cryptonas/cryptonas
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

splitting package and live-cd

Browse source
This commit is contained in:
lars 2006-05-12 16:41:00 +00:00
parent b5c0ac2188
commit 7af10afd32
153 changed files with 0 additions and 10805 deletions
Download patch file Download diff file Expand all files Collapse all files

1
cbox-tree.d/etc/cron.d/cryptobox
View file

@ -1 +0,0 @@
* * * * * root [ -e /usr/lib/cryptobox/cbox-manage.sh ] && /usr/lib/cryptobox/check_smb_idle.sh

56
cbox-tree.d/etc/cryptobox/cryptobox.conf
View file

@ -1,56 +0,0 @@
# this file is directly sourced by some bash scripts
# so there should be no space around the "="
LANGUAGE=en
NET_IFACE=eth0
FILE_USER=cryptobox-data
WEB_USER=www-data
SCAN_DEVICES="sda"
#SCAN_DEVICES="hda hdb hdc hdd hde hdf hdg scd sg sda sdb sdc sdd"
# set this to "1" to create a dedicated configuration partition (very small)
# this should only be necessary, if your root filesystem is read-only (as for a live-cd)
USE_SEPERATE_CONFIG_PARTITION=0
# web interface
HTML_TEMPLATE_DIR=/usr/share/cryptobox/templates
STYLESHEET_URL=/cryptobox-misc/cryptobox.css
# directories
LANGUAGE_DIR=/usr/share/cryptobox/lang
DOC_DIR=/usr/share/doc/cryptobox/html
CONFIG_DEFAULTS_DIR=/usr/share/cryptobox/defaults
CONFIG_DIR=/var/lib/cryptobox/config
MNT_PARENT=/var/lib/cryptobox/mnt
# some files
CB_SCRIPT=/usr/lib/cryptobox/cbox-manage.sh
ROOT_PERM_SCRIPT=/usr/lib/cryptobox/cbox-root-actions.sh
DEV_FEATURES_SCRIPT=/usr/lib/cryptobox/devel-features.sh
FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh
MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh
LOG_FILE=/var/log/cryptobox.log
CERT_FILE=/var/lib/cryptobox/config/stunnel.pem
OPENSSL_CONF_FILE=/etc/cryptobox/ssl-cert.conf
IDLE_COUNTER_FILE=/tmp/cbox-idle-counter
CONFIG_MARKER=cryptobox.marker
# crypto settings
# there is no default hash, as this is ignored by luks
DEFAULT_CIPHER=aes-cbc-essiv:sha256
DEV_MAPPER_DIR=/dev/mapper
# some programs
SFDISK=/sbin/sfdisk
MKFS_DATA=/sbin/mkfs.ext3
MKFS_CONFIG=/sbin/mkfs.ext2
CRYPTSETUP=/sbin/cryptsetup
IPTABLES=/sbin/iptables
IFCONFIG=/sbin/ifconfig
# firewall setings
# do not use multiports (iptables) as the timeout-script depends on
# single port rules
# ssh is allowed too, but the server is not started automatically
ALLOW_TCP_PORTS="22 80 139 443 445"
ALLOW_UDP_PORTS="137 138"

1
cbox-tree.d/etc/cryptobox/revision
View file

@ -1 +0,0 @@
$Revision$

65
cbox-tree.d/etc/cryptobox/ssl-cert.conf
View file

@ -1,65 +0,0 @@
#
# OpenSSL configuration file.
#
# Establish working directory.
dir = .
[ ca ]
default_ca = CA_default
[ CA_default ]
default_days = 3650
default_md = md5
policy = policy_match
#serial = $dir/serial
#database = $dir/index.txt
#new_certs_dir = $dir/newcert
#certificate = $dir/cacert.pem
#private_key = $dir/private/cakey.pem
#preserve = no
#email_in_dn = no
#nameopt = default_ca
#certopt = default_ca
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = match
commonName = supplied
emailAddress = optional
[ req ]
default_bits = 1024 # Size of keys
default_keyfile = stunnel.pem # name of generated keys
default_md = md5 # message digest algorithm
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
# Variable name Prompt string
#---------------------- ----------------------------------
0.organizationName = Organization Name (company)
organizationalUnitName = Organizational Unit Name (department, division)
emailAddress = Email Address
emailAddress_max = 40
localityName = Locality Name (city, district)
stateOrProvinceName = State or Province Name (full name)
#countryName = Country Name (2 letter code)
#countryName_min = 2
#countryName_max = 2
#commonName = Common Name (hostname, IP, or your name)
#commonName_max = 64
# Default values for the above, for consistency and less typing.
# Variable name Value
#------------------------------ ------------------------------
0.organizationName_default = CryptoBox
organizationalUnitName_default = s.l.
localityName_default = Kugelmugel
stateOrProvinceName_default = Metropolis
emailAddress_default = info@systemausfall.org

26
cbox-tree.d/etc/default/cryptobox
View file

@ -1,26 +0,0 @@
# boot configuration file for the CryptoBox
#
# $Id$
#
# the default setup of the cryptobox is complete inactivity
# set to "1" to turn off the cryptobox - otherwise "0"
NO_START=1
# change the default configuration file if necessary
#CONF_FILE=/etc/cryptobox/cryptobox.conf
# should the cryptobox skip the network interface configuration?
# "0" means skip (default) --- "1" causes the cryptobox to configure it
SKIP_NETWORK_CONFIG=1
# should the cryptobox set some firewall (iptables) rules?
# if this is turned off, then you have to add the appropriate
# rules manually (if you need the timeout feature of the cryptobox)
# default is 0
EXEC_FIREWALL_RULES=0
# use stunnel for https support?
# default is 0
USE_STUNNEL=0

89
cbox-tree.d/etc/init.d/cryptobox
View file

@ -1,89 +0,0 @@
#!/bin/sh
set -eu
#
# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt
#
# check if the cryptobox is installed
[ -e "/usr/lib/cryptobox/cbox-manage.sh" ] || exit 0
# read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
# startup switch defaults to zero (enabled)
NO_START=${NO_START:-0}
# check startup switch
if [ "$NO_START" = "1" ]
then [ $# -eq 0 ] && exit 0
[ "$1" = "status" ] && exit 1
[ "$1" = "stop" ] && exit 0
echo "CryptoBox is disabled by default"
exit 0
fi
# stop-on-errors
set -eu
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
# parse config file
if [ -e "$CONF_FILE" ]
then . "$CONF_FILE"
else echo "[$(basename $0)] - configuration file ($CONF_FILE) not found!" >&2
exit 1
fi
case "$1" in
start )
# stop if already running
"$0" status && "$0" stop
# initialize
"$CB_SCRIPT" config-up
"$CB_SCRIPT" network-up
"$CB_SCRIPT" services-up
# check if we are on a developers CryptoBox
# if not give some usage hints
# otherwise give a warning and start the devel features
if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
echo
echo "How to use the CryptoBox:"
echo " * point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)/cryptobox'"
echo " * configure your CryptoBox via a webbrowser"
echo
else
echo
echo "+---------------------------------------------------------------+"
echo "| WARNING: Some CryptoBox development features are enabled |"
echo "| This should definitely NOT happen for a production CD. |"
echo "| as it offers no security at all. |"
echo "| If you don't plan to refine this CD, don't use it! |"
echo "+---------------------------------------------------------------+"
echo
"$DEV_FEATURES_SCRIPT" "$@"
fi
true
;;
stop )
# exit if not running
"$0" status || exit 0
# shut down
"$CB_SCRIPT" services-down
"$CB_SCRIPT" network-down
"$CB_SCRIPT" config-down
;;
restart | reload | force-reload )
$0 stop
$0 start
;;
status )
if "$CB_SCRIPT" is_config_mounted
then exit 0
else exit 1
fi
;;
* )
echo "Syntax: $0 { start | stop | restart | reload | force-reload | status }"
;;
esac

704
cbox-tree.d/usr/lib/cgi-bin/cryptobox.pl
View file

@ -1,704 +0,0 @@
#!/usr/bin/perl
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# the web interface of the CryptoBox
#
###############################################
use strict;
use CGI;
use ClearSilver;
use ConfigFile;
my $CONFIG_FILE = '/etc/cryptobox/cryptobox.conf';
my $pagedata;
my ($LANGUAGE_DIR, $DEFAULT_LANGUAGE, $HTML_TEMPLATE_DIR, $DOC_DIR);
my ($CB_SCRIPT, $LOG_FILE, $IS_DEVEL, $STYLESHEET_URL);
&fatal_error ("could not find configuration file ($CONFIG_FILE)") unless (-e $CONFIG_FILE);
my $config = ConfigFile::read_config_file($CONFIG_FILE);
$CB_SCRIPT = $config->{CB_SCRIPT};
$LOG_FILE = $config->{LOG_FILE};
$LANGUAGE_DIR = $config->{LANGUAGE_DIR};
$DEFAULT_LANGUAGE = $config->{LANGUAGE};
$HTML_TEMPLATE_DIR = $config->{HTML_TEMPLATE_DIR};
$DOC_DIR = $config->{DOC_DIR};
$IS_DEVEL = ( -e $config->{DEV_FEATURES_SCRIPT});
$STYLESHEET_URL = $config->{STYLESHEET_URL};
# TODO: just a quick-and-dirty hack during migration to multiple containers
my $CRYPTO_DEV = `$CB_SCRIPT get_available_disks | cut -f 1 -d " " | tr "\n" "2"`;
my $query = new CGI;
#################### subs ######################
# for fatal errors without the chance of clearsilver-rendering
sub fatal_error()
{
my $message = shift;
print "Content-Type: text/html\n\n";
print "<html><head><title>CryptoBox</title></head>\n";
print "<body>\n";
print '<h1 align="center">' . $message . "</h1>\n";
print "</body></html>\n";
die "[CryptoBox]: $message";
}
sub load_hdf
{
my $hdf = ClearSilver::HDF->new();
my $fname = "$HTML_TEMPLATE_DIR/main.cs";
&fatal_error ("Template directory is invalid ($fname not found)!") unless (-e "$fname");
$hdf->setValue("Settings.TemplateDir","$HTML_TEMPLATE_DIR");
&fatal_error ("Documentation directory ($DOC_DIR) not found!") unless (-d "$DOC_DIR");
$hdf->setValue("Settings.DocDir","$DOC_DIR");
# if it was requested as directory index (link from index.html), we should
# set a real script name - otherwise links with a query string will break
# ignore POST part of the SCRIPT_NAME (after "&")
(my $script_url = $ENV{'SCRIPT_NAME'}) =~ m/^[^&]*/;
$hdf->setValue("ScriptName", ($ENV{'SCRIPT_NAME'} eq '/')? '/cryptobox' : $script_url );
# set stylesheet url
$hdf->setValue("Settings.Stylesheet",$STYLESHEET_URL);
&load_selected_language($hdf);
&get_available_languages($hdf);
return $hdf;
}
sub load_selected_language
{
my $data = shift;
my $config_language;
# load $DEFAULT_LANGUAGE - this is necessary, if a translation is incomplete
$data->readFile("$LANGUAGE_DIR/$DEFAULT_LANGUAGE" . ".hdf");
# load configured language, if it is valid
$config_language = `$CB_SCRIPT get_config language`;
$config_language = $DEFAULT_LANGUAGE unless (&validate_language("$config_language"));
# check for preferred browser language, if the box was not initialized yet
if ( ! &check_config())
{
my $prefLang = &get_browser_language();
# take it, if a supported browser language was found
$config_language = $prefLang unless ($prefLang eq '');
}
######### temporary language setting? ############
# the default language can be overriden by the language links in the
# upper right of the page
if ($query->param('weblang')) {
my $weblang = $query->param('weblang');
if (&validate_language($weblang)) {
# load the data
$config_language = "$weblang";
# add the setting to every link
$data->setValue('Data.PostData.weblang', "$weblang");
} else {
# no valid language was selected - so you may ignore it
$data->setValue('Data.Warning', 'InvalidLanguage');
}
}
# import the configured resp. the temporarily selected language
$data->readFile("$LANGUAGE_DIR/$config_language" . ".hdf");
########## select documentation language ##########
if (&validate_doc_language($config_language)) {
# selected web interface language
$data->setValue('Settings.DocLang', "$config_language");
} elsif (&validate_doc_language($DEFAULT_LANGUAGE)) {
# configured CryptoBox language
$data->setValue('Settings.DocLang', "$DEFAULT_LANGUAGE");
} else {
# default hardcoded language (english)
$data->setValue('Settings.DocLang', "en");
}
}
sub get_available_languages
# import the names of all available languages
{
my $data = shift;
my ($file, @files, $hdf, $lang_name);
opendir(DIR, $LANGUAGE_DIR) or &fatal_error ("Language directory ($LANGUAGE_DIR) not accessible!");
@files = sort grep { /.*\.hdf$/ } readdir(DIR);
close(DIR);
foreach $file (@files) {
$hdf = ClearSilver::HDF->new();
$hdf->readFile("$LANGUAGE_DIR/$file");
substr($file, -4) = "";
$lang_name = $hdf->getValue("Lang.Name", "$file");
$data->setValue("Data.Languages." . "$file", "$lang_name");
}
}
# look for preferred browser language setting
# this code was adapted from Per Cederberg - http://www.percederberg.net/home/perl/select.perl
# it returns an empty string, if no supported language was found
sub get_browser_language
{
my ($str, @langs, @res);
# Use language preference settings
if ($ENV{'HTTP_ACCEPT_LANGUAGE'} ne '')
{
@langs = split(/,/, $ENV{'HTTP_ACCEPT_LANGUAGE'});
foreach (@langs)
{
# get the first part of the language setting
($str) = ($_ =~ m/([a-z]+)/);
# check, if it supported by the cryptobox
$res[$#res+1] = $str if validate_language($str);
}
}
# if everything fails - return empty string
$res[0] = "" if ($#res lt 0);
return $res[0];
}
sub log_msg
{
my $text = shift;
open(LOGFILE,">> $LOG_FILE");
print LOGFILE "$text";
close(LOGFILE);
}
sub check_ssl
{
# BEWARE: dirty trick - is there a better way?
# stunnel is not in transparent mode -> that means, it replaces REMOTE_ADDR with
# its own IP (localhost, of course)
return ($ENV{'REMOTE_ADDR'} eq '127.0.0.1');
}
sub check_mounted
{
return (system("$CB_SCRIPT","is_crypto_mounted",$CRYPTO_DEV) == 0);
}
sub check_config
{
return (system("$CB_SCRIPT","is_config_mounted",$CRYPTO_DEV) == 0);
}
sub check_init_running
{
return (system("$CB_SCRIPT","is_init_running") == 0);
}
sub is_harddisk_available
{
return (system("$CB_SCRIPT","is_harddisk_available") == 0);
}
sub get_available_disks
# TODO: this is useful for diskselection buttons
{
return `$CB_SCRIPT get_available_disks`;
}
sub get_current_ip
# the IP of eth0 - not the configured value of the box (only for validation)
{
return `$CB_SCRIPT get_current_ip`;
}
sub get_admin_pw
# returns the current administration password - empty, if it is not used
{
return `$CB_SCRIPT get_config admin_pw`;
}
sub render
{
my $pagefile = "$HTML_TEMPLATE_DIR/main.cs";
print "Content-Type: text/html\n\n";
my $cs = ClearSilver::CS->new($pagedata);
$cs->parseFile($pagefile);
print $cs->render();
}
sub mount_vol
{
my $pw = shift;
if (&check_mounted) {
$pagedata->setValue('Data.Warning', 'IsMounted');
} else {
open(PW_INPUT, "| $CB_SCRIPT crypto-up $CRYPTO_DEV");
print PW_INPUT $pw;
close(PW_INPUT);
}
}
sub umount_vol
{
if (&check_mounted) {
system("$CB_SCRIPT", "crypto-down",$CRYPTO_DEV);
} else {
$pagedata->setValue('Data.Warning', 'NotMounted');
}
}
sub box_init
{
my ($crypto_pw, $admin_pw) = @_;
system("$CB_SCRIPT", "init") || return 1;
# partitioning, config and initial cryptsetup
# TODO: define the name of the crypto container
open(PW_INPUT, "|$CB_SCRIPT crypto-create '$CRYPTO_DEV' default");
print PW_INPUT $crypto_pw;
close(PW_INPUT);
# set administration password
system("$CB_SCRIPT", "set_config", "admin_pw", "$admin_pw");
}
sub box_purge
{
system("$CB_SCRIPT", "box-purge");
}
sub system_poweroff
{
&umount_vol() if (&check_mounted());
system("$CB_SCRIPT", "poweroff");
}
sub system_reboot
{
&umount_vol() if (&check_mounted());
system("$CB_SCRIPT", "reboot");
}
sub validate_ip
{
my $ip = shift;
my @octets = split /\./, $ip;
return 0 if ($#octets == 4);
# check for values and non-digits
return 0 if (($octets[0] <= 0) || ($octets[0] >= 255) || ($octets[0] =~ /\D/));
return 0 if (($octets[1] < 0) || ($octets[1] >= 255) || ($octets[1] =~ /\D/));
return 0 if (($octets[2] < 0) || ($octets[2] >= 255) || ($octets[2] =~ /\D/));
return 0 if (($octets[3] <= 0) || ($octets[3] >= 255) || ($octets[3] =~ /\D/));
return 1;
}
sub validate_timeout
{
my $timeout = shift;
return 0 if ($timeout =~ /\D/);
return 1;
}
# check for a valid interface language
sub validate_language
{
my $language = shift;
# check for non-alphanumeric character
return 0 if ($language =~ /\W/);
return 0 if ($language eq "");
return 0 if ( ! -e "$LANGUAGE_DIR/$language" . '.hdf');
return 1;
}
# check for a valid documentation language
sub validate_doc_language
{
my $language = shift;
# check for non-alphanumeric character
return 0 if ($language =~ /\W/);
return 0 if ($language eq "");
return 0 if ( ! -e "$DOC_DIR/$language");
return 1;
}
################### main #########################
$pagedata = load_hdf();
# BEWARE: there are two kinds of actions:
# * some require a harddisk
# * some do not require a harddisk
# take care, that you put a new action into the appropriate block below
# first: check for ssl!
if ( ! &check_ssl()) {
$pagedata->setValue('Data.Error', 'NoSSL');
$pagedata->setValue('Data.Redirect.URL', "https://" . $ENV{'HTTP_HOST'} . $ENV{'SCRIPT_NAME'});
$pagedata->setValue('Data.Redirect.Delay', "3");
} elsif ($query->param('action')) {
my $action = $query->param('action');
#--------------------------------------------------------------#
# here you may define all cases that do not require a harddisk #
# put all other cases below the harddisk check #
#--------------------------------------------------------------#
#################### show_log #######################
if ($action eq 'show_log') {
$pagedata->setValue('Data.Action', 'show_log');
##################### doc ############################
} elsif ($action eq 'doc') {
if ($query->param('page')) {
$pagedata->setValue('Data.Doc.Page', $query->param('page'));
$pagedata->setValue('Data.Action', 'show_doc');
} else {
$pagedata->setValue('Data.Doc.Page', 'CryptoBoxUser');
$pagedata->setValue('Data.Action', 'show_doc');
}
##################### poweroff ######################
} elsif ($action eq 'shutdown_ask') {
$pagedata->setValue('Data.Action', 'form_shutdown');
##################### reboot ########################
} elsif ($action eq 'shutdown_do') {
if ($query->param('type') eq 'reboot') {
&system_reboot();
$pagedata->setValue('Data.Success', 'ReBoot');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "180");
} else {
&system_poweroff();
$pagedata->setValue('Data.Success', 'PowerOff');
}
$pagedata->setValue('Data.Action', 'empty');
##################### check for a harddisk ##########################
# catch this error, to prevent all following actions from execution #
#####################################################################
