mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-14 08:44:05 +00:00
be911b1e16
this new "flavor" of tomb uses veracrypt for mounted volumes and POSIX sh only for its scripting, is a work in progress and still lacks full functionality, but provides a proof-of-concept to be developed further if needs arise.
198 lines
4.4 KiB
Plaintext
198 lines
4.4 KiB
Plaintext
# setup paths for BATS test units
|
|
setup() {
|
|
[ ! -f ${BATS_PARENT_TMPNAME}.skip ] || skip "skip remaining tests"
|
|
bats_require_minimum_version 1.5.0
|
|
R="$BATS_TEST_DIRNAME"
|
|
# R=`cd "$T"/.. && pwd`
|
|
TMP="$BATS_FILE_TMPDIR"
|
|
load test_helper/bats-support/load
|
|
load test_helper/bats-assert/load
|
|
load test_helper/bats-file/load
|
|
ZTMP="$BATS_FILE_TMPDIR"
|
|
if [ "$ZENROOM_EXECUTABLE" == "" ]; then
|
|
ZENROOM_EXECUTABLE="/usr/local/bin/zenroom"
|
|
fi
|
|
|
|
PATH="$PATH:/usr/local/bin:/usr/local/sbin"
|
|
MNT="/media/`basename $BATS_TEST_FILENAME`"
|
|
PIM=42
|
|
# max password stdin size to veracrypt is 128 bytes
|
|
PW="91cd69b2caab05cb64f8e1c8ae22a7c5a25564e7fc5116d0303dce1ffd26861ea0483c25bdb85adb216718c19815eb59ac14ec9783bfbbb57786ca7d9038c845"
|
|
# `openssl rand -hex 64`"
|
|
FS='ext4'
|
|
SIZE='20M'
|
|
[ "$TOMB" = "" ] && TOMB=test.tomb
|
|
|
|
# default on freebsd is 1001
|
|
user_uid=1000
|
|
user_gid=1000
|
|
|
|
system="`uname -s`"
|
|
f_create=""
|
|
f_format=""
|
|
f_map=""
|
|
f_mount=""
|
|
f_close=""
|
|
|
|
case "$system" in
|
|
FreeBSD)
|
|
f_create=portable_create
|
|
f_format=freebsd_format
|
|
f_map=portable_map
|
|
f_mount=freebsd_mount
|
|
f_close=freebsd_close
|
|
user_uid=1001
|
|
user_gid=1001
|
|
;;
|
|
Linux)
|
|
f_create=portable_create
|
|
f_format=linux_format
|
|
f_map=portable_map
|
|
f_mount=linux_mount
|
|
f_close=portable_close
|
|
user_uid=1000
|
|
user_gid=1000
|
|
;;
|
|
*)
|
|
>&2 echo "Unsupported system: $system"
|
|
exit 1
|
|
esac
|
|
|
|
# cd $ZTMP
|
|
}
|
|
|
|
teardown() {
|
|
[ -n "$BATS_TEST_COMPLETED" ] || touch ${BATS_PARENT_TMPNAME}.skip
|
|
>&3 echo
|
|
}
|
|
|
|
|
|
|
|
|
|
# usage: echo PASSWORD | portable_create file size pim
|
|
portable_create() {
|
|
local file="$1" # must not exist
|
|
local size="$2" # veracrypt format (accepts M or G)
|
|
local pim="$3" # any number
|
|
# >&2 echo "portable_create $file $size $pim"
|
|
veracrypt --non-interactive --text --stdin \
|
|
-m nokernelcrypto \
|
|
-c ${file} --volume-type normal \
|
|
--hash sha512 --encryption serpent-aes \
|
|
--filesystem none --size ${size} --pim ${pim} \
|
|
--random-source /dev/urandom -k ''
|
|
return $?
|
|
}
|
|
|
|
# usage: echo PASSWORD | portable_map file pim
|
|
portable_map() {
|
|
local file="$1"
|
|
local pim="$2"
|
|
# >&2 echo "portable_map $file $pim"
|
|
veracrypt --non-interactive --text --stdin \
|
|
--protect-hidden no -m nokernelcrypto \
|
|
-k '' --pim ${pim} --filesystem none \
|
|
${file}
|
|
local loop=`veracrypt -l "$file" | awk '{print $3}'`
|
|
return $?
