shithub: secgefs


branches: front

Clone

clone: git://shithub.us/sirjofri/secgefs gits://shithub.us/sirjofri/secgefs
push: hjgit://shithub.us/sirjofri/secgefs

Last commit

d7a6e843 – sirjofri <sirjofri@sirjofri.de> authored on 2025/08/30 11:36
adds files

About

encrypted filesystem using gefs and cryptsetup


using mk install, these scripts will be installed in /rc/bin/secgefs.

secgefs/create file size:
	create a new encrypted gefs at file with the specified size (megabytes).
	gefs will be configured to not make any snapshots.
	Will ask for the password three times:
	- two times for setting up encryption
	- another time for configuration

secgefs/open file:
	open the specified file. The basename will be used as the identifier.
	The scripts try to prevent name collisions, however it's best to
	avoid duplicate names anyways.
	Will ask for the password for opening.
	
	The service files will take the last part of the file (the filename):
	- /srv/$name
	- /srv/$name.cmd
	
	The filesystem will not be automatically mounted.

secgefs/close name:
	close the already opened file.
	This will try to remove the attached file from /dev/fs as well.


create and close will list relevant files to tell you if there is some additional cleanup needed:

- /dev/fs/$name: write "del $name" into /dev/fs/ctl. See fs(3)
- /srv/$name and /srv/$name.cmd: write "halt" into /srv/$name.cmd. See gefs(8)