tomb

commit 3baa72b5a5c541f76174c60806d02a0bdf5cac81
parent 130c98f1fe72a117b3a9247d138c932dea572c82
Author: Jaromil <jaromil@dyne.org>
Date:   Tue, 24 May 2011 12:04:18 +0200

new -o flag to manually specify mount(8) options used in tomb open
updated documentation

Diffstat:
M
doc/tomb-open.1
 | 
10
+++++++++-
M
doc/tomb-status.1
 | 
10
+++++++++-
M
doc/tomb.1
 | 
8
++++++++
M
src/tomb
 | 
9
++++++---

4 files changed, 32 insertions(+), 5 deletions(-)
diff --git a/doc/tomb-open.1 b/doc/tomb-open.1
@@ -105,6 +105,14 @@ USB storage device and it will look for the key file inside it.
 Skip processing of post-hooks and bind-hooks if found inside the tomb.
 See the \fIHOOKS\fR section in this manual for more information.
 .B
+.IP "-o"
+Manually specify mount options to be used when opening a tomb instead
+of the default \fIrw,noatime,nodev\fR. This option can be used to
+mount a tomb read-only (ro) to prevent any modification of its data,
+or to experiment with other settings (if you really know what you are
+doing) see the mount(8) man page.
+
+.B
 .IP "-h"
 Display a help text and quit
 .B
@@ -167,7 +175,7 @@ Tomb is designed and written by Denis Roio aka Jaromil.
 Tomb's artwork is contributed by Jordi aka Mon Mort
 
 Testing and fixes are contributed by Dreamer, Hellekin O. Wolf,
-Asbesto Molesto, Anathema, Boyska and Nignux.
+Shining, Asbesto Molesto, Anathema, Boyska and Nignux.
 
 Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
 
diff --git a/doc/tomb-status.1 b/doc/tomb-status.1
@@ -105,6 +105,14 @@ USB storage device and it will look for the key file inside it.
 Skip processing of post-hooks and bind-hooks if found inside the tomb.
 See the \fIHOOKS\fR section in this manual for more information.
 .B
+.IP "-o"
+Manually specify mount options to be used when opening a tomb instead
+of the default \fIrw,noatime,nodev\fR. This option can be used to
+mount a tomb read-only (ro) to prevent any modification of its data,
+or to experiment with other settings (if you really know what you are
+doing) see the mount(8) man page.
+
+.B
 .IP "-h"
 Display a help text and quit
 .B
@@ -167,7 +175,7 @@ Tomb is designed and written by Denis Roio aka Jaromil.
 Tomb's artwork is contributed by Jordi aka Mon Mort
 
 Testing and fixes are contributed by Dreamer, Hellekin O. Wolf,
-Asbesto Molesto, Anathema, Boyska and Nignux.
+Shining, Asbesto Molesto, Anathema, Boyska and Nignux.
 
 Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
 
diff --git a/doc/tomb.1 b/doc/tomb.1
@@ -105,6 +105,14 @@ USB storage device and it will look for the key file inside it.
 Skip processing of post-hooks and bind-hooks if found inside the tomb.
 See the \fIHOOKS\fR section in this manual for more information.
 .B
+.IP "-o"
+Manually specify mount options to be used when opening a tomb instead
+of the default \fIrw,noatime,nodev\fR. This option can be used to
+mount a tomb read-only (ro) to prevent any modification of its data,
+or to experiment with other settings (if you really know what you are
+doing) see the mount(8) man page.
+
+.B
 .IP "-h"
 Display a help text and quit
 .B
diff --git a/src/tomb b/src/tomb
@@ -25,6 +25,7 @@ DATE=May/2011
 TOMBEXEC=$0
 TOMBOPENEXEC="tomb-open"
 STEGHIDE=1
+MOUNTOPTS="rw,noatime,nodev"
 
 # PATH=/usr/bin:/usr/sbin:/bin:/sbin
 
@@ -234,6 +235,7 @@ Options:
  -s     size of the tomb file when creating one (in MB)
  -k     path to the key to use for opening a tomb
  -n     don't process the hooks found in tomb
+ -o     mount options used to open (default: rw,noatime,nodev)
 
  -h     print this help
  -v     version information for this tool
@@ -530,7 +532,7 @@ mount_tomb() {
     act "tomb engraved as $tombname"
     tune2fs -L ${tombname} /dev/mapper/${mapper} > /dev/null
 
-    mount -o rw,noatime,nodev /dev/mapper/${mapper} ${tombmount}
+    mount -o $MOUNTOPTS /dev/mapper/${mapper} ${tombmount}
 
     # Ensure the user can write the disk - 10x Hellekin :)
     ME=${SUDO_USER:-$(whoami)}
@@ -679,7 +681,7 @@ exec_safe_bind_hooks() {
       elif [ ! -r "$MOUNTPOINT/$dir" ]; then
 	  error "bind-hook source not found in tomb, skipping ${MOUNTPOINT}/${dir}"
       else
-	  mount -o bind $MOUNTPOINT/$dir $HOME/${maps[$dir]}
+	  mount -o bind,$MOUNTOPTS $MOUNTPOINT/$dir $HOME/${maps[$dir]}
 	  mounted+=("$HOME/${maps[$dir]}")
       fi
    done
@@ -1005,7 +1007,7 @@ main () {
 
     ARGS=$@[@]
 
-    OPTS=`getopt -o hvqDs:k:n -n 'tomb' -- "$@"`
+    OPTS=`getopt -o hvqDs:k:no: -n 'tomb' -- "$@"`
     while true; do
 	case "$1" in
 	      -h)
@@ -1028,6 +1030,7 @@ main () {
 	      -s) SIZE=$2; shift 2 ;;
 	      -k) KEY=$2; shift 2 ;;
 	      -n) NOBIND=1; shift 1 ;;
+	      -o) MOUNTOPTS=$2; shift 2;;
 	      --) shift; break ;;
 	       *) CMD=$1;
 		  FILE=$2; MOUNT=$3; # compat with old args