Llewellyn
/
Tomb
mirror of https://github.com/Llewellynvdm/Tomb.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Directory reorganization 

This commit re-organizes all the source distribution contents to
present users with the simple script, while moving the rest in extras.
Also autoconf/automake scripts were removed, back to minimalism.

The rationale of this change is that Tomb really only consists of a
script and users with no extra needs should just be presented with
it with no need for anything else. Any other thing on top of the Tomb
script is an extra and can be even distributed separately or integrated
in distributions.
This commit is contained in:
Jaromil 2013-05-18 17:29:37 +02:00
parent f5ccff8027
commit 3eb93acc18
105 changed files with 0 additions and 1790 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

302
INSTALL
View File

@ -1,302 +0,0 @@
Installation Instructions
*************************
Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
2006, 2007, 2008, 2009 Free Software Foundation, Inc.
This file is free documentation; the Free Software Foundation gives
unlimited permission to copy, distribute and modify it.
Basic Installation
==================
Briefly, the shell commands `./configure; make; make install' should
configure, build, and install this package. The following
more-detailed instructions are generic; see the `README' file for
instructions specific to this package.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
those values to create a `Makefile' in each directory of the package.
It may also create one or more `.h' files containing system-dependent
definitions. Finally, it creates a shell script `config.status' that
you can run in the future to recreate the current configuration, and a
file `config.log' containing compiler output (useful mainly for
debugging `configure').
It can also use an optional file (typically called `config.cache'
and enabled with `--cache-file=config.cache' or simply `-C') that saves
the results of its tests to speed up reconfiguring. Caching is
disabled by default to prevent problems with accidental use of stale
cache files.
If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail
diffs or instructions to the address given in the `README' so they can
be considered for the next release. If you are using the cache, and at
some point `config.cache' contains results you don't want to keep, you
may remove or edit it.
The file `configure.ac' (or `configure.in') is used to create
`configure' by a program called `autoconf'. You need `configure.ac' if
you want to change it or regenerate `configure' using a newer version
of `autoconf'.
The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system.
Running `configure' might take a while. While running, it prints
some messages telling which features it is checking for.
2. Type `make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
the package.
4. Type `make install' to install the programs and any data files and
documentation.
5. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
also a `make maintainer-clean' target, but that is intended mainly
for the package's developers. If you use it, you may have to get
all sorts of other programs in order to regenerate files that came
with the distribution.
6. Often, you can also type `make uninstall' to remove the installed
files again.
Compilers and Options
=====================
Some systems require unusual options for compilation or linking that
the `configure' script does not know about. Run `./configure --help'
for details on some of the pertinent environment variables.
You can give `configure' initial values for configuration parameters
by setting variables in the command line or in the environment. Here
is an example:
./configure CC=c99 CFLAGS=-g LIBS=-lposix
*Note Defining Variables::, for more details.
Compiling For Multiple Architectures
====================================
You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their
own directory. To do this, you can use GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
source code in the directory that `configure' is in and in `..'.
With a non-GNU `make', it is safer to compile the package for one
architecture at a time in the source code directory. After you have
installed the package for one architecture, use `make distclean' before
reconfiguring for another architecture.
On MacOS X 10.5 and later systems, you can create libraries and
executables that work on multiple system types--known as "fat" or
"universal" binaries--by specifying multiple `-arch' options to the
compiler but only a single `-arch' option to the preprocessor. Like
this:
./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
CPP="gcc -E" CXXCPP="g++ -E"
This is not guaranteed to produce working output in all cases, you
may have to build one architecture at a time and combine the results
using the `lipo' tool if you have problems.
Installation Names
==================
By default, `make install' installs the package's commands under
`/usr/local/bin', include files under `/usr/local/include', etc. You
can specify an installation prefix other than `/usr/local' by giving
`configure' the option `--prefix=PREFIX'.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
pass the option `--exec-prefix=PREFIX' to `configure', the package uses
PREFIX as the prefix for installing programs and libraries.
Documentation and other data files still use the regular prefix.
In addition, if you use an unusual directory layout you can give
options like `--bindir=DIR' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
you can set and what kinds of files go in them.
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
Optional Features
=================
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
is something like `gnu-as' or `x' (for the X Window System). The
`README' should mention any `--enable-' and `--with-' options that the
package recognizes.
For packages that use the X Window System, `configure' can usually
find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
Particular systems
==================
On HP-UX, the default C compiler is not ANSI C compatible. If GNU
CC is not installed, it is recommended to use the following options in
order to use an ANSI C compiler:
./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
and if that doesn't work, install pre-built binaries of GCC for HP-UX.
On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
parse its `<wchar.h>' header file. The option `-nodtk' can be used as
a workaround. If GNU CC is not installed, it is therefore recommended
to try
./configure CC="cc"
and if that doesn't work, try
./configure CC="cc -nodtk"
On Solaris, don't put `/usr/ucb' early in your `PATH'. This
directory contains several dysfunctional programs; working variants of
these programs are available in `/usr/bin'. So, if you need `/usr/ucb'
in your `PATH', put it _after_ `/usr/bin'.
On Haiku, software installed for all users goes in `/boot/common',
not `/usr/local'. It is recommended to use the following options:
./configure --prefix=/boot/common
Specifying the System Type
==========================
There may be some features `configure' cannot figure out
automatically, but needs to determine by the type of machine the package
will run on. Usually, assuming the package is built to be run on the
_same_ architectures, `configure' can figure that out, but if it prints
a message saying it cannot guess the machine type, give it the
`--build=TYPE' option. TYPE can either be a short name for the system
type, such as `sun4', or a canonical name which has the form:
CPU-COMPANY-SYSTEM
where SYSTEM can have one of these forms:
OS
KERNEL-OS
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
need to know the machine type.
If you are _building_ compiler tools for cross-compiling, you should
use the option `--target=TYPE' to select the type of system they will
produce code for.
If you want to _use_ a cross compiler, that generates code for a
platform different from the build platform, you should specify the
"host" platform (i.e., that on which the generated programs will
eventually be run) with `--host=TYPE'.
Sharing Defaults
================
If you want to set default values for `configure' scripts to share,
you can create a site shell script called `config.site' that gives
default values for variables like `CC', `cache_file', and `prefix'.
`configure' looks for `PREFIX/share/config.site' if it exists, then
`PREFIX/etc/config.site' if it exists. Or, you can set the
`CONFIG_SITE' environment variable to the location of the site script.
A warning: not all `configure' scripts look for a site script.
Defining Variables
==================
Variables not defined in a site shell script can be set in the
environment passed to `configure'. However, some packages may run
configure again during the build, and the customized values of these
variables may be lost. In order to avoid this problem, you should set
them in the `configure' command line, using `VAR=value'. For example:
./configure CC=/usr/local2/bin/gcc
causes the specified `gcc' to be used as the C compiler (unless it is
overridden in the site shell script).
Unfortunately, this technique does not work for `CONFIG_SHELL' due to
an Autoconf bug. Until the bug is fixed you can use this workaround:
CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
`configure' Invocation
======================
`configure' recognizes the following options to control how it
operates.
`--help'
`-h'
Print a summary of all of the options to `configure', and exit.
`--help=short'
`--help=recursive'
Print a summary of the options unique to this package's
`configure', and exit. The `short' variant lists options used
only in the top level, while the `recursive' variant lists options
also present in any nested packages.
`--version'
`-V'
Print the version of Autoconf used to generate the `configure'
script, and exit.
`--cache-file=FILE'
Enable the cache: use and save the results of the tests in FILE,
traditionally `config.cache'. FILE defaults to `/dev/null' to
disable caching.
`--config-cache'
`-C'
Alias for `--cache-file=config.cache'.
`--quiet'
`--silent'
`-q'
Do not print messages saying which checks are being made. To
suppress all normal output, redirect it to `/dev/null' (any error
messages will still be shown).
`--srcdir=DIR'
Look for the package's source code in directory DIR. Usually
`configure' can determine that directory automatically.
`--prefix=DIR'
Use DIR as the installation prefix. *Note Installation Names::
for more details, including other options available for fine-tuning
the installation locations.
`--no-create'
`-n'
Run the configure checks, but stop before creating any output
files.
`configure' also accepts some other, not widely useful, options. Run
`configure --help' for more details.

