Created new branch for Debian Live live-cd build system development. This
commit includes the default configuration files, which don't work with Debian "etch".
This commit is contained in:
commit
ec818dbbc3
|
@ -0,0 +1,146 @@
|
|||
# config/binary - options for live-helper(7), binary stage
|
||||
|
||||
# $LH_BINARY_FILESYSTEM: set image filesystem
|
||||
# (Default: fat16)
|
||||
LH_BINARY_FILESYSTEM="fat16"
|
||||
|
||||
# $LH_BINARY_IMAGES: set image type
|
||||
# (Default: iso)
|
||||
LH_BINARY_IMAGES="iso"
|
||||
|
||||
# $LH_BINARY_INDICES: set apt/aptitude generic indices
|
||||
# (Default: enabled)
|
||||
LH_BINARY_INDICES="enabled"
|
||||
|
||||
# $LH_BOOTAPPEND_LIVE: set boot parameters
|
||||
# (Default: empty)
|
||||
LH_BOOTAPPEND_LIVE=""
|
||||
|
||||
# $LH_BOOTAPPEND_INSTALL: set boot parameters
|
||||
# (Default: empty)
|
||||
LH_BOOTAPPEND_INSTALL="-- }"
|
||||
|
||||
# $LH_BOOTLOADER: set bootloader
|
||||
# (Default: syslinux)
|
||||
LH_BOOTLOADER="syslinux"
|
||||
|
||||
# $LH_CHECKSUMS: set checksums
|
||||
# (Default: enabled)
|
||||
LH_CHECKSUMS="enabled"
|
||||
|
||||
# ${LH_CHROOT_BUILD: control if we build binary images chrooted
|
||||
# (Default: enabled)
|
||||
# DO NEVER, *NEVER*, *N*E*V*E*R* SET THIS OPTION to disabled.
|
||||
LH_CHROOT_BUILD="enabled"
|
||||
|
||||
# $LH_DEBIAN_INSTALLER: set debian-installer
|
||||
# (Default: disabled)
|
||||
LH_DEBIAN_INSTALLER="disabled"
|
||||
|
||||
# $LH_DEBIAN_INSTALLER_DAILY: set daily images
|
||||
# (Default: disabled)
|
||||
LH_DEBIAN_INSTALLER_DAILY="disabled"
|
||||
|
||||
# $LH_ENCRYPTION: set encrytion
|
||||
# (Default: disabled)
|
||||
LH_ENCRYPTION="disabled"
|
||||
|
||||
# $LH_GRUB_SPLASH: set custom grub splash
|
||||
# (Default: empty)
|
||||
LH_GRUB_SPLASH=""
|
||||
|
||||
# $LH_HOSTNAME: set hostname
|
||||
# (Default: debian)
|
||||
LH_HOSTNAME="debian"
|
||||
|
||||
# $LH_ISO_APPLICATION: set iso author
|
||||
# (Default: Debian Live)
|
||||
LH_ISO_APPLICATION="Debian Live"
|
||||
|
||||
# $LH_ISO_PREPARER: set iso preparer
|
||||
# (Default: live-helper 1.0~a46; http://packages.qa.debian.org/live-helper)
|
||||
LH_ISO_PREPARER="live-helper 1.0~a46; http://packages.qa.debian.org/live-helper"
|
||||
|
||||
# $LH_ISO_PUBLISHER: set iso publisher
|
||||
# (Default: Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org)
|
||||
LH_ISO_PUBLISHER="Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org"
|
||||
|
||||
# $LH_ISO_VOLUME: set iso volume (max 32 chars)
|
||||
# (Default: Debian Live 20080608-17:04)
|
||||
LH_ISO_VOLUME="Debian Live 20080608-17:04"
|
||||
|
||||
# $LH_JFFS2_ERASEBLOCK: set jffs2 eraseblock size
|
||||
# (Default: unset)
|
||||
LH_JFFS2_ERASEBLOCK=""
|
||||
|
||||
# $LH_MEMTEST: set memtest
|
||||
# (Default: memtest86+)
|
||||
LH_MEMTEST="memtest86+"
|
||||
|
||||
# $LH_NET_ROOT_FILESYSTEM: set netboot filesystem
|
||||
# (Default: nfs)
|
||||
LH_NET_ROOT_FILESYSTEM="nfs"
|
||||
|
||||
# $LH_NET_ROOT_MOUNTOPTIONS: set nfsopts
|
||||
# (Default: empty)
|
||||
LH_NET_ROOT_MOUNTOPTIONS=""
|
||||
|
||||
# $LH_NET_ROOT_PATH: set netboot server directory
|
||||
# (Default: /srv/debian-live)
|
||||
LH_NET_ROOT_PATH="/srv/debian-live"
|
||||
|
||||
# $LH_NET_ROOT_SERVER: set netboot server address
|
||||
# (Default: 192.168.1.1)
|
||||
LH_NET_ROOT_SERVER="192.168.1.1"
|
||||
|
||||
# $LH_NET_COW_FILESYSTEM: set net client cow filesystem
|
||||
# (Default: nfs)
|
||||
LH_NET_COW_FILESYSTEM="nfs"
|
||||
|
||||
# $LH_NET_COW_MOUNTOPTIONS: set cow mount options
|
||||
# (Default: empty)
|
||||
LH_NET_COW_MOUNTOPTIONS=""
|
||||
|
||||
# $LH_NET_COW_PATH: set cow directory
|
||||
# (Default: )
|
||||
LH_NET_COW_PATH=""
|
||||
|
||||
# $LH_NET_COW_SERVER: set cow server
|
||||
# (Default: )
|
||||
LH_NET_COW_SERVER=""
|
||||
|
||||
# $LH_NET_TARBALL: set net tarball
|
||||
# (Default: gzip)
|
||||
LH_NET_TARBALL="gzip"
|
||||
|
||||
# $LH_SYSLINUX_SPLASH: set custom syslinux splash
|
||||
# (Default: empty)
|
||||
LH_SYSLINUX_SPLASH=""
|
||||
|
||||
# $LH_SYSLINUX_TIMEOUT: set custom syslinux timeout in seconds
|
||||
# (Default: 0)
|
||||
LH_SYSLINUX_TIMEOUT="0"
|
||||
|
||||
# $LH_SYSLINUX_CFG: set custom syslinux configuration file
|
||||
# (Default: empty)
|
||||
LH_SYSLINUX_CFG=""
|
||||
|
||||
# $LH_SYSLINUX_MENU: set syslinux menu
|
||||
# (Default: disabled)
|
||||
LH_SYSLINUX_MENU="disabled"
|
||||
|
||||
# $LH_SYSLINUX_MENU_LIVE_ENTRY: set text to be used on the menu for live entries
|
||||
# (Default: Start Debian Live)
|
||||
LH_SYSLINUX_MENU_LIVE_ENTRY="Start Debian Live"
|
||||
|
||||
# $LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY: set text to be used on the menu for live entries (failsafe ones)
|
||||
# (Default: )
|
||||
LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY=""
|
||||
|
||||
# $LH_SYSLINUX_MENU_MEMTEST_ENTRY: set text to be used on the menu for memtest entry
|
||||
# (Default: Memory test)
|
||||
LH_SYSLINUX_MENU_MEMTEST_ENTRY="Memory test"
|
||||
|
||||
# $LH_USERNAME: set username
|
||||
# (Default: user)
|
||||
LH_USERNAME="user"
|
|
@ -0,0 +1,53 @@
|
|||
# config/bootstrap - options for live-helper(7), bootstrap stage
|
||||
|
||||
# $LH_ARCHITECTURE: select chroot architecture
|
||||
# (Default: autodetected)
|
||||
LH_ARCHITECTURE="i386"
|
||||
|
||||
# $LH_BOOTSTRAP_CONFIG: set distribution config directory
|
||||
# (Default: empty)
|
||||
LH_BOOTSTRAP_CONFIG=""
|
||||
|
||||
# $LH_BOOTSTRAP_INCLUDE: include packages on base
|
||||
# (Default: empty)
|
||||
LH_BOOTSTRAP_INCLUDE=""
|
||||
|
||||
# $LH_BOOTSTRAP_EXCLUDE: exclude packages on base
|
||||
# (Default: empty)
|
||||
LH_BOOTSTRAP_EXCLUDE=""
|
||||
|
||||
# $LH_BOOTSTRAP_FLAVOUR: select flavour to use
|
||||
# (Default: )
|
||||
LH_BOOTSTRAP_FLAVOUR=""
|
||||
|
||||
# $LH_BOOTSTRAP_KEYRING: set distribution keyring
|
||||
# (Default: empty)
|
||||
LH_BOOTSTRAP_KEYRING=""
|
||||
|
||||
# $LH_DISTRIBUTION: select distribution to use
|
||||
# (Default: lenny)
|
||||
LH_DISTRIBUTION="lenny"
|
||||
|
||||
# $LH_MIRROR_BOOTSTRAP: set mirror to bootstrap from
|
||||
# (Default: http://ftp.us.debian.org/debian/)
|
||||
