X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=blobdiff_plain;f=host%2Fpart-luks-format;fp=host%2Fpart-luks-format;h=3ed5ebdf91f106a79598378e9bb3b88ac1ab6f9a;hp=0000000000000000000000000000000000000000;hb=3ad6118386977e346d81042e924e5db9c5f15b7d;hpb=22f04b9fac14adc3d3fc98273ba126c3a51792c3

diff --git a/host/part-luks-format b/host/part-luks-format
new file mode 100755
index 0000000..3ed5ebd
--- /dev/null
+++ b/host/part-luks-format
@@ -0,0 +1,12 @@
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+. "$tool"/host/lib.sh
+
+# NOTE: la clef de chiffrement est dérivée de celle de /,
+#       / doit être déchiffrée pour que cela fonctionne.
+part="$1"
+eval "dev=\"\$vm_dev_disk_$part\""
+test ! -e /dev/mapper/${vm_lvm_lv}_root_deciphered ||
+sudo /bin/sh -c "/lib/cryptsetup/scripts/decrypt_derived ${vm_lvm_lv}_root_deciphered |
+cryptsetup luksFormat --hash=sha512 --key-size=512 \
+ --cipher=aes-xts-essiv:sha256 --key-file=- --align-payload=8 $dev"