cryptonas/cryptonas
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

played around with the debian package

Browse source
This commit is contained in:
lars 2006-11-10 09:05:14 +00:00
parent c3f1b8b206
commit 45935b6e79
8 changed files with 54 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
debian/control vendored
View file

@ -2,17 +2,17 @@ Source: cryptobox
Section: admin Section: admin
Priority: extra Priority: extra
Maintainer: Lars Kruse <devel@sumpfralle.de> Maintainer: Lars Kruse <devel@sumpfralle.de>
Build-Depends: debhelper (>>3.0.0), dpatch, gcc (>=2.95) Build-Depends: debhelper (>>3.0.0), dpatch
Standards-Version: 3.6.2 Standards-Version: 3.6.2
Package: cryptobox Package: cryptobox
Architecture: any Architecture: any
Depends: bash (>=2.0), sed (>=4.0), coreutils, grep (>=2.0), httpd-cgi, hashalot, cryptsetup (>=20050111), dmsetup, initscripts, e2fsprogs (>= 1.27), adduser, python (>=2.4), python-clearsilver Depends: bash (>=2.0), sed (>=4.0), coreutils, grep (>=2.0), httpd-cgi, hashalot, cryptsetup (>=20050111), dmsetup, initscripts, e2fsprogs (>= 1.27), adduser, python (>=2.4), python-clearsilver, super, dosfstools, python-cherrypy, python-confobj
Suggests: cron, samba Suggests: samba, stunnel, openssl
Description: Web interface for an encrypting fileserver Description: Web interface for an encrypting fileserver
This bundle of scripts and cgis allow you to manage an encrypted harddisk This web interface allows you to manage the encrypted and plaintext
via a web interface. The data is platform independently available disks of your system. The data is platform independently available
via samba file shares. via samba file shares.
Even non-technical users are able to encrypt their private data with the Even non-technical users are able to encrypt their private data with
CryptoBox. the CryptoBox.

5
debian/cryptobox.default vendored
View file

@ -7,6 +7,5 @@
# set to "1" to turn off the cryptobox - otherwise "0" # set to "1" to turn off the cryptobox - otherwise "0"
NO_START=1 NO_START=1
# change the default configuration file if necessary # the use that should execute the cryptobox
#CONF_FILE=/etc/cryptobox/cryptobox.conf RUNAS=lars

57
debian/cryptobox.init vendored
View file

@ -7,40 +7,53 @@
# see LICENSE file in this package for details # see LICENSE file in this package for details
# #
# check if the cryptobox is installed
[ -e "/usr/lib/cryptobox/cbox-manage.sh" ] || exit 0
# read the default setting file, if it exists # read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && source /etc/default/cryptobox [ -e /etc/default/cryptobox ] && source /etc/default/cryptobox
# startup switch defaults to zero (enabled) # startup switch defaults to zero (enabled)
NO_START=${NO_START:-0} NO_START=${NO_START:-0}
RUNAS=${RUNAS:-cryptobox}
#if [ "$NO_START" = "1" ] if [ "$NO_START" = "1" ]
# then [ $# -eq 0 ] && exit 0 then [ $# -eq 0 ] && exit 0
# [ "$1" = "status" ] && exit 1 [ "$1" = "status" ] && exit 1
# [ "$1" = "stop" ] && exit 0 [ "$1" = "stop" ] && exit 0
# echo "CryptoBox is disabled by default" echo "CryptoBox is disabled by default"
# exit 0 exit 0
# fi
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
# parse config file
if [ -e "$CONF_FILE" ]
then source "$CONF_FILE"
else echo "[$(basename $0)] - configuration file ($CONF_FILE) not found!" >&2
exit 1
fi fi
CBXSERVER=CryptoBoxWebserver.py
if test -e "./$CBXSERVER"
then CBXPATH=$(pwd)
else CBXPATH=/usr/lib/cryptobox
fi
PIDFILE=/var/run/cryptobox.pid
DAEMON=/usr/bin/python2.4
DAEMON_OPTS=$CBXPATH/$CBXSERVER
NAME=cryptoboxd
DESC="CryptoBox Daemon (webinterface)"
test -e "$CBXPATH/$CBXSERVER" || exit 0
case "$1" in case "$1" in
start ) start )
# nothing to be done # TODO: mount config dir
# TODO: create certificate
# TODO: run stunnel
# the lines above should go into the live-cd scripts
echo -n "Starting $DESC: "
start-stop-daemon --background --chdir "$CBXPATH" --chuid "$RUNAS" --start --quiet --user "$RUNAS" --make-pidfile --pidfile "$PIDFILE" --exec "$DAEMON" -- $DAEMON_OPTS
echo "$NAME."
;; ;;
stop ) stop )
# unmount all active containers echo -n "Stopping $DESC: "
"/usr/lib/cryptobox/cbox-manage.sh" umount_all # does the pid file exist?
test ! -e "$PIDFILE" && echo "pid file ($PIDFILE) not found!" && exit 1
# kill all process with the parent pid that we saved before
pkill -f -P "$(cat $PIDFILE)" -u "$RUNAS" && rm "$PIDFILE"
echo "$NAME."
;; ;;
force-reload | restart ) force-reload | restart )
"$0" stop "$0" stop

