypted partion: iroot=sda3 ikey_root=none ikmap=es-cp850_i686.bin
# o) Root--key regular passphrase--plus fbsplash: iroot=sda3 ikey_root=pwd vga=0x318 \
# video=vesafb:mtrr,ywrap splash=verbose,theme:livecd-2006.0 quiet CONSOLE=/dev/tty1
# o) Root--regular keyfile on usb stick: iroot=sda3 ikey_root=reg:sdb1:/path/to/keyfile
# o) Root--gpg encrypted key on usb stick: iroot=sda3 ikey_root=gpg:sdb1:/path/to/file
# o) Swap and root--ldk encrypted keyfiles: iroot=sda3 iswap=swap[|file]:sda2[:sign] \
# ikey_root=ldk:sdb1:/path/to/rootkey ikey_swap=ldk:sdb1:/path/to/swapkey
# o) Regular swap--AND TuxOnIce resume on a different partion--regular passphrase:
# iswap=swap:sda2 iresume=swap:sda3:0x4400 ikey_swap=pwd ikey_resume=pwd
# o) Swap file--resuming from hibernation [from swap file]--ldk protected keyfile on usb stick:
# iswap=file:sda3:0x4400 iresume=toi[or any CHAR or WORD] ikey_swap=ldk:sdb1:/path/to/swapkey
#
# NOTE for ldk mode: now I use a single LUKS encrypted file to decrypt root, swapfile and then the host partion. You can use
# multiple LUKS encrypted keyfile if you want to, however, this will take some time. Now LVM2...
#
# o) Crypted LVs [root,swap] using LVM2--ldk crypted keyfile and--plus mount options for rootfs:
# iroot=vg0-lv1 iswap=file:vg1-lv0:0x4400 ilvm=vg0a1-sda1:vg0b2-sdb2,vg1c1-sdc1 ikey_root=ldk:sdg1:/path/to/keyfile
# ikey_swap=ldk:sdg1:/path/to/keyfile imtopt=logdev=/dev/vg1/lv1,inode64,barrier
#
# == Modules ==
# If you need to load modules, create the groups you need in /etc/modules/ (inside initramfs / ),
# each file should be a list of the modules, and each file name denotes the step in the init where
# they should be loaded.
# Supported groups:
# * boot - boot time modules loaded but not removed. If you squash some dirs, aufs module is required here.
# * tuxonice - tuxonice module, wich aren't removed if you don't comment in a line.
# * remdev - modules required to access removable device
# * gpg - modules required to access gpg protected file.
# * sqfsd - modules required for squashfs+aufs2, you can still build in squashfs modules in the kernel,
# it's not the same case with aufs2, which aren't removed, although you can comment in a line for that.
#
# o The modules should exist on /lib/modules/`uname -r`/ , like in your system.
# o Your kernel has to support module unloading for rmmod to work.
#
# BUGS/KNOWN ISSUES:
# (b0) fbsplash: when setting the splash mode from silent to verbose,
# verbose image is not painted and text is not visible.
# WORKAROUND: boot with verbose instead.
#
# (b1) I don't manage to get gnupg-2.x nor 1.4.x working... I'm not really sure if it's a bug or it's only related to gnupg.
# (b2) This rather a known issue: DO NOT SQUASH LIB64 with openrc-0.8 and baselayout2. If lib64 is squashed rc will behave... well,
# it seems fine, there's nothing wrong apparently, but normal users cannot log in. The thread in forum might be helpful, maybe.
# Nobody seems to care anyway.
#
# (ki0) The length of init arguments should be reduced. With kernel 2.6.38 the length is 512 caracters, with root, swap and resume file
# 250 caharacters or so remains. There's plenty of room.
# (ki1) The aforementionned warning with loop back encrypted key file.
# (ki2) When /newroot fails to be mounted, even if manually mounting usr [squashed dir], rc fails to start badly. I don't know what
# is happening since usr is not available and log are created. It's weird, because: 1st--sqfsdmount init script is effecient at that
# and it always worked on unencrypted rootfs, plus, looking at rc.log, I can't believe it fails to mount usr since aufs.ko is available;
# 2nd--manually mounting usr in the limited environement should do the tricks isn't it? it does not.
#
# ToDo:
# ? Done. However, if somebody want anything else... feel free to do it of course. And now I added LVM2. Done I'm saying.
#
# Contact:
# o) Bugs, critics, feedback, improvements --> reikinio at gmail dot com
# o) Flames --> /dev/null
#
# History: (y/m/d)
# ------------------
# 2011.05.20 - by the same ... now +LVM2+mnt opt for rootfs [something like logdev=/dev/<VG>/<LV> works!
# actually put this /dev/mapper/<VG-LV> insted as /dev<VGs> are not available in the limited environement]
# Major update/fix for swap[file]-resume. I did not test for swap dev [PV|LV] so... it should work... as a swap|resume-file.
