commit ec818dbbc3ed3f8cf5e765311795181c59043e73 Author: frisco <> Date: Mon Jun 9 00:10:03 2008 +0000 Created new branch for Debian Live live-cd build system development. This commit includes the default configuration files, which don't work with Debian "etch". diff --git a/config/binary b/config/binary new file mode 100644 index 0000000..b343308 --- /dev/null +++ b/config/binary @@ -0,0 +1,146 @@ +# config/binary - options for live-helper(7), binary stage + +# $LH_BINARY_FILESYSTEM: set image filesystem +# (Default: fat16) +LH_BINARY_FILESYSTEM="fat16" + +# $LH_BINARY_IMAGES: set image type +# (Default: iso) +LH_BINARY_IMAGES="iso" + +# $LH_BINARY_INDICES: set apt/aptitude generic indices +# (Default: enabled) +LH_BINARY_INDICES="enabled" + +# $LH_BOOTAPPEND_LIVE: set boot parameters +# (Default: empty) +LH_BOOTAPPEND_LIVE="" + +# $LH_BOOTAPPEND_INSTALL: set boot parameters +# (Default: empty) +LH_BOOTAPPEND_INSTALL="-- }" + +# $LH_BOOTLOADER: set bootloader +# (Default: syslinux) +LH_BOOTLOADER="syslinux" + +# $LH_CHECKSUMS: set checksums +# (Default: enabled) +LH_CHECKSUMS="enabled" + +# ${LH_CHROOT_BUILD: control if we build binary images chrooted +# (Default: enabled) +# DO NEVER, *NEVER*, *N*E*V*E*R* SET THIS OPTION to disabled. +LH_CHROOT_BUILD="enabled" + +# $LH_DEBIAN_INSTALLER: set debian-installer +# (Default: disabled) +LH_DEBIAN_INSTALLER="disabled" + +# $LH_DEBIAN_INSTALLER_DAILY: set daily images +# (Default: disabled) +LH_DEBIAN_INSTALLER_DAILY="disabled" + +# $LH_ENCRYPTION: set encrytion +# (Default: disabled) +LH_ENCRYPTION="disabled" + +# $LH_GRUB_SPLASH: set custom grub splash +# (Default: empty) +LH_GRUB_SPLASH="" + +# $LH_HOSTNAME: set hostname +# (Default: debian) +LH_HOSTNAME="debian" + +# $LH_ISO_APPLICATION: set iso author +# (Default: Debian Live) +LH_ISO_APPLICATION="Debian Live" + +# $LH_ISO_PREPARER: set iso preparer +# (Default: live-helper 1.0~a46; http://packages.qa.debian.org/live-helper) +LH_ISO_PREPARER="live-helper 1.0~a46; http://packages.qa.debian.org/live-helper" + +# $LH_ISO_PUBLISHER: set iso publisher +# (Default: Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org) +LH_ISO_PUBLISHER="Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org" + +# $LH_ISO_VOLUME: set iso volume (max 32 chars) +# (Default: Debian Live 20080608-17:04) +LH_ISO_VOLUME="Debian Live 20080608-17:04" + +# $LH_JFFS2_ERASEBLOCK: set jffs2 eraseblock size +# (Default: unset) +LH_JFFS2_ERASEBLOCK="" + +# $LH_MEMTEST: set memtest +# (Default: memtest86+) +LH_MEMTEST="memtest86+" + +# $LH_NET_ROOT_FILESYSTEM: set netboot filesystem +# (Default: nfs) +LH_NET_ROOT_FILESYSTEM="nfs" + +# $LH_NET_ROOT_MOUNTOPTIONS: set nfsopts +# (Default: empty) +LH_NET_ROOT_MOUNTOPTIONS="" + +# $LH_NET_ROOT_PATH: set netboot server directory +# (Default: /srv/debian-live) +LH_NET_ROOT_PATH="/srv/debian-live" + +# $LH_NET_ROOT_SERVER: set netboot server address +# (Default: 192.168.1.1) +LH_NET_ROOT_SERVER="192.168.1.1" + +# $LH_NET_COW_FILESYSTEM: set net client cow filesystem +# (Default: nfs) +LH_NET_COW_FILESYSTEM="nfs" + +# $LH_NET_COW_MOUNTOPTIONS: set cow mount options +# (Default: empty) +LH_NET_COW_MOUNTOPTIONS="" + +# $LH_NET_COW_PATH: set cow directory +# (Default: ) +LH_NET_COW_PATH="" + +# $LH_NET_COW_SERVER: set cow server +# (Default: ) +LH_NET_COW_SERVER="" + +# $LH_NET_TARBALL: set net tarball +# (Default: gzip) +LH_NET_TARBALL="gzip" + +# $LH_SYSLINUX_SPLASH: set custom syslinux splash +# (Default: empty) +LH_SYSLINUX_SPLASH="" + +# $LH_SYSLINUX_TIMEOUT: set custom syslinux timeout in seconds +# (Default: 0) +LH_SYSLINUX_TIMEOUT="0" + +# $LH_SYSLINUX_CFG: set custom syslinux configuration file +# (Default: empty) +LH_SYSLINUX_CFG="" + +# $LH_SYSLINUX_MENU: set syslinux menu +# (Default: disabled) +LH_SYSLINUX_MENU="disabled" + +# $LH_SYSLINUX_MENU_LIVE_ENTRY: set text to be used on the menu for live entries +# (Default: Start Debian Live) +LH_SYSLINUX_MENU_LIVE_ENTRY="Start Debian Live" + +# $LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY: set text to be used on the menu for live entries (failsafe ones) +# (Default: ) +LH_SYSLINUX_MENU_LIVE_FAILSAFE_ENTRY="" + +# $LH_SYSLINUX_MENU_MEMTEST_ENTRY: set text to be used on the menu for memtest entry +# (Default: Memory test) +LH_SYSLINUX_MENU_MEMTEST_ENTRY="Memory test" + +# $LH_USERNAME: set username +# (Default: user) +LH_USERNAME="user" diff --git a/config/bootstrap b/config/bootstrap new file mode 100644 index 0000000..6e2f0bc --- /dev/null +++ b/config/bootstrap @@ -0,0 +1,53 @@ +# config/bootstrap - options for live-helper(7), bootstrap stage + +# $LH_ARCHITECTURE: select chroot architecture +# (Default: autodetected) +LH_ARCHITECTURE="i386" + +# $LH_BOOTSTRAP_CONFIG: set distribution config directory +# (Default: empty) +LH_BOOTSTRAP_CONFIG="" + +# $LH_BOOTSTRAP_INCLUDE: include packages on base +# (Default: empty) +LH_BOOTSTRAP_INCLUDE="" + +# $LH_BOOTSTRAP_EXCLUDE: exclude packages on base +# (Default: empty) +LH_BOOTSTRAP_EXCLUDE="" + +# $LH_BOOTSTRAP_FLAVOUR: select flavour to use +# (Default: ) +LH_BOOTSTRAP_FLAVOUR="" + +# $LH_BOOTSTRAP_KEYRING: set distribution keyring +# (Default: empty) +LH_BOOTSTRAP_KEYRING="" + +# $LH_DISTRIBUTION: select distribution to use +# (Default: lenny) +LH_DISTRIBUTION="lenny" + +# $LH_MIRROR_BOOTSTRAP: set mirror to bootstrap from +# (Default: http://ftp.us.debian.org/debian/) +LH_MIRROR_BOOTSTRAP="http://ftp.us.debian.org/debian/" + +# $LH_MIRROR_CHROOT: set mirror to fetch packages from +# (Default: http://ftp.us.debian.org/debian/) +LH_MIRROR_CHROOT="http://ftp.us.debian.org/debian/" + +# $LH_MIRROR_CHROOT_SECURITY: set security mirror to fetch packages from +# (Default: http://security.debian.org/) +LH_MIRROR_CHROOT_SECURITY="http://security.debian.org/" + +# $LH_MIRROR_BINARY: set mirror which ends up in the image +# (Default: http://ftp.us.debian.org/debian/) +LH_MIRROR_BINARY="http://ftp.us.debian.org/debian/" + +# $LH_MIRROR_BINARY_SECURITY: set security mirror which ends up in the image +# (Default: http://security.debian.org/) +LH_MIRROR_BINARY_SECURITY="http://security.debian.org/" + +# $LH_SECTIONS: select section(s) to use +# (Default: main) +LH_SECTIONS="main" diff --git a/config/chroot b/config/chroot new file mode 100644 index 0000000..5355466 --- /dev/null +++ b/config/chroot @@ -0,0 +1,61 @@ +# config/chroot - options for live-helper(7), chroot stage + +# $LH_CHROOT_FILESYSTEM: set chroot filesystem +# (Default: squashfs) +LH_CHROOT_FILESYSTEM="squashfs" + +# $LH_UNION_FILESYSTEM: set union filesystem +# (Default: aufs) +LH_UNION_FILESYSTEM="aufs" + +# $LH_EXPOSED_ROOT: expose root as read only +# (Default: disabled) +LH_EXPOSED_ROOT="disabled" + +# $LH_HOOKS: set hook commands +# (Default: empty) +LH_HOOKS="" + +# $LH_INTERACTIVE: set interactive build +# (Default: disabled) +LH_INTERACTIVE="disabled" + +# $LH_KEYRING_PACKAGES: set keyring packages +# (Default: empty) +LH_KEYRING_PACKAGES="" + +# $LH_LANGUAGE: set language to use +# (Default: empty) +LH_LANGUAGE="en" + +# $LH_LINUX_FLAVOURS: set kernel flavour to use +# (Default: autodetected) +LH_LINUX_FLAVOURS="486 686" + +# $LH_LINUX_PACKAGES: set kernel packages to use +# (Default: autodetected) +LH_LINUX_PACKAGES="linux-image-2.6 aufs-modules-2.6 squashfs-modules-2.6" + +# $LH_PACKAGES: set packages to install +# (Default: empty) +LH_PACKAGES="" + +# $LH_PACKAGES_LISTS: set package list to install +# (Default: standard) +LH_PACKAGES_LISTS="standard" + +# $LH_TASKS: set tasks to install +# (Default: empty) +LH_TASKS="" + +# $LH_SECURITY: enable security updates +# (Default: enabled) +LH_SECURITY="enabled" + +# $LH_SYMLINKS: enable symlink convertion +# (Default: disabled) +LH_SYMLINKS="disabled" + +# $LH_SYSVINIT: enable sysvinit +# (Default: disabled) +LH_SYSVINIT="disabled" diff --git a/config/common b/config/common new file mode 100644 index 0000000..f999e72 --- /dev/null +++ b/config/common @@ -0,0 +1,123 @@ +# config/common - common options for live-helper(7) + +# $LH_APT: set package manager +# (Default: apt) +LH_APT="apt" + +# $LH_APT_FTP_PROXY: set apt/aptitude ftp proxy +# (Default: autodetected or empty) +LH_APT_FTP_PROXY="" + +# $LH_APT_HTTP_PROXY: set apt/aptitude http proxy +# (Default: autodetected or empty) +LH_APT_HTTP_PROXY="" + +# $LH_APT_PDIFFS: set apt/aptitude pdiff indices +# (Default: enabled) +LH_APT_PDIFFS="enabled" + +# $LH_APT_PIPELINE: set apt/aptitude pipeline depth +# (Default: ) +LH_APT_PIPELINE="" + +# $LH_APT_RECOMMENDS: set apt/aptitude recommends +# (Default: enabled) +LH_APT_RECOMMENDS="enabled" + +# $LH_APT_SECURE: set apt/aptitude security +# (Default: enabled) +LH_APT_SECURE="enabled" + +# $LH_BOOTSTRAP: set bootstrap program +# (Default: debootstrap) +LH_BOOTSTRAP="debootstrap" + +# $LH_CACHE: control cache +# (Default: enabled) +LH_CACHE="enabled" + +# $LH_CACHE_INDICES: control if downloaded package indices should be cached +# (Default: disabled) +LH_CACHE_INDICES="disabled" + +# $LH_CACHE_PACKAGES: control if downloaded packages files should be cached +# (Default: enabled) +LH_CACHE_PACKAGES="enabled" + +# $LH_CACHE_STAGES: control if completed stages should be cached +# (Default: bootstrap) +LH_CACHE_STAGES="bootstrap" + +# $LH_DEBCONF_FRONTEND: set debconf(1) frontend to use +# (Default: noninteractive) +LH_DEBCONF_FRONTEND="noninteractive" + +# $LH_DEBCONF_NOWARNINGS: set debconf(1) warnings +# (Default: yes) +LH_DEBCONF_NOWARNINGS="yes" + +# $LH_DEBCONF_PRIORITY: set debconf(1) priority to use +# (Default: critical) +LH_DEBCONF_PRIORITY="critical" + +# $LH_INITRAMFS: set initramfs hook +# (Default: live-initramfs) +LH_INITRAMFS="live-initramfs" + +# $LH_FDISK: set fdisk program +# (Default: autodetected) +LH_FDISK="fdisk" + +# $LH_LOSETUP: set losetup program +# (Default: autodetected) +LH_LOSETUP="losetup" + +# $LH_MODE: set distribution mode +# (Default: debian) +LH_MODE="debian" + +# $LH_ROOT_COMMAND: use sudo or equivalent +# (Default: empty) +#LH_ROOT_COMMAND="sudo" + +# $LH_USE_FAKEROOT: use fakeroot/fakechroot +# (Default: disabled) +LH_USE_FAKEROOT="disabled" + +# $LH_TASKSEL: set tasksel program +# (Default: aptitude) +LH_TASKSEL="aptitude" + +# $LH_INCLUDES: set includes +# (Default: /usr/share/live-helper/includes) +LH_INCLUDES="/usr/share/live-helper/includes" + +# $LH_TEMPLATES: set templates +# (Default: /usr/share/live-helper/templates) +LH_TEMPLATES="/usr/share/live-helper/templates" + +# Live-helper options + +# $LH_BREAKPOINTS: enable breakpoints +# (Default: disabled) +#LH_BREAKPOINTS="disabled" + +# $LH_DEBUG: enable debug +# (Default: disabled) +#LH_DEBUG="disabled" + +# $LH_FORCE: enable force +# (Default: disabled) +#LH_FORCE="disabled" + +# $LH_QUIET: enable quiet +# (Default: disabled) +LH_QUIET="disabled" + +# $LH_VERBOSE: enable verbose +# (Default: disabled) +#LH_VERBOSE="disabled" + +# Internal stuff (FIXME) +APT_OPTIONS="--yes" +APTITUDE_OPTIONS="--assume-yes" diff --git a/config/source b/config/source new file mode 100644 index 0000000..1ac0ea6 --- /dev/null +++ b/config/source @@ -0,0 +1,9 @@ +# config/source - options for live-helper(7), source stage + +# $LH_SOURCE: set source option +# (Default: disabled) +LH_SOURCE="disabled" + +# $LH_SOURCE_IMAGES: set image type +# (Default: tar) +LH_SOURCE_IMAGES="tar" diff --git a/configure-examples.d/README b/configure-examples.d/README new file mode 100644 index 0000000..2f75cec --- /dev/null +++ b/configure-examples.d/README @@ -0,0 +1,30 @@ +1) Overview +the files in this directory are examples for specific hook scripts to change the +configuration of the box + +2) How to use these scripts +Copy the scripts, you would like to use into 'configure-local.d'. +They will be sourced in alphabetic order AFTER the default configuration of the +cryptobox. + +3) The examples + +set_root_pw + - replace the empty root password (the default) with a choosen password + - useful if your development cryptobox: + - is located in an insecure environment + - or your development team is geographically distributed, so the + cryptobox for testing has to be publicly available + +import_authorized_keys + - create a new rsa key (etc-local.d/id_rsa) and copy the public + key to the image directory + - this is useful, if you secured the development cryptobox with a + password (see 'set_root_pw') + +set_hostname + - change the default hostname ("cryptobox") + +set_scan_devices + - change the default selection of devices, that can be used as the crypto harddisk + diff --git a/configure-examples.d/import_authorized_keys b/configure-examples.d/import_authorized_keys new file mode 100644 index 0000000..17cba07 --- /dev/null +++ b/configure-examples.d/import_authorized_keys @@ -0,0 +1,19 @@ +# import a public rsa key into the cryptobox for ssh authentication +# +# see README in configure-examples.d for details +# + +SSH_KEY_FILE="$LOCALCONF_DIR/id_rsa" + +# create a rsa key if it does not yet exist +if [ ! -e "$SSH_KEY_FILE" ] + then echo "Creating ssh key ($SSH_KEY_FILE) ..." + mkdir -p $(dirname "$SSH_KEY_FILE") + ssh-keygen -t rsa -b 1024 -N '' -q -f "$SSH_KEY_FILE" + fi + +# copy new public ssh key to ~/.ssh/authorized_keys on cryptobox +echo "Copying local public ssh key file to the box ..." +mkdir -p "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh" +cp "${SSH_KEY_FILE}.pub" "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh/authorized_keys" + diff --git a/configure-examples.d/set_allowed_devices b/configure-examples.d/set_allowed_devices new file mode 100644 index 0000000..920c78b --- /dev/null +++ b/configure-examples.d/set_allowed_devices @@ -0,0 +1,4 @@ +# change the selection of devices, that can be used as the crypto harddisk + +sed -i 's#^AllowedDevices.*$#AllowedDevices = /dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3#' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf" + diff --git a/configure-examples.d/set_disabled_plugins b/configure-examples.d/set_disabled_plugins new file mode 100644 index 0000000..3984e03 --- /dev/null +++ b/configure-examples.d/set_disabled_plugins @@ -0,0 +1,4 @@ +# change the selection of disabled plugins + +sed -i 's#^DisabledPlugins.*$#DisabledPlugins = #' "$IMAGE_DIR/etc/cryptobox-server/cryptobox.conf" + diff --git a/configure-examples.d/set_hostname b/configure-examples.d/set_hostname new file mode 100644 index 0000000..35233c1 --- /dev/null +++ b/configure-examples.d/set_hostname @@ -0,0 +1,4 @@ +# change the hostname (default value: "cryptobox") + +echo "cryptobox" >"$IMAGE_DIR"/etc/hostname + diff --git a/configure-examples.d/set_root_pw b/configure-examples.d/set_root_pw new file mode 100644 index 0000000..ec14c27 --- /dev/null +++ b/configure-examples.d/set_root_pw @@ -0,0 +1,11 @@ +# replace the empty root password of an development cryptobox with a choosen one +# +# see misc/custom-configure.d/README for details +# + +# set the password to your needs +NEW_ROOT_PASSWORD=foobar + +echo "Setting a root password ..." +echo "root:$NEW_ROOT_PASSWORD" | chroot "$IMAGE_DIR" "$CHROOTSTART" chpasswd root + diff --git a/cover/antlogo-big.jpg b/cover/antlogo-big.jpg new file mode 100644 index 0000000..986cc51 Binary files /dev/null and b/cover/antlogo-big.jpg differ diff --git a/cover/antlogo-big.png b/cover/antlogo-big.png new file mode 100644 index 0000000..e716c77 Binary files /dev/null and b/cover/antlogo-big.png differ diff --git a/cover/antlogo-small.png b/cover/antlogo-small.png new file mode 100644 index 0000000..b9fd8ff Binary files /dev/null and b/cover/antlogo-small.png differ diff --git a/cover/cover_de.odt b/cover/cover_de.odt new file mode 100644 index 0000000..c6086fd Binary files /dev/null and b/cover/cover_de.odt differ diff --git a/cover/cover_de.pdf b/cover/cover_de.pdf new file mode 100644 index 0000000..0e8e6ec Binary files /dev/null and b/cover/cover_de.pdf differ diff --git a/cover/cover_en.odt b/cover/cover_en.odt new file mode 100644 index 0000000..e920835 Binary files /dev/null and b/cover/cover_en.odt differ diff --git a/cover/cover_en.pdf b/cover/cover_en.pdf new file mode 100644 index 0000000..3504d40 Binary files /dev/null and b/cover/cover_en.pdf differ diff --git a/etc-defaults.d/README b/etc-defaults.d/README new file mode 100644 index 0000000..3f6e4c9 --- /dev/null +++ b/etc-defaults.d/README @@ -0,0 +1,4 @@ +this directory contains some configuration files for the development of the CryptoBox + +If you want to use different local settings, then you should copy the respective +configuration file to the directory "etc-local.d" and adapt it to your needs. diff --git a/etc-defaults.d/cbox-dev.conf b/etc-defaults.d/cbox-dev.conf new file mode 100644 index 0000000..0cb115b --- /dev/null +++ b/etc-defaults.d/cbox-dev.conf @@ -0,0 +1,54 @@ +# some local settings for cbox-build.sh and validate.sh +# +# previously defined settings: +# - ROOT_DIR +# + + +####################### cbox-build ######################## + +# the build directory (will be ERASED without warning) +BUILD_DIR="$ROOT_DIR/_builddir" + +# the cryptobox development files +CBOX_DEVEL_DIR=$ROOT_DIR/cbox-tree.d + +# template for live-cd +TEMPLATE_DIR=$ROOT_DIR/live-cd-tree.d + +# the iso image +IMAGE_FILE=$BUILD_DIR/cryptobox.iso + +# temporary directory +TMP_DIR=/tmp/$(basename $0)-$$ + +# the virtual harddisk image used for qemu +HD_IMAGE=/tmp/$(basename $0)-testplatte.img + +# mkisofs options (the option "-U" is not clean, but it prevents long +# filenames from getting mapped) +# TODO: this may prevent windows user from reading the documentation +MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R" + +# for burning a CD +CDWRITER=0,0,0 + + +####################### validation ######################## + +# language of validation (select web interface language) +VALIDATE_LANGUAGE=en + +# directory of the test-cases +VALIDATE_TEST_CASES_DIR=$ROOT_DIR/validation/test-cases + +# override these settings if the CryptoBox uses a non-default IP +VALIDATE_HOST_IP_DEFAULT=192.168.0.23 +VALIDATE_HOST_IP_CHANGED=192.168.0.24 + +# destination directories for the results +VALIDATE_REPORT_DIR=/tmp/cryptobox-validation-$$ +VALIDATE_REPORT_DIR=$ROOT_DIR/validation/report +VALIDATE_SUMMARY_TEMPLATE_DIR=$ROOT_DIR/validation/templates + + diff --git a/etc-defaults.d/dfs-cbox.conf b/etc-defaults.d/dfs-cbox.conf new file mode 100644 index 0000000..23bad8b --- /dev/null +++ b/etc-defaults.d/dfs-cbox.conf @@ -0,0 +1,236 @@ +# arch-tag: Default configuration file +# Copyright (c) 2004 John Goerzen + +[DEFAULT] +###################################################################### +# Overall settings, set defaults for all archs +###################################################################### + +# Name of generated disc & hostname +# BEWARE: hostname does not work - you have to set the hostname manually at the end of this file +name = CryptoBox + +# Version of generated disc +version = 0.3.4 + +# Person that built it +builder = sense.lab + +# Repositories to mirror. Details about each one are configured below. +dlrepos = stable + +# Repository to build the CD with. Must be in above list. +suite = stable + +# Whether or not to use zftree compression on ISO image +compress = no + +# Files to never compress if the above is yes +# If a dir is given, that dir and everything below is not compressed +dontcompress = /boot + /etc/*boot* + /opt/dfsruntime/initrd.dfs + +# Location of dfsbuild support files +libdir = /usr/lib/dfsbuild + +# Location of docs for CD +docdir = /usr/share/doc/dfsbuild + +# Bootloader to place on CD. Choices are: +# grub-hd GRUB with ElTorito hard disk emulation (not working yet) +# grub-no-emul "raw" ElTorito image +# aboot Alpha SRM bootloader +# yaboot PowerPC bootloader +# (usually set in arch area) +#bootloader = grub-no-emul + + +# Packages to install on live FS, on all archs, besides base system +allpackages = + util-linux + grub + parted + dmsetup + perl + tar + bash + coreutils + module-init-tools + ifupdown + busybox + usbutils + pciutils + discover + hdparm + binutils + debconf + sysutils + stunnel4 + samba + hashalot + python-clearsilver + python-cherrypy + python-configobj + python-central + super + dosfstools + cryptsetup + python-m2crypto + # support for file systems + e2tools + e2fsprogs + xfsprogs + hfsutils + jfsutils + ## ntfs-3g is not in etch + #ntfs-3g + # TODO: remove the following packages for the final version + subversion + strace + ssh + vim + nano + less + lynx + w3m + screen + elinks + + +# select a mirror for the repository (apt-cacher, apt-proxy, no caching) by +# uncommenting the line of your choice +# (1) apt-cacher (default) +mirror = http://127.0.0.1/apt-cacher/ftp.debian.org/debian +# (2) apt-proxy +#mirror = http://127.0.0.1:9999/debian +# (3) no caching proxy for apt +#mirror = http://ftp.debian.org/debian + + +# Files to place on the ramdisk +ramdisk_files = /etc/resolv.conf + /etc/lvm* + /tmp + /var/tmp + /dev + /var/lib/dhcp + /var/lib/samba + /var/log + /var/cache/samba + /var/lock + /var/run + /var/state + /etc/mtab + /root + /etc/network + /var/lib/misc + /var/lib/urandom + #/etc/hotplug/.run + /var/spool/cron + +# Directories to create on live fs +makedirs = + +# Files to delete from live fs +deletefiles = /etc/rcS.d/*discover + /etc/rcS.d/*lvm + /var/log/dpkg.log + /var/log/bootstrap.log + +preparescripts = + ../scripts/prepare_target.sh + +cleanupscripts = + ../scripts/cleanup_target.sh + +###################################################################### +# Arch settings: i386 +###################################################################### + +[i386] +# Name of any kernel images to install directly from your current filesystem +#kernels = /boot/vmlinuz-2.4.27-2-386 + +# Modules to copy from host filesystem +#modules = /lib/modules/2.4.27-2-386 + +# Debs from local fs to unpack on live FS (will not be configured) +unpackdebs = + ../packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb + +# Other packages to install besides the list in DEFAULT +packages = %(allpackages)s + +# Debs from local fs to install on live fs +## fetch newest ntfs-3g from debian backports +installdebs = + ../packages/cryptobox-server.deb + ../packages/ntfs-3g_1%3a1.516-1~bpo.1_i386.deb + +# Bootloader (see options under default) +bootloader = grub-no-emul + +# Extra lines for grub config +grubconfig = timeout 0 + password -md5 this_invalid_hash_protects_grub_config + +##################################################################### +# Repository configuration +###################################################################### + +# Repositories to download +[repo testing] +suite = testing + +[repo amd64] +suite = unstable +# Override default mirror +#mirror = http://debian-amd64.alioth.debian.org/pure64/ +# Override default arch +arch = amd64 + +###################################################################### +# Text to add to existing files +###################################################################### + +[appendfiles] + +/etc/network/interfaces = + auto lo eth0 + iface lo inet loopback + iface eth0 inet static + address 192.168.0.23 + netmask 255.255.255.0 + +# /etc/modules = + +/etc/profile = export TERM=vt100 + +###################################################################### +# Files to create or truncate +###################################################################### + +[createfiles] +/etc/hostname = CryptoBox + +/etc/syslog.conf = *.* /dev/tty8 + *.info /dev/tty7 + +/etc/hosts = 127.0.0.1 localhost + +/etc/kernel-img.conf = do_initrd = Yes + +# exit the samba startup script during install immediately - otherwise +# there would be /proc problems - it will get replaced later via +# live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh +/etc/default/samba = exit + +###################################################################### +# Symlinks to create (from = to format) +###################################################################### + +# this does not work anymore +#[symlinks] +#/etc/mtab = /proc/mounts + diff --git a/etc-defaults.d/qemu-ifup b/etc-defaults.d/qemu-ifup new file mode 100755 index 0000000..dbfce74 Binary files /dev/null and b/etc-defaults.d/qemu-ifup differ diff --git a/etc-defaults.d/qemu-ifup.default b/etc-defaults.d/qemu-ifup.default new file mode 100755 index 0000000..b3d5664 --- /dev/null +++ b/etc-defaults.d/qemu-ifup.default @@ -0,0 +1,55 @@ +#!/bin/sh +# +# this is the qemu-ifup script that should be run at qemu's boot +# + +# determine the interface to the outside +IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/ */ /g" | cut -d " " -f 8 | head -1` +# nothing found? - sorry! +[ -z "$IF_WORLD" ] && IF_WORLD=eth0 + + +if [ "$UID" -ne 0 ] + then sudo $0 $* + exit 0 + fi + +echo "Laufe als root ..." + +IPT=/sbin/iptables +[ ! -x $IPT ] && IPT=/usr/sbin/iptables + +IPT_RULES=" FORWARD -i tun0 -o $IF_WORLD -j ACCEPT + FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT + POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE + INPUT -i tun0 -j ACCEPT + OUTPUT -o tun0 -j ACCEPT" + +aktiviere_forward() +{ + echo "$IPT_RULES" | while read a + do $IPT -A $a + done + echo 1 >/proc/sys/net/ipv4/ip_forward +} + +deaktiviere_forward() +{ + echo "$IPT_RULES" | while read a + do $IPT -D $a + done + echo 0 >/proc/sys/net/ipv4/ip_forward +} + +case "$1" in + stop ) + deaktiviere_forward + #/etc/init.d/dhcp stop + ;; + * ) + /sbin/ifconfig $1 192.168.0.1 + #/etc/init.d/dhcp start + aktiviere_forward + ;; + esac + diff --git a/etc-defaults.d/ssh-options.default b/etc-defaults.d/ssh-options.default new file mode 100644 index 0000000..de831bd --- /dev/null +++ b/etc-defaults.d/ssh-options.default @@ -0,0 +1,17 @@ +Host cryptobox + +# change this part according to your needs +HostName 192.168.0.23 +Port 22 + +# maybe you want to use rsa authentication? +# see misc/custom-configure.s/README for examples +#IdentityFile local.conf.d/id_rsa + +# this should be valid for everyone +User root +CheckHostIP no +StrictHostKeyChecking no + +# nice for frequently changing server key due to a rebuild of the base system +UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts diff --git a/etc-defaults.d/ssh_config b/etc-defaults.d/ssh_config new file mode 100644 index 0000000..4e78e56 --- /dev/null +++ b/etc-defaults.d/ssh_config @@ -0,0 +1,17 @@ +Host cryptobox + +# change this part according to your needs +HostName 192.168.0.23 +Port 22 + +# maybe you want to use rsa authentication? +# see configure-examples.d/README for examples +IdentityFile local.conf.d/id_rsa + +# this should be valid for everyone +User root +CheckHostIP no +StrictHostKeyChecking no + +# nice for frequently changing server key due to a rebuild of the base system +UserKnownHostsFile /tmp/cryptobox-ssh-known_hosts diff --git a/hints/codecoop-website-upload.txt b/hints/codecoop-website-upload.txt new file mode 100644 index 0000000..756d37e --- /dev/null +++ b/hints/codecoop-website-upload.txt @@ -0,0 +1,6 @@ +by scp or webdav - the last one is the better choice + +1) webdav +apt-get install davfs2 +modprobe coda +mount -t davfs https://upload.codecoop.org/groups/cryptobox/ /mnt/ttt diff --git a/hints/dev-requirements b/hints/dev-requirements new file mode 100644 index 0000000..531c050 --- /dev/null +++ b/hints/dev-requirements @@ -0,0 +1,5 @@ +developer requirements: +- dfsbuild +- wget +- curl +- (qemu) diff --git a/hints/dfsbuild-patching.txt b/hints/dfsbuild-patching.txt new file mode 100644 index 0000000..3eb3c5e --- /dev/null +++ b/hints/dfsbuild-patching.txt @@ -0,0 +1,13 @@ +The current official debian package of dfsbuild (v0.99.2) is not working due +to three ugly but small bugs. + +If you are using dfsbuild v0.99.2, then you should do the following: + - create a new directory and change into it + - apt-get source dfsbuild + - apply all dfsbuild-bug-?.patch files to the source directory + - debuild -uc -us + - install the freshly built package + +Alternatively you could also install the patched version: + packages/dfsbuild_0.99.2.1_i386.deb + diff --git a/hints/install_clearsilver.txt b/hints/install_clearsilver.txt new file mode 100644 index 0000000..d2edb92 --- /dev/null +++ b/hints/install_clearsilver.txt @@ -0,0 +1,26 @@ +as there is no debian-package for the perl bindings of clearsilver, you have to add it manually to the tree of the cbox-tree + +1) download +- get it from: http://www.clearsilver.net/downloads +- unpack (tar xzf . ...) + + +2) configuration +./configure --disable-python --disable-ruby --disable-csharp --disable-apache --disable-java --disable-compression --enable-perl --enable-gettext --prefix=/tmp/clearsilver-perl + + +3) fix a problem in scripts/document.py +change the first line to "#!/usr/bin/env python" + + +4) build it +- make +- make install + + +5) cp to the cbox +cp -a /tmp/clearsilver-perl/local/lib/perl/5.8.7/. cryptobox.conf.d/usr/lib/perl5 +rm cryptobox.conf.d/usr/lib/perl5/perllocal.pod + +6) dependencies +add python-clearsilver to the box (dfsbuild.conf) diff --git a/hints/kernel-build.txt b/hints/kernel-build.txt new file mode 100644 index 0000000..42ddbb4 --- /dev/null +++ b/hints/kernel-build.txt @@ -0,0 +1,23 @@ +Hints for building and integrating a new kernel into the cryptobox: + +1) get the source +download it from http://kernel.org (at least 2.6.11) + +2) configure +- copy the current kernel config from the cryptobox/trunk/kernel + directory to the kernel source directory as ".config" (the .config + can also be found in the current kernel-image-cryptoboxX.Y.deb packagefile) +- make menuconfig +- make-kpkg --rootcmd fakeroot --revision=cryptoboxY.X kernel_image + (replace "Y.X" by the current cryptobox release) + +3) integrating +- copy the debian kernel package (see above) and the config file to cryptobox/trunk/kernel +- change the "unpackdebs" setting in cryptobox/trunk/etc-default.d/dfs-cbox.conf +- add the new kernel package and the config file to the repository (svn add) + +4) afterwork +- run "cryptobox/trunk/scripts/cbox-build.sh dfsbuild" to create a fresh base system + including the new kernel +- test the box with your new kernel +- enjoy it! :) diff --git a/hints/patches/dfsbuild-bugs-1.patch b/hints/patches/dfsbuild-bugs-1.patch new file mode 100644 index 0000000..79416a2 --- /dev/null +++ b/hints/patches/dfsbuild-bugs-1.patch @@ -0,0 +1,56 @@ +## fixed bugs: +## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404563 +## - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404555 +diff -ruN dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs +--- dfsbuild.orig/dfsbuild-0.99.2/Bootloader/Grub.hs 2006-04-20 00:10:11.000000000 +0200 ++++ dfsbuild/dfsbuild-0.99.2/Bootloader/Grub.hs 2007-01-02 00:56:45.000000000 +0100 +@@ -40,8 +40,11 @@ + + grub_generic env = + do createDirectory (targetdir env ++ "/boot/grub") 0o755 +- grubfiles <- glob "/lib/grub/*/*" +- safeSystem "cp" $ ["-rv"] ++ grubfiles ++ [targetdir env ++ "/boot/grub/"] ++ -- since etch (Debian 4.0) grub files are located in /usr/lib instead of /lib ++ grubfiles_pre_etch <- glob "/lib/grub/*/*" ++ grubfiles_since_etch <- glob "/usr/lib/grub/*/*" ++ safeSystem "cp" $ ["-rv"] ++ grubfiles_pre_etch ++ grubfiles_since_etch ++ ++ [targetdir env ++ "/boot/grub/"] + menuText <- grubMenu env + writeFile (targetdir env ++ "/boot/grub/menu.lst") menuText + +diff -ru dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs +--- dfsbuild.orig/dfsbuild-0.99.2/Actions/Mirror.hs 2006-04-20 00:10:11.000000000 +0200 ++++ dfsbuild/dfsbuild-0.99.2/Actions/Mirror.hs 2007-01-01 22:09:26.000000000 +0100 +@@ -33,7 +33,7 @@ + archargs ++ debugargs ++ ["-d", suite, targetdir env, mirror] + -- Next, copy them into the mirror. + codename <- getCodeName +- (targetdir env ++ "/var/cache/bootstrap/Release") ++ (targetdir env ++ "/var/cache/bootstrap/") + dm $ "Codename for this is " ++ codename + mapM_ (\x -> handle (\_ -> return ()) (createDirectory x 0o755)) + [mirrordir, mirrordir ++ "/conf"] +diff -ru dfsbuild.orig/dfsbuild-0.99.2/Utils.hs dfsbuild/dfsbuild-0.99.2/Utils.hs +--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs 2006-04-20 00:10:11.000000000 +0200 ++++ dfsbuild/dfsbuild-0.99.2/Utils.hs 2007-01-01 22:40:34.000000000 +0100 +@@ -16,6 +16,7 @@ + import MissingH.ConfigParser + import MissingH.Cmd + import System.IO.Unsafe ++import System.IO.Error + import Text.Regex + import MissingH.Path.FilePath + import System.Directory(doesFileExist) +@@ -72,7 +73,11 @@ + + getCodeName :: FilePath -> IO String + getCodeName fp = +- do c <- readFile fp ++ do c_old <- System.IO.Error.catch (readFile (fp ++ "Release")) ++ (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e) ++ c_new <- System.IO.Error.catch (readFile (fp ++ "_dists_._Release")) ++ (\e -> if System.IO.Error.isDoesNotExistError e then return "" else ioError e) ++ c <- if length(c_old) > 0 then return c_old else return c_new + let cr = mkRegex "Codename: ([a-z]+)" + case matchRegex cr c of + Just [cn] -> return cn diff --git a/hints/patches/dfsbuild-bugs-2.patch b/hints/patches/dfsbuild-bugs-2.patch new file mode 100644 index 0000000..fc1f676 --- /dev/null +++ b/hints/patches/dfsbuild-bugs-2.patch @@ -0,0 +1,60 @@ +## this patch allows the addition of custom scripts to prepare/cleanup the target +## directory before/after package installation +## it is necessary for the samba package as it requires /proc/ during installation +--- dfsbuild.orig/dfsbuild-0.99.2/Actions.hs 2006-04-20 00:10:11.000000000 +0200 ++++ dfsbuild/dfsbuild-0.99.2/Actions.hs 2007-01-03 15:36:59.000000000 +0100 +@@ -43,6 +43,11 @@ + finished Bootstrapped + Bootstrapped -> -- Time to install shared files + do installlib env ++ finished EnvironmentPrepared ++ EnvironmentPrepared -> -- execute configurable hook scripts ++ do im $ "Executing preparation scripts" ++ mapM_ (safeSystem `flip` [ targetdir env ]) ++ (splitWs $ eget env "preparescripts") + finished LibsInstalled + LibsInstalled -> -- Install additional packages + do installpkgs env +@@ -68,6 +73,11 @@ + do safeSystem "mkcramfs" [(targetdir env) ++ "/opt/initrd", + (targetdir env) ++ "/boot/initrd.dfs"] + recursiveRemove SystemFS $ (targetdir env) ++ "/opt/initrd" ++ finished EnvironmentCleaned ++ EnvironmentCleaned -> -- execute configurable hook scripts ++ do im $ "Executing preparation scripts" ++ mapM_ (safeSystem `flip` [ targetdir env ]) ++ (splitWs $ eget env "cleanupscripts") + finished RamdiskBuilt + RamdiskBuilt -> -- Install the bootloader + do (isoargs, blfunc) <- Bootloader.install env +--- dfsbuild.orig/dfsbuild-0.99.2/Utils.hs 2007-01-01 23:06:17.000000000 +0100 ++++ dfsbuild/dfsbuild-0.99.2/Utils.hs 2007-01-03 15:33:00.000000000 +0100 +@@ -30,10 +31,10 @@ + marker :: String, + datestr :: String} + +-data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | Installed +- | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped ++data DFSState = Fresh | Initialized | Mirrored | Bootstrapped | EnvironmentPrepared ++ | Installed | LibsInstalled | DebsInstalled | CfgHandled | InitPrepped + | RDPrepped +- | KernelsInstalled | RamdiskBuilt | BootloaderInstalled ++ | KernelsInstalled | EnvironmentCleaned | RamdiskBuilt | BootloaderInstalled + deriving (Eq, Show, Read, Ord) + + im = infoM "dfs" +--- dfsbuild.orig/dfsbuild-0.99.2/dfs.cfg 2006-07-02 01:46:22.000000000 +0200 ++++ dfsbuild/dfsbuild-0.99.2/dfs.cfg 2007-01-03 15:40:22.000000000 +0100 +@@ -115,6 +115,12 @@ + /var/log/dpkg.log + /var/log/bootstrap.log + ++# Scripts that should be executed after bootstrapping and before package installation ++#preparescripts = ++ ++# Scripts that should be executed after package installation and before iso generation ++#cleanupscripts = ++ + ###################################################################### + # Arch settings: i386 + ###################################################################### diff --git a/hints/release-policy.txt b/hints/release-policy.txt new file mode 100644 index 0000000..33b8bec --- /dev/null +++ b/hints/release-policy.txt @@ -0,0 +1,51 @@ +For a new live-CD follow steps 1a and 2a. +For a language update live-CD follow steps 1b and 2b. + +0) manually update files: + - ntfs-3g debian package (from lenny) + +1a) set current version + - cover/cover_[en|de].[odt|pdf] + - etc/defaults.d/dfs-cbox.conf (version setting) + +1b) upgrade language files of an old live-cd + - rm -rf _builddir/ + - mount -o loop old_live_cd.iso /mnt/ttt + - cp -a /mnt/ttt _builddir/target + - update all binary language files by issuing scripts/update_po_files.py + in the project's language branch + - copy all language files (*.mo) of the updated languages to + _builddir/target/usr/locale/.... + - update the list of available languages in + _builddir/target/etc/cryptobox-server/cryptobox.conf + - update the version in _builddir/target/boot/grub/menu.lst + - update cover/conver_[en|de].[swx|pdf] + +2a) build image + - 'scripts/cbox-build.sh release' + +2b) build image and create signatures + - 'scripts/cbox-build.sh isoz' + - cd _builddir + - sha1sum ISO_FILE > ISO_FILE.sha1sum + - md5sum ISO_FILE > ISO_FILE.md5sum + +3) release notes + - update website + - update CHANGELOG + +4) upload to codecoop + - check the validity of your ssh-key in your codecoop user account + - type "scp $FILE $USERNAME@shell.codecoop.org:." + - upload a dummy file with the same name via upload-web-interface to codecoop + - ask Jan Kanzleiter to replace the dummy with the + scp-file and to manually set the filesize (otherwise: it is not displayed at all) + - upload the checksumfile created by "md5sum cryptobox_vY.X.iso >cryptobox_vY.X.iso.md5sum" + - add release notes and changelog + - upload cover_[en|de].pdf + +5) release announcement + - http://codecoop.org + - http://distrowatch.com + - http://livedistro.org + - http://linuxlinks.com diff --git a/hints/starting_uml.txt b/hints/starting_uml.txt new file mode 100644 index 0000000..71a50fe --- /dev/null +++ b/hints/starting_uml.txt @@ -0,0 +1,7 @@ +# sample startup file for running the cryptobox in a user-mode-linux environment +# +# it does not work, as the dfsbuild-cd-image is not being recognized during boot +# +# just as a reminder ... +# +kernel/uml-kernel-2.6.12.3-cryptobox dfscd=/dev/ubd1 ubd1r=_builddir/cd1/image.iso ubd0=_builddir/cd1/image-working/opt/dfsruntime/initrd.dfs con=null con0=fd:0,fd:1 diff --git a/hints/trac-wiki.txt b/hints/trac-wiki.txt new file mode 100644 index 0000000..c233382 --- /dev/null +++ b/hints/trac-wiki.txt @@ -0,0 +1,27 @@ +some useful macros: +* [[TOC]] - at the beginning of the document +* [[AutoNav]] - below [[TOC]], followed by a line with "----" +* [[AddComment]] - at the end of the page (below "----") +* [[WikiInclude($PAGENAME)]] - include another wiki page +* [[redirect(wiki:$PAGENAME)]] - redirect to another page (useful to redirect to default lang) +* [[Image(file/trunk/cbox-tree.d/var/www/cryptobox-img/screenshots/$NAME)]] - beware: you may use "wiki" or "ticket" instead of "file" - very unusual syntax +* [[FootNote(Text)]] - creates a reference to a footnote - the list of footnotes is expanded by "[[FootNote]]" + +special things: +* the first level heading ("= TEXT =") is considered as the page title - only lower level headings will be a part of the table of contents +* links like "CryptoBoxUser/de" are not recogniced - use "[wiki:CryptoBoxUser/de CryptoBoxUser]" instead +* for a deeper level of items or enumerations, you have to add two(!) additional spaces in front of the symbol ("*" or "1.") - this is obviously strange ... + +default page layout: +[[TOC]] +[[AutoNav]] +---- + += Title = + +== Heading ... == +... + +---- +== Comments == +[[AddComment]] diff --git a/live-cd-tree.d/_offline/doc/Crypto0.html b/live-cd-tree.d/_offline/doc/Crypto0.html new file mode 100644 index 0000000..39add92 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/Crypto0.html @@ -0,0 +1,79 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

