diff options
| author | Jan Wagner <mail@jwagner.eu> | 2016-03-25 22:51:24 +0100 |
|---|---|---|
| committer | Jan Wagner <mail@jwagner.eu> | 2016-03-25 22:51:24 +0100 |
| commit | 7b0a7803dcb8e18c3da450ab035f62bf4e9906f8 (patch) | |
| tree | 2a9b9fa364a50cb8b28a944ea5436efa05ab9c56 | |
| parent | b33dfc51ccafb9172c0a29c0e4376f0db8b9e3f1 (diff) | |
| download | rpi2-gen-image-7b0a7803dcb8e18c3da450ab035f62bf4e9906f8.tar.gz rpi2-gen-image-7b0a7803dcb8e18c3da450ab035f62bf4e9906f8.tar.bz2 rpi2-gen-image-7b0a7803dcb8e18c3da450ab035f62bf4e9906f8.zip | |
shred-fix
| -rw-r--r-- | functions.sh | 5 | ||||
| -rwxr-xr-x | rpi2-gen-image.sh | 1 |
2 files changed, 6 insertions, 0 deletions
diff --git a/functions.sh b/functions.sh index cbd5bad..ecf8a4c 100644 --- a/functions.sh +++ b/functions.sh @@ -10,6 +10,11 @@ cleanup (){ sleep 3 fuser -9 -k -v "$R" + # Clean up temporary .password file + if [ -r ".password" ] ; then + shred -zu .password + fi + # Clean up all temporary mount points echo "removing temporary mount points ..." umount -l "$R/proc" 2> /dev/null diff --git a/rpi2-gen-image.sh b/rpi2-gen-image.sh index d25bdb6..a69c78d 100755 --- a/rpi2-gen-image.sh +++ b/rpi2-gen-image.sh @@ -452,6 +452,7 @@ if [ "$ENABLE_CRYPTFS" = true ] ; then # Setup password keyfile echo -n ${CRYPTFS_PASSWORD} > .password + chmod 600 .password # Initialize encrypted partition echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password |