cleanup of the main script improved binary check, made resize optional and set aside old install command (was already unused) - tomb

commit 37792ffdc5fd5d697b7e4df11428689234d361d2
parent 5f5fb06d433f384be36c61b02bc7cc45976d8558
Author: Jaromil <jaromil@dyne.org>
Date:   Sat, 25 May 2013 15:04:16 +0200

cleanup of the main script
improved binary check, made resize optional
and set aside old install command (was already unused)

Diffstat:
A extras/desktop/install.zsh  | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M tomb  | 169 ++++++++++++++++++++++---------------------------------------------------------

2 files changed, 136 insertions(+), 123 deletions(-)
diff --git a/extras/desktop/install.zsh b/extras/desktop/install.zsh
@@ -0,0 +1,90 @@
+# {{{ - Install
+# install mime-types, bells and whistles for the desktop
+# see http://developers.sun.com/solaris/articles/integrating_gnome.html
+# and freedesktop specs
+install_tomb() {
+
+# TODO: distro package deps (for binary)
+# debian: zsh, cryptsetup, sudo
+    _message "updating mimetypes..."
+    cat <<EOF > /tmp/dyne-tomb.xml
+<?xml version="1.0"?>
+<mime-info xmlns='http://www.freedesktop.org/standards/shared-mime-info'>
+  <mime-type type="application/x-tomb-volume">
+    <comment>Tomb crypto volume</comment>
+    <glob pattern="*.tomb"/>
+  </mime-type>
+  <mime-type type="application/x-tomb-key">
+    <comment>Tomb crypto key</comment>
+    <glob pattern="*.tomb.key"/>
+  </mime-type>
+</mime-info>
+EOF
+    xdg-mime install /tmp/dyne-tomb.xml
+    xdg-icon-resource install --context mimetypes --size 32 monmort.xpm monmort
+    xdg-icon-resource install --size 32 monmort.xpm dyne-monmort
+
+    rm /tmp/dyne-tomb.xml
+
+    _message "updating desktop..."
+    cat <<EOF > /usr/share/applications/tomb.desktop
+[Desktop Entry]
+Version=1.0
+Type=Application
+Name=Tomb crypto undertaker
+GenericName=Crypto undertaker
+Comment=Keep your bones safe
+Exec="${TOMBOPENEXEC}" %U
+TryExec=tomb-open
+Icon=monmort.xpm
+Terminal=true
+Categories=Utility;Security;Archiving;Filesystem;
+MimeType=application/x-tomb-volume;
+X-AppInstall-Package=tomb
+EOF
+    update-desktop-database
+
+    _message "updating menus..."
+    cat <<EOF > /etc/menu/tomb
+?package(tomb):command="tomb" icon="/usr/share/pixmaps/monmort.xpm" needs="text" \
+	section="Applications/Accessories" title="Tomb" hints="Crypto" \
+	hotkey="Tomb"
+EOF
+    update-menus
+
+    _message "updating mime info..."
+    cat <<EOF > /usr/share/mime-info/tomb.keys
+# actions for encrypted tomb storage
+application/x-tomb-volume:
+	open="${TOMBOPENEXEC}" %f
+	view=tomb-open %f
+	icon-filename=monmort.xpm
+	short_list_application_ids_for_novice_user_level=tomb
+EOF
+    cat <<EOF > /usr/share/mime-info/tomb.mime
+# mime type for encrypted tomb storage
+application/x-tomb-volume
+	ext: tomb
+
+application/x-tomb-key
+	ext: tomb.key
+EOF
+    cat <<EOF > /usr/lib/mime/packages/tomb
+application/x-tomb-volume; tomb-open '%s'; priority=8
+EOF
+    update-mime
+
+    _message "updating application entry..."
+
+    cat <<EOF > /usr/share/application-registry/tomb.applications
+tomb
+	 command=tomb-open
+	 name=Tomb - Crypto Undertaker
+	 can_open_multiple_files=false
+	 expects_uris=false
+	 requires_terminal=true
+	 mime-types=application/x-tomb-volume,application/x-tomb-key
+EOF
+    _message "Tomb is now installed."
+}
+# }}}
diff --git a/tomb b/tomb
@@ -31,6 +31,7 @@ typeset -a OLDARGS
 for arg in ${argv}; do OLDARGS+=($arg); done
 STEGHIDE=1
 MKTEMP=1
+RESIZER=1
 MOUNTOPTS="rw,noatime,nodev"
 
 typeset -A global_opts
@@ -169,33 +170,29 @@ progress() {
 
 check_bin() {
     # check for required programs
-    for req in pinentry sudo gpg; do
-	which $req >/dev/null || die "Cannot find $req.  Please install it." 1
+    for req in cryptsetup pinentry sudo gpg; do
+	command -v $req >/dev/null || die "Cannot find $req. It's a requirement to use Tomb, please install it." 1
     done
 
     export PATH=/sbin:/usr/sbin:$PATH
 
-    which cryptsetup > /dev/null && CRYPTSETUP=cryptsetup || die "Cryptsetup not found in $PATH." 1
-
     # which dd command to use
-    which dcfldd > /dev/null && DD=dcfldd || DD=dd
+    command -v dcfldd > /dev/null && DD=dcfldd || DD=dd
 