User Documentation

+

+The following pages are describing the basic usage of the CryptoBox live-CD. +

+

+The online version of this manual is a wiki, which means you can help improving the pages. If you have a question regarding the documentation, please post it on the bottom of the relevant page. The developers will answer your questions and update the manual as fast as possible. +

+

Documentation for 0.3.x releases

+
  1. CryptoBoxUserGettingStarted -- first steps to get the Cryptobox up and running +
  2. CryptoBoxUserDailyUse -- how to access your encrypted data +
+

+At the moment there is no automatic way of using an encrypted disk of the 0.2 series in a !Cryptobox running the 0.3 series. That's because we did a major redesign of the CryptoBox functionality within the last year. We're sorry for the unconveniance! +

+

Frequently Asked Questions

+
+
+ +
+ + + + + + + + + + + diff --git a/live-cd-tree.d/_offline/doc/activa0.png b/live-cd-tree.d/_offline/doc/activa0.png new file mode 100644 index 0000000..d18fe90 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/activa0.png differ diff --git a/live-cd-tree.d/_offline/doc/cartoon.html b/live-cd-tree.d/_offline/doc/cartoon.html new file mode 100644 index 0000000..79c0043 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/cartoon.html @@ -0,0 +1,93 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

What does the CryptoBox do?

+

Usually all your files like phone numbers, love letters, bank + account data etc. are stored in plaintext on your computer's + harddisk. + All the data is accessible for everyone who has access to the harddisk. + This is very bad in case someone you don't trust gets your harddisk. + E.g. a thief that steals your notebook, or breaks into your house or company. + If the thief has your disk he/she can also read all the files that + where saved on it, no matter whether you have a login password or not - + the files are always stored in plaintext. +

+ +

The CryptoBox brings easy-to-use data encryption to your + computer. This works out of the box and does not need complicated + configuration steps.

+ +

Here comes a small usage example for the CryptoBox with an obsolete + PC as a fileserver:

+ +

Boot up the old PC with the CryptoBox live-CD. + Now you can access it with your browser via the network. + Then you partition and reformat the harddisk of the old + PC with encryption support. Therefore you provide a passphrase. + This is all done through the user friendly webinterface. + You can also plug in an external harddisk and use this to store + your encrypted data. + Afterwards you copy your sensitive data over the local + network to the CryptoBox. + It is stored on its harddisk in a secure way. + Nobody can access your data without the right passphrase. +

+
+ + + + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/details.html b/live-cd-tree.d/_offline/doc/details.html new file mode 100644 index 0000000..2e7da65 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/details.html @@ -0,0 +1,135 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+ +
+

You are server admin?

+

Take a look at the README + file. There you find more detailed information about the + installation and configuration of the CryptoBox-Server + package.

+
+ +
+ +
+

Requirements for the CryptoBox live-CD

+

The CryptoBox live-CD runs on any x86 compatible PC with:

+
    +
  • CPU: min. 200MHz
  • +
  • RAM: 64 MB
  • +
  • CD-ROM drive
  • +
  • a network connection
  • +
  • a harddisk for your data
  • +
+

The harddisk does not need to inside the of CryptoBox computer. You + can also use external devices like USB-drives. + All drives supported by the Linux kernel (2.6.20) can be used: IDE, + SCSI, USB, FireWire, SATA, RAID, ...

+

Because of the high number of different supported storage media + we call an encrypted disk a volume. + This includes (e.g.): USB-sticks, firewire-disks, flash-drives, digital cameras, + MP3-player, MMC/SD-cards.

+
+ +
+

Requirements of the CryptoBox-Server

+

The CryptoBox-Server package can be installed on any system with at least:

+
    +
  • Linux kernel 2.6
  • +
  • cryptsetup with LUKS support
  • +
  • kernel support for the crypt target of the device mapper
  • +
  • Python 2.4
  • +
+

In general a server package should run on any Linux + distribution, but we only provide Debian packages. So you have to + install the necessary files on your own to the right places if + you are using a different linux distribution.

+
+ +
+

File access

+

Once you openend an encrypted volume through the web frontend of + the CryptoBox you can access the volume's data within your local + network via:

+
    +
  • Samba shares (also known as: windows network share)
  • + +
+

The CryptoBox-Server package will smoothly integrate into your existing + fileserver. It provides mount points which can be shared via your + favourite protocols (e.g.: WebDAV or NFS).

+
+ +
+

Encryption

+

The encrypted disk partitions are LUKS + volumes. This makes it also possible to access your data directly with + every modern linux system or via FreeOTFE + (for Microsoft products).

+

You can select your favourite encryption algorithm from all + ciphers supported by the linux kernel. The default is + aes-cbc-essiv:sha256 (AES in CBC mode with ESSIV based on + SHA256).

+
+ + + + + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/develo0.html b/live-cd-tree.d/_offline/doc/develo0.html new file mode 100644 index 0000000..2479fea --- /dev/null +++ b/live-cd-tree.d/_offline/doc/develo0.html @@ -0,0 +1,173 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

Contribute

+

You are not just a consumer. At least not in the Open Source world.

+

There are various ways to take part in improving the CryptoBox + for all of us ...

+
+ +
+ + +
+

Recent changes

+ + +
+ +
+ + +
+

Translation center

+

We want you to translate the CryptoBox!

+

This way you can help others to access the CryptoBox in their native language. + The translation center serves + this purpose. Just register and use the webinterface for translations. + It features a nice, motivating progress bar.

+

For any questions send a mail to info@cryptobox.org.

+
+ +
+

Development

+

If you are interested in what happens under the hood, visit the development corner. You can also report + bugs there.

+

The roadmap shows our goals + for the next release and the estimated release date.

+

Join + the development mailing list or participate via gmane.

+

You can also just browse the mailing list archive.

+
+ +
+

Bleeding edge source code

+

The current source code of the CryptoBox-Server package is always + available via our Subversion repository.

+

Read more ...

+
+ +
+

Thank you!

+

The whole is nothing without its parts. We would like to thank + all the people for their help (in order of appearance). So, thank you! + :)

+
    +
  • codecoop.org - webspace
  • +
  • Clavdia Horvat, Tadej Brce & Dusan Rebolj - slovenian translation
  • +
  • Rike - french translation
  • +
+
+ +
+

Acknowledgements

+

The CryptoBox project heavily depends on the following Free Software + projects. Thanks for your hard work!

+ +

This list is by far incomplete - so: thanks to everyone involved in + improving Free Software!

+
+ + +
+ + + + + + + + + + + + + diff --git a/live-cd-tree.d/_offline/doc/disks_0.jpg b/live-cd-tree.d/_offline/doc/disks_0.jpg new file mode 100644 index 0000000..d6061ee Binary files /dev/null and b/live-cd-tree.d/_offline/doc/disks_0.jpg differ diff --git a/live-cd-tree.d/_offline/doc/doc_0.0.html b/live-cd-tree.d/_offline/doc/doc_0.0.html new file mode 100644 index 0000000..9a0a2b4 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/doc_0.0.html @@ -0,0 +1,116 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

Getting started

+

+Read the following and you'll be able to set up your own CryptoBox within half an hour. +

+

+It's pretty straight forward as we're always trying to make things as easy as possible for you. +

+

Step by Step

+
  1. You need: +
    • an old computer (remove the dust first) +
    • this PC needs a network card and a CD drive +
    • a medium to store your files on (e.g. a harddisk) +
    • we will call this PC from now on CryptoBox-PC +
  2. You don't need: +
    • a monitor, keyboard and mouse (with one exception, see below). +
    • deeper knowledge of cryptography or server administration +
  3. Download the latest version of the CryptoBox live-CD from CodeCoop. It's an ~100MB iso-image. +
  4. Burn the iso-image onto a CD. +
  5. Connect the CryptoBox-PC to your local area network. +
  6. Configure the CryptoBox-PC, so that it can boot the live-CD. Therefore you may have to enter the BIOS and configure the CD-ROM as boot device. +
  7. Put the burned CryptoBox live-CD into the CD drive and start the CryptoBox-PC. +
  8. Now go to your current desktop computer which must be connected to the same network as the CryptoBox-PC is and point your browser to http://192.168.0.23. +
+

+Now, if you see a website similar to the screenshots you're ready. :) Congratulations! +Otherwise check the last steps again and take a look in the caveats section below. +

+

+Follow this link for further user documentation. There you'll find a detailed desription, how to work with the CryptoBox. +

+

+Some sites of your brand new CryptoBox require an administrative password. The default is admin as username _and_ as password. For your own sake change this as soon as possible (under "Preferences" -> "Users"). +

+

Hints

+
  • The CryptoBox has an integrated help system. Enable it by clicking on the top-right help icon. It displays some useful tips. You can disable it again, as soon as you know how things work. +
  • The CryptoBox-PC should at least have a 200MHz CPU and 64MB RAM (rule of thumb: bought after 1997) +
  • Every modern PC system should work as a CryptoBox-PC. Try to get one with low energy consumption, there is not much CPU performance necessary. +
  • The data storage media can be an internal harddisk or any external drive. +
  • You can change external drives while the !CryptoBox-PC is running or even leave it running without a connected drive at all. +
  • The "drive" may also be a USB-stick, firewire-disk, flash-drive, MMC/SD-card, MP3-player or a digital camera. +
  • If you are going to buy a new harddisk and are using a very, very old PC as CryptoBox, please keep in mind that it probably cannot handle current disk sizes! +

Caveats

+
  • Some old PCs are not able to boot from CD drives. In this case you cannot use it as CryptoBox. +
  • If you want to change the default boot device but don't know what a BIOS is, ask somebody for help! It doesn't hurt. ;) +
  • To configure the BIOS, you need a keyboard and a monitor. But this has to be done only once. +
  • Don't forget to connect your PC to your local area network! Also don't forget to connect your desktop computer to the same network, if it isn't yet. +
  • Make sure your desktop computer has a 192.168.0.x IP address (at least for the first configuration). If this says nothing to you, again ask somebody for help! +
  • If you're unsure about the network, you can also try to connect the CryptoBox-PC and your desktop computer directly with a crossover network cable. +

+

+Move on to further user documentation. +

+

+Or go back to user documentation overview. +

+
+ + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/doc_0.1.html b/live-cd-tree.d/_offline/doc/doc_0.1.html new file mode 100644 index 0000000..ec2aa9e --- /dev/null +++ b/live-cd-tree.d/_offline/doc/doc_0.1.html @@ -0,0 +1,204 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

How to use the CryptoBox

+

+

Table of Contents

+
    +
  1. Basics of the web interface
  2. +
    1. Online Help
    2. +
    3. Navigation
    4. +
    5. Configuration
    6. +
    7. Shutdown
    8. +
    +
  3. Preparing Volumes
  4. +
  5. Accessing Data
  6. +
  7. Using your Harddisks without reformatting
  8. +
+ + +

+
+

Basics of the web interface

+

+Here comes a detailed description of the web interface. We usually just call it CryptoBox as it is the part you'll have most contact with. It's basically the website you're browsing through after you typed http://192.168.0.23 into your browser. +

+

Online Help

+

+The new (0.3) version of the CryptoBox is self explaining. Just follow the menu and click through the pages. +

+

+The integrated help system may support you while using the CryptoBox. It displays some useful tips (e.g. what a single form is for). Enable it by clicking on the top-right help icon. You can disable it again, as soon as you know how things work. +

+
  • help system is disabled by default: +
+

+website/screenshots/doc-0.3.x/help_d0.jpg +

+
+
  • looks like this, when enabled: +
+

+website/screenshots/doc-0.3.x/help_e0.jpg +

+
+ +

+The central place of the CryptoBox is the "Disks" section, where you manage all your encrypted and unencrypted volumes. Every single storage medium is called a volume. +

+

+You are able to use whole disks, partitions, usb-storage devices like (usb-sticks, flash-media etc.), firewire-storage devices, logical partitions and a lot more as a volume. There is a simple rule for the devices: everything that is supported by a recent Linux kernel, is also supported by the CryptoBox. +

+
  • disk overview with one volume: +
+

+website/screenshots/doc-0.3.x/disks_0.jpg +

+
+

+Each disk-symbol is representing a volume with its name underlaying. Small icons on the disk-symbol give you some more information about the volume. A red cross means, that the volume currently is not activated. A lock symbolzises an encrypted partition. If the lock is closed the volume is not activated. If an encryted volume is activated there shows up an open lock and the CryptoBox Logo in the top-right corner opens itself, too. +

+

Configuration

+

+In the "Preferences" section you can adapt the CryptoBox to your personal needs. You may set the date/time of the CryptoBox there, as well as its network address and so on. You also find the log messages there - this is very helpful in case something unexpected happened. +

+
  • preferences overview: +
+

+website/screenshots/doc-0.3.x/prefer0.jpg +

+
+

Shutdown

+

+Follow the link to the "Shutdown" section and you can reboot the CryptoBox or just turn it off. +

+
+

Preparing Volumes

+

+Every drive you connect to the CryptoBox will be shown as one or more volumes. If the device was previously formatted with a rather exotic filesystem, then you may have to format it, before you can use it via the CryptoBox. BEWARE: all data of a volume will be deleted while formatting. +

+

+If you want to store encrypted data on a volume (you should, as this is the key feature of the CryptoBox :) ), you also have to format it initially, too. +

+
  • initialization of a disk: +
+

+website/screenshots/doc-0.3.x/prepar0.jpg +

+
+

+If you format a volume with encryption support, you have to provide a good passphrase (requiered in the next step). This passphrase protects your files from curious or evil eyes. +

+

+It is good practice to give every volume a unique name (e.g.: "photo collection" or "my important files"), depending on what you're using it for. So you won't have trouble if you later connect more than one drive to the CryptoBox. +

+

+If you don't like the aotumatic formattign modus, you can divide one disk into more than one volume by partitioning it. Keep in mind that all existing data on a volume or disk will be deleted if you format or repartition it! +

+
+

Accessing Data

+

+Now you know how to set up a CryptoBox and how to prepare volumes. So you finally can put some data on your configured volume. Click in the web frontend on "Open this volume" and give the correct passphrase. +

+

+If you want to open or save files on the volumes of the CryptoBox, you just use its available network shares: click on network neighbourhood (or similar - depending on your operating system) and choose the cryptobox computer. Only currently open volumes are visible there. +

+

+In case the cryptobox computer is not visible in your network overview, you may have to search for the hostname cryptobox or its configured IP address. Maybe it can also be necessary to reboot the CryptoBox after you changed its network settings. +

+

+The following screenshots may help you to find the cryptobox in your network on different desktop systems: +

+
  • Gnome: +
+

+website/screenshots/doc-0.3.x/search0.png +

+
+
  • KDE: +
+

+website/screenshots/doc-0.3.x/search1.png +

+
+
  • Windows: +
+

+website/screenshots/doc-0.3.x/search2.png +

+
+

+Do not forget to close the volume again via the web frontend, as soon as you do not need the encrypted files any more. +

+
+

Using your Harddisks without reformatting

+

+In some cases, a disk can be used in the CryptoBox without reformatting it. This depends on the filesystem of your disk. If it is a plain (unencrypted) one and supported by the linux kernel you will not have any problems. Encrypted disks are supported only if they use a cryptsetup-luks format. Other types of disk encryption will not be accessible. +

+

+On the downside you won't be able to store your CryptoBox settings (e.g. volume name, network address) on this disk. Therefore you would need a small config partition, which is being created automatically when you partition a disk. A warning message appears if you are working without a writeable config partition. +

+
+

+Go back to user documentation overview. +

+
+
+ +
+ + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/downlo0.html b/live-cd-tree.d/_offline/doc/downlo0.html new file mode 100644 index 0000000..5a5c191 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/downlo0.html @@ -0,0 +1,119 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+ +
+

Latest releases

+

CryptoBox-CD: 0.2.1

+

CryptoBox-Server: 0.3.4

+
+ +
+

Planned major releases:

+

CryptoBox-CD:

+
  • v0.3.x 02/15/02007
+

CryptoBox-Server:

+
  • v0.4 06/01/02007
+

Read the development roadmap + for more details.

+
+ +
+

License

+

All code is licensed under the GPL.

+

The documentation, the graphics and this website are licensed under a Creative Commons License.

+
+ +
+ +
+

CryptoBox live-CD

+

Get the latest CryptoBox live-CD image and burn it on CD.

+

CryptoBox live-CD download

+


We would like to thank codecoop.org for + providing the necessary bandwidth.

+

Alternatively you can buy a live-CD at OpenSoft.nl + for 5.95 european bugs. Note: this is an unpaid advertisement link. + So if you ask us kindly, we might send you a CD for a better price. ;)

+
+ +
+

CryptoBox-Server Debian package

+

Use the CryptoBox-Server package in your Debian/Ubuntu Linux distribution.

+

CryptoBox-Server debian package + download

+


Install it with: dpkg -i cryptobox-server.deb

+

We strongly recommend to use the server package of our + (inofficial) debian package repository, which is easier to + maintain. How to do that ist written in the FAQ.

+
+ +
+

CryptoBox-Server source files

+

Users of a non-debian-based Linux distributions are a bit + out of luck. You may try to install the source package, but you + have to adapt some paths manually.

+

cryptobox-server source + archive download

+
+ + + + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/en_con0.png b/live-cd-tree.d/_offline/doc/en_con0.png new file mode 100644 index 0000000..e74b416 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/en_con0.png differ diff --git a/live-cd-tree.d/_offline/doc/en_mount.png b/live-cd-tree.d/_offline/doc/en_mount.png new file mode 100644 index 0000000..eca7049 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/en_mount.png differ diff --git a/live-cd-tree.d/_offline/doc/faq.html b/live-cd-tree.d/_offline/doc/faq.html new file mode 100644 index 0000000..77a067c --- /dev/null +++ b/live-cd-tree.d/_offline/doc/faq.html @@ -0,0 +1,114 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

Frequently Asked Questions

+

+We answer some common questions her. Add a comment or mail us if you have questions, that might be interesting for others, too. +

+

+

    +
  1. I successfully opened a volume. How can I access the data now?
  2. +
  3. Recently I partitioned my harddisk. Now I can open the volume without a password. Isn't it encrypted any more?
  4. +
  5. How can I restrict access to certain data?
  6. +
  7. There is a user manager available in the preferences section. What is it good for?
  8. +
  9. How do I use the server package from the Debian repository?
  10. +
+ + +

+
+

I successfully opened a volume. How can I access the data now?

+
  • CryptoBox live-CD: browse the network neighborhood for the CryptoBox (in M$ Windows), scan the network (with KDE or Gnome). If you like terminals use smbmount or mount -t smbfs to access the network share. +
  • CryptoBox-Server: you should ask your administrator, which way is the best to access the mounted volume. In case you are the administrator, then you should take a look at the configuration file for the !MountDir setting. Publish this directory via your favourite fileserver (e.g. samba, webdav, nfs, ftp, ...) and tell your users how to reach it. +

Recently I partitioned my harddisk. Now I can open the volume without a password. Isn't it encrypted any more?

+

+The partition manager creates non-encrypted volumes by default. If you want to enable encryption for a volume, then you have to format it. Be aware that this will erase all data of the volume. +

+

How can I restrict access to certain data?

+

+The CryptoBox does not support user and access management for now. Everyone in your local network can access all open volumes for reading and writing. This behavior is based on the assumption, that there are no evil guys in your local network. Please take care for this! +

+

+For the next major release (v0.4) we plan to implement user and access management. +

+

There is a user manager available in the preferences section. What is it good for?

+

+It's aimed for administrative tasks of the CryptoBox. Administrators can disable functions of the CryptoBox for other users (e.g. disabling the shutdown function). This way the webinterface can be customized to the needs of the users. The default admin password is admin, change that immediately! +

+

+Users who just want to open and close volumes do not need an administrative account. +

+

How do I use the server package from the Debian repository?

+

+The CryptoBox server package is not part of the official Debian repository (at least for now). But you can use our systemasufall.org repository for installation. +

+
  1. Add the following to your "/etc/apt/sources.list": +
    deb http://systemausfall.org/toolforge/debian unstable main
    +
  2. Run: +
    apt-get update && apt-get install cryptobox-server
    +
+
+

+Go back to user documentation overview or to the CryptoBox Homepage. +

+
+
+
+ +
+ + + + + + + + + + + diff --git a/live-cd-tree.d/_offline/doc/header.jpg b/live-cd-tree.d/_offline/doc/header.jpg new file mode 100644 index 0000000..0921fe4 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/header.jpg differ diff --git a/live-cd-tree.d/_offline/doc/help_d0.jpg b/live-cd-tree.d/_offline/doc/help_d0.jpg new file mode 100644 index 0000000..cb6152d Binary files /dev/null and b/live-cd-tree.d/_offline/doc/help_d0.jpg differ diff --git a/live-cd-tree.d/_offline/doc/help_e0.jpg b/live-cd-tree.d/_offline/doc/help_e0.jpg new file mode 100644 index 0000000..6226852 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/help_e0.jpg differ diff --git a/live-cd-tree.d/_offline/doc/index.html b/live-cd-tree.d/_offline/doc/index.html new file mode 100644 index 0000000..565d205 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/index.html @@ -0,0 +1,108 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

What is it about?

+

The CryptoBox project aims to bring data encryption to the masses.

+

Therefore we develop two Free Software packages:

+
    +
  • The CryptoBox live-CD is targetted at users who want to set up an + encrypting fileserver without bothering about complicated + administration issues. A computer which runs the + CryptoBox-CD works as a network-attached storage (NAS), + with the ability to encrypt all stored data.

  • +
  • The CryptoBox-Server package adds a user friendly, + web-based frontend for harddisk encryption to a fileserver.
  • +
+

Take a look at the CryptoBox usage example!
+ It may give you a better understanding of what the CryptoBox does and how it + works.

+
+ +
+ +
+

Demo

+

See the CryptoBox in action.

+
    +
  • user: admin
  • +
  • password: admin
  • +
+
+ +
+

Documentation

+

Browse through the online user + documentation site.

+
+ +
+

Details

+

Read what's under the hood.

+
+ +
+ +
+

Screenshots

+

Everybody wants some screenshots. + Here we go:

+

+
+ + + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/main.css b/live-cd-tree.d/_offline/doc/main.css new file mode 100644 index 0000000..a229917 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/main.css @@ -0,0 +1,230 @@ +body { + margin: 0; + padding: 0; + font-family: Verdana, Arial, sans-serif; + font-size: 80%; + color: #545454; + background-color: #fff; +} + +p { + margin: 0.1em 0 0.1em 0; +} + +h1 { + margin: 0; + padding: 0; + font-size: 200%; + font-weight: normal; + color: #4169E1; +} + +h2 { + margin: 0 0 5px 0; + padding: 0; + background-color: #8bbf75; + color: White; + font-size: 100%; + font-weight: normal; + text-align: left; + /* RFC: there is a font-weight above - which is valid? */ + font-weight: 800; +} + +div { + margin: 0; + padding: 0; + display: block; +} + +tt { + padding: 0.1em 0.6em 0.1em 0.6em; + font-size: 120%; + background: #fffad0; +} + +b { + font-size: 95%; +} + +div.container { + background-color: #FFF; + margin: 0 auto 0 auto; + padding: 0; + width: 740px; +} + +div.container a:link, div.container a:visited { + color: #366b30; +} + +div.navbar a { + text-decoration: none; +} + +div.container a:hover, div.container a:active { + color: #ff8a00; +} + +div#header { + padding: 2em; + margin: 0; + background-image: url(header.jpg); + background-repeat: no-repeat; + background-position: center; + height: 78px; +} + +div.centercontent { + padding: 0.3em 1ex 0.3em 1ex; + margin: 5px 5px 9px 5px; + border: 1px solid #e0e0e0; +} + +div.centercontent h2 { + padding: 0.1em 0 0.1em 0.5em; +} +div.centercontent p { + padding: 0.1em 1.8em 0.5em 0.8em; +} +div.centercontent ul { + padding: 0.1em 1.8em 0.1em 2.8em; +} + +ul { + margin-top: 0; + margin-bottom: 5px; + margin-left: 0; + padding-left: 2em; +} + +div.navbar { + display: block; + font-weight: bold; + margin: 5px 0 5px 0; + padding: 10px 0 10px 0; + border-top: 1px solid #C4C4C4; + border-bottom: 1px solid #C4C4C4; + text-align:center; +} + +div.left { + float: left; + width: 30%; + margin: 0 0 0 5px; + padding: 0; + text-align: center; +} + +div.left h2 { + text-align: left; + color: #366b30; + background-color: #eeeeec; + padding: 0 0 0 0.5em; + margin-bottom: 0.3em; +} + +div.leftcontent { + margin: 0.2em 0.4em 0.5em 0; + padding: 0.3em; + text-align: left; + border: 1px solid #e0e0e0; +} + +div.leftcontent p { + padding: 0.1em 0 0.5em 0.5em; +} + +div.content { + margin: 5px 5px 15px 31.5%; +} + +div.onecolumn { + margin: 5px 5px 9px 5px; +} + +div.content, div.onecolumn { + padding: 0.3em 1ex 0.3em 1ex; + border: 1px solid #e0e0e0; +} + +div.content h2, div.onecolumn h2 { + /* these are 2 pixels higher then those on the left side */ + /* RFC: what does that mean? Do we want this difference or not? [l] */ + padding: 0.1em 0 0.1em 0.5em; + margin: 0.1em 0 0.1em 0; +} + +div.content p, div.onecolumn p { + padding: 0.1em 0.8em 0.5em 0.8em; +} + +div.onecolumn p { + margin-top: 10px; + margin-bottom: 25px; + text-align: center; +} + +.date { + text-align: right; + font-style: italic; + font-size: 0.8em; +} + +div#footer { + margin: 20px 0 5px 0; + padding: 5px 0 5px 0; + border-top: 1px solid #C4C4C4; + border-bottom: 1px solid #C4C4C4; + font-size: 80%; + text-align: center; + clear: both; +} + + +/* FAQ headers */ +div.faq h3 { + margin: 0.5em; + font-size: 0.9em; + color: #8bbf75; +} + + +/* table of content for FAQ */ +ol.toc { + padding-left: 2em; +} + +ol.toc li { + margin-top: 0.5em; + margin-bottom: 0.5em; +} + +ol.toc a { + text-decoration: none; +} + +/* recent changes (rss feed) */ +ul.recent_changes { + padding-left: 0; + list-style-type: none; +} + +ul.recent_changes li { +} + +ul.recent_changes li h3 { + font-size: 0.9em; + margin: 2px; + text-decoration: none; +} + +ul.recent_changes li h3 a { + text-decoration: none; +} + +ul.recent_changes li p.date { + padding: 2px 2px 0 2px; + font-size: 0.8em; +} + diff --git a/live-cd-tree.d/_offline/doc/mini_s0.jpg b/live-cd-tree.d/_offline/doc/mini_s0.jpg new file mode 100644 index 0000000..0eb07d6 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/mini_s0.jpg differ diff --git a/live-cd-tree.d/_offline/doc/news.html b/live-cd-tree.d/_offline/doc/news.html new file mode 100644 index 0000000..ea065c9 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/news.html @@ -0,0 +1,150 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

NEWS: CryptoBox-Server v0.3.4 released

+

19/02/02007

+

This is a bugfix release

+

The following bug was fixed:

+
    +
  • incorrect uid handling during bootup (Closes: #139)
  • +
+
+ +
+

NEWS: CryptoBox-Server v0.3.3 released

+

10/02/02007

+

This release fixes some small bugs:

+
    +
  • group membership of the webserver
  • +
  • disc usage statistics
  • +
+

Additionally the following features were added:

+
    +
  • embedded help
  • +
  • improved network plugin
  • +
  • ...
  • +
+

The Slovenian and German translations are complete.

+

This release is planned to be the base for the next live-cd, which will be + published within the next week.

+
+ +
+

NEWS: CryptoBox-Server v0.3.2 released

+

08/01/02007

+

This release contains some important bugfixes:

+
    +
  • fixed bug causing lack of permissions
  • +
  • fixed bug in Plugin manager (breaks interface)
  • +
  • fixed setting committing delay of Plugin manager
  • +
+
+ +
+

NEWS: CryptoBox-Server v0.3.1 released

+

20/12/02006

+

This release contains some usability fixes for users of the Internet Explorer, + as well as some additional translations and more convenient default settings.

+
+ +
+

NEWS: CryptoBox-Server v0.3.0 released

+

15/12/02006

+

Here it comes - the earliest x-mas present 02006: the + CryptoBox-Server 0.3.0 package. It is not a live-cd, but a software package + that you can just install on your favourite linux system.

+

Take a look at the screenshots.

+

It was a long ride and this is the first milestone we reached. Be prepared + fo another 1000 miles of code.

+

The live-CD based on this new version will be released in February 02007.

+
+ +
+

NEWS: Python rewrite progress

+

19/08/02006

+

Finally the cryptobox-python-rewrite-process is in progress. + From now on you can follow discussions and participate at the + development mailinglist via gmane.

+
+ +
+

NEWS: Download interception

+

14/04/02006

+

Sorry folks, codecoop.org is temporarily down.

+

UPDATE: It is up and running again. Fetch the latest version here.

+
+ +
+

NEWS: CryptoBox code splitting

+

07/03/02006

+

We are currently splitting the CryptoBox into the + CryptoBox-Server and the Cryptobox-CD. This will let you use + the CryptoBox-Server in your favourite Linux installation.

+

Stay tuned ...

+
+ +
+

NEWS: CryptoBox-CD v0.2.1 released

+

30/10/02005

+

The latest CryptoBox version 0.2.1 is available at + codecoop.org!

+
+ + + + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/prefer0.jpg b/live-cd-tree.d/_offline/doc/prefer0.jpg new file mode 100644 index 0000000..588c651 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/prefer0.jpg differ diff --git a/live-cd-tree.d/_offline/doc/prepar0.jpg b/live-cd-tree.d/_offline/doc/prepar0.jpg new file mode 100644 index 0000000..33c8a04 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/prepar0.jpg differ diff --git a/live-cd-tree.d/_offline/doc/screen0.html b/live-cd-tree.d/_offline/doc/screen0.html new file mode 100644 index 0000000..bf472d9 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/screen0.html @@ -0,0 +1,87 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

Versions 0.3.x

+

+ screenshot v0.3: activation of encrypted filesystem
+ activation of encrypted filesystem
+

+

+ screenshot v0.3: configuration
+ configuration
+

+
+ +
+

Versions 0.2.x

+

+ screenshot v0.2: activation of encrypted file system
+ activation of encrypted file system
+

+

+ screenshot v0.2: configuration
+ configuration
+

+
+ + + + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/search0.png b/live-cd-tree.d/_offline/doc/search0.png new file mode 100644 index 0000000..36b2b7f Binary files /dev/null and b/live-cd-tree.d/_offline/doc/search0.png differ diff --git a/live-cd-tree.d/_offline/doc/search1.png b/live-cd-tree.d/_offline/doc/search1.png new file mode 100644 index 0000000..8dd8c99 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/search1.png differ diff --git a/live-cd-tree.d/_offline/doc/search2.png b/live-cd-tree.d/_offline/doc/search2.png new file mode 100644 index 0000000..256fb80 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/search2.png differ diff --git a/live-cd-tree.d/_offline/doc/support.html b/live-cd-tree.d/_offline/doc/support.html new file mode 100644 index 0000000..c66c722 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/support.html @@ -0,0 +1,91 @@ + + + + + CryptoBox + + + + + + + +
+ + + + +
+

Any problems?

+
    +
  1. Please read the user + documentation.
  2. +
  3. Check if the FAQ helps you to solve your problem.
  4. +
  5. Check if it is a known + issue. If so, provide some detailed information + there.
  6. +
  7. Submit a new bug report.
  8. +
+
+ +
+ +
+

Missing your language?

+

The CryptoBox is easily extensible via plugins. It also has + support for multiple languages. You can help us with some + translations.

+
+ +
+ +
+

Further questions

+

If you have more questions or if you want better answers, just send a mail + to info@cryptobox.org. Thanks!

+

And no, we don't sit on any irc channel. There's a life to live. :)

