cryptonas/cryptonas-livecd
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Created new branch for Debian Live live-cd build system development. This

Browse source 
commit includes the default configuration files, which don't work with Debian 
"etch".
This commit is contained in:
frisco 2008-06-09 00:10:03 +00:00
commit ec818dbbc3
253 changed files with 6460 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

146
config/binary Normal file
View file

@ -0,0 +1,146 @@
# config/binary - options for live-helper(7), binary stage
# $LH_BINARY_FILESYSTEM: set image filesystem
# (Default: fat16)
LH_BINARY_FILESYSTEM="fat16"
# $LH_BINARY_IMAGES: set image type
# (Default: iso)
LH_BINARY_IMAGES="iso"
# $LH_BINARY_INDICES: set apt/aptitude generic indices
# (Default: enabled)
LH_BINARY_INDICES="enabled"
# $LH_BOOTAPPEND_LIVE: set boot parameters
# (Default: empty)
LH_BOOTAPPEND_LIVE=""
# $LH_BOOTAPPEND_INSTALL: set boot parameters
# (Default: empty)
LH_BOOTAPPEND_INSTALL="-- }"
# $LH_BOOTLOADER: set bootloader
# (Default: syslinux)
LH_BOOTLOADER="syslinux"
# $LH_CHECKSUMS: set checksums
# (Default: enabled)
LH_CHECKSUMS="enabled"
# ${LH_CHROOT_BUILD: control if we build binary images chrooted
# (Default: enabled)
# DO NEVER, *NEVER*, *N*E*V*E*R* SET THIS OPTION to disabled.
LH_CHROOT_BUILD="enabled"
# $LH_DEBIAN_INSTALLER: set debian-installer
# (Default: disabled)
LH_DEBIAN_INSTALLER="disabled"
# $LH_DEBIAN_INSTALLER_DAILY: set daily images
# (Default: disabled)
LH_DEBIAN_INSTALLER_DAILY="disabled"
# $LH_ENCRYPTION: set encrytion
# (Default: disabled)
LH_ENCRYPTION="disabled"
# $LH_GRUB_SPLASH: set custom grub splash
# (Default: empty)
LH_GRUB_SPLASH=""
# $LH_HOSTNAME: set hostname
# (Default: debian)
LH_HOSTNAME="debian"
# $LH_ISO_APPLICATION: set iso author
# (Default: Debian Live)
LH_ISO_APPLICATION="Debian Live"
# $LH_ISO_PREPARER: set iso preparer
# (Default: live-helper 1.0~a46; http://packages.qa.debian.org/live-helper)
LH_ISO_PREPARER="live-helper 1.0~a46; http://packages.qa.debian.org/live-helper"
# $LH_ISO_PUBLISHER: set iso publisher
# (Default: Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org)
LH_ISO_PUBLISHER="Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org"
# $LH_ISO_VOLUME: set iso volume (max 32 chars)
# (Default: Debian Live 20080608-17:04)
LH_ISO_VOLUME="Debian Live 20080608-17:04"
# $LH_JFFS2_ERASEBLOCK: set jffs2 eraseblock size
# (Default: unset)
LH_JFFS2_ERASEBLOCK=""
# $LH_MEMTEST: set memtest
# (Default: memtest86+)
LH_MEMTEST="memtest86+"
# $LH_NET_ROOT_FILESYSTEM: set netboot filesystem
# (Default: nfs)
LH_NET_ROOT_FILESYSTEM="nfs"
# $LH_NET_ROOT_MOUNTOPTIONS: set nfsopts
# (Default: empty)
LH_NET_ROOT_MOUNTOPTIONS=""
# $LH_NET_ROOT_PATH: set netboot server directory
# (Default: /srv/debian-live)
LH_NET_ROOT_PATH="/srv/debian-live"
# $LH_NET_ROOT_SERVER: set netboot server address
# (Default: 192.168.1.1)
LH_NET_ROOT_SERVER="192.168.1.1"
# $LH_NET_COW_FILESYSTEM: set net client cow filesystem
# (Default: nfs)
LH_NET_COW_FILESYSTEM="nfs"
# $LH_NET_COW_MOUNTOPTIONS: set cow mount options
# (Default: empty)
LH_NET_COW_MOUNTOPTIONS=""
# $LH_NET_COW_PATH: set cow directory
# (Default: )
LH_NET_COW_PATH=""
# $LH_NET_COW_SERVER: set cow server
# (Default: )
LH_NET_COW_SERVER=""
# $LH_NET_TARBALL: set net tarball
# (Default: gzip)
LH_NET_TARBALL="gzip"
# $LH_SYSLINUX_SPLASH: set custom syslinux splash
# (Default: empty)
LH_SYSLINUX_SPLASH=""
# $LH_SYSLINUX_TIMEOUT: set custom syslinux timeout in seconds
# (Default: 0)
LH_SYSLINUX_TIMEOUT="0"
# $LH_SYSLINUX_CFG: set custom syslinux configuration file
# (Default: empty)
LH_SYSLINUX_CFG=""
# $LH_SYSLINUX_MENU: set syslinux menu
# (Default: disabled)
LH_SYSLINUX_MENU="disabled"
# $LH_SYSLINUX_MENU_LIVE_ENTRY: set text to be used on the menu for live entries
# (Default: Start Debian Live)
LH_SYSLINUX_MENU_LIVE_ENTRY="Start Debian Live"
# $LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY: set text to be used on the menu for live entries (failsafe ones)
# (Default: )
LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY=""
# $LH_SYSLINUX_MENU_MEMTEST_ENTRY: set text to be used on the menu for memtest entry
# (Default: Memory test)
LH_SYSLINUX_MENU_MEMTEST_ENTRY="Memory test"
# $LH_USERNAME: set username
# (Default: user)
LH_USERNAME="user"

53
config/bootstrap Normal file
View file

@ -0,0 +1,53 @@
# config/bootstrap - options for live-helper(7), bootstrap stage
# $LH_ARCHITECTURE: select chroot architecture
# (Default: autodetected)
LH_ARCHITECTURE="i386"
# $LH_BOOTSTRAP_CONFIG: set distribution config directory
# (Default: empty)
LH_BOOTSTRAP_CONFIG=""
# $LH_BOOTSTRAP_INCLUDE: include packages on base
# (Default: empty)
LH_BOOTSTRAP_INCLUDE=""
# $LH_BOOTSTRAP_EXCLUDE: exclude packages on base
# (Default: empty)
LH_BOOTSTRAP_EXCLUDE=""
# $LH_BOOTSTRAP_FLAVOUR: select flavour to use
# (Default: )
LH_BOOTSTRAP_FLAVOUR=""
# $LH_BOOTSTRAP_KEYRING: set distribution keyring
# (Default: empty)
LH_BOOTSTRAP_KEYRING=""
# $LH_DISTRIBUTION: select distribution to use
# (Default: lenny)
LH_DISTRIBUTION="lenny"
# $LH_MIRROR_BOOTSTRAP: set mirror to bootstrap from
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_BOOTSTRAP="http://ftp.us.debian.org/debian/"
# $LH_MIRROR_CHROOT: set mirror to fetch packages from
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_CHROOT="http://ftp.us.debian.org/debian/"
# $LH_MIRROR_CHROOT_SECURITY: set security mirror to fetch packages from
# (Default: http://security.debian.org/)
LH_MIRROR_CHROOT_SECURITY="http://security.debian.org/"
# $LH_MIRROR_BINARY: set mirror which ends up in the image
# (Default: http://ftp.us.debian.org/debian/)
LH_MIRROR_BINARY="http://ftp.us.debian.org/debian/"
# $LH_MIRROR_BINARY_SECURITY: set security mirror which ends up in the image
# (Default: http://security.debian.org/)
LH_MIRROR_BINARY_SECURITY="http://security.debian.org/"
# $LH_SECTIONS: select section(s) to use
# (Default: main)
LH_SECTIONS="main"

61
config/chroot Normal file
View file

@ -0,0 +1,61 @@
# config/chroot - options for live-helper(7), chroot stage
# $LH_CHROOT_FILESYSTEM: set chroot filesystem
# (Default: squashfs)
LH_CHROOT_FILESYSTEM="squashfs"
# $LH_UNION_FILESYSTEM: set union filesystem
# (Default: aufs)
LH_UNION_FILESYSTEM="aufs"
# $LH_EXPOSED_ROOT: expose root as read only
# (Default: disabled)
LH_EXPOSED_ROOT="disabled"
# $LH_HOOKS: set hook commands
# (Default: empty)
LH_HOOKS=""
# $LH_INTERACTIVE: set interactive build
# (Default: disabled)
LH_INTERACTIVE="disabled"
# $LH_KEYRING_PACKAGES: set keyring packages
# (Default: empty)
LH_KEYRING_PACKAGES=""
# $LH_LANGUAGE: set language to use
# (Default: empty)
LH_LANGUAGE="en"
# $LH_LINUX_FLAVOURS: set kernel flavour to use
# (Default: autodetected)
LH_LINUX_FLAVOURS="486 686"
# $LH_LINUX_PACKAGES: set kernel packages to use
# (Default: autodetected)
LH_LINUX_PACKAGES="linux-image-2.6 aufs-modules-2.6 squashfs-modules-2.6"
# $LH_PACKAGES: set packages to install
# (Default: empty)
LH_PACKAGES=""
# $LH_PACKAGES_LISTS: set package list to install
# (Default: standard)
LH_PACKAGES_LISTS="standard"
# $LH_TASKS: set tasks to install
# (Default: empty)
LH_TASKS=""
# $LH_SECURITY: enable security updates
# (Default: enabled)
LH_SECURITY="enabled"
# $LH_SYMLINKS: enable symlink convertion
# (Default: disabled)
LH_SYMLINKS="disabled"
# $LH_SYSVINIT: enable sysvinit
# (Default: disabled)
LH_SYSVINIT="disabled"

123
config/common Normal file
View file

@ -0,0 +1,123 @@
# config/common - common options for live-helper(7)
# $LH_APT: set package manager
# (Default: apt)
LH_APT="apt"
# $LH_APT_FTP_PROXY: set apt/aptitude ftp proxy
# (Default: autodetected or empty)
LH_APT_FTP_PROXY=""
# $LH_APT_HTTP_PROXY: set apt/aptitude http proxy
# (Default: autodetected or empty)
LH_APT_HTTP_PROXY=""
# $LH_APT_PDIFFS: set apt/aptitude pdiff indices
# (Default: enabled)
LH_APT_PDIFFS="enabled"
# $LH_APT_PIPELINE: set apt/aptitude pipeline depth
# (Default: )
LH_APT_PIPELINE=""
# $LH_APT_RECOMMENDS: set apt/aptitude recommends
# (Default: enabled)
LH_APT_RECOMMENDS="enabled"
# $LH_APT_SECURE: set apt/aptitude security
# (Default: enabled)
LH_APT_SECURE="enabled"
# $LH_BOOTSTRAP: set bootstrap program
# (Default: debootstrap)
LH_BOOTSTRAP="debootstrap"
# $LH_CACHE: control cache
# (Default: enabled)
LH_CACHE="enabled"
# $LH_CACHE_INDICES: control if downloaded package indices should be cached
# (Default: disabled)
LH_CACHE_INDICES="disabled"
# $LH_CACHE_PACKAGES: control if downloaded packages files should be cached
# (Default: enabled)
LH_CACHE_PACKAGES="enabled"
# $LH_CACHE_STAGES: control if completed stages should be cached
# (Default: bootstrap)
LH_CACHE_STAGES="bootstrap"
# $LH_DEBCONF_FRONTEND: set debconf(1) frontend to use
# (Default: noninteractive)
LH_DEBCONF_FRONTEND="noninteractive"
# $LH_DEBCONF_NOWARNINGS: set debconf(1) warnings
# (Default: yes)
LH_DEBCONF_NOWARNINGS="yes"
# $LH_DEBCONF_PRIORITY: set debconf(1) priority to use
# (Default: critical)
LH_DEBCONF_PRIORITY="critical"
# $LH_INITRAMFS: set initramfs hook
# (Default: live-initramfs)
LH_INITRAMFS="live-initramfs"
# $LH_FDISK: set fdisk program
# (Default: autodetected)
LH_FDISK="fdisk"
# $LH_LOSETUP: set losetup program
# (Default: autodetected)
LH_LOSETUP="losetup"
# $LH_MODE: set distribution mode
# (Default: debian)
LH_MODE="debian"
# $LH_ROOT_COMMAND: use sudo or equivalent
# (Default: empty)
#LH_ROOT_COMMAND="sudo"
# $LH_USE_FAKEROOT: use fakeroot/fakechroot
# (Default: disabled)
LH_USE_FAKEROOT="disabled"
# $LH_TASKSEL: set tasksel program
# (Default: aptitude)
LH_TASKSEL="aptitude"
# $LH_INCLUDES: set includes
# (Default: /usr/share/live-helper/includes)
LH_INCLUDES="/usr/share/live-helper/includes"
# $LH_TEMPLATES: set templates
# (Default: /usr/share/live-helper/templates)
LH_TEMPLATES="/usr/share/live-helper/templates"
# Live-helper options
# $LH_BREAKPOINTS: enable breakpoints
# (Default: disabled)
#LH_BREAKPOINTS="disabled"
# $LH_DEBUG: enable debug
# (Default: disabled)
#LH_DEBUG="disabled"
# $LH_FORCE: enable force
# (Default: disabled)
#LH_FORCE="disabled"
# $LH_QUIET: enable quiet
# (Default: disabled)
LH_QUIET="disabled"
# $LH_VERBOSE: enable verbose
# (Default: disabled)
#LH_VERBOSE="disabled"
# Internal stuff (FIXME)
APT_OPTIONS="--yes"
APTITUDE_OPTIONS="--assume-yes"

9
config/source Normal file
View file

@ -0,0 +1,9 @@
# config/source - options for live-helper(7), source stage
# $LH_SOURCE: set source option
# (Default: disabled)
LH_SOURCE="disabled"
# $LH_SOURCE_IMAGES: set image type
# (Default: tar)
LH_SOURCE_IMAGES="tar"

30
configure-examples.d/README Normal file
View file

@ -0,0 +1,30 @@
1) Overview
the files in this directory are examples for specific hook scripts to change the
configuration of the box
2) How to use these scripts
Copy the scripts, you would like to use into 'configure-local.d'.
They will be sourced in alphabetic order AFTER the default configuration of the
cryptobox.
3) The examples
set_root_pw
- replace the empty root password (the default) with a choosen password
- useful if your development cryptobox:
- is located in an insecure environment
- or your development team is geographically distributed, so the
cryptobox for testing has to be publicly available
import_authorized_keys
- create a new rsa key (etc-local.d/id_rsa) and copy the public
key to the image directory
- this is useful, if you secured the development cryptobox with a
password (see 'set_root_pw')
set_hostname
- change the default hostname ("cryptobox")
set_scan_devices
- change the default selection of devices, that can be used as the crypto harddisk

19
configure-examples.d/import_authorized_keys Normal file
View file

@ -0,0 +1,19 @@
# import a public rsa key into the cryptobox for ssh authentication
#
# see README in configure-examples.d for details
#
SSH_KEY_FILE="$LOCALCONF_DIR/id_rsa"
# create a rsa key if it does not yet exist
if [ ! -e "$SSH_KEY_FILE" ]
then echo "Creating ssh key ($SSH_KEY_FILE) ..."
mkdir -p $(dirname "$SSH_KEY_FILE")
ssh-keygen -t rsa -b 1024 -N '' -q -f "$SSH_KEY_FILE"
fi
# copy new public ssh key to ~/.ssh/authorized_keys on cryptobox
echo "Copying local public ssh key file to the box ..."
mkdir -p "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh"
cp "${SSH_KEY_FILE}.pub" "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh/authorized_keys"

4
configure-examples.d/set_allowed_devices Normal file
View file

@ -0,0 +1,4 @@
# change the selection of devices, that can be used as the crypto harddisk
sed -i 's#^AllowedDevices.*$#AllowedDevices = /dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3#' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf"

4
configure-examples.d/set_disabled_plugins Normal file
View file

@ -0,0 +1,4 @@
# change the selection of disabled plugins
sed -i 's#^DisabledPlugins.*$#DisabledPlugins = #' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf"

4
configure-examples.d/set_hostname Normal file
View file

@ -0,0 +1,4 @@
# change the hostname (default value: "cryptobox")
echo "cryptobox" >"$IMAGE_DIR"/etc/hostname

11
configure-examples.d/set_root_pw Normal file
View file

@ -0,0 +1,11 @@
# replace the empty root password of an development cryptobox with a choosen one
#
# see misc/custom-configure.d/README for details
#
# set the password to your needs
NEW_ROOT_PASSWORD=foobar
echo "Setting a root password ..."
echo "root:$NEW_ROOT_PASSWORD" | chroot "$IMAGE_DIR" "$CHROOTSTART" chpasswd root

BIN
cover/antlogo-big.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 42 KiB

BIN
cover/antlogo-big.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 52 KiB

BIN
cover/antlogo-small.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 7 KiB

BIN
cover/cover_de.odt Normal file
View file

Binary file not shown.

BIN
cover/cover_de.pdf Normal file
View file

Binary file not shown.

BIN
cover/cover_en.odt Normal file
View file

Binary file not shown.

BIN
cover/cover_en.pdf Normal file
View file

Binary file not shown.

4
etc-defaults.d/README Normal file
View file

@ -0,0 +1,4 @@
this directory contains some configuration files for the development of the CryptoBox
If you want to use different local settings, then you should copy the respective
configuration file to the directory "etc-local.d" and adapt it to your needs.

54
etc-defaults.d/cbox-dev.conf Normal file
View file

@ -0,0 +1,54 @@
# some local settings for cbox-build.sh and validate.sh
#
# previously defined settings:
# - ROOT_DIR
#
####################### cbox-build ########################
# the build directory (will be ERASED without warning)
BUILD_DIR="$ROOT_DIR/_builddir"
# the cryptobox development files
CBOX_DEVEL_DIR=$ROOT_DIR/cbox-tree.d
# template for live-cd
TEMPLATE_DIR=$ROOT_DIR/live-cd-tree.d
# the iso image
IMAGE_FILE=$BUILD_DIR/cryptobox.iso
# temporary directory
TMP_DIR=/tmp/$(basename $0)-$$
# the virtual harddisk image used for qemu
HD_IMAGE=/tmp/$(basename $0)-testplatte.img
# mkisofs options (the option "-U" is not clean, but it prevents long
# filenames from getting mapped)
# TODO: this may prevent windows user from reading the documentation
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
# for burning a CD
CDWRITER=0,0,0
####################### validation ########################
# language of validation (select web interface language)
VALIDATE_LANGUAGE=en
# directory of the test-cases
VALIDATE_TEST_CASES_DIR=$ROOT_DIR/validation/test-cases
# override these settings if the CryptoBox uses a non-default IP
VALIDATE_HOST_IP_DEFAULT=192.168.0.23
VALIDATE_HOST_IP_CHANGED=192.168.0.24
# destination directories for the results
VALIDATE_REPORT_DIR=/tmp/cryptobox-validation-$$
VALIDATE_REPORT_DIR=$ROOT_DIR/validation/report
VALIDATE_SUMMARY_TEMPLATE_DIR=$ROOT_DIR/validation/templates

236
etc-defaults.d/dfs-cbox.conf Normal file
View file

@ -0,0 +1,236 @@
# arch-tag: Default configuration file
# Copyright (c) 2004 John Goerzen
[DEFAULT]
######################################################################
# Overall settings, set defaults for all archs
######################################################################
# Name of generated disc & hostname
# BEWARE: hostname does not work - you have to set the hostname manually at the end of this file
name = CryptoBox
# Version of generated disc
version = 0.3.4
# Person that built it
builder = sense.lab
# Repositories to mirror. Details about each one are configured below.
dlrepos = stable
# Repository to build the CD with. Must be in above list.
suite = stable
# Whether or not to use zftree compression on ISO image
compress = no
# Files to never compress if the above is yes
# If a dir is given, that dir and everything below is not compressed
dontcompress = /boot
/etc/*boot*
/opt/dfsruntime/initrd.dfs
# Location of dfsbuild support files
libdir = /usr/lib/dfsbuild
# Location of docs for CD
docdir = /usr/share/doc/dfsbuild
# Bootloader to place on CD. Choices are:
# grub-hd GRUB with ElTorito hard disk emulation (not working yet)
# grub-no-emul "raw" ElTorito image
# aboot Alpha SRM bootloader
# yaboot PowerPC bootloader
# (usually set in arch area)
#bootloader = grub-no-emul
# Packages to install on live FS, on all archs, besides base system
allpackages =
util-linux
grub
parted
dmsetup
perl
tar
bash
coreutils
module-init-tools
ifupdown
busybox
usbutils
pciutils
discover
hdparm
binutils
debconf
sysutils
stunnel4
samba
hashalot
python-clearsilver
python-cherrypy
python-configobj
python-central
super
dosfstools
cryptsetup
python-m2crypto
# support for file systems
e2tools
e2fsprogs
xfsprogs
hfsutils
jfsutils
## ntfs-3g is not in etch
#ntfs-3g
# TODO: remove the following packages for the final version
subversion
strace
ssh
vim
nano
less
lynx
w3m
screen
elinks
# select a mirror for the repository (apt-cacher, apt-proxy, no caching) by
# uncommenting the line of your choice
# (1) apt-cacher (default)
mirror = http://127.0.0.1/apt-cacher/ftp.debian.org/debian
# (2) apt-proxy
#mirror = http://127.0.0.1:9999/debian
# (3) no caching proxy for apt
#mirror = http://ftp.debian.org/debian
# Files to place on the ramdisk
ramdisk_files = /etc/resolv.conf
/etc/lvm*
/tmp
/var/tmp
/dev
/var/lib/dhcp
/var/lib/samba
/var/log
/var/cache/samba
/var/lock
/var/run
/var/state
/etc/mtab
/root
/etc/network
/var/lib/misc
/var/lib/urandom
#/etc/hotplug/.run
/var/spool/cron
# Directories to create on live fs
makedirs =
# Files to delete from live fs
deletefiles = /etc/rcS.d/*discover
/etc/rcS.d/*lvm
/var/log/dpkg.log
/var/log/bootstrap.log
preparescripts =
../scripts/prepare_target.sh
cleanupscripts =
../scripts/cleanup_target.sh
######################################################################
# Arch settings: i386
######################################################################
[i386]
# Name of any kernel images to install directly from your current filesystem
#kernels = /boot/vmlinuz-2.4.27-2-386
# Modules to copy from host filesystem
#modules = /lib/modules/2.4.27-2-386
# Debs from local fs to unpack on live FS (will not be configured)
unpackdebs =
../packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb
# Other packages to install besides the list in DEFAULT
packages = %(allpackages)s
# Debs from local fs to install on live fs
## fetch newest ntfs-3g from debian backports
installdebs =
../packages/cryptobox-server.deb
../packages/ntfs-3g_1%3a1.516-1~bpo.1_i386.deb
# Bootloader (see options under default)
bootloader = grub-no-emul
# Extra lines for grub config
grubconfig = timeout 0
password -md5 this_invalid_hash_protects_grub_config
#####################################################################
# Repository configuration
######################################################################
# Repositories to download
[repo testing]
suite = testing
[repo amd64]
suite = unstable
# Override default mirror
#mirror = http://debian-amd64.alioth.debian.org/pure64/
# Override default arch
arch = amd64
######################################################################
# Text to add to existing files
######################################################################
[appendfiles]
/etc/network/interfaces =
auto lo eth0
iface lo inet loopback
iface eth0 inet static
address 192.168.0.23
netmask 255.255.255.0
# /etc/modules =
/etc/profile = export TERM=vt100
######################################################################
# Files to create or truncate
######################################################################
[createfiles]
/etc/hostname = CryptoBox
/etc/syslog.conf = *.* /dev/tty8
*.info /dev/tty7
/etc/hosts = 127.0.0.1 localhost
/etc/kernel-img.conf = do_initrd = Yes
# exit the samba startup script during install immediately - otherwise
# there would be /proc problems - it will get replaced later via
# live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh
/etc/default/samba = exit
######################################################################
# Symlinks to create (from = to format)
######################################################################
# this does not work anymore
#[symlinks]
#/etc/mtab = /proc/mounts

BIN
etc-defaults.d/qemu-ifup Executable file
View file

Binary file not shown.

55
etc-defaults.d/qemu-ifup.default Executable file
View file

@ -0,0 +1,55 @@
#!/bin/sh
#
# this is the qemu-ifup script that should be run at qemu's boot
#
# determine the interface to the outside
IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/ */ /g" | cut -d " " -f 8 | head -1`
# nothing found? - sorry!
[ -z "$IF_WORLD" ] && IF_WORLD=eth0
if [ "$UID" -ne 0 ]
then sudo $0 $*
exit 0
fi
echo "Laufe als root ..."
IPT=/sbin/iptables
[ ! -x $IPT ] && IPT=/usr/sbin/iptables
IPT_RULES=" FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
INPUT -i tun0 -j ACCEPT
OUTPUT -o tun0 -j ACCEPT"
aktiviere_forward()
{
echo "$IPT_RULES" | while read a
do $IPT -A $a
done
echo 1 >/proc/sys/net/ipv4/ip_forward
}
deaktiviere_forward()
{
echo "$IPT_RULES" | while read a
do $IPT -D $a
done
echo 0 >/proc/sys/net/ipv4/ip_forward
}
case "$1" in
stop )
deaktiviere_forward
#/etc/init.d/dhcp stop
;;
* )
/sbin/ifconfig $1 192.168.0.1
#/etc/init.d/dhcp start
aktiviere_forward
;;
esac

17
etc-defaults.d/ssh-options.default Normal file
View file

@ -0,0 +1,17 @@
Host cryptobox
# change this part according to your needs
HostName 192.168.0.23
Port 22
# maybe you want to use rsa authentication?
# see misc/custom-configure.s/README for examples
#IdentityFile local.conf.d/id_rsa
# this should be valid for everyone
User root
CheckHostIP no
StrictHostKeyChecking no
# nice for frequently changing server key due to a rebuild of the base system
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts

17
etc-defaults.d/ssh_config Normal file
View file

@ -0,0 +1,17 @@
Host cryptobox
# change this part according to your needs
HostName 192.168.0.23
Port 22
# maybe you want to use rsa authentication?
# see configure-examples.d/README for examples
IdentityFile local.conf.d/id_rsa
# this should be valid for everyone
User root
CheckHostIP no
StrictHostKeyChecking no
# nice for frequently changing server key due to a rebuild of the base system
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts

6
hints/codecoop-website-upload.txt Normal file
View file

@ -0,0 +1,6 @@
by scp or webdav - the last one is the better choice
1) webdav
apt-get install davfs2
modprobe coda
mount -t davfs https://upload.codecoop.org/groups/cryptobox/ /mnt/ttt

5
hints/dev-requirements Normal file
View file

@ -0,0 +1,5 @@
developer requirements:
- dfsbuild
- wget
- curl
- (qemu)

13
hints/dfsbuild-patching.txt Normal file
View file

@ -0,0 +1,13 @@
The current official debian package of dfsbuild (v0.99.2) is not working due
to three ugly but small bugs.
If you are using dfsbuild v0.99.2, then you should do the following:
- create a new directory and change into it
- apt-get source dfsbuild
- apply all dfsbuild-bug-?.patch files to the source directory
- debuild -uc -us
- install the freshly built package
Alternatively you could also install the patched version:
packages/dfsbuild_0.99.2.1_i386.deb

26
hints/install_clearsilver.txt Normal file
View file

@ -0,0 +1,26 @@
as there is no debian-package for the perl bindings of clearsilver, you have to add it manually to the tree of the cbox-tree
1) download
- get it from: http://www.clearsilver.net/downloads
- unpack (tar xzf . ...)
2) configuration
./configure --disable-python --disable-ruby --disable-csharp --disable-apache --disable-java --disable-compression --enable-perl --enable-gettext --prefix=/tmp/clearsilver-perl
3) fix a problem in scripts/document.py
change the first line to "#!/usr/bin/env python"
4) build it
- make
- make install
5) cp to the cbox
cp -a /tmp/clearsilver-perl/local/lib/perl/5.8.7/. cryptobox.conf.d/usr/lib/perl5
rm cryptobox.conf.d/usr/lib/perl5/perllocal.pod
6) dependencies
add python-clearsilver to the box (dfsbuild.conf)

23
hints/kernel-build.txt Normal file
View file

@ -0,0 +1,23 @@
Hints for building and integrating a new kernel into the cryptobox:
1) get the source
download it from http://kernel.org (at least 2.6.11)
2) configure
- copy the current kernel config from the cryptobox/trunk/kernel
directory to the kernel source directory as ".config" (the .config
can also be found in the current kernel-image-cryptoboxX.Y.deb packagefile)
- make menuconfig
- make-kpkg --rootcmd fakeroot --revision=cryptoboxY.X kernel_image
(replace "Y.X" by the current cryptobox release)
3) integrating
- copy the debian kernel package (see above) and the config file to cryptobox/trunk/kernel
- change the "unpackdebs" setting in cryptobox/trunk/etc-default.d/dfs-cbox.conf
- add the new kernel package and the config file to the repository (svn add)
4) afterwork
- run "cryptobox/trunk/scripts/cbox-build.sh dfsbuild" to create a fresh base system
including the new kernel
- test the box with your new kernel
- enjoy it! :)

56
hints/patches/dfsbuild-bugs-1.patch Normal file
View file

@ -0,0 +1,56 @@
## fixed bugs:
## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404563
## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404555
diff -ruN dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs
--- dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs 2006-04-20 00:10:11.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs 2007-01-02 00:56:45.000000000 +0100
@@ -40,8 +40,11 @@
grub_generic env =
do createDirectory (targetdir env ++ "/boot/grub") 0o755
- grubfiles <- glob "/lib/grub/*/*"
- safeSystem "cp" $ ["-rv"] ++ grubfiles ++ [targetdir env ++ "/boot/grub/"]
+ -- since etch (Debian 4.0) grub files are located in /usr/lib instead of /lib
+ grubfiles_pre_etch <- glob "/lib/grub/*/*"
+ grubfiles_since_etch <- glob "/usr/lib/grub/*/*"
+ safeSystem "cp" $ ["-rv"] ++ grubfiles_pre_etch ++ grubfiles_since_etch ++
+ [targetdir env ++ "/boot/grub/"]
menuText <- grubMenu env
writeFile (targetdir env ++ "/boot/grub/menu.lst") menuText
diff -ru dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs
--- dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs 2006-04-20 00:10:11.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs 2007-01-01 22:09:26.000000000 +0100
@@ -33,7 +33,7 @@
archargs ++ debugargs ++ ["-d", suite, targetdir env, mirror]
-- Next, copy them into the mirror.
codename <- getCodeName
- (targetdir env ++ "/var/cache/bootstrap/Release")
+ (targetdir env ++ "/var/cache/bootstrap/")
dm $ "Codename for this is " ++ codename
mapM_ (\x -> handle (\_ -> return ()) (createDirectory x 0o755))
[mirrordir, mirrordir ++ "/conf"]
diff -ru dfsbuild.orig/dfsbuild-0.99.2/Utils.hs dfsbuild/dfsbuild-0.99.2/Utils.hs
--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs 2006-04-20 00:10:11.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/Utils.hs 2007-01-01 22:40:34.000000000 +0100
@@ -16,6 +16,7 @@
import MissingH.ConfigParser
import MissingH.Cmd
import System.IO.Unsafe
+import System.IO.Error
import Text.Regex
import MissingH.Path.FilePath
import System.Directory(doesFileExist)
@@ -72,7 +73,11 @@
getCodeName :: FilePath -> IO String
getCodeName fp =
- do c <- readFile fp
+ do c_old <- System.IO.Error.catch (readFile (fp ++ "Release"))
+ (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e)
+ c_new <- System.IO.Error.catch (readFile (fp ++ "_dists_._Release"))
+ (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e)
+ c <- if length(c_old) > 0 then return c_old else return c_new
let cr = mkRegex "Codename: ([a-z]+)"
case matchRegex cr c of
Just [cn] -> return cn