# Gave up the idea for an encrypted swapfile, it's a bit complicated since all mounted fs shall be in ro mode.
# 2011.05.06 - by the same [some]body who...
# script clean up [over 30 lines less]; and fix for a major error [line 442-445] and a minor fix.
# 2011.05.05 - by somebody who wanted LUKS+AUFS2+SQUASHFS+ENCRYPTED KEY FILE and...
# hibernation to a swap file now and then. It seems, I'm the only one who's interested in...
# 2006.08.24 - Federico Zagarzazu
# Fix: call splash_setup() if fbsplash args exist
# 2006.08.06 - Federico Zagarzazu
# Released.
# 2006.08.06 - Federico Zagarzazu
# Fixed: /dev/device-mapper /dev/mapper/control issue
# otherwise it fails on my amd64 system
# 2006.08.04 - Federico Zagarzazu
# Bug fixes, several improvements.
# Test phase finished.
# 2006.06.20 - Federico Zagarzazu
# Written.
#
# Thanks to
# ---------------------------------------------------------------
# o Alon Bar-Lev [http://wiki.tuxonice.net/EncryptedSwapAndRoot]
# I stole ideas, general structure and entire functions from his init script.
# o nix
# o Andreas Steinmetz [kernel doc: power/swsusp-dmcrypt.txt]
# ---------------------------------------------------------------
# user defined variables
uv_init=/sbin/init # init to execute after switching to real root
uv_root_map=root # self descriptive
uv_check_env=1 # test if busybox applets exist
uv_sqfsdir=/sqfsd # squashed source dir related variable
uv_sqfsd=usr:opt:bin:sbin:lib32 # squashed dirs variable
# there's no particular swap mapping setted here, you'll have /dev/mapper/swap[|resume][file] for your swap[file]
# and /dev/mapper/swap[|resume]dev for the hosting partition, you can change 'em in do_swap_work function.
# default values(don't edit)
gv_splash_silent=0
gv_shell_checkpoint=0
gv_delay=0
# functions
die() {
local lv_msg="${1}"
umount -n /mnt/tok 2>/dev/null
[ ${gv_splash_silent} -eq 1 ] && splash_verbose
echo "${lv_msg}"
echo
echo "Dropping you into a minimal shell..."
exec /bin/sh
}
bin_exist() {
[ -e "/bin/${1}" ] || [ -e "/sbin/${1}" ] || [ -e "/usr/bin/${1}" ] || \
[ -e "/usr/sbin/${1}" ] || die "Error: ${2} ${1} not found."
}
check_busybox_applets() {
[ -e "/etc/applets" ] || die "Warning: Cannot check if BusyBox's applets exist(/etc/applets missing)" || \
for i in `cat /etc/applets`; do bin_exist ${i} "BusyBox applet"; done
}
rmmod_group() {
local lv_group="${1}" local lv_invert local lv_mod
[ -f "/etc/modules/${lv_group}" ] && {
for mod in `cat "/etc/modules/${lv_group}"`; do
invert="${lv_mod} ${lv_invert}"; done
for mod in ${lv_invert}; do
# There are some modules that cannot be unloaded
[ "${lv_mod}" != "unix" ] && rmmod "`echo "${lv_mod}" | sed 's/-/_/g'`"; done; }
}
modprobe_group() {
local lv_group="${1}" local lv_mod
[ -f "/etc/modules/${lv_group}" ] && {
for mod in `cat "/etc/modules/${lv_group}"`; do
modprobe "${lv_mod}" > /dev/null 2>&1
done; }
}
splash_command() {
local lv_cmd="${1}"
[ -f /var/run/fbsplashd.pid ] && echo "${lv_cmd}" > /lib64/splash/cache/.splash
}
splash_verbose() {
chvt 1
}
splash_silent() {
splash_command "set mode silent"
}
splash_message() {
local lv_msg="${1}"
splash_command "set message ${lv_msg}"
splash_command "repaint"
}
splash_setup() {
[ ${uv_check_env} ] || bin_exist "fbsplashd.static" "--"
[ -n "${gv_splash_console}" ] && exec < "${gv_splash_console}" > "${gv_splash_console}" 2>&1
[ -e /lib64/splash/cache ] || mkdir -p /lib64/splash/cache
# generate fifo like splash-functions.sh
rm -f /lib64/splash/cache/.splash
mkfifo /lib64/splash/cache/.splash
# splash_utils.static generates a segfault --> fbsplashd.static is right
[ -f /var/run/fbsplashd.pid ] || fbsplashd.static "--theme=${gv_splash_theme}" --pidfile=/var/run/fbsplashd.pid
}
splash_daemon_stop() {
[ -f /var/run/fbsplashd.pid ] && {
local gv_fb_pid="`cat /var/run/fbsplashd.pid`"
kill ${gv_fb_pid}
rm -f /var/run/fbsplashd.pid
}
}
shell_checkpoint() {
local lv_level=${1}
[ "${gv_shell_checkpoint}" -eq "${lv_level}" ] && { splash_verbose
echo "Checkpoint ${lv_level}"
exec /bin/sh; }
}
loopdev_setup() {
lv_ldev="`losetup -f`" || die "Error[L]: no loop dev available, create or append max_loop=<int> to the cmdline."
