mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-22 12:35:13 +00:00
fixes and cleanups
This commit is contained in:
parent
3fb248bde8
commit
c3a354cc0f
85
tomb
85
tomb
@ -95,7 +95,7 @@ typeset -Hi _UID # Running user identifier
|
|||||||
typeset -Hi _GID # Running user group identifier
|
typeset -Hi _GID # Running user group identifier
|
||||||
typeset -H _TTY # Connected input terminal
|
typeset -H _TTY # Connected input terminal
|
||||||
|
|
||||||
# Tomb context (see _plot())
|
# Tomb context (see is_valid_tomb())
|
||||||
typeset -H TOMBPATH # Full path to the tomb
|
typeset -H TOMBPATH # Full path to the tomb
|
||||||
typeset -H TOMBDIR # Directory where the tomb is
|
typeset -H TOMBDIR # Directory where the tomb is
|
||||||
typeset -H TOMBFILE # File name of the tomb
|
typeset -H TOMBFILE # File name of the tomb
|
||||||
@ -542,41 +542,40 @@ sphinx_set_password() {
|
|||||||
|
|
||||||
# Check if a filename is a valid tomb
|
# Check if a filename is a valid tomb
|
||||||
is_valid_tomb() {
|
is_valid_tomb() {
|
||||||
local tombpath=$1
|
|
||||||
_verbose "is_valid_tomb ::1 tomb file::" $tombpath
|
_verbose "is_valid_tomb ::1 tomb file::" $1
|
||||||
|
|
||||||
# First argument must be the path to a tomb
|
# First argument must be the path to a tomb
|
||||||
[[ -z "$tombpath" ]] && {
|
[[ $1 ]] || _failure "Tomb file is missing from arguments."
|
||||||
_failure "Tomb file is missing from arguments." }
|
|
||||||
|
|
||||||
_fail=0
|
local _fail=0
|
||||||
# Tomb file must be a readable, writable, non-empty regular file.
|
# Tomb file must be a readable, writable, non-empty regular file.
|
||||||
# If passed the "ro" mount option, the writable check is skipped.
|
# If passed the "ro" mount option, the writable check is skipped.
|
||||||
[[ ! -w "$tombpath" ]] && [[ $(option_value -o) != *"ro"* ]] && {
|
[[ ! -w "$1" ]] && [[ $(option_value -o) != *"ro"* ]] && {
|
||||||
_warning "Tomb file is not writable: ::1 tomb file::" $tombpath
|
_warning "Tomb file is not writable: ::1 tomb file::" $1
|
||||||
_fail=1
|
_fail=1
|
||||||
}
|
}
|
||||||
_verbose "tomb file is readable"
|
_verbose "tomb file is readable"
|
||||||
|
|
||||||
[[ ! -f "$tombpath" ]] && {
|
[[ ! -f "$1" ]] && {
|
||||||
_warning "Tomb file is not a regular file: ::1 tomb file::" $tombpath
|
_warning "Tomb file is not a regular file: ::1 tomb file::" $1
|
||||||
_fail=1
|
_fail=1
|
||||||
}
|
}
|
||||||
_verbose "tomb file is a regular file"
|
_verbose "tomb file is a regular file"
|
||||||
|
|
||||||
[[ ! -s "$tombpath" ]] && {
|
[[ ! -s "$1" ]] && {
|
||||||
_warning "Tomb file is empty (zero length): ::1 tomb file::" $tombpath
|
_warning "Tomb file is empty (zero length): ::1 tomb file::" $1
|
||||||
_fail=1
|
_fail=1
|
||||||
}
|
}
|
||||||
_verbose "tomb file is not empty"
|
_verbose "tomb file is not empty"
|
||||||
|
|
||||||
[[ $_fail = 1 ]] && {
|
[[ $_fail == 1 ]] && {
|
||||||
_failure "Tomb command failed: ::1 command name::" $subcommand
|
_failure "Tomb command failed: ::1 command name::" $subcommand
|
||||||
}
|
}
|
||||||
|
|
||||||
# Tomb file may be a LUKS FS (or we are creating it)
|
# Tomb file may be a LUKS FS (or we are creating it)
|
||||||
[[ "`file $tombpath`" =~ "luks encrypted file" ]] || {
|
[[ "`file $1`" =~ "luks encrypted file" ]] || {
|
||||||
_warning "File is not yet a tomb: ::1 tomb file::" $tombpath }
|
_warning "File is not yet a tomb: ::1 tomb file::" $1 }
|
||||||
|
|
||||||
# We set global variables
|
# We set global variables
|
||||||
typeset -g TOMBPATH TOMBDIR TOMBFILE TOMBNAME TOMBMAPPER
|
typeset -g TOMBPATH TOMBDIR TOMBFILE TOMBNAME TOMBMAPPER
|
||||||
@ -599,7 +598,7 @@ is_valid_tomb() {
|
|||||||
_failure "Tomb won't work without a TOMBNAME."
