played around with the debian package
This commit is contained in:
parent
c3f1b8b206
commit
45935b6e79
14
debian/control
vendored
14
debian/control
vendored
|
@ -2,17 +2,17 @@ Source: cryptobox
|
||||||
Section: admin
|
Section: admin
|
||||||
Priority: extra
|
Priority: extra
|
||||||
Maintainer: Lars Kruse <devel@sumpfralle.de>
|
Maintainer: Lars Kruse <devel@sumpfralle.de>
|
||||||
Build-Depends: debhelper (>>3.0.0), dpatch, gcc (>=2.95)
|
Build-Depends: debhelper (>>3.0.0), dpatch
|
||||||
Standards-Version: 3.6.2
|
Standards-Version: 3.6.2
|
||||||
|
|
||||||
Package: cryptobox
|
Package: cryptobox
|
||||||
Architecture: any
|
Architecture: any
|
||||||
Depends: bash (>=2.0), sed (>=4.0), coreutils, grep (>=2.0), httpd-cgi, hashalot, cryptsetup (>=20050111), dmsetup, initscripts, e2fsprogs (>= 1.27), adduser, python (>=2.4), python-clearsilver
|
Depends: bash (>=2.0), sed (>=4.0), coreutils, grep (>=2.0), httpd-cgi, hashalot, cryptsetup (>=20050111), dmsetup, initscripts, e2fsprogs (>= 1.27), adduser, python (>=2.4), python-clearsilver, super, dosfstools, python-cherrypy, python-confobj
|
||||||
Suggests: cron, samba
|
Suggests: samba, stunnel, openssl
|
||||||
Description: Web interface for an encrypting fileserver
|
Description: Web interface for an encrypting fileserver
|
||||||
This bundle of scripts and cgis allow you to manage an encrypted harddisk
|
This web interface allows you to manage the encrypted and plaintext
|
||||||
via a web interface. The data is platform independently available
|
disks of your system. The data is platform independently available
|
||||||
via samba file shares.
|
via samba file shares.
|
||||||
Even non-technical users are able to encrypt their private data with the
|
Even non-technical users are able to encrypt their private data with
|
||||||
CryptoBox.
|
the CryptoBox.
|
||||||
|
|
||||||
|
|
5
debian/cryptobox.default
vendored
5
debian/cryptobox.default
vendored
|
@ -7,6 +7,5 @@
|
||||||
# set to "1" to turn off the cryptobox - otherwise "0"
|
# set to "1" to turn off the cryptobox - otherwise "0"
|
||||||
NO_START=1
|
NO_START=1
|
||||||
|
|
||||||
# change the default configuration file if necessary
|
# the use that should execute the cryptobox
|
||||||
#CONF_FILE=/etc/cryptobox/cryptobox.conf
|
RUNAS=lars
|
||||||
|
|
||||||
|
|
57
debian/cryptobox.init
vendored
57
debian/cryptobox.init
vendored
|
@ -7,40 +7,53 @@
|
||||||
# see LICENSE file in this package for details
|
# see LICENSE file in this package for details
|
||||||
#
|
#
|
||||||
|
|
||||||
# check if the cryptobox is installed
|
|
||||||
[ -e "/usr/lib/cryptobox/cbox-manage.sh" ] || exit 0
|
|
||||||
|
|
||||||
# read the default setting file, if it exists
|
# read the default setting file, if it exists
|
||||||
[ -e /etc/default/cryptobox ] && source /etc/default/cryptobox
|
[ -e /etc/default/cryptobox ] && source /etc/default/cryptobox
|
||||||
|
|
||||||
# startup switch defaults to zero (enabled)
|
# startup switch defaults to zero (enabled)
|
||||||
NO_START=${NO_START:-0}
|
NO_START=${NO_START:-0}
|
||||||
|
RUNAS=${RUNAS:-cryptobox}
|
||||||
|
|
||||||
#if [ "$NO_START" = "1" ]
|
if [ "$NO_START" = "1" ]
|
||||||
# then [ $# -eq 0 ] && exit 0
|
then [ $# -eq 0 ] && exit 0
|
||||||
# [ "$1" = "status" ] && exit 1
|
[ "$1" = "status" ] && exit 1
|
||||||
# [ "$1" = "stop" ] && exit 0
|
[ "$1" = "stop" ] && exit 0
|
||||||
# echo "CryptoBox is disabled by default"
|
echo "CryptoBox is disabled by default"
|
||||||
# exit 0
|
exit 0
|
||||||
# fi
|
|
||||||
|
|
||||||
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
