132 lines
2.8 KiB
Bash
Executable File
132 lines
2.8 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# This script is indended to decrypt, mount and chroot in a LUKS+EFI+LVM USB
|
|
|
|
if [[ $UID != 0 ]]; then
|
|
printf "You need root permissions to use this script!\n"
|
|
exit 1
|
|
fi
|
|
|
|
usage()
|
|
{
|
|
echo -e "\nUsage: $(basename "$0") [options] [luks_device]\n\n" \
|
|
"Options:\n" \
|
|
"\t-m, --mount Mount the LUKS device (Default)\n" \
|
|
"\t-u, --umount Unmount the LUKS device\n" \
|
|
"\t-n, --nochroot Don't run arch-chroot\n" \
|
|
"\t-c, --chroot Run arch-chroot (Default)\n" \
|
|
"\t-h, --help Display this message\n"
|
|
}
|
|
|
|
# Mute lvm utilities
|
|
export LVM_SUPPRESS_FD_WARNINGS=true
|
|
|
|
# Some sane defaults
|
|
ACTION=mount
|
|
RUN_CHROOT=true
|
|
USB_LUKS_PART=
|
|
|
|
# Call getopt to validate the provided input.
|
|
if ! options=$(getopt -o chmnu -l chroot,nochroot,mount,umount,help -- "$@"); then
|
|
usage
|
|
exit 1
|
|
fi
|
|
eval set -- "$options"
|
|
while true; do
|
|
case "$1" in
|
|
(-m|--mount) ACTION=mount ;;
|
|
(-u|--umount) ACTION=umount ;;
|
|
(-n|--nochroot) RUN_CHROOT=false ;;
|
|
(-c|--chroot) RUN_CHROOT=true ;;
|
|
(-h|--help) usage; exit 1;;
|
|
(--) shift; break;;
|
|
(*) usage; break;;
|
|
esac
|
|
shift
|
|
done
|
|
if [ "$#" -gt 1 ]; then
|
|
echo "error: Only 1 device argument possible! Got $#: $*"
|
|
usage
|
|
exit 1
|
|
fi
|
|
|
|
if [ "$1" ]; then
|
|
USB_LUKS_PART="$1"
|
|
fi
|
|
|
|
get_archy_usb_dev_path()
|
|
{
|
|
declare -A dev_map='([by-id]="usb-ADATA*part3" [by-uuid]="bbd2dd10-4209-4879-a1e2-5ee1eff8ff5c")'
|
|
for key in "${!dev_map[@]}"; do
|
|
dev_path=$(find -L "/dev/disk/${key}" -name "${dev_map[$key]}")
|
|
if [ -n "$dev_path" ]; then
|
|
echo "${dev_path}"
|
|
break
|
|
fi
|
|
done
|
|
}
|
|
|
|
get_usb_efi_part()
|
|
{
|
|
echo "/dev/$(lsblk -ndo pkname "$1")2"
|
|
}
|
|
|
|
get_usb_root_part()
|
|
{
|
|
lsblk -no path "$1" | grep root
|
|
}
|
|
|
|
usb_mount()
|
|
{
|
|
cryptsetup open "${USB_LUKS_PART}" adatausb || exit $?
|
|
vgchange -a y > /dev/null || exit $?
|
|
|
|
usb_dev_root=$(get_usb_root_part "${USB_LUKS_PART}")
|
|
|
|
echo -e "Mounting /\t${usb_dev_root}"
|
|
mount "${usb_dev_root}" /mnt/usb
|
|
exit_code=$?
|
|
if [ $exit_code -ne 0 ]; then
|
|
cryptsetup close "${USB_LUKS_PART}"
|
|
exit $exit_code
|
|
fi
|
|
|
|
echo -e "Mounting /efi\t${USB_DEV_EFI}"
|
|
mount "${USB_DEV_EFI}" /mnt/usb/efi
|
|
exit_code=$?
|
|
if [ $exit_code -ne 0 ]; then
|
|
umount /mnt/usb
|
|
cryptsetup close "${USB_LUKS_PART}"
|
|
exit $exit_code
|
|
fi
|
|
if [ $RUN_CHROOT == true ]; then
|
|
arch-chroot /mnt/usb
|
|
fi
|
|
}
|
|
|
|
usb_umount()
|
|
{
|
|
usb_dev_root=$(get_usb_root_part "${USB_LUKS_PART}")
|
|
umount "${USB_DEV_EFI}" "${usb_dev_root}" # || exit $?
|
|
vgchange -a n --quiet adata > /dev/null # || exit $?
|
|
cryptsetup close adatausb
|
|
}
|
|
|
|
# Auto-detect, in case we don't provide a device
|
|
if [ -z "${USB_LUKS_PART}" ]; then
|
|
USB_LUKS_PART=$(get_archy_usb_dev_path)
|
|
if [ -z "${USB_LUKS_PART}" ]; then
|
|
printf "Device not found!\nUse %s </dev/path/to/LUKS_device>\n" "$0"
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
USB_DEV_EFI=$(get_usb_efi_part "${USB_LUKS_PART}")
|
|
if [ -n "${usb_def_efi}" ]; then
|
|
echo "EFI device not found!"
|
|
exit 1
|
|
fi
|
|
|
|
usb_$ACTION
|
|
|