Make cryptroot handling act as a real producer/consumer.

This should handle the case of having more than one encrypted
block device on the system as best we can right now.

diff --git a/hooks/cryptroot.sh b/hooks/cryptroot.sh
index 0664f245cf6496eb8a4c538a8ce6ef6e0a6b8cc7..739f5d3144e0825a5f812aec5d1660375c2e33cf 100755 (executable)
--- a/hooks/cryptroot.sh
+++ b/hooks/cryptroot.sh
@@ -1,7 +1,10 @@
 #!/bin/sh
-[ -f /cryptroot ] && { 
-    echo "Encrypted root detected."
-    read cryptopts </cryptroot
-    /sbin/cryptsetup luksOpen $cryptopts || emergency_shell
+[ -s /cryptroot ] && { 
+    udevadm control --stop_exec_queue
+    while read cryptopts; do
+       /sbin/cryptsetup luksOpen $cryptopts
+    done </cryptroot
+    >/cryptroot
+    udevadm control --start_exec_queue
     udevadm settle --timeout=30
 }

diff --git a/rules.d/63-luks.rules b/rules.d/63-luks.rules
index 4d6a379726b9e18c9d2507744b73375b5ceaf7da..802ea062ed4fd56e3559f3055f0f644c5181cee5 100644 (file)
--- a/rules.d/63-luks.rules
+++ b/rules.d/63-luks.rules
@@ -8,6 +8,6 @@ SUBSYSTEM!="block", GOTO="luks_end"
 ACTION!="add|change", GOTO="luks_end"
 
 KERNEL!="sr*", IMPORT{program}="vol_id --export $tempnode"
-ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/bin/sh -c 'echo $env{DEVNAME} luks-$env{ID_FS_UUID} >/cryptroot'"
+ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/bin/sh -c 'echo $env{DEVNAME} luks-$env{ID_FS_UUID} >>/cryptroot'"
 
 LABEL="luks_end"