|
_failure "Tomb won't work without a TOMBNAME."
|
||||||
|
|
||||||
# checks if Tomb already mounted (or we cannot alter it)
|
# checks if Tomb already mounted (or we cannot alter it)
|
||||||
local maphash=`realpath $tombpath | sha256sum -z`
|
local maphash=`realpath $TOMBPATH | sha256sum -z`
|
||||||
local nextloop=`losetup -f`
|
local nextloop=`losetup -f`
|
||||||
TOMBMAPPER="tomb.$TOMBNAME.${maphash[(w)1]}.`basename $nextloop`"
|
TOMBMAPPER="tomb.$TOMBNAME.${maphash[(w)1]}.`basename $nextloop`"
|
||||||
local mounted_tombs=(`list_tomb_mounts`)
|
local mounted_tombs=(`list_tomb_mounts`)
|
||||||
@ -1830,52 +1829,43 @@ engrave_key() {
|
|||||||
# which blocks in the filesystem contain that data.
|
# which blocks in the filesystem contain that data.
|
||||||
|
|
||||||
dig_tomb() {
|
dig_tomb() {
|
||||||
local tombpath="$1" # Path to tomb
|
# $1 arg is path to tomb
|
||||||
|
|
||||||
# Require the specification of the size of the tomb (-s) in MiB
|
# Require the specification of the size of the tomb (-s) in MiB
|
||||||
local -i tombsize=$(option_value -s)
|
local -i tombsize=$(option_value -s)
|
||||||
|
|
||||||
_message "Commanded to dig tomb ::1 tomb path::" $tombpath
|
_message "Commanded to dig tomb ::1 tomb path::" $tombpath
|
||||||
|
|
||||||
[[ -n "$tombpath" ]] || _failure "Missing path to tomb"
|
[[ $1 ]] || _failure "Missing path to tomb"
|
||||||
[[ -n "$tombsize" ]] || _failure "Size argument missing, use -s"
|
[[ -n "$tombsize" ]] || _failure "Size argument missing, use -s"
|
||||||
[[ $tombsize == <-> ]] || _failure "Size must be an integer (mebibytes)"
|
[[ $tombsize == <-> ]] || _failure "Size must be an integer (mebibytes)"
|
||||||
[[ $tombsize -ge 10 ]] || _failure "Tombs can't be smaller than 10 mebibytes"
|
[[ $tombsize -ge 10 ]] || _failure "Tombs can't be smaller than 10 mebibytes"
|
||||||
|
|
||||||
is_valid_tomb $tombpath
|
[[ -e $1 ]] && {
|
||||||
|
|
||||||
[[ -e $TOMBPATH ]] && {
|
|
||||||
_warning "A tomb exists already. I'm not digging here:"
|
_warning "A tomb exists already. I'm not digging here:"
|
||||||
ls -lh $TOMBPATH
|
ls -lh $1
|
||||||
return 1
|
return 1
|
||||||
}
|
}
|
||||||
|
|
||||||
_success "Creating a new tomb in ::1 tomb path::" $TOMBPATH
|
_success "Creating a new tomb in ::1 tomb path::" $1
|
||||||
|
_message "Generating ::1 tomb file:: of ::2 size::MiB" $1 $tombsize
|
||||||
|
|
||||||
_message "Generating ::1 tomb file:: of ::2 size::MiB" $TOMBFILE $tombsize
|
touch "$1"
|
||||||
|
|
||||||
# Ensure that file permissions are safe even if interrupted
|
|
||||||
touch $TOMBPATH
|
|
||||||
[[ $? = 0 ]] || {
|
[[ $? = 0 ]] || {
|
||||||
_warning "Error creating the tomb ::1 tomb path::" $TOMBPATH
|
_warning "Error creating the tomb ::1 tomb path::" $1
|
||||||
_failure "Operation aborted."
|
_failure "Operation aborted."
|
||||||
}
|
}
|
||||||
chmod 0600 $TOMBPATH
|
# Ensure that file permissions are safe even if interrupted
|
||||||
|
_sudo chown ${_UID}:${_GID} "$1"
|
||||||
|
chmod 0600 $1
|
||||||
_verbose "Data dump using ::1:: from /dev/urandom" ${DD[1]}
|
_verbose "Data dump using ::1:: from /dev/urandom" ${DD[1]}
|
||||||
${=DD} if=/dev/urandom bs=1048576 count=$tombsize of=$TOMBPATH
|
${=DD} if=/dev/urandom bs=1048576 count=$tombsize of=$1
|
||||||
|
ls -lh "$1"
|
||||||
|
|
||||||
[[ $? == 0 && -e $TOMBPATH ]] && {
|
_success "Done digging ::1 tomb name::" $1
|
||||||
_sudo chown ${_UID}:${_GID} "$TOMBPATH"
|
|
||||||
ls -lh "$TOMBPATH"
|
|
||||||
} || {
|
|
||||||
_warning "Error creating the tomb ::1 tomb path::" $TOMBPATH
|
|
||||||
_failure "Operation aborted."
