Created new branch for Debian Live live-cd build system development. This

commit includes the default configuration files, which don't work with Debian 
"etch".

config/binary

@@ -0,0 +1,146 @@
+# config/binary - options for live-helper(7), binary stage
+
+# $LH_BINARY_FILESYSTEM: set image filesystem
+# (Default: fat16)
+LH_BINARY_FILESYSTEM="fat16"
+
+# $LH_BINARY_IMAGES: set image type
+# (Default: iso)
+LH_BINARY_IMAGES="iso"
+
+# $LH_BINARY_INDICES: set apt/aptitude generic indices
+# (Default: enabled)
+LH_BINARY_INDICES="enabled"
+
+# $LH_BOOTAPPEND_LIVE: set boot parameters
+# (Default: empty)
+LH_BOOTAPPEND_LIVE=""
+
+# $LH_BOOTAPPEND_INSTALL: set boot parameters
+# (Default: empty)
+LH_BOOTAPPEND_INSTALL="-- }"
+
+# $LH_BOOTLOADER: set bootloader
+# (Default: syslinux)
+LH_BOOTLOADER="syslinux"
+
+# $LH_CHECKSUMS: set checksums
+# (Default: enabled)
+LH_CHECKSUMS="enabled"
+
+# ${LH_CHROOT_BUILD: control if we build binary images chrooted
+# (Default: enabled)
+# DO NEVER, *NEVER*, *N*E*V*E*R* SET THIS OPTION to disabled.
+LH_CHROOT_BUILD="enabled"
+
+# $LH_DEBIAN_INSTALLER: set debian-installer
+# (Default: disabled)
+LH_DEBIAN_INSTALLER="disabled"
+
+# $LH_DEBIAN_INSTALLER_DAILY: set daily images
+# (Default: disabled)
+LH_DEBIAN_INSTALLER_DAILY="disabled"
+
+# $LH_ENCRYPTION: set encrytion
+# (Default: disabled)
+LH_ENCRYPTION="disabled"
+
+# $LH_GRUB_SPLASH: set custom grub splash
+# (Default: empty)
+LH_GRUB_SPLASH=""
+
+# $LH_HOSTNAME: set hostname
+# (Default: debian)
+LH_HOSTNAME="debian"
+
+# $LH_ISO_APPLICATION: set iso author
+# (Default: Debian Live)
+LH_ISO_APPLICATION="Debian Live"
+
+# $LH_ISO_PREPARER: set iso preparer
+# (Default: live-helper 1.0~a46; http://packages.qa.debian.org/live-helper)
+LH_ISO_PREPARER="live-helper 1.0~a46; http://packages.qa.debian.org/live-helper"
+
+# $LH_ISO_PUBLISHER: set iso publisher
+# (Default: Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org)
+LH_ISO_PUBLISHER="Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org"
+
+# $LH_ISO_VOLUME: set iso volume (max 32 chars)
+# (Default: Debian Live 20080608-17:04)
+LH_ISO_VOLUME="Debian Live 20080608-17:04"
+
+# $LH_JFFS2_ERASEBLOCK: set jffs2 eraseblock size
+# (Default: unset)
+LH_JFFS2_ERASEBLOCK=""
+
+# $LH_MEMTEST: set memtest
+# (Default: memtest86+)
+LH_MEMTEST="memtest86+"
+
+# $LH_NET_ROOT_FILESYSTEM: set netboot filesystem
+# (Default: nfs)
+LH_NET_ROOT_FILESYSTEM="nfs"
+
+# $LH_NET_ROOT_MOUNTOPTIONS: set nfsopts
+# (Default: empty)
+LH_NET_ROOT_MOUNTOPTIONS=""
+
+# $LH_NET_ROOT_PATH: set netboot server directory
+# (Default: /srv/debian-live)
+LH_NET_ROOT_PATH="/srv/debian-live"
+
+# $LH_NET_ROOT_SERVER: set netboot server address
+# (Default: 192.168.1.1)
+LH_NET_ROOT_SERVER="192.168.1.1"
+
+# $LH_NET_COW_FILESYSTEM: set net client cow filesystem
+# (Default: nfs)
+LH_NET_COW_FILESYSTEM="nfs"
+
+# $LH_NET_COW_MOUNTOPTIONS: set cow mount options
+# (Default: empty)
+LH_NET_COW_MOUNTOPTIONS=""
+
+# $LH_NET_COW_PATH: set cow directory
+# (Default: )
+LH_NET_COW_PATH=""
+
+# $LH_NET_COW_SERVER: set cow server
+# (Default: )
+LH_NET_COW_SERVER=""
+
+# $LH_NET_TARBALL: set net tarball
+# (Default: gzip)
+LH_NET_TARBALL="gzip"
+
+# $LH_SYSLINUX_SPLASH: set custom syslinux splash
+# (Default: empty)
+LH_SYSLINUX_SPLASH=""
+
+# $LH_SYSLINUX_TIMEOUT: set custom syslinux timeout in seconds
+# (Default: 0)
+LH_SYSLINUX_TIMEOUT="0"
+
+# $LH_SYSLINUX_CFG: set custom syslinux configuration file
+# (Default: empty)
+LH_SYSLINUX_CFG=""
+
+# $LH_SYSLINUX_MENU: set syslinux menu
+# (Default: disabled)
+LH_SYSLINUX_MENU="disabled"
+
+# $LH_SYSLINUX_MENU_LIVE_ENTRY: set text to be used on the menu for live entries
+# (Default: Start Debian Live)
+LH_SYSLINUX_MENU_LIVE_ENTRY="Start Debian Live"
+
+# $LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY: set text to be used on the menu for live entries (failsafe ones)
+# (Default: )
+LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY=""
+
+# $LH_SYSLINUX_MENU_MEMTEST_ENTRY: set text to be used on the menu for memtest entry
+# (Default: Memory test)
+LH_SYSLINUX_MENU_MEMTEST_ENTRY="Memory test"
+
+# $LH_USERNAME: set username
+# (Default: user)
+LH_USERNAME="user"

