Created new branch for Debian Live live-cd build system development. This

commit includes the default configuration files, which don't work with Debian 
"etch".
This commit is contained in:
frisco 2008-06-09 00:10:03 +00:00
commit ec818dbbc3
253 changed files with 6460 additions and 0 deletions

146
config/binary Normal file
View File

@ -0,0 +1,146 @@
# config/binary - options for live-helper(7), binary stage
# $LH_BINARY_FILESYSTEM: set image filesystem
# (Default: fat16)
LH_BINARY_FILESYSTEM="fat16"
# $LH_BINARY_IMAGES: set image type
# (Default: iso)
LH_BINARY_IMAGES="iso"
# $LH_BINARY_INDICES: set apt/aptitude generic indices
# (Default: enabled)
LH_BINARY_INDICES="enabled"
# $LH_BOOTAPPEND_LIVE: set boot parameters
# (Default: empty)
LH_BOOTAPPEND_LIVE=""
# $LH_BOOTAPPEND_INSTALL: set boot parameters
# (Default: empty)
LH_BOOTAPPEND_INSTALL="-- }"
# $LH_BOOTLOADER: set bootloader
# (Default: syslinux)
LH_BOOTLOADER="syslinux"
# $LH_CHECKSUMS: set checksums
# (Default: enabled)
LH_CHECKSUMS="enabled"
# ${LH_CHROOT_BUILD: control if we build binary images chrooted
# (Default: enabled)
# DO NEVER, *NEVER*, *N*E*V*E*R* SET THIS OPTION to disabled.
LH_CHROOT_BUILD="enabled"
# $LH_DEBIAN_INSTALLER: set debian-installer
# (Default: disabled)
LH_DEBIAN_INSTALLER="disabled"
# $LH_DEBIAN_INSTALLER_DAILY: set daily images
# (Default: disabled)
LH_DEBIAN_INSTALLER_DAILY="disabled"
# $LH_ENCRYPTION: set encrytion
# (Default: disabled)
LH_ENCRYPTION="disabled"
# $LH_GRUB_SPLASH: set custom grub splash
# (Default: empty)
LH_GRUB_SPLASH=""
# $LH_HOSTNAME: set hostname
# (Default: debian)
LH_HOSTNAME="debian"
# $LH_ISO_APPLICATION: set iso author
# (Default: Debian Live)
LH_ISO_APPLICATION="Debian Live"
# $LH_ISO_PREPARER: set iso preparer
# (Default: live-helper 1.0~a46; http://packages.qa.debian.org/live-helper)
LH_ISO_PREPARER="live-helper 1.0~a46; http://packages.qa.debian.org/live-helper"
# $LH_ISO_PUBLISHER: set iso publisher
# (Default: Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org)
LH_ISO_PUBLISHER="Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org"
# $LH_ISO_VOLUME: set iso volume (max 32 chars)
# (Default: Debian Live 20080608-17:04)
LH_ISO_VOLUME="Debian Live 20080608-17:04"
# $LH_JFFS2_ERASEBLOCK: set jffs2 eraseblock size
# (Default: unset)
LH_JFFS2_ERASEBLOCK=""
# $LH_MEMTEST: set memtest
# (Default: memtest86+)
LH_MEMTEST="memtest86+"
# $LH_NET_ROOT_FILESYSTEM: set netboot filesystem
# (Default: nfs)
LH_NET_ROOT_FILESYSTEM="nfs"
# $LH_NET_ROOT_MOUNTOPTIONS: set nfsopts
# (Default: empty)
LH_NET_ROOT_MOUNTOPTIONS=""
# $LH_NET_ROOT_PATH: set netboot server directory
# (Default: /srv/debian-live)
LH_NET_ROOT_PATH="/srv/debian-live"
# $LH_NET_ROOT_SERVER: set netboot server address
# (Default: 192.168.1.1)
LH_NET_ROOT_SERVER="192.168.1.1"
# $LH_NET_COW_FILESYSTEM: set net client cow filesystem
# (Default: nfs)
LH_NET_COW_FILESYSTEM="nfs"
# $LH_NET_COW_MOUNTOPTIONS: set cow mount options
# (Default: empty)
LH_NET_COW_MOUNTOPTIONS=""
# $LH_NET_COW_PATH: set cow directory
# (Default: )
LH_NET_COW_PATH=""
# $LH_NET_COW_SERVER: set cow server
# (Default: )
LH_NET_COW_SERVER=""
# $LH_NET_TARBALL: set net tarball
# (Default: gzip)
LH_NET_TARBALL="gzip"
# $LH_SYSLINUX_SPLASH: set custom syslinux splash
# (Default: empty)
LH_SYSLINUX_SPLASH=""
# $LH_SYSLINUX_TIMEOUT: set custom syslinux timeout in seconds
# (Default: 0)
LH_SYSLINUX_TIMEOUT="0"
# $LH_SYSLINUX_CFG: set custom syslinux configuration file
# (Default: empty)
LH_SYSLINUX_CFG=""
# $LH_SYSLINUX_MENU: set syslinux menu
# (Default: disabled)
LH_SYSLINUX_MENU="disabled"
# $LH_SYSLINUX_MENU_LIVE_ENTRY: set text to be used on the menu for live entries
# (Default: Start Debian Live)
LH_SYSLINUX_MENU_LIVE_ENTRY="Start Debian Live"
# $LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY: set text to be used on the menu for live entries (failsafe ones)
# (Default: )
LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY=""
# $LH_SYSLINUX_MENU_MEMTEST_ENTRY: set text to be used on the menu for memtest entry
# (Default: Memory test)
LH_SYSLINUX_MENU_MEMTEST_ENTRY="Memory test"
# $LH_USERNAME: set username
# (Default: user)
LH_USERNAME="user"

53
config/bootstrap Normal file
View File

@ -0,0 +1,53 @@
# config/bootstrap - options for live-helper(7), bootstrap stage
# $LH_ARCHITECTURE: select chroot architecture
# (Default: autodetected)
LH_ARCHITECTURE="i386"
# $LH_BOOTSTRAP_CONFIG: set distribution config directory
# (Default: empty)
LH_BOOTSTRAP_CONFIG=""
# $LH_BOOTSTRAP_INCLUDE: include packages on base
# (Default: empty)
LH_BOOTSTRAP_INCLUDE=""
# $LH_BOOTSTRAP_EXCLUDE: exclude packages on base
# (Default: empty)
LH_BOOTSTRAP_EXCLUDE=""
# $LH_BOOTSTRAP_FLAVOUR: select flavour to use
# (Default: )
LH_BOOTSTRAP_FLAVOUR=""
# $LH_BOOTSTRAP_KEYRING: set distribution keyring
# (Default: empty)
LH_BOOTSTRAP_KEYRING=""
# $LH_DISTRIBUTION: select distribution to use
# (Default: lenny)
LH_DISTRIBUTION="lenny"
# $LH_MIRROR_BOOTSTRAP: set mirror to bootstrap from
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_BOOTSTRAP="http://ftp.us.debian.org/debian/"
# $LH_MIRROR_CHROOT: set mirror to fetch packages from
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_CHROOT="http://ftp.us.debian.org/debian/"
# $LH_MIRROR_CHROOT_SECURITY: set security mirror to fetch packages from
# (Default: http://security.debian.org/)
LH_MIRROR_CHROOT_SECURITY="http://security.debian.org/"
# $LH_MIRROR_BINARY: set mirror which ends up in the image
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_BINARY="http://ftp.us.debian.org/debian/"
# $LH_MIRROR_BINARY_SECURITY: set security mirror which ends up in the image
# (Default: http://security.debian.org/)
LH_MIRROR_BINARY_SECURITY="http://security.debian.org/"
# $LH_SECTIONS: select section(s) to use
# (Default: main)
LH_SECTIONS="main"

61
config/chroot Normal file
View File

@ -0,0 +1,61 @@
# config/chroot - options for live-helper(7), chroot stage
# $LH_CHROOT_FILESYSTEM: set chroot filesystem
# (Default: squashfs)
LH_CHROOT_FILESYSTEM="squashfs"
# $LH_UNION_FILESYSTEM: set union filesystem
# (Default: aufs)
LH_UNION_FILESYSTEM="aufs"
# $LH_EXPOSED_ROOT: expose root as read only
# (Default: disabled)
LH_EXPOSED_ROOT="disabled"
# $LH_HOOKS: set hook commands
# (Default: empty)
LH_HOOKS=""
# $LH_INTERACTIVE: set interactive build
# (Default: disabled)
LH_INTERACTIVE="disabled"
# $LH_KEYRING_PACKAGES: set keyring packages
# (Default: empty)
LH_KEYRING_PACKAGES=""
# $LH_LANGUAGE: set language to use
# (Default: empty)
LH_LANGUAGE="en"
# $LH_LINUX_FLAVOURS: set kernel flavour to use
# (Default: autodetected)
LH_LINUX_FLAVOURS="486 686"
# $LH_LINUX_PACKAGES: set kernel packages to use
# (Default: autodetected)
LH_LINUX_PACKAGES="linux-image-2.6 aufs-modules-2.6 squashfs-modules-2.6"
# $LH_PACKAGES: set packages to install
# (Default: empty)
LH_PACKAGES=""
# $LH_PACKAGES_LISTS: set package list to install
# (Default: standard)
LH_PACKAGES_LISTS="standard"
# $LH_TASKS: set tasks to install
# (Default: empty)
LH_TASKS=""
# $LH_SECURITY: enable security updates
# (Default: enabled)
LH_SECURITY="enabled"
# $LH_SYMLINKS: enable symlink convertion
# (Default: disabled)
LH_SYMLINKS="disabled"
# $LH_SYSVINIT: enable sysvinit
# (Default: disabled)
LH_SYSVINIT="disabled"

123
config/common Normal file
View File

@ -0,0 +1,123 @@
# config/common - common options for live-helper(7)
# $LH_APT: set package manager
# (Default: apt)
LH_APT="apt"
# $LH_APT_FTP_PROXY: set apt/aptitude ftp proxy
# (Default: autodetected or empty)
LH_APT_FTP_PROXY=""
# $LH_APT_HTTP_PROXY: set apt/aptitude http proxy
# (Default: autodetected or empty)
LH_APT_HTTP_PROXY=""
# $LH_APT_PDIFFS: set apt/aptitude pdiff indices
# (Default: enabled)
LH_APT_PDIFFS="enabled"
# $LH_APT_PIPELINE: set apt/aptitude pipeline depth
# (Default: )
LH_APT_PIPELINE=""
# $LH_APT_RECOMMENDS: set apt/aptitude recommends
# (Default: enabled)
LH_APT_RECOMMENDS="enabled"
# $LH_APT_SECURE: set apt/aptitude security
# (Default: enabled)
LH_APT_SECURE="enabled"
# $LH_BOOTSTRAP: set bootstrap program
# (Default: debootstrap)
LH_BOOTSTRAP="debootstrap"
# $LH_CACHE: control cache
# (Default: enabled)
LH_CACHE="enabled"
# $LH_CACHE_INDICES: control if downloaded package indices should be cached
# (Default: disabled)
LH_CACHE_INDICES="disabled"
# $LH_CACHE_PACKAGES: control if downloaded packages files should be cached
# (Default: enabled)
LH_CACHE_PACKAGES="enabled"
# $LH_CACHE_STAGES: control if completed stages should be cached
# (Default: bootstrap)
LH_CACHE_STAGES="bootstrap"
# $LH_DEBCONF_FRONTEND: set debconf(1) frontend to use
# (Default: noninteractive)
LH_DEBCONF_FRONTEND="noninteractive"
# $LH_DEBCONF_NOWARNINGS: set debconf(1) warnings
# (Default: yes)
LH_DEBCONF_NOWARNINGS="yes"
# $LH_DEBCONF_PRIORITY: set debconf(1) priority to use
# (Default: critical)
LH_DEBCONF_PRIORITY="critical"
# $LH_INITRAMFS: set initramfs hook
# (Default: live-initramfs)
LH_INITRAMFS="live-initramfs"
# $LH_FDISK: set fdisk program
# (Default: autodetected)
LH_FDISK="fdisk"
# $LH_LOSETUP: set losetup program
# (Default: autodetected)
LH_LOSETUP="losetup"
# $LH_MODE: set distribution mode
# (Default: debian)
LH_MODE="debian"
# $LH_ROOT_COMMAND: use sudo or equivalent
# (Default: empty)
#LH_ROOT_COMMAND="sudo"
# $LH_USE_FAKEROOT: use fakeroot/fakechroot
# (Default: disabled)
LH_USE_FAKEROOT="disabled"
# $LH_TASKSEL: set tasksel program
# (Default: aptitude)
LH_TASKSEL="aptitude"
# $LH_INCLUDES: set includes
# (Default: /usr/share/live-helper/includes)
LH_INCLUDES="/usr/share/live-helper/includes"
# $LH_TEMPLATES: set templates
# (Default: /usr/share/live-helper/templates)
LH_TEMPLATES="/usr/share/live-helper/templates"
# Live-helper options
# $LH_BREAKPOINTS: enable breakpoints
# (Default: disabled)
#LH_BREAKPOINTS="disabled"
# $LH_DEBUG: enable debug
# (Default: disabled)
#LH_DEBUG="disabled"
# $LH_FORCE: enable force
# (Default: disabled)
#LH_FORCE="disabled"
# $LH_QUIET: enable quiet
# (Default: disabled)
LH_QUIET="disabled"
# $LH_VERBOSE: enable verbose
# (Default: disabled)
#LH_VERBOSE="disabled"
# Internal stuff (FIXME)
APT_OPTIONS="--yes"
APTITUDE_OPTIONS="--assume-yes"

9
config/source Normal file
View File

@ -0,0 +1,9 @@
# config/source - options for live-helper(7), source stage
# $LH_SOURCE: set source option
# (Default: disabled)
LH_SOURCE="disabled"
# $LH_SOURCE_IMAGES: set image type
# (Default: tar)
LH_SOURCE_IMAGES="tar"

View File

@ -0,0 +1,30 @@
1) Overview
the files in this directory are examples for specific hook scripts to change the
configuration of the box
2) How to use these scripts
Copy the scripts, you would like to use into 'configure-local.d'.
They will be sourced in alphabetic order AFTER the default configuration of the
cryptobox.
3) The examples
set_root_pw
- replace the empty root password (the default) with a choosen password
- useful if your development cryptobox:
- is located in an insecure environment
- or your development team is geographically distributed, so the
cryptobox for testing has to be publicly available
import_authorized_keys
- create a new rsa key (etc-local.d/id_rsa) and copy the public
key to the image directory
- this is useful, if you secured the development cryptobox with a
password (see 'set_root_pw')
set_hostname
- change the default hostname ("cryptobox")
set_scan_devices
- change the default selection of devices, that can be used as the crypto harddisk

View File

@ -0,0 +1,19 @@
# import a public rsa key into the cryptobox for ssh authentication
#
# see README in configure-examples.d for details
#
SSH_KEY_FILE="$LOCALCONF_DIR/id_rsa"
# create a rsa key if it does not yet exist
if [ ! -e "$SSH_KEY_FILE" ]
then echo "Creating ssh key ($SSH_KEY_FILE) ..."
mkdir -p $(dirname "$SSH_KEY_FILE")
ssh-keygen -t rsa -b 1024 -N '' -q -f "$SSH_KEY_FILE"
fi
# copy new public ssh key to ~/.ssh/authorized_keys on cryptobox
echo "Copying local public ssh key file to the box ..."
mkdir -p "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh"
cp "${SSH_KEY_FILE}.pub" "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh/authorized_keys"

View File

@ -0,0 +1,4 @@
# change the selection of devices, that can be used as the crypto harddisk
sed -i 's#^AllowedDevices.*$#AllowedDevices = /dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3#' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf"

View File

@ -0,0 +1,4 @@
# change the selection of disabled plugins
sed -i 's#^DisabledPlugins.*$#DisabledPlugins = #' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf"

View File

@ -0,0 +1,4 @@
# change the hostname (default value: "cryptobox")
echo "cryptobox" >"$IMAGE_DIR"/etc/hostname

View File

@ -0,0 +1,11 @@
# replace the empty root password of an development cryptobox with a choosen one
#
# see misc/custom-configure.d/README for details
#
# set the password to your needs
NEW_ROOT_PASSWORD=foobar
echo "Setting a root password ..."
echo "root:$NEW_ROOT_PASSWORD" | chroot "$IMAGE_DIR" "$CHROOTSTART" chpasswd root

BIN
cover/antlogo-big.jpg Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 42 KiB

BIN
cover/antlogo-big.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 52 KiB

BIN
cover/antlogo-small.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.0 KiB

BIN
cover/cover_de.odt Normal file

Binary file not shown.

BIN
cover/cover_de.pdf Normal file

Binary file not shown.

BIN
cover/cover_en.odt Normal file

Binary file not shown.

BIN
cover/cover_en.pdf Normal file

Binary file not shown.

4
etc-defaults.d/README Normal file
View File

@ -0,0 +1,4 @@
this directory contains some configuration files for the development of the CryptoBox
If you want to use different local settings, then you should copy the respective
configuration file to the directory "etc-local.d" and adapt it to your needs.

