Ask / Submit

Revision history [back]

click to hide/show revision 1
initial version

posted 2016-08-17 19:48:46 +0300

Hi All, I successfully created an encrypted partition using crypsetup tool available from warehouse.

However, mounting the partition on top of hone and restarting lipstick does not load the user config files from the binded home partition.

Why would this be?

Cheers, M.

Hi All, I successfully created an encrypted partition using crypsetup tool available from warehouse.warehouse. My aim is to encrypt all data at /home including application config files and user data.

However, mounting the partition on top of hone and restarting lipstick and other services does not load the user config files from the binded home partition.

Why would this be?

Cheers, M.

Steps to reproduce cryptsetup loopmounted /home partition:

  1. enabe developer mode

  2. ssh into device (ssh nemo@ip)

  3. Run commands:

    #gain root devel-su #reset root password passwd

    curl -O https://openrepos.net/sites/default/files/packages/500/cryptsetup-1.6.4-1.armv7hl.rpm

    curl -O https://openrepos.net/sites/default/files/packages/500/libcryptsetup4-1.6.4-1.armv7hl.rpm

    pkcon install-local libcryptsetup4-1.6.4-1.armv7hl.rpm

    pkcon install-local cryptsetup-1.6.4-1.armv7hl.rpm

    #Setup crypt disk devel-su fallocate -l 10G /root/.crypt.img

      cryptsetup luksFormat /root/.crypt.img -c aes-cbc-essiv:sha256
      cryptsetup luksOpen /root/.crypt.img crypt
      devel-su
      mkfs.ext4 /dev/mapper/crypt
    

copy over data

mkdir /crypt

mkdir /mounts

rsync -av /mounts/ /crypt

Create and run mount script:

su - -c "cryptsetup luksOpen /root/.crypt.img crypt"

su - -c "      mount /dev/mapper/crypt /crypt/"

su - -c "      mount -o bind /crypt/nemo/.cache /home/nemo/.cache"

su - -c "      mount -o bind /crypt/nemo/.local /home/nemo/.local"

su - -c "      mount -o bind /crypt/nemo/.mozilla /home/nemo/.mozilla"

su - -c "      mount -o bind /crypt/nemo/.qmf /home/nemo/.cache"

su - -c "      mount -o bind /crypt/nemo/.sailfish-accounts-tool /home/nemo/.sailfish-accounts-tool"

su - -c "      mount -o bind /crypt/nemo/.timed /home/nemo/.timed"

su - -c "mount -o bind /crypt/data/ /opt/alien/data/"

su - -c " systemctl restart user@100000"