config/bootstrap

@@ -0,0 +1,53 @@
+# config/bootstrap - options for live-helper(7), bootstrap stage
+
+# $LH_ARCHITECTURE: select chroot architecture
+# (Default: autodetected)
+LH_ARCHITECTURE="i386"
+
+# $LH_BOOTSTRAP_CONFIG: set distribution config directory
+# (Default: empty)
+LH_BOOTSTRAP_CONFIG=""
+
+# $LH_BOOTSTRAP_INCLUDE: include packages on base
+# (Default: empty)
+LH_BOOTSTRAP_INCLUDE=""
+
+# $LH_BOOTSTRAP_EXCLUDE: exclude packages on base
+# (Default: empty)
+LH_BOOTSTRAP_EXCLUDE=""
+
+# $LH_BOOTSTRAP_FLAVOUR: select flavour to use
+# (Default: )
+LH_BOOTSTRAP_FLAVOUR=""
+
+# $LH_BOOTSTRAP_KEYRING: set distribution keyring
+# (Default: empty)
+LH_BOOTSTRAP_KEYRING=""
+
+# $LH_DISTRIBUTION: select distribution to use
+# (Default: lenny)
+LH_DISTRIBUTION="lenny"
+
+# $LH_MIRROR_BOOTSTRAP: set mirror to bootstrap from
+# (Default: http://ftp.us.debian.org/debian/)
+LH_MIRROR_BOOTSTRAP="http://ftp.us.debian.org/debian/"
+
+# $LH_MIRROR_CHROOT: set mirror to fetch packages from
+# (Default: http://ftp.us.debian.org/debian/)
+LH_MIRROR_CHROOT="http://ftp.us.debian.org/debian/"
+
+# $LH_MIRROR_CHROOT_SECURITY: set security mirror to fetch packages from
+# (Default: http://security.debian.org/)
+LH_MIRROR_CHROOT_SECURITY="http://security.debian.org/"
+
+# $LH_MIRROR_BINARY: set mirror which ends up in the image
+# (Default: http://ftp.us.debian.org/debian/)
+LH_MIRROR_BINARY="http://ftp.us.debian.org/debian/"
+
+# $LH_MIRROR_BINARY_SECURITY: set security mirror which ends up in the image
+# (Default: http://security.debian.org/)
+LH_MIRROR_BINARY_SECURITY="http://security.debian.org/"
+
+# $LH_SECTIONS: select section(s) to use
+# (Default: main)
+LH_SECTIONS="main"

config/chroot

@@ -0,0 +1,61 @@
+# config/chroot - options for live-helper(7), chroot stage
+
+# $LH_CHROOT_FILESYSTEM: set chroot filesystem
+# (Default: squashfs)
+LH_CHROOT_FILESYSTEM="squashfs"
+
+# $LH_UNION_FILESYSTEM: set union filesystem
+# (Default: aufs)
+LH_UNION_FILESYSTEM="aufs"
+
+# $LH_EXPOSED_ROOT: expose root as read only
+# (Default: disabled)
+LH_EXPOSED_ROOT="disabled"
+
+# $LH_HOOKS: set hook commands
+# (Default: empty)
+LH_HOOKS=""
+
+# $LH_INTERACTIVE: set interactive build
+# (Default: disabled)
+LH_INTERACTIVE="disabled"
+
+# $LH_KEYRING_PACKAGES: set keyring packages
+# (Default: empty)
+LH_KEYRING_PACKAGES=""
+
+# $LH_LANGUAGE: set language to use
+# (Default: empty)
+LH_LANGUAGE="en"
+
+# $LH_LINUX_FLAVOURS: set kernel flavour to use
+# (Default: autodetected)
+LH_LINUX_FLAVOURS="486 686"
+
+# $LH_LINUX_PACKAGES: set kernel packages to use
+# (Default: autodetected)
+LH_LINUX_PACKAGES="linux-image-2.6 aufs-modules-2.6 squashfs-modules-2.6"
+
+# $LH_PACKAGES: set packages to install
+# (Default: empty)
+LH_PACKAGES=""
+
+# $LH_PACKAGES_LISTS: set package list to install
+# (Default: standard)
+LH_PACKAGES_LISTS="standard"
+
+# $LH_TASKS: set tasks to install
+# (Default: empty)
+LH_TASKS=""
+
+# $LH_SECURITY: enable security updates
+# (Default: enabled)
+LH_SECURITY="enabled"
+
+# $LH_SYMLINKS: enable symlink convertion
+# (Default: disabled)
+LH_SYMLINKS="disabled"
+
+# $LH_SYSVINIT: enable sysvinit
+# (Default: disabled)
+LH_SYSVINIT="disabled"

config/common

@@ -0,0 +1,123 @@
+# config/common - common options for live-helper(7)
+
+# $LH_APT: set package manager
+# (Default: apt)
+LH_APT="apt"
+
+# $LH_APT_FTP_PROXY: set apt/aptitude ftp proxy
+# (Default: autodetected or empty)
+LH_APT_FTP_PROXY=""
+
+# $LH_APT_HTTP_PROXY: set apt/aptitude http proxy
+# (Default: autodetected or empty)
+LH_APT_HTTP_PROXY=""
+
+# $LH_APT_PDIFFS: set apt/aptitude pdiff indices
+# (Default: enabled)
+LH_APT_PDIFFS="enabled"
+
+# $LH_APT_PIPELINE: set apt/aptitude pipeline depth
+# (Default: )
+LH_APT_PIPELINE=""
+
+# $LH_APT_RECOMMENDS: set apt/aptitude recommends
+# (Default: enabled)
+LH_APT_RECOMMENDS="enabled"
+
+# $LH_APT_SECURE: set apt/aptitude security
+# (Default: enabled)
+LH_APT_SECURE="enabled"
+
+# $LH_BOOTSTRAP: set bootstrap program
+# (Default: debootstrap)
+LH_BOOTSTRAP="debootstrap"
+
+# $LH_CACHE: control cache
+# (Default: enabled)
+LH_CACHE="enabled"
+
+# $LH_CACHE_INDICES: control if downloaded package indices should be cached
+# (Default: disabled)
+LH_CACHE_INDICES="disabled"
+
+# $LH_CACHE_PACKAGES: control if downloaded packages files should be cached
+# (Default: enabled)
+LH_CACHE_PACKAGES="enabled"
+
+# $LH_CACHE_STAGES: control if completed stages should be cached
+# (Default: bootstrap)
+LH_CACHE_STAGES="bootstrap"
+
+# $LH_DEBCONF_FRONTEND: set debconf(1) frontend to use
+# (Default: noninteractive)
+LH_DEBCONF_FRONTEND="noninteractive"
+
+# $LH_DEBCONF_NOWARNINGS: set debconf(1) warnings
+# (Default: yes)
+LH_DEBCONF_NOWARNINGS="yes"
+
+# $LH_DEBCONF_PRIORITY: set debconf(1) priority to use
+# (Default: critical)
+LH_DEBCONF_PRIORITY="critical"
+
+# $LH_INITRAMFS: set initramfs hook
+# (Default: live-initramfs)
+LH_INITRAMFS="live-initramfs"
+
+# $LH_FDISK: set fdisk program
+# (Default: autodetected)
+LH_FDISK="fdisk"
+
+# $LH_LOSETUP: set losetup program
+# (Default: autodetected)
+LH_LOSETUP="losetup"
+
+# $LH_MODE: set distribution mode
+# (Default: debian)
+LH_MODE="debian"
+
+# $LH_ROOT_COMMAND: use sudo or equivalent
+# (Default: empty)
+#LH_ROOT_COMMAND="sudo"
+
+# $LH_USE_FAKEROOT: use fakeroot/fakechroot
+# (Default: disabled)
+LH_USE_FAKEROOT="disabled"
+
+# $LH_TASKSEL: set tasksel program
+# (Default: aptitude)
+LH_TASKSEL="aptitude"
+
+# $LH_INCLUDES: set includes
+# (Default: /usr/share/live-helper/includes)
+LH_INCLUDES="/usr/share/live-helper/includes"
+
+# $LH_TEMPLATES: set templates
+# (Default: /usr/share/live-helper/templates)
+LH_TEMPLATES="/usr/share/live-helper/templates"
+
+# Live-helper options
+
+# $LH_BREAKPOINTS: enable breakpoints
+# (Default: disabled)
+#LH_BREAKPOINTS="disabled"
+
+# $LH_DEBUG: enable debug
+# (Default: disabled)
+#LH_DEBUG="disabled"
+
+# $LH_FORCE: enable force
+# (Default: disabled)
+#LH_FORCE="disabled"
+
+# $LH_QUIET: enable quiet
+# (Default: disabled)
+LH_QUIET="disabled"
+
+# $LH_VERBOSE: enable verbose
+# (Default: disabled)
+#LH_VERBOSE="disabled"
+
+# Internal stuff (FIXME)
+APT_OPTIONS="--yes"
+APTITUDE_OPTIONS="--assume-yes"

