summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/platform/openbsd.sh40
1 files changed, 40 insertions, 0 deletions
diff --git a/src/platform/openbsd.sh b/src/platform/openbsd.sh
new file mode 100644
index 0000000..b66b32f
--- /dev/null
+++ b/src/platform/openbsd.sh
@@ -0,0 +1,40 @@
+# Copyright (C) 2012 Jonathan Chu <milki@rescomp.berkeley.edu>. All Rights Reserved.
+# Copyright (C) 2015 David Dahlberg <david.dahlberg@fkie.fraunhofer.de>. All Rights Reserved.
+# This file is licensed under the GPLv2+. Please see COPYING for more information.
+
+tmpdir() {
+ [[ -n $SECURE_TMPDIR ]] && return
+ local warn=1
+ [[ $1 == "nowarn" ]] && warn=0
+ local template="$PROGRAM.XXXXXXXXXXXXX"
+ if [[ $(sysctl -n kern.usermount) == 1 ]]; then
+ SECURE_TMPDIR="$(mktemp -d "${TMPDIR:-/tmp}/$template")"
+ mount -t tmpfs -o -s16M tmpfs "$SECURE_TMPDIR" || die "Error: could not create tmpfs."
+ unmount_tmpdir() {
+ [[ -n $SECURE_TMPDIR && -d $SECURE_TMPDIR ]] || return
+ umount "$SECURE_TMPDIR"
+ rm -rf "$SECURE_TMPDIR"
+ }
+ trap unmount_tmpdir INT TERM EXIT
+ else
+ [[ $warn -eq 1 ]] && yesno "$(cat <<-_EOF
+ The sysctl kern.usermount is disabled, therefore it is not
+ possible to create a tmpfs for temporary storage of files
+ in memory.
+ This means that it may be difficult to entirely erase
+ the temporary non-encrypted password file after editing.
+
+ Are you sure you would like to continue?
+ _EOF
+ )"
+ SECURE_TMPDIR="$(mktemp -d "${TMPDIR:-/tmp}/$template")"
+ shred_tmpfile() {
+ find "$SECURE_TMPDIR" -type f -exec $SHRED {} +
+ rm -rf "$SECURE_TMPDIR"
+ }
+ trap shred_tmpfile INT TERM EXIT
+ fi
+}
+
+GETOPT="gnugetopt"
+SHRED="rm -P -f"