View File

@ -0,0 +1,54 @@
# some local settings for cbox-build.sh and validate.sh
#
# previously defined settings:
# - ROOT_DIR
#
####################### cbox-build ########################
# the build directory (will be ERASED without warning)
BUILD_DIR="$ROOT_DIR/_builddir"
# the cryptobox development files
CBOX_DEVEL_DIR=$ROOT_DIR/cbox-tree.d
# template for live-cd
TEMPLATE_DIR=$ROOT_DIR/live-cd-tree.d
# the iso image
IMAGE_FILE=$BUILD_DIR/cryptobox.iso
# temporary directory
TMP_DIR=/tmp/$(basename $0)-$$
# the virtual harddisk image used for qemu
HD_IMAGE=/tmp/$(basename $0)-testplatte.img
# mkisofs options (the option "-U" is not clean, but it prevents long
# filenames from getting mapped)
# TODO: this may prevent windows user from reading the documentation
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
# for burning a CD
CDWRITER=0,0,0
####################### validation ########################
# language of validation (select web interface language)
VALIDATE_LANGUAGE=en
# directory of the test-cases
VALIDATE_TEST_CASES_DIR=$ROOT_DIR/validation/test-cases
# override these settings if the CryptoBox uses a non-default IP
VALIDATE_HOST_IP_DEFAULT=192.168.0.23
VALIDATE_HOST_IP_CHANGED=192.168.0.24
# destination directories for the results
VALIDATE_REPORT_DIR=/tmp/cryptobox-validation-$$
VALIDATE_REPORT_DIR=$ROOT_DIR/validation/report
VALIDATE_SUMMARY_TEMPLATE_DIR=$ROOT_DIR/validation/templates

View File

@ -0,0 +1,236 @@
# arch-tag: Default configuration file
# Copyright (c) 2004 John Goerzen
[DEFAULT]
######################################################################
# Overall settings, set defaults for all archs
######################################################################
# Name of generated disc & hostname
# BEWARE: hostname does not work - you have to set the hostname manually at the end of this file
name = CryptoBox
# Version of generated disc
version = 0.3.4
# Person that built it
builder = sense.lab
# Repositories to mirror. Details about each one are configured below.
dlrepos = stable
# Repository to build the CD with. Must be in above list.
suite = stable
# Whether or not to use zftree compression on ISO image
compress = no
# Files to never compress if the above is yes
# If a dir is given, that dir and everything below is not compressed
dontcompress = /boot
/etc/*boot*
/opt/dfsruntime/initrd.dfs
# Location of dfsbuild support files
libdir = /usr/lib/dfsbuild
# Location of docs for CD
docdir = /usr/share/doc/dfsbuild
# Bootloader to place on CD. Choices are:
# grub-hd GRUB with ElTorito hard disk emulation (not working yet)
# grub-no-emul "raw" ElTorito image
# aboot Alpha SRM bootloader
# yaboot PowerPC bootloader
# (usually set in arch area)
#bootloader = grub-no-emul
# Packages to install on live FS, on all archs, besides base system
allpackages =
util-linux
grub
parted
dmsetup
perl
tar
bash
coreutils
module-init-tools
ifupdown
busybox
usbutils
pciutils
discover
hdparm
binutils
debconf
sysutils
stunnel4
samba
hashalot
python-clearsilver
python-cherrypy
python-configobj
python-central
super
dosfstools
cryptsetup
python-m2crypto
# support for file systems
e2tools
e2fsprogs
xfsprogs
hfsutils
jfsutils
## ntfs-3g is not in etch
#ntfs-3g
# TODO: remove the following packages for the final version
subversion
strace
ssh
vim
nano
less
lynx
w3m
screen
elinks
# select a mirror for the repository (apt-cacher, apt-proxy, no caching) by
# uncommenting the line of your choice
# (1) apt-cacher (default)
mirror = http://127.0.0.1/apt-cacher/ftp.debian.org/debian
# (2) apt-proxy
#mirror = http://127.0.0.1:9999/debian
# (3) no caching proxy for apt
#mirror = http://ftp.debian.org/debian
# Files to place on the ramdisk
ramdisk_files = /etc/resolv.conf
/etc/lvm*
/tmp
/var/tmp
/dev
/var/lib/dhcp
/var/lib/samba
/var/log
/var/cache/samba
/var/lock
/var/run
/var/state
/etc/mtab
/root
/etc/network
/var/lib/misc
/var/lib/urandom
#/etc/hotplug/.run
/var/spool/cron
# Directories to create on live fs
makedirs =
# Files to delete from live fs
deletefiles = /etc/rcS.d/*discover
/etc/rcS.d/*lvm
/var/log/dpkg.log
/var/log/bootstrap.log
preparescripts =
../scripts/prepare_target.sh
cleanupscripts =
../scripts/cleanup_target.sh
######################################################################
# Arch settings: i386
######################################################################
[i386]
# Name of any kernel images to install directly from your current filesystem
#kernels = /boot/vmlinuz-2.4.27-2-386
# Modules to copy from host filesystem
#modules = /lib/modules/2.4.27-2-386
# Debs from local fs to unpack on live FS (will not be configured)
unpackdebs =
../packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb
# Other packages to install besides the list in DEFAULT
packages = %(allpackages)s
# Debs from local fs to install on live fs
## fetch newest ntfs-3g from debian backports
installdebs =
../packages/cryptobox-server.deb
../packages/ntfs-3g_1%3a1.516-1~bpo.1_i386.deb
# Bootloader (see options under default)
bootloader = grub-no-emul
# Extra lines for grub config
grubconfig = timeout 0
password -md5 this_invalid_hash_protects_grub_config
#####################################################################
# Repository configuration
######################################################################
# Repositories to download
[repo testing]
suite = testing
[repo amd64]
suite = unstable
# Override default mirror
#mirror = http://debian-amd64.alioth.debian.org/pure64/
# Override default arch
arch = amd64
######################################################################
# Text to add to existing files
######################################################################
[appendfiles]
/etc/network/interfaces =
auto lo eth0
iface lo inet loopback
iface eth0 inet static
address 192.168.0.23
netmask 255.255.255.0
# /etc/modules =
/etc/profile = export TERM=vt100
######################################################################
# Files to create or truncate
######################################################################
[createfiles]
/etc/hostname = CryptoBox
/etc/syslog.conf = *.* /dev/tty8
*.info /dev/tty7
/etc/hosts = 127.0.0.1 localhost
/etc/kernel-img.conf = do_initrd = Yes
# exit the samba startup script during install immediately - otherwise
# there would be /proc problems - it will get replaced later via
# live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh
/etc/default/samba = exit
######################################################################
# Symlinks to create (from = to format)
######################################################################
# this does not work anymore
#[symlinks]
#/etc/mtab = /proc/mounts