losetup ${lv_ldev} ${1} || die "Error[LF]: losetup failed."
echo ${lv_ldev}
}
do_loopdev_key() {
local lv_ldev="`loopdev_setup ${1}`"
gv_ldev="${gv_ldev} ${lv_ldev}"; gv_ldev_key="${gv_ldev_key} ${2}"
exec_cryptsetup "${lv_ldev}" "${2}" && gv_key_file=/dev/mapper/${2}
}
get_key() {
splash_message "Waiting for key-device... Press F2 for verbose mode."
local lv_mode="${1}" local lv_dev="${2}"
gv_filepath="${3}"
local lv_devname="`echo "${lv_dev}"|tr -d '0-9'`" # for use with /sys/block/
gv_filename="`basename ${gv_filepath}`"
modprobe_group remdev
[ -n "`mount|grep /mnt/tok`" ] || {
[ -b "/dev/${lv_dev}" ] || { echo "Insert removable device and press Enter."
splash_message "No key-device was found... Press F2 for verbose mode."
read local lv_d && echo "Please wait a few seconds...."
sleep 3
[ -b "/dev/${lv_dev}" ] || {
echo "${lv_dev} does not exist, input a valid dev name e.g. sdb1:"
read lv_dev && echo "Please wait a few seconds...."
sleep 3; }
[ -b "/dev/${lv_dev}" ] || die "Info[KD]: ${lv_dev} does not exist."; }
mount -n -o ro "/dev/${lv_dev}" /mnt/tok 2>/dev/null || die "Error[KFM]: failed to mount ${lv_dev}."
echo "Info: remdev mounted."
}
[ -f "/mnt/tok/${gv_filepath}" ] || die "Error[F]: ${gv_filepath} does not exist in ${lv_dev}."
case "${lv_mode}" in
gpg)
[ "$uv_check_env" -eq 1 ] && bin_exist "gpg" "--"
gv_key_file="/mnt/tok/${gv_filepath}"
gv_key_gpg=0;;
reg)
gv_key_file="/mnt/tok/${gv_filepath}"
gv_key_ldk=1;;
ldk)
[ -e "/dev/mapper/${gv_filename}" ] && gv_key_file=/dev/mapper/${gv_filename} || {
do_loopdev_key "/mnt/tok/${gv_filepath}" "${gv_filename}"; }
gv_key_ldk=0;;
*)
die "Error[K]: ${lv_mode} is not valid.";;
esac
}
test_key() {
if [ "${1}" = "ldk" ] || [ "${1}" = "gpg" ] || [ "${1}" = "reg" ]; then
[ -n "${2}" ] || die "Error: ikey_${4}: device field empty."
[ -n "${3}" ] || die "Error: ikey_${4}: filepath field empty."
get_key "${1}" "${2}" "${3}"; fi
}
close_cryptsetup() {
cryptsetup luksClose ${1} || cryptsetup remove ${1} || die "${2}"
}
exec_cryptsetup() { # 1 is device, 2 is mapping
local lv_arg1="create" local lv_arg2="${2}" local lv_arg3="${1}"
[ `echo ${1}|grep /dev/` ] || lv_arg3="/dev/${1}"
cryptsetup isLuks "${lv_arg3}" 2>/dev/null && lv_arg1="luksOpen" lv_arg2=${lv_arg3} lv_arg3="${2}"
[ ${gv_key_gpg} ] && { # Fixup gpg tty requirement
mv /dev/tty /dev/tty.org && cp -a /dev/console /dev/tty
# no -o /dev/null --> you have no input for the password
splash_message "Waiting for password... Press F2 for verbose mode."
if [ -e ${gv_store_key_dev} ]; then
gpg -q -d /mnt/tok/${gv_filepath} 2>/dev/null | \
cryptsetup "${lv_arg1}" "${lv_arg2}" "${lv_arg3}" 2>/dev/null
[ "$?" ] || die "Error[E0]: failed to decrypt ${1}."
