diff options
| author | Manuel Conzelmann | 2018-01-26 11:24:33 +0100 |
|---|---|---|
| committer | Manuel Conzelmann | 2018-01-26 12:53:55 +0100 |
| commit | 5e73321b2d48d62624b980d4675d121e0e7d53de (patch) | |
| tree | 939f73e6dd04cc3e921592059f006a2e61e27ed2 | |
| download | aur-5e73321b2d48d62624b980d4675d121e0e7d53de.tar.gz | |
initial commit
| -rw-r--r-- | .SRCINFO | 27 | ||||
| -rw-r--r-- | .gitignore | 3 | ||||
| -rw-r--r-- | PKGBUILD | 21 | ||||
| -rw-r--r-- | dongle-unlock.install | 14 | ||||
| -rw-r--r-- | manolo.luksopenwithkey.service | 20 | ||||
| -rw-r--r-- | manolo.luksopenwithoutkey.service | 20 | ||||
| -rw-r--r-- | mnt-daten.mount | 15 | ||||
| -rw-r--r-- | mnt-dongle.mount | 17 |
8 files changed, 137 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..5c9993fd67ee --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,27 @@ +pkgbase = dongle-unlock + pkgdesc = Automatically unlock encrypted devices with a thumbdrive-dongle or enter a passphrase to unlock them during boot with systemd. Conflicts probably with entries in /etc/crypttab + pkgver = 1 + pkgrel = 1 + install = dongle-unlock.install + arch = any + license = GPL + depends = cryptsetup + depends = systemd + backup = manolo.luksopenwithkey.service + backup = manolo.luksopenwithoutkey.service + backup = manolo.luksopenwithkey.service + backup = mnt-daten.mount + backup = mnt-dongle.mount + source = dongle-unlock.install + source = manolo.luksopenwithkey.service + source = manolo.luksopenwithoutkey.service + source = mnt-daten.mount + source = mnt-dongle.mount + sha256sums = 28f945e0d986f9b5d3e3ba1485d3481c7f2f2ed1e775b67b3e20b501d7212cb0 + sha256sums = 0df9ae0585ceb6174a8e1a7a4cc0fd1523d9127591689c49f89635c3d15e7374 + sha256sums = fabc2b2a3624b9c30384ee709f03379bbbbff99a07ad166a077eadac20a750cc + sha256sums = e339d777ca20a3e8660573da4eed6d0b96b0305d96a9e419c56443f9441fb393 + sha256sums = 3f90778a0eb8eb30226f11fba81c11f66b6c1164294c538a25e12b4a65a28624 + +pkgname = dongle-unlock + diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000000..239620f4c819 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.pkg.tar.xz +pkg/* +src/* diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..d43f719dad4a --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,21 @@ +# Maintainer: Manuel Conzelmann <manuel.conzelmann at hs-furtwangen dot de> +pkgname=dongle-unlock +pkgver=1 +pkgrel=1 +pkgdesc="Automatically unlock encrypted devices with a thumbdrive-dongle or enter a passphrase to unlock them during boot with systemd. Conflicts probably with entries in /etc/crypttab" +arch=('any') +license=('GPL') +url= +install=dongle-unlock.install +license=('GPL') +depends=('cryptsetup' 'systemd') +source=('dongle-unlock.install' 'manolo.luksopenwithkey.service' 'manolo.luksopenwithoutkey.service' 'mnt-daten.mount' 'mnt-dongle.mount') +sha256sums=('28f945e0d986f9b5d3e3ba1485d3481c7f2f2ed1e775b67b3e20b501d7212cb0' '0df9ae0585ceb6174a8e1a7a4cc0fd1523d9127591689c49f89635c3d15e7374' 'fabc2b2a3624b9c30384ee709f03379bbbbff99a07ad166a077eadac20a750cc' 'e339d777ca20a3e8660573da4eed6d0b96b0305d96a9e419c56443f9441fb393' '3f90778a0eb8eb30226f11fba81c11f66b6c1164294c538a25e12b4a65a28624') +backup=('manolo.luksopenwithkey.service' 'manolo.luksopenwithoutkey.service' 'manolo.luksopenwithkey.service' 'mnt-daten.mount' 'mnt-dongle.mount') + +package() { + install -D -m644 $srcdir/manolo.luksopenwithkey.service $pkgdir/etc/systemd/system/manolo.luksopenwithkey.service || return 1 + install -D -m644 $srcdir/manolo.luksopenwithoutkey.service $pkgdir/etc/systemd/system/manolo.luksopenwithoutkey.service || return 1 + install -D -m644 $srcdir/mnt-dongle.mount $pkgdir/etc/systemd/system/mnt-dongle.mount || return 1 + install -D -m644 $srcdir/mnt-dongle.mount $pkgdir/etc/systemd/system/mnt-daten.mount || return 1 +} diff --git a/dongle-unlock.install b/dongle-unlock.install new file mode 100644 index 000000000000..143993da6b51 --- /dev/null +++ b/dongle-unlock.install @@ -0,0 +1,14 @@ +post_install() { + echo "===> you need to enable /etc/systemd/system/manolo.luksopenwithkey.service and /etc/systemd/system/manolo.luksopenwithoutkey.service with systemctl" + echo "===> you need to configure /etc/systemd/system/mnt-dongle.mount and /etc/systemd/system/mnt-daten.mount:" + echo "===> mnt-dongle.mount uses the filesystem uuid of the thumbdrive and mnt-daten.mount opens the specified device with a keyfile in the mounted path (etc/fstab) (add more ExecStart lines for more devices)" + echo "===> the naming of mnt-dongle.mount and mnt-daten.mount depends on the mountpoints in /etc/fstab. rename the *.mount-files as needed" + echo "===> comment lines in /etc/crypttab which would access the same devices to avoid conflicts with cryptsetup@DEVICE.service (device is busy failure)" +} +post_upgrade() { + post_install +} +post_remove() { + echo "===> remove unneeded symlinks of services, optional: uncomment lines in /etc/crypttab" +} + diff --git a/manolo.luksopenwithkey.service b/manolo.luksopenwithkey.service new file mode 100644 index 000000000000..3467ba98a8fc --- /dev/null +++ b/manolo.luksopenwithkey.service @@ -0,0 +1,20 @@ +# selbst erstellt 20.1.18 + +[Unit] +Description=Unlock Encrypted Device With Keyfile for MD RAID 1 +Conflicts=umount.target +DefaultDependencies=no +BindsTo=dev-mapper-%i.device +After=dev-md1.device mnt-dongle.mount +Requires=dev-md1.device +Before=mnt-daten.mount +ConditionPathExists=/mnt/dongle/.Thumb0.db + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart=/usr/lib/systemd/systemd-cryptsetup attach 'storage' '/dev/md1' '/mnt/dongle/.Thumb0.db' 'luks'; +#ExecStop=/usr/bin/systemctl stop --no-block mnt-dongle.mount + +[Install] +WantedBy=basic.target diff --git a/manolo.luksopenwithoutkey.service b/manolo.luksopenwithoutkey.service new file mode 100644 index 000000000000..69791634c2e3 --- /dev/null +++ b/manolo.luksopenwithoutkey.service @@ -0,0 +1,20 @@ +# selbst erstellt 20.1.18 + +[Unit] +Description=Unlock Encrypted Device for MD RAID 1 +Conflicts=umount.target +DefaultDependencies=no +BindsTo=dev-mapper-%i.device +Before=mnt-daten.mount +After=dev-md1.device mdmonitor.service +Requires=dev-md1.device mdmonitor.service +ConditionPathExists=!/dev/disk/by-uuid/BA19-64EE + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart=/usr/lib/systemd/systemd-cryptsetup attach 'storage' '/dev/md1' 'none' 'luks'; +#ExecStop=/usr/bin/systemctl stop --no-block mnt-dongle.mount + +[Install] +WantedBy=basic.target diff --git a/mnt-daten.mount b/mnt-daten.mount new file mode 100644 index 000000000000..8f16cb1ac188 --- /dev/null +++ b/mnt-daten.mount @@ -0,0 +1,15 @@ +# selbst erstellt 20.01.18 + +[Unit] +ConditionPathExists=/dev/disk/by-label/daten +After=systemd-cryptsetup@md1.service manolo.luksopenwithoutkey.service + +[Mount] +Where=/mnt/daten +What=/dev/disk/by-label/daten +Type=ext4 +Options=defaults,usrjquota=aquota.user,jqfmt=vfsv1 + +#[Install] +#WantedBy=basic.target + diff --git a/mnt-dongle.mount b/mnt-dongle.mount new file mode 100644 index 000000000000..3abef85212e1 --- /dev/null +++ b/mnt-dongle.mount @@ -0,0 +1,17 @@ +# selbst erstellt 20.01.18 + +[Unit] +After=dev-md1.device +ConditionPathExists=/dev/disk/by-uuid/BA19-64EE +BindsTo=manolo.luksopenwithkey.service +#Before=systemd-cryptsetup@md1.service + +[Mount] +Where=/mnt/dongle +What=/dev/disk/by-label/DONGLE04 +Type=vfat +Options=defaults + +#[Install] +#WantedBy=manolo.luksopenwithkey.service manolo.luksopenwithoutkey.service +#WantedBy=basic.target |