Hi Tom,
I wrote the Python-script "cstat" for this purpose a while
ago. Attached for your convenience.
Regards,
Arno
On Fri, Aug 19, 2016 at 17:42:41 CEST, Tom Hartman wrote:
> Is there a way through either cryptsetup or some other tool to
> determine if a luks device is opened or closed? It looks like the
> status command is only meant for mapped volumes.
> Something like:
> Â Â Â Â Â Â Â Â Â Â
> Â Â Â Â Â Â Â Â Â Â Â cryptsetup isLuksOpen /dev/sda1
> Thanks,
> Tom
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@xxxxxxxx
> http://www.saout.de/mailman/listinfo/dm-crypt
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
#!/usr/bin/python
# cryptstat.py
# Displays all matching devices in /dev/ for a cryptsetup target
# Calls "cryptsetup status <target>" to get the initial info,
# then determines major/minor of the reported device and does
# a traversal of /dev/ to find all matches.
# Reports an augemented result of "cryptsetup status", also
# including mount points.
# Arguments are any number of cryptsetup targets. Does a validity
# check and refuses targets not found in /dev/mapper/
# Without argument, displays info on all targets found in /dev/mapper/
# (c) Arno Wagner 2010, distributed under the modified BSD license.
# Version 0.03
# Version history
# 0.03 Adjustments for cryptsrtup 1.2.0
# 0.02 fixed error on unmounted but mapped devices
import sys, os, stat, subprocess, re
dev_path = '/dev'
mapper_path = '/dev/mapper'
cryptsetup_path = '/usr/sbin/cryptsetup'
# IEC function
def str_iec(v):
n = float(v)
if n < 0 :
raise ValueError, 'Argument of str_iec() must not be negative'
prefix = ' ' # Actually the postfix of the output, but the
# prefix of the unit, if one is attached.
if n < 1024:
pass
elif n < 1024 * 1024:
n = n / 1024
prefix = 'ki'
elif n < 1024 * 1024 * 1024:
n = n / ( 1024 * 1024 )
prefix = 'Mi'
elif n < 1024 * 1024 * 1024 * 1024:
n = n / ( 1024 * 1024 * 1024 )
prefix = 'Gi'
elif n < 1024 * 1024 * 1024 * 1024 * 1024:
n = n / ( 1024 * 1024 * 1024 * 1024 )
prefix = 'Ti'
elif n < 1024 * 1024 * 1024 * 1024 * 1024 * 1024:
n = n / ( 1024 * 1024 * 1024 * 1024 * 1024 )
prefix = 'Ei'
else:
raise ValueError, 'Argument of str_iec() larger than (2^50)-1'
s = "%(n)5.1f " % {'n': n}
s = s + prefix
return s
# Utility functions
def normalize_path(path):
"""Replaces any number of occurences of '/' with a single '/'"""
# Note: INefficient, but should not matter
while path.find('//') > -1:
path = path.replace('//','/')
return(path)
def dir_walk(dir):
"""Returns a list of all filenames with full paths
(including dirs, specials, etc.) below the argument.
"." and ".." are omitted. Does not follow symblinks
to avoid loops, but there is no real loop prevention."""
names = []
dir = normalize_path(dir)
# process current directory
current = os.listdir(dir)
for d in current:
d = dir + '/' + d
# Test whether d is a directory. If so, recurse.
s = os.lstat(d)
if stat.S_ISDIR( s[stat.ST_MODE] ):
names.extend(dir_walk(d))
else:
names.append(d)
return(names)
def dir_walk_block(dir):
"""Returns the names of all block devices in the subtree at dir"""
names = dir_walk(dir)
block_dev = []
for n in names:
if stat.S_ISBLK(os.lstat(n)[stat.ST_MODE]):
block_dev.append(n)
return(block_dev)
def special_dev_major_minor(n):
"""Returns (major,minor) for a device special file name"""
s = os.lstat(n)
if not stat.S_ISBLK(s[stat.ST_MODE]) and \
not stat.S_ISCHR(s[stat.ST_MODE]) :
return None
else:
maj = os.major(s.st_rdev)
min = os.minor(s.st_rdev)
return (maj, min)
def build_block_major_minor_tables(dir):
"""Returns
1) a table of filenames that are all block special files
2) a dict mapping each name to (major,minor)
3) a dict mapping each (major,minor) pair to a table of filenames"""
names = []
name2pair = {}
pair2name = {}
names = dir_walk_block(dir)
for n in names:
maj, min = special_dev_major_minor(n)
name2pair[n] = (maj, min)
if (maj, min) not in pair2name:
pair2name[(maj, min)] = [n]
else:
pair2name[(maj, min)].append(n)
return (names, name2pair, pair2name)
# Start of main action
# determine list of targets to be processed
targets = []
# first get all in mapper_path except 'control'
mapper_targets = []
mapper_entries = os.listdir(mapper_path)
tmp = []
for e in mapper_entries:
if e != 'control':
tmp.append(e)
mapper_entries = tmp
# if argument list empty, copy mapper_entries
if len(sys.argv) == 1:
targets = mapper_entries
targets.sort()
else:
targets = sys.argv[1:]
# Make sure all targets are in mapper_entries
tbl = {}
for e in mapper_entries:
tbl[e] = None
for e in targets:
if e not in tbl:
print '\nError: Command argument "'+e+'" is not present in '+\
'mapper dir '+mapper_path+'!\nAborting\n'
sys.exit(1)
# print targets
# Create mappings (major,minor) <-> name
names, name2pair, pair2names = build_block_major_minor_tables(dev_path)
print
for t in targets:
# do call to "cryptsetup status"
cmd = cryptsetup_path + ' status ' + t
# print 'calling "' + cmd + '"'
p = subprocess.Popen(cmd, shell=True, bufsize=0,
stdin=subprocess.PIPE, stdout=subprocess.PIPE,
stderr=subprocess.PIPE, close_fds=True)
(out, err) = p.communicate()
out_lines = out.splitlines()
if (p.returncode != 0): raise IOError(p.returncode, err)
# print('command output = [' + out + ']')
# check output line 7 for ' device: <device name>'
if not re.match('\ \ device\:\ \ \S+', out_lines[4]):
print '\nError: Line 7 of cryptsetup output has unexpected form'
print 'Expected: " device: <device name>'
print 'found: [' + out_lines[4]+ ']'
print 'complete cryptsetup output:\m'
print out
print '\nAborting!\n'
sys.exit(1)
device = out_lines[4][11:]
# print 'device found: [' + device + ']'
(maj, min) = name2pair[device]
# print '(maj, min) = ', (maj, min)
devices = pair2names[(maj, min)]
dev_str = ''
for d in devices: dev_str = dev_str + d + ' '
# print 'devices: ', dev_str
out_lines[4] = ' devices: '+str((maj, min))+' '+dev_str
for l in out_lines:
if re.match('\s+size:\s+(\d+)\ssectors.*', l):
m = re.match('\s+size:\s+(\d+)\ssectors.*', l)
s = int(m.group(1))
l = l.rstrip('\n')
print l + ' ( '+ str_iec(s * 512) + ' Bytes )'
else:
print l
# determine mounts and print them
mounts = ' mounted:'
# ';echo' in next command is so that we have at least one line
# of output to avoid an error from subprocess
cmd = 'mount | grep '+mapper_path+'/'+t+'; echo'
# print 'calling "' + cmd + '"'
p = subprocess.Popen(cmd, shell=True, bufsize=0,
stdin=subprocess.PIPE, stdout=subprocess.PIPE,
stderr=subprocess.PIPE, close_fds=True)
(out, err) = p.communicate()
out_lines = out.splitlines()
# print('command output = [' + out + ']')
if (p.returncode != 0): raise IOError(p.returncode, err)
if len(out_lines) == 1:
mounts = mounts + ' not mounted'
else:
for l in out_lines:
# print 'l = ', l
match = re.search(' on (\S+) type', l)
if match != None:
mounts = mounts + ' ' + match.group(1)
print mounts
print
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