else
mount "/dev/${gv_store_key_dev}" "/mnt/rd"
gpg -q -d /mnt/tok/${gv_filepath} 2>/dev/null | \
tee "/mnt/rd/${lv_arg3}.key" | \
cryptsetup "${lv_arg1}" "${lv_arg2}" "${lv_arg3}" 2>/dev/null
[ "$?" ] || die "Error[E0]: failed to decrypt ${1}."
umount "/dev/${gv_store_key_dev}"
unset gv_store_key_dev
fi
rm /dev/tty && mv /dev/tty.org /dev/tty
} || { [ ${gv_key_ldk} ] && {
cryptsetup "${lv_arg1}" "${lv_arg2}" "${lv_arg3}" -d "${gv_key_file}" >/dev/null
[ "$?" ] || [ -e "/dev/mapper/${lv_arg3}" ] || die "Error[E1]: failed to decrypt ${1}."
} || { cryptsetup "${lv_arg1}" "${lv_arg2}" "${lv_arg3}"
[ "$?" ] || die "Error[E2]: failed to decrypt ${1}."; }
}
gv_key_gpg= gv_key_ldk=
}
do_lvm_work() {
local lv_vg="`echo ${2}|cut -d'-' -f1`" local lv_lv="`echo ${2}|cut -d'-' -f2`"
lvchange -ay ${lv_vg}/${lv_lv} >/dev/null || {
local lv_pv="`echo ${1}|tr ':' ' '`"
for i in ${lv_pv}; do
local lv_lvm_map="`echo ${i}|cut -d'-' -f1`" local lv_lvm_dev="`echo ${i}|cut -d'-' -f2`"
exec_cryptsetup ${lv_lvm_dev} ${lv_lvm_map}; done
vgchange -ay ${lv_vg} >/dev/null || {
for i in ${lv_pv}; do
local lv_lvm_map="`echo ${i}|cut -d'-' -f1`" && close_cryptsetup "${lv_lvm_map}"; done
close_cryptsetup "${gv_filename}"
die "Error[VG]: failed to activate ${3}... encrypted PVs and KF closed."; }
}
[ -b "/dev/mapper/${2}" ] && lv_dev="/dev/mapper/${2}" || \
[ -b "/dev/${lv_vg}/${lv_lv}" ] && lv_dev="/dev/${lv_vg}/${lv_lv}" \
|| die "${3} VG and/or LV ${2} doesn't exist."
echo ${lv_dev}
}
do_sqfsd_work() {
[ -n "${sqfsdir}" ] || die "Error: uv_sqfsdir wasn't set and sqfsdir is empty."
[ -n "${sqfsd}" ] || die "Error: uv_sqfsd wasn't set and sqfsd is empty."
[ -d /newroot/"${sqfsdir}" ] || die "Error: sqfsdir=${sqfsdir} dir doesn't exist."
sqfsd="`echo "${sqfsd}"|tr ':' ' '`"
modprobe_group sqfsd
for s in ${sqfsd}; do
cd /newroot
[ -e .${sqfsdir}/${s}.sfs ] || die "${s}.sfs image doesn't exist."
mkdir -p .${sqfsdir}/${s}/{rw,ro}
mount -t squashfs .${sqfsdir}/${s}.sfs .${sqfsdir}/${s}/ro -o noatime,nodev,loop,ro 2>/dev/null
[ "$?" ] || die "Error: failed to mount squashed ${s} image."
mount -t aufs ${s} ./${s} -o udba=reval,br:.${sqfsdir}/${s}/rw:.${sqfsdir}/${s}/ro 2>/dev/null
[ "$?" ] || die "Error: failed to mount squashed ${s} aufs branch."
done
#rmmod_group sqfsd
}
do_root_work() {
local lv_kmod="`echo ${gv_key_root}|cut -d':' -f1`"
local lv_kdev="`echo ${gv_key_root}|cut -d':' -f2`"
local lv_kfpt="`echo ${gv_key_root}|cut -d':' -f3`"
gv_store_key_dev="`echo ${gv_key_root}|cut -d':' -f4`"
[ -e ${gv_store_key_dev} ] || {
mkfs.ext2 "/dev/${gv_store_key_dev}" > /dev/null
}
local ${lv_mtopt:=$gv_mtopt}
local ${lv_lvm:=`echo "${gv_lvm}"|cut -d',' -s -f1`}
[ -n "${lv_mtopt}" ] && local lv_mtopt="-o ${lv_mtopt}"
[ -n "${gv_root}" ] || die "Error: iroot=* args [dev|VG-LV] are missing."
