#!/bin/zsh # # Tomb, the Crypto Undertaker # # a tool to easily operate file encryption of private and secret data # # Copyleft (C) 2007-2011 Denis Roio # # This source code is free software; you can redistribute it and/or # modify it under the terms of the GNU Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # This source code is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # Please refer to the GNU Public License for more details. # # You should have received a copy of the GNU Public License along with # this source code; if not, write to: # Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. VERSION=1.1 DATE=May/2011 TOMBEXEC=$0 TOMBOPENEXEC="tomb-open" typeset -a OLDARGS for arg in ${argv}; do OLDARGS+=($arg); done STEGHIDE=1 MOUNTOPTS="rw,noatime,nodev" #declare global variables QUIET=0 DEBUG=0 typeset -A global_opts typeset -A opts # PATH=/usr/bin:/usr/sbin:/bin:/sbin autoload colors; colors # standard output message routines # it's always useful to wrap them, in case we change behaviour later notice() { if [[ $QUIET == 0 ]]; then print "$fg_bold[green][*]$fg_no_bold[white] $1" >&2; fi } error() { if [[ $QUIET == 0 ]]; then print "$fg[red][!]$fg[white] $1" >&2; fi } func() { if [[ $DEBUG == 1 ]]; then print "$fg[blue][D]$fg[white] $1" >&2; fi } act() { if [[ $QUIET == 0 ]]; then if [ "$1" = "-n" ]; then print -n "$fg_bold[white] . $fg_no_bold[white] $2" >&2; else print "$fg_bold[white] . $fg_no_bold[white] $1" >&2; fi fi } check_bin() { # which dd command to use which dcfldd > /dev/null if [ $? = 0 ]; then DD="dcfldd" else DD=dd fi # which wipe command to use which wipe > /dev/null if [ $? = 0 ]; then WIPE=(wipe -f -s) else WIPE=(rm -f) fi # check for filesystem creation progs which mkfs.ext4 > /dev/null if [ $? = 0 ]; then MKFS=(mkfs.ext4 -q -F -j -L) else MKFS=(mkfs.ext3 -q -F -j -L) fi # check for sudo which sudo > /dev/null if [ $? != 0 ]; then error "Cannot find sudo. Please install it" exit 1 fi # check for steghide which steghide > /dev/null if [ $? != 0 ]; then STEGHIDE=0 fi which cryptsetup > /dev/null if [ $? != 0 ]; then error "Cannot find cryptsetup. Please install it." exit 1 fi which pinentry > /dev/null if [ $? != 0 ]; then error "Cannot find pinentry. Please install it." exit 1 fi # check for tomb-open script if [ "$0" = "./tomb" ]; then TOMBOPENEXEC="./tomb-open" elif [ "$0" != "tomb" ]; then TOMBOPENEXEC="`dirname $0`/tomb-open" fi } # safe dir creation function safe_dir() { which mktemp &> /dev/null if [[ $? = 0 ]]; then mktemp -d /dev/shm/$1.XXXX.$$ return fi dir="/dev/shm/$1.$RANDOM.$RANDOM.$$" (umask 077 && mkdir "$dir") || print "-1" print "$dir" } #check if there is swap activated check_swap() { # Return 0 if NO swap is used, 1 if swap is used # TODO: it should return 2 if swap is used, but encrypted nlines=$(wc -l /proc/swaps|cut -f1 -d ' ') if [[ $nlines -gt 1 ]]; then r=1 else #and return 2 r=0 fi if [[ $1 == out ]]; then echo $r; fi return $r; } # we use pinentry now # comes from gpg project and is much more secure # it also conveniently uses the right toolkit ask_password() { # pinentry has no custom icon setting # so we need to temporary modify the gtk theme if [ -r /usr/local/share/themes/tomb/gtk-2.0-key/gtkrc ]; then GTK2_RC=/usr/local/share/themes/tomb/gtk-2.0-key/gtkrc elif [ -r /usr/share/themes/tomb/gtk-2.0-key/gtkrc ]; then GTK2_RC=/usr/share/themes/tomb/gtk-2.0-key/gtkrc fi cat </dev/null | awk '/^D/ { print $2 }' OPTION ttyname=$TTY OPTION lc-ctype=$LANG SETTITLE Insert tomb password SETDESC Open tomb: $1 SETPROMPT Password: GETPIN EOF } # drop privileges exec_as_user() { if ! [ $SUDO_USER ]; then exec $@[@] return $? fi func "exec_as_user '$SUDO_USER': ${(f)@}" sudo -u $SUDO_USER "${@[@]}" return $? } # escalate privileges check_priv() { if [ $UID != 0 ]; then func "Using sudo for root execution of 'tomb ${(f)OLDARGS}'" # check if sudo