cleanup of the main script

improved binary check, made resize optional
and set aside old install command (was already unused)
This commit is contained in:
Jaromil 2013-05-25 15:04:16 +02:00
parent 5f5fb06d43
commit 37792ffdc5
2 changed files with 136 additions and 123 deletions

View File

@ -0,0 +1,90 @@
# {{{ - Install
# install mime-types, bells and whistles for the desktop
# see http://developers.sun.com/solaris/articles/integrating_gnome.html
# and freedesktop specs
install_tomb() {
# TODO: distro package deps (for binary)
# debian: zsh, cryptsetup, sudo
_message "updating mimetypes..."
cat <<EOF > /tmp/dyne-tomb.xml
<?xml version="1.0"?>
<mime-info xmlns='http://www.freedesktop.org/standards/shared-mime-info'>
<mime-type type="application/x-tomb-volume">
<comment>Tomb crypto volume</comment>
<glob pattern="*.tomb"/>
</mime-type>
<mime-type type="application/x-tomb-key">
<comment>Tomb crypto key</comment>
<glob pattern="*.tomb.key"/>
</mime-type>
</mime-info>
EOF
xdg-mime install /tmp/dyne-tomb.xml
xdg-icon-resource install --context mimetypes --size 32 monmort.xpm monmort
xdg-icon-resource install --size 32 monmort.xpm dyne-monmort
rm /tmp/dyne-tomb.xml
_message "updating desktop..."
cat <<EOF > /usr/share/applications/tomb.desktop
[Desktop Entry]
Version=1.0
Type=Application
Name=Tomb crypto undertaker
GenericName=Crypto undertaker
Comment=Keep your bones safe
Exec="${TOMBOPENEXEC}" %U
TryExec=tomb-open
Icon=monmort.xpm
Terminal=true
Categories=Utility;Security;Archiving;Filesystem;
MimeType=application/x-tomb-volume;
X-AppInstall-Package=tomb
EOF
update-desktop-database
_message "updating menus..."
cat <<EOF > /etc/menu/tomb
?package(tomb):command="tomb" icon="/usr/share/pixmaps/monmort.xpm" needs="text" \
section="Applications/Accessories" title="Tomb" hints="Crypto" \
hotkey="Tomb"
EOF
update-menus
_message "updating mime info..."
cat <<EOF > /usr/share/mime-info/tomb.keys
# actions for encrypted tomb storage
application/x-tomb-volume:
open="${TOMBOPENEXEC}" %f
view=tomb-open %f
icon-filename=monmort.xpm
short_list_application_ids_for_novice_user_level=tomb
EOF
cat <<EOF > /usr/share/mime-info/tomb.mime
# mime type for encrypted tomb storage
application/x-tomb-volume
ext: tomb
application/x-tomb-key
ext: tomb.key
EOF
cat <<EOF > /usr/lib/mime/packages/tomb
application/x-tomb-volume; tomb-open '%s'; priority=8
EOF
update-mime
_message "updating application entry..."
cat <<EOF > /usr/share/application-registry/tomb.applications
tomb
command=tomb-open
name=Tomb - Crypto Undertaker
can_open_multiple_files=false
expects_uris=false
requires_terminal=true
mime-types=application/x-tomb-volume,application/x-tomb-key
EOF
_message "Tomb is now installed."
}
# }}}

