[thirdparty/systemd.git] / src / cryptsetup / cryptsetup-generator.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <string.h>
#include <errno.h>
#include <unistd.h>

#include "log.h"
#include "util.h"
#include "unit-name.h"
#include "mkdir.h"
#include "virt.h"
#include "strv.h"
#include "fileio.h"

static const char *arg_dest = "/tmp";
static bool arg_enabled = true;
static bool arg_read_crypttab = true;

static bool has_option(const char *haystack, const char *needle) {
        const char *f = haystack;
        size_t l;

        assert(needle);

        if (!haystack)
                return false;

        l = strlen(needle);

        while ((f = strstr(f, needle))) {

                if (f > haystack && f[-1] != ',') {
                        f++;
                        continue;
                }

                if (f[l] != 0 && f[l] != ',') {
                        f++;
                        continue;
                }

                return true;
        }

        return false;
}

static int create_disk(
                const char *name,
                const char *device,
                const char *password,
                const char *options) {

        char _cleanup_free_ *p = NULL, *n = NULL, *d = NULL, *u = NULL, *from = NULL, *to = NULL, *e = NULL;
        FILE _cleanup_fclose_ *f = NULL;
        bool noauto, nofail;

        assert(name);
        assert(device);

        noauto = has_option(options, "noauto");
        nofail = has_option(options, "nofail");

        n = unit_name_from_path_instance("systemd-cryptsetup", name, ".service");
        if (!n)
                return log_oom();

        p = strjoin(arg_dest, "/", n, NULL);
        if (!p)
                return log_oom();

        u = fstab_node_to_udev_node(device);
        if (!u)
                return log_oom();

        d = unit_name_from_path(u, ".device");
        if (!d)
                return log_oom();

        f = fopen(p, "wxe");
        if (!f) {
                log_error("Failed to create unit file %s: %m", p);
                return -errno;
        }

        fprintf(f,
                "# Automatically generated by systemd-cryptsetup-generator\n\n"
                "[Unit]\n"
                "Description=Cryptography Setup for %%I\n"
                "Documentation=man:systemd-cryptsetup@.service(8) man:crypttab(5)\n"
                "SourcePath=/etc/crypttab\n"
                "Conflicts=umount.target\n"
                "DefaultDependencies=no\n"
                "BindsTo=%s dev-mapper-%%i.device\n"
                "After=systemd-readahead-collect.service systemd-readahead-replay.service %s\n"
                "Before=umount.target\n",
                d, d);

        if (!nofail)
                fprintf(f,
                        "Before=cryptsetup.target\n");

        if (password && (streq(password, "/dev/urandom") ||
                         streq(password, "/dev/random") ||
                         streq(password, "/dev/hw_random")))
                fputs("After=systemd-random-seed-load.service\n", f);
        else
                fputs("Before=local-fs.target\n", f);

        fprintf(f,
                "\n[Service]\n"
                "Type=oneshot\n"
                "RemainAfterExit=yes\n"
                "TimeoutSec=0\n" /* the binary handles timeouts anyway */
                "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n"
                "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n",
                name, u, strempty(password), strempty(options),
                name);

        if (has_option(options, "tmp"))
                fprintf(f,
                        "ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n",
                        name);

        if (has_option(options, "swap"))
                fprintf(f,
                        "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n",
                        name);

        fflush(f);

        if (ferror(f)) {
                log_error("Failed to write file %s: %m", p);
                return -errno;
        }

        if (asprintf(&from, "../%s", n) < 0)
                return log_oom();

        if (!noauto) {

                to = strjoin(arg_dest, "/", d, ".wants/", n, NULL);
                if (!to)
                        return log_oom();

                mkdir_parents_label(to, 0755);
                if (symlink(from, to) < 0) {
                        log_error("Failed to create symlink '%s' to '%s': %m", from, to);
                        return -errno;
                }

                free(to);
                if (!nofail)
                        to = strjoin(arg_dest, "/cryptsetup.target.requires/", n, NULL);
                else
                        to = strjoin(arg_dest, "/cryptsetup.target.wants/", n, NULL);
                if (!to)
                        return log_oom();

                mkdir_parents_label(to, 0755);
                if (symlink(from, to) < 0) {
                        log_error("Failed to create symlink '%s' to '%s': %m", from, to);
                        return -errno;
                }
        }

        e = unit_name_escape(name);
        if (!e)
                return log_oom();

        free(to);
        to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL);
        if (!to)
                return log_oom();

        mkdir_parents_label(to, 0755);
        if (symlink(from, to) < 0) {
                log_error("Failed to create symlink '%s' to '%s': %m", from, to);
                return -errno;
        }

        return 0;
}

static int parse_proc_cmdline(char ***arg_proc_cmdline_disks) {
        char _cleanup_free_ *line = NULL;
        char *w = NULL, *state = NULL;
        int r;
        size_t l;

        if (detect_container(NULL) > 0)
                return 0;

        r = read_one_line_file("/proc/cmdline", &line);
        if (r < 0) {
                log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
                return 0;
        }

