played around with the debian package

2006-11-10 09:05:14 +00:00 · 2006-11-10 09:05:14 +00:00 · 45935b6e79
commit 45935b6e79
parent c3f1b8b206
8 changed files with 54 additions and 61 deletions
--- a/debian/control
+++ b/debian/control
@ -2,17 +2,17 @@ Source: cryptobox
 Section: admin
 Priority: extra
 Maintainer: Lars Kruse <devel@sumpfralle.de>
-Build-Depends: debhelper (>>3.0.0), dpatch, gcc (>=2.95)
+Build-Depends: debhelper (>>3.0.0), dpatch
 Standards-Version: 3.6.2

 Package: cryptobox
 Architecture: any
-Depends: bash (>=2.0), sed (>=4.0), coreutils, grep (>=2.0), httpd-cgi, hashalot, cryptsetup (>=20050111), dmsetup, initscripts, e2fsprogs (>= 1.27), adduser, python (>=2.4), python-clearsilver
-Suggests: cron, samba
+Depends: bash (>=2.0), sed (>=4.0), coreutils, grep (>=2.0), httpd-cgi, hashalot, cryptsetup (>=20050111), dmsetup, initscripts, e2fsprogs (>= 1.27), adduser, python (>=2.4), python-clearsilver, super, dosfstools, python-cherrypy, python-confobj
+Suggests: samba, stunnel, openssl
 Description: Web interface for an encrypting fileserver
- This bundle of scripts and cgis allow you to manage an encrypted harddisk
- via a web interface. The data is platform independently available
+ This web interface allows you to manage the encrypted and plaintext
+ disks of your system. The data is platform independently available
 via samba file shares.
- Even non-technical users are able to encrypt their private data with the
- CryptoBox.
+ Even non-technical users are able to encrypt their private data with
+ the CryptoBox.

--- a/debian/cryptobox.default
+++ b/debian/cryptobox.default
@ -7,6 +7,5 @@
 # set to "1" to turn off the cryptobox - otherwise "0"
 NO_START=1

-# change the default configuration file if necessary
-#CONF_FILE=/etc/cryptobox/cryptobox.conf
-
+# the use that should execute the cryptobox
+RUNAS=lars
--- a/debian/cryptobox.init
+++ b/debian/cryptobox.init
@ -7,40 +7,53 @@
 # see LICENSE file in this package for details
 #

-# check if the cryptobox is installed
-[ -e "/usr/lib/cryptobox/cbox-manage.sh" ] || exit 0
-
 # read the default setting file, if it exists
 [ -e /etc/default/cryptobox ] && source /etc/default/cryptobox

 # startup switch defaults to zero (enabled)
 NO_START=${NO_START:-0}
+RUNAS=${RUNAS:-cryptobox}

-#if [ "$NO_START" = "1" ]
-#  then	[ $# -eq 0 ] && exit 0
-#	[ "$1" = "status" ] && exit 1
-#	[ "$1" = "stop" ] && exit 0
-#	echo "CryptoBox is disabled by default"
-#	exit 0
-# fi
-
-# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
-CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
-
-# parse config file
-if [ -e "$CONF_FILE" ]
-  then	source "$CONF_FILE"
-  else	echo "[$(basename $0)] - configuration file ($CONF_FILE) not found!" >&2
-	exit 1
+if [ "$NO_START" = "1" ]
+  then	[ $# -eq 0 ] && exit 0
+	[ "$1" = "status" ] && exit 1
+	[ "$1" = "stop" ] && exit 0
+	echo "CryptoBox is disabled by default"
+	exit 0
 fi