BIN
etc-defaults.d/qemu-ifup Executable file

Binary file not shown.

View File

@ -0,0 +1,55 @@
#!/bin/sh
#
# this is the qemu-ifup script that should be run at qemu's boot
#
# determine the interface to the outside
IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/ */ /g" | cut -d " " -f 8 | head -1`
# nothing found? - sorry!
[ -z "$IF_WORLD" ] && IF_WORLD=eth0
if [ "$UID" -ne 0 ]
then sudo $0 $*
exit 0
fi
echo "Laufe als root ..."
IPT=/sbin/iptables
[ ! -x $IPT ] && IPT=/usr/sbin/iptables
IPT_RULES=" FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
INPUT -i tun0 -j ACCEPT
OUTPUT -o tun0 -j ACCEPT"
aktiviere_forward()
{
echo "$IPT_RULES" | while read a
do $IPT -A $a
done
echo 1 >/proc/sys/net/ipv4/ip_forward
}
deaktiviere_forward()
{
echo "$IPT_RULES" | while read a
do $IPT -D $a
done
echo 0 >/proc/sys/net/ipv4/ip_forward
}
case "$1" in
stop )
deaktiviere_forward
#/etc/init.d/dhcp stop
;;
* )
/sbin/ifconfig $1 192.168.0.1
#/etc/init.d/dhcp start
aktiviere_forward
;;
esac

View File

@ -0,0 +1,17 @@
Host cryptobox
# change this part according to your needs
HostName 192.168.0.23
Port 22
# maybe you want to use rsa authentication?
# see misc/custom-configure.s/README for examples
#IdentityFile local.conf.d/id_rsa
# this should be valid for everyone
User root
CheckHostIP no
StrictHostKeyChecking no
# nice for frequently changing server key due to a rebuild of the base system
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts

17
etc-defaults.d/ssh_config Normal file
View File

@ -0,0 +1,17 @@
Host cryptobox
# change this part according to your needs
HostName 192.168.0.23
Port 22
# maybe you want to use rsa authentication?
# see configure-examples.d/README for examples
IdentityFile local.conf.d/id_rsa
# this should be valid for everyone
User root
CheckHostIP no
StrictHostKeyChecking no
# nice for frequently changing server key due to a rebuild of the base system
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts

View File

@ -0,0 +1,6 @@
by scp or webdav - the last one is the better choice
1) webdav
apt-get install davfs2
modprobe coda
mount -t davfs https://upload.codecoop.org/groups/cryptobox/ /mnt/ttt

5
hints/dev-requirements Normal file
View File

@ -0,0 +1,5 @@
developer requirements:
- dfsbuild
- wget
- curl
- (qemu)

View File

@ -0,0 +1,13 @@
The current official debian package of dfsbuild (v0.99.2) is not working due
to three ugly but small bugs.
If you are using dfsbuild v0.99.2, then you should do the following:
- create a new directory and change into it
- apt-get source dfsbuild
- apply all dfsbuild-bug-?.patch files to the source directory
- debuild -uc -us
- install the freshly built package
Alternatively you could also install the patched version:
packages/dfsbuild_0.99.2.1_i386.deb

View File

@ -0,0 +1,26 @@
as there is no debian-package for the perl bindings of clearsilver, you have to add it manually to the tree of the cbox-tree
1) download
- get it from: http://www.clearsilver.net/downloads
- unpack (tar xzf . ...)
2) configuration
./configure --disable-python --disable-ruby --disable-csharp --disable-apache --disable-java --disable-compression --enable-perl --enable-gettext --prefix=/tmp/clearsilver-perl
3) fix a problem in scripts/document.py
change the first line to "#!/usr/bin/env python"
4) build it
- make
- make install
5) cp to the cbox
cp -a /tmp/clearsilver-perl/local/lib/perl/5.8.7/. cryptobox.conf.d/usr/lib/perl5
rm cryptobox.conf.d/usr/lib/perl5/perllocal.pod
6) dependencies
add python-clearsilver to the box (dfsbuild.conf)

23
hints/kernel-build.txt Normal file
View File

@ -0,0 +1,23 @@
Hints for building and integrating a new kernel into the cryptobox:
1) get the source
download it from http://kernel.org (at least 2.6.11)
2) configure
- copy the current kernel config from the cryptobox/trunk/kernel
directory to the kernel source directory as ".config" (the .config
can also be found in the current kernel-image-cryptoboxX.Y.deb packagefile)
- make menuconfig
- make-kpkg --rootcmd fakeroot --revision=cryptoboxY.X kernel_image
(replace "Y.X" by the current cryptobox release)
3) integrating
- copy the debian kernel package (see above) and the config file to cryptobox/trunk/kernel
- change the "unpackdebs" setting in cryptobox/trunk/etc-default.d/dfs-cbox.conf
- add the new kernel package and the config file to the repository (svn add)
4) afterwork
- run "cryptobox/trunk/scripts/cbox-build.sh dfsbuild" to create a fresh base system
including the new kernel
- test the box with your new kernel
- enjoy it! :)

