[or-cvs] r13138: Made the persistant home volume creation process more user f (in incognito/trunk/root_overlay: etc/init.d etc/splash/livecd-2006.1/images usr/sbin)
anonym at seul.org
anonym at seul.org
Tue Jan 15 19:10:06 UTC 2008
Author: anonym
Date: 2008-01-15 14:10:06 -0500 (Tue, 15 Jan 2008)
New Revision: 13138
Modified:
incognito/trunk/root_overlay/etc/init.d/external-config-setup
incognito/trunk/root_overlay/etc/splash/livecd-2006.1/images/background-1024x768.png
incognito/trunk/root_overlay/usr/sbin/create-homevol
Log:
Made the persistant home volume creation process more user firendly. Also cleaned up the script and fixed a fatal bug which set the password for the nomal volume to an error message instead of the user's password.
Fixed a bug which made the password prompt invisible just after creating a persistent volume.
Updated splash background to reflet Tor's new home page.
Modified: incognito/trunk/root_overlay/etc/init.d/external-config-setup
===================================================================
--- incognito/trunk/root_overlay/etc/init.d/external-config-setup 2008-01-15 05:57:55 UTC (rev 13137)
+++ incognito/trunk/root_overlay/etc/init.d/external-config-setup 2008-01-15 19:10:06 UTC (rev 13138)
@@ -78,6 +78,7 @@
if [[ -w "${HOMEPART_TC}" ]]; then
ebegin "Mounting TrueCrypt /home"
+ clear
splash_verbose
QUESTION_PASSWORD="Please enter the password for the home volume."
QUESTION_ERROR="An error occurred opening the volume, see above, hit ENTER to try again"
Modified: incognito/trunk/root_overlay/etc/splash/livecd-2006.1/images/background-1024x768.png
===================================================================
(Binary files differ)
Modified: incognito/trunk/root_overlay/usr/sbin/create-homevol
===================================================================
--- incognito/trunk/root_overlay/usr/sbin/create-homevol 2008-01-15 05:57:55 UTC (rev 13137)
+++ incognito/trunk/root_overlay/usr/sbin/create-homevol 2008-01-15 19:10:06 UTC (rev 13138)
@@ -9,14 +9,23 @@
[[ -n "${HOMEPART_TC}" ]] || HOMEPART_TC="${MEDIAROOT}/home.tc"
[[ -n "${MEDIAFREE}" ]] || exit 1
-RANDOM_SOURCE=""
-#RANDOM_SOURCE="--random-source /dev/random"
TITLE="Create Persistent Home Volume"
BACKTITLE="__INCOGNITO__"
+MIN_SIZE=20
+MAX_SIZE=$(( ${MEDIAFREE} / 1024 ))
QUESTION_HOME_PART="Would you like to create a persistent home volume that will keep your data over __INCOGNITO__ sessions?"
-QUESTION_SIZE="Enter the size in megabytes for the volume."
+QUESTION_SIZE="Enter the size in megabytes for the volume. For various reasons, ${MIN_SIZE} MB is the smallest we allow. There will be a recommended value in the input field which work for most users. The recommended value will utilize most space but save a little so future upgrades of Incognito will fit."
+QUESTION_HIDDEN_SIZE="How much of the normal volume's capacity would you like the hidden volume to consist of? As the hidden volume is the one you should use, try to put as much as possible there, but no too much as that will make your normal volume too small and not work well. The recommended value which already is entered in the field should be optimal for most users."
QUESTION_ENCRYPTION="Would you like to encrypt the volume using TrueCrypt?"
-QUESTION_PASSWORDS="Please enter the passwords for the normal TrueCrypt volume and the hidden TrueCrypt volume. The passwords must be different. The hidden volume password is the one you will use when booting __INCOGNITO__ from now on. The other password you may give away when under pressure as your real data is not stored there. If you do not want a hidden volume, leave the password empty."
+QUESTION_PASSWORDS="Please enter the passwords for the normal TrueCrypt volume and the hidden TrueCrypt volume.
+
+If you want to use a hidden volume you must enter two differen passwords, one normal volume password and one hidden volume password in their respective input fields. The hidden volume password is the one you should use personally when starting __INCOGNITO__ which will give you access to the hidden volume. The other password you may give away to the authorities when under pressure as that will give them access to the normal volume and provide you with plausible deniability. Without the hidden volume password it is impossible to prove the existence of the hidden volume, so never give it away. This can save you if you live in a country where there
+
+If you only want to encrypt your data and not use a hidden volume, leave the hidden volume password blank. In that case, since you only have the normal password you should always use it.
+
+Use the Up and Down arrow keys to move between input fields. Press Enter/Return when finished.
+
+REMEMBER TO USE STRONG PASSWORDS!"
LABEL_PASSWORD_NORMAL="Normal"
LABEL_PASSWORD_HIDDEN="Hidden"
MESSAGE_CREATING_TRUECRYPT_NORMAL="Creating TrueCrypt normal volume..."
@@ -27,16 +36,23 @@
# Ask for home volume
dialog --ascii-lines --title "${TITLE}" --backtitle "${BACKTITLE}" --yesno "${QUESTION_HOME_PART}" ${DIM} || exit 0
+# Check if minimum required amount of space is available
+if [[ ${MAX_SIZE} -lt ${MIN_SIZE} ]]; then
+ echo "Sorry, but you do not have enough space left on the media."
+ exit 1
+fi
+
# Ask for size
declare -i SIZE
SIZE=0
-while [[ $(( ${SIZE} * 1024 )) -lt 24576 || $(( ${SIZE} * 1024 )) -gt ${MEDIAFREE} ]]; do
- # Recommend half of free space
- SIZE=$(( ${MEDIAFREE} / 2048 ))
- [[ ${SIZE} -lt 24 ]] && SIZE=24
- dialog --ascii-lines --title "${TITLE}" --backtitle "${BACKTITLE}" --inputbox "${QUESTION_SIZE} (24-$(( ${MEDIAFREE} / 1024 )))" ${DIM} "${SIZE}" 2>/tmp/dialog
+while [[ ${SIZE} -lt ${MIN_SIZE} || ${SIZE} -gt ${MAX_SIZE} ]]; do
+ # Recommend all space except 50 MB, left for future upgrades. If there's not enough for that, maximize.
+ SIZE=$(( ${MAX_SIZE} - 50 ))
+ [[ ${SIZE} -lt ${MIN_SIZE} ]] && SIZE=${MAX_SIZE}
+
+ dialog --ascii-lines --title "${TITLE}" --backtitle "${BACKTITLE}" --inputbox "${QUESTION_SIZE} (Possible values: ${MIN_SIZE} MB to ${MAX_SIZE} MB)" ${DIM} "${SIZE}" 2>/tmp/dialog
[[ $? -eq 0 ]] || exit 0
- SIZE=$(</tmp/dialog)
+ SIZE="$( tail -n 1 /tmp/dialog )"
rm /tmp/dialog
done
@@ -53,8 +69,8 @@
rm /tmp/dialog
exit 1
fi
- NORMAL_PW="$(head -n 1 /tmp/dialog)"
- HIDDEN_PW="$(tail -n 1 /tmp/dialog)"
+ NORMAL_PW="$( tail -n 2 /tmp/dialog | head -n 1 )"
+ HIDDEN_PW="$( tail -n 1 /tmp/dialog )"
rm /tmp/dialog
done
@@ -67,7 +83,7 @@
echo
echo "*** ${MESSAGE_CREATING_TRUECRYPT_NORMAL}"
echo
- truecrypt --hash RIPEMD-160 --encryption AES --filesystem ext3 --password "${NORMAL_PW}" ${RANDOM_SOURCE} --size ${SIZE}M --type normal --keyfile "" -c "${HOMEPART_TC}"
+ truecrypt --hash RIPEMD-160 --encryption AES --filesystem ext3 --password "${NORMAL_PW}" --size ${SIZE}M --type normal --keyfile "" -c "${HOMEPART_TC}"
# | dialog --ascii-lines --title "${TITLE}" --backtitle "${BACKTITLE}" --progressbox "${MESSAGE_CREATING_TRUECRYPT_NORMAL}" 30 70
[[ -e "${HOMEPART_TC}" ]] || exit 1
truecrypt -N 1 --password "${NORMAL_PW}" "${HOMEPART_TC}"
@@ -80,16 +96,30 @@
mount -t ext3 /dev/mapper/truecrypt1 /tmp/home
rm -rf /tmp/home/*
cp -a /home/* /tmp/home
- USED=$(( $(du -sk /tmp/home | awk '{print $1}') / 1024 ))
+ USED=$(( $(du -sk /tmp/home | awk '{print $1}') / 1024 + 1))
umount /tmp/home
rmdir /tmp/home
truecrypt -d /dev/mapper/truecrypt1
if [[ -n "${HIDDEN_PW}" ]]; then
+ MIN_HIDDEN_SIZE=$(( ${USED} + 1 ))
+ MAX_HIDDEN_SIZE=$(( ${SIZE} - ${USED} ))
+ HIDDEN_SIZE=-1
+ while [[ ${HIDDEN_SIZE} -gt ${MAX_HIDDEN_SIZE} || ${HIDDEN_SIZE} -lt ${MIN_HIDDEN_SIZE} ]]; do
+ # recommend all size of normal volume execpt what it already occupies plus 7 MB so the normal volume behaves better
+ HIDDEN_SIZE="$(( ${MAX_HIDDEN_SIZE} - 7 ))"
+ [[ ${HIDDEN_SIZE} -lt 0 ]] && HIDDEN_SIZE="$(( ${SIZE} - ${USED} ))"
+
+ dialog --ascii-lines --title "${TITLE}" --backtitle "${BACKTITLE}" --inputbox "${QUESTION_HIDDEN_SIZE} (Possible values: ${MIN_HIDDEN_SIZE} MB to ${MAX_HIDDEN_SIZE} MB)" ${DIM} "${HIDDEN_SIZE}" 2>/tmp/dialog
+ [[ $? -eq 0 ]] || exit 0
+ HIDDEN_SIZE="$( tail -n 1 /tmp/dialog )"
+ rm /tmp/dialog
+ done
+
echo
echo "*** ${MESSAGE_CREATING_TRUECRYPT_HIDDEN}"
echo
- truecrypt --hash RIPEMD-160 --encryption AES --filesystem ext3 --password "${HIDDEN_PW}" ${RANDOM_SOURCE} --size $(( ${SIZE} - ${USED} - 1 ))M --type hidden --keyfile "" -c "${HOMEPART_TC}"
+ truecrypt --hash RIPEMD-160 --encryption AES --filesystem ext3 --password "${HIDDEN_PW}" --size ${HIDDEN_SIZE}M --type hidden --keyfile "" -c "${HOMEPART_TC}"
#| dialog --ascii-lines --title "${TITLE}" --backtitle "${BACKTITLE}" --progressbox "${MESSAGE_CREATING_TRUECRYPT_HIDDEN}" 30 70
truecrypt -N 1 --password "${HIDDEN_PW}" "${HOMEPART_TC}"
if [[ $? -ne 0 ]]; then
More information about the tor-commits
mailing list