ecryptfs.sh
1.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
function key_exists() {
/bin/keyctl list @u | /bin/grep -q "${1}"
return $?
}
function insert_key() {
local INSERT=/usr/bin/ecryptfs-insert-wrapped-passphrase-into-keyring
key_exists "${3}" || /bin/cat "${1}" | ${INSERT} "${2}" -
}
function insert_keypair() {
local DATASIG="$(/bin/sed '1p;d' "${HOME}/.ecryptfs/${2}.sig")"
local NAMESIG="$(/bin/sed '2p;d' "${HOME}/.ecryptfs/${2}.sig")"
local DPF="${2}-passphrase"
local NPF="${2}-fname-passphrase"
insert_key "${1}/${DPF}" "${HOME}/.ecryptfs/wrapped-${DPF}" "${DATASIG}"
insert_key "${1}/${NPF}" "${HOME}/.ecryptfs/wrapped-${NPF}" "${NAMESIG}"
}
function is_ecryptfs() {
/usr/bin/test "$(/usr/bin/stat -f -c '%T' "${1}")" = "ecryptfs"
return $?
}
function mount_crypt() {
local CONFIG="${HOME}/.ecryptfs/${1}.conf"
local MOUNTPOINT="$(/usr/bin/awk '1{print $2}' "${CONFIG}")"
is_ecryptfs "${MOUNTPOINT}" || /sbin/mount.ecryptfs_private "${1}"
}
function umount_crypt() {
local CONFIG="${HOME}/.ecryptfs/${1}.conf"
local MOUNTPOINT="$(/usr/bin/awk '1{print $2}' "${CONFIG}")"
/bin/sync
is_ecryptfs "${MOUNTPOINT}" && /sbin/umount.ecryptfs_private -d "${1}"
}
# vim: set ts=4 sw=4: