[fstab] Write configurable options to crypttab (default: luks).
fstab.conf: Add a new "crypttabOptions" option that defaults to "luks".
Document that for Debian and Debian-based distributions, the
setting should be changed to "luks,keyscript=/bin/cat".
main.py: Append the options from the above setting to the end of every
line in crypttab.
At least the "luks" option should always be there, because there may be
different encryption types. The Debian initramfs-tools also require the
Debian-specific keyscript option and will otherwise ignore the keyfile
entirely (see pull request #254).
This commit is contained in:
Kevin Kofler
Philip
parent
fce053439c
commit
9a5221bbd8
@ -8,3 +8,6 @@ ssdExtraMountOptions:
|
|||||||
xfs: discard
|
xfs: discard
|
||||||
swap: discard
|
swap: discard
|
||||||
btrfs: discard,compress=lzo
|
btrfs: discard,compress=lzo
|
||||||
|
crypttabOptions: luks
|
||||||
|
# For Debian and Debian-based distributions, change the above line to:
|
||||||
|
# crypttabOptions: luks,keyscript=/bin/cat
|
||||||
|
|||||||
@ -102,11 +102,13 @@ class FstabGenerator(object):
|
|||||||
:param mount_options:
|
:param mount_options:
|
||||||
:param ssd_extra_mount_options:
|
:param ssd_extra_mount_options:
|
||||||
"""
|
"""
|
||||||
def __init__(self, partitions, root_mount_point, mount_options, ssd_extra_mount_options):
|
def __init__(self, partitions, root_mount_point, mount_options,
|
||||||
|
ssd_extra_mount_options, crypttab_options):
|
||||||
self.partitions = partitions
|
self.partitions = partitions
|
||||||
self.root_mount_point = root_mount_point
|
self.root_mount_point = root_mount_point
|
||||||
self.mount_options = mount_options
|
self.mount_options = mount_options
|
||||||
self.ssd_extra_mount_options = ssd_extra_mount_options
|
self.ssd_extra_mount_options = ssd_extra_mount_options
|
||||||
|
self.crypttab_options = crypttab_options
|
||||||
self.ssd_disks = set()
|
self.ssd_disks = set()
|
||||||
self.root_is_ssd = False
|
self.root_is_ssd = False
|
||||||
|
|
||||||
@ -156,14 +158,16 @@ class FstabGenerator(object):
|
|||||||
name=mapper_name,
|
name=mapper_name,
|
||||||
device="UUID=" + luks_uuid,
|
device="UUID=" + luks_uuid,
|
||||||
password="/crypto_keyfile.bin",
|
password="/crypto_keyfile.bin",
|
||||||
|
options=self.crypttab_options,
|
||||||
)
|
)
|
||||||
|
|
||||||
def print_crypttab_line(self, dct, file=None):
|
def print_crypttab_line(self, dct, file=None):
|
||||||
""" Prints line to '/etc/crypttab' file. """
|
""" Prints line to '/etc/crypttab' file. """
|
||||||
line = "{:21} {:<45} {}".format(dct["name"],
|
line = "{:21} {:<45} {} {}".format(dct["name"],
|
||||||
dct["device"],
|
dct["device"],
|
||||||
dct["password"],
|
dct["password"],
|
||||||
)
|
dct["options"],
|
||||||
|
)
|
||||||
|
|
||||||
print(line, file=file)
|
print(line, file=file)
|
||||||
|
|
||||||
@ -255,9 +259,11 @@ def run():
|
|||||||
root_mount_point = global_storage.value("rootMountPoint")
|
root_mount_point = global_storage.value("rootMountPoint")
|
||||||
mount_options = conf["mountOptions"]
|
mount_options = conf["mountOptions"]
|
||||||
ssd_extra_mount_options = conf.get("ssdExtraMountOptions", {})
|
ssd_extra_mount_options = conf.get("ssdExtraMountOptions", {})
|
||||||
|
crypttab_options = conf.get("crypttabOptions", "luks")
|
||||||
generator = FstabGenerator(partitions,
|
generator = FstabGenerator(partitions,
|
||||||
root_mount_point,
|
root_mount_point,
|
||||||
mount_options,
|
mount_options,
|
||||||
ssd_extra_mount_options)
|
ssd_extra_mount_options,
|
||||||
|
crypttab_options)
|
||||||
|
|
||||||
return generator.run()
|
return generator.run()
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user