60
hints/patches/dfsbuild-bugs-2.patch Normal file
View file

@ -0,0 +1,60 @@
## this patch allows the addition of custom scripts to prepare/cleanup the target
## directory before/after package installation
## it is necessary for the samba package as it requires /proc/ during installation
--- dfsbuild.orig/dfsbuild-0.99.2/Actions.hs 2006-04-20 00:10:11.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/Actions.hs 2007-01-03 15:36:59.000000000 +0100
@@ -43,6 +43,11 @@
finished Bootstrapped
Bootstrapped -> -- Time to install shared files
do installlib env
+ finished EnvironmentPrepared
+ EnvironmentPrepared -> -- execute configurable hook scripts
+ do im $ "Executing preparation scripts"
+ mapM_ (safeSystem `flip` [ targetdir env ])
+ (splitWs $ eget env "preparescripts")
finished LibsInstalled
LibsInstalled -> -- Install additional packages
do installpkgs env
@@ -68,6 +73,11 @@
do safeSystem "mkcramfs" [(targetdir env) ++ "/opt/initrd",
(targetdir env) ++ "/boot/initrd.dfs"]
recursiveRemove SystemFS $ (targetdir env) ++ "/opt/initrd"
+ finished EnvironmentCleaned
+ EnvironmentCleaned -> -- execute configurable hook scripts
+ do im $ "Executing preparation scripts"
+ mapM_ (safeSystem `flip` [ targetdir env ])
+ (splitWs $ eget env "cleanupscripts")
finished RamdiskBuilt
RamdiskBuilt -> -- Install the bootloader
do (isoargs, blfunc) <- Bootloader.install env
--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs 2007-01-01 23:06:17.000000000 +0100
+++ dfsbuild/dfsbuild-0.99.2/Utils.hs 2007-01-03 15:33:00.000000000 +0100
@@ -30,10 +31,10 @@
marker :: String,
datestr :: String}
-data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | Installed
- | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped
+data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | EnvironmentPrepared
+ | Installed | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped
| RDPrepped
- | KernelsInstalled | RamdiskBuilt | BootloaderInstalled
+ | KernelsInstalled | EnvironmentCleaned | RamdiskBuilt | BootloaderInstalled
deriving (Eq, Show, Read, Ord)
im = infoM "dfs"
--- dfsbuild.orig/dfsbuild-0.99.2/dfs.cfg 2006-07-02 01:46:22.000000000 +0200
+++ dfsbuild/dfsbuild-0.99.2/dfs.cfg 2007-01-03 15:40:22.000000000 +0100
@@ -115,6 +115,12 @@
/var/log/dpkg.log
/var/log/bootstrap.log
+# Scripts that should be executed after bootstrapping and before package installation
+#preparescripts =
+
+# Scripts that should be executed after package installation and before iso generation
+#cleanupscripts =
+
######################################################################
# Arch settings: i386
######################################################################

51
hints/release-policy.txt Normal file
View file

@ -0,0 +1,51 @@
For a new live-CD follow steps 1a and 2a.
For a language update live-CD follow steps 1b and 2b.
0) manually update files:
- ntfs-3g debian package (from lenny)
1a) set current version
- cover/cover_[en|de].[odt|pdf]
- etc/defaults.d/dfs-cbox.conf (version setting)
1b) upgrade language files of an old live-cd
- rm -rf _builddir/
- mount -o loop old_live_cd.iso /mnt/ttt
- cp -a /mnt/ttt _builddir/target
- update all binary language files by issuing scripts/update_po_files.py
in the project's language branch
- copy all language files (*.mo) of the updated languages to
_builddir/target/usr/locale/....
- update the list of available languages in
_builddir/target/etc/cryptobox-server/cryptobox.conf
- update the version in _builddir/target/boot/grub/menu.lst
- update cover/conver_[en|de].[swx|pdf]
2a) build image
- 'scripts/cbox-build.sh release'
2b) build image and create signatures
- 'scripts/cbox-build.sh isoz'
- cd _builddir
- sha1sum ISO_FILE > ISO_FILE.sha1sum
- md5sum ISO_FILE > ISO_FILE.md5sum
3) release notes
- update website
- update CHANGELOG
4) upload to codecoop
- check the validity of your ssh-key in your codecoop user account
- type "scp $FILE $USERNAME@shell.codecoop.org:."
- upload a dummy file with the same name via upload-web-interface to codecoop
- ask Jan Kanzleiter <idfx_at_codecoop.org> to replace the dummy with the
scp-file and to manually set the filesize (otherwise: it is not displayed at all)
- upload the checksumfile created by "md5sum cryptobox_vY.X.iso >cryptobox_vY.X.iso.md5sum"
- add release notes and changelog
- upload cover_[en|de].pdf
5) release announcement
- http://codecoop.org
- http://distrowatch.com
- http://livedistro.org
- http://linuxlinks.com

7
hints/starting_uml.txt Normal file
View file

@ -0,0 +1,7 @@
# sample startup file for running the cryptobox in a user-mode-linux environment
#
# it does not work, as the dfsbuild-cd-image is not being recognized during boot
#
# just as a reminder ...
#
kernel/uml-kernel-2.6.12.3-cryptobox dfscd=/dev/ubd1 ubd1r=_builddir/cd1/image.iso ubd0=_builddir/cd1/image-working/opt/dfsruntime/initrd.dfs con=null con0=fd:0,fd:1

27
hints/trac-wiki.txt Normal file
View file

@ -0,0 +1,27 @@
some useful macros:
* [[TOC]] - at the beginning of the document
* [[AutoNav]] - below [[TOC]], followed by a line with "----"
* [[AddComment]] - at the end of the page (below "----")
* [[WikiInclude($PAGENAME)]] - include another wiki page
* [[redirect(wiki:$PAGENAME)]] - redirect to another page (useful to redirect to default lang)
* [[Image(file/trunk/cbox-tree.d/var/www/cryptobox-img/screenshots/$NAME)]] - beware: you may use "wiki" or "ticket" instead of "file" - very unusual syntax
* [[FootNote(Text)]] - creates a reference to a footnote - the list of footnotes is expanded by "[[FootNote]]"
special things:
* the first level heading ("= TEXT =") is considered as the page title - only lower level headings will be a part of the table of contents
* links like "CryptoBoxUser/de" are not recogniced - use "[wiki:CryptoBoxUser/de CryptoBoxUser]" instead
* for a deeper level of items or enumerations, you have to add two(!) additional spaces in front of the symbol ("*" or "1.") - this is obviously strange ...
default page layout:
[[TOC]]
[[AutoNav]]
----
= Title =
== Heading ... ==
...
----
== Comments ==
[[AddComment]]

79
live-cd-tree.d/_offline/doc/Crypto0.html Normal file
View file

@ -0,0 +1,79 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="UserDocumentation">User Documentation</h1>
<p>
The following pages are describing the basic usage of the CryptoBox live-CD.
</p>
<p>
The online version of this manual is a wiki, which means you can help improving the pages. If you have a question regarding the documentation, please post it on the bottom of the relevant page. The developers will answer your questions and update the manual as fast as possible.
</p>
<h2 id="Documentationforxreleases">Documentation for 0.3.x releases</h2>
<ol><li><a href="doc_0.0.html">CryptoBoxUserGettingStarted</a> -- first steps to get the Cryptobox up and running
</li><li><a href="doc_0.1.html">CryptoBoxUserDailyUse</a> -- how to access your encrypted data
</li></ol>
<p>
At the moment there is no automatic way of using an encrypted disk of the 0.2 series in a !Cryptobox running the 0.3 series. That's because we did a major redesign of the CryptoBox functionality within the last year. We're sorry for the unconveniance!
</p>
<h2 id="FrequentlyAskedQuestions">Frequently Asked Questions</h2>
<ul><li><a href="faq.html">FAQ</a>
</li></ul></div>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

BIN
live-cd-tree.d/_offline/doc/activa0.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 84 KiB

93
live-cd-tree.d/_offline/doc/cartoon.html Normal file
View file

@ -0,0 +1,93 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>What does the CryptoBox do?</h2>
<p>Usually all your files like phone numbers, love letters, bank
account data etc. are stored in plaintext on your computer's
harddisk.
All the data is accessible for everyone who has access to the harddisk.
This is very bad in case someone you don't trust gets your harddisk.
E.g. a thief that steals your notebook, or breaks into your house or company.
If the thief has your disk he/she can also read all the files that
where saved on it, no matter whether you have a login password or not -
the files are always stored in plaintext.
</p>
<p>The <b>CryptoBox</b> brings easy-to-use data encryption to your
computer. This works out of the box and does not need complicated
configuration steps.</p>
<p>Here comes a small usage example for the CryptoBox with an obsolete
PC as a fileserver:</p>
<p>Boot up the old PC with the CryptoBox live-CD.
Now you can access it with your browser via the network.
Then you partition and reformat the harddisk of the old
PC with encryption support. Therefore you provide a passphrase.
This is all done through the user friendly webinterface.
You can also plug in an external harddisk and use this to store
your encrypted data.
Afterwards you copy your sensitive data over the local
network to the CryptoBox.
It is stored on its harddisk in a secure way.
Nobody can access your data without the right passphrase.
</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

135
live-cd-tree.d/_offline/doc/details.html Normal file
View file

@ -0,0 +1,135 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="left">
<div class="leftcontent">
<h2>You are server admin?</h2>
<p>Take a look at the <a
href="http://devel.cryptobox.org/file/trunk/README">README
file</a>. There you find more detailed information about the
installation and configuration of the CryptoBox-Server
package.</p>
</div>
</div>
<div class="content">
<h2>Requirements for the CryptoBox live-CD</h2>
<p>The <i>CryptoBox live-CD</i> runs on any x86 compatible PC with:</p>
<ul>
<li>CPU: min. 200MHz</li>
<li>RAM: 64 MB</li>
<li>CD-ROM drive</li>
<li>a network connection</li>
<li>a harddisk for your data</li>
</ul>
<p>The harddisk does not need to inside the of CryptoBox computer. You
can also use external devices like USB-drives.
All drives supported by the Linux kernel (2.6.20) can be used: IDE,
SCSI, USB, FireWire, SATA, RAID, ...</p>
<p>Because of the high number of different supported storage media
we call an encrypted disk a <i>volume</i>.
This includes (e.g.): USB-sticks, firewire-disks, flash-drives, digital cameras,
MP3-player, MMC/SD-cards.</p>
</div>
<div class="content">
<h2>Requirements of the CryptoBox-Server</h2>
<p>The <i>CryptoBox-Server</i> package can be installed on any system with at least:</p>
<ul>
<li>Linux kernel 2.6</li>
<li>cryptsetup with LUKS support</li>
<li>kernel support for the <i>crypt</i> target of the <i>device mapper</i></li>
<li>Python 2.4</li>
</ul>
<p>In general a server package should run on any Linux
distribution, but we only provide Debian packages. So you have to
install the necessary files on your own to the right places if
you are using a different linux distribution.</p>
</div>
<div class="content">
<h2>File access</h2>
<p>Once you openend an encrypted volume through the web frontend of
the <i>CryptoBox</i> you can access the volume's data within your local
network via:</p>
<ul>
<li>Samba shares (also known as: <i>windows network share</i>)</li>
<!-- <li>WebDAV (aka: <i>web folder</i>)</li>
<li>nfs (*nix file sharing)</li> -->
</ul>
<p>The <i>CryptoBox-Server</i> package will smoothly integrate into your existing
fileserver. It provides mount points which can be shared via your
favourite protocols (e.g.: WebDAV or NFS).</p>
</div>
<div class="content">
<h2>Encryption</h2>
<p>The encrypted disk partitions are <a href="http://luks.endorphin.org/">LUKS</a>
volumes. This makes it also possible to access your data directly with
every modern linux system or via <a href="http://freeotfe.org/">FreeOTFE</a>
(for Microsoft products).</p>
<p>You can select your favourite encryption algorithm from all
ciphers supported by the linux kernel. The default is
<i>aes-cbc-essiv:sha256</i> (AES in CBC mode with ESSIV based on
SHA256).</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

173
live-cd-tree.d/_offline/doc/develo0.html Normal file
View file

@ -0,0 +1,173 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>Contribute</h2>
<p>You are not just a consumer. At least not in the Open Source world.</p>
<p>There are various ways to take part in improving the CryptoBox
for all of us ...</p>
</div>
<div class="left">
<div class="leftcontent">
<h2>Overview</h2>
<ul>
<li><a href="http://translate.cryptobox.org/projects/cryptobox/">Translation</a></li>
<li><a href="http://devel.cryptobox.org/newticket">Bug Reports</a></li>
<li><a href="Crypto0.html"">User Documentation</a></li>
<li><a href="http://devel.cryptobox.org/">Development corner</a></li>
<li><a href="https://systemausfall.org/mail-archive/?0">Mailing list archive</a>
<li><a href="http://devel.cryptobox.org/file/trunk/README">README</a></li>
</ul>
</div>
<div class="leftcontent">
<h2>Recent changes</h2>
<ul class="recent_changes">
<li><p class="date">Thu, 22 Feb 2007 12:10:04 GMT</p><a href="http://devel.cryptobox.org/changeset/858">Changeset [858] by lars</a><p>
added configobj to "acknowledgements" (they linked us, too)
</p></li>
<li><p class="date">Thu, 22 Feb 2007 10:57:16 GMT</p><a href="http://devel.cryptobox.org/changeset/857">Changeset [857] by pootle-translation</a><p>
Commit from Thorax Translation Center by user fabrizio. 24 of 24 messages translated (0 fuzzy).
</p></li>
<li><p class="date">Thu, 22 Feb 2007 10:54:29 GMT</p><a href="http://devel.cryptobox.org/changeset/856">Changeset [856] by pootle-translation</a><p>
Commit from Thorax Translation Center by user fabrizio. 2 of 2 messages translated (0 fuzzy).
</p></li>
<li><p class="date">Thu, 22 Feb 2007 05:30:56 GMT</p><a href="http://devel.cryptobox.org/ticket/45">Ticket #45 resolved: not clear if it works - but there is at least some documentation about how ...</a><p>
not clear if it works - but there is at least some documentation about how to find it manually (since [<a title="updated offline documentation ..." href="http://devel.cryptobox.org/changeset/855">855</a>])
</p></li>
<li><p class="date">Thu, 22 Feb 2007 05:16:45 GMT</p><a href="http://devel.cryptobox.org/changeset/855">Changeset [855] by lars</a><p>
updated offline documentation
moved offline documentation to a higher directory
updated autorun links
added mirror script to integrate offline documentation into the current website layout
</p></li></ul>
</div>
</div>
<div class="content">
<h2>Translation center</h2>
<p>We want <i>you</i> to translate the CryptoBox!</p>
<p>This way you can help others to access the CryptoBox in their native language.
The <a href="http://translate.cryptobox.org/projects/cryptobox/">translation center</a> serves
this purpose. Just register and use the webinterface for translations.
It features a nice, motivating progress bar.</p>
<p>For any questions send a mail to <a
href="mailt&#x006F;:info&#x0040;&#x0063;ryptobox.org">info&#x0040;&#x0063;ryptobox.org</a>.</p>
</div>
<div class="content">
<h2>Development</h2>
<p>If you are interested in what happens under the hood, visit the <a
href="http://devel.cryptobox.org">development corner</a>. You can also report
bugs there.</p>
<p>The <a href="http://devel.cryptobox.org/roadmap">roadmap</a> shows our goals
for the next release and the estimated release date.</p>
<p><a href="mailto:cryptobox-dev-subscribe@lists.systemausfall.org">Join
the development mailing list</a> or participate via <a
href="http://dir.gmane.org/gmane.comp.encryption.cryptobox.devel">gmane</a>.</p>
<p>You can also just browse the <a
href="https://systemausfall.org/mail-archive/?0">mailing list archive</a>.</p>
</div>
<div class="content">
<h2>Bleeding edge source code</h2>
<p>The current source code of the <i>CryptoBox-Server</i> package is always
available via our <a href="https://svn.systemausfall.org/svn/cryptobox/"
title="browse subversion repository">Subversion repository</a>.</p>
<p><a href="SvnNotes.html"">Read more ...</a></p>
</div>
<div class="content">
<h2>Thank you!</h2>
<p>The whole is nothing without its parts. We would like to thank
all the people for their help (in order of appearance). So, thank you!
:)</p>
<ul>
<li><a href="http://codecoop.org">codecoop.org</a> - webspace</li>
<li>Clavdia Horvat, Tadej Brce &amp; Dusan Rebolj - slovenian translation</li>
<li>Rike - french translation</li>
</ul>
</div>
<div class="content">
<h2>Acknowledgements</h2>
<p>The CryptoBox project heavily depends on the following Free Software
projects. Thanks for your hard work!</p>
<ul>
<li><a href="http://kernel.org">Linux kernel</a></li>
<li><a href="http://debian.org">Debian GNU/Linux</a></li>
<li><a href="http://python.org">Python</a></li>
<li><a href="http://cherrypy.org">CherryPy</a></li>
<li><a href="http://clearsilver.net">ClearSilver</a></li>
<li><a href="http://www.saout.de/misc/dm-crypt">DM-crypt</a></li>
<li><a href="http://luks.endorphin.org">CryptSetup LUKS</a></li>
<li><a href="http://www.voidspace.org.uk/python/configobj.html">ConfigObj</a></li>
<li>...</li>
</ul>
<p>This list is by far incomplete - so: thanks to everyone involved in
improving Free Software!</p>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

