diff --git a/deb-live_v0.3.5/config/chroot_local-hooks/50cnas-config-chroot.sh b/deb-live_v0.3.5/config/chroot_local-hooks/50cnas-config-chroot.sh index baf4540..f7d18a5 100755 --- a/deb-live_v0.3.5/config/chroot_local-hooks/50cnas-config-chroot.sh +++ b/deb-live_v0.3.5/config/chroot_local-hooks/50cnas-config-chroot.sh @@ -80,16 +80,16 @@ function configure_normal() ############ webdav ############ #TODO: FIXME: configure port; add webdav link in web frontend #this mkdir may be redundant with the DAV event script (TODO) - mkdir -p /var/cache/cryptobox-server/settings/misc/apache2_dav.conf.d - sed -i 's/^NO_START=.*$/NO_START=0/' /etc/default/apache2 - cp /usr/share/doc/cryptobox-server/event-scripts/apache2_dav /etc/cryptobox-server/events.d/apache2_dav - chmod +x /etc/cryptobox-server/events.d/apache2_dav + #mkdir -p /var/cache/cryptobox-server/settings/misc/apache2_dav.conf.d + #sed -i 's/^NO_START=.*$/NO_START=0/' /etc/default/apache2 + #cp /usr/share/doc/cryptobox-server/event-scripts/apache2_dav /etc/cryptobox-server/events.d/apache2_dav + #chmod +x /etc/cryptobox-server/events.d/apache2_dav # CryptoNAS's apache2_dav.conf should already be in /etc/apache2/conf.d # in SVN. #Tell apache2 NOT to listen on non-DAV ports - echo "#Leave 80 and 443 open for CryptoNAS's use" > /etc/apache2/ports.conf - echo "Listen 8080" >> /etc/apache2/ports.conf + #echo "#Leave 80 and 443 open for CryptoNAS's use" > /etc/apache2/ports.conf + #echo "Listen 8080" >> /etc/apache2/ports.conf ########### boot up ########### # turn off creation of "/etc/nologin" (read-only fs) diff --git a/deb-live_v0.3.5/config/release-settings b/deb-live_v0.3.5/config/release-settings index 94035b6..b6b3ed4 100644 --- a/deb-live_v0.3.5/config/release-settings +++ b/deb-live_v0.3.5/config/release-settings @@ -18,5 +18,20 @@ LH_SOURCE="enabled" LH_SOURCE_IMAGES="tar" #Disable console login and enable other security measures +#CNAS_HARDNESS="devel" CNAS_HARDNESS="secure" +#Security update breaks CherryPy under Debian Etch +LH_SECURITY="disabled" + +#Not easy to use custom keyrings with the version of `live-helper' +#we're building under, so use workaround: +LH_APT_SECURE="true" +APT_OPTIONS="--yes --force-yes" + +#Use the permanent Etch snapshot since Etch is no longer on the mirrors: +LH_MIRROR_BOOTSTRAP="http://browncoat:3142/apt-cacher/snapshot.debian.org/archive/debian/20100430T222505Z" + +#This is required due to a bug in the "lh_source" stage script(s) +LH_DEBUG="disabled" +LH_VERBOSE="disabled"