[thirdparty/systemd.git] / src / cryptsetup / cryptsetup-generator.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <string.h>
#include <errno.h>
#include <unistd.h>

#include "log.h"
#include "util.h"
#include "unit-name.h"
#include "mkdir.h"
#include "virt.h"
#include "strv.h"
#include "fileio.h"

static const char *arg_dest = "/tmp";
static bool arg_enabled = true;
static bool arg_read_crypttab = true;

static bool has_option(const char *haystack, const char *needle) {
        const char *f = haystack;
        size_t l;

        assert(needle);

        if (!haystack)
                return false;

        l = strlen(needle);

        while ((f = strstr(f, needle))) {

                if (f > haystack && f[-1] != ',') {
                        f++;
                        continue;
                }

                if (f[l] != 0 && f[l] != ',') {
                        f++;
                        continue;
                }

                return true;
        }

        return false;
}

static int create_disk(
                const char *name,
                const char *device,
                const char *password,
                const char *options) {

        char _cleanup_free_ *p = NULL, *n = NULL, *d = NULL, *u = NULL, *from = NULL, *to = NULL, *e = NULL;
        FILE _cleanup_fclose_ *f = NULL;
        bool noauto, nofail;

        assert(name);
        assert(device);

        noauto = has_option(options, "noauto");
        nofail = has_option(options, "nofail");

        n = unit_name_from_path_instance("systemd-cryptsetup", name, ".service");
        if (!n)
                return log_oom();

        p = strjoin(arg_dest, "/", n, NULL);
        if (!p)
                return log_oom();

        u = fstab_node_to_udev_node(device);
        if (!u)
                return log_oom();

        d = unit_name_from_path(u, ".device");
        if (!d)
                return log_oom();

        f = fopen(p, "wxe");
        if (!f) {
                log_error("Failed to create unit file %s: %m", p);
                return -errno;
        }

        fputs(
                "# Automatically generated by systemd-cryptsetup-generator\n\n"
                "[Unit]\n"
                "Description=Cryptography Setup for %I\n"
                "Documentation=man:systemd-cryptsetup@.service(8) man:crypttab(5)\n"
                "SourcePath=/etc/crypttab\n"
                "Conflicts=umount.target\n"
                "DefaultDependencies=no\n"
                "BindsTo=dev-mapper-%i.device\n"
                "After=systemd-readahead-collect.service systemd-readahead-replay.service\n",
                f);

        if (!nofail)
                fprintf(f,
                        "Before=cryptsetup.target\n");

        if (password && (streq(password, "/dev/urandom") ||
                         streq(password, "/dev/random") ||
                         streq(password, "/dev/hw_random")))
                fputs("After=systemd-random-seed-load.service\n", f);
        else
                fputs("Before=local-fs.target\n", f);

        if (is_device_path(u))
                fprintf(f,
                        "BindsTo=%s\n"
                        "After=%s\n"
                        "Before=umount.target\n",
                        d, d);
        else
                fprintf(f,
                        "RequiresMountsFor=%s\n",
                        u);

        fprintf(f,
                "\n[Service]\n"
                "Type=oneshot\n"
                "RemainAfterExit=yes\n"
                "TimeoutSec=0\n" /* the binary handles timeouts anyway */
                "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n"
                "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n",
                name, u, strempty(password), strempty(options),
                name);

        if (has_option(options, "tmp"))
                fprintf(f,
                        "ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n",
                        name);

        if (has_option(options, "swap"))
                fprintf(f,
                        "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n",
                        name);

        fflush(f);

        if (ferror(f)) {
                log_error("Failed to write file %s: %m", p);
                return -errno;
        }

        if (asprintf(&from, "../%s", n) < 0)
                return log_oom();

        if (!noauto) {

                to = strjoin(arg_dest, "/", d, ".wants/", n, NULL);
                if (!to)
                        return log_oom();

