diff options
author | Andrew Cady <d@jerkface.net> | 2016-04-27 09:23:09 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2016-04-27 09:23:09 -0400 |
commit | bb35cfd21f0683d17d29a5f51b22bab8047127de (patch) | |
tree | 035abc9fcb556cd195041587cf208e0ff6ccfcb6 /old-school | |
parent | 5240fe8fb459d895ec8daf7da013298ac9786a59 (diff) |
Implement encrypted cdrom ejection
This allows the cdrom to be copied onto the outer filesystem (mounted in
/outerfs) without storing unencrypted gpg keys there.
e.g.:
samizdat-eject.sh /outerfs/samizdat.iso
This was necessary because the other method probably causes btrfs deadlocks.
We do end up copying data twice this way (or three times, probably --
if the ISO is saved), but not _from the cdrom_. And we get to eject
immediately after the first copy. Future copies will be from the hard
drive. Not too bad.
Diffstat (limited to 'old-school')
-rw-r--r-- | old-school/lvm-create.sh | 26 | ||||
-rw-r--r-- | old-school/mdadm-dup.sh | 46 |
2 files changed, 70 insertions, 2 deletions
diff --git a/old-school/lvm-create.sh b/old-school/lvm-create.sh index ce0862e..916b888 100644 --- a/old-school/lvm-create.sh +++ b/old-school/lvm-create.sh | |||
@@ -53,12 +53,35 @@ init_samizdat() | |||
53 | 53 | ||
54 | btrfs device add "$blockdev" /root || return | 54 | btrfs device add "$blockdev" /root || return |
55 | mount -o rw,remount /root || return | 55 | mount -o rw,remount /root || return |
56 | samizdat_movemounts "$imgfile" | ||
56 | 57 | ||
57 | initialize_root_filesystem || return | 58 | initialize_root_filesystem || return |
58 | 59 | ||
59 | bootdone root-mounted | 60 | bootdone root-mounted |
60 | } | 61 | } |
61 | 62 | ||
63 | samizdat_movemounts() | ||
64 | { | ||
65 | local imgfile="$1" mountpoint | ||
66 | |||
67 | mountpoint=$(mountpoint_of "$imgfile") || return | ||
68 | mkdir /root/cdrom /root/outerfs | ||
69 | mount -o move /cdrom /root/cdrom | ||
70 | mount -o move "$mountpoint" /root/outerfs | ||
71 | mkdir /run/initramfs/samizdat | ||
72 | mv /var/log /run/initramfs/samizdat/log | ||
73 | } | ||
74 | |||
75 | mountpoint_of() | ||
76 | { | ||
77 | local f="$1" | ||
78 | while ! mountpoint -q "$f"; do | ||
79 | f=$(dirname "$f") | ||
80 | [ "$f" != '.' ] || return 1 | ||
81 | done | ||
82 | printf '%s\n' "$f" | ||
83 | } | ||
84 | |||
62 | initialize_root_filesystem() | 85 | initialize_root_filesystem() |
63 | { | 86 | { |
64 | rm -r /root/root | 87 | rm -r /root/root |
@@ -117,7 +140,7 @@ filesystem_incomplete() | |||
117 | open_samizdat() | 140 | open_samizdat() |
118 | { | 141 | { |
119 | open_samizdat_blockdev "$@" || return | 142 | open_samizdat_blockdev "$@" || return |
120 | local blockdev=/dev/mapper/samizdatcrypt fs | 143 | local blockdev=/dev/mapper/samizdatcrypt imgfile="$1" fs |
121 | 144 | ||
122 | # For this part, we don't necessarily need the cdrom. | 145 | # For this part, we don't necessarily need the cdrom. |
123 | # Unfortunately the init_gpg code is still getting the GPG key there. | 146 | # Unfortunately the init_gpg code is still getting the GPG key there. |
@@ -127,6 +150,7 @@ open_samizdat() | |||
127 | modprobe btrfs || return | 150 | modprobe btrfs || return |
128 | btrfs device scan || return | 151 | btrfs device scan || return |
129 | mount -t btrfs -o subvol=ROOT "$blockdev" /root || return | 152 | mount -t btrfs -o subvol=ROOT "$blockdev" /root || return |
153 | samizdat_movemounts "$imgfile" | ||
130 | LoSetup -D | 154 | LoSetup -D |
131 | bootdone root-mounted | 155 | bootdone root-mounted |
132 | } | 156 | } |
diff --git a/old-school/mdadm-dup.sh b/old-school/mdadm-dup.sh index 16e3dfd..fe18e92 100644 --- a/old-school/mdadm-dup.sh +++ b/old-school/mdadm-dup.sh | |||
@@ -116,7 +116,51 @@ mdadm_subdevices() | |||
116 | mdadm -D "$md_dev" -Y | sed -ne 's/^MD_DEVICE_.*_DEV=//p' | 116 | mdadm -D "$md_dev" -Y | sed -ne 's/^MD_DEVICE_.*_DEV=//p' |
117 | } | 117 | } |
118 | 118 | ||
119 | mdadm_copy_eject() # NOT INITRD; uses non-busybox "losetup" | 119 | cryptsetup_temp() |
120 | { | ||
121 | local sectors="$1" cryptname="$2" temp_file="$3" parms=$- secret | ||
122 | set +x | ||
123 | # Add 4096 sectors for LUKS header | ||
124 | truncate -s $(((sectors + 4096) * 512)) "$temp_file" || return | ||
125 | cleartext_dev=$(LoSetup -f --show "$temp_file") || return | ||
126 | secret="$(head -c256 /dev/urandom)" || return | ||
127 | printf %s "$secret" | | ||
128 | cryptsetup luksFormat "$cleartext_dev" - || return | ||
129 | printf %s "$secret" | | ||
130 | cryptsetup --key-file - luksOpen "$cleartext_dev" "$cryptname" || return | ||
131 | unset secret | ||
132 | set $parms | ||
133 | |||
134 | wait_for_dm_device /dev/mapper/"$cryptname" | ||
135 | echo /dev/mapper/"$cryptname" | ||
136 | } | ||
137 | |||
138 | mdadm_copy_eject_crypt() | ||
139 | { | ||
140 | local md_dev="$1" temp_file="$2" | ||
141 | |||
142 | [ -b "$md_dev" ] || return | ||
143 | [ ! -e "$temp_file" ] || return | ||
144 | |||
145 | local output_dev sectors | ||
146 | |||
147 | old_subdev=$(mdadm_subdevices "$md_dev"|head -n1) || return | ||
148 | [ -b "$old_subdev" ] || return | ||
149 | # TODO: truncate to the ISO fs size if the device is larger | ||
150 | sectors=$(blockdev --getsz "$md_dev") || return | ||
151 | |||
152 | output_dev=$(cryptsetup_temp "$sectors" samizdatiso "$temp_file") || return | ||
153 | |||
154 | mdadm "$md_dev" --add "$output_dev" || return | ||
155 | mdadm "$md_dev" --grow -n2 || return | ||
156 | |||
157 | mdadm_wait_remove "$md_dev" "$old_subdev" || return | ||
158 | |||
159 | mdadm "$md_dev" --grow -n1 --force || return | ||
160 | dm_snapshot_teardown "$old_subdev" | ||
161 | } | ||
162 | |||
163 | mdadm_copy_eject() | ||
120 | { | 164 | { |
121 | local md_dev="$1" output_file="$2" | 165 | local md_dev="$1" output_file="$2" |
122 | 166 | ||