-
-
Notifications
You must be signed in to change notification settings - Fork 187
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
WiP cryptsetup 2.6.1: add helper script to format block device partit…
…ion and reencrypt Script has double warning prior of just doing what user wants with user specified partition. No validation Amend test scripts to not append on first write to log files TODO: Delete this later Signed-off-by: Thierry Laurion <[email protected]>
- Loading branch information
Showing
2 changed files
with
35 additions
and
1 deletion.
There are no files selected for viewing
34 changes: 34 additions & 0 deletions
34
initrd/bin/test_reencrypt_block_device_with_double_confirmation.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| echo "Mounting USB drive to /media" | ||
| mount-usb --mode rw | ||
|
|
||
| #Prompt user to specify block device's partition to format and reencrypt with big fat warning | ||
| echo "WARNING: This script will format and reencrypt specified partition next. Please make sure you have backed up your data before proceeding." | ||
| echo "Please specify block device's partition to format and reencrypt. Example: /dev/sda2" | ||
| read DISK | ||
|
|
||
| #validate one last time with user prior of proceeding | ||
| echo "You have specified $DISK. Are you sure you want to proceed? (y/n)" | ||
| read CONFIRM | ||
| if [ "$CONFIRM" != "y" ]; then | ||
| echo "Aborting..." | ||
| exit 1 | ||
| fi | ||
|
|
||
| #echo "PLACEHOLDER - Creating 8GB file in /tmp" | tee -a /media/ram_reencrypt.log | ||
| #dd if=/dev/zero of=/tmp/disk8gb.raw bs=1M count=8k | tee -a /media/ram_reencrypt.log | ||
| echo "This is test passphrase used to create LUKS key" > /tmp/passphrase.txt | ||
|
|
||
| #Doing benchmarking | ||
| echo "PLACEHOLDER - Running benchmark..." | tee /media/block_reencrypt.log | ||
|
|
||
| cryptsetup benchmark | tee -a /media/block_reencrypt.log | ||
|
|
||
| echo "PLACEHOLDER - Creating LUKS container on $DISK..." | tee -a /media/block_reencrypt.log | ||
| time cryptsetup luksFormat "$DISK" --debug --batch-mode --key-file /tmp/passphrase.txt | tee -a /media/block_reencrypt.log | ||
|
|
||
| echo "PLACEHOLDER - Reeencrypting LUKS container on $DISK..." | tee -a /media/block_reencrypt.log | ||
| time cryptsetup reencrypt "$DISK" --disable-locks --force-offline-reencrypt --debug --batch-mode --key-file /tmp/passphrase.txt | tee -a /media/block_reencrypt.log | ||
|
|
||
| echo "PLACEHOLDER - Unmounting USB drive from /media" | ||
| umount /media | ||
| echo "Done. You can remove USB drive now and upload ram_reencrypt.log from another computer to github PR." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters