2005-07-21 11:38:53 +02:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
|
|
|
# managing our work at the cryptobox
|
|
|
|
#
|
|
|
|
# usual workflow:
|
|
|
|
# dfsbuild - create the image directory with dfsbuild and copy it to
|
|
|
|
# the working directory
|
|
|
|
# config - apply cryptobox specific changes to the working directory
|
|
|
|
# iso - create the iso image (out of the working directory)
|
|
|
|
# burn - tries to burn the the image on a cd-rw (maybe it works)
|
|
|
|
#
|
|
|
|
# development actions:
|
|
|
|
# chroot - run first tests in a chroot environment
|
|
|
|
# qemu - run the qemu emulation
|
|
|
|
# devel - enable developer features like sshd, writable templates and
|
|
|
|
# the test-suite (can be undone by "revert")
|
|
|
|
# revert - reset the working directory to the image created by dfsbuild
|
|
|
|
#
|
|
|
|
# final action:
|
|
|
|
# release - the same as "dfsbuild config iso"
|
|
|
|
#
|
|
|
|
#
|
|
|
|
# problems of this script:
|
|
|
|
# - has to run as root, because dfsbuild, config, iso, chroot, devel,
|
|
|
|
# revert and release need root privileges
|
|
|
|
#
|
|
|
|
# you may run this script with multiple arguments, e.g.:
|
|
|
|
# cb-build.sh dfsbuild config iso qemu
|
|
|
|
#
|
|
|
|
# the action "release" does what it says :)
|
|
|
|
# (all developer's features like sshd, writable templates and
|
|
|
|
# the test-suite are deactivated)
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
|
|
set -ue
|
|
|
|
|
|
|
|
# dfsbuild config
|
|
|
|
CONFIG="dfs.cbox.conf"
|
|
|
|
# the build directory (will be ERASED without warning)
|
|
|
|
BUILDDIR="_builddir/cd1"
|
|
|
|
# image directory created by dfsbuild
|
|
|
|
IMAGEDIR_ORIG="$BUILDDIR/image"
|
|
|
|
# a working copy of the image directory
|
|
|
|
IMAGEDIR="$BUILDDIR/image-working"
|
|
|
|
# template directory for cryptobox specific configuration
|
|
|
|
TEMPLATEDIR="cryptobox.conf.d"
|
|
|
|
# the iso image
|
|
|
|
IMAGEFILE="$BUILDDIR/image.iso"
|
|
|
|
# temporary directory
|
|
|
|
TMPDIR="/tmp/`basename $0`-$$"
|
|
|
|
HD_IMAGE="/tmp/`basename $0`-testplatte.img"
|
|
|
|
# mkisofs options (the option "-U" is not clean, but it prevents long filenames from getting mapped)
|
|
|
|
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
|
2005-07-21 22:15:57 +02:00
|
|
|
CHROOTSTART="/usr/lib/cryptobox/chroot-start.sh"
|
2005-07-21 11:38:53 +02:00
|
|
|
CDWRITER="0,0,0"
|
|
|
|
# for development diffs and merges from a running cryptobox
|
2005-07-21 22:15:57 +02:00
|
|
|
REMOTE_COMMAND="ssh -l root `cat \"$TEMPLATEDIR/usr/share/cryptobox/defaults/ip\"` /usr/lib/cryptobox/devel-features.sh"
|
2005-07-21 11:38:53 +02:00
|
|
|
REMOTE_COPY_DEST="root@`cat \"$TEMPLATEDIR/usr/share/cryptobox/defaults/ip\"`:/tmp/mirror/"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function run_dfsbuild()
|
|
|
|
{
|
|
|
|
[ ! -e "$BUILDDIR" ] && mkdir -p "$BUILDDIR" && echo "das BuildDir ($BUILDDIR) wurde angelegt ..."
|
|
|
|
dfsbuild -c "$CONFIG" -w "$BUILDDIR"
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function create_iso()
|
|
|
|
{
|
|
|
|
echo "Creating the iso ..."
