Using the Hardware Abstration Layer (HAL) and the volume manager lvman, you can do nice things, like automatically mount drives or play cdroms and dvd’s. Also it can help you stop doing things you hate like automtically mount drives or play cdroms and dvd’s.
Both hal and lvman come standard with my Ubunto distro, but I’m sure you will be able to found information how to make these two run on your favourite distro.
In this article I’ll tell you how I use it.
# lshal
gives you all kinds of information that the hal is able to tell you about your computer. All of this information will help you configuring the things you want to do if something happens with your hardware.
know have a look at the lvman configuration file /etc/lvman/IvmConfigActions.xml. You will see some examples that are already configured by Ubuntu. If you want you can disable the autorun function for CD’s, look for lines like these (at least in Kubuntu, in Ubuntu it will be slightly different):
just add comment tags around these lines or delete them if you don't want autorun.If I plug in my digital camera I want digikam to start. So I plugged in the camera, used
lshal to look for the info I found for the camera and decided I want tu use the device_id as identifier for lvman:
My company has a lot of servers on which I have to log in with ssh and copy files to with scp several times a day. I didn’t want to type in my password every time, so I decided to use the ssh built-in feature of authorized_keys. It is not very secure to use 1 key for all servers, so I wrote a small shell script that looks for the right key everytime I use ssh or scp. To be more secure, I put the keys on an encrypted filesystem on a usb stick.
#!/bin/bash
# shellscript around scp/ssh that looks for keys according to the hostname argument of scp/ssh
# your keys should be named _id_dsa (or modify this script)
# in the next howto you shold replace <$VARNAMES> with the value you assign to it
# to create ssh keys type:
# ssh-keygen -t dsa -f $CRYPT_PATH/_id_dsa
# add contents of $CRYPT_PATH/_id_dsa.pub to ~/.ssh/authorized_keys
# if this file does not exists, simply copy $CRYPT_PATH/_id_dsa.pub to ~/.ssh/authorized_keys
# save this file to $SCP_WRAPPER anywhere in your $PATH
# and add a symbolic link to the same file:
# ln -s $SCP_WRAPPER $SSH_WRAPPER
# finally add these line to your ~/.bashrc file:
# alias ssh="/PATH/TO/$SCP_WRAPPER"
# alias scp="/PATH/TO/$SSH_WRAPPER"
################ CONFIGURATION ################
# path to your keys:
CRYPT_PATH="/media/crypt"
CRYPT_MAPPER_PATH="/dev/mapper/crypt"
#script / programs names:
SCP_WRAPPER="scp_wrapper.sh"
SSH_WRAPPER="ssh_wrapper.sh"
SSH="/usr/bin/ssh"
SCP="/usr/bin/scp -C"
# set to 1 if you have different domainnames for a single server
# that way you can have 1 keyfile for the server
USE_NS_LOOKUP="0"
################ END ################
HOST=""
KEY=""
. /lib/lsb/init-functions
# function to get realhost from ssh/scp argument
getServerByHost ()
{
local host
if [ "$USE_NS_LOOKUP" == "0" ]; then
echo "skipping hostname lookup"
$HOST=$1
return 0
else
log_begin_msg "trying to get servername from $1"
host=$(nslookup $1 | grep Name|cut -d: -f2|head -n1|sed 's/^s*//')
if [ "$host" == "" ]; then
log_end_msg 9
$HOST=$1
return 9
else
HOST=$host
log_end_msg 0
echo "using host $host in stead of $1"
return 0
fi
fi
}
# function that checks if the kyfile exists
getKey ()
{
if [ "$(sudo cryptsetup status $CRYPT_MAPPER_PATH 2>/dev/null |grep active -c)" == "0" ]; then
log_begin_msg "/etc/init.d/cryptdisks not started: trying to start it now"
sudo /etc/init.d/cryptdisks start 2>/dev/null
if [ "$(sudo cryptsetup status /dev/mapper/crypt 2>/dev/null |grep active -c)" == "0" ]; then
log_end_msg 9
return 9
else
log_end_msg 0
fi
fi
if [ "$(mount | grep "$CRYPT_PATH" -c)" == "0" ]; then
log_begin_msg "encrypted disk not mounted, mount now"
mount $CRYPT_PATH
log_end_msg $?
fi
KEY=$CRYPT_PATH"/"$1"_id_dsa"
if [ -f "$KEY" ]; then
echo "using key $KEY"
return 0
else
echo "key [$KEY] not found"
return 9
fi
}
# function that checks for correct argument count
paramcheck ()
{
if [ $3 -lt $3 ]; then
$1
exit;
fi
}
if [ "$(basename $0)" == "$SCP_WRAPPER" ]; then
paramcheck scp 2 $#
hostArgument=$(echo $*|sed 's/^.* (.+):.*/1/')
EXECUTABLE=$SCP
else
paramcheck ssh 1 $#
hostArgument=$1
EXECUTABLE=$SSH
fi
#shortcut if keyfile exists:
if [ -f "$CRYPT_PATH/$1""_id_dsa" ]; then
KEY="$CRYPT_PATH/$1""_id_dsa"
KEYARGUMENT="-i $KEY";
echo "found key $KEY, skipping everything else"
else
getServerByHost $hostArgument
retval=$?
fi
if [ "$KEYARGUMENT" == "" ]; then
if [ "$retval" -eq "0" ]; then
getKey $HOST
if [ "$?" -eq "0" ]; then KEYARGUMENT="-i $KEY"; fi
else
echo "fallback to normal operation of $(basename $EXECUTABLE)"
$EXECUTABLE $*
exit 9
fi
fi
$EXECUTABLE $KEYARGUMENT $*
exit $?
I want to log in on our servers with ssh without having to type in a password every time, so I decided to use authorized_keys. To store the keys I wanted an encrypted filesystem on my usb stick. Here’s a short howto:
install crypt system debian style:
# apt-get install cryptsetup
make sure the modules aes, dm_mod, and dm_crypt are loaded (add to /etc/modules) or compiled in your kernel. You need these modules for the device mapper and for aes encryption algoritm.
map the device that is going to hold the encrypted filesystem (here it is /dev/sdb1) to a mapped device (I called it crypt, pick a valid name you like for the device mapper):
# cryptsetup -y create crypt /dev/sdb1
add the device to /etc/crypttab, by simply adding the line:
crypt /dev/sdb1
optionally add device to /etc/fstab (example configuration):
/dev/mapper/crypt /media/crypt ext3 rw,user,exec,noauto,suid 0 0
make filesystem on the mapped device (I use ext3, use anything you like and is supported on your system):
mkfs.ext3 /dev/mapper/crypt
use the device:
# /etc/init.d/cryptdisks start
if you’ve added the fstab line you can use:
# mount /media/crypt
otherwise try:
# mount /dev/mapper/crypt /media/crypt