LH_MIRROR_BOOTSTRAP="http://ftp.us.debian.org/debian/"
|
||||
|
||||
# $LH_MIRROR_CHROOT: set mirror to fetch packages from
|
||||
# (Default: http://ftp.us.debian.org/debian/)
|
||||
LH_MIRROR_CHROOT="http://ftp.us.debian.org/debian/"
|
||||
|
||||
# $LH_MIRROR_CHROOT_SECURITY: set security mirror to fetch packages from
|
||||
# (Default: http://security.debian.org/)
|
||||
LH_MIRROR_CHROOT_SECURITY="http://security.debian.org/"
|
||||
|
||||
# $LH_MIRROR_BINARY: set mirror which ends up in the image
|
||||
# (Default: http://ftp.us.debian.org/debian/)
|
||||
LH_MIRROR_BINARY="http://ftp.us.debian.org/debian/"
|
||||
|
||||
# $LH_MIRROR_BINARY_SECURITY: set security mirror which ends up in the image
|
||||
# (Default: http://security.debian.org/)
|
||||
LH_MIRROR_BINARY_SECURITY="http://security.debian.org/"
|
||||
|
||||
# $LH_SECTIONS: select section(s) to use
|
||||
# (Default: main)
|
||||
LH_SECTIONS="main"
|
|
@ -0,0 +1,61 @@
|
|||
# config/chroot - options for live-helper(7), chroot stage
|
||||
|
||||
# $LH_CHROOT_FILESYSTEM: set chroot filesystem
|
||||
# (Default: squashfs)
|
||||
LH_CHROOT_FILESYSTEM="squashfs"
|
||||
|
||||
# $LH_UNION_FILESYSTEM: set union filesystem
|
||||
# (Default: aufs)
|
||||
LH_UNION_FILESYSTEM="aufs"
|
||||
|
||||
# $LH_EXPOSED_ROOT: expose root as read only
|
||||
# (Default: disabled)
|
||||
LH_EXPOSED_ROOT="disabled"
|
||||
|
||||
# $LH_HOOKS: set hook commands
|
||||
# (Default: empty)
|
||||
LH_HOOKS=""
|
||||
|
||||
# $LH_INTERACTIVE: set interactive build
|
||||
# (Default: disabled)
|
||||
LH_INTERACTIVE="disabled"
|
||||
|
||||
# $LH_KEYRING_PACKAGES: set keyring packages
|
||||
# (Default: empty)
|
||||
LH_KEYRING_PACKAGES=""
|
||||
|
||||
# $LH_LANGUAGE: set language to use
|
||||
# (Default: empty)
|
||||
LH_LANGUAGE="en"
|
||||
|
||||
# $LH_LINUX_FLAVOURS: set kernel flavour to use
|
||||
# (Default: autodetected)
|
||||
LH_LINUX_FLAVOURS="486 686"
|
||||
|
||||
# $LH_LINUX_PACKAGES: set kernel packages to use
|
||||
# (Default: autodetected)
|
||||
LH_LINUX_PACKAGES="linux-image-2.6 aufs-modules-2.6 squashfs-modules-2.6"
|
||||
|
||||
# $LH_PACKAGES: set packages to install
|
||||
# (Default: empty)
|
||||
LH_PACKAGES=""
|
||||
|
||||
# $LH_PACKAGES_LISTS: set package list to install
|
||||
# (Default: standard)
|
||||
LH_PACKAGES_LISTS="standard"
|
||||
|
||||
# $LH_TASKS: set tasks to install
|
||||
# (Default: empty)
|
||||
LH_TASKS=""
|
||||
|
||||
# $LH_SECURITY: enable security updates
|
||||
# (Default: enabled)
|
||||
LH_SECURITY="enabled"
|
||||
|
||||
# $LH_SYMLINKS: enable symlink convertion
|
||||
# (Default: disabled)
|
||||
LH_SYMLINKS="disabled"
|
||||
|
||||
# $LH_SYSVINIT: enable sysvinit
|
||||
# (Default: disabled)
|
||||
LH_SYSVINIT="disabled"
|
|
@ -0,0 +1,123 @@
|
|||
# config/common - common options for live-helper(7)
|
||||
|
||||
# $LH_APT: set package manager
|
||||
# (Default: apt)
|
||||
LH_APT="apt"
|
||||
|
||||
# $LH_APT_FTP_PROXY: set apt/aptitude ftp proxy
|
||||
# (Default: autodetected or empty)
|
||||
LH_APT_FTP_PROXY=""
|
||||
|
||||
# $LH_APT_HTTP_PROXY: set apt/aptitude http proxy
|
||||
# (Default: autodetected or empty)
|
||||
LH_APT_HTTP_PROXY=""
|
||||
|
||||
# $LH_APT_PDIFFS: set apt/aptitude pdiff indices
|
||||
# (Default: enabled)
|
||||
LH_APT_PDIFFS="enabled"
|
||||
|
||||
# $LH_APT_PIPELINE: set apt/aptitude pipeline depth
|
||||
# (Default: )
|
||||
LH_APT_PIPELINE=""
|
||||
|
||||
# $LH_APT_RECOMMENDS: set apt/aptitude recommends
|
||||
# (Default: enabled)
|
||||
LH_APT_RECOMMENDS="enabled"
|
||||
|
||||
# $LH_APT_SECURE: set apt/aptitude security
|
||||
# (Default: enabled)
|
||||
LH_APT_SECURE="enabled"
|
||||
|
||||
# $LH_BOOTSTRAP: set bootstrap program
|
||||
# (Default: debootstrap)
|
||||
LH_BOOTSTRAP="debootstrap"
|
||||
|
||||
# $LH_CACHE: control cache
|
||||
# (Default: enabled)
|
||||
LH_CACHE="enabled"
|
||||
|
||||
# $LH_CACHE_INDICES: control if downloaded package indices should be cached
|
||||
# (Default: disabled)
|
||||
LH_CACHE_INDICES="disabled"
|
||||
|
||||
# $LH_CACHE_PACKAGES: control if downloaded packages files should be cached
|
||||
# (Default: enabled)
|
||||
LH_CACHE_PACKAGES="enabled"
|
||||
|
||||
# $LH_CACHE_STAGES: control if completed stages should be cached
|
||||
# (Default: bootstrap)
|
||||
LH_CACHE_STAGES="bootstrap"
|
||||
|
||||
# $LH_DEBCONF_FRONTEND: set debconf(1) frontend to use
|
||||
# (Default: noninteractive)
|
||||
LH_DEBCONF_FRONTEND="noninteractive"
|
||||
|
||||
# $LH_DEBCONF_NOWARNINGS: set debconf(1) warnings
|
||||
# (Default: yes)
|
||||
LH_DEBCONF_NOWARNINGS="yes"
|
||||
|
||||
# $LH_DEBCONF_PRIORITY: set debconf(1) priority to use
|
||||
# (Default: critical)
|
||||
LH_DEBCONF_PRIORITY="critical"
|
||||
|
||||
# $LH_INITRAMFS: set initramfs hook
|
||||
# (Default: live-initramfs)
|
||||
LH_INITRAMFS="live-initramfs"
|
||||
|
||||
# $LH_FDISK: set fdisk program
|
||||
# (Default: autodetected)
|
||||
LH_FDISK="fdisk"
|
||||
|
||||
# $LH_LOSETUP: set losetup program
|
||||
# (Default: autodetected)
|
||||
LH_LOSETUP="losetup"
|
||||
|
||||
# $LH_MODE: set distribution mode
|
||||
# (Default: debian)
|
||||
LH_MODE="debian"
|
||||
|
||||
# $LH_ROOT_COMMAND: use sudo or equivalent
|
||||
# (Default: empty)
|
||||
#LH_ROOT_COMMAND="sudo"
|
||||
|
||||
# $LH_USE_FAKEROOT: use fakeroot/fakechroot
|
||||
# (Default: disabled)
|
||||
LH_USE_FAKEROOT="disabled"
|
||||
|
||||
# $LH_TASKSEL: set tasksel program
|
||||
# (Default: aptitude)
|
||||
LH_TASKSEL="aptitude"
|
||||
|
||||
# $LH_INCLUDES: set includes
|
||||
# (Default: /usr/share/live-helper/includes)
|
||||
LH_INCLUDES="/usr/share/live-helper/includes"
|
||||
|
||||
# $LH_TEMPLATES: set templates
|
||||
# (Default: /usr/share/live-helper/templates)
|
||||
LH_TEMPLATES="/usr/share/live-helper/templates"
|
||||
|
||||
# Live-helper options
|
||||
|
||||
# $LH_BREAKPOINTS: enable breakpoints
|
||||
# (Default: disabled)
|
||||
#LH_BREAKPOINTS="disabled"
|
||||
|
||||
# $LH_DEBUG: enable debug
|
||||
# (Default: disabled)
|
||||
#LH_DEBUG="disabled"
|
||||
|
||||
# $LH_FORCE: enable force
|
||||
# (Default: disabled)
|
||||
#LH_FORCE="disabled"
|
||||
|
||||
# $LH_QUIET: enable quiet
|
||||
# (Default: disabled)
|
||||
LH_QUIET="disabled"
|
||||
|
||||
# $LH_VERBOSE: enable verbose
|
||||
# (Default: disabled)
|
||||
#LH_VERBOSE="disabled"
|
||||
|
||||
# Internal stuff (FIXME)
|
||||
APT_OPTIONS="--yes"
|
||||
APTITUDE_OPTIONS="--assume-yes"
|
|
@ -0,0 +1,9 @@
|
|||
# config/source - options for live-helper(7), source stage
|
||||
|
||||
# $LH_SOURCE: set source option
|
||||
# (Default: disabled)
|
||||
LH_SOURCE="disabled"
|
||||
|
||||
# $LH_SOURCE_IMAGES: set image type
|
||||
# (Default: tar)
|
||||
LH_SOURCE_IMAGES="tar"
|
|
@ -0,0 +1,30 @@
|
|||
1) Overview
|
||||
the files in this directory are examples for specific hook scripts to change the
|
||||
configuration of the box
|
||||
|
||||
2) How to use these scripts
|
||||
Copy the scripts, you would like to use into 'configure-local.d'.
|
||||
They will be sourced in alphabetic order AFTER the default configuration of the
|
||||
cryptobox.
|
||||
|
||||
3) The examples
|
||||
|
||||
set_root_pw
|
||||
- replace the empty root password (the default) with a choosen password
|
||||
- useful if your development cryptobox:
|
||||
- is located in an insecure environment
|
||||
- or your development team is geographically distributed, so the
|
||||
cryptobox for testing has to be publicly available
|
||||
|
||||
import_authorized_keys
|
||||
- create a new rsa key (etc-local.d/id_rsa) and copy the public
|
||||
key to the image directory
|
||||
- this is useful, if you secured the development cryptobox with a
|
||||
password (see 'set_root_pw')
|
||||
|
||||
set_hostname
|
||||
- change the default hostname ("cryptobox")
|
||||
|
||||
set_scan_devices
|
||||
- change the default selection of devices, that can be used as the crypto harddisk
|
||||
|
|
@ -0,0 +1,19 @@
|
|||
# import a public rsa key into the cryptobox for ssh authentication
|
||||
#
|
||||
# see README in configure-examples.d for details
|
||||
#
|
||||
|
||||
SSH_KEY_FILE="$LOCALCONF_DIR/id_rsa"
|
||||
|
||||
# create a rsa key if it does not yet exist
|
||||
if [ ! -e "$SSH_KEY_FILE" ]
|
||||
then echo "Creating ssh key ($SSH_KEY_FILE) ..."
|
||||
mkdir -p $(dirname "$SSH_KEY_FILE")
|
||||
ssh-keygen -t rsa -b 1024 -N '' -q -f "$SSH_KEY_FILE"
|
||||
fi
|
||||
|
||||
# copy new public ssh key to ~/.ssh/authorized_keys on cryptobox
|
||||
echo "Copying local public ssh key file to the box ..."
|
||||
mkdir -p "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh"
|
||||
cp "${SSH_KEY_FILE}.pub" "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh/authorized_keys"
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
# change the selection of devices, that can be used as the crypto harddisk
|
||||
|
||||
sed -i 's#^AllowedDevices.*$#AllowedDevices = /dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3#' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf"
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
# change the selection of disabled plugins
|
||||
|
||||
sed -i 's#^DisabledPlugins.*$#DisabledPlugins = #' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf"
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
# change the hostname (default value: "cryptobox")
|
||||
|
||||
echo "cryptobox" >"$IMAGE_DIR"/etc/hostname
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
# replace the empty root password of an development cryptobox with a choosen one
|
||||
#
|
||||
# see misc/custom-configure.d/README for details
|
||||
#
|
||||
|
||||
# set the password to your needs
|
||||
NEW_ROOT_PASSWORD=foobar
|
||||
|
||||
echo "Setting a root password ..."
|
||||
echo "root:$NEW_ROOT_PASSWORD" | chroot "$IMAGE_DIR" "$CHROOTSTART" chpasswd root
|
||||
|
Binary file not shown.
After Width: | Height: | Size: 42 KiB |
Binary file not shown.
After Width: | Height: | Size: 52 KiB |
Binary file not shown.
After Width: | Height: | Size: 7.0 KiB |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,4 @@
|
|||
this directory contains some configuration files for the development of the CryptoBox
|
||||
|
||||
If you want to use different local settings, then you should copy the respective
|
||||
configuration file to the directory "etc-local.d" and adapt it to your needs.
|
|
@ -0,0 +1,54 @@
|
|||
# some local settings for cbox-build.sh and validate.sh
|
||||
#
|
||||
# previously defined settings:
|
||||
# - ROOT_DIR
|
||||
#
|
||||
|
||||
|
||||
####################### cbox-build ########################
|
||||
|
||||
# the build directory (will be ERASED without warning)
|
||||
BUILD_DIR="$ROOT_DIR/_builddir"
|
||||
|
||||
# the cryptobox development files
|
||||
CBOX_DEVEL_DIR=$ROOT_DIR/cbox-tree.d
|
||||
|
||||
# template for live-cd
|
||||
TEMPLATE_DIR=$ROOT_DIR/live-cd-tree.d
|
||||
|
||||
# the iso image
|
||||
IMAGE_FILE=$BUILD_DIR/cryptobox.iso
|
||||
|
||||
# temporary directory
|
||||
TMP_DIR=/tmp/$(basename $0)-$$
|
||||
|
||||
# the virtual harddisk image used for qemu
|
||||
HD_IMAGE=/tmp/$(basename $0)-testplatte.img
|
||||
|
||||
# mkisofs options (the option "-U" is not clean, but it prevents long
|
||||
# filenames from getting mapped)
|
||||
# TODO: this may prevent windows user from reading the documentation
|
||||
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
|
||||
|
||||
# for burning a CD
|
||||
CDWRITER=0,0,0
|
||||
|
||||
|
||||
####################### validation ########################
|
||||
|
||||
# language of validation (select web interface language)
|
||||
VALIDATE_LANGUAGE=en
|
||||
|
||||
# directory of the test-cases
|
||||
VALIDATE_TEST_CASES_DIR=$ROOT_DIR/validation/test-cases
|
||||
|
||||
# override these settings if the CryptoBox uses a non-default IP
|
||||
VALIDATE_HOST_IP_DEFAULT=192.168.0.23
|
||||
VALIDATE_HOST_IP_CHANGED=192.168.0.24
|
||||
|
||||
# destination directories for the results
|
||||
VALIDATE_REPORT_DIR=/tmp/cryptobox-validation-$$
|
||||
VALIDATE_REPORT_DIR=$ROOT_DIR/validation/report
|
||||
VALIDATE_SUMMARY_TEMPLATE_DIR=$ROOT_DIR/validation/templates
|
||||
|
||||
|
|
@ -0,0 +1,236 @@
|
|||
# arch-tag: Default configuration file
|
||||
# Copyright (c) 2004 John Goerzen
|
||||
|
||||
[DEFAULT]
|
||||
######################################################################
|
||||
# Overall settings, set defaults for all archs
|
||||
######################################################################
|
||||
|
||||
# Name of generated disc & hostname
|
||||
# BEWARE: hostname does not work - you have to set the hostname manually at the end of this file
|
||||
name = CryptoBox
|
||||
|
||||
# Version of generated disc
|
||||
version = 0.3.4
|
||||
|
||||
# Person that built it
|
||||
builder = sense.lab
|
||||
|
||||
# Repositories to mirror. Details about each one are configured below.
|
||||
dlrepos = stable
|
||||
|
||||
# Repository to build the CD with. Must be in above list.
|
||||
suite = stable
|
||||
|
||||
# Whether or not to use zftree compression on ISO image
|
||||
compress = no
|
||||
|
||||
# Files to never compress if the above is yes
|
||||
# If a dir is given, that dir and everything below is not compressed
|
||||
dontcompress = /boot
|
||||
/etc/*boot*
|
||||
/opt/dfsruntime/initrd.dfs
|
||||
|
||||
# Location of dfsbuild support files
|
||||
libdir = /usr/lib/dfsbuild
|
||||
|
||||
# Location of docs for CD
|
||||
docdir = /usr/share/doc/dfsbuild
|
||||
|
||||
# Bootloader to place on CD. Choices are:
|
||||
# grub-hd GRUB with ElTorito hard disk emulation (not working yet)
|
||||
# grub-no-emul "raw" ElTorito image
|
||||
# aboot Alpha SRM bootloader
|
||||
# yaboot PowerPC bootloader
|
||||
# (usually set in arch area)
|
||||
#bootloader = grub-no-emul
|
||||
|
||||
|
||||
# Packages to install on live FS, on all archs, besides base system
|
||||
allpackages =
|
||||
util-linux
|
||||
grub
|
||||
parted
|
||||
dmsetup
|
||||
perl
|
||||
tar
|
||||
bash
|
||||
coreutils
|
||||
module-init-tools
|
||||
ifupdown
|
||||
busybox
|
||||
usbutils
|
||||
pciutils
|
||||
discover
|
||||
hdparm
|
||||
binutils
|
||||
debconf
|
||||
sysutils
|
||||
stunnel4
|
||||
samba
|
||||
hashalot
|
||||
python-clearsilver
|
||||
python-cherrypy
|
||||
python-configobj
|
||||
python-central
|
||||
super
|
||||
dosfstools
|
||||
cryptsetup
|
||||
python-m2crypto
|
||||
# support for file systems
|
||||
e2tools
|
||||
e2fsprogs
|
||||
xfsprogs
|
||||
hfsutils
|
||||
jfsutils
|
||||
## ntfs-3g is not in etch
|
||||
#ntfs-3g
|
||||
# TODO: remove the following packages for the final version
|
||||
subversion
|
||||
strace
|
||||
ssh
|
||||
vim
|
||||
nano
|
||||
less
|
||||
lynx
|
||||
w3m
|
||||
screen
|
||||
elinks
|
||||
|
||||
|
||||
# select a mirror for the repository (apt-cacher, apt-proxy, no caching) by
|
||||
# uncommenting the line of your choice
|
||||
# (1) apt-cacher (default)
|
||||
mirror = http://127.0.0.1/apt-cacher/ftp.debian.org/debian
|
||||
# (2) apt-proxy
|
||||
#mirror = http://127.0.0.1:9999/debian
|
||||
# (3) no caching proxy for apt
|
||||
#mirror = http://ftp.debian.org/debian
|
||||
|
||||
|
||||
# Files to place on the ramdisk
|
||||
ramdisk_files = /etc/resolv.conf
|
||||
/etc/lvm*
|
||||
/tmp
|
||||
/var/tmp
|
||||
/dev
|
||||
/var/lib/dhcp
|
||||
/var/lib/samba
|
||||
/var/log
|
||||
/var/cache/samba
|
||||
/var/lock
|
||||
/var/run
|
||||
/var/state
|
||||
/etc/mtab
|
||||
/root
|
||||
/etc/network
|
||||
/var/lib/misc
|
||||
/var/lib/urandom
|
||||
#/etc/hotplug/.run
|
||||
/var/spool/cron
|
||||
|
||||
# Directories to create on live fs
|
||||
makedirs =
|
||||
|
||||
# Files to delete from live fs
|
||||
deletefiles = /etc/rcS.d/*discover
|
||||
/etc/rcS.d/*lvm
|
||||
/var/log/dpkg.log
|
||||
/var/log/bootstrap.log
|
||||
|
||||
preparescripts =
|
||||
../scripts/prepare_target.sh
|
||||
|
||||
cleanupscripts =
|
||||
../scripts/cleanup_target.sh
|
||||
|
||||
######################################################################
|
||||
# Arch settings: i386
|
||||
######################################################################
|
||||
|
||||
[i386]
|
||||
# Name of any kernel images to install directly from your current filesystem
|
||||
#kernels = /boot/vmlinuz-2.4.27-2-386
|
||||
|
||||
# Modules to copy from host filesystem
|
||||
#modules = /lib/modules/2.4.27-2-386
|
||||
|
||||
# Debs from local fs to unpack on live FS (will not be configured)
|
||||
unpackdebs =
|
||||
../packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb
|
||||
|
||||
# Other packages to install besides the list in DEFAULT
|
||||
packages = %(allpackages)s
|
||||
|
||||
# Debs from local fs to install on live fs
|
||||
## fetch newest ntfs-3g from debian backports
|
||||
installdebs =
|
||||
../packages/cryptobox-server.deb
|
||||
../packages/ntfs-3g_1%3a1.516-1~bpo.1_i386.deb
|
||||
|
||||
# Bootloader (see options under default)
|
||||
bootloader = grub-no-emul
|
||||
|
||||
# Extra lines for grub config
|
||||
grubconfig = timeout 0
|
||||
password -md5 this_invalid_hash_protects_grub_config
|
||||
|
||||
#####################################################################
|
||||
# Repository configuration
|
||||
######################################################################
|
||||
|
||||
# Repositories to download
|
||||
[repo testing]
|
||||
suite = testing
|
||||
|
||||
[repo amd64]
|
||||
suite = unstable
|
||||
# Override default mirror
|
||||
#mirror = http://debian-amd64.alioth.debian.org/pure64/
|
||||
# Override default arch
|
||||
arch = amd64
|
||||
|
||||
######################################################################
|
||||
# Text to add to existing files
|
||||
######################################################################
|
||||
|
||||
[appendfiles]
|
||||
|
||||
/etc/network/interfaces =
|
||||
auto lo eth0
|
||||
iface lo inet loopback
|
||||
iface eth0 inet static
|
||||
address 192.168.0.23
|
||||
netmask 255.255.255.0
|
||||
|
||||
# /etc/modules =
|
||||
|
||||
/etc/profile = export TERM=vt100
|
||||
|
||||
######################################################################
|
||||
# Files to create or truncate
|
||||
######################################################################
|
||||
|
||||
[createfiles]
|
||||
/etc/hostname = CryptoBox
|
||||
|
||||
/etc/syslog.conf = *.* /dev/tty8
|
||||
*.info /dev/tty7
|
||||
|
||||
/etc/hosts = 127.0.0.1 localhost
|
||||
|
||||
/etc/kernel-img.conf = do_initrd = Yes
|
||||
|
||||
# exit the samba startup script during install immediately - otherwise
|
||||
# there would be /proc problems - it will get replaced later via
|
||||
# live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh
|
||||
/etc/default/samba = exit
|
||||
|
||||
######################################################################
|
||||
# Symlinks to create (from = to format)
|
||||
######################################################################
|
||||
|
||||
# this does not work anymore
|
||||
#[symlinks]
|
||||
#/etc/mtab = /proc/mounts
|
||||
|
Binary file not shown.