1
Makefile.am
View File

@ -1 +0,0 @@
SUBDIRS = src src/kdf share doc

14
NEWS
View File

@ -1,14 +0,0 @@
Critical bugfix
The previous version of Tomb had a critical bug: passwords containing
odd characters where badly interpreted and split at spaces. This means
that if you password was I am 12!! perfectly 7^!@^#38123 secure' it
has been understood by tomb as simply I being split at the first
“odd” character. So even if you thought you have a long pass-phrase,
instead it might have happened that you were using a single character
one.
Now this bug has been fixed. However, it wont fix the password for
the tomb that you created and used so far: you need to change the
password using the new command 'tomb passwd'.

182
configure.ac
View File

@ -1,182 +0,0 @@
dnl ==============================================================
dnl Process this file with autoconf to produce a configure script.
dnl ==============================================================
AC_PREREQ([2.60])
AC_INIT([Tomb],[1.2],[jaromil@dyne.org],[Tomb])
AC_CONFIG_MACRO_DIR([m4])
AC_CANONICAL_HOST
dnl backwards compatibility for autoconf >= 2.64
dnl PACKAGE_URL should be the fifth argument of AC_INIT
m4_define([AC_PACKAGE_URL], [http://tomb.dyne.org])
dnl AC_DEFINE(PACKAGE_URL, "AC_PACKAGE_URL", [Package URL])
AC_SUBST(PACKAGE_URL, AC_PACKAGE_URL)
dnl ==============================================================
dnl Get the operating system and version number...
dnl ==============================================================
AC_MSG_CHECKING([for which platform we are setting up])
case "$host_os" in
*linux*)
AC_MSG_RESULT([Linux])
have_linux=yes
if test x$have_x86_64 = xyes; then
have_64bit=yes
fi
if test x$have_x86_32 = xyes; then
have_32bit=yes
fi
;;
*darwin*)
AC_MSG_RESULT([Darwin/OSX])
have_darwin=yes
;;
*freebsd*)
AC_MSG_RESULT([FreeBSD])
have_freebsd=yes
;;
*)
AC_MSG_RESULT([$host_os?!])
AC_MSG_ERROR([[
[!] Your system architecture is not supported by Tomb.
]], 0)
;;
esac
dnl ==============================================================
dnl Setup for automake
dnl ==============================================================
AM_INIT_AUTOMAKE([dist-bzip2 subdir-objects -Wno-portability])
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
AC_CONFIG_SRCDIR([src/tomb])
dnl Checks for reguired programs.
AC_PROG_CC
AC_PROG_INSTALL
dnl translation infrastructure
dnl waiting for translations..
dnl AM_GNU_GETTEXT
dnl AM_GNU_GETTEXT_VERSION(0.12)
dnl ---------------------------------------------------------------
dnl Checks for external programs.
dnl none of these will fail with error if missing since technically
dnl these are not *build* dependencies, but *runtime* dependencies.
dnl Mandatory
AC_CHECK_PROG(have_zsh,zsh,yes,no)
AC_CHECK_PROG(have_cryptsetup,cryptsetup,yes,no,[/sbin$PATH_SEPARATOR/usr/local/sbin$PATH_SEPARATOR$PATH])
AC_CHECK_PROG(have_pinentry,pinentry,yes,no)
AC_CHECK_PROG(have_sudo,sudo,yes,no)
dnl Optional
AC_CHECK_PROG(have_wipe,wipe,yes,no)
AC_CHECK_PROG(have_dcfldd,dcfldd,yes,no)
dnl ---------------------------------------------------------------
PKG_CHECK_MODULES(GTK2, [gtk+-2.0 >= 2.16], :,
AC_MSG_ERROR([*** Gtk+2 >=2.16 development files not found!]))
AC_ARG_WITH(gtk, "used for tomb-status[reccomended]", [], [with_gtk=check])
GTK_DETECTED=no
AS_IF([test "x$with_gtk" != xno],
[ PKG_CHECK_MODULES(GTK2, [gtk+-2.0 >= 2.16],
[GTK_DETECTED=yes],
[if test "x$with_gtk" != check; then
AC_MSG_ERROR([*** Gtk+2 >=2.16 development files not found!])
fi]
)
]
)
AM_CONDITIONAL([GTK], [test "x$GTK_DETECTED" = xyes])
AC_ARG_WITH(gcrypt, "used for kdf=pbkdf2 [reccomended]", [], [with_gcrypt=check])
GCRYPT_DETECTED=no
AS_IF([test "x$with_gcrypt" != xno],
[ AM_PATH_LIBGCRYPT([1.5.0],
[GCRYPT_DETECTED=yes],
[if test "x$with_gcrypt" != check; then
AC_MSG_ERROR([gcrypt development files not found])
fi]) ]
)
AM_CONDITIONAL([GCRYPT], [test "x$GCRYPT_DETECTED" = xyes])
AC_SUBST([GTK2_CFLAGS])
AC_SUBST([GTK2_LIBS])
PKG_CHECK_MODULES(NOTIFY, libnotify, :,
AC_MSG_ERROR([*** libnotify development files not found!]))
AC_SUBST([NOTIFY_CFLAGS])
AC_SUBST([NOTIFY_LIBS])
REALCFLAGS="$CFLAGS"
REALLIBS="$LIBS"
CFLAGS="$NOTIFY_CFLAGS $CFLAGS"
LIBS="$NOTIFY_LIBS $LIBS"
AC_CHECK_FUNCS([notify_notification_new_with_status_icon])
CFLAGS="$REALCFLAGS"
LIBS="$REALLIBS"
dnl compile with full warnings and debugging symbols
AC_ARG_ENABLE(debug,
AS_HELP_STRING([--enable-debug],[compile with debug symbols (no)]),
[enable_debug=$enableval],
[enable_debug=no])
AC_MSG_CHECKING([if compiling with debug symbols])
if test x$enable_debug = xyes; then
AC_MSG_RESULT([yes])
CFLAGS="$CFLAGS -Wall -g -ggdb"
else
AC_MSG_RESULT([no])
fi
AC_SUBST(CFLAGS)
PACKAGE_DATA_DIR='${prefix}/share/tomb'
AC_SUBST(PACKAGE_DATA_DIR)
# mime TODO see http://www.freedesktop.org/wiki/Specifications/AddingMIMETutor
XDG_DATA_DIR='${prefix}/share/mime/packages'
AC_SUBST(XDG_DATA_DIR)
dnl alphabetic order on dir/subdir, but Makefile sorts before everything
AC_CONFIG_FILES([
Makefile
src/Makefile
src/kdf/Makefile
doc/Makefile
share/Makefile
])
AC_OUTPUT
dnl function to print verbose configure options only if V=1 is passed to
dnl configure
AC_DEFUN([VRB],
AS_IF([test x"$V" == x1], INFO([$1])))
dnl autoconf < 2.63 compatibility
m4_ifndef([AS_VAR_APPEND],
AC_DEFUN([AS_VAR_APPEND], $1=$$1$2))
dnl convenience function so that INFO messages go to config.log and to stdout,
dnl useful when debugging user problems only config.log is needed
AC_DEFUN([INFO],
AS_ECHO(["$1"]) >&AS_MESSAGE_LOG_FD
AS_ECHO(["$1"]) >&AS_MESSAGE_FD)
dnl as above, but no newline at the end
AC_DEFUN([INFO_N],
AS_ECHO_N(["$1"]) >&AS_MESSAGE_LOG_FD
AS_ECHO_N(["$1"]) >&AS_MESSAGE_FD)

