diff -r 000000000000 -r 28b7682d5476 truecrypt_init.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/truecrypt_init.sh Tue Nov 04 18:26:39 2014 +0100 @@ -0,0 +1,135 @@ +#!/bin/sh + +# ------------------------------------------------------------ +# opensecurity package file +# +# Autor: X-Net Services GmbH +# +# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology +# +# +# X-Net Technologies GmbH +# Elisabethstrasse 1 +# 4020 Linz +# AUSTRIA +# https://www.x-net.at +# +# AIT Austrian Institute of Technology +# Donau City Strasse 1 +# 1220 Wien +# AUSTRIA +# http://www.ait.ac.at +# +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ------------------------------------------------------------ + +BASEDIR="$(dirname $0)" +DEVICE="$1" +MOUNTPOINT="$2" +PASSWORD="$3" +KEYFILE="$4" + + +getRemoteIp () +{ + ip_address=$(ifconfig eth0 | grep "inet " | awk '{ print $2 }' | cut -d ":" -f 2) + ip_netmask=$(ifconfig eth0 | grep "inet " | awk '{ print $4 }' | cut -d ":" -f 2) + remote_ip=$(ipcalc $ip_address/$ip_netmask | grep HostMin | awk '{ print $2}') + + echo $remote_ip +} + +sendInfoNotification () +{ + MESSAGE="$1" + wget -q -T 3 -t 1 -O /dev/null "http://$(getRemoteIp):8090/message?msgtype=information&text=$MESSAGE" +} + +sendErrorNotification () +{ + MESSAGE="$1" + wget -q -T 3 -t 1 -O /dev/null "http://$(getRemoteIp):8090/notification?msgtype=critical&text=$MESSAGE" +} + + +if [ -r "$BASEDIR/truecrypt_config.cfg" ] +then + . "$BASEDIR/truecrypt_config.cfg" +else + echo "truecrypt_config.cfg not found" >&2 + exit 1 +fi + +# make sure to have "/dev/sdb" (not "/dev/sdb1") +#DEVICE="${DEVICE:0:8}" the bash way does not work in dash -.- +DEVICE="$(echo "$DEVICE" | awk '{print substr($1,0,9)}')" + +sendInfoNotification "Encrypt device" +if [ -z "$KEYFILE" ] +then + message="$($tc_cmd -c --non-interactive --quick --filesystem=none --encryption=AES --hash=RIPEMD-160 -p "$PASSWORD" "$DEVICE")" + result="$?" +else + message="$($tc_cmd -c --non-interactive --quick --filesystem=none --encryption=AES --hash=RIPEMD-160 -p "$PASSWORD" -k "$KEYFILE" "$DEVICE")" + result="$?" +fi + + +if [ "$result" != "0" ] +then + sendErrorNotification "Encryption failed" + exit 1 +fi + +sendInfoNotification "Device encrypted" + + + +if [ -z "$KEYFILE" ] +then + message="$message\n$($tc_cmd --non-interactive --filesystem=none -p "$PASSWORD" "$DEVICE")" + result="$?" +else + message="$message\n$($tc_cmd --non-interactive --filesystem=none -p "$PASSWORD" -k "$KEYFILE" "$DEVICE")" + result="$?" +fi + +if [ "$result" != "0" ] +then + exit 1 +fi + + + +sendInfoNotification "Create NTFS filesystem on encrypted device" + +TC_DEVICE=$(truecrypt -l | awk '{print $3}') + +message="$message\n$(mkfs.ntfs --quick "$TC_DEVICE")" +result="$?" + +if [ "$result" != "0" ] +then + sendErrorNotification "Filesystem creation failed" + exit 1 +fi + +sendInfoNotification "Filesystem successfully created" + +mount "$TC_DEVICE" "$MOUNTPOINT" + +sendInfoNotification "Stick is now initialized" + +echo "$message" +exit 0 \ No newline at end of file