diff options
author | Daniel Baumann <daniel@debian.org> | 2007-09-23 10:04:46 +0200 |
---|---|---|
committer | Daniel Baumann <daniel@debian.org> | 2011-03-09 18:14:51 +0100 |
commit | fe6eb1c593e2df135c8807bf94df614984b4d6ec (patch) | |
tree | 693b803dcc6473a8699f0c605c92b10c24755e28 /helpers/lh_binary_encryption | |
parent | 470cf1764bf56b32addff591cfe3fd69af0e5760 (diff) | |
download | vyos-live-build-fe6eb1c593e2df135c8807bf94df614984b4d6ec.tar.gz vyos-live-build-fe6eb1c593e2df135c8807bf94df614984b4d6ec.zip |
Adding live-helper 1.0~a1-1.
Diffstat (limited to 'helpers/lh_binary_encryption')
-rwxr-xr-x | helpers/lh_binary_encryption | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/helpers/lh_binary_encryption b/helpers/lh_binary_encryption new file mode 100755 index 000000000..9df73b2a3 --- /dev/null +++ b/helpers/lh_binary_encryption @@ -0,0 +1,73 @@ +#!/bin/sh + +# lh_binary_encryption(1) - encrypts rootfs + +set -e + +# Source common functions +for FUNCTION in /usr/share/live-helper/functions/*.sh +do + . ${FUNCTION} +done + +# Reading configuration files +Read_conffile config/common +Read_conffile config/image +Set_defaults + +# Requiring stage file +Require_stagefile "${LIVE_ROOT}"/.stage/bootstrap +Require_stagefile "${LIVE_ROOT}"/.stage/binary_rootfs + +# Checking lock file +Check_lockfile "${LIVE_ROOT}"/.lock + +# Creating lock file +Create_lockfile "${LIVE_ROOT}"/.lock + +# Checking stage file +Check_stagefile "${LIVE_ROOT}"/.stage/binary_encryption + +if [ -n "${LIVE_ENCRYPTION}" ] +then + if [ ! -x /usr/bin/aespipe ] + then + echo "E: aespipe is missing (FIXME)." + exit 1 + fi + + case "${LIVE_FILESYSTEM}" in + ext2) + ROOTFS="ext2" + ;; + + plain) + echo "W: encryption not supported on plain filesystem." + exit 0 + ;; + + squashfs) + ROOTFS="squashfs" + ;; + esac + + echo "Encrypting ${LIVE_ROOT}/binary/casper/filesystem.${ROOTFS} with ${LIVE_ENCRYPTION}..." + + while true + do + cat ${LIVE_ROOT}/binary/casper/filesystem.${ROOTFS} | aespipe -e "${LIVE_ENCRYPTION}" -T > "${LIVE_ROOT}"/binary/casper/filesystem.${ROOTFS} && break + + echo -n "Something went wrong... Retry? [YES/no] " + + read ANSWER + + if [ 'no' = "${ANSWER}" ] + then + unset ANSWER + break + fi + done + + # Creating stage file + Create_stagefile "${LIVE_ROOT}"/.stage/binary_encryption +fi |