[ "${lv_kmod}" != "none" ] && test_key "${lv_kmod}" "${lv_kdev}" "${lv_kfpt}" "root" && local lv_crypt=0
shell_checkpoint 4
echo "Partition: root"
splash_message "Decrypt root..."
if [ "${lv_crypt}" ]; then
if [ -n "${lv_lvm}" ]; then
echo $lv_lvm
local lv_dev="`do_lvm_work "${lv_lvm}" "${gv_root}" "root"`"
local lv_map="`basename ${lv_dev}`"
else exec_cryptsetup "${gv_root}" "${uv_root_map}"
local lv_dev=/dev/mapper/${uv_root_map} && local lv_map=${gv_root_map}
fi
mount ${lv_dev} /newroot ${lv_mtopt} 2>/dev/null
[ "$?" -eq 0 ] || { close_cryptsetup "${lv_map}"; close_cryptsetup ${gv_filename}
die "Error: mount root failed, dm-crypt mapping closed."; }
else echo "mounting unencrypted root"
mount /dev/${gv_root} /newroot ${lv_mtopt} 2>/dev/null
[ "$?" -eq 0 ] || die "Error: mount unencrypted root failed."
fi
# squashfs+aufs2 aka squashed dir
[ -n "${sqfsd}" ] && do_sqfsd_work
lv_lvm= lv_mtopt=
shell_checkpoint 5
}
do_swap_work() {
local lv_dev="`echo ${2}|cut -d':' -s -f2`"
local lv_type="`echo ${2}|cut -d':' -s -f1`"
local lv_sign="`echo ${2}|cut -d':' -s -f3`"
local lv_kmod="`echo ${3}|cut -d':' -s -f1`"
local lv_kdev="`echo ${3}|cut -d':' -s -f2`"
local lv_kfpt="`echo ${3}|cut -d':' -s -f3`"
[ -n "${lv_dev}" ] || die "Error: ${1} dev|VG-LV is missing."
[ -n "${lv_type}" ] || die "Error: ${1}-type [file,swap] is missing."
[ -n "${lv_sign}" ] && lv_sign=:$lv_sign
shell_checkpoint 2
echo "Partition: swap"
test_key "${lv_kmod}" "${lv_kdev}" "${lv_kfpt}" "${1}"
[ -n "${lv_lvm}" ] && gv_hdev=${lv_type}:"`do_lvm_work "${lv_lvm}" "${lv_dev}" "${1}"`"${lv_sign} || \
exec_cryptsetup "${lv_dev}" "${1}" && gv_hdev=${lv_type}:/dev/mapper/${1}${lv_sign}
lv_lvm=
shell_checkpoint 3
}
tuxonice_resume() {
[ ${gv_splash_silent} -eq 1 ] && splash_message "Resuming..."
splash_daemon_stop
[ -n "`echo ${gv_resume}|cut -d':' -s -f2`" ] && {
: local ${lv_lvm:=`echo "${gv_lvm}"|cut -d',' -f2`}
do_swap_work "resume" "${gv_resume}" "${gv_key_resume}"; }
modprobe_group tuxonice
echo $gv_hdev > /sys/power/tuxonice/resume
local lv_img="`cat /sys/power/tuxonice/image_exists | head -n 1`"
[ ${lv_img} -eq 1 ] || die "Error: no image exist at location pointed by iresume=" || { echo
echo "WARNING: there is no recognizable signature at location pointed by iresume="
echo -n "Do you want to proceed(type:yes)? "
read local lv_answer
[ "${lv_answer}" != "yes" ] && die "resume aborted by user"; }
[ -n "${gv_splash_theme}" ] && ln -sf "/etc/splash/${gv_splash_theme}" /etc/splash/tuxonice
[ -n "`which tuxoniceui_text`" ] && echo `which tuxoniceui_text` >/sys/power/tuxonice/user_interface/program
[ -z "`cat /sys/power/tuxonice/user_interface/program`" ] && \
echo `which tuxoniceui_fbsplash` >/sys/power/tuxonice/user_interface/program
mount -n -o remount,ro / 2>/dev/null
echo > /sys/power/tuxonice/do_resume
mount -n -o remount,rw / 2>/dev/null
rmmod_group tuxonice
die "Error: resume from hibernation failed."
}
do_switch() {
echo > /proc/sys/kernel/hotplug
[ "${gv_splash_silent}" -eq 1 ] && {
splash_silent
splash_message "Switching / ..."
