[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
[PATCH] Add support for encrypted LVs.
- From: David Lehman <dlehman redhat com>
- To: anaconda-devel-list redhat com
- Cc:
- Subject: [PATCH] Add support for encrypted LVs.
- Date: Thu, 20 Mar 2008 12:25:09 -0500
---
iw/lvm_dialog_gui.py | 32 ++++++++++++++++++++++++++++++++
partRequests.py | 13 ++++++++++---
2 files changed, 42 insertions(+), 3 deletions(-)
diff --git a/iw/lvm_dialog_gui.py b/iw/lvm_dialog_gui.py
index 7502587..8bbb4a5 100644
--- a/iw/lvm_dialog_gui.py
+++ b/iw/lvm_dialog_gui.py
@@ -34,6 +34,7 @@ from partRequests import *
from partition_ui_helpers_gui import *
from constants import *
import lvm
+from cryptodev import LUKSDevice
import logging
log = logging.getLogger("anaconda")
@@ -472,6 +473,23 @@ class VolumeGroupEditor:
if logrequest.getPreExisting():
(row, self.fsoptionsDict) = createPreExistFSOptionSection(logrequest, maintable, row, mountCombo, self.partitions, ignorefs = ["software RAID", "physical volume (LVM)", "vfat"])
+ # checkbutton for encryption using dm-crypt/LUKS
+ if not logrequest.getPreExisting():
+ self.lukscb = gtk.CheckButton(_("_Encrypt"))
+ if logrequest.format or logrequest.type == REQUEST_NEW:
+ self.lukscb.set_data("formatstate", 1)
+ else:
+ self.lukscb.set_data("formatstate", 0)
+
+ if logrequest.encryption:
+ self.lukscb.set_active(1)
+ else:
+ self.lukscb.set_active(0)
+ maintable.attach(self.lukscb, 0, 2, row, row + 1)
+ row = row + 1
+ else:
+ self.lukscb = self.fsoptionsDict.get("lukscb")
+
dialog.vbox.pack_start(maintable)
dialog.show_all()
@@ -635,6 +653,20 @@ class VolumeGroupEditor:
# partRequest.py really.
request.dev = None
+ if self.lukscb and self.lukscb.get_active():
+ if request.encryption:
+ passphrase = request.encryption.passphrase
+ else:
+ passphrase = ""
+
+ passphrase = self.intf.getLuksPassphrase(passphrase)
+
+ if passphrase:
+ request.encryption = LUKSDevice(passphrase=passphrase,
+ format=1)
+ else:
+ request.encryption = None
+
# make list of original logvol requests so we can skip them
# in tests below. We check for mount point name conflicts
# above within the current volume group, so it is not
diff --git a/partRequests.py b/partRequests.py
index 5ef4f80..8ca483e 100644
--- a/partRequests.py
+++ b/partRequests.py
@@ -952,14 +952,20 @@ class LogicalVolumeRequestSpec(RequestSpec):
else:
size = "%s percent" %(self.percent,)
+ if self.encryption is None:
+ crypto = "None"
+ else:
+ crypto = self.encryption.getScheme()
+
str = ("LV Request -- mountpoint: %(mount)s uniqueID: %(id)s\n"
" type: %(fstype)s format: %(format)s\n"
" size: %(size)s lvname: %(lvname)s volgroup: %(vgid)s\n"
- " options: '%(fsopts)s' fsprofile: %(fsprofile)s" %
+ " options: '%(fsopts)s' fsprofile: %(fsprofile)s"
+ " encryption: '%(crypto)s'" %
{"mount": self.mountpoint, "id": self.uniqueID,
"fstype": fsname, "format": self.format,
"lvname": self.logicalVolumeName, "vgid": self.volumeGroup,
- "size": size,
+ "size": size, "crypto": crypto,
"fsopts": self.fsopts, "fsprofile": self.fsprofile})
return str
@@ -970,7 +976,8 @@ class LogicalVolumeRequestSpec(RequestSpec):
self.dev = fsset.LogicalVolumeDevice(vgname, self.size,
self.logicalVolumeName,
vg = vg,
- existing = self.preexist)
+ existing = self.preexist,
+ encryption = self.encryption)
return self.dev
def isEncrypted(self, partitions, parentOnly = False):
--
1.5.4.1
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]