} elsif ( ! &is_harddisk_available()) {
$pagedata->setValue('Data.Error', 'NoHardDisk');
#-------------------------------------------------------#
# here you may define all cases that require a harddisk #
#-------------------------------------------------------#
################ umount_do #######################
} elsif ($action eq 'umount_do') {
if ( ! &check_config()) {
$pagedata->setValue('Data.Warning', 'NotInitialized');
$pagedata->setValue('Data.Action', 'form_init');
} elsif (&check_init_running()) {
$pagedata->setValue('Data.Warning', 'InitNotFinished');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'form_config');
$pagedata->setValue('Data.Redirect.Delay', "30");
} elsif ( ! &check_mounted()) {
$pagedata->setValue('Data.Warning', 'NotMounted');
$pagedata->setValue('Data.Action', 'empty');
} else {
# unmounten
&umount_vol();
if (&check_mounted()) {
$pagedata->setValue('Data.Warning', 'UmountFailed');
$pagedata->setValue('Data.Action', 'form_umount');
} else {
$pagedata->setValue('Data.Success', 'UmountDone');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
}
}
################ mount_do ########################
} elsif ($action eq 'mount_do') {
# mount requested
if ( ! &check_config()) {
$pagedata->setValue('Data.Warning', 'NotInitialized');
$pagedata->setValue('Data.Action', 'form_init');
} elsif (&check_init_running()) {
$pagedata->setValue('Data.Warning', 'InitNotFinished');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'form_config');
$pagedata->setValue('Data.Redirect.Delay', "30");
} elsif (&check_mounted()) {
$pagedata->setValue('Data.Warning', 'IsMounted');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
} elsif ($query->param('crypto_password') eq '') {
# leeres Passwort
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
$pagedata->setValue('Data.Action', 'form_mount');
} else {
# mounten
&mount_vol($query->param('crypto_password'));
if (!&check_mounted()) {
$pagedata->setValue('Data.Warning', 'MountFailed');
$pagedata->setValue('Data.Action', 'form_mount');
} else {
$pagedata->setValue('Data.Success', 'MountDone');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
}
}
################## mount_ask #######################
} elsif ($action eq 'mount_ask') {
if ( ! &check_config()) {
$pagedata->setValue('Data.Warning', 'NotInitialized');
$pagedata->setValue('Data.Action', 'form_init');
} elsif (&check_init_running()) {
$pagedata->setValue('Data.Warning', 'InitNotFinished');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'form_config');
$pagedata->setValue('Data.Redirect.Delay', "30");
} elsif (&check_mounted()) {
$pagedata->setValue('Data.Warning', 'IsMounted');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
} else {
$pagedata->setValue('Data.Action', 'form_mount');
}
################# umount_ask ########################
} elsif ($action eq 'umount_ask') {
if ( ! &check_config()) {
$pagedata->setValue('Data.Warning', 'NotInitialized');
$pagedata->setValue('Data.Action', 'form_init');
} elsif ( ! &check_mounted()) {
$pagedata->setValue('Data.Warning', 'NotMounted');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
} else {
$pagedata->setValue('Data.Action', 'form_umount');
}
################## init_ask #########################
} elsif ($action eq 'init_ask') {
if (&check_init_running()) {
$pagedata->setValue('Data.Warning', 'InitNotFinished');
$pagedata->setValue('Data.Action', 'form_config');
} elsif (&check_config()) {
$pagedata->setValue('Data.Warning', 'AlreadyConfigured');
$pagedata->setValue('Data.Action', 'form_init');
} else {
$pagedata->setValue('Data.Action', 'form_init');
}
#################### init_do ########################
} elsif ($action eq 'init_do') {
my $current_admin_pw = &get_admin_pw;
if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
$pagedata->setValue('Data.Action', 'form_init');
} elsif ($query->param('admin_password') ne $query->param('admin_password2')) {
# different admin-passwords
$pagedata->setValue('Data.Warning', 'DifferentAdminPasswords');
$pagedata->setValue('Data.Action', 'form_init');
} elsif ($query->param('crypto_password') ne $query->param('crypto_password2')) {
# different crypto-passwords
$pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
$pagedata->setValue('Data.Action', 'form_init');
} elsif ($query->param('crypto_password') eq '') {
# empty password
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
$pagedata->setValue('Data.Action', 'form_init');
} elsif ($query->param('confirm') ne $pagedata->getValue('Lang.Text.ConfirmInit','')) {
# wrong confirm string
$pagedata->setValue('Data.Warning', 'InitNotConfirmed');
$pagedata->setValue('Data.Action', 'form_init');
} else {
# do init
&box_init($query->param('crypto_password'),$query->param('admin_password'));
if (!&check_init_running()) {
$pagedata->setValue('Data.Error', 'InitFailed');
} else {
$pagedata->setValue('Data.Success', 'InitRunning');
$pagedata->setValue('Data.Action', 'form_config');
}
}
#################### config_ask ######################
} elsif ($action eq 'config_ask') {
if ( ! &check_config()) {
$pagedata->setValue('Data.Warning', 'NotInitialized');
$pagedata->setValue('Data.Action', 'form_init');
} else {
$pagedata->setValue('Data.Action', 'form_config');
}
#################### config_do #######################
} elsif ($action eq 'config_do') {
if ( ! &check_config()) {
$pagedata->setValue('Data.Warning', 'NotInitialized');
$pagedata->setValue('Data.Action', 'form_init');
} else {
my $current_admin_pw = &get_admin_pw;
if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
$pagedata->setValue('Data.Action', 'form_config');
} elsif ( ! &validate_language($query->param('language'))) {
$pagedata->setValue('Data.Warning', 'InvalidLanguage');
$pagedata->setValue('Data.Action', 'form_config');
} elsif ( ! &validate_ip($query->param('ip'))) {
$pagedata->setValue('Data.Warning', 'InvalidIP');
$pagedata->setValue('Data.Action', 'form_config');
} elsif ( ! &validate_timeout($query->param('timeout'))) {
$pagedata->setValue('Data.Warning', 'InvalidTimeOut');
$pagedata->setValue('Data.Action', 'form_config');
} else {
system("$CB_SCRIPT", "set_config", "language", $query->param('language'));
&load_selected_language($pagedata);
system("$CB_SCRIPT", "set_config", "timeout", $query->param('timeout'));
# check, if the ip was reconfigured
if ($query->param('ip') ne `$CB_SCRIPT get_config ip`)
{
# set the new value
system("$CB_SCRIPT", "set_config", "ip", $query->param('ip'));
# reconfigure the network interface
system("$CB_SCRIPT", "update_ip_address");
# redirect to the new address
$pagedata->setValue('Data.Redirect.URL', "https://" . $query->param('ip') . $ENV{'SCRIPT_NAME'});
$pagedata->setValue('Data.Redirect.Delay', "5");
# display a warning for the redirection
$pagedata->setValue('Data.Warning', 'IPAddressChanged');
}
# check for success
if (`$CB_SCRIPT get_config timeout` ne $query->param('timeout')) {
$pagedata->setValue('Data.Warning', 'ConfigTimeOutFailed');
} elsif (`$CB_SCRIPT get_config ip` ne $query->param('ip')) {
$pagedata->setValue('Data.Warning', 'ConfigIPFailed');
} elsif (`$CB_SCRIPT get_config language` ne $query->param('language')) {
$pagedata->setValue('Data.Warning', 'ConfigLanguageFailed');
} else {
$pagedata->setValue('Data.Success', 'ConfigSaved');
}
$pagedata->setValue('Data.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
}
}
#################### status #########################
} elsif ($action eq 'show_status') {
if ( ! &check_config()) {
$pagedata->setValue('Data.Warning', 'NotInitialized');
$pagedata->setValue('Data.Action', 'form_init');
} elsif (&check_init_running()) {
$pagedata->setValue('Data.Warning', 'InitNotFinished');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'form_config');
$pagedata->setValue('Data.Redirect.Delay', "30");
} else {
$pagedata->setValue('Data.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "60");
}
################### box_purge #######################
# if we find an existing config partition, then check the adminpw
} elsif ($action eq 'do_purge') {
if ( &check_config()) {
my $current_admin_pw = &get_admin_pw;
if ($current_admin_pw ne '' && $current_admin_pw ne $query->param('current_admin_password')) {
$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
$pagedata->setValue('Data.Action', 'form_config');
} else {
&box_purge;
$pagedata->setValue('Data.Action', 'form_init');
}
}
################### unknown #########################
} else {
$pagedata->setValue('Data.Error', 'UnknownAction');
}
#################### default action ##########################
# check for a harddisk again, as this check was skipped
# because there was no action defined
} elsif ( ! &is_harddisk_available()) {
$pagedata->setValue('Data.Error', 'NoHardDisk');
} else {
if (&check_init_running()) {
$pagedata->setValue('Data.Warning', 'InitNotFinished');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'form_config');
$pagedata->setValue('Data.Redirect.Delay', "60");
} elsif (&check_config()) {
$pagedata->setValue('Data.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "60");
} else {
$pagedata->setValue('Data.Action', 'form_init');
}
}
# check state of the cryptobox
$pagedata->setValue('Data.Status.Config', &check_config() ? 1 : 0);
$pagedata->setValue('Data.Status.InitRunning', &check_init_running() ? 1 : 0);
$pagedata->setValue('Data.Status.Mounted', &check_mounted() ? 1 : 0) if (&check_config());
my $output = &get_current_ip();
$pagedata->setValue('Data.Status.IP', "$output");
$output = &get_admin_pw();
$pagedata->setValue('Data.Config.AdminPasswordIsSet', 1) if ($output ne '');
$output = `$CB_SCRIPT diskinfo 2>&1 | sed 's#\$#<br/>#'`;
$pagedata->setValue('Data.PartitionInfo',"$output");
# preset config settings for clearsilver
$pagedata->setValue('Data.Config.IP', `$CB_SCRIPT get_config ip`);
$pagedata->setValue('Data.Config.TimeOut', `$CB_SCRIPT get_config timeout`);
$pagedata->setValue('Data.Config.Language', `$CB_SCRIPT get_config language`);
# read log and add html linebreaks
$output = '';
if (-e "$LOG_FILE") {
open(LOGFILE, "< $LOG_FILE");
while (<LOGFILE>) { $output .= "$_<br/>" }
close(LOGFILE);
}
$pagedata->setValue('Data.Log',"$output");
$pagedata->setValue('Data.Status.DevelopmentMode', 1) if ($IS_DEVEL);
# save QUERY_STRING (e.g. for weblang-links)
my $querystring = $ENV{'QUERY_STRING'};
# remove weblang setting
$querystring =~ s/weblang=\w\w&?//;
$pagedata->setValue('Data.QueryString', "$querystring") if ($querystring ne '');
&render();
exit 0;