|
@ -0,0 +1,55 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# this is the qemu-ifup script that should be run at qemu's boot
|
||||
#
|
||||
|
||||
# determine the interface to the outside
|
||||
IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/ */ /g" | cut -d " " -f 8 | head -1`
|
||||
# nothing found? - sorry!
|
||||
[ -z "$IF_WORLD" ] && IF_WORLD=eth0
|
||||
|
||||
|
||||
if [ "$UID" -ne 0 ]
|
||||
then sudo $0 $*
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "Laufe als root ..."
|
||||
|
||||
IPT=/sbin/iptables
|
||||
[ ! -x $IPT ] && IPT=/usr/sbin/iptables
|
||||
|
||||
IPT_RULES=" FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
|
||||
FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
|
||||
INPUT -i tun0 -j ACCEPT
|
||||
OUTPUT -o tun0 -j ACCEPT"
|
||||
|
||||
aktiviere_forward()
|
||||
{
|
||||
echo "$IPT_RULES" | while read a
|
||||
do $IPT -A $a
|
||||
done
|
||||
echo 1 >/proc/sys/net/ipv4/ip_forward
|
||||
}
|
||||
|
||||
deaktiviere_forward()
|
||||
{
|
||||
echo "$IPT_RULES" | while read a
|
||||
do $IPT -D $a
|
||||
done
|
||||
echo 0 >/proc/sys/net/ipv4/ip_forward
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
stop )
|
||||
deaktiviere_forward
|
||||
#/etc/init.d/dhcp stop
|
||||
;;
|
||||
* )
|
||||
/sbin/ifconfig $1 192.168.0.1
|
||||
#/etc/init.d/dhcp start
|
||||
aktiviere_forward
|
||||
;;
|
||||
esac
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
Host cryptobox
|
||||
|
||||
# change this part according to your needs
|
||||
HostName 192.168.0.23
|
||||
Port 22
|
||||
|
||||
# maybe you want to use rsa authentication?
|
||||
# see misc/custom-configure.s/README for examples
|
||||
#IdentityFile local.conf.d/id_rsa
|
||||
|
||||
# this should be valid for everyone
|
||||
User root
|
||||
CheckHostIP no
|
||||
StrictHostKeyChecking no
|
||||
|
||||
# nice for frequently changing server key due to a rebuild of the base system
|
||||
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts
|
|
@ -0,0 +1,17 @@
|
|||
Host cryptobox
|
||||
|
||||
# change this part according to your needs
|
||||
HostName 192.168.0.23
|
||||
Port 22
|
||||
|
||||
# maybe you want to use rsa authentication?
|
||||
# see configure-examples.d/README for examples
|
||||
IdentityFile local.conf.d/id_rsa
|
||||
|
||||
# this should be valid for everyone
|
||||
User root
|
||||
CheckHostIP no
|
||||
StrictHostKeyChecking no
|
||||
|
||||
# nice for frequently changing server key due to a rebuild of the base system
|
||||
UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts
|
|
@ -0,0 +1,6 @@
|
|||
by scp or webdav - the last one is the better choice
|
||||
|
||||
1) webdav
|
||||
apt-get install davfs2
|
||||
modprobe coda
|
||||
mount -t davfs https://upload.codecoop.org/groups/cryptobox/ /mnt/ttt
|
|
@ -0,0 +1,5 @@
|
|||
developer requirements:
|
||||
- dfsbuild
|
||||
- wget
|
||||
- curl
|
||||
- (qemu)
|
|
@ -0,0 +1,13 @@
|
|||
The current official debian package of dfsbuild (v0.99.2) is not working due
|
||||
to three ugly but small bugs.
|
||||
|
||||
If you are using dfsbuild v0.99.2, then you should do the following:
|
||||
- create a new directory and change into it
|
||||
- apt-get source dfsbuild
|
||||
- apply all dfsbuild-bug-?.patch files to the source directory
|
||||
- debuild -uc -us
|
||||
- install the freshly built package
|
||||
|
||||
Alternatively you could also install the patched version:
|
||||
packages/dfsbuild_0.99.2.1_i386.deb
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
as there is no debian-package for the perl bindings of clearsilver, you have to add it manually to the tree of the cbox-tree
|
||||
|
||||
1) download
|
||||
- get it from: http://www.clearsilver.net/downloads
|
||||
- unpack (tar xzf . ...)
|
||||
|
||||
|
||||
2) configuration
|
||||
./configure --disable-python --disable-ruby --disable-csharp --disable-apache --disable-java --disable-compression --enable-perl --enable-gettext --prefix=/tmp/clearsilver-perl
|
||||
|
||||
|
||||
3) fix a problem in scripts/document.py
|
||||
change the first line to "#!/usr/bin/env python"
|
||||
|
||||
|
||||
4) build it
|
||||
- make
|
||||
- make install
|
||||
|
||||
|
||||
5) cp to the cbox
|
||||
cp -a /tmp/clearsilver-perl/local/lib/perl/5.8.7/. cryptobox.conf.d/usr/lib/perl5
|
||||
rm cryptobox.conf.d/usr/lib/perl5/perllocal.pod
|
||||
|
||||
6) dependencies
|
||||
add python-clearsilver to the box (dfsbuild.conf)
|
|
@ -0,0 +1,23 @@
|
|||
Hints for building and integrating a new kernel into the cryptobox:
|
||||
|
||||
1) get the source
|
||||
download it from http://kernel.org (at least 2.6.11)
|
||||
|
||||
2) configure
|
||||
- copy the current kernel config from the cryptobox/trunk/kernel
|
||||
directory to the kernel source directory as ".config" (the .config
|
||||
can also be found in the current kernel-image-cryptoboxX.Y.deb packagefile)
|
||||
- make menuconfig
|
||||
- make-kpkg --rootcmd fakeroot --revision=cryptoboxY.X kernel_image
|
||||
(replace "Y.X" by the current cryptobox release)
|
||||
|
||||
3) integrating
|
||||
- copy the debian kernel package (see above) and the config file to cryptobox/trunk/kernel
|
||||
- change the "unpackdebs" setting in cryptobox/trunk/etc-default.d/dfs-cbox.conf
|
||||
- add the new kernel package and the config file to the repository (svn add)
|
||||
|
||||
4) afterwork
|
||||
- run "cryptobox/trunk/scripts/cbox-build.sh dfsbuild" to create a fresh base system
|
||||
including the new kernel
|
||||
- test the box with your new kernel
|
||||
- enjoy it! :)
|
|
@ -0,0 +1,56 @@
|
|||
## fixed bugs:
|
||||
## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404563
|
||||
## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404555
|
||||
diff -ruN dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs
|
||||
--- dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs 2006-04-20 00:10:11.000000000 +0200
|
||||
+++ dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs 2007-01-02 00:56:45.000000000 +0100
|
||||
@@ -40,8 +40,11 @@
|
||||
|
||||
grub_generic env =
|
||||
do createDirectory (targetdir env ++ "/boot/grub") 0o755
|
||||
- grubfiles <- glob "/lib/grub/*/*"
|
||||
- safeSystem "cp" $ ["-rv"] ++ grubfiles ++ [targetdir env ++ "/boot/grub/"]
|
||||
+ -- since etch (Debian 4.0) grub files are located in /usr/lib instead of /lib
|
||||
+ grubfiles_pre_etch <- glob "/lib/grub/*/*"
|
||||
+ grubfiles_since_etch <- glob "/usr/lib/grub/*/*"
|
||||
+ safeSystem "cp" $ ["-rv"] ++ grubfiles_pre_etch ++ grubfiles_since_etch ++
|
||||
+ [targetdir env ++ "/boot/grub/"]
|
||||
menuText <- grubMenu env
|
||||
writeFile (targetdir env ++ "/boot/grub/menu.lst") menuText
|
||||
|
||||
diff -ru dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs
|
||||
--- dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs 2006-04-20 00:10:11.000000000 +0200
|
||||
+++ dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs 2007-01-01 22:09:26.000000000 +0100
|
||||
@@ -33,7 +33,7 @@
|
||||
archargs ++ debugargs ++ ["-d", suite, targetdir env, mirror]
|
||||
-- Next, copy them into the mirror.
