Web Analytics
Privacy Policy Cookie Policy Terms and Conditions Loopback Encrypted Filesystem HOWTO: Details Next Previous Contents

4. Details

Kernel Patches:

You can upgrade from '2.2.x' releases by patching. Each patch that is released for '2.2.x' contains bugfixes. New features will be added to the Linux '2.3.x' development kernel. To install by patching, get all the newer patch files and do the following:

cd /usr/src
gzip -cd patchXX.gz | patch -p0

Repeat xx for all versions bigger than the version of your current source tree, IN ORDER.

The default directory for the kernel source is '/usr/src/linux'. If your source is installed somewhere else, I would suggest using a symbolic link from '/usr/src/linux'.

Editing 'MCONFIG' for the 'util-linux' package compilation:

The following are excerpts from the 'MCONFIG' file I used to compile the 'util-linux' package. Note that this is fairly specific for my setup, which is loosely based on RedHat 5.2. The point is to make sure you don't overwrite any important system tools such as 'login', 'getty', or 'passwd'. Anyway, here are the important lines as follows:


CPU=$(shell uname -m | sed s/I.86/intel/)

LOCALEDIR=/usr/share/locale

HAVE_PAM=no

HAVE_SHADOW=yes

HAVE_PASSWD=yes

REQUIRE_PASSWORD=yes

ONLY_LISTED_SHELLS=yes

HAVE_SYSVINIT=yes

HAVE_SYSVINIT_UTILS=yes

HAVE_GETTY=yes

USE_TTY_GROUP=yes

HAVE_RESET=yes

HAVE_SLN=yes

CC=gcc

Suggestions:

Note that you could use any of the eight loopback devices, from 'dev/loop0' to '/dev/loop7'. Use an inconspicuous directory for the mount point. I would suggest creating a folder with 700 permissions inside your home folder. The same goes for the file that holds the data. I use a filename like 'sysfile' or 'config.data' inside the '/etc' folder. This will usually get overlooked.

I created very simple Perl scripts to mount and unmount the filesystem with one command. Write these, make them executable (chmod u+x), and store them somewhere in your path.


#!/usr/bin/perl -w
#
#minimal utility to setup loopback encryption filesystem
#Copyright 1999 by Ryan T. Rhea
`losetup -e serpent /dev/loop0 /etc/cryptfile`;
`mount /mnt/crypt`;

Name the above script 'loop', and then you can be on your way with one command ('loop') and a password.


#!/usr/bin/perl -w
#
#minimal utility to deactivate loopback encryption filesystem
#Copyright 1999 by Ryan T. Rhea
`umount /mount/crypt`;
`losetup -d /dev/loop0`;

Name the second one 'unloop', and then typing 'unloop' will quickly deactivate your filesystem.


Next Previous Contents