590
cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh
View file

@ -1,590 +0,0 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# this script does EVERYTHING
# all other scripts are only frontends :)
#
# called by:
# - some rc-scripts
# - the web frontend cgi
#
# TODO: check permissions and owners of config files, directories and scripts before
# running cbox-root-actions.sh
set -eu
# define reasonable defaults
USE_STUNNEL=0
EXEC_FIREWALL_RULES=0
SKIP_NETWORK_CONFIG=1
CONF_FILE=/etc/cryptobox/cryptobox.conf
# read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
# parse config file
. "$CONF_FILE"
# check for writable log file
[ -w "$LOG_FILE" ] || LOG_FILE=/tmp/$(basename "$LOG_FILE")
## configuration
CERT_TEMP=/tmp/stunnel.pem
######## stuff ##########
ALL_PARTITIONS=$(cat /proc/partitions | sed '1,2d; s/ */ /g; s/^ *//' | cut -d " " -f 4)
#########################
function log_msg()
{
# the log file is not writable during boot - try before writing ...
[ -w "$LOG_FILE" ] || return 0
echo >>"$LOG_FILE"
echo "##### `date` #####" >>"$LOG_FILE"
echo "$1" >>"$LOG_FILE"
}
function error_msg()
# parameters: ExitCode ErrorMessage
{
echo "[`date`] - $2" | tee -a "$LOG_FILE" >&2
# print the execution stack - not usable with busybox
# caller | sed 's/^/\t/' >&2
exit "$1"
}
function config_set_value()
# parameters: SettingName [SettingValue]
# read from stdin if SettingValue is not defined
{
[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && sudo "$ROOT_PERM_SCRIPT" remount_config rw
if [ $# -gt 1 ]
then echo -n "$2" > "$CONFIG_DIR/$1"
else cat - >"$CONFIG_DIR/$1"
fi
[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && sudo "$ROOT_PERM_SCRIPT" remount_config ro
}
function config_get_value()
# parameters: SettingName
{
# use mounted config, if it exists - otherwise use defaults
local conf_dir
if is_config_active
then conf_dir=$CONFIG_DIR
else conf_dir=$CONFIG_DEFAULTS_DIR
fi
[ -z "$1" ] && error_msg 1 "empty setting name"
# check for existence - maybe use default values (for old releases without this setting)
if [ ! -e "$conf_dir/$1" ]
then case "$1" in
# you may place default values for older versions here
# for compatibility
* )
error_msg 2 "unknown configuration value ($1)"
# empty output
;;
esac
else echo -n $(cat "$conf_dir/$1")
# this removes the trailing line break
fi
# always return without error
true
}
function create_config()
# Parameter: device
{
local device=$1
unload_config
# create the new configuration filesystem if it is not static
if [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ]
then log_msg "Using static configuration ..."
else log_msg "Creating config filesystem ..."
sudo "$ROOT_PERM_SCRIPT" create_config "$device"
log_msg "Mounting config partition ..."
sudo "$ROOT_PERM_SCRIPT" mount_config "$device"
sudo "$ROOT_PERM_SCRIPT" remount_config rw
fi
log_msg "Copying configuration defaults ..."
cp -a "$CONFIG_DEFAULTS_DIR/." "$CONFIG_DIR"
log_msg "Copying temporary certificate file to config filesystem ..."
# beware: the temp file should always be there - even after reboot - see "load_config"
[ "$USE_STUNNEL" = 1 ] && cp -p "$CERT_TEMP" "$CERT_FILE"
log_msg "Setting inital values ..."
# beware: config_set_value remounts the config partition read-only
config_set_value "ip" "$(get_current_ip)"
# create database of readable names
config_set_value "names.db" ""
# create a marker to recognize a cryptobox partition
# this should be the last step, to prevent a half-initialized state
config_set_value "$CONFIG_MARKER" "$(date -I)"
}
function get_current_ip()
# not necessarily the same as configured (necessary for validation)
{
# filter the output of ifconfig and remove trailing line break
echo -n $("$IFCONFIG" "$NET_IFACE" | grep "inet" | cut -d ":" -f2 | cut -d " " -f1)
}
function list_partitions_of_type()
# parameter: { config | crypto | plaindata | unused }
{
local config=
local crypto=
local plaindata=
local unused=
for a in $ALL_PARTITIONS
do if sudo "$ROOT_PERM_SCRIPT" is_crypto_partition "/dev/$a"
then crypto="$crypto /dev/$a"
elif sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$a"
then config="$config /dev/$a"
elif sudo "$ROOT_PERM_SCRIPT" is_plaindata_partition "/dev/$a"
then plaindata="$plaindata /dev/$a"
else unused="$unused /dev/$a"
fi
done
case "$1" in
config | crypto | plaindata | unused )
# dirty hack, but it works
eval "echo \$$1"
;;
* )
errot_msg "wrong parameter ($1) for list_partition_types in $(basename $0)"
;;
esac | tr " " "\n" | grep -v '^$'
}
function get_crypto_uuid()
# Parameter: DEVICE
{
sudo "$ROOT_PERM_SCRIPT" get_device_name "$1"
}
function get_crypto_name()
# Parameter: DEVICE
# return the readable name of the crypto container, it it is already defined
# if undefined - return the uuid
{
local uuid=$(get_crypto_uuid "$1")
local dbname=$(config_get_value "names.db" | grep "^$uuid:" | cut -d ":" -f 2-)
if [ -z "$dbname" ]
then echo -n "$uuid"
else echo -n "$dbname"
fi
}
function set_crypto_name()
# TODO: the implementation is quite ugly, but it works (tm)
# Parameter: DEVICE NAME
{
local uuid=$(get_crypto_uuid "$1")
# remove the old setting for this device and every possible entry with the same name
(config_get_value 'names.db' | sed "/^$uuid:/d; /^[^:]*:$2$/d"; echo "$uuid:$2") | config_set_value 'names.db'
}
function does_crypto_name_exist()
# Parameter: NAME
{
config_get_value 'names.db' | grep -q "^[^:]*:$1$"
}
function create_crypto()
# Parameter: DEVICE NAME KEYFILE
# keyfile is necessary, to allow background execution via 'at'
# TODO: check if the keyfile is still necessary for sudo -b
{
local device=$1
local name=$2
local keyfile=$3
# otherwise the web interface will hang
# passphrase may be passed via command line
local key=$(<"$keyfile")
# remove the passphrase-file as soon as possible
dd if=/dev/zero of="$keyfile" bs=512 count=1 2>/dev/null
rm "$keyfile"
log_msg "Creating crypto partition with the cipher $DEFAULT_CIPHER on $device"
echo "$key" | sudo "$ROOT_PERM_SCRIPT" create_crypto "$device"
set_crypto_name "$device" "$name"
}
function is_config_active()
{
test -f "$CONFIG_DIR/$CONFIG_MARKER"
}
function is_crypto_mounted()
# Parameter: DEVICE
{
local name=$(get_crypto_uuid "$1")
[ -n "$name" ] && mountpoint -q "$MNT_PARENT/$name"
}
function is_init_running()
{
check_at_command_queue " init"
}
# check if a specified command is in an at-queue
# Parameter: a regular expression of the commandline
# Return: the command is part of an at-queue (0) or not (1)
function check_at_command_queue()
{
# 1) get the available job numbers
# 2) remove empty lines (especially the last one)
# 3) check every associated command for the regexp
at -l | cut -f 1 | while read jobnum
do at -c $jobnum | sed '/^$/d' | tail -1
done | grep -q "$1"
}
function find_harddisk()
# look for the harddisk to be partitioned
{
local device=$(get_available_disks | head -1)
if [ -z "$device" ] ; then
log_msg "no valid harddisk for initialisation found!"
cat /proc/partitions >>"$LOG_FILE"
# do not return with an error, to avoid a failing of the script ('break on error')
# the caller of this function should handle an empty return string
fi
echo -n "$device"
}
function get_available_disks()
# looks which allowed disks are at the moment connected with the cbox
{
for scan in $SCAN_DEVICES
do for avail in $ALL_PARTITIONS
do [ "$scan" = "$avail" ] && echo "/dev/$avail"
done
done
}
function load_config()
{
unload_config
local status=0
# look for a configuration partition
[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && \
list_partitions_of_type config | while read part && [ "$status" = 0 ]
do log_msg "Trying to load configuration from /dev/$part ..."
if sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$part"
then log_msg "configuraton found on $part"
sudo "$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
status=1
fi
done
if is_config_active
then # copy certificate to /tmp in case of re-initialization
# /tmp should be writable, so tmpfs has to be mounted before (/etc/rcS.d)
[ "$USE_STUNNEL" = 1 ] && cp "$CERT_FILE" "$CERT_TEMP"
else log_msg "failed to locate config partition"
return 1
fi
true
}
function unload_config()
{
is_config_active || return
# only try to unmount, if it is not static (the config of a live-cd is always dynamic)
if [ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ]
then sudo "$ROOT_PERM_SCRIPT" umount_config
else true
fi
}
function mount_crypto()
# Parameter: DEVICE
{
local device=$1
[ -z "$device" ] && error_msg 4 'No valid harddisk found!' && return 1
is_crypto_mounted "$device" && echo "The crypto filesystem is already active!" && return
# passphrase is read from stdin
log_msg "Mounting a crypto partition from $device"
sudo "$ROOT_PERM_SCRIPT" mount "$device" >>"$LOG_FILE" 2>&1
}
function umount_crypto()
# Parameter: DEVICE
{
local device=$1
local uuid=$(get_crypto_uuid $device)
sudo "$ROOT_PERM_SCRIPT" umount "$uuid"
}
function box_purge()
# removing just the first bytes from the harddisk should be enough
# every harddisk will be overriden!
{
# TODO: not ALL harddisks, please!
get_available_disks | while read a
do log_msg "Purging $a ..."
sudo "$ROOT_PERM_SCRIPT" trash_device "$a"
done
}
function init_cryptobox()
# this is only the first part of initialisation that takes no time - good for a smooth web interface
{
local device=$(find_harddisk)
[ -z "$device" ] && log_msg 'No valid harddisk found!' && return 1
turn_off_all_crypto
unload_config || true
log_msg "Partitioning the device ($device) ..."
sudo "$ROOT_PERM_SCRIPT" partition_disk "$device" "0,1,L \n,,L\n"
log_msg "Initializing config partition on ${device}1 ..."
# TODO: this should not be hard-coded
create_config "${device}1"
}
function turn_off_all_crypto()
{
list_crypto_containers | while read a
do is_crypto_mounted "$a" && umount_crypto "$a"
done
}
### main ###
# set PATH because thttpd removes /sbin and /usr/sbin for cgis
export PATH=/usr/sbin:/usr/bin:/sbin:/bin
ACTION=help
[ $# -gt 0 ] && ACTION=$1 && shift
case "$ACTION" in
config-up )
if load_config
then echo "Cryptobox configuration successfully loaded"
else error_msg 0 "Could not find a configuration partition!"
fi
;;
config-down )
unload_config || error_msg 4 "Could not unmount configuration partition"
;;
network-up )
if [ "$SKIP_NETWORK_CONFIG" != 1 ]
then conf_ip=$(config_get_value "ip")
log_msg "Configuring $NET_IFACE for $conf_ip ..."
echo "Configuring network interface for $NET_IFACE: $conf_ip"
"$IFCONFIG" "$NET_IFACE" "$conf_ip"
fi
if [ "$EXEC_FIREWALL_RULES" = 1 ]
then log_msg "Starting the firewall ..."
"$FIREWALL_SCRIPT" start
fi
if [ "$USE_STUNNEL" = 1 ]
then # start stunnel
if [ -f "$CERT_FILE" ]
then USE_CERT=$CERT_FILE
else USE_CERT=$CERT_TEMP
$MAKE_CERT_SCRIPT "$CERT_TEMP" >>"$LOG_FILE" 2>&1
# TODO: this could be dangerous - right?
# this is necessary, to allow www-data to copy the certificate
chown "$WEB_USER" "$CERT_TEMP"
fi
log_msg "Starting stunnel ..."
stunnel -p "$USE_CERT" -r localhost:80 -d 443 \
|| echo "$USE_CERT not found - not starting stunnel"
fi
;;
network-down )
if [ "$EXEC_FIREWALL_RULES" = 1 ]
then log_msg "Stopping the firewall ..."
"$FIREWALL_SCRIPT" stop
fi
if [ "$USE_STUNNEL" = 1 ]
then log_msg "Stopping stunnel ..."
# TODO: what about a pid?
killall stunnel 2>/dev/null || true
fi
if [ "$SKIP_NETWORK_CONFIG" != 1 ]
then log_msg "Shutting the network interface down ..."
"$IFCONFIG" "$NET_IFACE" down
fi
;;
services-up )
# the mount point has to be writeable
# this action is called as root - so we are allowed to umount
# TODO: do this only for ro-filesystem
# TODO: this way of mounting is evil
if mountpoint -q "$MNT_PARENT"
then true
else mount -t tmpfs tmpfs "$MNT_PARENT"
fi
true
;;
services-down )
# this action is called as root - so we are allowed to umount
mountpoint -q "$MNT_PARENT" && umount "$MNT_PARENT"
# TODO: we should not depend on samba and thttpd
# /etc/init.d/samba stop || true
# /etc/init.d/thttpd stop || true
true
;;
crypto-up )
[ $# -ne 1 ] && error_msg "invalid number of parameters for 'crypto-up'"
mount_crypto "$1"
;;
crypto-down )
[ $# -ne 1 ] && error_msg "invalid number of parameters for 'crypto-down'"
umount_crypto "$1"
;;
init )
init_cryptobox </dev/null >>"$LOG_FILE" 2>&1
;;
crypto-create )
# Parameter: DEVICE NAME
[ $# -ne 2 ] && error_msg "invalid number of parameters for 'crypto-create'"
# do it in the background to provide a smoother web interface
# messages and errors get written to $LOG_FILE
keyfile=/tmp/$(basename "$0")-passphrase-$(basename "$1")
# read the password
cat - >"$keyfile"
# execute it in the background
echo "'$0' crypto-create-bg '$1' '$2' '$keyfile' </dev/null >>'$LOG_FILE' 2>&1" | at now
;;
crypto-create-bg )
create_crypto "$@"
;;
crypto-list )
list_partitions_of_type crypto
;;
crypto-list-unused )
list_partitions_of_type unused
;;
crypto-name )
# Parameter: DEVICE
get_crypto_name "$1"
;;
is_crypto_mounted )
[ $# -ne 1 ] && error_msg 10 "invalid number of parameters for 'is_crypto_mounted'"
is_crypto_mounted "$1"
;;
is_config_mounted )
is_config_active
;;
is_init_running )
is_init_running
;;
is_harddisk_available )
[ -z "$(find_harddisk)" ] && exit 1
exit 0
;;
update_ip_address )
# reconfigure the network interface to a new IP address
# wait for 5 seconds to finish present http requests
if [ "$SKIP_NETWORK_CONFIG" != 1 ]
then echo -n "sleep 5; sudo $ROOT_PERM_SCRIPT update_network" | at now
fi
;;
get_available_disks )
get_available_disks
;;
get_current_ip )
get_current_ip
;;
set_config )
[ $# -ne 2 ] && error_msg 7 "'set_config' requires two parameters"
config_set_value "$1" "$2"
;;
get_config )
[ $# -ne 1 ] && error_msg 6 "'get_config' requires exactly one parameter"
config_get_value "$1"
;;
diskinfo )
get_available_disks | while read a
do sudo "$ROOT_PERM_SCRIPT" diskinfo "$a"
done
;;
box-purge )
log_msg "Cleaning the CryptoBox ..."
turn_off_all_crypto
"$0" config-down
box_purge >>"$LOG_FILE" 2>&1
;;
poweroff )
log_msg "Turning off the CryptoBox ..."
turn_off_all_crypto
echo "poweroff" | at now
;;
reboot )
log_msg "Rebooting the CryptoBox ..."
turn_off_all_crypto
echo "reboot" | at now
;;
* )
echo "Syntax: `basename $0` ACTION [PARAMS]"
echo " config-up - scan for configuration partition and mount it"
echo " config-down - unmount configuration partition"
echo " network-up - enable network interface"
echo " network-down - disable network interface"
echo " services-up - run some cryptobox specific daemons"
echo " services-down - stop some cryptobox specific daemons"
echo " crypto-up - mount crypto partition"
echo " crypto-down - unmount crypto partition"
echo " box-init - initialize cryptobox (ALL data is LOST)"
echo " box-init-fg - the first part of initialization"
echo " box-init-bg - the last part of initialization (background)"
echo " is_crypto_mounted - check, if crypto partition is mounted"
echo " is_config_mounted - check, if configuration partition is mounted"
echo " is_init_running - check, if initialization is ongoing"
echo " is_harddisk_available - check, if there is a usable harddisk"
echo " get_available_disks - shows all connected and allowed disks"
echo " get_current_ip - get the current IP of the network interface"
echo " update_ip_address - update the network interface after reconfiguration"
echo " set_config NAME VALUE - change a configuration setting"
echo " get_config NAME - retrieve a configuration setting"
echo " diskinfo - show the partition table of the harddisk"
echo " box-purge - destroy partitiontable of all harddisks (delete everything)"
echo " poweroff - shutdown the cryptobox"
echo " reboot - reboot the cryptobox"
echo
;;
esac
exit 0

330
cbox-tree.d/usr/lib/cryptobox/cbox-root-actions.sh
View file

@ -1,330 +0,0 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# this script is responsible for all dangerous actions, that require root privileges
# every action should be checked at least TWICE a day for open holes :)
# usually will get call via sudo
#
# called by:
# - cbox-manage.sh
#
set -eu
[ "$(id -u)" -ne 0 ] && echo "$(basename $0) - only root may call this script" >&2 && exit 100
# read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
# parse config file
. "$CONF_FILE"
############ some useful functions ###############
# check if the given device is part of the SCAN_DEVICE list
# every entry in SCAN_DEVICES is matched as "^/dev/${SCAN_DEVICE}[0-9]*$" against
# the given device
# other devices may not be touched
function is_device_allowed()
# parameter: device
{
for a in $SCAN_DEVICES
do [[ "$1" =~ "^/dev/${a}[0-9]*$" ]] && return 0
done
return 1
}
function get_device_name()
# return the uuid of the device
# if there is no uuid, then the device name is "flattened" and returned
# ignore volume-id as it may be non-unique
{
local UUID=
# check for luksUUID or ext2/3-uuid
if is_luks_device "$1"
then UUID=$("$CRYPTSETUP" luksUUID "$1")
else [ -n "$(which dumpe2fs)" ] && UUID=$(dumpe2fs -h "$1" 2>/dev/null | grep "UUID" | cut -d ":" -f 2 | sed "s/ *//g")
fi
# if there is no valid UUUD, then take the flattened device name
is_uuid_valid "$UUID" || UUID=${1//\//_}
echo "$UUID"
}
function is_uuid_valid()
# every devmapper name should look like a UUID
{
local hex=[0-9a-f]
[[ "$1" =~ "^$hex\{8\}-$hex\{4\}-$hex\{4\}-$hex\{4\}-$hex\{12\}$" ]]
}
function error_msg()
# parameter ExitCode ErrorMessage
{
echo "CBOX-ERROR: [$(basename $0) - $ACTION] - $2" >&2
exit $1
}
function partition_device()
# parameter: device sfdisk_layout_setup
# e.g.: /dev/hda "0,1,L \n,,L\n"
{
# TODO: allow different layouts
# TODO: skip config partition if a configuration is already active
# sfdisk -n doesn't actually write (for testing purpose)
if echo -e "$2" | "$SFDISK" -n "$1"
then echo -e "$2" | "$SFDISK" "$1" || return 1
else return 2
fi
true
}
function is_luks_device()
# parameter: device
{
"$CRYPTSETUP" isLuks "$1"
}
################ main ####################
ACTION=unknown
[ $# -gt 0 ] && ACTION=$1 && shift
case "$ACTION" in
partition_disk )
[ $# -ne 2 ] && error_msg 1 "wrong number of parameters"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
partition_device "$1" "$2" || \
error_msg 2 "failed to create new partition table on device $1"
;;
mount )
# parameters: device
# returns the relative name of the mointpoint for success
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
name=$(get_device_name "$1")
mountpoint -q "$MNT_PARENT/$name" && \
error_msg 5 "a device with the same name ($name) is already mounted"
mkdir -p "$MNT_PARENT/$name"
if is_luks_device "$1"
then "$CRYPTSETUP" luksOpen "$1" "$name" || \
error_msg 6 "could not open encrypted device $1"
if mount "$DEV_MAPPER_DIR/$name" "$MNT_PARENT/$name"
then true
else "$CRYPTSETUP" luksClose "$name" || true
error_msg 7 "wrong password for $1 supplied"
fi
else mount "$1" "$MNT_PARENT/$name" || \
error_msg 8 "invalid filesystem on device $1"
fi
# just in case, that there is no ext2/3 filesystem:
# set uid option (will fail silently for ext2/3)
mount -o remount,uid="$FILE_USER" "$MNT_PARENT/$name" 2>/dev/null || true
# adapt top-level permission to current setup - again: may fail silently
chown "$FILE_USER" "$MNT_PARENT/$name" 2>/dev/null || true
true
;;
umount )
#parameter: name (relative mountpoint)
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
is_uuid_valid "$1" || [[ "$1" =~ "^[_a-z0-9]*$" ]] || \
error_msg 4 "invalid UUID ($1)"
mountpoint -q "$MNT_PARENT/$1" || \
error_msg 9 "the device with the UUID ($1) is not mounted"
# try to unmount - continue even on errors
umount "$MNT_PARENT/$1" || \
error_msg 0 "unmount of device $1 failed - device is busy"
# remove (if necessary) the dev mapping
[ -e "$DEV_MAPPER_DIR/$1" ] && "$CRYPTSETUP" luksClose "$1" || \
error_msg 11 "could not remove the device mapper for device $1"
# try to remove the mountpoint - a failure is not important
rmdir "$MNT_PARENT/$1" || true
# set exitcode
mountpoint -q "$MNT_PARENT/$1" && exit 1
exit 0
;;
create_crypto )
# parameter: device
# the passphrase is expected on stdin
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
# read the passphrase from stdin
key=$(cat -)
# the iter-time is in milliseconds - keep it low for fast mounting
echo "$key" | \
"$CRYPTSETUP" --cipher "$DEFAULT_CIPHER" --iter-time 2000 luksFormat "$1" || \
error_msg 11 "failed to create the encrypted partition"
name=$(get_device_name "$1")
echo "$key" | "$CRYPTSETUP" luksOpen "$1" "$name" || \
error_msg 12 "failed to open the encrypted partition"
# silent output from mkfs.ext3
"$MKFS_DATA" -q "$DEV_MAPPER_DIR/$name" || \
error_msg 13 "failed to create the encrypted filesystem"
"$CRYPTSETUP" luksClose "$name" || \
error_msg 14 "failed to close the encrypted mapped device"
;;
get_device_name )
# parameter: device
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
get_device_name "$1"
;;
mount_config )
# parameter: device
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
[ "$USE_SEPERATE_CONFIG_DIR" != "1" ] && \
error_msg 19 "I am configured to work without a seperate config partition (see $CONF_FILE)"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
mountpoint -q "$CONFIG_DIR" && \
error_msg 0 "the configuration partition is already mounted"
"$MKFS_CONFIG" -q "$1" || \
error_msg 20 "failed to create config partition filesystem"
;;
mount_config )
# parameter: device
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
[ "$USE_SEPERATE_CONFIG_DIR" != "1" ] && \
error_msg 19 "I am configured to work without a seperate config partition (see $CONF_FILE)"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
mountpoint -q "$CONFIG_DIR" && \
error_msg 0 "the configuration partition is already mounted"
mount "$1" "$CONFIG_DIR" || \
error_msg 16 "failed to mount configuration partition"
# chown to fix permissions - may fail for non-ext2/3 filesystems
chown -R "$WEB_USER" "$CONFIG_DIR" || true
mount -o remount,ro "$CONFIG_DIR" || \
error_msg 18 "failed to remount configuration partition"
true
;;
remount_config )
# parameter: { ro | rw }
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
[ "$USE_SEPERATE_CONFIG_DIR" != "1" ] && \
error_msg 19 "I am configured to work without a seperate config partition (see $CONF_FILE)"
[[ "$1" =~ "^r[ow]$" ]] || error_msg 17 "only 'rw' and 'ro' are allowed"
mount -o "remount,$1" "$CONFIG_DIR" || \
error_msg 18 "failed to remount configuration partition"
true
;;
umount_config )
# no parameters
[ $# -ne 0 ] && error_msg 1 "wrong number of parameters"
[ "$USE_SEPERATE_CONFIG_DIR" != "1" ] && \
error_msg 19 "I am configured to work without a seperate config partition (see $CONF_FILE)"
mountpoint -q "$CONFIG_DIR" && umount "$CONFIG_DIR" || \
error_msg 18 "failed to unmount configuration partition"
;;
is_config_partition )
# parameter: device
# returns exitcode 0 if the device contains a configuration
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
[ "$USE_SEPERATE_CONFIG_DIR" != "1" ] && \
error_msg 19 "I am configured to work without a seperate config partition (see $CONF_FILE)"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
is_config=0
tmp_dir=/tmp/$(basename $0)-$$-mnt
mkdir -p "$tmp_dir"
# error means "no config partition"
if mount "$1" "$CONFIG_DIR"
then [ -e "$CONFIG_DIR/$CONFIG_MARKER" ] && is_config=1
umount "$CONFIG_DIR" || \
error_msg 14 "unable to unmount configation partition after probing"
fi
rmdir "$tmp_dir" || true
# return 0 if $device is a config partition
[ "$is_config" -eq 1 ] && exit 0
exit 1
;;
is_crypto_partition )
# parameter: device
# returns exitcode 0 if the device contains a luks header
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
is_luks_device "$1"
;;
is_data_partition )
# parameter: device
# returns exitcode 0 if the device contains a readable filesystem
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
status=0
tmp_dir=/tmp/$(basename $0)-$$-mnt
mkdir -p "$tmp_dir"
if mount "$1" "$tmp_dir"
then [ ! -e "$tmp_dir/$CONFIG_MARKER" ] && status=1
umount "$tmp_dir"
fi
rmdir "$tmp_dir" || true
[ "$status" -eq 1 ] && exit 0
exit 1
;;
trash_device )
# parameter: device
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
dd if=/dev/urandom of="$1" bs=512 count=1 2>/dev/null
;;
diskinfo )
# parameter: device
[ $# -ne 1 ] && error_msg 1 "wrong number of parameters"
is_device_allowed "$1" || \
error_msg 3 "this device ($1) is not listed in SCAN_DEVICES (see $CONF_FILE)"
"$SFDISK" -L -q -l "$1"
;;
update_network )
# parameter: none
ip=
# TODO: can we avoid to hard-code the filename ($CONFIG_DIR/ip) here?
[ -e "$CONFIG_DIR/ip" ] && ip=$(<"$CONFIG_DIR/ip")
[ -n "$z" ] && ifconfig "$NET_IFACE" "$ip"
;;
* )
echo "Syntax: $(basename $0) ACTION PARAMETERS"
echo ' partition_disk $device $disk_layout'
echo ' get_device_name $device'
echo ' create_crypto $device'
echo ' mount $device'
echo ' umount $name'
echo ' create_config $device'
echo ' mount_config $device'
echo ' remount_config { ro | rw }'
echo ' umount_config'
echo ' is_config_partition $device'
echo ' is_plaindata_partition $device'
echo ' is_crypto_partition $device'
echo ' trash_device $device'
echo ' diskinfo $device'
echo ' update_network'
echo ' help'
echo
[ "$ACTION" == "help" ] && exit 0
# return error for any unknown/unspecified action
exit 1
;;
esac

