Correction : vm_remote : rule_key_disk_backup .

diff --git a/vm_remote b/vm_remote
index a1afa1a..7601a01 100755 (executable)
--- a/vm_remote
+++ b/vm_remote
@@ -65,12 +65,14 @@ rule_key_disk_backup () {
         do
                mkdir -p var/sec/luks
                rule ssh -l root ' \
-                       tmp=$(mktemp)
-                       cryptsetup luksHeaderBackup \
-                        /dev/$vm_lvm_vg/${vm_lvm_lv}_${part} \
-                        --header-backup-file "$tmp" \
-                       cat "$tmp"
-                       shred --remove "$tmp"
+                       set -e -f -u;
+                       exec 2>/dev/null;
+                       tmp=$(mktemp -t "luks.'"$part"'.XXXXXXXX.tmp" --dry-run);
+                       cryptsetup luksHeaderBackup >/dev/null \
+                        /dev/'"$vm_lvm_vg"'/'"$vm_lvm_lv"'_'"$part"' \
+                        --header-backup-file "$tmp"; \
+                       cat "$tmp";
+                       shred >/dev/null --remove "$tmp"; \
                 ' |
                gpg --encrypt --recipient $USER@ \
                 -o var/sec/luks/${vm_lvm_lv}_${part}.luks.gpg