BIN
live-cd-tree.d/_offline/doc/disks_0.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 19 KiB

116
live-cd-tree.d/_offline/doc/doc_0.0.html Normal file
View file

@ -0,0 +1,116 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="Gettingstarted">Getting started</h1>
<p>
Read the following and you'll be able to set up your own CryptoBox within half an hour.
</p>
<p>
It's pretty straight forward as we're always trying to make things as easy as possible for you.
</p>
<h2 id="StepbyStep">Step by Step</h2>
<ol><li>You need:
<ul><li>an old computer (remove the dust first)
</li><li>this PC needs a network card and a CD drive
</li><li>a medium to store your files on (e.g. a harddisk)
</li><li>we will call this PC from now on CryptoBox-PC
</li></ul></li><li>You don't need:
<ul><li>a monitor, keyboard and mouse (with one exception, see below).
</li><li>deeper knowledge of cryptography or server administration
</li></ul></li><li>Download the latest version of the CryptoBox live-CD from CodeCoop. It's an ~100MB iso-image.
<ul><li><a class="ext-link" title="http://codecoop.org/projects/cryptobox/" href="http://codecoop.org/projects/cryptobox/">http://codecoop.org/projects/cryptobox/</a>
</li></ul></li><li>Burn the iso-image onto a CD.
</li><li>Connect the CryptoBox-PC to your local area network.
</li><li>Configure the CryptoBox-PC, so that it can boot the live-CD. Therefore you may have to enter the BIOS and configure the CD-ROM as boot device.
</li><li>Put the burned CryptoBox live-CD into the CD drive and start the CryptoBox-PC.
</li><li>Now go to your current desktop computer which must be connected to the same network as the CryptoBox-PC is and point your browser to <i>http://192.168.0.23</i>.
</li></ol>
<p>
Now, if you see a website similar to the screenshots you're ready. :) Congratulations!
Otherwise check the last steps again and take a look in the <i>caveats</i> section below.
</p>
<p>
Follow this link for <a href="doc_0.1.html">further user documentation</a>. There you'll find a detailed desription, how to work with the CryptoBox.
</p>
<p>
Some sites of your brand new CryptoBox require an administrative password. The default is <i>admin</i> as username _and_ as password. For your own sake change this as soon as possible (under &#34;Preferences&#34; -&gt; &#34;Users&#34;).
</p>
<h2 id="Hints">Hints</h2>
<ul><li>The CryptoBox has an integrated help system. Enable it by clicking on the top-right help icon. It displays some useful tips. You can disable it again, as soon as you know how things work.
</li><li>The CryptoBox-PC should at least have a 200MHz CPU and 64MB RAM (rule of thumb: bought after 1997)
</li><li>Every modern PC system should work as a CryptoBox-PC. Try to get one with low energy consumption, there is not much CPU performance necessary.
</li><li>The data storage media can be an internal harddisk or any external drive.
</li><li>You can change external drives while the !CryptoBox-PC is running or even leave it running without a connected drive at all.
</li><li>The &#34;drive&#34; may also be a USB-stick, firewire-disk, flash-drive, MMC/SD-card, MP3-player or a digital camera.
</li><li>If you are going to buy a new harddisk and are using a very, very old PC as CryptoBox, please keep in mind that it probably cannot handle current disk sizes!
</li></ul><h2 id="Caveats">Caveats</h2>
<ul><li>Some old PCs are not able to boot from CD drives. In this case you cannot use it as CryptoBox.
</li><li>If you want to change the default boot device but don't know what a BIOS is, ask somebody for help! It doesn't hurt. ;)
</li><li>To configure the BIOS, you need a keyboard and a monitor. But this has to be done only once.
</li><li>Don't forget to connect your PC to your local area network! Also don't forget to connect your desktop computer to the same network, if it isn't yet.
</li><li>Make sure your desktop computer has a <i>192.168.0.x</i> IP address (at least for the first configuration). If this says nothing to you, again ask somebody for help!
</li><li>If you're unsure about the network, you can also try to connect the CryptoBox-PC and your desktop computer directly with a crossover network cable.
</li></ul><hr />
<p>
Move on to <a href="doc_0.1.html">further user documentation</a>.
</p>
<p>
Or go back to <a href="Crypto0.html">user documentation overview</a>.
</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

204
live-cd-tree.d/_offline/doc/doc_0.1.html Normal file
View file

@ -0,0 +1,204 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="HowtousetheCryptoBox">How to use the CryptoBox</h1>
<p>
<h4 id="TableofContents">Table of Contents</h4>
<ol>
<li><a href="doc_0.1.html#Basicsofthewebinterface">Basics of the web interface</a></li>
<ol><li><a href="doc_0.1.html#OnlineHelp">Online Help</a></li>
<li><a href="doc_0.1.html#Navigation">Navigation</a></li>
<li><a href="doc_0.1.html#Configuration">Configuration</a></li>
<li><a href="doc_0.1.html#Shutdown">Shutdown</a></li>
</ol>
<li><a href="doc_0.1.html#PreparingVolumes">Preparing Volumes</a></li>
<li><a href="doc_0.1.html#AccessingData">Accessing Data</a></li>
<li><a href="doc_0.1.html#UsingyourHarddiskswithoutreformatting">Using your Harddisks without reformatting</a></li>
</ol>
</p>
<hr />
<h2 id="Basicsofthewebinterface">Basics of the web interface</h2>
<p>
Here comes a detailed description of the web interface. We usually just call it <i>CryptoBox</i> as it is the part you'll have most contact with. It's basically the website you're browsing through after you typed <i>http://192.168.0.23</i> into your browser.
</p>
<h3 id="OnlineHelp">Online Help</h3>
<p>
The new (0.3) version of the CryptoBox is self explaining. Just follow the menu and click through the pages.
</p>
<p>
The integrated help system may support you while using the CryptoBox. It displays some useful tips (e.g. what a single form is for). Enable it by clicking on the top-right help icon. You can disable it again, as soon as you know how things work.
</p>
<ul><li>help system is disabled by default:
</li></ul><blockquote>
<p>
<img src="help_d0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/help_d0.jpg" />
</p>
</blockquote>
<ul><li>looks like this, when enabled:
</li></ul><blockquote>
<p>
<img src="help_e0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/help_e0.jpg" />
</p>
</blockquote>
<h3 id="Navigation">Navigation</h3>
<p>
The central place of the CryptoBox is the &#34;Disks&#34; section, where you manage all your encrypted and unencrypted volumes. Every single storage medium is called a <i>volume</i>.
</p>
<p>
You are able to use whole disks, partitions, usb-storage devices like (usb-sticks, flash-media etc.), firewire-storage devices, logical partitions and a lot more as a volume. There is a simple rule for the devices: everything that is supported by a recent Linux kernel, is also supported by the CryptoBox.
</p>
<ul><li>disk overview with one volume:
</li></ul><blockquote>
<p>
<img src="disks_0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/disks_0.jpg" />
</p>
</blockquote>
<p>
Each disk-symbol is representing a volume with its name underlaying. Small icons on the disk-symbol give you some more information about the volume. A red cross means, that the volume currently is not activated. A lock symbolzises an encrypted partition. If the lock is closed the volume is not activated. If an encryted volume is activated there shows up an open lock and the CryptoBox Logo in the top-right corner opens itself, too.
</p>
<h3 id="Configuration">Configuration</h3>
<p>
In the &#34;Preferences&#34; section you can adapt the CryptoBox to your personal needs. You may set the date/time of the CryptoBox there, as well as its network address and so on. You also find the log messages there - this is very helpful in case something unexpected happened.
</p>
<ul><li>preferences overview:
</li></ul><blockquote>
<p>
<img src="prefer0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/prefer0.jpg" />
</p>
</blockquote>
<h3 id="Shutdown">Shutdown</h3>
<p>
Follow the link to the &#34;Shutdown&#34; section and you can reboot the CryptoBox or just turn it off.
</p>
<hr />
<h2 id="PreparingVolumes">Preparing Volumes</h2>
<p>
Every drive you connect to the CryptoBox will be shown as one or more volumes. If the device was previously formatted with a rather exotic filesystem, then you may have to format it, before you can use it via the CryptoBox. BEWARE: all data of a volume will be deleted while formatting.
</p>
<p>
If you want to store encrypted data on a volume (you should, as this is the key feature of the CryptoBox :) ), you also have to format it initially, too.
</p>
<ul><li>initialization of a disk:
</li></ul><blockquote>
<p>
<img src="prepar0.jpg"format=raw" alt="website/screenshots/doc-0.3.x/prepar0.jpg" />
</p>
</blockquote>
<p>
If you format a volume with encryption support, you have to provide a good passphrase (requiered in the next step). This passphrase protects your files from curious or evil eyes.
</p>
<p>
It is good practice to give every volume a unique name (e.g.: &#34;photo collection&#34; or &#34;my important files&#34;), depending on what you're using it for. So you won't have trouble if you later connect more than one drive to the CryptoBox.
</p>
<p>
If you don't like the aotumatic formattign modus, you can divide one disk into more than one volume by partitioning it. Keep in mind that all existing data on a volume or disk will be deleted if you format or repartition it!
</p>
<hr />
<h2 id="AccessingData">Accessing Data</h2>
<p>
Now you know how to set up a CryptoBox and how to prepare volumes. So you finally can put some data on your configured volume. Click in the web frontend on &#34;Open this volume&#34; and give the correct passphrase.
</p>
<p>
If you want to open or save files on the volumes of the CryptoBox, you just use its available network shares: click on <i>network neighbourhood</i> (or similar - depending on your operating system) and choose the <i>cryptobox</i> computer. Only currently open volumes are visible there.
</p>
<p>
In case the <i>cryptobox</i> computer is not visible in your network overview, you may have to search for the hostname <i>cryptobox</i> or its configured IP address. Maybe it can also be necessary to reboot the CryptoBox after you changed its network settings.
</p>
<p>
The following screenshots may help you to find the <i>cryptobox</i> in your network on different desktop systems:
</p>
<ul><li>Gnome:
</li></ul><blockquote>
<p>
<img src="search0.png"format=raw" alt="website/screenshots/doc-0.3.x/search0.png" />
</p>
</blockquote>
<ul><li>KDE:
</li></ul><blockquote>
<p>
<img src="search1.png"format=raw" alt="website/screenshots/doc-0.3.x/search1.png" />
</p>
</blockquote>
<ul><li>Windows:
</li></ul><blockquote>
<p>
<img src="search2.png"format=raw" alt="website/screenshots/doc-0.3.x/search2.png" />
</p>
</blockquote>
<p>
Do not forget to close the volume again via the web frontend, as soon as you do not need the encrypted files any more.
</p>
<hr />
<h2 id="UsingyourHarddiskswithoutreformatting">Using your Harddisks without reformatting</h2>
<p>
In some cases, a disk can be used in the CryptoBox without reformatting it. This depends on the filesystem of your disk. If it is a plain (unencrypted) one and supported by the linux kernel you will not have any problems. Encrypted disks are supported only if they use a cryptsetup-luks format. Other types of disk encryption will not be accessible.
</p>
<p>
On the downside you won't be able to store your CryptoBox settings (e.g. volume name, network address) on this disk. Therefore you would need a small config partition, which is being created automatically when you partition a disk. A warning message appears if you are working without a writeable config partition.
</p>
<hr />
<p>
Go back to <a href="Crypto0.html">user documentation overview</a>.
</p>
</div>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

119
live-cd-tree.d/_offline/doc/downlo0.html Normal file
View file

@ -0,0 +1,119 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="left">
<div class="leftcontent">
<h2>Latest releases</h2>
<p>CryptoBox-CD: <a
href="http://codecoop.org/frs/?group_id=60&release_id=33">0.2.1</a></p>
<p>CryptoBox-Server: <a
href="http://codecoop.org/frs/?group_id=60&release_id=63">0.3.4</a></p>
</div>
<div class="leftcontent">
<h2>Planned major releases:</h2>
<p>CryptoBox-CD:</p>
<ul><li>v0.3.x <span class="date">02/15/02007</span></li></ul>
<p>CryptoBox-Server:</p>
<ul><li>v0.4 <span class="date">06/01/02007</span></li></ul>
<p>Read the <a href="http://devel.cryptobox.org/roadmap">development roadmap</a>
for more details.</p>
</div>
<div class="leftcontent">
<h2>License</h2>
<p>All code is licensed under the <a href="http://www.fsf.org/licensing/licenses/gpl.html">GPL</a>.</p>
<p>The documentation, the graphics and this website are licensed under a <a href="http://creativecommons.org/licenses/by-sa/2.5/">Creative Commons License</a>.</p>
</div>
</div>
<div class="content">
<h2>CryptoBox live-CD</h2>
<p>Get the latest <i>CryptoBox live-CD</i> image and burn it on CD.</p>
<p><a href="http://codecoop.org/frs/?group_id=60&release_id=33">CryptoBox live-CD download</a></p>
<p><br />We would like to thank <a href="http://codecoop.org">codecoop.org</a> for
providing the necessary bandwidth.</p>
<p>Alternatively you can buy a live-CD at <a href="http://www.opensoft.nl/cdshop/product_info.php/manufacturers_id/28/products_id/71">OpenSoft.nl</a>
for 5.95 european bugs. Note: this is an unpaid advertisement link.
So if you ask us kindly, we might send you a CD for a better price. ;)</p>
</div>
<div class="content">
<h2>CryptoBox-Server Debian package</h2>
<p>Use the <i>CryptoBox-Server</i> package in your Debian/Ubuntu Linux distribution.</p>
<p><a href="http://codecoop.org/frs/?group_id=60&release_id=63">CryptoBox-Server debian package
download</a><br /></p>
<p><br />Install it with: <tt>dpkg -i cryptobox-server.deb</tt></p>
<p>We strongly recommend to use the server package of our
(inofficial) debian package repository, which is easier to
maintain. How to do that ist written in the <a
href="faq.html#"HowdoIusetheserverpackagefromtheDebianrepository">FAQ</a>.</p>
</div>
<div class="content">
<h2>CryptoBox-Server source files</h2>
<p>Users of a non-debian-based Linux distributions are a bit
out of luck. You may try to install the source package, but you
have to adapt some paths manually.</p>
<p><a href="http://codecoop.org/frs/?group_id=60&release_id=63">cryptobox-server source
archive download</a></p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

BIN
live-cd-tree.d/_offline/doc/en_con0.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 83 KiB

BIN
live-cd-tree.d/_offline/doc/en_mount.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 70 KiB

