View previous topic :: View next topic |
Author |
Message |
darookee Apprentice
Joined: 02 Jan 2003 Posts: 162 Location: Long Beach, CA.
|
Posted: Fri Oct 10, 2008 8:18 am Post subject: initscript for truecrypt |
|
|
Hi Folks!
I wrote a init.d-script for truecrypt. It is based on the crypto-loop init.d-script.
Code: |
#!/sbin/runscript
depend() {
before checkfs fsck
need device-mapper
}
start() {
ebegin "Starting truecrypt"
if [[ -e /etc/conf.d/truecrypt ]] ; then
egrep "^volume" /etc/conf.d/truecrypt | \
while read loopline ; do
eval ${loopline}
einfo "Mounting ${tc_dev} to ${mount}"
/usr/bin/truecrypt -k ${keyfile} -p ${password} ${tc_dev} ${mount}
done
else
ewarn "Configfile does not exist"
return 1
fi
return 0
}
stop() {
ebegin "Stopping truecrypt"
if [[ -e /etc/conf.d/truecrypt ]] ; then
egrep "^tc_dev" /etc/conf.d/truecrypt | \
while read loopline ; do
eval ${loopline}
einfo "Unmonting ${tc_dev}"
/usr/bin/truecrypt -d ${tc_dev}
done
else
ewarn "Configfile does not exist"
return 1
fi
return 0
}
|
and the file for conf.d:
Code: |
# Example config line
volume=/dev/sda2 keyfile=/etc/keys/sda2.key password=very_secure_password mount=/home
|
Maybe someone has use for this... :)
If something is buggy please correct it here... ^^
BR
darookee |
|
Back to top |
|
|
durian Guru
Joined: 16 Jul 2003 Posts: 312 Location: Margretetorp
|
Posted: Fri Oct 10, 2008 11:46 am Post subject: |
|
|
Having the super-secret password in a config file maybe defeats the point somewhat :)
-peter |
|
Back to top |
|
|
darookee Apprentice
Joined: 02 Jan 2003 Posts: 162 Location: Long Beach, CA.
|
Posted: Fri Oct 10, 2008 12:32 pm Post subject: |
|
|
yes, thats right... :/
My intention was to mount these volumes without any passwords, just with the keyfile, which would be on a removable device, but i couldn't get this to work so far...
The only way I see right now is using "-p ''" in the init.d-script, but if you _have_ a password set for the specified volume it would always fail... So if you've got an idea how to set an empty var in the config-file please let me know... :) (password='' didn't to the trick :/) |
|
Back to top |
|
|
durian Guru
Joined: 16 Jul 2003 Posts: 312 Location: Margretetorp
|
Posted: Sat Oct 11, 2008 6:55 am Post subject: |
|
|
darookee wrote: | My intention was to mount these volumes without any passwords, just with the keyfile, which would be on a removable device, but i couldn't get this to work so far...
The only way I see right now is using "-p ''" in the init.d-script, but if you _have_ a password set for the specified volume it would always fail... So if you've got an idea how to set an empty var in the config-file please let me know... :) (password='' didn't to the trick :/) | Can't you edit the init script and take away the "-p" option?
-peter |
|
Back to top |
|
|
|