new release is tagged

v0.3/debian/README.Debian

@@ -0,0 +1,32 @@
+CryptoBox for Debian - installation notes
+
+The main configuration file of the CryptoBox webserver is:
+	/etc/cryptobox-server/cryptobox.conf
+All settings named [Foo]->Bar are defined in this file.
+
+1) Configure startup and network settings in /etc/default/cryptobox-server.
+Set 'NO_START' to "0" if the CryptoBox should start at every bootup.
+Set the port on which the cryptobox-server should listen.
+
+2) Define [Main]->AllowedDevices according to the devices that you want to
+publish via the cryptobox webinterface. Be careful: the data on these drives
+can be overwritten by front-end users!
+
+3) Choose a list of plugins to disable in [Main]->DisabledPlugins.
+
+4) Use the username 'admin' and the password 'admin' to access protected
+parts of the CryptoBox. Please change the password soon in the 'user_manager'.
+You can use the 'plugin_manager' to define which parts of the CryptoBox should
+be restricted to administrative access.
+
+5) Read /usr/share/doc/cryptobox-server/event-scripts/README for information
+about event handlers. They can be used to integrate fileservers (samba,
+apache2-dav, nfs, ...) into the CryptoBox. Detailed information about
+integration with samba and apach2-dav can be found in README.samba and
+README.davfs.
+
+6) A line was automatically added to /etc/super.tab.
+This is necessary to gain root privileges for certain actions.
+Please inspect /usr/sbin/CryptoBoxRootActions carefully to make sure, that your
+system can not get compromised by this.
+

v0.3/debian/changelog

@@ -0,0 +1,79 @@
+cryptobox (0.3.0-1) unstable; urgency=low
+
+  * first release of the CryptoBox as a seperate package
+
+ -- Lars Kruse <devel@sumpfralle.de>  Fri, 15 Dec 2006 14:37:07 +0100
+
+cryptobox (0.2.59-1) unstable; urgency=low
+
+  * remove leading white lines to improve standard complicance of html
+
+ -- Lars Kruse <devel@sumpfralle.de>  Thu, 14 Dec 2006 14:19:12 +0100
+
+cryptobox (0.2.58-1) unstable; urgency=low
+
+  * fixed small layout bug
+
+ -- Lars Kruse <devel@sumpfralle.de>  Thu, 14 Dec 2006 01:57:05 +0100
+
+cryptobox (0.2.57-1) unstable; urgency=low
+
+  * added some documentation
+  * fixed ssl issue
+  * turn on some ownership checks of CryptoBoxRootActions
+
+ -- Lars Kruse <devel@sumpfralle.de>  Thu, 14 Dec 2006 00:36:26 +0100
+
+cryptobox (0.2.56-1) unstable; urgency=low
+
+  * added inline help texts
+  * fixed 'encryption status' in 'volume_details'
+  * improved rendering of 'volume_properties' and 'user_manager'
+  * chmod mount directory to 0777 - this should avoid permission problems
+  * 
+
+ -- Lars Kruse <devel@sumpfralle.de>  Wed, 13 Dec 2006 02:14:35 +0100
+
+cryptobox (0.2.55-1) unstable; urgency=low
+
+  * more unittests
+  * new help system
+
+ -- Lars Kruse <devel@sumpfralle.de>  Tue, 12 Dec 2006 04:47:47 +0100
+
+cryptobox (0.2.54-1) unstable; urgency=low
+
+  * log plugin improved
+  * samba plugin fixed
+  * syslog support added
+  * improved output of 'logs' plugin
+  * finished 'volume_automount' plugin
+
+ -- Lars Kruse <devel@sumpfralle.de>  Mon, 11 Dec 2006 11:52:38 +0100
+
+cryptobox (0.2.53-1) unstable; urgency=low
+
+  * constant screen width
+  * improved documentation
+  * improved event scripts
+  * changed default setting of 'UseConfigPartition'
+
+ -- Lars Kruse <devel@sumpfralle.de>  Thu,  7 Dec 2006 05:10:43 +0100
+
+cryptobox (0.2.52-1) unstable; urgency=low
+
+  * format partitions in background
+  * mark busy partitions
+
+ -- Lars Kruse <devel@sumpfralle.de>  Wed,  6 Dec 2006 14:57:43 +0100
+
+cryptobox (0.2.51-1) unstable; urgency=low
+
+  * favicon included
+  * first pre-official test release
+
+ -- Lars Kruse <devel@sumpfralle.de>  Thu, 05 December 2006 19:51:24 +0100
+
+cryptobox (0.2.50-1) unstable; urgency=low
+  * Initial release
+ -- Lars Kruse <devel@sumpfralle.de>  Wed, 30 November 2006 20:26:47 +0100

