New backup 2025-07-11 09:30:06
This commit is contained in:
Penelope Gwen
parent
bca61e5821
commit
9a863ddf8f
2 changed files with 65 additions and 0 deletions
64
default/home/Scripts/fix-swap-part.sh
Executable file
64
default/home/Scripts/fix-swap-part.sh
Executable file
|
|
@ -0,0 +1,64 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
echo "this is not yet done!"
|
||||||
|
echo "Currently it does not add swap to /etc/fstab or /etc/crypttab"
|
||||||
|
exit 1
|
||||||
|
|
||||||
|
read -p '[?] keyfile path [/etc/crypttab.d/swap_key]: ' keyfile_dest
|
||||||
|
keyfile_dest=${keyfile_dest:-/etc/crypttab.d/swap_key}
|
||||||
|
read -p '[?] swap partition name [swap_crypt]: ' part_name
|
||||||
|
part_name=${part_name:-swap_crypt}
|
||||||
|
read -p '[?] partition password: ' part_pass
|
||||||
|
while [[ -z "${part_pass}" ]]; do
|
||||||
|
printf '[!] empty password\n'
|
||||||
|
read -p '[?] partition password: ' part_pass
|
||||||
|
done
|
||||||
|
|
||||||
|
#printf '\n'
|
||||||
|
#lsblk -o NAME,SIZE,FSTYPE
|
||||||
|
lsblk -o PATH,SIZE,FSTYPE
|
||||||
|
read -p '[?] encrypted swap device:' swap_blk_dev
|
||||||
|
while [[ ! "$(file ${swap_blk_dev})" == *'block'* ]]; do
|
||||||
|
printf '[!] bad encrypted swap device\n'
|
||||||
|
read -p '[?] encrypted swap device: ' swap_blk_dev
|
||||||
|
done
|
||||||
|
|
||||||
|
printf '[!] ALL DATA AT THE SELECTED KEYFILE PATH WILL BE OVERWRITTEN\n'
|
||||||
|
printf '[!] ALL DATA ON THE SELECTED DEVICE WILL BE DELETED\n'
|
||||||
|
printf '[!] keyfile path: %s\n' "${keyfile_dest}"
|
||||||
|
printf '[!] encrypted swap device: %s\n' "${swap_blk_dev}"
|
||||||
|
printf '[!] decrypted partition name: %s\n' "${part_name}"
|
||||||
|
read -p '[?] Proceed? [y/N] ' proceed_confirm
|
||||||
|
proceed_confirm=${proceed_confirm:-n}
|
||||||
|
case "${proceed_confirm}" in
|
||||||
|
[Nn][Oo]|[Nn])
|
||||||
|
printf '[!] Exiting without making changes\n'
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
printf '[!] Here we go!\n'
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
exit
|
||||||
|
|
||||||
|
printf '[-] Writing keyfile...\n'
|
||||||
|
mkdir -p "$(dirname ${keyfile_dest})"
|
||||||
|
openssl genrsa -out "${keyfile_dest}" 4096
|
||||||
|
|
||||||
|
printf '[-] Setting keyfile permissions...\n'
|
||||||
|
chmod -v 0400 "${keyfile_dest}"
|
||||||
|
chown root:root "${keyfile_dest}"
|
||||||
|
|
||||||
|
printf '[-] Formatting encrypted swap block device...\n'
|
||||||
|
#printf '[!] When prompted, set the device\'s password\n'
|
||||||
|
printf '%s' "${part_pass}" | cryptsetup luksFormat "${swap_blk_dev}" -
|
||||||
|
|
||||||
|
printf '[-] Adding keyfile to encrypted device header\n'
|
||||||
|
#printf '[!] When prompted, set the device\'s password\n'
|
||||||
|
printf '%s' "${part_pass}" | cryptsetup luksAddKey "${swap_blk_dev}" "${keyfile_dest}" -
|
||||||
|
|
||||||
|
printf '[-] Opening encrypted partition using keyfile\n'
|
||||||
|
cryptsetup luksOpen "${swap_blk_dev}" "${part_name}" --key-file "${keyfile_dest}"
|
||||||
|
|
||||||
|
printf '[-] Creating swap inside encrypted partition\n'
|
||||||
|
mkswap "/dev/mapper/${part_name}"
|
||||||
|
|
@ -11,3 +11,4 @@ Scripts/create-podman-container-arm.sh
|
||||||
Scripts/iso_updater.sh
|
Scripts/iso_updater.sh
|
||||||
.local/bin/rdict
|
.local/bin/rdict
|
||||||
.config/fastfetch/config.jsonc
|
.config/fastfetch/config.jsonc
|
||||||
|
Scripts/fix-swap-part.sh
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue