#!/bin/sh

. /lib/partman/lib/base.sh

# 1. Check if active encrypted devices exist
crypto=no
for dev in $DEVICES/*; do
	[ -d "$dev" ] || continue
	cd $dev
	if [ -f crypt_realdev ]; then
		crypto=yes
		break
	fi
done

if [ $crypto = no ]; then
	exit 0
fi

# 2. Check if unencrypted swap has been configured
for dev in $DEVICES/*; do
	[ -d "$dev" ] || continue
	cd $dev

	# Ignore swap on crypto
	[ -f crypt_realdev ] && continue

	# Ignore e.g. swap on lvm on crypto
	device=$(cat $dev/device)
	if $(echo $device | grep -q "^/dev/mapper/"); then
		found=1
		for majmin in $(dmsetup deps $device | cut -d ":" -f2 |\
				tr -d " (" | tr ")" "\n"); do
			maj=$(echo $majmin | sed 's/,.*//')
			min=$(echo $majmin | sed 's/.*,//')
			status=$(dmsetup status -j $maj -m $min 2> /dev/null |\
				cut -d' ' -f3)
			if [ $? -ne 0 ] || [ $status != "crypt" ]; then
				found=0
			fi
		done
		[ $found ] && continue
	fi

	partitions=
	open_dialog PARTITIONS
	while { read_line num id size type fs path name; [ "$id" ]; }; do
		[ "$fs" != free ] || continue
		partitions="$partitions $id"
	done
	close_dialog
	
	for id in $partitions; do
		[ -f $id/method ] || continue
		method=$(cat $id/method)
		if [ "$method" = swap ]; then
			# Unsafe swap! Abort commit
			db_fset partman-crypto/unsafe_swap seen false
			db_input critical partman-crypto/unsafe_swap
			db_go || true
			exit 1
		fi
	done
done