169
tomb
View File

@ -31,6 +31,7 @@ typeset -a OLDARGS
for arg in ${argv}; do OLDARGS+=($arg); done
STEGHIDE=1
MKTEMP=1
RESIZER=1
MOUNTOPTS="rw,noatime,nodev"
typeset -A global_opts
@ -169,33 +170,29 @@ progress() {
check_bin() {
# check for required programs
for req in pinentry sudo gpg; do
which $req >/dev/null || die "Cannot find $req. Please install it." 1
for req in cryptsetup pinentry sudo gpg; do
command -v $req >/dev/null || die "Cannot find $req. It's a requirement to use Tomb, please install it." 1
done
export PATH=/sbin:/usr/sbin:$PATH
which cryptsetup > /dev/null && CRYPTSETUP=cryptsetup || die "Cryptsetup not found in $PATH." 1
# which dd command to use
which dcfldd > /dev/null && DD=dcfldd || DD=dd
command -v dcfldd > /dev/null && DD=dcfldd || DD=dd
# which wipe command to use
which wipe > /dev/null && WIPE="wipe -f -s" || WIPE="rm -f"
command -v wipe > /dev/null && WIPE="wipe -f -s" || WIPE="rm -f"
# check for filesystem creation progs
which mkfs.ext4 > /dev/null && \
command -v mkfs.ext4 > /dev/null && \
MKFS="mkfs.ext4 -q -F -j -L" || \
MKFS="mkfs.ext3 -q -F -j -L"
# check for mktemp
which mktemp > /dev/null || MKTEMP=0
command -v mktemp > /dev/null || MKTEMP=0
# check for steghide
which steghide > /dev/null || STEGHIDE=0
# resize suite check bin!
which e2fsck > /dev/null || die "Cannot find e2fsck. Please install it." 1
which resize2fs > /dev/null || die "Cannot find resize2fs. Please install it." 1
command -v steghide > /dev/null || STEGHIDE=0
# check for resize
command -v e2fsck resize2fs > /dev/null || RESIZER=0
if which tomb-kdf-pbkdf2 &> /dev/null; then
KDF_PBKDF2="tomb-kdf-pbkdf2"
@ -356,6 +353,10 @@ EOF
sudo "${TOMBEXEC}" -U ${UID} -G ${GID} -T ${TTY} "${(@)OLDARGS}"
exit $?
fi # are we root already
# make sure necessary kernel modules are loaded
modprobe dm_crypt
return 0
}
# }}}
@ -393,8 +394,12 @@ Commands:
slam slam a TOMB killing all programs using it
passwd change the password of a KEY
resize resize a TOMB to a new --size (can only grow)
EOF
if [ "$RESIZER" = 1 ]; then
cat <<EOF
resize resize a TOMB to a new --size (can only grow)
EOF
fi
if [ "$STEGHIDE" = 1 ]; then
cat <<EOF
bury hide a KEY inside a JPEG image
@ -680,7 +685,7 @@ forge_key() {
_message "Commanded to forge key $1"
if ! [ $1 ]; then
_warning "no key name specified for creation"
_warning "no key name specified for creation"
return 1
fi
@ -759,7 +764,9 @@ forge_key() {
ls -lh ${tombkey}
}
# dig a tomb
# Dig a tomb, means that it will create an empty file to be formatted
# as a loopback filesystem. Initially the file is filled with random data
# taken from /dev/urandom which improves the tomb's overall security
dig_tomb() {
_message "Commanded to dig tomb $1"
@ -1111,8 +1118,10 @@ gen_key() {
;;
esac
echo -n $header
gpg --openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \
-o - -c -a ${lukskey} <<< "${tombpass}"
print "${tombpass}" \
| gpg --openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \
-o - -c -a ${lukskey}
unset tombpass
}
@ -1531,7 +1540,7 @@ umount_tomb() {
return 0
}
# }}}
# }}}
# {{{ - Change Password
# $1 is the tomb key path
@ -1686,18 +1695,18 @@ resize_tomb() {
_message "Password is required for key ${keyname}"
for c in 1 2 3; do
if [ $c = 1 ]; then
tombpass=`exec_as_user ${TOMBEXEC} askpass ${keyname}`
else
tombpass=`exec_as_user ${TOMBEXEC} askpass "$keyname (retry $c)"`
fi
if [ $c = 1 ]; then
tombpass=`exec_as_user ${TOMBEXEC} askpass ${keyname}`
else
tombpass=`exec_as_user ${TOMBEXEC} askpass "$keyname (retry $c)"`