v0.3/debian/compat

@@ -0,0 +1 @@
+5

v0.3/debian/control

@@ -0,0 +1,21 @@
+Source: cryptobox
+Section: admin
+Priority: extra
+Maintainer: Lars Kruse <devel@sumpfralle.de>
+Build-Depends: debhelper (>= 5.0.38), dpatch, python-all-dev (>= 2.4), python-central (>= 0.5.6), gettext
+XS-Python-Version: >= 2.4
+Standards-Version: 3.7.2
+
+Package: cryptobox-server
+Architecture: any
+Depends: ${python:Depends}, cryptsetup (>=20050111), e2fsprogs (>= 1.27), adduser, python (>=2.4), python-clearsilver, super, dosfstools, python-cherrypy, python-configobj
+Suggests: samba, apache2, stunnel
+Replaces: cryptobox
+XB-Python-Version: ${python:Versions}
+Description: Web interface for an encrypting fileserver
+ This web interface allows you to manage encrypted and plaintext
+ disks.
+ This package is especially useful for non-desktop systems.
+ Even non-technical users are able to encrypt their private data with
+ the CryptoBox.
+

v0.3/debian/copyright

@@ -0,0 +1,27 @@
+This package was debianized by Lars Kruse <devel@sumpfralle.de> on
+Wed, May 10 21:23:16 CEST 2006
+
+It was downloaded from http://cryptobox.org/
+
+Upstream Authors:
+	sense.lab development <devel@systemausfall.org>
+
+Copyright:
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the
+    Free Software Foundation, Inc.,
+    51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+On Debian GNU/Linux systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL'.
+

v0.3/debian/cryptobox-server.default

@@ -0,0 +1,21 @@
+# boot configuration file for the CryptoBox
+#
+# the default state of the cryptobox is disabled
+
+# set to "0" to enable the startup of the cryptobox - otherwise "1"
+NO_START=1
+
+# the user that should execute the cryptobox
+RUNAS=cryptobox
+
+# listening port
+# for now please use a port above 1024
+PORT=8080
+
+# some more server options (rarely necessary)
+#SERVER_OPTS="--host localhost --datadir=/usr/share/cryptobox-server/html"
+
+# if the CryptoBox keeps complaining about a non-encrypted connection, then
+# you can override this warning by uncommenting the following line:
+#export HTTPS=1
+

v0.3/debian/cryptobox-server.dirs

@@ -0,0 +1,4 @@
+usr/sbin
+usr/share/cryptobox-server
+var/log/cryptobox-server
+var/run/cryptobox-server

v0.3/debian/cryptobox-server.docs

@@ -0,0 +1,9 @@
+README
+README.samba
+README.davfs
+README.ssl
+README.proxy
+copyright
+changelog
+doc/html
+event-scripts

