WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: Mount encrypted file system at boot  (Read 7921 times)

Offline mcollier

  • Newbie
  • *
  • Posts: 10
Mount encrypted file system at boot
« on: May 26, 2011, 02:54:52 PM »
Hello, I've successfully created an ecrypted file system using these instruction.  Everything works fine if I manually mount the partition using these commands:

mkdir /home/tc/vault
sudo cryptsetup luksOpen /dev/sda4 vault
I'm prompted for the password
sudo mount -t ext2 /dev/mapper/vault /home/tc/vault
I can access the partition as expected at /home/tc/vault

I need to get the partition to mount at boot.  Can anyone point me in the right direction?

Thank you,

Matt
« Last Edit: May 26, 2011, 03:49:13 PM by mcollier »

Offline Guy

  • Hero Member
  • *****
  • Posts: 1089
Re: Mount encrypted file system at boot
« Reply #1 on: May 26, 2011, 03:44:47 PM »
The link to these instructions does not work, so it is not clear what you have done.

To run commands at start up, put them in /opt/bootlocal.sh
Many people see what is. Some people see what can be, and make a difference.

Offline mcollier

  • Newbie
  • *
  • Posts: 10
Re: Mount encrypted file system at boot
« Reply #2 on: May 26, 2011, 03:49:29 PM »

Offline mcollier

  • Newbie
  • *
  • Posts: 10
Re: Mount encrypted file system at boot
« Reply #3 on: May 26, 2011, 04:03:25 PM »
It looks to me like I need to put my command : /usr/local/sbin/cryptsetup luksOpen /dev/sda4 vault  in the /etc/init.d/rcS file before the if nofstab section.

I've tried this, and added 'etc/init.d/rcS' to my /opt/.filetool.lst file, but apparently the rcS file does not get included in the backup.

Am I on the right track, and if so, what do I do to customize my rcS file?

Offline Guy

  • Hero Member
  • *****
  • Posts: 1089
Re: Mount encrypted file system at boot
« Reply #4 on: May 26, 2011, 04:10:54 PM »
Are you aware of this?

http://wiki.tinycorelinux.net/wiki:encrypted_backup

It just works. You don't need to change anything.
Many people see what is. Some people see what can be, and make a difference.

Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4254
Re: Mount encrypted file system at boot
« Reply #5 on: May 26, 2011, 04:12:20 PM »
rcS runs before the restore.
You need to put your commands in /opt/bootlocal.sh

Offline mcollier

  • Newbie
  • *
  • Posts: 10
Re: Mount encrypted file system at boot
« Reply #6 on: May 26, 2011, 04:31:02 PM »
@guy, If I can't get the encrypted file system working, I may fall back on the encrypted backup.

@gerald_clark, I have tried adding the following commands to /opt/bootlocal.sh, but that doesn't work.

sudo /usr/local/sbin/cryptsetup luksOpen /dev/sda4 vault
sudo mount -t ext2 /dev/mapper/vault /home/tc/vault


Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4254
Re: Mount encrypted file system at boot
« Reply #7 on: May 26, 2011, 05:04:03 PM »
bootlocal.sh runs as root.
Do not use sudo.

Offline mcollier

  • Newbie
  • *
  • Posts: 10
Re: Mount encrypted file system at boot
« Reply #8 on: May 26, 2011, 05:07:18 PM »
Good information, corrected, but still doesn't work.  I'm expecting to be prompted for a password after the /usr/local/sbin/cryptsetup luksOpen /dev/sda4 vault
 command.

If there are any errors thrown during the boot process, how would I go about seeing those?

Offline Guy

  • Hero Member
  • *****
  • Posts: 1089
Re: Mount encrypted file system at boot
« Reply #9 on: May 26, 2011, 05:10:52 PM »
You could try /opt/bootsync.sh. It runs early in the boot process. bootlocal.sh runs later in the boot process.
Many people see what is. Some people see what can be, and make a difference.

Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4254
Re: Mount encrypted file system at boot
« Reply #10 on: May 26, 2011, 05:15:38 PM »
bootlocal.sh runs without a terminal.

edit bootsync.sh
remove the '&' from the end of the line that reads
/opt/bootlocal.sh &

Then add your commands to the endof bootsync.sh.

Offline mcollier

  • Newbie
  • *
  • Posts: 10
Re: Mount encrypted file system at boot
« Reply #11 on: May 26, 2011, 05:24:43 PM »
That did the trick!  Thank you both very much!

Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4254
Re: Mount encrypted file system at boot
« Reply #12 on: May 26, 2011, 05:37:36 PM »
Now put the '&' back in bootsync.sh.

Normally bootlocal.sh runs in background.
With the '&'removed, it may never return and the boot may hang.

I don't think there is anything in bootlocal.sh that needs to complete before your lines in bootsync.sh.

My suggestion to remove the '&' may have been a bad idea.

Offline mcollier

  • Newbie
  • *
  • Posts: 10
Re: Mount encrypted file system at boot
« Reply #13 on: May 26, 2011, 06:19:33 PM »
OK, made that adjustment.  Still working great.  Thanks again.