2 ##############################################
3 # Script for Secure Linux Project #
4 # Copyright(c) 2005, 2006 by Roland Haeder #
5 ##############################################
6 # Purpose: Activate randomizly created swap #
8 ##############################################
9 # This software is licensed under the GNU #
10 # General Public License Version 2 or either #
11 # and comes with ABSOLUTELY NO WARRANTY #
12 # neither implied nor explicit. #
13 ##############################################
15 # NOTE: THE REAL AUTHOR OF THIS SCRIPT IS SOMEONE ELSE!
17 # If you are the one then please feel free to contact me and I will
18 # add your name+email in the copyright note above
20 # Run this script somewhere in your startup scripts _after_ random
21 # number generator has been initialized and /usr has been mounted.
22 # (md5sum, uuencode, tail and head programs usually reside in /usr/bin/)
24 # Highly extended and prepared for SYSVINIT scripts by Roland Haeder
25 # <webmaster@mxchange.org>
29 echo "$0: No .local.sh detected. Please start setting up your encrypted"
30 echo "$0: system with gen.sh."
33 [ -c /dev/urandom ] || exit 0
35 . /lib/lsb/init-functions
36 . /.local.sh || no_swap
38 # encrypted swap partition
39 SWAPDEVICE="/dev/hdc2"
44 # Blocksize for filling devices with zeros
47 # Number of above blocks for the zeros
48 ZERO_COUNT=3`echo $RANDOM | cut -c -2`
50 # Special options of above stuff
51 ZERO_OPTS="conv=notrunc"
53 # Length of the salt for password
58 [ "$VERBOSE" = no ] || log_action_begin_msg "Initializing encrypted swap partition $SWAPDEVICE ..."
59 MD=`dd if=${SWAPDEVICE} bs=$ZERO_BSIZE count=$ZERO_COUNT 2>/dev/null | md5sum | cut -c-32`
60 for X in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 ; do
61 dd if=/dev/zero of=${SWAPDEVICE} bs=$ZERO_BSIZE count=$ZERO_COUNT $ZERO_OPTS 2>/dev/null
64 UR=`dd if=/dev/urandom bs=$SALT_LEN count=1 2>/dev/null | uuencode -m - | head -n 2 | tail -n 1`
65 echo ${MD}${UR} | losetup -p 0 -C $ITER -e $CIPHER ${LOOPDEV} ${SWAPDEVICE}
68 dd if=/dev/zero of=${LOOPDEV} bs=$ZERO_BSIZE count=$ZERO_COUNT $ZERO_OPTS 2>/dev/null
69 [ "$VERBOSE" = no ] || log_action_end_msg 0
77 # Remove all swap spaces and our loop device
78 [ "$VERBOSE" = no ] || log_action_begin_msg "Removing encrypted swapspace ..."
80 losetup -d $LOOPDEV >/dev/null 2>&1
81 [ "$VERBOSE" = no ] || log_action_end_msg 0
84 restart|reload|force-reload)
90 echo "Usage: $0 {start|stop|reload|restart|force-reload}" >&2