Created tag for Live CD/Live USB release v0.3.5 build config

master
frisco 13 years ago
parent 783824bad9
commit bd96dede76

@ -0,0 +1,35 @@
/* Debian language css file for english - en */
/* please do not touch for now! - Jutta Wrage 2005 */
html[lang|=en] #serverselect {
width: 13em;
}
html[lang|=en] #maincol {
margin-left: 10em;
}
html[lang|=en] #leftcol ul.cdmenu {
width: 10em;
}
q { font-style: italic; }
/* quotes */
html[lang|=en] q:before { content: "\201C"; }
html[lang|=en] q:after { content: "\201D"; }
html[lang|=en] q q:before { content: "\2018"; }
html[lang|=en] q q:after { content: "\2019"; }
/* html[lang|=en] blockquote p:first-child:before { content: "\201C"; }
html[lang|=en] blockquote p.notlast:after { content: ""; }
html[lang|=en] blockquote p:after { content: "\201D"; }
html[lang|=en] blockquote.question p:before { content: ""; }
html[lang|=en] blockquote.question p:after, blockquote.documentquote p:after{ content: ""; }
html[lang|=en] blockquote { font-style: italic; }
*/
/*
html[lang=en] .en2 q:before { content: "\2018"; }
html[lang=en] .en2 q:after { content: "\2019"; }
html[lang=en] .en2 q q:before { content: "\201C"; }
html[lang=en] .en2 q q:after { content: "\201D"; }
*/

@ -0,0 +1,703 @@
/* css file for debian web site - Jutta Wrage 2004 */
/* please see README_CSS.txt for more information */
html, body {
color: #000000;
background-color: #FFFFFF;
margin: 0 4px 0 4px;
padding: 0;
text-align: left;
}
img { border: 0; }
h1 { text-align: center; }
acronym {
border-bottom: 1px dotted #000000;
}
hr.hidecss {
border: 0;
}
hr {
border-bottom: 0;
border-top: 1px solid #BFC3DC;
}
samp {
display: block;
margin-left: 2em;
}
div.sampleblock {
width: 80%;
margin: auto;
font-family:courier, serif;
font-size: 90%;
}
.centerblock {
width: 90%;
margin-left: auto;
margin-right: auto;
}
div.quoteblock {
width: 75%;
margin: auto;
font-size: 90%;
text-align: justify;
}
.quoteblock div.preimg {
float: left;
margin-top: 0.2em;
}
.quoteblock cite {
display: block;
text-align: right;
}
blockquote.question {
font-style: italic;
}
blockquote.question p span {
font-style: normal;
width: 10%;
}
#pagewidth {
width: 100%;
text-align: left;
}
/* now the header*/
#header {
margin-left: -3px;
width: 100%;
height: auto;
}
/* upper nested header box*/
#upperheader {
width: 100%;
margin-top: 11px;
height: auto;
background: #FFFFFF;
}
#logo {
float: left;
margin-left: 6px;
background: #FFFFFF;
}
#serverselect {
float: right;
display: block;
padding-top: 1px;
margin-right: 6px;
margin-left: auto;
text-align: right;
top: 0;
right: 0;
}
#serverselect p {
color: #990000;
font-size: 0.8em;
font-weight: normal;
}
#serverselect p select {
font-size: 88%;
}
#serverselect p input {
font-size: 88%;
}
.centerlogo {
margin-left: 260px;
margin-right: auto;
width: 125px;
text-align: center;
vertical-align: bottom;
}
#cdlogo {
}
#hpacketsearch {
display: block;
padding-top: 1px;
padding-left: 5px;
margin-right: 0.2em;
margin-left: auto;
text-align: left;
width: 25em;
top: 0em;
right: 0em;
}
#hpacketsearch p small {
color: #990000;
font-size: 0.8em;
font-weight: normal;
}
#hpacketsearch p select {
font-size: 88%;
}
#hpacketsearch p input {
font-size: 88%;
}
#navbar {
/* margin-top: 1em; */
clear: both;
padding-left: 0px;
/* margin-top: 5px; */
padding-top: 6px;
padding-bottom: 4px;
width: 100%;
height: auto;
text-align: center;
background: #BF1238;
}
#navbar ul {
display: inline;
list-style-type: none;
padding-left: 0px;
line-height: 1.5em;
}
#navbar ul li {
display: inline;
margin: 0;
white-space: nowrap;
}
#navbar a {
color: #FFFFFF;
text-decoration: none;
padding: 0.2em 0.4em 0.2em 0.4em;
background-color: #000084;
border: 1px solid #000084;
font-family: Arial, Helvetica, sans-serif;
font-weight: bold;
font-size: 0.9em;
}
#navbar a:hover {
background: #0000CC;
}
#navbar .hidecss, .hidecss {
display: none;
}
/* the rest of page out of two nested boxes around */
#outer {
background-color: #FFFFFF;
width: auto;
/* border:solid white 2px; */
}
#inner {
margin: -2px;
margin-top: 0;
width: 100%;
background: #FFFFFF;
/* overflow: auto; */
}
#leftcol {
float: left;
margin: 0em 0.4em 0 0;
padding-left: 0;
padding-bottom: 1em;
width: auto;
background: #BBDDFF;
font-size: 0.9em;
font-family: Arial, Helvetica, sans-serif;
border: 1px solid #BBDDFF;
/* overflow: auto; */
}
#leftcol a:link, #leftcol a:visited {
display: block;
}
#leftcol a:hover {
background-color: #DDEEFF;
/* background-color: #FFFFFF; */
}
#leftcol ul {
margin: 2px;
padding: 0;
list-style-type: none;
font-weight: bold;
}
#leftcol ul.votemenu {
width: 11em;
}
#leftcol ul.cdmenu {
width: 12em;
}
#leftcol ul.votemenu ul li, #leftcol ul.cdmenu ul li {
padding-bottom: 0.4em;
}
#leftcol li ul {
display: inline;
}
#leftcol ul li {
padding: 0.2em 0;
}
#leftcol ul ul {
font-size: 0.9em;
margin: 0;
}
#leftcol ul li a {
line-height: 1.2em;
padding-right: 0.5em;
/* padding: 0.2em 0 0.3em 0em; */
}
#leftcol ul ul li a {
font-weight: normal;
padding: 0.1em 0.5em;
line-height: 1.1em;
}
#leftcol ul ul li {
padding-top: 0;
}
#leftcol p {
margin-left: 2px;
margin-right: 2px;
}
#leftcol p a {
display: block;
margin: 0;
}
#leftcol p img {
margin-left: 1em;
}
#leftcol .menuselected {
color: #BF1238;
}
#leftcol ul ul .menuselected {
text-indent: 0.5em;
}
#maincol {
background: #FFFFFF;
margin-left: 12em;
margin-right: 0.5em;
margin-bottom: 1em;
}
#lefthalfcol {
float: left;
margin-left: 0em;
width: 49%;
}
#lefthalfcol h4, #lefthalfcol h3 , #righthalfcol h4, #righthalfcol h3 {
margin: 0em;
}
#lefthalfcol dl {
margin-top: 0em;
}
#righthalfcol {
margin-left: 50%;
width: 49%;
}
#righthalfcol dl {
margin-right: 0.2em;
}
#footer {
clear: both;
width: 100%;
padding-top: 3px;
bottom: 0;
text-align: center;
margin: 0px;
}
#fineprint {
margin-top: 0.2em;
padding-top: 3px;
text-align: center;
font-size: 0.85em;
}
#outer>#inner { border-bottom: 1px solid #BFC3DC; }
.bordertop { border-top: 1px solid #BFC3DC; }
dl.gloss dt {
font-weight: bold;
}
#footer ul {
display: inline;
list-style-type: none;
}
#footer ul li {
display: inline;
}
#footer ul li a, table.y2k td {
white-space: nowrap;
}
#footer p {
margin: 0px;
}
#main {
background: #bbddff;
padding: 1em 0; /* have some padding to get rid of collapsed margins */
}
/* classes for cards */
.cardleft {
margin: 0 0 1em;
float: left;
width: 49%;
}
.cardright {
margin-left: 50%
/*margin: 0 1% 2em 50%; */
}
.card {
clear: left;
margin: 0 0 1em;
}
.cardleft h2, .cardright h2, .card h2 {
font-size: 120%;
background: #000000;
color: #FFD400;
display: inline;
