Created
August 19, 2018 18:41
-
-
Save jorgsk/721f15d03d21a847a0bfa9f4f4df60e6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| This script is a wrapper around veracrypt and zim that makes it easy to work | |
| with notebooks that reside inside a veracrypt container. | |
| The script does three things: | |
| 1) Mounts a veracrypt container to a target location. | |
| 2) Runs a zim notebook, intended to be located in the mounted partition. | |
| 3) Unmounts the partition when either Zim or this script exits. | |
| Note: sudo session from mount might have expired. Be prepared to re-insert | |
| sudo password. | |
| Author: Jørgen Skancke | |
| """ | |
| import atexit # calls a teardown function when the script exits | |
| import subprocess | |
| # Filesystem paths and zim notebook name: adapt these to your setup | |
| MOUNT_PATH = '/media/veracrypt_zim2/' | |
| CONTAINER_PATH = '/home/jorgen/encryption_test/veracrypt1' | |
| ENCRYPTED_NOTEBOOK_NAME = 'zim_test' | |
| # Veracrypt options | |
| KEYFILE = "" | |
| PIM = 0 | |
| HIDDEN_PARTITION = 'no' | |
| def process_returncode(code, task): | |
| """ | |
| Return codes on linux: 0 is good, 1 is bad, < 0 is killed. | |
| """ | |
| if code == 0: | |
| print(f"Performed {task} successfully") | |
| else: | |
| print(f"Performed {task} unsuccessfully with return code {code}") | |
| def unmount_encrypted_container(): | |
| """ | |
| Unmount partition from veracrypt container. | |
| """ | |
| unmount = f'veracrypt -d {MOUNT_PATH}' | |
| return_code = subprocess.call(unmount, shell=True) | |
| task = f"unmounting {MOUNT_PATH}" | |
| process_returncode(return_code, task) | |
| def mount_encryped_container(): | |
| """ | |
| Mount partition from veracrypt container. | |
| """ | |
| mount_cmd = f'veracrypt -t -k "{KEYFILE}" --pim={PIM} --protect-hidden={HIDDEN_PARTITION} {CONTAINER_PATH} {MOUNT_PATH}' | |
| rc_mount = subprocess.call(mount_cmd, shell=True) | |
| task = f'mounting encrypted filesystem {CONTAINER_PATH} at {MOUNT_PATH}' | |
| process_returncode(rc_mount, task) | |
| def run_zim(): | |
| """ | |
| Run zim, starting with a specified notebook name. | |
| """ | |
| zim_cmd = f'zim {ENCRYPTED_NOTEBOOK_NAME}' | |
| task = 'starting Zim' | |
| rc_zim = subprocess.call(zim_cmd, shell=True) | |
| process_returncode(rc_zim, task) | |
| def main(): | |
| # Mount | |
| mount_encryped_container() | |
| # Run zim | |
| run_zim() | |
| # Unmount happens when zim or script terminates | |
| if __name__ == '__main__': | |
| atexit.register(unmount_encrypted_container) | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment