small fixes to gpg operation

also removed modprobes
This commit is contained in:
Jaromil 2011-02-22 18:30:42 +01:00
parent da6d263288
commit 3a90805127

View File

@ -308,9 +308,6 @@ create_tomb() {
exit 1 exit 1
fi fi
modprobe dm-crypt
modprobe aes-i586
nstloop=`losetup -f` # get the number for next loopback device nstloop=`losetup -f` # get the number for next loopback device
losetup -f ${tombdir}/${tombfile} # allocates the next loopback for our file losetup -f ${tombdir}/${tombfile} # allocates the next loopback for our file
@ -363,17 +360,18 @@ create_tomb() {
exit 1 exit 1
fi fi
echo "${tombpass}" | gpg \ echo "${tombpass}" | gpg \
--openpgp --batch --no-options --no-tty --passphrase-fd 0 \ --openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \
-o "${tombdir}/${tombname}.tomb.key" -c -a ${keytmp}/tomb.tmp -o "${tombdir}/${tombname}.tomb.key" -c -a ${keytmp}/tomb.tmp
if [ $? = 2 ]; then # if [ $? != 0 ]; then
error "setting password failed: gnupg returns 2" # error "setting password failed: gnupg returns 2"
umount ${keytmp} # umount ${keytmp}
losetup -d $nstloop # losetup -d $nstloop
rm -r $keytmp # rm -r $keytmp
exit 1 # exit 1
fi # fi
act "formatting Luks mapped device" act "formatting Luks mapped device"
# we use aes-cbc-essiv with sha256 # we use aes-cbc-essiv with sha256
@ -455,9 +453,6 @@ mount_tomb() {
return 1 return 1
fi fi
modprobe dm-crypt
modprobe aes-i586
# save date of mount in minutes since 1970 # save date of mount in minutes since 1970
mapdate="`date +%s`" mapdate="`date +%s`"
mapdate="`echo ${mapdate}/60 | bc -l | cut -d. -f1`" mapdate="`echo ${mapdate}/60 | bc -l | cut -d. -f1`"
@ -465,6 +460,7 @@ mount_tomb() {
mapper="tomb.${tombname}.${mapdate}.`basename $nstloop`" mapper="tomb.${tombname}.${mapdate}.`basename $nstloop`"
keyname=`basename $tombkey | cut -d. -f1` keyname=`basename $tombkey | cut -d. -f1`
notice "Password is required for key ${keyname}" notice "Password is required for key ${keyname}"
for c in 1 2 3; do for c in 1 2 3; do
@ -475,7 +471,7 @@ mount_tomb() {
fi fi
echo "${tombpass}" \ echo "${tombpass}" \
| gpg --batch --passphrase-fd 0 --no-tty --no-options \ | gpg --batch --passphrase-fd 0 --no-tty --no-options \
-d "${tombkey}" \ -d "${tombkey}" 2> /dev/null \
| cryptsetup --key-file - luksOpen ${nstloop} ${mapper} | cryptsetup --key-file - luksOpen ${nstloop} ${mapper}
unset tombpass unset tombpass