etc/rc.d/gbde

   1 #!/bin/sh
   2 #
   3 # This file, originally written by Garrett A. Wollman, is in the public
   4 # domain.
   5 #
   6 # $FreeBSD$
   7 #
   8
   9 # PROVIDE: disks
  10 # KEYWORD: nojail
  11
  12 . /etc/rc.subr
  13
  14 name="gbde"
  15 desc="GEOM Based Disk Encryption"
  16 start_precmd="find_gbde_devices start"
  17 stop_precmd="find_gbde_devices stop"
  18 start_cmd="gbde_start"
  19 stop_cmd="gbde_stop"
  20
  21 find_gbde_devices()
  22 {
  23         case "${gbde_devices-auto}" in
  24         [Aa][Uu][Tt][Oo])
  25                 gbde_devices=""
  26                 ;;
  27         *)
  28                 return 0
  29                 ;;
  30         esac
  31
  32         case "$1" in
  33         start)
  34                 fstab="/etc/fstab"
  35                 ;;
  36         stop)
  37                 fstab=$(mktemp /tmp/mtab.XXXXXX)
  38                 mount -p >${fstab}
  39                 ;;
  40         esac
  41
  42         #
  43         # We can't use "mount -p | while ..." because when a shell loop
  44         # is the target of a pipe it executes in a subshell, and so can't
  45         # modify variables in the script.
  46         #
  47         while read device mountpt type options dump pass; do
  48                 case "$device" in
  49                 *.bde)
  50                         # Ignore swap devices
  51                         case "$type" in
  52                         swap)
  53                                 continue
  54                                 ;;
  55                         esac
  56
  57                         case "$options" in
  58                         *noauto*)
  59                                 if checkyesno gbde_autoattach_all; then
  60                                         gbde_devices="${gbde_devices} ${device}"
  61                                 fi
  62                                 ;;
  63                         *)
  64                                 gbde_devices="${gbde_devices} ${device}"
  65                                 ;;
  66                         esac
  67                         ;;
  68                 esac
  69         done <${fstab}
  70
  71         case "$1" in
  72         stop)
  73                 rm -f ${fstab}
  74                 ;;
  75         esac
  76
  77         return 0
  78 }
  79
  80 gbde_start()
  81 {
  82         for device in $gbde_devices; do
  83                 parent=${device%.bde}
  84                 parent=${parent#/dev/}
  85                 parent_=`ltr ${parent} '/' '_'`
  86                 eval "lock=\${gbde_lock_${parent_}-\"${gbde_lockdir}/${parent_}.lock\"}"
  87                 if [ -e "/dev/${parent}" -a ! -e "/dev/${parent}.bde" ]; then
  88                         echo "Configuring Disk Encryption for ${parent}."
  89
  90                         count=1
  91                         while [ ${count} -le ${gbde_attach_attempts} ]; do
  92                                 if [ -e "${lock}" ]; then
  93                                         gbde attach ${parent} -l ${lock}
  94                                 else
  95                                         gbde attach ${parent}
  96                                 fi
  97                                 if [ -e "/dev/${parent}.bde" ]; then
  98                                         break
  99                                 fi
 100                                 echo "Attach failed; attempt ${count} of ${gbde_attach_attempts}."
 101                                 count=$((${count} + 1))
 102                         done
 103                 fi
 104         done
 105 }
 106
 107 gbde_stop()
 108 {
 109         for device in $gbde_devices; do
 110                 parent=${device%.bde}
 111                 parent=${parent#/dev/}
 112                 if [ -e "/dev/${parent}.bde" ]; then
 113                         umount "/dev/${parent}.bde" 2>/dev/null
 114                         gbde detach "${parent}"
 115                 fi
 116         done
 117 }
 118
 119 load_rc_config $name
 120 run_rc_command "$1"