0
HACKING → doc/HACKING.txt
View File

0
KEY_SPECIFICATIONS.txt → doc/KEY_SPECIFICATIONS.txt
View File

0
TODO.org → doc/TODO.org
View File

263
doc/tomb-open.1
View File

@ -1,263 +0,0 @@
.TH tomb 1 "Sept 26, 2011" "tomb"
.SH NAME
Tomb \- the Crypto Undertaker
.SH SYNOPSIS
.B
.IP "tomb [options] command [arguments]"
.B
.IP "tomb-open [file]"
.B
.IP "tomb-status mountpoint"
.SH DESCRIPTION
Tomb is an application to manage the creation and access of encrypted
storage files: it can be operated from commandline and it can
integrate with a user's graphical desktop.
Tomb generates encrypted storage files to be opened and closed using
their associated keys, which are also protected with a password chosen
by the user. To create, open and close tombs a user will need super
user rights to execute the tomb commandline utility.
A tomb is like a locked folder that can be safely transported and
hidden in a filesystem; it encourages users to keep their keys
separate from tombs, for instance keeping a tomb file on your computer
harddisk and its key file on a USB stick.
For simplified use, the command \fItomb-open\fR starts a wizard that
guides users in the creation of a new tomb or, if a tomb file is
specified as \fIargument\fR, it opens it and makes it accessible in a
default location under the /media folder, starting the status tray
applet (\fItomb-status\fR) if a desktop is present.
.SH COMMANDS
.B
.IP "create"
Creates a new encrypted storage tomb and its key, named as specified
by the given \fIargument\fR.
.B
.IP "open"
Opens an existing tomb file specified in the \fIfirst argument\fR. If
a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR
where the tomb should be made accessible, if not then the tomb is
mounted in a directory named after the filename and inside /media.
.B
.IP "list"
List all the tombs found open, including information about the time
they were opened and the hooks that they mounted. If the \fIfirst
argument\fR is present, then shows only the tomb named that way or
returns an error if its not found.
.B
.IP "close"
Closes a currently open tomb. When \fIan argument\fR is specified, it
should be the name of a mounted tomb; if not specified and only one
tomb is open then it will be closed; if multiple tombs are open, the
command will list them on the terminal. The special
\fIargument\fR 'all' will close all currently open tombs. This command
fails if the tomb is in use by running processes, the command
\fIslam\fR can be used to force close.
.B
.IP "passwd"
Changes the password of a tomb key file specified in the \fIfirst
argument\fR. It will need the old password to decode the key file, it
will then reencode it using the new password.
.B
.IP "slam"
Closes a tomb like the command \fIclose\fR does, but in case it is in
use looks for all the processes accessing its files and violently
kills them using \-9.
.B
.IP "bury"
Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond
argument\fR) using steganography: the image will change in a way that
cannot be noticed by human eyes and the presence of the key inside it
isn't detectable without the right password. This option is useful to
backup tomb keys in unsuspected places; it uses steghide and the
serpent encryption algorithm.
.B
.IP "exhume"
Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file
(\fIsecond argument\fR) known to be containing it, if the right password is
given. This is used to recoved buried keys from unsuspected places.
.SH OPTIONS
.B
.B
.IP "-s \fI<MBytes>\fR"
When creating a tomb, this option MUST be used to specify the size of
the new \fIfile\fR to be created, in megabytes.
.B
.IP "-k \fI<keyfile>\fR"
When opening a tomb, this option can be used to specify the location
of the key to use. Keys are created with the same name of the tomb
file adding a '.gpg' suffix, but can be later renamed and transported
on other media. When a key is not found, the program asks to insert a
USB storage device and it will look for the key file inside it.
If \fI<keyfile>\fR is "-" (dash), it will read stdin
.IP
When creating a tomb, this option can be used to specify the name (and
location) of the key you are creating. For example, you could use
.EX
tomb create -s 100 tombname -k /media/usb/tombname
.EE
to put the key on a usb pendrive
.B
.IP "-n"
Skip processing of post-hooks and bind-hooks if found inside the tomb.
See the \fIHOOKS\fR section in this manual for more information.
.B
.IP "-o"
Manually specify mount options to be used when opening a tomb instead
of the default \fIrw,noatime,nodev\fR. This option can be used to
mount a tomb read-only (ro) to prevent any modification of its data,
or to experiment with other settings (if you really know what you are
doing) see the mount(8) man page.
.B
.IP "--ignore-swap"
By default, Tomb will abort any create and open operation if swap is used (see
SWAP section for details). This flag will disable this behaviour. NOTE: it is
not secure to do so, unless you know that your swap is encrypted
.B
.IP "-h"
Display a help text and quit
.B
.IP "-v"
Display version and quit
.B
.IP "-q"
Run more quietly
.B
.IP "-D"
Print more information while running, for debugging purposes
.B
.IP "--no-color"
Don't use colors; useful for old terminals or integration in other scripts
.SH HOOKS
Hooks are special files that can be placed inside the tomb and trigger
actions when it is opened and closed; there are two kinds of such
files: \fIbind-hooks\fR and \fIpost-hooks\fR can be placed in the
base root of the tomb.
.B
.IP "bind-hooks"
This hook file consists of a simple two column list of files or
directories inside the tomb to be made directly accessible inside the
current user's home directory. Tomb will use the "mount \-o bind"
command to bind locations inside the tomb to locations found in $HOME
so in the first column are indicated paths relative to the tomb and in
the second column are indicated paths relative to $HOME contents, for
example:
mail mail
.gnupg .gnupg
.fmrc .fetchmailrc
.mozilla .mozilla
.B
.IP "post-hooks"
This hook file gets executed as user by tomb right after opening it;
it can consist of a shell script of a binary executable that performs
batch operations every time a tomb is opened.
.SH PRIVILEGE ESCALATION
The tomb commandline tool needs to acquire super user rights to
execute most of its operations: to do so it uses sudo(8), while
pinentry(1) is adopted to collect passwords from the user.
Tomb executes as super user only those commands requiring it, while it
executes desktop applications as processes owned by the user.
.SH SWAP
During "create" and "open" operation, swap will complain and \fIabort\fR if
your system has swap activated. This can be annoying, and you can disable this
behaviour using \fI--ignore-swap\fR. Before doing that, however, you may be
interested in knowing the risks of doing so:
.IP \(bu
During both creation and opening it could write your secret key on the disk
.IP \(bu
After having opened the tomb, an application you're using could swap file
contents. So you'll put file contents in clear on your disk
.P
If you don't need swap, execute \fI swapoff -a\fR. If you really need it, you
could encrypt it. Tomb doesn't detect if your swap is encrypted, and will
complain anyway. In that case, using --ignore-swap is safe. Otherwise, use
--ignore-swap at your own risk
.SH BUGS
Please report bugs on the tracker at
.UR http://bugs.dyne.org
.UE
Get in touch with developers via mail using this
.UR http://dyne.org/contact
web page
.UE
or via chat on
.UR http://irc.dyne.org
.UE
.SH AUTHORS
Tomb is designed and written by Denis Roio aka Jaromil.
Tomb includes code by Anathema and Boyska.
Tomb's artwork is contributed by Jordi aka Mon Mort
Testing and reviews are contributed by Hellekin O. Wolf, Dreamer,
Shining, Mancausoft, Asbesto Molesto.
Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
.SH COPYING
This manual is Copyleft (c) 2011 Denis Roio <\fIjaromil@dyne.org\fR>
It includes contributions by Boyska
Permission is granted to copy, distribute and/or modify this manual
under the terms of the GNU Free Documentation License, Version 1.1 or
any later version published by the Free Software Foundation.
Permission is granted to make and distribute verbatim copies of this
manual page provided the above copyright notice and this permission
notice are preserved on all copies.
.SH AVAILABILITY
The most recent version of Tomb sourcecode and up to date
documentation is available for download from its website on
\fIhttp://tomb.dyne.org\fR.
.SH SEE ALSO
.B
.IP cryptsetup(8)
GnuPG website on http://www.gnupg.org
DM-Crypt website on http://www.saout.de/misc/dm-crypt
LUKS website, http://code.google.com/p/cryptsetup

