6 # if cryptsetup is not installed, then we cannot support encrypted devices.
7 require_any_binary
$systemdutildir/systemd-cryptsetup cryptsetup ||
return 1
9 [[ $hostonly ]] ||
[[ $mount_needs ]] && {
10 for fs
in "${host_fs_types[@]}"; do
11 [[ $fs = "crypto_LUKS" ]] && return 0
27 hostonly
="" instmods drbg
29 [[ $arch == x86_64
]] && arch
=x86
30 [[ $arch == s390x
]] && arch
=s390
31 [[ $arch == aarch64
]] && arch
=arm64
32 instmods dm_crypt
=crypto
=drivers
/crypto
=arch
/$arch/crypto
38 for dev
in "${!host_fs_types[@]}"; do
39 [[ "${host_fs_types[$dev]}" != "crypto_LUKS" ]] && continue
42 blkid
-u crypto
-o export $dev \
43 |
while read line ||
[ -n "$line" ]; do
44 [[ ${line#UUID} = $line ]] && continue
45 printf "%s" "${line#UUID=}"
49 [[ ${UUID} ]] ||
continue
50 printf "%s" " rd.luks.uuid=luks-${UUID}"
57 if [[ $hostonly_cmdline == "yes" ]]; then
58 local _cryptconf
=$
(cmdline
)
59 [[ $_cryptconf ]] && printf "%s\n" "$_cryptconf" >> "${initdir}/etc/cmdline.d/90crypt.conf"
62 inst_hook cmdline
30 "$moddir/parse-crypt.sh"
63 if ! dracut_module_included
"systemd"; then
64 inst_multiple cryptsetup
rmdir readlink umount
65 inst_script
"$moddir"/cryptroot-ask.sh
/sbin
/cryptroot-ask
66 inst_script
"$moddir"/probe-keydev.sh
/sbin
/probe-keydev
67 inst_hook cmdline
10 "$moddir/parse-keydev.sh"
68 inst_hook cleanup
30 "$moddir/crypt-cleanup.sh"
71 if [[ $hostonly ]] && [[ -f $dracutsysrootdir/etc
/crypttab
]]; then
72 # filter /etc/crypttab for the devices we need
73 while read _mapper _dev _luksfile _luksoptions ||
[ -n "$_mapper" ]; do
74 [[ $_mapper = \
#* ]] && continue
75 [[ $_dev ]] ||
continue
77 [[ $_dev == PARTUUID
=* ]] && \
78 _dev
="/dev/disk/by-partuuid/${_dev#PARTUUID=}"
80 [[ $_dev == UUID
=* ]] && \
81 _dev
="/dev/disk/by-uuid/${_dev#UUID=}"
83 [[ $_dev == ID
=* ]] && \
84 _dev
="/dev/disk/by-id/${_dev#ID=}"
86 echo "$_dev $(blkid $_dev -s UUID -o value)" >> "${initdir}/etc/block_uuid.map"
88 # loop through the options to check for the force option
89 luksoptions
=${_luksoptions}
95 while [ $# -gt 0 ]; do
105 # include the entry regardless
106 if [ "${forceentry}" = "yes" ]; then
107 echo "$_mapper $_dev $_luksfile $_luksoptions"
109 for _hdev
in "${!host_fs_types[@]}"; do
110 [[ ${host_fs_types[$_hdev]} == "crypto_LUKS" ]] ||
continue
111 if [[ $_hdev -ef $_dev ]] ||
[[ /dev
/block
/$_hdev -ef $_dev ]]; then
112 echo "$_mapper $_dev $_luksfile $_luksoptions"
117 done < $dracutsysrootdir/etc
/crypttab
> $initdir/etc
/crypttab
118 mark_hostonly
/etc
/crypttab
121 inst_simple
"$moddir/crypt-lib.sh" "/lib/dracut-crypt-lib.sh"
123 if dracut_module_included
"systemd"; then
125 $systemdutildir/system-generators
/systemd-cryptsetup-generator \
126 $systemdutildir/systemd-cryptsetup \
127 $systemdsystemunitdir/systemd-ask-password-console.path \
128 $systemdsystemunitdir/systemd-ask-password-console.service \
129 $systemdsystemunitdir/cryptsetup.target \
130 $systemdsystemunitdir/sysinit.target.wants
/cryptsetup.target \
131 systemd-ask-password systemd-tty-ask-password-agent
132 inst_script
"$moddir"/crypt-run-generator.sh
/sbin
/crypt-run-generator
135 dracut_need_initqueue