blob: e13c033d58a031a96dc93bbfbaf261a38108ff4f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
#!/bin/sh
mount_encrypted() {
! mount | grep -q " $1 " && echo "$passphrase" | sudo mount -t ecryptfs "$1" "$2" \
-o ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_passthrough=no,ecryptfs_enable_filename_crypto=yes,ecryptfs_sig=$ecryptfs_sig,ecryptfs_fnek_sig=$fnek_sig,key=passphrase:passphrase_passwd=$(printf '%s' "$passphrase")
}
attempt_mount() {
if mount | grep -q " $2 "; then
if sudo umount "$2"; then
notify-send "🔒 Locked: $3"
else
notify-send "❗ Unable to lock" "Mounted: $3"
fi
else
ecryptfs_sig=$(pass show encryption/ecryptfs-sig-"$4")
fnek_sig=$ecryptfs_sig
passphrase=$(pass show encryption/ecryptfs)
[ -z "$passphrase" ] && {
notify-send "❌ Failed to retrieve passphrase."
exit 1
}
mount_encrypted "$1" "$2" && notify-send "🔑 Unlocked: $3"
fi
}
targets="$HOME/.secret"
mounts="$HOME/Private"
pw="default"
set -- $mounts # Set positional parameters to mounts
i=1
for target in $targets; do
mp=$(eval echo "\$$i") # Get the mount point using indirect expansion
path=$(basename "$mp") # Extract last directory component
pw=$(echo "$pw" | cut -d' ' -f$i) # Get the corresponding passthrough option
attempt_mount "$target" "$mp" "$path" "$pw"
i=$((i + 1))
done
|