has a timestamp active sudok=false sudo -n ${TOMBEXEC} &> /dev/null if [ $? != 0 ]; then # if not then ask a password cat </dev/null | awk '/^D/ { print $2 }' | sudo -S -v OPTION ttyname=$TTY OPTION lc-ctype=$LANG SETTITLE Super user privileges required SETDESC Sudo execution of Tomb ${OLDARGS[@]} SETPROMPT Insert your USER password: GETPIN EOF fi sudo "${TOMBEXEC}" "${(@)OLDARGS}" exit $? fi # are we root already return 0 } get_arg_tomb() { # set up variables to be used by caller: # tombfile - filename without path # tombdir - directory where the tomb is # tombname - name of the tomb (filename without extension) # the full path is made with $tombdir/$tombfile if [ -z $1 ]; then error "internal: get_arg_tomb called without argument" return 1 fi arg=${1} if ! [ -r ${arg} ]; then error "file not found: $arg" return 1 fi tombfile=`basename $arg` tombdir=`dirname $arg` file ${tombdir}/${tombfile} | grep -i 'luks encrypted file' 2>&1 >/dev/null if [ $? != 0 ]; then error "$arg is not a valid tomb file, operation aborted" return 1 fi tombname=${tombfile%%\.*} func "tomb found: ${tombdir}/${tombfile}" # now check if the key is kept beside or in args # we use the extension .key # the problem with .tomb.gpg is that decoding by hand using gpg it # can override the tomb contents if the key is in the same # directory than the tomb if [ $KEY ]; then tombkey=$KEY # commandline -k flag act "tomb key specified manually: $tombkey" elif [ -r ${tombdir}/${tombname}.tomb.key ]; then tombkey=${tombdir}/${tombname}.tomb.key act "key found for tomb '${tombname}': ${tombkey}" else error "key not found for tomb '${tombname}'" return 1 fi return 0 } usage() { cat < Syntax: tomb [options] command [file] [place] Commands: create create a new tomb FILE and its keys open open an existing tomb FILE on PLACE list list all open tombs or the one called FILE close close the open tomb called FILE (or all) slam close tomb FILE and kill all pids using it EOF if [ "$STEGHIDE" = 1 ]; then cat <. EOF } generate_translatable_strings() { cat <, 2011. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: Tomb $VERSION\n" "PO-Revision-Date: `date`\n" "Last-Translator: Denis Roio \n" "Language-Team: Tomb developers \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" # #: commandline help # msgid "" EOF usage | awk ' { print "\"" $0 "\"" }' cat < ]]; then error "Size is not an integer" return 1 fi if [ -e ${tombdir}/${tombfile} ]; then error "tomb exists already. I'm not digging here:" ls -lh ${tombdir}/${tombfile} return 1 fi if [ -e ${tombdir}/${tombfile}.key ]; then error "tomb key already exists. Quitting." ls -lh ${tombdir}/${tombfile}.key return 1 fi notice "Creating a new tomb in ${tombdir}/${tombfile}" if [ -z $tombsize ]; then act "No size specified, summoning the Tomb Undertaker to guide us in the creation." "$TOMBOPENEXEC" & wait $! return 0 fi tombsize_4k=`expr $tombsize \* 1024 / 4` act "Generating ${tombfile} of ${tombsize}Mb (${tombsize_4k} blocks of 4Kb)" $DD if=/dev/urandom bs=4k count=${tombsize_4k} of=${tombdir}/${tombfile} if [ $? = 0 -a -e ${tombdir}/${tombfile} ]; then act "OK: `ls -lh ${tombdir}/${tombfile}`" else error "Error creating the tomb ${tombdir}/${tombfile}, operation aborted." exit 1 fi nstloop=`losetup -f` # get the number for next loopback device losetup -f ${tombdir}/${tombfile} # allocates the next loopback for our file # create the keyfile in tmpfs so that we leave less traces in RAM keytmp=`safe_dir tomb` if [ "$keytmp" = "-1" ]; then error "error creating temp dir" exit 1 fi #rm -f $keytmp # ?????? creo, cancello e ricreo ?????? #mkdir -p $keytmp mount tmpfs "${keytmp}" -t tmpfs -o size=1m if [ $? != 0 ]; then error "cannot mount tmpfs filesystem in volatile memory" error "operation aborted." losetup -d $nstloop rm -r "${keytmp}" exit 1 fi act "Generating secret key..." act "this operation