1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
28 #include "unit-name.h"
33 static const char *arg_dest = "/tmp";
34 static bool arg_enabled = true;
35 static bool arg_read_crypttab = true;
36 static char **arg_proc_cmdline_disks = NULL;
38 static bool has_option(const char *haystack, const char *needle) {
39 const char *f = haystack;
49 while ((f = strstr(f, needle))) {
51 if (f > haystack && f[-1] != ',') {
56 if (f[l] != 0 && f[l] != ',') {
67 static int create_disk(
71 const char *options) {
73 char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *from = NULL, *to = NULL, *e = NULL;
81 noauto = has_option(options, "noauto");
82 nofail = has_option(options, "nofail");
84 n = unit_name_from_path_instance("systemd-cryptsetup", name, ".service");
90 p = strjoin(arg_dest, "/", n, NULL);
96 u = fstab_node_to_udev_node(device);
102 d = unit_name_from_path(u, ".device");
111 log_error("Failed to create unit file %s: %m", p);
116 "# Automatically generated by systemd-cryptsetup-generator\n\n"
118 "Description=Cryptography Setup for %%I\n"
119 "Documentation=man:systemd-cryptsetup@.service(8) man:crypttab(5)\n"
120 "SourcePath=/etc/crypttab\n"
121 "Conflicts=umount.target\n"
122 "DefaultDependencies=no\n"
123 "BindsTo=%s dev-mapper-%%i.device\n"
124 "After=systemd-readahead-collect.service systemd-readahead-replay.service %s\n"
125 "Before=umount.target\n",
130 "Before=cryptsetup.target\n");
132 if (password && (streq(password, "/dev/urandom") ||
133 streq(password, "/dev/random") ||
134 streq(password, "/dev/hw_random")))
135 fputs("After=systemd-random-seed-load.service\n", f);
137 fputs("Before=local-fs.target\n", f);
142 "RemainAfterExit=yes\n"
143 "TimeoutSec=0\n" /* the binary handles timeouts anyway */
144 "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n"
145 "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n",
146 name, u, strempty(password), strempty(options),
149 if (has_option(options, "tmp"))
151 "ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n",
154 if (has_option(options, "swap"))
156 "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n",
163 log_error("Failed to write file %s: %m", p);
167 if (asprintf(&from, "../%s", n) < 0) {
174 to = strjoin(arg_dest, "/", d, ".wants/", n, NULL);
180 mkdir_parents_label(to, 0755);
181 if (symlink(from, to) < 0) {
182 log_error("Failed to create symlink '%s' to '%s': %m", from, to);
190 to = strjoin(arg_dest, "/cryptsetup.target.requires/", n, NULL);
192 to = strjoin(arg_dest, "/cryptsetup.target.wants/", n, NULL);
198 mkdir_parents_label(to, 0755);
199 if (symlink(from, to) < 0) {
200 log_error("Failed to create symlink '%s' to '%s': %m", from, to);
209 e = unit_name_escape(name);
210 to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL);
216 mkdir_parents_label(to, 0755);
217 if (symlink(from, to) < 0) {
218 log_error("Failed to create symlink '%s' to '%s': %m", from, to);
240 static int parse_proc_cmdline(void) {
241 char *line, *w, *state;
245 if (detect_container(NULL) > 0)
248 r = read_one_line_file("/proc/cmdline", &line);
250 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
254 FOREACH_WORD_QUOTED(w, l, line, state) {
257 word = strndup(w, l);
263 if (startswith(word, "luks=")) {
264 r = parse_boolean(word + 5);
266 log_warning("Failed to parse luks switch %s. Ignoring.", word + 5);
270 } else if (startswith(word, "rd.luks=")) {
273 r = parse_boolean(word + 8);
275 log_warning("Failed to parse luks switch %s. Ignoring.", word + 8);
280 } else if (startswith(word, "luks.crypttab=")) {
281 r = parse_boolean(word + 14);
283 log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 14);
285 arg_read_crypttab = r;
287 } else if (startswith(word, "rd.luks.crypttab=")) {
290 r = parse_boolean(word + 17);
292 log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 17);
294 arg_read_crypttab = r;
297 } else if (startswith(word, "luks.uuid=")) {
300 t = strv_append(arg_proc_cmdline_disks, word + 10);
305 strv_free(arg_proc_cmdline_disks);
306 arg_proc_cmdline_disks = t;
308 } else if (startswith(word, "rd.luks.uuid=")) {
313 t = strv_append(arg_proc_cmdline_disks, word + 13);
318 strv_free(arg_proc_cmdline_disks);
319 arg_proc_cmdline_disks = t;
322 } else if (startswith(word, "luks.") ||
323 (in_initrd() && startswith(word, "rd.luks."))) {
325 log_warning("Unknown kernel switch %s. Ignoring.", word);
338 int main(int argc, char *argv[]) {
340 int r = EXIT_SUCCESS;
344 if (argc > 1 && argc != 4) {
345 log_error("This program takes three or no arguments.");
352 log_set_target(LOG_TARGET_SAFE);
353 log_parse_environment();
358 if (parse_proc_cmdline() < 0)
366 STRV_FOREACH(i, arg_proc_cmdline_disks) {
370 if (startswith(p, "luks-"))
373 name = strappend("luks-", p);
374 device = strappend("UUID=", p);
376 if (!name || !device) {
384 if (create_disk(name, device, NULL, NULL) < 0)
391 if (!arg_read_crypttab)
394 f = fopen("/etc/crypttab", "re");
401 log_error("Failed to open /etc/crypttab: %m");
408 char line[LINE_MAX], *l;
409 char *name = NULL, *device = NULL, *password = NULL, *options = NULL;
412 if (!fgets(line, sizeof(line), f))
418 if (*l == '#' || *l == 0)
421 k = sscanf(l, "%ms %ms %ms %ms", &name, &device, &password, &options);
422 if (k < 2 || k > 4) {
423 log_error("Failed to parse /etc/crypttab:%u, ignoring.", n);
428 if (create_disk(name, device, password, options) < 0)
442 strv_free(arg_proc_cmdline_disks);