I want to encrypt the content of a directory in a container with an ext4 filesystem using cryptsetup. The size of the container should be as small as possible and as big as necessary, because I only want to write once and then backup.
First try: setting the size of the container to the size of the content.
dirsize=$(du -s -B512 "$dir" | cut -f 1)
dd if=/dev/zero of=$container count=$dirsize
losetup /dev/loop0 $container
fdisk /dev/loop0 # 1 Partition with max possible size
cryptsetup luksFormat --key-file $keyFile /dev/loop0
cryptsetup luksOpen --key-file $keyFile /dev/loop0 container
mkfs.ext4 -j /dev/mapper/container
mkdir /mnt/container
mount /dev/mapper/container /mnt/container
rsync -r "$dir" /mnt/container
Rsync returns that there is not enough space for the data. Seems reasonable as there has to be some overhead for the encryption and the file system.
I tried it with a relative offset:
dirsize=$(($dirsize + ($dirsize + 8)/9))
This fixes the problem for dirs with > 100 MB, but not for dirs with < 50 MB.
How can I determine the respective amount of bytes the container has to be bigger than the directory?