-
Notifications
You must be signed in to change notification settings - Fork 254
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
86 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,86 @@ | ||
| #!/bin/sh | ||
|
|
||
| # This script mounts an gocryptfs filesystem, starts a shell in the mounted | ||
| # directory, and then unmounts the filesystem when the shell exits. This is an | ||
| # equivalent of the encfssh script by by David Rosenstrauch. | ||
|
|
||
| canonicalize() { | ||
| cd "$1" || return | ||
| pwd | ||
| } | ||
|
|
||
|
|
||
| case $1 in "" | -h | --help) | ||
| echo "Usage: gocryptfssh encrypted_directory [unencrypted-directory [-p]]" | ||
| echo " -p mount the unencrypted directory as public" | ||
| exit 1 | ||
| ;; | ||
| esac | ||
|
|
||
| enc_dir=$1 | ||
| unenc_dir_given=false | ||
| mount_public=false | ||
| if [ ! -z "$2" ]; then | ||
| unenc_dir_given=true | ||
| unenc_dir=$2 | ||
| for arg in "$@" ; do | ||
| if [ "$arg" = "-p" ]; then | ||
| mount_public=true | ||
| fi | ||
| done | ||
| [ -d "$unenc_dir" ] || mkdir -- "$unenc_dir" | ||
| else | ||
| unenc_dir=$(mktemp -d .XXXXXXXX) | ||
| fi | ||
|
|
||
| if [ ! -d "$enc_dir" ]; then | ||
| mkdir -- "$enc_dir" | ||
| fi | ||
|
|
||
| enc_dir=$(canonicalize "$enc_dir") | ||
| unenc_dir=$(canonicalize "$unenc_dir") | ||
|
|
||
| options= | ||
| if [ "$unenc_dir_given" = "true" ]; then | ||
| if [ "$mount_public" = "true" ]; then | ||
| options="-- -o allow_other" | ||
| fi | ||
| fi | ||
|
|
||
| # Attach the directory and change into it | ||
|
|
||
| if gocryptfs "$enc_dir" "$unenc_dir" $options; then :; else | ||
| echo "gocryptfs failed" | ||
| rmdir -- "$unenc_dir" | ||
| exit 1 | ||
| fi | ||
| if ! [ "$unenc_dir_given" = "true" ]; then | ||
| chmod 700 "$unenc_dir" | ||
| fi | ||
| echo "Directory is $unenc_dir" >&2 | ||
| cd "$unenc_dir" || exit | ||
|
|
||
| # Fall back to umount if fusermount is not available (e.g., on OS X) | ||
| fuse_umount() { | ||
| if command -v fusermount >/dev/null 2>&1; then | ||
| fusermount -u "$@" | ||
| else | ||
| umount "$@" # MacOS case | ||
| fi | ||
| } | ||
|
|
||
| # Honor the SHELL environment variable to select a shell to run | ||
| "$SHELL"; retval=$? | ||
|
|
||
| # ensure that this shell isn't itself holding the mounted directory open | ||
| # ...but avoid terminating on failure, *or* causing a shellcheck warning for | ||
| # failing to check exit status from cd. | ||
| cd / ||: | ||
|
|
||
| # if unmount fails, skip rmdir, always use exit status of failure | ||
| fuse_umount "$unenc_dir" || exit | ||
|
|
||
| if ! [ "$unenc_dir_given" = true ]; then | ||
| rmdir -- "$unenc_dir" | ||
| fi | ||
| exit "$retval" |