From 659a7c952c6f2eec3ec730a0f1d8a5287383a9e7 Mon Sep 17 00:00:00 2001
From: Steffen Vogel <post@steffenvogel.de>
Date: Sat, 24 Aug 2013 17:34:12 +0200
Subject: [PATCH] replaced old cryptsetup script by new mount helper

---
 bash/mount.luks.sh | 67 ++++++++++++++++++++++++++++++++++++++++++++++
 bash/mountcrypt.sh |  2 --
 2 files changed, 67 insertions(+), 2 deletions(-)
 create mode 100755 bash/mount.luks.sh
 delete mode 100755 bash/mountcrypt.sh

diff --git a/bash/mount.luks.sh b/bash/mount.luks.sh
new file mode 100755
index 0000000..ca2fd75
--- /dev/null
+++ b/bash/mount.luks.sh
@@ -0,0 +1,67 @@
+#!/bin/bash
+##
+ # [u]mount(8) helper for luks encrypted disks
+ #
+ # Both mount and umount offer the ability to handover the mounting
+ # process to a helper script. This is usefull when mounting/unmounting
+ # luks encrypted disks. This helper combines the following steps for mounting
+ # a disk:
+ #
+ #  1. cryptsetup luksOpen DEV UUID
+ #  2. mount -o helper=luks /dev/mapper/UUID DIR
+ #
+ # respectivly for unmounting
+ #
+ #  1. umount -i DEV
+ #  2. cryptsetup luksClose UUID
+ #
+ #
+ # USAGE:
+ #     mount -t luks /dev/sda1 /home
+ #
+ # or via /etc/fstab:
+ #     /dev/sda1  /home  luks  defaults  0  0
+ # followed by:
+ #     mount /home
+ #
+ # @copyright   2013 Steffen Vogel
+ # @license     http://www.gnu.org/licenses/gpl.txt GNU Public License
+ # @author      Steffen Vogel <post@steffenvogel.de>
+ # @link        http://www.steffenvogel.de
+ ##
+
+if [ "$(basename $0)" == "mount.luks" ]; then
+	DEV=$1
+	DIR=$2
+
+	shift 2
+	OPTS=$@
+
+        UUID=$(cryptsetup luksUUID $DEV)
+        if [ $? -ne 0 ]; then
+        	echo -e "$DEV is not a LUKS device"
+		exit 1
+	fi
+
+	cryptsetup luksOpen $DEV $UUID
+	mount $OPTS -o helper=luks /dev/mapper/$UUID $DIR
+
+	# NOTE: The mount option '-o helper=luks' is essentially required
+	# because the encrypted filesystem is not of type "luks".
+	# This option tells umount to use this helper script,
+	# instead of using the normal unmounting procedure and
+	# leaving the dm-crypt volume unclosed and therefore unproteced!
+
+elif [ "$(basename $0)" == "umount.luks" ]; then
+	DEV=$(mount | grep $1 | cut -f 1 -d " ")
+	UUID=$(basename $DEV)
+
+	shift
+	OPTS=$@
+
+        umount -i $OPTS $DEV
+        # NOTE: The umount option '-i' is essentially required. It skips this
+        # helper script which would cause otherwise an endless self recursion
+
+	cryptsetup luksClose $UUID
+fi
diff --git a/bash/mountcrypt.sh b/bash/mountcrypt.sh
deleted file mode 100755
index 600477f..0000000
--- a/bash/mountcrypt.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/bash
-gpg -d /media/STEFFEN-KEY/.secret/luks.key.enc | sudo pmount -p - $1 $2