}
echo "Switching / ..."
sleep 0.1
splash_daemon_stop
clear
/bin/umount -l /proc
/bin/umount -l /sys
/bin/umount -l /dev
shell_checkpoint 6
exec switch_root /newroot "${uv_init}"
}
print_msg() {
clear
echo
cat /etc/msg 2>/dev/null
echo
}
do_work() {
sleep "${gv_delay}s"
[ -n "${gv_kmap}" ] && [ -e "/etc/keymaps/${gv_kmap}.bin" ] && {
loadkmap < "/etc/keymaps/${gv_kmap}.bin" || die "Error: keymap $gv_kmap does not exist on /etc/keymaps"; }
[ -n "${gv_font}" ] && [ -e "/etc/fonts/${gv_font}.bin" ] && {
loadfont < "/etc/fonts/${gv_font}.bin" || die "Error: font $gv_font does not exist on /etc/fonts"; }
# [ "${gv_splash_silent}" -eq 1 ] && splash_verbose
print_msg
shell_checkpoint 1
modprobe_group gpg
modprobe_group remdev
[ -n "${gv_swap}" ] && {
local ${lv_lvm:=`echo "${gv_lvm}"|cut -d',' -s -f2`}
do_swap_work "swap" "${gv_swap}" "${gv_key_swap}"; }
[ -n "${gv_resume}" ] && tuxonice_resume
do_root_work
[ -e ${gv_ldev_key} ] || for lk in "${gv_ldev_key}"; do cryptsetup luksClose $lk; done
[ -e ${gv_ldev} ] || for ld in "${gv_ldev}"; do losetup -d $ld; done
rmmod_group gpg
umount -n -l /mnt/tok
rmmod_group remdev
do_switch
}
parse_cmdl_args() {
local y
CMDLINE=`cat /proc/cmdline`
for cmd in $CMDLINE; do
case "${cmd}" in
rescue)
gv_shell_checkpoint=1;;
isqfsd=*)
y="`echo "${cmd}"|cut -b8-`"
[ "`echo "${y}"|cut -d',' -f1`" = "y" ] && {
gv_sqfsdir=0 sqfsdir="${uv_sqfsdir}"; } || sqfsdir="`echo "${y}"|cut -d',' -f3`"
[ "`echo "${y}"|cut -d',' -f2`" = "y" ] && sqfsd="${uv_sqfsd}"
[ "`echo "${y}"|cut -d',' -f2`" = "a" ] && {
[ ${gv_sqfsdir} ] && sqfsd=${uv_sqfsd}:"`echo "${y}"|cut -d',' -s -f3`" || \
sqfsd=${uv_sqfsd}:"`echo "${y}"|cut -d',' -s -f4`"; }
[ -z "${sqfsdir}" ] && sqfsdir="`echo "${y}"|cut -d',' -s -f1`"
[ -z "${sqfsd}" ] && sqfsd="`echo "${y}"|cut -d',' -s -f2`";;
iroot=*)
gv_root="`echo "${cmd}"|cut -b7-`";;
ilvm=*)
gv_lvm="`echo "${cmd}"|cut -b6-`";;
imtopt=*)
gv_mtopt="`echo "${cmd}"|cut -b8-`";;
splash=*)
gv_splash_theme="`echo "${cmd}"|sed 's/.*theme://'|sed 's/,.*//'`"
[ -n "`echo ${cmd}|grep silent`" ] && gv_splash_silent=1;;
CONSOLE=*)
gv_splash_console="`echo "${cmd}"|cut -b9-`";;
iresume=*)
gv_resume="`echo "${cmd}"|cut -b9-`";;
ikmap=*)
gv_kmap="`echo "${cmd}"|cut -b7-|cut -d':' -f1`"
gv_font="`echo "${cmd}"|cut -d':' -s -f2`";;
ichkpt=*)
gv_shell_checkpoint=`echo "${cmd}"|cut -b8-`;;
iswap=*)
gv_swap="`echo "${cmd}"|cut -b7-`";;
ikey_root=*)
gv_key_root="`echo "${cmd}"|cut -b11-`";;
ikey_swap=*)
gv_key_swap="`echo "${cmd}"|cut -b11-`";;
ikey_resume=*)
gv_key_resume="`echo "${cmd}"|cut -b13`";;
idelay=*)
gv_delay="`echo "${cmd}"|cut -b8-`"
esac
done
}
main() {
export PATH=/sbin:/bin:/usr/bin:/usr/sbin
umask 0077
mkdir -p /proc && mkdir -p /tmp
mkdir -p /mnt/tok && mkdir -p /mnt/rd
mkdir -p /newroot && mkdir -p /var/run
/bin/mount -t proc proc /proc
[ $uv_check_env ] || check_busybox_applets
[ $uv_check_env ] || bin_exist "cryptsetup" "--"