View File

@ -0,0 +1,56 @@
## fixed bugs:
## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404563
## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404555
diff -ruN dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs
--- dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs 2006-04-20 00:10:11.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs 2007-01-02 00:56:45.000000000 +0100
@@ -40,8 +40,11 @@
grub_generic env =
do createDirectory (targetdir env ++ "/boot/grub") 0o755
- grubfiles <- glob "/lib/grub/*/*"
- safeSystem "cp" $ ["-rv"] ++ grubfiles ++ [targetdir env ++ "/boot/grub/"]
+ -- since etch (Debian 4.0) grub files are located in /usr/lib instead of /lib
+ grubfiles_pre_etch <- glob "/lib/grub/*/*"
+ grubfiles_since_etch <- glob "/usr/lib/grub/*/*"
+ safeSystem "cp" $ ["-rv"] ++ grubfiles_pre_etch ++ grubfiles_since_etch ++
+ [targetdir env ++ "/boot/grub/"]
menuText <- grubMenu env
writeFile (targetdir env ++ "/boot/grub/menu.lst") menuText
diff -ru dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs
--- dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs 2006-04-20 00:10:11.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs 2007-01-01 22:09:26.000000000 +0100
@@ -33,7 +33,7 @@
archargs ++ debugargs ++ ["-d", suite, targetdir env, mirror]
-- Next, copy them into the mirror.
codename <- getCodeName
- (targetdir env ++ "/var/cache/bootstrap/Release")
+ (targetdir env ++ "/var/cache/bootstrap/")
dm $ "Codename for this is " ++ codename
mapM_ (\x -> handle (\_ -> return ()) (createDirectory x 0o755))
[mirrordir, mirrordir ++ "/conf"]
diff -ru dfsbuild.orig/dfsbuild-0.99.2/Utils.hs dfsbuild/dfsbuild-0.99.2/Utils.hs
--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs 2006-04-20 00:10:11.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/Utils.hs 2007-01-01 22:40:34.000000000 +0100
@@ -16,6 +16,7 @@
import MissingH.ConfigParser
import MissingH.Cmd
import System.IO.Unsafe
+import System.IO.Error
import Text.Regex
import MissingH.Path.FilePath
import System.Directory(doesFileExist)
@@ -72,7 +73,11 @@
getCodeName :: FilePath -> IO String
getCodeName fp =
- do c <- readFile fp
+ do c_old <- System.IO.Error.catch (readFile (fp ++ "Release"))
+ (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e)
+ c_new <- System.IO.Error.catch (readFile (fp ++ "_dists_._Release"))
+ (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e)
+ c <- if length(c_old) > 0 then return c_old else return c_new
let cr = mkRegex "Codename: ([a-z]+)"
case matchRegex cr c of
Just [cn] -> return cn

View File

@ -0,0 +1,60 @@
## this patch allows the addition of custom scripts to prepare/cleanup the target
## directory before/after package installation
## it is necessary for the samba package as it requires /proc/ during installation
--- dfsbuild.orig/dfsbuild-0.99.2/Actions.hs 2006-04-20 00:10:11.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/Actions.hs 2007-01-03 15:36:59.000000000 +0100
@@ -43,6 +43,11 @@
finished Bootstrapped
Bootstrapped -> -- Time to install shared files
do installlib env
+ finished EnvironmentPrepared
+ EnvironmentPrepared -> -- execute configurable hook scripts
+ do im $ "Executing preparation scripts"
+ mapM_ (safeSystem `flip` [ targetdir env ])
+ (splitWs $ eget env "preparescripts")
finished LibsInstalled
LibsInstalled -> -- Install additional packages
do installpkgs env
@@ -68,6 +73,11 @@
do safeSystem "mkcramfs" [(targetdir env) ++ "/opt/initrd",
(targetdir env) ++ "/boot/initrd.dfs"]
recursiveRemove SystemFS $ (targetdir env) ++ "/opt/initrd"
+ finished EnvironmentCleaned
+ EnvironmentCleaned -> -- execute configurable hook scripts
+ do im $ "Executing preparation scripts"
+ mapM_ (safeSystem `flip` [ targetdir env ])
+ (splitWs $ eget env "cleanupscripts")
finished RamdiskBuilt
RamdiskBuilt -> -- Install the bootloader
do (isoargs, blfunc) <- Bootloader.install env
--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs 2007-01-01 23:06:17.000000000 +0100
+++ dfsbuild/dfsbuild-0.99.2/Utils.hs 2007-01-03 15:33:00.000000000 +0100
@@ -30,10 +31,10 @@
marker :: String,
datestr :: String}
-data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | Installed
- | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped
+data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | EnvironmentPrepared
+ | Installed | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped
| RDPrepped
- | KernelsInstalled | RamdiskBuilt | BootloaderInstalled
+ | KernelsInstalled | EnvironmentCleaned | RamdiskBuilt | BootloaderInstalled
deriving (Eq, Show, Read, Ord)
im = infoM "dfs"
--- dfsbuild.orig/dfsbuild-0.99.2/dfs.cfg 2006-07-02 01:46:22.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/dfs.cfg 2007-01-03 15:40:22.000000000 +0100
@@ -115,6 +115,12 @@
/var/log/dpkg.log
/var/log/bootstrap.log
+# Scripts that should be executed after bootstrapping and before package installation
+#preparescripts =
+
+# Scripts that should be executed after package installation and before iso generation
+#cleanupscripts =
+
######################################################################
# Arch settings: i386
######################################################################