                mkdir_parents_label(to, 0755);
                if (symlink(from, to) < 0) {
                        log_error("Failed to create symlink '%s' to '%s': %m", from, to);
                        return -errno;
                }

                free(to);
                if (!nofail)
                        to = strjoin(arg_dest, "/cryptsetup.target.requires/", n, NULL);
                else
                        to = strjoin(arg_dest, "/cryptsetup.target.wants/", n, NULL);
                if (!to)
                        return log_oom();

                mkdir_parents_label(to, 0755);
                if (symlink(from, to) < 0) {
                        log_error("Failed to create symlink '%s' to '%s': %m", from, to);
                        return -errno;
                }
        }

        e = unit_name_escape(name);
        if (!e)
                return log_oom();

        free(to);
        to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL);
        if (!to)
                return log_oom();

        mkdir_parents_label(to, 0755);
        if (symlink(from, to) < 0) {
                log_error("Failed to create symlink '%s' to '%s': %m", from, to);
                return -errno;
        }

        return 0;
}

static int parse_proc_cmdline(char ***arg_proc_cmdline_disks) {
        char _cleanup_free_ *line = NULL;
        char *w = NULL, *state = NULL;
        int r;
        size_t l;

        if (detect_container(NULL) > 0)
                return 0;

        r = read_one_line_file("/proc/cmdline", &line);
        if (r < 0) {
                log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
                return 0;
        }

        FOREACH_WORD_QUOTED(w, l, line, state) {
                char _cleanup_free_ *word = NULL;

                word = strndup(w, l);
                if (!word)
                        return log_oom();

                if (startswith(word, "luks=")) {
                        r = parse_boolean(word + 5);
                        if (r < 0)
                                log_warning("Failed to parse luks switch %s. Ignoring.", word + 5);
                        else
                                arg_enabled = r;

                } else if (startswith(word, "rd.luks=")) {

                        if (in_initrd()) {
                                r = parse_boolean(word + 8);
                                if (r < 0)
                                        log_warning("Failed to parse luks switch %s. Ignoring.", word + 8);
                                else
                                        arg_enabled = r;
                        }

                } else if (startswith(word, "luks.crypttab=")) {
                        r = parse_boolean(word + 14);
                        if (r < 0)
                                log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 14);
                        else
                                arg_read_crypttab = r;

                } else if (startswith(word, "rd.luks.crypttab=")) {

                        if (in_initrd()) {
                                r = parse_boolean(word + 17);
                                if (r < 0)
                                        log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 17);
                                else
                                        arg_read_crypttab = r;
                        }

                } else if (startswith(word, "luks.uuid=")) {
                        if (strv_extend(arg_proc_cmdline_disks, word + 10) < 0)
                                return log_oom();

                } else if (startswith(word, "rd.luks.uuid=")) {

                        if (in_initrd()) {
                                if (strv_extend(arg_proc_cmdline_disks, word + 13) < 0)
                                        return log_oom();
                        }

                } else if (startswith(word, "luks.") ||
                           (in_initrd() && startswith(word, "rd.luks."))) {

                        log_warning("Unknown kernel switch %s. Ignoring.", word);
                }
        }

        strv_uniq(*arg_proc_cmdline_disks);

        return 0;
}

int main(int argc, char *argv[]) {
        FILE _cleanup_fclose_ *f = NULL;
        unsigned n = 0;
        int r = EXIT_SUCCESS;
        char **i;
        char _cleanup_strv_free_ **arg_proc_cmdline_disks_done = NULL;
        char _cleanup_strv_free_ **arg_proc_cmdline_disks = NULL;

        if (argc > 1 && argc != 4) {
                log_error("This program takes three or no arguments.");
                return EXIT_FAILURE;
        }

        if (argc > 1)
                arg_dest = argv[1];

        log_set_target(LOG_TARGET_SAFE);
        log_parse_environment();
        log_open();

        umask(0022);