263
doc/tomb-status.1
View File

@ -1,263 +0,0 @@
.TH tomb 1 "Sept 26, 2011" "tomb"
.SH NAME
Tomb \- the Crypto Undertaker
.SH SYNOPSIS
.B
.IP "tomb [options] command [arguments]"
.B
.IP "tomb-open [file]"
.B
.IP "tomb-status mountpoint"
.SH DESCRIPTION
Tomb is an application to manage the creation and access of encrypted
storage files: it can be operated from commandline and it can
integrate with a user's graphical desktop.
Tomb generates encrypted storage files to be opened and closed using
their associated keys, which are also protected with a password chosen
by the user. To create, open and close tombs a user will need super
user rights to execute the tomb commandline utility.
A tomb is like a locked folder that can be safely transported and
hidden in a filesystem; it encourages users to keep their keys
separate from tombs, for instance keeping a tomb file on your computer
harddisk and its key file on a USB stick.
For simplified use, the command \fItomb-open\fR starts a wizard that
guides users in the creation of a new tomb or, if a tomb file is
specified as \fIargument\fR, it opens it and makes it accessible in a
default location under the /media folder, starting the status tray
applet (\fItomb-status\fR) if a desktop is present.
.SH COMMANDS
.B
.IP "create"
Creates a new encrypted storage tomb and its key, named as specified
by the given \fIargument\fR.
.B
.IP "open"
Opens an existing tomb file specified in the \fIfirst argument\fR. If
a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR
where the tomb should be made accessible, if not then the tomb is
mounted in a directory named after the filename and inside /media.
.B
.IP "list"
List all the tombs found open, including information about the time
they were opened and the hooks that they mounted. If the \fIfirst
argument\fR is present, then shows only the tomb named that way or
returns an error if its not found.
.B
.IP "close"
Closes a currently open tomb. When \fIan argument\fR is specified, it
should be the name of a mounted tomb; if not specified and only one
tomb is open then it will be closed; if multiple tombs are open, the
command will list them on the terminal. The special
\fIargument\fR 'all' will close all currently open tombs. This command
fails if the tomb is in use by running processes, the command
\fIslam\fR can be used to force close.
.B
.IP "passwd"
Changes the password of a tomb key file specified in the \fIfirst
argument\fR. It will need the old password to decode the key file, it
will then reencode it using the new password.
.B
.IP "slam"
Closes a tomb like the command \fIclose\fR does, but in case it is in
use looks for all the processes accessing its files and violently
kills them using \-9.
.B
.IP "bury"
Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond
argument\fR) using steganography: the image will change in a way that
cannot be noticed by human eyes and the presence of the key inside it
isn't detectable without the right password. This option is useful to
backup tomb keys in unsuspected places; it uses steghide and the
serpent encryption algorithm.
.B
.IP "exhume"
Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file
(\fIsecond argument\fR) known to be containing it, if the right password is
given. This is used to recoved buried keys from unsuspected places.
.SH OPTIONS
.B
.B
.IP "-s \fI<MBytes>\fR"
When creating a tomb, this option MUST be used to specify the size of
the new \fIfile\fR to be created, in megabytes.
.B
.IP "-k \fI<keyfile>\fR"
When opening a tomb, this option can be used to specify the location
of the key to use. Keys are created with the same name of the tomb
file adding a '.gpg' suffix, but can be later renamed and transported
on other media. When a key is not found, the program asks to insert a
USB storage device and it will look for the key file inside it.
If \fI<keyfile>\fR is "-" (dash), it will read stdin
.IP
When creating a tomb, this option can be used to specify the name (and
location) of the key you are creating. For example, you could use
.EX
tomb create -s 100 tombname -k /media/usb/tombname
.EE
to put the key on a usb pendrive
.B
.IP "-n"
Skip processing of post-hooks and bind-hooks if found inside the tomb.
See the \fIHOOKS\fR section in this manual for more information.
.B
.IP "-o"
Manually specify mount options to be used when opening a tomb instead
of the default \fIrw,noatime,nodev\fR. This option can be used to
mount a tomb read-only (ro) to prevent any modification of its data,
or to experiment with other settings (if you really know what you are
doing) see the mount(8) man page.
.B
.IP "--ignore-swap"
By default, Tomb will abort any create and open operation if swap is used (see
SWAP section for details). This flag will disable this behaviour. NOTE: it is
not secure to do so, unless you know that your swap is encrypted
.B
.IP "-h"
Display a help text and quit
.B
.IP "-v"
Display version and quit
.B
.IP "-q"
Run more quietly
.B
.IP "-D"
Print more information while running, for debugging purposes
.B
.IP "--no-color"
Don't use colors; useful for old terminals or integration in other scripts
.SH HOOKS
Hooks are special files that can be placed inside the tomb and trigger
actions when it is opened and closed; there are two kinds of such
files: \fIbind-hooks\fR and \fIpost-hooks\fR can be placed in the
base root of the tomb.
.B
.IP "bind-hooks"
This hook file consists of a simple two column list of files or
directories inside the tomb to be made directly accessible inside the
current user's home directory. Tomb will use the "mount \-o bind"
command to bind locations inside the tomb to locations found in $HOME
so in the first column are indicated paths relative to the tomb and in
the second column are indicated paths relative to $HOME contents, for
example:
mail mail
.gnupg .gnupg
.fmrc .fetchmailrc
.mozilla .mozilla
.B
.IP "post-hooks"
This hook file gets executed as user by tomb right after opening it;
it can consist of a shell script of a binary executable that performs
batch operations every time a tomb is opened.
.SH PRIVILEGE ESCALATION
The tomb commandline tool needs to acquire super user rights to
execute most of its operations: to do so it uses sudo(8), while
pinentry(1) is adopted to collect passwords from the user.
Tomb executes as super user only those commands requiring it, while it
executes desktop applications as processes owned by the user.
.SH SWAP
During "create" and "open" operation, swap will complain and \fIabort\fR if
your system has swap activated. This can be annoying, and you can disable this
behaviour using \fI--ignore-swap\fR. Before doing that, however, you may be
interested in knowing the risks of doing so:
.IP \(bu
During both creation and opening it could write your secret key on the disk
.IP \(bu
After having opened the tomb, an application you're using could swap file
contents. So you'll put file contents in clear on your disk
.P
If you don't need swap, execute \fI swapoff -a\fR. If you really need it, you
could encrypt it. Tomb doesn't detect if your swap is encrypted, and will
complain anyway. In that case, using --ignore-swap is safe. Otherwise, use
--ignore-swap at your own risk
.SH BUGS
Please report bugs on the tracker at
.UR http://bugs.dyne.org
.UE
Get in touch with developers via mail using this
.UR http://dyne.org/contact
web page
.UE
or via chat on
.UR http://irc.dyne.org
.UE
.SH AUTHORS
Tomb is designed and written by Denis Roio aka Jaromil.
Tomb includes code by Anathema and Boyska.
Tomb's artwork is contributed by Jordi aka Mon Mort
Testing and reviews are contributed by Hellekin O. Wolf, Dreamer,
Shining, Mancausoft, Asbesto Molesto.
Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
.SH COPYING
This manual is Copyleft (c) 2011 Denis Roio <\fIjaromil@dyne.org\fR>
It includes contributions by Boyska
Permission is granted to copy, distribute and/or modify this manual
under the terms of the GNU Free Documentation License, Version 1.1 or
any later version published by the Free Software Foundation.
Permission is granted to make and distribute verbatim copies of this
manual page provided the above copyright notice and this permission
notice are preserved on all copies.
.SH AVAILABILITY
The most recent version of Tomb sourcecode and up to date
documentation is available for download from its website on
\fIhttp://tomb.dyne.org\fR.
.SH SEE ALSO
.B
.IP cryptsetup(8)
GnuPG website on http://www.gnupg.org
DM-Crypt website on http://www.saout.de/misc/dm-crypt
LUKS website, http://code.google.com/p/cryptsetup

