Fixed TRIM option handling in /etc/crypttab

'discard' ('allow-discards' being the switch name to use in cryptsetup) v0.4-1
2025-11-04 10:12:33 +03:00 · 2017-06-25 18:22:53 +02:00
parent cf6ccb2d23
commit e5ee05f382
4 changed files with 42 additions and 26 deletions
--- a/32
+++ b/32
@@ -1,26 +1,32 @@
+2017-06-25 Julien Coloos <julien.coloos [at] gmail [dot] com>
+
+        * v0.4-1
+        Fixed TRIM option handling in /etc/crypttab: 'discard' ('allow-discards' being the switch name to use in cryptsetup)
+
+
 2015-11-22 Julien Coloos <julien.coloos [at] gmail [dot] com>

-	* v0.3-1
-	Added configurable timeout for ipconfig
+        * v0.3-1
+        Added configurable timeout for ipconfig
        Moved configuration file from /etc/dropbear/initrd.env to /etc/initcpio/sshcs_env


 2014-05-20 Julien Coloos <julien.coloos [at] gmail [dot] com>

-	* v0.2-1
-	Removed unnecessary dependency: psmisc
-	Added configurable timeout to unlock devices before automatic poweroff
+        * v0.2-1
+        Removed unnecessary dependency: psmisc
+        Added configurable timeout to unlock devices before automatic poweroff


 2014-05-19 Julien Coloos <julien.coloos [at] gmail [dot] com>

-	* v0.1-1
+        * v0.1-1

-	* Code adapted from dropbear_initrd_encrypt (https://aur.archlinux.org/packages/dropbear_initrd_encrypt/)
-	Reworked code
-	Dropped non-LUKS support
-	Rely on /etc/crypttab
-	Handle multiple devices to unlock
-	Merged dropbear and encryptssh hooks
-	Better resources cleanup
+        * Code adapted from dropbear_initrd_encrypt (https://aur.archlinux.org/packages/dropbear_initrd_encrypt/)
+        Reworked code
+        Dropped non-LUKS support
+        Rely on /etc/crypttab
+        Handle multiple devices to unlock
+        Merged dropbear and encryptssh hooks
+        Better resources cleanup

--- a/4
+++ b/4
@@ -1,6 +1,6 @@
 # Maintainer: Julien Coloos <julien.coloos [at] gmail [dot] com>
 pkgname=initrd-ssh-cryptsetup
-pkgver=0.3
+pkgver=0.4
 pkgrel=1
 pkgdesc="Allows for LUKS-encrypted devices to be unlocked remotely over SSH"
 arch=('any')
@@ -10,7 +10,7 @@ depends=('dropbear' 'cryptsetup' 'mkinitcpio-nfs-utils' 'iproute2')
 install=$pkgname.install
 changelog='ChangeLog'
 source=("http://julien.coloos.free.fr/archlinux/$pkgname-$pkgver.tar.xz" "$pkgname.install")
-md5sums=('a25dbbac5cd82a8d87932e646e38d9c4'
+md5sums=('fab9d0ffc14a6cd7bcb79fa1b9411336'
         'ac60109d80e7bb2af0d66e69aaf178a6')

 package() {
--- a/README.md
+++ b/README.md
@@ -8,21 +8,21 @@ After cloning the repo, installation is done as for an AUR package.

 ## Configuration
 As explained upon installation, the following things need to be done:
-  * add the SSH public key to `/etc/dropbear/initrd.authorized_keys`
-  * add the `ip=` kernel command parameter to the bootloader configuration (see https://wiki.archlinux.org/index.php/Mkinitcpio#Using_net)
-  * in the `HOOKS` section of `/etc/mkinitcpio.conf`, add `ssh-cryptsetup` before `filesystems`; then rebuild the initramfs: `mkinitcpio -p linux`
+   * add the SSH public key to `/etc/dropbear/initrd.authorized_keys`
+   * add the `ip=` kernel command parameter to the bootloader configuration (see https://wiki.archlinux.org/index.php/Mkinitcpio#Using_net)
+   * in the `HOOKS` section of `/etc/mkinitcpio.conf`, add `ssh-cryptsetup` before `filesystems`; then rebuild the initramfs: `mkinitcpio -p linux`

 The LUKS-encrypted devices to unlock are derived from `/etc/crypttab`.


 Some options can be set in `/etc/initcpio/sshcs_env` (file is sourced in initrd shell):
-  * `sshcs_opt_timeout_ipconfig`: time (in seconds) to configure IP
-    - default: 10 seconds
-  * `sshcs_opt_listen`: SSH listening port
-    - default: 22
-  * `sshcs_opt_timeout_poweroff`: time (in seconds) to unlock devices before automatic powering off
-    - default (and minimum value): 2 minutes
-    - negative value to deactivate
+   * `sshcs_opt_timeout_ipconfig`: time (in seconds) to configure IP
+      - default: 10 seconds
+   * `sshcs_opt_listen`: SSH listening port
+      - default: 22
+   * `sshcs_opt_timeout_poweroff`: time (in seconds) to unlock devices before automatic powering off
+      - default (and minimum value): 2 minutes
+      - negative value to deactivate

 For example:

@@ -30,3 +30,13 @@ For example:
    sshcs_opt_listen=2222
    sshcs_opt_timeout_poweroff=-1

+
+## Building notes
+1. Modify the sources (features in `src`, and/or package building files)
+2. If `src` was modified
+   * archive the `src` folder in `$pkgname-$pkgver.tar.xz` file; e.g.: `tar -cJf initrd-ssh-cryptsetup-0.4.tar.xz src`
+   * upload the archive on the online repository (pointed by `PKGBUILD`)
+3. Update `PKGBUILD`
+   * bump `pkgver` if `src` was modified, or `pkgrel` if building files were modified
+   * refresh `md5sums` if necessary (based on `md5sum initrd-ssh-cryptsetup-*.tar.xz initrd-ssh-cryptsetup.install` output)
+4. Delete generated archive file if any
--- a/src/hooks/ssh-cryptsetup
+++ b/src/hooks/ssh-cryptsetup
@@ -179,7 +179,7 @@ sshcs_cryptpart_process() {
    cryptargs=
    for cryptopt in ${cryptoptions//,/ }; do
        case ${cryptopt} in
-            allow-discards)
+            discard)
                cryptargs="${cryptargs} --allow-discards"
                ;;