/usr/sbin/luksformat is in cryptsetup-bin 2:2.0.2-1ubuntu1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 | #!/usr/bin/perl -w
# luksformat - wrapper around LUKS-capable cryptsetup and mkfs for easy
# creation of an encrypted device.
#
# (C) 2005 Canonical Ltd.
# Author: Martin Pitt <martin.pitt@ubuntu.com>
# License: GNU General Public License, v2 or any later
# (https://www.gnu.org/copyleft/gpl.html)
use Getopt::Long qw(:config pass_through);
BEGIN {
eval 'use Locale::gettext';
if ($@) {
*gettext = sub { shift };
*textdomain = sub { "" };
*LC_MESSAGES = sub { 5 };
}
eval {
require POSIX;
import POSIX qw(setlocale);
};
if ($@) {
*setlocale = sub { return 1 };
}
}
setlocale(LC_MESSAGES, "");
textdomain("luksformat");
if ($> != 0) {
print STDERR gettext("This program needs to be started as root\n");
exit 1;
}
sub usage() {
print gettext("luksformat - Create and format an encrypted LUKS device
Usage: luksformat [-t <file system>] <device> [ mkfs options ]\n\n");
exit 1;
}
# default file system
$fs = 'vfat';
exit 1 unless GetOptions ('t|type=s' => \$fs);
GetOptions ('help', \$help);
if (($#ARGV < 0) || ($help)) {
usage();
}
$device = shift(@ARGV);
open(MOUNTS, "/proc/mounts");
while (<MOUNTS>) {
die sprintf(gettext("Error: device mounted: %s\n"), $device) if (/\Q$device\E/)
}
if (-x "/usr/sbin/mkfs.$fs") {
$mkfs = "/usr/sbin/mkfs.$fs";
}
elsif (-x "/usr/bin/mkfs.$fs") {
$mkfs = "/usr/bin/mkfs.$fs";
}
elsif (-x "/sbin/mkfs.$fs") {
$mkfs = "/sbin/mkfs.$fs";
}
elsif (-x "/bin/mkfs.$fs") {
$mkfs = "/bin/mkfs.$fs";
}
else {
printf STDERR (gettext("Error: invalid file system: %s\n"), $fs);
exit 1;
}
# generate temporary mapped device name which is not yet used
$name = "";
for ($i = 1; $i < 100; $i++) {
if (! -e "/dev/mapper/luksformat$i") {
$name = "luksformat$i";
last;
}
}
$name or die sprintf(gettext("Error: could not generate temporary mapped device name"));
# we do not need to be overly concerned with race conditions here, cryptsetup
# will just fail if the name already exists now.
printf (gettext("Creating encrypted device on %s...\n"), $device);
if ((system 'cryptsetup', 'luksFormat', $device)) {
die sprintf(gettext("Could not create LUKS device %s"), $device);
}
print gettext("Please enter your passphrase again to verify it\n");
if ((system 'cryptsetup', 'open', '--type', 'luks', $device, $name) != 0) {
print STDERR gettext("The passphrases you entered were not identical\n");
exit 1;
}
$result = system $mkfs, "/dev/mapper/$name", @ARGV;
print "\n";
system 'udevadm', 'settle', '--timeout=30';
system 'cryptsetup', 'luksClose', $name;
die sprintf(gettext("Could not format device with file system %s"), $fs) if $result;
__END__
=head1 NAME
luksformat - Create and format an encrypted LUKS device
=head1 SYNOPSIS
B<luksformat> [B<-t> I<fstype>] I<device> [ mkfs options ]
=head1 DESCRIPTION
B<luksformat> is a wrapper around B<cryptsetup> and B<mkfs> which provides an
easy interface for creating an encrypted device that follows the LUKS standard
and for putting a file system onto the encrypted device.
The default file system is B<vfat> since that is most commonly used on
removable devices. However, you can specify any available file system with the
B<-t> option.
=head1 SEE ALSO
L<cryptsetup(8)>, L<mkfs(8)>
=head1 AUTHOR
This program was written by Martin Pitt <martin.pitt@ubuntu.com>.
|