takes time, keep using this computer on other tasks," act "once done you will be asked to choose a password for your tomb." act "To make it faster you can move the mouse around" touch ${keytmp}/tomb.tmp chmod 0600 ${keytmp}/tomb.tmp if [[ $DD = "dcfldd" ]]; then $DD bs=1 count=256 if=/dev/random of=${keytmp}/tomb.tmp statusinterval=1 else $DD bs=1 count=256 if=/dev/random of=${keytmp}/tomb.tmp fi if ! [ -r ${keytmp}/tomb.tmp ]; then error "cannot generate encryption key, operation aborted." umount ${keytmp} losetup -d $nstloop rm -r $keytmp exit 1 fi notice "Setup your secret key file ${tombname}.tomb.key" # here user is prompted for key password for c in 1 2 3; do # 3 tries to write two times a matching password tombpass=`exec_as_user ${TOMBEXEC} askpass ${tombname}` tombpasstmp=$tombpass tombpass=`exec_as_user ${TOMBEXEC} askpass "${tombname} (again)"` if [ "$tombpasstmp" = "$tombpass" ]; then break; fi unset tombpasstmp unset tombpass done if [ -z $tombpass ]; then error "passwords don't match, aborting operation" umount ${keytmp} losetup -d $nstloop rm -r $keytmp exit 1 fi print "${tombpass}" | gpg \ --openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \ -o "${tombdir}/${tombname}.tomb.key" -c -a ${keytmp}/tomb.tmp # if [ $? != 0 ]; then # error "setting password failed: gnupg returns 2" # umount ${keytmp} # losetup -d $nstloop # rm -r $keytmp # exit 1 # fi act "formatting Luks mapped device" # we use aes-cbc-essiv with sha256 # for security, performance and compatibility cryptsetup --batch-mode \ --cipher aes-cbc-essiv:sha256 --key-size 256 \ luksFormat ${nstloop} ${keytmp}/tomb.tmp if ! [ $? = 0 ]; then act "operation aborted." exit 0 fi cryptsetup --key-file ${keytmp}/tomb.tmp --cipher aes luksOpen ${nstloop} tomb.tmp ${WIPE[@]} ${keytmp}/tomb.tmp umount ${keytmp} rm -r ${keytmp} # cryptsetup luksDump ${nstloop} act "formatting your Tomb with Ext3/Ext4 filesystem" ${MKFS} ${tombname} /dev/mapper/tomb.tmp if [ $? != 0 ]; then error "Tomb format returns error" error "your tomb ${tombfile} maybe corrupt" fi sync cryptsetup luksClose tomb.tmp losetup -d ${nstloop} # set permissions on the tomb ME=${SUDO_USER:-$(whoami)} chmod 0600 ${tombfile} chown $(id -u $ME):$(id -g $ME) ${tombfile} act "done creating $tombname encrypted storage (using Luks dm-crypt AES/SHA256)" notice "Your tomb is ready in ${tombdir}/${tombfile} and secured with key ${tombfile}.key" } mount_tomb() { notice "Commanded to open tomb $CMD2" if ! option_is_set --ignore-swap && [[ `check_swap out` == 1 ]]; then error "You have swap activated; use --ignore-swap if you want to skip this check" act "Using encryption with swap activated is very bad, because some files, or even your secret key, could be written on hard disk." act "However, it could be that your swap is encrypted. If this is case, this is ok. Then, use --ignore-swap to skip this check" exit 1 fi if ! [ ${CMD2} ]; then error "no tomb name specified for creation" return 1 fi # TODO: eliminate this function get_arg_tomb $CMD2 local tombkey if option_is_set -k ; then if [[ "`option_value -k`" == "-" ]]; then # take key from stdin local tombkeydir tombkeydir=`safe_dir` cat > ${tombkeydir}/stdin.tmp tombkey=${tombkeydir}/stdin.tmp else # take key from a file tombkey=`option_value -k` fi else # guess key as lying besides the tomb tombkey="${PARAM[1]}.key" fi echo the key used is $tombkey if [ $? != 0 ]; then error "operation aborted." return 1 fi if ! [ $CMD3 ]; then tombmount=/media/${tombfile} act "mountpoint not specified, using default: $tombmount" elif ! [ -x $CMD3 ]; then error "mountpoint $CMD3 doesn't exist, operation aborted." if [ -n "$usbkey_mount" ]; then umount $usbkey_mount rmdir $usbkey_mount unset usbkey_mount fi return 1 else tombmount=$CMD3 fi # check if its already open mount -l | grep "${tombname}.tomb.