mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-12-23 02:28:58 +00:00
Support encrypted swap
This commit is contained in:
parent
0e49dfc7a0
commit
7f2fd4d60c
36
tomb
36
tomb
@ -138,11 +138,47 @@ check_swap() {
|
||||
# Return 2 if swap(s) is(are) used, but ALL encrypted
|
||||
local swaps=$(awk '/^\// { print $1 }' /proc/swaps 2>/dev/null)
|
||||
[[ -z "$swaps" ]] && return 0 # No swap partition is active
|
||||
# Check whether all swaps are encrypted, and return 2
|
||||
# If any of the swaps is not encrypted, we bail out and return 1.
|
||||
ret=1
|
||||
for s in $=swaps; do
|
||||
bone=`sudo file $s`
|
||||
if `echo "$bone" | grep 'swap file' &>/dev/null`; then
|
||||
# It's a regular (unencrypted) swap file
|
||||
ret=1
|
||||
break
|
||||
elif `echo "$bone" | grep 'symbolic link' &>/dev/null`; then
|
||||
# Might link to a block
|
||||
ret=1
|
||||
if [ "/dev/mapper" = "${s%/*}" ]; then
|
||||
is_crypt=`sudo dmsetup status "$s" | awk '/crypt/ {print $3}'`
|
||||
if [ "crypt" = "$is_crypt" ]; then
|
||||
ret=2
|
||||
fi
|
||||
else
|
||||
break
|
||||
fi
|
||||
elif `echo "$bone" | grep 'block special' &>/dev/null`; then
|
||||
# Is a block
|
||||
ret=1
|
||||
is_crypt=`sudo dmsetup status "$s" | awk '/crypt/ {print $3}'`
|
||||
if [ "crypt" = "$is_crypt" ]; then
|
||||
ret=2
|
||||
else
|
||||
break
|
||||
fi
|
||||
fi
|
||||
done
|
||||
no "An active swap partition is detected, this poses security risks."
|
||||
if [[ $ret -eq 2 ]]; then
|
||||
yes "All your swaps are belong to crypt. Good."
|
||||
else
|
||||
no "You can deactivate all swap partitions using the command:"
|
||||
no " swapoff -a"
|
||||
no "But if you want to proceed like this, use the -f (force) flag."
|
||||
die "Operation aborted."
|
||||
fi
|
||||
return $ret
|
||||
}
|
||||
|
||||
# Ask user for a password
|
||||
|
Loading…
Reference in New Issue
Block a user