92
cbox-tree.d/usr/lib/cryptobox/check_smb_idle.sh
View file

@ -1,92 +0,0 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# a simple script to check, if there was no smb traffic for the specified
# number of minutes - then it unmounts the crypto partition
#
# you may want to adjust the function "filter_ipt_rules" according to
# your setup
#
# any Parameter are ignored
#
# this script has to run as root - as it invokes iptables
#
# the iptables rules to detect smb traffic could look like the following:
# iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT
# iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT
#
# called by:
# - cron (/etc/cron.d/cryptobox)
#
set -eu
# read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
# parse config file
. "$CONF_FILE"
############# some functions ##################
filter_ipt_rules()
# get the input rules for smb datagram traffic
{
"$IPTABLES" -L INPUT -vnx | grep -E "udp dpt:138|tcp dpt:139"
}
function check_for_traffic()
{
local traffic_yes=0
# fallback if no rules were found
# extract the number of packets and calculate the sum
filter_ipt_rules | sed 's/ */ /g' | cut -d " " -f 3 | while read a
do [ "$a" -gt 0 ] && echo "$a"
done | grep -q "" && traffic_yes=1
"$IPTABLES" -Z INPUT
[ "$traffic_yes" = "1" ]
}
################### main ######################
# TODO: migrate to multi-container-setup
exit 0
# break, if crypto partition is not mounted
"$CB_SCRIPT" is_crypto_mounted || exit 0
# break, if idle timer is turned off
MAX_IDLE_COUNTER=$("$CB_SCRIPT" get_config timeout)
[ "$MAX_IDLE_COUNTER" -eq 0 ] && exit 0
# config test
[ -z "$(filter_ipt_rules)" ] && echo "[`basename $0`]: Could not find a matching iptables rule!" >>"$LOG_FILE" && exit 1
# read current idle counter
if [ -e "$IDLE_COUNTER_FILE" ]
then current_count=$(<$IDLE_COUNTER_FILE)
else current_count=0
fi
# update counter
if check_for_traffic
then echo 0
else echo $((current_count + 1))
fi >"$IDLE_COUNTER_FILE"
# unmount crypto partition, if the threshold was reached
if [ "$(<$IDLE_COUNTER_FILE)" -ge "$MAX_IDLE_COUNTER" ]
then "$CB_SCRIPT" crypto-down >>"$LOG_FILE" 2>&1
echo "0" >"$IDLE_COUNTER_FILE"
fi

55
cbox-tree.d/usr/lib/cryptobox/chroot-start.sh
View file

@ -1,55 +0,0 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# FOR DEVELOPMENT ONLY!
#
# this script is used to prepare a chroot session for testing or configuring
#
# called by:
# - cbox-build.sh
#
# parameter: [commandline]
#
# if "commandline" is empty, "bash" will be used
#
set -eu
MNT_SRC=/opt/dfsruntime/runtimerd
MNT_DST=/opt/dfsruntime/runtimemnt
# the directory /tmp/ can not be used, as it is still a broken link, too
TMP_DIR="/tmp-`basename $0`-$$"
cp -a "$MNT_SRC/." "$TMP_DIR"
mount -n --bind "$TMP_DIR" "$MNT_DST"
[ ! -e /dev/null ] && mknod "/dev/null" c 1 3 && chmod 666 "/dev/null"
[ ! -e /dev/urandom ] && mknod "/dev/urandom" c 1 9 && chmod 444 "/dev/urandom"
[ ! -e /dev/console ] && mknod "/dev/console" c 1 5 && chmod 660 "/dev/console"
# remember, if proc was mounted before (e.g. because of a running chroot)
PROC_WAS_MOUNTED=no
mount -n -t proc proc /proc 2>/dev/null || PROC_WAS_MOUNTED=yes
# default language setting - prevents dpkg error messages
export LANG=C
# set default terminal (good if you are running in a screen session)
export TERM=linux
# execute parameters as commandline
if [ $# -gt 0 ]
then "$@"
else bash
fi
umount -n "$MNT_DST"
[ "$PROC_WAS_MOUNTED" = "no" ] && umount -n proc
rm -r "$TMP_DIR"

145
cbox-tree.d/usr/lib/cryptobox/configure-cryptobox.sh
View file

@ -1,145 +0,0 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# this script is part of the building process of the cryptobox
# the "normal" action is necessary for every cryptobox (development & release)
# the "secure" action is mandatory for every release CD
#
# called by:
# - cbox-build.sh after copying custom files and before creating the iso image
#
set -eu
# read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
# parse config file
. "$CONF_FILE"
RUNTIMEDIR=/opt/dfsruntime/runtimerd
TUNDEV=$RUNTIMEDIR/dev/net/tun
REMOVE_PACKAGES="strace
nvi nano vim vim-common
unzip tar zip gzip bzip2
aptitude tasksel
ssh elinks curl wget netkit-inetd telnet
exim4-daemon-light exim4-config exim4-base
ppp pppconfig pppoe pppoeconf"
# remove rc symlinks for these services
SERVICES_OFF="ssh samba setserial nviboot mountnfs ntpdate"
function configure_normal()
# the usual stuff - not optimized for security
{
##### cryptobox settings ######
sed -i '/^NO_START=.*$/NO_START=0/'
sed -i '/^SKIP_NETWORK_CONFIG=.*$/SKIP_NETWORK_CONFIG=0/'
sed -i '/^EXEC_FIREWALL_RULES=.*$/EXEC_FIREWALL_RULES=1/'
sed -i '/^USE_STUNNEL=.*$/USE_STUNNEL=1/'
########### boot up ###########
# turn off creation of "/etc/nologin" (read-only fs)
sed -i '/^DELAYLOGIN=/s/^DELAYLOGIN=.*$/DELAYLOGIN=no/' /etc/default/rcS
# turn off modifying /etc/motd (read-only fs)
sed -i '/^EDITMOTD=/s/^EDITMOTD=.*$/EDITMOTD=no/' /etc/default/rcS
######### devices ##########
# create tun device for running under qemu
if [ ! -e "$TUNDEV" ]
then mkdir -p `dirname "$TUNDEV"`
mknod "$TUNDEV" c 10 200
fi
######### thttpd ###########
# change thttpd's config from 'chroot' to 'nochroot' - otherwise no perl script will run
sed -i "s/^chroot$/nochroot/" /etc/thttpd/thttpd.conf
# change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...)
sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf
# the thttpd documentations says "nosymlinkcheck" instead of
# "nosymlink" - TODO: "nosymlink" breaks "/cryptobox" URL!!!
#sed -i "/symlink/d" /etc/thttpd/thttpd.conf
#echo "nosymlink" >>/etc/thttpd/thttpd.conf
########## sshd ############
if [ -e "/etc/ssh" ]; then
# allow empty passwords for ssh
# the daemon is NOT started automatically, so you have to start it
# manually in case of need - as the root pw is empty and passwd is ro, you
# have to allow empty passwords for this rare case
sed -i 's/^PermitEmptyPass.*$/PermitEmptyPasswords yes/' /etc/ssh/sshd_config
# turn off PAM for ssh, as it prevents the use of empty passwords (stange behaviour)
sed -i 's/^UsePAM.*$/UsePAM no/' /etc/ssh/sshd_config
# allow nput of password
sed -i 's/^PasswordAuthentication.*$/PasswordAuthentication yes/' /etc/ssh/sshd_config
fi
# remove symlinks for unwanted services
for a in $SERVICES_OFF; do
# echo "Turning off service $a ..."
find /etc/rc?.d/ -type l -name "[SK][0-9][0-9]$a" | while read b
do rm "$b"
done
done
return 0
}
function configure_secure()
# remove everything that could weaken security
# configure_normal should be called too!
{
# disable keyboard login
sed -i '/getty/d' /etc/inittab
# remove unnecessary packages
dpkg --force-all -P $REMOVE_PACKAGES 2>&1 | grep -v "which isn't installed." || true
# remove the development features script
[ -e "$DEV_FEATURES_SCRIPT" ] && rm -f "$DEV_FEATURES_SCRIPT"
# maybe an authorized_keys file was created - but it is not dangerous,
# as the openssh package was removed anyway
[ -d /root/.ssh ] && rm -rf /root/.ssh
############## clean up ################
# remove deb-files, that were left by dfsbuild
test -d /opt/packages && rm -r /opt/packages
# remove packages and package lists
rm -fr /var/cache/apt/
return 0
}
################ main ####################
ACTION=help
[ $# -gt 0 ] && ACTION=$1
case "$ACTION" in
normal )
configure_normal
;;
secure )
configure_secure
;;
* )
echo "Syntax: `basename $0` { normal | secure }"
echo
;;
esac

67
cbox-tree.d/usr/lib/cryptobox/firewall.sh
View file

@ -1,67 +0,0 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# set up the firewall of the cryptobox
#
# called by:
# - cbox-manage.sh during network-up
#
set -u
# read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
# parse config file
. "$CONF_FILE"
ACTION="help"
[ $# -gt 0 ] && ACTION=$1
case "$ACTION" in
start)
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
OFILE=/proc/sys/net/ipv4/tcp_syncookies
[ -e "$OFILE" ] && echo 1 >"$OFILE"
iptables -F
iptables -X
iptables -Z
iptables -A INPUT -i lo -j ACCEPT
for a in $ALLOW_TCP_PORTS
do iptables -A INPUT -i $NET_IFACE -p tcp --dport $a -j ACCEPT
done
for a in $ALLOW_UDP_PORTS
do iptables -A INPUT -i $NET_IFACE -p udp --dport $a -j ACCEPT
done
iptables -A INPUT -i $NET_IFACE -p icmp -j ACCEPT
;;
stop)
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
iptables -X
iptables -Z
;;
*)
echo "usage $0 start | stop"
;;
esac

47
cbox-tree.d/usr/lib/cryptobox/make_stunnel_cert.sh
View file

@ -1,47 +0,0 @@
#!/bin/sh
#
# Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
#
# License: This script is distributed under the terms of version 2
# of the GNU GPL. See the LICENSE file included with the package.
#
# $Id$
#
# this script creates the stunnel certificate for https
#
# parameter: "destination file"
#
# called by:
# - cbox-manage.sh during network-up if no certificate was found on the config partition
#
set -eu
# read the default setting file, if it exists
[ -e /etc/default/cryptobox ] && . /etc/default/cryptobox
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
# parse config file
. "$CONF_FILE"
# vcert values are in OPENSSL_CONF_FILE
CERTFILE="$1"
TMP_FILE=/tmp/cryptobox-cert.tmp
[ ! -f "$OPENSSL_CONF_FILE" ] && echo "`basename $0`: $OPENSSL_CONF_FILE not found" && exit 2
# this command creates the certificate
# this is required, because the certbuilding asks for 5 returns
echo -ne "\n\n\n\n\n" | openssl req -new -x509 -nodes -days 3650 -config "$OPENSSL_CONF_FILE" -out "$CERTFILE" -keyout "$CERTFILE"
chmod 600 "$CERTFILE"
# next step needs a lot of randomdata
dd if=/dev/urandom of="$TMP_FILE" bs=1024 count=1024
openssl dhparam -rand "$TMP_FILE" 512 >> "$CERTFILE"
rm "$TMP_FILE"
#ln -sf ${CERTPATH}stunnel.pem ${CERTPATH}`openssl x509 -noout -hash < "${CERTPATH}stunnel.pem"`.0
## print out cert values
#openssl x509 -subject -dates -fingerprint -in stunnel.pem

0
cbox-tree.d/usr/share/cryptobox/defaults/admin_pw
View file

1
cbox-tree.d/usr/share/cryptobox/defaults/ip
View file

@ -1 +0,0 @@
192.168.0.23

1
cbox-tree.d/usr/share/cryptobox/defaults/language
View file

@ -1 +0,0 @@
en

0
cbox-tree.d/usr/share/cryptobox/defaults/names.db
View file

1
cbox-tree.d/usr/share/cryptobox/defaults/timeout
View file

@ -1 +0,0 @@
30

1
cbox-tree.d/usr/share/cryptobox/defaults/version
View file

@ -1 +0,0 @@
0.3

28
cbox-tree.d/usr/share/cryptobox/lang/README
View file

@ -1,28 +0,0 @@
$Id$
You may want to translate the CryptoBox into another language?
Most welcome!
Existing translation can be found in the .hdf files. There are three
easy steps, that won't take longer than one hour to go through:
1.) Download one .hdf in your preferred language (e.g. en.hdf if you're a native english speaker).
2.) Start to change the text behind the equal sign line for line.
3.) Send us your changed .hdf file. That's it - thank you!
Hints:
We are available via mail (cryptobox@systemausfall.org) for any questions. Don't worry to ask us if
something is vague. We prefer "utf" encoded hdf-files. If you don't
know what udf means - just don't care, send us your file and
everything else will be fine. You don't have to translate the whole
file, some minor parts are enough to send back. The community will do
the rest. ;)
Again, thanks for your help! We do the Cryptobox things in our
freetime for fun and to provide an open source solution for this
special purpose. By helping us, you're taking part in this
development.

16
cbox-tree.d/usr/share/cryptobox/lang/TODO
View file

@ -1,16 +0,0 @@
$Id$
Here are some minor fixes that have to be done. Thanks a lot for your
help!
################################ slovenian ##################################
- SuccessMessage.InitRunning contains only the first sentence
- SuccessMessage.ReBoot: add a hint for automatic redirection (3rd sentence)
- EmptyCryptoPassword: change 'Text' accordingly to English string.
Below are some smaller changes in English sentences. Someone may change it accordingly.
- MountFailed: add 'Pleasy try again' to the end of the string.
- UmountFailed: changed 'Also close all unclean programs' to 'Close all unclean programs'.
- InitRunning: changed 'You may configure it now. You may activate the encrypted filesystem in a few minutes.' to 'You may configure it now and activate the encrypted filesystem in a few minutes.'

