replaced old cryptsetup script by new mount helper
This commit is contained in:
parent
93ee9d5bd5
commit
659a7c952c
2 changed files with 67 additions and 2 deletions
67
bash/mount.luks.sh
Executable file
67
bash/mount.luks.sh
Executable file
|
|
@ -0,0 +1,67 @@
|
|||
#!/bin/bash
|
||||
##
|
||||
# [u]mount(8) helper for luks encrypted disks
|
||||
#
|
||||
# Both mount and umount offer the ability to handover the mounting
|
||||
# process to a helper script. This is usefull when mounting/unmounting
|
||||
# luks encrypted disks. This helper combines the following steps for mounting
|
||||
# a disk:
|
||||
#
|
||||
# 1. cryptsetup luksOpen DEV UUID
|
||||
# 2. mount -o helper=luks /dev/mapper/UUID DIR
|
||||
#
|
||||
# respectivly for unmounting
|
||||
#
|
||||
# 1. umount -i DEV
|
||||
# 2. cryptsetup luksClose UUID
|
||||
#
|
||||
#
|
||||
# USAGE:
|
||||
# mount -t luks /dev/sda1 /home
|
||||
#
|
||||
# or via /etc/fstab:
|
||||
# /dev/sda1 /home luks defaults 0 0
|
||||
# followed by:
|
||||
# mount /home
|
||||
#
|
||||
# @copyright 2013 Steffen Vogel
|
||||
# @license http://www.gnu.org/licenses/gpl.txt GNU Public License
|
||||
# @author Steffen Vogel <post@steffenvogel.de>
|
||||
# @link http://www.steffenvogel.de
|
||||
##
|
||||
|
||||
if [ "$(basename $0)" == "mount.luks" ]; then
|
||||
DEV=$1
|
||||
DIR=$2
|
||||
|
||||
shift 2
|
||||
OPTS=$@
|
||||
|
||||
UUID=$(cryptsetup luksUUID $DEV)
|
||||
if [ $? -ne 0 ]; then
|
||||
echo -e "$DEV is not a LUKS device"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cryptsetup luksOpen $DEV $UUID
|
||||
mount $OPTS -o helper=luks /dev/mapper/$UUID $DIR
|
||||
|
||||
# NOTE: The mount option '-o helper=luks' is essentially required
|
||||
# because the encrypted filesystem is not of type "luks".
|
||||
# This option tells umount to use this helper script,
|
||||
# instead of using the normal unmounting procedure and
|
||||
# leaving the dm-crypt volume unclosed and therefore unproteced!
|
||||
|
||||
elif [ "$(basename $0)" == "umount.luks" ]; then
|
||||
DEV=$(mount | grep $1 | cut -f 1 -d " ")
|
||||
UUID=$(basename $DEV)
|
||||
|
||||
shift
|
||||
OPTS=$@
|
||||
|
||||
umount -i $OPTS $DEV
|
||||
# NOTE: The umount option '-i' is essentially required. It skips this
|
||||
# helper script which would cause otherwise an endless self recursion
|
||||
|
||||
cryptsetup luksClose $UUID
|
||||
fi
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
#!/bin/bash
|
||||
gpg -d /media/STEFFEN-KEY/.secret/luks.key.enc | sudo pmount -p - $1 $2
|
||||
Loading…
Add table
Reference in a new issue