+
+ + + + + +
+ + + + + + + diff --git a/live-cd-tree.d/_offline/doc/system0.png b/live-cd-tree.d/_offline/doc/system0.png new file mode 100644 index 0000000..60fbbb9 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/system0.png differ diff --git a/live-cd-tree.d/_offline/doc/trac.ico b/live-cd-tree.d/_offline/doc/trac.ico new file mode 100644 index 0000000..3547a13 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/trac.ico differ diff --git a/live-cd-tree.d/_offline/doc/trac.js b/live-cd-tree.d/_offline/doc/trac.js new file mode 100644 index 0000000..2e96c75 --- /dev/null +++ b/live-cd-tree.d/_offline/doc/trac.js @@ -0,0 +1,159 @@ +// Used for dynamically updating the height of a textarea +function resizeTextArea(id, rows) { + var textarea = document.getElementById(id); + if (!textarea || (typeof(textarea.rows) == "undefined")) return; + textarea.rows = rows; +} + +// A better way than for example hardcoding foo.onload +function addEvent(element, type, func){ + if (element.addEventListener) { + element.addEventListener(type, func, false); + return true; + } else if (element.attachEvent) { + return element.attachEvent("on" + type, func); + } + return false; +} + +// Adapted from http://www.kryogenix.org/code/browser/searchhi/ +function searchHighlight() { + if (!document.createElement) return; + + var div = document.getElementById("searchable"); + if (!div) return; + + function getSearchWords(url) { + if (url.indexOf('?') == -1) return []; + var queryString = url.substr(url.indexOf('?') + 1); + var params = queryString.split('&'); + for (var p in params) { + var param = params[p].split('='); + if (param.length < 2) continue; + if (param[0] == 'q' || param[0] == 'p') { // q= for Google, p= for Yahoo + return unescape(param[1].replace(/\+/g, ' ')).split(/\s+/); + } + } + return []; + } + + function highlightWord(node, word, searchwordindex) { + // If this node is a text node and contains the search word, highlight it by + // surrounding it with a span element + if (node.nodeType == 3) { // Node.TEXT_NODE + var pos = node.nodeValue.toLowerCase().indexOf(word.toLowerCase()); + if (pos >= 0 && !/^searchword\d$/.test(node.parentNode.className)) { + var span = document.createElement("span"); + span.className = "searchword" + (searchwordindex % 5); + span.appendChild(document.createTextNode( + node.nodeValue.substr(pos, word.length))); + var newNode = node.splitText(pos); + newNode.nodeValue = newNode.nodeValue.substr(word.length); + node.parentNode.insertBefore(span, newNode); + return true; + } + } else if (!node.nodeName.match(/button|select|textarea/i)) { + // Recurse into child nodes + for (var i = 0; i < node.childNodes.length; i++) { + if (highlightWord(node.childNodes[i], word, searchwordindex)) i++; + } + } + return false; + } + + var words = getSearchWords(document.URL); + if (!words.length) words = getSearchWords(document.referrer); + if (words.length) { + for (var w in words) { + if (words[w].length) highlightWord(div, words[w], w); + } + } +} + +function enableControl(id, enabled) { + if (typeof(enabled) == "undefined") enabled = true; + var control = document.getElementById(id); + if (!control) return; + control.disabled = !enabled; + var labels = document.getElementsByTagName("label"); + for (var i = 0; i < labels.length; i++) { + if (labels[i].htmlFor == id) { + labels[i].className = enabled ? "enabled" : "disabled"; + } + } +} + +function addWikiFormattingToolbar(textarea) { + if ((typeof(document["selection"]) == "undefined") + && (typeof(textarea["setSelectionRange"]) == "undefined")) { + return; + } + + var toolbar = document.createElement("div"); + toolbar.className = "wikitoolbar"; + + function addButton(id, title, fn) { + var a = document.createElement("a"); + a.href = "#"; + a.id = id; + a.title = title; + a.onclick = function() { try { fn() } catch (e) { } return false }; + a.tabIndex = 400; + toolbar.appendChild(a); + } + + function encloseSelection(prefix, suffix) { + textarea.focus(); + var start, end, sel, scrollPos, subst; + if (typeof(document["selection"]) != "undefined") { + sel = document.selection.createRange().text; + } else if (typeof(textarea["setSelectionRange"]) != "undefined") { + start = textarea.selectionStart; + end = textarea.selectionEnd; + scrollPos = textarea.scrollTop; + sel = textarea.value.substring(start, end); + } + if (sel.match(/ $/)) { // exclude ending space char, if any + sel = sel.substring(0, sel.length - 1); + suffix = suffix + " "; + } + subst = prefix + sel + suffix; + if (typeof(document["selection"]) != "undefined") { + var range = document.selection.createRange().text = subst; + textarea.caretPos -= suffix.length; + } else if (typeof(textarea["setSelectionRange"]) != "undefined") { + textarea.value = textarea.value.substring(0, start) + subst + + textarea.value.substring(end); + if (sel) { + textarea.setSelectionRange(start + subst.length, start + subst.length); + } else { + textarea.setSelectionRange(start + prefix.length, start + prefix.length); + } + textarea.scrollTop = scrollPos; + } + } + + addButton("strong", "Bold text: '''Example'''", function() { + encloseSelection("'''", "'''"); + }); + addButton("em", "Italic text: ''Example''", function() { + encloseSelection("''", "''"); + }); + addButton("heading", "Heading: == Example ==", function() { + encloseSelection("\n== ", " ==\n", "Heading"); + }); + addButton("link", "Link: [http://www.example.com/ Example]", function() { + encloseSelection("[", "]"); + }); + addButton("code", "Code block: {{{ example }}}", function() { + encloseSelection("\n{{{\n", "\n}}}\n"); + }); + addButton("hr", "Horizontal rule: ----", function() { + encloseSelection("\n----\n", ""); + }); + + textarea.parentNode.insertBefore(toolbar, textarea); + var br = document.createElement("br"); + br.style.clear = "left"; + textarea.parentNode.insertBefore(br, textarea); +} diff --git a/live-cd-tree.d/_offline/doc/trac_c0.png b/live-cd-tree.d/_offline/doc/trac_c0.png new file mode 100644 index 0000000..702eb26 Binary files /dev/null and b/live-cd-tree.d/_offline/doc/trac_c0.png differ diff --git a/live-cd-tree.d/_offline/doc/trac_l0.png b/live-cd-tree.d/_offline/doc/trac_l0.png new file mode 100644 index 0000000..38c038d Binary files /dev/null and b/live-cd-tree.d/_offline/doc/trac_l0.png differ diff --git a/live-cd-tree.d/_offline/shellopn.exe b/live-cd-tree.d/_offline/shellopn.exe new file mode 100644 index 0000000..e7d91bf Binary files /dev/null and b/live-cd-tree.d/_offline/shellopn.exe differ diff --git a/live-cd-tree.d/_offline/shellopn.zip b/live-cd-tree.d/_offline/shellopn.zip new file mode 100644 index 0000000..6ddb3b4 Binary files /dev/null and b/live-cd-tree.d/_offline/shellopn.zip differ diff --git a/live-cd-tree.d/autorun.inf b/live-cd-tree.d/autorun.inf new file mode 100644 index 0000000..d476528 --- /dev/null +++ b/live-cd-tree.d/autorun.inf @@ -0,0 +1,2 @@ +[autorun] +open=_offline\shellopn.exe _offline\doc\index.html diff --git a/live-cd-tree.d/etc/rc3.d/S99usage_hint b/live-cd-tree.d/etc/rc3.d/S99usage_hint new file mode 100755 index 0000000..c423759 --- /dev/null +++ b/live-cd-tree.d/etc/rc3.d/S99usage_hint @@ -0,0 +1,6 @@ +#!/bin/sh +echo -e "\n+----------------------------------------------------------------+" +echo -e "\n The CryptoNAS has started." +echo -e "\n You can access it now via a web browser at: http://192.168.0.23" +echo -e "\n Visit cryptonas.org for help and more information." +echo -e "\n+----------------------------------------------------------------+\n" diff --git a/live-cd-tree.d/etc/samba/smb.conf b/live-cd-tree.d/etc/samba/smb.conf new file mode 100644 index 0000000..ed2ea24 --- /dev/null +++ b/live-cd-tree.d/etc/samba/smb.conf @@ -0,0 +1,35 @@ +[global] + workgroup = workgroup + server string = cryptobox + # 'security' is necessary - otherwise windows clients will ask for a login and fail + security = share + dns proxy = no + log file = /var/log/samba/log.smbd + max log size = 500 + syslog only = yes + syslog = 0 + panic action = /usr/share/samba/panic-action %d + encrypt passwords = true + passdb backend = tdbsam + obey pam restrictions = yes + invalid users = root + passwd program = /usr/bin/passwd %u + passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . + socket options = TCP_NODELAY + guest ok = yes + + # the following lines should help to be visible in the network + # os level - higher than non-PDC (primary domain controller) but lower than PDC + os level = 17 + # announce ourselves to other networks + remote announce = 192.168.0.255 192.168.255.255 172.16.255.255 10.255.255.255 + # don't act as a wins server, but use wins + # if yes, don't set "wins server" + wins support = yes + # we don't want to confuse existing servers + local master = no + domain master = no + preferred master = no + +include = /var/cache/cryptobox-server/settings/misc/samba-include.conf + diff --git a/live-cd-tree.d/etc/udev/rules.d/z99_local.rules b/live-cd-tree.d/etc/udev/rules.d/z99_local.rules new file mode 100644 index 0000000..e71d1f6 --- /dev/null +++ b/live-cd-tree.d/etc/udev/rules.d/z99_local.rules @@ -0,0 +1,3 @@ +# the cryptobox live-cd should not use any device mapper block devices as they +# are created by cryptsetup -> make it non-writeable for the cryptobox user +KERNEL=="dm-*", MODE="0600", OWNER="root", GROUP="root" diff --git a/live-cd-tree.d/start.html b/live-cd-tree.d/start.html new file mode 100644 index 0000000..40eec34 --- /dev/null +++ b/live-cd-tree.d/start.html @@ -0,0 +1,11 @@ + + + + + The CryptoBox + + + Automatic redirect to Documentation ... + + + diff --git a/live-cd-tree.d/usr/lib/cryptobox-cd/chroot-start.sh b/live-cd-tree.d/usr/lib/cryptobox-cd/chroot-start.sh new file mode 100755 index 0000000..626672f --- /dev/null +++ b/live-cd-tree.d/usr/lib/cryptobox-cd/chroot-start.sh @@ -0,0 +1,56 @@ +#!/bin/sh +# +# Copyright (c) 02005-02006 sense.lab +# +# License: This script is distributed under the terms of version 2 +# of the GNU GPL. See the LICENSE file included with the package. +# +# $Id$ +# +# FOR DEVELOPMENT ONLY! +# +# this script is used to prepare a chroot session for testing or configuring +# +# called by: +# - cbox-build.sh +# +# parameter: [commandline] +# +# if "commandline" is empty, "bash" will be used +# + +set -eu + +MNT_SRC=/opt/dfsruntime/runtimerd +MNT_DST=/opt/dfsruntime/runtimemnt +# the directory /tmp/ can not be used, as it is still a broken link, too +TMP_DIR="/tmp-`basename $0`-$$" + + +cp -a "$MNT_SRC/." "$TMP_DIR" +mount -n --bind "$TMP_DIR" "$MNT_DST" + +[ ! -e /dev/null ] && mknod "/dev/null" c 1 3 && chmod 666 "/dev/null" +[ ! -e /dev/urandom ] && mknod "/dev/urandom" c 1 9 && chmod 444 "/dev/urandom" +[ ! -e /dev/console ] && mknod "/dev/console" c 1 5 && chmod 660 "/dev/console" + +# remember, if proc was mounted before (e.g. because of a running chroot) +PROC_WAS_MOUNTED=no +mount -n -t proc proc /proc 2>/dev/null || PROC_WAS_MOUNTED=yes + +# default language setting - prevents dpkg error messages +export LANG=C + +# set default terminal (good if you are running in a screen session) +export TERM=linux + +# execute parameters as commandline +if [ $# -gt 0 ] + then "$@" + else bash + fi + +umount -l -n "$MNT_DST" +[ "$PROC_WAS_MOUNTED" = "no" ] && umount -l -n proc +rm -r "$TMP_DIR" + diff --git a/live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh b/live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh new file mode 100755 index 0000000..a08233f --- /dev/null +++ b/live-cd-tree.d/usr/lib/cryptobox-cd/configure-cryptobox.sh @@ -0,0 +1,179 @@ +#!/bin/sh +# +# Copyright (c) 02005 sense.lab +# +# License: This script is distributed under the terms of version 2 +# of the GNU GPL. See the LICENSE file included with the package. +# +# $Id$ +# +# this script is part of the building process of the cryptobox +# the "normal" action is necessary for every cryptobox (development & release) +# the "secure" action is mandatory for every release CD +# +# called by: +# - cbox-build.sh after copying custom files and before creating the iso image +# + +set -eu + +RUNTIMEDIR=/opt/dfsruntime/runtimerd +TUNDEV=$RUNTIMEDIR/dev/net/tun +ADD_GROUPS="floppy cdrom tape video plugdev" + +REMOVE_PACKAGES="strace + nvi nano vim vim-common vim-tiny + unzip zip aptitude tasksel locate + ssh elinks curl wget netkit-inetd telnet + exim4-daemon-light exim4-config exim4-base + ppp pppconfig pppoe pppoeconf iptables + subversion w3m wget lynx less screen + info iptables man-db manpages + openssh-server openssh-client" + +# remove rc symlinks for these services +SERVICES_OFF="ssh setserial nviboot mountnfs ntpdate" + +function configure_normal() +# the usual stuff - not optimized for security +{ + ##### cryptobox settings ###### + # start during bootup + sed -i 's/^NO_START=.*$/NO_START=0/' /etc/default/cryptobox-server + # listen to port 80 by default + sed -i 's/^PORT=.*$/PORT=80/' /etc/default/cryptobox-server + # use a separate configuration partition + sed -i 's/^UseConfigPartition.*$/UseConfigPartition = 1/' /etc/cryptobox-server/cryptobox.conf + # all plugins are enabled (especially: "encrypted_webinterface") + sed -i 's#^DisabledPlugins.*$#DisabledPlugins = #' /etc/cryptobox-server/cryptobox.conf + # change the selection of devices, that can be used as the crypto harddisk + sed -i 's#^AllowedDevices.*$#AllowedDevices = /dev/#' /etc/cryptobox-server/cryptobox.conf + # add the cryptobox user to some more groups + for new_group in $ADD_GROUPS + do adduser cryptobox "$new_group" + done + + ############ samba ############ + # enable samba startup (disabled before via cbox-build.sh) + echo 'RUN_MODE="daemons"' >/etc/default/samba + # install the samba hook script + cp /usr/share/doc/cryptobox-server/event-scripts/samba /etc/cryptobox-server/events.d/samba + chmod +x /etc/cryptobox-server/events.d/samba + + + ############ webdav ############ + #TODO: add apache2 packages; configure port; add webdav link in web frontend + sed -i 's/^NO_START=.*$/NO_START=0/' /etc/default/apache2 + cp /usr/share/doc/cryptobox-server/event-scripts/apache2_dav /etc/cryptobox-server/events.d/apache2_dav + chmod +x /etc/cryptobox-server/events.d/apache2_dav + + ########### boot up ########### + # turn off creation of "/etc/nologin" (read-only fs) + sed -i '/^DELAYLOGIN=/s/^DELAYLOGIN=.*$/DELAYLOGIN=no/' /etc/default/rcS + # turn off modifying /etc/motd (read-only fs) + sed -i '/^EDITMOTD=/s/^EDITMOTD=.*$/EDITMOTD=no/' /etc/default/rcS + # default runlevel (out of some strange reason, runlevel 2 is not working) + sed -i 's/^id:.*$/id:3:initdefault:/' /etc/inittab + # add tmpfs entry for mount parent + # remove old line, if fstab exists + test -e /etc/fstab && sed -i '#/var/cache/cryptobox-server/mnt#d' /etc/fstab + # add new line + echo "tmpfs /var/cache/cryptobox-server/mnt tmpfs defaults 0 0" >>/etc/fstab + + ######### devices ########## + # create tun device for running under qemu + if [ ! -e "$TUNDEV" ] + then mkdir -p `dirname "$TUNDEV"` + mknod "$TUNDEV" c 10 200 + fi + + ########## sshd ############ + if [ -e "/etc/ssh" ]; then + # allow empty passwords for ssh + # the daemon is NOT started automatically, so you have to start it + # manually in case of need - as the root pw is empty and passwd is ro, you + # have to allow empty passwords for this rare case + sed -i 's/^PermitEmptyPass.*$/PermitEmptyPasswords yes/' /etc/ssh/sshd_config + # turn off PAM for ssh, as it prevents the use of empty passwords (stange behaviour) + sed -i 's/^UsePAM.*$/UsePAM no/' /etc/ssh/sshd_config + # allow input of password + sed -i 's/^PasswordAuthentication.*$/PasswordAuthentication yes/' /etc/ssh/sshd_config + fi + + # remove symlinks for unwanted services + for a in $SERVICES_OFF; do + # echo "Turning off service $a ..." + find /etc/rc?.d/ -type l -name "[SK][0-9][0-9]$a" | while read b + do rm "$b" + done + done + + return 0 +} + + +function configure_secure() +# remove everything that could weaken security +# configure_normal should be called too! +{ + # disable keyboard login + sed -i '/getty/d' /etc/inittab + + # remove unnecessary packages + dpkg --force-all -P $REMOVE_PACKAGES 2>&1 | grep -v "which isn't installed." || true + + # maybe an authorized_keys file was created - but it is not dangerous, + # as the openssh package was removed anyway + [ -d /root/.ssh ] && rm -rf /root/.ssh + + # disable root account + passwd -l root + + ############## clean up ################ + # remove deb-files, that were left by dfsbuild + # remove packages and package lists + # remove locale files + # remove doc files + # remove man pages + # some vim files stay behind? + rm -rf /opt/packages /var/cache/bootstrap /var/cache/apt/ /var/cache/locate + rm -rf /usr/share/man /usr/share/vim /var/lib/apt /var/cache/debconf /var/cache/man + # remove docs except for the cryptobox's + ls /usr/share/doc | while read dname + do test "$dname" == "cryptobox-server" || rm -rf "/usr/share/doc/$dname" + done + # remove all locale files and symlinks except for the cryptobox's + (find /usr/share/locale -type f; find /usr/share/locale -type l) | grep -v "cryptobox-server" | while read fname + do rm "$fname" + done + # remove all empty locale directories + find /usr/share/locale -type d | while read dname + do test -d "$dname" && rmdir --ignore-fail-on-non-empty --parents "$dname" + done + + # change some dir permissions + chmod 660 /var/cache/cryptobox-server/settings/ + + return 0 +} + + +################ main #################### + + +ACTION=help +[ $# -gt 0 ] && ACTION=$1 + +case "$ACTION" in + normal ) + configure_normal + ;; + secure ) + configure_secure + ;; + * ) + echo "Syntax: `basename $0` { normal | secure }" + echo + ;; + esac + diff --git a/live-cd-tree.d/usr/lib/cryptobox-cd/devel-features.sh b/live-cd-tree.d/usr/lib/cryptobox-cd/devel-features.sh new file mode 100755 index 0000000..c3dd82c --- /dev/null +++ b/live-cd-tree.d/usr/lib/cryptobox-cd/devel-features.sh @@ -0,0 +1,83 @@ +#!/bin/sh +# +# Copyright (c) 02005 sense.lab +# +# License: This script is distributed under the terms of version 2 +# of the GNU GPL. See the LICENSE file included with the package. +# +# $Id$ +# +# this script is part of the boot process of a developer's cryptobox +# +# it should really NEVER be found on a release CD +# +# called by: +# - /etc/rc2.d/S99cb-devel-features +# + +set -eu + +# read the default setting file, if it exists +[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox + +# set CONF_FILE to default value, if not configured in /etc/default/cryptobox +CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf} +# parse config file +. "$CONF_FILE" + +MIRROR_DIR=/tmp/mirror +MIRROR_ORIG_DIR=/tmp/mirror.orig +WRITE_DIRS="/usr/share/cryptobox /var/www /usr/lib/cryptobox" + +ACTION="--help" +[ $# -gt 0 ] && ACTION="$1" + +case "$ACTION" in + start ) + # copy cryptobox files to tmpfs + for a in $WRITE_DIRS + do mkdir -p "$MIRROR_DIR/$a" + cp -a "$a/." "$MIRROR_DIR/$a" + mount --bind "$MIRROR_DIR/$a" "$a" + done + $0 set_diff_base + + # cryptobox-server needs to be restarted to reopen its files + invoke-rc.d cryptobox-server restart + + # start ssh daemon + [ -x /etc/init.d/ssh ] && /etc/init.d/ssh start + ;; + set_diff_base ) + # the present content of the tmpfs mirror get copied to + # MIRROR_ORIG_DIR for later diffs + # whenever you merged a diff, you should call this function + [ -e "$MIRROR_ORIG_DIR" ] && rm -rf "$MIRROR_ORIG_DIR" + cp -a "$MIRROR_DIR" "$MIRROR_ORIG_DIR" + ;; + diff ) + cd "`dirname \"$MIRROR_ORIG_DIR\"`" + # diff and remove "binary files differ"-warnings (vi-swap-files) + # ignore generated reports + # ignore cryptobox.pl and index.html, as those are the same as + # /var/www/cryptobox (symbilic links) + # replace the link name (/var/www/cryptobox) by its destination + # UGLY! + diff -ruN --exclude=report --exclude=cryptobox.pl --exclude=index.html "`basename \"$MIRROR_ORIG_DIR\"`" "`basename \"$MIRROR_DIR\"`" | grep -v "^Binary files" | sed 's#/var/www/cryptobox\t#/var/www/cgi-bin/cryptobox.pl\t#' + ;; + stop ) + [ -x /etc/init.d/ssh ] && /etc/init.d/ssh stop + for a in $WRITE_DIRS + do umount "$MIRROR_DIR/$a" + done + rm -rf "$MIRROR_DIR" + ;; + restart ) + $0 stop + $0 start + ;; + * ) + echo "Syntax: `basename $0` { start | stop | restart }" + ;; + esac + diff --git a/packages/config-2.6.20_cryptobox0.3.3 b/packages/config-2.6.20_cryptobox0.3.3 new file mode 100644 index 0000000..d0ebaaf --- /dev/null +++ b/packages/config-2.6.20_cryptobox0.3.3 @@ -0,0 +1,1629 @@ +# +# Automatically generated make config: don't edit +# Linux kernel version: 2.6.20 +# Tue Feb 6 17:07:52 2007 +# +CONFIG_X86_32=y +CONFIG_GENERIC_TIME=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_SEMAPHORE_SLEEPERS=y +CONFIG_X86=y +CONFIG_MMU=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_IOMAP=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +CONFIG_DMI=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" + +# +# Code maturity level options +# +CONFIG_EXPERIMENTAL=y +CONFIG_BROKEN_ON_SMP=y +CONFIG_INIT_ENV_ARG_LIMIT=32 + +# +# General setup +# +CONFIG_LOCALVERSION="" +CONFIG_LOCALVERSION_AUTO=y +CONFIG_SWAP=y +# CONFIG_SYSVIPC is not set +CONFIG_POSIX_MQUEUE=y +# CONFIG_BSD_PROCESS_ACCT is not set +# CONFIG_TASKSTATS is not set +# CONFIG_UTS_NS is not set +# CONFIG_AUDIT is not set +CONFIG_IKCONFIG=y +CONFIG_IKCONFIG_PROC=y +# CONFIG_SYSFS_DEPRECATED is not set +# CONFIG_RELAY is not set +CONFIG_INITRAMFS_SOURCE="" +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_SYSCTL=y +# CONFIG_EMBEDDED is not set +CONFIG_UID16=y +CONFIG_SYSCTL_SYSCALL=y +CONFIG_KALLSYMS=y +# CONFIG_KALLSYMS_EXTRA_PASS is not set +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SHMEM=y +CONFIG_SLAB=y +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_RT_MUTEXES=y +# CONFIG_TINY_SHMEM is not set +CONFIG_BASE_SMALL=0 +# CONFIG_SLOB is not set + +# +# Loadable module support +# +CONFIG_MODULES=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_KMOD=y + +# +# Block layer +# +CONFIG_BLOCK=y +# CONFIG_LBD is not set +# CONFIG_BLK_DEV_IO_TRACE is not set +# CONFIG_LSF is not set + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +# CONFIG_IOSCHED_AS is not set +CONFIG_IOSCHED_DEADLINE=y +# CONFIG_IOSCHED_CFQ is not set +# CONFIG_DEFAULT_AS is not set +CONFIG_DEFAULT_DEADLINE=y +# CONFIG_DEFAULT_CFQ is not set +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="deadline" + +# +# Processor type and features +# +# CONFIG_SMP is not set +CONFIG_X86_PC=y +# CONFIG_X86_ELAN is not set +# CONFIG_X86_VOYAGER is not set +# CONFIG_X86_NUMAQ is not set +# CONFIG_X86_SUMMIT is not set +# CONFIG_X86_BIGSMP is not set +# CONFIG_X86_VISWS is not set +# CONFIG_X86_GENERICARCH is not set +# CONFIG_X86_ES7000 is not set +# CONFIG_PARAVIRT is not set +# CONFIG_M386 is not set +CONFIG_M486=y +# CONFIG_M586 is not set +# CONFIG_M586TSC is not set +# CONFIG_M586MMX is not set +# CONFIG_M686 is not set +# CONFIG_MPENTIUMII is not set +# CONFIG_MPENTIUMIII is not set +# CONFIG_MPENTIUMM is not set +# CONFIG_MCORE2 is not set +# CONFIG_MPENTIUM4 is not set +# CONFIG_MK6 is not set +# CONFIG_MK7 is not set +# CONFIG_MK8 is not set +# CONFIG_MCRUSOE is not set +# CONFIG_MEFFICEON is not set +# CONFIG_MWINCHIPC6 is not set +# CONFIG_MWINCHIP2 is not set +# CONFIG_MWINCHIP3D is not set +# CONFIG_MGEODEGX1 is not set +# CONFIG_MGEODE_LX is not set +# CONFIG_MCYRIXIII is not set +# CONFIG_MVIAC3_2 is not set +CONFIG_X86_GENERIC=y +CONFIG_X86_CMPXCHG=y +CONFIG_X86_XADD=y +CONFIG_X86_L1_CACHE_SHIFT=7 +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +# CONFIG_ARCH_HAS_ILOG2_U32 is not set +# CONFIG_ARCH_HAS_ILOG2_U64 is not set +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_X86_PPRO_FENCE=y +CONFIG_X86_F00F_BUG=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INVLPG=y +CONFIG_X86_BSWAP=y +CONFIG_X86_POPAD_OK=y +CONFIG_X86_ALIGNMENT_16=y +CONFIG_X86_INTEL_USERCOPY=y +# CONFIG_HPET_TIMER is not set +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +# CONFIG_X86_UP_APIC is not set +CONFIG_X86_MCE=y +# CONFIG_X86_MCE_NONFATAL is not set +CONFIG_VM86=y +# CONFIG_TOSHIBA is not set +# CONFIG_I8K is not set +# CONFIG_X86_REBOOTFIXUPS is not set +# CONFIG_MICROCODE is not set +# CONFIG_X86_MSR is not set +# CONFIG_X86_CPUID is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_NOHIGHMEM=y +# CONFIG_HIGHMEM4G is not set +# CONFIG_HIGHMEM64G is not set +CONFIG_PAGE_OFFSET=0xC0000000 +CONFIG_ARCH_FLATMEM_ENABLE=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ARCH_POPULATES_NODE_MAP=y +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_FLATMEM_MANUAL=y +# CONFIG_DISCONTIGMEM_MANUAL is not set +# CONFIG_SPARSEMEM_MANUAL is not set +CONFIG_FLATMEM=y +CONFIG_FLAT_NODE_MEM_MAP=y +CONFIG_SPARSEMEM_STATIC=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +# CONFIG_RESOURCES_64BIT is not set +# CONFIG_MATH_EMULATION is not set +CONFIG_MTRR=y +# CONFIG_EFI is not set +CONFIG_SECCOMP=y +CONFIG_HZ_100=y +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +# CONFIG_HZ_1000 is not set +CONFIG_HZ=100 +# CONFIG_KEXEC is not set +CONFIG_PHYSICAL_START=0x100000 +# CONFIG_RELOCATABLE is not set +CONFIG_PHYSICAL_ALIGN=0x100000 +# CONFIG_COMPAT_VDSO is not set + +# +# Power management options (ACPI, APM) +# +CONFIG_PM=y +# CONFIG_PM_LEGACY is not set +# CONFIG_PM_DEBUG is not set +# CONFIG_PM_SYSFS_DEPRECATED is not set +# CONFIG_SOFTWARE_SUSPEND is not set + +# +# ACPI (Advanced Configuration and Power Interface) Support +# +CONFIG_ACPI=y +# CONFIG_ACPI_SLEEP is not set +# CONFIG_ACPI_AC is not set +# CONFIG_ACPI_BATTERY is not set +# CONFIG_ACPI_BUTTON is not set +# CONFIG_ACPI_VIDEO is not set +# CONFIG_ACPI_HOTKEY is not set +# CONFIG_ACPI_FAN is not set +# CONFIG_ACPI_DOCK is not set +# CONFIG_ACPI_PROCESSOR is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_ACPI_IBM is not set +# CONFIG_ACPI_TOSHIBA is not set +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_EC=y +CONFIG_ACPI_POWER=y +CONFIG_ACPI_SYSTEM=y +CONFIG_X86_PM_TIMER=y +# CONFIG_ACPI_CONTAINER is not set + +# +# APM (Advanced Power Management) BIOS Support +# +CONFIG_APM=y +# CONFIG_APM_IGNORE_USER_SUSPEND is not set +CONFIG_APM_DO_ENABLE=y +CONFIG_APM_CPU_IDLE=y +# CONFIG_APM_DISPLAY_BLANK is not set +# CONFIG_APM_RTC_IS_GMT is not set +# CONFIG_APM_ALLOW_INTS is not set +CONFIG_APM_REAL_MODE_POWER_OFF=y + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=y +# CONFIG_CPU_FREQ_DEBUG is not set +# CONFIG_CPU_FREQ_STAT is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=y +# CONFIG_CPU_FREQ_GOV_POWERSAVE is not set +# CONFIG_CPU_FREQ_GOV_USERSPACE is not set +CONFIG_CPU_FREQ_GOV_ONDEMAND=y +# CONFIG_CPU_FREQ_GOV_CONSERVATIVE is not set + +# +# CPUFreq processor drivers +# +CONFIG_X86_POWERNOW_K6=y +CONFIG_X86_POWERNOW_K7=y +CONFIG_X86_POWERNOW_K8=y +CONFIG_X86_GX_SUSPMOD=y +CONFIG_X86_SPEEDSTEP_CENTRINO=y +CONFIG_X86_SPEEDSTEP_CENTRINO_TABLE=y +CONFIG_X86_SPEEDSTEP_ICH=y +CONFIG_X86_SPEEDSTEP_SMI=y +CONFIG_X86_P4_CLOCKMOD=y +CONFIG_X86_CPUFREQ_NFORCE2=y +CONFIG_X86_LONGRUN=y + +# +# shared options +# +CONFIG_X86_SPEEDSTEP_LIB=y +# CONFIG_X86_SPEEDSTEP_RELAXED_CAP_CHECK is not set + +# +# Bus options (PCI, PCMCIA, EISA, MCA, ISA) +# +CONFIG_PCI=y +# CONFIG_PCI_GOBIOS is not set +# CONFIG_PCI_GOMMCONFIG is not set +# CONFIG_PCI_GODIRECT is not set +CONFIG_PCI_GOANY=y +CONFIG_PCI_BIOS=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +CONFIG_ISA_DMA_API=y +# CONFIG_ISA is not set +# CONFIG_MCA is not set +# CONFIG_SCx200 is not set + +# +# PCCARD (PCMCIA/CardBus) support +# +CONFIG_PCCARD=m +# CONFIG_PCMCIA_DEBUG is not set +CONFIG_PCMCIA=m +CONFIG_PCMCIA_LOAD_CIS=y +CONFIG_PCMCIA_IOCTL=y +CONFIG_CARDBUS=y + +# +# PC-card bridges +# +CONFIG_YENTA=m +CONFIG_YENTA_O2=y +CONFIG_YENTA_RICOH=y +CONFIG_YENTA_TI=y +CONFIG_YENTA_ENE_TUNE=y +CONFIG_YENTA_TOSHIBA=y +CONFIG_PD6729=m +CONFIG_I82092=m +CONFIG_PCCARD_NONSTATIC=m + +# +# PCI Hotplug Support +# +# CONFIG_HOTPLUG_PCI is not set + +# +# Executable file formats +# +CONFIG_BINFMT_ELF=y +# CONFIG_BINFMT_AOUT is not set +# CONFIG_BINFMT_MISC is not set + +# +# Networking +# +CONFIG_NET=y + +# +# Networking options +# +# CONFIG_NETDEBUG is not set +CONFIG_PACKET=y +CONFIG_PACKET_MMAP=y +CONFIG_UNIX=y +CONFIG_XFRM=y +CONFIG_XFRM_USER=m +# CONFIG_XFRM_SUB_POLICY is not set +CONFIG_NET_KEY=m +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +# CONFIG_IP_ADVANCED_ROUTER is not set +CONFIG_IP_FIB_HASH=y +# CONFIG_IP_PNP is not set +CONFIG_NET_IPIP=m +# CONFIG_NET_IPGRE is not set +# CONFIG_IP_MROUTE is not set +# CONFIG_ARPD is not set +# CONFIG_SYN_COOKIES is not set +# CONFIG_INET_AH is not set +# CONFIG_INET_ESP is not set +# CONFIG_INET_IPCOMP is not set +# CONFIG_INET_XFRM_TUNNEL is not set +CONFIG_INET_TUNNEL=m +# CONFIG_INET_XFRM_MODE_TRANSPORT is not set +# CONFIG_INET_XFRM_MODE_TUNNEL is not set +# CONFIG_INET_XFRM_MODE_BEET is not set +# CONFIG_INET_DIAG is not set +# CONFIG_TCP_CONG_ADVANCED is not set +CONFIG_TCP_CONG_CUBIC=y +CONFIG_DEFAULT_TCP_CONG="cubic" +# CONFIG_TCP_MD5SIG is not set + +# +# IP: Virtual Server Configuration +# +# CONFIG_IP_VS is not set +# CONFIG_IPV6 is not set +# CONFIG_INET6_XFRM_TUNNEL is not set +# CONFIG_INET6_TUNNEL is not set +# CONFIG_NETWORK_SECMARK is not set +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set + +# +# Core Netfilter Configuration +# +# CONFIG_NETFILTER_NETLINK is not set +CONFIG_NF_CONNTRACK_ENABLED=m +CONFIG_NF_CONNTRACK_SUPPORT=y +# CONFIG_IP_NF_CONNTRACK_SUPPORT is not set +CONFIG_NF_CONNTRACK=m +# CONFIG_NF_CT_ACCT is not set +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_EVENTS=y +# CONFIG_NF_CT_PROTO_SCTP is not set +# CONFIG_NF_CONNTRACK_AMANDA is not set +# CONFIG_NF_CONNTRACK_FTP is not set +# CONFIG_NF_CONNTRACK_H323 is not set +# CONFIG_NF_CONNTRACK_IRC is not set +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +# CONFIG_NF_CONNTRACK_PPTP is not set +# CONFIG_NF_CONNTRACK_SIP is not set +# CONFIG_NF_CONNTRACK_TFTP is not set +# CONFIG_NETFILTER_XTABLES is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +# CONFIG_IP_NF_QUEUE is not set + +# +# DCCP Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP is not set + +# +# SCTP Configuration (EXPERIMENTAL) +# +# CONFIG_IP_SCTP is not set + +# +# TIPC Configuration (EXPERIMENTAL) +# +# CONFIG_TIPC is not set +# CONFIG_ATM is not set +# CONFIG_BRIDGE is not set +# CONFIG_VLAN_8021Q is not set +# CONFIG_DECNET is not set +# CONFIG_LLC2 is not set +# CONFIG_IPX is not set +# CONFIG_ATALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set + +# +# QoS and/or fair queueing +# +# CONFIG_NET_SCHED is not set + +# +# Network testing +# +# CONFIG_NET_PKTGEN is not set +# CONFIG_HAMRADIO is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +# CONFIG_IEEE80211 is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +# CONFIG_STANDALONE is not set +# CONFIG_PREVENT_FIRMWARE_BUILD is not set +CONFIG_FW_LOADER=m +# CONFIG_SYS_HYPERVISOR is not set + +# +# Connector - unified userspace <-> kernelspace linker +# +# CONFIG_CONNECTOR is not set + +# +# Memory Technology Devices (MTD) +# +# CONFIG_MTD is not set + +# +# Parallel port support +# +CONFIG_PARPORT=m +CONFIG_PARPORT_PC=m +CONFIG_PARPORT_PC_FIFO=y +# CONFIG_PARPORT_PC_SUPERIO is not set +# CONFIG_PARPORT_PC_PCMCIA is not set +# CONFIG_PARPORT_GSC is not set +# CONFIG_PARPORT_AX88796 is not set +CONFIG_PARPORT_1284=y + +# +# Plug and Play support +# +CONFIG_PNP=y +CONFIG_PNP_DEBUG=y + +# +# Protocols +# +CONFIG_PNPACPI=y + +# +# Block devices +# +# CONFIG_BLK_DEV_FD is not set +# CONFIG_PARIDE is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=m +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +# CONFIG_BLK_DEV_NBD is not set +# CONFIG_BLK_DEV_SX8 is not set +# CONFIG_BLK_DEV_UB is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=4096 +CONFIG_BLK_DEV_RAM_BLOCKSIZE=1024 +CONFIG_BLK_DEV_INITRD=y +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set + +# +# Misc devices +# +# CONFIG_IBM_ASM is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set + +# +# ATA/ATAPI/MFM/RLL support +# +CONFIG_IDE=y +CONFIG_BLK_DEV_IDE=y + +# +# Please see Documentation/ide.txt for help/info on IDE drives +# +# CONFIG_BLK_DEV_IDE_SATA is not set +# CONFIG_BLK_DEV_HD_IDE is not set +CONFIG_BLK_DEV_IDEDISK=y +CONFIG_IDEDISK_MULTI_MODE=y +CONFIG_BLK_DEV_IDECS=m +CONFIG_BLK_DEV_IDECD=y +# CONFIG_BLK_DEV_IDETAPE is not set +# CONFIG_BLK_DEV_IDEFLOPPY is not set +# CONFIG_BLK_DEV_IDESCSI is not set +# CONFIG_IDE_TASK_IOCTL is not set + +# +# IDE chipset support/bugfixes +# +CONFIG_IDE_GENERIC=y +CONFIG_BLK_DEV_CMD640=y +# CONFIG_BLK_DEV_CMD640_ENHANCED is not set +# CONFIG_BLK_DEV_IDEPNP is not set +CONFIG_BLK_DEV_IDEPCI=y +CONFIG_IDEPCI_SHARE_IRQ=y +# CONFIG_BLK_DEV_OFFBOARD is not set +CONFIG_BLK_DEV_GENERIC=y +CONFIG_BLK_DEV_OPTI621=y +CONFIG_BLK_DEV_RZ1000=y +CONFIG_BLK_DEV_IDEDMA_PCI=y +# CONFIG_BLK_DEV_IDEDMA_FORCED is not set +CONFIG_IDEDMA_PCI_AUTO=y +# CONFIG_IDEDMA_ONLYDISK is not set +CONFIG_BLK_DEV_AEC62XX=y +CONFIG_BLK_DEV_ALI15X3=y +# CONFIG_WDC_ALI15X3 is not set +CONFIG_BLK_DEV_AMD74XX=y +CONFIG_BLK_DEV_ATIIXP=y +CONFIG_BLK_DEV_CMD64X=y +CONFIG_BLK_DEV_TRIFLEX=y +CONFIG_BLK_DEV_CY82C693=y +CONFIG_BLK_DEV_CS5520=y +CONFIG_BLK_DEV_CS5530=y +# CONFIG_BLK_DEV_CS5535 is not set +CONFIG_BLK_DEV_HPT34X=y +# CONFIG_HPT34X_AUTODMA is not set +CONFIG_BLK_DEV_HPT366=y +# CONFIG_BLK_DEV_JMICRON is not set +CONFIG_BLK_DEV_SC1200=y +CONFIG_BLK_DEV_PIIX=y +# CONFIG_BLK_DEV_IT821X is not set +CONFIG_BLK_DEV_NS87415=y +CONFIG_BLK_DEV_PDC202XX_OLD=y +# CONFIG_PDC202XX_BURST is not set +CONFIG_BLK_DEV_PDC202XX_NEW=y +CONFIG_BLK_DEV_SVWKS=y +CONFIG_BLK_DEV_SIIMAGE=y +CONFIG_BLK_DEV_SIS5513=y +CONFIG_BLK_DEV_SLC90E66=y +CONFIG_BLK_DEV_TRM290=y +CONFIG_BLK_DEV_VIA82CXXX=y +# CONFIG_IDE_ARM is not set +CONFIG_BLK_DEV_IDEDMA=y +# CONFIG_IDEDMA_IVB is not set +CONFIG_IDEDMA_AUTO=y +# CONFIG_BLK_DEV_HD is not set + +# +# SCSI device support +# +# CONFIG_RAID_ATTRS is not set +CONFIG_SCSI=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=y +# CONFIG_BLK_DEV_SR_VENDOR is not set +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set + +# +# Some SCSI devices (e.g. CD jukebox) support multiple LUNs +# +# CONFIG_SCSI_MULTI_LUN is not set +# CONFIG_SCSI_CONSTANTS is not set +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=m +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +CONFIG_SCSI_SAS_LIBSAS_DEBUG=y + +# +# SCSI low-level drivers +# +CONFIG_ISCSI_TCP=m +CONFIG_BLK_DEV_3W_XXXX_RAID=m +CONFIG_SCSI_3W_9XXX=m +CONFIG_SCSI_ACARD=m +CONFIG_SCSI_AACRAID=m +# CONFIG_SCSI_AIC7XXX is not set +# CONFIG_SCSI_AIC7XXX_OLD is not set +CONFIG_SCSI_AIC79XX=m +CONFIG_AIC79XX_CMDS_PER_DEVICE=32 +CONFIG_AIC79XX_RESET_DELAY_MS=5000 +# CONFIG_AIC79XX_BUILD_FIRMWARE is not set +# CONFIG_AIC79XX_ENABLE_RD_STRM is not set +CONFIG_AIC79XX_DEBUG_ENABLE=y +CONFIG_AIC79XX_DEBUG_MASK=0 +CONFIG_AIC79XX_REG_PRETTY_PRINT=y +CONFIG_SCSI_AIC94XX=m +# CONFIG_AIC94XX_DEBUG is not set +CONFIG_SCSI_DPT_I2O=m +CONFIG_SCSI_ADVANSYS=m +CONFIG_SCSI_ARCMSR=m +CONFIG_MEGARAID_NEWGEN=y +CONFIG_MEGARAID_MM=m +CONFIG_MEGARAID_MAILBOX=m +CONFIG_MEGARAID_LEGACY=m +CONFIG_MEGARAID_SAS=m +CONFIG_SCSI_HPTIOP=m +CONFIG_SCSI_BUSLOGIC=m +CONFIG_SCSI_OMIT_FLASHPOINT=y +CONFIG_SCSI_DMX3191D=m +CONFIG_SCSI_EATA=m +# CONFIG_SCSI_EATA_TAGGED_QUEUE is not set +# CONFIG_SCSI_EATA_LINKED_COMMANDS is not set +CONFIG_SCSI_EATA_MAX_TAGS=16 +CONFIG_SCSI_FUTURE_DOMAIN=m +CONFIG_SCSI_GDTH=m +CONFIG_SCSI_IPS=m +CONFIG_SCSI_INITIO=m +CONFIG_SCSI_INIA100=m +CONFIG_SCSI_PPA=m +# CONFIG_SCSI_IMM is not set +# CONFIG_SCSI_IZIP_EPP16 is not set +# CONFIG_SCSI_IZIP_SLOW_CTR is not set +CONFIG_SCSI_STEX=m +CONFIG_SCSI_SYM53C8XX_2=m +CONFIG_SCSI_SYM53C8XX_DMA_ADDRESSING_MODE=1 +CONFIG_SCSI_SYM53C8XX_DEFAULT_TAGS=16 +CONFIG_SCSI_SYM53C8XX_MAX_TAGS=64 +CONFIG_SCSI_SYM53C8XX_MMIO=y +# CONFIG_SCSI_IPR is not set +CONFIG_SCSI_QLOGIC_1280=m +CONFIG_SCSI_QLA_FC=m +CONFIG_SCSI_QLA_ISCSI=m +CONFIG_SCSI_LPFC=m +CONFIG_SCSI_DC395x=m +CONFIG_SCSI_DC390T=m +CONFIG_SCSI_NSP32=m +# CONFIG_SCSI_DEBUG is not set +# CONFIG_SCSI_SRP is not set + +# +# PCMCIA SCSI adapter support +# +CONFIG_PCMCIA_AHA152X=m +CONFIG_PCMCIA_FDOMAIN=m +CONFIG_PCMCIA_NINJA_SCSI=m +CONFIG_PCMCIA_QLOGIC=m +CONFIG_PCMCIA_SYM53C500=m + +# +# Serial ATA (prod) and Parallel ATA (experimental) drivers +# +CONFIG_ATA=m +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_SATA_AHCI=m +CONFIG_SATA_SVW=m +CONFIG_ATA_PIIX=m +CONFIG_SATA_MV=m +CONFIG_SATA_NV=m +CONFIG_PDC_ADMA=m +CONFIG_SATA_QSTOR=m +CONFIG_SATA_PROMISE=m +CONFIG_SATA_SX4=m +CONFIG_SATA_SIL=m +CONFIG_SATA_SIL24=m +CONFIG_SATA_SIS=m +CONFIG_SATA_ULI=m +CONFIG_SATA_VIA=m +CONFIG_SATA_VITESSE=m +CONFIG_SATA_INTEL_COMBINED=y +CONFIG_PATA_ALI=m +CONFIG_PATA_AMD=m +CONFIG_PATA_ARTOP=m +CONFIG_PATA_ATIIXP=m +CONFIG_PATA_CMD64X=m +CONFIG_PATA_CS5520=m +CONFIG_PATA_CS5530=m +CONFIG_PATA_CS5535=m +CONFIG_PATA_CYPRESS=m +CONFIG_PATA_EFAR=m +CONFIG_ATA_GENERIC=m +CONFIG_PATA_HPT366=m +CONFIG_PATA_HPT37X=m +CONFIG_PATA_HPT3X2N=m +CONFIG_PATA_HPT3X3=m +CONFIG_PATA_IT821X=m +CONFIG_PATA_JMICRON=m +CONFIG_PATA_TRIFLEX=m +CONFIG_PATA_MARVELL=m +CONFIG_PATA_MPIIX=m +CONFIG_PATA_OLDPIIX=m +CONFIG_PATA_NETCELL=m +CONFIG_PATA_NS87410=m +CONFIG_PATA_OPTI=m +CONFIG_PATA_OPTIDMA=m +CONFIG_PATA_PCMCIA=m +CONFIG_PATA_PDC_OLD=m +CONFIG_PATA_RADISYS=m +CONFIG_PATA_RZ1000=m +CONFIG_PATA_SC1200=m +CONFIG_PATA_SERVERWORKS=m +CONFIG_PATA_PDC2027X=m +CONFIG_PATA_SIL680=m +CONFIG_PATA_SIS=m +CONFIG_PATA_VIA=m +CONFIG_PATA_WINBOND=m + +# +# Multi-device support (RAID and LVM) +# +CONFIG_MD=y +CONFIG_BLK_DEV_MD=m +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=m +# CONFIG_MD_RAID10 is not set +# CONFIG_MD_RAID456 is not set +# CONFIG_MD_MULTIPATH is not set +# CONFIG_MD_FAULTY is not set +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_CRYPT=y +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_MIRROR=m +# CONFIG_DM_ZERO is not set +# CONFIG_DM_MULTIPATH is not set + +# +# Fusion MPT device support +# +# CONFIG_FUSION is not set +# CONFIG_FUSION_SPI is not set +# CONFIG_FUSION_FC is not set +# CONFIG_FUSION_SAS is not set + +# +# IEEE 1394 (FireWire) support +# +CONFIG_IEEE1394=y + +# +# Subsystem Options +# +# CONFIG_IEEE1394_VERBOSEDEBUG is not set +CONFIG_IEEE1394_OUI_DB=y +# CONFIG_IEEE1394_EXTRA_CONFIG_ROMS is not set +# CONFIG_IEEE1394_EXPORT_FULL_API is not set + +# +# Device Drivers +# + +# +# Texas Instruments PCILynx requires I2C +# +CONFIG_IEEE1394_OHCI1394=y + +# +# Protocol Drivers +# +# CONFIG_IEEE1394_VIDEO1394 is not set +CONFIG_IEEE1394_SBP2=y +# CONFIG_IEEE1394_SBP2_PHYS_DMA is not set +# CONFIG_IEEE1394_ETH1394 is not set +# CONFIG_IEEE1394_DV1394 is not set +CONFIG_IEEE1394_RAWIO=y + +# +# I2O device support +# +# CONFIG_I2O is not set + +# +# Network device support +# +CONFIG_NETDEVICES=y +# CONFIG_DUMMY is not set +# CONFIG_BONDING is not set +# CONFIG_EQUALIZER is not set +CONFIG_TUN=m +# CONFIG_NET_SB1000 is not set + +# +# ARCnet devices +# +# CONFIG_ARCNET is not set + +# +# PHY device support +# +# CONFIG_PHYLIB is not set + +# +# Ethernet (10 or 100Mbit) +# +CONFIG_NET_ETHERNET=y +CONFIG_MII=y +CONFIG_HAPPYMEAL=y +CONFIG_SUNGEM=y +CONFIG_CASSINI=y +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=y +CONFIG_TYPHOON=y + +# +# Tulip family network device support +# +CONFIG_NET_TULIP=y +CONFIG_DE2104X=y +CONFIG_TULIP=y +CONFIG_TULIP_MWI=y +CONFIG_TULIP_MMIO=y +CONFIG_TULIP_NAPI=y +CONFIG_TULIP_NAPI_HW_MITIGATION=y +CONFIG_DE4X5=y +CONFIG_WINBOND_840=y +CONFIG_DM9102=y +# CONFIG_ULI526X is not set +# CONFIG_PCMCIA_XIRCOM is not set +# CONFIG_PCMCIA_XIRTULIP is not set +CONFIG_HP100=y +CONFIG_NET_PCI=y +CONFIG_PCNET32=y +# CONFIG_PCNET32_NAPI is not set +CONFIG_AMD8111_ETH=y +CONFIG_AMD8111E_NAPI=y +CONFIG_ADAPTEC_STARFIRE=y +# CONFIG_ADAPTEC_STARFIRE_NAPI is not set +CONFIG_B44=y +CONFIG_FORCEDETH=y +# CONFIG_FORCEDETH_NAPI is not set +# CONFIG_DGRS is not set +CONFIG_EEPRO100=y +CONFIG_E100=y +CONFIG_FEALNX=y +CONFIG_NATSEMI=y +CONFIG_NE2K_PCI=y +CONFIG_8139CP=y +CONFIG_8139TOO=y +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_SIS900=y +CONFIG_EPIC100=y +CONFIG_SUNDANCE=y +CONFIG_SUNDANCE_MMIO=y +CONFIG_TLAN=y +CONFIG_VIA_RHINE=y +CONFIG_VIA_RHINE_MMIO=y +# CONFIG_VIA_RHINE_NAPI is not set +CONFIG_NET_POCKET=y +CONFIG_ATP=m +CONFIG_DE600=m +CONFIG_DE620=m + +# +# Ethernet (1000 Mbit) +# +CONFIG_ACENIC=y +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_DL2K=y +CONFIG_E1000=y +# CONFIG_E1000_NAPI is not set +# CONFIG_E1000_DISABLE_PACKET_SPLIT is not set +CONFIG_NS83820=y +CONFIG_HAMACHI=y +CONFIG_YELLOWFIN=y +CONFIG_R8169=y +# CONFIG_R8169_NAPI is not set +CONFIG_SIS190=y +CONFIG_SKGE=y +CONFIG_SKY2=y +CONFIG_SK98LIN=y +CONFIG_VIA_VELOCITY=y +CONFIG_TIGON3=y +CONFIG_BNX2=y +CONFIG_QLA3XXX=y + +# +# Ethernet (10000 Mbit) +# +# CONFIG_CHELSIO_T1 is not set +# CONFIG_IXGB is not set +# CONFIG_S2IO is not set +# CONFIG_MYRI10GE is not set +# CONFIG_NETXEN_NIC is not set + +# +# Token Ring devices +# +# CONFIG_TR is not set + +# +# Wireless LAN (non-hamradio) +# +# CONFIG_NET_RADIO is not set + +# +# PCMCIA network device support +# +CONFIG_NET_PCMCIA=y +CONFIG_PCMCIA_3C589=m +CONFIG_PCMCIA_3C574=m +CONFIG_PCMCIA_FMVJ18X=m +CONFIG_PCMCIA_PCNET=m +CONFIG_PCMCIA_NMCLAN=m +CONFIG_PCMCIA_SMC91C92=m +CONFIG_PCMCIA_XIRC2PS=m +CONFIG_PCMCIA_AXNET=m + +# +# Wan interfaces +# +# CONFIG_WAN is not set +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_PLIP is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_NET_FC is not set +# CONFIG_SHAPER is not set +# CONFIG_NETCONSOLE is not set +# CONFIG_NETPOLL is not set +# CONFIG_NET_POLL_CONTROLLER is not set + +# +# ISDN subsystem +# +# CONFIG_ISDN is not set + +# +# Telephony Support +# +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +# CONFIG_INPUT_FF_MEMLESS is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=800 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=600 +# CONFIG_INPUT_JOYDEV is not set +# CONFIG_INPUT_TSDEV is not set +# CONFIG_INPUT_EVDEV is not set +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +# CONFIG_SERIO_SERPORT is not set +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PARKBD is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +# CONFIG_VT_HW_CONSOLE_BINDING is not set +# CONFIG_SERIAL_NONSTANDARD is not set + +# +# Serial drivers +# +# CONFIG_SERIAL_8250 is not set + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_JSM is not set +CONFIG_UNIX98_PTYS=y +# CONFIG_LEGACY_PTYS is not set +# CONFIG_PRINTER is not set +# CONFIG_PPDEV is not set +# CONFIG_TIPAR is not set + +# +# IPMI +# +# CONFIG_IPMI_HANDLER is not set + +# +# Watchdog Cards +# +# CONFIG_WATCHDOG is not set +CONFIG_HW_RANDOM=y +CONFIG_HW_RANDOM_INTEL=y +CONFIG_HW_RANDOM_AMD=y +CONFIG_HW_RANDOM_GEODE=y +CONFIG_HW_RANDOM_VIA=y +# CONFIG_NVRAM is not set +CONFIG_RTC=y +# CONFIG_DTLK is not set +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_SONYPI is not set +# CONFIG_AGP is not set +# CONFIG_DRM is not set + +# +# PCMCIA character devices +# +# CONFIG_SYNCLINK_CS is not set +# CONFIG_CARDMAN_4000 is not set +# CONFIG_CARDMAN_4040 is not set +# CONFIG_MWAVE is not set +# CONFIG_PC8736x_GPIO is not set +# CONFIG_NSC_GPIO is not set +# CONFIG_CS5535_GPIO is not set +# CONFIG_RAW_DRIVER is not set +# CONFIG_HPET is not set +# CONFIG_HANGCHECK_TIMER is not set + +# +# TPM devices +# +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set + +# +# I2C support +# +# CONFIG_I2C is not set + +# +# SPI support +# +# CONFIG_SPI is not set +# CONFIG_SPI_MASTER is not set + +# +# Dallas's 1-wire bus +# +# CONFIG_W1 is not set + +# +# Hardware Monitoring support +# +CONFIG_HWMON=y +# CONFIG_HWMON_VID is not set +# CONFIG_SENSORS_ABITUGURU is not set +# CONFIG_SENSORS_K8TEMP is not set +# CONFIG_SENSORS_F71805F is not set +# CONFIG_SENSORS_PC87427 is not set +# CONFIG_SENSORS_VT1211 is not set +# CONFIG_SENSORS_HDAPS is not set +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Multimedia devices +# +# CONFIG_VIDEO_DEV is not set + +# +# Digital Video Broadcasting Devices +# +# CONFIG_DVB is not set +# CONFIG_USB_DABUSB is not set + +# +# Graphics support +# +CONFIG_FIRMWARE_EDID=y +# CONFIG_FB is not set + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +# CONFIG_VGACON_SOFT_SCROLLBACK is not set +# CONFIG_VIDEO_SELECT is not set +CONFIG_DUMMY_CONSOLE=y +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set + +# +# Sound +# +# CONFIG_SOUND is not set + +# +# HID Devices +# +CONFIG_HID=y + +# +# USB support +# +CONFIG_USB_ARCH_HAS_HCD=y +CONFIG_USB_ARCH_HAS_OHCI=y +CONFIG_USB_ARCH_HAS_EHCI=y +CONFIG_USB=y +# CONFIG_USB_DEBUG is not set + +# +# Miscellaneous USB options +# +CONFIG_USB_DEVICEFS=y +# CONFIG_USB_BANDWIDTH is not set +# CONFIG_USB_DYNAMIC_MINORS is not set +# CONFIG_USB_SUSPEND is not set +# CONFIG_USB_OTG is not set + +# +# USB Host Controller Drivers +# +CONFIG_USB_EHCI_HCD=y +# CONFIG_USB_EHCI_SPLIT_ISO is not set +# CONFIG_USB_EHCI_ROOT_HUB_TT is not set +# CONFIG_USB_EHCI_TT_NEWSCHED is not set +CONFIG_USB_ISP116X_HCD=y +CONFIG_USB_OHCI_HCD=y +# CONFIG_USB_OHCI_BIG_ENDIAN is not set +CONFIG_USB_OHCI_LITTLE_ENDIAN=y +CONFIG_USB_UHCI_HCD=y +CONFIG_USB_SL811_HCD=y +# CONFIG_USB_SL811_CS is not set + +# +# USB Device Class drivers +# +CONFIG_USB_ACM=y +# CONFIG_USB_PRINTER is not set + +# +# NOTE: USB_STORAGE enables SCSI, and 'SCSI disk support' +# + +# +# may also be needed; see USB_STORAGE Help for more information +# +CONFIG_USB_STORAGE=y +# CONFIG_USB_STORAGE_DEBUG is not set +# CONFIG_USB_STORAGE_DATAFAB is not set +CONFIG_USB_STORAGE_FREECOM=y +CONFIG_USB_STORAGE_ISD200=y +CONFIG_USB_STORAGE_DPCM=y +# CONFIG_USB_STORAGE_USBAT is not set +# CONFIG_USB_STORAGE_SDDR09 is not set +# CONFIG_USB_STORAGE_SDDR55 is not set +# CONFIG_USB_STORAGE_JUMPSHOT is not set +# CONFIG_USB_STORAGE_ALAUDA is not set +# CONFIG_USB_STORAGE_KARMA is not set +# CONFIG_USB_LIBUSUAL is not set + +# +# USB Input Devices +# +# CONFIG_USB_HID is not set + +# +# USB HID Boot Protocol drivers +# +# CONFIG_USB_KBD is not set +# CONFIG_USB_MOUSE is not set +# CONFIG_USB_AIPTEK is not set +# CONFIG_USB_WACOM is not set +# CONFIG_USB_ACECAD is not set +# CONFIG_USB_KBTAB is not set +# CONFIG_USB_POWERMATE is not set +# CONFIG_USB_TOUCHSCREEN is not set +# CONFIG_USB_YEALINK is not set +# CONFIG_USB_XPAD is not set +# CONFIG_USB_ATI_REMOTE is not set +# CONFIG_USB_ATI_REMOTE2 is not set +# CONFIG_USB_KEYSPAN_REMOTE is not set +# CONFIG_USB_APPLETOUCH is not set + +# +# USB Imaging devices +# +# CONFIG_USB_MDC800 is not set +# CONFIG_USB_MICROTEK is not set + +# +# USB Network Adapters +# +# CONFIG_USB_CATC is not set +# CONFIG_USB_KAWETH is not set +# CONFIG_USB_PEGASUS is not set +# CONFIG_USB_RTL8150 is not set +# CONFIG_USB_USBNET_MII is not set +# CONFIG_USB_USBNET is not set +# CONFIG_USB_MON is not set + +# +# USB port drivers +# +# CONFIG_USB_USS720 is not set + +# +# USB Serial Converter support +# +# CONFIG_USB_SERIAL is not set + +# +# USB Miscellaneous drivers +# +# CONFIG_USB_EMI62 is not set +# CONFIG_USB_EMI26 is not set +# CONFIG_USB_ADUTUX is not set +# CONFIG_USB_AUERSWALD is not set +# CONFIG_USB_RIO500 is not set +# CONFIG_USB_LEGOTOWER is not set +# CONFIG_USB_LCD is not set +# CONFIG_USB_LED is not set +# CONFIG_USB_CYPRESS_CY7C63 is not set +# CONFIG_USB_CYTHERM is not set +# CONFIG_USB_PHIDGET is not set +# CONFIG_USB_IDMOUSE is not