From 02e104b39548dd325cad84e2db87e590b62bea9b Mon Sep 17 00:00:00 2001 From: Bandie Date: Thu, 1 Nov 2018 11:38:56 +0100 Subject: [PATCH 1/2] rm temporary file on cancel; detect if no encrypted root device is available --- src/pam_panic_config/pam_panic_config | 36 +++++++++++++++------------ 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/src/pam_panic_config/pam_panic_config b/src/pam_panic_config/pam_panic_config index e19ee6c..38e02e7 100755 --- a/src/pam_panic_config/pam_panic_config +++ b/src/pam_panic_config/pam_panic_config @@ -16,6 +16,7 @@ fi # Call when using the Cancel button function cancel(){ + rm -f .pam_panic_media_choice clear echo "Bye! :)" exit 0 @@ -51,16 +52,14 @@ function getLUKSDevice(){ # Generic dialog question function ask(){ - dialog --backtitle "pam_panic's Configuration Generator" --title "$1" --yesno "$2" 8 80 return $? - } # Generic message box msg() { - dialog --backtitle "pam_panic's Configuration Generator" --msgbox "$1" 8 80 + dialog --backtitle "pam_panic's Configuration Generator" --title "$1" --msgbox "$2" 8 80 } @@ -149,7 +148,7 @@ while [ $auth_mode -eq 2 ]; do done chooseMedium Authentication auth_dev=$(echo ${mediaArray[$?]} | sed 's/\/dev\/sd[b-z]*[0-1]\[//;s/\]//') - msg "Authentication device chosen with UUID $auth_dev." + msg "Removable media: Authentication device" "Authentication device chosen with UUID $auth_dev." # Panic unset media @@ -161,7 +160,7 @@ while [ $auth_mode -eq 2 ]; do done chooseMedium Panic panic_dev=$(echo ${mediaArray[$?]} | sed 's/\/dev\/sd[b-z]*[0-1]\[//;s/\]//') - msg "Panic device chosen with UUID $panic_dev." + msg "Removable media: Panic device" "Panic device chosen with UUID $panic_dev." ;; "3") @@ -192,22 +191,27 @@ while [ $auth_mode -eq 2 ]; do done # serious flag -ask "pam_panic's behaviour" "Do you wish to destroy your LUKS header in case of emergency?\nThis means that your encrypted device won't be readable anymore. After this question you will be asked to make a backup of this header." +ask "pam_panic's behaviour" "Do you wish to destroy your LUKS header in case of emergency?\nThis means that your encrypted root device won't be readable anymore. After this question you will be asked to make a backup of this header." serious=$? if [ $serious -eq 0 ]; then serious_dev=$(getLUKSDevice UUID) - msg "We will destroy $(getLUKSDevice NAME) [$serious_dev] when you trigger the panic function." + if [ ! -z $serious_dev ]; then + msg "pam_panic's behaviour" "We will destroy $(getLUKSDevice NAME) [$serious_dev] when you trigger the panic function." - # LUKS header backup - ask "LUKS Header backup" "Do you want to make a LUKS-Header backup now?\nIt will be saved at \"$LHBU\"." - bu=$? - case $bu in - "0") - cryptsetup luksHeaderBackup $(getLUKSDevice NAME) --header-backup-file "$LHBU" - msg "LUKSHeader backup has been saved here: $LHBU" - ;; - esac + # LUKS header backup + ask "LUKS Header backup" "Do you want to make a LUKS-Header backup now?\nIt will be saved at \"$LHBU\"." + bu=$? + case $bu in + "0") + cryptsetup luksHeaderBackup $(getLUKSDevice NAME) --header-backup-file "$LHBU" + msg "LUKS Header backup" "LUKSHeader backup has been saved here: $LHBU" + ;; + esac + else + msg "pam_panic's behaviour" "ERROR: There is no encrypted root device on /dev/sda." + serious=1 + fi fi # poweroff / reboot behaviour From 1d67c5f1faa139f2c8b507ec3ebd64f0ba61d557 Mon Sep 17 00:00:00 2001 From: Bandie Date: Thu, 1 Nov 2018 11:52:36 +0100 Subject: [PATCH 2/2] Formatting --- src/pam_panic_config/pam_panic_config | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/pam_panic_config/pam_panic_config b/src/pam_panic_config/pam_panic_config index 38e02e7..a36955b 100755 --- a/src/pam_panic_config/pam_panic_config +++ b/src/pam_panic_config/pam_panic_config @@ -123,10 +123,11 @@ dialog --backtitle "pam_panic's Configuration Generator" \ --ok-label "Yip!" \ --msgbox "Welcome to pam_panic's Configuration Generator.\n\nIt will help you to create a valid pam_panic setup. It will also generate a Linux' PAM configuration file.\n\nAfter you're done with this Configuration Generator, you will see some hints how to integrate the new PAM configuration file in your system." 20 80 + +# Authentication mode auth_mode=2 while [ $auth_mode -eq 2 ]; do - # Authentication mode dialog --backtitle "pam_panic's Configuration Generator" \ --title "Authentication mode" \ --help-button \ @@ -190,6 +191,7 @@ while [ $auth_mode -eq 2 ]; do esac done + # serious flag ask "pam_panic's behaviour" "Do you wish to destroy your LUKS header in case of emergency?\nThis means that your encrypted root device won't be readable anymore. After this question you will be asked to make a backup of this header." serious=$? @@ -214,6 +216,7 @@ if [ $serious -eq 0 ]; then fi fi + # poweroff / reboot behaviour dialog --backtitle "pam_panic's Configuration Generator" \ --title "pam_panic's behaviour" \ @@ -269,6 +272,7 @@ else echo -e "$config" > $CONFIGFILE fi + # Finished message clear [ $ov -eq 0 ] && echo "Done! <3" || echo "Nothing done!