*\[$tombname\]$" 2>&1 > /dev/null if [ $? = 0 ]; then error "$tombname is already mounted on $tombmount" act "tomb list - show all tombs currently open" if [ -n "$usbkey_mount" ]; then umount $usbkey_mount rmdir $usbkey_mount unset usbkey_mount fi error "operation aborted." return 1 fi notice "mounting $tombfile on mountpoint $tombmount" # we need root from here on mkdir -p $tombmount nstloop=`losetup -f` if [ $? = 255 ]; then error "too many tomb opened. Please close any of them to open another tomb" exit 1 fi losetup -f ${tombdir}/${tombfile} act "check for a valid LUKS encrypted device" cryptsetup isLuks ${nstloop} if [ $? != 0 ]; then # is it a LUKS encrypted nest? see cryptsetup(1) error "$tombfile is not a valid Luks encrypted storage file" $norm || rmdir $tombmount 2>/dev/null return 1 fi # save date of mount in minutes since 1970 mapdate=`date +%s` mapper="tomb.${tombname}.${mapdate}.`basename $nstloop`" keyname=`basename $tombkey | cut -d. -f1` notice "Password is required for key ${keyname}" for c in 1 2 3; do if [ $c = 1 ]; then tombpass=`exec_as_user ${TOMBEXEC} askpass ${keyname}` else tombpass=`exec_as_user ${TOMBEXEC} askpass "$keyname (retry $c)"` fi print "${tombpass}" \ | gpg --batch --passphrase-fd 0 --no-tty --no-options \ -d "${tombkey}" 2> /dev/null \ | cryptsetup --key-file - luksOpen ${nstloop} ${mapper} unset tombpass # if key was from stdin delete temp file and dir if [ $tombkeydir ]; then ${WIPE[@]} ${tombkey} rmdir $tombkeydir fi if [ -r /dev/mapper/${mapper} ]; then break; # password was correct fi done if ! [ -r /dev/mapper/${mapper} ]; then error "failure mounting the encrypted file" losetup -d ${nstloop} $norm || rmdir ${tombmount} 2>/dev/null return 1 fi act "encrypted storage filesystem check" fsck -p -C0 /dev/mapper/${mapper} act "tomb engraved as $tombname" tune2fs -L ${tombname} /dev/mapper/${mapper} > /dev/null mount -o $MOUNTOPTS /dev/mapper/${mapper} ${tombmount} # Ensure the user can write the disk - 10x Hellekin :) ME=${SUDO_USER:-$(whoami)} chmod 0750 ${tombmount} chown $(id -u $ME):$(id -g $ME) ${tombmount} notice "encrypted storage $tombfile succesfully mounted on $tombmount" if ! [ $NOBIND ]; then exec_safe_bind_hooks ${tombmount} exec_safe_post_hooks ${tombmount} open fi return 0 } encode_key() { tombkey=$CMD2 imagefile=$CMD3 file $tombkey | grep PGP > /dev/null if [ $? != 0 ]; then error "encode failed: $tombkey is not a tomb key" return 1 fi file $imagefile | grep JPEG > /dev/null if [ $? != 0 ]; then error "encode failed: $imagefile is not a jpeg image" return 1 fi notice "Encoding key $tombkey inside image $imagefile" act "please choose a password for the encoding" # here user is prompted for key password for c in 1 2 3; do # 3 tries to write two times a matching password tombpass=`exec_as_user ${TOMBEXEC} askpass ${tombkey}` tombpasstmp=$tombpass tombpass=`exec_as_user ${TOMBEXEC} askpass "${tombkey} (again)"` if [ "$tombpasstmp" = "$tombpass" ]; then break; fi unset tombpasstmp unset tombpass done if [ -z $tombpass ]; then error "passwords don't match, aborting operation." return 1 fi awk ' /^-----/ {next} /^Version/ {next} {print $0}' ${tombkey} \ | steghide embed --embedfile - --coverfile ${imagefile} \ -p ${tombpass} -z 9 -e serpent cbc if [ $? != 0 ]; then error "encoding error: steghide reports problems" res=1 else notice "tomb key encoded succesfully into image ${imagefile}" res=0 fi unset tombpass return $res } decode_key() { tombname=$CMD2 imagefile=$CMD3 res=1 file $imagefile | grep JPEG > /dev/null if [ $? != 0 ]; then error "encode failed: $imagefile is not a jpeg image" return 1 fi keyfile=${tombname%%\.