7.3.0-1
[arch-packages.git] / cryptsetup / trunk / install-encrypt
blob2cd9ae01341302bf8423070d39eac7d8a0ee38cd
1 #!/bin/bash
3 build() {
4 local mod
6 add_module 'dm-crypt'
7 add_module 'dm-integrity'
8 if [[ $CRYPTO_MODULES ]]; then
9 for mod in $CRYPTO_MODULES; do
10 add_module "$mod"
11 done
12 else
13 add_all_modules '/crypto/'
16 add_binary 'cryptsetup'
18 map add_udev_rule \
19 '10-dm.rules' \
20 '13-dm-disk.rules' \
21 '95-dm-notify.rules' \
22 '/usr/lib/initcpio/udev/11-dm-initramfs.rules'
24 # cryptsetup calls pthread_create(), which dlopen()s libgcc_s.so.1
25 add_binary '/usr/lib/libgcc_s.so.1'
27 # cryptsetup loads the legacy provider which is required for whirlpool
28 add_binary '/usr/lib/ossl-modules/legacy.so'
30 add_runscript
33 help() {
34 cat <<HELPEOF
35 This hook allows for an encrypted root device. Users should specify the device
36 to be unlocked using 'cryptdevice=device:dmname' on the kernel command line,
37 where 'device' is the path to the raw device, and 'dmname' is the name given to
38 the device after unlocking, and will be available as /dev/mapper/dmname.
40 For unlocking via keyfile, 'cryptkey=device:fstype:path' should be specified on
41 the kernel cmdline, where 'device' represents the raw block device where the key
42 exists, 'fstype' is the filesystem type of 'device' (or auto), and 'path' is
43 the absolute path of the keyfile within the device.
45 Without specifying a keyfile, you will be prompted for the password at runtime.
46 This means you must have a keyboard available to input it, and you may need
47 the keymap hook as well to ensure that the keyboard is using the layout you
48 expect.
49 HELPEOF
52 # vim: set ft=sh ts=4 sw=4 et: