From 30392a023abe292152d32928fa4fbcfb19555ee8 Mon Sep 17 00:00:00 2001 From: Narrat Date: Mon, 18 Aug 2025 14:18:15 +0200 Subject: [PATCH 1/3] is_valid_tomb: use isLuks instead of string matching can theoretically be problematic, if the file output changes in whatever way --- tomb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tomb b/tomb index baf1be65..364d57d6 100755 --- a/tomb +++ b/tomb @@ -600,7 +600,7 @@ is_valid_tomb() { } # Tomb file may be a LUKS FS (or we are creating it) - [[ "`file $1`" =~ "luks encrypted file" ]] || { + cryptsetup isLuks "$1" || { _message "File is not yet a tomb: ::1 tomb file::" $1 } # We set global variables From b6808f2324818b70a131fced70b5cfdd34eacf54 Mon Sep 17 00:00:00 2001 From: Narrat Date: Mon, 18 Aug 2025 15:39:06 +0200 Subject: [PATCH 2/3] isLuks doesn't need root rights --- tomb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tomb b/tomb index 364d57d6..2b63f6cf 100755 --- a/tomb +++ b/tomb @@ -2103,7 +2103,7 @@ lock_tomb_with_key() { lo_check "$TOMBPATH" _message "Checking if the tomb is empty (we never step on somebody else's bones)." - _sudo cryptsetup isLuks ${TOMBPATH} + cryptsetup isLuks ${TOMBPATH} if [ $? = 0 ]; then # is it a LUKS encrypted nest? then bail out and avoid reformatting it _warning "The tomb was already locked with another key." @@ -2193,7 +2193,7 @@ change_tomb_key() { is_valid_tomb $tombpath lo_check "$TOMBPATH" - _sudo cryptsetup isLuks ${TOMBPATH} + cryptsetup isLuks ${TOMBPATH} # is it a LUKS encrypted nest? we check one more time [[ $? == 0 ]] || { _failure "Not a valid LUKS encrypted volume: ::1 volume::" $TOMBPATH } @@ -2318,7 +2318,7 @@ mount_tomb() { lo_check "$TOMBPATH" - _sudo cryptsetup isLuks ${TOMBPATH} || { + cryptsetup isLuks ${TOMBPATH} || { # is it a LUKS encrypted nest? see cryptsetup(1) _failure "::1 tomb file:: is not a valid Luks encrypted storage file." $TOMBFILE } From aeb47884fded9e9e62c4a196c67c973e666f4b65 Mon Sep 17 00:00:00 2001 From: Narrat Date: Mon, 18 Aug 2025 16:30:19 +0200 Subject: [PATCH 3/3] is_valid_tomb: introduce return value if not valid this allows to reduce the number of calls to "cryptsetup isLuks". This is already part of is_valid_tomb but wasn't really utilized. Instead shortly after a call of is_valid_tomb() an explicit call to "cryptsetup isLuks" was done. --- tomb | 83 ++++++++++++++++++++++++++++-------------------------------- 1 file changed, 38 insertions(+), 45 deletions(-) diff --git a/tomb b/tomb index 2b63f6cf..75e90074 100755 --- a/tomb +++ b/tomb @@ -575,22 +575,31 @@ is_valid_tomb() { # First argument must be the path to a tomb [[ ! -z $1 ]] || _failure "Tomb file is missing from arguments." + # We set global variables + typeset -g TOMBPATH TOMBDIR TOMBFILE TOMBNAME TOMBMAPPER + + TOMBPATH="$1" + + TOMBDIR=$(dirname $TOMBPATH) + + TOMBFILE=$(basename $TOMBPATH) + local _fail=0 # Tomb file must be a readable, writable, non-empty regular file. # If passed the "ro" mount option, the writable check is skipped. while true; do option_value_contains -o ro || { - [[ ! -w "$1" ]] && { - _warning "Tomb file is not writable: ::1 tomb file::" $1 + [[ ! -w "$TOMBPATH" ]] && { + _warning "Tomb file is not writable: ::1 tomb file::" $TOMBPATH _fail=1; break; } } _verbose "tomb file is readable" - [[ ! -f "$1" ]] && { - _warning "Tomb file is not a regular file: ::1 tomb file::" $1 + [[ ! -f "$TOMBPATH" ]] && { + _warning "Tomb file is not a regular file: ::1 tomb file::" $TOMBPATH _fail=1; break; } _verbose "tomb file is a regular file" - [[ ! -s "$1" ]] && { - _warning "Tomb file is empty (zero length): ::1 tomb file::" $1 + [[ ! -s "$TOMBPATH" ]] && { + _warning "Tomb file is empty (zero length): ::1 tomb file::" $TOMBPATH _fail=1; break; } _verbose "tomb file is not empty" break; @@ -599,19 +608,6 @@ is_valid_tomb() { _failure "Tomb command failed: ::1 command name::" $subcommand } - # Tomb file may be a LUKS FS (or we are creating it) - cryptsetup isLuks "$1" || { - _message "File is not yet a tomb: ::1 tomb file::" $1 } - - # We set global variables - typeset -g TOMBPATH TOMBDIR TOMBFILE TOMBNAME TOMBMAPPER - - TOMBPATH="$1" - - TOMBDIR=$(dirname $TOMBPATH) - - TOMBFILE=$(basename $TOMBPATH) - # The tomb name is TOMBFILE without an extension and underscores instead of spaces (for mount and cryptsetup) # It can start with dots: ..foo bar baz.tomb -> ..foo_bar_baz TOMBNAME=${${TOMBFILE// /_}%.*} @@ -638,6 +634,12 @@ is_valid_tomb() { _verbose "tomb file is not currently in use" + # Confirm if the Tomb file is a LUKS device + cryptsetup isLuks "$TOMBPATH" || { + _message "File is not a tomb: ::1 tomb file::" $TOMBPATH + return 1 + } + _message "Valid tomb file found: ::1 tomb path::" $TOMBPATH return 0 } @@ -2063,8 +2065,16 @@ lock_tomb_with_key() { return 1 } - + _message "Checking if the tomb is empty (we never step on somebody else's bones)." is_valid_tomb $tombpath + if [ $? = 0 ]; then + # is it a LUKS encrypted nest? then bail out and avoid reformatting it + _warning "The tomb was already locked with another key." + _failure "Operation aborted. I cannot lock an already locked tomb. Go dig a new one." + else + _message "Fine, this tomb seems empty." + fi + lo_check "$TOMBPATH" _message "Commanded to lock tomb ::1 tomb file::" $TOMBFILE @@ -2100,18 +2110,6 @@ lock_tomb_with_key() { _success "Selected filesystem type ::1 filesystem::" $filesystem } - lo_check "$TOMBPATH" - - _message "Checking if the tomb is empty (we never step on somebody else's bones)." - cryptsetup isLuks ${TOMBPATH} - if [ $? = 0 ]; then - # is it a LUKS encrypted nest? then bail out and avoid reformatting it - _warning "The tomb was already locked with another key." - _failure "Operation aborted. I cannot lock an already locked tomb. Go dig a new one." - else - _message "Fine, this tomb seems empty." - fi - _load_key # Try loading key from option -k and set TOMBKEYFILE # the encryption cipher for a tomb can be set when locking using -c @@ -2191,12 +2189,9 @@ change_tomb_key() { _check_swap - is_valid_tomb $tombpath - lo_check "$TOMBPATH" - cryptsetup isLuks ${TOMBPATH} - # is it a LUKS encrypted nest? we check one more time - [[ $? == 0 ]] || { + is_valid_tomb $tombpath || { _failure "Not a valid LUKS encrypted volume: ::1 volume::" $TOMBPATH } + lo_check "$TOMBPATH" _load_key $tombkey # Try loading given key and set TOMBKEY @@ -2288,7 +2283,10 @@ mount_tomb() { _check_swap - is_valid_tomb $1 + is_valid_tomb $1 || { + # is it a LUKS encrypted nest? see cryptsetup(1) + _failure "::1 tomb file:: is not a valid Luks encrypted storage file." $TOMBFILE } + lo_check "$TOMBPATH" _track_stat "$TOMBPATH" @@ -2316,12 +2314,6 @@ mount_tomb() { _failure "Mountpoint already in use: ::1 mount point::" "$tombmount" done - - lo_check "$TOMBPATH" - cryptsetup isLuks ${TOMBPATH} || { - # is it a LUKS encrypted nest? see cryptsetup(1) - _failure "::1 tomb file:: is not a valid Luks encrypted storage file." $TOMBFILE } - _message "This tomb is a valid LUKS encrypted device." local luksdump="`_sudo cryptsetup luksDump ${TOMBPATH}`" @@ -2835,7 +2827,8 @@ resize_tomb() { [[ -z "$newtombsize" ]] && { _failure "Aborting operations: new size was not specified, use -s" } - is_valid_tomb $tombpath + is_valid_tomb $tombpath || { + _failure "::1 tomb file:: is not a valid Luks encrypted storage file." $TOMBFILE } _load_key # Try loading new key from option -k and set TOMBKEYFILE