Commit Graph

1172 Commits

Author SHA1 Message Date
Narrat
284fb4a3cd slam_tomb(): don't parse process output and rework
In #504 list_processes() got reworked in a way to avoid parsing process
output as this had interesting side-effects.
Back then I mentioned the same behaviour existing in slam_tomb() which
should probably be changed too. This PR addresses that.
Firstly it will use list_processes() from within slam_tomb(), as this is
in principal overlapping functionality. For this list_processes() needed
to be adjusted. It now has a return value which can indicate if there
were processes.
Secondly the order of execution was changed in slam_tomb(). Before it
would process one process and work through the signals until this
process was killed. Now it will take a signal and issue a kill for all
processes found.
2024-09-01 22:30:17 +02:00
Jaromil
0ef195dff0 small updates to readme 2024-08-31 22:46:39 +02:00
Jaromil
48c08c0086 fix: resize on btrfs formatted volumes
new minimum increase for resize is 120MiB

increase resize delta on all test to be above new minimum

skip resize test for btrfs mixedmode (always fails)
2024-08-31 22:46:39 +02:00
Jaromil
29098f356c correct error message typo in resize (and in all translations) 2024-08-31 22:46:39 +02:00
Jaromil
447817de6c test btrfs tomb resize 2024-08-31 22:46:39 +02:00
Jaromil
b7fa057e48 elevate minimum size permitted for btrfs filesystem 2024-08-31 22:46:39 +02:00
Jaromil
963a0cc321 test btrfs tomb 2024-08-31 22:46:39 +02:00
Jaromil
117bd9bd6e improve readability of code in some complex branching points
avoid usage of if...elif...elif...else in some points, substituted
with while true; do ... done loops and break statements on success.
2024-08-31 22:46:39 +02:00
Jaromil
c1b5e1b310 remove sphinx from tests and docs
leftover strings are in translations, maybe take them off later
2024-08-31 22:46:39 +02:00
Jaromil
afe0390d93 remove unused and old libsphinx support
steff seems to be moving towards new implementations and this was
never reported as used by anyone
2024-08-31 22:46:39 +02:00
Jaromil
32eab3beec kdf iterations need only to be specified when forging a key
the key header saves the key iteration set when forging
2024-08-31 22:46:39 +02:00
Jaromil
11a5776456 add argon2 kdf test 2024-08-31 22:46:39 +02:00
Jaromil
ef1541f7a2 enable tests on ubuntu 24, and add doas and argon2 to CI
also remove python2 from latest ubuntu as no more found

doas test is enabled only for latest
2024-08-31 22:46:39 +02:00
Narrat
73950fe3d8 tests: add outside bind mounts to 75_hooks
it may happen, that someone bind mounts manually or via an immutable setup the tomb mountdir somewhere else.
Tomb should be able to discover such mounts and close them if the tomb itself is closed.
2024-08-31 19:07:09 +02:00
Narrat
41b899e4e1 slam_tomb: adjust for changes in list_tomb_mounts
As the argument for list_tomb_mounts uses the input directly, it needs to be uniform.
Therefore one must make sure that extraneous character like parentheses are removed from the variable.
And those are in place in tombname for slam_tomb().
2024-08-31 19:07:09 +02:00
Narrat
33f7878a22 rework handling of bind mounts
Instead of only looking for bind mounts from within a tomb due to bind-hooks, also consider bind mounts that happenfrom the outside (example: open a tomb and manually issue a mount --bind /media/tomb some/other/location).
Such a mount wouldn't be filtered before (only looking for an additional [/path/] added to TARGET.
Instead look for every mount that is related to the respective /dev/mapper/ entry of a tomb and also close or list them.
This helps to avoid to loop again against mounted tombs inside the main loop which loops over mounted tombs.
2024-08-31 19:07:09 +02:00
Narrat
42e233d2b0 list_tomb_binds: simplify function
similar to list_tomb_mounts, rework the findmnt usage to usage of the
actual tomb mapper device.
Simplifies the awk usage and just only one argument needed for the
mapper function.
2024-08-31 19:07:09 +02:00
Narrat
6df1cdeab9 list_tomb_mounts: simplify the function
previously it had dedicated cases for listing all tombs and a singular
one, which duplicated code.
The function got reworked, that it uses a different approach for
findmnt. Instead of filtering the general result, it now uses --source
on the tomb specific crypsetup mapper. Those are searched via general
globbing of the devices in /dev/mapper. This allows to combine the
previous separate cases.
Additionally remove the usage of _sudo for findmnt, as it is not
necessary.
2024-08-31 19:07:09 +02:00
Narrat
0b25ba6d68 umount_tomb: avoid double execution of list_tomb_binds()
Especially directly after each other.
2024-08-31 19:07:09 +02:00
Narrat
89283a06b7 Avoid manual handling of loop devices
Cryptsetup is since 1.3.0 capable of setting up a loop device if the
device argument is a file.
This has the additional benefit that those loop devices will get the
AUTOCLEAR flag (available with Linux 2.6.25). This means those loop
devices will be closed as soon they're unused (on luksClose).
2024-08-31 19:07:09 +02:00
Narrat
c83068c03a Man-Page: remove part about gpg-agent
No plans on making this necessary and information about setting it up may not be the right place for this man-page.
2024-08-31 15:50:50 +02:00
Narrat
be533b3995 Man: merge section on Password Input
Somehow this section existed two times in the man page with similar information.
Enhance it with notes regarding wayland and adjust the recommened pinentry programs.
GTK2 is long time EOL and actively being fased out by distributions, which makes pinentry-gtk2 obsolete.
pinentry-tty will work on every headless system or from a textual interface. pinentry-curses may end up starting if the respective ncurses is available.
2024-08-31 15:50:50 +02:00
Narrat
75aafc0c8c
CI optimization (#531)
* portable was moved into extras and is unmaintained
* the CI tests for the portable rewrite are archived
2024-08-05 15:32:54 +02:00
Ricky Tigg
45c4616110 Translated using Weblate (Finnish)
Currently translated at 79.0% (276 of 349 strings)