config/source

@@ -0,0 +1,9 @@
+# config/source - options for live-helper(7), source stage
+
+# $LH_SOURCE: set source option
+# (Default: disabled)
+LH_SOURCE="disabled"
+
+# $LH_SOURCE_IMAGES: set image type
+# (Default: tar)
+LH_SOURCE_IMAGES="tar"

configure-examples.d/README

@@ -0,0 +1,30 @@
+1) Overview
+the files in this directory are examples for specific hook scripts to change the
+configuration of the box
+
+2) How to use these scripts
+Copy the scripts, you would like to use into 'configure-local.d'.
+They will be sourced in alphabetic order AFTER the default configuration of the
+cryptobox.
+
+3) The examples
+
+set_root_pw
+	- replace the empty root password (the default) with a choosen password
+	- useful if your development cryptobox:
+	  - is located in an insecure environment
+	  - or your development team is geographically distributed, so the
+	    cryptobox for testing has to be publicly available
+
+import_authorized_keys
+	- create a new rsa key (etc-local.d/id_rsa) and copy the public
+	  key to the image directory
+	- this is useful, if you secured the development cryptobox with a
+	  password (see 'set_root_pw')
+
+set_hostname
+	- change the default hostname ("cryptobox")
+
+set_scan_devices
+	- change the default selection of devices, that can be used as the crypto harddisk
+

configure-examples.d/import_authorized_keys

@@ -0,0 +1,19 @@
+# import a public rsa key into the cryptobox for ssh authentication
+#
+# see README in configure-examples.d for details
+#
+
+SSH_KEY_FILE="$LOCALCONF_DIR/id_rsa"
+
+# create a rsa key if it does not yet exist
+if [ ! -e "$SSH_KEY_FILE" ]
+	then	echo "Creating ssh key ($SSH_KEY_FILE) ..."
+		mkdir -p $(dirname "$SSH_KEY_FILE")
+		ssh-keygen -t rsa -b 1024 -N '' -q -f "$SSH_KEY_FILE"
+  fi
+
+# copy new public ssh key to ~/.ssh/authorized_keys on cryptobox
+echo "Copying local public ssh key file to the box ..."
+mkdir -p "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh"
+cp "${SSH_KEY_FILE}.pub" "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh/authorized_keys"
+

configure-examples.d/set_allowed_devices

@@ -0,0 +1,4 @@
+# change the selection of devices, that can be used as the crypto harddisk
+
+sed -i 's#^AllowedDevices.*$#AllowedDevices = /dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3#' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf"
+

configure-examples.d/set_disabled_plugins

@@ -0,0 +1,4 @@
+# change the selection of disabled plugins
+
+sed -i 's#^DisabledPlugins.*$#DisabledPlugins = #' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf"
+

configure-examples.d/set_hostname

@@ -0,0 +1,4 @@
+# change the hostname (default value: "cryptobox")
+
+echo "cryptobox" >"$IMAGE_DIR"/etc/hostname
+

configure-examples.d/set_root_pw

@@ -0,0 +1,11 @@
+# replace the empty root password of an development cryptobox with a choosen one
+#
+# see misc/custom-configure.d/README for details
+#
+
+# set the password to your needs
+NEW_ROOT_PASSWORD=foobar
+
+echo "Setting a root password ..."
+echo "root:$NEW_ROOT_PASSWORD" | chroot "$IMAGE_DIR" "$CHROOTSTART" chpasswd root
+

etc-defaults.d/README

@@ -0,0 +1,4 @@
+this directory contains some configuration files for the development of the CryptoBox
+
+If you want to use different local settings, then you should copy the respective
+configuration file to the directory "etc-local.d" and adapt it to your needs.

etc-defaults.d/cbox-dev.conf

@@ -0,0 +1,54 @@
+# some local settings for cbox-build.sh and validate.sh
+#
+# previously defined settings:
+#	- ROOT_DIR
+#
+
+
+####################### cbox-build ########################
+
+# the build directory (will be ERASED without warning)
+BUILD_DIR="$ROOT_DIR/_builddir"
+
+# the cryptobox development files
+CBOX_DEVEL_DIR=$ROOT_DIR/cbox-tree.d
+
+# template for live-cd
+TEMPLATE_DIR=$ROOT_DIR/live-cd-tree.d
+
+# the iso image
+IMAGE_FILE=$BUILD_DIR/cryptobox.iso
+
+# temporary directory
+TMP_DIR=/tmp/$(basename $0)-$$
+
+# the virtual harddisk image used for qemu
+HD_IMAGE=/tmp/$(basename $0)-testplatte.img
+
+# mkisofs options (the option "-U" is not clean, but it prevents long
+# filenames from getting mapped)
+# TODO: this may prevent windows user from reading the documentation
+MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
+
+# for burning a CD
+CDWRITER=0,0,0
+
+
+####################### validation ########################
+
+# language of validation (select web interface language)
+VALIDATE_LANGUAGE=en
+
+# directory of the test-cases
+VALIDATE_TEST_CASES_DIR=$ROOT_DIR/validation/test-cases
+
+# override these settings if the CryptoBox uses a non-default IP
+VALIDATE_HOST_IP_DEFAULT=192.168.0.23
+VALIDATE_HOST_IP_CHANGED=192.168.0.24
+
+# destination directories for the results
+VALIDATE_REPORT_DIR=/tmp/cryptobox-validation-$$
+VALIDATE_REPORT_DIR=$ROOT_DIR/validation/report
+VALIDATE_SUMMARY_TEMPLATE_DIR=$ROOT_DIR/validation/templates
+
+

