57 lines
1.1 KiB
Bash
Executable File
57 lines
1.1 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
. /lib/partman/lib/crypto-base.sh
|
|
|
|
# 1. Check if active encrypted devices exist
|
|
crypto=no
|
|
for dev in $DEVICES/*; do
|
|
[ -d "$dev" ] || continue
|
|
cd $dev
|
|
if [ -f crypt_realdev ]; then
|
|
crypto=yes
|
|
break
|
|
fi
|
|
done
|
|
|
|
if [ $crypto = no ]; then
|
|
exit 0
|
|
fi
|
|
|
|
# 2. Check if unencrypted swap has been configured
|
|
for dev in $DEVICES/*; do
|
|
[ -d "$dev" ] || continue
|
|
cd $dev
|
|
|
|
# Accept swap on crypto
|
|
[ -f crypt_realdev ] && continue
|
|
|
|
device=$(cat $dev/device)
|
|
|
|
# Accept e.g. swap on lvm on crypto
|
|
if echo $device | grep -q "^/dev/mapper/"; then
|
|
if dm_is_safe "$device"; then
|
|
continue
|
|
fi
|
|
fi
|
|
|
|
partitions=
|
|
open_dialog PARTITIONS
|
|
while { read_line num id size type fs path name; [ "$id" ]; }; do
|
|
[ "$fs" != free ] || continue
|
|
partitions="$partitions $id"
|
|
done
|
|
close_dialog
|
|
|
|
for id in $partitions; do
|
|
[ -f $id/method ] || continue
|
|
method=$(cat $id/method)
|
|
if [ "$method" = swap ]; then
|
|
# Unsafe swap! Abort commit
|
|
db_fset partman-crypto/unsafe_swap seen false
|
|
db_input critical partman-crypto/unsafe_swap
|
|
db_go || true
|
|
exit 1
|
|
fi
|
|
done
|
|
done
|