|
||||
codename <- getCodeName
|
||||
- (targetdir env ++ "/var/cache/bootstrap/Release")
|
||||
+ (targetdir env ++ "/var/cache/bootstrap/")
|
||||
dm $ "Codename for this is " ++ codename
|
||||
mapM_ (\x -> handle (\_ -> return ()) (createDirectory x 0o755))
|
||||
[mirrordir, mirrordir ++ "/conf"]
|
||||
diff -ru dfsbuild.orig/dfsbuild-0.99.2/Utils.hs dfsbuild/dfsbuild-0.99.2/Utils.hs
|
||||
--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs 2006-04-20 00:10:11.000000000 +0200
|
||||
+++ dfsbuild/dfsbuild-0.99.2/Utils.hs 2007-01-01 22:40:34.000000000 +0100
|
||||
@@ -16,6 +16,7 @@
|
||||
import MissingH.ConfigParser
|
||||
import MissingH.Cmd
|
||||
import System.IO.Unsafe
|
||||
+import System.IO.Error
|
||||
import Text.Regex
|
||||
import MissingH.Path.FilePath
|
||||
import System.Directory(doesFileExist)
|
||||
@@ -72,7 +73,11 @@
|
||||
|
||||
getCodeName :: FilePath -> IO String
|
||||
getCodeName fp =
|
||||
- do c <- readFile fp
|
||||
+ do c_old <- System.IO.Error.catch (readFile (fp ++ "Release"))
|
||||
+ (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e)
|
||||
+ c_new <- System.IO.Error.catch (readFile (fp ++ "_dists_._Release"))
|
||||
+ (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e)
|
||||
+ c <- if length(c_old) > 0 then return c_old else return c_new
|
||||
let cr = mkRegex "Codename: ([a-z]+)"
|
||||
case matchRegex cr c of
|
||||
Just [cn] -> return cn
|
|
@ -0,0 +1,60 @@
|
|||
## this patch allows the addition of custom scripts to prepare/cleanup the target
|
||||
## directory before/after package installation
|
||||
## it is necessary for the samba package as it requires /proc/ during installation
|
||||
--- dfsbuild.orig/dfsbuild-0.99.2/Actions.hs 2006-04-20 00:10:11.000000000 +0200
|
||||
+++ dfsbuild/dfsbuild-0.99.2/Actions.hs 2007-01-03 15:36:59.000000000 +0100
|
||||
@@ -43,6 +43,11 @@
|
||||
finished Bootstrapped
|
||||
Bootstrapped -> -- Time to install shared files
|
||||
do installlib env
|
||||
+ finished EnvironmentPrepared
|
||||
+ EnvironmentPrepared -> -- execute configurable hook scripts
|
||||
+ do im $ "Executing preparation scripts"
|
||||
+ mapM_ (safeSystem `flip` [ targetdir env ])
|
||||
+ (splitWs $ eget env "preparescripts")
|
||||
finished LibsInstalled
|
||||
LibsInstalled -> -- Install additional packages
|
||||
do installpkgs env
|
||||
@@ -68,6 +73,11 @@
|
||||
do safeSystem "mkcramfs" [(targetdir env) ++ "/opt/initrd",
|
||||
(targetdir env) ++ "/boot/initrd.dfs"]
|
||||
recursiveRemove SystemFS $ (targetdir env) ++ "/opt/initrd"
|
||||
+ finished EnvironmentCleaned
|
||||
+ EnvironmentCleaned -> -- execute configurable hook scripts
|
||||
+ do im $ "Executing preparation scripts"
|
||||
+ mapM_ (safeSystem `flip` [ targetdir env ])
|
||||
+ (splitWs $ eget env "cleanupscripts")
|
||||
finished RamdiskBuilt
|
||||
RamdiskBuilt -> -- Install the bootloader
|
||||
do (isoargs, blfunc) <- Bootloader.install env
|
||||
--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs 2007-01-01 23:06:17.000000000 +0100
|
||||
+++ dfsbuild/dfsbuild-0.99.2/Utils.hs 2007-01-03 15:33:00.000000000 +0100
|
||||
@@ -30,10 +31,10 @@
|
||||
marker :: String,
|
||||
datestr :: String}
|
||||
|
||||
-data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | Installed
|
||||
- | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped
|
||||
+data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | EnvironmentPrepared
|
||||
+ | Installed | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped
|
||||
| RDPrepped
|
||||
- | KernelsInstalled | RamdiskBuilt | BootloaderInstalled
|
||||
+ | KernelsInstalled | EnvironmentCleaned | RamdiskBuilt | BootloaderInstalled
|
||||
deriving (Eq, Show, Read, Ord)
|
||||
|
||||
im = infoM "dfs"
|
||||
--- dfsbuild.orig/dfsbuild-0.99.2/dfs.cfg 2006-07-02 01:46:22.000000000 +0200
|
||||
+++ dfsbuild/dfsbuild-0.99.2/dfs.cfg 2007-01-03 15:40:22.000000000 +0100
|
||||
@@ -115,6 +115,12 @@
|
||||
/var/log/dpkg.log
|
||||
/var/log/bootstrap.log
|
||||
|
||||
+# Scripts that should be executed after bootstrapping and before package installation
|
||||
+#preparescripts =
|
||||
+
|
||||
+# Scripts that should be executed after package installation and before iso generation
|
||||
+#cleanupscripts =
|
||||
+
|
||||
######################################################################
|
||||
# Arch settings: i386
|
||||
######################################################################
|
|
@ -0,0 +1,51 @@
|
|||
For a new live-CD follow steps 1a and 2a.
|
||||
For a language update live-CD follow steps 1b and 2b.
|
||||
|
||||
0) manually update files:
|
||||
- ntfs-3g debian package (from lenny)
|
||||
|
||||
1a) set current version
|
||||
- cover/cover_[en|de].[odt|pdf]
|
||||
- etc/defaults.d/dfs-cbox.conf (version setting)
|
||||
|
||||
1b) upgrade language files of an old live-cd
|
||||
- rm -rf _builddir/
|
||||
- mount -o loop old_live_cd.iso /mnt/ttt
|
||||
- cp -a /mnt/ttt _builddir/target
|
||||
- update all binary language files by issuing scripts/update_po_files.py
|
||||
in the project's language branch
|
||||
- copy all language files (*.mo) of the updated languages to
|
||||
_builddir/target/usr/locale/....
|
||||
- update the list of available languages in
|
||||
_builddir/target/etc/cryptobox-server/cryptobox.conf
|
||||
- update the version in _builddir/target/boot/grub/menu.lst
|
||||
- update cover/conver_[en|de].[swx|pdf]
|
||||
|
||||
2a) build image
|
||||
- 'scripts/cbox-build.sh release'
|
||||
|
||||
2b) build image and create signatures
|
||||
- 'scripts/cbox-build.sh isoz'
|
||||
- cd _builddir
|
||||
- sha1sum ISO_FILE > ISO_FILE.sha1sum
|
||||
- md5sum ISO_FILE > ISO_FILE.md5sum
|
||||
|
||||
3) release notes
|
||||
- update website
|
||||
- update CHANGELOG
|
||||
|
||||
4) upload to codecoop
|
||||
- check the validity of your ssh-key in your codecoop user account
|
||||
- type "scp $FILE $USERNAME@shell.codecoop.org:."
|
||||
- upload a dummy file with the same name via upload-web-interface to codecoop
|
||||
- ask Jan Kanzleiter <idfx_at_codecoop.org> to replace the dummy with the
|
||||
scp-file and to manually set the filesize (otherwise: it is not displayed at all)
|
||||
- upload the checksumfile created by "md5sum cryptobox_vY.X.iso >cryptobox_vY.X.iso.md5sum"
|
||||
- add release notes and changelog
|
||||
- upload cover_[en|de].pdf
|
||||
|
||||
5) release announcement
|
||||
- http://codecoop.org
|
||||
- http://distrowatch.com
|
||||
- http://livedistro.org
|
||||
- http://linuxlinks.com
|
|
@ -0,0 +1,7 @@
|
|||
# sample startup file for running the cryptobox in a user-mode-linux environment
|
||||
#
|
||||
# it does not work, as the dfsbuild-cd-image is not being recognized during boot
|
||||
#
|
||||
# just as a reminder ...
|
||||
#
|
||||
kernel/uml-kernel-2.6.12.3-cryptobox dfscd=/dev/ubd1 ubd1r=_builddir/cd1/image.iso ubd0=_builddir/cd1/image-working/opt/dfsruntime/initrd.dfs con=null con0=fd:0,fd:1
|
|
@ -0,0 +1,27 @@
|
|||
some useful macros:
|
||||
* [[TOC]] - at the beginning of the document
|
||||
* [[AutoNav]] - below [[TOC]], followed by a line with "----"
|
||||
* [[AddComment]] - at the end of the page (below "----")
|
||||
* [[WikiInclude($PAGENAME)]] - include another wiki page
|
||||
* [[redirect(wiki:$PAGENAME)]] - redirect to another page (useful to redirect to default lang)
|
||||
* [[Image(file/trunk/cbox-tree.d/var/www/cryptobox-img/screenshots/$NAME)]] - beware: you may use "wiki" or "ticket" instead of "file" - very unusual syntax
|
||||
* [[FootNote(Text)]] - creates a reference to a footnote - the list of footnotes is expanded by "[[FootNote]]"
|
||||
|
||||
special things:
|
||||
* the first level heading ("= TEXT =") is considered as the page title - only lower level headings will be a part of the table of contents
|
||||
* links like "CryptoBoxUser/de" are not recogniced - use "[wiki:CryptoBoxUser/de CryptoBoxUser]" instead
|
||||
* for a deeper level of items or enumerations, you have to add two(!) additional spaces in front of the symbol ("*" or "1.") - this is obviously strange ...
