summaryrefslogtreecommitdiffstats
path: root/iso2usb.sh
diff options
context:
space:
mode:
author Eric Hameleers <alien@slackware.com>2016-02-15 12:20:32 +0100
committer Eric Hameleers <alien@slackware.com>2016-02-15 12:20:32 +0100
commitb1d9adeb4fe038f0315106b6bdc8cb393af58383 (patch)
treea192b04d623aad3c3d267af5cbdcafd0d1f7f22f /iso2usb.sh
parent4d65935e7030c1b75a25727d2f2c5fbb106e94d1 (diff)
downloadliveslak-b1d9adeb4fe038f0315106b6bdc8cb393af58383.tar.gz
liveslak-b1d9adeb4fe038f0315106b6bdc8cb393af58383.tar.xz
iso2usb.sh: add a new parameter "-C" for encrypted persistence file.
Syntax of the new parameter: -C|--cryptpersistfile size|perc Explanation: Use a LUKS-encrypted 'persistence' file instead of a directory or an un-encrypted file (which is created using the "-P" parameter). The filename will be 'persistence.img' just like the unencrypted version. A numerical size in K,M,G or a percentage of available free space is needed as input value with the "-C" parameter.
Diffstat (limited to 'iso2usb.sh')
-rw-r--r--iso2usb.sh36
1 files changed, 26 insertions, 10 deletions
diff --git a/iso2usb.sh b/iso2usb.sh
index 721ddd7..75093db 100644
--- a/iso2usb.sh
+++ b/iso2usb.sh
@@ -71,6 +71,7 @@ cleanup() {
set +e
sync
if [ $DOLUKS -eq 1 ]; then
+ # In case of failure, only the most recent device should still be open:
if mount |grep -q ${CNTDEV} ; then
umount -f ${CNTDEV}
cryptsetup luksClose ${CNTBASE}
@@ -109,6 +110,9 @@ cat <<EOT
# -u|--unattended Do not ask any questions.
# -v|--verbose Show verbose messages.
# -w|--wait<number> Add <number> seconds wait time to initialize USB.
+# -C|--cryptpersistfile size|perc
+# Use a LUKS-encrypted 'persistence' file instead
+# of a directory (for use on FAT filesystem).
# -P|--persistfile Use a 'persistence' container file instead of
# a directory (for use on FAT filesystem).
#
@@ -266,15 +270,14 @@ create_container() {
unsquashfs -n -d ${CNTMNT}/temp ${HOMESRC} ${CNTUSED}
mv ${CNTMNT}/temp/${CNTUSED}/* ${CNTMNT}/
rm -rf ${CNTMNT}/temp
- # And clean up after ourselves:
umount ${CNTDEV}
- if [ "${CNTENCR}" = "luks" ]; then
- cryptsetup luksClose ${CNTBASE}
- fi
fi
- # Don't forget:
- losetup -d ${LODEV}
+ # Don't forget to clean up after ourselves:
+ if [ "${CNTENCR}" = "luks" ]; then
+ cryptsetup luksClose ${CNTBASE}
+ fi
+ losetup -d ${LODEV} || true
} # End of create_container() {
@@ -290,7 +293,7 @@ fi
while [ ! -z "$1" ]; do
case $1 in
-c|--crypt)
- LUKSSIZE="$2"
+ HLUKSSIZE="$2"
DOLUKS=1
shift 2
;;
@@ -327,6 +330,12 @@ while [ ! -z "$1" ]; do
WAIT="$2"
shift 2
;;
+ -C|--cryptpersistfile)
+ DOLUKS=1
+ PLUKSSIZE="$2"
+ PERSISTTYPE="file"
+ shift 2
+ ;;
-P|--persistfile)
PERSISTTYPE="file"
shift
@@ -494,7 +503,7 @@ fi
if [ $DOLUKS -eq 1 ]; then
# Create LUKS container file:
- create_container ${TARGET}3 ${LUKSSIZE} slhome luks /home
+ create_container ${TARGET}3 ${HLUKSSIZE} slhome luks /home
LUKSHOME=${CNTFILE}
fi
@@ -505,11 +514,18 @@ if [ "${PERSISTTYPE}" = "dir" ]; then
# Create persistence directory:
mkdir -p ${USBMNT}/${PERSISTENCE}
elif [ "${PERSISTTYPE}" = "file" ]; then
- # Create container file for persistent storage. We create a sparse file
+ # Create container file for persistent storage.
+ # If it is not going to be LUKS encrypted, we create a sparse file
# that will at most eat up 90% of free space. Sparse means, the actual
# block allocation will start small and grows as more changes are written.
# Note: the word "persistence" below is a keyword for create_container:
- create_container ${TARGET}3 90% ${PERSISTENCE} none persistence
+ if [ -z "${PLUKSSIZE}" ]; then
+ # Un-encrypted container:
+ create_container ${TARGET}3 90% ${PERSISTENCE} none persistence
+ else
+ # LUKS-encrypted container:
+ create_container ${TARGET}3 ${PLUKSSIZE} ${PERSISTENCE} luks persistence
+ fi
else
echo "*** Unknown persistence type '${PERSISTTYPE}'!"
cleanup