        if (parse_proc_cmdline(&arg_proc_cmdline_disks) < 0)
                return EXIT_FAILURE;

        if (!arg_enabled)
                return EXIT_SUCCESS;

        if (arg_read_crypttab) {
                f = fopen("/etc/crypttab", "re");

                if (!f) {
                        if (errno == ENOENT)
                                r = EXIT_SUCCESS;
                        else {
                                r = EXIT_FAILURE;
                                log_error("Failed to open /etc/crypttab: %m");
                        }
                } else for (;;) {
                        char line[LINE_MAX], *l;
                        char _cleanup_free_ *name = NULL, *device = NULL, *password = NULL, *options = NULL;
                        int k;

                        if (!fgets(line, sizeof(line), f))
                                break;

                        n++;

                        l = strstrip(line);
                        if (*l == '#' || *l == 0)
                                continue;

                        k = sscanf(l, "%ms %ms %ms %ms", &name, &device, &password, &options);
                        if (k < 2 || k > 4) {
                                log_error("Failed to parse /etc/crypttab:%u, ignoring.", n);
                                r = EXIT_FAILURE;
                                continue;
                        }

                        if (arg_proc_cmdline_disks) {
                                /*
                                  If luks UUIDs are specified on the kernel command line, use them as a filter
                                  for /etc/crypttab and only generate units for those.
                                */
                                STRV_FOREACH(i, arg_proc_cmdline_disks) {
                                        char _cleanup_free_ *proc_device = NULL, *proc_name = NULL;
                                        const char *p = *i;

                                        if (startswith(p, "luks-"))
                                                p += 5;

                                        proc_name = strappend("luks-", p);
                                        proc_device = strappend("UUID=", p);

                                        if (!proc_name || !proc_device)
                                                return log_oom();

                                        if (streq(proc_device, device) || streq(proc_name, name)) {
                                                if (create_disk(name, device, password, options) < 0)
                                                        r = EXIT_FAILURE;

                                                if (strv_extend(&arg_proc_cmdline_disks_done, p) < 0)
                                                        return log_oom();
                                        }
                                }
                        } else {
                                if (create_disk(name, device, password, options) < 0)
                                        r = EXIT_FAILURE;
                        }
                }
        }

        STRV_FOREACH(i, arg_proc_cmdline_disks) {
                /*
                  Generate units for those UUIDs, which were specified
                  on the kernel command line and not yet written.
                */

                char _cleanup_free_ *name = NULL, *device = NULL;
                const char *p = *i;

                if (startswith(p, "luks-"))
                        p += 5;

                if (strv_contains(arg_proc_cmdline_disks_done, p))
                        continue;

                name = strappend("luks-", p);
                device = strappend("UUID=", p);

                if (!name || !device)
                        return log_oom();

                if (create_disk(name, device, NULL, "timeout=0") < 0)
                        r = EXIT_FAILURE;
        }

