Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic

Expect for cryptsetup

by (Initiate)
on Aug 20, 2013 at 05:34 UTC ( #1050126=perlquestion: print w/replies, xml ) Need Help?? has asked for the wisdom of the Perl Monks concerning the following question:

Hi Monks,

I am trying to automate the decryption of a volume using I want to run this command automated:
# cryptsetup luksOpen /dev/VG/DATA dec-DATA Enter passphrase for /dev/VG/DATA:
After you successfully give the passphrase you get /dev/mapper/dec-DATA which is the unencrypted volume I want to automate this using I came up with this code:
#!/usr/bin/perl use strict; use warnings; use Expect; use Getopt::Std; $Expect::Debug = 0; $Expect::Log_Stdout = 1; my $command = "/sbin/cryptsetup"; my $timeout = 5; my $exp = Expect->spawn( $command, 'luksOpen', '/dev/VG/DATA', 'dec-DATA' ) or die "Cannot spawn $command: $!\n"; my $idx = $exp->expect($timeout, [qr/Enter\s+passphrase\s+for/, sub { my $exp =shift; $exp->send("secret\n"); }] ); $exp->soft_close();
Now I have the following peculiarity. When $Expect::Debug is set to 0 it does not work; when set to 1 it does!

Can you please enlight a perl newbie? Is this a bug or am I doing something fundamentally wrong?

I use perl v5.14.2 and is version 1.21.

Replies are listed 'Best First'.
Re: Expect for cryptsetup
by kcott (Chancellor) on Aug 20, 2013 at 07:02 UTC


    Welcome to the monastery.

    "... it does not work ..."

    This is a totally inadequate error report. In what way doesn't it work: the script doesn't start; it functions incorrectly; your keyboard bursts into flames? Are there any warning or error messages?

    A better question will get you better answers: "How do I post a question effectively?" has guidelines for achieving this.

    -- Ken

Re: Expect for cryptsetup
by grondilu (Friar) on Aug 20, 2013 at 22:02 UTC

    Do you really want/need to use Expect? Because that seems very complicated a solution, to me. There is certainly an option for cryptsetup that allows you to provide the passphrase on command-line or in a file.

    I've just looked at the cryptsetup man page, and I see there is a --key-file option.

Re: Expect for cryptsetup
by (Initiate) on Aug 21, 2013 at 06:59 UTC
    @kcott: Sorry for not clearing it out:

    "Works" translates to "creation of the decrypted device /dev/mapper/dec-DATA

    "Does not work" means no creation of decrypted device

    @grondilu: That will mean the keyfile will be available somewhere in the filesystem. We do not want that. The passphrase will be in fact entered by the user through a web interface to decrypt the volume.

    Anyway the CPAN guys figured it out. It was a race condition which is solved by a simple "sleep 1" after the $exp->send command.

    Thanks guys!

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1050126]
Approved by Ratazong
Front-paged by Corion
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (4)
As of 2017-12-16 10:02 GMT
Find Nodes?
    Voting Booth?
    What programming language do you hate the most?

    Results (449 votes). Check out past polls.