|
||||
|
||||
default page layout:
|
||||
[[TOC]]
|
||||
[[AutoNav]]
|
||||
----
|
||||
|
||||
= Title =
|
||||
|
||||
== Heading ... ==
|
||||
...
|
||||
|
||||
----
|
||||
== Comments ==
|
||||
[[AddComment]]
|
|
@ -0,0 +1,79 @@
|
|||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<title>CryptoBox</title>
|
||||
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
|
||||
<meta content="" name="keywords" />
|
||||
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
|
||||
<link rel="stylesheet" type="text/css" href="main.css" />
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="container">
|
||||
|
||||
<div id="header"><!-- just the logo --></div>
|
||||
<div class="navbar">
|
||||
<p>
|
||||
<a href="index.html">Home</a> |
|
||||
<a href="news.html">News</a> |
|
||||
<a href="downlo0.html">Download</a> |
|
||||
<a href="support.html">Support</a> |
|
||||
<a href="develo0.html">Development</a>
|
||||
</p>
|
||||
</div>
|
||||
<!-- content starts here -->
|
||||
<div class="centercontent">
|
||||
<div><h1 id="UserDocumentation">User Documentation</h1>
|
||||
<p>
|
||||
The following pages are describing the basic usage of the CryptoBox live-CD.
|
||||
</p>
|
||||
<p>
|
||||
The online version of this manual is a wiki, which means you can help improving the pages. If you have a question regarding the documentation, please post it on the bottom of the relevant page. The developers will answer your questions and update the manual as fast as possible.
|
||||
</p>
|
||||
<h2 id="Documentationforxreleases">Documentation for 0.3.x releases</h2>
|
||||
<ol><li><a href="doc_0.0.html">CryptoBoxUserGettingStarted</a> -- first steps to get the Cryptobox up and running
|
||||
</li><li><a href="doc_0.1.html">CryptoBoxUserDailyUse</a> -- how to access your encrypted data
|
||||
</li></ol>
|
||||
<p>
|
||||
At the moment there is no automatic way of using an encrypted disk of the 0.2 series in a !Cryptobox running the 0.3 series. That's because we did a major redesign of the CryptoBox functionality within the last year. We're sorry for the unconveniance!
|
||||
</p>
|
||||
<h2 id="FrequentlyAskedQuestions">Frequently Asked Questions</h2>
|
||||
<ul><li><a href="faq.html">FAQ</a>
|
||||
</li></ul></div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<!-- content ends here -->
|
||||
<div id="footer">
|
||||
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<!-- /Creative Commons License -->
|
||||
<!--
|
||||
|
||||
<rdf:RDF xmlns="http://web.resource.org/cc/"
|
||||
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
|
||||
<Work rdf:about="">
|
||||
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
|
||||
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
|
||||
</Work>
|
||||
|
||||
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
|
||||
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
|
||||
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/Notice" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
|
||||
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
|
||||
</License>
|
||||
|
||||
</rdf:RDF>
|
||||
-->
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
Binary file not shown.
After Width: | Height: | Size: 84 KiB |
|
@ -0,0 +1,93 @@
|
|||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<title>CryptoBox</title>
|
||||
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
|
||||
<meta content="" name="keywords" />
|
||||
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
|
||||
<link rel="stylesheet" type="text/css" href="main.css" />
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="container">
|
||||
|
||||
<div id="header"><!-- just the logo --></div>
|
||||
<div class="navbar">
|
||||
<p>
|
||||
<a href="index.html">Home</a> |
|
||||
<a href="news.html">News</a> |
|
||||
<a href="downlo0.html">Download</a> |
|
||||
<a href="support.html">Support</a> |
|
||||
<a href="develo0.html">Development</a>
|
||||
</p>
|
||||
</div>
|
||||
<!-- content starts here -->
|
||||
<div class="centercontent">
|
||||
<h2>What does the CryptoBox do?</h2>
|
||||
<p>Usually all your files like phone numbers, love letters, bank
|
||||
account data etc. are stored in plaintext on your computer's
|
||||
harddisk.
|
||||
All the data is accessible for everyone who has access to the harddisk.
|
||||
This is very bad in case someone you don't trust gets your harddisk.
|
||||
E.g. a thief that steals your notebook, or breaks into your house or company.
|
||||
If the thief has your disk he/she can also read all the files that
|
||||
where saved on it, no matter whether you have a login password or not -
|
||||
the files are always stored in plaintext.
|
||||
</p>
|
||||
|
||||
<p>The <b>CryptoBox</b> brings easy-to-use data encryption to your
|
||||
computer. This works out of the box and does not need complicated
|
||||
configuration steps.</p>
|
||||
|
||||
<p>Here comes a small usage example for the CryptoBox with an obsolete
|
||||
PC as a fileserver:</p>
|
||||
|
||||
<p>Boot up the old PC with the CryptoBox live-CD.
|
||||
Now you can access it with your browser via the network.
|
||||
Then you partition and reformat the harddisk of the old
|
||||
PC with encryption support. Therefore you provide a passphrase.
|
||||
This is all done through the user friendly webinterface.
|
||||
You can also plug in an external harddisk and use this to store
|
||||
your encrypted data.
|
||||
Afterwards you copy your sensitive data over the local
|
||||
network to the CryptoBox.
|
||||
It is stored on its harddisk in a secure way.
|
||||
Nobody can access your data without the right passphrase.
|
||||
</p>
|
||||
</div>
|
||||
|
||||
|
||||
<!-- content ends here -->
|
||||
<div id="footer">
|
||||
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<!-- /Creative Commons License -->
|
||||
<!--
|
||||
|
||||
<rdf:RDF xmlns="http://web.resource.org/cc/"
|
||||
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
|
||||
<Work rdf:about="">
|
||||
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
|
||||
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
|
||||
</Work>
|
||||
|
||||
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
|
||||
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
|
||||
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/Notice" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
|
||||
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
|
||||
</License>
|
||||
|
||||
</rdf:RDF>
|
||||
-->
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
@ -0,0 +1,135 @@
|
|||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<title>CryptoBox</title>
|
||||
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
|
||||
<meta content="" name="keywords" />
|
||||
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
|
||||
<link rel="stylesheet" type="text/css" href="main.css" />
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="container">
|
||||
|
||||
<div id="header"><!-- just the logo --></div>
|
||||
<div class="navbar">
|
||||
<p>
|
||||
<a href="index.html">Home</a> |
|
||||
<a href="news.html">News</a> |
|
||||
<a href="downlo0.html">Download</a> |
|
||||
<a href="support.html">Support</a> |
|
||||
<a href="develo0.html">Development</a>
|
||||
</p>
|
||||
</div>
|
||||
<!-- content starts here -->
|
||||
<div class="left">
|
||||
|
||||
<div class="leftcontent">
|
||||
<h2>You are server admin?</h2>
|
||||
<p>Take a look at the <a
|
||||
href="http://devel.cryptobox.org/file/trunk/README">README
|
||||
file</a>. There you find more detailed information about the
|
||||
installation and configuration of the CryptoBox-Server
|
||||
package.</p>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="content">
|
||||
<h2>Requirements for the CryptoBox live-CD</h2>
|
||||
<p>The <i>CryptoBox live-CD</i> runs on any x86 compatible PC with:</p>
|
||||
<ul>
|
||||
<li>CPU: min. 200MHz</li>
|
||||
<li>RAM: 64 MB</li>
|
||||
<li>CD-ROM drive</li>
|
||||
<li>a network connection</li>
|
||||
<li>a harddisk for your data</li>
|
||||
</ul>
|
||||
<p>The harddisk does not need to inside the of CryptoBox computer. You
|
||||
can also use external devices like USB-drives.