     # which wipe command to use
-    which wipe > /dev/null && WIPE="wipe -f -s" || WIPE="rm -f"
+    command -v wipe > /dev/null && WIPE="wipe -f -s" || WIPE="rm -f"
 
     # check for filesystem creation progs
-    which mkfs.ext4 > /dev/null && \
+    command -v mkfs.ext4 > /dev/null && \
         MKFS="mkfs.ext4 -q -F -j -L" || \
         MKFS="mkfs.ext3 -q -F -j -L"
 
     # check for mktemp
-    which mktemp > /dev/null || MKTEMP=0
+    command -v mktemp > /dev/null || MKTEMP=0
     # check for steghide
-    which steghide > /dev/null || STEGHIDE=0
-
-    # resize suite check bin!
-    which e2fsck > /dev/null || die "Cannot find e2fsck. Please install it." 1
-    which resize2fs > /dev/null || die "Cannot find resize2fs. Please install it." 1
+    command -v steghide > /dev/null || STEGHIDE=0
+    # check for resize
+    command -v e2fsck resize2fs > /dev/null || RESIZER=0
     
     if which tomb-kdf-pbkdf2 &> /dev/null; then
         KDF_PBKDF2="tomb-kdf-pbkdf2"
@@ -356,6 +353,10 @@ EOF
 	sudo "${TOMBEXEC}" -U ${UID} -G ${GID} -T ${TTY} "${(@)OLDARGS}"
 	exit $?
     fi # are we root already
+
+    # make sure necessary kernel modules are loaded
+    modprobe dm_crypt 
+    
     return 0
 }
 # }}}
@@ -393,8 +394,12 @@ Commands:
  slam    slam a TOMB killing all programs using it
 
  passwd  change the password of a KEY
- resize  resize a TOMB to a new --size (can only grow)
 EOF
+    if [ "$RESIZER" = 1 ]; then
+	cat <<EOF
+	resize  resize a TOMB to a new --size (can only grow)
+EOF
+    fi
     if [ "$STEGHIDE" = 1 ]; then
 	cat <<EOF
  bury       hide a KEY inside a JPEG image
@@ -680,7 +685,7 @@ forge_key() {
     _message "Commanded to forge key $1"
 
     if ! [ $1 ]; then
-        _warning "no key name specified for creation"
+          _warning "no key name specified for creation"
         return 1
     fi
 
@@ -759,7 +764,9 @@ forge_key() {
     ls -lh ${tombkey}
 }
 
-# dig a tomb
+# Dig a tomb, means that it will create an empty file to be formatted
+# as a loopback filesystem. Initially the file is filled with random data
+# taken from /dev/urandom which improves the tomb's overall security
 dig_tomb() {
     _message "Commanded to dig tomb $1"
 
@@ -1111,8 +1118,10 @@ gen_key() {
             ;;
     esac
     echo -n $header
-    gpg --openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \
-        -o - -c -a ${lukskey} <<< "${tombpass}"
+
+    print "${tombpass}" \
+	| gpg --openpgp --batch --no-options --no-tty --passphrase-fd 0 2>/dev/null \
+        -o - -c -a ${lukskey}
 
     unset tombpass
 }
@@ -1531,7 +1540,7 @@ umount_tomb() {
     return 0
 }
 # }}}
-# }}}
+
 # {{{ - Change Password
 # $1 is the tomb key path
 
@@ -1686,18 +1695,18 @@ resize_tomb() {
     
     _message "Password is required for key ${keyname}"
     for c in 1 2 3; do
-	    if [ $c = 1 ]; then
-	        tombpass=`exec_as_user ${TOMBEXEC} askpass ${keyname}`
-	    else
-	        tombpass=`exec_as_user ${TOMBEXEC} askpass "$keyname (retry $c)"`
-	    fi
+	if [ $c = 1 ]; then
+	    tombpass=`exec_as_user ${TOMBEXEC} askpass ${keyname}`
+	else
+	    tombpass=`exec_as_user ${TOMBEXEC} askpass "$keyname (retry $c)"`
+	fi
         get_lukskey "${tombpass}" ${tombkey} | \
             cryptsetup --key-file - luksOpen ${nstloop} ${mapper}
-	    
+	
         unset tombpass
 	
-	    if [ -r /dev/mapper/${mapper} ]; then
-	        break;  # password was correct
+	if [ -r /dev/mapper/${mapper} ]; then
+	    break;  # password was correct
         fi
     done
 