padding: 0.2em 0.4em;
margin: 0 10px;
font-family: Arial, Helvetica, sans-serif;
letter-spacing: 0.2em;
}
.cardleft dl dd, .cardright dl dd , .card dl dd {
padding-bottom: 0.5em;
}
.cardleft div, .cardright div, .card div {
border: 2px solid #000000;
background: #FFFFFF;
padding: 0.5em;
margin: 2px 10px;
/* the next two lines xpand the div to heigth of left inner div */
overflow: auto;
}
div.lefthalf {
float: left;
width: 49%;
border: 0;
margin: 0;
padding: 0;
}
div.righthalf {
border: 0;
margin: 0;
padding: 0;
}
/* classes and div names for package pages */
#pdesc, #pdeps, #pdownload, #pmoreinfo {
margin-left: 1em;
margin-right: 1em;
}
#pdesc p {
text-align: justify;
}
.pdescshort {
text-align: left;
font-size: large;
font-weight: bold;
}
#pdeps table tr td {
font-size: 0.9em;
}
#pdeps ul {
list-style-type: none;
padding-left: 2em;
}
#pdeps li {
text-indent: -2em;
}
#pdeps ul.uldep, #pdeps ul.uladep {
list-style-type: disc;
list-style-image: url(http://packages.debian.org/Pics/dep.gif);
}
#pdeps ul.ulrec, #pdeps ul.ulidep {
list-style-type: disc;
list-style-image: url(http://packages.debian.org/Pics/rec.gif);
}
#pdeps ul.ulsug {
list-style-type: disc;
list-style-image: url(http://packages.debian.org/Pics/sug.gif);
}
#pdeps ul.uldep li, #pdeps ul.ulrec li, #pdeps ul.ulsug li, #pdeps ul.uladep li, #pdeps ul.ulidep li {
padding-left: 2em;
}
#pdeps dl {
margin: 0;
}
#pdownload p, #pdownload form, #pdownload submit {
display: inline;
}
#pdownload td {
font-size: 0.85em;
text-align: center;
}
#pmoreinfo p {
font-size: 0.85em;
}
/* colors for packages, warnings and news in ports */
.pred, .warning, dt.new, .no {
color: red; /* FF0000 */
}
.psmallcenter, .psmalltrademark {
clear: both;
font-size: 0.85em;
text-align: center;
}
.psmalltrademark {
color: green;
}
#pdownload table, table.ridgetable, table.reltable {
border-width: 4px;
border-color: gray;
margin: 0 1em 1em 1em;
border-style: ridge;
border-collapse: collapse;
}
table.vote {
margin: 0 auto;
border-width: 3px;
border-color: gray;
border-style: ridge;
border-collapse: collapse;
}
#pdownload th, #pdownload td, table.ridgetable th, table.ridgetable td,
table.reltable td, table.reltable th {
border: 2px gray;
border-style: ridge;
padding: 0.1em;
}
table.reltable th {
background-color: #44CCCC;
}
table.vote th {
border: 1px solid gray;
background-color: #DDDDDD;
}
table.vote td {
border: 1px solid gray;
padding: 4px;
}
table.reltable tr.odd {
background-color: #FFFFFF;
}
table.reltable tr.even {
background-color: #DDDDDD;
}
table.stattrans {
margin: 0 auto;
width: 95%;
border: 1px solid black;
background-color: #cdc9c9;
}
table.stattrans th {
text-align: center;
padding: 2px;
}
table.stattrans td {
text-align: right;
padding: 2px;
}
table.stattrans tbody th {
text-align: left;
font-weight: normal;
}
table.volatile {
border-collapse: collapse;
}
.volatile th, .volatile td {
text-align: left;
border: 1px solid black;
padding: 0.2em;
}
.volatile thead {
background-color: silver;
color: #000000;
}
table.volatile tr.country {
color: #ffffff;
background-color: #df0451;
}
/* partners */
.partnertype {
background-color: #DD0000;
padding: 0.2em 0 0.2em 1em;
color: #FFFFFF;
}
div.partnerlogo {
display: table-cell;
vertical-align: middle;
text-align: center;
width: 30%;
}
div.partnerdesc {
display: table-cell;
font-size: 85%;
}
div.cdflash {
background-color: #E09E86;
width: 80%;
margin: auto;
text-align: center;
}
.cdrsync {
color: #6B1300;
}
/* debian installer */
.dierror {
background-color: #FF6060;
}
.dibad {
background-color: #F7FF60;
}
.digood {
background-color: #7AFF71;
}
/* useful classes */
th.eventheader {
background-color: #BBDDFF;
}
.center {
text-align: center;
}
.right {
text-align: right;
}
ul.circlelist {
list-style-type: circle;
}
.centerdiv table {
margin-left: auto;
margin-right: auto;
}
ul.discless {
list-style-type: none;
}
.top, img.ico {
vertical-align: top;
}
img.ico {
float: left;
margin: 0 0.2em 0 0;
}
img.rightico {
float: right;
vertical-align: top;
margin: 0 0 0 0.2em;
}
img.cve {
vertical-align: -25px;
}
.y2kok, .yes {
color: #00BB00;
}
.y2kok2 {
color: #00BBBB;
}
.bluehead {
color: #0000FF !important;
}
span.halfsize {
font-size: 80%;
}
span.ddpbooktitle, span.merchtitle {
font-size: larger;
}
a:link { color: #0000FF; }
a:visited { color: #800080; }
a:hover { color: #F000FF; }
a:active { color: #FF0000; }
.navpara a, col.y2k {
white-space: nowrap;
/* this is to keep from breaking at whitespace in anchors */
}
.underline { text-decoration: underline; }
.clr { clear:both; }
/*.content{padding:5px;} */ /*padding for content */
/* #header .content{padding-bottom:0;} */ /*padding bottom 0 to remove space in IE5 Mac*/
/* for l10n-arabic */
.bidi {
direction: rtl;
text-align: right;
}
#leftcol, #navbar, #navbar a {
-moz-border-radius: 15px;
/* this goes to the end as the css validator does not like it
will be replaced by border-radius with css3 */
}
/* /CD/vendors/ */
table.vendors {
width: 100%;
border-collapse: collapse;
border: 1px solid #AAAAAA;
}
table.vendors th {
background: #BBDDFF;
font-size: 0.9em;
font-family: Arial, Helvetica, sans-serif;
color: #3e4955;
padding: 0.2em;
border: 1px solid #AAAAAA;
border-bottom: none;
text-align: left;
}
table.vendors tr.b td {
background-color: #EEEEEE;
}
table.vendors td {
padding: 0.2em;
vertical-align: top;
}

