#!/usr/bin/bash
#
# Copyright 2014-2024 Senderek Web Security, Ireland. All rights reserved.
#                <https://senderek.ie/opensource/secureboot2>
#
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

#
# Author:       Ralf Senderek <innovation@senderek.ie>
#
# license:      GNU General Public License version 3 or later
# description:  shuts down the encrypted filesystem /secure after reboot is called
# processname:  secureboot2-halt
# config:       started by systemd with /etc/systemd/system/secureboot2-halt.service
# date:         7/5/2024
#


ROOT=/usr/lib/secureboot
BASE=$ROOT
FILE=$ROOT/securefilesystem

NAME=secure
LOOP=$(cat $ROOT/loopdevice)

LOG=$ROOT/log

echo "Waiting for /secure to be removed ..."
date > $LOG

for X in $(/sbin/fuser -m /secure)
do
      kill -9 $X 2>/dev/null
done

echo "trying to unmount /$NAME ..." >> $LOG

/bin/umount -v   /dev/mapper/$NAME  >> $LOG 2>&1
/bin/mount | grep "on /$NAME"  >> $LOG 2>&1

/bin/umount -v   /dev/mapper/$NAME  >> $LOG 2>&1
/bin/mount | grep "on /$NAME"  >> $LOG 2>&1

/bin/umount -v   /dev/mapper/$NAME  >> $LOG 2>&1
/bin/mount | grep "on /$NAME"  >> $LOG 2>&1

/bin/ls -l /dev/mapper/$NAME >> $LOG
echo "removing cryptsetup ... " >> $LOG
cryptsetup close $NAME  >> $LOG 2>&1
echo "removing losetup ... " >> $LOG
/sbin/losetup -d $LOOP >> $LOG 2>&1
/sbin/losetup -a >> $LOG
rm $LOOP 2> /dev/null
echo "DONE." >> $LOG

######################################
