diff options
| author | Aaron Ball <nullspoon@iohq.net> | 2016-11-03 08:37:18 -0600 |
|---|---|---|
| committer | Aaron Ball <nullspoon@iohq.net> | 2016-11-03 08:37:18 -0600 |
| commit | d82567d46d5df4e3fed100713caca944cccf3637 (patch) | |
| tree | 7f834327b1af8c6a50218cde31a0c56d28616518 /crypttab | |
| parent | af8d9ac4311ddffe6619c6ff557500a9297e91b4 (diff) | |
| download | crypttab-d82567d46d5df4e3fed100713caca944cccf3637.tar.gz crypttab-d82567d46d5df4e3fed100713caca944cccf3637.tar.xz | |
Shutdown tweaks, automated mount, and varibale cleanupv1.0
Since not all init processes allow for something like crypttab to be
executed before the mount command to mount filesystems in /etc/fstab,
added a mount -a command to ensure the crypted filesystems are mounted
on setup.
Added a process kill on stop to ensure the filesystems are freed to
unmount and decrypt before shutting down.
Renamed some ambiguous 'i' variables to 'entry' for clarification.
Diffstat (limited to 'crypttab')
| -rwxr-xr-x | crypttab | 24 |
1 files changed, 17 insertions, 7 deletions
@@ -20,18 +20,27 @@ function destroy_entries { fi # For each entry in crypttab - for i in "$(cat ${tab})"; do - name=$(echo ${i} | tr -s ' ' | cut -d ' ' -f 1) + for entry in "$(cat ${tab})"; do + local name=${entry%% *} # Unmount all mountpoins if mounted anywhere # Cryptsetup luksClose will repeatedly fail if the devices is mounted # anywhere, causing shutdowns to hang up. for i in "$(mount | grep /dev/mapper/${name})"; do - mntpoint=$(echo ${i} | tr -s ' ' | cut -d ' ' -f 3) + local mntpoint=$(echo ${i} | tr -s ' ' | cut -d ' ' -f 3) # Skip if empty [[ ${mntpoint} == '' ]] && continue echo "${name} mounted at ${mntpoint}. Unmounting" + + # Kill any running processes accessing mntpoint + for pid in $(lsof -t ${mntpoint}); do + pidstr=$(ps -f ${pid} | tail -n 1) + echo "Halting ${pid} ${pidstr##* }" + kill ${pid} + done + + # Unmount umount ${mntpoint} done @@ -72,10 +81,10 @@ function setup_entries { exit 1 fi - for i in "$(cat ${tab})"; do - name=$(echo ${i} | tr -s ' ' | cut -d ' ' -f 1) - dev=$(echo ${i} | tr -s ' ' | cut -d ' ' -f 2) - key=$(echo ${i} | tr -s ' ' | cut -d ' ' -f 3) + for entry in "$(cat ${tab})"; do + name=$(echo ${entry} | tr -s ' ' | cut -d ' ' -f 1) + dev=$(echo ${entry} | tr -s ' ' | cut -d ' ' -f 2) + key=$(echo ${entry} | tr -s ' ' | cut -d ' ' -f 3) echo "Decrypting ${dev} using key ${key}." echo "Plaintext device is at /dev/mapper/${name}" @@ -87,6 +96,7 @@ function setup_entries { case $1 in start) setup_entries + mount -a ;; stop) destroy_entries |