|
|
||||||
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
|
|
||||||
|
|
||||||
# parse config file
|
|
||||||
if [ -e "$CONF_FILE" ]
|
|
||||||
then source "$CONF_FILE"
|
|
||||||
else echo "[$(basename $0)] - configuration file ($CONF_FILE) not found!" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
CBXSERVER=CryptoBoxWebserver.py
|
||||||
|
|
||||||
|
if test -e "./$CBXSERVER"
|
||||||
|
then CBXPATH=$(pwd)
|
||||||
|
else CBXPATH=/usr/lib/cryptobox
|
||||||
|
fi
|
||||||
|
|
||||||
|
PIDFILE=/var/run/cryptobox.pid
|
||||||
|
DAEMON=/usr/bin/python2.4
|
||||||
|
DAEMON_OPTS=$CBXPATH/$CBXSERVER
|
||||||
|
NAME=cryptoboxd
|
||||||
|
DESC="CryptoBox Daemon (webinterface)"
|
||||||
|
|
||||||
|
test -e "$CBXPATH/$CBXSERVER" || exit 0
|
||||||
|
|
||||||
case "$1" in
|
case "$1" in
|
||||||
start )
|
start )
|
||||||
# nothing to be done
|
# TODO: mount config dir
|
||||||
|
# TODO: create certificate
|
||||||
|
# TODO: run stunnel
|
||||||
|
# the lines above should go into the live-cd scripts
|
||||||
|
echo -n "Starting $DESC: "
|
||||||
|
start-stop-daemon --background --chdir "$CBXPATH" --chuid "$RUNAS" --start --quiet --user "$RUNAS" --make-pidfile --pidfile "$PIDFILE" --exec "$DAEMON" -- $DAEMON_OPTS
|
||||||
|
echo "$NAME."
|
||||||
;;
|
;;
|
||||||
stop )
|
stop )
|
||||||
# unmount all active containers
|
echo -n "Stopping $DESC: "
|
||||||
"/usr/lib/cryptobox/cbox-manage.sh" umount_all
|
# does the pid file exist?
|
||||||
|
test ! -e "$PIDFILE" && echo "pid file ($PIDFILE) not found!" && exit 1
|
||||||
|
# kill all process with the parent pid that we saved before
|
||||||
|
pkill -f -P "$(cat $PIDFILE)" -u "$RUNAS" && rm "$PIDFILE"
|
||||||
|
echo "$NAME."
|
||||||
;;
|
;;
|
||||||
force-reload | restart )
|
force-reload | restart )
|
||||||
"$0" stop
|
"$0" stop
|
||||||
|
|
4
debian/dirs
vendored
4
debian/dirs
vendored
|
@ -1,4 +1,6 @@
|
||||||
etc/cryptobox
|
etc/cryptobox
|
||||||
etc/default
|
etc/default
|
||||||
etc/init.d
|
etc/init.d
|
||||||
usr/lib/cgi-bin
|
usr/lib/cryptobox
|
||||||
|
usr/share/cryptobox
|
||||||
|
var/cache/cryptobox
|
||||||
|
|
1
debian/links
vendored
1
debian/links
vendored
|
@ -1 +0,0 @@
|
||||||
/usr/share/cryptobox/html /var/www/cryptobox-misc
|
|
28
debian/postinst
vendored
28
debian/postinst
vendored
|
@ -1,42 +1,24 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
# read the default setting file, if it exists
|
LOG_FILE=/var/log/cryptobox.log
|
||||||
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
|
CRYPTOBOX_USER=cryptobox
|
||||||
|
|
||||||
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
|
# create mount and config directories with appropriate permissions
|
||||||
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
|
test ! -e "$LOG_FILE" && mkdir -p "$(dirname $LOG_FILE)" && touch "$LOG_FILE" && chown "$CRYPTOBOX_USER" "$LOG_FILE"
|
||||||
|
|
||||||
# parse config file
|
|
||||||
if test -e "$CONF_FILE"
|
|
||||||
then . "$CONF_FILE"
|
|
||||||
# create mount and config directories with appropriate permissions
|
|
||||||
test ! -e "$LOG_FILE" && touch "$LOG_FILE" && chown "$CRYPTOBOX_USER" "$LOG_FILE"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if getent passwd "$CRYPTOBOX_USER" 2>/dev/null >/dev/null
|
if getent passwd "$CRYPTOBOX_USER" 2>/dev/null >/dev/null
|
||||||
then # do nothing - the user already exists
|
then # do nothing - the user already exists
|
||||||
true
|
true
|
||||||
else # create cryptobox user
|
else # create cryptobox user
|
||||||
echo "Creating new user '$CRYPTOBOX_USER' ..."
