diff options
author | Eric Hameleers <alien@slackware.com> | 2016-02-15 12:20:32 +0100 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2016-02-15 12:20:32 +0100 |
commit | b1d9adeb4fe038f0315106b6bdc8cb393af58383 (patch) | |
tree | a192b04d623aad3c3d267af5cbdcafd0d1f7f22f /iso2usb.sh | |
parent | 4d65935e7030c1b75a25727d2f2c5fbb106e94d1 (diff) | |
download | liveslak-b1d9adeb4fe038f0315106b6bdc8cb393af58383.tar.gz liveslak-b1d9adeb4fe038f0315106b6bdc8cb393af58383.tar.xz |
iso2usb.sh: add a new parameter "-C" for encrypted persistence file.
Syntax of the new parameter:
-C|--cryptpersistfile size|perc
Explanation:
Use a LUKS-encrypted 'persistence' file instead of a directory
or an un-encrypted file (which is created using the "-P" parameter).
The filename will be 'persistence.img' just like the unencrypted version.
A numerical size in K,M,G or a percentage of available free space
is needed as input value with the "-C" parameter.
Diffstat (limited to 'iso2usb.sh')
-rw-r--r-- | iso2usb.sh | 36 |
1 files changed, 26 insertions, 10 deletions
@@ -71,6 +71,7 @@ cleanup() { set +e sync if [ $DOLUKS -eq 1 ]; then + # In case of failure, only the most recent device should still be open: if mount |grep -q ${CNTDEV} ; then umount -f ${CNTDEV} cryptsetup luksClose ${CNTBASE} @@ -109,6 +110,9 @@ cat <<EOT # -u|--unattended Do not ask any questions. # -v|--verbose Show verbose messages. # -w|--wait<number> Add <number> seconds wait time to initialize USB. +# -C|--cryptpersistfile size|perc +# Use a LUKS-encrypted 'persistence' file instead +# of a directory (for use on FAT filesystem). # -P|--persistfile Use a 'persistence' container file instead of # a directory (for use on FAT filesystem). # @@ -266,15 +270,14 @@ create_container() { unsquashfs -n -d ${CNTMNT}/temp ${HOMESRC} ${CNTUSED} mv ${CNTMNT}/temp/${CNTUSED}/* ${CNTMNT}/ rm -rf ${CNTMNT}/temp - # And clean up after ourselves: umount ${CNTDEV} - if [ "${CNTENCR}" = "luks" ]; then - cryptsetup luksClose ${CNTBASE} - fi fi - # Don't forget: - losetup -d ${LODEV} + # Don't forget to clean up after ourselves: + if [ "${CNTENCR}" = "luks" ]; then + cryptsetup luksClose ${CNTBASE} + fi + losetup -d ${LODEV} || true } # End of create_container() { @@ -290,7 +293,7 @@ fi while [ ! -z "$1" ]; do case $1 in -c|--crypt) - LUKSSIZE="$2" + HLUKSSIZE="$2" DOLUKS=1 shift 2 ;; @@ -327,6 +330,12 @@ while [ ! -z "$1" ]; do WAIT="$2" shift 2 ;; + -C|--cryptpersistfile) + DOLUKS=1 + PLUKSSIZE="$2" + PERSISTTYPE="file" + shift 2 + ;; -P|--persistfile) PERSISTTYPE="file" shift @@ -494,7 +503,7 @@ fi if [ $DOLUKS -eq 1 ]; then # Create LUKS container file: - create_container ${TARGET}3 ${LUKSSIZE} slhome luks /home + create_container ${TARGET}3 ${HLUKSSIZE} slhome luks /home LUKSHOME=${CNTFILE} fi @@ -505,11 +514,18 @@ if [ "${PERSISTTYPE}" = "dir" ]; then # Create persistence directory: mkdir -p ${USBMNT}/${PERSISTENCE} elif [ "${PERSISTTYPE}" = "file" ]; then - # Create container file for persistent storage. We create a sparse file + # Create container file for persistent storage. + # If it is not going to be LUKS encrypted, we create a sparse file # that will at most eat up 90% of free space. Sparse means, the actual # block allocation will start small and grows as more changes are written. # Note: the word "persistence" below is a keyword for create_container: - create_container ${TARGET}3 90% ${PERSISTENCE} none persistence + if [ -z "${PLUKSSIZE}" ]; then + # Un-encrypted container: + create_container ${TARGET}3 90% ${PERSISTENCE} none persistence + else + # LUKS-encrypted container: + create_container ${TARGET}3 ${PLUKSSIZE} ${PERSISTENCE} luks persistence + fi else echo "*** Unknown persistence type '${PERSISTTYPE}'!" cleanup |