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.8 KiB

File diff suppressed because it is too large Load Diff

Binary file not shown.

After

Width:  |  Height:  |  Size: 759 B

@ -0,0 +1,3 @@
User-agent: *
Disallow: /security/
Disallow:

@ -0,0 +1,40 @@
This is the version of CryptoNAS for Debian Live!
Read http://devel.cryptobox.org/wiki/DebianLiveBuild before
you do anything else.
It is recommended that you run "./rm-tmps.sh" after making configuration
changes using an editor but before starting a new build.
For the convenience of other developers, the debian-patched
live-helper scripts being used are located in
the "tools" folder. The version of live-helper distributed
with Ubuntu "Gutsy Gibbon" does NOT work for CryptoNAS.
You may want to add the following line to apt-cacher's source list
(for example, /etc/apt/sources.list) and run "aptitude update":
deb http://systemausfall.org/toolforge/debian unstable main
config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/modules and
config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/network/interfaces
will now be used at boot time if they exist. The developer can specify
alternative files using the $CNAS_KMODULES and $CNAS_INTERFACES
variables.
Source Code Info
----------------
The $LH_SOURCE feature of "live-helper" is not currently working with
CryptoNAS. Instead, for source code, do:
"svn checkout https://svn.systemausfall.org/svn/cryptobox"
The other source code used for CryptoNAS Live is located in the "Etch"
Debian release. A list of mirror sites (created using
"wget --no-host-directories --cut-dirs=1 --convert-links --page-requisites
http://www.debian.org/mirror/list") is included in the
CryptoNAS subversion repository in the "deb-live/Debian-Mirrors" folder.
A current list of mirrors is also located at
"http://www.debian.org/mirror/list".

@ -0,0 +1,153 @@
# config/binary - options for live-helper(7), binary stage
# $LH_BINARY_FILESYSTEM: set image filesystem
# (Default: fat16)
LH_BINARY_FILESYSTEM="fat16"
# $LH_BINARY_IMAGES: set image type
# (Default: usb-hdd)
# Set to "iso" for CD-ROM builds or "usb-hdd" for other block devices
LH_BINARY_IMAGES="usb-hdd"
# $LH_BINARY_INDICES: set apt/aptitude generic indices
# (Default: enabled)
LH_BINARY_INDICES="disabled"
# $LH_BOOTAPPEND_LIVE: set boot parameters
# (Default: empty)
LH_BOOTAPPEND_LIVE="autologin=false"
# $LH_BOOTAPPEND_INSTALL: set boot parameters
# (Default: empty)
LH_BOOTAPPEND_INSTALL="-- ${LH_BOOTAPPEND_LIVE}"
# $LH_BOOTLOADER: set bootloader
# (Default: grub)
LH_BOOTLOADER="syslinux"
# $LH_CHECKSUMS: set checksums
# (Default: enabled)
LH_CHECKSUMS="enabled"
# ${LH_CHROOT_BUILD: control if we build binary images chrooted
# (Default: enabled)
# DO NEVER, *NEVER*, *N*E*V*E*R* SET THIS OPTION to disabled.
LH_CHROOT_BUILD="enabled"
# $LH_DEBIAN_INSTALLER: set debian-installer
# (Default: disabled)
LH_DEBIAN_INSTALLER="disabled"
# $LH_DEBIAN_INSTALLER_DAILY: set daily images
# (Default: disabled)
LH_DEBIAN_INSTALLER_DAILY="disabled"
# $LH_ENCRYPTION: set encrytion
# (Default: disabled)
LH_ENCRYPTION="disabled"
# $LH_GRUB_SPLASH: set custom grub splash
# (Default: empty)
LH_GRUB_SPLASH=""
# $LH_HOSTNAME: set hostname
# (Default: cryptonas)
LH_HOSTNAME="cryptonas"
# $LH_ISO_APPLICATION: set iso author
# (Default: Debian Live)
LH_ISO_APPLICATION="Debian Live"
# $LH_ISO_PREPARER: set iso preparer
# (Default: live-helper 1.0~a46; http://packages.qa.debian.org/live-helper)
LH_ISO_PREPARER="live-helper 1.0~a46; http://packages.qa.debian.org/live-helper"
# $LH_ISO_PUBLISHER: set iso publisher
# (Default: Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org)
LH_ISO_PUBLISHER="Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org"
# $LH_ISO_VOLUME: set iso volume (max 32 chars)
# (Default: Debian Live $(date +%Y%m%d-%H:%M))
LH_ISO_VOLUME="Debian Live $(date +%Y%m%d-%H:%M)"
# $LH_JFFS2_ERASEBLOCK: set jffs2 eraseblock size
# (Default: unset)
LH_JFFS2_ERASEBLOCK=""
# $LH_MEMTEST: set memtest
# (Default: memtest86+)
LH_MEMTEST="memtest86+"
# $LH_NET_ROOT_FILESYSTEM: set netboot filesystem
# (Default: nfs)
LH_NET_ROOT_FILESYSTEM="nfs"
# $LH_NET_ROOT_MOUNTOPTIONS: set nfsopts
# (Default: empty)
LH_NET_ROOT_MOUNTOPTIONS=""
# $LH_NET_ROOT_PATH: set netboot server directory
# (Default: /srv/debian-live)
LH_NET_ROOT_PATH="/srv/debian-live"
# $LH_NET_ROOT_SERVER: set netboot server address
# (Default: 192.168.1.1)
LH_NET_ROOT_SERVER="192.168.1.1"
# $LH_NET_COW_FILESYSTEM: set net client cow filesystem
# (Default: nfs)
LH_NET_COW_FILESYSTEM="nfs"
# $LH_NET_COW_MOUNTOPTIONS: set cow mount options
# (Default: empty)
LH_NET_COW_MOUNTOPTIONS=""
# $LH_NET_COW_PATH: set cow directory
# (Default: )
LH_NET_COW_PATH=""
# $LH_NET_COW_SERVER: set cow server
# (Default: )
LH_NET_COW_SERVER=""
# $LH_NET_TARBALL: set net tarball
# (Default: gzip)
LH_NET_TARBALL="gzip"
# $LH_SYSLINUX_SPLASH: set custom syslinux splash
# (Default: empty)
LH_SYSLINUX_SPLASH=""
# $LH_SYSLINUX_TIMEOUT: set custom syslinux timeout in seconds
# (Default: 0)
# "0" apparently means "wait forever"
LH_SYSLINUX_TIMEOUT="10"
# $LH_SYSLINUX_CFG: set custom syslinux configuration file
# (Default: empty)
LH_SYSLINUX_CFG=""
# $LH_SYSLINUX_MENU: set syslinux menu
# (Default: disabled)
LH_SYSLINUX_MENU="disabled"
# $LH_SYSLINUX_MENU_LIVE_ENTRY: set text to be used on the menu for live entries
# (Default: Start Debian Live)
LH_SYSLINUX_MENU_LIVE_ENTRY="Start Debian Live"
# $LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY: set text to be used on the menu for live entries (failsafe ones)
# (Default: )
LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY=""
# $LH_SYSLINUX_MENU_MEMTEST_ENTRY: set text to be used on the menu for memtest entry
# (Default: Memory test)
LH_SYSLINUX_MENU_MEMTEST_ENTRY="Memory test"
# $LH_USERNAME: set username
# (Default: user)
LH_USERNAME="user"
#Load CryptoNAS and user-customized settings
. config/cnas-active-settings