etc-defaults.d/dfs-cbox.conf

@@ -0,0 +1,236 @@
+# arch-tag: Default configuration file
+# Copyright (c) 2004 John Goerzen
+
+[DEFAULT]
+######################################################################
+# Overall settings, set defaults for all archs
+######################################################################
+
+# Name of generated disc & hostname
+# BEWARE: hostname does not work - you have to set the hostname manually at the end of this file
+name = CryptoBox
+
+# Version of generated disc
+version = 0.3.4
+
+# Person that built it
+builder = sense.lab
+
+# Repositories to mirror.  Details about each one are configured below.
+dlrepos = stable
+
+# Repository to build the CD with.  Must be in above list.
+suite = stable
+
+# Whether or not to use zftree compression on ISO image
+compress = no
+
+# Files to never compress if the above is yes
+# If a dir is given, that dir and everything below is not compressed
+dontcompress = /boot
+	/etc/*boot*
+	/opt/dfsruntime/initrd.dfs
+
+# Location of dfsbuild support files
+libdir = /usr/lib/dfsbuild
+
+# Location of docs for CD
+docdir = /usr/share/doc/dfsbuild
+
+# Bootloader to place on CD.  Choices are:
+# grub-hd              GRUB with ElTorito hard disk emulation (not working yet)
+# grub-no-emul         "raw" ElTorito image
+# aboot                Alpha SRM bootloader
+# yaboot               PowerPC bootloader
+# (usually set in arch area)
+#bootloader = grub-no-emul
+
+
+# Packages to install on live FS, on all archs, besides base system
+allpackages =	
+		util-linux
+		grub
+		parted
+		dmsetup
+		perl
+		tar 
+		bash 
+		coreutils 
+		module-init-tools 
+		ifupdown 
+		busybox
+		usbutils 
+		pciutils 
+		discover 
+		hdparm 
+		binutils
+		debconf 
+		sysutils 
+		stunnel4
+		samba
+		hashalot
+		python-clearsilver
+		python-cherrypy
+		python-configobj
+		python-central
+		super
+		dosfstools
+		cryptsetup
+		python-m2crypto
+		# support for file systems
+		e2tools 
+		e2fsprogs
+		xfsprogs
+		hfsutils
+		jfsutils
+		## ntfs-3g is not in etch
+		#ntfs-3g
+		# TODO: remove the following packages for the final version
+		subversion
+		strace
+		ssh
+		vim
+		nano 
+		less 
+		lynx
+		w3m
+		screen
+		elinks
+
+
+# select a mirror for the repository (apt-cacher, apt-proxy, no caching) by
+# uncommenting the line of your choice
+# (1) apt-cacher (default)
+mirror = http://127.0.0.1/apt-cacher/ftp.debian.org/debian
+# (2) apt-proxy
+#mirror = http://127.0.0.1:9999/debian
+# (3) no caching proxy for apt
+#mirror = http://ftp.debian.org/debian
+
+
+# Files to place on the ramdisk
+ramdisk_files = /etc/resolv.conf
+	/etc/lvm*
+	/tmp
+	/var/tmp
+	/dev
+	/var/lib/dhcp
+	/var/lib/samba
+	/var/log
+	/var/cache/samba
+	/var/lock
+	/var/run
+	/var/state
+	/etc/mtab
+	/root
+	/etc/network
+	/var/lib/misc
+	/var/lib/urandom
+	#/etc/hotplug/.run
+	/var/spool/cron
+
+# Directories to create on live fs
+makedirs = 
+
+# Files to delete from live fs
+deletefiles = /etc/rcS.d/*discover 
+	/etc/rcS.d/*lvm
+	/var/log/dpkg.log
+	/var/log/bootstrap.log
+
+preparescripts =
+	../scripts/prepare_target.sh
+
+cleanupscripts =
+	../scripts/cleanup_target.sh
+
+######################################################################
+# Arch settings: i386
+######################################################################
+
+[i386]
+# Name of any kernel images to install directly from your current filesystem
+#kernels = /boot/vmlinuz-2.4.27-2-386
+
+# Modules to copy from host filesystem
+#modules = /lib/modules/2.4.27-2-386
+
+# Debs from local fs to unpack on live FS (will not be configured)
+unpackdebs =
+	../packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb
+
+# Other packages to install besides the list in DEFAULT
+packages = %(allpackages)s
+
+# Debs from local fs to install on live fs
+## fetch newest ntfs-3g from debian backports
+installdebs = 
+	../packages/cryptobox-server.deb
+	../packages/ntfs-3g_1%3a1.516-1~bpo.1_i386.deb
+
+# Bootloader (see options under default)
+bootloader = grub-no-emul
+
+# Extra lines for grub config
+grubconfig = timeout 0
+	password -md5 this_invalid_hash_protects_grub_config
+
+#####################################################################
+# Repository configuration
+######################################################################
+
+# Repositories to download
+[repo testing]
+suite = testing
+
+[repo amd64]
+suite = unstable
+# Override default mirror
+#mirror = http://debian-amd64.alioth.debian.org/pure64/
+# Override default arch
+arch = amd64
+
+######################################################################
+# Text to add to existing files
+######################################################################
+
+[appendfiles]
+
+/etc/network/interfaces =
+	auto lo eth0
+	iface lo inet loopback
+	iface eth0 inet static
+		address 192.168.0.23
+		netmask 255.255.255.0
+
+# /etc/modules =
+
+/etc/profile = export TERM=vt100
+
+######################################################################
+# Files to create or truncate
+######################################################################
+
+[createfiles]
+/etc/hostname = CryptoBox
+
+/etc/syslog.conf = *.*	/dev/tty8
+	*.info	/dev/tty7
+
+/etc/hosts = 127.0.0.1 localhost
+
+/etc/kernel-img.conf = do_initrd = Yes
+
+# exit the samba startup script during install immediately - otherwise
+# there would be /proc problems - it will get replaced later via
+# live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh
+/etc/default/samba = exit
+
+######################################################################
+# Symlinks to create (from = to format)
+######################################################################
+
+# this does not work anymore
+#[symlinks]
+#/etc/mtab = /proc/mounts
+

etc-defaults.d/qemu-ifup.default

@@ -0,0 +1,55 @@
+#!/bin/sh
+#
+# this is the qemu-ifup script that should be run at qemu's boot
+#
+
+# determine the interface to the outside
+IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/  */ /g" | cut -d " " -f 8 | head -1`
+# nothing found? - sorry!
+[ -z "$IF_WORLD" ] && IF_WORLD=eth0
+
+
+if [ "$UID" -ne 0 ] 
+	then	sudo $0 $*
+		exit 0
+  fi
+
+echo "Laufe als root ..."
+
+IPT=/sbin/iptables
+[ ! -x $IPT ] && IPT=/usr/sbin/iptables
+
+IPT_RULES="	FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
+		FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
+		POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
+		INPUT -i tun0 -j ACCEPT
+		OUTPUT -o tun0 -j ACCEPT"
+
+aktiviere_forward()
+{
+	echo "$IPT_RULES" | while read a
+		do	$IPT -A $a
+	  done
+	echo 1 >/proc/sys/net/ipv4/ip_forward
+}
+
+deaktiviere_forward()
+{
+	echo "$IPT_RULES" | while read a
+		do	$IPT -D $a
+	  done
+	echo 0 >/proc/sys/net/ipv4/ip_forward
+}
+
+case "$1" in
+	stop )
+		deaktiviere_forward
+		#/etc/init.d/dhcp stop
+		;;
+	* )
+		/sbin/ifconfig $1 192.168.0.1
+		#/etc/init.d/dhcp start
+		aktiviere_forward
+		;;
+  esac
+