        return r;
}
Commit	Line	Data
e23a0ce8 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
e23a0ce8 LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
e23a0ce8	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
e23a0ce8 LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <string.h>
	23	#include <errno.h>
	24	#include <unistd.h>
	25
	26	#include "log.h"
	27	#include "util.h"
	28	#include "unit-name.h"
49e942b2	29	#include "mkdir.h"
66a78c2b LP	30	#include "virt.h"
66a78c2b LP	31	#include "strv.h"
a860325e	32	#include "fileio.h"
e23a0ce8	33
66a78c2b LP	34	static const char *arg_dest = "/tmp";
	35	static bool arg_enabled = true;
	36	static bool arg_read_crypttab = true;
e23a0ce8 LP	37
	38	static bool has_option(const char haystack, const char needle) {
	39	const char *f = haystack;
	40	size_t l;
	41
f653f683 LP	42	assert(needle);
	43
	44	if (!haystack)
	45	return false;
	46
e23a0ce8 LP	47	l = strlen(needle);
	48
	49	while ((f = strstr(f, needle))) {
	50
	51	if (f > haystack && f[-1] != ',') {
	52	f++;
	53	continue;
	54	}
	55
aae5220d	56	if (f[l] != 0 && f[l] != ',') {
e23a0ce8 LP	57	f++;
	58	continue;
	59	}
	60
	61	return true;
	62	}
	63
	64	return false;
	65	}
	66
	67	static int create_disk(
	68	const char *name,
	69	const char *device,
	70	const char *password,
	71	const char *options) {
	72
24a988e9 HH	73	char _cleanup_free_ p = NULL, n = NULL, d = NULL, u = NULL, from = NULL, to = NULL, *e = NULL;
24a988e9 HH	74	FILE _cleanup_fclose_ *f = NULL;
155da457	75	bool noauto, nofail;
e23a0ce8 LP	76
	77	assert(name);
	78	assert(device);
	79
155da457 LP	80	noauto = has_option(options, "noauto");
	81	nofail = has_option(options, "nofail");
	82
35eb6b12	83	n = unit_name_from_path_instance("systemd-cryptsetup", name, ".service");
24a988e9 HH	84	if (!n)
24a988e9 HH	85	return log_oom();
e23a0ce8	86
b7def684	87	p = strjoin(arg_dest, "/", n, NULL);
24a988e9 HH	88	if (!p)
24a988e9 HH	89	return log_oom();
e23a0ce8	90
f7f21d33	91	u = fstab_node_to_udev_node(device);
24a988e9 HH	92	if (!u)
24a988e9 HH	93	return log_oom();
e23a0ce8	94
f7f21d33	95	d = unit_name_from_path(u, ".device");
24a988e9 HH	96	if (!d)
24a988e9 HH	97	return log_oom();
e23a0ce8	98
f7f21d33 LP	99	f = fopen(p, "wxe");
f7f21d33 LP	100	if (!f) {
1cda32b8	101	log_error("Failed to create unit file %s: %m", p);
24a988e9	102	return -errno;
e23a0ce8 LP	103	}
e23a0ce8 LP	104
9ece938a	105	fputs(
6b1dc2bd	106	"# Automatically generated by systemd-cryptsetup-generator\n\n"
e23a0ce8	107	"[Unit]\n"
9ece938a	108	"Description=Cryptography Setup for %I\n"
1c732700	109	"Documentation=man:systemd-cryptsetup@.service(8) man:crypttab(5)\n"
1b64d026	110	"SourcePath=/etc/crypttab\n"
155da457	111	"Conflicts=umount.target\n"
e23a0ce8	112	"DefaultDependencies=no\n"
9ece938a TW	113	"BindsTo=dev-mapper-%i.device\n"
	114	"After=systemd-readahead-collect.service systemd-readahead-replay.service\n",
	115	f);
e23a0ce8	116
155da457 LP	117	if (!nofail)
	118	fprintf(f,
	119	"Before=cryptsetup.target\n");
	120