*}.tomb.key notice "Trying to exhume a key out of image $imagefile" for c in 1 2 3; do if [ $c = 1 ]; then tombpass=`exec_as_user ${TOMBEXEC} askpass ${keyfile}` else tombpass=`exec_as_user ${TOMBEXEC} askpass "$keyfile (retry $c)"` fi steghide extract -sf ${imagefile} -p ${tombpass} -xf - \ | awk ' BEGIN { print "-----BEGIN PGP MESSAGE-----" } { print $0 } END { print "-----END PGP MESSAGE-----" }' > ${keyfile} if [ "`cat ${keyfile} | wc -l`" != "3" ]; then act "${keyfile} succesfully decoded" res=0 break; fi done unset tombpass if [ $res != 0 ]; then error "nothing found." fi return $res } exec_safe_bind_hooks() { if [[ -n ${(k)opts[-o]} ]]; then MOUNTOPTS=${opts[-o]} fi local MOUNTPOINT="${1}" local ME=${SUDO_USER:-$(whoami)} local HOME=$(grep $ME /etc/passwd | sed "s/^${ME}:.*:.*:.*:.*:\([\/a-z]*\):.*$/\1/" 2>/dev/null) if [ $? -ne 0 ]; then error "how pitiful! A tomb, and no HOME" return 1 fi if [ -z "$MOUNTPOINT" -o ! -d "$MOUNTPOINT" ]; then error "cannot exec bind hooks without a mounted tomb." return 1 fi if ! [ -r "$MOUNTPOINT/bind-hooks" ]; then func "bind-hooks not found in $MOUNTPOINT" return 1 fi typeset -al mounted typeset -Al maps maps=($(<"$MOUNTPOINT/bind-hooks")) for dir in ${(k)maps}; do if [ "${dir[1]}" = "/" -o "${dir[1,2]}" = ".." ]; then error "bind-hooks map format: local/to/tomb local/to/\$HOME" continue fi if [ "${${maps[$dir]}[1]}" = "/" -o "${${maps[$dir]}[1,2]}" = ".." ]; then error "bind-hooks map format: local/to/tomb local/to/\$HOME. Rolling back" for dir in ${mounted}; do umount $dir; done return 1 fi if [ ! -r "$HOME/${maps[$dir]}" ]; then error "bind-hook target not existent, skipping $HOME/${maps[$dir]}" elif [ ! -r "$MOUNTPOINT/$dir" ]; then error "bind-hook source not found in tomb, skipping ${MOUNTPOINT}/${dir}" else mount -o bind,$MOUNTOPTS $MOUNTPOINT/$dir $HOME/${maps[$dir]} mounted+=("$HOME/${maps[$dir]}") fi done } exec_safe_post_hooks() { local mnt=$1 # first argument is where the tomb is mounted local ME=${SUDO_USER:-$(whoami)} if ! [ -x ${mnt}/post-hooks ]; then return; fi # if 'post-hooks' is found inside the tomb, check it: if it is an # executable, launch it as a user this might need a dialog for # security on what is being run, however we expect you know well # what is inside your tomb. this feature opens the possibility to # make encrypted executables. cat ${mnt}/post-hooks | head -n1 | grep '^#!/' if [ $? = 0 ]; then act "post hooks found, executing as user $SUDO_USER" exec_as_user ${mnt}/post-hooks $2 fi } kill_tomb() { # $1 = pids to kill # $2 = type of kill local e p # substitute the \n with space e=${1//$'\n'/ } # split the string at space delim # so we can get a for loop honestly e=(${(s: :)e}) for p in $e; do func "killing PID $p..." if [[ "$2" == "soft" ]]; then kill -USR1 $p elif [[ "$2" == "hard" ]]; then kill -TERM $p elif [[ "$2" == "must die" ]]; then kill -KILL $p fi done } slam_tomb() { # $1 = tomb mount point local pidk pidk=`lsof -t "$1"` if [[ ! -z "$pidk" ]]; then kill_tomb "$pidk" "soft" else return 0 fi # if there are remaining pids # we need to play hard pidk=`lsof -t "$1"` if [[ -z "$pidk" ]]; then return 0 fi # if we set the -f (force) option # don't wait, just kill option_is_set -f || sleep 3 kill_tomb "$pidk" "hard" pidk=`lsof -t "$1"` if [[ -z "$pidk" ]]; then return 0 fi # if there are still some pids around # we have to kill 'em all option_is_set -f || sleep 3 kill_tomb "$pidk" "must die" pidk=`lsof -t "$1"` if [[ -z "$pidk" ]]; then return 0 fi # what PITA! return 1 } umount_tomb() { local tombs how_many_tombs local pathmap mapper tombname tombmount loopdev local ans pidk pname if ! [ $1 ]; then tombs=`find /dev/mapper -name 'tomb.*'` how_many_tombs=`wc -w <<< "$tombs"` if [[ "$how_many_tombs" == "0" ]]; then error "There is no open tomb to be closed" return 1 elif [[ "$how_many_tombs" == "1" ]]; then #mapper=`find /dev/mapper -name 'tomb.*'` func "closing mapper $tombs" umount_tomb ${tombs} return 1 else error "Too many tombs mounted, please specify which to unmount:" ls /dev/mapper/tomb.* error "or issue the command 'tomb close all' to clos'em all." return 1 fi fi if [ "$1" = "all" ]; then tombs=`find /dev/mapper -name 'tomb.