51
hints/release-policy.txt Normal file
View File

@ -0,0 +1,51 @@
For a new live-CD follow steps 1a and 2a.
For a language update live-CD follow steps 1b and 2b.
0) manually update files:
- ntfs-3g debian package (from lenny)
1a) set current version
- cover/cover_[en|de].[odt|pdf]
- etc/defaults.d/dfs-cbox.conf (version setting)
1b) upgrade language files of an old live-cd
- rm -rf _builddir/
- mount -o loop old_live_cd.iso /mnt/ttt
- cp -a /mnt/ttt _builddir/target
- update all binary language files by issuing scripts/update_po_files.py
in the project's language branch
- copy all language files (*.mo) of the updated languages to
_builddir/target/usr/locale/....
- update the list of available languages in
_builddir/target/etc/cryptobox-server/cryptobox.conf
- update the version in _builddir/target/boot/grub/menu.lst
- update cover/conver_[en|de].[swx|pdf]
2a) build image
- 'scripts/cbox-build.sh release'
2b) build image and create signatures
- 'scripts/cbox-build.sh isoz'
- cd _builddir
- sha1sum ISO_FILE > ISO_FILE.sha1sum
- md5sum ISO_FILE > ISO_FILE.md5sum
3) release notes
- update website
- update CHANGELOG
4) upload to codecoop
- check the validity of your ssh-key in your codecoop user account
- type "scp $FILE $USERNAME@shell.codecoop.org:."
- upload a dummy file with the same name via upload-web-interface to codecoop
- ask Jan Kanzleiter <idfx_at_codecoop.org> to replace the dummy with the
scp-file and to manually set the filesize (otherwise: it is not displayed at all)
- upload the checksumfile created by "md5sum cryptobox_vY.X.iso >cryptobox_vY.X.iso.md5sum"
- add release notes and changelog
- upload cover_[en|de].pdf
5) release announcement
- http://codecoop.org
- http://distrowatch.com
- http://livedistro.org
- http://linuxlinks.com

7
hints/starting_uml.txt Normal file
View File

@ -0,0 +1,7 @@
# sample startup file for running the cryptobox in a user-mode-linux environment
#
# it does not work, as the dfsbuild-cd-image is not being recognized during boot
#
# just as a reminder ...
#
kernel/uml-kernel-2.6.12.3-cryptobox dfscd=/dev/ubd1 ubd1r=_builddir/cd1/image.iso ubd0=_builddir/cd1/image-working/opt/dfsruntime/initrd.dfs con=null con0=fd:0,fd:1

27
hints/trac-wiki.txt Normal file
View File

@ -0,0 +1,27 @@
some useful macros:
* [[TOC]] - at the beginning of the document
* [[AutoNav]] - below [[TOC]], followed by a line with "----"
* [[AddComment]] - at the end of the page (below "----")
* [[WikiInclude($PAGENAME)]] - include another wiki page
* [[redirect(wiki:$PAGENAME)]] - redirect to another page (useful to redirect to default lang)
* [[Image(file/trunk/cbox-tree.d/var/www/cryptobox-img/screenshots/$NAME)]] - beware: you may use "wiki" or "ticket" instead of "file" - very unusual syntax
* [[FootNote(Text)]] - creates a reference to a footnote - the list of footnotes is expanded by "[[FootNote]]"
special things:
* the first level heading ("= TEXT =") is considered as the page title - only lower level headings will be a part of the table of contents
* links like "CryptoBoxUser/de" are not recogniced - use "[wiki:CryptoBoxUser/de CryptoBoxUser]" instead
* for a deeper level of items or enumerations, you have to add two(!) additional spaces in front of the symbol ("*" or "1.") - this is obviously strange ...
default page layout:
[[TOC]]
[[AutoNav]]
----
= Title =
== Heading ... ==
...
----
== Comments ==
[[AddComment]]

View File

@ -0,0 +1,79 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="UserDocumentation">User Documentation</h1>
<p>
The following pages are describing the basic usage of the CryptoBox live-CD.
</p>
<p>
The online version of this manual is a wiki, which means you can help improving the pages. If you have a question regarding the documentation, please post it on the bottom of the relevant page. The developers will answer your questions and update the manual as fast as possible.
</p>
<h2 id="Documentationforxreleases">Documentation for 0.3.x releases</h2>
<ol><li><a href="doc_0.0.html">CryptoBoxUserGettingStarted</a> -- first steps to get the Cryptobox up and running
</li><li><a href="doc_0.1.html">CryptoBoxUserDailyUse</a> -- how to access your encrypted data
</li></ol>
<p>
At the moment there is no automatic way of using an encrypted disk of the 0.2 series in a !Cryptobox running the 0.3 series. That's because we did a major redesign of the CryptoBox functionality within the last year. We're sorry for the unconveniance!
</p>
<h2 id="FrequentlyAskedQuestions">Frequently Asked Questions</h2>
<ul><li><a href="faq.html">FAQ</a>
</li></ul></div>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

Binary file not shown.

After

Width:  |  Height:  |  Size: 84 KiB

View File

@ -0,0 +1,93 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>What does the CryptoBox do?</h2>
<p>Usually all your files like phone numbers, love letters, bank
account data etc. are stored in plaintext on your computer's
harddisk.
All the data is accessible for everyone who has access to the harddisk.
This is very bad in case someone you don't trust gets your harddisk.
E.g. a thief that steals your notebook, or breaks into your house or company.
If the thief has your disk he/she can also read all the files that
where saved on it, no matter whether you have a login password or not -
the files are always stored in plaintext.
</p>
<p>The <b>CryptoBox</b> brings easy-to-use data encryption to your
computer. This works out of the box and does not need complicated
configuration steps.</p>
<p>Here comes a small usage example for the CryptoBox with an obsolete
PC as a fileserver:</p>
<p>Boot up the old PC with the CryptoBox live-CD.
Now you can access it with your browser via the network.
Then you partition and reformat the harddisk of the old
PC with encryption support. Therefore you provide a passphrase.
This is all done through the user friendly webinterface.
You can also plug in an external harddisk and use this to store
your encrypted data.
Afterwards you copy your sensitive data over the local
network to the CryptoBox.
It is stored on its harddisk in a secure way.
Nobody can access your data without the right passphrase.
</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