|
|
|
|
mkisofs $MKISOFS_OPTIONS -o "$IMAGEFILE" "$IMAGEDIR"
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function qemu_boot()
|
|
|
|
{
|
|
|
|
if [ ! -e "$HD_IMAGE" ]
|
|
|
|
then echo "Creating temporary harddisk image ..."
|
|
|
|
dd if=/dev/zero of="$HD_IMAGE" bs=1M count=5
|
|
|
|
fi
|
|
|
|
echo "Starting qemu ..."
|
|
|
|
qemu -cdrom "$IMAGEFILE" -m 64 -hda "$IMAGEFILE" -boot d -n misc/qemu-ifup || true
|
|
|
|
# remove iptables rules
|
|
|
|
misc/qemu-ifup stop
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function init_working_directory()
|
|
|
|
{
|
|
|
|
[ -e "$IMAGEDIR" ] && echo "Removing old image dir ..." && rm -r "$IMAGEDIR"
|
|
|
|
echo "Copying the dfsbuild-image ..."
|
|
|
|
cp -a "$IMAGEDIR_ORIG" "$IMAGEDIR"
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function configure_cb()
|
|
|
|
{
|
|
|
|
if [ ! -e "$IMAGEDIR" ]; then
|
|
|
|
echo -e "Directory \"$IMAGEDIR\" not found!"
|
|
|
|
echo -e "Did you run \"$0 dfsbuild\"?"
|
|
|
|
echo -e "Otherwise try \"$0 revert\" to fix this."
|
|
|
|
exit
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "Copying files into the box ..."
|
|
|
|
[ -e "$TMPDIR" ] && rm -rf "$TMPDIR"
|
2005-07-22 01:10:15 +02:00
|
|
|
cp -dr "$TEMPLATEDIR/." "$TMPDIR"
|
2005-07-21 11:38:53 +02:00
|
|
|
rm -rf `find "$TMPDIR" -type d -name ".svn"`
|
2005-07-22 01:10:15 +02:00
|
|
|
cp -dr "$TMPDIR/." "$IMAGEDIR"
|
2005-07-21 11:38:53 +02:00
|
|
|
rm -rf "$TMPDIR"
|
|
|
|
|
|
|
|
echo "Configuring the cryptobox ..."
|
|
|
|
sed -i "s/^Version:.*/Revision: $(fetch_revision)/" "$IMAGEDIR/etc/issue"
|
|
|
|
fetch_revision >"$IMAGEDIR/etc/cryptobox/revision"
|
2005-07-21 22:15:57 +02:00
|
|
|
chroot "$IMAGEDIR" "/usr/lib/cryptobox/configure-cryptobox.sh"
|
2005-07-21 11:38:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function fetch_revision()
|
|
|
|
{
|
|
|
|
svn -R info| grep ^Revision| cut -f2 -d " " | sort | tail -1
|
|
|
|
}
|
|
|
|
|
|
|
|
function upload2devel()
|
|
|
|
# upload local files to a development cryptobox
|
|
|
|
# this is necessary to use an "old" development cd with
|
|
|
|
# new code - this affects only the web-interface and the
|
2005-07-21 22:21:27 +02:00
|
|
|
# cbox-manage.sh-script (the boot behaviour stays the same)
|
2005-07-21 11:38:53 +02:00
|
|
|
#
|
|
|
|
# of course, only the directories that are mapped to tmpfs can
|
|
|
|
# be updated this way
|
|
|
|
{
|
2005-07-21 22:15:57 +02:00
|
|
|
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
|
2005-07-21 11:38:53 +02:00
|
|
|
[ -e "$TMPDIR" ] || mkdir -p "$TMPDIR"
|
|
|
|
for a in $DIRS
|
|
|
|
do mkdir -p "$TMPDIR/$a"
|
|
|
|
cp -r "$TEMPLATEDIR/$a/." "$TMPDIR/$a"
|
|
|
|
done
|
|
|
|
find "$TMPDIR" -type d -name '\.svn' | while read a
|
|
|
|
do rm -rf "$a"
|
|
|
|
done
|
|
|
|
scp -rpq "$TMPDIR/." "$REMOTE_COPY_DEST"
|
|
|
|
rm -rf "$TMPDIR"
|
|
|
|
$REMOTE_COMMAND set_diff_base
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function merge_from_devel()
|
|
|
|
# merge a diff from a running development cryptobox into
|
|
|
|
# this working directory
|
|
|
|
{
|
|
|
|
cd "$TEMPLATEDIR"
|
|
|
|
echo "Check for collisions ... (dry-run)"
|
|
|
|
if $REMOTE_COMMAND diff | patch --dry-run -p1
|
|
|
|
then echo
|
|
|
|
echo "Applying diff ..."