Translation: Tomb/tomb
Translate-URL: https://hosted.weblate.org/projects/tomb/tomb/fi/
2024-07-30 06:21:01 +02:00
gallegonovato
7016515ce6 Translated using Weblate (Spanish)
Currently translated at 71.3% (249 of 349 strings)

Translation: Tomb/tomb
Translate-URL: https://hosted.weblate.org/projects/tomb/tomb/es/
2024-07-30 06:21:01 +02:00
Ricky Tigg
97c61dc513 Translated using Weblate (Finnish)
Currently translated at 61.0% (213 of 349 strings)

Translation: Tomb/tomb
Translate-URL: https://hosted.weblate.org/projects/tomb/tomb/fi/
2024-07-30 06:21:01 +02:00
gallegonovato
4523823c48 Translated using Weblate (Spanish)
Currently translated at 70.7% (247 of 349 strings)

Translation: Tomb/tomb
Translate-URL: https://hosted.weblate.org/projects/tomb/tomb/es/
2024-07-30 06:21:01 +02:00
Narrat
cb997eec2c extras/tomber: restructure
move contents one folder up. Instead of extras/tomber/tomber it now resides in extras/tomber.
Move and rename extras/PYTHON.md into extras/tomber/README.md, as it is the README of the tool.
2024-07-30 06:19:10 +02:00
Dyne.org foundation
857895a750 Added translation using Weblate (Finnish) 2024-07-22 12:13:24 +02:00
Gianluca Montecchi
891fa80c7a Translated using Weblate (Italian)
Currently translated at 96.5% (277 of 287 strings)

Translation: Tomb/tomb
Translate-URL: https://hosted.weblate.org/projects/tomb/tomb/it/
2024-07-22 12:13:24 +02:00
Gianluca Montecchi
431f1c6647 Translated using Weblate (Italian)
Currently translated at 95.8% (278 of 290 strings)

Translation: Tomb/tomb
Translate-URL: https://hosted.weblate.org/projects/tomb/tomb/it/
2024-07-22 12:13:24 +02:00
Jaromil
2b75962e54 updated for release
version bump
2024-07-12 12:37:28 +02:00
Jaromil
bae8af351b improve support of non-sudo setup, by default support doas
aldo better support when launched from root
2024-07-12 11:51:53 +02:00
Jaromil
2082198b36 remove unnecessary flag from maphash sha256 2024-07-12 11:51:53 +02:00
Jaromil
552dc82fe3 add alpine deps
typo in makefile
2024-07-12 11:51:53 +02:00
Jaromil
7ebcfc767e add support for pinentry-tty
fallback to pinentry-tty is supported, correct message working now
doesn't distinguishes between pinentry versions
2024-07-12 11:51:53 +02:00
Jaromil
c72432d640 fix cloakify to work easily and update documentation
a few changes needed to be adjusted and manpage updated, now we also
ship cloakify ciphers into extras, a link is left to original repo.
2024-07-12 11:51:53 +02:00
Jaromil
4a277c97f2 set default iterations to 3 in case of argon2 kdf
fix: #214
2024-07-12 11:51:53 +02:00
Jaromil
735d540fe7 feature recoll in place of swish-e to search a tomb's contents
Swish is outdated and recoll works much better as a frontend to
xapian, so we adopt it to provide local search over file contents in a
tomb. This update also makes plocate optional to search over file
names, not mandatory. Recoll works also in GUI using its -c
commandline option followed by the indexed tomb's path.
2024-07-12 11:51:53 +02:00
Jaromil
b715917b31
deploy new website via hugo action on github pages 2024-07-11 10:40:12 +02:00
Jaromil
0d06c994cf fix tests to run also when swap present 2024-05-12 22:09:46 +02:00
Jaromil
6c383ffd64 move unfinished portable veracrypt version in extras 2024-05-12 21:47:57 +02:00
nerun
ddb2de6072 Updated copyright year in 'generate_translatable_strings' script. 2024-05-06 15:06:56 +02:00
nerun
3398b7bf89 Updated extras/translations/README. 2024-05-06 15:06:56 +02:00
nerun
abe5704658 Updated all language files to Tomb v2.10 (.po/.pot). 2024-05-06 15:06:56 +02:00
nerun
d0b84d78a0 Fixed tomb listing failure message: localization friendly. 2024-05-06 15:06:56 +02:00
Melroy van den Berg
91adbbe183 Update copyright in translation source 2024-01-26 00:38:37 +01:00
Melroy van den Berg
766cd27c1b Update copyright lines 2024-01-26 00:38:13 +01:00
Narrat
dee2b0f8c4 list_processes: use lsof to list processes
Parsing the output from lsof had possibilities for race conditions.
Either due to short lived processes or issuing "tomb ps" from a terminal which cwd is from inside the tomb.
This would spit out available users on the system.
To avoid this use the lsof output directly.

In the future formatting could be reintroduced via commands like
"lsof +D "$tombmount" -F Lc" or "lsof +D "$tombmount" -F Lc0".

This fixes #503
2024-01-26 00:37:46 +01:00
nerun
13eeef7c6c manpage: replaced 'mlocate' to 'mlocate/plocate', because of commit 59d7331. 2024-01-26 00:30:58 +01:00