Hi, i'm trying to make an encrypted home directory for my laptop, and i would like to do the same for my swap (if possible), i'm also trying to find some source for a secure setuid wrapper to put my commands in (so far my searching just show a lot of "what not to do" wrappers), here is what i have
for my home directory, put these commands into a setuid wrapper to mount my home directory (its /home/edman007.plain as specified in /etc/passwd)
do you guys think i should put stuff here to check that the previous stuff went through first before executing the next command?
login-me
Code:
mount /dev/sdb1 /mnt/floppy
losetup -e aes -p 0 /dev/loop1 /home/edman007.img < /mnt/floppy/home
umount /dev/sdb1
mount /dev/loop1 /home/edman007.crypt
export HOME=/home/edman007.crypt
logout-me
Code:
umount /dev/loop1
losetup -d /dev/loop1
and for my swap (no setuid needed, i will just put it in the startup stuff), i want to know if this will work, i found a few things saying its ok, and some saying it won't work at all
Code:
dd if=/dev/random bs=1 count=32 | losetup -e aes -p 0 /dev/loop0 /dev/sda3
mkswap /dev/loop0
swapon /dev/loop0
and i would just let the shutdown stuff handle the swap closing as it (it does `swapoff -a`, but i don't know about the loop, i can add the delete the loop stuff if i find its needed)