|JP Vossen on 9 Jan 2011 12:51:22 -0800|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|Re: [PLUG] Linux n00b question|
Date: Sun, 9 Jan 2011 14:09:59 -0500 From: "K.S. Bhaskar"<firstname.lastname@example.org> Subject: Re: [PLUG] Linux n00b question
I always set up a system with two alternate root partitions.
Yeah, I usually do that using RAID1, but on a laptop with 1 drive this is better (since it'll actually work). John K just suggested that too. Nice.
I always set up an encrypted /home.? But I configure my PC so that I can login without /home mounted. When I cross an international border with my laptop, I always cross it with the laptop powered down. Then if I am asked to boot it, I boot it, and can login - but it will be an innocuous /home, not my real /home (not that I have ever been asked to boot my laptop - just a sensible precaution, IMHO). To mount the encrypted /home, I login as root and run a shell script:
Neat idea. I have to think about that. If you do not have /home/ as a separate partition, you could also just do a loopback mount of some other (encrypted) FS on top of /home/... Hummm...
#!/bin/bash # # Get password and mount /home # umount /home>&/tmp/umounthome_$$_`date +%Y%m%d%H%M%S`.log cryptsetup remove sda2-aes>&/tmp/cryptsetupremove_$$_`date +%Y%m%d%H%M%S`.log cryptsetup -c aes -s 256 create sda2-aes /dev/sda2 2>/tmp/cryptsetup_$$_`date +%Y%m%d%H%M%S`.log fsck -a -t jfs /dev/mapper/sda2-aes | tee /tmp/fsck_$$_`date +%Y%m%d%H%M%S`.log mount -o relatime /dev/mapper/sda2-aes /home>&/tmp/mount_$$_`date +%Y%m%d%H%M%S`.log swapon /home/swap
Oh, you're killing me!!! Personal pet peeve: running external programs (like date) during every line of your script unnecessarily. Yes, for this script it doesn't matter; it's still a bad habit. :-)
More efficient (alignment is more personal preference): LOG_FILE="/tmp/umounthome_$$_`date +%Y%m%d%H%M%S`.log" FSCK_LOG_FILE="/tmp/fsck_$$_`date +%Y%m%d%H%M%S`.log" umount /home >& $LOG_FILE cryptsetup remove sda2-aes >& $LOG_FILE cryptsetup -c aes -s 256 create sda2-aes /dev/sda2 2> $LOG_FILE fsck -a -t jfs /dev/mapper/sda2-aes | tee $FSCK_LOG_FILE mount -o relatime /dev/mapper/sda2-aes /home >& $LOG_FILE swapon /home/swapFYI, bash 4.2 will introduce new printf arguments to just "printf" the date. It's always bugged me that the shell knows what time it is (e.g. the prompt \D argument) but you need to use an external program to display it in a script. As of bash 4.2 you don't anymore. I suggested that to Chet a while ago, but to be fair other shells have also implemented it (*cough* Paul, zsh, I think *cough* :), so I'm not sure what prompted him to add it to bash.
Later, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| http://bashcookbook.com/ My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- "Microsoft Tax" = the additional hardware & yearly fees for the add-on software required to protect Windows from its own poorly designed and implemented self, while the overhead incidentally flattens Moore's Law. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug