Index of /kzak/util-linux-cryptsetup
This is util-linux patch that adds full cryptsetup-luks support to mount
umount, swapon and swapoff. The patch supports classic cryptsetup and
LUKS extension too. The patch doesn't disable or change anything on old
cryptoloop code in util-linux.
The original patch from Christophe Saout saves wrong information in
/etc/mtab and this file was too different to /proc/mounts. I think this
patch better follows standard mtab manners.
WARNING: don't install .rpm package to system where you have /usr outside
root filesystem:
$ ldd ./mount
libcryptsetup.so.0 => /usr/lib/libcryptsetup.so.0 (0x00b65000)
libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0x00111000)
libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0x003f3000)
Files:
util-linux-2.13-0.13.crypt.1.src.rpm .... FC5 source package
util-linux-2.13-pre6-cryptsetup.patch .... patch against upstream version
Examples:
*** initialize device:
cryptsetup luksFormat /dev/hda5
cryptsetup luksOpen /dev/hda5 foo
mkfs.ext3 /dev/mapper/foo (or mkswap /dev/mapper/foo)
cryptsetup luksClose foo
*** Mount
command line:
mount /dev/mapper/mySecret /mnt -o crypt,device=/dev/hda5
or:
1. fstab with defined mapping name:
/dev/mapper/mySecret /mnt auto crypt,device=/dev/hda5
(in /etc/mtab: /dev/mapper/mySecret /mnt ext3 rw,crypt,device=/dev/hda5 0 0)
2. fstab with device by mapping name (mount expects encrypted /dev/hda5):
-- this is suggested variant
/dev/mapper/hda5 /mnt auto crypt
(in /etc/mtab: /dev/mapper/hda5 /mnt ext3 rw,crypt 0 0)
3. fstab with mapping name by device (mapping to /dev/mapper/hda5)
LABEL=dummy /mnt auto crypt,device=/dev/hda5
(in /etc/mtab: /dev/mapper/hda5 /mnt ext3 rw,crypt,device=/dev/hda5 0 0)
*** Swap
command line:
swapon -C device=/dev/hda7
swapoff -C /dev/hda7
fstab (same like for mount):
/dev/mapper/hda5 swap auto crypt
*** Note that others mount and swap options are:
device=, keyfile=, keysize=, cipher=,
hash=, skip=, offset=
example:
mount /dev/mapper/foo /mnt/sec -o crypt,device=/dev/bar,keyfile=/mnt/key,cipher=aes
swapon -C device=/dev/hda7,keyfile=/mnt/key
--
Karel Zak [26-Aug-2005]