@ -0,0 +1,60 @@
# config/bootstrap - options for live-helper(7), bootstrap stage
# $LH_ARCHITECTURE: select chroot architecture
# (Default: autodetected)
# Note: Debian Live is also designed to work on AMD64 and PowerPC
LH_ARCHITECTURE="i386"
# $LH_BOOTSTRAP_CONFIG: set distribution config directory
# (Default: empty)
LH_BOOTSTRAP_CONFIG=""
# $LH_BOOTSTRAP_INCLUDE: include packages on base
# (Default: empty)
LH_BOOTSTRAP_INCLUDE=""
# $LH_BOOTSTRAP_EXCLUDE: exclude packages on base
# (Default: empty)
LH_BOOTSTRAP_EXCLUDE=""
# $LH_BOOTSTRAP_FLAVOUR: select flavour to use
# (Default: standard)
# FIXME: Set to "minimal" for CryptoNAS releases
LH_BOOTSTRAP_FLAVOUR="standard"
# $LH_BOOTSTRAP_KEYRING: set distribution keyring
# (Default: empty)
LH_BOOTSTRAP_KEYRING=""
# $LH_DISTRIBUTION: select distribution to use
# (Default: lenny)
LH_DISTRIBUTION="etch"
# $LH_MIRROR_BOOTSTRAP: set mirror to bootstrap from
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_BOOTSTRAP="http://ftp.us.debian.org/debian/"
# $LH_MIRROR_CHROOT: set mirror to fetch packages from
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_CHROOT=$LH_MIRROR_BOOTSTRAP
# $LH_MIRROR_CHROOT_SECURITY: set security mirror to fetch packages from
# (Default: http://security.debian.org/)
LH_MIRROR_CHROOT_SECURITY="http://security.debian.org/"
# $LH_MIRROR_BINARY: set mirror which ends up in the image
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_BINARY="http://ftp.us.debian.org/debian/"
# $LH_MIRROR_BINARY_SECURITY: set security mirror which ends up in the image
# (Default: http://security.debian.org/)
LH_MIRROR_BINARY_SECURITY="http://security.debian.org/"
# $LH_SECTIONS: select section(s) to use
# (Default: main)
LH_SECTIONS="main"
#Load CryptoNAS and user-customized settings
. config/cnas-active-settings