*'` if ! [ $tombs ]; then notice "Tombs are all closed, cemetery is quiet." return 0 fi for t in ${(f)tombs}; do umount_tomb ${t} done return 0 fi # tomb close argument deduction pathmap=`dirname "$1"` if [ "${pathmap}" = "/dev/mapper" ]; then mapper="$1" # argument is the mapper (or none which autofills mapper) tombname="`print $mapper | cut -d. -f2`" tombmount=`mount -l | \ awk -vtomb="[$tombname]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $3 } '` elif [ "$pathmap" = "." ]; then tombname="$1" # argument is the name mapper=`mount -l | \ awk -vtomb="[$tombname]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $1 } '` tombmount=`mount -l | \ awk -vtomb="[$tombname]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $3 } '` else tombmount="$1" # argument should be the mount mapper=`mount | awk -vmnt="$tombmount" '/^\/dev\/mapper\/tomb/ { if($3==mnt) print $1 }'` tombname="`print $mapper | cut -d. -f2`" fi # avoid block when the same tomb is mounted, take only the first for tm in ${(f)tombmount}; do tombmount=${tm}; break; done func "tomb close argument: $1" func "name:\t$tombname" func "mount:\t$tombmount" func "mapper:\t$mapper" if ! [ -e "$mapper" ]; then error "Tomb not found: $1" error "Please specify an existing tomb." return 0 fi if [ $SLAM ]; then notice "Slamming tomb $tombname mounted on $tombmount" act "Kill all processes busy inside the tomb" slam_tomb "$tombmount" if [[ $? == 1 ]]; then error "Cannot slam the tomb $tombname" return 1 fi else notice "Closing tomb $tombname mounted on $tombmount" fi # check if there are binded dirs and close them tombmount_esc=`sed 's:\/:\\\/:g' <<< $tombmount ` unbind=`mount | awk "/^$tombmount_esc.*bind/"' { print $3 }'` for b in ${(f)unbind}; do hook="`basename $b`" act "closing tomb hook: $hook" umount $b if [[ $? != 0 ]]; then if [ $SLAM ]; then notice "Slamming tomb: killing all processes using this hook" slam_tomb "$b" if [[ $? == 1 ]]; then error "Cannot slam the tomb $b" return 1 fi umount $b else error "Tomb hook is busy, cannot close tomb." return 1 fi fi done # Execute post-hooks for eventual cleanup if ! [ $NOBIND ]; then exec_safe_post_hooks ${tombmount%%/} close fi if [ $tombmount ]; then # tomb is actively mounted func "performing umount of $tombmount" umount ${tombmount} 2> /dev/null rmdir ${tombmount} if ! [ $? = 0 ]; then error "Tomb is busy, cannot umount!" fi fi cryptsetup luksClose $mapper if ! [ $? = 0 ]; then error "error occurred in cryptsetup luksClose ${mapper}" return 1 fi loopdev=`cut -d '.' -f4 <<< "$mapper"` losetup -d "/dev/$loopdev" # kill the status tray widget if still present # this makes the widget disappear when closing tomb from cli awkmapper=`sed 's:\/:\\\/:g' <<< $mapper` statustray_pid=`ps ax | awk "/tomb-status $awkmapper/"' {print $1} '` if [ ${statustray_pid} ]; then kill ${statustray_pid} fi notice "Tomb $tombname closed: your bones will rest in peace." return 0 } # list all tombs mounted in a readable format list_tombs() { if [ $1 ]; then # list a specific tomb mounted_tombs=`mount -l | awk -vtomb="[$1]" '/^\/dev\/mapper\/tomb/ { if($7==tomb) print $1 ";" $3 ";" $5 ";" $6 ";" $7 }'` else # list all open tombs mounted_tombs=`mount -l | awk '/^\/dev\/mapper\/tomb/ { print $1 ";" $3 ";" $5 ";" $6 ";" $7 }'` fi # 1 = full mapper path # 2 = mountpont # 3 = filesystem # 4 = mount options # 5 = name if ! [ $mounted_tombs ]; then if [ $1 ]; then error "There seems to be no open tomb engraved as [${1}]" else error "I can't see any open tomb, may they all rest in peace." fi exit 1 fi for t in ${(f)mounted_tombs}; do mapper=`basename ${t[(ws:;:)1]}` tombname=${t[(ws:;:)5]} tombmount=${t[(ws:;:)2]} tombfs=${t[(ws:;:)3]} tombfsopts=${t[(ws:;:)4]} # calculate tomb size ts=`df -hP /dev/mapper/$mapper | awk "/mapper/"' { print $2 ";" $3 ";" $4 ";" $5 }'` tombtot=${ts[(ws:;:)1]} tombused=${ts[(ws:;:)2]} tombavail=${ts[(ws:;:)3]} tombpercent=${ts[(ws:;:)4]} tombp=${tombpercent%%%} tombsince=`date --date=@${mapper[(ws:.:)3]} +%c` # breaking up such strings is good for translation print -n "$fg[green]$tombname" print -n "$fg[white] open on " print -n "$fg_bold[white]$tombmount" print -n "$fg_no_bold[white] using " print "$fg_bold[white]$tombfs $tombfsopts" print -n "$fg_no_bold[green]$tombname" print -n "$fg[white] size " print -n "$fg_bold[white]$tombtot" print -n "$fg_no_bold[white] of which " print -n "$fg_bold[white]$tombused" print -n "$fg_no_bold[white] used " print -n "$fg_bold[white]$tombavail" print -n "$fg_no_bold[white] free (" print -n "$fg_bold[white]$tombpercent" print "$fg_no_bold[white] full)" if [[ ${tombp} -ge 90 ]]; then error "Your tomb is almost full!" fi print -n "$fg_no_bold[green]$tombname" print -n "$fg_no_bold[white] open since " print "$fg_bold[white]$tombsince$fg_no_bold[white]" # now check hooks mtomb=`sed 's:\/:\\\/:g' <<< $tombmount` mounted_hooks=`mount | awk "/^$mtomb/"' {print $1 ";" $3}'` for h in ${(f)mounted_hooks}; do print -n "$fg[green]$tombname" print -n "$fg_no_bold[white] hooks " print -n "$fg_bold[white]`basename ${h[(ws:;:)1]}`" print -n "$fg_no_bold[white] on " print "$fg_bold[white]${h[(ws:;:)2]}$fg_no_bold[white]" done done } # install mime-types, bells and whistles for the desktop # see http://developers.sun.com/solaris/articles/integrating_gnome.html # and freedesktop specs install_tomb() { # TODO: distro package deps (for binary) # debian: zsh, cryptsetup, sudo act "updating mimetypes..." cat < /tmp/dyne-tomb.xml Tomb encrypted volume Tomb crypto key EOF xdg-mime install /tmp/dyne-tomb.xml xdg-icon-resource install --context mimetypes --size 32 monmort.xpm monmort xdg-icon-resource install --size 32 monmort.xpm dyne-monmort rm /tmp/dyne-tomb.xml act "updating desktop..." cat < /usr/share/applications/tomb.desktop [Desktop Entry] Version=1.0 Type=Application Name=Tomb crypto undertaker GenericName=Crypto undertaker Comment=Keep your bones safe Exec="${TOMBOPENEXEC}" %U TryExec=tomb-open Icon=monmort.xpm Terminal=true Categories=Utility;Security;Archiving;Filesystem; MimeType=application/x-tomb-volume; X-AppInstall-Package=tomb EOF update-desktop-database act "updating menus..." cat < /etc/menu/tomb ?package(tomb):command="tomb" icon="/usr/share/pixmaps/monmort.xpm" needs="text" \ section="Applications/Accessories" title="Tomb" hints="Crypto" \ hotkey="Tomb" EOF update-menus act "updating mime info..." cat < /usr/share/mime-info/tomb.keys # actions for encrypted tomb storage application/x-tomb-volume: open="${TOMBOPENEXEC}" %f view=tomb-open %f icon-filename=monmort.xpm short_list_application_ids_for_novice_user_level=tomb EOF cat < /usr/share/mime-info/tomb.mime # mime type for encrypted tomb storage application/x-tomb-volume ext: tomb application/x-tomb-key ext: tomb.key EOF cat < /usr/lib/mime/packages/tomb application/x-tomb-volume; tomb-open '%s'; priority=8 EOF update-mime act "updating application entry..." cat < /usr/share/application-registry/tomb.applications tomb command=tomb-open name=Tomb - Crypto Undertaker can_open_multiple_files=false expects_uris=false requires_terminal=true mime-types=application/x-tomb-volume,application/x-tomb-key EOF act "Tomb is now installed." } option_is_set() { #First argument, the option (something like "-s") #Second (optional) argument: if it's "out", command will print it out 'set'/'unset' # This is useful for if conditions #Return 0 if is set, 1 otherwise [[ -n ${(k)opts[$1]} ]]; r=$? if [[ $2 == out ]]; then if [[ $r == 0 ]]; then echo 'set' else echo 'unset' fi fi return $r; } option_value() { #First argument, the option (something like "-s") <<< ${opts[$1]} } main() { local -A subcommands_opts ### Options configuration #Hi, dear developer! Are you trying