etc-defaults.d/ssh-options.default

@@ -0,0 +1,17 @@
+Host cryptobox
+
+# change this part according to your needs
+HostName 192.168.0.23
+Port 22
+
+# maybe you want to use rsa authentication?
+# see misc/custom-configure.s/README for examples
+#IdentityFile local.conf.d/id_rsa
+
+# this should be valid for everyone
+User root
+CheckHostIP no
+StrictHostKeyChecking no
+
+# nice for frequently changing server key due to a rebuild of the base system
+UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts

etc-defaults.d/ssh_config

@@ -0,0 +1,17 @@
+Host cryptobox
+
+# change this part according to your needs
+HostName 192.168.0.23
+Port 22
+
+# maybe you want to use rsa authentication?
+# see configure-examples.d/README for examples
+IdentityFile local.conf.d/id_rsa
+
+# this should be valid for everyone
+User root
+CheckHostIP no
+StrictHostKeyChecking no
+
+# nice for frequently changing server key due to a rebuild of the base system
+UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts

hints/codecoop-website-upload.txt

@@ -0,0 +1,6 @@
+by scp or webdav - the last one is the better choice
+
+1) webdav
+apt-get install davfs2
+modprobe coda
+mount -t davfs https://upload.codecoop.org/groups/cryptobox/ /mnt/ttt

hints/dev-requirements

@@ -0,0 +1,5 @@
+developer requirements:
+- dfsbuild
+- wget
+- curl
+- (qemu)

hints/dfsbuild-patching.txt

@@ -0,0 +1,13 @@
+The current official debian package of dfsbuild (v0.99.2) is not working due
+to three ugly but small bugs.
+
+If you are using dfsbuild v0.99.2, then you should do the following:
+ - create a new directory and change into it
+ - apt-get source dfsbuild
+ - apply all dfsbuild-bug-?.patch files to the source directory
+ - debuild -uc -us
+ - install the freshly built package
+
+Alternatively you could also install the patched version:
+		packages/dfsbuild_0.99.2.1_i386.deb
+

hints/install_clearsilver.txt

@@ -0,0 +1,26 @@
+as there is no debian-package for the perl bindings of clearsilver, you have to add it manually to the tree of the cbox-tree
+
+1) download
+- get it from: http://www.clearsilver.net/downloads
+- unpack (tar xzf . ...)
+
+
+2) configuration
+./configure --disable-python --disable-ruby --disable-csharp --disable-apache --disable-java --disable-compression --enable-perl --enable-gettext --prefix=/tmp/clearsilver-perl
+
+
+3) fix a problem in scripts/document.py
+change the first line to "#!/usr/bin/env python"
+
+
+4) build it
+- make
+- make install
+
+
+5) cp to the cbox
+cp -a /tmp/clearsilver-perl/local/lib/perl/5.8.7/. cryptobox.conf.d/usr/lib/perl5
+rm cryptobox.conf.d/usr/lib/perl5/perllocal.pod
+
+6) dependencies
+add python-clearsilver to the box (dfsbuild.conf)

hints/kernel-build.txt

@@ -0,0 +1,23 @@
+Hints for building and integrating a new kernel into the cryptobox:
+
+1) get the source
+download it from http://kernel.org (at least 2.6.11)
+
+2) configure
+- copy the current kernel config from the cryptobox/trunk/kernel
+  directory to the kernel source directory as ".config" (the .config
+  can also be found in the current kernel-image-cryptoboxX.Y.deb packagefile)
+- make menuconfig
+- make-kpkg --rootcmd fakeroot --revision=cryptoboxY.X kernel_image
+  (replace "Y.X" by the current cryptobox release)
+
+3) integrating
+- copy the debian kernel package (see above) and the config file to cryptobox/trunk/kernel
+- change the "unpackdebs" setting in cryptobox/trunk/etc-default.d/dfs-cbox.conf
+- add the new kernel package and the config file to the repository (svn add)
+
+4) afterwork
+- run "cryptobox/trunk/scripts/cbox-build.sh dfsbuild" to create a fresh base system
+  including the new kernel
+- test the box with your new kernel
+- enjoy it! :)

hints/patches/dfsbuild-bugs-1.patch

@@ -0,0 +1,56 @@
+## fixed bugs:
+## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404563
+## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404555
+diff -ruN dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs
+--- dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs	2006-04-20 00:10:11.000000000 +0200
++++ dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs	2007-01-02 00:56:45.000000000 +0100
+@@ -40,8 +40,11 @@
+ 
+ grub_generic env =
+     do createDirectory (targetdir env ++ "/boot/grub") 0o755
+-       grubfiles <- glob "/lib/grub/*/*"
+-       safeSystem "cp" $ ["-rv"] ++ grubfiles ++ [targetdir env ++ "/boot/grub/"]
++	   -- since etch (Debian 4.0) grub files are located in /usr/lib instead of /lib
++       grubfiles_pre_etch <- glob "/lib/grub/*/*"
++       grubfiles_since_etch <- glob "/usr/lib/grub/*/*"
++       safeSystem "cp" $ ["-rv"] ++ grubfiles_pre_etch ++ grubfiles_since_etch ++
++         [targetdir env ++ "/boot/grub/"]
+        menuText <- grubMenu env
+        writeFile (targetdir env ++ "/boot/grub/menu.lst") menuText
+ 
+diff -ru dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs
+--- dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs	2006-04-20 00:10:11.000000000 +0200
++++ dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs	2007-01-01 22:09:26.000000000 +0100
+@@ -33,7 +33,7 @@
+                   archargs ++ debugargs ++ ["-d", suite, targetdir env, mirror]
+        -- Next, copy them into the mirror.
+        codename <- getCodeName 
+-                   (targetdir env ++ "/var/cache/bootstrap/Release")
++                   (targetdir env ++ "/var/cache/bootstrap/")
+        dm $ "Codename for this is " ++ codename
+        mapM_ (\x -> handle (\_ -> return ()) (createDirectory x 0o755))
+                  [mirrordir, mirrordir ++ "/conf"]
+diff -ru dfsbuild.orig/dfsbuild-0.99.2/Utils.hs dfsbuild/dfsbuild-0.99.2/Utils.hs
+--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs	2006-04-20 00:10:11.000000000 +0200
++++ dfsbuild/dfsbuild-0.99.2/Utils.hs	2007-01-01 22:40:34.000000000 +0100
+@@ -16,6 +16,7 @@
+ import MissingH.ConfigParser
+ import MissingH.Cmd
+ import System.IO.Unsafe
++import System.IO.Error
+ import Text.Regex
+ import MissingH.Path.FilePath
+ import System.Directory(doesFileExist)
+@@ -72,7 +73,11 @@
+ 
+ getCodeName :: FilePath -> IO String
+ getCodeName fp =
+-    do c <- readFile fp
++    do c_old <- System.IO.Error.catch (readFile (fp ++ "Release"))
++	       (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e)
++       c_new <- System.IO.Error.catch (readFile (fp ++ "_dists_._Release"))
++	       (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e)
++       c <- if length(c_old) > 0 then return c_old else return c_new   
+        let cr = mkRegex "Codename: ([a-z]+)"
+        case matchRegex cr c of
+          Just [cn] -> return cn

