1 #!/bin/sh

     2 #

     3 # 

     4 # Copyright (C) 2012  Christian Arnold <arnold@schlittermann.de>

     5 #

     6 # Schlittermann internet & unix support

     7 #

     8 # This program is free software: you can redistribute it and/or modify

     9 # it under the terms of the GNU General Public License as published by

    10 # the Free Software Foundation, either version 3 of the License, or

    11 # (at your option) any later version.

    12 #

    13 # This program is distributed in the hope that it will be useful,

    14 # but WITHOUT ANY WARRANTY; without even the implied warranty of

    15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

    16 # GNU General Public License for more details.

    17 #

    18 # You should have received a copy of the GNU General Public License

    19 # along with this program.  If not, see <http://www.gnu.org/licenses/>.

    20 

    21 

    22 export LANG=C LANGUAGE=C LC_ALL=C

    23 

    24 ME=$(basename $0)

    25 LOGGING=1

    26 DEBUG=0

    27 

    28 ### DON'T TOUCH ANYTHING BELOW THIS LINES ###

    29 

    30 SUUID=$1

    31 SPATH=$2

    32 DUUID=$3

    33 DPATH=$4

    34 KEY=$5

    35 

    36 usage() {

    37     cat <<__ >&2

    38 Usage: $ME <suuid> <spath> <duuid> <dpath>

    39 

    40        <suuid> UUID of the source LUKS partition

    41        <spath> Mount point for the source filesystem

    42        <duuid> UUID of the destination LUKS partition

    43        <dpath> Mount point for the destination filesystem

    44        <key>   Key file to decrypt LUKS partition

    45 __

    46 }

    47 

    48 debug() {

    49     if [ $DEBUG -gt 0 ]; then 

    50         echo "$@" >&2

    51     fi

    52 }

    53 

    54 check_mountpoint() {

    55     MOUNTPOINT=$1

    56     if [ ! -d $MOUNTPOINT ]; then

    57         debug "ERROR: [$ME] $MOUNTPOINT don't exists"

    58         [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: $MOUNTPOINT don't exist"

    59         exit 1

    60     fi

    61 

    62     debug "OK: [$ME] $MOUNTPOINT exists"

    63     if cut -d' ' -f2 /proc/mounts | grep -q "^$MOUNTPOINT$"; then

    64         debug "ERROR: [$ME] anything is mounted on $MOUNTPOINT"

    65         [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: anything is mounted on $MOUNTPOINT"

    66         exit 1

    67     fi

    68 

    69     debug "OK: [$ME] nothing is mounted on $MOUNTPOINT"

    70     [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: nothing is mounted on $MOUNTPOINT"

    71     return 0

    72 }

    73 

    74 open_cryptdev() {

    75     TYPE=$1

    76     if [ ! $(blkid -U $2) ]; then

    77         debug "ERROR: [$ME] can't get device path for UUID: $2"

    78         exit 1

    79     fi

    80     DEV=$(blkid -U $2)

    81     CRYPTDEV="cbackup.$TYPE.$$"

    82     KEYFILE=$3

    83     cryptsetup luksOpen $DEV $CRYPTDEV --key-file $KEYFILE 2>/dev/null

    84     if [ ! -h /dev/mapper/$CRYPTDEV ]; then

    85         debug "ERROR: [$ME] can't luksOpen cryptdev '$CRYPTDEV'"

    86         [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: can't luksOpen cryptdev '$CRYPTDEV'"

    87         exit 1

    88     fi

    89 

    90     debug "OK: [$ME] luksOpen cryptdev '$CRYPTDEV'"

    91     [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: luksOpen cryptdev $CRYPTDEV"

    92     return 0

    93 }

    94 

    95 mount_cryptdev() {

    96     TYPE=$1

    97     CRYPTDEV="cbackup.$TYPE.$$"

    98     MOUNTPOINT=$2

    99     MOUNTOPT=""

   100     test "$TYPE" = "src" && MOUNTOPT="--read-only"

   101     if mount $MOUNTOPT /dev/mapper/$CRYPTDEV $MOUNTPOINT; then

   102         debug "OK: [$ME] mount $CRYPTDEV $MOUNTOPT to $MOUNTPOINT"

   103         [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: mount $CRYPTDEV to $MOUNTPOINT"

   104     else

   105         debug "ERROR: [$ME] can't mount $CRYPTDEV to $MOUNTPOINT"

   106         [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: can't mount $CRYPTDEV to $MOUNTPOINT"

   107         exit 1

   108     fi

   109     return 0

   110 }

   111 

   112 umount_cryptdev() {

   113     MOUNTPOINT=$1

   114     if umount $MOUNTPOINT 2>/dev/null; then

   115         debug "OK: [$ME] umount $MOUNTPOINT"

   116         [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: umount $MOUNTPOINT"

   117     else

   118         debug "ERROR: [$ME] can't umount $MOUNTPOINT"

   119         [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: can't umount $MOUNTPOINT"

   120         exit 1

   121     fi

   122     return 0

   123 }

   124 

   125 close_cryptdev() {

   126     TYPE=$1

   127     CRYPTDEV="cbackup.$TYPE.$$"

   128     if [ -h /dev/mapper/$CRYPTDEV ]; then

   129         cryptsetup luksClose $CRYPTDEV

   130         if [ -h /dev/mapper/$CRYPTDEV ]; then

   131             debug "ERROR: [$ME] can't luksClose cryptdev '$CRYPTDEV'"

   132             [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: can't luksClose cryptdev '$CRYPTDEV'"

   133             exit 1

   134         fi

   135 

   136         debug "OK: [$ME] luksClose cryptdev '$CRYPTDEV'"

   137         [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: luksClose cryptdev '$CRYPTDEV'"

   138     fi

   139     return 0

   140 }

   141 

   142 do_sync() {

   143     SOURCE=$1

   144     DESTINATION=$2

   145     VERBOSE=""

   146     test $DEBUG -gt 0 && VERBOSE="--verbose --progress"

   147     if rsync -Ha $VERBOSE --numeric-ids --delete $SOURCE $DESTINATION; then

   148         debug "OK: [$ME] sync is done from '$SOURCE' to '$DESTINATION'"

   149         [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: sync is done from '$SOURCE' to '$DESTINATION'"

   150     else

   151         debug "ERROR: [$ME] sync error from '$SOURCE' to '$DESTINATION'"

   152         [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: sync error from '$SOURCE' to '$DESTINATION'"

   153     exit 1

   154    fi

   155    return 0

   156 }

   157 

   158 cleanup() {

   159     check_mountpoint $SPATH || umount_cryptdev $SPATH

   160     check_mountpoint $DPATH || umount_cryptdev $DPATH

   161     close_cryptdev src

   162     close_cryptdev dst

   163 }

   164 

   165 # MAIN

   166 

   167 trap cleanup INT EXIT

   168 

   169 if [ $# -ne 5 ]; then

   170     usage

   171     exit 1

   172 fi

   173 

   174 check_mountpoint $SPATH

   175 check_mountpoint $DPATH

   176 open_cryptdev src $SUUID $KEY

   177 open_cryptdev dst $DUUID $KEY

   178 mount_cryptdev src $SPATH

   179 mount_cryptdev dst $DPATH

   180 

   181 do_sync $SPATH $DPATH

   182 

   183 umount_cryptdev $SPATH

   184 umount_cryptdev $DPATH

   185 close_cryptdev src

   186 close_cryptdev dst

   187