@ -0,0 +1,68 @@
# config/chroot - options for live-helper(7), chroot stage
# $LH_CHROOT_FILESYSTEM: set chroot filesystem
# (Default: squashfs)
LH_CHROOT_FILESYSTEM="squashfs"
# $LH_UNION_FILESYSTEM: set union filesystem
# (Default: aufs)
# Default aufs not available in Etch
LH_UNION_FILESYSTEM="unionfs"
# $LH_EXPOSED_ROOT: expose root as read only
# (Default: disabled)
LH_EXPOSED_ROOT="disabled"
# $LH_HOOKS: set hook commands
# (Default: empty)
LH_HOOKS=""
# $LH_INTERACTIVE: set interactive build
# (Default: disabled)
LH_INTERACTIVE="disabled"
# $LH_KEYRING_PACKAGES: set keyring packages
# (Default: empty)
LH_KEYRING_PACKAGES=""
# $LH_LANGUAGE: set language to use
# (Default: empty)
LH_LANGUAGE="en"
# $LH_LINUX_FLAVOURS: set kernel flavour to use
# (Default: autodetected)
#LH_LINUX_FLAVOURS="486 686"
# $LH_LINUX_PACKAGES: set kernel packages to use
# (Default: autodetected)
LH_LINUX_PACKAGES="linux-image-2.6 ${LH_UNION_FILESYSTEM}-modules-2.6 squashfs-modules-2.6"
#LH_LINUX_PACKAGES=""
# $LH_PACKAGES: set packages to install
# (Default: empty)
LH_PACKAGES=""
# $LH_PACKAGES_LISTS: set package list to install
# (Default: standard)
LH_PACKAGES_LISTS="standard"
# $LH_TASKS: set tasks to install
# (Default: empty)
LH_TASKS=""
# $LH_SECURITY: enable security updates
# (Default: enabled)
LH_SECURITY="enabled"
# $LH_SYMLINKS: enable symlink convertion
# (Default: disabled)
LH_SYMLINKS="disabled"
# $LH_SYSVINIT: enable sysvinit
# (Default: disabled)
LH_SYSVINIT="disabled"
#Load CryptoNAS and user-customized settings
. config/cnas-active-settings

@ -0,0 +1,25 @@
#!/bin/sh
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id: $
#
# this script is part of the build process of CryptoNAS
#
# 2008-11-27 James Crofts backported workaround from CherryPy src repository.
# See http://www.cherrypy.org/ticket/686 and
# http://devel.cryptobox.org/ticket/216.
#
## Stop the build process if any of the following steps fail
set -e
##Hack to prevent intermittent cherrypy crashes at startup
DIFF="/usr/share/cryptonas-live/_cpwsgiserver.py.diff"
##These two files are identical before the patch and must be identical
##afterward as well:
patch /var/lib/python-support/python2.4/cherrypy/_cpwsgiserver.py < ${DIFF}
patch /usr/share/python-support/python-cherrypy/cherrypy/_cpwsgiserver.py < ${DIFF}
##Remove the now-obsolete "compiled" Python file.
rm -f /var/lib/python-support/python2.4/cherrypy/_cpwsgiserver.pyc