@@ -1871,8 +1880,8 @@ list_tombs() {
 	for h in ${mounted_hooks}; do
 	    print -n "$fg_no_bold[green]$tombname"
 	    print -n "$fg_no_bold[white] hooks "
-	    print -n "$fg_bold[white]`basename ${h[(ws:;:)1]}`"
-	    print -n "$fg_no_bold[white] on "
+#	    print -n "$fg_bold[white]`basename ${h[(ws:;:)1]}`"
+#	    print -n "$fg_no_bold[white] on "
 	    print "$fg_bold[white]${h[(ws:;:)2]}$fg_no_bold[white]"
 	done
     done
@@ -1931,98 +1940,7 @@ launch_status() {
     return 0
 }
 # }}}
-# {{{ - Install GUI
-# install mime-types, bells and whistles for the desktop
-# see http://developers.sun.com/solaris/articles/integrating_gnome.html
-# and freedesktop specs
-install_tomb() {
-
-# TODO: distro package deps (for binary)
-# debian: zsh, cryptsetup, sudo
-    _message "updating mimetypes..."
-    cat <<EOF > /tmp/dyne-tomb.xml
-<?xml version="1.0"?>
-<mime-info xmlns='http://www.freedesktop.org/standards/shared-mime-info'>
-  <mime-type type="application/x-tomb-volume">
-    <comment>Tomb encrypted volume</comment>
-    <glob pattern="*.tomb"/>
-  </mime-type>
-  <mime-type type="application/x-tomb-key">
-    <comment>Tomb crypto key</comment>
-    <glob pattern="*.tomb.key"/>
-  </mime-type>
-</mime-info>
-EOF
-    xdg-mime install /tmp/dyne-tomb.xml
-    xdg-icon-resource install --context mimetypes --size 32 monmort.xpm monmort
-    xdg-icon-resource install --size 32 monmort.xpm dyne-monmort
-
-    rm /tmp/dyne-tomb.xml
-
-    _message "updating desktop..."
-    cat <<EOF > /usr/share/applications/tomb.desktop
-[Desktop Entry]
-Version=1.0
-Type=Application
-Name=Tomb crypto undertaker
-GenericName=Crypto undertaker
-Comment=Keep your bones safe
-Exec="${TOMBOPENEXEC}" %U
-TryExec=tomb-open
-Icon=monmort.xpm
-Terminal=true
-Categories=Utility;Security;Archiving;Filesystem;
-MimeType=application/x-tomb-volume;
-X-AppInstall-Package=tomb
-EOF
-    update-desktop-database
 
-    _message "updating menus..."
-    cat <<EOF > /etc/menu/tomb
-?package(tomb):command="tomb" icon="/usr/share/pixmaps/monmort.xpm" needs="text" \
-	section="Applications/Accessories" title="Tomb" hints="Crypto" \
-	hotkey="Tomb"
-EOF
-    update-menus
-
-    _message "updating mime info..."
-    cat <<EOF > /usr/share/mime-info/tomb.keys
-# actions for encrypted tomb storage
-application/x-tomb-volume:
-	open="${TOMBOPENEXEC}" %f
-	view=tomb-open %f
-	icon-filename=monmort.xpm
-	short_list_application_ids_for_novice_user_level=tomb
-EOF
-    cat <<EOF > /usr/share/mime-info/tomb.mime
-# mime type for encrypted tomb storage
-application/x-tomb-volume
-	ext: tomb
-
-application/x-tomb-key
-	ext: tomb.key
-EOF
-    cat <<EOF > /usr/lib/mime/packages/tomb
-application/x-tomb-volume; tomb-open '%s'; priority=8
-EOF
-    update-mime
-
-    _message "updating application entry..."
-
-    cat <<EOF > /usr/share/application-registry/tomb.applications
-tomb
-	 command=tomb-open
-	 name=Tomb - Crypto Undertaker
-	 can_open_multiple_files=false
-	 expects_uris=false
-	 requires_terminal=true
-	 mime-types=application/x-tomb-volume,application/x-tomb-key
-EOF
-    _message "Tomb is now installed."
-}
-# }}}
-
-# }}}
 # {{{ MAIN COMMAND
 
 main() {
@@ -2230,9 +2148,14 @@ main() {
 	    decode_key $PARAM[1] $PARAM[2]
 	    ;;
 	resize)
-        check_priv
-        resize_tomb $PARAM[1]
-        ;;
+	    if [ "$RESIZER" = 0 ]; then
+		_warning "resize2fs not installed. Cannot resize your tomb."
+		return 1
+	    fi
+            check_priv
+            resize_tomb $PARAM[1]
+            ;;
+
 	# internal commands useful to developers
 	'source')   return 0 ;;
 	install)    check_priv ; install_tomb ;;

	tomb the crypto undertaker
	git clone git://parazyd.org/tomb.git
	Log \| Files \| Refs \| README \| LICENSE

A	extras/desktop/install.zsh	\|	90	+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M	tomb	\|	169	++++++++++++++++++++++---------------------------------------------------------