From 24c0572cfe9a38d3bd0658c5eb61bb62863d6d01 Mon Sep 17 00:00:00 2001 From: lars Date: Wed, 30 Nov 2005 03:36:41 +0000 Subject: [PATCH] debian compliant init scripts --- cbox-tree.d/etc/cron.d/cryptobox | 2 +- cbox-tree.d/etc/cryptobox/cryptobox.conf | 3 +- .../cryptobox/{openssl.cnf => ssl-cert.conf} | 0 cbox-tree.d/etc/default/cryptobox | 10 +++ cbox-tree.d/etc/init.d/cb-finish-boot.sh | 44 ---------- cbox-tree.d/etc/init.d/cb-mount-config.sh | 26 ------ cbox-tree.d/etc/init.d/cb-network.sh | 26 ------ cbox-tree.d/etc/init.d/cb-services.sh | 25 ------ cbox-tree.d/etc/init.d/cryptobox | 83 +++++++++++++++++++ cbox-tree.d/etc/rc0.d/K22cb-services | 1 - cbox-tree.d/etc/rc0.d/K34cb-network | 1 - cbox-tree.d/etc/rc0.d/K39cb-mount-config | 1 - cbox-tree.d/etc/rc3.d/S98cb-services | 1 - cbox-tree.d/etc/rc3.d/S99cb-finish-boot | 1 - cbox-tree.d/etc/rc6.d/K22cb-services | 1 - cbox-tree.d/etc/rc6.d/K34cb-network | 1 - cbox-tree.d/etc/rc6.d/K39cb-mount-config | 1 - cbox-tree.d/etc/rcS.d/S37cb-mount-config | 1 - cbox-tree.d/etc/rcS.d/S38cb-network | 1 - 19 files changed, 96 insertions(+), 133 deletions(-) rename cbox-tree.d/etc/cryptobox/{openssl.cnf => ssl-cert.conf} (100%) create mode 100644 cbox-tree.d/etc/default/cryptobox delete mode 100755 cbox-tree.d/etc/init.d/cb-finish-boot.sh delete mode 100755 cbox-tree.d/etc/init.d/cb-mount-config.sh delete mode 100755 cbox-tree.d/etc/init.d/cb-network.sh delete mode 100755 cbox-tree.d/etc/init.d/cb-services.sh create mode 100755 cbox-tree.d/etc/init.d/cryptobox delete mode 120000 cbox-tree.d/etc/rc0.d/K22cb-services delete mode 120000 cbox-tree.d/etc/rc0.d/K34cb-network delete mode 120000 cbox-tree.d/etc/rc0.d/K39cb-mount-config delete mode 120000 cbox-tree.d/etc/rc3.d/S98cb-services delete mode 120000 cbox-tree.d/etc/rc3.d/S99cb-finish-boot delete mode 120000 cbox-tree.d/etc/rc6.d/K22cb-services delete mode 120000 cbox-tree.d/etc/rc6.d/K34cb-network delete mode 120000 cbox-tree.d/etc/rc6.d/K39cb-mount-config delete mode 120000 cbox-tree.d/etc/rcS.d/S37cb-mount-config delete mode 120000 cbox-tree.d/etc/rcS.d/S38cb-network diff --git a/cbox-tree.d/etc/cron.d/cryptobox b/cbox-tree.d/etc/cron.d/cryptobox index e785b4a..67d9661 100644 --- a/cbox-tree.d/etc/cron.d/cryptobox +++ b/cbox-tree.d/etc/cron.d/cryptobox @@ -1 +1 @@ -* * * * * root /usr/lib/cryptobox/check_smb_idle.sh +* * * * * root [ -e /usr/lib/cryptobox/cbox-manage.sh ] && /usr/lib/cryptobox/check_smb_idle.sh diff --git a/cbox-tree.d/etc/cryptobox/cryptobox.conf b/cbox-tree.d/etc/cryptobox/cryptobox.conf index 44be154..a5173cc 100644 --- a/cbox-tree.d/etc/cryptobox/cryptobox.conf +++ b/cbox-tree.d/etc/cryptobox/cryptobox.conf @@ -21,8 +21,9 @@ FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh LOG_FILE=/var/log/cryptobox.log CERT_FILE=/mnt/cb-etc/stunnel.pem -OPENSSL_CONF_FILE=/etc/cryptobox/openssl.cnf +OPENSSL_CONF_FILE=/etc/cryptobox/ssl-cert.conf IDLE_COUNTER_FILE=/tmp/cbox-idle-counter +CONFIG_MARKER=cryptobox.marker # crypto settings # there is no default hash, as this is ignored by luks diff --git a/cbox-tree.d/etc/cryptobox/openssl.cnf b/cbox-tree.d/etc/cryptobox/ssl-cert.conf similarity index 100% rename from cbox-tree.d/etc/cryptobox/openssl.cnf rename to cbox-tree.d/etc/cryptobox/ssl-cert.conf diff --git a/cbox-tree.d/etc/default/cryptobox b/cbox-tree.d/etc/default/cryptobox new file mode 100644 index 0000000..01b7b9d --- /dev/null +++ b/cbox-tree.d/etc/default/cryptobox @@ -0,0 +1,10 @@ +# boot configuration file for the CryptoBox +# +# $Id$ +# + +# set to "1" to turn off the cryptobox - otherwise "0" +NO_START=0 + +# change the default configuration file if necessary +#CONF_FILE=/etc/cryptobox/cryptobox.conf diff --git a/cbox-tree.d/etc/init.d/cb-finish-boot.sh b/cbox-tree.d/etc/init.d/cb-finish-boot.sh deleted file mode 100755 index 7663fa0..0000000 --- a/cbox-tree.d/etc/init.d/cb-finish-boot.