        FOREACH_WORD_QUOTED(w, l, line, state) {
                char _cleanup_free_ *word = NULL;

                word = strndup(w, l);
                if (!word)
                        return log_oom();

                if (startswith(word, "luks=")) {
                        r = parse_boolean(word + 5);
                        if (r < 0)
                                log_warning("Failed to parse luks switch %s. Ignoring.", word + 5);
                        else
                                arg_enabled = r;

                } else if (startswith(word, "rd.luks=")) {

                        if (in_initrd()) {
                                r = parse_boolean(word + 8);
                                if (r < 0)
                                        log_warning("Failed to parse luks switch %s. Ignoring.", word + 8);
                                else
                                        arg_enabled = r;
                        }

                } else if (startswith(word, "luks.crypttab=")) {
                        r = parse_boolean(word + 14);
                        if (r < 0)
                                log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 14);
                        else
                                arg_read_crypttab = r;

                } else if (startswith(word, "rd.luks.crypttab=")) {

                        if (in_initrd()) {
                                r = parse_boolean(word + 17);
                                if (r < 0)
                                        log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 17);
                                else
                                        arg_read_crypttab = r;
                        }

                } else if (startswith(word, "luks.uuid=")) {
                        if (strv_extend(arg_proc_cmdline_disks, word + 10) < 0)
                                return log_oom();

                } else if (startswith(word, "rd.luks.uuid=")) {

                        if (in_initrd()) {
                                if (strv_extend(arg_proc_cmdline_disks, word + 13) < 0)
                                        return log_oom();
                        }

                } else if (startswith(word, "luks.") ||
                           (in_initrd() && startswith(word, "rd.luks."))) {

                        log_warning("Unknown kernel switch %s. Ignoring.", word);
                }
        }

        strv_uniq(*arg_proc_cmdline_disks);

        return 0;
}

int main(int argc, char *argv[]) {
        FILE _cleanup_fclose_ *f = NULL;
        unsigned n = 0;
        int r = EXIT_SUCCESS;
        char **i;
        char _cleanup_strv_free_ **arg_proc_cmdline_disks_done = NULL;
        char _cleanup_strv_free_ **arg_proc_cmdline_disks = NULL;

        if (argc > 1 && argc != 4) {
                log_error("This program takes three or no arguments.");
                return EXIT_FAILURE;
        }

        if (argc > 1)
                arg_dest = argv[1];

        log_set_target(LOG_TARGET_SAFE);
        log_parse_environment();
        log_open();

        umask(0022);

        if (parse_proc_cmdline(&arg_proc_cmdline_disks) < 0)
                return EXIT_FAILURE;

        if (!arg_enabled)
                return EXIT_SUCCESS;

        if (arg_read_crypttab) {
                f = fopen("/etc/crypttab", "re");

                if (!f) {
                        if (errno == ENOENT)
                                r = EXIT_SUCCESS;
                        else {
                                r = EXIT_FAILURE;
                                log_error("Failed to open /etc/crypttab: %m");
                        }
                } else for (;;) {
                        char line[LINE_MAX], *l;
                        char _cleanup_free_ *name = NULL, *device = NULL, *password = NULL, *options = NULL;
                        int k;

                        if (!fgets(line, sizeof(line), f))
                                break;

                        n++;

                        l = strstrip(line);
                        if (*l == '#' || *l == 0)
                                continue;

                        k = sscanf(l, "%ms %ms %ms %ms", &name, &device, &password, &options);
                        if (k < 2 || k > 4) {
                                log_error("Failed to parse /etc/crypttab:%u, ignoring.", n);
                                r = EXIT_FAILURE;
                                continue;
                        }

                        if (arg_proc_cmdline_disks) {
                                /*
                                  If luks UUIDs are specified on the kernel command line, use them as a filter
                                  for /etc/crypttab and only generate units for those.
                                */
                                STRV_FOREACH(i, arg_proc_cmdline_disks) {
                                        char _cleanup_free_ *proc_device = NULL, *proc_name = NULL;
                                        const char *p = *i;

