X-Git-Url: https://glassweightruler.freedombox.rocks/gitweb/Ventoy.git/blobdiff_plain/807d313cd56200439adde1079e0596972c5a5d31..d9182dbfa4fde93adb0b038d3d66f2d68e55cefd:/INSTALL/CreatePersistentImg.sh

diff --git a/INSTALL/CreatePersistentImg.sh b/INSTALL/CreatePersistentImg.sh
index 8cf01a3..21d65c4 100644
--- a/INSTALL/CreatePersistentImg.sh
+++ b/INSTALL/CreatePersistentImg.sh
@@ -1,20 +1,35 @@
-#!/bin/sh
+#!/bin/bash
 
 size=1024
 fstype=ext4
 label=casper-rw
 config=''
+outputfile=persistence.dat
 
 print_usage() {
-    echo 'Usage:  CreatePersistentImg.sh [ -s size ] [ -t fstype ] [ -l LABEL ] [ -c CFG ]'
+    echo 'Usage:  sudo ./CreatePersistentImg.sh [ -s size ] [ -t fstype ] [ -l LABEL ] [ -c CFG ] [ -e ]'
     echo '  OPTION: (optional)'
     echo '   -s size in MB, default is 1024'
     echo '   -t filesystem type, default is ext4  ext2/ext3/ext4/xfs are supported now'
     echo '   -l label, default is casper-rw'
     echo '   -c configfile name inside the persistence file. File content is "/ union"'
+    echo '   -o outputfile name, default is persistence.dat'
+    echo '   -e enable encryption, disabled by default (only few distros support this)'    
     echo ''
 }
 
+print_err() {
+    echo ""
+    echo "$*"
+    echo ""
+}
+
+uid=$(id -u)
+if [ $uid -ne 0 ]; then
+    print_err "Please use sudo or run the script as root."
+    exit 1
+fi
+
 while [ -n "$1" ]; do
     if [ "$1" = "-s" ]; then
         shift
@@ -28,6 +43,12 @@ while [ -n "$1" ]; do
     elif [ "$1" = "-c" ]; then
         shift
         config=$1
+    elif [ "$1" = "-o" ]; then
+        shift
+        outputfile=$1
+    elif [ "$1" = "-e" ]; then
+        read -s -p "Encryption passphrase: " passphrase
+        echo
     elif [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
         print_usage
         exit 0
@@ -47,10 +68,15 @@ fi
 
 # check size
 if echo $size | grep -q "^[0-9][0-9]*$"; then
-    if [ $size -le 1 ]; then
-        echo "Invalid size $size"
-        exit 1
+    vtMinSize=1
+    if echo $fstype | grep -q '^xfs$'; then
+        vtMinSize=16
     fi
+    
+    if [ $size -lt $vtMinSize ]; then
+        echo "size too small ($size)"
+        exit 1
+    fi    
 else
     echo "Invalid size $size"
     exit 1
@@ -69,13 +95,24 @@ else
     exit 1
 fi
 
+if [ "$outputdir" != "persistence.dat" ]; then
+    mkdir -p "$(dirname "$outputfile")"
+fi
+
 # 00->ff avoid sparse file
-dd if=/dev/zero  bs=1M count=$size | tr '\000' '\377' > persistence.dat
+dd if=/dev/zero  bs=1M count=$size | tr '\000' '\377' > "$outputfile"
 sync
 
 freeloop=$(losetup -f)
 
-losetup $freeloop persistence.dat
+losetup $freeloop "$outputfile"
+
+if [ ! -z "$passphrase" ]; then
+    printf "$passphrase" | cryptsetup -q --verbose luksFormat $freeloop -
+    printf "$passphrase" | cryptsetup -q --verbose luksOpen $freeloop persist_decrypted -
+    _freeloop=$freeloop
+    freeloop="/dev/mapper/persist_decrypted"
+fi
 
 mkfs -t $fstype $fsopt -L $label $freeloop 
 
@@ -95,4 +132,9 @@ if [ -n "$config" ]; then
     rm -rf ./persist_tmp_mnt
 fi
 
+if [ ! -z "$passphrase" ]; then
+    cryptsetup luksClose $freeloop
+    freeloop=$_freeloop
+fi
+
 losetup -d $freeloop