# Authors: Michael Gebetsroither <gebi@grml.org>
# Bug-Reports: see http://grml.org/bugs/
# License: This file is licensed under the GPL v2.
-# Latest change: Don Jul 26 19:57:28 CEST 2007 [mika]
################################################################################
DM_PREFIX_="grml-crypt_"
FORCE_='false'
FSCK_='false'
+FSCK_EXTRA_OPTS_=""
ENTROPY_SOURCE_='/dev/urandom'
OPTIMIZED_MODE_SET_='false'
OPTIMIZING_LEVEL_=0
-o optimised initialisation mode (should be as secure as the default but faster)
-y verifies the passphrase by asking for it twice
-f force file overwriting in format mode and/or disable confirmation dialog
- -F only for action start: run fsck before mounting the filesystem. Use fsck's -f option if given twice.
+ -F only for action start: run fsck before mounting the filesystem.
+ Use fsck's -f option if given twice.
+ -X Read next argument as a list of options to pass to fsck:
+ 'grml-crypt -FF -X "-y -T" start /dev/ice' will run fsck with options -y and -T.
-m additional arguments to mount
-v verbose (show what is going on, v++)
-h this help text
CRYPTSETUP FORMAT OPTIONS:
-S cipher size, could be 128, 192 or 256 (default=$CIPHER_SIZE_)
-C cipher, should be aes-plain for pre-2.6.10 (default=$CIPHER_)
- -I iteration time spend with PBKDF2 password processing in seconds (default=$ITERATION_TIME_)
- -A additional arguments for cryptsetup (only supportet by format)
+ -I iteration time spent with PBKDF2 password processing in seconds (default=$ITERATION_TIME_)
+ -A additional arguments for cryptsetup (only supported by format)
ACTIONS:
format <device/file> [mountpoint]
warn "could not create filesystem on $DM_PATH_" 1
return 1
else
- echo "Successully created $FSTYPE_ on encrypted $TARGET_"
+ echo "Successfully created $FSTYPE_ on encrypted $TARGET_"
return 0
fi
}
ret_=0
if [[ "$MOUNT_POINT_" == "" ]]; then
- MOUNT_POINT_="/mnt/$DM_NAME_"
+ MOUNT_POINT_="/media/$DM_NAME_"
else
# error out if mountpoint was given but doesn't exist
if [ ! -d "$MOUNT_POINT_" ]; then
execute "$CRYPTSETUP_ $cargs_ luksOpen $TARGET_ $DM_NAME_" warn || execute "losetup -d $TARGET_" || \
die "could not luksOpen $TARGET_"
if [[ "$FSCK_" == "true" ]] ; then
- execute "fsck -C $DM_PATH_" || die "fsck failed on $DM_PATH_"
+ execute "fsck $FSCK_EXTRA_OPTS_ -C $DM_PATH_" || die "fsck failed on $DM_PATH_"
elif [[ "$FSCK_" == "trueforce" ]] ; then
- execute "fsck -f -C $DM_PATH_" || die "fsck failed on $DM_PATH_"
+ execute "fsck -f $FSCK_EXTRA_OPTS_ -C $DM_PATH_" || die "fsck failed on $DM_PATH_"
fi
margs_=""
$READONLY_SET_ && margs_='-r'
if [ ! -d "$MOUNT_POINT_" ]; then
execute "mkdir -p '$MOUNT_POINT_'" || die "failed to create mountpoint $MOUNT_POINT_"
fi
+ udevadm settle
execute "mount $margs_ $ADDITIONAL_MOUNT_ARGS_ $DM_PATH_ $MOUNT_POINT_" die
}
dprint "device_=\"$device_\""
execute "umount $dm_path_" die "could not unmount $device_"
- if [[ "$MOUNT_POINT_" == "/mnt/$dm_name_" ]]; then
+ if [[ "$MOUNT_POINT_" == "/media/$dm_name_" ]]; then
rmdir "$MOUNT_POINT_"
fi
execute "$CRYPTSETUP_ luksClose $dm_name_" die "could not close $dm_path_"
die "could not delete loop device $device_" || \
execute "losetup -d $device_ &>/dev/null" eprint "could not delete loop device $device_, \
this device possibly is not a loop device => maybe bogus error"
- notice "$mp_ successfully unmountet/closed/deleted"
+ notice "$mp_ successfully unmounted/closed/deleted"
}
function yesDialog
die "could not initialise $TARGET_ with /dev/zero"
else
if [[ $ENTROPY_SOURCE_ == '/dev/zero' ]]; then
- echo "INSERCURE mode"
+ echo "INSECURE mode"
else
echo "SECURE mode (taking /dev/urandom as source, this could take some time)"
fi
formatDevice "$init_"
ret_=$?
else
- $FORCE_ || (yesDialog "Are you shure you want to overwrite $TARGET_ ?" || die 'You are not sure')
+ $FORCE_ || (yesDialog "Are you sure you want to overwrite ${TARGET_}?" || die 'You are not sure')
notice 'Operating on a device'
echo -n 'Initialising device with '
if [[ $OPTIMIZED_MODE_SET_ == 'true' ]]; then
execute "mount $margs_ $ADDITIONAL_MOUNT_ARGS_ $DM_PATH_ $MOUNT_POINT_" die
else
if [[ $MOUNT_POINT_ != "" ]]; then
- $mount_point_exists_ || warn "mountpoint $MOUNT_POINT_ does not exist, not mounting. please use \"grml-crypt start $ORIG_TARGET_ <mountpoint>\" to start the device"
+ $mount_point_exists_ || warn "mountpoint $MOUNT_POINT_ does not exist, not mounting. Please use \"grml-crypt start $ORIG_TARGET_ <mountpoint>\" to start the device"
fi
execute "$CRYPTSETUP_ luksClose $DM_NAME_" warn
$IS_IMAGE_ && execute "losetup -d $TARGET_" warn
### __MAIN
###
-while getopts "s:t:rzoyfFm:hvS:C:I:A:" opt; do
+while getopts "s:t:rzoyfFm:hvS:C:I:A:X:" opt; do
case "$opt" in
s) SIZE_="$OPTARG"; SIZE_SET_='true' ;;
t) FSTYPE_="$OPTARG" ;;
FSCK_='true'
fi
;;
+ X) FSCK_EXTRA_OPTS_="$OPTARG" ;;
m) ADDITIONAL_MOUNT_ARGS_="$OPTARG" ;;
h) printUsage; exit ;;
v) let verbose_=$verbose_+1 ;;
fi
if (( $OPTIMIZING_LEVEL_ > 1 )); then
printUsage
- die "please choose ONE initialisation methode"
+ die "please choose ONE initialisation method"
fi
TARGET_="$2"
-MKFS_="/sbin/mkfs.$FSTYPE_"
-if [ ! -x "$MKFS_" ]; then
+MKFS_="`which mkfs.$FSTYPE_`"
+if [ $? != "0" ]; then
die "invalid filesystem type \"$FSTYPE_\"" 1
fi
projects / grml-crypt.git / blobdiff