Fix cryptsetup --pbkdf-memory failures

A recent patch[1] added --pbkdf-memory to the cryptsetup command line
to limit the memory cryptsetup is using. However, some distros use
an older version of cryptsetup that does not need this setting.
This patch adds logic to detect this and run the commands without
--pbkdf-memory.

[1] https://review.opendev.org/663784

Change-Id: I9e0debcbfe6ceeff0012c827d70d80d938b5a2fb
Story: 2006066
Task: 34782

elements/certs-ramfs/element-deps

@@ -1,2 +1,3 @@
 dib-init-system
 package-installs
+install-static

elements/certs-ramfs/init-scripts/systemd/certs-ramfs.service

@@ -4,7 +4,7 @@ After=cloud-config.target
 
 [Service]
 Type=oneshot
-ExecStart=/bin/sh -c 'modprobe brd; passphrase=$$(head /dev/urandom | tr -dc "a-zA-Z0-9" | fold -w 32 | head -n 1); certs_path=$$(awk "/base_cert_dir / {printf \\$$3}" /etc/octavia/amphora-agent.conf); mkdir -p "$${certs_path}"; echo -n "$${passphrase}" | cryptsetup --pbkdf-memory=262144 luksFormat /dev/ram0 -; echo -n "$${passphrase}" | cryptsetup --pbkdf-memory=262144 luksOpen /dev/ram0 certfs-ramfs -; mkfs.ext2 /dev/mapper/certfs-ramfs; mount /dev/mapper/certfs-ramfs "$${certs_path}"'
+ExecStart=/usr/local/bin/certfs-ramfs
 ExecStop=/bin/sh -c 'certs_path=$$(awk "/base_cert_dir / {printf \\$$3}" /etc/octavia/amphora-agent.conf); umount "$${certs_path}"; cryptsetup luksClose /dev/mapper/certfs-ramfs;'
 RemainAfterExit=yes
 TimeoutSec=0

elements/certs-ramfs/init-scripts/sysv/certs-ramfs

@@ -17,14 +17,7 @@ NAME=certs-ramfs
 case $1 in
  start)
   log_daemon_msg "Starting the process" "$NAME"
-  modprobe brd
+  /usr/local/bin/certfs-ramfs
-  passphrase=$(head /dev/urandom | tr -dc "a-zA-Z0-9" | fold -w 32 | head -n 1)
-  certs_path=$(awk "/base_cert_dir / {printf \$3}" /etc/octavia/amphora-agent.conf)
-  mkdir -p "${certs_path}"
-  echo -n "${passphrase}" | cryptsetup --pbkdf-memory=262144 luksFormat /dev/ram0 -
-  echo -n "${passphrase}" | cryptsetup --pbkdf-memory=262144 luksOpen /dev/ram0 certfs-ramfs -
-  mkfs.ext2 /dev/mapper/certfs-ramfs
-  mount /dev/mapper/certfs-ramfs "${certs_path}"
   log_end_msg 0
   ;;
  stop)

elements/certs-ramfs/init-scripts/upstart/certs-ramfs.conf

@@ -4,14 +4,7 @@ start on started cloud-config
 stop on runlevel [!2345]
 
 pre-start script
-    modprobe brd
+    /usr/local/bin/certfs-ramfs
-    passphrase=$(head /dev/urandom | tr -dc "a-zA-Z0-9" | fold -w 32 | head -n 1)
-    certs_path=$(awk "/base_cert_dir / {printf \$3}" /etc/octavia/amphora-agent.conf)
-    mkdir -p "${certs_path}"
-    echo -n "${passphrase}" | cryptsetup --pbkdf-memory=262144 luksFormat /dev/ram0 -
-    echo -n "${passphrase}" | cryptsetup --pbkdf-memory=262144 luksOpen /dev/ram0 certfs-ramfs -
-    mkfs.ext2 /dev/mapper/certfs-ramfs
-    mount /dev/mapper/certfs-ramfs "${certs_path}"
 end script
 
 post-stop script

elements/certs-ramfs/static/usr/local/bin/certfs-ramfs

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+modprobe brd
+passphrase=$(head /dev/urandom | tr -dc "a-zA-Z0-9" | fold -w 32 | head -n 1)
+certs_path=$(awk "/base_cert_dir / {printf \$3}" /etc/octavia/amphora-agent.conf)
+mkdir -p "${certs_path}"
+
+echo -n "${passphrase}" | cryptsetup --pbkdf-memory=262144 luksFormat /dev/ram0 -
+# Some distrobutions have an old cryptsetup, try without --pbkdf-memory
+if [ $? -eq 0 ]
+then
+  echo -n "${passphrase}" | cryptsetup --pbkdf-memory=262144 luksOpen /dev/ram0 certfs-ramfs -
+else
+  echo -n "${passphrase}" | cryptsetup luksFormat /dev/ram0 -
+  echo -n "${passphrase}" | cryptsetup luksOpen /dev/ram0 certfs-ramfs -
+fi
+
+mkfs.ext2 /dev/mapper/certfs-ramfs
+mount /dev/mapper/certfs-ramfs "${certs_path}"