From c5758f20902b37e3232cd6a1b79f914155457ffd Mon Sep 17 00:00:00 2001

From: Leho Kraav <leho@kraav.com>

Date: Tue, 24 Jul 2012 15:08:52 +0300

Subject: [PATCH] 90crypt: enhance crypt-lib keydev mounting

Combining $keydev and $keypath should result in a unique, re-usable keydev

mountpoint. mkuniqdir doesn't seem to have any an advantage here and lacks

reusability. Is there ever a use case where these are true:

 * there are more than one rd.luks.key=$keypath:$keydev

 * one is actually different from the other

---

 modules.d/90crypt/crypt-lib.sh | 13 +++++++++++--

 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/modules.d/90crypt/crypt-lib.sh b/modules.d/90crypt/crypt-lib.sh

index 3aed84d..5f7567e 100755

--- a/modules.d/90crypt/crypt-lib.sh

+++ b/modules.d/90crypt/crypt-lib.sh

@@ -165,8 +165,15 @@ readkey() {

     local keydev="$2"

     local device="$3"

-    local mntp=$(mkuniqdir /mnt keydev)

-    mount -r "$keydev" "$mntp" || die 'Mounting rem. dev. failed!'

+    # This creates a unique single mountpoint for *, or several for explicitly

+    # given LUKS devices. It accomplishes unlocking multiple LUKS devices with

+    # a single password entry.

+    local mntp="/mnt/$(str_replace "keydev-$keydev-$keypath" '/' '-')"

+

+    if [ ! -d "$mntp" ]; then

+        mkdir "$mntp"

+        mount -r "$keydev" "$mntp" || die 'Mounting rem. dev. failed!'

+    fi

     case "${keypath##*.}" in

         gpg)

@@ -188,6 +195,8 @@ readkey() {

         *) cat "$mntp/$keypath" ;;

     esac

+    # General unmounting mechanism, modules doing custom cleanup should return earlier

+    # and install a pre-pivot cleanup hook

     umount "$mntp"

     rmdir "$mntp"

 }