4
debian/dirs vendored
View file

@ -1,4 +1,6 @@
etc/cryptobox etc/cryptobox
etc/default etc/default
etc/init.d etc/init.d
usr/lib/cgi-bin usr/lib/cryptobox
usr/share/cryptobox
var/cache/cryptobox

1
debian/links vendored
View file

@ -1 +0,0 @@
/usr/share/cryptobox/html /var/www/cryptobox-misc

28
debian/postinst vendored
View file

@ -1,42 +1,24 @@
#!/bin/sh #!/bin/sh
# read the default setting file, if it exists LOG_FILE=/var/log/cryptobox.log
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox CRYPTOBOX_USER=cryptobox
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox # create mount and config directories with appropriate permissions
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf} test ! -e "$LOG_FILE" && mkdir -p "$(dirname $LOG_FILE)" && touch "$LOG_FILE" && chown "$CRYPTOBOX_USER" "$LOG_FILE"
# parse config file
if test -e "$CONF_FILE"
then . "$CONF_FILE"
# create mount and config directories with appropriate permissions
test ! -e "$LOG_FILE" && touch "$LOG_FILE" && chown "$CRYPTOBOX_USER" "$LOG_FILE"
fi
if getent passwd "$CRYPTOBOX_USER" 2>/dev/null >/dev/null if getent passwd "$CRYPTOBOX_USER" 2>/dev/null >/dev/null
then # do nothing - the user already exists then # do nothing - the user already exists
true true
else # create cryptobox user else # create cryptobox user
echo "Creating new user '$CRYPTOBOX_USER' ..." echo "Creating new user '$CRYPTOBOX_USER' ..."
USER_HOME=/var/lib/cryptobox USER_HOME=/var/cache/cryptobox
adduser --system --group --home "$USER_HOME" cryptobox adduser --system --group --home "$USER_HOME" cryptobox
# add the user to the group "plugdev" (necessary for pmount)
adduser cryptobox plugdev
cp -r "$CONFIG_DEFAULTS_DIR" "$USER_HOME/config"
mkdir "$USER_HOME/mnt" mkdir "$USER_HOME/mnt"
chown -R ${CRYPTOBOX_USER}: "$USER_HOME" chown -R ${CRYPTOBOX_USER}: "$USER_HOME"
# only members of the cryptobox group may access the user directory # only members of the cryptobox group may access the user directory
chmod 750 "$USER_HOME" chmod 750 "$USER_HOME"
# no one may look into the config directory (protect init passwords)
chmod 700 "$USER_HOME/config"
fi fi
# set permissions for suid wrappers
chown root:$CRYPTOBOX_USER "/usr/lib/cryptobox/cryptobox_root_wrapper"
chmod 4750 "/usr/lib/cryptobox/cryptobox_root_wrapper"
chown $CRYPTOBOX_USER: "/usr/lib/cgi-bin/cryptobox"
chmod 6755 "/usr/lib/cgi-bin/cryptobox"
#DEBHELPER# #DEBHELPER#
true true

2
debian/postrm vendored
View file

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
if test "$1" = "purge" && getent passwd cryptobox 2>/dev/null >/dev/null \ if test "$1" = "purge" && getent passwd cryptobox 2>/dev/null >/dev/null \
&& test "$(cd ~cryptobox;pwd)" = /var/lib/cryptobox && test "$(cd ~cryptobox;pwd)" = /var/cache/cryptobox
then echo "Removing user 'cryptobox' ..." then echo "Removing user 'cryptobox' ..."
userdel -r cryptobox userdel -r cryptobox
fi fi

4
debian/rules vendored
View file

@ -55,9 +55,7 @@ install: build
dh_clean -k dh_clean -k
dh_installdirs dh_installdirs
$(MAKE) install PREFIX=$(DEB_BUILD_DIR)/usr $(MAKE) install PREFIX=$(DEB_BUILD_DIR)/usr
install -c -m 644 build_dir/etc/cryptobox.conf $(DEB_BUILD_DIR)/etc/cryptobox/ install -c -m 644 bin/cryptobox.conf $(DEB_BUILD_DIR)/etc/cryptobox/
install -c -m 644 build_dir/etc/distribution.conf $(DEB_BUILD_DIR)/etc/cryptobox/
install -c -m 755 bin/cryptobox_cgi_wrapper $(DEB_BUILD_DIR)/usr/lib/cgi-bin/cryptobox
# Build architecture-independent files here. # Build architecture-independent files here.