cryptonas-archive/v0.2/cbox-tree.d/usr/lib/cryptobox/configure-cryptobox.sh

121 lines
3.5 KiB
Bash
Raw Normal View History

2005-10-05 02:51:03 +02:00
#!/bin/sh
#
# this script is part of the building process of the cryptobox
# the "normal" action is necessary for every cryptobox (development & release)
# the "secure" action is mandatory for every release CD
#
# called by:
# - cbox-build.sh after copying custom files and before creating the iso image
#
set -eu
# parse config file
. /etc/cryptobox/cryptobox.conf
RUNTIMEDIR=/opt/dfsruntime/runtimerd
TUNDEV=$RUNTIMEDIR/dev/net/tun
SECURITY_REMOVE_PACKAGES="ssh strace unzip tar zip wget nvi nano gzip curl bzip2 aptitude tasksel elinks vim vim-common"
DEVEL_REMOVE_PACKAGES="exim4-daemon-light exim4-config exim4-base netkit-inetd telnet ppp pppconfig pppoe pppoeconf"
# remove rc symlinks for these services
SERVICES_OFF="ssh samba setserial nviboot mountnfs ntpdate"
function configure_normal()
# the usual stuff - not optimized for security
{
# set default runlevel to 3
sed -i 's/^id:2:initdefault/id:3:initdefault/' /etc/inittab
######### devices ##########
# create tun device for running under qemu
if [ ! -e "$TUNDEV" ]
then mkdir -p `dirname "$TUNDEV"`
mknod "$TUNDEV" c 10 200
fi
######### thttpd ###########
# change thttpd's config from 'chroot' to 'nochroot' - otherwise no perl script will run
sed -i "s/^chroot$/nochroot/" /etc/thttpd/thttpd.conf
# change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...)
sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf
# the thttpd documentations says "nosymlinkcheck" instead of
# "nosymlink" - TODO: "nosymlink" breaks "/cryptobox" URL!!!
#sed -i "/symlink/d" /etc/thttpd/thttpd.conf
#echo "nosymlink" >>/etc/thttpd/thttpd.conf
########## sshd ############
if [ -e "/etc/ssh" ]; then
# allow empty passwords for ssh
# the daemon is NOT started automatically, so you have to start it
# manually in case of need - as the root pw is empty and passwd is ro, you
# have to allow empty passwords for this rare case
sed -i 's/^PermitEmptyPass.*$/PermitEmptyPasswords yes/' /etc/ssh/sshd_config
# turn off PAM for ssh, as it prevents the use of empty passwords (stange behaviour)
sed -i 's/^UsePAM.*$/UsePAM no/' /etc/ssh/sshd_config
# allow nput of password
sed -i 's/^PasswordAuthentication.*$/PasswordAuthentication yes/' /etc/ssh/sshd_config
fi
# remove unnecessary packages - return true, if no packages were
# removed
dpkg --force-all -P $DEVEL_REMOVE_PACKAGES 2>&1 | grep -v "which isn't installed." || true
# remove symlinks for unwanted services
for a in $SERVICES_OFF; do
# echo "Turning off service $a ..."
find /etc/rc?.d/ -type l -name "[SK][0-9][0-9]$a" | while read b
do rm "$b"
done
done
# remove deb-files, that were left by dfsbuild
test -d /opt/packages && rm -r /opt/packages
return 0
}
function configure_secure()
# remove everything that could weaken security
# configure_normal should be called too!
{
# disable keyboard login
sed -i '/getty/d' /etc/inittab
# remove unnecessary packages
dpkg --force-all -P $SECURITY_REMOVE_PACKAGES 2>&1 | grep -v "which isn't installed." || true
# remove the development features script
[ -e "$DEV_FEATURES_SCRIPT" ] && rm -f "$DEV_FEATURES_SCRIPT"
# maybe an authorized_keys file was created - but it is not dangerous,
# as the openssh package was removed anyway
[ -d /root/.ssh ] && rm -rf /root/.ssh
return 0
}
################ main ####################
ACTION=help
[ $# -gt 0 ] && ACTION=$1
case "$ACTION" in
normal )
configure_normal
;;
secure )
configure_secure
;;
* )
echo "Syntax: `basename $0` { normal | secure }"
echo
;;
esac