1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
28 #include "unit-name.h"
33 static const char *arg_dest = "/tmp";
34 static bool arg_enabled = true;
35 static bool arg_read_crypttab = true;
36 static char **arg_proc_cmdline_disks = NULL;
38 static bool has_option(const char *haystack, const char *needle) {
39 const char *f = haystack;
49 while ((f = strstr(f, needle))) {
51 if (f > haystack && f[-1] != ',') {
56 if (f[l] != 0 && f[l] != ',') {
67 static int create_disk(
71 const char *options) {
73 char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *from = NULL, *to = NULL, *e = NULL;
81 noauto = has_option(options, "noauto");
82 nofail = has_option(options, "nofail");
84 n = unit_name_build_escape("cryptsetup", name, ".service");
87 log_error("Failed to allocate unit name.");
91 p = join(arg_dest, "/", n, NULL);
94 log_error("Failed to allocate unit file name.");
98 u = fstab_node_to_udev_node(device);
101 log_error("Failed to allocate device node.");
105 d = unit_name_from_path(u, ".device");
108 log_error("Failed to allocate device name.");
115 log_error("Failed to create unit file: %m");
120 "# Automatically generated by systemd-cryptsetup-generator\n\n"
122 "Description=Cryptography Setup for %%I\n"
123 "SourcePath=/etc/crypttab\n"
124 "Conflicts=umount.target\n"
125 "DefaultDependencies=no\n"
126 "BindTo=%s dev-mapper-%%i.device\n"
127 "After=systemd-readahead-collect.service systemd-readahead-replay.service %s\n"
128 "Before=umount.target\n",
133 "Before=cryptsetup.target\n");
135 if (password && (streq(password, "/dev/urandom") ||
136 streq(password, "/dev/random") ||
137 streq(password, "/dev/hw_random")))
138 fputs("After=systemd-random-seed-load.service\n", f);
140 fputs("Before=local-fs.target\n", f);
145 "RemainAfterExit=yes\n"
146 "TimeoutSec=0\n" /* the binary handles timeouts anyway */
147 "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n"
148 "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n",
149 name, u, strempty(password), strempty(options),
152 if (has_option(options, "tmp"))
154 "ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n",
157 if (has_option(options, "swap"))
159 "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n",
166 log_error("Failed to write file: %m");
170 if (asprintf(&from, "../%s", n) < 0) {
177 to = join(arg_dest, "/", d, ".wants/", n, NULL);
183 mkdir_parents_label(to, 0755);
184 if (symlink(from, to) < 0) {
185 log_error("Failed to create symlink '%s' to '%s': %m", from, to);
193 to = join(arg_dest, "/cryptsetup.target.requires/", n, NULL);
195 to = join(arg_dest, "/cryptsetup.target.wants/", n, NULL);
201 mkdir_parents_label(to, 0755);
202 if (symlink(from, to) < 0) {
203 log_error("Failed to create symlink '%s' to '%s': %m", from, to);
212 e = unit_name_escape(name);
213 to = join(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL);
219 mkdir_parents_label(to, 0755);
220 if (symlink(from, to) < 0) {
221 log_error("Failed to create symlink '%s' to '%s': %m", from, to);
243 static int parse_proc_cmdline(void) {
244 char *line, *w, *state;
248 if (detect_container(NULL) > 0)
251 r = read_one_line_file("/proc/cmdline", &line);
253 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
257 FOREACH_WORD_QUOTED(w, l, line, state) {
260 word = strndup(w, l);
266 if (startswith(word, "luks=")) {
267 r = parse_boolean(word + 5);
269 log_warning("Failed to parse luks switch %s. Ignoring.", word + 5);
273 } else if (startswith(word, "rd.luks=")) {
276 r = parse_boolean(word + 8);
278 log_warning("Failed to parse luks switch %s. Ignoring.", word + 8);
283 } else if (startswith(word, "luks.crypttab=")) {
284 r = parse_boolean(word + 14);
286 log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 14);
288 arg_read_crypttab = r;
290 } else if (startswith(word, "rd.luks.crypttab=")) {
293 r = parse_boolean(word + 17);
295 log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 17);
297 arg_read_crypttab = r;
300 } else if (startswith(word, "luks.uuid=")) {
303 t = strv_append(arg_proc_cmdline_disks, word + 10);
305 log_error("Out of memory");
309 strv_free(arg_proc_cmdline_disks);
310 arg_proc_cmdline_disks = t;
312 } else if (startswith(word, "rd.luks.uuid=")) {
317 t = strv_append(arg_proc_cmdline_disks, word + 13);
319 log_error("Out of memory");
323 strv_free(arg_proc_cmdline_disks);
324 arg_proc_cmdline_disks = t;
327 } else if (startswith(word, "luks.") ||
328 (in_initrd() && startswith(word, "rd.luks."))) {
330 log_warning("Unknown kernel switch %s. Ignoring.", word);
343 int main(int argc, char *argv[]) {
345 int r = EXIT_SUCCESS;
349 if (argc > 1 && argc != 4) {
350 log_error("This program takes three or no arguments.");
357 log_set_target(LOG_TARGET_SAFE);
358 log_parse_environment();
363 if (parse_proc_cmdline() < 0)
371 STRV_FOREACH(i, arg_proc_cmdline_disks) {
375 if (startswith(p, "luks-"))
378 name = strappend("luks-", *i);
379 device = strappend("UUID=", *i);
381 if (!name || !device) {
382 log_error("Out of memory");
389 if (create_disk(name, device, NULL, NULL) < 0)
396 if (!arg_read_crypttab)
399 f = fopen("/etc/crypttab", "re");
406 log_error("Failed to open /etc/crypttab: %m");
413 char line[LINE_MAX], *l;
414 char *name = NULL, *device = NULL, *password = NULL, *options = NULL;
417 if (!fgets(line, sizeof(line), f))
423 if (*l == '#' || *l == 0)
426 k = sscanf(l, "%ms %ms %ms %ms", &name, &device, &password, &options);
427 if (k < 2 || k > 4) {
428 log_error("Failed to parse /etc/crypttab:%u, ignoring.", n);
433 if (create_disk(name, device, password, options) < 0)
447 strv_free(arg_proc_cmdline_disks);