|
|
}
|
|
|
|
portable_close() {
|
|
local file="$1"
|
|
veracrypt -d ${file}
|
|
return $?
|
|
}
|
|
|
|
linux_format() {
|
|
local file="$1"
|
|
# loop="`losetup -j ${vera}/volume | cut -d: -f1`"
|
|
local loop=`veracrypt -l "$FILE" | awk '{print $3}'`
|
|
# losetup -l
|
|
>&2 echo "veramap format: ${loop}"
|
|
sync
|
|
sudo mkfs.ext4 -E root_owner="${user_uid}:${user_gid}" "$loop"
|
|
return $?
|
|
}
|
|
|
|
# usage: _mount /tmp/.veracrypt_ mountpoint
|
|
linux_mount() {
|
|
local file="$1"
|
|
local mnt="$2"
|
|
# local loop="`losetup -j ${vera}/volume | cut -d: -f1`"
|
|
local loop=`veracrypt -l "$file" | awk '{print $3}'`
|
|
>&3 echo "fsck $loop"
|
|
fsck.ext4 -p -C0 "$loop"
|
|
sudo mount ${loop} "$mnt"
|
|
return $?
|
|
}
|
|
|
|
freebsd_format() {
|
|
file="$1"
|
|
local loop=`veracrypt -l "$FILE" | awk '{print $3}'`
|
|
mkfs.ext4 -E root_owner="${user_uid}:${user_gid}" "${loop}"
|
|
return $?
|
|
}
|
|
|
|
freebsd_mount() {
|
|
local file="$1"
|
|
local mnt="$2"
|
|
>&2 echo `veracrypt -l "$file"`
|
|
local loop=`veracrypt -l "$file" | awk '{print $3}'`
|
|
>&3 echo "fsck $loop"
|
|
fsck.ext4 -p -C0 "$loop"
|
|
lklfuse -o type=ext4 "${loop}" "$mnt"
|
|
return $?
|
|
}
|
|
|
|
freebsd_close() {
|
|
local file="$1"
|
|
local md=`veracrypt -l "$file" | awk '{print $3}'`
|
|
# umount "$mnt"
|
|
>&2 echo "md: $md"
|
|
local mnt=`pgrep -lf "lklfuse.*$md" | awk '{print $6}'`
|
|
>&2 echo "mnt: $mnt"
|
|
lkl=`pgrep -f "lklfuse.*$md" | awk '{print $1}'`
|
|
>&3 echo "kill $lkl (lklfuse on $md)"
|
|
# trying to deail with lklfuse bug
|
|
# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239831
|
|
renice -20 $lkl
|
|
kill $lkl
|
|
sync
|
|
sleep 1
|
|
kill -9 $lkl
|
|
# lkl should have really exited now
|
|
>&3 echo "veracrypt -d $file"
|
|
veracrypt -d "$file"
|
|
return $?
|
|
}
|
|
|
|
Z() {
|
|
tmptmp=0
|
|
if ! [ "$TMP" ]; then
|
|
TMP=`mktemp -d`; tmptmp=1
|
|
fi
|
|
script=$1
|
|
if [ "$script" == "-" ]; then
|
|
cat > $TMP/script_stdin
|
|
script=$TMP/script_stdin
|
|
else
|
|
if ! [ -r "$script" ]; then
|
|
script=$T/$script
|
|
fi
|
|
fi
|
|
if ! [ -r $script ]; then
|
|
>&2 echo "Error - script not found: $script"
|
|
return 1
|
|
fi
|
|
shift 1
|
|
if [ "${1##*.}" == "zen" ]; then
|
|
$ZENROOM_EXECUTABLE $@ -z $script
|
|
else
|
|
$ZENROOM_EXECUTABLE $@ $script
|
|
fi
|
|
if [ $tmptmp = 1 ]; then
|
|
rm -f $TMP/*
|
|
rmdir $TMP
|
|
fi
|
|
}
|