@ -0,0 +1,217 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# this script is part of the building process of the cryptobox
# the "normal" action is necessary for every cryptobox (development & release)
# the "secure" action is mandatory for every release CD
#
# 2008-06-21 Adapted by James Crofts for use with "live-helper"
#
set -eu
#this script runs in chroot, so RUNTIMEDIR is the null string
RUNTIMEDIR=""
TUNDEV=$RUNTIMEDIR/dev/net/tun
REMOVE_PACKAGES="strace
nvi nano vim vim-common vim-tiny
unzip zip locate
ssh elinks curl netkit-inetd telnet
exim4-daemon-light exim4-config exim4-base
ppp pppconfig pppoe pppoeconf
subversion w3m wget lynx less screen
info man-db manpages
openssh-server openssh-client"
# Removing these packages would be better for security, but
# breaks the build:
#aptitude tasksel wget iptables
#TODO: evaluate whether to remove other packages under Debian Live
# remove rc symlinks for these services
SERVICES_OFF="ssh setserial nviboot mountnfs ntpdate"
#We run in a chroot environment, so source files accordingly.
. /usr/share/cryptonas-live/etc-scoreboard
function configure_normal()
# the usual stuff - not optimized for security
{
##### cryptobox settings ######
# start during bootup
sed -i 's/^NO_START=.*$/NO_START=0/' /etc/default/cryptobox-server
# listen to port 80 by default
sed -i 's/^PORT=.*$/PORT=80/' /etc/default/cryptobox-server
# use a separate configuration partition
sed -i 's/^UseConfigPartition.*$/UseConfigPartition = 1/' /etc/cryptobox-server/cryptobox.conf
# all plugins are enabled (especially: "encrypted_webinterface")
sed -i 's#^DisabledPlugins.*$#DisabledPlugins = #' /etc/cryptobox-server/cryptobox.conf
# change the selection of devices, that can be used as the crypto harddisk
sed -i 's#^AllowedDevices.*$#AllowedDevices = /dev/#' /etc/cryptobox-server/cryptobox.conf
############ samba ############
# enable samba startup (disabled before via cbox-build.sh)
echo 'RUN_MODE="daemons"' >/etc/default/samba
# install the samba hook script
cp /usr/share/doc/cryptobox-server/event-scripts/samba /etc/cryptobox-server/events.d/samba
chmod +x /etc/cryptobox-server/events.d/samba
############ dir perms ########
# For security reasons, many CryptoNAS scripts will refuse
# to run if their parent directories have unsafe permissions.
# The files in config/chroot_local-includes are, by default,
# owned by the user who did the SVN checkout. Therefore
# reset the important directories there to being owned by root.
# Debian Policy specifies that local users and package-created
# users have different uid ranges, so the set of files with
# unrecognized uid's should be the same as the set of files added
# by "config/chroot_local-includes/".
# Note that we are doing this at build time, not run time!
# Only fix files that are neither setuid nor setgid:
find / -xdev -nouser ! -perm -4000 ! -perm -2000 -execdir chown root:root '{}' \+
############ webdav ############
#TODO: FIXME: configure port; add webdav link in web frontend
#this mkdir may be redundant with the DAV event script (TODO)
mkdir -p /var/cache/cryptobox-server/settings/misc/apache2_dav.conf.d
sed -i 's/^NO_START=.*$/NO_START=0/' /etc/default/apache2
cp /usr/share/doc/cryptobox-server/event-scripts/apache2_dav /etc/cryptobox-server/events.d/apache2_dav
chmod +x /etc/cryptobox-server/events.d/apache2_dav
# CryptoNAS's apache2_dav.conf should already be in /etc/apache2/conf.d
# in SVN.
#Tell apache2 NOT to listen on non-DAV ports
echo "#Leave 80 and 443 open for CryptoNAS's use" > /etc/apache2/ports.conf
echo "Listen 8080" >> /etc/apache2/ports.conf
########### boot up ###########
# turn off creation of "/etc/nologin" (read-only fs)
sed -i '/^DELAYLOGIN=/s/^DELAYLOGIN=.*$/DELAYLOGIN=no/' /etc/default/rcS
# turn off modifying /etc/motd (read-only fs)
sed -i '/^EDITMOTD=/s/^EDITMOTD=.*$/EDITMOTD=no/' /etc/default/rcS
######### shutdown #########
# Remove the prompt to eject CD
rm -f /etc/rc0.d/*casper
rm -f /etc/rc6.d/*casper
######### devices ##########
# create tun device for running under qemu
if [ ! -e "$TUNDEV" ]
then mkdir -p `dirname "$TUNDEV"`
mknod "$TUNDEV" c 10 200
fi
########## sshd ############
if [ -e "/etc/ssh" ]; then
# allow empty passwords for ssh
# the daemon is NOT started automatically, so you have to start it
# manually in case of need - as the root pw is empty and passwd is ro, you
# have to allow empty passwords for this rare case
sed -i 's/^PermitEmptyPass.*$/PermitEmptyPasswords yes/' /etc/ssh/sshd_config
# turn off PAM for ssh, as it prevents the use of empty passwords (stange behaviour)
sed -i 's/^UsePAM.*$/UsePAM no/' /etc/ssh/sshd_config
# allow input of password
sed -i 's/^PasswordAuthentication.*$/PasswordAuthentication yes/' /etc/ssh/sshd_config
fi
# remove symlinks for unwanted services
for a in $SERVICES_OFF; do
# echo "Turning off service $a ..."
find /etc/rc?.d/ -type l -name "[SK][0-9][0-9]$a" | while read b
do rm "$b"
done
done
return 0
}
function configure_secure()
# remove everything that could weaken security
# configure_normal should be called too!
{
# disable keyboard login
sed -i '/getty/d' /etc/inittab
# remove unnecessary packages
dpkg --force-all -P $REMOVE_PACKAGES 2>&1 | grep -v "which isn't installed." || true
# maybe an authorized_keys file was created - but it is not dangerous,
# as the openssh package was removed anyway
[ -d /root/.ssh ] && rm -rf /root/.ssh
# disable root account
passwd -l root
############## clean up ################
# remove deb-files, that were left by dfsbuild
# remove packages and package lists
# remove locale files
# remove doc files
# remove man pages
# some vim files stay behind?
# Need to keep these files for live-helper to complete successfully
# rm -rf /var/cache/apt /var/lib/apt /var/cache/debconf /opt/packages
rm -rf /var/cache/bootstrap /var/cache/locate
rm -rf /usr/share/man /usr/share/vim /var/cache/man
# remove docs except for the cryptobox's
ls /usr/share/doc | while read dname
do test "$dname" == "cryptobox-server" || rm -rf "/usr/share/doc/$dname"
done
# remove all locale files and symlinks except for the cryptobox's
(find /usr/share/locale -type f; find /usr/share/locale -type l) | grep -v "cryptobox-server" | while read fname
do rm "$fname"
done
# remove all empty locale directories
find /usr/share/locale -type d | while read dname
do test -d "$dname" && rmdir --ignore-fail-on-non-empty --parents "$dname"
done
# change some dir permissions
chmod 770 /var/cache/cryptobox-server/settings/
# remove developer-specific script(s)
rm -f /usr/share/cryptonas-live/devel-features.sh
rm -f /etc/init.d/*devel-features
rm -f /etc/rcS.d/*devel-features
rm -f /etc/rc3.d/*devel-features
return 0
}
################ main ####################
# Allow this script to be run either manually by the
# developer using live-helper's "interactive chroot"
# mode or automatically by "lh_build".
ACTION="$CNAS_HARDNESS"
[ $# -gt 0 ] && ACTION=$1
case "$ACTION" in
normal|devel)
configure_normal
;;
secure|hard)
configure_normal
configure_secure
;;
* )
echo "`basename $0`:warning: CryptoNAS security level\
not specified; defaulting to \"secure\""
configure_normal
configure_secure
;;
esac
#FIXME: Not ideal to unconditionally return "SUCCESS"
exit 0

