improved start/stop script

My script supports some new options in /etc/crypttab:

prescript="/some/script -with -options": A script that is run before
   anything is done to set up the decrypted device. The script is
   started with the source device appended (/some/script -with
   -option /dev/somedev).

postscript="/some/script -with -option": A script that is run after
   the decrypted device is brought up. The script is started with
   the decrypted device appended (/some/script -with -option
   /dev/mapper/decrypted). Great to run mkfs or mkswap on devices
   with a random key.

transient: Mount the device imediently after setting it up and unmout
   it again once the crypttab is processed completly, removing the
   decrypted blockdevice.

   Transient devices are meant to hold keys for other partitions.

mkswap option was removed as it is obsoleted by postscript.

Oh, the key field is executed if the file has the execute bit set. This way you can encrypt your keys with gpg or openssl (provided that
is already available when the script is run).

Finally you can do /etc/init.d/cryptodisks status to get the status of all drives defined in /etc/crypttab.

Is there interesst in those changes? Everything works for me;-)

How do I append the script here?

Please use the "Add Attachment" link to add the suggested fixes to this bug.

I mailed this version to pitti a while back. He said he'd look into getting this into dapper if he can approve of my changes.

The version you see here is different from what I described in my earlier report. Here is a description of the features:

* leaves "swap" option for compatibility reasons.

* adds "pre_setup" option: The script is run before the volume is setup. Useful to create files for loopback mounting, etc.

* adds "post_setup" option: Run after the volume is set up. Useful for mk*fs (i.e. randomly encrypted /tmp) or mkswap.

* adds "pre_teardown" option: Run before tearing down a device. For the extra paranoid: Blank the disk before throwing away the key, etc.

* adds "post_teardown" option: Run after teardown: Remove the files created in pre_setup;-)

* adds "force_down" option: Bring down the device no matter what!

* Handles LUKS volumes, files (via loopback).

* adds "status" action to the start/stop script.

All pre-/post programs are called with the dm device as first and the source as secound parameter.

Example usage:
# Unlock keyfile ("none" password forces interactive)
hdd_keys /etc/hdd_keys.loop none post_setup=/lib/cryptdisks/scripts/mount

# use keyfile: (no options)
swap /dev/sda2 /.hdd_keys/swap.key

# Lock keyfile again:
hdd_keys /etc/hdd_keys.loop none pre_setup=/lib/cryptdisks/scripts/umount,force_down

# Setup disks using random keys:
tmp /dev/mapper/lv-tmp_c /dev/urandom post_setup=/lib/cryptdisks/scripts/mkreiserfs

# Create a loopback file for storage of temporary data:
loop /tmp/file none pre_setup=/lib/cryptdisks/scripts/create,post_setup=/lib/cryptdisks/scripts/mkreiserfs,post_teardown=/lib/cryptdisks/scripts/rm_src

This version is slightly adapted to work on the new 2.6.15 kernel/udev changed dapper.

Thanks for the script. However, the diff against the current debian/cryptdisks file is huge and hardly leaves any common lines. Could you please try to merge them a bit more? Also, can you please send these updates to upstream?

Right now it looks as if this script is more or less a complete rewrite. Is that necessary (i. e. is the existing script really that bad)?

Yes, it is a rewrite. To avoid code duplication I had to move things around into functions. I did reuse most of the code, but since the indention changed diff does not pick up that fact;-)

I'll send this upstream, but I tried that before I filled this bug. So far I have not recieved a reply.

is this still relevant with the latest update (1.0.3-0ubuntu1)? Could you please attach a diff of your changes to the init script of this version?

A simple diff will not do, as the cryptsetup init-file from 1.0.03-0ubuntu1 is split up into several files.

I still prefer my version for the following reasons:

* the official one requires /usr to be mounted which is not garanteed to be mounted at the time the script is run. (/usr/share/cryptdisks/checks is mentioned in /etc/default/cryptsetup, dunno whether it is actually used)

* It does not autodetect LUKS devices (trivial to implement using cryptsetup isLuks, which is even used to sanitycheck when the luks option is given!).

* It does not support forcing devices to be brought down when the script is run with the start option. I find this really annoying as this makes the following usecase hard to do:
   * Have a partition set up and mounted with the init-script asking for a password for that partition.
   * Mount other partitions using keys found on the first one.
   * unmount the key-partition, destructing the device to make sure the keys are "safe" again.

* Finally the "swap", "tmp" etc. parameters have a hardcoded behaviour. I do want ext3 on my /tmp for example and need to patch up the script to archive that. Why not provide a hook scripts instead? Way more flexible.

Is there any chance to get changes to the current scripts that fix those shortcommings accepted?

Everything needed is not in /usr anymore with the new version... /lib/cryptsetup/checks for example so this is definitely fixed :)

For everything else I would prefer a diff against the current scripts and if they're sane and everything I'll upload it :)
Just attach a diff to this bugreport... and only make as much changes as required please :)

hunger?

Yes?

Could you create a diff against the latest version of the init scripts?

Oh, you want that for dapper? I assumed this will not make it anyway and wanted to provide it once the eft cycle has opened.

I can spend tuesday and wednesday night writing up a new version that integrates with what the current script does. It does not make sense to diff what I got with what is currently there. I'd prefer such a patch to get a more testing than is possible for dapper...

I would feel comftable with you using the script that is attached instead of what is currently in dapper (I am using that for several month now), but I do not trust a newly written patch to the current system.

No for dapper it's too late :)
But I would love to get a patch by you against what we have now in as soon as possible for edgy... so no need to spend your nights on this but it would be nice to have it in... say... 2-3 weeks :)

I looked into the new layout of the script today... It is impossible to incorporate my changes into it! I'll end up rewriting the whole thing. Is that OK?

I do not see any other option as I need to be able to start and stop single devices. That is necessary since I absolutely need the force_down option in my setup and I do not see how else to implement it.

force_down is used to force a device back into an unconfigured state during the start-up cycle. I use this to set up a device, mount it, grab the keys for the other devices from there and then force it down again. That ensures the keys are no longer accessible on the system.

That's ok... but I've merged a new version from Debian to edgy and they changed the init scripts a bit again... better take this version as base for your patch.

I am waiting for the upstart-changes to the disk-mounting stuff... this has not made it into any ubuntu distribution for so long that it should not matter much to wait somewhat longer.

The newest version fixes most issues my patch addressed (when abusing the check scripts;-).

Let's just close it.