itrestructure, add support for hooks - coffin - secure lan file storage on a device Err parazyd.org 70 hgit clone git://parazyd.org/coffin.git URL:git://parazyd.org/coffin.git parazyd.org 70 1Log /git/coffin/log.gph parazyd.org 70 1Files /git/coffin/files.gph parazyd.org 70 1Refs /git/coffin/refs.gph parazyd.org 70 1Submodules /git/coffin/file/.gitmodules.gph parazyd.org 70 1README /git/coffin/file/README.md.gph parazyd.org 70 1LICENSE /git/coffin/file/LICENSE.gph parazyd.org 70 i--- Err parazyd.org 70 1commit e65bdd247750cddf2e3adc4ac796e74865995215 /git/coffin/commit/e65bdd247750cddf2e3adc4ac796e74865995215.gph parazyd.org 70 1parent f512d6c5537da9637e00dc3c8840a6a9819fef0c /git/coffin/commit/f512d6c5537da9637e00dc3c8840a6a9819fef0c.gph parazyd.org 70 hAuthor: parazyd URL:mailto:parazyd@dyne.org parazyd.org 70 iDate: Thu, 25 Feb 2016 17:28:26 +0100 Err parazyd.org 70 i Err parazyd.org 70 irestructure, add support for hooks Err parazyd.org 70 i Err parazyd.org 70 iDiffstat: Err parazyd.org 70 i M bin/sacrist | 87 ++++++++++++++++++++++--------- Err parazyd.org 70 i Err parazyd.org 70 i1 file changed, 61 insertions(+), 26 deletions(-) Err parazyd.org 70 i--- Err parazyd.org 70 1diff --git a/bin/sacrist b/bin/sacrist /git/coffin/file/bin/sacrist.gph parazyd.org 70 it@@ -9,14 +9,18 @@ happenz=$2 Err parazyd.org 70 i keyuuid=$(blkid $device | awk -F\" '{print $2}') Err parazyd.org 70 i Err parazyd.org 70 i # Vars Err parazyd.org 70 i-tmptombs="/tmp/tombs" # Info about opened tombs, holds keyuuid, keyhash and tombid Err parazyd.org 70 i-tmptombs2="/tmp/tombs2" # Temp tempfile, for updating $tmptombs Err parazyd.org 70 i graveyard="/home/graveyard" # Our graveyard, with all the tombs Err parazyd.org 70 i+tombs="$graveyard/tombs" # Info about opened tombs, holds keyuuid, keyhash and tombid Err parazyd.org 70 i+tmptombs="$graveyard/tmptombs" # Temp tempfile, for updating $tombs Err parazyd.org 70 i keymount="/media/tombkey" # Directory where keys get mounted Err parazyd.org 70 i coffindot="$keymount/.coffin" # .coffin directory on the usb key Err parazyd.org 70 i ttab="$coffindot/ttab" # Our ttab Err parazyd.org 70 i-createme="$coffindot/create.me" # New tomb creation trigger Err parazyd.org 70 i+hooks="$coffindot/hook" Err parazyd.org 70 i tomb="/usr/local/bin/tomb" Err parazyd.org 70 i+tombpasswd="$graveyard/passwd" Err parazyd.org 70 i+ Err parazyd.org 70 i+# Hook syntax Err parazyd.org 70 i+# create:username:tombname:tombsize:passphrase Err parazyd.org 70 i Err parazyd.org 70 i # Debugs Err parazyd.org 70 i echo "Arg1: $1" Err parazyd.org 70 it@@ -34,38 +38,43 @@ _ttabmagic() { Err parazyd.org 70 i # Loop entire ttab and do stuff for tombs that want to be opened Err parazyd.org 70 i _msg info "Doing ttab magic..." Err parazyd.org 70 i line=0 Err parazyd.org 70 i+ Err parazyd.org 70 i for entry in $(cat $ttab); do Err parazyd.org 70 i let line=$line+1 Err parazyd.org 70 i _msg info "Found line $line..." Err parazyd.org 70 i- if [[ $(echo $entry | awk -F: '{print $4}') == "true" ]]; then Err parazyd.org 70 i+ Err parazyd.org 70 i+ if [[ $(echo $entry | awk -F: '{print $3}') == "true" ]]; then Err parazyd.org 70 i _msg info "Working on tomb from line $line..." Err parazyd.org 70 i undertaker=$(echo $entry | awk -F: '{print $1}') Err parazyd.org 70 i echo "Username: $undertaker" Err parazyd.org 70 i tombid=$(echo $entry | awk -F: '{print $2}') Err parazyd.org 70 i- echo "Tomb name: $tombid" Err parazyd.org 70 i+ echo "Tomb name: $tombid.tomb" Err parazyd.org 70 i _comparekey Err