View File

@ -0,0 +1,135 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="left">
<div class="leftcontent">
<h2>You are server admin?</h2>
<p>Take a look at the <a
href="http://devel.cryptobox.org/file/trunk/README">README
file</a>. There you find more detailed information about the
installation and configuration of the CryptoBox-Server
package.</p>
</div>
</div>
<div class="content">
<h2>Requirements for the CryptoBox live-CD</h2>
<p>The <i>CryptoBox live-CD</i> runs on any x86 compatible PC with:</p>
<ul>
<li>CPU: min. 200MHz</li>
<li>RAM: 64 MB</li>
<li>CD-ROM drive</li>
<li>a network connection</li>
<li>a harddisk for your data</li>
</ul>
<p>The harddisk does not need to inside the of CryptoBox computer. You
can also use external devices like USB-drives.
All drives supported by the Linux kernel (2.6.20) can be used: IDE,
SCSI, USB, FireWire, SATA, RAID, ...</p>
<p>Because of the high number of different supported storage media
we call an encrypted disk a <i>volume</i>.
This includes (e.g.): USB-sticks, firewire-disks, flash-drives, digital cameras,
MP3-player, MMC/SD-cards.</p>
</div>
<div class="content">
<h2>Requirements of the CryptoBox-Server</h2>
<p>The <i>CryptoBox-Server</i> package can be installed on any system with at least:</p>
<ul>
<li>Linux kernel 2.6</li>
<li>cryptsetup with LUKS support</li>
<li>kernel support for the <i>crypt</i> target of the <i>device mapper</i></li>
<li>Python 2.4</li>
</ul>
<p>In general a server package should run on any Linux
distribution, but we only provide Debian packages. So you have to
install the necessary files on your own to the right places if
you are using a different linux distribution.</p>
</div>
<div class="content">
<h2>File access</h2>
<p>Once you openend an encrypted volume through the web frontend of
the <i>CryptoBox</i> you can access the volume's data within your local
network via:</p>
<ul>
<li>Samba shares (also known as: <i>windows network share</i>)</li>
<!-- <li>WebDAV (aka: <i>web folder</i>)</li>
<li>nfs (*nix file sharing)</li> -->
</ul>
<p>The <i>CryptoBox-Server</i> package will smoothly integrate into your existing
fileserver. It provides mount points which can be shared via your
favourite protocols (e.g.: WebDAV or NFS).</p>
</div>
<div class="content">
<h2>Encryption</h2>
<p>The encrypted disk partitions are <a href="http://luks.endorphin.org/">LUKS</a>
volumes. This makes it also possible to access your data directly with
every modern linux system or via <a href="http://freeotfe.org/">FreeOTFE</a>
(for Microsoft products).</p>
<p>You can select your favourite encryption algorithm from all
ciphers supported by the linux kernel. The default is
<i>aes-cbc-essiv:sha256</i> (AES in CBC mode with ESSIV based on
SHA256).</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

View File

@ -0,0 +1,173 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>Contribute</h2>
<p>You are not just a consumer. At least not in the Open Source world.</p>
<p>There are various ways to take part in improving the CryptoBox
for all of us ...</p>
</div>
<div class="left">
<div class="leftcontent">
<h2>Overview</h2>
<ul>
<li><a href="http://translate.cryptobox.org/projects/cryptobox/">Translation</a></li>
<li><a href="http://devel.cryptobox.org/newticket">Bug Reports</a></li>
<li><a href="Crypto0.html"">User Documentation</a></li>
<li><a href="http://devel.cryptobox.org/">Development corner</a></li>
<li><a href="https://systemausfall.org/mail-archive/?0">Mailing list archive</a>
<li><a href="http://devel.cryptobox.org/file/trunk/README">README</a></li>
</ul>
</div>
<div class="leftcontent">
<h2>Recent changes</h2>
<ul class="recent_changes">
<li><p class="date">Thu, 22 Feb 2007 12:10:04 GMT</p><a href="http://devel.cryptobox.org/changeset/858">Changeset [858] by lars</a><p>
added configobj to "acknowledgements" (they linked us, too)
</p></li>
<li><p class="date">Thu, 22 Feb 2007 10:57:16 GMT</p><a href="http://devel.cryptobox.org/changeset/857">Changeset [857] by pootle-translation</a><p>
Commit from Thorax Translation Center by user fabrizio. 24 of 24 messages translated (0 fuzzy).
</p></li>
<li><p class="date">Thu, 22 Feb 2007 10:54:29 GMT</p><a href="http://devel.cryptobox.org/changeset/856">Changeset [856] by pootle-translation</a><p>
Commit from Thorax Translation Center by user fabrizio. 2 of 2 messages translated (0 fuzzy).
</p></li>
<li><p class="date">Thu, 22 Feb 2007 05:30:56 GMT</p><a href="http://devel.cryptobox.org/ticket/45">Ticket #45 resolved: not clear if it works - but there is at least some documentation about how ...</a><p>
not clear if it works - but there is at least some documentation about how to find it manually (since [<a title="updated offline documentation ..." href="http://devel.cryptobox.org/changeset/855">855</a>])
</p></li>
<li><p class="date">Thu, 22 Feb 2007 05:16:45 GMT</p><a href="http://devel.cryptobox.org/changeset/855">Changeset [855] by lars</a><p>
updated offline documentation
moved offline documentation to a higher directory
updated autorun links
added mirror script to integrate offline documentation into the current website layout
</p></li></ul>
</div>
</div>
<div class="content">
<h2>Translation center</h2>
<p>We want <i>you</i> to translate the CryptoBox!</p>