Permalink
Browse files

v0.8.9 Adds DragonFlyBSD support

  • Loading branch information...
1 parent d2b41db commit 1b073feaf7d83b29b303c4deaa26ca3b8e9437b3 Thomas Frivold committed Mar 5, 2013
Showing with 74 additions and 49 deletions.
  1. +12 −11 LUKSUS
  2. +24 −4 LUKSUS.checks
  3. +20 −27 LUKSUS.functions
  4. +2 −1 LUKSUS.variables
  5. +16 −6 README
View
23 LUKSUS
@@ -1,5 +1,5 @@
-
#!/bin/bash
+#!/usr/pkg/bin/bash
# LUKSUS
# Easy drive encryption script using LUKS
# by Thomas Frivold
@@ -14,7 +14,6 @@
# see URL below
# http://www.gnu.org/licenses/gpl-2.0.html
-
###############################
######### VARIABLES ###########
###############################
@@ -25,7 +24,6 @@ else
exit 0
fi
-
###############################
##### FUNCTIONS ######
###############################
@@ -72,11 +70,10 @@ fi
#########################################################
# Calling functions
+DISPLAYLOGO
ASKUSERVERIFY
LOOPBACKMETHOD
DONTSHREDIFLOOPBACK
-
-
# mkdir
# create mountpoint & keydirectory
# i should create an if routine here
@@ -90,15 +87,15 @@ mkdir -p $keydir
# from /dev/urandom
dd if=/dev/urandom of=$keyfile bs=512 count=256
-
+echo cryptsetup starting
# cryptsetup
# format the drive using encryption
# create an encrypted drive with aes-xts-plain cipher
# key size 512
# remember that the key size will increase the safety of the
# encryption, but the a stronger keyfile with more entropy (randomness)
# will produce the best security.
-cryptsetup --batch-mode --verbose --key-size=512 --cipher=aes-xts-plain64 luksFormat $device $keyfile
+cryptsetup --debug --batch-mode --verbose --key-size=512 --cipher=aes-xts-plain64 luksFormat $device $keyfile
# cryptsetup isLuks
# check to see if the device has got a valid LUKS container
@@ -138,14 +135,18 @@ echo "Exiting"
exit 1
fi
-
+##### CREATE FUNCTION FOR THIS HERE
# fs creation
# mkfs.ext4 - create a filesystem on top of the encrypted drive
mkfs.ext4 /dev/mapper/$name
if [ $? -ne 0 ] ; then
- mkfs.ext4 $device
+ mkfs.ext4 -F $device
fi
+# IF ON DRAGONFLY, WE MUST USE THE UFS FILESYSTEM INSTEAD
+newfs /dev/mapper/$name
+mount /dev/mapper/$name /mnt/$name
+
# mount the drive
# mounting using mapper or devicename
mount -t ext4 /dev/mapper/$name $mountpoint > /dev/null 2>&1
@@ -164,10 +165,10 @@ echo MOUNTPOINT: $mountpoint
echo HEADER BACKUP: $headerfile
echo CONTAINER $luksfile $luksfilesize MB
echo Currently mounted at: `mount | grep $name`
-echo `df -h | head --lines 1`
+echo `df -h | head -n 1`
echo `df -h | grep $name`
echo ################################################
time2="$(date +%s.%N)"
echo "Time taken: 0$(echo $time2-$time1 | bc) seconds"
-exit 0
+exit 0
View
@@ -19,9 +19,12 @@ then
echo "EXAMPLE FOR A DISK DRIVE, MEMORY CARD or USB STICK:"
echo "./LUKSUS /dev/sdb1 rambo1"
echo ""
- echo "EXAMPLE FOR CREATING AN ENCRYPTED FILECONTAINER:"
+ echo "EXAMPLE FOR CREATING AN ENCRYPTED FILECONTAINER (Linux)"
echo "./LUKSUS /dev/loop0 MY-SECRET-LIBRARY /mysecretlibrary.encrypted 300M"
echo ""
+ echo "EXAMPLE FOR CREATING AN ENCRYPTED FILECONTAINER (DragonFlyBSD)"
+ echo "./LUKSUS /dev/vn0 MY-SECRET-LIBRARY /mysecretlibrary.encrypted 300M"
+ echo ""
exit 0
fi
@@ -59,9 +62,26 @@ echo "$programname is proceeding"
if [ -z `which grep` ] ;then echo "Missing grep" && exit; fi
if [ -z `which cryptsetup` ] ;then echo "Missing cryptsetup" && exit; fi
if [ -z `which dialog` ] ;then echo "Missing dialog" && exit; fi
-if [ -z `which shred` ] ;then echo "Missing shred" && exit; fi
+if [ -z `which shred` ] ;then alias shred=gshred; fi
+
+# need to use GNU head also - from GNU coreutils
+alias head=gshred
# Check to see if specified device exists
-if [ -b "$device" ] ; then echo "OK, $device exists" ;else echo "$device was not found. $programname is now exiting" && exit 1; fi
-
+if [ -e "$device" ] ;
+ then echo "OK, $device exists";
+ else
+ echo "$device was not found. $programname is now exiting" ;
+ exit 1;
+fi
+if [ $UNAME = DragonFly ] ;
+then
+echo We are on DragonFlyBSD here. Cool.
+# crude way to deal with different binary names
+alias shred=gshred
+# loading dm kernel module