6
doc/web/README
View File

@ -1,6 +0,0 @@
Here use our git submodule dyne-web-tmpl-muse to build the webpage:
git submodule init
git submodule update

1
doc/web/dyne

@ -1 +0,0 @@
Subproject commit 3dac79f2a33ff4048f7684c4ddfe4f114ac0c06c

6
doc/web/dyne-config.el
View File

@ -1,6 +0,0 @@
; simple website settings
(provide 'dyne-config)
(set 'name "Tomb")
(set 'url "http://tomb.dyne.org")

BIN
doc/web/public/images/tomb_n_bats.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 74 KiB

BIN
doc/web/views/images/awesome-shot.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 14 KiB

BIN
doc/web/views/images/favicon.ico
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 766 B

BIN
doc/web/views/images/foster_privacy.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 76 KiB

BIN
doc/web/views/images/monmort.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 446 B

BIN
doc/web/views/images/tomb_crew_hkm11.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 48 KiB

BIN
doc/web/views/images/tomb_n_bats.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 74 KiB

330
doc/web/views/index.muse
View File

@ -1,330 +0,0 @@
#title Tomb - The Crypto Undertaker
#author Jaromil
<contents>
* Tomb - Crypto Undertaker
<class name="logo">
[[images/tomb_n_bats.png]]
</class>
Tomb is a simple tool to manage **encrypted storage** on GNU/Linux, from
the *hashes* of the [[http://dynebolic.org][dyne:bolic]] nesting mechanism.
Tomb aims to be an **100% free** and open source system for easy
encryption and backup of personal files, written in code that is easy
to review and links commonly shared components.
Tomb generates encrypted storage files to be opened and closed using
their associated keyfiles, which are also protected with a password
chosen by the user.
A tomb is like a locked folder that can be safely transported and
hidden in a filesystem; its keys can be kept separate, for instance
keeping the tomb file on your computer harddisk and the key files on a
USB stick.
** Documentation
"*All I know is what the words know, and dead things, and that makes
a handsome little sum, with a beginning and a middle and an end, as
in the well-built phrase and the long sonata of the dead.*"
Samuel Beckett
First of all the usual info you'd expect a software to provide:
- [[README]]
- [[ChangeLog]]
- [[TODO]]
- [[AUTHORS]]
And more below, read on...
*** How does it works
[[images/monmort.png]]
Tombs are operated from a normal file browser or from the commandline.
To open a tomb is sufficient to click on it, or use the command **tomb-open**
When a tomb is open your panel will have a little icon in the tray
reminding you that a tomb is open, offering to explore it or close it.
To make safety copies of your keys, tomb lets you "bury a key" inside
an image (using steganography techniques) and of course "exhume"
buried keys from pictures where they are hidden. Actually it is very
hard to guess when something is hidden inside a picture without
knowing the password used in steganography.
[[images/awesome-shot.png]]
See the [[manual.html][manpage]] for more information on how to operate Tomb from the
text terminal.
<example>
Tomb 1.1 - a strong and gentle undertaker for your secrets
Syntax: tomb [options] command [file] [place]
Commands:
create create a new tomb FILE and its keys
open open an existing tomb FILE on PLACE
list list all open tombs or the one called FILE
close close the open tomb called FILE (or all)
slam close tomb FILE and kill all pids using it
Options:
-s size of the tomb file when creating one (in MB)
-k path to the key to use for opening a tomb
-n don't process the hooks found in tomb
-o mount options used to open (default: rw,noatime,nodev)
-h print this help
-v version information for this tool
-q run quietly without printing informations
-D print debugging information at runtime
</example>
**** More sources of information
Tomb's documentation is being actively written as we speak, you will
find some more informations about it on the wiki found on
[[http://github.com/dyne/Tomb][github.com/dyne/Tomb]] as well on the one on [[http://crypto.is][crypto.is]].
*** Who needs Tomb
"*Democracy requires Privacy as much as Freedom of Expression.*" Anonymous
Our target community are desktop users with no time to click around,
sometimes using old or borrowed computers, operating in places
endangered by conflict where a leak of personal data can be a threat.
If you can't own a laptop then it's possible to go around with a USB
stick and borrow computers, still leaving no trace and keeping your
data safe during transports. Tomb aims to facilitate all this and to
be interoperable across popular GNU/Linux operating systems.
The internet offers plenty of free services, on the wave of the Web2.0
fuzz and the community boom, while all private informations are hosted
on servers owned by global corporations and monopolies.
It is important to keep in mind that no-one else better than *you* can
ensure the privacy of your personal data. Server hosted services and
web integrated technologies gather all data into huge information
pools that are made available to established economical and cultural
regimes.
**This software urges you to reflect on the importance of your
privacy**. World is full of prevarication and political imprisonments,
war rages in several places and media is mainly used for propaganda by
the powers in charge. Some of us face the dangers of being tracked by
oppressors opposing our self definition, independent thinking and
resistance to omologation.
<verse>
"The distinction between what is public and what is private is
becoming more and more blurred with the increasing intrusiveness of
the media and advances in electronic technology. While this
distinction is always the outcome of continuous cultural
negotiation, it continues to be critical, for where nothing is
private, democracy becomes impossible."
(from [[http://www.newschool.edu/centers/socres/privacy/Home.html][Privacy Conference, Social Research, New School University]])
</verse>
*** Aren't there enough encryption tools already?
[[images/foster_privacy.png]]
We've felt the urgency of publishing Tomb for other operating systems
than dyne:bolic since the current situation in personal desktop
encryption is far from optimal.
[[http://en.wikipedia.org/wiki/TrueCrypt][TrueCrypt]] makes use of statically linked libraries so that its code is
hard to audit, plus is [[http://lists.freedesktop.org/archives/distributions/2008-October/000276.html][not considered free]] by free operating system
distributors because of liability reasons, see [[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034][Debian]], [[https://bugs.edge.launchpad.net/ubuntu/+bug/109701][Ubuntu]], [[http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html][Suse]],