                                        if (startswith(p, "luks-"))
                                                p += 5;

                                        proc_name = strappend("luks-", p);
                                        proc_device = strappend("UUID=", p);

                                        if (!proc_name || !proc_device)
                                                return log_oom();

                                        if (streq(proc_device, device) || streq(proc_name, name)) {
                                                if (create_disk(name, device, password, options) < 0)
                                                        r = EXIT_FAILURE;

                                                if (strv_extend(&arg_proc_cmdline_disks_done, p) < 0)
                                                        return log_oom();
                                        }
                                }
                        } else {
                                if (create_disk(name, device, password, options) < 0)
                                        r = EXIT_FAILURE;
                        }
                }
        }

        STRV_FOREACH(i, arg_proc_cmdline_disks) {
                /*
                  Generate units for those UUIDs, which were specified
                  on the kernel command line and not yet written.
                */

                char _cleanup_free_ *name = NULL, *device = NULL;
                const char *p = *i;

                if (startswith(p, "luks-"))
                        p += 5;

                if (strv_contains(arg_proc_cmdline_disks_done, p))
                        continue;

                name = strappend("luks-", p);
                device = strappend("UUID=", p);

                if (!name || !device)
                        return log_oom();

                if (create_disk(name, device, NULL, "timeout=0") < 0)
                        r = EXIT_FAILURE;
        }

