From 46f69c74a01659ccd78dcb32ea5933edaa0c9241 Mon Sep 17 00:00:00 2001
From: Andrew Cady <d@jerkface.net>
Date: Tue, 28 Mar 2017 15:46:55 -0400
Subject: Support for reusing a generated set of child keys

---
 src/store-child-permanently | 44 ++++++++++++++++++++++++++++++++++++++++++++
 src/xorriso-usb.sh          | 10 ++++++++--
 2 files changed, 52 insertions(+), 2 deletions(-)
 create mode 100755 src/store-child-permanently

(limited to 'src')

diff --git a/src/store-child-permanently b/src/store-child-permanently
new file mode 100755
index 0000000..463f776
--- /dev/null
+++ b/src/store-child-permanently
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+. samizdat-paths.sh
+
+error()
+{
+  printf 'Error: %s\n' "${*:-command failed}" >&2
+  exit 1
+}
+
+warning()
+{
+  printf 'Warning: %s\n' "${*:-something went wrong}" >&2
+}
+
+store_tmpfs()
+{
+  local dir="$1"
+  mountpoint -q "$dir"       || return 0
+  [ ! -d "$dir".backup ]     || error "existing child backup found: '$dir.backup'.  Refusing to continue."
+  cp -a "$dir" "$dir".backup || error "failed to make copy of child."
+  umount "$dir"              || error "failed to unmount child tmpfs"
+  rmdir "$dir"               || mv -Tb "$dir" "$dir".unlikely
+  mv -T "$dir".backup "$dir" || error "failed to move copied child dir into place.  Child will not function!"
+}
+
+assert_root()
+{
+  [ "$(id -u)" = 0 ] || error "you are not root"
+}
+
+main()
+{
+  assert_root
+  child=$1
+  [ "$child" ] || usage
+  if [ -d "$samizdat_child_dir"/child."$child" ]; then
+    store_tmpfs "$samizdat_child_dir"/child."$child"
+  else
+    error "not a valid child: $child"
+  fi
+}
+
+main "$@"
diff --git a/src/xorriso-usb.sh b/src/xorriso-usb.sh
index 2b3214f..03c6482 100644
--- a/src/xorriso-usb.sh
+++ b/src/xorriso-usb.sh
@@ -12,7 +12,7 @@ efi_dir=$samizdat_grub_efi_dir
 
 die() { printf "%s: Error: %s\n" "$0" "$*" >&2; exit 1; }
 
-TEMP="$(getopt -o '' --long bootloader,adam,usb,detach,in:,out:,test -n "$0" -- "$@")" ||
+TEMP="$(getopt -o '' --long bootloader,reuse-child:,adam,usb,detach,in:,out:,test -n "$0" -- "$@")" ||
     die 'getopt error'
 eval set -- "$TEMP"
 
@@ -26,6 +26,7 @@ while [ $# -gt 0 ]; do
         --test)   shift; QUICK_TEST=y;;
         --out)    CMDLINE_OUTDEV="$2"; USB=; shift 2;;
         --in)     INPUT_DEVICE="$2"; shift 2;;
+        --reuse-child) REUSE_CHILD=y; child_dir=$samizdat_child_dir/child."$2"; shift 2;;
         --)       shift; break;;
         *) die 'getopt error';;
     esac
@@ -139,7 +140,12 @@ grub-efi.sh || die "grub-efi.sh failed"
 
 choose_outdev
 
-generate_keys
+if [ "$REUSE_CHILD" ]; then
+    gnupghome=$child_dir/root/.gnupg
+    [ -d "$gnupghome" ] || die "invalid child"
+else
+    generate_keys
+fi
 
 try_mount()
 {
-- 
cgit v1.2.3