diff options
| author | Jan Houben | 2018-11-10 19:44:47 -0500 |
|---|---|---|
| committer | Jan Houben | 2018-11-10 19:44:47 -0500 |
| commit | f85d859de36052f8a85a4e57f979e4cd1537996b (patch) | |
| tree | c668a04040a171abf979c20a93287ab060dff552 /zfs-utils.initcpio.hook | |
| parent | 893f94629951734fb5e4e5e11e183045998c11f8 (diff) | |
| download | aur-f85d859de36052f8a85a4e57f979e4cd1537996b.tar.gz | |
Import from zfs-utils-common-git
Diffstat (limited to 'zfs-utils.initcpio.hook')
| -rw-r--r-- | zfs-utils.initcpio.hook | 172 |
1 files changed, 132 insertions, 40 deletions
diff --git a/zfs-utils.initcpio.hook b/zfs-utils.initcpio.hook index 3a928944db92..b47cc2849c9e 100644 --- a/zfs-utils.initcpio.hook +++ b/zfs-utils.initcpio.hook @@ -1,8 +1,14 @@ +# +# WARNING: This script is parsed by ash in busybox at boot time, not bash! +# http://linux.die.net/man/1/ash +# https://wiki.ubuntu.com/DashAsBinSh +# http://www.jpsdomain.org/public/2008-JP_bash_vs_dash.pdf +# ZPOOL_FORCE="" ZPOOL_IMPORT_FLAGS="" zfs_get_bootfs () { - for zfs_dataset in $(/usr/bin/zpool list -H -o bootfs); do + for zfs_dataset in $(zpool list -H -o bootfs); do case ${zfs_dataset} in "" | "-") # skip this line/dataset @@ -19,82 +25,168 @@ zfs_get_bootfs () { return 1 } +zfs_decrypt_fs() { + dataset=$1 + + # check if 'zfs load-key' is available + zfs 2>&1 | grep load-key > /dev/null || return 0 + + # check if dataset is encrypted + [ "$(zfs get -H -o value encryption "${dataset}")" != "off" ] || return 0 + + # check if key is already loaded + [ "$(zfs get -H -o value keystatus "${dataset}")" != "available" ] || return 0 + + # get the encryption root + encryptionroot=$(zfs get -H -o value encryptionroot "${dataset}") + + # export encription root to be used by other hooks (SSH) + echo "${encryptionroot}" > /.encryptionroot + + # loop until we get the correct password or key is unlocked by another vector (SSH for instance) + while [ "$(zfs get -H -o value keystatus "${encryptionroot}")" != "available" ] && + ! eval zfs load-key "${encryptionroot}"; do + sleep 2 + done + + if [ -f /.encryptionroot ]; then + rm /.encryptionroot + fi +} + zfs_mount_handler () { - local node=$1 - if [ "$ZFS_DATASET" = "bootfs" ] ; then + if [ "${ZFS_DATASET}" = "bootfs" ] ; then if ! zfs_get_bootfs ; then # Lets import everything and try again - /usr/bin/zpool import $ZPOOL_IMPORT_FLAGS -N -a $ZPOOL_FORCE + zpool import ${ZPOOL_IMPORT_FLAGS} -N -a ${ZPOOL_FORCE} if ! zfs_get_bootfs ; then - echo "ZFS: Cannot find bootfs." - return 1 + err "ZFS: Cannot find bootfs." + exit 1 fi fi fi local pool="${ZFS_DATASET%%/*}" - local rwopt_exp=${rwopt:-ro} + local rwopt_exp="${rwopt:-ro}" - if ! "/usr/bin/zpool" list -H $pool 2>&1 > /dev/null ; then - if [ "$rwopt_exp" != "rw" ]; then - msg "ZFS: Importing pool $pool readonly." - ZPOOL_IMPORT_FLAGS="$ZPOOL_IMPORT_FLAGS -o readonly=on" + if ! zpool list -H "${pool}" 2>1 > /dev/null ; then + if [ ! "${rwopt_exp}" = "rw" ]; then + msg "ZFS: Importing pool ${pool} readonly." + ZPOOL_IMPORT_FLAGS="${ZPOOL_IMPORT_FLAGS} -o readonly=on" else - msg "ZFS: Importing pool $pool." + msg "ZFS: Importing pool ${pool}." fi - if ! "/usr/bin/zpool" import $ZPOOL_IMPORT_FLAGS -N $pool $ZPOOL_FORCE ; then - echo "ZFS: Unable to import pool $pool." - return 1 + if ! zpool import ${ZPOOL_IMPORT_FLAGS} -N "${pool}" ${ZPOOL_FORCE} ; then + err "ZFS: Unable to import pool ${pool}." + exit 1 fi fi - local mountpoint=$("/usr/bin/zfs" get -H -o value mountpoint $ZFS_DATASET) - if [ "$mountpoint" = "legacy" ] ; then - mount -t zfs -o ${rwopt_exp} "$ZFS_DATASET" "$node" - else - mount -o zfsutil,${rwopt_exp} -t zfs "$ZFS_DATASET" "$node" - fi + local node="$1" + local rootmnt=$(zfs