114
live-cd-tree.d/_offline/doc/faq.html Normal file
View file

@ -0,0 +1,114 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<div><h1 id="FrequentlyAskedQuestions">Frequently Asked Questions</h1>
<p>
We answer some common questions her. Add a comment or mail us if you have questions, that might be interesting for others, too.
</p>
<p>
<ol>
<li><a href="faq.html#IsuccessfullyopenedavolumeHowcanIaccessthedatanow">I successfully opened a volume. How can I access the data now?</a></li>
<li><a href="faq.html#RecentlyIpartitionedmyharddiskNowIcanopenthevolumewithoutapasswordIsntitencryptedanymore">Recently I partitioned my harddisk. Now I can open the volume without a password. Isn't it encrypted any more?</a></li>
<li><a href="faq.html#HowcanIrestrictaccesstocertaindata">How can I restrict access to certain data?</a></li>
<li><a href="faq.html#ThereisausermanageravailableinthepreferencessectionWhatisitgoodfor">There is a user manager available in the preferences section. What is it good for?</a></li>
<li><a href="faq.html#HowdoIusetheserverpackagefromtheDebianrepository">How do I use the server package from the Debian repository?</a></li>
</ol>
</p>
<hr />
<h2 id="IsuccessfullyopenedavolumeHowcanIaccessthedatanow">I successfully opened a volume. How can I access the data now?</h2>
<ul><li>CryptoBox live-CD: browse the network neighborhood for the CryptoBox (in M$ Windows), scan the network (with KDE or Gnome). If you like terminals use <i>smbmount</i> or <i>mount -t smbfs</i> to access the network share.
</li></ul><ul><li>CryptoBox-Server: you should ask your administrator, which way is the best to access the mounted volume. In case you are the administrator, then you should take a look at the configuration file for the <i>!MountDir</i> setting. Publish this directory via your favourite fileserver (e.g. samba, webdav, nfs, ftp, ...) and tell your users how to reach it.
</li></ul><h2 id="RecentlyIpartitionedmyharddiskNowIcanopenthevolumewithoutapasswordIsntitencryptedanymore">Recently I partitioned my harddisk. Now I can open the volume without a password. Isn't it encrypted any more?</h2>
<p>
The partition manager creates non-encrypted volumes by default. If you want to enable encryption for a volume, then you have to format it. Be aware that this will erase all data of the volume.
</p>
<h2 id="HowcanIrestrictaccesstocertaindata">How can I restrict access to certain data?</h2>
<p>
The CryptoBox does not support user and access management for now. Everyone in your local network can access all open volumes for reading and writing. This behavior is based on the assumption, that there are no evil guys in your local network. Please take care for this!
</p>
<p>
For the next major release (v0.4) we plan to implement user and access management.
</p>
<h2 id="ThereisausermanageravailableinthepreferencessectionWhatisitgoodfor">There is a user manager available in the preferences section. What is it good for?</h2>
<p>
It's aimed for administrative tasks of the CryptoBox. Administrators can disable functions of the CryptoBox for other users (e.g. disabling the shutdown function). This way the webinterface can be customized to the needs of the users. The default admin password is <i>admin</i>, change that immediately!
</p>
<p>
Users who just want to open and close volumes do not need an administrative account.
</p>
<h2 id="HowdoIusetheserverpackagefromtheDebianrepository">How do I use the server package from the Debian repository?</h2>
<p>
The CryptoBox server package is not part of the official Debian repository (at least for now). But you can use our systemasufall.org repository for installation.
</p>
<ol><li>Add the following to your &#34;/etc/apt/sources.list&#34;:
<pre class="wiki">deb http://systemausfall.org/toolforge/debian unstable main
</pre></li><li>Run:
<pre class="wiki">apt-get update &amp;&amp; apt-get install cryptobox-server
</pre></li></ol>
<hr />
<p>
Go back to <a href="Crypto0.html">user documentation overview</a> or to the <a class="ext-link" title="http://cryptobox.org" href="http://cryptobox.org">CryptoBox Homepage</a>.
</p>
<hr />
</div>
</div>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

BIN
live-cd-tree.d/_offline/doc/header.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 16 KiB

BIN
live-cd-tree.d/_offline/doc/help_d0.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 23 KiB

BIN
live-cd-tree.d/_offline/doc/help_e0.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 29 KiB

108
live-cd-tree.d/_offline/doc/index.html Normal file
View file

@ -0,0 +1,108 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>What is it about?</h2>
<p>The CryptoBox project aims to bring data encryption to the masses.</p>
<p>Therefore we develop two Free Software packages:</p>
<ul>
<li>The <b>CryptoBox live-CD</b> is targetted at users who want to set up an
encrypting fileserver without bothering about complicated
administration issues. A computer which runs the
CryptoBox-CD works as a network-attached storage (NAS),
with the ability to encrypt all stored data.</li><br />
<li>The <b>CryptoBox-Server package</b> adds a user friendly,
web-based frontend for harddisk encryption to a fileserver.</li>
</ul>
<p>Take a look at the <a href="cartoon.html">CryptoBox usage example</a>!<br />
It may give you a better understanding of what the CryptoBox does and how it
works. </p>
</div>
<div class="left">
<div class="leftcontent">
<h2>Demo</h2>
<p>See the CryptoBox <a href="http://demo.cryptobox.org">in action</a>.</p>
<ul>
<li>user: admin</li>
<li>password: admin</li>
</ul>
</div>
<div class="leftcontent">
<h2>Documentation</h2>
<p>Browse through the online <a
href="Crypto0.html"">user
documentation</a> site</a>.</p>
</div>
<div class="leftcontent">
<h2>Details</h2>
<p>Read what's <a href="details.html">under the hood</a>.</p>
</div>
</div>
<div class="content">
<h2>Screenshots</h2>
<p>Everybody wants some <a href="screen0.html">screenshots</a>.
Here we go:</p>
<p><a href="screen0.html"><img border="0" src="mini_s0.jpg"></a></p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

230
live-cd-tree.d/_offline/doc/main.css Normal file
View file

@ -0,0 +1,230 @@
body {
margin: 0;
padding: 0;
font-family: Verdana, Arial, sans-serif;
font-size: 80%;
color: #545454;
background-color: #fff;
}
p {
margin: 0.1em 0 0.1em 0;
}
h1 {
margin: 0;
padding: 0;
font-size: 200%;
font-weight: normal;
color: #4169E1;
}
h2 {
margin: 0 0 5px 0;
padding: 0;
background-color: #8bbf75;
color: White;
font-size: 100%;
font-weight: normal;
text-align: left;
/* RFC: there is a font-weight above - which is valid? */
font-weight: 800;
}
div {
margin: 0;
padding: 0;
display: block;
}
tt {
padding: 0.1em 0.6em 0.1em 0.6em;
font-size: 120%;
background: #fffad0;
}
b {
font-size: 95%;
}
div.container {
background-color: #FFF;
margin: 0 auto 0 auto;
padding: 0;
width: 740px;
}
div.container a:link, div.container a:visited {
color: #366b30;
}
div.navbar a {
text-decoration: none;
}
div.container a:hover, div.container a:active {
color: #ff8a00;
}
div#header {
padding: 2em;
margin: 0;
background-image: url(header.jpg);
background-repeat: no-repeat;
background-position: center;
height: 78px;
}
div.centercontent {
padding: 0.3em 1ex 0.3em 1ex;
margin: 5px 5px 9px 5px;
border: 1px solid #e0e0e0;
}
div.centercontent h2 {
padding: 0.1em 0 0.1em 0.5em;
}
div.centercontent p {
padding: 0.1em 1.8em 0.5em 0.8em;
}
div.centercontent ul {
padding: 0.1em 1.8em 0.1em 2.8em;
}
ul {
margin-top: 0;
margin-bottom: 5px;
margin-left: 0;
padding-left: 2em;
}
div.navbar {
display: block;
font-weight: bold;
margin: 5px 0 5px 0;
padding: 10px 0 10px 0;
border-top: 1px solid #C4C4C4;
border-bottom: 1px solid #C4C4C4;
text-align:center;
}
div.left {
float: left;
width: 30%;
margin: 0 0 0 5px;
padding: 0;
text-align: center;
}
div.left h2 {
text-align: left;
color: #366b30;
background-color: #eeeeec;
padding: 0 0 0 0.5em;
margin-bottom: 0.3em;
}
div.leftcontent {
margin: 0.2em 0.4em 0.5em 0;
padding: 0.3em;
text-align: left;
border: 1px solid #e0e0e0;
}
div.leftcontent p {
padding: 0.1em 0 0.5em 0.5em;
}
div.content {
margin: 5px 5px 15px 31.5%;
}
div.onecolumn {
margin: 5px 5px 9px 5px;
}
div.content, div.onecolumn {
padding: 0.3em 1ex 0.3em 1ex;
border: 1px solid #e0e0e0;
}
div.content h2, div.onecolumn h2 {
/* these are 2 pixels higher then those on the left side */
/* RFC: what does that mean? Do we want this difference or not? [l] */
padding: 0.1em 0 0.1em 0.5em;
margin: 0.1em 0 0.1em 0;
}
div.content p, div.onecolumn p {
padding: 0.1em 0.8em 0.5em 0.8em;
}
div.onecolumn p {
margin-top: 10px;
margin-bottom: 25px;
text-align: center;
}
.date {
text-align: right;
font-style: italic;
font-size: 0.8em;
}
div#footer {
margin: 20px 0 5px 0;
padding: 5px 0 5px 0;
border-top: 1px solid #C4C4C4;
border-bottom: 1px solid #C4C4C4;
font-size: 80%;
text-align: center;
clear: both;
}
/* FAQ headers */
div.faq h3 {
margin: 0.5em;
font-size: 0.9em;
color: #8bbf75;
}
/* table of content for FAQ */
ol.toc {
padding-left: 2em;
}
ol.toc li {
margin-top: 0.5em;
margin-bottom: 0.5em;
}
ol.toc a {
text-decoration: none;
}
/* recent changes (rss feed) */
ul.recent_changes {
padding-left: 0;
list-style-type: none;
}
ul.recent_changes li {
}
ul.recent_changes li h3 {
font-size: 0.9em;
margin: 2px;
text-decoration: none;
}
ul.recent_changes li h3 a {
text-decoration: none;
}
ul.recent_changes li p.date {
padding: 2px 2px 0 2px;
font-size: 0.8em;
}

BIN
live-cd-tree.d/_offline/doc/mini_s0.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 9.7 KiB

150
live-cd-tree.d/_offline/doc/news.html Normal file
View file

@ -0,0 +1,150 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>NEWS: <a href="http://codecoop.org/frs/?group_id=60&amp;release_id=63">CryptoBox-Server v0.3.4 released</a></h2>
<p class="date">19/02/02007</p>
<p>This is a bugfix release</p>
<p>The following bug was fixed:</p>
<ul>
<li>incorrect uid handling during bootup (Closes: <a
href="http://devel.cryptobox.org/ticket/139">#139</a>)</li>
</ul>
</div>
<div class="centercontent">
<h2>NEWS: <a href="http://codecoop.org/frs/?group_id=60&amp;release_id=62">CryptoBox-Server v0.3.3 released</a></h2>
<p class="date">10/02/02007</p>
<p>This release fixes some small bugs:</p>
<ul>
<li>group membership of the webserver</li>
<li>disc usage statistics</li>
</ul>
<p>Additionally the following features were added:</p>
<ul>
<li>embedded help</li>
<li>improved network plugin</li>
<li>...</li>
</ul>
<p>The Slovenian and German translations are complete.</p>
<p>This release is planned to be the base for the next live-cd, which will be
published within the next week.</p>
</div>
<div class="centercontent">
<h2>NEWS: <a href="http://codecoop.org/frs/?group_id=60&amp;release_id=61">CryptoBox-Server v0.3.2 released</a></h2>
<p class="date">08/01/02007</p>
<p>This release contains some important bugfixes:</p>
<ul>
<li>fixed bug causing lack of permissions</li>
<li>fixed bug in Plugin manager (breaks interface)</li>
<li>fixed setting committing delay of Plugin manager</li>
</ul>
</div>
<div class="centercontent">
<h2>NEWS: <a href="http://codecoop.org/frs/?group_id=60&amp;release_id=60">CryptoBox-Server v0.3.1 released</a></h2>
<p class="date">20/12/02006</p>
<p>This release contains some usability fixes for users of the Internet Explorer,
as well as some additional translations and more convenient default settings.</p>
</div>
<div class="centercontent">
<h2>NEWS: <a href="http://codecoop.org/frs/?group_id=60&amp;release_id=59">CryptoBox-Server v0.3.0 released</a></h2>
<p class="date">15/12/02006</p>
<p>Here it comes - the earliest x-mas present 02006: the
CryptoBox-Server 0.3.0 package. It is not a live-cd, but a software package
that you can just install on your favourite linux system.</p>
<p> Take a look at the <a href="screen0.html">screenshots</a>.</p>
<p>It was a long ride and this is the first milestone we reached. Be prepared
fo another 1000 miles of code.</p>
<p>The live-CD based on this new version will be released in February 02007.</p>
</div>
<div class="centercontent">
<h2>NEWS: Python rewrite progress</h2>
<p class="date">19/08/02006</p>
<p>Finally the cryptobox-python-rewrite-process is in progress.
From now on you can follow discussions and participate at the
<a href="http://blog.gmane.org/gmane.comp.encryption.cryptobox.devel">development mailinglist via gmane</a>.</p>
</div>
<div class="centercontent">
<h2>NEWS: Download interception</h2>
<p class="date">14/04/02006</p>
<p>Sorry folks, <i>codecoop.org</i> is temporarily down.</p>
<p>UPDATE: It is up and running again. Fetch the latest version <a href="http://codecoop.org/frs/?group_id=60&amp;release_id=33">here</a>.</p>
</div>
<div class="centercontent">
<h2>NEWS: CryptoBox code splitting</h2>
<p class="date">07/03/02006</p>
<p>We are currently splitting the CryptoBox into the
CryptoBox-Server and the Cryptobox-CD. This will let you use
the CryptoBox-Server in your favourite Linux installation.</p>
<p>Stay tuned ...</p>
</div>
<div class="centercontent">
<h2>NEWS: CryptoBox-CD v0.2.1 released</h2>
<p class="date">30/10/02005</p>
<p>The latest CryptoBox version 0.2.1 is available at
<a href="http://codecoop.org/frs/?group_id=60&amp;release_id=33">codecoop.org</a>!</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

BIN
live-cd-tree.d/_offline/doc/prefer0.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 22 KiB

BIN
live-cd-tree.d/_offline/doc/prepar0.jpg Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 30 KiB

87
live-cd-tree.d/_offline/doc/screen0.html Normal file
View file

@ -0,0 +1,87 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="onecolumn">
<h2>Versions 0.3.x</h2>
<p>
<img src="activa0.png"
alt="screenshot v0.3: activation of encrypted filesystem" /><br />
activation of encrypted filesystem<br />
</p>
<p>
<img src="system0.png"
alt="screenshot v0.3: configuration" /><br />
configuration<br />
</p>
</div>
<div class="onecolumn">
<h2>Versions 0.2.x</h2>
<p>
<img src="en_mount.png"
alt="screenshot v0.2: activation of encrypted file system" /><br />
activation of encrypted file system<br />
</p>
<p>
<img src="en_con0.png"
alt="screenshot v0.2: configuration" /><br />
configuration<br />
</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

BIN
live-cd-tree.d/_offline/doc/search0.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 52 KiB

BIN
live-cd-tree.d/_offline/doc/search1.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 42 KiB

BIN
live-cd-tree.d/_offline/doc/search2.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 44 KiB

91
live-cd-tree.d/_offline/doc/support.html Normal file
View file

@ -0,0 +1,91 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>CryptoBox</title>
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
<meta content="" name="keywords" />
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
<link rel="stylesheet" type="text/css" href="main.css" />
</head>
<body>
<div class="container">
<div id="header"><!-- just the logo --></div>
<div class="navbar">
<p>
<a href="index.html">Home</a> |
<a href="news.html">News</a> |
<a href="downlo0.html">Download</a> |
<a href="support.html">Support</a> |
<a href="develo0.html">Development</a>
</p>
</div>
<!-- content starts here -->
<div class="centercontent">
<h2>Any problems?</h2>
<ol>
<li>Please read the <a href="Crypto0.html"">user
documentation</a>.</li>
<li>Check if the <a href="faq.html"">FAQ</a> helps you to solve your problem.</li>
<li>Check if it is a <a
href="http://devel.cryptobox.org/report/2">known
issue</a>. If so, provide some detailed information
there.</li>
<li>Submit a new <a href="http://devel.cryptobox.org/newticket">bug report</a>.</li>
</ol>
</div>
<div class="left">
<div class="leftcontent">
<h2>Missing your language?</h2>
<p>The CryptoBox is easily extensible via plugins. It also has
support for multiple languages. You can help us with some
<a href="http://translate.cryptobox.org/projects/cryptobox/">translations</a>.</p>
</div>
</div>
<div class="content">
<h2>Further questions</h2>
<p>If you have more questions or if you want better answers, just send a mail
to <a href="mailt&#x006F;:info&#x0040;&#x0063;ryptobox.org">info&#x0040;&#x0063;ryptobox.org</a>. Thanks!</p>
<p>And no, we don't sit on any irc channel. There's a life to live. :)</p>
</div>
<!-- content ends here -->
<div id="footer">
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
</div>
</div>
<!-- /Creative Commons License -->
<!--
<rdf:RDF xmlns="http://web.resource.org/cc/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<Work rdf:about="">
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
</Work>
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
<requires rdf:resource="http://web.resource.org/cc/Notice" />
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
</License>
</rdf:RDF>
-->
</body>
</html>

