I finally buckled down and wrote my first bash shell script today.
I have been backing up my machines to two WD My Book 3 TB USB 3.0 Hard Drives.
I backup my hard drive to my server once a week. I also backup my hard drive to the WD USB drive every week.
I am swapping them out every week. I keep one drive at work at all times. This is keeping with the philosophy that at any one time I have
- one backup on-site
- one backup off-site
My only concern is that OS X leaves hard drives unencrypted by default. This means that anyone could plug an OS X-formatted drive into their Macintosh and read my files.
The solution: encryption.
On OS X, it is as easy as right-clicking on the hard drive in Finder and selecting ‘encrypt drive’. This is a good thing.
However, once I reconnect my USB drive I have to unlock the disk before I can make my backups. Complicating everything further, I divided the 3TB disk into four partitions: one for Cay’s computer, one for my boot drive, one for my /Users partition, and one that is on stand-by. So, every time I connect this drive I have to enter four different UUIDs to unlock the encrypted partitions.
Shell scripts to the rescue.
This weekend I spent some time learning to program UNIX shell scripts. I created a shell script to automate the unlocking of the USB drive upon connection. It was really fun investigating solutions for this. In the end I used many tools from the basic programming toolbox:
- variables
- redircts
- pipes
- regular expressions
- arrays
- and some more stuff
It was tons of fun and I learned a lot.
Here’s the code for the nerds out there.
#!/bin/bash
# =================================================================
# Copyright 2014 Eduardo Sanchez
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
# ==================================================================
# This script is used to unlock encrypted hdds in OS X 10.9
# First open Disk Utility.app to see which hdd are available
# 'locked' hdd will appear greyed-out
open -g /Applications/Utilities/Disk\ Utility.app
echo
# collect the UUIDs of all of the attached hdd
clear
echo "These are the attached hard drives:"
tempIFS=$IFS
IFS=$'\n'
diskutil cs list | grep -E "(Logical Volume) [A-F0-9]{8}-[A-F0-9]{4}-[A-F0-9]{4}-[A-F0-9]{4}-[A-F0-9]{12}" | cut -c 28-63 > hdd_UUIDs
uuid=($(cat hdd_UUIDs))
IFS=$tempIFS
echo
# collect the names of the Logical Volumes (disk names)
tempIFS=$IFS
IFS=$'\n'
diskutil cs list | grep "LV Name" | cut -c 36-70 > hdd_LV_Names
dname=($(cat hdd_LV_Names))
IFS=$tempIFS
# present the user with a listing of UUIDs and associated Logical Volume names
echo "0." ${uuid[0]} ${dname[0]}
echo "1." ${uuid[1]} ${dname[1]}
echo "2." ${uuid[2]} ${dname[2]}
echo "3." ${uuid[3]} ${dname[3]}
echo "4." ${uuid[4]} ${dname[4]}
echo
# ask the user which disk to unlock
echo Select the hdd to unlock
echo
echo
# gather the user's choice
read DISK
# DO NOT store the password as a variable!
# Keep passwords in a protected vault such as LastPass, Keypass, or 1Password
open -g /Applications/1Password\ 4.app
# unlock the disk selected by the user
diskutil cs unlockVolume ${uuid[$DISK]} -stdinpass
# User then pastes the password to complete the unlocking of the hdd
# TO DO List
#
# Figure out how to process the UUID and LV Name without creating
# an intermediate file
#
# Incorporate logic that will only present 'Locked' volumes
#
# this will do away with needing the Disk\ Utility.app open
#
# incorporate some crazy Keyboard Maestro kung-foo to auto run this
# script upon attaching an encrypted hdd