v0.3/debian/cryptobox-server.examples

@@ -0,0 +1 @@
+conf-examples

v0.3/debian/cryptobox-server.init

@@ -0,0 +1,107 @@
+#!/bin/sh
+# 
+# runlevel script of the cryptobox package
+#
+# Copyright (c) 02006, senselab
+#
+# see LICENSE file in this package for details
+#
+
+### BEGIN INIT INFO
+# Provides:          cryptobox-server
+# Required-Start:    $network $local_fs $remote_fs
+# Required-Stop:     $network $local_fs $remote_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: start CryptoBox webserver
+### END INIT INFO
+
+# read the default setting file, if it exists
+[ -r /etc/default/cryptobox-server ] && source /etc/default/cryptobox-server
+
+# set default values (if not defined in /etc/default/cryptobox-server)
+NO_START=${NO_START:-0}
+RUNAS=${RUNAS:-cryptobox}
+PORT=${PORT:-8080}
+HOST=${HOST:-}
+LOGFILE=/var/log/cryptobox-server/webserver.log
+SERVER_OPTS=${SERVER_OPTS:-}
+CONF_FILE=/etc/cryptobox-server/cryptobox.conf
+
+# quit if NO_START is 1 (see /etc/default/cryptobox-server)
+[ "$NO_START" = "1" ] && exit 0
+
+DAEMON=/usr/sbin/CryptoBoxWebserver
+PYTHON_EXEC=/usr/bin/python
+PIDFILE=/var/run/cryptobox-server/webserver.pid
+DESC="CryptoBox Daemon (webinterface)"
+OPTIONS="-B --pidfile=$PIDFILE --config=$CONF_FILE --logfile=$LOGFILE --host=$HOST --port=$PORT $SERVER_OPTS"
+
+# check if the package is installed
+test -e "$DAEMON" || exit 0
+
+# include some useful functions to unify our output format
+. /lib/lsb/init-functions
+
+case "$1" in
+	start )
+		# create the directory of the pid file if necessary
+		PIDDIR=$(dirname "$PIDFILE")
+		if [ -d "$PIDDIR" ]
+		  then	mkdir -p "$PIDDIR"
+		  	chown $RUNAS:root "$PIDDIR"
+			chmod 755 "$PIDDIR"
+		 fi
+		log_daemon_msg "Starting $DESC"
+		if start-stop-daemon \
+			--chuid $RUNAS: --quiet --start \
+			--user $RUNAS --pidfile "$PIDFILE" \
+			--startas "$PYTHON_EXEC" -- "$DAEMON" $OPTIONS
+		  then	log_end_msg 0
+		  else	log_end_msg 1
+		 fi
+		;;
+	stop )
+		log_daemon_msg "Stopping cryptobox webserver" "$DESC"
+		# if there is no pid file for some reason, then we try to find the process
+		if test ! -e "$PIDFILE"
+		  then	if start-stop-daemon --quiet --stop --user "$RUNAS" --exec "$PYTHON_EXEC"
+			  then	log_end_msg 0
+			  else	log_end_msg 1
+			 fi
+		# there is a pid file - great!
+		elif	start-stop-daemon --quiet --stop \
+				--pidfile "$PIDFILE" \
+				--user "$RUNAS"
+		  then	test -e "$PIDFILE" && rm "$PIDFILE"
+		  	log_end_msg 0
+		  else	log_end_msg 1
+		 fi
+		;;
+	reload | force-reload | restart )
+		"$0" stop 
+		sleep 1
+		"$0" start
+		;;
+	status )
+			echo -n "$DESC "
+			if start-stop-daemon --stop --signal 0 --quiet \
+					--pidfile "$PIDFILE" --user "$RUNAS"
+			  then	echo "running"
+			  	exit 0
+			  else	if [ -e "$PIDFILE" ]
+			  	  then	echo "failed"
+				  	exit 1
+				  else	echo "not running"
+				    exit 0
+				 fi
+			 fi
+		;;
+	* )
+		echo "Usage: $0 {start|stop|restart|force-reload|status}" >&2
+		exit 1
+		;;
+ esac
+
+exit 0
+

v0.3/debian/cryptobox-server.lintian

@@ -0,0 +1 @@
+cryptobox-server: package-has-a-duplicate-relation

v0.3/debian/cryptobox-server.logrotate

@@ -0,0 +1,6 @@
+/var/log/cryptobox-server/cryptobox.log /var/log/cryptobox-server/webserver.log {
+	rotate 2
+	size 100k
+	copytruncate
+	nocompress
+}