[[http://bugs.gentoo.org/show_bug.cgi?id=241650][Gentoo]] and [[https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt][Fedora]].
[[http://tom.noflag.org.uk/cryptkeeper.html][Cryptkeeper]] is the best alternative to Tomb out there and its main
advantage consists in not needing root access on the machine it's
being used. But Cryptkeeper still has drawbacks: it uses [[http://www.arg0.net/encfs][EncFS]] which
implements weaker encryption than dm-crypt and it doesn't promotes the
separated storage of keys.
At last, the [[https://we.riseup.net/debian/automatically-mount-encrypted-home][Encrypted home]] mechanisms on operating systems as Debian
and Ubuntu adopt encryption algorithms as strong as Tomb does, but
they need to be configured when the machine is installed, they cannot
be easily transported and again they don't promote separated storage
of keys.
With Tomb we try to overcome all these limitations providing strong
encryption, encouraging users to separate keys from data and letting
them transport tombs around easily. Also to facilitate auditing and
customization we intend to:
- write short and readable code, linking shared libs
- provide easy to use graphical interfaces and desktop integration
- keep the development process open and distributed using GIT
- distribute Tomb under the GNU General Public License v3
If you believe this is a worthy effort, you are welcome to [[http://dyne.org/donate][support it]].
*** Where do we learn more from
Here below some articles that are useful to understand Tomb more in
detail and to get in touch with the difficult job of a Crypto
Undertaker:
- [[TKS1-draft.pdf][TKS1 - An anti-forensic, two level, and iterated key setup scheme]]
- [[New_methods_in_HD_encryption.pdf][New Methods in Hard Disk Encryption]]
- [[Luks_on_disk_format.pdf][LUKS On-Disk Format Specification]]
- [[LinuxHDEncSettings.txt][Linux hard disk encryption settings]]
** Downloads
For licensing information see the [[http://www.gnu.org/copyleft/gpl.html][GNU General Public License]]
Below a list of formats you can download this application: ready to be
run with some of the interfaces developed, as a library you can use to
build your own application and as source code you can study.
*** Debian and Ubuntu GNU/Linux
Visit our brand new [[http://apt.dyne.org][APT.dyne.org]] repository, there you can tune into
our software channel via an easy to use installer, so you can always
stay up to date with our **freshly brewed software, from the upstream
tap!**
*** Arch GNU/Linux and derivatives
Tomb is [[https://aur.archlinux.org/packages.php?ID=48257][packaged in AUR]], check it out !
*** Source Code
Latest stable release is 1.1 (May 2011), see the [[ftp://ftp.dyne.org/tomb/ChangeLog][ChangeLog]].
Source releases are signed by [[http://jaromil.dyne.org][Jaromil]] using [[http://www.gnupg.org][GnuPG]] and MD5 hashes.
On [[http://ftp.dyne.org/tomb][ftp.dyne.org/tomb]] you can find all present and past Tomb releases,
plus binaries that are occasionally built for various architectures.
The bleeding edge version is developed on [[http://github.com/dyne/Tomb][GitHub/dyne/Tomb]]: you can
clone the repository free and anonymously, as well contribute to
development interacting with us via GitHub (fork, code and then
request a pull).
To compile fresh code out of Git you first have to generate the
auto-tools build environment giving the command:
<example>
autoreconf -i
</example>
and then you can proceed with the usual configure && make mantra, may
the source be with you.
*** App1e/O$X
There are several possibilities of porting Tomb to run on those
expensive and fancy-schmancy toys.
A good plan can be that of using TrueCrypt's version of cryptsetup
which seems to be already ported for the purpose, with a bit of
desktop integration and shell scripting it should be all set,
[[http://dyne.org/contact][let us know]] if you like to join our team on this task.
*** Win$loth
There are rumored plans to port Tomb on Win or at least make it
possible to open tomb files under Win: this could be possible
especially using [[http://www.freeotfe.org][FReeOTFE]] or adding compatibility in [[http://www.sdean12.org/SecureTrayUtil.htm][SecureTrayUtil]]
and contributions are welcome in those directions.
However we strongly **encourage people in need of strong encryption to
not use Winslows**, or at least to not generate encrypted partitions
with it, since it can contain backdoors in the random number
generation, as pointed by Bruce Schneier and Niels Ferguson in this
[[http://www.schneier.com/essay-198.html][short essay about the Dual_EC_DRBG]].
** Development
*** Stage of development
Tomb is an evolution of the 'mknest' tool developed for the [[http://dynebolic.org][dyne:bolic]]
GNU/Linux distribution, which is used by its 'nesting' mechanism to
encrypt the Home directory of users.
As such, it uses well tested and reviewed routines and its shell code
is pretty readable. The name transition from 'mknest' to 'tomb' is
marked by the adaptation of mknest to work on Debian based operating
systems.
At present time Tomb is easy to install and use, it mainly consists of
a Shell script and some auxiliary C code for desktop integration
(GTK), making use of GNU tools and the cryptographic API of the Linux
kernel.
*** People involved
[[images/tomb_crew_hkm11.jpg]]
Tomb is designed and written by [[http://jaromil.dyne.org][Jaromil]].
Tomb's artwork is contributed by [[http://monmort.blogspot.com][Món Mort]].
Tomb includes code by Anathema and Boyska.
Testing and reviews are contributed by Hellekin O. Wolf, Dreamer,
Shining, Mancausoft, Asbesto Molesto.
Most research we refer to is documented by Clemens Fruhwirth who also
developed Cryptsetup together with Christophe Saout.
Here below a cheerful picture of Tomb's developers meeting at the
[[http://http://hackmeeting.org][hackmeeting]] 2011 in Firenze...
*** How can you help
Code is pretty short and readable: start looking around it and the
materials found in doc/ which are good pointers at security measures
to be further implemented.
Have a look in the TODO file to see what our plans are.
At the moment we can use some good help in porting this tool on
M$/Windows and Apple/OSX, still keeping the minimal approach we all
love: write short code and make it readable.
Please report any issue you encounter on [[http://github.com/dyne/Tomb][github.com/dyne/Tomb]]
Get in touch with developers via mail using this web page
[[http://dyne.org/contact][dyne.org/contact]] or via chat on [[http://irc.dyne.org][irc.dyne.org]] channel #tomb
We do have a mailinglist too, but its in Italian language, just
contact us if you like to subscribe.