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh -set -eu -# -# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt -# - -# parse config file -. /etc/cryptobox/cryptobox.conf - -case "$1" in - start ) - # check if we are on a developers CryptoBox - # if not give some usage hints - # otherwise give a warning and start the devel features - if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then - echo - echo "Hints for usage:" - echo " * for some reasons you can not login here :)" - echo " * point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)'" - echo " * configure your CryptoBox via a webbrowser" - echo - else - echo - echo "#---------------------------------------------------------------#" - echo "| WARNING: Some CryptoBox development features are enabled |" - echo "| This should definitely NOT happen for a production CD. |" - echo "| as it offers no security at all. |" - echo "| If you don't plan to refine this CD, don't use it! |" - echo "#---------------------------------------------------------------#" - echo - $DEV_FEATURES_SCRIPT "$@" - fi - ;; - stop ) - ;; - restart ) - $0 stop - $0 start - ;; - * ) - echo "Syntax: $0 { start | stop | restart }" - ;; - esac - diff --git a/cbox-tree.d/etc/init.d/cb-mount-config.sh b/cbox-tree.d/etc/init.d/cb-mount-config.sh deleted file mode 100755 index d7a6136..0000000 --- a/cbox-tree.d/etc/init.d/cb-mount-config.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh - -set -eu - -# parse config file -. /etc/cryptobox/cryptobox.conf - -ACTION=help -[ $# -gt 0 ] && ACTION="$1" - -case "$ACTION" in - start ) - $CB_SCRIPT config-up - ;; - stop ) - $CB_SCRIPT config-down - ;; - restart ) - $0 stop - $0 start - ;; - * ) - echo "Syntax: `basename $0` { start | stop | restart }" - echo - ;; - esac diff --git a/cbox-tree.d/etc/init.d/cb-network.sh b/cbox-tree.d/etc/init.d/cb-network.sh deleted file mode 100755 index 2673374..0000000 --- a/cbox-tree.d/etc/init.d/cb-network.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh - -set -eu - -# parse config file -. /etc/cryptobox/cryptobox.conf - -ACTION=help -[ $# -gt 0 ] && ACTION="$1" - -case "$ACTION" in - start ) - $CB_SCRIPT network-up - ;; - stop ) - $CB_SCRIPT network-down - ;; - restart ) - $0 stop - $0 start - ;; - * ) - echo "Syntax: `basename $0` { start | stop | restart }" - echo - ;; - esac diff --git a/cbox-tree.d/etc/init.d/cb-services.sh b/cbox-tree.d/etc/init.d/cb-services.sh deleted file mode 100755 index 9ddd1ad..0000000 --- a/cbox-tree.d/etc/init.d/cb-services.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh - -set -eu - -# parse config file -. /etc/cryptobox/cryptobox.conf - -ACTION=help -[ $# -gt 0 ] && ACTION="$1" - -case "$ACTION" in - start ) - $CB_SCRIPT services-up - ;; - stop ) - $CB_SCRIPT services-down - ;; - restart ) - $0 stop - $0 start - ;; - * ) - echo "Syntax: `basename $0` { start | stop | restart }" - ;; - esac diff --git a/cbox-tree.d/etc/init.d/cryptobox b/cbox-tree.d/etc/init.d/cryptobox new file mode 100755 index 0000000..e74701d --- /dev/null +++ b/cbox-tree.d/etc/init.d/cryptobox @@ -0,0 +1,83 @@ +#!/bin/sh +set -eu +# +# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt +# + +# check if the cryptobox is installed +[ -e "/usr/lib/cryptobox/cbox-manage.sh" ] || exit 0 + +# read the default setting file, if it exists +[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox + +# startup switch defaults to zero (enabled) +NO_START=${NO_START:-0} +# check startup switch +[ "$NO_START" = "1" ] && echo "CryptoBox is disabled" && exit 0 + +# stop-on-errors +set -eu + +# set CONF_FILE to default value, if not configured in /etc/default/cryptobox +CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf} + +# parse config file +if [ -e "$CONF_FILE" ] + then echo "[$(basename $0)] - configuration file ($CONF_FILE) not found!" >&2 + exit 1 + else . "$CONF_FILE" + fi + +case "$1" in + start ) + # stop if already running + "$0" status && "$0" stop + # initialize + "$CB_SCRIPT" config-up + "$CB_SCRIPT" network-up + "$CB_SCRIPT" services-up + # check