cryptsetup-generator.c revision 0fa9e53d12a64981e071e0adb24698f4735e2599
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
/***
This file is part of systemd.
Copyright 2010 Lennart Poettering
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <errno.h>
#include <string.h>
#include <unistd.h>
#include "dropin.h"
#include "fileio.h"
#include "generator.h"
#include "hashmap.h"
#include "log.h"
#include "mkdir.h"
#include "path-util.h"
#include "strv.h"
#include "unit-name.h"
#include "util.h"
typedef struct crypto_device {
char *uuid;
char *options;
bool create;
static const char *arg_dest = "/tmp";
static bool arg_enabled = true;
static bool arg_read_crypttab = true;
static bool arg_whitelist = false;
static char *arg_default_options = NULL;
static char *arg_default_keyfile = NULL;
const char *f = haystack;
size_t l;
if (!haystack)
return false;
f++;
continue;
}
if (f[l] != 0 && f[l] != ',') {
f++;
continue;
}
return true;
}
return false;
}
static int create_disk(
const char *name,
const char *device,
const char *password,
const char *options) {
char *from;
int r;
return -EINVAL;
}
e = unit_name_escape(name);
if (!e)
return log_oom();
if (!n)
return log_oom();
if (!p)
return log_oom();
if (!u)
return log_oom();
d = unit_name_from_path(u, ".device");
if (!d)
return log_oom();
f = fopen(p, "wxe");
if (!f)
"# Automatically generated by systemd-cryptsetup-generator\n\n"
"[Unit]\n"
"Description=Cryptography Setup for %I\n"
"Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)\n"
"DefaultDependencies=no\n"
"Conflicts=umount.target\n"
"BindsTo=dev-mapper-%i.device\n"
"IgnoreOnIsolate=true\n"
"After=cryptsetup-pre.target\n",
f);
if (!nofail)
fprintf(f,
"Before=cryptsetup.target\n");
if (password) {
fputs("After=systemd-random-seed.service\n", f);
_cleanup_free_ char *uu;
if (!uu)
return log_oom();
if (is_device_path(uu)) {
_cleanup_free_ char *dd;
if (!dd)
return log_oom();
} else
}
}
}
if (is_device_path(u))
fprintf(f,
"BindsTo=%s\n"
"After=%s\n"
"Before=umount.target\n",
d, d);
else
fprintf(f,
"RequiresMountsFor=%s\n",
u);
if (r < 0)
return r;
fprintf(f,
"\n[Service]\n"
"Type=oneshot\n"
"RemainAfterExit=yes\n"
"TimeoutSec=0\n" /* the binary handles timeouts anyway */
name);
if (tmp)
fprintf(f,
name);
if (swap)
fprintf(f,
name);
fflush(f);
if (ferror(f))
if (!noauto) {
if (!to)
return log_oom();
if (!nofail)
else
if (!to)
return log_oom();
}
if (!to)
return log_oom();
_cleanup_free_ char *dmname;
if (!dmname)
return log_oom();
"# Automatically generated by systemd-cryptsetup-generator \n\n"
"[Unit]\nJobTimeoutSec=0");
if (r < 0)
return log_error_errno(r, "Failed to write device drop-in: %m");
}
return 0;
}
static void free_arg_disks(void) {
crypto_device *d;
while ((d = hashmap_steal_first(arg_disks))) {
free(d);
}
}
int r;
crypto_device *d;
if (!d) {
if (!d)
return NULL;
d->create = false;
if (!d->uuid) {
free(d);
return NULL;
}
if (r < 0) {
free(d);
return NULL;
}
}
return d;
}
int r;
crypto_device *d;
r = parse_boolean(value);
if (r < 0)
else
arg_enabled = r;
r = parse_boolean(value);
if (r < 0)
else
arg_read_crypttab = r;
if (!d)
return log_oom();
d->create = arg_whitelist = true;
if (r == 2) {
d = get_crypto_device(uuid);
if (!d)
return log_oom();
d->options = uuid_value;
uuid_value = NULL;
return log_oom();
return log_oom();
}
return 0;
}
static int add_crypttab_devices(void) {
unsigned crypttab_line = 0;
if (!arg_read_crypttab)
return 0;
if (!f) {
return 0;
}
return 0;
}
/* If we readd support for specifying passphrases
* directly in crypttab we should upgrade the warning
* below, though possibly only if a passphrase is
* specified directly. */
for (;;) {
int r, k;
crypto_device *d = NULL;
break;
if (*l == '#' || *l == 0)
continue;
if (k < 2 || k > 4) {
continue;
}
if (!uuid)
if (!uuid)
if (uuid)
if (arg_whitelist && !d) {
log_info("Not creating device '%s' because it was not specified on the kernel command line.", name);
continue;
}
if (r < 0)
return r;
if (d)
d->create = false;
}
return 0;
}
static int add_proc_cmdline_devices(void) {
int r;
Iterator i;
crypto_device *d;
HASHMAP_FOREACH(d, arg_disks, i) {
const char *options;
if (!d->create)
continue;
if (!name)
return log_oom();
if (!device)
return log_oom();
if (d->options)
else if (arg_default_options)
else
options = "timeout=0";
if (r < 0)
return r;
}
return 0;
}
int r = EXIT_FAILURE;
log_error("This program takes three or no arguments.");
return EXIT_FAILURE;
}
if (argc > 1)
log_open();
umask(0022);
if (!arg_disks)
goto cleanup;
if (r < 0) {
log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
r = EXIT_FAILURE;
}
if (!arg_enabled) {
r = EXIT_SUCCESS;
goto cleanup;
}
if (add_crypttab_devices() < 0)
goto cleanup;
if (add_proc_cmdline_devices() < 0)
goto cleanup;
r = EXIT_SUCCESS;
return r;
}