348
doc/web/views/manual.html
View File

@ -1,348 +0,0 @@
Content-type: text/html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of tomb</TITLE>
</HEAD><BODY>
<H1>tomb</H1>
Section: User Commands (1)<BR>Updated: Sept 26, 2011<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<P>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
Tomb - the Crypto Undertaker
<P>
<A NAME="lbAC">&nbsp;</A>
<H2>SYNOPSIS</H2>
<B><DL COMPACT>
<DT>tomb [options] command [arguments]<DD>
</B>
<B><DT>tomb-open [file]<DD>
</B>
<B><DT>tomb-status mountpoint<DD>
</B>
<P>
</DL>
<A NAME="lbAD">&nbsp;</A>
<H2>DESCRIPTION</H2>
<P>
Tomb is an application to manage the creation and access of encrypted
storage files: it can be operated from commandline and it can
integrate with a user's graphical desktop.
<P>
Tomb generates encrypted storage files to be opened and closed using
their associated keys, which are also protected with a password chosen
by the user. To create, open and close tombs a user will need super
user rights to execute the tomb commandline utility.
<P>
A tomb is like a locked folder that can be safely transported and
hidden in a filesystem; it encourages users to keep their keys
separate from tombs, for instance keeping a tomb file on your computer
harddisk and its key file on a USB stick.
<P>
For simplified use, the command <I>tomb-open</I> starts a wizard that
guides users in the creation of a new tomb or, if a tomb file is
specified as <I>argument</I>, it opens it and makes it accessible in a
default location under the /media folder, starting the status tray
applet (<I>tomb-status</I>) if a desktop is present.
<P>
<P>
<A NAME="lbAE">&nbsp;</A>
<H2>COMMANDS</H2>
<P>
<B><DL COMPACT>
<DT>create<DD>
</B>
Creates a new encrypted storage tomb and its key, named as specified
by the given <I>argument</I>.
<P>
<B><DT>open<DD>
</B>
Opens an existing tomb file specified in the <I>first argument</I>. If
a <I>second argument</I> is given it will indicate the <I>mountpoint</I>
where the tomb should be made accessible, if not then the tomb is
mounted in a directory named after the filename and inside /media.
<P>
<B><DT>list<DD>
</B>
<P>
List all the tombs found open, including information about the time
they were opened and the hooks that they mounted. If the <I>first
argument</I> is present, then shows only the tomb named that way or
returns an error if its not found.
<P>
<B><DT>close<DD>
</B>
Closes a currently open tomb. When <I>an argument</I> is specified, it
should be the name of a mounted tomb; if not specified and only one
tomb is open then it will be closed; if multiple tombs are open, the
command will list them on the terminal. The special
<I>argument</I> 'all' will close all currently open tombs. This command
fails if the tomb is in use by running processes, the command
<I>slam</I> can be used to force close.
<P>
<B><DT>slam<DD>
</B>
Closes a tomb like the command <I>close</I> does, but in case it is in
use looks for all the processes accessing its files and violently
kills them using -9.
<P>
<B><DT>bury<DD>
</B>
Hides a tomb key (<I>first argument</I>) inside a jpeg image (<I>second
argument</I>) using steganography: the image will change in a way that
cannot be noticed by human eyes and the presence of the key inside it
isn't detectable without the right password. This option is useful to
backup tomb keys in unsuspected places; it uses steghide and the
serpent encryption algorithm.
<P>
<B><DT>exhume<DD>
</B>
Extracts a named tomb key (<I>first argument</I>) from a (jpeg) image file
(<I>second argument</I>) known to be containing it, if the right password is
given. This is used to recoved buried keys from unsuspected places.
<P>
</DL>
<A NAME="lbAF">&nbsp;</A>
<H2>OPTIONS</H2>
<B><DL COMPACT>
<DT>-s </B><I>&lt;MBytes&gt;</I><DD>
When creating a tomb, this option MUST be used to specify the size of
the new <I>file</I> to be created, in megabytes.
<B><DT>-k </B><I>&lt;keyfile&gt;</I><DD>
When opening a tomb, this option can be used to specify the location
of the key to use. Keys are created with the same name of the tomb
file adding a '.gpg' suffix, but can be later renamed and transported
on other media. When a key is not found, the program asks to insert a
USB storage device and it will look for the key file inside it.
If <I>&lt;keyfile&gt;</I> is &quot;-&quot; (dash), it will read stdin
<DT><DD>
When creating a tomb, this option can be used to specify the name (and
location) of the key you are creating. For example, you could use
tomb create -s 100 tombname -k /media/usb/tombname
to put the key on a usb pendrive
<P>
<B><DT>-n<DD>
</B>
Skip processing of post-hooks and bind-hooks if found inside the tomb.
See the <I>HOOKS</I> section in this manual for more information.
<B><DT>-o<DD>
</B>
Manually specify mount options to be used when opening a tomb instead
of the default <I>rw,noatime,nodev</I>. This option can be used to
mount a tomb read-only (ro) to prevent any modification of its data,
or to experiment with other settings (if you really know what you are
doing) see the <A HREF="/cgi-bin/man/man2html?8+mount">mount</A>(8) man page.
<B><DT>--ignore-swap<DD>
</B>
By default, Tomb will abort any create and open operation if swap is used (see
SWAP section for details). This flag will disable this behaviour. NOTE: it is
not secure to do so, unless you know that your swap is encrypted
<P>
<B><DT>-h<DD>
</B>
Display a help text and quit
<B><DT>-v<DD>
</B>
Display version and quit
<B><DT>-q<DD>
</B>
Run more quietly
<DT>-D<DD>
Print more information while running, for debugging purposes
<P>
<P>
</DL>
<A NAME="lbAG">&nbsp;</A>
<H2>HOOKS</H2>
<P>
Hooks are special files that can be placed inside the tomb and trigger
actions when it is opened and closed; there are two kinds of such
files: <I>bind-hooks</I> and <I>post-hooks</I> can be placed in the
base root of the tomb.
<P>
<B><DL COMPACT>
<DT>bind-hooks<DD>
</B>
This hook file consists of a simple two column list of files or
directories inside the tomb to be made directly accessible inside the
current user's home directory. Tomb will use the &quot;mount -o bind&quot;
command to bind locations inside the tomb to locations found in $HOME
so in the first column are indicated paths relative to the tomb and in
the second column are indicated paths relative to $HOME contents, for
example:
<P>
<BR>&nbsp;&nbsp;mail&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mail
<BR>&nbsp;&nbsp;.gnupg&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.gnupg
<BR>&nbsp;&nbsp;.fmrc&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.fetchmailrc
<BR>&nbsp;&nbsp;.mozilla&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;.mozilla
<P>
<B><DT>post-hooks<DD>
</B>
This hook file gets executed as user by tomb right after opening it;
it can consist of a shell script of a binary executable that performs
batch operations every time a tomb is opened.
<P>
</DL>
<A NAME="lbAH">&nbsp;</A>
<H2>PRIVILEGE ESCALATION</H2>
<P>
The tomb commandline tool needs to acquire super user rights to
execute most of its operations: to do so it uses <A HREF="/cgi-bin/man/man2html?8+sudo">sudo</A>(8), while
<A HREF="/cgi-bin/man/man2html?1+pinentry">pinentry</A>(1) is adopted to collect passwords from the user.
<P>
Tomb executes as super user only those commands requiring it, while it
executes desktop applications as processes owned by the user.
<P>
<A NAME="lbAI">&nbsp;</A>
<H2>SWAP</H2>
<P>
During &quot;create&quot; and &quot;open&quot; operation, swap will complain and <I>abort</I> if
your system has swap activated. This can be annoying, and you can disable this
behaviour using <I>--ignore-swap</I>. Before doing that, however, you may be
interested in knowing the risks of doing so:
<DL COMPACT>
<DT>&bull;<DD>
During both creation and opening it could write your secret key on the disk
<DT>&bull;<DD>
After having opened the tomb, an application you're using could swap file
contents. So you'll put file contents in clear on your disk
</DL>
<P>
<P>
If you don't need swap, execute <I> swapoff -a</I>. If you really need it, you
could encrypt it. Tomb doesn't detect if your swap is encrypted, and will
complain anyway. In that case, using --ignore-swap is safe. Otherwise, use
--ignore-swap at your own risk
<P>
<P>
<P>
<A NAME="lbAJ">&nbsp;</A>
<H2>BUGS</H2>
Please report bugs on the tracker at
<P>
Get in touch with developers via mail using this
web page
or via chat on
<P>
<A NAME="lbAK">&nbsp;</A>
<H2>AUTHORS</H2>
<P>
Tomb is designed and written by Denis Roio aka Jaromil.
<P>
Tomb includes code by Hellekin O. Wolf, Anathema and Boyska.
<P>
Tomb's artwork is contributed by Jordi aka Mon Mort
<P>
Testing and reviews are contributed by Dreamer, Shining, Mancausoft,
Asbesto Molesto.
<P>
Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
<P>
<A NAME="lbAL">&nbsp;</A>
<H2>COPYING</H2>
<P>
This manual is Copyleft (c) 2011 Denis Roio &lt;<I><A HREF="mailto:jaromil@dyne.org">jaromil@dyne.org</A></I>&gt;
<P>
It includes contributions by Boyska
<P>
Permission is granted to copy, distribute and/or modify this manual
under the terms of the GNU Free Documentation License, Version 1.1 or
any later version published by the Free Software Foundation.
Permission is granted to make and distribute verbatim copies of this
manual page provided the above copyright notice and this permission
notice are preserved on all copies.
<P>
<A NAME="lbAM">&nbsp;</A>
<H2>AVAILABILITY</H2>
<P>
The most recent version of Tomb sourcecode and up to date
documentation is available for download from its website on
<I><A HREF="http://tomb.dyne.org">http://tomb.dyne.org</A></I>.
<P>
<A NAME="lbAN">&nbsp;</A>
<H2>SEE ALSO</H2>
<P>
<B><DL COMPACT>
<DT><A HREF="/cgi-bin/man/man2html?8+cryptsetup">cryptsetup</A>(8)<DD>
</B>
<P>
GnuPG website on <A HREF="http://www.gnupg.org">http://www.gnupg.org</A>
<P>
DM-Crypt website on <A HREF="http://www.saout.de/misc/dm-crypt">http://www.saout.de/misc/dm-crypt</A>
<P>
LUKS website, <A HREF="http://code.google.com/p/cryptsetup">http://code.google.com/p/cryptsetup</A>
<P>
</DL>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT><A HREF="#lbAB">NAME</A><DD>
<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT><A HREF="#lbAE">COMMANDS</A><DD>
<DT><A HREF="#lbAF">OPTIONS</A><DD>
<DT><A HREF="#lbAG">HOOKS</A><DD>
<DT><A HREF="#lbAH">PRIVILEGE ESCALATION</A><DD>
<DT><A HREF="#lbAI">SWAP</A><DD>
<DT><A HREF="#lbAJ">BUGS</A><DD>
<DT><A HREF="#lbAK">AUTHORS</A><DD>
<DT><A HREF="#lbAL">COPYING</A><DD>
<DT><A HREF="#lbAM">AVAILABILITY</A><DD>
<DT><A HREF="#lbAN">SEE ALSO</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 10:33:09 GMT, September 26, 2011
</BODY>
</HTML>

