Obiettivo

Avere una chiavetta criptata che si monta con un click (ops, con un promt)

Configurazione

Una partizione base in ext4. Qui dobbiamo creare un filesystem criptato da montare con uno script. Infine inseriamo anche uno script all'interno del filesystem criptato per autoconfigurare l'ambiente applicativo.

Script

Per il filesystem criptato vediamo il Filesystem e periferiche dati#Volumi criptati seguente esempio.

Per lo script di automount ecco [#file: configura.sh un esempio]:

   1 #!/bin/bash
   2 # versione 0.1
   3 # Copiright: Risca
   4 # Licence: GPLv3 and following.
   5 
   6 
   7 # directory in home for each program of interest
   8 irssi=.irssi
   9 ssh=.ssh
  10 gpg=.gnupg
  11 
  12 # global parameters
  13 if [ $(whoami) != root ]; then echo "You must be root to run this script"; exit 1
  14 fi
  15 # find the dev DISK name and the path of the main DIRECTORY
  16 DISK=$(ls -l /dev/disk/by-label/ | grep personaldata | cut -d"/" -f3)
  17 DIR=/$(mount | grep -o -e "/"$DISK" on /[^ ]*"|cut -d"/" -f3-)
  18 
  19 progr_list=(irssi ssh gpg lollipop)
  20 progr_available=()
  21 
  22 function select_programs {
  23   # select the programs already available on the computer from
  24   # the $prog_list
  25   for ii in ${!progr_list[*]}
  26     do
  27       if command -v ${progr_list[$ii]} > /dev/null 2>&1 ; then
  28         progr_available=("${progr_available[@]}" "${progr_list[$ii]}")
  29       fi
  30     done
  31 }
  32 
  33 function config {
  34   USER=$(grep 1000 /etc/passwd | cut -d ":" -f1)
  35   select_programs
  36   echo "Going to set the option for:"
  37   echo ${progr_available[*]}
  38   echo "With user: $USER"
  39   echo "Is this ok? (y/n)"
  40   read -e GO
  41   if [ $GO = 'y' ]; then
  42     echo "Starting to configure..."
  43   else
  44     exit
  45   fi
  46   # what about list pop?
  47 }
  48 
  49 function mountandset {
  50   if [ -e $DIR/loop/$1 ]; then
  51     mount -B $DIR/loop/$1 /home/$USER/$1
  52   else
  53     echo "the mountpoint $1 doesn't exist, skipping..."
  54   fi
  55 }
  56 
  57 function set_env {
  58   config
  59   for jj in ${progr_available[*]}
  60     do
  61       mountandset ${!jj}
  62     done
  63   echo "Everything done, have a nice day!"
  64 }
  65 
  66 function unset_env {
  67   USER=$(grep 1000 /etc/passwd | cut -d ":" -f1)
  68   #select_programs
  69   for ii in ${progr_list[@]}
  70     do
  71       if [ $(mount | grep /home/$USER/${!ii} | wc -l) -eq 1 ]; then
  72         progr_available+="$ii "
  73       fi
  74     done
  75   for jj in ${progr_available[*]}
  76     do
  77       umount /home/$USER/${!jj}
  78     done
  79   echo "Programs ${progr_available[*]} are unset"
  80 }
  81 
  82 case $1 in
  83   monta)
  84     set_env
  85     ;;
  86   smonta)
  87     unset_env
  88     ;;
  89   *)
  90     echo "usage: configura.sh {monta|smonta}"
  91     ;;
  92 esac

MyWiki: Chiavetta safe road warrior (last edited 2017-12-14 16:50:16 by risca)