set +# CONFIG_USB_FTDI_ELAN is not set +# CONFIG_USB_APPLEDISPLAY is not set +# CONFIG_USB_SISUSBVGA is not set +# CONFIG_USB_LD is not set +# CONFIG_USB_TRANCEVIBRATOR is not set +# CONFIG_USB_TEST is not set + +# +# USB DSL modem support +# + +# +# USB Gadget Support +# +# CONFIG_USB_GADGET is not set + +# +# MMC/SD Card support +# +# CONFIG_MMC is not set + +# +# LED devices +# +# CONFIG_NEW_LEDS is not set + +# +# LED drivers +# + +# +# LED Triggers +# + +# +# InfiniBand support +# +# CONFIG_INFINIBAND is not set + +# +# EDAC - error detection and reporting (RAS) (EXPERIMENTAL) +# +# CONFIG_EDAC is not set + +# +# Real Time Clock +# +# CONFIG_RTC_CLASS is not set + +# +# DMA Engine support +# +# CONFIG_DMA_ENGINE is not set + +# +# DMA Clients +# + +# +# DMA Devices +# + +# +# Virtualization +# +# CONFIG_KVM is not set + +# +# File systems +# +CONFIG_EXT2_FS=y +CONFIG_EXT2_FS_XATTR=y +# CONFIG_EXT2_FS_POSIX_ACL is not set +# CONFIG_EXT2_FS_SECURITY is not set +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +CONFIG_EXT3_FS_XATTR=y +# CONFIG_EXT3_FS_POSIX_ACL is not set +# CONFIG_EXT3_FS_SECURITY is not set +# CONFIG_EXT4DEV_FS is not set +CONFIG_JBD=y +# CONFIG_JBD_DEBUG is not set +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=y +# CONFIG_REISERFS_CHECK is not set +# CONFIG_REISERFS_PROC_INFO is not set +# CONFIG_REISERFS_FS_XATTR is not set +# CONFIG_JFS_FS is not set +# CONFIG_FS_POSIX_ACL is not set +CONFIG_XFS_FS=y +CONFIG_XFS_QUOTA=y +CONFIG_XFS_SECURITY=y +CONFIG_XFS_POSIX_ACL=y +# CONFIG_XFS_RT is not set +# CONFIG_GFS2_FS is not set +# CONFIG_OCFS2_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_ROMFS_FS is not set +CONFIG_INOTIFY=y +CONFIG_INOTIFY_USER=y +# CONFIG_QUOTA is not set +CONFIG_QUOTACTL=y +CONFIG_DNOTIFY=y +# CONFIG_AUTOFS_FS is not set +# CONFIG_AUTOFS4_FS is not set +# CONFIG_FUSE_FS is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=y +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_ZISOFS_FS=y +CONFIG_UDF_FS=y +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=y +# CONFIG_MSDOS_FS is not set +CONFIG_VFAT_FS=y +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=y +# CONFIG_NTFS_DEBUG is not set +# CONFIG_NTFS_RW is not set + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +# CONFIG_TMPFS_POSIX_ACL is not set +# CONFIG_HUGETLBFS is not set +# CONFIG_HUGETLB_PAGE is not set +CONFIG_RAMFS=y +# CONFIG_CONFIGFS_FS is not set + +# +# Miscellaneous filesystems +# +# CONFIG_ADFS_FS is not set +# CONFIG_AFFS_FS is not set +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +CONFIG_CRAMFS=y +# CONFIG_VXFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set + +# +# Network File Systems +# +# CONFIG_NFS_FS is not set +# CONFIG_NFSD is not set +CONFIG_SMB_FS=y +# CONFIG_SMB_NLS_DEFAULT is not set +CONFIG_CIFS=y +# CONFIG_CIFS_STATS is not set +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_XATTR is not set +# CONFIG_CIFS_DEBUG2 is not set +# CONFIG_CIFS_EXPERIMENTAL is not set +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +# CONFIG_AFS_FS is not set +# CONFIG_9P_FS is not set + +# +# Partition Types +# +# CONFIG_PARTITION_ADVANCED is not set +CONFIG_MSDOS_PARTITION=y + +# +# Native Language Support +# +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="iso8859-15" +CONFIG_NLS_CODEPAGE_437=y +# CONFIG_NLS_CODEPAGE_737 is not set +# CONFIG_NLS_CODEPAGE_775 is not set +CONFIG_NLS_CODEPAGE_850=y +# CONFIG_NLS_CODEPAGE_852 is not set +# CONFIG_NLS_CODEPAGE_855 is not set +# CONFIG_NLS_CODEPAGE_857 is not set +# CONFIG_NLS_CODEPAGE_860 is not set +# CONFIG_NLS_CODEPAGE_861 is not set +# CONFIG_NLS_CODEPAGE_862 is not set +# CONFIG_NLS_CODEPAGE_863 is not set +# CONFIG_NLS_CODEPAGE_864 is not set +# CONFIG_NLS_CODEPAGE_865 is not set +# CONFIG_NLS_CODEPAGE_866 is not set +# CONFIG_NLS_CODEPAGE_869 is not set +# CONFIG_NLS_CODEPAGE_936 is not set +# CONFIG_NLS_CODEPAGE_950 is not set +CONFIG_NLS_CODEPAGE_932=m +# CONFIG_NLS_CODEPAGE_949 is not set +# CONFIG_NLS_CODEPAGE_874 is not set +# CONFIG_NLS_ISO8859_8 is not set +# CONFIG_NLS_CODEPAGE_1250 is not set +# CONFIG_NLS_CODEPAGE_1251 is not set +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=y +CONFIG_NLS_ISO8859_2=y +CONFIG_NLS_ISO8859_3=y +CONFIG_NLS_ISO8859_4=y +CONFIG_NLS_ISO8859_5=y +CONFIG_NLS_ISO8859_6=y +CONFIG_NLS_ISO8859_7=y +CONFIG_NLS_ISO8859_9=y +CONFIG_NLS_ISO8859_13=y +CONFIG_NLS_ISO8859_14=y +CONFIG_NLS_ISO8859_15=y +CONFIG_NLS_KOI8_R=y +CONFIG_NLS_KOI8_U=y +# CONFIG_NLS_UTF8 is not set + +# +# Distributed Lock Manager +# +# CONFIG_DLM is not set + +# +# Instrumentation Support +# +# CONFIG_PROFILING is not set +# CONFIG_KPROBES is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +# CONFIG_PRINTK_TIME is not set +# CONFIG_ENABLE_MUST_CHECK is not set +# CONFIG_MAGIC_SYSRQ is not set +# CONFIG_UNUSED_SYMBOLS is not set +# CONFIG_DEBUG_FS is not set +# CONFIG_HEADERS_CHECK is not set +# CONFIG_DEBUG_KERNEL is not set +CONFIG_LOG_BUF_SHIFT=14 +CONFIG_DEBUG_BUGVERBOSE=y +CONFIG_EARLY_PRINTK=y +CONFIG_DOUBLEFAULT=y + +# +# Security options +# +# CONFIG_KEYS is not set +# CONFIG_SECURITY is not set + +# +# Cryptographic options +# +CONFIG_CRYPTO=y +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_HMAC=y +# CONFIG_CRYPTO_XCBC is not set +# CONFIG_CRYPTO_NULL is not set +# CONFIG_CRYPTO_MD4 is not set +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=y +CONFIG_CRYPTO_SHA512=y +# CONFIG_CRYPTO_WP512 is not set +# CONFIG_CRYPTO_TGR192 is not set +# CONFIG_CRYPTO_GF128MUL is not set +CONFIG_CRYPTO_ECB=m +CONFIG_CRYPTO_CBC=y +# CONFIG_CRYPTO_LRW is not set +CONFIG_CRYPTO_DES=y +# CONFIG_CRYPTO_BLOWFISH is not set +CONFIG_CRYPTO_TWOFISH=y +CONFIG_CRYPTO_TWOFISH_COMMON=y +CONFIG_CRYPTO_TWOFISH_586=y +# CONFIG_CRYPTO_SERPENT is not set +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_586=y +# CONFIG_CRYPTO_CAST5 is not set +# CONFIG_CRYPTO_CAST6 is not set +# CONFIG_CRYPTO_TEA is not set +# CONFIG_CRYPTO_ARC4 is not set +# CONFIG_CRYPTO_KHAZAD is not set +# CONFIG_CRYPTO_ANUBIS is not set +CONFIG_CRYPTO_DEFLATE=y +# CONFIG_CRYPTO_MICHAEL_MIC is not set +CONFIG_CRYPTO_CRC32C=y +# CONFIG_CRYPTO_TEST is not set + +# +# Hardware crypto devices +# +CONFIG_CRYPTO_DEV_PADLOCK=y +CONFIG_CRYPTO_DEV_PADLOCK_AES=y +CONFIG_CRYPTO_DEV_PADLOCK_SHA=m +CONFIG_CRYPTO_DEV_GEODE=m + +# +# Library routines +# +CONFIG_BITREVERSE=y +CONFIG_CRC_CCITT=y +# CONFIG_CRC16 is not set +CONFIG_CRC32=y +CONFIG_LIBCRC32C=y +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=y +CONFIG_PLIST=y +CONFIG_IOMAP_COPY=y +CONFIG_GENERIC_HARDIRQS=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_X86_BIOS_REBOOT=y +CONFIG_KTIME_SCALAR=y diff --git a/packages/cryptobox-server.deb b/packages/cryptobox-server.deb new file mode 120000 index 0000000..a5eebcc --- /dev/null +++ b/packages/cryptobox-server.deb @@ -0,0 +1 @@ +cryptobox-server_0.3.4.4-1_i386.deb \ No newline at end of file diff --git a/packages/cryptobox-server_0.3.4-1_i386.deb b/packages/cryptobox-server_0.3.4-1_i386.deb new file mode 100644 index 0000000..a6e6846 Binary files /dev/null and b/packages/cryptobox-server_0.3.4-1_i386.deb differ diff --git a/packages/dfsbuild_0.99.2.1_i386.deb b/packages/dfsbuild_0.99.2.1_i386.deb new file mode 100644 index 0000000..add83de Binary files /dev/null and b/packages/dfsbuild_0.99.2.1_i386.deb differ diff --git a/packages/info.txt b/packages/info.txt new file mode 100644 index 0000000..2369fe9 --- /dev/null +++ b/packages/info.txt @@ -0,0 +1,6 @@ +BEWARE: the uml kernel does not work correctly - see ../hints/starting_uml.txt for details + +see hints/kernel-build.txt for details on how to build and include a new kernel + +cryptsetup-luks is not yet officially available for debian +Source: http://einsteinmg.dyndns.org/debian/unstable/ diff --git a/packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb b/packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb new file mode 100644 index 0000000..308cbbf Binary files /dev/null and b/packages/linux-image-2.6.20_cryptobox0.3.3_i386.deb differ diff --git a/packages/ntfs-3g_1:1.516-1~bpo.1_i386.deb b/packages/ntfs-3g_1:1.516-1~bpo.1_i386.deb new file mode 100644 index 0000000..41cb553 Binary files /dev/null and b/packages/ntfs-3g_1:1.516-1~bpo.1_i386.deb differ diff --git a/packages/uml-kernel-2.6.12.3-cryptobox b/packages/uml-kernel-2.6.12.3-cryptobox new file mode 100755 index 0000000..072d2a8 Binary files /dev/null and b/packages/uml-kernel-2.6.12.3-cryptobox differ diff --git a/scripts/cbox-build.sh b/scripts/cbox-build.sh new file mode 100755 index 0000000..aadb289 --- /dev/null +++ b/scripts/cbox-build.sh @@ -0,0 +1,237 @@ +#!/bin/bash +# +# Copyright (c) 02005-02006 sense.lab +# +# License: This script is distributed under the terms of version 2 +# of the GNU GPL. See the LICENSE file included with the package. +# +# $Id$ +# +# managing our work at the cryptobox +# +# usual workflow: +# dfsbuild - create the image directory with dfsbuild +# config - apply cryptobox specific changes to the image directory +# harden - remove unnecessary packages and disable developer features +# iso - create the iso image +# isoz - create a compressed iso image +# burn - burns the image on a cd-rw +# +# final action: +# release - the same as "dfsbuild config harden isoz" +# +# +# problems of this script: +# - has to run as root +# - 'harden' is strangely integrated +# +# you may run this script with multiple arguments, e.g.: +# cb-build.sh dfsbuild config isoz +# +# the action "release" does what it says :) +# (all developer's features like sshd, writable templates and +# the test-suite are deactivated, some packages get removed) +# + +set -ue + +# include common functions and settings +source "$(dirname $0)/common.sh.inc" + + +################### some settings ###################### + +# dfsbuild config +DFS_CONFIG=$(get_config_file dfs-cbox.conf) + +# debian package of cryptobox-server +DEB_PACKAGE=$ROOT_DIR/packages/cryptobox-server.deb + + +####################### functions ###################### + +# samba fails to install if /proc/ is empty +# we force samba to skip startup during configuring +function workaround_samba_proc() +{ + # let dfsbuild start first + sleep 15 + local DEFAULT_DIR=$IMAGE_DIR/etc/default + mkdir -p "$DEFAULT_DIR" + echo "exit" >"$DEFAULT_DIR/samba" +} + + +function run_dfsbuild() +{ + # we need a secret gpg key for apt-move/reprepro(?) - very strange + # see: http://lists.debian.org/debian-user/2005/09/msg03288.html + if test -z "$(gpg --list-secret-keys 2>/dev/null)" + then echo "*************************************************************" + echo "* Sorry - for some strange reason you/root need a secret *" + echo "* gpg key without a passphrase! *" + echo "* Please create a key first: 'gpg --gen-key' *" + echo "*************************************************************" + exit 1 + fi >&2 + if [ -e "$BUILD_DIR" ] + then ## umount all other directories below + mount | cut -d " " -f 3- | sed "s/ type .*$//" | grep "$IMAGE_DIR" | while read mdir + do umount "$mdir" + done + echo "removing the build directory ($BUILD_DIR) to guarantee a clean build ..." + rm -r "$BUILD_DIR" + fi + + workaround_samba_proc & + + # build the target directory + LANG=C dfsbuild -c "$DFS_CONFIG" -w "$BUILD_DIR/" + + # remove iso image of dfsbuild - it is not necessary + [ -e "$BUILD_DIR/image.iso" ] && rm "$BUILD_DIR/image.iso" + + # finish package installation + echo "dpkg --configure --pending" | chroot_image +} + + +function create_uncompressed_iso() +{ + # check for a mounted procfs + mount | grep -q " $IMAGE_DIR/proc " && umount "$IMAGE_DIR/proc" + echo "Creating the iso ..." + mkisofs $MKISOFS_OPTIONS -o "$IMAGE_FILE" "$IMAGE_DIR" +} + + +function create_compressed_iso() +{ + # check for a mounted procfs + mount | grep -q " $IMAGE_DIR/proc " && umount "$IMAGE_DIR/proc" + echo "Creating the compressed iso ..." + [ -e "$IMAGEZ_DIR" ] && rm -r "$IMAGEZ_DIR" + mkdir "$IMAGEZ_DIR" + for a in $(ls "$IMAGE_DIR") + do if echo "$UNCOMPRESSED_ITEMS" | grep -q -w "$a" + then echo " Copying uncompressed item: $a ..." + cp -a "$IMAGE_DIR/$a" "$IMAGEZ_DIR" + else if [ -h "$IMAGE_DIR/$a" ] + then echo " Copying link: $a ..." + cp -a "$IMAGE_DIR/$a" "$IMAGEZ_DIR" + else echo " Compressing item: $a ..." + mkzftree "$IMAGE_DIR/$a" "$IMAGEZ_DIR/$a" + fi + fi + done + mkisofs -z $MKISOFS_OPTIONS -o "$IMAGEZ_FILE" "$IMAGEZ_DIR" +} + + +function configure_cb() +{ + if [ ! -e "$IMAGE_DIR" ]; then + echo -e "Directory \"$IMAGE_DIR\" not found!" + echo -e "Did you run \"$0 dfsbuild\"?" + exit 1 + fi + + echo "Copying files to the box ..." + svn export --force "$TEMPLATE_DIR/." "$IMAGE_DIR" + + echo "Configuring the cryptobox ..." + echo "/usr/lib/cryptobox-cd/configure-cryptobox.sh normal" | chroot_image + + # source local configure scripts + [ -d "$CUSTOM_CONFIGURE_DIR" ] && \ + find "$CUSTOM_CONFIGURE_DIR" -xtype f | sort | while read file + do echo "Sourcing custom configure script $(basename $file) ..." + # execute it in its own environment (to be safe) + # 'source' implicitly imports all current settings + # indent these lines to improve the output + ( source "$file" ) 2>&1 | sed 's/^/\t/' + done +} + + +function install_package() +{ + ## first disable automatic startup to avoid conflicts with local servers + local conf_file=$IMAGE_DIR/etc/default/cryptobox-server + test -e "$conf_file" && sed -i 's/^NO_START=.*$/NO_START=1/' "$conf_file" + local chroot_deb_file=/cryptobox-server.deb + cp "$DEB_PACKAGE" "$IMAGE_DIR$chroot_deb_file" + echo "dpkg -i $chroot_deb_file" | chroot_image + rm "$IMAGE_DIR$chroot_deb_file" +} + + +function blanknburn_cdrw() +{ + cdrecord -v dev=$CDWRITER blank=fast + if [ -e "$IMAGEZ_FILE" ]; then + cdrecord -v dev=$CDWRITER $IMAGEZ_FILE + elif [ -e "IMAGE_FILE" ]; then + cdrecord -v dev=$CDWRITER $IMAGE_FILE + else + echo "can't find CryptoBox image to burn" && exit 1 + fi +} + + +################ do it! ###################### + +[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'" + +# initialize local directories (easier for users) +for a in $LOCALCONF_DIR $CUSTOM_CONFIGURE_DIR + do [ ! -e "$a" ] && mkdir "$a" && chown --reference=. "$a" +done + +# check for uid=0 (necessary for all operations) +[ "$(id -u)" -ne 0 ] && echo "this script ($0) has to be called as root" >&2 && exit 1 + +while [ $# -gt 0 ] + do case "$1" in + dfsbuild ) + # check if we are in ROOT_DIR - otherwise we will have problems with + # relative paths in dfs-box.conf + [ "$ROOT_DIR" -ef "$(pwd)" ] || error_die 1 "Sorry: you have to run $0 while you are in '$ROOT_DIR'!" + run_dfsbuild + ;; + config ) + install_package + configure_cb normal + ;; + iso ) + create_uncompressed_iso + ;; + isoz ) + create_compressed_iso + ;; + harden ) + echo "/usr/lib/cryptobox-cd/configure-cryptobox.sh normal" | chroot_image + echo "/usr/lib/cryptobox-cd/configure-cryptobox.sh secure" | chroot_image + ;; + burn ) + blanknburn_cdrw + ;; + release ) + "$0" dfsbuild config harden isoz + md5sum $IMAGEZ_FILE > ${IMAGEZ_FILE}.md5sum + sha1sum $IMAGEZ_FILE > ${IMAGEZ_FILE}.sha1sum + ;; + help|--help ) + echo "Syntax: `basename $0` ( release | dfsbuild | config | harden | iso | isoz | burn | help )" + echo " (you may specify more than one action)" + echo + ;; + * ) + echo -e "unknown action: $1" + echo + $0 help + exit 1 + ;; + esac + shift + done diff --git a/scripts/cbox-dev.sh b/scripts/cbox-dev.sh new file mode 100755 index 0000000..1c57b2d --- /dev/null +++ b/scripts/cbox-dev.sh @@ -0,0 +1,157 @@ +#!/bin/bash +# +# Copyright (c) 02005 sense.lab +# +# License: This script is distributed under the terms of version 2 +# of the GNU GPL. See the LICENSE file included with the package. +# +# $Id$ +# +# managing our work at the cryptobox +# +# development actions: +# chroot - run first tests in a chroot environment +# qemu - run the qemu emulation with the uncompressed image +# qemuz - run the qemu emulation with the compressed image +# upload - copy your local files to tmpfs on a running cryptobox +# diff - compare tmpfs-files on a running cryptobox with the original +# merge - apply the diff to the local copy +# ssh - open a ssh connection to a running cryptobox +# +# problems of this script: +# - chroot has to run as root +# + +set -ue + +# include common functions and settings +source $(dirname $0)/common.sh.inc + +################### some settings ##################### + +# to connect to a development cryptobox with ssh +SSH_CONFIG_FILE=$(get_config_file ssh_config) + +# extract the hostname of the cryptobox from the ssh_config file +SSH_HOST=$(grep "^Host " "$SSH_CONFIG_FILE" | head -1 | sed 's/^Host *\(.*\)$/\1/') + + +####################### functions ###################### + + +function qemu_boot() +# parameter: iso_image_file +{ + # create a virtual harddisk image file + if [ ! -e "$HD_IMAGE" ] + then echo "Creating temporary harddisk image ..." + dd if=/dev/zero of="$HD_IMAGE" bs=1M count=$HD_IMAGE_SIZE + fi + echo "Starting qemu ..." + qemu -hda "$HD_IMAGE" -cdrom "$1" -boot d -m 96 -net nic -net tap || true +} + + +function upload2box() +# upload local files to a development cryptobox +# this is necessary to use an "old" development cd with +# new code - this affects only the web-interface and the +# cbox-manage.sh-script (the boot behaviour stays the same) +# +# of course, only the directories that are mapped to tmpfs can +# be updated this way +{ + local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox" + echo "Uploading the following dirs: $DIRS " + [ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR" + for a in $DIRS + do mkdir -p "$TMP_DIR/$a" + cp -r "$TEMPLATE_DIR/$a/." "$TMP_DIR/$a" + done + find "$TMP_DIR" -type d -name '\.svn' | while read a + do rm -rf "$a" + done + echo "Copying local files to the cryptobox ... " + if scp -F "$SSH_CONFIG_FILE" -rpq "$TMP_DIR/." cryptobox:/tmp/mirror + then echo "Set the base for future diffs to current state ..." + ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEV_FEATURES_SCRIPT" set_diff_base + else echo 'ERROR: copying failed!' + fi + rm -rf "$TMP_DIR" +} + + +function merge_from_box() +# merge a diff from a running development cryptobox into +# your local copy +{ + echo "Check for collisions ... (dry-run)" + if box_diff | patch --dry-run -p1 -d "$TEMPLATE_DIR" + then echo + echo "Applying diff ..." + box_diff | patch -p1 -d "$TEMPLATE_DIR" + echo + echo "Set the base for future diffs to current state ..." + ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEV_FEATURES_SCRIPT" set_diff_base + else echo "Merging will fail - do it manually!" + fi +} + + +# get the diff of a running cryptobox system between its current state +# and its original content +function box_diff() +{ + ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" "$DEV_FEATURES_SCRIPT" diff +} + + +############################# main ##################################### + +[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'" && exit 1 + +ACTION=--help +[ $# -gt 1 ] && ACTION=$1 + +case "$1" in + diff ) + # get a diff from a running development cryptobox + box_diff + ;; + merge ) + merge_from_box + ;; + upload ) + upload2box + ;; + chroot ) + # chroot may only be called as root + [ "$(id -u)" -ne 0 ] && echo "the action 'chroot' may only be called as root!" >&2 && exit 1 + echo + echo "##############################################################################" + echo "# BEWARE: you can severly harm your real harddisk in the chroot environment! #" + echo "##############################################################################" + echo + chroot_image + ;; + qemu ) + qemu_boot "$IMAGE_FILE" + ;; + qemuz ) + qemu_boot "$IMAGEZ_FILE" + ;; + ssh ) + ssh -F "$SSH_CONFIG_FILE" "$SSH_HOST" + ;; + help|--help ) + echo "Syntax: `basename $0` ( qemu | qemuz | chroot | upload | diff | merge | ssh | help )" + echo + ;; + * ) + echo -e "unknown action: $1" + echo + $0 help + exit 1 + ;; + esac + diff --git a/scripts/cleanup_target.sh b/scripts/cleanup_target.sh new file mode 100755 index 0000000..2f7c89b --- /dev/null +++ b/scripts/cleanup_target.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +umount "$1/proc" + diff --git a/scripts/common.sh.inc b/scripts/common.sh.inc new file mode 100644 index 0000000..b23cfd3 --- /dev/null +++ b/scripts/common.sh.inc @@ -0,0 +1,88 @@ +# +# common settings and functions for cryptobox scripts +# + +#################### some functions #################### + +# get the path of a configuration file - local configuration files +# supersede default files +# parameter: base name of the configuration file +function get_config_file() +{ + [ -e "$LOCALCONF_DIR/$1" ] && echo "$LOCALCONF_DIR/$1" && return 0 + [ -e "$DEFAULTCONF_DIR/$1" ] && echo "$DEFAULTCONF_DIR/$1" && return 0 + echo "configuration file ($1) not found!" >&2 + exit 1 +} + +function error_die() +{ + echo "$2" >&2 + exit $1 +} + +function chroot_image() +{ + MNT_SRC=$IMAGE_DIR/opt/dfsruntime/runtimerd + MNT_DST=$IMAGE_DIR/opt/dfsruntime/runtimemnt + TMP_DIR=/tmp/cryptobox-chroot-$(basename $0)-$$ + [ -d "$TMP_DIR" ] && rm -rf "$TMP_DIR" + + cp -a "$MNT_SRC/." "$TMP_DIR" + mount --bind "$TMP_DIR" "$MNT_DST" + + [ ! -e "$TMP_DIR/dev/null" ] && mknod "$TMP_DIR/dev/null" c 1 3 && chmod 666 "$TMP_DIR/dev/null" + [ ! -e "$TMP_DIR/dev/urandom" ] && mknod "$TMP_DIR/dev/urandom" c 1 9 && chmod 444 "$TMP_DIR/dev/urandom" + [ ! -e "$TMP_DIR/dev/console" ] && mknod "$TMP_DIR/dev/console" c 1 5 && chmod 660 "$TMP_DIR/dev/console" + + # remember, if proc was mounted before (e.g. because of a running chroot) + local PROC_WAS_MOUNTED=no + mount -t proc proc "$IMAGE_DIR/proc" 2>/dev/null || PROC_WAS_MOUNTED=yes + + # default language setting - prevents dpkg error messages + # set default terminal (good if you are running in a screen session) + LANG=C TERM=linux chroot "$IMAGE_DIR" /bin/bash + + umount "$MNT_DST" + [ "$PROC_WAS_MOUNTED" = "no" ] && umount "$IMAGE_DIR/proc" + rm -r "$TMP_DIR" +} + +################### general settings ################### + +# the base directory of your local development files +ROOT_DIR=$(dirname "$0")/.. +ROOT_DIR=$(cd "$ROOT_DIR"; pwd) + +# the template (default) configuration directory +DEFAULTCONF_DIR="$ROOT_DIR/etc-defaults.d" + +# your local configuration directory (existing files supersede the defaults) +LOCALCONF_DIR="$ROOT_DIR/etc-local.d" + +# local configuration directory - contains scripts to be executed after +# 'configure' +CUSTOM_CONFIGURE_DIR="$ROOT_DIR/configure-local.d" + +# the chroot-wrapper within the cryptobox +CHROOT_START="/usr/lib/cryptobox-cd/chroot-start.sh" + + +############# include local configuration ############## + +if [ -e "$(get_config_file cbox-dev.conf)" ] + then source "$(get_config_file cbox-dev.conf)" + else echo "local cbox-dev.conf ($(get_config_file cbox-dev.conf)) does not exist!" >&2 + exit 1 + fi + +# image directory created by dfsbuild +# the BUILD_DIR is defined in the local cbox-dev.conf +IMAGE_DIR=$BUILD_DIR/target +IMAGEZ_DIR=$BUILD_DIR/target.z +IMAGEZ_FILE="${IMAGE_FILE%.iso}_compressed.iso" +UNCOMPRESSED_ITEMS="_offline autorun.inf start.html boot opt boot.catalog" + +HD_IMAGE=$ROOT_DIR/test.img +HD_IMAGE_SIZE=256 + diff --git a/scripts/mirror_offline_doc.sh b/scripts/mirror_offline_doc.sh new file mode 100755 index 0000000..816dfde --- /dev/null +++ b/scripts/mirror_offline_doc.sh @@ -0,0 +1,141 @@ +#!/bin/sh + +PROJ_DIR=$(dirname "$0")/.. +PROJ_DIR=$(cd "$PROJ_DIR"; pwd) +DEST_DIR="$PROJ_DIR/live-cd-tree.d/_offline/doc" +WIKI_PAGES="doc/0.3/CryptoBoxUserGettingStarted/en + doc/0.3/CryptoBoxUserDailyUse/en + CryptoBoxUser/en + faq" + + +function prepare_wiki_page() +{ + sed -i '1,/
/d' "$1" + # remove the "comment" or "edit" stuff + sed -i '/