e23a0ce8 LP	121	if (password && (streq(password, "/dev/urandom") \|\|
	122	streq(password, "/dev/random") \|\|
	123	streq(password, "/dev/hw_random")))
1b64d026	124	fputs("After=systemd-random-seed-load.service\n", f);
87e75fdd	125	else
1b64d026	126	fputs("Before=local-fs.target\n", f);
e23a0ce8	127
9ece938a TW	128	if (is_device_path(u))
	129	fprintf(f,
	130	"BindsTo=%s\n"
	131	"After=%s\n"
	132	"Before=umount.target\n",
	133	d, d);
	134	else
	135	fprintf(f,
	136	"RequiresMountsFor=%s\n",
	137	u);
	138
e23a0ce8 LP	139	fprintf(f,
	140	"\n[Service]\n"
	141	"Type=oneshot\n"
	142	"RemainAfterExit=yes\n"
90724929	143	"TimeoutSec=0\n" /* the binary handles timeouts anyway */
260ab287	144	"ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n"
7f4e0805	145	"ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n",
e23a0ce8 LP	146	name, u, strempty(password), strempty(options),
	147	name);
	148
f653f683	149	if (has_option(options, "tmp"))
e23a0ce8	150	fprintf(f,
50109038	151	"ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n",
1d3399e6	152	name);
e23a0ce8	153
f653f683	154	if (has_option(options, "swap"))
e23a0ce8	155	fprintf(f,
50109038	156	"ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n",
1d3399e6	157	name);
e23a0ce8 LP	158
	159	fflush(f);
	160
	161	if (ferror(f)) {
1cda32b8	162	log_error("Failed to write file %s: %m", p);
24a988e9	163	return -errno;
e23a0ce8 LP	164	}
e23a0ce8 LP	165
24a988e9 HH	166	if (asprintf(&from, "../%s", n) < 0)
24a988e9 HH	167	return log_oom();
74715b82	168
155da457	169	if (!noauto) {
e23a0ce8	170
b7def684	171	to = strjoin(arg_dest, "/", d, ".wants/", n, NULL);
24a988e9 HH	172	if (!to)
24a988e9 HH	173	return log_oom();
e23a0ce8	174
d2e54fae	175	mkdir_parents_label(to, 0755);
e23a0ce8 LP	176	if (symlink(from, to) < 0) {
e23a0ce8 LP	177	log_error("Failed to create symlink '%s' to '%s': %m", from, to);
24a988e9	178	return -errno;
e23a0ce8	179	}
2f8cd170 LP	180
2f8cd170 LP	181	free(to);
155da457	182	if (!nofail)
b7def684	183	to = strjoin(arg_dest, "/cryptsetup.target.requires/", n, NULL);
155da457	184	else
b7def684	185	to = strjoin(arg_dest, "/cryptsetup.target.wants/", n, NULL);
24a988e9 HH	186	if (!to)
24a988e9 HH	187	return log_oom();
2f8cd170	188
d2e54fae	189	mkdir_parents_label(to, 0755);
155da457 LP	190	if (symlink(from, to) < 0) {
155da457 LP	191	log_error("Failed to create symlink '%s' to '%s': %m", from, to);
24a988e9	192	return -errno;
2f8cd170	193	}
f7f21d33	194	}
74715b82 LP	195
74715b82 LP	196	e = unit_name_escape(name);
608d41f3 LP	197	if (!e)
	198	return log_oom();
	199
	200	free(to);
b7def684	201	to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL);
24a988e9 HH	202	if (!to)
24a988e9 HH	203	return log_oom();
74715b82	204
d2e54fae	205	mkdir_parents_label(to, 0755);
74715b82 LP	206	if (symlink(from, to) < 0) {
74715b82 LP	207	log_error("Failed to create symlink '%s' to '%s': %m", from, to);
24a988e9	208	return -errno;
74715b82 LP	209	}
74715b82 LP	210
24a988e9	211	return 0;
e23a0ce8 LP	212	}
e23a0ce8 LP	213