parazyd.org 70 i+ Err parazyd.org 70 i if [[ $happenz == "close" ]]; then Err parazyd.org 70 i _msg warn "Comparekey true" Err parazyd.org 70 i sudo -u $undertaker $tomb slam $tombid Err parazyd.org 70 i- cp $tmptombs $tmptombs2 Err parazyd.org 70 i- grep -v $keyhash $tmptombs2 > $tmptombs; chmod 600 $tmptombs; _msg info "Updated $tmptombs" Err parazyd.org 70 i- rm $tmptombs2 Err parazyd.org 70 i+ cp $tombs $tmptombs Err parazyd.org 70 i+ grep -v $keyhash $tmptombs > $tombs && chmod 600 $tombs && _msg info "Updated $tombs" Err parazyd.org 70 i+ rm $tmptombs Err parazyd.org 70 i continue Err parazyd.org 70 i fi Err parazyd.org 70 i+ Err parazyd.org 70 i _msg warn "Comparekey false" Err parazyd.org 70 i- keypass=$(echo $entry | awk -F: '{print $3}') Err parazyd.org 70 i+ keypass=$(cat $tombpasswd | grep $keyhash | awk -F: '{print $2}') Err parazyd.org 70 i echo "Tomb passphrase: $keypass" Err parazyd.org 70 i sudo -u $undertaker $tomb open $graveyard/$tombid.tomb -k $coffindot/$tombid.key \ Err parazyd.org 70 i- --unsafe --tomb-pwd $keypass # Deal with this shit somehow! Err parazyd.org 70 i+ --unsafe --tomb-pwd "$keypass" # Deal with this shit somehow! Err parazyd.org 70 i Err parazyd.org 70 i if [[ -d "/media/$tombid" ]]; then Err parazyd.org 70 i- echo "$undertaker:$keyhash:$keyuuid" >> $tmptombs; chmod 600 $tmptombs; _msg info "Added info to $tmptombs" Err parazyd.org 70 i+ echo "$undertaker:$keyhash:$keyuuid" >> $tombs && chmod 600 $tombs && _msg info "Added info to $tombs" Err parazyd.org 70 i else Err parazyd.org 70 i- _msg warn "Nothing added to $tmptombs" Err parazyd.org 70 i+ _msg warn "Nothing added to $tombs" Err parazyd.org 70 i fi Err parazyd.org 70 i fi Err parazyd.org 70 i+ Err parazyd.org 70 i done Err parazyd.org 70 i- umount $keymount; rmdir $keymount; _msg info "Unmounted and deleted $keymount" Err parazyd.org 70 i+ umount $keymount && rmdir $keymount && _msg info "Unmounted and deleted $keymount" Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 i _hashkey() { Err parazyd.org 70 it@@ -74,19 +83,38 @@ _hashkey() { Err parazyd.org 70 i Err parazyd.org 70 i _comparekey() { Err parazyd.org 70 i keyhash=$(_hashkey) Err parazyd.org 70 i- if [[ ( $(cat $tmptombs | grep $keyhash | grep $keyuuid) ) ]]; then Err parazyd.org 70 i+ if [[ ( $(cat $tombs | grep $keyhash | grep $keyuuid) ) ]]; then Err parazyd.org 70 i happenz=close Err parazyd.org 70 i else Err parazyd.org 70 i happenz=open Err parazyd.org 70 i fi Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 i+_hooks() { Err parazyd.org 70 i+ for entry in $(cat $hooks); do Err parazyd.org 70 i+ let hook=$hook+1 Err parazyd.org 70 i+ _msg info "Found hook $hook..." Err parazyd.org 70 i+ Err parazyd.org 70 i+ # Check what's hook supposed to do Err parazyd.org 70 i+ if [[ $(echo $entry | awk -F: '{print $1}') == "create" ]]; then Err parazyd.org 70 i+ _create_new_tomb Err parazyd.org 70 i+ elif [[ $(echo $entry | awk -F: '{print $1}') == "delete" ]]; then Err parazyd.org 70 i+ #DELETE TOMB Err parazyd.org 70 i+ elif [[ $(echo $entry | awk -F: '{print $1}') == "foo" ]]; then Err parazyd.org 70 i+ # do foo Err parazyd.org 70 i+ else Err parazyd.org 70 i+ _msg error "No valid hook syntax on hook $hook" Err parazyd.org 70 i+ fi Err parazyd.org 70 i+ rm $hooks && _msg info "Removed $hooks" Err parazyd.org 70 i+ done Err parazyd.org 70 i+} Err parazyd.org 70 i+ Err parazyd.org 70 i _create_new_tomb() { Err parazyd.org 70 i _msg info "Creating new tomb!" Err parazyd.org 70 i- undertaker=$(cat $createme | awk -F: '{print $1}') Err parazyd.org 70 i- tombid=$(cat $createme | awk -F: '{print $2}') Err parazyd.org 70 i- keypass=$(cat $createme | awk -F: '{print $3}') Err parazyd.org 70 i- tombsize=$(cat $createme | awk -F: '{print $4}') Err parazyd.org 70 i+ undertaker=$(echo $entry | awk -F: '{print $2}') Err parazyd.org 70 i+ tombid=$(echo $entry | awk -F: '{print $3}') Err parazyd.org 70 i+ tombsize=$(echo $entry| awk -F: '{print $4}') Err parazyd.org 70 i+ keypass=$(echo $entry | awk -F: '{print $5}') Err parazyd.org 70 i Err parazyd.org 70 i if ! [[ ( $(id $undertaker) ) ]]; then Err parazyd.org 70 i _msg warn "No user called $undertaker found. Creating..." Err parazyd.org 70 it@@ -98,11 +126,14 @@ _create_new_tomb() { Err parazyd.org 70 i sudo -u $undertaker $tomb forge $graveyard/$tombid.key --unsafe --tomb-pwd "$keypass" Err parazyd.org 70 i sudo -u $undertaker $tomb lock $graveyard/$tombid.tomb -k $graveyard/$tombid.key \ Err parazyd.org 70 i --unsafe --tomb-pwd "$keypass" Err parazyd.org 70 i+ Err parazyd.org 70 i mv $graveyard/$tombid.key $coffindot/ && chown $undertaker:$undertaker $coffindot/$tombid.key && \ Err parazyd.org 70 i _msg info "Moved and chowned keyfile" Err parazyd.org 70 i- echo "$undertaker:$tombid:$keypass:true" >> $ttab Err parazyd.org 70 i- _msg info "Wrote to $ttab" Err parazyd.org 70 i- rm $createme && _msg info "Removed $createme" Err parazyd.org 70 i+ echo "$undertaker:${tombid}:true" >> $ttab Err parazyd.org 70 i+ keyhash=$(_hashkey) Err parazyd.org 70 i+ echo "${keyhash}:${keypass}" >> $tombpasswd Err parazyd.org 70 i+ _msg info "Wrote to $ttab and $tombpasswd" Err parazyd.org 70 i+ # rm $createme && _msg info "Removed $createme" Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 i _endgame() { Err parazyd.org 70 it@@ -120,25 +151,29 @@ _msg() { Err parazyd.org 70 i } Err parazyd.org 70 i # }}} Err parazyd.org 70 i Err parazyd.org 70 i-# Main Err parazyd.org 70 i+#--------------------------------------------------------------------------------------------------- Err parazyd.org 70 i+#------------------------------------------------------ Main --------------------------------------- Err parazyd.org 70 i+#--------------------------------------------------------------------------------------------------- Err parazyd.org 70 i Err parazyd.org 70 i if [[ $happenz == "CREATE" ]]; then Err parazyd.org 70 i _mountkey Err parazyd.org 70 i if [[ -d "$coffindot" ]]; then Err parazyd.org 70 i _msg info "$coffindot found..." Err parazyd.org 70 i Err parazyd.org 70 i- if [[ -f "$createme" ]]; then Err parazyd.org 70 i- _create_new_tomb Err parazyd.org 70 i+ if [[ -f "$hooks" ]]; then Err parazyd.org 70 i+ _hooks Err parazyd.org 70 i+ else Err parazyd.org 70 i+ _msg warn "No hooks detected" Err parazyd.org 70 i fi Err parazyd.org 70 i Err parazyd.org 70 i if ! [[ -f "$ttab" ]]; then Err parazyd.org 70 i _msg error "No ttab!" Err parazyd.org 70 i- umount $keymount; rmdir $keymount; _msg info "Unmounted and removed $keymount" Err parazyd.org 70 i+ umount $keymount && rmdir $keymount && _msg info "Unmounted and removed $keymount" Err parazyd.org 70 i else Err parazyd.org 70 i _ttabmagic Err parazyd.org 70 i fi Err parazyd.org 70 i else Err parazyd.org 70 i _msg error "No valid .coffin directory! Exiting..." Err parazyd.org 70 i- umount $keymount; rmdir $keymount; _msg info "Umounted and removed $keymount" Err parazyd.org 70 i+ umount $keymount && rmdir $keymount && _msg info "Umounted and removed $keymount" Err parazyd.org 70 i fi Err parazyd.org 70 i fi Err parazyd.org 70 .