hints/patches/dfsbuild-bugs-2.patch

@@ -0,0 +1,60 @@
+## this patch allows the addition of custom scripts to prepare/cleanup the target
+## directory before/after package installation
+## it is necessary for the samba package as it requires /proc/ during installation
+--- dfsbuild.orig/dfsbuild-0.99.2/Actions.hs	2006-04-20 00:10:11.000000000 +0200
++++ dfsbuild/dfsbuild-0.99.2/Actions.hs	2007-01-03 15:36:59.000000000 +0100
+@@ -43,6 +43,11 @@
+                 finished Bootstrapped
+          Bootstrapped ->           -- Time to install shared files
+              do installlib env
++                finished EnvironmentPrepared
++         EnvironmentPrepared ->        -- execute configurable hook scripts
++             do im $ "Executing preparation scripts"
++                mapM_ (safeSystem `flip` [ targetdir env ])
++                    (splitWs $ eget env "preparescripts")
+                 finished LibsInstalled
+          LibsInstalled ->        -- Install additional packages
+              do installpkgs env
+@@ -68,6 +73,11 @@
+              do safeSystem "mkcramfs" [(targetdir env) ++ "/opt/initrd",
+                                        (targetdir env) ++ "/boot/initrd.dfs"]
+                 recursiveRemove SystemFS $ (targetdir env) ++ "/opt/initrd"
++                finished EnvironmentCleaned
++         EnvironmentCleaned ->        -- execute configurable hook scripts
++             do im $ "Executing preparation scripts"
++                mapM_ (safeSystem `flip` [ targetdir env ])
++                    (splitWs $ eget env "cleanupscripts")
+                 finished RamdiskBuilt
+          RamdiskBuilt ->        -- Install the bootloader
+              do (isoargs, blfunc) <- Bootloader.install env
+--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs	2007-01-01 23:06:17.000000000 +0100
++++ dfsbuild/dfsbuild-0.99.2/Utils.hs	2007-01-03 15:33:00.000000000 +0100
+@@ -30,10 +31,10 @@
+      marker :: String,
+      datestr :: String}
+ 
+-data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | Installed
+-              | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped 
++data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | EnvironmentPrepared
++              | Installed | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped 
+               | RDPrepped
+-              | KernelsInstalled | RamdiskBuilt | BootloaderInstalled
++              | KernelsInstalled | EnvironmentCleaned | RamdiskBuilt | BootloaderInstalled
+               deriving (Eq, Show, Read, Ord)
+ 
+ im = infoM "dfs"
+--- dfsbuild.orig/dfsbuild-0.99.2/dfs.cfg	2006-07-02 01:46:22.000000000 +0200
++++ dfsbuild/dfsbuild-0.99.2/dfs.cfg	2007-01-03 15:40:22.000000000 +0100
+@@ -115,6 +115,12 @@
+         /var/log/dpkg.log
+         /var/log/bootstrap.log
+ 
++# Scripts that should be executed after bootstrapping and before package installation
++#preparescripts =
++
++# Scripts that should be executed after package installation and before iso generation
++#cleanupscripts =
++
+ ######################################################################
+ # Arch settings: i386
+ ######################################################################

hints/release-policy.txt

@@ -0,0 +1,51 @@
+For a new live-CD follow steps 1a and 2a.
+For a language update live-CD follow steps 1b and 2b.
+
+0) manually update files:
+    - ntfs-3g debian package (from lenny)
+
+1a) set current version
+	- cover/cover_[en|de].[odt|pdf]
+	- etc/defaults.d/dfs-cbox.conf (version setting)
+
+1b) upgrade language files of an old live-cd
+	- rm -rf _builddir/
+	- mount -o loop old_live_cd.iso /mnt/ttt
+	- cp -a /mnt/ttt _builddir/target
+	- update all binary language files by issuing scripts/update_po_files.py
+	  in the project's language branch
+	- copy all language files (*.mo) of the updated languages to
+	  _builddir/target/usr/locale/....
+	- update the list of available languages in
+	  _builddir/target/etc/cryptobox-server/cryptobox.conf
+	- update the version in _builddir/target/boot/grub/menu.lst
+	- update cover/conver_[en|de].[swx|pdf]
+
+2a) build image
+	- 'scripts/cbox-build.sh release'
+
+2b) build image and create signatures
+	- 'scripts/cbox-build.sh isoz'
+	- cd _builddir
+	- sha1sum ISO_FILE > ISO_FILE.sha1sum
+	- md5sum ISO_FILE > ISO_FILE.md5sum
+
+3) release notes
+	- update website
+	- update CHANGELOG
+
+4) upload to codecoop
+	- check the validity of your ssh-key in your codecoop user account
+	- type "scp $FILE $USERNAME@shell.codecoop.org:."
+	- upload a dummy file with the same name via upload-web-interface to codecoop
+	- ask Jan Kanzleiter <idfx_at_codecoop.org> to replace the dummy with the
+	  scp-file and to manually set the filesize (otherwise: it is not displayed at all)
+	- upload the checksumfile created by "md5sum cryptobox_vY.X.iso >cryptobox_vY.X.iso.md5sum"
+	- add release notes and changelog
+	- upload cover_[en|de].pdf
+
+5) release announcement
+	- http://codecoop.org
+	- http://distrowatch.com
+	- http://livedistro.org
+	- http://linuxlinks.com

hints/starting_uml.txt

@@ -0,0 +1,7 @@
+# sample startup file for running the cryptobox in a user-mode-linux environment
+# 
+# it does not work, as the dfsbuild-cd-image is not being recognized during boot
+#
+# just as a reminder ...
+#
+kernel/uml-kernel-2.6.12.3-cryptobox dfscd=/dev/ubd1 ubd1r=_builddir/cd1/image.iso ubd0=_builddir/cd1/image-working/opt/dfsruntime/initrd.dfs con=null con0=fd:0,fd:1

hints/trac-wiki.txt

@@ -0,0 +1,27 @@
+some useful macros:
+* [[TOC]] - at the beginning of the document
+* [[AutoNav]] - below [[TOC]], followed by a line with "----"
+* [[AddComment]] - at the end of the page (below "----")
+* [[WikiInclude($PAGENAME)]] - include another wiki page
+* [[redirect(wiki:$PAGENAME)]] - redirect to another page (useful to redirect to default lang)
+* [[Image(file/trunk/cbox-tree.d/var/www/cryptobox-img/screenshots/$NAME)]] - beware: you may use "wiki" or "ticket" instead of "file" - very unusual syntax
+* [[FootNote(Text)]] - creates a reference to a footnote - the list of footnotes is expanded by "[[FootNote]]"
+
+special things:
+* the first level heading ("= TEXT =") is considered as the page title - only lower level headings will be a part of the table of contents
+* links like "CryptoBoxUser/de" are not recogniced - use "[wiki:CryptoBoxUser/de CryptoBoxUser]" instead
+* for a deeper level of items or enumerations, you have to add two(!) additional spaces in front of the symbol ("*" or "1.") - this is obviously strange ...
+
+default page layout:
+[[TOC]]
+[[AutoNav]]
+----
+
+= Title =
+
+== Heading ... ==
+...
+
+----
+== Comments ==
+[[AddComment]]

