summaryrefslogtreecommitdiff
path: root/contrib/gocryptfssh
diff options
context:
space:
mode:
authorIco Doornekamp2023-05-31 18:13:13 +0200
committerrfjakob2023-06-17 22:56:10 +0200
commit0f11c7780d6b3f6b23686955846b27ef5966da03 (patch)
tree7325c67da029ea8e7ca9d2773ea37f9fe6f508ba /contrib/gocryptfssh
parent8979cca43ea2ed15cf6ff577619298b9473d2882 (diff)
Added contrib/gocryptfssh
Diffstat (limited to 'contrib/gocryptfssh')
-rwxr-xr-xcontrib/gocryptfssh86
1 files changed, 86 insertions, 0 deletions
diff --git a/contrib/gocryptfssh b/contrib/gocryptfssh
new file mode 100755
index 0000000..505087f
--- /dev/null
+++ b/contrib/gocryptfssh
@@ -0,0 +1,86 @@
+#!/bin/sh
+
+# This script mounts an gocryptfs filesystem, starts a shell in the mounted
+# directory, and then unmounts the filesystem when the shell exits. This is an
+# equivalent of the encfssh script by by David Rosenstrauch.
+
+canonicalize() {
+ cd "$1" || return
+ pwd
+}
+
+
+case $1 in "" | -h | --help)
+ echo "Usage: gocryptfssh encrypted_directory [unencrypted-directory [-p]]"
+ echo " -p mount the unencrypted directory as public"
+ exit 1
+ ;;
+esac
+
+enc_dir=$1
+unenc_dir_given=false
+mount_public=false
+if [ ! -z "$2" ]; then
+ unenc_dir_given=true
+ unenc_dir=$2
+ for arg in "$@" ; do
+ if [ "$arg" = "-p" ]; then
+ mount_public=true
+ fi
+ done
+ [ -d "$unenc_dir" ] || mkdir -- "$unenc_dir"
+else
+ unenc_dir=$(mktemp -d .XXXXXXXX)
+fi
+
+if [ ! -d "$enc_dir" ]; then
+ mkdir -- "$enc_dir"
+fi
+
+enc_dir=$(canonicalize "$enc_dir")
+unenc_dir=$(canonicalize "$unenc_dir")
+
+options=
+if [ "$unenc_dir_given" = "true" ]; then
+ if [ "$mount_public" = "true" ]; then
+ options="-- -o allow_other"
+ fi
+fi
+
+# Attach the directory and change into it
+
+if gocryptfs "$enc_dir" "$unenc_dir" $options; then :; else
+ echo "gocryptfs failed"
+ rmdir -- "$unenc_dir"
+ exit 1
+fi
+if ! [ "$unenc_dir_given" = "true" ]; then
+ chmod 700 "$unenc_dir"
+fi
+echo "Directory is $unenc_dir" >&2
+cd "$unenc_dir" || exit
+
+# Fall back to umount if fusermount is not available (e.g., on OS X)
+fuse_umount() {
+ if command -v fusermount >/dev/null 2>&1; then
+ fusermount -u "$@"
+ else
+ umount "$@" # MacOS case
+ fi
+}
+
+# Honor the SHELL environment variable to select a shell to run
+"$SHELL"; retval=$?
+
+# ensure that this shell isn't itself holding the mounted directory open
+# ...but avoid terminating on failure, *or* causing a shellcheck warning for
+# failing to check exit status from cd.
+cd / ||:
+
+# if unmount fails, skip rmdir, always use exit status of failure
+fuse_umount "$unenc_dir" || exit
+
+if ! [ "$unenc_dir_given" = true ]; then
+ rmdir -- "$unenc_dir"
+fi
+exit "$retval"