From: James Lee <jlee@thestaticvoid.com>
Date: Wed, 25 Mar 2015 20:57:41 +0000 (-0400)
Subject: crypt-loop: Fix decrypt when running at info log level
X-Git-Tag: 042~18^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F44%2Fhead;p=thirdparty%2Fdracut.git

crypt-loop: Fix decrypt when running at info log level

When booting with 'rd.info', the 'info' statements in the crypt-loop
module's 'loop_decrypt' function are output to stdout along with the key
that gets piped into the 'cryptsetup' command, which causes the crypt
device unlocking to fail.

There are two possible simple solutions to this problem:

1. Redirect the info messages to stderr (just add '>&2' at the end of
the info statements).

or

2. Remove the info statements altogether.

I have tested both and they both work, but this commit implements #2.
The existing info messages are long (they overflow 80 characters
easily) and redundant (the password prompt clearly indicates what is
happening), and just generally not useful.  Given that no one has
reported or fixed this bug in the three years that this module has
existed, no one will miss these info messages.

The commit also changes an error message in the same function to be more
descriptive.
---

diff --git a/modules.d/91crypt-loop/crypt-loop-lib.sh b/modules.d/91crypt-loop/crypt-loop-lib.sh
index 520697c04..fcaa44bf1 100755
--- a/modules.d/91crypt-loop/crypt-loop-lib.sh
+++ b/modules.d/91crypt-loop/crypt-loop-lib.sh
@@ -19,8 +19,6 @@ loop_decrypt() {
     local key="/dev/mapper/${mntp##*/}"
 
     if [ ! -b $key ]; then
-        info "Keyfile has .img suffix, treating it as LUKS-encrypted loop keyfile container to unlock $device"
-
         local loopdev=$(losetup -f "${mntp}/${keypath}" --show)
         local opts="-d - luksOpen $loopdev ${key##*/}"
 
@@ -29,14 +27,12 @@ loop_decrypt() {
             --prompt "Password ($keypath on $keydev for $device)" \
             --tty-echo-off
 
-        [ -b $key ] || die "Tried setting it up, but keyfile block device was still not found!" 
+        [ -b $key ] || die "Failed to unlock $keypath on $keydev for $device."
 
         initqueue --onetime --finished --unique --name "crypt-loop-cleanup-10-${key##*/}" \
             $(command -v cryptsetup) "luksClose $key"
         initqueue --onetime --finished --unique --name "crypt-loop-cleanup-20-${loopdev##*/}" \
             $(command -v losetup) "-d $loopdev"
-    else
-        info "Existing keyfile found, re-using it for $device"
     fi
 
     cat $key