live-cd-tree.d/_offline/doc/Crypto0.html

@@ -0,0 +1,79 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+	
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<title>CryptoBox</title>
+	<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
+	<meta content="" name="keywords" />
+	<meta name="description" content="a secure fileserver, live-CD, web front-end" />
+	<link rel="stylesheet" type="text/css" href="main.css" />
+</head>
+
+<body>
+<div class="container">
+
+	<div id="header"><!-- just the logo --></div>
+	<div class="navbar">
+	<p>
+		<a href="index.html">Home</a> |
+		<a href="news.html">News</a> |
+		<a href="downlo0.html">Download</a> |
+		<a href="support.html">Support</a> |
+		<a href="develo0.html">Development</a>
+	</p>
+</div>
+	<!-- content starts here -->
+<div class="centercontent">
+    <div><h1 id="UserDocumentation">User Documentation</h1>
+<p>
+The following pages are describing the basic usage of the CryptoBox live-CD. 
+</p>
+<p>
+The online version of this manual is a wiki, which means you can help improving the pages. If you have a question regarding the documentation, please post it on the bottom of the relevant page. The developers will answer your questions and update the manual as fast as possible.
+</p>
+<h2 id="Documentationforxreleases">Documentation for 0.3.x releases</h2>
+<ol><li><a href="doc_0.0.html">CryptoBoxUserGettingStarted</a> -- first steps to get the Cryptobox up and running
+</li><li><a href="doc_0.1.html">CryptoBoxUserDailyUse</a> -- how to access your encrypted data
+</li></ol>
+<p>
+At the moment there is no automatic way of using an encrypted disk of the 0.2 series in a !Cryptobox running the 0.3 series. That's because we did a major redesign of the CryptoBox functionality within the last year. We're sorry for the unconveniance!
+</p>
+<h2 id="FrequentlyAskedQuestions">Frequently Asked Questions</h2>
+<ul><li><a href="faq.html">FAQ</a>
+</li></ul></div>
+   </div>
+   
+</div>
+	<!-- content ends here -->
+<div id="footer">
+	<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
+</div>
+
+</div>
+
+<!-- /Creative Commons License -->
+<!--
+
+<rdf:RDF xmlns="http://web.resource.org/cc/"
+    xmlns:dc="http://purl.org/dc/elements/1.1/"
+    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
+<Work rdf:about="">
+   <dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
+   <license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
+</Work>
+
+<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
+   <permits rdf:resource="http://web.resource.org/cc/Reproduction" />
+   <permits rdf:resource="http://web.resource.org/cc/Distribution" />
+   <requires rdf:resource="http://web.resource.org/cc/Notice" />
+   <requires rdf:resource="http://web.resource.org/cc/Attribution" />
+   <permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
+   <requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
+</License>
+
+</rdf:RDF>
+-->
+
+</body>
+</html>
+

live-cd-tree.d/_offline/doc/cartoon.html

@@ -0,0 +1,93 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+	
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<title>CryptoBox</title>
+	<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
+	<meta content="" name="keywords" />
+	<meta name="description" content="a secure fileserver, live-CD, web front-end" />
+	<link rel="stylesheet" type="text/css" href="main.css" />
+</head>
+
+<body>
+<div class="container">
+
+	<div id="header"><!-- just the logo --></div>
+	<div class="navbar">
+	<p>
+		<a href="index.html">Home</a> |
+		<a href="news.html">News</a> |
+		<a href="downlo0.html">Download</a> |
+		<a href="support.html">Support</a> |
+		<a href="develo0.html">Development</a>
+	</p>
+</div>
+	<!-- content starts here -->
+	<div class="centercontent">
+	<h2>What does the CryptoBox do?</h2>
+	<p>Usually all your files like phone numbers, love letters, bank
+	account data etc. are stored in plaintext on your computer's
+	harddisk.
+	All the data is accessible for everyone who has access to the harddisk.
+	This is very bad in case someone you don't trust gets your harddisk.
+	E.g. a thief that steals your notebook, or breaks into your house or company.
+	If the thief has your disk he/she can also read all the files that
+	where saved on it, no matter whether you have a login password or not -
+	the files are always stored in plaintext.
+	</p>
+
+	<p>The <b>CryptoBox</b> brings easy-to-use data encryption to your
+	computer. This works out of the box and does not need complicated
+	configuration steps.</p>
+
+	<p>Here comes a small usage example for the CryptoBox with an obsolete
+	PC as a fileserver:</p>
+
+	<p>Boot up the old PC with the CryptoBox live-CD.
+	Now you can access it with your browser via the network.
+	Then you partition and reformat the harddisk of the old
+	PC with encryption support. Therefore you provide a passphrase.
+	This is all done through the user friendly webinterface.
+	You can also plug in an external harddisk and use this to store
+	your encrypted data.
+	Afterwards you copy your sensitive data over the local
+	network to the CryptoBox.
+	It is stored on its harddisk in a secure way.
+	Nobody can access your data without the right passphrase.
+	</p>
+</div>
+
+
+	<!-- content ends here -->
+<div id="footer">
+	<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
+</div>
+
+</div>
+
+<!-- /Creative Commons License -->
+<!--
+
+<rdf:RDF xmlns="http://web.resource.org/cc/"
+    xmlns:dc="http://purl.org/dc/elements/1.1/"
+    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
+<Work rdf:about="">
+   <dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
+   <license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
+</Work>
+
+<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
+   <permits rdf:resource="http://web.resource.org/cc/Reproduction" />
+   <permits rdf:resource="http://web.resource.org/cc/Distribution" />
+   <requires rdf:resource="http://web.resource.org/cc/Notice" />
+   <requires rdf:resource="http://web.resource.org/cc/Attribution" />
+   <permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
+   <requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
+</License>
+
+</rdf:RDF>
+-->
+
+</body>
+</html>
+

