LUKS automation script
 

I've wrote bash script fsLuks for LUKS partitions creating, opening, dumping and closing, and would share it with community. Comments are welcome. It has been published in post http://www.dvgu.ru/forum/thread.php?...ge=2#post43879.

Features:

1. Filesystems supported: iso9660, ext3, vfat; new may be added easily
2. Supported media: both files and devices
3. Passphrase acception: from either console or key file
4. There are enough configuring options

Notes:

1. Tested under openSUSE 10.2
2. Device initialization doesn't destroy MBR and partition table, so fdisk stage become excessive, it is different from http://www.saout.de/tikiwiki/tiki-in...eviceUsingLUKS
3. To hide iso9660 filesystem limit the media's free space is filled by random data, it is different from http://gentoo-wiki.com/HOWTO_Burn_En...edia_With_Luks
4. Cryptsetup's bug: "device-mapper: ioctl: unable to remove open device temporary-cryptsetup-PID" is processed

Hi
Thanks for the work and sharing.

I downloaded your script and I'm currently looking at what is inside (it's well written and documented, great!). I'm sure you'll understand that, as this script is to be run as root, I prefered to look before..

In this idea, one feature that I would have liked is like the -n switch of make.
Don't do anything, just display what would be done. Like preceding all commands with a function that does or only echoes the command that would be done.
The problem will be that further steps will fail but doesn't matter for the moment.

Also do you know that pmount also automatically mounts LUKS partitions? I use it to mount my encrypted partition:
add /dev/hda6 to /etc/pmount.allow and then pmount hda6
pmount will try all FS until it discovers a LUKS disk and ask the passphrase. I thought it could interest you to know this thinggy..

Thanks again

It's a good idea. I'll try to implement.

Pmount utility is new to me. I'll look at it certainly. By the way, "opening LUKS partition" task is most frequent but seems to be implemented just by two commands: "cryptsetup luksOpen ...; mount /dev/mapper/map /dir". Other tasks implement more commands, especially "create LUKS file with iso9660 image", and in this case this script should save a lot of typing.

nx5000, thank you for comments.

New version released
 

New version 1.0.3 released. Main changes:

1. Bug in iso gap size calculation is fixed.
2. Nero burner reserves 307200 bytes on media. Now user can take it into account by alternative config option A_ISO_MEDIA_SIZE.

New version 1.0.5 released. Changes:

1. CD/DVD media sizes brought in correspondence with standarts (refer to http://www.osta.org/technology/cdqa7.htm and http://www.osta.org/technology/dvdqa/dvdqa6.htm).
2. Option names were rearranged.
3. File absence case checking was added for building action to eliminate a possibility of unintentional data destroying.

fsLuks new version 1.0.9 released
 

Changes 1.0.5 -> 1.0.7 (2007-09-08):
- tune2fs options "-c 0 -m 0" excluded
- cosmetic changes
- a few non-serious mistypings corrected

Changes 1.0.7 -> 1.0.9 (2008-01-12):
- new fs type "swap" added (improvement)
- "acl,user_xattr" mount options added for ext3 fs type (light improvement)
- redirections "> /dev/null 2>&1" replaced by shorter equivalent "&> /dev/null" (cosmetic)
- bad-blocks list removal command made conditional (light improvement)
- "exit 0" command appended to script end (useful for bootload scripts)
- a few non-serious mistypings corrected

This feature cannot gurantee the absence of mismatches like:Hence, this feature should be supported by external tool. One may execute script via "bash -x" to check what's going on.