/bin/mount -t sysfs sysfs /sys
# to disable kernel messages
echo 0 > /proc/sys/kernel/printk
parse_cmdl_args
modprobe_group boot
# populate /dev from /sys
/bin/mount -t tmpfs tmpfs /dev
/sbin/mdev -s
# handle hotplug events
echo /sbin/mdev > /proc/sys/kernel/hotplug
[ -n "${gv_splash_theme}" ] && splash_setup
# fix: /dev/device-mapper should be /dev/mapper/control
# otherwise it fails on my amd64 system(busybox v1.2.1), weird that it works
# on my laptop(i686, /dev/mapper/control gets created on luksOpen).
[ -e "/dev/mapper/control" ] || { # see: /proc/misc, /sys/class/misc/device-mapper/dev
mkdir -p /dev/mapper && mv /dev/device-mapper /dev/mapper/control
echo "device-mapper mapper/control issue fixed.." >> /.initlog
}
do_work
}
main
|
Meine Verzeichnisstruktur:
| Quote: | $ ls -lR /usr/src/initramfs/
/usr/src/initramfs/:
insgesamt 60
drwxr-xr-x 2 root root 4096 28. Mai 01:20 bin
drwxr-xr-x 5 root root 4096 28. Mai 01:08 dev
drwxr-xr-x 4 root root 4096 26. Mai 01:54 etc
-rwxr-xr-x 1 root root 29110 28. Mai 01:46 init
drwxr-xr-x 3 root root 4096 26. Mai 01:17 lib64
drwxr-xr-x 2 root root 4096 28. Mai 01:28 sbin
drwxr-xr-x 2 root root 4096 26. Mai 01:17 sys
drwxr-xr-x 4 root root 4096 26. Mai 03:30 usr
/usr/src/initramfs/bin:
insgesamt 2184
-rwxr-xr-x 1 root root 2234144 26. Mai 01:17 busybox
lrwxrwxrwx 1 root root 7 28. Mai 01:20 mount -> busybox
lrwxrwxrwx 1 root root 7 26. Mai 01:17 sh -> busybox
lrwxrwxrwx 1 root root 7 28. Mai 01:20 umount -> busybox
/usr/src/initramfs/dev:
insgesamt 12
crw------- 1 root root 5, 1 26. Mai 01:17 console
drwxr-xr-x 2 root root 4096 26. Mai 01:17 fb
crw------- 1 root root 1, 1 26. Mai 01:17 mem
drwxr-xr-x 2 root root 4096 26. Mai 01:17 misc
crw-r----- 1 root root 1, 3 26. Mai 01:17 null
crw-rw-rw- 1 root tty 5, 0 26. Mai 03:48 tty
crw-r--r-- 1 root root 4, 0 26. Mai 01:17 tty0
crw------- 1 root root 4, 1 26. Mai 01:17 tty1
crw-rw-rw- 1 root root 1, 9 27. Mai 18:12 urandom
drwxr-xr-x 2 root root 4096 26. Mai 01:17 vc
crw------- 1 root root 1, 5 26. Mai 01:17 zero
/usr/src/initramfs/dev/fb:
insgesamt 0
/usr/src/initramfs/dev/misc:
insgesamt 0
/usr/src/initramfs/dev/vc:
insgesamt 0
/usr/src/initramfs/etc:
insgesamt 12
drwxr-xr-x 2 root root 4096 26. Mai 01:54 keymaps
-rw-r--r-- 1 root root 678 27. Mai 23:58 msg
drwxr-xr-x 3 root root 4096 26. Mai 01:17 splash
/usr/src/initramfs/etc/keymaps:
insgesamt 4
-rw-r--r-- 1 root root 2823 26. Mai 01:17 de-latin1-nodeadkeys.bin
/usr/src/initramfs/etc/splash:
insgesamt 72
-rw-r--r-- 1 root root 66372 26. Mai 01:17 luxisri.ttf
drwxr-xr-x 3 root root 4096 26. Mai 01:17 powered_by_gentoo
/usr/src/initramfs/etc/splash/powered_by_gentoo:
insgesamt 8
-rwxr-xr-x 1 root root 634 26. Mai 01:17 1280x800.cfg
drwxr-xr-x 2 root root 4096 26. Mai 01:17 images
/usr/src/initramfs/etc/splash/powered_by_gentoo/images:
insgesamt 560
-rwxr-xr-x 1 root root 281445 26. Mai 01:17 silent_1280x800.jpg
-rw-r--r-- 1 root root 288086 26. Mai 01:17 verbose_1280x800.jpg
/usr/src/initramfs/lib64:
insgesamt 4
drwxr-xr-x 4 root root 4096 26. Mai 01:17 splash
/usr/src/initramfs/lib64/splash:
insgesamt 8
drwxr-xr-x 2 root root 4096 26. Mai 01:17 proc
