summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore1
-rw-r--r--Makefile51
-rw-r--r--cryptfs.in111
3 files changed, 163 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..69509e1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+cryptfs
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..c661a11
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,51 @@
+#
+# cryptfs-daemon - init script to mount crypted filesystems after their requirements, ...
+#
+# Copyright (c) 2016 Erich Eckner <opensource at eckner dot net>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+# USA.
+#
+
+DESTDIR =
+ETCDIR = /etc
+DEVDIR = /dev
+UUIDDIR = $(DEVDIR)/disk/by-uuid
+MAPDIR = $(DEVDIR)/mapper
+RCDDIR = $(ETCDIR)/rc.d
+
+VERSION = 0.0
+
+all: cryptfs
+
+%: %.in
+ sed "s/#VERSION#/$(VERSION)/; s@#DEVDIR#@$(DEVDIR)@; s@#ETCDIR#@$(ETCDIR)@; s@#UUIDDIR#@$(UUIDDIR)@; s@#MAPDIR#@$(MAPDIR)@; s@#RCDDIR#@$(RCDDIR)@" $< > $@
+
+.PHONY: install dist clean
+
+install: all
+ install -D -m0755 cryptfs $(DESTDIR)$(RCDDIR)/
+
+clean:
+ rm -f cryptfs
+
+dist: clean
+ git status --porcelain 2> /dev/null | grep -q "\S" && (git add .; git commit -m"neue Version: $(VERSION)") || true
+ ! git tag -d v$(VERSION) 2> /dev/null
+ git tag v$(VERSION)
+ git push
+ git push --tags
+
+# End of file
diff --git a/cryptfs.in b/cryptfs.in
new file mode 100644
index 0000000..d184a9c
--- /dev/null
+++ b/cryptfs.in
@@ -0,0 +1,111 @@
+#!/bin/bash
+#
+# #RCDDIR#/cryptfs: mount/umount encrypted partitions
+#
+
+set -o pipefail
+
+cryptTab="$(grep -v "^\s*\(#\|\$\)" #ETCDIR#/crypttab | sed "s/^\s*//")"
+fsTab="$(grep -v "^\s*\(#\|\$\)" #ETCDIR#/fstab | sed "s/^\s*//")"
+
+cryptedFss="$(echo "${cryptTab}" | awk '{print "/dev/mapper/"$1}')"
+neededKeyFss="$(
+ for fs in $(echo "${fsTab}" | awk '{print $2}' | grep "^/")
+ do
+ if echo "${cryptTab}" | grep -q "^\S\+\s\+\S\+\s\+${fs}\(/\|\s\)"
+ then
+ echo "${fs}"
+ fi
+ done
+)"
+
+case $1 in
+
+start)
+
+ for neededKeyFs in ${neededKeyFss}
+ do
+ if ! mount | grep -q "^\S\+\s\+on\s\+${neededKeyFs}\s"
+ then
+ if echo "${fsTab}" | grep -q "^\(ssh\|ftp\)fs#\S*\s\+${neededKeyFs}\s"
+ then
+ maxWait=120
+ while ! ip addr | grep -v "127\.0\.0\.1" | grep -q "^\s*inet\s[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+/"
+ do
+ >&2 echo -ne "."
+ sleep 1
+ maxWait=$[${maxWait}-1]
+ done
+ fi
+ mount ${neededKeyFs} || exit $?
+ fi
+ done
+
+ for ((cryptDeviceNum=0; cryptDeviceNum<$(echo "${cryptTab}" | wc -l); cryptDeviceNum++))
+ do
+ zeile="$(echo "${cryptTab}" | head -n$[${cryptDeviceNum}+1] | tail -n1)"
+ name="$(echo "${zeile}" | awk '{print $1}')"
+ device="$(echo "${zeile}" | awk '{print $2}')"
+ if [[ "${device}" == "UUID="* ]]
+ then
+ device="#UUIDDIR#/${device#UUID=}"
+ fi
+ keyfile="$(echo "${zeile}" | awk '{print $3}')"
+ if [ ! -b "#MAPDIR#/${name}" ]
+ then
+ cryptsetup luksOpen "${device}" "${name}" --key-file="${keyfile}" || exit $?
+ fi
+ done
+
+ for cryptedFs in ${cryptedFss}
+ do
+ if ! mount | grep -q "^${cryptedFs}\s"
+ then
+ e2fsck ${cryptedFs}
+ mount ${cryptedFs} || exit $?
+ fi
+ done
+
+ ;;
+
+stop)
+
+ for cryptedFs in ${cryptedFss}
+ do
+ if mount | grep -q "^${cryptedFs}\s"
+ then
+ umount ${cryptedFs} || exit $?
+ fi
+ done
+
+ for name in $(echo "${cryptTab}" | awk '{print $1}')
+ do
+ if [ -b "#MAPDIR#/${name}" ]
+ then
+ cryptsetup luksClose "${name}" || exit $?
+ fi
+ done
+
+ for neededKeyFs in ${neededKeyFss}
+ do
+ if [ ! "${neededKeyFs}" == "/" ] && mount | grep -q "^\S\+\s\+on\s\+${neededKeyFs}\s"
+ then
+ umount ${neededKeyFs} || exit $?
+ fi
+ done
+
+ ;;
+
+ restart)
+ $0 stop
+ sleep 2
+ $0 start
+ ;;
+
+*)
+ echo "usage: $0 [start|stop|restart]"
+ ;;
+
+esac
+
+# End of file