0
src/HACKING.txt → extras/HACKING.txt
View File

0
INSTALL.python → extras/INSTALL.python
View File

0
debian/changelog → extras/debian/changelog
View File

0
debian/compat → extras/debian/compat
View File

0
debian/control → extras/debian/control
View File

0
debian/copyright → extras/debian/copyright
View File

0
debian/dirs → extras/debian/dirs
View File

0
debian/docs → extras/debian/docs
View File

0
debian/menu → extras/debian/menu
View File

0
debian/postinst → extras/debian/postinst
View File

0
debian/rules → extras/debian/rules
View File

0
debian/source/format → extras/debian/source/format
View File

0
debian/tomb-gtk.install → extras/debian/tomb-gtk.install
View File

0
debian/tomb.install → extras/debian/tomb.install
View File

0
debian/tomb.mime → extras/debian/tomb.mime
View File

0
debian/tomb.sharedmimeinfo → extras/debian/tomb.sharedmimeinfo
View File

0
debian/watch → extras/debian/watch
View File

0
share/dyne-tomb.xml → extras/desktop/dyne-tomb.xml
View File

0
share/gtkrc-2.0 → extras/desktop/gtkrc-2.0
View File

0
share/gtkrc.in → extras/desktop/gtkrc.in
View File

0
share/tomb → extras/desktop/tomb
View File

0
share/tomb-ascii-art.txt → extras/desktop/tomb-ascii-art.txt
View File

0
share/tomb.applications → extras/desktop/tomb.applications
View File

0
share/tomb.desktop → extras/desktop/tomb.desktop
View File

0
share/tomb.keys → extras/desktop/tomb.keys
View File

0
share/tomb.mime → extras/desktop/tomb.mime
View File

0
share/tomb.mimepkg → extras/desktop/tomb.mimepkg
View File

0
share/DayOfTheDead.jpg → extras/images/DayOfTheDead.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 25 KiB

After

Width:  |  Height:  |  Size: 25 KiB

0
doc/web/public/images/monmort.png → extras/images/monmort.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 446 B

After

Width:  |  Height:  |  Size: 446 B

0
share/images/pixels.jpg → extras/images/pixels.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 8.6 KiB

After

Width:  |  Height:  |  Size: 8.6 KiB

0
share/images/pixels2.jpg → extras/images/pixels2.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 10 KiB

After

Width:  |  Height:  |  Size: 10 KiB

0
share/images/pixels3.jpg → extras/images/pixels3.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 10 KiB

After

Width:  |  Height:  |  Size: 10 KiB

0
share/images/tomb1.jpg → extras/images/tomb1.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 187 KiB

After

Width:  |  Height:  |  Size: 187 KiB

0
share/images/tomb2.jpg → extras/images/tomb2.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 164 KiB

After

Width:  |  Height:  |  Size: 164 KiB

0
share/images/tomb_and_bats.xpm → extras/images/tomb_and_bats.xpm
View File

0
src/kdf/.gitignore → extras/kdf/.gitignore vendored
View File

0
src/kdf/Makefile.am → extras/kdf/Makefile.am
View File

0
src/kdf/README → extras/kdf/README
View File

0
src/kdf/hexencode.c → extras/kdf/hexencode.c
View File

0
src/kdf/pbkdf2/benchmark.c → extras/kdf/pbkdf2/benchmark.c
View File

0
src/kdf/pbkdf2/gen_salt.c → extras/kdf/pbkdf2/gen_salt.c
View File

0
src/kdf/pbkdf2/pbkdf2.c → extras/kdf/pbkdf2/pbkdf2.c
View File

0
src/kdf/test.sh → extras/kdf/test.sh
View File

0
src/kdf/test.txt → extras/kdf/test.txt
View File

0
src/monmort.xpm → extras/monmort.xpm
View File

0
po/tomb.pot → extras/po/tomb.pot
View File

0
src/pytomb/.gitignore → extras/pytomb/.gitignore vendored
View File

0
src/pytomb/setup.py → extras/pytomb/setup.py
View File

0
src/pytomb/tomblib/__init__.py → extras/pytomb/tomblib/__init__.py
View File

0
src/pytomb/tomblib/parser.py → extras/pytomb/tomblib/parser.py
View File

0
src/pytomb/tomblib/test_parser.py → extras/pytomb/tomblib/test_parser.py
View File

0
src/pytomb/tomblib/tomb.py → extras/pytomb/tomblib/tomb.py
View File

0
src/pytomb/tomblib/undertaker.py → extras/pytomb/tomblib/undertaker.py
View File

0
src/qt/.gitignore → extras/qt/.gitignore vendored
View File

0
src/qt/Makefile → extras/qt/Makefile
View File

0
src/qt/notes.txt → extras/qt/notes.txt
View File

0
src/qt/setup.py → extras/qt/setup.py
View File

0
src/qt/tombqt/__init__.py → extras/qt/tombqt/__init__.py
View File

0
src/qt/tombqt/create.py → extras/qt/tombqt/create.py
View File

0
src/qt/tombqt/create.ui → extras/qt/tombqt/create.ui
View File

0
src/qt/tombqt/open.py → extras/qt/tombqt/open.py
View File

0
src/qt/tombqt/open.ui → extras/qt/tombqt/open.ui
View File

0
src/qt/tombqt/open_choosekey.ui → extras/qt/tombqt/open_choosekey.ui
View File

0
src/qt/tombqt/open_keymethod.ui → extras/qt/tombqt/open_keymethod.ui
View File

0
src/qt/tombqt/open_success.ui → extras/qt/tombqt/open_success.ui
View File

0
src/qt/tombqt/open_tombfile.ui → extras/qt/tombqt/open_tombfile.ui
View File

0
src/qt/tombqt/ui_create.py → extras/qt/tombqt/ui_create.py
View File

0
src/qt/tombqt/ui_open_keymethod.py → extras/qt/tombqt/ui_open_keymethod.py
View File

0
src/qt/tombqt/ui_open_success.py → extras/qt/tombqt/ui_open_success.py
View File

0
src/qt/tombqt/ui_open_tombfile.py → extras/qt/tombqt/ui_open_tombfile.py
View File

0
src/qt/tombqt/worker.py → extras/qt/tombqt/worker.py
View File

0
src/test/kdf.test.sh → extras/test/kdf.test.sh
View File

0
src/test/kdf_null.test.sh → extras/test/kdf_null.test.sh
View File

0
src/test/passwd.test.sh → extras/test/passwd.test.sh
View File

0
src/test/simple.test.sh → extras/test/simple.test.sh
View File

0
src/test/testall.sh → extras/test/testall.sh
View File

0
src/test/utils.sh → extras/test/utils.sh
View File

0
src/tomb-open → extras/tomb-open
View File

0
src/tomb-status.c → extras/tomb-status.c
View File

Some files were not shown because too many files have changed in this diff Show More