chown of the tomb is done immediately

This commit is contained in:
boyska 2012-09-01 17:17:47 +02:00 committed by Jaromil
parent 419ad9a2bc
commit 25512c5864

View File

@ -691,6 +691,10 @@ create_tomb() {
tombsize_4k=`expr $tombsize \* 1024 / 4` tombsize_4k=`expr $tombsize \* 1024 / 4`
_message "Generating ${tombfile} of ${tombsize}Mb (${tombsize_4k} blocks of 4Kb)" _message "Generating ${tombfile} of ${tombsize}Mb (${tombsize_4k} blocks of 4Kb)"
# we will first touch the file and set permissions: this way, even if interrupted, permissions are right
touch ${tombdir}/${tombfile}
chown ${_uid}:${_gid} "${tombdir}/${tombfile}"
chmod 0600 "${tombdir}/${tombfile}"
$DD if=/dev/urandom bs=4k count=${tombsize_4k} of=${tombdir}/${tombfile} $DD if=/dev/urandom bs=4k count=${tombsize_4k} of=${tombdir}/${tombfile}
if [ $? = 0 -a -e ${tombdir}/${tombfile} ]; then if [ $? = 0 -a -e ${tombdir}/${tombfile} ]; then
@ -794,13 +798,14 @@ create_tomb() {
header="" header=""
;; ;;
esac esac
touch $tombkey
chown ${_uid}:${_gid} ${tombkey}
chmod 0600 ${tombkey}
( echo -n $header; gpg \ ( echo -n $header; gpg \
--openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \ --openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \
-o - -c -a ${keytmp}/tomb.tmp <<< ${tombpass} ) > $tombkey -o - -c -a ${keytmp}/tomb.tmp <<< ${tombpass} ) > $tombkey
unset tombpass unset tombpass
chown ${_uid}:${_gid} ${tombkey}
chmod 0600 ${tombkey}
# if [ $? != 0 ]; then # if [ $? != 0 ]; then
# _warning "setting password failed: gnupg returns 2" # _warning "setting password failed: gnupg returns 2"
@ -846,10 +851,6 @@ create_tomb() {
cryptsetup luksClose tomb.tmp cryptsetup luksClose tomb.tmp
losetup -d ${nstloop} losetup -d ${nstloop}
# set permissions on the tomb
chown ${_uid}:${_gid} "${tombdir}/${tombfile}"
chmod 0600 "${tombdir}/${tombfile}"
_message "done creating $tombname encrypted storage (using Luks dm-crypt ${create_cipher}:sha256)" _message "done creating $tombname encrypted storage (using Luks dm-crypt ${create_cipher}:sha256)"
_success "Your tomb is ready in ${tombdir}/${tombfile} and secured with key ${tombkey}" _success "Your tomb is ready in ${tombdir}/${tombfile} and secured with key ${tombkey}"