|
|
|
|
$REMOTE_COMMAND diff | patch -p1
|
|
|
|
# set the base for the next diff to present state
|
|
|
|
$REMOTE_COMMAND set_diff_base
|
|
|
|
else echo "Merging will fail - do it manually!"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function blanknburn_cdrw()
|
|
|
|
{
|
|
|
|
cdrecord -v dev=$CDWRITER blank=fast
|
|
|
|
cdrecord -v dev=$CDWRITER $IMAGEFILE
|
|
|
|
}
|
|
|
|
################ do it! ######################
|
|
|
|
|
|
|
|
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'"
|
|
|
|
|
|
|
|
while [ $# -gt 0 ]
|
|
|
|
do case "$1" in
|
|
|
|
dfsbuild )
|
|
|
|
run_dfsbuild
|
|
|
|
init_working_directory
|
|
|
|
;;
|
|
|
|
config )
|
|
|
|
configure_cb
|
|
|
|
;;
|
|
|
|
iso )
|
|
|
|
create_iso
|
|
|
|
;;
|
|
|
|
qemu )
|
|
|
|
qemu_boot
|
|
|
|
;;
|
|
|
|
revert )
|
|
|
|
init_working_directory
|
|
|
|
;;
|
|
|
|
diff )
|
|
|
|
# get a diff from a running development cryptobox
|
|
|
|
$REMOTE_COMMAND diff
|
|
|
|
;;
|
|
|
|
merge )
|
|
|
|
merge_from_devel
|
|
|
|
;;
|
|
|
|
upload )
|
|
|
|
upload2devel
|
|
|
|
;;
|
|
|
|
chroot )
|
|
|
|
if [ ! -x "$IMAGEDIR/$CHROOTSTART" ]
|
|
|
|
then echo "the chroot init script ("$IMAGEDIR/$CHROOTSTART") is not executable"
|
|
|
|
echo "maybe you should run '`basename $0` cb-config' first"
|
|
|
|
else chroot "$IMAGEDIR" "$CHROOTSTART"
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
devel )
|
|
|
|
echo "Developer's features are enabled - do NOT use this CD in a production system!"
|
|
|
|
# add the development marker to the working copy
|
|
|
|
echo "BEWARE: this CryptoBox is not usable" > "$IMAGEDIR/DEVELOPMENT_CRYPTOBOX"
|
|
|
|
;;
|
|
|
|
burn )
|
|
|
|
blanknburn_cdrw
|
|
|
|
;;
|
|
|
|
release )
|
|
|
|
$0 dfsbuild config iso
|
|
|
|
;;
|
|
|
|
help|--help )
|
|
|
|
echo "Syntax: `basename $0` ( dfsbuild | config | iso | release | qemu | revert | chroot | devel | burn | help )"
|
|
|
|
echo " (you may specify more than one action)"
|
|
|
|
echo
|
|
|
|
;;
|
|
|
|
* )
|
|
|
|
echo -e "unknown action: $1"
|
|
|
|
echo
|
|
|
|
$0 help
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
shift
|
|
|
|
done
|