BIN
live-cd-tree.d/_offline/doc/system0.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 87 KiB

BIN
live-cd-tree.d/_offline/doc/trac.ico Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 3.6 KiB

159
live-cd-tree.d/_offline/doc/trac.js Normal file
View file

@ -0,0 +1,159 @@
// Used for dynamically updating the height of a textarea
function resizeTextArea(id, rows) {
var textarea = document.getElementById(id);
if (!textarea || (typeof(textarea.rows) == "undefined")) return;
textarea.rows = rows;
}
// A better way than for example hardcoding foo.onload
function addEvent(element, type, func){
if (element.addEventListener) {
element.addEventListener(type, func, false);
return true;
} else if (element.attachEvent) {
return element.attachEvent("on" + type, func);
}
return false;
}
// Adapted from http://www.kryogenix.org/code/browser/searchhi/
function searchHighlight() {
if (!document.createElement) return;
var div = document.getElementById("searchable");
if (!div) return;
function getSearchWords(url) {
if (url.indexOf('?') == -1) return [];
var queryString = url.substr(url.indexOf('?') + 1);
var params = queryString.split('&');
for (var p in params) {
var param = params[p].split('=');
if (param.length < 2) continue;
if (param[0] == 'q' || param[0] == 'p') { // q= for Google, p= for Yahoo
return unescape(param[1].replace(/\+/g, ' ')).split(/\s+/);
}
}
return [];
}
function highlightWord(node, word, searchwordindex) {
// If this node is a text node and contains the search word, highlight it by
// surrounding it with a span element
if (node.nodeType == 3) { // Node.TEXT_NODE
var pos = node.nodeValue.toLowerCase().indexOf(word.toLowerCase());
if (pos >= 0 && !/^searchword\d$/.test(node.parentNode.className)) {
var span = document.createElement("span");
span.className = "searchword" + (searchwordindex % 5);
span.appendChild(document.createTextNode(
node.nodeValue.substr(pos, word.length)));
var newNode = node.splitText(pos);
newNode.nodeValue = newNode.nodeValue.substr(word.length);
node.parentNode.insertBefore(span, newNode);
return true;
}
} else if (!node.nodeName.match(/button|select|textarea/i)) {
// Recurse into child nodes
for (var i = 0; i < node.childNodes.length; i++) {
if (highlightWord(node.childNodes[i], word, searchwordindex)) i++;
}
}
return false;
}
var words = getSearchWords(document.URL);
if (!words.length) words = getSearchWords(document.referrer);
if (words.length) {
for (var w in words) {
if (words[w].length) highlightWord(div, words[w], w);
}
}
}
function enableControl(id, enabled) {
if (typeof(enabled) == "undefined") enabled = true;
var control = document.getElementById(id);
if (!control) return;
control.disabled = !enabled;
var labels = document.getElementsByTagName("label");
for (var i = 0; i < labels.length; i++) {
if (labels[i].htmlFor == id) {
labels[i].className = enabled ? "enabled" : "disabled";
}
}
}
function addWikiFormattingToolbar(textarea) {
if ((typeof(document["selection"]) == "undefined")
&& (typeof(textarea["setSelectionRange"]) == "undefined")) {
return;
}
var toolbar = document.createElement("div");
toolbar.className = "wikitoolbar";
function addButton(id, title, fn) {
var a = document.createElement("a");
a.href = "#";
a.id = id;
a.title = title;
a.onclick = function() { try { fn() } catch (e) { } return false };
a.tabIndex = 400;
toolbar.appendChild(a);
}
function encloseSelection(prefix, suffix) {
textarea.focus();
var start, end, sel, scrollPos, subst;
if (typeof(document["selection"]) != "undefined") {
sel = document.selection.createRange().text;
} else if (typeof(textarea["setSelectionRange"]) != "undefined") {
start = textarea.selectionStart;
end = textarea.selectionEnd;
scrollPos = textarea.scrollTop;
sel = textarea.value.substring(start, end);
}
if (sel.match(/ $/)) { // exclude ending space char, if any
sel = sel.substring(0, sel.length - 1);
suffix = suffix + " ";
}
subst = prefix + sel + suffix;
if (typeof(document["selection"]) != "undefined") {
var range = document.selection.createRange().text = subst;
textarea.caretPos -= suffix.length;
} else if (typeof(textarea["setSelectionRange"]) != "undefined") {
textarea.value = textarea.value.substring(0, start) + subst +
textarea.value.substring(end);
if (sel) {
textarea.setSelectionRange(start + subst.length, start + subst.length);
} else {
textarea.setSelectionRange(start + prefix.length, start + prefix.length);
}
textarea.scrollTop = scrollPos;
}
}
addButton("strong", "Bold text: '''Example'''", function() {
encloseSelection("'''", "'''");
});
addButton("em", "Italic text: ''Example''", function() {
encloseSelection("''", "''");
});
addButton("heading", "Heading: == Example ==", function() {
encloseSelection("\n== ", " ==\n", "Heading");
});
addButton("link", "Link: [http://www.example.com/ Example]", function() {
encloseSelection("[", "]");
});
addButton("code", "Code block: {{{ example }}}", function() {
encloseSelection("\n{{{\n", "\n}}}\n");
});
addButton("hr", "Horizontal rule: ----", function() {
encloseSelection("\n----\n", "");
});
textarea.parentNode.insertBefore(toolbar, textarea);
var br = document.createElement("br");
br.style.clear = "left";
textarea.parentNode.insertBefore(br, textarea);
}

BIN
live-cd-tree.d/_offline/doc/trac_c0.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 4.4 KiB

BIN
live-cd-tree.d/_offline/doc/trac_l0.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 689 B

BIN
live-cd-tree.d/_offline/shellopn.exe Normal file
View file

Binary file not shown.

BIN
live-cd-tree.d/_offline/shellopn.zip Normal file
View file

Binary file not shown.

2
live-cd-tree.d/autorun.inf Normal file
View file

@ -0,0 +1,2 @@
[autorun]
open=_offline\shellopn.exe _offline\doc\index.html

6
live-cd-tree.d/etc/rc3.d/S99usage_hint Executable file
View file

@ -0,0 +1,6 @@
#!/bin/sh
echo -e "\n+----------------------------------------------------------------+"
echo -e "\n The CryptoNAS has started."
echo -e "\n You can access it now via a web browser at: http://192.168.0.23"
echo -e "\n Visit cryptonas.org for help and more information."
echo -e "\n+----------------------------------------------------------------+\n"

35
live-cd-tree.d/etc/samba/smb.conf Normal file
View file

@ -0,0 +1,35 @@
[global]
workgroup = workgroup
server string = cryptobox
# 'security' is necessary - otherwise windows clients will ask for a login and fail
security = share
dns proxy = no
log file = /var/log/samba/log.smbd
max log size = 500
syslog only = yes
syslog = 0
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
socket options = TCP_NODELAY
guest ok = yes
# the following lines should help to be visible in the network
# os level - higher than non-PDC (primary domain controller) but lower than PDC
os level = 17
# announce ourselves to other networks
remote announce = 192.168.0.255 192.168.255.255 172.16.255.255 10.255.255.255
# don't act as a wins server, but use wins
# if yes, don't set "wins server"
wins support = yes
# we don't want to confuse existing servers
local master = no
domain master = no
preferred master = no
include = /var/cache/cryptobox-server/settings/misc/samba-include.conf

3
live-cd-tree.d/etc/udev/rules.d/z99_local.rules Normal file
View file

@ -0,0 +1,3 @@
# the cryptobox live-cd should not use any device mapper block devices as they
# are created by cryptsetup -> make it non-writeable for the cryptobox user
KERNEL=="dm-*", MODE="0600", OWNER="root", GROUP="root"

11
live-cd-tree.d/start.html Normal file
View file

@ -0,0 +1,11 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en">
<head>
<meta http-equiv="refresh" content="0; URL=_offline/doc/index.html">
<title>The CryptoBox</title>
</head>
<body>
Automatic redirect to <a href="_offline/doc/index.html" title="Documentation">Documentation</a> ...
</body>
</html>

56
live-cd-tree.d/usr/lib/cryptobox-cd/chroot-start.sh Executable file
View file

@ -0,0 +1,56 @@
#!/bin/sh
#
# Copyright (c) 02005-02006 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# FOR DEVELOPMENT ONLY!
#
# this script is used to prepare a chroot session for testing or configuring
#
# called by:
# - cbox-build.sh
#
# parameter: [commandline]
#
# if "commandline" is empty, "bash" will be used
#
set -eu
MNT_SRC=/opt/dfsruntime/runtimerd
MNT_DST=/opt/dfsruntime/runtimemnt
# the directory /tmp/ can not be used, as it is still a broken link, too
TMP_DIR="/tmp-`basename $0`-$$"
cp -a "$MNT_SRC/." "$TMP_DIR"
mount -n --bind "$TMP_DIR" "$MNT_DST"
[ ! -e /dev/null ] && mknod "/dev/null" c 1 3 && chmod 666 "/dev/null"
[ ! -e /dev/urandom ] && mknod "/dev/urandom" c 1 9 && chmod 444 "/dev/urandom"
[ ! -e /dev/console ] && mknod "/dev/console" c 1 5 && chmod 660 "/dev/console"
# remember, if proc was mounted before (e.g. because of a running chroot)
PROC_WAS_MOUNTED=no
mount -n -t proc proc /proc 2>/dev/null || PROC_WAS_MOUNTED=yes
# default language setting - prevents dpkg error messages
export LANG=C
# set default terminal (good if you are running in a screen session)
export TERM=linux
# execute parameters as commandline
if [ $# -gt 0 ]
then "$@"
else bash
fi
umount -l -n "$MNT_DST"
[ "$PROC_WAS_MOUNTED" = "no" ] && umount -l -n proc
rm -r "$TMP_DIR"

179
live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh Executable file
View file

@ -0,0 +1,179 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# this script is part of the building process of the cryptobox
# the "normal" action is necessary for every cryptobox (development & release)
# the "secure" action is mandatory for every release CD
#
# called by:
# - cbox-build.sh after copying custom files and before creating the iso image
#
set -eu
RUNTIMEDIR=/opt/dfsruntime/runtimerd
TUNDEV=$RUNTIMEDIR/dev/net/tun
ADD_GROUPS="floppy cdrom tape video plugdev"
REMOVE_PACKAGES="strace
nvi nano vim vim-common vim-tiny
unzip zip aptitude tasksel locate
ssh elinks curl wget netkit-inetd telnet
exim4-daemon-light exim4-config exim4-base
ppp pppconfig pppoe pppoeconf iptables
subversion w3m wget lynx less screen
info iptables man-db manpages
openssh-server openssh-client"
# remove rc symlinks for these services
SERVICES_OFF="ssh setserial nviboot mountnfs ntpdate"
function configure_normal()
# the usual stuff - not optimized for security
{
##### cryptobox settings ######
# start during bootup
sed -i 's/^NO_START=.*$/NO_START=0/' /etc/default/cryptobox-server
# listen to port 80 by default
sed -i 's/^PORT=.*$/PORT=80/' /etc/default/cryptobox-server
# use a separate configuration partition
sed -i 's/^UseConfigPartition.*$/UseConfigPartition = 1/' /etc/cryptobox-server/cryptobox.conf
# all plugins are enabled (especially: "encrypted_webinterface")
sed -i 's#^DisabledPlugins.*$#DisabledPlugins = #' /etc/cryptobox-server/cryptobox.conf
# change the selection of devices, that can be used as the crypto harddisk
sed -i 's#^AllowedDevices.*$#AllowedDevices = /dev/#' /etc/cryptobox-server/cryptobox.conf
# add the cryptobox user to some more groups
for new_group in $ADD_GROUPS
do adduser cryptobox "$new_group"
done
############ samba ############
# enable samba startup (disabled before via cbox-build.sh)
echo 'RUN_MODE="daemons"' >/etc/default/samba
# install the samba hook script
cp /usr/share/doc/cryptobox-server/event-scripts/samba /etc/cryptobox-server/events.d/samba
chmod +x /etc/cryptobox-server/events.d/samba
############ webdav ############
#TODO: add apache2 packages; configure port; add webdav link in web frontend
sed -i 's/^NO_START=.*$/NO_START=0/' /etc/default/apache2
cp /usr/share/doc/cryptobox-server/event-scripts/apache2_dav /etc/cryptobox-server/events.d/apache2_dav
chmod +x /etc/cryptobox-server/events.d/apache2_dav
########### boot up ###########
# turn off creation of "/etc/nologin" (read-only fs)
sed -i '/^DELAYLOGIN=/s/^DELAYLOGIN=.*$/DELAYLOGIN=no/' /etc/default/rcS
# turn off modifying /etc/motd (read-only fs)
sed -i '/^EDITMOTD=/s/^EDITMOTD=.*$/EDITMOTD=no/' /etc/default/rcS
# default runlevel (out of some strange reason, runlevel 2 is not working)
sed -i 's/^id:.*$/id:3:initdefault:/' /etc/inittab
# add tmpfs entry for mount parent
# remove old line, if fstab exists
test -e /etc/fstab && sed -i '#/var/cache/cryptobox-server/mnt#d' /etc/fstab
# add new line
echo "tmpfs /var/cache/cryptobox-server/mnt tmpfs defaults 0 0" >>/etc/fstab
######### devices ##########
# create tun device for running under qemu
if [ ! -e "$TUNDEV" ]
then mkdir -p `dirname "$TUNDEV"`
mknod "$TUNDEV" c 10 200
fi
########## sshd ############
if [ -e "/etc/ssh" ]; then
# allow empty passwords for ssh
# the daemon is NOT started automatically, so you have to start it
# manually in case of need - as the root pw is empty and passwd is ro, you
# have to allow empty passwords for this rare case
sed -i 's/^PermitEmptyPass.*$/PermitEmptyPasswords yes/' /etc/ssh/sshd_config
# turn off PAM for ssh, as it prevents the use of empty passwords (stange behaviour)
sed -i 's/^UsePAM.*$/UsePAM no/' /etc/ssh/sshd_config
# allow input of password
sed -i 's/^PasswordAuthentication.*$/PasswordAuthentication yes/' /etc/ssh/sshd_config
fi
# remove symlinks for unwanted services
for a in $SERVICES_OFF; do
# echo "Turning off service $a ..."
find /etc/rc?.d/ -type l -name "[SK][0-9][0-9]$a" | while read b
do rm "$b"
done
done
return 0
}
function configure_secure()
# remove everything that could weaken security
# configure_normal should be called too!
{
# disable keyboard login
sed -i '/getty/d' /etc/inittab
# remove unnecessary packages
dpkg --force-all -P $REMOVE_PACKAGES 2>&1 | grep -v "which isn't installed." || true
# maybe an authorized_keys file was created - but it is not dangerous,
# as the openssh package was removed anyway
[ -d /root/.ssh ] && rm -rf /root/.ssh
# disable root account
passwd -l root
############## clean up ################
# remove deb-files, that were left by dfsbuild
# remove packages and package lists
# remove locale files
# remove doc files
# remove man pages
# some vim files stay behind?
rm -rf /opt/packages /var/cache/bootstrap /var/cache/apt/ /var/cache/locate
rm -rf /usr/share/man /usr/share/vim /var/lib/apt /var/cache/debconf /var/cache/man
# remove docs except for the cryptobox's
ls /usr/share/doc | while read dname
do test "$dname" == "cryptobox-server" || rm -rf "/usr/share/doc/$dname"
done
# remove all locale files and symlinks except for the cryptobox's
(find /usr/share/locale -type f; find /usr/share/locale -type l) | grep -v "cryptobox-server" | while read fname
do rm "$fname"
done
# remove all empty locale directories
find /usr/share/locale -type d | while read dname
do test -d "$dname" && rmdir --ignore-fail-on-non-empty --parents "$dname"
done
# change some dir permissions
chmod 660 /var/cache/cryptobox-server/settings/
return 0
}
################ main ####################
ACTION=help
[ $# -gt 0 ] && ACTION=$1
case "$ACTION" in
normal )
configure_normal
;;
secure )
configure_secure
;;
* )
echo "Syntax: `basename $0` { normal | secure }"
echo
;;
esac

83
live-cd-tree.d/usr/lib/cryptobox-cd/devel-features.sh Executable file
View file