fi
get_lukskey "${tombpass}" ${tombkey} | \
cryptsetup --key-file - luksOpen ${nstloop} ${mapper}
unset tombpass
if [ -r /dev/mapper/${mapper} ]; then
break; # password was correct
if [ -r /dev/mapper/${mapper} ]; then
break; # password was correct
fi
done
@ -1871,8 +1880,8 @@ list_tombs() {
for h in ${mounted_hooks}; do
print -n "$fg_no_bold[green]$tombname"
print -n "$fg_no_bold[white] hooks "
print -n "$fg_bold[white]`basename ${h[(ws:;:)1]}`"
print -n "$fg_no_bold[white] on "
# print -n "$fg_bold[white]`basename ${h[(ws:;:)1]}`"
# print -n "$fg_no_bold[white] on "
print "$fg_bold[white]${h[(ws:;:)2]}$fg_no_bold[white]"
done
done
@ -1931,98 +1940,7 @@ launch_status() {
return 0
}
# }}}
# {{{ - Install GUI
# install mime-types, bells and whistles for the desktop
# see http://developers.sun.com/solaris/articles/integrating_gnome.html
# and freedesktop specs
install_tomb() {
# TODO: distro package deps (for binary)
# debian: zsh, cryptsetup, sudo
_message "updating mimetypes..."
cat <<EOF > /tmp/dyne-tomb.xml
<?xml version="1.0"?>
<mime-info xmlns='http://www.freedesktop.org/standards/shared-mime-info'>
<mime-type type="application/x-tomb-volume">
<comment>Tomb encrypted volume</comment>
<glob pattern="*.tomb"/>
</mime-type>
<mime-type type="application/x-tomb-key">
<comment>Tomb crypto key</comment>
<glob pattern="*.tomb.key"/>
</mime-type>
</mime-info>
EOF
xdg-mime install /tmp/dyne-tomb.xml
xdg-icon-resource install --context mimetypes --size 32 monmort.xpm monmort
xdg-icon-resource install --size 32 monmort.xpm dyne-monmort
rm /tmp/dyne-tomb.xml
_message "updating desktop..."
cat <<EOF > /usr/share/applications/tomb.desktop
[Desktop Entry]
Version=1.0
Type=Application
Name=Tomb crypto undertaker
GenericName=Crypto undertaker
Comment=Keep your bones safe
Exec="${TOMBOPENEXEC}" %U
TryExec=tomb-open
Icon=monmort.xpm
Terminal=true
Categories=Utility;Security;Archiving;Filesystem;
MimeType=application/x-tomb-volume;
X-AppInstall-Package=tomb
EOF
update-desktop-database
_message "updating menus..."
cat <<EOF > /etc/menu/tomb
?package(tomb):command="tomb" icon="/usr/share/pixmaps/monmort.xpm" needs="text" \
section="Applications/Accessories" title="Tomb" hints="Crypto" \
hotkey="Tomb"
EOF
update-menus
_message "updating mime info..."
cat <<EOF > /usr/share/mime-info/tomb.keys
# actions for encrypted tomb storage
application/x-tomb-volume:
open="${TOMBOPENEXEC}" %f
view=tomb-open %f
icon-filename=monmort.xpm
short_list_application_ids_for_novice_user_level=tomb
EOF
cat <<EOF > /usr/share/mime-info/tomb.mime
# mime type for encrypted tomb storage
application/x-tomb-volume
ext: tomb
application/x-tomb-key
ext: tomb.key
EOF
cat <<EOF > /usr/lib/mime/packages/tomb
application/x-tomb-volume; tomb-open '%s'; priority=8
EOF
update-mime
_message "updating application entry..."
cat <<EOF > /usr/share/application-registry/tomb.applications
tomb
command=tomb-open
name=Tomb - Crypto Undertaker
can_open_multiple_files=false
expects_uris=false
requires_terminal=true
mime-types=application/x-tomb-volume,application/x-tomb-key
EOF
_message "Tomb is now installed."
}
# }}}
# }}}
# {{{ MAIN COMMAND
main() {
@ -2230,9 +2148,14 @@ main() {
decode_key $PARAM[1] $PARAM[2]
;;
resize)
check_priv
resize_tomb $PARAM[1]
;;
if [ "$RESIZER" = 0 ]; then
_warning "resize2fs not installed. Cannot resize your tomb."
return 1
fi
check_priv
resize_tomb $PARAM[1]
;;
# internal commands useful to developers
'source') return 0 ;;
install) check_priv ; install_tomb ;;