Merge branch 'cryptroot-support'v1.1-rc6

3 files changed, 121 insertions, 65 deletions

diff --git a/README b/README
deleted file mode 100644
index 59daa39..0000000
--- a/README
+++ /dev/null
@@ -1,65 +0,0 @@
-README
-======
-
-Description
------------
-
-Mkinitramfs is a shell script that will generate a cpio init ram filesystem.
-
-The script itself simply checks for minimum required kernel capabilities,
-recursively copies in useful applications and their library dependencies
-(using ldd), and uses cpio to generate an init ram filesystem.
-
-Note that this also includes an init script used for booting from the initrd
-image, into the actual system. It includes support for dm-crypt encrypted root
-volumes, as well as providing simple debugging capabilities.
-
-
-Usage
------
-
-The script, mkinitramfs, creates a new init ram filesystem.
-
-To use it, simply execute it, with the version of the kernel specified, and it
-will create the initrd file, written to /boot/initrd-${version}. A
-corresponding /boot/vmlinuz-${version} and /boot/System.map-${version} is
-required. This version format is recognized by grub, so grub-mkconfig will
-detect these files.
-
-NOTE: This will overwrite the /boot/initrd-${version} file if it exists. If
-you have something there that you want to keep, be sure to back it up before
-running mkinitramfs.
-
-
-Init Arguments
---------------
-
-root
-~~~~
-*values*:
-- root=/dev/sda3
-- root=UUID=92b74fd7-6e4f-4a52-ad40-fac874410ca3
-- root=LABEL=system
-
-Path to the root device. Supports a dev path, LABEL, and UUID values.
-
-
-initdebug
-~~~~~~~~~
-*values*: NA
-
-Enables step-by-step boot mode. Each step requires the user to hit the return
-key. Note that enabling this will probably make the boot process go very
-slowly as it requires a user response for every step.
-
-
-interractive
-~~~~~~~~~~~~
-
-Drops the user into an interractive shell, but before performing the first
-mount operation, which is where most problems start to occur. This can be
-useful for implementing new features in the init script, debugging problems,
-checking the environment, etc.
-
-
-// vim: set syntax=asciidoc:
diff --git a/README.adoc b/README.adoc
new file mode 100644
index 0000000..8ea66e3
--- /dev/null
+++ b/README.adoc
@@ -0,0 +1,101 @@
+README
+======
+
+Description
+-----------
+
+Mkinitramfs is a shell script that will generate a cpio init ram filesystem.
+
+The script itself simply checks for minimum required kernel capabilities,
+recursively copies in useful applications and their library dependencies (using
+ldd), and uses cpio to generate an init ram filesystem.
+
+Note that this also includes an init script used for booting from the initrd
+image, into the actual system. It includes support for dm-crypt encrypted root
+volumes, as well as providing simple debugging capabilities.
+
+
+Usage
+-----
+
+The script, mkinitramfs, creates a new init ram filesystem.
+
+To use it, simply execute it, with the version of the kernel specified, and it
+will create the initrd file, written to /boot/initrd-${version}. A
+corresponding /boot/vmlinuz-${version} and /boot/System.map-${version} is
+required. This version format is recognized by grub, so grub-mkconfig will
+detect these files.
+
+NOTE: This will overwrite the /boot/initrd-${version} file if it exists. If
+you have something there that you want to keep, be sure to back it up before
+running mkinitramfs.
+
+
+Init Arguments
+--------------
+
+root
+~~~~
+* *required*: yes
+* *examples*:
+** root=/dev/sda3
+** root=UUID=92b74fd7-6e4f-4a52-ad40-fac874410ca3
+** root=LABEL=system
+
+Path to the root device. Supports a dev path, LABEL, and UUID values. If device
+is encrypted, the user will be prompted to decrypt it with a password. The
+decrypted device will be mounted at _/dev/mapper/_dev_sda3_ (per the example).
+
+NOTE: This only works with encrypted devices where the encrypted device
+      contains only a filesystem. If the encrypted device contains its own
+      partition table, see the _cryptroot_ directive.
+
+
+cryptroot
+~~~~~~~~~
+* *required*: no
+* *examples*:
+** cryptroot=/dev/mapper/_sdap3
+** cryptroot=UUID=92b74fd7-6e4f-4a52-ad40-fac874410ca3
+** cryptroot=LABEL=system
+
+Provides an alternate root device, set after decrypting the encrypted root
+device. Only useful when the root directive is set. An example of using this
+might be, root specifies a cryptluks device, that once decrypted, contains its
+own partition table with partitions. This directive can be used to specify
+which of those partitions is the system partition, after decryption has taken
+place.
+
+.Example
+----
+root=/dev/sda3 cryptroot=/dev/mapper/_dev_sda3p1
+----
+
+This example uses /dev/sda3 (which is a cryptluks device) as the original root.
+The user is prompted to decrypt it with a password. After successful
+decryption, the root device is reset to _dev_sda3p1, which is partition 1 of
+the decrypted sda3 cryptluks device.
+
+
+initdebug
+~~~~~~~~~
+* *required*: no
+* *examples*: NA
+
+Enables step-by-step boot mode. Each step requires the user to hit the return
+key. 
+
+NOTE: Enabling this will probably make the boot process go very slowly as it
+      requires a user response for every step.
+
+
+interractive
+~~~~~~~~~~~~
+* *required*: no
+* *examples*: NA
+
+Drops the user into an interractive shell, but before performing the first
+mount operation, which is where most problems start to occur. This can be
+useful for implementing new features in the init script, debugging problems,
+checking the environment, etc.
+
diff --git a/init b/init
index 8ea174a..e075862 100755
--- a/init
+++ b/init
@@ -3,6 +3,7 @@
 export DEBUG=0
 export INTERACTIVE=0
 export ROOTDEV=''
+export CRYPTROOT=''
 
 screen_init() {
   # Clear screen
@@ -57,6 +58,20 @@ parse_cmdline() {
           ROOTDEV="$(echo ${i} | cut -d '=' -f 2)"
         fi
       ;;
+      cryptroot=*)
+        if [ "${i:10:4}" == 'UUID' ]; then
+          # mount by uuid
+          local uuid=$(echo ${i} | cut -d '=' -f 3)
+          CRYPTROOT="$(blkid -U ${uuid})"
+        elif [ "${i:10:5}" == 'LABEL' ]; then
+          # mount by label
+          local label=$(echo ${i} | cut -d '=' -f 3)
+          CRYPTROOT="$(blkid -L ${label})"
+        else
+          # mount by dev
+          CRYPTROOT="$(echo ${i} | cut -d '=' -f 2)"
+        fi
+      ;;
       initdebug)
         # Enable debug mode (this is gonna be slow)
         DEBUG=1
@@ -194,6 +209,11 @@ main() {
     log "New rootdev: ${ROOTDEV}"
   fi
 
+  if [ ! -z "${CRYPTROOT}" ]; then
+    log "Cryptroot defined. Changing rootdev to '${CRYPTROOT}'"
+    ROOTDEV="${CRYPTROOT}"
+  fi
+
   # Drop to interactive shell if requested
   if [ "${INTERACTIVE}" == 1 ]; then
     log "Interractive shell requested. Type 'exit' to continue boot sequence."