aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJosselin Poiret <dev@jpoiret.xyz>2022-09-22 15:12:46 +0200
committerMathieu Othacehe <othacehe@gnu.org>2022-09-22 16:27:19 +0200
commitfd942712d8036519d1bcb85b37b127a8f2fff474 (patch)
tree3fc86058e81b372d83e0836203bc6da092e40b65
parentd77612a91b2bf9955e2e538ca59a74dbe2e1a7d5 (diff)
downloadguix-fd942712d8036519d1bcb85b37b127a8f2fff474.tar.gz
guix-fd942712d8036519d1bcb85b37b127a8f2fff474.zip
installer: Ensure luks devices are open when mounting partitions.
Partially-Fixes: <https://issues.guix.gnu.org/57983> * gnu/installer/parted.scm (luks-ensure-open): New procedure. (unmount-user-partitions): Ensure luks devices are open. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
-rw-r--r--gnu/installer/parted.scm16
1 files changed, 16 insertions, 0 deletions
diff --git a/gnu/installer/parted.scm b/gnu/installer/parted.scm
index 51ba2bebd6..fcc936a391 100644
--- a/gnu/installer/parted.scm
+++ b/gnu/installer/parted.scm
@@ -1194,6 +1194,20 @@ USER-PARTITION if it is encrypted, or the plain file-name otherwise."
((run-command-in-installer) "cryptsetup" "open" "--type" "luks"
"--key-file" key-file file-name label)))))
+(define (luks-ensure-open user-partition)
+ "Ensure partition pointed by USER-PARTITION is opened."
+ (unless (file-exists? (user-partition-upper-file-name user-partition))
+ (let* ((file-name (user-partition-file-name user-partition))
+ (label (user-partition-crypt-label user-partition))
+ (password (secret-content (user-partition-crypt-password user-partition))))
+ (call-with-luks-key-file
+ password
+ (lambda (key-file)
+ (installer-log-line "opening LUKS entry ~s at ~s"
+ label file-name)
+ ((run-command-in-installer) "cryptsetup" "open" "--type" "luks"
+ "--key-file" key-file file-name label))))))
+
(define (luks-close user-partition)
"Close the encrypted partition pointed by USER-PARTITION."
(let ((label (user-partition-crypt-label user-partition)))
@@ -1278,6 +1292,8 @@ respective mount-points."
(user-fs-type->mount-type fs-type))
(file-name
(user-partition-upper-file-name user-partition)))
+ (when crypt-label
+ (luks-ensure-open user-partition))
(mkdir-p target)
(installer-log-line "mounting ~s on ~s" file-name target)
(mount file-name target mount-type)))