diff options
Diffstat (limited to 'pcr/mkinitcpio-openswap')
-rw-r--r-- | pcr/mkinitcpio-openswap/LICENSE | 21 | ||||
-rw-r--r-- | pcr/mkinitcpio-openswap/PKGBUILD | 30 | ||||
-rw-r--r-- | pcr/mkinitcpio-openswap/openswap.conf | 17 | ||||
-rw-r--r-- | pcr/mkinitcpio-openswap/openswap.hook | 17 | ||||
-rw-r--r-- | pcr/mkinitcpio-openswap/openswap.install | 27 | ||||
-rw-r--r-- | pcr/mkinitcpio-openswap/usage.install | 9 |
6 files changed, 121 insertions, 0 deletions
diff --git a/pcr/mkinitcpio-openswap/LICENSE b/pcr/mkinitcpio-openswap/LICENSE new file mode 100644 index 000000000..870dd6420 --- /dev/null +++ b/pcr/mkinitcpio-openswap/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2016 Fabio Tea + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/pcr/mkinitcpio-openswap/PKGBUILD b/pcr/mkinitcpio-openswap/PKGBUILD new file mode 100644 index 000000000..fa71cff9d --- /dev/null +++ b/pcr/mkinitcpio-openswap/PKGBUILD @@ -0,0 +1,30 @@ +# Maintainer: David P. <megver83@parabola.nu> +# Contributor: Jenya Sovetkin <e.sovetkin@gmail.com> +# Contributor: https://aur.archlinux.org/account/f4bio + +pkgname=mkinitcpio-openswap +pkgver=0.1.0 +pkgrel=1 +pkgdesc="mkinitcpio hook to open swap at boot time" +arch=(any) +license=('unknown') +url="https://aur.archlinux.org/packages/mkinitcpio-openswap/" +depends=(mkinitcpio) +backup=('etc/openswap.conf') +install="usage.install" +source=('openswap.hook' + 'openswap.install' + 'openswap.conf') +sha256sums=('ec55cff2d8f71eae70535e706445edb41f416350245b7aa7b322581fd3b38bae' + '94dd98a953bab2244215a2b20767cdc9500fc438bed9ec27cae72a73766c6b86' + '3308f2679bb7c962d98adf2684d25390025d025e3d30bc1e773e3522311ad325') + + +package() { + install -Dm 644 openswap.hook \ + "${pkgdir}/usr/lib/initcpio/hooks/openswap" + install -Dm 644 openswap.install \ + "${pkgdir}/usr/lib/initcpio/install/openswap" + install -Dm 644 openswap.conf \ + "${pkgdir}/etc/openswap.conf" +} diff --git a/pcr/mkinitcpio-openswap/openswap.conf b/pcr/mkinitcpio-openswap/openswap.conf new file mode 100644 index 000000000..b7e92e0e0 --- /dev/null +++ b/pcr/mkinitcpio-openswap/openswap.conf @@ -0,0 +1,17 @@ +## cryptsetup open $swap_device $crypt_swap_name +## get uuid using e.g. lsblk -f +swap_device=/dev/disk/by-uuid/2788eb78-074d-4424-9f1d-ebffc9c37262 +crypt_swap_name=cryptswap + +## one can optionally provide a keyfile device and path on this device +## to the keyfile +keyfile_device=/dev/mapper/cryptroot +keyfile_filename=etc/keyfile-cryptswap + +## additional arguments are given to mount for keyfile_device +## has to start with --options (if so desired) +#keyfile_device_mount_options="--options=subvol=__active/__" + +## additional arguments are given to cryptsetup +## --allow-discards options is desired in case swap is on SSD partition +cryptsetup_options="--type luks" diff --git a/pcr/mkinitcpio-openswap/openswap.hook b/pcr/mkinitcpio-openswap/openswap.hook new file mode 100644 index 000000000..ead4c4f86 --- /dev/null +++ b/pcr/mkinitcpio-openswap/openswap.hook @@ -0,0 +1,17 @@ +run_hook () +{ + ## read openswap configurations + source openswap.conf + + if [ -z "$keyfile_device" ] || [ -z "$keyfile_filename" ] + then + ## case when no keyfile provided in configurations + cryptsetup open "$swap_device" "$crypt_swap_name" + else + ## case when keyfile is provided in configurations + mkdir openswap_keymount + mount $keyfile_device_mount_options "$keyfile_device" openswap_keymount + cryptsetup open $cryptsetup_options --key-file "openswap_keymount/$keyfile_filename" "$swap_device" "$crypt_swap_name" + umount openswap_keymount + fi +} diff --git a/pcr/mkinitcpio-openswap/openswap.install b/pcr/mkinitcpio-openswap/openswap.install new file mode 100644 index 000000000..95d59a3d6 --- /dev/null +++ b/pcr/mkinitcpio-openswap/openswap.install @@ -0,0 +1,27 @@ +build () +{ + grep "swap_device=" /etc/openswap.conf > "$BUILDROOT/openswap.conf" + grep "crypt_swap_name=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" + grep "keyfile_device=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" + grep "keyfile_filename=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" + grep "keyfile_device_mount_options=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" + grep "cryptsetup_options=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf" + + source "$BUILDROOT/openswap.conf" + + if [ -z "$swap_device" ]; then + warning "swap_device variable is not set" + fi + + if [ -z "$crypt_swap_name" ]; then + warning "crypt_swap_name variable is not set" + fi + + add_runscript +} +help () +{ +cat<<HELPEOF + This hook opens a swap at boot time +HELPEOF +} diff --git a/pcr/mkinitcpio-openswap/usage.install b/pcr/mkinitcpio-openswap/usage.install new file mode 100644 index 000000000..3610e9d28 --- /dev/null +++ b/pcr/mkinitcpio-openswap/usage.install @@ -0,0 +1,9 @@ +post_install() { + echo "" + echo "Alter /etc/openswap.conf file for your swap device name, keyfiles, etc..." + echo "" + echo "For more information see: https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#mkinitcpio_hook" + echo "" + echo "Don't forget to add the openswap hook after encrypt and before resume in your /etc/mkinitcpio.conf and run mkinitcpio -p linux..." + echo "" +} |