v0.3/debian/cryptobox-server.manpages

@@ -0,0 +1,2 @@
+man/CryptoBoxWebserver.8
+man/CryptoBoxRootActions.8

v0.3/debian/cryptobox-server.postinst

@@ -0,0 +1,78 @@
+#!/bin/sh
+
+set -u
+
+# check the current cryptobox user - maybe it was changed manually
+test -r /etc/default/cryptobox-server && . /etc/default/cryptobox-server
+
+# RUNAS was probably imported from /etc/default/cryptobox-server - otherwise use the default
+CRYPTOBOX_USER=${RUNAS:-cryptobox}
+LOG_FILE=/var/log/cryptobox-server/cryptobox.log
+WEBLOG_FILE=/var/log/cryptobox-server/webserver.log
+PID_DIR=/var/run/cryptobox-server
+USER_HOME=/var/cache/cryptobox-server
+SUPER_FILE=/etc/super.tab
+ADDITIONAL_GROUP=disk
+
+
+create_user_home()
+{
+	# if the user already exists -> do nothing
+	getent passwd "$CRYPTOBOX_USER" 2>/dev/null >/dev/null && return 0
+	# create cryptobox user
+	echo "Creating new user '$CRYPTOBOX_USER' ..."
+	adduser --system --group --home "$USER_HOME" "$CRYPTOBOX_USER"
+	adduser "$CRYPTOBOX_USER" "$ADDITIONAL_GROUP"
+	mkdir -p "$USER_HOME/mnt"
+	mkdir -p "$USER_HOME/settings"
+	chown -R ${CRYPTOBOX_USER}: "$USER_HOME"
+	# only members of the cryptobox group may access the user directory
+	chmod 755 "$USER_HOME"
+}
+
+create_add_super_permission()
+{
+	## this will add some lines to the configuration file of 'super'
+	## do nothing, if there is already a CryptoBox line
+	grep -q "CRYPTOBOX_MARKER" "$SUPER_FILE" && return 0
+	echo >>"$SUPER_FILE" "## CRYPTOBOX_MARKER - please do not remove!"
+	echo >>"$SUPER_FILE" "CryptoBoxRootActions	/usr/sbin/CryptoBoxRootActions	$CRYPTOBOX_USER"
+}
+
+create_dirs_and_files()
+{
+	# pid file
+	test ! -e "$PID_DIR" && mkdir -p "$PID_DIR"
+	chown "$CRYPTOBOX_USER" "$PID_DIR"
+	# create config directories with appropriate permissions
+	test ! -e "$LOG_FILE" && mkdir -p "$(dirname $LOG_FILE)" && touch "$LOG_FILE"
+	chown "$CRYPTOBOX_USER" "$LOG_FILE"
+	test ! -e "$WEBLOG_FILE" && mkdir -p "$(dirname $WEBLOG_FILE)" && touch "$WEBLOG_FILE"
+	chown "$CRYPTOBOX_USER" "$WEBLOG_FILE"
+}
+
+
+#################### main ######################
+
+case "$1" in
+	reconfigure|configure)
+		create_user_home
+		create_dirs_and_files
+		create_add_super_permission
+		# continue at the end
+		;;
+	abort-upgrade|abort-remove|abort-deconfigure)
+		# nothing to be done
+		exit 0
+		;;
+	*)
+		echo "postinst called with unknown argument \`$1'" >&2
+		exit 0
+		;;
+  esac
+
+
+#DEBHELPER#
+
+exit 0
+

v0.3/debian/cryptobox-server.postrm

@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -u
+
+CRYPTOBOX_USER=cryptobox
+LOG_FILE=/var/log/cryptobox-server/cryptobox.log
+WEBLOG_FILE=/var/log/cryptobox-server/webserver.log
+PID_DIR=/var/run/cryptobox-server
+SUPER_FILE=/etc/super.tab
+MNT_DIR=/var/cache/cryptobox-server/mnt
+SETTINGS_DIR=/var/cache/cryptobox-server/settings
+
+remove_super_lines()
+{
+	## do nothing, if there is no CryptoBox line
+	grep -q "CRYPTOBOX_MARKER" "$SUPER_FILE" || return 0
+	sed -i /CRYPTOBOX_MARKER/d "$SUPER_FILE"
+	sed -i /^CryptoBoxRootActions/d "$SUPER_FILE"
+}
+
+
+umount_all()
+{
+	test -d "$SETTINGS_DIR" && mountpoint -q "$SETTINGS_DIR" && umount "$SETTINGS_DIR"
+	test -d "$MNT_DIR" && ls "$MNT_DIR" | while read dir
+	  do	if test -d "$MNT_DIR/$dir"
+	  		  then	mountpoint -q "$MNT_DIR/$dir" && umount "$MNT_DIR/$dir"
+			 		rm -r "$MNT_DIR/$dir"
+			 fi
+	 done
+}
+
+
+remove_stuff()
+{
+	test -e "$LOG_FILE" && rm "$LOG_FILE"
+	test -e "$WEBLOG_FILE" && rm "$WEBLOG_FILE"
+	test -e "$PID_DIR" && rm -r "$PID_DIR"
+	test -e "$SETTINGS_DIR" && rm -r "$SETTINGS_DIR"
+}
+
+
+################## main ###################
+
+# umount everything that is still active
+umount_all
+
+# remove the user
+if test "$1" = "purge" && getent passwd "$CRYPTOBOX_USER" 2>/dev/null >/dev/null \
+	&& test "$(getent passwd $CRYPTOBOX_USER | cut -d : -f 6)" = /var/cache/cryptobox-server
+  then	echo "Removing user 'cryptobox' ..."
+	userdel -r "$CRYPTOBOX_USER"
+ fi
+
+# always remove the lines from the 'super' configuration file
+remove_super_lines
+
+# remove obsolete files
+test "$1" = "purge" && remove_stuff
+
+#DEBHELPER#
+
+# return without error
+true

