app-crypt/cryptsetup-opensc/cryptsetup-opensc-0.1.ebuild


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

# Copyright 1999-2007 Gentoo Foundation 
# Distributed under the terms of the GNU General Public License v2 
# $Header: /var/cvsroot/gentoo-x86/x11-themes/smooth-themes/smooth-themes-0.5.8-r1.ebuild,v 1.8 2007/07/11 02:54:47 leio Exp $ 

inherit 

DESCRIPTION="A script (and some initrd utils) for using a smartcard with cryptsetup-LUKS" 
HOMEPAGE="https://systemausfall.org/mail-archive/?0::240" 
SRC_URI="${PN}.tar.gz" 


KEYWORDS="~x86" 
LICENSE="LGPL-2.1" 
SLOT="0" 
IUSE="" 
RESTRICT="fetch" 

RDEPEND="sys-apps/initramfs-tools 
   dev-libs/opensc" 

DEPEND="${RDEPEND}" 

pkg_nofetch() { 
   einfo "Please go to $HOMEPAGE and download the cryptsetup-opensc.tar.gz" 
   einfo "package manually. You may have to rename it, as it is served by a script." 
} 

S=$WORKDIR 

src_unpack() { 
   unpack "${A}" 
} 

src_install() { 
   cd ${S} 
   for item in *; do 
      cp -a ${item} ${D}/ 
   done 

   chmod +x ${D}/lib/cryptsetup/scripts/decrypt_opensc \ 
      ${D}/etc/initramfs-tools/hooks/cryptopensc \ 
      ${D}/etc/initramfs-tools/scripts/local-top/cryptopensc \ 
      ${D}/etc/initramfs-tools/scripts/local-bottom/cryptopensc 
} 

pkg_postinst() { 
   einfo "If you wish to use this in a genkernel-made initrd, you will" 
   einfo "need to modify /usr/share/genkernel/generic/initrd.scripts." 
   einfo "Specifically, you will need to modify the openLUKS function" 
   einfo "so that it uses the decrypt_opensc script. The actual change" 
   einfo "that you need to make is to replace the line that reads" 
   einfo '"cryptsetup luksOpen ${LUKS_DEVICE} ${LUKS_NAME}" with the lines' 
   einfo '"/lib/cryptsetup/scripts/decrypt_opensc /boot/YOUR_ENCRYPTED_KEY >/tmp/decrypted_LUKS_key"' 
   einfo '"cryptsetup luksOpen ${LUKS_DEVICE} ${LUKS_NAME} --key-file /tmp/decrypted_LUKS_key"' 
   einfo 'You will need to run "DESTDIR=/ /etc/initramfs-tools/hooks/cryptopensc"' 
   einfo "in order to copy the neccessary executables and libraries" 
   einfo "to locations that will be included in the initrd" 
   einfo "It is also recommended that you visit ${HOMEPAGE}" 
   einfo "for instructions on how to generate (and set up) an encrypted key" 
   einfo "for use with this package. This is EXPERIMENTAL, use the" 
   einfo "--kernname=smartcard option for genkernel, or otherwise preserve" 
   einfo "your previous initrd. Also back up the initrd.scripts file" 
   einfo "and keep a bootloader entry pointing to your old initrd" 
   einfo "until you have verified that this actually works."