        return r;
}
Commit	Line	Data
e23a0ce8 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
e23a0ce8 LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
e23a0ce8	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
e23a0ce8 LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <string.h>
	23	#include <errno.h>
	24	#include <unistd.h>
	25
	26	#include "log.h"
	27	#include "util.h"
	28	#include "unit-name.h"
49e942b2	29	#include "mkdir.h"
66a78c2b LP	30	#include "virt.h"
66a78c2b LP	31	#include "strv.h"
a860325e	32	#include "fileio.h"
e23a0ce8	33
66a78c2b LP	34	static const char *arg_dest = "/tmp";
	35	static bool arg_enabled = true;
	36	static bool arg_read_crypttab = true;
e23a0ce8 LP	37
	38	static bool has_option(const char haystack, const char needle) {
	39	const char *f = haystack;
	40	size_t l;
	41
f653f683 LP	42	assert(needle);
	43
	44	if (!haystack)
	45	return false;
	46
e23a0ce8 LP	47	l = strlen(needle);
	48
	49	while ((f = strstr(f, needle))) {
	50
	51	if (f > haystack && f[-1] != ',') {
	52	f++;
	53	continue;
	54	}
	55
aae5220d	56	if (f[l] != 0 && f[l] != ',') {
e23a0ce8 LP	57	f++;
	58	continue;
	59	}
	60
	61	return true;
	62	}
	63
	64	return false;
	65	}
	66
	67	static int create_disk(
	68	const char *name,
	69	const char *device,
	70	const char *password,
	71	const char *options) {
	72
24a988e9 HH	73	char _cleanup_free_ p = NULL, n = NULL, d = NULL, u = NULL, from = NULL, to = NULL, *e = NULL;
24a988e9 HH	74	FILE _cleanup_fclose_ *f = NULL;
155da457	75	bool noauto, nofail;
e23a0ce8 LP	76
	77	assert(name);
	78	assert(device);
	79
155da457 LP	80	noauto = has_option(options, "noauto");
	81	nofail = has_option(options, "nofail");
	82
35eb6b12	83	n = unit_name_from_path_instance("systemd-cryptsetup", name, ".service");
24a988e9 HH	84	if (!n)
24a988e9 HH	85	return log_oom();
e23a0ce8	86
b7def684	87	p = strjoin(arg_dest, "/", n, NULL);
24a988e9 HH	88	if (!p)
24a988e9 HH	89	return log_oom();
e23a0ce8	90
f7f21d33	91	u = fstab_node_to_udev_node(device);
24a988e9 HH	92	if (!u)
24a988e9 HH	93	return log_oom();
e23a0ce8	94
f7f21d33	95	d = unit_name_from_path(u, ".device");
24a988e9 HH	96	if (!d)
24a988e9 HH	97	return log_oom();
e23a0ce8	98
f7f21d33 LP	99	f = fopen(p, "wxe");
f7f21d33 LP	100	if (!f) {
1cda32b8	101	log_error("Failed to create unit file %s: %m", p);
24a988e9	102	return -errno;
e23a0ce8 LP	103	}
	104
	105	fprintf(f,
6b1dc2bd	106	"# Automatically generated by systemd-cryptsetup-generator\n\n"
e23a0ce8	107	"[Unit]\n"
a4477e68	108	"Description=Cryptography Setup for %%I\n"
1c732700	109	"Documentation=man:systemd-cryptsetup@.service(8) man:crypttab(5)\n"
1b64d026	110	"SourcePath=/etc/crypttab\n"
155da457	111	"Conflicts=umount.target\n"
e23a0ce8	112	"DefaultDependencies=no\n"
7f2cddae	113	"BindsTo=%s dev-mapper-%%i.device\n"
e23a0ce8	114	"After=systemd-readahead-collect.service systemd-readahead-replay.service %s\n"
87e75fdd	115	"Before=umount.target\n",
e23a0ce8 LP	116	d, d);
e23a0ce8 LP	117
155da457 LP	118	if (!nofail)
	119	fprintf(f,
	120	"Before=cryptsetup.target\n");
	121
e23a0ce8 LP	122	if (password && (streq(password, "/dev/urandom") \|\|
	123	streq(password, "/dev/random") \|\|
	124	streq(password, "/dev/hw_random")))
1b64d026	125	fputs("After=systemd-random-seed-load.service\n", f);
87e75fdd	126	else
1b64d026	127	fputs("Before=local-fs.target\n", f);
e23a0ce8 LP	128
	129	fprintf(f,
	130	"\n[Service]\n"
	131	"Type=oneshot\n"
	132	"RemainAfterExit=yes\n"
90724929	133	"TimeoutSec=0\n" /* the binary handles timeouts anyway */
260ab287	134	"ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n"
7f4e0805	135	"ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n",
e23a0ce8 LP	136	name, u, strempty(password), strempty(options),
	137	name);
	138
f653f683	139	if (has_option(options, "tmp"))
e23a0ce8	140	fprintf(f,
50109038	141	"ExecStartPost=/sbin/mke2fs '/dev/mapper/%s'\n",
1d3399e6	142	name);
e23a0ce8	143
f653f683	144	if (has_option(options, "swap"))