v0.3/debian/cryptobox-server.preinst

@@ -0,0 +1,4 @@
+#!/bin/sh
+
+#DEBHELPER#
+

v0.3/debian/cryptobox-server.prerm

@@ -0,0 +1,4 @@
+#!/bin/sh
+
+#DEBHELPER#
+

v0.3/debian/pycompat

@@ -0,0 +1 @@
+2

v0.3/debian/rules

@@ -0,0 +1,99 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# This file was originally written by Joey Hess and Craig Small.
+# As a special exception, when this file is copied by dh-make into a
+# dh-make output file, you may use that output file without restriction.
+# This special exception was added by Craig Small in version 0.37 of dh-make.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+# necessary for dpatch
+.NOTPARALLEL:
+
+DEB_BUILD_DIR=$(CURDIR)/debian/cryptobox-server
+CB_PYDIR=$(DEB_BUILD_DIR)/usr/lib/python$(shell pyversions -vr)/site-packages/cryptobox
+
+
+build: build-stamp
+
+build-stamp:
+	dh_testdir
+	python setup.py build
+	touch build-stamp
+
+clean: clean-patched unpatch
+
+clean-patched:
+	dh_testdir
+	dh_testroot
+	python setup.py clean
+	rm -f build-stamp
+	rm -rf build
+	find -type f -name '*.mo' -print0 | xargs -0 rm -f
+	find -type f -name '*.py[co]' -print0 | xargs -0 rm -f
+	rm -f MANIFEST
+	dh_clean 
+
+patch: patch-stamp
+patch-stamp:
+	dpatch apply-all
+	touch patch-stamp
+
+unpatch:
+	dpatch deapply-all
+	rm -rf patch-stamp debian/patched
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k 
+	dh_installdirs
+	python setup.py install --root=$(DEB_BUILD_DIR)
+	# compile language files
+	find $(DEB_BUILD_DIR) -type f -name \*.po | while read pofile; \
+		do	msgfmt -o "$${pofile%.po}.mo" "$$pofile"; rm "$$pofile"; done
+	# the cryptobox is a webserver - it should be installed in /usr/sbin
+	mv $(DEB_BUILD_DIR)/usr/bin/CryptoBoxWebserver $(DEB_BUILD_DIR)/usr/sbin/
+	mv $(DEB_BUILD_DIR)/usr/bin/CryptoBoxRootActions $(DEB_BUILD_DIR)/usr/sbin/
+	# remove tests
+	rm -r $(CB_PYDIR)/tests
+	# remove duplicate documentation files
+	rm -r $(CB_PYDIR)/doc
+	# move shared files
+	mv $(CB_PYDIR)/share/* $(DEB_BUILD_DIR)/usr/share/cryptobox-server/
+	rmdir $(CB_PYDIR)/share
+	# install lintian override file: for multiple dependency caused by {python:Depends}
+	install -D -m 644 debian/cryptobox-server.lintian \
+		$(DEB_BUILD_DIR)/usr/share/lintian/overrides/cryptobox-server
+	
+
+# Build architecture-independent files here.
+binary-indep: build install
+
+# Build architecture-dependent files here.
+binary-arch: build install
+	dh_testdir
+	dh_testroot
+	dh_installchangelogs 
+	dh_installdocs
+	dh_installexamples
+	dh_installlogrotate
+	dh_installdirs
+	dh_installman
+	dh_install
+	dh_pycentral
+	@# pycentral must be called before installinit - otherwise the DEBHELPER part
+	@# in the postinst script is filled in the wrong order - this causes a failing
+	@# shutdown after removal, as the "pycentral pkgremove" call stops the daemon before
+	dh_installinit
+	dh_compress
+	dh_fixperms
+	dh_installdeb
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install clean-patched patch patch-stamp unpatch