@ -0,0 +1,79 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="UserDocumentation">User Documentation</h1>
<p>
The following pages are describing the basic usage of the CryptoBox live-CD.
</p>
<p>
The online version of this manual is a wiki, which means you can help improving the pages. If you have a question regarding the documentation, please post it on the bottom of the relevant page. The developers will answer your questions and update the manual as fast as possible.
</p>
<h2 id="Documentationforxreleases">Documentation for 0.3.x releases</h2>
<ol><li><a href="doc_0.0.html">CryptoBoxUserGettingStarted</a> -- first steps to get the Cryptobox up and running
</li><li><a href="doc_0.1.html">CryptoBoxUserDailyUse</a> -- how to access your encrypted data
</li></ol>
<p>
At the moment there is no automatic way of using an encrypted disk of the 0.2 series in a !Cryptobox running the 0.3 series. That's because we did a major redesign of the CryptoBox functionality within the last year. We're sorry for the unconveniance!
</p>
<h2 id="FrequentlyAskedQuestions">Frequently Asked Questions</h2>
<ul><li><a href="faq.html">FAQ</a>
</li></ul></div>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

Binary file not shown.

After

Width:  |  Height:  |  Size: 84 KiB

@ -0,0 +1,93 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>What does the CryptoBox do?</h2>
<p>Usually all your files like phone numbers, love letters, bank
account data etc. are stored in plaintext on your computer's
harddisk.
All the data is accessible for everyone who has access to the harddisk.
This is very bad in case someone you don't trust gets your harddisk.
E.g. a thief that steals your notebook, or breaks into your house or company.
If the thief has your disk he/she can also read all the files that
where saved on it, no matter whether you have a login password or not -
the files are always stored in plaintext.
</p>
<p>The <b>CryptoBox</b> brings easy-to-use data encryption to your
computer. This works out of the box and does not need complicated
configuration steps.</p>
<p>Here comes a small usage example for the CryptoBox with an obsolete
PC as a fileserver:</p>
<p>Boot up the old PC with the CryptoBox live-CD.
Now you can access it with your browser via the network.
Then you partition and reformat the harddisk of the old
PC with encryption support. Therefore you provide a passphrase.
This is all done through the user friendly webinterface.
You can also plug in an external harddisk and use this to store
your encrypted data.
Afterwards you copy your sensitive data over the local
network to the CryptoBox.
It is stored on its harddisk in a secure way.
Nobody can access your data without the right passphrase.
</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

@ -0,0 +1,135 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="left">
<div class="leftcontent">
<h2>You are server admin?</h2>
<p>Take a look at the <a
href="http://devel.cryptobox.org/file/trunk/README">README
file</a>. There you find more detailed information about the
installation and configuration of the CryptoBox-Server
package.</p>
</div>
</div>
<div class="content">
<h2>Requirements for the CryptoBox live-CD</h2>
<p>The <i>CryptoBox live-CD</i> runs on any x86 compatible PC with:</p>
<ul>
<li>CPU: min. 200MHz</li>
<li>RAM: 64 MB</li>
<li>CD-ROM drive</li>
<li>a network connection</li>
<li>a harddisk for your data</li>
</ul>
<p>The harddisk does not need to inside the of CryptoBox computer. You
can also use external devices like USB-drives.
All drives supported by the Linux kernel (2.6.20) can be used: IDE,
SCSI, USB, FireWire, SATA, RAID, ...</p>
<p>Because of the high number of different supported storage media
we call an encrypted disk a <i>volume</i>.
This includes (e.g.): USB-sticks, firewire-disks, flash-drives, digital cameras,
MP3-player, MMC/SD-cards.</p>
</div>
<div class="content">
<h2>Requirements of the CryptoBox-Server</h2>
<p>The <i>CryptoBox-Server</i> package can be installed on any system with at least:</p>
<ul>
<li>Linux kernel 2.6</li>
<li>cryptsetup with LUKS support</li>
<li>kernel support for the <i>crypt</i> target of the <i>device mapper</i></li>
<li>Python 2.4</li>
</ul>
<p>In general a server package should run on any Linux
distribution, but we only provide Debian packages. So you have to
install the necessary files on your own to the right places if
you are using a different linux distribution.</p>
</div>
<div class="content">
<h2>File access</h2>
<p>Once you openend an encrypted volume through the web frontend of
the <i>CryptoBox</i> you can access the volume's data within your local
network via:</p>
<ul>
<li>Samba shares (also known as: <i>windows network share</i>)</li>
<!-- <li>WebDAV (aka: <i>web folder</i>)</li>
<li>nfs (*nix file sharing)</li> -->