debian compliant init scripts

18 years ago · 24c0572cfe
parent 84f056169b
commit 24c0572cfe
19 changed files with 96 additions and 133 deletions
--- a/cbox-tree.d/etc/cron.d/cryptobox
+++ b/cbox-tree.d/etc/cron.d/cryptobox
@ -1 +1 @@
-* *	* * *	root	/usr/lib/cryptobox/check_smb_idle.sh
+* *	* * *	root	[ -e /usr/lib/cryptobox/cbox-manage.sh ] && /usr/lib/cryptobox/check_smb_idle.sh
--- a/cbox-tree.d/etc/cryptobox/cryptobox.conf
+++ b/cbox-tree.d/etc/cryptobox/cryptobox.conf
@ -21,8 +21,9 @@ FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh
 MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh
 LOG_FILE=/var/log/cryptobox.log
 CERT_FILE=/mnt/cb-etc/stunnel.pem
-OPENSSL_CONF_FILE=/etc/cryptobox/openssl.cnf
+OPENSSL_CONF_FILE=/etc/cryptobox/ssl-cert.conf
 IDLE_COUNTER_FILE=/tmp/cbox-idle-counter
+CONFIG_MARKER=cryptobox.marker

 # crypto settings
 # there is no default hash, as this is ignored by luks
--- a/cbox-tree.d/etc/cryptobox/ssl-cert.conf
+++ b/cbox-tree.d/etc/cryptobox/ssl-cert.conf
--- a/cbox-tree.d/etc/default/cryptobox
+++ b/cbox-tree.d/etc/default/cryptobox
@ -0,0 +1,10 @@
+# boot configuration file for the CryptoBox
+#
+# $Id$
+#
+
+# set to "1" to turn off the cryptobox - otherwise "0"
+NO_START=0
+
+# change the default configuration file if necessary
+#CONF_FILE=/etc/cryptobox/cryptobox.conf
--- a/cbox-tree.d/etc/init.d/cb-finish-boot.sh
+++ b/cbox-tree.d/etc/init.d/cb-finish-boot.sh
@ -1,44 +0,0 @@
-#!/bin/sh
-set -eu
-#
-# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt
-#
-
-# parse config file
-. /etc/cryptobox/cryptobox.conf
-
-case "$1" in
-	start )
-	   # check if we are on a developers CryptoBox
-		# if not give some usage hints
-		# otherwise give a warning and start the devel features
-		if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
-			echo
-			echo "Hints for usage:"
-			echo "	* for some reasons you can not login here :)"
-			echo "	* point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)'"
-			echo "	* configure your CryptoBox via a webbrowser"
-			echo
-		else	
-			echo
-			echo "#---------------------------------------------------------------#"
-			echo "| WARNING: Some CryptoBox development features are enabled      |"
-			echo "|  This should definitely NOT happen for a production CD.       |"
-			echo "|  as it offers no security at all.                             |"
-			echo "|  If you don't plan to refine this CD, don't use it!           |"
-			echo "#---------------------------------------------------------------#"
-			echo 
-			$DEV_FEATURES_SCRIPT "$@"
-		fi
-		;;
-	stop )
-		;;
-	restart )
-		$0 stop
-		$0 start
-		;;
-	* )
-		echo "Syntax: $0 { start | stop | restart }"
-		;;
-  esac
-
--- a/cbox-tree.d/etc/init.d/cb-mount-config.sh
+++ b/cbox-tree.d/etc/init.d/cb-mount-config.sh
@ -1,26 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-# parse config file
-. /etc/cryptobox/cryptobox.conf
-
-ACTION=help
-[ $# -gt 0 ] && ACTION="$1"
-
-case "$ACTION" in
-	start )
-		$CB_SCRIPT config-up
-		;;
-	stop )
-		$CB_SCRIPT config-down
-		;;
-	restart )
-		$0 stop
-		$0 start
-		;;
-	* )
-		echo "Syntax: `basename $0` { start | stop | restart }"
-		echo
-		;;
-  esac
--- a/cbox-tree.d/etc/init.d/cb-network.sh
+++ b/cbox-tree.d/etc/init.d/cb-network.sh
@ -1,26 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-# parse config file
-. /etc/cryptobox/cryptobox.conf
-
-ACTION=help
-[ $# -gt 0 ] && ACTION="$1"
-
-case "$ACTION" in
-	start )
-		$CB_SCRIPT network-up
-		;;
-	stop )
-		$CB_SCRIPT network-down
-		;;
-	restart )
-		$0 stop
-		$0 start
-		;;
-	* )
-		echo "Syntax: `basename $0` { start | stop | restart }"
-		echo
-		;;
-  esac
--- a/cbox-tree.d/etc/init.d/cb-services.sh
+++ b/cbox-tree.d/etc/init.d/cb-services.sh
@ -1,25 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-# parse config file
-. /etc/cryptobox/cryptobox.conf
-
-ACTION=help
-[ $# -gt 0 ] && ACTION="$1"