24a988e9 HH	214	static int parse_proc_cmdline(char ***arg_proc_cmdline_disks) {
	215	char _cleanup_free_ *line = NULL;
	216	char w = NULL, state = NULL;
66a78c2b LP	217	int r;
	218	size_t l;
	219
	220	if (detect_container(NULL) > 0)
	221	return 0;
	222
	223	r = read_one_line_file("/proc/cmdline", &line);
	224	if (r < 0) {
	225	log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
	226	return 0;
	227	}
	228
	229	FOREACH_WORD_QUOTED(w, l, line, state) {
24a988e9	230	char _cleanup_free_ *word = NULL;
66a78c2b LP	231
66a78c2b LP	232	word = strndup(w, l);
24a988e9 HH	233	if (!word)
24a988e9 HH	234	return log_oom();
66a78c2b LP	235
	236	if (startswith(word, "luks=")) {
	237	r = parse_boolean(word + 5);
	238	if (r < 0)
	239	log_warning("Failed to parse luks switch %s. Ignoring.", word + 5);
	240	else
	241	arg_enabled = r;
	242
	243	} else if (startswith(word, "rd.luks=")) {
	244
	245	if (in_initrd()) {
	246	r = parse_boolean(word + 8);
	247	if (r < 0)
	248	log_warning("Failed to parse luks switch %s. Ignoring.", word + 8);
	249	else
	250	arg_enabled = r;
	251	}
	252
	253	} else if (startswith(word, "luks.crypttab=")) {
	254	r = parse_boolean(word + 14);
	255	if (r < 0)
	256	log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 14);
	257	else
	258	arg_read_crypttab = r;
	259
	260	} else if (startswith(word, "rd.luks.crypttab=")) {
	261
	262	if (in_initrd()) {
	263	r = parse_boolean(word + 17);
	264	if (r < 0)
	265	log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 17);
	266	else
	267	arg_read_crypttab = r;
	268	}
	269
	270	} else if (startswith(word, "luks.uuid=")) {
e32530cb	271	if (strv_extend(arg_proc_cmdline_disks, word + 10) < 0)
24a988e9 HH	272	return log_oom();
24a988e9 HH	273
66a78c2b LP	274	} else if (startswith(word, "rd.luks.uuid=")) {
	275
	276	if (in_initrd()) {
e32530cb	277	if (strv_extend(arg_proc_cmdline_disks, word + 13) < 0)
24a988e9	278	return log_oom();
66a78c2b LP	279	}
	280
	281	} else if (startswith(word, "luks.") \|\|
	282	(in_initrd() && startswith(word, "rd.luks."))) {
	283
	284	log_warning("Unknown kernel switch %s. Ignoring.", word);
	285	}
66a78c2b LP	286	}
66a78c2b LP	287
24a988e9	288	strv_uniq(*arg_proc_cmdline_disks);
66a78c2b	289
24a988e9	290	return 0;
66a78c2b LP	291	}
66a78c2b LP	292
e23a0ce8	293	int main(int argc, char *argv[]) {
24a988e9	294	FILE _cleanup_fclose_ *f = NULL;
e23a0ce8	295	unsigned n = 0;
24a988e9	296	int r = EXIT_SUCCESS;
66a78c2b	297	char **i;
24a988e9 HH	298	char _cleanup_strv_free_ **arg_proc_cmdline_disks_done = NULL;
24a988e9 HH	299	char _cleanup_strv_free_ **arg_proc_cmdline_disks = NULL;
e23a0ce8	300
07719a21 LP	301	if (argc > 1 && argc != 4) {
07719a21 LP	302	log_error("This program takes three or no arguments.");
e23a0ce8 LP	303	return EXIT_FAILURE;
	304	}
	305
2a796654 LP	306	if (argc > 1)
2a796654 LP	307	arg_dest = argv[1];
e23a0ce8	308
a6903061	309	log_set_target(LOG_TARGET_SAFE);
e23a0ce8 LP	310	log_parse_environment();
	311	log_open();
	312
4c12626c LP	313	umask(0022);
4c12626c LP	314
