#! /bin/sh

PATH=/sbin:/bin

CIPHER=twofish-cbc-essiv:sha256
PARTITION=/dev/md0
MOUNT_POINT=home

	
# load redhat boot functions so we can call things
# like echo_success and echo_failure properly
. /etc/rc.d/init.d/functions

function get_password() {
	TITLE="Mount encrypted /$MOUNT_POINT"
        PROMPT="Enter password for encrypted /$MOUNT_POINT: $ATTEMPT"
	/usr/bin/dialog --clear --timeout 20 --title "$TITLE" --insecure --stdout --passwordbox "$PROMPT" 15 100 
}

function mount_parition() {
	cryptsetup -c "$CIPHER" create $MOUNT_POINT $PARTITION && mount -t ext3 -O noatime /dev/mapper/$MOUNT_POINT /$MOUNT_POINT 
}

function stop() {
        umount -l /$MOUNT_POINT	
	cryptsetup remove $MOUNT_POINT
}

function start() {
	for ATTEMPT in " " "2nd Attempt" "Last Chance!"
        do
		stop >/dev/null 2>&1
		if get_password | mount_parition >/dev/null 2>&1
		then
			return 0
		else
			stop >/dev/null 2>&1
		fi
	done
	return 3
}

case "$1" in
  start|""|restart|reload|force-reload)

	# if we're in a redhat GUI boot make sure we switch to text 
	# so the user can see that a password entry is required
	[ -x /usr/bin/rhgb-client ] && /usr/bin/rhgb-client --details=yes

	if start
	then
		echo_success
	else
		echo_failure
   	fi	
        ;;

  stop)
	if stop
	then
		echo_success
	else
		echo_failure
   	fi	
        ;;
  *)
        echo "Usage: $0 [start|stop]" >&2
        exit 3
        ;;
esac
exit $RETVAL