+kldload dm
+else
+echo On Linux, continuing.
+fi
View
@@ -5,20 +5,30 @@ DISPLAYLOGO()
{
if [ $width -gt 119 ]
then
- tail --lines 12 LUKSUS.logo
+ tail -n 12 LUKSUS.logo
else
- head --lines 6 LUKSUS.logo
+ head -n 6 LUKSUS.logo
fi
}
LOOPBACKMETHOD()
{
if [[ $device = *loop* ]]
then
+ echo Running Linux
echo Okay we are using $device ... Beginning loopbackmethod
head -c $luksfilesize /dev/zero > $luksfile
losetup $device $luksfile
-else # Don't want to mix up the two instances.
+ elif [[ $device = *vn* ]]
+ then
+ echo DragonFlyBSD - Nice...
+ echo Okay we are using $device ... Beginning loopbackmethod
+ ghead -c $luksfilesize /dev/zero > $luksfile
+ # vnconfig needs to run once first, it seems that the kernel
+ # is initializing something on first run
+ vnconfig 1>/dev/null 2>/dev/null
+ vnconfig $device $luksfile
+ else
echo "Okay, not using a loopback device, proceeding in normal mode"
fi
@@ -36,10 +46,14 @@ DONTSHREDIFLOOPBACK()
# Good for paranoid and security minded people
# This takes about 5 hours on a 3TB drive
shred -f -v -n1 $device
-else # Don't want to mix up the two instances.
- echo "Okay, we are using a loopback device, not shredding."
+ elif [[ $device != *vn* ]]
+ then
+ echo On DragonFlyBSD
+ echo in the middle of the shredding.place
+ gshred -f -v -n1 $device
+ else
+ echo "Okay, $device is a loopback device, not shredding."
fi
-
}
ASKUSERVERIFY()
@@ -50,27 +64,6 @@ dialog --title "WELCOME TO $programname" \
VERSION: $version\n
DATE : $date \n
\n
-THIS SCRIPT WILL TOTALLY WIPE OUT THE DRIVE OF YOUR CHOICE \n
-AND CREATE AN ENCRYPTED FILESYSTEM ON THE SELECTED DRIVE
-\n \n
-\n
-THE KEYFILE FOR THE DRIVE OR STORAGE DEVICE
-WILL BE LOCATED IN $keydir
-PLEASE TAKE CARE OF THE KEY AS IT IS THE ONLY WAY
-TO OPEN THE DRIVE AFTER ENCRYPTION
-UNLESS YOU ADD MORE KEYS OR KEYPHRASES TO THE LUKS CONTAINER
-\n\n
-THE LUKS CONTAINER CONTAINS A HEADER WHICH MUST ALWAYS
-REMAIN INTACT. TO ENSURE THAT IT STAYS INTACT WE WILL ALSO
-CREATE A BACKUP OF THE HEADER WHICH WILL BE LOCATED AT\n
-$headerfile\n\n\n
-
-usage: \n
-./luksus DEVICENAME nickname \n
-EXAMPLE: ./luksus /dev/sdb1 testresults
-\n
-\n
-If you have not specified these arguments, the script will exit
" 50 50
echo ################################################
View
@@ -15,7 +15,8 @@ headerfile=/keys/$name.luks.header
mountpoint=/mnt/$name
FILE="/tmp/out.$$"
GREP=`which grep`
-screensize=`echo -e "lines\ncols"|tput -S`
+UNAME=`uname`
+screensize=`stty size`
height=$(echo $screensize | cut -d " " -f 1)
width=$(echo $screensize | cut -d " " -f 2)
View
22 README
@@ -74,6 +74,9 @@
# /usr and will have 1000MiB as space.
#
# ./LUKSUS /dev/loop0 mysecretlibrary /usr/thelibrary.encrypted 1000M
+#
+# For DragonFlyBSD
+# ./LUKSUS /dev/vn0 mysecretlibrary /usr/thelibrary.encrypted 1000M
# REQUIREMENTS:
@@ -100,18 +103,25 @@
########################################################
# + Add TrueCrypt support
-# + add a nice dialog interface
+# + Fully working DragonFlyBSD support
+# + add a nice dialog interface * or remove it *
# + must be escapable - ie. have a CANCEL button within
-# the dialog windows
-# + better support command line options in a pro-manner
-# + add the commandline option to use with or without dialog
-# + rewrite the script using python
-
+# the dialog windows * or remove dialog *
+# + better support command line options in a nice POSIX manner
+# + add the commandline option to use with or without dialog *or forget it*
########################################################
#################### CHANGELOG #########################
########################################################
+# v0.8.9 05.03.2013 13:28
+# +DragonFlyBSD support is now fully supported.
+# Cryptsetup / dm-luks spends a lot of time with its operation,
+# 10-15 minutes, but apart from that, LUKSUS runs on DragonFlyBSD.
+# Functions need more attention and cleanup, but everything is working
+# quite well now.
+
+
# v0.8.5 26.02.2013 12:00
# Cleanup before public release on Freecode.com!
# Hello World

0 comments on commit 1b073fe

Please sign in to comment.