Comments<\/h2>/,$d' "$1" + sed -i '/
/,$d' "$1" + # remove the last horizontal line + sed -i '$,$d' "$1" + # add anchor ids to every head line + sed -i 's#\(.*\)\2#\n#g' "$1" + sed -i '/outdated/,/<\/ol>/d' "$1" + # remove "searchable" ids (blue coloring of head lines) + sed -i 's#
#
#g' "$1" + # fix image sources + sed -i 's#src="/file/[^"]*/\([^/\?]*\)["\?]#src="\1"#g' "$1" +} + + +function wrap_wiki_page() +{ + # add header and footer + ( + echo "$page_header" + echo '
' + cat "$1" + echo '
' + echo "$page_footer" + ) >"${1}.new" + mv "${1}.new" "$1" +} + + +function rename_files() +{ + ls | grep "\?format=raw$" | while read fname + do local real_name=$(echo "$fname" | sed 's/\?.*$//') + mv "$fname" "$real_name" + done + ls | grep "\.[0-9]*$" | while read fname + do rm "$fname" + done +} + + +function redirect_homepage_links() +{ + ls *.html | while read fname + do while grep -q '="http://devel.cryptobox.org/wiki/[^/"]*/' "$fname" + do sed -i 's#\(="http://devel.cryptobox.org/wiki/[^/"]*\)/#\1_#g' "$fname" + done + sed -i 's#="http://devel.cryptobox.org/wiki/\([^"\#]*\)\(["\#]\)#="\1.html\2"#g' "$fname" + done +} + + +function remove_useless_files() +{ + rm -f robots.txt +} + + +function rename_one_file() +{ + find . -type f | grep -v "/\.svn" | while read fname + do sed -i "s#\([^a-zA-Z0-9]\)$1#\1$2#g" "$fname" + done + mv "$1" "$2" +} + + +function rename_long_files() +{ + # this is necessary to avoid problems with the 31-character restriction of iso9660 + # on windows systems + find . -type f | grep -v "/\.svn" | while read fname + do if test 14 -lt "${#fname}" + then local neu_prefix=$(echo "${fname:2:6}" | sed 's#/#_#g') + local neu_num=0 + local neu_suffix=$(echo "$fname"| sed 's#^.*\.\([^\.]*\)$#.\1#g') + test 5 -lt "${#neu_suffix}" && neu_suffix=.${neu_suffix:-4} + while test -e "$neu_prefix$neu_num$neu_suffix" + do local i=$((neu_num+1)) + # we should use the additional step (using 'i') to avoid a bash-specific + # handling of self-increment + neu_num=$i + done + rename_one_file "${fname:2}" "$neu_prefix$neu_num$neu_suffix" + fi + done +} + + +test ! -d "$DEST_DIR" && echo "Destination directory does not exist: $DEST_DIR" && exit 1 + +# cleanup destination directory +test -e "$DEST_DIR/index.html" && find "$DEST_DIR/" -type f | grep -v "/\.svn" | xargs rm + +cd "$DEST_DIR" + +# retrieve pages from cryptobox.org +wget --mirror --page-requisites --no-directories --convert-links --quiet http://cryptobox.org +wget --output-document=header.jpg --quiet http://cryptobox.org/gfx/header.jpg + +page_header=$(sed -n '1,//p' index.html) +page_footer=$(sed -n '//,$p' index.html) + +for page in $WIKI_PAGES + do filename=${page//\//_}.html + wget --no-directories --page-requisites --quiet "http://devel.cryptobox.org/wiki/$page" + mv "$(basename $page)" "$filename" + prepare_wiki_page "$filename" "$page" + wrap_wiki_page "$filename" + done + +rename_files +redirect_homepage_links +remove_useless_files +rename_long_files + diff --git a/scripts/prepare_target.sh b/scripts/prepare_target.sh new file mode 100755 index 0000000..47f8fb5 --- /dev/null +++ b/scripts/prepare_target.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +# the samba package requires /proc to be present +mount --bind /proc "$1/proc" + diff --git a/scripts/show_TODO.sh b/scripts/show_TODO.sh new file mode 100755 index 0000000..a2904ec --- /dev/null +++ b/scripts/show_TODO.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# +# Copyright (c) 02005 sense.lab +# +# License: This script is distributed under the terms of version 2 +# of the GNU GPL. See the LICENSE file included with the package. +# + +grep "TODO" $(find "$(dirname $0)/.." -type f | grep -v "\.svn" | grep -v "$(basename $0)") diff --git a/scripts/validate.sh b/scripts/validate.sh new file mode 100755 index 0000000..fee79a3 --- /dev/null +++ b/scripts/validate.sh @@ -0,0 +1,147 @@ +#!/bin/sh +# +# Copyright (c) 02005 sense.lab +# +# License: This script is distributed under the terms of version 2 +# of the GNU GPL. See the LICENSE file included with the package. +# +# $Id$ +# +# do a validation +# +# use "--help" for a list of possible actions +# + +set -eu + +# include common functions and settings +source $(dirname $0)/common.sh.inc + +# extract confirmation text from language file +confirmtext=$(grep "\" "$TEMPLATE_DIR/usr/share/cryptobox/lang/${VALIDATE_LANGUAGE}.hdf" | sed 's/[^=]*=[^a-zA-Z]*\(.*\)$/\1/; s/ /%20/g; s/!/%21/g; s/,/%2C/g') + +##################### some functions ######################## + +function do_single() +# Parameter: "test case dir" "output directory for results" +{ + local TESTNAME=$(basename $1) + # replace IPs and ports in the curl-file by local settings + cat "$1/input.curl" | substitute_constants | curl --insecure --silent --output "${2}/${TESTNAME}.html" --config - + # remove possible refresh-redirect + sed -i 's/]*>//g' "${2}/${TESTNAME}.html" + # there is no status in certain cases - e.g. for error 404 + if [ -e "${2}/${TESTNAME}.html" ] + then sed "1,/CBOX-STATUS-begin/d; /CBOX-STATUS-end/,\$d" "${2}/${TESTNAME}.html" >"${2}/${TESTNAME}.status" + # the diff option "-B" is required, because the status output of + # the cryptobox.pl script contains some blank lines + cat "$1/output" | substitute_constants | diff -NB - "${2}/${TESTNAME}.status" | sed 's//\>/g' >"${2}/${TESTNAME}.diff" || true + rm "${2}/${TESTNAME}.status" + fi + cp "$1/description" "${2}/${TESTNAME}.desc" + # sleep, if a file called 'delay' exists + [ -e "$1/delay" ] && sleep "$(<$1/delay)" + true +} + + +function do_series() +# parameter: name of the test case +{ + [ -d "$VALIDATE_REPORT_DIR/$1" ] && rm -r "$VALIDATE_REPORT_DIR/$1" + mkdir -p "$VALIDATE_REPORT_DIR/$1" + find "$VALIDATE_TEST_CASES_DIR/$1" -maxdepth 1 -mindepth 1 -type d | grep -v "/\.[^/]*$" | sort | while read a + do do_single "$a" "$VALIDATE_REPORT_DIR/$1" + done + create_summary "$1" >"$VALIDATE_REPORT_DIR/summary-$1.html" +} + + +function create_summary() +# parameter: name of test series +{ + cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/header" + find "$VALIDATE_REPORT_DIR/$1" -maxdepth 1 -type f -name \*.desc | sort | while read a + do TESTNAME=$(basename ${a%.desc}) + TESTDESCRIPTION=$(cat $a) + sed "s#_TESTSERIES_#$1#g; s#_TESTNAME_#$TESTNAME#g; s/_TESTDESCRIPTION_/$TESTDESCRIPTION/" "$VALIDATE_SUMMARY_TEMPLATE_DIR/single_header" + local DIFF_FILE=${a%.desc}.diff + if [ -s "$DIFF_FILE" ] + then cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/result-error" + sed 's#$#
#' "$DIFF_FILE" + else cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/result-ok" + echo "no differences found" + # remove empty diff + [ -e "$DIFF_FILE" ] && rm "$DIFF_FILE" + fi + cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/single_footer" + # remove description file + rm "$a" + done + cat "$VALIDATE_SUMMARY_TEMPLATE_DIR/footer" +} + + +function import_style() +# get the stylesheet file and images +# change the stylesheet link +{ + [ -d "$VALIDATE_REPORT_DIR/cryptobox-misc" ] && rm -r "$VALIDATE_REPORT_DIR/cryptobox-misc" + mkdir -p "$VALIDATE_REPORT_DIR/cryptobox-misc" + wget -q -O "$VALIDATE_REPORT_DIR/cryptobox-misc/cryptobox.css" http://$VALIDATE_HOST_IP_DEFAULT/cryptobox-misc/cryptobox.css + # extract image file names + grep "url(" "$VALIDATE_REPORT_DIR/cryptobox.css" | sed 's#^.*url(\(.*\)).*$#\1#' | while read a + do wget -q -O "$VALIDATE_REPORT_DIR/cryptobox-misc/$a" "http://$VALIDATE_HOST_IP_DEFAULT/cryptobox-misc/$a" + done + + # change the stylesheet link in every html file in REPORT_DIR + find "$VALIDATE_REPORT_DIR" -type f -name \*.html | while read a + do sed -i '/stylesheet/s#href=\"/cryptobox-misc/cryptobox.css\"#href=\"../cryptobox-misc/cryptobox.css\"#g' "$a" + done +} + + +function substitute_constants() +{ + sed "s/_HOST_IP_DEFAULT_/$VALIDATE_HOST_IP_DEFAULT/g; \ + s/_HOST_IP_CHANGED_/$VALIDATE_HOST_IP_CHANGED/g; \ + s/_IFACE_LANG_/$VALIDATE_LANGUAGE/g; + s/_CONFIRM_TEXT_/$confirmtext/g" +} + +##################### main ########################### + +# do all checks, if nothing is specified +ACTION="check_all" +[ $# -gt 0 ] && ACTION=$1 + +case "$ACTION" in + list ) + find "$VALIDATE_TEST_CASES_DIR" -maxdepth 1 -mindepth 1 -type d | grep -v "/\.[^/]*$" | sort | while read a + do echo $(basename "$a") + done + ;; + check ) + [ $# -ne 2 ] && error_die 1 "Syntax: $(basename $0) check NAME" + case_dir="$VALIDATE_TEST_CASES_DIR/$2" + [ ! -d "$case_dir" ] && error_die 2 "the test case was not found ($case_dir)!" + do_series "$2" + import_style + ;; + check_all ) + # default action + "$0" list | sort | while read a + do echo -n "Validating $a ..." + "$0" check "$a" + echo + done + ;; + * ) + echo "Syntax of $(basename $0)" + echo -e "\t check_all \t - execute all test cases [default]" + echo -e "\t check NAME \t - execute a test case" + echo -e "\t list \t\t - show a list of available test cases" + echo -e "\t help \t\t - this syntax information" + echo + ;; + esac diff --git a/validation/templates/README b/validation/templates/README new file mode 100644 index 0000000..a1f2417 --- /dev/null +++ b/validation/templates/README @@ -0,0 +1,17 @@ +every report summary will be constructed this way: + +- header + + - single_header + - result-ok | result-error + + - single_footer + + - single_header + - result-ok | result-error + + - single_footer + + ... + +- footer diff --git a/validation/templates/footer b/validation/templates/footer new file mode 100644 index 0000000..64ab34f --- /dev/null +++ b/validation/templates/footer @@ -0,0 +1,12 @@ +
+ +
+ + + +
+