@ -0,0 +1,83 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# this script is part of the boot process of a developer's cryptobox
#
# it should really NEVER be found on a release CD
#
# called by:
# - /etc/rc2.d/S99cb-devel-features
#
set -eu
# read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
# parse config file
. "$CONF_FILE"
MIRROR_DIR=/tmp/mirror
MIRROR_ORIG_DIR=/tmp/mirror.orig
WRITE_DIRS="/usr/share/cryptobox /var/www /usr/lib/cryptobox"
ACTION="--help"
[ $# -gt 0 ] && ACTION="$1"
case "$ACTION" in
start )
# copy cryptobox files to tmpfs
for a in $WRITE_DIRS
do mkdir -p "$MIRROR_DIR/$a"
cp -a "$a/." "$MIRROR_DIR/$a"
mount --bind "$MIRROR_DIR/$a" "$a"
done
$0 set_diff_base
# cryptobox-server needs to be restarted to reopen its files
invoke-rc.d cryptobox-server restart
# start ssh daemon
[ -x /etc/init.d/ssh ] && /etc/init.d/ssh start
;;
set_diff_base )
# the present content of the tmpfs mirror get copied to
# MIRROR_ORIG_DIR for later diffs
# whenever you merged a diff, you should call this function
[ -e "$MIRROR_ORIG_DIR" ] && rm -rf "$MIRROR_ORIG_DIR"
cp -a "$MIRROR_DIR" "$MIRROR_ORIG_DIR"
;;
diff )
cd "`dirname \"$MIRROR_ORIG_DIR\"`"
# diff and remove "binary files differ"-warnings (vi-swap-files)
# ignore generated reports
# ignore cryptobox.pl and index.html, as those are the same as
# /var/www/cryptobox (symbilic links)
# replace the link name (/var/www/cryptobox) by its destination
# UGLY!
diff -ruN --exclude=report --exclude=cryptobox.pl --exclude=index.html "`basename \"$MIRROR_ORIG_DIR\"`" "`basename \"$MIRROR_DIR\"`" | grep -v "^Binary files" | sed 's#/var/www/cryptobox\t#/var/www/cgi-bin/cryptobox.pl\t#'
;;
stop )
[ -x /etc/init.d/ssh ] && /etc/init.d/ssh stop
for a in $WRITE_DIRS
do umount "$MIRROR_DIR/$a"
done
rm -rf "$MIRROR_DIR"
;;
restart )
$0 stop
$0 start
;;
* )
echo "Syntax: `basename $0` { start | stop | restart }"
;;
esac

1629
packages/config-2.6.20_cryptobox0.3.3 Normal file
View file

File diff suppressed because it is too large Load diff

1
packages/cryptobox-server.deb Symbolic link
View file

@ -0,0 +1 @@
cryptobox-server_0.3.4.4-1_i386.deb

BIN
packages/cryptobox-server_0.3.4-1_i386.deb Normal file
View file

Binary file not shown.

BIN
packages/dfsbuild_0.99.2.1_i386.deb Normal file
View file

Binary file not shown.

6
packages/info.txt Normal file
View file

@ -0,0 +1,6 @@
BEWARE: the uml kernel does not work correctly - see ../hints/starting_uml.txt for details
see hints/kernel-build.txt for details on how to build and include a new kernel
cryptsetup-luks is not yet officially available for debian
Source: http://einsteinmg.dyndns.org/debian/unstable/

BIN
packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb Normal file
View file

Binary file not shown.

BIN
packages/ntfs-3g_1:1.516-1~bpo.1_i386.deb Normal file
View file

Binary file not shown.

BIN
packages/uml-kernel-2.6.12.3-cryptobox Executable file
View file

Binary file not shown.

237
scripts/cbox-build.sh Executable file
View file

@ -0,0 +1,237 @@
#!/bin/bash
#
# Copyright (c) 02005-02006 sense.lab <devel@senselab.org.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# managing our work at the cryptobox
#
# usual workflow:
# dfsbuild - create the image directory with dfsbuild
# config - apply cryptobox specific changes to the image directory
# harden - remove unnecessary packages and disable developer features
# iso - create the iso image
# isoz - create a compressed iso image
# burn - burns the image on a cd-rw
#
# final action:
# release - the same as "dfsbuild config harden isoz"
#
#
# problems of this script:
# - has to run as root
# - 'harden' is strangely integrated
#
# you may run this script with multiple arguments, e.g.:
# cb-build.sh dfsbuild config isoz
#
# the action "release" does what it says :)
# (all developer's features like sshd, writable templates and
# the test-suite are deactivated, some packages get removed)
#
set -ue
# include common functions and settings
source "$(dirname $0)/common.sh.inc"
################### some settings ######################
# dfsbuild config
DFS_CONFIG=$(get_config_file dfs-cbox.conf)
# debian package of cryptobox-server
DEB_PACKAGE=$ROOT_DIR/packages/cryptobox-server.deb
####################### functions ######################
# samba fails to install if /proc/ is empty
# we force samba to skip startup during configuring
function workaround_samba_proc()
{
# let dfsbuild start first
sleep 15
local DEFAULT_DIR=$IMAGE_DIR/etc/default
mkdir -p "$DEFAULT_DIR"
echo "exit" >"$DEFAULT_DIR/samba"
}
function run_dfsbuild()
{
# we need a secret gpg key for apt-move/reprepro(?) - very strange
# see: http://lists.debian.org/debian-user/2005/09/msg03288.html
if test -z "$(gpg --list-secret-keys 2>/dev/null)"
then echo "*************************************************************"
echo "* Sorry - for some strange reason you/root need a secret *"
echo "* gpg key without a passphrase! *"
echo "* Please create a key first: 'gpg --gen-key' *"
echo "*************************************************************"
exit 1
fi >&2
if [ -e "$BUILD_DIR" ]
then ## umount all other directories below
mount | cut -d " " -f 3- | sed "s/ type .*$//" | grep "$IMAGE_DIR" | while read mdir
do umount "$mdir"
done
echo "removing the build directory ($BUILD_DIR) to guarantee a clean build ..."
rm -r "$BUILD_DIR"
fi
workaround_samba_proc &
# build the target directory
LANG=C dfsbuild -c "$DFS_CONFIG" -w "$BUILD_DIR/"
# remove iso image of dfsbuild - it is not necessary
[ -e "$BUILD_DIR/image.iso" ] && rm "$BUILD_DIR/image.iso"
# finish package installation
echo "dpkg --configure --pending" | chroot_image
}
function create_uncompressed_iso()
{
# check for a mounted procfs
mount | grep -q " $IMAGE_DIR/proc " && umount "$IMAGE_DIR/proc"
echo "Creating the iso ..."
mkisofs $MKISOFS_OPTIONS -o "$IMAGE_FILE" "$IMAGE_DIR"
}
function create_compressed_iso()
{
# check for a mounted procfs
mount | grep -q " $IMAGE_DIR/proc " && umount "$IMAGE_DIR/proc"
echo "Creating the compressed iso ..."
[ -e "$IMAGEZ_DIR" ] && rm -r "$IMAGEZ_DIR"
mkdir "$IMAGEZ_DIR"
for a in $(ls "$IMAGE_DIR")
do if echo "$UNCOMPRESSED_ITEMS" | grep -q -w "$a"
then echo " Copying uncompressed item: $a ..."
cp -a "$IMAGE_DIR/$a" "$IMAGEZ_DIR"
else if [ -h "$IMAGE_DIR/$a" ]
then echo " Copying link: $a ..."
cp -a "$IMAGE_DIR/$a" "$IMAGEZ_DIR"
else echo " Compressing item: $a ..."
mkzftree "$IMAGE_DIR/$a" "$IMAGEZ_DIR/$a"
fi
fi
done
mkisofs -z $MKISOFS_OPTIONS -o "$IMAGEZ_FILE" "$IMAGEZ_DIR"
}
function configure_cb()
{
if [ ! -e "$IMAGE_DIR" ]; then
echo -e "Directory \"$IMAGE_DIR\" not found!"
echo -e "Did you run \"$0 dfsbuild\"?"
exit 1
fi
echo "Copying files to the box ..."
svn export --force "$TEMPLATE_DIR/." "$IMAGE_DIR"
echo "Configuring the cryptobox ..."
echo "/usr/lib/cryptobox-cd/configure-cryptobox.sh normal" | chroot_image
# source local configure scripts
[ -d "$CUSTOM_CONFIGURE_DIR" ] && \
find "$CUSTOM_CONFIGURE_DIR" -xtype f | sort | while read file
do echo "Sourcing custom configure script $(basename $file) ..."
# execute it in its own environment (to be safe)
# 'source' implicitly imports all current settings
# indent these lines to improve the output
( source "$file" ) 2>&1 | sed 's/^/\t/'
done
}
function install_package()
{
## first disable automatic startup to avoid conflicts with local servers
local conf_file=$IMAGE_DIR/etc/default/cryptobox-server
test -e "$conf_file" && sed -i 's/^NO_START=.*$/NO_START=1/' "$conf_file"
local chroot_deb_file=/cryptobox-server.deb
cp "$DEB_PACKAGE" "$IMAGE_DIR$chroot_deb_file"
echo "dpkg -i $chroot_deb_file" | chroot_image
rm "$IMAGE_DIR$chroot_deb_file"
}
function blanknburn_cdrw()
{
cdrecord -v dev=$CDWRITER blank=fast
if [ -e "$IMAGEZ_FILE" ]; then
cdrecord -v dev=$CDWRITER $IMAGEZ_FILE
elif [ -e "IMAGE_FILE" ]; then
cdrecord -v dev=$CDWRITER $IMAGE_FILE
else
echo "can't find CryptoBox image to burn" && exit 1
fi
}
################ do it! ######################
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'"
# initialize local directories (easier for users)
for a in $LOCALCONF_DIR $CUSTOM_CONFIGURE_DIR
do [ ! -e "$a" ] && mkdir "$a" && chown --reference=. "$a"
done
# check for uid=0 (necessary for all operations)
[ "$(id -u)" -ne 0 ] && echo "this script ($0) has to be called as root" >&2 && exit 1
while [ $# -gt 0 ]
do case "$1" in
dfsbuild )
# check if we are in ROOT_DIR - otherwise we will have problems with
# relative paths in dfs-box.conf
[ "$ROOT_DIR" -ef "$(pwd)" ] || error_die 1 "Sorry: you have to run $0 while you are in '$ROOT_DIR'!"
run_dfsbuild
;;
config )
install_package
configure_cb normal
;;
iso )
create_uncompressed_iso
;;
isoz )
create_compressed_iso
;;
harden )
echo "/usr/lib/cryptobox-cd/configure-cryptobox.sh normal" | chroot_image
echo "/usr/lib/cryptobox-cd/configure-cryptobox.sh secure" | chroot_image
;;
burn )
blanknburn_cdrw
;;
release )
"$0" dfsbuild config harden isoz
md5sum $IMAGEZ_FILE > ${IMAGEZ_FILE}.md5sum
sha1sum $IMAGEZ_FILE > ${IMAGEZ_FILE}.sha1sum
;;
help|--help )
echo "Syntax: `basename $0` ( release | dfsbuild | config | harden | iso | isoz | burn | help )"
echo " (you may specify more than one action)"
echo
;;
* )
echo -e "unknown action: $1"
echo
$0 help
exit 1
;;
esac
shift
done

157
scripts/cbox-dev.sh Executable file
View file

@ -0,0 +1,157 @@
#!/bin/bash
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# managing our work at the cryptobox
#
# development actions:
# chroot - run first tests in a chroot environment
# qemu - run the qemu emulation with the uncompressed image
# qemuz - run the qemu emulation with the compressed image
# upload - copy your local files to tmpfs on a running cryptobox
# diff - compare tmpfs-files on a running cryptobox with the original
# merge - apply the diff to the local copy
# ssh - open a ssh connection to a running cryptobox
#
# problems of this script:
# - chroot has to run as root
#
set -ue
# include common functions and settings
source $(dirname $0)/common.sh.inc
################### some settings #####################
# to connect to a development cryptobox with ssh
SSH_CONFIG_FILE=$(get_config_file ssh_config)
# extract the hostname of the cryptobox from the ssh_config file
SSH_HOST=$(grep "^Host " "$SSH_CONFIG_FILE" | head -1 | sed 's/^Host *\(.*\)$/\1/')
####################### functions ######################
function qemu_boot()
# parameter: iso_image_file
{
# create a virtual harddisk image file
if [ ! -e "$HD_IMAGE" ]
then echo "Creating temporary harddisk image ..."
dd if=/dev/zero of="$HD_IMAGE" bs=1M count=$HD_IMAGE_SIZE
fi
echo "Starting qemu ..."
qemu -hda "$HD_IMAGE" -cdrom "$1" -boot d -m 96 -net nic -net tap || true
}
function upload2box()
# upload local files to a development cryptobox
# this is necessary to use an "old" development cd with
# new code - this affects only the web-interface and the
# cbox-manage.sh-script (the boot behaviour stays the same)
#
# of course, only the directories that are mapped to tmpfs can
# be updated this way
{
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
echo "Uploading the following dirs: $DIRS "
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
for a in $DIRS
do mkdir -p "$TMP_DIR/$a"
cp -r "$TEMPLATE_DIR/$a/." "$TMP_DIR/$a"
done
find "$TMP_DIR" -type d -name '\.svn' | while read a
do rm -rf "$a"
done
echo "Copying local files to the cryptobox ... "
if scp -F "$SSH_CONFIG_FILE" -rpq "$TMP_DIR/." cryptobox:/tmp/mirror
then echo "Set the base for future diffs to current state ..."
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEV_FEATURES_SCRIPT" set_diff_base
else echo 'ERROR: copying failed!'
fi
rm -rf "$TMP_DIR"
}
function merge_from_box()
# merge a diff from a running development cryptobox into
# your local copy
{
echo "Check for collisions ... (dry-run)"
if box_diff | patch --dry-run -p1 -d "$TEMPLATE_DIR"
then echo
echo "Applying diff ..."
box_diff | patch -p1 -d "$TEMPLATE_DIR"
echo
echo "Set the base for future diffs to current state ..."
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEV_FEATURES_SCRIPT" set_diff_base
else echo "Merging will fail - do it manually!"
fi
}
# get the diff of a running cryptobox system between its current state
# and its original content
function box_diff()
{
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEV_FEATURES_SCRIPT" diff
}
############################# main #####################################
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'" && exit 1
ACTION=--help
[ $# -gt 1 ] && ACTION=$1
case "$1" in
diff )
# get a diff from a running development cryptobox
box_diff
;;
merge )
merge_from_box
;;
upload )
upload2box
;;
chroot )
# chroot may only be called as root
[ "$(id -u)" -ne 0 ] && echo "the action 'chroot' may only be called as root!" >&2 && exit 1
echo
echo "##############################################################################"
echo "# BEWARE: you can severly harm your real harddisk in the chroot environment! #"
echo "##############################################################################"
echo
chroot_image
;;
qemu )
qemu_boot "$IMAGE_FILE"
;;
qemuz )
qemu_boot "$IMAGEZ_FILE"
;;
ssh )
ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST"
;;
help|--help )
echo "Syntax: `basename $0` ( qemu | qemuz | chroot | upload | diff | merge | ssh | help )"
echo
;;
* )
echo -e "unknown action: $1"
echo
$0 help
exit 1
;;
esac

4
scripts/cleanup_target.sh Executable file
View file

@ -0,0 +1,4 @@
#!/bin/sh
umount "$1/proc"

