libexec/rc/rc.d/geli

   1 #!/bin/sh
   2 #
   3 # Copyright (c) 2005 Pawel Jakub Dawidek <pjd@FreeBSD.org>
   4 # All rights reserved.
   5 #
   6 # Redistribution and use in source and binary forms, with or without
   7 # modification, are permitted provided that the following conditions
   8 # are met:
   9 # 1. Redistributions of source code must retain the above copyright
  10 #    notice, this list of conditions and the following disclaimer.
  11 # 2. Redistributions in binary form must reproduce the above copyright
  12 #    notice, this list of conditions and the following disclaimer in the
  13 #    documentation and/or other materials provided with the distribution.
  14 #
  15 # THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
  16 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  17 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  18 # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
  19 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  20 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  21 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  22 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  23 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  24 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  25 # SUCH DAMAGE.
  26 #
  27 # $FreeBSD$
  28 #
  29
  30 # PROVIDE: disks
  31 # KEYWORD: nojail
  32
  33 . /etc/rc.subr
  34
  35 name="geli"
  36 desc="GELI disk encryption"
  37 start_precmd='[ -n "$(geli_make_list)" -o -n "${geli_groups}" ]'
  38 start_cmd="geli_start"
  39 stop_cmd="geli_stop"
  40 required_modules="geom_eli:g_eli"
  41
  42 geli_start()
  43 {
  44         devices=`geli_make_list`
  45
  46         if [ -z "${geli_tries}" ]; then
  47                 if [ -n "${geli_attach_attempts}" ]; then
  48                         # Compatibility with rc.d/gbde.
  49                         geli_tries=${geli_attach_attempts}
  50                 else
  51                         geli_tries=`${SYSCTL_N} kern.geom.eli.tries`
  52                 fi
  53         fi
  54
  55         for provider in ${devices}; do
  56                 provider_=`ltr ${provider} '/-' '_'`
  57
  58                 eval "flags=\${geli_${provider_}_flags}"
  59                 if [ -z "${flags}" ]; then
  60                         flags=${geli_default_flags}
  61                 fi
  62                 if [ -e "/dev/${provider}" -a ! -e "/dev/${provider}.eli" ]; then
  63                         echo "Configuring Disk Encryption for ${provider}."
  64                         count=1
  65                         while [ ${count} -le ${geli_tries} ]; do
  66                                 geli attach ${flags} ${provider}
  67                                 if [ -e "/dev/${provider}.eli" ]; then
  68                                         break
  69                                 fi
  70                                 echo "Attach failed; attempt ${count} of ${geli_tries}."
  71                                 count=$((count+1))
  72                         done
  73                 fi
  74         done
  75
  76         for group in ${geli_groups}; do
  77                 group_=`ltr ${group} '/-' '_'`
  78
  79                 eval "flags=\${geli_${group_}_flags}"
  80                 if [ -z "${flags}" ]; then
  81                         flags=${geli_default_flags}
  82                 fi
  83
  84                 eval "providers=\${geli_${group_}_devices}"
  85                 if [ -z "${providers}" ]; then
  86                         echo "No devices listed in geli group ${group}."
  87                         continue
  88                 fi
  89
  90                 if [ -e "/dev/${providers%% *}" -a ! -e "/dev/${providers%% *}.eli" ]; then
  91                         echo "Configuring Disk Encryption for geli group ${group}, containing ${providers}."
  92                         count=1
  93                         while [ ${count} -le ${geli_tries} ]; do
  94                                 geli attach ${flags} ${providers}
  95                                 if [ -e "/dev/${providers%% *}.eli" ]; then
  96                                         break
  97                                 fi
  98                                 echo "Attach failed; attempt ${count} of ${geli_tries}."
  99                                 count=$((count+1))
 100                         done
 101                 fi
 102         done
 103 }
 104
 105 geli_stop()
 106 {
 107         devices=`geli_make_list`
 108
 109         for group in ${geli_groups}; do
 110                 group_=`ltr ${group} '/-' '_'`
 111
 112                 eval "providers=\${geli_${group_}_devices}"
 113
 114                 devices="${devices} ${providers}"
 115         done
 116
 117         for provider in ${devices}; do
 118                 if [ -e "/dev/${provider}.eli" ]; then
 119                         umount "/dev/${provider}.eli" 2>/dev/null
 120                         geli detach "${provider}"
 121                 fi
 122         done
 123 }
 124
 125 load_rc_config $name
 126 run_rc_command "$1"