to add a new subcommand, or to add some options? #Well, keep in mind that: # 1. An option CAN'T have differente meanings/behaviour in different subcommands. # For example, "-s" means "size" and accept an argument. If you are tempted to add # an option "-s" (that means, for example "silent", and doesn't accept an argument) # DON'T DO IT! # There are two reasons for that: # I. usability; user expect that "-s" is "size # II. Option parsing WILL EXPLODE if you do this kind of bad things # (it will say "option defined more than once, and he's right) main_opts=(q -quiet=q D -debug=D h -help=h v -version=v) subcommands_opts[__default]="" subcommands_opts[open]="n -nohook=n k: -key=k o: -mount-options=o -ignore-swap" subcommands_opts[mount]=${subcommands_opts[open]} subcommands_opts[create]="s: -size=s -ignore-swap" subcommands_opts[close]="" subcommands_opts[help]="" subcommands_opts[slam]="" subcommands_opts[list]="" subcommands_opts[help]="" subcommands_opts[bury]="" subcommands_opts[exhume]="" subcommands_opts[decompose]="" subcommands_opts[recompose]="" subcommands_opts[install]="" subcommands_opts[askpass]="" subcommands_opts[mktemp]="" subcommands_opts[source]="" ### Detect subcommand local -aU every_opts #every_opts behave like a set; that is, an array with unique elements for optspec in $subcommands_opts$main_opts; do for opt in ${=optspec}; do every_opts+=${opt} done done local -a oldstar oldstar=($argv) zparseopts -M -E -D -Adiscardme ${every_opts} unset discardme subcommand=$1 if [[ -z $subcommand ]]; then subcommand="__default" fi if [[ -z ${(k)subcommands_opts[$subcommand]} ]]; then #there's no such subcommand error "Subcommand '$subcommand' doesn't exist" exit 127 fi argv=(${oldstar}) unset oldstar ### Parsing global + command-specific options # zsh magic: ${=string} will split to multiple arguments when spaces occur set -A cmd_opts ${main_opts} ${=subcommands_opts[$subcommand]} if [[ -n $cmd_opts ]]; then #if there is no option, we don't need parsing zparseopts -M -E -D -Aopts ${cmd_opts} if [[ $? != 0 ]]; then error "Some error occurred during option processing. See \"tomb help\" for more info" exit 127 fi fi #build PARAM (array of arguments) and check if there are unrecognized options ok=0 PARAM=() for arg in $*; do if [[ $arg == '--' || $arg == '-' ]]; then ok=1 continue #it shouldnt be appended to PARAM elif [[ $arg[1] == '-' ]]; then if [[ $ok == 0 ]]; then error "unrecognized option $arg" exit 127 fi fi PARAM+=$arg done #first parameter actually is the subcommand: delete it and shift if [[ $subcommand != '__default' ]]; then PARAM[1]=() shift fi ### End parsing command-specific options ### Set global options (useless, but for code retro-compatibility) for opt in ${(k)global_opts}; do if [[ $opt == '-q' ]]; then QUIET=1 elif [[ $opt == '-D' ]]; then DEBUG=1 fi done CMD=$subcommand CMD2=$PARAM[1] CMD3=$PARAM[2] func "Tomb command: $CMD $CMD2 $CMD3" case "$subcommand" in create) check_priv ; create_tomb ;; mount) check_priv ; mount_tomb ;; open) check_priv ; mount_tomb ;; umount) check_priv ; umount_tomb ${CMD2} ;; close) check_priv ; umount_tomb ${CMD2} ;; slam) check_priv ; SLAM=1; umount_tomb ${CMD2} ;; list) list_tombs ${CMD2} ;; help) usage ;; bury) if [ "$STEGHIDE" = 0 ]; then error "steghide not installed. Cannot bury your key" return 1 fi encode_key ${CMD2} ${CMD3} ;; exhume) if [ "$STEGHIDE" = 0 ]; then error "steghide not installed. Cannot exhume your key" return 1 fi decode_key ${CMD2} ;; # internal commands useful to developers 'source') return 0 ;; install) check_priv ; install_tomb ;; askpass) ask_password $CMD2 ;; mktemp) safe_dir ${CMD2} ;; translate) generate_translatable_strings ;; __default) if option_is_set -v; then echo Tomb - $VERSION else usage fi;; *) error "command \"$CMD\" not recognized" act "try -h for help" return 1 ;; esac return 0 } check_bin main $@