e23a0ce8	145	fprintf(f,
50109038	146	"ExecStartPost=/sbin/mkswap '/dev/mapper/%s'\n",
1d3399e6	147	name);
e23a0ce8 LP	148
	149	fflush(f);
	150
	151	if (ferror(f)) {
1cda32b8	152	log_error("Failed to write file %s: %m", p);
24a988e9	153	return -errno;
e23a0ce8 LP	154	}
e23a0ce8 LP	155
24a988e9 HH	156	if (asprintf(&from, "../%s", n) < 0)
24a988e9 HH	157	return log_oom();
74715b82	158
155da457	159	if (!noauto) {
e23a0ce8	160
b7def684	161	to = strjoin(arg_dest, "/", d, ".wants/", n, NULL);
24a988e9 HH	162	if (!to)
24a988e9 HH	163	return log_oom();
e23a0ce8	164
d2e54fae	165	mkdir_parents_label(to, 0755);
e23a0ce8 LP	166	if (symlink(from, to) < 0) {
e23a0ce8 LP	167	log_error("Failed to create symlink '%s' to '%s': %m", from, to);
24a988e9	168	return -errno;
e23a0ce8	169	}
2f8cd170 LP	170
2f8cd170 LP	171	free(to);
155da457	172	if (!nofail)
b7def684	173	to = strjoin(arg_dest, "/cryptsetup.target.requires/", n, NULL);
155da457	174	else
b7def684	175	to = strjoin(arg_dest, "/cryptsetup.target.wants/", n, NULL);
24a988e9 HH	176	if (!to)
24a988e9 HH	177	return log_oom();
2f8cd170	178
d2e54fae	179	mkdir_parents_label(to, 0755);
155da457 LP	180	if (symlink(from, to) < 0) {
155da457 LP	181	log_error("Failed to create symlink '%s' to '%s': %m", from, to);
24a988e9	182	return -errno;
2f8cd170	183	}
f7f21d33	184	}
74715b82 LP	185
74715b82 LP	186	e = unit_name_escape(name);
608d41f3 LP	187	if (!e)
	188	return log_oom();
	189
	190	free(to);
b7def684	191	to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL);
24a988e9 HH	192	if (!to)
24a988e9 HH	193	return log_oom();
74715b82	194
d2e54fae	195	mkdir_parents_label(to, 0755);
74715b82 LP	196	if (symlink(from, to) < 0) {
74715b82 LP	197	log_error("Failed to create symlink '%s' to '%s': %m", from, to);
24a988e9	198	return -errno;
74715b82 LP	199	}
74715b82 LP	200
24a988e9	201	return 0;
e23a0ce8 LP	202	}
e23a0ce8 LP	203
24a988e9 HH	204	static int parse_proc_cmdline(char ***arg_proc_cmdline_disks) {
	205	char _cleanup_free_ *line = NULL;
	206	char w = NULL, state = NULL;
66a78c2b LP	207	int r;
	208	size_t l;
	209
	210	if (detect_container(NULL) > 0)
	211	return 0;
	212
	213	r = read_one_line_file("/proc/cmdline", &line);
	214	if (r < 0) {
	215	log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
	216	return 0;
	217	}
	218
	219	FOREACH_WORD_QUOTED(w, l, line, state) {
24a988e9	220	char _cleanup_free_ *word = NULL;
66a78c2b LP	221
66a78c2b LP	222	word = strndup(w, l);
24a988e9 HH	223	if (!word)
24a988e9 HH	224	return log_oom();
66a78c2b LP	225
	226	if (startswith(word, "luks=")) {
	227	r = parse_boolean(word + 5);
	228	if (r < 0)
	229	log_warning("Failed to parse luks switch %s. Ignoring.", word + 5);
	230	else
	231	arg_enabled = r;
	232
	233	} else if (startswith(word, "rd.luks=")) {
	234
	235	if (in_initrd()) {
	236	r = parse_boolean(word + 8);
	237	if (r < 0)
	238	log_warning("Failed to parse luks switch %s. Ignoring.", word + 8);
	239	else
	240	arg_enabled = r;
	241	}
	242
	243	} else if (startswith(word, "luks.crypttab=")) {
	244	r = parse_boolean(word + 14);
	245	if (r < 0)
	246	log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 14);
	247	else
	248	arg_read_crypttab = r;
	249
	250	} else if (startswith(word, "rd.luks.crypttab=")) {
	251
	252	if (in_initrd()) {
	253	r = parse_boolean(word + 17);
	254	if (r < 0)
	255	log_warning("Failed to parse luks crypttab switch %s. Ignoring.", word + 17);
	256	else
	257	arg_read_crypttab = r;
	258	}
	259
	260	} else if (startswith(word, "luks.uuid=")) {
e32530cb	261	if (strv_extend(arg_proc_cmdline_disks, word + 10) < 0)
24a988e9 HH	262	return log_oom();
24a988e9 HH	263
66a78c2b LP	264	} else if (startswith(word, "rd.luks.uuid=")) {
	265
	266	if (in_initrd()) {
e32530cb	267	if (strv_extend(arg_proc_cmdline_disks, word + 13) < 0)
24a988e9	268	return log_oom();
66a78c2b LP	269	}
	270
	271	} else if (startswith(word, "luks.") \|\|
	272	(in_initrd() && startswith(word, "rd.luks."))) {
	273
