|
|
#!/bin/bash
type_encrypted="encrypted"entrosource="${LVP_ENTROPY_SOURCE}"
process_encrypted(){ target="livesystem"
for module in twofish blowfish serpent ; do eval "encryption_${module}=0" modprobe loop_${module} >/dev/null 2>&1 # fails for kernel >= 2.5.48 if module already loaded [ `lsmod | grep -c "loop_${module}"` -eq 1 ] && eval "encryption_${module}=1" done
encryption_available=0 [ ${encryption_twofish} -eq 1 -o ${encryption_blowfish} -eq 1 -o ${encryption_serpent} -eq 1 ] && \ encryption_available=1
if [ ${encryption_available} -eq 0 ] ; then echo "Sorry, you do not have loop-aes on your system. Please have a look at" echo "http://loop-aes.sourceforge.net" exit 1 fi
eval "avail=\${encryption_${LVP_ENCRYPTION}}" if [ "${avail}" == "0" ] ; then echo "Sorry, ${LVP_ENCRYPTION} is not available on your system." echo "Please check your kernel configuration." exit 1 fi
echo "Loading kernel module for linear mode" modprobe linear 2>&1 >/dev/null || true if ! grep -q linear /proc/mdstat ; then echo "Sorry, you don't have linear RAID support in your kernel." echo "Since V0.4.2 this is required for encrypted LVPs to use" echo "available disk space more efficiently." exit 1 fi
echo -n "Checking necessary filesystem size ... " filesize=0
while read file ; do [ ! -f "${file}" ] && continue thisfilesize=`ls -l "${file}" | sed 's,[ \t][ \t]*, ,g' | cut -f5 -d' '` filesize=$(( ${filesize} + ${thisfilesize} )) done < ${moviefiles}
echo "${filesize} Byte (`human_readable ${filesize}`)"
echo -n "Checking Livesystem size ... " livesize=`du -sb ${target} --exclude=lvp.data? | cut -f1` livesize=$(( ${livesize} + `du -sb isolinux | cut -f1` )) echo "`human_readable ${livesize}`" filesize=$(( ${filesize} + ${livesize} )) echo echo "Total space needed: $(( ${filesize} / 1024 / 1024 )) MB"
if [ $(( ${filesize} / 1024 / 1024 )) -gt ${size} ] ; then echo echo "This may be more than fits onto your medium." echo "You specified ${size} MB to fit onto your medium." echo "If you are sure that this is okay, please continue." echo "If not, please truncate your filelist." confirm "Continue" [ ${?} -eq 1 ] && exit 1 fi
echo "Searching for free loopdevices ..."
filesize=$(( ( ${size} * 1048576 ) - ${livesize} )) needed_pseudofs=$(( (${filesize} / 2147481600) + 1 )) needed_loopdevices=${needed_pseudofs} for loopdevice in /dev/loop/* ; do [ ${needed_loopdevices} -eq 0 ] && continue if losetup ${loopdevice} ${moviefiles} 2>/dev/null ; then # I reuse the ${moviefiles} tmpfile here since associating it # with a loopdevice doesn't do any harm echo "Using ${loopdevice}" eval "loopdevice_${needed_loopdevices}=\"${loopdevice}\"" losetup -d ${loopdevice} needed_loopdevices=$(( ${needed_loopdevices} - 1 )) fi done
if [ ${needed_loopdevices} -gt 0 ] ; then echo "Not enough free loop-devices found!" echo "Please either free ${needed_loopdevices} more loop-devices" echo "(check with losetup -a) or increase the" echo "number of available loop-devices." exit 1 fi
echo "Okay, Now creating files that will hold the pseudo filesystems" unset ddparam [ `dd --help | grep -c stat` -eq 1 ] && ddparam="conv=stat" unset cpparam cp -D ${moviefiles} /dev/null 2>&1 >/dev/null && cpparam="-D"
if [ -e ${target}/lvp.data1 ] ; then for x in ${target}/lvp.data* ; do if [ ${x##*lvp.data} -gt ${needed_pseudofs} ] ; then\ echo "Found ${x##*/}, but we don't need it. Deleting it." rm -f ${x} fi done fi
filesystem=0 while [ ${filesystem} -lt ${needed_pseudofs} ] ; do filesystem=$(( ${filesystem} + 1 )) echo "Filesystem ${filesystem} of ${needed_pseudofs}" file="${target}/lvp.data${filesystem}"
if [ ${filesystem} -lt ${needed_pseudofs} ] ; then size=2147481600 else size=$(( ${filesize} - ( ${filesystem} - 1 ) * 2147481600 )) size=$(( ( ${size} / 2048 ) * 2048 )) fi
if [ -f ${file} ] ; then thisfilesize=`ls -l "${file}" | sed 's, *, ,g' | cut -f5 -d' '` if [ ${thisfilesize} -eq ${size} ] ; then echo "lvp.data${filesystem} already exists and has correct filesize. Using it." else echo "lvp.data${filesystem} already exists but has wrong filesize. Deleting it" rm -f ${target}/lvp.data${filesystem} fi fi [ -f ${target}/lvp.data${filesystem} ] && continue dd if=/dev/${entrosource} of=${target}/lvp.data${filesystem} \ bs=2k count=$(( ${size} / 2048 )) ${ddparam} done
echo "Creating mountpoint" rm -rf ${target}/mnt* mkdir ${target}/mnt1
echo "Using ${LVP_ENCRYPTION} encryption."
