passdev_or_askpass

#!/bin/sh

timeout=30
counter=0

echo_error() {
    echo $@ >&2
}

password_fallback() {
    echo_error "Falling back to password entry."
    /lib/cryptsetup/askpass "Enter password for ${CRYPTTAB_NAME}: "
}

if [ -z "$1" ]; then
    echo_error "No keyfile argument provided."
    password_fallback
    exit $?
fi

devpath=$(printf $1 | cut -f1 -d":")
filepath=$(printf $1 | cut -f2 -d":")

while [ ! -e $devpath ] && [ $counter -lt $timeout ]; do
    counter=$(($counter + 1))
    sleep 1
done

if [ ! -e $devpath ]; then
    echo_error "Device $devpath not found."
    password_fallback
    exit $?
elif [ ! -b $devpath ]; then
    echo_error "$devpath is not a block device."
    password_fallback
    exit $?
fi

tmppath=$(mktemp -d /tmp/passdev.XXXXXX)
if [ -z "$tmppath" ]; then
    echo_error "Failed to create temporary directory."
    password_fallback
    exit $?
fi

/bin/mount -n -o noatime,nodiratime,nodev,noexec,nosuid,ro $devpath $tmppath
if [ $? -ne 0 ]; then
    echo_error "Failed to mount $devpath."
    rmdir $tmppath
    password_fallback
    exit $?
fi

keypath="$tmppath/$filepath"
if [ ! -e $keypath ] || [ ! -r $keypath ]; then
    if [ ! -e $keypath ]; then
        echo_error "Keyfile doesn't exist."
    else
        echo_error "Failed to open keyfile."
    fi
    umount $tmppath
    rmdir $tmppath
    password_fallback
    exit $?
fi

cat $keypath
umount $tmppath
rmdir $tmppath
exit 0