placing an encrypted dm - raid dividing on login

I have a dm - raid1 with a LUKS secured dividing md0 on it and also I would certainly like it to be placed instantly when I login, making use of pam_mount.

Until now I have actually set up the pam_mount.conf.xml as adheres to :

<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
<pam_mount>
  <debug enable="1" />
  <mntoptions allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other" />
  <mntoptions require="nosuid,nodev" />
  <logout wait="0" hup="0" term="0" kill="0" />
  <volume
    user="me"
    path="/dev/mapper/data"
    mountpoint="/mnt/data"
    fstype="crypt"
    cipher="aes-cbc-essiv:sha256"
    fskeypath="/home/data.key"
    fskeycipher="aes-256-cbc"
    fskeyhash="md5" />
  <mkmountpoint enable="1" remove="true" />
</pam_mount>

Further I included @include common-pammount to /etc/pam.d/login and also /etc/pam.d/gdm.

The trouble though, is that/ dev/mapper/data is not in position when it will be placed. Nonetheless, the placing jobs if I do

cryptsetup luksOpen /dev/md0 data
0
2019-12-02 02:50:26
Source Share
Answers: 1

You can attempt making use of PAM script to run the cryptsetup command at session start.

PAM manuscript runs among 3 trainer manuscripts onsessionopen, onsessionclose or onauth (relying on the occasion that it is phoned call to take care of) ; each manuscript is passed the customer name and also the conjuring up solution name. If you call for pam_script in your session prior to pam_mount, you can have onsessionopen do the cryptsetup conjuration.

Information and also instances can be located at : http://linux.bononline.nl/linux/pamscript/01/build.html

0
2019-12-03 04:11:34
Source