/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to dracut-module/cmdline-mandos.sh

  • Committer: Teddy Hogeborn
  • Date: 2014-03-06 02:26:04 UTC
  • Revision ID: teddy@recompile.se-20140306022604-4uc43taz25cflgi3
Bug fix: Free all memory and give better messages when memory is full.

* plugin-runner.c (add_to_char_array): Bug fix: If realloc fails, do
                                       not change old array pointer.
  (add_environment): Bug fix: If realloc fails, do not change old
                     environment pointer.  Also rename "e" to "envdef"
                     for clarity.
  (main): Bug fix: If realloc fails, do not change old pointers.  Also
          wrap "#pragma GCC" with "#ifdef ___GNUC___".
* plugins.d/mandos-client.c (incbuffer): Bug fix: if realloc fails,
                                         free old buffer.
  (run_network_hooks): Moved variables "directory" and "ret" to their
                       innermost possible scope.
  (take_down_interface): Moved variables "sd", "ret_errno", and
                         "ret_setflags" to their innermost possible
                         scope.
  (main): Removed variable "interfaces_hooks_size".  Also, if argz_add
          fails when adding all found interfaces, the error message
          will now be correct.  Also print error message if, after
          having taken up an interface, argz_add fails to add
          interface to list of interfaces to be taken down.
* plugins.d/mandos-client.xml (OPTIONS): Explain better what "none"
                                         means as argument to
                                         "--interface" by negating
                                         sense.
* plugins.d/password-prompt.c (fprintf_plus): Removed (unused).

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
#!/bin/sh
2
 
#
3
 
# This file should be present in the root file system directory
4
 
# /usr/lib/dracut/modules.d/90mandos.  When dracut creates the
5
 
# initramfs image, dracut will run the "module-setup.sh" file in the
6
 
# same directory, which (when *not* using the "systemd" dracut module)
7
 
# will copy this file ("cmdline-mandos.sh") into the initramfs as
8
 
# "/lib/dracut/hooks/cmdline/20-cmdline-mandos.sh".
9
 
10
 
# Despite the above #!/bin/sh line and the executable flag, this file
11
 
# is not executed; this file is sourced by the /init script in the
12
 
# initramfs image created by dracut.
13
 
 
14
 
if getargbool 1 mandos && [ -e /lib/dracut-crypt-lib.sh ]; then
15
 
    cat >> /lib/dracut-crypt-lib.sh <<- "EOF"
16
 
        ask_for_password(){
17
 
            local cmd; local prompt; local tries=3
18
 
            local ply_cmd; local ply_prompt; local ply_tries=3
19
 
            local tty_cmd; local tty_prompt; local tty_tries=3
20
 
            local ret
21
 
        
22
 
            while [ $# -gt 0 ]; do
23
 
                case "$1" in
24
 
                    --cmd) ply_cmd="$2"; tty_cmd="$2"; shift;;
25
 
                    --ply-cmd) ply_cmd="$2"; shift;;
26
 
                    --tty-cmd) tty_cmd="$2"; shift;;
27
 
                    --prompt) ply_prompt="$2"; tty_prompt="$2"; shift;;
28
 
                    --ply-prompt) ply_prompt="$2"; shift;;
29
 
                    --tty-prompt) tty_prompt="$2"; shift;;
30
 
                    --tries) ply_tries="$2"; tty_tries="$2"; shift;;
31
 
                    --ply-tries) ply_tries="$2"; shift;;
32
 
                    --tty-tries) tty_tries="$2"; shift;;
33
 
                    --tty-echo-off) tty_echo_off=yes;;
34
 
                    -*) :;;
35
 
                esac
36
 
                shift
37
 
            done
38
 
            if [ -z "$ply_cmd" ]; then
39
 
                ply_cmd="$tty_cmd"
40
 
            fi
41
 
            # Extract device and luksname from $ply_cmd
42
 
            set -- $ply_cmd
43
 
            shift
44
 
            for arg in "$@"; do
45
 
                case "$arg" in
46
 
                    -*) :;;
47
 
                    *)
48
 
                        if [ -z "$device" ]; then
49
 
                            device="$arg"
50
 
                        else
51
 
                            luksname="$arg"
52
 
                            break
53
 
                        fi
54
 
                        ;;
55
 
                esac
56
 
            done
57
 
            { flock -s 9;
58
 
              if [ -z "$ply_prompt" ]; then
59
 
                  if [ -z "$tty_prompt" ]; then
60
 
                      CRYPTTAB_SOURCE="$device" cryptsource="$device" CRYPTTAB_NAME="$luksname" crypttarget="$luksname" /lib/mandos/plugin-runner --config-file=/etc/mandos/plugin-runner.conf | $ply_cmd
61
 
                  else
62
 
                      CRYPTTAB_SOURCE="$device" cryptsource="$device" CRYPTTAB_NAME="$luksname" crypttarget="$luksname" /lib/mandos/plugin-runner --options-for=password-prompt:--prompt="${tty_prompt}" --config-file=/etc/mandos/plugin-runner.conf | $ply_cmd
63
 
                  fi
64
 
              else
65
 
                  if [ -z "$tty_prompt" ]; then
66
 
                      CRYPTTAB_SOURCE="$device" cryptsource="$device" CRYPTTAB_NAME="$luksname" crypttarget="$luksname" /lib/mandos/plugin-runner --options-for=plymouth:--prompt="${ply_prompt}" --config-file=/etc/mandos/plugin-runner.conf | $ply_cmd
67
 
                  else
68
 
                      CRYPTTAB_SOURCE="$device" cryptsource="$device" CRYPTTAB_NAME="$luksname" crypttarget="$luksname" /lib/mandos/plugin-runner --options-for=password-prompt:--prompt="${tty_prompt}" --options-for=plymouth:--prompt="${ply_prompt}" --config-file=/etc/mandos/plugin-runner.conf | $ply_cmd
69
 
                  fi
70
 
              fi
71
 
            } 9>/.console_lock
72
 
        }
73
 
        EOF
74
 
fi