+ + diff --git a/validation/templates/header b/validation/templates/header new file mode 100644 index 0000000..bfdbba7 --- /dev/null +++ b/validation/templates/header @@ -0,0 +1,25 @@ + + + + +CryptoBox + + + + + + + + +
+ + +
+ +
+ +
+ diff --git a/validation/templates/result-error b/validation/templates/result-error new file mode 100644 index 0000000..46002e1 --- /dev/null +++ b/validation/templates/result-error @@ -0,0 +1 @@ +

diff --git a/validation/templates/result-ok b/validation/templates/result-ok new file mode 100644 index 0000000..3ce9342 --- /dev/null +++ b/validation/templates/result-ok @@ -0,0 +1 @@ +

diff --git a/validation/templates/single_footer b/validation/templates/single_footer new file mode 100644 index 0000000..a1a9917 --- /dev/null +++ b/validation/templates/single_footer @@ -0,0 +1,2 @@ +

+
diff --git a/validation/templates/single_header b/validation/templates/single_header new file mode 100644 index 0000000..f355a1d --- /dev/null +++ b/validation/templates/single_header @@ -0,0 +1,5 @@ +
+ +

/_TESTNAME_

+

_TESTDESCRIPTION_

+ diff --git a/validation/test-cases/1-init/000-reset/description b/validation/test-cases/1-init/000-reset/description new file mode 100644 index 0000000..980eb91 --- /dev/null +++ b/validation/test-cases/1-init/000-reset/description @@ -0,0 +1 @@ +purge the box diff --git a/validation/test-cases/1-init/000-reset/input.curl b/validation/test-cases/1-init/000-reset/input.curl new file mode 100644 index 0000000..164e898 --- /dev/null +++ b/validation/test-cases/1-init/000-reset/input.curl @@ -0,0 +1,4 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data weblang=_IFACE_LANG_ +data action=do_purge +data current_admin_password= diff --git a/validation/test-cases/1-init/000-reset/output b/validation/test-cases/1-init/000-reset/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/000-reset/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/003-no_ssl/description b/validation/test-cases/1-init/003-no_ssl/description new file mode 100644 index 0000000..17a6f45 --- /dev/null +++ b/validation/test-cases/1-init/003-no_ssl/description @@ -0,0 +1 @@ +displays the warning for a non-ssl connection diff --git a/validation/test-cases/1-init/003-no_ssl/input.curl b/validation/test-cases/1-init/003-no_ssl/input.curl new file mode 100644 index 0000000..9c925b3 --- /dev/null +++ b/validation/test-cases/1-init/003-no_ssl/input.curl @@ -0,0 +1,2 @@ +url http://_HOST_IP_DEFAULT_/cryptobox +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/003-no_ssl/output b/validation/test-cases/1-init/003-no_ssl/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/003-no_ssl/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/005-file_not_found_404/description b/validation/test-cases/1-init/005-file_not_found_404/description new file mode 100644 index 0000000..2a30bfd --- /dev/null +++ b/validation/test-cases/1-init/005-file_not_found_404/description @@ -0,0 +1 @@ +displays thttpd's error-404-page diff --git a/validation/test-cases/1-init/005-file_not_found_404/input.curl b/validation/test-cases/1-init/005-file_not_found_404/input.curl new file mode 100644 index 0000000..85d2b7c --- /dev/null +++ b/validation/test-cases/1-init/005-file_not_found_404/input.curl @@ -0,0 +1,2 @@ +url https://_HOST_IP_DEFAULT_/croptyfox +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/005-file_not_found_404/output b/validation/test-cases/1-init/005-file_not_found_404/output new file mode 100644 index 0000000..e69de29 diff --git a/validation/test-cases/1-init/007-index_url/description b/validation/test-cases/1-init/007-index_url/description new file mode 100644 index 0000000..8a59974 --- /dev/null +++ b/validation/test-cases/1-init/007-index_url/description @@ -0,0 +1 @@ +try root directory index diff --git a/validation/test-cases/1-init/007-index_url/input.curl b/validation/test-cases/1-init/007-index_url/input.curl new file mode 100644 index 0000000..3d65077 --- /dev/null +++ b/validation/test-cases/1-init/007-index_url/input.curl @@ -0,0 +1,2 @@ +url https://_HOST_IP_DEFAULT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/007-index_url/output b/validation/test-cases/1-init/007-index_url/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/007-index_url/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/010-init_ask/description b/validation/test-cases/1-init/010-init_ask/description new file mode 100644 index 0000000..021c5a8 --- /dev/null +++ b/validation/test-cases/1-init/010-init_ask/description @@ -0,0 +1 @@ +display the init form diff --git a/validation/test-cases/1-init/010-init_ask/input.curl b/validation/test-cases/1-init/010-init_ask/input.curl new file mode 100644 index 0000000..e898059 --- /dev/null +++ b/validation/test-cases/1-init/010-init_ask/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/010-init_ask/output b/validation/test-cases/1-init/010-init_ask/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/010-init_ask/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/020-init_empty_pw/description b/validation/test-cases/1-init/020-init_empty_pw/description new file mode 100644 index 0000000..152094d --- /dev/null +++ b/validation/test-cases/1-init/020-init_empty_pw/description @@ -0,0 +1 @@ +try initialisation with empty passwords diff --git a/validation/test-cases/1-init/020-init_empty_pw/input.curl b/validation/test-cases/1-init/020-init_empty_pw/input.curl new file mode 100644 index 0000000..c5b04d4 --- /dev/null +++ b/validation/test-cases/1-init/020-init_empty_pw/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password= +data crypto_password2= +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/020-init_empty_pw/output b/validation/test-cases/1-init/020-init_empty_pw/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/020-init_empty_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/030-init_different_pw/description b/validation/test-cases/1-init/030-init_different_pw/description new file mode 100644 index 0000000..7cda7f8 --- /dev/null +++ b/validation/test-cases/1-init/030-init_different_pw/description @@ -0,0 +1 @@ +try initialisation with different passwords diff --git a/validation/test-cases/1-init/030-init_different_pw/input.curl b/validation/test-cases/1-init/030-init_different_pw/input.curl new file mode 100644 index 0000000..f9020f8 --- /dev/null +++ b/validation/test-cases/1-init/030-init_different_pw/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password=hallo +data crypto_password2=hall +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/030-init_different_pw/output b/validation/test-cases/1-init/030-init_different_pw/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/030-init_different_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/040-init_wrong_confirmation/description b/validation/test-cases/1-init/040-init_wrong_confirmation/description new file mode 100644 index 0000000..5d192f7 --- /dev/null +++ b/validation/test-cases/1-init/040-init_wrong_confirmation/description @@ -0,0 +1 @@ +try initialisation with wrong confirmation text diff --git a/validation/test-cases/1-init/040-init_wrong_confirmation/input.curl b/validation/test-cases/1-init/040-init_wrong_confirmation/input.curl new file mode 100644 index 0000000..b76832c --- /dev/null +++ b/validation/test-cases/1-init/040-init_wrong_confirmation/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password=hallo +data crypto_password2=hallo +data confirm=something +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/040-init_wrong_confirmation/output b/validation/test-cases/1-init/040-init_wrong_confirmation/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/040-init_wrong_confirmation/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/050-mount_ask_before_init/description b/validation/test-cases/1-init/050-mount_ask_before_init/description new file mode 100644 index 0000000..c17e908 --- /dev/null +++ b/validation/test-cases/1-init/050-mount_ask_before_init/description @@ -0,0 +1 @@ +display mount form before initialisation diff --git a/validation/test-cases/1-init/050-mount_ask_before_init/input.curl b/validation/test-cases/1-init/050-mount_ask_before_init/input.curl new file mode 100644 index 0000000..3a22bd9 --- /dev/null +++ b/validation/test-cases/1-init/050-mount_ask_before_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/050-mount_ask_before_init/output b/validation/test-cases/1-init/050-mount_ask_before_init/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/050-mount_ask_before_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/060-mount_do_before_init/description b/validation/test-cases/1-init/060-mount_do_before_init/description new file mode 100644 index 0000000..71bb94d --- /dev/null +++ b/validation/test-cases/1-init/060-mount_do_before_init/description @@ -0,0 +1 @@ +try mounting before initialisation diff --git a/validation/test-cases/1-init/060-mount_do_before_init/input.curl b/validation/test-cases/1-init/060-mount_do_before_init/input.curl new file mode 100644 index 0000000..d1aeaf6 --- /dev/null +++ b/validation/test-cases/1-init/060-mount_do_before_init/input.curl @@ -0,0 +1,4 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_do +data crypto_password=hallo +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/060-mount_do_before_init/output b/validation/test-cases/1-init/060-mount_do_before_init/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/060-mount_do_before_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/070-umount_ask_before_init/description b/validation/test-cases/1-init/070-umount_ask_before_init/description new file mode 100644 index 0000000..74666c4 --- /dev/null +++ b/validation/test-cases/1-init/070-umount_ask_before_init/description @@ -0,0 +1 @@ +display umount form before initialisation diff --git a/validation/test-cases/1-init/070-umount_ask_before_init/input.curl b/validation/test-cases/1-init/070-umount_ask_before_init/input.curl new file mode 100644 index 0000000..6e3c39f --- /dev/null +++ b/validation/test-cases/1-init/070-umount_ask_before_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=umount_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/070-umount_ask_before_init/output b/validation/test-cases/1-init/070-umount_ask_before_init/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/070-umount_ask_before_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/080-umount_do_before_init/description b/validation/test-cases/1-init/080-umount_do_before_init/description new file mode 100644 index 0000000..b29462c --- /dev/null +++ b/validation/test-cases/1-init/080-umount_do_before_init/description @@ -0,0 +1 @@ +try unmounting before initialisation diff --git a/validation/test-cases/1-init/080-umount_do_before_init/input.curl b/validation/test-cases/1-init/080-umount_do_before_init/input.curl new file mode 100644 index 0000000..454df66 --- /dev/null +++ b/validation/test-cases/1-init/080-umount_do_before_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=umount_do +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/080-umount_do_before_init/output b/validation/test-cases/1-init/080-umount_do_before_init/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/080-umount_do_before_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/090-config_ask_before_init/description b/validation/test-cases/1-init/090-config_ask_before_init/description new file mode 100644 index 0000000..f892aae --- /dev/null +++ b/validation/test-cases/1-init/090-config_ask_before_init/description @@ -0,0 +1 @@ +display configuration form before initialisation diff --git a/validation/test-cases/1-init/090-config_ask_before_init/input.curl b/validation/test-cases/1-init/090-config_ask_before_init/input.curl new file mode 100644 index 0000000..527d61d --- /dev/null +++ b/validation/test-cases/1-init/090-config_ask_before_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/090-config_ask_before_init/output b/validation/test-cases/1-init/090-config_ask_before_init/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/090-config_ask_before_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/100-config_do_before_init/description b/validation/test-cases/1-init/100-config_do_before_init/description new file mode 100644 index 0000000..7bc7c71 --- /dev/null +++ b/validation/test-cases/1-init/100-config_do_before_init/description @@ -0,0 +1 @@ +try configuring before initialisation diff --git a/validation/test-cases/1-init/100-config_do_before_init/input.curl b/validation/test-cases/1-init/100-config_do_before_init/input.curl new file mode 100644 index 0000000..4a56ac2 --- /dev/null +++ b/validation/test-cases/1-init/100-config_do_before_init/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=en +data ip=_HOST_IP_DEFAULT_ +data timeout=30 +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/100-config_do_before_init/output b/validation/test-cases/1-init/100-config_do_before_init/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/100-config_do_before_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/105-status_before_init/description b/validation/test-cases/1-init/105-status_before_init/description new file mode 100644 index 0000000..0ea24d8 --- /dev/null +++ b/validation/test-cases/1-init/105-status_before_init/description @@ -0,0 +1 @@ +ask for status before initialisation diff --git a/validation/test-cases/1-init/105-status_before_init/input.curl b/validation/test-cases/1-init/105-status_before_init/input.curl new file mode 100644 index 0000000..32934b5 --- /dev/null +++ b/validation/test-cases/1-init/105-status_before_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=status +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/105-status_before_init/output b/validation/test-cases/1-init/105-status_before_init/output new file mode 100644 index 0000000..c141546 --- /dev/null +++ b/validation/test-cases/1-init/105-status_before_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=0 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/110-init_valid/description b/validation/test-cases/1-init/110-init_valid/description new file mode 100644 index 0000000..c3f6acf --- /dev/null +++ b/validation/test-cases/1-init/110-init_valid/description @@ -0,0 +1 @@ +initialize the box diff --git a/validation/test-cases/1-init/110-init_valid/input.curl b/validation/test-cases/1-init/110-init_valid/input.curl new file mode 100644 index 0000000..cf162f3 --- /dev/null +++ b/validation/test-cases/1-init/110-init_valid/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password=hallo +data crypto_password2=hallo +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/110-init_valid/output b/validation/test-cases/1-init/110-init_valid/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/110-init_valid/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/120-mount_ask_during_init/description b/validation/test-cases/1-init/120-mount_ask_during_init/description new file mode 100644 index 0000000..a5fcf46 --- /dev/null +++ b/validation/test-cases/1-init/120-mount_ask_during_init/description @@ -0,0 +1 @@ +display mount form while initialization is running diff --git a/validation/test-cases/1-init/120-mount_ask_during_init/input.curl b/validation/test-cases/1-init/120-mount_ask_during_init/input.curl new file mode 100644 index 0000000..3a22bd9 --- /dev/null +++ b/validation/test-cases/1-init/120-mount_ask_during_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/120-mount_ask_during_init/output b/validation/test-cases/1-init/120-mount_ask_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/120-mount_ask_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/130-mount_do_during_init/description b/validation/test-cases/1-init/130-mount_do_during_init/description new file mode 100644 index 0000000..f1f65df --- /dev/null +++ b/validation/test-cases/1-init/130-mount_do_during_init/description @@ -0,0 +1 @@ +try mounting while initialisation is running diff --git a/validation/test-cases/1-init/130-mount_do_during_init/input.curl b/validation/test-cases/1-init/130-mount_do_during_init/input.curl new file mode 100644 index 0000000..d1aeaf6 --- /dev/null +++ b/validation/test-cases/1-init/130-mount_do_during_init/input.curl @@ -0,0 +1,4 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_do +data crypto_password=hallo +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/130-mount_do_during_init/output b/validation/test-cases/1-init/130-mount_do_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/130-mount_do_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/140-umount_ask_during_init/description b/validation/test-cases/1-init/140-umount_ask_during_init/description new file mode 100644 index 0000000..302bbfb --- /dev/null +++ b/validation/test-cases/1-init/140-umount_ask_during_init/description @@ -0,0 +1 @@ +display umount form while initialization is running diff --git a/validation/test-cases/1-init/140-umount_ask_during_init/input.curl b/validation/test-cases/1-init/140-umount_ask_during_init/input.curl new file mode 100644 index 0000000..6e3c39f --- /dev/null +++ b/validation/test-cases/1-init/140-umount_ask_during_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=umount_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/140-umount_ask_during_init/output b/validation/test-cases/1-init/140-umount_ask_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/140-umount_ask_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/150-umount_do_during_init/description b/validation/test-cases/1-init/150-umount_do_during_init/description new file mode 100644 index 0000000..fe1a227 --- /dev/null +++ b/validation/test-cases/1-init/150-umount_do_during_init/description @@ -0,0 +1 @@ +try unmounting while initialization is running diff --git a/validation/test-cases/1-init/150-umount_do_during_init/input.curl b/validation/test-cases/1-init/150-umount_do_during_init/input.curl new file mode 100644 index 0000000..454df66 --- /dev/null +++ b/validation/test-cases/1-init/150-umount_do_during_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=umount_do +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/150-umount_do_during_init/output b/validation/test-cases/1-init/150-umount_do_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/150-umount_do_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/160-config_ask_during_init/description b/validation/test-cases/1-init/160-config_ask_during_init/description new file mode 100644 index 0000000..b13458b --- /dev/null +++ b/validation/test-cases/1-init/160-config_ask_during_init/description @@ -0,0 +1 @@ +display configuration form while initialization is running diff --git a/validation/test-cases/1-init/160-config_ask_during_init/input.curl b/validation/test-cases/1-init/160-config_ask_during_init/input.curl new file mode 100644 index 0000000..527d61d --- /dev/null +++ b/validation/test-cases/1-init/160-config_ask_during_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/160-config_ask_during_init/output b/validation/test-cases/1-init/160-config_ask_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/160-config_ask_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/170-config_do_during_init/description b/validation/test-cases/1-init/170-config_do_during_init/description new file mode 100644 index 0000000..6d70373 --- /dev/null +++ b/validation/test-cases/1-init/170-config_do_during_init/description @@ -0,0 +1 @@ +try configuring while initialization is running diff --git a/validation/test-cases/1-init/170-config_do_during_init/input.curl b/validation/test-cases/1-init/170-config_do_during_init/input.curl new file mode 100644 index 0000000..55d414b --- /dev/null +++ b/validation/test-cases/1-init/170-config_do_during_init/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=de +data ip=_HOST_IP_DEFAULT_ +data timeout=40 +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/170-config_do_during_init/output b/validation/test-cases/1-init/170-config_do_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/170-config_do_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/180-init_ask_during_init/description b/validation/test-cases/1-init/180-init_ask_during_init/description new file mode 100644 index 0000000..f6eb07b --- /dev/null +++ b/validation/test-cases/1-init/180-init_ask_during_init/description @@ -0,0 +1 @@ +display initialization form while initialization is running diff --git a/validation/test-cases/1-init/180-init_ask_during_init/input.curl b/validation/test-cases/1-init/180-init_ask_during_init/input.curl new file mode 100644 index 0000000..e898059 --- /dev/null +++ b/validation/test-cases/1-init/180-init_ask_during_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/180-init_ask_during_init/output b/validation/test-cases/1-init/180-init_ask_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/180-init_ask_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/190-init_do_during_init/delay b/validation/test-cases/1-init/190-init_do_during_init/delay new file mode 100644 index 0000000..d61f00d --- /dev/null +++ b/validation/test-cases/1-init/190-init_do_during_init/delay @@ -0,0 +1 @@ +90 diff --git a/validation/test-cases/1-init/190-init_do_during_init/description b/validation/test-cases/1-init/190-init_do_during_init/description new file mode 100644 index 0000000..ba98e9a --- /dev/null +++ b/validation/test-cases/1-init/190-init_do_during_init/description @@ -0,0 +1 @@ +try initialization while initialization is running diff --git a/validation/test-cases/1-init/190-init_do_during_init/input.curl b/validation/test-cases/1-init/190-init_do_during_init/input.curl new file mode 100644 index 0000000..cf162f3 --- /dev/null +++ b/validation/test-cases/1-init/190-init_do_during_init/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password=hallo +data crypto_password2=hallo +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/190-init_do_during_init/output b/validation/test-cases/1-init/190-init_do_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/190-init_do_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/200-status_during_init/description b/validation/test-cases/1-init/200-status_during_init/description new file mode 100644 index 0000000..c686f09 --- /dev/null +++ b/validation/test-cases/1-init/200-status_during_init/description @@ -0,0 +1 @@ +ask for status during initialisation diff --git a/validation/test-cases/1-init/200-status_during_init/input.curl b/validation/test-cases/1-init/200-status_during_init/input.curl new file mode 100644 index 0000000..32934b5 --- /dev/null +++ b/validation/test-cases/1-init/200-status_during_init/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=status +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/200-status_during_init/output b/validation/test-cases/1-init/200-status_during_init/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/1-init/200-status_during_init/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/1-init/900-reset_configuration/description b/validation/test-cases/1-init/900-reset_configuration/description new file mode 100644 index 0000000..2dd8667 --- /dev/null +++ b/validation/test-cases/1-init/900-reset_configuration/description @@ -0,0 +1 @@ +reset configuration to defaults diff --git a/validation/test-cases/1-init/900-reset_configuration/input.curl b/validation/test-cases/1-init/900-reset_configuration/input.curl new file mode 100644 index 0000000..4a56ac2 --- /dev/null +++ b/validation/test-cases/1-init/900-reset_configuration/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=en +data ip=_HOST_IP_DEFAULT_ +data timeout=30 +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/1-init/900-reset_configuration/output b/validation/test-cases/1-init/900-reset_configuration/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/1-init/900-reset_configuration/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/2-mount/010-mount_ask/description b/validation/test-cases/2-mount/010-mount_ask/description new file mode 100644 index 0000000..5d80f37 --- /dev/null +++ b/validation/test-cases/2-mount/010-mount_ask/description @@ -0,0 +1 @@ +display mount form diff --git a/validation/test-cases/2-mount/010-mount_ask/input.curl b/validation/test-cases/2-mount/010-mount_ask/input.curl new file mode 100644 index 0000000..3a22bd9 --- /dev/null +++ b/validation/test-cases/2-mount/010-mount_ask/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/010-mount_ask/output b/validation/test-cases/2-mount/010-mount_ask/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/2-mount/010-mount_ask/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/2-mount/020-mount_empty_pw/description b/validation/test-cases/2-mount/020-mount_empty_pw/description new file mode 100644 index 0000000..955c3e3 --- /dev/null +++ b/validation/test-cases/2-mount/020-mount_empty_pw/description @@ -0,0 +1 @@ +try mounting with empty password diff --git a/validation/test-cases/2-mount/020-mount_empty_pw/input.curl b/validation/test-cases/2-mount/020-mount_empty_pw/input.curl new file mode 100644 index 0000000..1e25041 --- /dev/null +++ b/validation/test-cases/2-mount/020-mount_empty_pw/input.curl @@ -0,0 +1,4 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_do +data crypto_password= +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/020-mount_empty_pw/output b/validation/test-cases/2-mount/020-mount_empty_pw/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/2-mount/020-mount_empty_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/2-mount/025-mount_no_pw/description b/validation/test-cases/2-mount/025-mount_no_pw/description new file mode 100644 index 0000000..ef8182a --- /dev/null +++ b/validation/test-cases/2-mount/025-mount_no_pw/description @@ -0,0 +1 @@ +try mounting without password diff --git a/validation/test-cases/2-mount/025-mount_no_pw/input.curl b/validation/test-cases/2-mount/025-mount_no_pw/input.curl new file mode 100644 index 0000000..b4315b8 --- /dev/null +++ b/validation/test-cases/2-mount/025-mount_no_pw/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_do +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/025-mount_no_pw/output b/validation/test-cases/2-mount/025-mount_no_pw/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/2-mount/025-mount_no_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/2-mount/030-mount_do_invalid_pw/description b/validation/test-cases/2-mount/030-mount_do_invalid_pw/description new file mode 100644 index 0000000..084b9b9 --- /dev/null +++ b/validation/test-cases/2-mount/030-mount_do_invalid_pw/description @@ -0,0 +1 @@ +try to mount with wrong password diff --git a/validation/test-cases/2-mount/030-mount_do_invalid_pw/input.curl b/validation/test-cases/2-mount/030-mount_do_invalid_pw/input.curl new file mode 100644 index 0000000..ef70090 --- /dev/null +++ b/validation/test-cases/2-mount/030-mount_do_invalid_pw/input.curl @@ -0,0 +1,4 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_do +data crypto_password=halloRa +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/030-mount_do_invalid_pw/output b/validation/test-cases/2-mount/030-mount_do_invalid_pw/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/2-mount/030-mount_do_invalid_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/2-mount/040-mount_do_valid/description b/validation/test-cases/2-mount/040-mount_do_valid/description new file mode 100644 index 0000000..78d4574 --- /dev/null +++ b/validation/test-cases/2-mount/040-mount_do_valid/description @@ -0,0 +1 @@ +mount it successfully diff --git a/validation/test-cases/2-mount/040-mount_do_valid/input.curl b/validation/test-cases/2-mount/040-mount_do_valid/input.curl new file mode 100644 index 0000000..d1aeaf6 --- /dev/null +++ b/validation/test-cases/2-mount/040-mount_do_valid/input.curl @@ -0,0 +1,4 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_do +data crypto_password=hallo +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/040-mount_do_valid/output b/validation/test-cases/2-mount/040-mount_do_valid/output new file mode 100644 index 0000000..2adc898 --- /dev/null +++ b/validation/test-cases/2-mount/040-mount_do_valid/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=1 diff --git a/validation/test-cases/2-mount/050-mount_ask_while_mounted/description b/validation/test-cases/2-mount/050-mount_ask_while_mounted/description new file mode 100644 index 0000000..4512d72 --- /dev/null +++ b/validation/test-cases/2-mount/050-mount_ask_while_mounted/description @@ -0,0 +1 @@ +display mount form while mounted diff --git a/validation/test-cases/2-mount/050-mount_ask_while_mounted/input.curl b/validation/test-cases/2-mount/050-mount_ask_while_mounted/input.curl new file mode 100644 index 0000000..3a22bd9 --- /dev/null +++ b/validation/test-cases/2-mount/050-mount_ask_while_mounted/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/050-mount_ask_while_mounted/output b/validation/test-cases/2-mount/050-mount_ask_while_mounted/output new file mode 100644 index 0000000..2adc898 --- /dev/null +++ b/validation/test-cases/2-mount/050-mount_ask_while_mounted/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=1 diff --git a/validation/test-cases/2-mount/060-mount_do_while_mounted/description b/validation/test-cases/2-mount/060-mount_do_while_mounted/description new file mode 100644 index 0000000..dde6b6e --- /dev/null +++ b/validation/test-cases/2-mount/060-mount_do_while_mounted/description @@ -0,0 +1 @@ +try mounting while mounted diff --git a/validation/test-cases/2-mount/060-mount_do_while_mounted/input.curl b/validation/test-cases/2-mount/060-mount_do_while_mounted/input.curl new file mode 100644 index 0000000..d1aeaf6 --- /dev/null +++ b/validation/test-cases/2-mount/060-mount_do_while_mounted/input.curl @@ -0,0 +1,4 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=mount_do +data crypto_password=hallo +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/060-mount_do_while_mounted/output b/validation/test-cases/2-mount/060-mount_do_while_mounted/output new file mode 100644 index 0000000..2adc898 --- /dev/null +++ b/validation/test-cases/2-mount/060-mount_do_while_mounted/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=1 diff --git a/validation/test-cases/2-mount/070-umount_ask/description b/validation/test-cases/2-mount/070-umount_ask/description new file mode 100644 index 0000000..53369c6 --- /dev/null +++ b/validation/test-cases/2-mount/070-umount_ask/description @@ -0,0 +1 @@ +display umount form diff --git a/validation/test-cases/2-mount/070-umount_ask/input.curl b/validation/test-cases/2-mount/070-umount_ask/input.curl new file mode 100644 index 0000000..6e3c39f --- /dev/null +++ b/validation/test-cases/2-mount/070-umount_ask/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=umount_ask +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/070-umount_ask/output b/validation/test-cases/2-mount/070-umount_ask/output new file mode 100644 index 0000000..2adc898 --- /dev/null +++ b/validation/test-cases/2-mount/070-umount_ask/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=1 diff --git a/validation/test-cases/2-mount/080-umount_do/description b/validation/test-cases/2-mount/080-umount_do/description new file mode 100644 index 0000000..375ebee --- /dev/null +++ b/validation/test-cases/2-mount/080-umount_do/description @@ -0,0 +1 @@ +unmount diff --git a/validation/test-cases/2-mount/080-umount_do/input.curl b/validation/test-cases/2-mount/080-umount_do/input.curl new file mode 100644 index 0000000..454df66 --- /dev/null +++ b/validation/test-cases/2-mount/080-umount_do/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=umount_do +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/2-mount/080-umount_do/output b/validation/test-cases/2-mount/080-umount_do/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/2-mount/080-umount_do/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/3-config/100-config_invalid_lang/description b/validation/test-cases/3-config/100-config_invalid_lang/description new file mode 100644 index 0000000..8d13350 --- /dev/null +++ b/validation/test-cases/3-config/100-config_invalid_lang/description @@ -0,0 +1 @@ +try to set an invalid language diff --git a/validation/test-cases/3-config/100-config_invalid_lang/input.curl b/validation/test-cases/3-config/100-config_invalid_lang/input.curl new file mode 100644 index 0000000..4302fcb --- /dev/null +++ b/validation/test-cases/3-config/100-config_invalid_lang/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=xy +data ip=_HOST_IP_DEFAULT_ +data timeout=30 +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/3-config/100-config_invalid_lang/output b/validation/test-cases/3-config/100-config_invalid_lang/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/3-config/100-config_invalid_lang/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/3-config/110-config_invalid_ip/description b/validation/test-cases/3-config/110-config_invalid_ip/description new file mode 100644 index 0000000..0c1ada2 --- /dev/null +++ b/validation/test-cases/3-config/110-config_invalid_ip/description @@ -0,0 +1 @@ +try to set an invalid IP diff --git a/validation/test-cases/3-config/110-config_invalid_ip/input.curl b/validation/test-cases/3-config/110-config_invalid_ip/input.curl new file mode 100644 index 0000000..b29977f --- /dev/null +++ b/validation/test-cases/3-config/110-config_invalid_ip/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=en +data ip=102._HOST_IP_DEFAULT_ +data timeout=30 +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/3-config/110-config_invalid_ip/output b/validation/test-cases/3-config/110-config_invalid_ip/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/3-config/110-config_invalid_ip/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/3-config/120-config_invalid_timeout/description b/validation/test-cases/3-config/120-config_invalid_timeout/description new file mode 100644 index 0000000..3c69e9d --- /dev/null +++ b/validation/test-cases/3-config/120-config_invalid_timeout/description @@ -0,0 +1 @@ +try to set an invalid timeout diff --git a/validation/test-cases/3-config/120-config_invalid_timeout/input.curl b/validation/test-cases/3-config/120-config_invalid_timeout/input.curl new file mode 100644 index 0000000..0eacc74 --- /dev/null +++ b/validation/test-cases/3-config/120-config_invalid_timeout/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=en +data ip=_HOST_IP_DEFAULT_ +data timeout=X +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/3-config/120-config_invalid_timeout/output b/validation/test-cases/3-config/120-config_invalid_timeout/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/3-config/120-config_invalid_timeout/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/3-config/500-config_valid/delay b/validation/test-cases/3-config/500-config_valid/delay new file mode 100644 index 0000000..209e3ef --- /dev/null +++ b/validation/test-cases/3-config/500-config_valid/delay @@ -0,0 +1 @@ +20 diff --git a/validation/test-cases/3-config/500-config_valid/description b/validation/test-cases/3-config/500-config_valid/description new file mode 100644 index 0000000..4c9f0df --- /dev/null +++ b/validation/test-cases/3-config/500-config_valid/description @@ -0,0 +1 @@ +configure the box diff --git a/validation/test-cases/3-config/500-config_valid/input.curl b/validation/test-cases/3-config/500-config_valid/input.curl new file mode 100644 index 0000000..325317f --- /dev/null +++ b/validation/test-cases/3-config/500-config_valid/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=de +data ip=_HOST_IP_CHANGED_ +data timeout=7 +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/3-config/500-config_valid/output b/validation/test-cases/3-config/500-config_valid/output new file mode 100644 index 0000000..f53f8d6 --- /dev/null +++ b/validation/test-cases/3-config/500-config_valid/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_CHANGED_ +Data.Config.Language=de +Data.Config.TimeOut=7 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/3-config/510-config-restore/delay b/validation/test-cases/3-config/510-config-restore/delay new file mode 100644 index 0000000..209e3ef --- /dev/null +++ b/validation/test-cases/3-config/510-config-restore/delay @@ -0,0 +1 @@ +20 diff --git a/validation/test-cases/3-config/510-config-restore/description b/validation/test-cases/3-config/510-config-restore/description new file mode 100644 index 0000000..0041d44 --- /dev/null +++ b/validation/test-cases/3-config/510-config-restore/description @@ -0,0 +1 @@ +restore default settings diff --git a/validation/test-cases/3-config/510-config-restore/input.curl b/validation/test-cases/3-config/510-config-restore/input.curl new file mode 100644 index 0000000..9768eed --- /dev/null +++ b/validation/test-cases/3-config/510-config-restore/input.curl @@ -0,0 +1,6 @@ +url https://_HOST_IP_CHANGED_/cryptobox +data action=config_do +data language=en +data ip=_HOST_IP_DEFAULT_ +data timeout=30 +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/3-config/510-config-restore/output b/validation/test-cases/3-config/510-config-restore/output new file mode 100644 index 0000000..c9284df --- /dev/null +++ b/validation/test-cases/3-config/510-config-restore/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_CHANGED_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/4-admin_pw/010-init_different_admin_pw/description b/validation/test-cases/4-admin_pw/010-init_different_admin_pw/description new file mode 100644 index 0000000..f18f3a2 --- /dev/null +++ b/validation/test-cases/4-admin_pw/010-init_different_admin_pw/description @@ -0,0 +1 @@ +try initializing with different admin passwords diff --git a/validation/test-cases/4-admin_pw/010-init_different_admin_pw/input.curl b/validation/test-cases/4-admin_pw/010-init_different_admin_pw/input.curl new file mode 100644 index 0000000..8ffca4a --- /dev/null +++ b/validation/test-cases/4-admin_pw/010-init_different_admin_pw/input.curl @@ -0,0 +1,8 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password=hallo +data crypto_password2=hallo +data admin_password=root +data admin_password2=rootA +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/4-admin_pw/010-init_different_admin_pw/output b/validation/test-cases/4-admin_pw/010-init_different_admin_pw/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/4-admin_pw/010-init_different_admin_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/4-admin_pw/020-init_with_admin_pw/delay b/validation/test-cases/4-admin_pw/020-init_with_admin_pw/delay new file mode 100644 index 0000000..d61f00d --- /dev/null +++ b/validation/test-cases/4-admin_pw/020-init_with_admin_pw/delay @@ -0,0 +1 @@ +90 diff --git a/validation/test-cases/4-admin_pw/020-init_with_admin_pw/description b/validation/test-cases/4-admin_pw/020-init_with_admin_pw/description new file mode 100644 index 0000000..0e382f0 --- /dev/null +++ b/validation/test-cases/4-admin_pw/020-init_with_admin_pw/description @@ -0,0 +1 @@ +initialize the box with admin password diff --git a/validation/test-cases/4-admin_pw/020-init_with_admin_pw/input.curl b/validation/test-cases/4-admin_pw/020-init_with_admin_pw/input.curl new file mode 100644 index 0000000..767f924 --- /dev/null +++ b/validation/test-cases/4-admin_pw/020-init_with_admin_pw/input.curl @@ -0,0 +1,8 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password=hallo +data crypto_password2=hallo +data admin_password=root +data admin_password2=root +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/4-admin_pw/020-init_with_admin_pw/output b/validation/test-cases/4-admin_pw/020-init_with_admin_pw/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/4-admin_pw/020-init_with_admin_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/description b/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/description new file mode 100644 index 0000000..5672ab6 --- /dev/null +++ b/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/description @@ -0,0 +1 @@ +try to configure with wrong admin password diff --git a/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/input.curl b/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/input.curl new file mode 100644 index 0000000..eb1aee8 --- /dev/null +++ b/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/input.curl @@ -0,0 +1,8 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=en +data timeout=5 +data ip=_HOST_IP_DEFAULT_ +data current_admin_password=rootA +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/output b/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/4-admin_pw/050-config_wrong_admin_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/4-admin_pw/060-config_right_admin_pw/delay b/validation/test-cases/4-admin_pw/060-config_right_admin_pw/delay new file mode 100644 index 0000000..d61f00d --- /dev/null +++ b/validation/test-cases/4-admin_pw/060-config_right_admin_pw/delay @@ -0,0 +1 @@ +90 diff --git a/validation/test-cases/4-admin_pw/060-config_right_admin_pw/description b/validation/test-cases/4-admin_pw/060-config_right_admin_pw/description new file mode 100644 index 0000000..6a971d8 --- /dev/null +++ b/validation/test-cases/4-admin_pw/060-config_right_admin_pw/description @@ -0,0 +1 @@ +configure with right admin password diff --git a/validation/test-cases/4-admin_pw/060-config_right_admin_pw/input.curl b/validation/test-cases/4-admin_pw/060-config_right_admin_pw/input.curl new file mode 100644 index 0000000..e2ed7f7 --- /dev/null +++ b/validation/test-cases/4-admin_pw/060-config_right_admin_pw/input.curl @@ -0,0 +1,7 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=config_do +data language=de +data timeout=5 +data ip=_HOST_IP_DEFAULT_ +data current_admin_password=root +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/4-admin_pw/060-config_right_admin_pw/output b/validation/test-cases/4-admin_pw/060-config_right_admin_pw/output new file mode 100644 index 0000000..c123a8d --- /dev/null +++ b/validation/test-cases/4-admin_pw/060-config_right_admin_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=de +Data.Config.TimeOut=5 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/description b/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/description new file mode 100644 index 0000000..648fe5e --- /dev/null +++ b/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/description @@ -0,0 +1 @@ +initialize the box with wrong admin password diff --git a/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/input.curl b/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/input.curl new file mode 100644 index 0000000..684cf3a --- /dev/null +++ b/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/input.curl @@ -0,0 +1,9 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password=hallo +data crypto_password2=hallo +data current_admin_password=rootA +data admin_password=root +data admin_password2=root +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/output b/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/output new file mode 100644 index 0000000..c123a8d --- /dev/null +++ b/validation/test-cases/4-admin_pw/070-init_wrong_admin_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=de +Data.Config.TimeOut=5 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/delay b/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/delay new file mode 100644 index 0000000..d61f00d --- /dev/null +++ b/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/delay @@ -0,0 +1 @@ +90 diff --git a/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/description b/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/description new file mode 100644 index 0000000..9ada3d1 --- /dev/null +++ b/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/description @@ -0,0 +1 @@ +remove admin password diff --git a/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/input.curl b/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/input.curl new file mode 100644 index 0000000..d7833c3 --- /dev/null +++ b/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/input.curl @@ -0,0 +1,7 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=init_do +data crypto_password=hallo +data crypto_password2=hallo +data current_admin_password=root +data confirm=_CONFIRM_TEXT_ +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/output b/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/output new file mode 100644 index 0000000..71767bf --- /dev/null +++ b/validation/test-cases/4-admin_pw/200-init_remove_admin_pw/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=1 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/5-misc/010-logfile/description b/validation/test-cases/5-misc/010-logfile/description new file mode 100644 index 0000000..c18cc63 --- /dev/null +++ b/validation/test-cases/5-misc/010-logfile/description @@ -0,0 +1 @@ +show the log diff --git a/validation/test-cases/5-misc/010-logfile/input.curl b/validation/test-cases/5-misc/010-logfile/input.curl new file mode 100644 index 0000000..733988e --- /dev/null +++ b/validation/test-cases/5-misc/010-logfile/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=show_log +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/5-misc/010-logfile/output b/validation/test-cases/5-misc/010-logfile/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/5-misc/010-logfile/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/5-misc/020-docpage-first/description b/validation/test-cases/5-misc/020-docpage-first/description new file mode 100644 index 0000000..33707f2 --- /dev/null +++ b/validation/test-cases/5-misc/020-docpage-first/description @@ -0,0 +1 @@ +show the first doc page diff --git a/validation/test-cases/5-misc/020-docpage-first/input.curl b/validation/test-cases/5-misc/020-docpage-first/input.curl new file mode 100644 index 0000000..071af8c --- /dev/null +++ b/validation/test-cases/5-misc/020-docpage-first/input.curl @@ -0,0 +1,3 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=doc +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/5-misc/020-docpage-first/output b/validation/test-cases/5-misc/020-docpage-first/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/5-misc/020-docpage-first/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/5-misc/030-docpage-another/description b/validation/test-cases/5-misc/030-docpage-another/description new file mode 100644 index 0000000..df776de --- /dev/null +++ b/validation/test-cases/5-misc/030-docpage-another/description @@ -0,0 +1 @@ +show another doc page diff --git a/validation/test-cases/5-misc/030-docpage-another/input.curl b/validation/test-cases/5-misc/030-docpage-another/input.curl new file mode 100644 index 0000000..2d8a148 --- /dev/null +++ b/validation/test-cases/5-misc/030-docpage-another/input.curl @@ -0,0 +1,4 @@ +url https://_HOST_IP_DEFAULT_/cryptobox +data action=doc +data page=CryptoBoxDev +data weblang=_IFACE_LANG_ diff --git a/validation/test-cases/5-misc/030-docpage-another/output b/validation/test-cases/5-misc/030-docpage-another/output new file mode 100644 index 0000000..1d5b63f --- /dev/null +++ b/validation/test-cases/5-misc/030-docpage-another/output @@ -0,0 +1,7 @@ +Data.Config.IP=_HOST_IP_DEFAULT_ +Data.Config.Language=en +Data.Config.TimeOut=30 +Data.Status.Config=1 +Data.Status.InitRunning=0 +Data.Status.IP=_HOST_IP_DEFAULT_ +Data.Status.Mounted=0 diff --git a/validation/test-cases/README b/validation/test-cases/README new file mode 100644 index 0000000..7391dd9 --- /dev/null +++ b/validation/test-cases/README @@ -0,0 +1,8 @@ +the validate-script requires the following directory structure: + +- NAME_OF_SERIES + - NAME_OF_TEST_CASE + - description - a short description of the setup + - input.curl - options for the request via curl + - output - the expected status output for this request (it is send as html comment) + - delay - [optional] may contain a delay after this test case in seconds