-
-case "$ACTION" in
-	start )
-		$CB_SCRIPT services-up
-		;;
-	stop )
-		$CB_SCRIPT services-down
-		;;
-	restart )
-		$0 stop
-		$0 start
-		;;
-	* )
-		echo "Syntax: `basename $0` { start | stop | restart }"
-		;;
-  esac
--- a/cbox-tree.d/etc/init.d/cryptobox
+++ b/cbox-tree.d/etc/init.d/cryptobox
@ -0,0 +1,83 @@
+#!/bin/sh
+set -eu
+#
+# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt
+#
+
+# check if the cryptobox is installed
+[ -e "/usr/lib/cryptobox/cbox-manage.sh" ] || exit 0
+
+# read the default setting file, if it exists
+[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
+
+# startup switch defaults to zero (enabled)
+NO_START=${NO_START:-0}
+# check startup switch
+[ "$NO_START" = "1" ] && echo "CryptoBox is disabled" && exit 0
+
+# stop-on-errors
+set -eu
+
+# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
+CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
+
+# parse config file
+if [ -e "$CONF_FILE" ]
+	then	echo "[$(basename $0)] - configuration file ($CONF_FILE) not found!" >&2
+			exit 1
+	else	. "$CONF_FILE"
+  fi
+
+case "$1" in
+	start )
+		# stop if already running
+		"$0" status && "$0" stop
+		# initialize
+		"$CB_SCRIPT" config-up
+		"$CB_SCRIPT" network-up
+		"$CB_SCRIPT" services-up
+		# check if we are on a developers CryptoBox
+		# if not give some usage hints
+		# otherwise give a warning and start the devel features
+		if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
+			echo
+			echo "Hints for usage:"
+			echo "	* for some reasons you can not login here :)"
+			echo "	* point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)'"
+			echo "	* configure your CryptoBox via a webbrowser"
+			echo
+		else	
+			echo
+			echo "+---------------------------------------------------------------+"
+			echo "| WARNING: Some CryptoBox development features are enabled      |"
+			echo "|  This should definitely NOT happen for a production CD.       |"
+			echo "|  as it offers no security at all.                             |"
+			echo "|  If you don't plan to refine this CD, don't use it!           |"
+			echo "+---------------------------------------------------------------+"
+			echo 
+			$DEV_FEATURES_SCRIPT "$@"
+		fi
+		;;
+	stop )
+		# exit if not running
+		"$0" status || exit 0
+		# shut down
+		"$CB_SCRIPT" services-up
+		"$CB_SCRIPT" network-up
+		"$CB_SCRIPT" config-up
+		;;
+	restart | reload )
+		$0 stop
+		$0 start
+		;;
+	status )
+		if "$CB_SCRIPT" is_config_mounted
+			then	exit 0
+			else	exit 1
+		  fi
+		;;
+	* )
+		echo "Syntax: $0 { start | stop | restart | reload | status }"
+		;;
+  esac
+
--- a/cbox-tree.d/etc/rc0.d/K22cb-services
+++ b/cbox-tree.d/etc/rc0.d/K22cb-services
@ -1 +0,0 @@
-../init.d/cb-services.sh
--- a/cbox-tree.d/etc/rc0.d/K34cb-network
+++ b/cbox-tree.d/etc/rc0.d/K34cb-network
@ -1 +0,0 @@
-../init.d/cb-network.sh
--- a/cbox-tree.d/etc/rc0.d/K39cb-mount-config
+++ b/cbox-tree.d/etc/rc0.d/K39cb-mount-config
@ -1 +0,0 @@
-../init.d/cb-mount-config.sh
--- a/cbox-tree.d/etc/rc3.d/S98cb-services
+++ b/cbox-tree.d/etc/rc3.d/S98cb-services
@ -1 +0,0 @@
-../init.d/cb-services.sh
--- a/cbox-tree.d/etc/rc3.d/S99cb-finish-boot
+++ b/cbox-tree.d/etc/rc3.d/S99cb-finish-boot
@ -1 +0,0 @@
-../init.d/cb-finish-boot.sh
--- a/cbox-tree.d/etc/rc6.d/K22cb-services
+++ b/cbox-tree.d/etc/rc6.d/K22cb-services
@ -1 +0,0 @@
-../init.d/cb-services.sh
--- a/cbox-tree.d/etc/rc6.d/K34cb-network
+++ b/cbox-tree.d/etc/rc6.d/K34cb-network
@ -1 +0,0 @@
-../init.d/cb-network.sh
--- a/cbox-tree.d/etc/rc6.d/K39cb-mount-config
+++ b/cbox-tree.d/etc/rc6.d/K39cb-mount-config
@ -1 +0,0 @@
-../init.d/cb-mount-config.sh
--- a/cbox-tree.d/etc/rcS.d/S37cb-mount-config
+++ b/cbox-tree.d/etc/rcS.d/S37cb-mount-config
@ -1 +0,0 @@
-../init.d/cb-mount-config.sh
--- a/cbox-tree.d/etc/rcS.d/S38cb-network
+++ b/cbox-tree.d/etc/rcS.d/S38cb-network
@ -1 +0,0 @@
-../init.d/cb-network.sh