|
|
||||||
}
|
|
||||||
|
|
||||||
_success "Done digging ::1 tomb name::" $TOMBNAME
|
|
||||||
_message "Your tomb is not yet ready, you need to forge a key and lock it:"
|
_message "Your tomb is not yet ready, you need to forge a key and lock it:"
|
||||||
_message "tomb forge ::1 tomb path::.key" $TOMBPATH
|
_message "tomb forge ::1 tomb path::.key" $1
|
||||||
_message "tomb lock ::1 tomb path:: -k ::1 tomb path::.key" $TOMBPATH
|
_message "tomb lock ::1 tomb path:: -k ::1 tomb path::.key" $1
|
||||||
|
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
@ -2766,7 +2756,6 @@ resize_tomb() {
|
|||||||
[[ -z "$newtombsize" ]] && {
|
[[ -z "$newtombsize" ]] && {
|
||||||
_failure "Aborting operations: new size was not specified, use -s" }
|
_failure "Aborting operations: new size was not specified, use -s" }
|
||||||
|
|
||||||
# this also calls _plot()
|
|
||||||
is_valid_tomb $tombpath
|
is_valid_tomb $tombpath
|
||||||
|
|
||||||
_load_key # Try loading new key from option -k and set TOMBKEYFILE
|
_load_key # Try loading new key from option -k and set TOMBKEYFILE
|
||||||
@ -2867,16 +2856,16 @@ umount_tomb() {
|
|||||||
_verbose "Name: ::1 tomb name::" $tombname
|
_verbose "Name: ::1 tomb name::" $tombname
|
||||||
_verbose "Mount: ::1 mount point::" $tombmount
|
_verbose "Mount: ::1 mount point::" $tombmount
|
||||||
_verbose "Loop: ::1 mount loop::" $tombloop
|
_verbose "Loop: ::1 mount loop::" $tombloop
|
||||||
_verbose "Mapper: ::1 mapper::" $TOMBMAPPER
|
_verbose "Mapper: ::1 mapper::" $mapper
|
||||||
|
|
||||||
[[ -e "$TOMBMAPPER" ]] && {
|
[[ -e "$mapper" ]] && {
|
||||||
_warning "Tomb not found: ::1 tomb file::" $1
|
_warning "Tomb not found: ::1 tomb file::" $1
|
||||||
_warning "Please specify an existing tomb."
|
_warning "Please specify an existing tomb."
|
||||||
return 0 }
|
return 0 }
|
||||||
|
|
||||||
option_is_set -n || {
|
option_is_set -n || {
|
||||||
exec_safe_func_hooks \
|
exec_safe_func_hooks \
|
||||||
close "$tombmount" "$tombname" "$tombloop" "$TOMBMAPPER"
|
close "$tombmount" "$tombname" "$tombloop" "$mapper"
|
||||||
exec_hook_res=$?
|
exec_hook_res=$?
|
||||||
[[ $exec_hook_res = 0 ]] || {
|
[[ $exec_hook_res = 0 ]] || {
|
||||||
_warning "close exec-hook returns a non-zero error code: ::1 error::" $exec_hook_res
|
_warning "close exec-hook returns a non-zero error code: ::1 error::" $exec_hook_res
|
||||||
@ -2924,8 +2913,8 @@ umount_tomb() {
|
|||||||
[[ "$tombmount" =~ "(/run)?/media(/$_USER)?/$tombname_regex" ]] && {
|
[[ "$tombmount" =~ "(/run)?/media(/$_USER)?/$tombname_regex" ]] && {
|
||||||
_sudo rmdir $tombmount }
|
_sudo rmdir $tombmount }
|
||||||
|
|
||||||
_sudo cryptsetup luksClose $TOMBMAPPER ||
|
_sudo cryptsetup luksClose $mapper ||
|
||||||
_failure "Error occurred in cryptsetup luksClose ::1 mapper::" $TOMBMAPPER
|
_failure "Error occurred in cryptsetup luksClose ::1 mapper::" $mapper
|
||||||
|
|
||||||
# Normally the loopback device is detached when unused
|
# Normally the loopback device is detached when unused
|
||||||
[[ -e "/dev/$tombloop" ]] && {
|
[[ -e "/dev/$tombloop" ]] && {
|
||||||
|
Loading…
Reference in New Issue
Block a user