1.利用dm-crypt来创建加密文件系统。编写shell脚本(安装和卸载两个shell脚本)
2.编写ansible,playbook文件
3.编写python脚本
首先编写shell脚本
install.sh
#!/bin/sh
sudo apt-get install dmsetup cryptsetup
sudo modprobe dm-crypt
echo "dd if=/dev/zero of=/home/prod/secret.img bs=1M count=100"
sudo dd if=/dev/zero of=/home/prod/secret.img bs=1M count=100
echo "----------------------------------------------------------"
echo "losetup /dev/loop0 ~/secret.img"
sudo losetup /dev/loop0 /home/prod/secret.img
echo "----------------------------------------------------------"
sudo losetup /dev/loop0
echo "----------------------------------------------------------"
echo "cryptsetup -y create myEncryptedFilesystem /dev/loop0"
sudo cryptsetup -y create myEncryptedFilesystem /dev/loop0
echo "----------------------------------------------------------"
sudo dmsetup ls
echo "----------------------------------------------------------"
echo "mkfs.ext3 /dev/mapper/myEncryptedFilesystem"
sudo mkfs.ext3 /dev/mapper/myEncryptedFilesystem
echo "----------------------------------------------------------"
sudo mkdir /mnt/myEncryptedFilesystem
echo "----------------------------------------------------------"
echo "mount /dev/mapper/myEncryptedFilesystem /mnt/myEncryptedFilesystem"
sudo mount /dev/mapper/myEncryptedFilesystem /mnt/myEncryptedFilesystem
echo "----------------------------------------------------------"
sudo df -h /mnt/myEncryptedFilesystem
uninstall.sh
#!/bin/sh
sudo umount /mnt/myEncryptedFilesystem
sudo cryptsetup remove myEncryptedFilesystem
sudo dmsetup ls
sudo losetup -d /dev/loop0
sudo rm -rf secret.img
编写playbook文件
---
- hosts: cmdb
user: prod
sudo: True
tasks:
- name: install dm-crypt
action: command sh /home/prod/svnrepos/uninstall.sh
编写python脚本
import commands
(status, output) = commands.getstatusoutput('ansible-playbook playbook.yml')
print status, output
首先运行install.sh脚本
须要输入password。
然后执行python脚本执行uninstall.sh 卸载
运行python脚本的结果例如以下
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