|
echo "Creating new user '$CRYPTOBOX_USER' ..."
|
||||||
USER_HOME=/var/lib/cryptobox
|
USER_HOME=/var/cache/cryptobox
|
||||||
adduser --system --group --home "$USER_HOME" cryptobox
|
adduser --system --group --home "$USER_HOME" cryptobox
|
||||||
# add the user to the group "plugdev" (necessary for pmount)
|
|
||||||
adduser cryptobox plugdev
|
|
||||||
cp -r "$CONFIG_DEFAULTS_DIR" "$USER_HOME/config"
|
|
||||||
mkdir "$USER_HOME/mnt"
|
mkdir "$USER_HOME/mnt"
|
||||||
chown -R ${CRYPTOBOX_USER}: "$USER_HOME"
|
chown -R ${CRYPTOBOX_USER}: "$USER_HOME"
|
||||||
# only members of the cryptobox group may access the user directory
|
# only members of the cryptobox group may access the user directory
|
||||||
chmod 750 "$USER_HOME"
|
chmod 750 "$USER_HOME"
|
||||||
# no one may look into the config directory (protect init passwords)
|
|
||||||
chmod 700 "$USER_HOME/config"
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# set permissions for suid wrappers
|
|
||||||
chown root:$CRYPTOBOX_USER "/usr/lib/cryptobox/cryptobox_root_wrapper"
|
|
||||||
chmod 4750 "/usr/lib/cryptobox/cryptobox_root_wrapper"
|
|
||||||
chown $CRYPTOBOX_USER: "/usr/lib/cgi-bin/cryptobox"
|
|
||||||
chmod 6755 "/usr/lib/cgi-bin/cryptobox"
|
|
||||||
|
|
||||||
#DEBHELPER#
|
#DEBHELPER#
|
||||||
|
|
||||||
true
|
true
|
||||||
|
|
2
debian/postrm
vendored
2
debian/postrm
vendored
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
if test "$1" = "purge" && getent passwd cryptobox 2>/dev/null >/dev/null \
|
if test "$1" = "purge" && getent passwd cryptobox 2>/dev/null >/dev/null \
|
||||||
&& test "$(cd ~cryptobox;pwd)" = /var/lib/cryptobox
|
&& test "$(cd ~cryptobox;pwd)" = /var/cache/cryptobox
|
||||||
then echo "Removing user 'cryptobox' ..."
|
then echo "Removing user 'cryptobox' ..."
|
||||||
userdel -r cryptobox
|
userdel -r cryptobox
|
||||||
fi
|
fi
|
||||||
|
|
4
debian/rules
vendored
4
debian/rules
vendored
|
@ -55,9 +55,7 @@ install: build
|
||||||
dh_clean -k
|
dh_clean -k
|
||||||
dh_installdirs
|
dh_installdirs
|
||||||
$(MAKE) install PREFIX=$(DEB_BUILD_DIR)/usr
|
$(MAKE) install PREFIX=$(DEB_BUILD_DIR)/usr
|
||||||
install -c -m 644 build_dir/etc/cryptobox.conf $(DEB_BUILD_DIR)/etc/cryptobox/
|
install -c -m 644 bin/cryptobox.conf $(DEB_BUILD_DIR)/etc/cryptobox/
|
||||||
install -c -m 644 build_dir/etc/distribution.conf $(DEB_BUILD_DIR)/etc/cryptobox/
|
|
||||||
install -c -m 755 bin/cryptobox_cgi_wrapper $(DEB_BUILD_DIR)/usr/lib/cgi-bin/cryptobox
|
|
||||||
|
|
||||||
|
|
||||||
# Build architecture-independent files here.
|
# Build architecture-independent files here.
|
||||||
|
|
Loading…
Reference in a new issue