get -H -o value mountpoint "${ZFS_DATASET}") + local tab_file="${node}/etc/fstab" + local zfs_datasets="$(zfs list -H -o name -t filesystem -r ${ZFS_DATASET})" + + # Mount the root, and any child datasets + for dataset in ${zfs_datasets}; do + mountpoint=$(zfs get -H -o value mountpoint "${dataset}") + case ${mountpoint} in + "none") + # skip this line/dataset. + ;; + "legacy") + if [ -f "${tab_file}" ]; then + if findmnt -snero source -F "${tab_file}" -S "${dataset}" > /dev/null 2>&1; then + opt=$(findmnt -snero options -F "${tab_file}" -S "${dataset}") + mnt=$(findmnt -snero target -F "${tab_file}" -S "${dataset}") + zfs_decrypt_fs "${dataset}" + mount -t zfs -o "${opt}" "${dataset}" "${node}${mnt}" + fi + fi + ;; + *) + zfs_decrypt_fs "${dataset}" + mount -t zfs -o "zfsutil,${rwopt_exp}" "${dataset}" "${node}/${mountpoint##${rootmnt}}" + ;; + esac + done +} + +set_flags() { + # Force import the pools, useful if the pool has not properly been exported using 'zpool export <pool>' + [ ! "${zfs_force}" = "" ] && ZPOOL_FORCE="-f" + + # Add import directory to import command flags + [ ! "${zfs_import_dir}" = "" ] && ZPOOL_IMPORT_FLAGS="${ZPOOL_IMPORT_FLAGS} -d ${zfs_import_dir}" + [ "${zfs_import_dir}" = "" ] && [ -f /etc/zfs/zpool.cache.org ] && ZPOOL_IMPORT_FLAGS="${ZPOOL_IMPORT_FLAGS} -c /etc/zfs/zpool.cache.org" } run_hook() { - # Force import the pools, useful if the pool has not properly been exported - # using 'zpool export <pool>' - [[ $zfs_force == 1 ]] && ZPOOL_FORCE='-f' - [[ "$zfs_import_dir" != "" ]] && ZPOOL_IMPORT_FLAGS="$ZPOOL_IMPORT_FLAGS -d $zfs_import_dir" + set_flags - if [ "$root" = 'zfs' ]; then - mount_handler='zfs_mount_handler' - fi + # Wait 15 seconds for ZFS devices to show up + [ "${zfs_wait}" = "" ] && ZFS_WAIT="15" || ZFS_WAIT="${zfs_wait}" - case $zfs in + case ${root} in + # root=zfs + "zfs") + mount_handler="zfs_mount_handler" + ;; + # root=ZFS=... syntax (grub) + "ZFS="*) + mount_handler="zfs_mount_handler" + ZFS_DATASET="${root#*[=]}" + ;; + esac + + case ${zfs} in "") # skip this line/dataset ;; auto|bootfs) - ZFS_DATASET='bootfs' + ZFS_DATASET="bootfs" mount_handler="zfs_mount_handler" + local pool="[a-zA-Z][^ ]*" ;; *) - ZFS_DATASET=$zfs + ZFS_DATASET="${zfs}" mount_handler="zfs_mount_handler" + local pool="${ZFS_DATASET%%/*}" ;; esac - if [ ! -f "/etc/hostid" ] ; then - echo "ZFS: No hostid found on kernel command line or /etc/hostid. ZFS pools may not import correctly." - fi - - # Allow up to 10 seconds for zfs device to show up - for i in 1 2 3 4 5 6 7 8 9 10; do - [ -c "/dev/zfs" ] && break + # Allow at least n seconds for zfs device to show up. Especially + # when using zfs_import_dir instead of zpool.cache, the listing of + # available pools can be slow, so this loop must be top-tested to + # ensure we do one 'zpool import' pass after the timer has expired. + sleep ${ZFS_WAIT} & pid=$! + local break_after=0 + while :; do + kill -0 $pid > /dev/null 2>&1 || break_after=1 + if [ -c "/dev/zfs" ]; then + zpool import ${ZPOOL_IMPORT_FLAGS} | awk " + BEGIN { pool_found=0; online=0; unavail=0 } + /^ ${pool} .*/ { pool_found=1 } + /^\$/ { pool_found=0 } + /UNAVAIL/ { if (pool_found == 1) { unavail=1 } } + /ONLINE/ { if (pool_found == 1) { online=1 } } + END { if (online == 1 && unavail != 1) + { exit 0 } + else + { exit 1 } + }" && break + fi + [ $break_after == 1 ] && break sleep 1 done + kill $pid > /dev/null 2>&1 } - run_latehook () { - /usr/bin/zpool import -N -a $ZPOOL_FORCE + set_flags + # only run zpool import, if flags were set (cache file found / zfs_import_dir specified) + [ ! "${ZPOOL_IMPORT_FLAGS}" = "" ] && zpool import ${ZPOOL_IMPORT_FLAGS} -N -a ${ZPOOL_FORCE} } # vim:set ts=4 sw=4 ft=sh et: |