drwxr-xr-x 2 root root 4096 26. Mai 01:17 sys
/usr/src/initramfs/lib64/splash/proc:
insgesamt 0
/usr/src/initramfs/lib64/splash/sys:
insgesamt 0
/usr/src/initramfs/sbin:
insgesamt 8416
-rwxr-xr-x 1 root root 1311576 26. Mai 01:17 cryptsetup
-rwxr-xr-x 1 root root 619624 28. Mai 01:28 fbcondecor_helper
-rwxr-xr-x 1 root root 2274040 24. Mär 01:09 fbsplashctl
lrwxrwxrwx 1 root root 11 25. Mai 16:59 fbsplashd.static -> fbsplashctl
lrwxrwxrwx 1 root root 10 26. Mai 11:30 lvchange -> lvm.static
-r-xr-xr-x 1 root root 1453976 26. Mai 11:29 lvm.static
lrwxrwxrwx 1 root root 14 28. Mai 01:23 mdev -> ../bin/busybox
-rwxr-xr-x 1 root root 2162096 26. Mai 11:40 tuxoniceui_fbsplash
-rwxr-xr-x 1 root root 668752 26. Mai 11:40 tuxoniceui_text
-rwxr-xr-x 1 root root 111224 26. Mai 01:17 v86d
lrwxrwxrwx 1 root root 10 26. Mai 11:30 vgchange -> lvm.static
/usr/src/initramfs/sys:
insgesamt 0
/usr/src/initramfs/usr:
insgesamt 8
drwxr-xr-x 2 root root 4096 28. Mai 01:09 bin
drwxr-xr-x 3 root root 4096 26. Mai 03:30 share
/usr/src/initramfs/usr/bin:
insgesamt 2224
-rwxr-xr-x 1 root root 2274563 26. Mai 03:22 gpg
/usr/src/initramfs/usr/share:
insgesamt 4
drwxr-xr-x 2 root root 4096 26. Mai 03:44 gnupg
/usr/src/initramfs/usr/share/gnupg:
insgesamt 12
-rw-r--r-- 1 root root 9335 26. Mai 10:52 options.skel |
Und der Patch für die dm-crypt-start.sh:
| Code: | $ cat ~/patches/dm-crypt-start.patch
--- /lib/rcscripts/addons/dm-crypt-start.sh.orig 2011-05-29 23:25:19.080444999 +0200
+++ /lib/rcscripts/addons/dm-crypt-start.sh 2011-05-29 23:25:55.112445002 +0200
@@ -180,6 +180,12 @@
umount -n ${mntrem} 2>/dev/null >/dev/null
rmdir ${mntrem} 2>/dev/null >/dev/null
fi
+
+ if [[ -n ${post_decrypt} ]] ; then
+ ebegin " Running post_decrypt commands for ${target}"
+ eval "${post_decrypt}" > /dev/null
+ fi
+
splash svc_input_end ${SVCNAME} >/dev/null 2>&1
if [[ ${ret} != 0 ]] ; then |
Zu sagen ist noch, dass ich erstens gpg in der Version 1.4 für das initrd nutze. Da es mir nicht möglich war gpg, gpg-agent und pinentry zum laufen zu bringen. Weiterhin habe ich den Autor des init-Scriptes schon kontaktiert und über die Fehler informiert. Jedoch habe ich noch keine Rückmeldung. Meine grub.conf sieht nun wie folgt aus.
| Quote: | # cat /boot/grub/grub.conf
# This is a sample grub.conf for use with Genkernel, per the Gentoo handbook
# http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1&chap=10#doc_chap2
# If you are not using Genkernel and you need help creating this file, you
# should consult the handbook. Alternatively, consult the grub.conf.sample that
# is included with the Grub documentation.
default 0
timeout 5
splashimage=/boot/grub/powered_by_gentoo-splash.xpm.gz
title Gentoo Linux
root (hd0,1)
kernel /boot/kernel/gentoo-2.6.36-r8 root=/dev/sda6 video=uvesafb:1280x800-32,ywrap,mtrr:3 splash=silent,fadein,theme:powered_by_gentoo,tty ramdisk_size=64 console=tty1 quiet ikey_root=gpg:sdc1:rootkey.gpg:ram0 ikmap=de-latin1-nodeadkeys iroot=sda6 idelay=1.2
title Windows 7 Professional
root (hd0,0)
makeactive
chainloader +1
# vim:ft=conf:
|
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Deutsches Forum (German)