echo "Now I need a passphrase for encrypting the filesystems." passphrase="MEEP" passphrase_confirm="MOOP" while [ "${passphrase}" != "${passphrase_confirm}" ] ; do read -p "Enter passphrase: " -s passphrase echo if [ "${passphrase:20}" = "" ] ; then echo "The Passphrase must be at least 20 characters!" passphrase="MEEP" passphrase_confirm="MOOP" continue fi read -p "Confirm: " -s passphrase_confirm echo if [ "${passphrase}" != "${passphrase_confirm}" ] ; then echo "The passphrases do not match." fi done
echo "Creating filesystems and mounting pseudo-filesystems" lvpdata=1 while [ ${lvpdata} -le ${needed_pseudofs} ] ; do eval "lodev=\${loopdevice_${lvpdata}}" file="${target}/lvp.data${lvpdata}"
echo "Setting up loopdevice ${lvpdata}" echo "${passphrase}" | losetup -p 0 -e ${LVP_ENCRYPTION}256 ${lodev} ${file} lvpdata=$(( ${lvpdata} + 1 )) done
echo "Setting up linear device" mddev="" for x in /dev/md/* ; do [ ! -z "${mddev}" ] && break [ `mdadm --misc -Q ${x} | grep -c "not active"` -eq 1 ] && mddev="${x}" done mdloopdevs="" lvpdata=1 while [ ${lvpdata} -le ${needed_pseudofs} ] ; do eval "mdloopdevs=\"\${mdloopdevs} \${loopdevice_${lvpdata}}\"" lvpdata=$(( ${lvpdata} + 1 )) done ${target}/sbin/mdadm --build ${mddev} -l linear --force -n ${needed_pseudofs} ${mdloopdevs}
echo "Creating filesystem on ${mddev}" mkfs.ext2 -m 0 ${mddev} >/dev/null 2>&1 echo "Mounting filesystem ${mddev}" mount ${mddev} ${target}/mnt1 rm -rf ${target}/mnt1/*
continue=0 while read file ; do [ ! -f "${file}" ] && continue [ ${continue} -eq 1 ] && break
unset targetdir thisfile=`ls -l "${file}" | sed 's, *, ,g' | cut -f5 -d' '` for dir in ${target}/mnt? ; do # I leave this here for historical reasons, maybe we need it again some day avail=`df -P ${dir} | grep / | sed 's, *, ,g' | cut -f4 -d' '` avail=$(( ${avail} * 1024 )) [ -z "${targetdir}" -a ${avail} -gt ${thisfile} ] && targetdir=${dir} done
if [ -z "${targetdir}" ] ; then echo "Not enough space available for ${file}. Skipping remaining files." >&2 continue=1 fi [ ${continue} -eq 1 ] && continue
echo "Copying ${file} to ${targetdir}/${file##*/}" cp ${cpparam} "${file}" "${targetdir}/${file##*/}"
environment="`echo ${file} | tr '[. \-!]' '_'`" eval "export file_${environment##*/}=\"${targetdir#*${target}}/${file##*/}\"" done < ${moviefiles}
lvpxml=${target}/mnt1/lvp.xml process_create_lvpxml
echo "Umounting filesystem ${mddev}" umount ${mddev} echo "Shutting down ${mddev}" mdadm ${mddev} -S
lvpdata=${needed_pseudofs} while [ ${lvpdata} -ge 1 ] ; do eval "lodev=\${loopdevice_${lvpdata}}" echo "Shutting down loopdevice ${lodev}" losetup -d ${lodev}
lvpdata=$(( ${lvpdata} - 1 )) done
exit 0}
|