live-cd-tree.d/_offline/doc/details.html

@@ -0,0 +1,135 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+	
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<title>CryptoBox</title>
+	<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
+	<meta content="" name="keywords" />
+	<meta name="description" content="a secure fileserver, live-CD, web front-end" />
+	<link rel="stylesheet" type="text/css" href="main.css" />
+</head>
+
+<body>
+<div class="container">
+
+	<div id="header"><!-- just the logo --></div>
+	<div class="navbar">
+	<p>
+		<a href="index.html">Home</a> |
+		<a href="news.html">News</a> |
+		<a href="downlo0.html">Download</a> |
+		<a href="support.html">Support</a> |
+		<a href="develo0.html">Development</a>
+	</p>
+</div>
+	<!-- content starts here -->
+	<div class="left">
+
+	<div class="leftcontent">
+		<h2>You are server admin?</h2>
+		<p>Take a look at the <a
+			href="http://devel.cryptobox.org/file/trunk/README">README
+			file</a>. There you find more detailed information about the
+			installation and configuration of the CryptoBox-Server
+			package.</p>
+	</div>
+
+</div>
+
+<div class="content">
+	<h2>Requirements for the CryptoBox live-CD</h2>
+	<p>The <i>CryptoBox live-CD</i> runs on any x86 compatible PC with:</p>
+	<ul>
+		<li>CPU: min. 200MHz</li>
+		<li>RAM: 64 MB</li>
+		<li>CD-ROM drive</li>
+		<li>a network connection</li>
+		<li>a harddisk for your data</li>
+	</ul>
+	<p>The harddisk does not need to inside the of CryptoBox computer. You
+	can also use external devices like USB-drives.
+	All drives supported by the Linux kernel (2.6.20) can be used: IDE,
+	SCSI, USB, FireWire, SATA, RAID, ...</p>
+	<p>Because of the high number of different supported storage media
+	we call an encrypted disk a <i>volume</i>.
+	This includes (e.g.): USB-sticks, firewire-disks, flash-drives, digital cameras,
+	MP3-player, MMC/SD-cards.</p>
+</div>
+
+<div class="content">
+	<h2>Requirements of the CryptoBox-Server</h2>
+	<p>The <i>CryptoBox-Server</i> package can be installed on any system with at least:</p>
+	<ul>
+		<li>Linux kernel 2.6</li>
+		<li>cryptsetup with LUKS support</li>
+		<li>kernel support for the <i>crypt</i> target of the <i>device mapper</i></li>
+		<li>Python 2.4</li>
+	</ul>
+	<p>In general a server package should run on any Linux
+	distribution, but we only provide Debian packages. So you have to
+	install the necessary files on your own to the right places if
+	you are using a different linux distribution.</p>
+</div>
+
+<div class="content">
+	<h2>File access</h2>
+	<p>Once you openend an encrypted volume through the web frontend of
+	the <i>CryptoBox</i> you can access the volume's data within your local
+	network via:</p>
+	<ul>
+		<li>Samba shares (also known as: <i>windows network share</i>)</li>
+		<!-- <li>WebDAV (aka: <i>web folder</i>)</li>
+		<li>nfs (*nix file sharing)</li> -->
+	</ul>
+	<p>The <i>CryptoBox-Server</i> package will smoothly integrate into your existing
+	fileserver. It provides mount points which can be shared via your
+	favourite protocols (e.g.: WebDAV or NFS).</p>
+</div>
+
+<div class="content">
+	<h2>Encryption</h2>
+	<p>The encrypted disk partitions are <a href="http://luks.endorphin.org/">LUKS</a>
+	volumes. This makes it also possible to access your data directly with
+	every modern linux system or via <a href="http://freeotfe.org/">FreeOTFE</a>
+	(for Microsoft products).</p>
+	<p>You can select your favourite encryption algorithm from all
+	ciphers supported by the linux kernel. The default is
+	<i>aes-cbc-essiv:sha256</i> (AES in CBC mode with ESSIV based on
+	SHA256).</p>
+</div>
+
+
+
+	<!-- content ends here -->
+<div id="footer">
+	<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
+</div>
+
+</div>
+
+<!-- /Creative Commons License -->
+<!--
+
+<rdf:RDF xmlns="http://web.resource.org/cc/"
+    xmlns:dc="http://purl.org/dc/elements/1.1/"
+    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
+<Work rdf:about="">
+   <dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
+   <license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
+</Work>
+
+<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
+   <permits rdf:resource="http://web.resource.org/cc/Reproduction" />
+   <permits rdf:resource="http://web.resource.org/cc/Distribution" />
+   <requires rdf:resource="http://web.resource.org/cc/Notice" />
+   <requires rdf:resource="http://web.resource.org/cc/Attribution" />
+   <permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
+   <requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
+</License>
+
+</rdf:RDF>
+-->
+
+</body>
+</html>
+

live-cd-tree.d/_offline/doc/develo0.html

@@ -0,0 +1,173 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+	
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<title>CryptoBox</title>
+	<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
+	<meta content="" name="keywords" />
+	<meta name="description" content="a secure fileserver, live-CD, web front-end" />
+	<link rel="stylesheet" type="text/css" href="main.css" />
+</head>
+
+<body>
+<div class="container">
+
+	<div id="header"><!-- just the logo --></div>
+	<div class="navbar">
+	<p>
+		<a href="index.html">Home</a> |
+		<a href="news.html">News</a> |
+		<a href="downlo0.html">Download</a> |
+		<a href="support.html">Support</a> |
+		<a href="develo0.html">Development</a>
+	</p>
+</div>
+	<!-- content starts here -->
+	<div class="centercontent">
+	<h2>Contribute</h2>
+	<p>You are not just a consumer. At least not in the Open Source world.</p>
+	<p>There are various ways to take part in improving the CryptoBox
+		for all of us ...</p>
+</div>
+
+<div class="left">
+	<div class="leftcontent">
+		<h2>Overview</h2>
+		<ul>
+		<li><a href="http://translate.cryptobox.org/projects/cryptobox/">Translation</a></li>
+		<li><a href="http://devel.cryptobox.org/newticket">Bug Reports</a></li>
+		<li><a href="Crypto0.html"">User Documentation</a></li>
+		<li><a href="http://devel.cryptobox.org/">Development corner</a></li>
+		<li><a href="https://systemausfall.org/mail-archive/?0">Mailing list archive</a>
+		<li><a href="http://devel.cryptobox.org/file/trunk/README">README</a></li>
+		</ul>
+	</div>
+	
+	<div class="leftcontent">
+		<h2>Recent changes</h2>
+		<ul class="recent_changes">
+<li><p class="date">Thu, 22 Feb 2007 12:10:04 GMT</p><a href="http://devel.cryptobox.org/changeset/858">Changeset [858] by lars</a><p>
+added configobj to "acknowledgements" (they linked us, too)
+</p></li>
+<li><p class="date">Thu, 22 Feb 2007 10:57:16 GMT</p><a href="http://devel.cryptobox.org/changeset/857">Changeset [857] by pootle-translation</a><p>
+Commit from Thorax Translation Center by user fabrizio. 24 of 24 messages translated (0 fuzzy).
+</p></li>
+<li><p class="date">Thu, 22 Feb 2007 10:54:29 GMT</p><a href="http://devel.cryptobox.org/changeset/856">Changeset [856] by pootle-translation</a><p>
+Commit from Thorax Translation Center by user fabrizio. 2 of 2 messages translated (0 fuzzy).
+</p></li>
+<li><p class="date">Thu, 22 Feb 2007 05:30:56 GMT</p><a href="http://devel.cryptobox.org/ticket/45">Ticket #45 resolved: not clear if it works - but there is at least some documentation about how ...</a><p>
+not clear if it works - but there is at least some documentation about how to find it manually (since [<a title="updated offline documentation ..." href="http://devel.cryptobox.org/changeset/855">855</a>])
+</p></li>
+<li><p class="date">Thu, 22 Feb 2007 05:16:45 GMT</p><a href="http://devel.cryptobox.org/changeset/855">Changeset [855] by lars</a><p>
+updated offline documentation
+moved offline documentation to a higher directory
+updated autorun links
+added mirror script to integrate offline documentation into the current website layout
+</p></li></ul>
+
+	</div>
+	
+</div>
+
+
+<div class="content">
+	<h2>Translation center</h2>
+	<p>We want <i>you</i> to translate the CryptoBox!</p>