88
scripts/common.sh.inc Normal file
View file

@ -0,0 +1,88 @@
#
# common settings and functions for cryptobox scripts
#
#################### some functions ####################
# get the path of a configuration file - local configuration files
# supersede default files
# parameter: base name of the configuration file
function get_config_file()
{
[ -e "$LOCALCONF_DIR/$1" ] && echo "$LOCALCONF_DIR/$1" && return 0
[ -e "$DEFAULTCONF_DIR/$1" ] && echo "$DEFAULTCONF_DIR/$1" && return 0
echo "configuration file ($1) not found!" >&2
exit 1
}
function error_die()
{
echo "$2" >&2
exit $1
}
function chroot_image()
{
MNT_SRC=$IMAGE_DIR/opt/dfsruntime/runtimerd
MNT_DST=$IMAGE_DIR/opt/dfsruntime/runtimemnt
TMP_DIR=/tmp/cryptobox-chroot-$(basename $0)-$$
[ -d "$TMP_DIR" ] && rm -rf "$TMP_DIR"
cp -a "$MNT_SRC/." "$TMP_DIR"
mount --bind "$TMP_DIR" "$MNT_DST"
[ ! -e "$TMP_DIR/dev/null" ] && mknod "$TMP_DIR/dev/null" c 1 3 && chmod 666 "$TMP_DIR/dev/null"
[ ! -e "$TMP_DIR/dev/urandom" ] && mknod "$TMP_DIR/dev/urandom" c 1 9 && chmod 444 "$TMP_DIR/dev/urandom"
[ ! -e "$TMP_DIR/dev/console" ] && mknod "$TMP_DIR/dev/console" c 1 5 && chmod 660 "$TMP_DIR/dev/console"
# remember, if proc was mounted before (e.g. because of a running chroot)
local PROC_WAS_MOUNTED=no
mount -t proc proc "$IMAGE_DIR/proc" 2>/dev/null || PROC_WAS_MOUNTED=yes
# default language setting - prevents dpkg error messages
# set default terminal (good if you are running in a screen session)
LANG=C TERM=linux chroot "$IMAGE_DIR" /bin/bash
umount "$MNT_DST"
[ "$PROC_WAS_MOUNTED" = "no" ] && umount "$IMAGE_DIR/proc"
rm -r "$TMP_DIR"
}
################### general settings ###################
# the base directory of your local development files
ROOT_DIR=$(dirname "$0")/..
ROOT_DIR=$(cd "$ROOT_DIR"; pwd)
# the template (default) configuration directory
DEFAULTCONF_DIR="$ROOT_DIR/etc-defaults.d"
# your local configuration directory (existing files supersede the defaults)
LOCALCONF_DIR="$ROOT_DIR/etc-local.d"
# local configuration directory - contains scripts to be executed after
# 'configure'
CUSTOM_CONFIGURE_DIR="$ROOT_DIR/configure-local.d"
# the chroot-wrapper within the cryptobox
CHROOT_START="/usr/lib/cryptobox-cd/chroot-start.sh"
############# include local configuration ##############
if [ -e "$(get_config_file cbox-dev.conf)" ]
then source "$(get_config_file cbox-dev.conf)"
else echo "local cbox-dev.conf ($(get_config_file cbox-dev.conf)) does not exist!" >&2
exit 1
fi
# image directory created by dfsbuild
# the BUILD_DIR is defined in the local cbox-dev.conf
IMAGE_DIR=$BUILD_DIR/target
IMAGEZ_DIR=$BUILD_DIR/target.z
IMAGEZ_FILE="${IMAGE_FILE%.iso}_compressed.iso"
UNCOMPRESSED_ITEMS="_offline autorun.inf start.html boot opt boot.catalog"
HD_IMAGE=$ROOT_DIR/test.img
HD_IMAGE_SIZE=256

141
scripts/mirror_offline_doc.sh Executable file
View file

@ -0,0 +1,141 @@
#!/bin/sh
PROJ_DIR=$(dirname "$0")/..
PROJ_DIR=$(cd "$PROJ_DIR"; pwd)
DEST_DIR="$PROJ_DIR/live-cd-tree.d/_offline/doc"
WIKI_PAGES="doc/0.3/CryptoBoxUserGettingStarted/en
doc/0.3/CryptoBoxUserDailyUse/en
CryptoBoxUser/en
faq"
function prepare_wiki_page()
{
sed -i '1,/<div class="wikipage">/d' "$1"
# remove the "comment" or "edit" stuff
sed -i '/<h2>Comments<\/h2>/,$d' "$1"
sed -i '/<div class="buttons">/,$d' "$1"
# remove the last horizontal line
sed -i '$,$d' "$1"
# add anchor ids to every head line
sed -i 's#<h\([1-4]\)>\(.*\)</h#<h\1 id="\2">\2</h#g' "$1"
while grep -q '<h[1-4] id="\([a-zA-Z]*\)[^a-zA-Z"]' "$1"
do sed -i 's#<h\([1-4]\) id="\([a-zA-Z]*\)[^a-zA-Z"]#<h\1 id="\2#g' "$1"
done
# convert wiki links
sed -i 's#="/wiki/\([^"/]*\)/#="/wiki/\1_#g' "$1"
sed -i 's#="/wiki/\([^"/]*\)/#="/wiki/\1_#g' "$1"
sed -i 's#="/wiki/\([^"/]*\)/#="/wiki/\1_#g' "$1"
sed -i 's#="/wiki/\([^"/]*\)/#="/wiki/\1_#g' "$1"
sed -i 's#="/wiki/\([^"#]*\)\([#"]\)#="\1.html\2#g' "$1"
# remove outdated documentation
sed -i 's#</ol>#</ol>\n#g' "$1"
sed -i '/outdated/,/<\/ol>/d' "$1"
# remove "searchable" ids (blue coloring of head lines)
sed -i 's#<div id="searchable">#<div>#g' "$1"
# fix image sources
sed -i 's#src="/file/[^"]*/\([^/\?]*\)["\?]#src="\1"#g' "$1"
}
function wrap_wiki_page()
{
# add header and footer
(
echo "$page_header"
echo '<div class="centercontent">'
cat "$1"
echo '</div>'
echo "$page_footer"
) >"${1}.new"
mv "${1}.new" "$1"
}
function rename_files()
{
ls | grep "\?format=raw$" | while read fname
do local real_name=$(echo "$fname" | sed 's/\?.*$//')
mv "$fname" "$real_name"
done
ls | grep "\.[0-9]*$" | while read fname
do rm "$fname"
done
}
function redirect_homepage_links()
{
ls *.html | while read fname
do while grep -q '="http://devel.cryptobox.org/wiki/[^/"]*/' "$fname"
do sed -i 's#\(="http://devel.cryptobox.org/wiki/[^/"]*\)/#\1_#g' "$fname"
done
sed -i 's#="http://devel.cryptobox.org/wiki/\([^"\#]*\)\(["\#]\)#="\1.html\2"#g' "$fname"
done
}
function remove_useless_files()
{
rm -f robots.txt
}
function rename_one_file()
{
find . -type f | grep -v "/\.svn" | while read fname
do sed -i "s#\([^a-zA-Z0-9]\)$1#\1$2#g" "$fname"
done
mv "$1" "$2"
}
function rename_long_files()
{
# this is necessary to avoid problems with the 31-character restriction of iso9660
# on windows systems
find . -type f | grep -v "/\.svn" | while read fname
do if test 14 -lt "${#fname}"
then local neu_prefix=$(echo "${fname:2:6}" | sed 's#/#_#g')
local neu_num=0
local neu_suffix=$(echo "$fname"| sed 's#^.*\.\([^\.]*\)$#.\1#g')
test 5 -lt "${#neu_suffix}" && neu_suffix=.${neu_suffix:-4}
while test -e "$neu_prefix$neu_num$neu_suffix"
do local i=$((neu_num+1))
# we should use the additional step (using 'i') to avoid a bash-specific
# handling of self-increment
neu_num=$i
done
rename_one_file "${fname:2}" "$neu_prefix$neu_num$neu_suffix"
fi
done
}
test ! -d "$DEST_DIR" && echo "Destination directory does not exist: $DEST_DIR" && exit 1
# cleanup destination directory
test -e "$DEST_DIR/index.html" && find "$DEST_DIR/" -type f | grep -v "/\.svn" | xargs rm
cd "$DEST_DIR"
# retrieve pages from cryptobox.org
wget --mirror --page-requisites --no-directories --convert-links --quiet http://cryptobox.org
wget --output-document=header.jpg --quiet http://cryptobox.org/gfx/header.jpg
page_header=$(sed -n '1,/<!-- content starts here -->/p' index.html)
page_footer=$(sed -n '/<!-- content ends here -->/,$p' index.html)
for page in $WIKI_PAGES
do filename=${page//\//_}.html
wget --no-directories --page-requisites --quiet "http://devel.cryptobox.org/wiki/$page"
mv "$(basename $page)" "$filename"
prepare_wiki_page "$filename" "$page"
wrap_wiki_page "$filename"
done
rename_files
redirect_homepage_links
remove_useless_files
rename_long_files

5
scripts/prepare_target.sh Executable file
View file

@ -0,0 +1,5 @@
#!/bin/sh
# the samba package requires /proc to be present
mount --bind /proc "$1/proc"

9
scripts/show_TODO.sh Executable file
View file

@ -0,0 +1,9 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
grep "TODO" $(find "$(dirname $0)/.." -type f | grep -v "\.svn" | grep -v "$(basename $0)")

147
scripts/validate.sh Executable file
View file

@ -0,0 +1,147 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# do a validation
#
# use "--help" for a list of possible actions
#
set -eu
# include common functions and settings
source $(dirname $0)/common.sh.inc
# extract confirmation text from language file
confirmtext=$(grep "\<ConfirmInit\>" "$TEMPLATE_DIR/usr/share/cryptobox/lang/${VALIDATE_LANGUAGE}.hdf" | sed 's/[^=]*=[^a-zA-Z]*\(.*\)$/\1/; s/ /%20/g; s/!/%21/g; s/,/%2C/g')
##################### some functions ########################
function do_single()
# Parameter: "test case dir" "output directory for results"
{
local TESTNAME=$(basename $1)
# replace IPs and ports in the curl-file by local settings
cat "$1/input.curl" | substitute_constants | curl --insecure --silent --output "${2}/${TESTNAME}.html" --config -
# remove possible refresh-redirect
sed -i 's/<meta http-equiv="refresh"[^>]*>//g' "${2}/${TESTNAME}.html"
# there is no status in certain cases - e.g. for error 404
if [ -e "${2}/${TESTNAME}.html" ]
then sed "1,/CBOX-STATUS-begin/d; /CBOX-STATUS-end/,\$d" "${2}/${TESTNAME}.html" >"${2}/${TESTNAME}.status"
# the diff option "-B" is required, because the status output of
# the cryptobox.pl script contains some blank lines
cat "$1/output" | substitute_constants | diff -NB - "${2}/${TESTNAME}.status" | sed 's/</\&lt;/g; s/>/\&gt;/g' >"${2}/${TESTNAME}.diff" || true
rm "${2}/${TESTNAME}.status"
fi
cp "$1/description" "${2}/${TESTNAME}.desc"
# sleep, if a file called 'delay' exists
[ -e "$1/delay" ] && sleep "$(<$1/delay)"
true
}
function do_series()
# parameter: name of the test case
{
[ -d "$VALIDATE_REPORT_DIR/$1" ] && rm -r "$VALIDATE_REPORT_DIR/$1"
mkdir -p "$VALIDATE_REPORT_DIR/$1"
find "$VALIDATE_TEST_CASES_DIR/$1" -maxdepth 1 -mindepth 1 -type d | grep -v "/\.[^/]*$" | sort | while read a
do do_single "$a" "$VALIDATE_REPORT_DIR/$1"
done
create_summary "$1" >"$VALIDATE_REPORT_DIR/summary-$1.html"
}
function create_summary()
# parameter: name of test series
{
cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/header"
find "$VALIDATE_REPORT_DIR/$1" -maxdepth 1 -type f -name \*.desc | sort | while read a
do TESTNAME=$(basename ${a%.desc})
TESTDESCRIPTION=$(cat $a)
sed "s#_TESTSERIES_#$1#g; s#_TESTNAME_#$TESTNAME#g; s/_TESTDESCRIPTION_/$TESTDESCRIPTION/" "$VALIDATE_SUMMARY_TEMPLATE_DIR/single_header"
local DIFF_FILE=${a%.desc}.diff
if [ -s "$DIFF_FILE" ]
then cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/result-error"
sed 's#$#<br/>#' "$DIFF_FILE"
else cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/result-ok"
echo "no differences found"
# remove empty diff
[ -e "$DIFF_FILE" ] && rm "$DIFF_FILE"
fi
cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/single_footer"
# remove description file
rm "$a"
done
cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/footer"
}
function import_style()
# get the stylesheet file and images
# change the stylesheet link
{
[ -d "$VALIDATE_REPORT_DIR/cryptobox-misc" ] && rm -r "$VALIDATE_REPORT_DIR/cryptobox-misc"
mkdir -p "$VALIDATE_REPORT_DIR/cryptobox-misc"
wget -q -O "$VALIDATE_REPORT_DIR/cryptobox-misc/cryptobox.css" http://$VALIDATE_HOST_IP_DEFAULT/cryptobox-misc/cryptobox.css
# extract image file names
grep "url(" "$VALIDATE_REPORT_DIR/cryptobox.css" | sed 's#^.*url(\(.*\)).*$#\1#' | while read a
do wget -q -O "$VALIDATE_REPORT_DIR/cryptobox-misc/$a" "http://$VALIDATE_HOST_IP_DEFAULT/cryptobox-misc/$a"
done
# change the stylesheet link in every html file in REPORT_DIR
find "$VALIDATE_REPORT_DIR" -type f -name \*.html | while read a
do sed -i '/stylesheet/s#href=\"/cryptobox-misc/cryptobox.css\"#href=\"../cryptobox-misc/cryptobox.css\"#g' "$a"
done
}
function substitute_constants()
{
sed "s/_HOST_IP_DEFAULT_/$VALIDATE_HOST_IP_DEFAULT/g; \
s/_HOST_IP_CHANGED_/$VALIDATE_HOST_IP_CHANGED/g; \
s/_IFACE_LANG_/$VALIDATE_LANGUAGE/g;
s/_CONFIRM_TEXT_/$confirmtext/g"
}
##################### main ###########################
# do all checks, if nothing is specified
ACTION="check_all"
[ $# -gt 0 ] && ACTION=$1
case "$ACTION" in
list )
find "$VALIDATE_TEST_CASES_DIR" -maxdepth 1 -mindepth 1 -type d | grep -v "/\.[^/]*$" | sort | while read a
do echo $(basename "$a")
done
;;
check )
[ $# -ne 2 ] && error_die 1 "Syntax: $(basename $0) check NAME"
case_dir="$VALIDATE_TEST_CASES_DIR/$2"
[ ! -d "$case_dir" ] && error_die 2 "the test case was not found ($case_dir)!"
do_series "$2"
import_style
;;
check_all )
# default action
"$0" list | sort | while read a
do echo -n "Validating $a ..."
"$0" check "$a"
echo
done
;;
* )
echo "Syntax of $(basename $0)"
echo -e "\t check_all \t - execute all test cases [default]"
echo -e "\t check NAME \t - execute a test case"
echo -e "\t list \t\t - show a list of available test cases"
echo -e "\t help \t\t - this syntax information"
echo
;;
esac

17
validation/templates/README Normal file
View file

@ -0,0 +1,17 @@
every report summary will be constructed this way:
- header
- single_header
- result-ok | result-error
<the diff>
- single_footer
- single_header
- result-ok | result-error
<the diff>
- single_footer
...
- footer

12
validation/templates/footer Normal file
View file

@ -0,0 +1,12 @@
</div><!-- end of 'validation' -->
</div><!-- end of 'words' -->
<div id="footer">
<a href="https://systemausfall.org/prj/cryptobox" title="Projekt-Seite">CryptoBox-Home</a>&nbsp;&nbsp;Die CryptoBox ist ein Projekt von <a href="https://systemausfall.org/senselab" title="systemausfall.org">sense.lab</a>
</div>
</div>
</div>
</body>
</html>

25
validation/templates/header Normal file
View file

@ -0,0 +1,25 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CryptoBox</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="expires" content="0" />
<link rel="stylesheet" media="screen" href="cryptobox.css" type="text/css" />
</head>
<body>
<div id="main">
<div id="head">
<h1>Die CryptoBox</h1>
<h2>und zwar richtig!</h2>
</div>
<div id="content">
<div id="words">
<div id="validation">

1
validation/templates/result-error Normal file
View file

@ -0,0 +1 @@
<p class="error">

1
validation/templates/result-ok Normal file
View file

@ -0,0 +1 @@
<p class="valid">

2
validation/templates/single_footer Normal file
View file

@ -0,0 +1,2 @@
</p>
</div>

5
validation/templates/single_header Normal file
View file

@ -0,0 +1,5 @@
<div class="single_case">
<h1><a href="_TESTSERIES_/_TESTNAME_.html" title="retrieved page">/_TESTNAME_</a></h1>
<h2>_TESTDESCRIPTION_</h2>

1
validation/test-cases/1-init/000-reset/description Normal file
View file

@ -0,0 +1 @@
purge the box

Some files were not shown because too many files have changed in this diff Show more