	274	log_warning("Unknown kernel switch %s. Ignoring.", word);
	275	}
66a78c2b LP	276	}
66a78c2b LP	277
24a988e9	278	strv_uniq(*arg_proc_cmdline_disks);
66a78c2b	279
24a988e9	280	return 0;
66a78c2b LP	281	}
66a78c2b LP	282
e23a0ce8	283	int main(int argc, char *argv[]) {
24a988e9	284	FILE _cleanup_fclose_ *f = NULL;
e23a0ce8	285	unsigned n = 0;
24a988e9	286	int r = EXIT_SUCCESS;
66a78c2b	287	char **i;
24a988e9 HH	288	char _cleanup_strv_free_ **arg_proc_cmdline_disks_done = NULL;
24a988e9 HH	289	char _cleanup_strv_free_ **arg_proc_cmdline_disks = NULL;
e23a0ce8	290
07719a21 LP	291	if (argc > 1 && argc != 4) {
07719a21 LP	292	log_error("This program takes three or no arguments.");
e23a0ce8 LP	293	return EXIT_FAILURE;
	294	}
	295
2a796654 LP	296	if (argc > 1)
2a796654 LP	297	arg_dest = argv[1];
e23a0ce8	298
a6903061	299	log_set_target(LOG_TARGET_SAFE);
e23a0ce8 LP	300	log_parse_environment();
	301	log_open();
	302
4c12626c LP	303	umask(0022);
4c12626c LP	304
24a988e9	305	if (parse_proc_cmdline(&arg_proc_cmdline_disks) < 0)
66a78c2b LP	306	return EXIT_FAILURE;
66a78c2b LP	307
24a988e9 HH	308	if (!arg_enabled)
24a988e9 HH	309	return EXIT_SUCCESS;
66a78c2b	310
e2cb60fa HH	311	if (arg_read_crypttab) {
e2cb60fa HH	312	f = fopen("/etc/crypttab", "re");
66a78c2b	313
e2cb60fa HH	314	if (!f) {
	315	if (errno == ENOENT)
	316	r = EXIT_SUCCESS;
	317	else {
	318	r = EXIT_FAILURE;
	319	log_error("Failed to open /etc/crypttab: %m");
	320	}
24a988e9	321	} else for (;;) {
e2cb60fa	322	char line[LINE_MAX], *l;
24a988e9	323	char _cleanup_free_ name = NULL, device = NULL, password = NULL, options = NULL;
e2cb60fa	324	int k;
66a78c2b	325
e2cb60fa HH	326	if (!fgets(line, sizeof(line), f))
e2cb60fa HH	327	break;
66a78c2b	328
e2cb60fa	329	n++;
66a78c2b	330
e2cb60fa HH	331	l = strstrip(line);
	332	if (l == '#' \|\| l == 0)
	333	continue;
e23a0ce8	334
e2cb60fa HH	335	k = sscanf(l, "%ms %ms %ms %ms", &name, &device, &password, &options);
	336	if (k < 2 \|\| k > 4) {
	337	log_error("Failed to parse /etc/crypttab:%u, ignoring.", n);
	338	r = EXIT_FAILURE;
24a988e9	339	continue;
e2cb60fa	340	}
e23a0ce8	341
e2cb60fa HH	342	if (arg_proc_cmdline_disks) {
	343	/*
	344	If luks UUIDs are specified on the kernel command line, use them as a filter
	345	for /etc/crypttab and only generate units for those.
	346	*/
	347	STRV_FOREACH(i, arg_proc_cmdline_disks) {
24a988e9	348	char _cleanup_free_ proc_device = NULL, proc_name = NULL;
e2cb60fa HH	349	const char p = i;
	350
	351	if (startswith(p, "luks-"))
	352	p += 5;
	353
	354	proc_name = strappend("luks-", p);
	355	proc_device = strappend("UUID=", p);
	356
24a988e9 HH	357	if (!proc_name \|\| !proc_device)
	358	return log_oom();
	359
e2cb60fa	360	if (streq(proc_device, device) \|\| streq(proc_name, name)) {
e2cb60fa HH	361	if (create_disk(name, device, password, options) < 0)
	362	r = EXIT_FAILURE;
	363
e32530cb	364	if (strv_extend(&arg_proc_cmdline_disks_done, p) < 0)
24a988e9	365	return log_oom();
e2cb60fa	366	}
e2cb60fa HH	367	}
	368	} else {
	369	if (create_disk(name, device, password, options) < 0)
	370	r = EXIT_FAILURE;
	371	}
e2cb60fa	372	}
e23a0ce8 LP	373	}
e23a0ce8 LP	374
e2cb60fa HH	375	STRV_FOREACH(i, arg_proc_cmdline_disks) {
	376	/*
	377	Generate units for those UUIDs, which were specified
	378	on the kernel command line and not yet written.
	379	*/
e23a0ce8	380
24a988e9	381	char _cleanup_free_ name = NULL, device = NULL;
e2cb60fa	382	const char p = i;
e23a0ce8	383
e2cb60fa HH	384	if (startswith(p, "luks-"))
e2cb60fa HH	385	p += 5;
e23a0ce8	386
e2cb60fa	387	if (strv_contains(arg_proc_cmdline_disks_done, p))
e23a0ce8 LP	388	continue;
e23a0ce8 LP	389
e2cb60fa HH	390	name = strappend("luks-", p);
	391	device = strappend("UUID=", p);
	392
24a988e9 HH	393	if (!name \|\| !device)
24a988e9 HH	394	return log_oom();
e23a0ce8	395
e2cb60fa	396	if (create_disk(name, device, NULL, "timeout=0") < 0)
e23a0ce8	397	r = EXIT_FAILURE;
e23a0ce8 LP	398	}
e23a0ce8 LP	399
e23a0ce8 LP	400	return r;
e23a0ce8 LP	401	}