加密挂载脚本
#!/bin/bash
if [ -d "/data" ];then
exit 0
fi
PASSWORD=Abcd1234
_disk=/dev/vdb
pvcreate ${_disk}
vgcreate datavg ${_disk}
lvcreate -n datalv -l 100%FREE datavg
echo "${PASSWORD}" | cryptsetup luksFormat /dev/datavg/datalv
echo "${PASSWORD}" | cryptsetup luksOpen /dev/datavg/datalv datalv
mkfs.xfs /dev/mapper/datalv
mkdir /data/
mount /dev/mapper/datalv /data
重启加密挂载步骤:
1. 控制台进入服务器,在/etc/fstab 去掉加密挂载
vim /etc/fstab
#/dev/mapper/datalv /data xfs defaults 0 0
2. 重启服务器,
reboot
3. 找到之前加密的磁盘,解密成指定目录
cryptsetup open /dev/datavg/datalv datalv
4. 挂载
mount /dev/mapper/datalv /data