diff options
Diffstat (limited to 'cmd/fscrypt')
| -rw-r--r-- | cmd/fscrypt/commands.go | 5 | ||||
| -rw-r--r-- | cmd/fscrypt/fscrypt.go | 3 | ||||
| -rw-r--r-- | cmd/fscrypt/protector.go | 14 |
3 files changed, 14 insertions, 8 deletions
diff --git a/cmd/fscrypt/commands.go b/cmd/fscrypt/commands.go index f84102e..ec75584 100644 --- a/cmd/fscrypt/commands.go +++ b/cmd/fscrypt/commands.go @@ -73,12 +73,13 @@ func setupAction(c *cli.Context) error { if err := createGlobalConfig(c.App.Writer, actions.ConfigFileLocation); err != nil { return newExitError(c, err) } - if err := setupFilesystem(c.App.Writer, "/"); err != nil { + if err := setupFilesystem(c.App.Writer, actions.LoginProtectorMountpoint); err != nil { if errors.Cause(err) != filesystem.ErrAlreadySetup { return newExitError(c, err) } fmt.Fprintf(c.App.Writer, - "Skipping creating /.fscrypt because it already exists.\n") + "Skipping creating %s because it already exists.\n", + filepath.Join(actions.LoginProtectorMountpoint, ".fscrypt")) } case 1: // Case (2) - filesystem setup diff --git a/cmd/fscrypt/fscrypt.go b/cmd/fscrypt/fscrypt.go index 069cc96..bbe16bb 100644 --- a/cmd/fscrypt/fscrypt.go +++ b/cmd/fscrypt/fscrypt.go @@ -46,6 +46,9 @@ func main() { if conffile := os.Getenv("FSCRYPT_CONF"); conffile != "" { actions.ConfigFileLocation = conffile } + if rootmnt := os.Getenv("FSCRYPT_ROOT_MNT"); rootmnt != "" { + actions.LoginProtectorMountpoint = rootmnt + } // Create our command line application app := cli.NewApp() diff --git a/cmd/fscrypt/protector.go b/cmd/fscrypt/protector.go index 25f1984..6d35d9e 100644 --- a/cmd/fscrypt/protector.go +++ b/cmd/fscrypt/protector.go @@ -51,8 +51,10 @@ func createProtectorFromContext(ctx *actions.Context) (*actions.Protector, error // We only want to create new login protectors on the root filesystem. // So we make a new context if necessary. - if ctx.Config.Source == metadata.SourceType_pam_passphrase && ctx.Mount.Path != "/" { - log.Printf("creating login protector on %q instead of %q", "/", ctx.Mount.Path) + if ctx.Config.Source == metadata.SourceType_pam_passphrase && + ctx.Mount.Path != actions.LoginProtectorMountpoint { + log.Printf("creating login protector on %q instead of %q", + actions.LoginProtectorMountpoint, ctx.Mount.Path) if ctx, err = modifiedContext(ctx); err != nil { return nil, err } @@ -84,7 +86,7 @@ func expandedProtectorOptions(ctx *actions.Context) ([]*actions.ProtectorOption, } // Do nothing different if we are at the root, or cannot load the root. - if ctx.Mount.Path == "/" { + if ctx.Mount.Path == actions.LoginProtectorMountpoint { return options, nil } if ctx, err = modifiedContext(ctx); err != nil { @@ -117,10 +119,10 @@ func expandedProtectorOptions(ctx *actions.Context) ([]*actions.ProtectorOption, return options, nil } -// modifiedContext returns a copy of ctx with the mountpoint replaced by that of -// the root filesystem. +// modifiedContext returns a copy of ctx with the mountpoint replaced by +// LoginProtectorMountpoint. func modifiedContext(ctx *actions.Context) (*actions.Context, error) { - mnt, err := filesystem.GetMount("/") + mnt, err := filesystem.GetMount(actions.LoginProtectorMountpoint) if err != nil { return nil, err } |