if we are on a developers CryptoBox + # if not give some usage hints + # otherwise give a warning and start the devel features + if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then + echo + echo "Hints for usage:" + echo " * for some reasons you can not login here :)" + echo " * point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)'" + echo " * configure your CryptoBox via a webbrowser" + echo + else + echo + echo "+---------------------------------------------------------------+" + echo "| WARNING: Some CryptoBox development features are enabled |" + echo "| This should definitely NOT happen for a production CD. |" + echo "| as it offers no security at all. |" + echo "| If you don't plan to refine this CD, don't use it! |" + echo "+---------------------------------------------------------------+" + echo + $DEV_FEATURES_SCRIPT "$@" + fi + ;; + stop ) + # exit if not running + "$0" status || exit 0 + # shut down + "$CB_SCRIPT" services-up + "$CB_SCRIPT" network-up + "$CB_SCRIPT" config-up + ;; + restart | reload ) + $0 stop + $0 start + ;; + status ) + if "$CB_SCRIPT" is_config_mounted + then exit 0 + else exit 1 + fi + ;; + * ) + echo "Syntax: $0 { start | stop | restart | reload | status }" + ;; + esac + diff --git a/cbox-tree.d/etc/rc0.d/K22cb-services b/cbox-tree.d/etc/rc0.d/K22cb-services deleted file mode 120000 index 49be3ea..0000000 --- a/cbox-tree.d/etc/rc0.d/K22cb-services +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-services.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rc0.d/K34cb-network b/cbox-tree.d/etc/rc0.d/K34cb-network deleted file mode 120000 index d7275d1..0000000 --- a/cbox-tree.d/etc/rc0.d/K34cb-network +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-network.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rc0.d/K39cb-mount-config b/cbox-tree.d/etc/rc0.d/K39cb-mount-config deleted file mode 120000 index ec92193..0000000 --- a/cbox-tree.d/etc/rc0.d/K39cb-mount-config +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-mount-config.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rc3.d/S98cb-services b/cbox-tree.d/etc/rc3.d/S98cb-services deleted file mode 120000 index 49be3ea..0000000 --- a/cbox-tree.d/etc/rc3.d/S98cb-services +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-services.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rc3.d/S99cb-finish-boot b/cbox-tree.d/etc/rc3.d/S99cb-finish-boot deleted file mode 120000 index 0c65854..0000000 --- a/cbox-tree.d/etc/rc3.d/S99cb-finish-boot +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-finish-boot.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rc6.d/K22cb-services b/cbox-tree.d/etc/rc6.d/K22cb-services deleted file mode 120000 index 49be3ea..0000000 --- a/cbox-tree.d/etc/rc6.d/K22cb-services +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-services.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rc6.d/K34cb-network b/cbox-tree.d/etc/rc6.d/K34cb-network deleted file mode 120000 index d7275d1..0000000 --- a/cbox-tree.d/etc/rc6.d/K34cb-network +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-network.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rc6.d/K39cb-mount-config b/cbox-tree.d/etc/rc6.d/K39cb-mount-config deleted file mode 120000 index ec92193..0000000 --- a/cbox-tree.d/etc/rc6.d/K39cb-mount-config +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-mount-config.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rcS.d/S37cb-mount-config b/cbox-tree.d/etc/rcS.d/S37cb-mount-config deleted file mode 120000 index ec92193..0000000 --- a/cbox-tree.d/etc/rcS.d/S37cb-mount-config +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-mount-config.sh \ No newline at end of file diff --git a/cbox-tree.d/etc/rcS.d/S38cb-network b/cbox-tree.d/etc/rcS.d/S38cb-network deleted file mode 120000 index d7275d1..0000000 --- a/cbox-tree.d/etc/rcS.d/S38cb-network +++ /dev/null @@ -1 +0,0 @@ -../init.d/cb-network.sh \ No newline at end of file