|
||||
All drives supported by the Linux kernel (2.6.20) can be used: IDE,
|
||||
SCSI, USB, FireWire, SATA, RAID, ...</p>
|
||||
<p>Because of the high number of different supported storage media
|
||||
we call an encrypted disk a <i>volume</i>.
|
||||
This includes (e.g.): USB-sticks, firewire-disks, flash-drives, digital cameras,
|
||||
MP3-player, MMC/SD-cards.</p>
|
||||
</div>
|
||||
|
||||
<div class="content">
|
||||
<h2>Requirements of the CryptoBox-Server</h2>
|
||||
<p>The <i>CryptoBox-Server</i> package can be installed on any system with at least:</p>
|
||||
<ul>
|
||||
<li>Linux kernel 2.6</li>
|
||||
<li>cryptsetup with LUKS support</li>
|
||||
<li>kernel support for the <i>crypt</i> target of the <i>device mapper</i></li>
|
||||
<li>Python 2.4</li>
|
||||
</ul>
|
||||
<p>In general a server package should run on any Linux
|
||||
distribution, but we only provide Debian packages. So you have to
|
||||
install the necessary files on your own to the right places if
|
||||
you are using a different linux distribution.</p>
|
||||
</div>
|
||||
|
||||
<div class="content">
|
||||
<h2>File access</h2>
|
||||
<p>Once you openend an encrypted volume through the web frontend of
|
||||
the <i>CryptoBox</i> you can access the volume's data within your local
|
||||
network via:</p>
|
||||
<ul>
|
||||
<li>Samba shares (also known as: <i>windows network share</i>)</li>
|
||||
<!-- <li>WebDAV (aka: <i>web folder</i>)</li>
|
||||
<li>nfs (*nix file sharing)</li> -->
|
||||
</ul>
|
||||
<p>The <i>CryptoBox-Server</i> package will smoothly integrate into your existing
|
||||
fileserver. It provides mount points which can be shared via your
|
||||
favourite protocols (e.g.: WebDAV or NFS).</p>
|
||||
</div>
|
||||
|
||||
<div class="content">
|
||||
<h2>Encryption</h2>
|
||||
<p>The encrypted disk partitions are <a href="http://luks.endorphin.org/">LUKS</a>
|
||||
volumes. This makes it also possible to access your data directly with
|
||||
every modern linux system or via <a href="http://freeotfe.org/">FreeOTFE</a>
|
||||
(for Microsoft products).</p>
|
||||
<p>You can select your favourite encryption algorithm from all
|
||||
ciphers supported by the linux kernel. The default is
|
||||
<i>aes-cbc-essiv:sha256</i> (AES in CBC mode with ESSIV based on
|
||||
SHA256).</p>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
<!-- content ends here -->
|
||||
<div id="footer">
|
||||
<p>-- a <a href="http://senselab.org">Sense.Lab</a> project -- <a href="http://senselab.org/component/option,com_dfcontact/Itemid,29/">Impressum</a> --</p>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<!-- /Creative Commons License -->
|
||||
<!--
|
||||
|
||||
<rdf:RDF xmlns="http://web.resource.org/cc/"
|
||||
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
|
||||
<Work rdf:about="">
|
||||
<dc:type rdf:resource="http://purl.org/dc/dcmitype/Text" />
|
||||
<license rdf:resource="http://creativecommons.org/licenses/by-sa/2.5/de/" />
|
||||
</Work>
|
||||
|
||||
<License rdf:about="http://creativecommons.org/licenses/by-sa/2.5/de/">
|
||||
<permits rdf:resource="http://web.resource.org/cc/Reproduction" />
|
||||
<permits rdf:resource="http://web.resource.org/cc/Distribution" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/Notice" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/Attribution" />
|
||||
<permits rdf:resource="http://web.resource.org/cc/DerivativeWorks" />
|
||||
<requires rdf:resource="http://web.resource.org/cc/ShareAlike" />
|
||||
</License>
|
||||
|
||||
</rdf:RDF>
|
||||
-->
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
@ -0,0 +1,173 @@
|
|||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<title>CryptoBox</title>
|
||||
<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type" />
|
||||
<meta content="" name="keywords" />
|
||||
<meta name="description" content="a secure fileserver, live-CD, web front-end" />
|
||||
<link rel="stylesheet" type="text/css" href="main.css" />
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="container">
|
||||
|
||||
<div id="header"><!-- just the logo --></div>
|
||||
<div class="navbar">
|
||||
<p>
|
||||
<a href="index.html">Home</a> |
|
||||
<a href="news.html">News</a> |
|
||||
<a href="downlo0.html">Download</a> |
|
||||
<a href="support.html">Support</a> |
|
||||
<a href="develo0.html">Development</a>
|
||||
</p>
|
||||
</div>
|
||||
<!-- content starts here -->
|
||||
<div class="centercontent">
|
||||
<h2>Contribute</h2>
|
||||
<p>You are not just a consumer. At least not in the Open Source world.</p>
|
||||
<p>There are various ways to take part in improving the CryptoBox
|
||||
for all of us ...</p>
|
||||
</div>
|
||||
|
||||
<div class="left">
|
||||
<div class="leftcontent">
|
||||
<h2>Overview</h2>
|
||||
<ul>
|
||||
<li><a href="http://translate.cryptobox.org/projects/cryptobox/">Translation</a></li>
|
||||
<li><a href="http://devel.cryptobox.org/newticket">Bug Reports</a></li>
|
||||
<li><a href="Crypto0.html"">User Documentation</a></li>
|
||||
<li><a href="http://devel.cryptobox.org/">Development corner</a></li>
|
||||
<li><a href="https://systemausfall.org/mail-archive/?0">Mailing list archive</a>
|
||||
<li><a href="http://devel.cryptobox.org/file/trunk/README">README</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
<div class="leftcontent">
|
||||
<h2>Recent changes</h2>
|
||||
<ul class="recent_changes">
|
||||
<li><p class="date">Thu, 22 Feb 2007 12:10:04 GMT</p><a href="http://devel.cryptobox.org/changeset/858">Changeset [858] by lars</a><p>
|
||||
added configobj to "acknowledgements" (they linked us, too)
|
||||
</p></li>
|
||||
<li><p class="date">Thu, 22 Feb 2007 10:57:16 GMT</p><a href="http://devel.cryptobox.org/changeset/857">Changeset [857] by pootle-translation</a><p>
|
||||
Commit from Thorax Translation Center by user fabrizio. 24 of 24 messages translated (0 fuzzy).
|
||||
</p></li>
|
||||
<li><p class="date">Thu, 22 Feb 2007 10:54:29 GMT</p><a href="http://devel.cryptobox.org/changeset/856">Changeset [856] by pootle-translation</a><p>
|
||||
Commit from Thorax Translation Center by user fabrizio. 2 of 2 messages translated (0 fuzzy).
|
||||
</p></li>
|
||||
<li><p class="date">Thu, 22 Feb 2007 05:30:56 GMT</p><a href="http://devel.cryptobox.org/ticket/45">Ticket #45 resolved: not clear if it works - but there is at least some documentation about how ...</a><p>
|
||||
not clear if it works - but there is at least some documentation about how to find it manually (since [<a title="updated offline documentation ..." href="http://devel.cryptobox.org/changeset/855">855</a>])
|
||||
</p></li>
|
||||
<li><p class="date">Thu, 22 Feb 2007 05:16:45 GMT</p><a href="http://devel.cryptobox.org/changeset/855">Changeset [855] by lars</a><p>
|
||||
updated offline documentation
|
||||
moved offline documentation to a higher directory
|
||||
updated autorun links
|
||||
added mirror script to integrate offline documentation into the current website layout
|
||||
</p></li></ul>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
<div class="content">
|
||||
<h2>Translation center</h2>
|
||||
<p>We want <i>you</i> to translate the CryptoBox!</p>
|
||||