From 2cba0a711f2964a8eafdf4698939b296024d05e8 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 19 Feb 2013 22:51:16 +0100 Subject: [PATCH] =?utf8?q?Ajout=20:=20vm=5Fhost=20:=20rule=5Fvm=5Fattach?= =?utf8?q?=20:=20assert=20pas=20d'autre=20console=20attach=C3=A9e=20(car?= =?utf8?q?=20=C3=A7a=20ne=20marche=20pas=20sinon).?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- vm_host | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/vm_host b/vm_host index b99086b..e855630 100755 --- a/vm_host +++ b/vm_host @@ -91,6 +91,7 @@ rule_vm_start () { rule vm_attach } rule_vm_attach () { + assert '! pgrep -f "sudo xm console $vm_fqdn"' cat <<-EOF NOTE: Ctrl-] pour se détacher de la console EOF @@ -214,33 +215,33 @@ rule_part_lvm_umount () { } rule_part_randomize () { # SYNTAX: $part # NOTE: à anticiper - local part=$1 + local part="$1" eval "sudo dd if=/dev/urandom of=\$vm_dev_disk_$part" } rule_part_randomize_stat () { # SYNTAX: $part # DESCRIPTION: fait afficher la progression de rule_part_randomize - local part=$1 + local part="$1" eval "pkill -USR1 -f \"^dd if=/dev/urandom of=\$vm_dev_disk_$part\"" } rule__part_encrypted_format () { # SYNTAX: $part # DESCRIPTION: formatage d'une partition distincte de / # NOTE: la clef de chiffrement est dérivée de celle de /, # / doit être déchiffrée pour que cela fonctionne. - local part=$1 - eval "local dev=\$vm_dev_disk_$part" + local part="$1" + eval "local dev=\"\$vm_dev_disk_$part\"" test ! -e /dev/mapper/${vm_lvm_lv}_root_deciphered || sudo /bin/sh -c "/lib/cryptsetup/scripts/decrypt_derived ${vm_lvm_lv}_root_deciphered | cryptsetup luksFormat --hash=sha512 --key-size=512 \ --cipher=aes-xts-essiv:sha256 --key-file=- --align-payload=8 $dev" } rule__part_encrypted_mount () { # SYNTAX: $part - local part=$1 - eval "local dev=\$vm_dev_disk_$part" + local part="$1" + eval "local dev=\"\$vm_dev_disk_$part\"" test -e /dev/mapper/${vm_lvm_lv}_${part}_deciphered || sudo /bin/sh -c "/lib/cryptsetup/scripts/decrypt_derived ${vm_lvm_lv}_root_deciphered | cryptsetup luksOpen --key-file=- $dev ${vm_lvm_lv}_${part}_deciphered" } rule__part_encrypted_umount () { # SYNTAX: $part - local part=$1 - eval "local dev=\$vm_dev_disk_$part" + local part="$1" + eval "local dev=\"\$vm_dev_disk_$part\"" test ! -e /dev/mapper/${vm_lvm_lv}_${part}_deciphered || sudo cryptsetup luksClose ${vm_lvm_lv}_${part}_deciphered } -- 2.20.1