Arch Linux

herOldMan

Member

Registered: 2013-10-11

Posts: 154

[script] open truecrypt file without truecrypt

Here's my script for opening truecrypt file containers using zenity and tcplay. There is plenty of room for improvement, but it's seems to be quite functional.

#!/bin/bash
# Open a Truecrypt container using tcplay
# Provides an alternate that does not need TrueCrypt to be installed
# Requires tcplay, zenity
# GNU License, Copywrite M Bishop, 2015
# Script targets file-based TC containers with keyfiles.
# To use, pass the filespec as an arguement ie: ./thisFile thePath/theTcFile
# Also works nicely as a Thunar custom action.

dev="$1"

# The following 2 lines manage white spaces, but remember, tcplay will fail if the file's name has white spaces 
# Luckily, the "." is tolerated by tcplay, so files with extensions are ok.
file="$(echo $dev | sed 's=.*/==')" 
dir="$(echo $dev | sed 's%/[^/]*$%/%' )"

cd "$dir"
 
# When isExit=1, the script will exit when the root password dialog is cancelled.
# Also when isExit=1, the script will exit after 3 failed root password attempts
isExit=1 

# function to obtain root privileges (root password dialog)
GetSudo(){
 	trial=0;
  	while [[ -z $upw ]] || ! sudo -S echo <<< "$upw"; do
		upw=$(zenity --password --title="SUDO PASSWORD")
    		if [[ $? -eq 1 ]]; then
			# Cancel signal from zenity
			if [ $isExit -eq 1 ];then
       		 		exit
			fi
    		else
			# Seed sudo by doing nothing much
			if echo $upw | sudo -S echo; then 
				:	
			else
				trial=$((trial+1))				
				if [[ "$trial" -gt 2 && "$isExit" -eq 1 ]]; then
					zenity --info --text="Failed after too many password attempts."
					exit
				fi				
				zenity --warning --text="Enter the SYSTEM (SUDO) password!"
			fi
    		fi
	done
}


upw=""
GetSudo


# We'll give the user just one chance to get the TC container password right.
tcpw=`zenity --password --title="TRUECRYPT PASSWORD"`
key=`zenity --file-selection --title="Find the key"`
loop=$(losetup -f)
losetup $loop "$dev"
result=`echo $tcpw | sudo -S tcplay --map="$file" --device=$loop -k $key`

# The user will have to re-enter the root password to close the container later. If the user was allowed to cancel the next root password dialog, a mapped device would be orphaned if the previous command was sucessful. So,
isExit=0
 
sudo -k
upw=""

# For now, tcplay always includes "ok" in its output when it works.
if [[ $result == *"ok"* ]]; then	
	uuid=$(echo $(blkid | grep "$file"  | sed -n 's/.*UUID=\"\([^\"]*\)\".*/\1/p'))
	echo $uuid
	mydev=$(blkid -l -o device -t UUID="$uuid")

	LOOP_FLAG=1
	while [ $LOOP_FLAG -eq 1 ]; do
		zenity --info --text="Your TrueCrypt container is available in the file manager.\nWhen done with  it, CLOSE ALL FILES and click OK."
		LOOP_FLAG=$?
		if [ $LOOP_FLAG -eq 1 ]; then
			# A cancel signal was returned by zenity (clicked the close button).	
			# Jump back to beginning of while loop.
			# They must quit gracefully by clicking OK.
 			continue
		fi

		GetSudo	
		# Gracefully unmount if necessary. Hopefully this was only mounted in one place, if at all.
		mntPt=$(df -P | grep $mydev | awk '{print $6}')
		if [ -n "$mntPt" ]
		then
			sudo umount $mntPt
		fi
		
		# umap and clean up
		sudo tcplay --unmap="$file" --device=$loop
		losetup -d $loop
		sudo -k
		upw=""
		exit
	done
else
	zenity --info --text="Incorrect password or not a TrueCrypt volume."
	losetup -d $loop
	sudo -k
	upw=""
	exit
fi

mhogomchungu

Member

Registered: 2013-03-29

Posts: 87

Re: [script] open truecrypt file without truecrypt

# The following 2 lines manage white spaces, but remember, tcplay will fail if the file's name has white spaces

It will fail on any bash special characters,a space character is just one of many bash special characters.

A list of special characters i know is:

#;\"',\\`:!*?&$@(){}[]><|%~^ \n

jasonwryan

Anarchist

From: .nz

Registered: 2009-05-09

Posts: 30,426

Website

Re: [script] open truecrypt file without truecrypt

A couple of pointers (that you may or may not find helpful):

• You should avoid backticks

• For bash, use [[ for your tests

• Awk and grep is redundant, use $(awk '/pattern/ {action}')

• Quote your variables

FWIW: this is my script for handling containers: https://bitbucket.org/jasonwryan/shiv/s … ts/safebox

---

Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438