summaryrefslogtreecommitdiff
path: root/pcr/mkinitcpio-openswap
diff options
context:
space:
mode:
Diffstat (limited to 'pcr/mkinitcpio-openswap')
-rw-r--r--pcr/mkinitcpio-openswap/LICENSE21
-rw-r--r--pcr/mkinitcpio-openswap/PKGBUILD30
-rw-r--r--pcr/mkinitcpio-openswap/openswap.conf17
-rw-r--r--pcr/mkinitcpio-openswap/openswap.hook17
-rw-r--r--pcr/mkinitcpio-openswap/openswap.install27
-rw-r--r--pcr/mkinitcpio-openswap/usage.install9
6 files changed, 121 insertions, 0 deletions
diff --git a/pcr/mkinitcpio-openswap/LICENSE b/pcr/mkinitcpio-openswap/LICENSE
new file mode 100644
index 000000000..870dd6420
--- /dev/null
+++ b/pcr/mkinitcpio-openswap/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2016 Fabio Tea
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/pcr/mkinitcpio-openswap/PKGBUILD b/pcr/mkinitcpio-openswap/PKGBUILD
new file mode 100644
index 000000000..fa71cff9d
--- /dev/null
+++ b/pcr/mkinitcpio-openswap/PKGBUILD
@@ -0,0 +1,30 @@
+# Maintainer: David P. <megver83@parabola.nu>
+# Contributor: Jenya Sovetkin <e.sovetkin@gmail.com>
+# Contributor: https://aur.archlinux.org/account/f4bio
+
+pkgname=mkinitcpio-openswap
+pkgver=0.1.0
+pkgrel=1
+pkgdesc="mkinitcpio hook to open swap at boot time"
+arch=(any)
+license=('unknown')
+url="https://aur.archlinux.org/packages/mkinitcpio-openswap/"
+depends=(mkinitcpio)
+backup=('etc/openswap.conf')
+install="usage.install"
+source=('openswap.hook'
+ 'openswap.install'
+ 'openswap.conf')
+sha256sums=('ec55cff2d8f71eae70535e706445edb41f416350245b7aa7b322581fd3b38bae'
+ '94dd98a953bab2244215a2b20767cdc9500fc438bed9ec27cae72a73766c6b86'
+ '3308f2679bb7c962d98adf2684d25390025d025e3d30bc1e773e3522311ad325')
+
+
+package() {
+ install -Dm 644 openswap.hook \
+ "${pkgdir}/usr/lib/initcpio/hooks/openswap"
+ install -Dm 644 openswap.install \
+ "${pkgdir}/usr/lib/initcpio/install/openswap"
+ install -Dm 644 openswap.conf \
+ "${pkgdir}/etc/openswap.conf"
+}
diff --git a/pcr/mkinitcpio-openswap/openswap.conf b/pcr/mkinitcpio-openswap/openswap.conf
new file mode 100644
index 000000000..b7e92e0e0
--- /dev/null
+++ b/pcr/mkinitcpio-openswap/openswap.conf
@@ -0,0 +1,17 @@
+## cryptsetup open $swap_device $crypt_swap_name
+## get uuid using e.g. lsblk -f
+swap_device=/dev/disk/by-uuid/2788eb78-074d-4424-9f1d-ebffc9c37262
+crypt_swap_name=cryptswap
+
+## one can optionally provide a keyfile device and path on this device
+## to the keyfile
+keyfile_device=/dev/mapper/cryptroot
+keyfile_filename=etc/keyfile-cryptswap
+
+## additional arguments are given to mount for keyfile_device
+## has to start with --options (if so desired)
+#keyfile_device_mount_options="--options=subvol=__active/__"
+
+## additional arguments are given to cryptsetup
+## --allow-discards options is desired in case swap is on SSD partition
+cryptsetup_options="--type luks"
diff --git a/pcr/mkinitcpio-openswap/openswap.hook b/pcr/mkinitcpio-openswap/openswap.hook
new file mode 100644
index 000000000..ead4c4f86
--- /dev/null
+++ b/pcr/mkinitcpio-openswap/openswap.hook
@@ -0,0 +1,17 @@
+run_hook ()
+{
+ ## read openswap configurations
+ source openswap.conf
+
+ if [ -z "$keyfile_device" ] || [ -z "$keyfile_filename" ]
+ then
+ ## case when no keyfile provided in configurations
+ cryptsetup open "$swap_device" "$crypt_swap_name"
+ else
+ ## case when keyfile is provided in configurations
+ mkdir openswap_keymount
+ mount $keyfile_device_mount_options "$keyfile_device" openswap_keymount
+ cryptsetup open $cryptsetup_options --key-file "openswap_keymount/$keyfile_filename" "$swap_device" "$crypt_swap_name"
+ umount openswap_keymount
+ fi
+}
diff --git a/pcr/mkinitcpio-openswap/openswap.install b/pcr/mkinitcpio-openswap/openswap.install
new file mode 100644
index 000000000..95d59a3d6
--- /dev/null
+++ b/pcr/mkinitcpio-openswap/openswap.install
@@ -0,0 +1,27 @@
+build ()
+{
+ grep "swap_device=" /etc/openswap.conf > "$BUILDROOT/openswap.conf"
+ grep "crypt_swap_name=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
+ grep "keyfile_device=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
+ grep "keyfile_filename=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
+ grep "keyfile_device_mount_options=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
+ grep "cryptsetup_options=" /etc/openswap.conf >> "$BUILDROOT/openswap.conf"
+
+ source "$BUILDROOT/openswap.conf"
+
+ if [ -z "$swap_device" ]; then
+ warning "swap_device variable is not set"
+ fi
+
+ if [ -z "$crypt_swap_name" ]; then
+ warning "crypt_swap_name variable is not set"
+ fi
+
+ add_runscript
+}
+help ()
+{
+cat<<HELPEOF
+ This hook opens a swap at boot time
+HELPEOF
+}
diff --git a/pcr/mkinitcpio-openswap/usage.install b/pcr/mkinitcpio-openswap/usage.install
new file mode 100644
index 000000000..3610e9d28
--- /dev/null
+++ b/pcr/mkinitcpio-openswap/usage.install
@@ -0,0 +1,9 @@
+post_install() {
+ echo ""
+ echo "Alter /etc/openswap.conf file for your swap device name, keyfiles, etc..."
+ echo ""
+ echo "For more information see: https://wiki.archlinux.org/index.php/Dm-crypt/Swap_encryption#mkinitcpio_hook"
+ echo ""
+ echo "Don't forget to add the openswap hook after encrypt and before resume in your /etc/mkinitcpio.conf and run mkinitcpio -p linux..."
+ echo ""
+}