+CBXSERVER=CryptoBoxWebserver.py
+
+if test -e "./$CBXSERVER"
+  then	CBXPATH=$(pwd)
+  else	CBXPATH=/usr/lib/cryptobox
+ fi
+
+PIDFILE=/var/run/cryptobox.pid
+DAEMON=/usr/bin/python2.4
+DAEMON_OPTS=$CBXPATH/$CBXSERVER
+NAME=cryptoboxd
+DESC="CryptoBox Daemon (webinterface)"
+
+test -e "$CBXPATH/$CBXSERVER" || exit 0
+
 case "$1" in
 	start )
-		# nothing to be done
+		# TODO: mount config dir
+		# TODO: create certificate
+		# TODO: run stunnel
+		# the lines above should go into the live-cd scripts
+		echo -n "Starting $DESC: "
+		start-stop-daemon --background --chdir "$CBXPATH" --chuid "$RUNAS" --start --quiet --user "$RUNAS" --make-pidfile --pidfile "$PIDFILE" --exec "$DAEMON" -- $DAEMON_OPTS 
+		echo "$NAME."
 		;;
 	stop )
-		# unmount all active containers
-		"/usr/lib/cryptobox/cbox-manage.sh" umount_all
+		echo -n "Stopping $DESC: "
+		# does the pid file exist?
+		test ! -e "$PIDFILE" && echo "pid file ($PIDFILE) not found!" && exit 1
+		# kill all process with the parent pid that we saved before
+		pkill -f -P "$(cat $PIDFILE)" -u "$RUNAS" && rm "$PIDFILE"
+		echo "$NAME."
 		;;
 	force-reload | restart )
 		"$0" stop 
--- a/debian/dirs
+++ b/debian/dirs
@ -1,4 +1,6 @@
 etc/cryptobox
 etc/default
 etc/init.d
-usr/lib/cgi-bin
+usr/lib/cryptobox
+usr/share/cryptobox
+var/cache/cryptobox
--- a/debian/links
+++ b/debian/links
@ -1 +0,0 @@
-/usr/share/cryptobox/html	/var/www/cryptobox-misc
--- a/debian/postinst
+++ b/debian/postinst
@ -1,42 +1,24 @@
 #!/bin/sh

-# read the default setting file, if it exists
-[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
+LOG_FILE=/var/log/cryptobox.log
+CRYPTOBOX_USER=cryptobox

-# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
-CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
-
-# parse config file
-if test -e "$CONF_FILE"
-	then	. "$CONF_FILE"
-			# create mount and config directories with appropriate permissions
-			test ! -e "$LOG_FILE" && touch "$LOG_FILE" && chown "$CRYPTOBOX_USER" "$LOG_FILE"
-  fi
+# create mount and config directories with appropriate permissions
+test ! -e "$LOG_FILE" && mkdir -p "$(dirname $LOG_FILE)" && touch "$LOG_FILE" && chown "$CRYPTOBOX_USER" "$LOG_FILE"

 if getent passwd "$CRYPTOBOX_USER" 2>/dev/null >/dev/null
  then	# do nothing - the user already exists
  		true
  else	# create cryptobox user
 	echo "Creating new user '$CRYPTOBOX_USER' ..."
-	USER_HOME=/var/lib/cryptobox
+	USER_HOME=/var/cache/cryptobox
 	adduser --system --group --home "$USER_HOME" cryptobox
-	# add the user to the group "plugdev" (necessary for pmount)
-	adduser cryptobox plugdev
-	cp -r "$CONFIG_DEFAULTS_DIR" "$USER_HOME/config"
 	mkdir "$USER_HOME/mnt"
 	chown -R ${CRYPTOBOX_USER}: "$USER_HOME"
 	# only members of the cryptobox group may access the user directory
 	chmod 750 "$USER_HOME"
-	# no one may look into the config directory (protect init passwords)
-	chmod 700 "$USER_HOME/config"
 fi

-# set permissions for suid wrappers
-chown root:$CRYPTOBOX_USER "/usr/lib/cryptobox/cryptobox_root_wrapper"
-chmod 4750 "/usr/lib/cryptobox/cryptobox_root_wrapper"
-chown $CRYPTOBOX_USER: "/usr/lib/cgi-bin/cryptobox"
-chmod 6755 "/usr/lib/cgi-bin/cryptobox"
-
 #DEBHELPER#

 true
--- a/debian/postrm
+++ b/debian/postrm
@ -1,7 +1,7 @@
 #!/bin/sh

 if test "$1" = "purge" && getent passwd cryptobox 2>/dev/null >/dev/null \
-	&& test "$(cd ~cryptobox;pwd)" = /var/lib/cryptobox 
+	&& test "$(cd ~cryptobox;pwd)" = /var/cache/cryptobox 
  then	echo "Removing user 'cryptobox' ..."
 	userdel -r cryptobox
 fi
--- a/debian/rules
+++ b/debian/rules
@ -55,9 +55,7 @@ install: build
 	dh_clean -k 
 	dh_installdirs
 	$(MAKE) install PREFIX=$(DEB_BUILD_DIR)/usr
-	install -c -m 644 build_dir/etc/cryptobox.conf $(DEB_BUILD_DIR)/etc/cryptobox/
-	install -c -m 644 build_dir/etc/distribution.conf $(DEB_BUILD_DIR)/etc/cryptobox/
-	install -c -m 755 bin/cryptobox_cgi_wrapper $(DEB_BUILD_DIR)/usr/lib/cgi-bin/cryptobox
+	install -c -m 644 bin/cryptobox.conf $(DEB_BUILD_DIR)/etc/cryptobox/


 # Build architecture-independent files here.
				`@ -1 +0,0 @@`
				`/usr/share/cryptobox/html /var/www/cryptobox-misc`