24a988e9	315	if (parse_proc_cmdline(&arg_proc_cmdline_disks) < 0)
66a78c2b LP	316	return EXIT_FAILURE;
66a78c2b LP	317
24a988e9 HH	318	if (!arg_enabled)
24a988e9 HH	319	return EXIT_SUCCESS;
66a78c2b	320
e2cb60fa HH	321	if (arg_read_crypttab) {
e2cb60fa HH	322	f = fopen("/etc/crypttab", "re");
66a78c2b	323
e2cb60fa HH	324	if (!f) {
	325	if (errno == ENOENT)
	326	r = EXIT_SUCCESS;
	327	else {
	328	r = EXIT_FAILURE;
	329	log_error("Failed to open /etc/crypttab: %m");
	330	}
24a988e9	331	} else for (;;) {
e2cb60fa	332	char line[LINE_MAX], *l;
24a988e9	333	char _cleanup_free_ name = NULL, device = NULL, password = NULL, options = NULL;
e2cb60fa	334	int k;
66a78c2b	335
e2cb60fa HH	336	if (!fgets(line, sizeof(line), f))
e2cb60fa HH	337	break;
66a78c2b	338
e2cb60fa	339	n++;
66a78c2b	340
e2cb60fa HH	341	l = strstrip(line);
	342	if (l == '#' \|\| l == 0)
	343	continue;
e23a0ce8	344
e2cb60fa HH	345	k = sscanf(l, "%ms %ms %ms %ms", &name, &device, &password, &options);
	346	if (k < 2 \|\| k > 4) {
	347	log_error("Failed to parse /etc/crypttab:%u, ignoring.", n);
	348	r = EXIT_FAILURE;
24a988e9	349	continue;
e2cb60fa	350	}
e23a0ce8	351
e2cb60fa HH	352	if (arg_proc_cmdline_disks) {
	353	/*
	354	If luks UUIDs are specified on the kernel command line, use them as a filter
	355	for /etc/crypttab and only generate units for those.
	356	*/
	357	STRV_FOREACH(i, arg_proc_cmdline_disks) {
24a988e9	358	char _cleanup_free_ proc_device = NULL, proc_name = NULL;
e2cb60fa HH	359	const char p = i;
	360
	361	if (startswith(p, "luks-"))
	362	p += 5;
	363
	364	proc_name = strappend("luks-", p);
	365	proc_device = strappend("UUID=", p);
	366
24a988e9 HH	367	if (!proc_name \|\| !proc_device)
	368	return log_oom();
	369
e2cb60fa	370	if (streq(proc_device, device) \|\| streq(proc_name, name)) {
e2cb60fa HH	371	if (create_disk(name, device, password, options) < 0)
	372	r = EXIT_FAILURE;
	373
e32530cb	374	if (strv_extend(&arg_proc_cmdline_disks_done, p) < 0)
24a988e9	375	return log_oom();
e2cb60fa	376	}
e2cb60fa HH	377	}
	378	} else {
	379	if (create_disk(name, device, password, options) < 0)
	380	r = EXIT_FAILURE;
	381	}
e2cb60fa	382	}
e23a0ce8 LP	383	}
e23a0ce8 LP	384
e2cb60fa HH	385	STRV_FOREACH(i, arg_proc_cmdline_disks) {
	386	/*
	387	Generate units for those UUIDs, which were specified
	388	on the kernel command line and not yet written.
	389	*/
e23a0ce8	390
24a988e9	391	char _cleanup_free_ name = NULL, device = NULL;
e2cb60fa	392	const char p = i;
e23a0ce8	393
e2cb60fa HH	394	if (startswith(p, "luks-"))
e2cb60fa HH	395	p += 5;
e23a0ce8	396
e2cb60fa	397	if (strv_contains(arg_proc_cmdline_disks_done, p))
e23a0ce8 LP	398	continue;
e23a0ce8 LP	399
e2cb60fa HH	400	name = strappend("luks-", p);
	401	device = strappend("UUID=", p);
	402
24a988e9 HH	403	if (!name \|\| !device)
24a988e9 HH	404	return log_oom();
e23a0ce8	405
e2cb60fa	406	if (create_disk(name, device, NULL, "timeout=0") < 0)
e23a0ce8	407	r = EXIT_FAILURE;
e23a0ce8 LP	408	}
e23a0ce8 LP	409
e23a0ce8 LP	410	return r;
e23a0ce8 LP	411	}