215
cbox-tree.d/usr/share/cryptobox/lang/de.hdf
View file

@ -1,215 +0,0 @@
Lang {
Name = deutsch
Status = $Id$
Title {
Top = Die CryptoBox
Slogan = ... und 1984 war gestern!
Init = Initialisierung der CryptoBox
Mount = Aktivierung der Crypto-Daten
Umount = Deaktivierung der Crypto-Daten
Config = Konfiguration der CryptoBox
Log = Protokoll der CryptoBox
ShutDown = System
Status = Status der CryptoBox
}
Text {
EnterCurrentCryptoPassword = Das Crypto-Passwort eingeben:
EnterNewCryptoPassword = Das neue Crypto-Passwort eingeben:
EnterSameCryptoPassword = Das Crypto-Passwort wiederholen:
EnterCurrentAdminPassword = Das aktuelle Admin-Passwort eingeben:
EnterNewAdminPassword = Das neue Admin-Passwort eingeben:
EnterSameAdminPassword = Das neue Admin-Passwort wiederholen:
InitWarning = Bei der Initialisierung werden ALLE DATEN auf der Festplatte GEL&Ouml;SCHT!
ConfirmInitHint = Um zu best&auml;tigen, dass du weisst, was du tust, tippe hier bitte exakt Folgendes ein:
ConfirmInit = Ja, loesche alle Daten!
PartitionInfo = Derzeitige Partitionierung der Festplatte:
IPAddress = Netzwerk-Adresse (IP) der CryptoBox:
TimeOut = Zeitabschaltung des Crypto-Dateisystems (in Minuten):
EmptyLog = Das Logbuch der CryptoBox ist leer.
SelectLanguage = Spracheinstellung:
RedirectNote = Klicke hier, falls dein Browser die automatische Weiterleitung nicht unterst&uuml;tzt.
ProjectHomePage = Projekt-Seite
ProjectNote = Die CryptoBox ist ein Projekt von
DoUmount = Deaktivierung des verschl&uuml;sselten Dateisystems
DoMount = Aktivierung des verschl&uuml;sselten Dateisystems
Configuration = Einstellungen
CryptoIsActive = Die Crypto-Daten sind verf&uuml;gbar.
CryptoIsDown = Die Crypto-Daten sind vor jedem Zugriff gesch&uuml;tzt.
}
Button {
DoInit = CryptoBox initialisieren
SaveConfig = Speichere Konfiguration
Update = Aktualisieren
Mount = Crypto-Daten aktivieren
Umount = Crypto-Daten deaktivieren
Config = Einstellungen
PowerOff = ausschalten
ReBoot = neu starten
Protocol = Protokoll
Documentation = Handbuch
Status = Status
}
WarningMessage {
InitNotConfirmed {
Title = Best&auml;tigung schlug fehl
Text = Der Best&auml;tigungssatz muss exakt eingegeben werden!
}
EmptyCryptoPassword {
Title = Ung&uuml;ltiges Crypto-Passwort
Text = Du musst ein Crypto-Passwort eingeben!
}
DifferentCryptoPasswords {
Title = Ungleiche Crypto-Passworte
Text = Die beiden Passworte m&uuml;ssen identisch sein, um Eingabefehler zu verhindern.
}
DifferentAdminPasswords {
Title = Ungleiche Administrations-Passworte
Text = Die beiden Passworte m&uuml;ssen identisch sein, um Eingabefehler zu verhindern.
}
WrongAdminPassword {
Title = Falsches Administrations-Passwort
Text = Das eingegebene Administrations-Passwort ist falsch. Versuche es noch einmal.
}
MountFailed {
Title = Aktivierung schlug fehl
Text = Das verschl&uuml;sselte Dateisystem konnte nicht aktiviert werden. Wahrscheinlich war das Passwort falsch. Versuche es noch einmal.
}
UmountFailed {
Title = Deaktivierung schlug fehl
Text = Das verschl&uuml;sselte Dateisystem konnte nicht abgeschaltet werden. Wahrscheinlich sind noch Dateien ge&ouml;ffnet. Schlie&szlig;e alle potentiell unsauberen Programme (beispielsweise die weitverbreitete Textverarbeitung). Notfalls einfach die CryptoBox ausschalten!
}
NotInitialized {
Title = Keine Konfiguration gefunden
Text = Die CryptoBox wurde noch nicht eingerichtet.
}
InitNotFinished {
Title = Initalisierung noch nicht abgeschlossen
Text = Die Initialisierung wird in wenigen Minuten beendet sein. Erst danach ist diese Aktion m&ouml;glich.
}
IsMounted {
Title = Bereits aktiv
Text = Das verschl&uuml;sselte Dateisystem ist bereits aktiv.
}
NotMounted {
Title = Nicht aktiv
Text = Das verschl&uuml;sselte Dateisystem ist derzeit nicht aktiv.
}
AlreadyConfigured {
Title = Konfiguration gefunden
Text = Die CryptoBox wurde bereits eingerichtet. Bei einer erneuten Initialisierung werden alle Daten gel&ouml;scht!
}
InvalidLanguage {
Title = Ung&uuml;ltige Sprache
Text = Die ausgew&auml;hlte Sprache ist nicht verf&uuml;gbar!
}
InvalidIP {
Title = Ung&uuml;ltige IP
Text = Die ausgew&auml;hlte Netzwerkadresse ist nicht g&uuml;ltig!
}
InvalidTimeOut {
Title = Ung&uuml;ltige Zeitabschaltung
Text = Der ausgew&auml;hlte Wert der Zeitabschaltung ist nicht g&uuml;ltig!
}
ConfigTimeOutFailed {
Title = Fehler beim &Auml;ndern der Zeitabschaltung
Text = Der Wert der Zeitabschaltung konnte nicht ge&auml;ndert werden!
}
ConfigLanguageFailed {
Title = Fehler beim &Auml;ndern der Spracheinstellung
Text = Die Spracheinstellung konnte nicht ge&auml;ndert werden!
}
ConfigIPFailed {
Title = Fehler beim &Auml;ndern der Netzwerkadresse
Text = Die Netzwerkadresse konnte nicht ge&auml;ndert werden!
}
IPAddressChanged {
Title = &Auml;nderung der Netzwerk-Adresse
Text = Die Netzwerk-Adresse der CryptoBox wurde ver&auml;ndert. In wenigen Sekunden werden sie zu der neuen Adresse umgeleitet.
}
}
SuccessMessage {
InitRunning {
Title = Initialisierung l&auml;uft
Text = Die Initialisierung der CryptoBox wird im Hintergrund abgeschlossen. Du kannst die CryptoBox nun konfigurieren und das verschl&uuml;sselte Dateisystem in ein paar Minuten aktivieren.
}
ConfigSaved {
Title = Konfiguration gespeichert
Text = Die neuen Einstellungen der CryptoBox wurden &uuml;bernommem.
}
MountDone {
Title = Crypto-Daten aktiviert
Text = Das verschl&uuml;sselte Dateisystem ist nun verf&uuml;gbar.
}
UmountDone {
Title = Crypto-Daten deaktiviert
Text = Das verschl&uuml;sselte Dateisystem ist nun vor jedem Zugriff gesch&uuml;tzt.
}
PowerOff {
Title = Abschaltung
Text = Die CryptoBox wird gerade heruntergefahren. In wenigen Sekunden kannst du sie ausschalten (falls dies nicht automatisch geschieht).
}
ReBoot {
Title = Neustart
Text = Die CryptoBox wird gerade neu gestartet. In wenigen Sekunden ist sie wieder verf&uuml;gbar. Bitte warte solange - du wirst automatisch weitergeleitet.
}
}
ErrorMessage {
UnknownAction {
Title = Unbekannte Aktion
Text = Du hast eine undefinierte Aktion angefordert.
}
NoSSL {
Title = Unverschl&uuml;sselte Verbindung
Text = Die CryptoBox akzeptiert nur verschl&uuml;sselte Verbindungen (https). So bleibt das Passwort vor neugierigen Augen gesch&uuml;tzt. In wenigen Sekunden wird eine verschl&uuml;sselte Verbindung hergestellt.
}
InitFailed {
Title = Initialisierung fehlgeschlagen
Text = Sende bitte den Inhalt des Protokolls (siehe oben) an die Entwickler der CryptoBox (cryptobox@systemausfall.org).
}
NoHardDisk {
Title = Keine Festplatte
Text = Es wurde kein Datentr&auml;ger gefunden, der zur Speicherung der verschl&uuml;sselten Daten geeignet ist. Pr&uuml;fe bitte, ob beim Anschalten des Computers eine Festplatte vom BIOS erkannt wurde.
}
}
}

215
cbox-tree.d/usr/share/cryptobox/lang/en.hdf
View file

@ -1,215 +0,0 @@
Lang {
Name = english
Status = $Id$
Title {
Top = The CryptoBox
Slogan = Privacy for the rest of us.
Init = CryptoBox initialization
Mount = Activation of encrypted data
Umount = Deactivation of encrypted data
Config = CryptoBox configuration
Log = CryptoBox logfiles
ShutDown = System
Status = Status
}
Text {
EnterCurrentCryptoPassword = Enter the crypto password:
EnterNewCryptoPassword = Enter the new crypto password:
EnterSameCryptoPassword = Repeat the new crypto password:
EnterCurrentAdminPassword = Enter the current administration password:
EnterNewAdminPassword = Enter the new administration password:
EnterSameAdminPassword = Repeat the new administration password:
InitWarning = During the process of initialization ALL DATA on the hard drive WILL BE DELETED!
ConfirmInitHint = To confirm that you know what you are doing, please enter exactly the following sequence:
ConfirmInit = Yes, delete all data!
PartitionInfo = Current partioning of the hard drive:
IPAddress = Network address (IP) of the CryptoBox:
TimeOut = Timeout for deactivation of the encrypted filesystem (in minutes):
EmptyLog = The logfiles of the CryptoBox are empty.
SelectLanguage = Language preferences:
RedirectNote = Click here if your browser does not support automatic redirection.
ProjectHomePage = Website of project
ProjectNote = The CryptoBox is a project of
DoUmount = Deactivation of the encrypted filesystem
DoMount = Activation of the encrypted filesystem
Configuration = Configuration
CryptoIsActive = The encrypted data is accessible.
CryptoIsDown = The encrypted data is protected from any access.
}
Button {
DoInit = Initialize CryptoBox
SaveConfig = Save configuration
Update = Refresh
Mount = Activate encrypted filesystem
Umount = Deactivate encrypted filesystem
Config = Configuration
PowerOff = Shutdown
ReBoot = Reboot
Protocol = Logfiles
Documentation = Manual
Status = Status
}
WarningMessage {
InitNotConfirmed {
Title = Confirmation failed
Text = The sentence has to be entered exactly as shown!
}
EmptyCryptoPassword {
Title = Invalid crypto password
Text = You have to enter a crypto password!
}
DifferentCryptoPasswords {
Title = Crypto passwords do not match
Text = Both entered passwords have to be identical to ensure this is the desired password.
}
DifferentAdminPasswords {
Title = Administration passwords do not match
Text = Both entered passwords have to be identical to ensure this is the desired password.
}
WrongAdminPassword {
Title = Wrong Administration password
Text = The entered administration password is wrong. Please try again.
}
MountFailed {
Title = Activation failed
Text = The encrypted filesystem could not be activated. Probably the given password was wrong. Please try again.
}
UmountFailed {
Title = Deactivation failed
Text = The encrypted filesystem could not be activated. Probably some files are still in use. Close all unclean programs (for example that widely used word processor). In case of need just shut down the CryptoBox!
}
NotInitialized {
Title = No configuration found
Text = The CryptoBox has not yet been configured.
}
InitNotFinished {
Title = Initialization not yet completed
Text = Initialization will be completed in a few minutes. After completed initialization this action will become available.
}
IsMounted {
Title = Already active
Text = The encrypted filesystem has already been activated.
}
NotMounted {
Title = Inactive
Text = The encrypted filesystem is currently not active.
}
AlreadyConfigured {
Title = Configuration found
Text = The CryptoBox has already been configured. If you initialize again, all data will be deleted!
}
InvalidLanguage {
Title = Invalid language
Text = The selected language is not available!
}
InvalidIP {
Title = Invalid IP address
Text = The selected network address is not valid!
}
InvalidTimeOut {
Title = Invalid timeout
Text = The selected timeout is not valid!
}
ConfigTimeOutFailed {
Title = Error during change of timeout
Text = The timeout value could not be changed!
}
ConfigLanguageFailed {
Title = Error during change of language preferences
Text = The language preferences could not be changed!
}
ConfigIPFailed {
Title = Error during change of network address
Text = The network address could not be changed!
}
IPAddressChanged {
Title = Change of network address
Text = The network address has been changed. In a few seconds you will get redirected to the new address.
}
}
SuccessMessage {
InitRunning {
Title = Initialization running
Text = The initialization will be completed in background. You may configure it now and activate the encrypted filesystem in a few minutes.
}
ConfigSaved {
Title = Configuration saved
Text = The new settings have been accepted.
}
MountDone {
Title = Encrypted filesystem activated
Text = The encrypted filesystem is now available.
}
UmountDone {
Title = Encrypted filesystem deactivated
Text = The encrypted filesystem is now secured from all forms of access.
}
PowerOff {
Title = Shutdown
Text = The CryptoBox is currently going to halt. In a few seconds you can power it off (in case this does not happen automatically).
}
ReBoot {
Title = Reboot
Text = The CryptoBox is currently rebooting. In a few seconds it will be available again. Please wait - you will get redirected, when the reboot has finished.
}
}
ErrorMessage {
UnknownAction {
Title = Unknown action
Text = You have requested an undefined action.
}
NoSSL {
Title = Unencrypted connection
Text = The CryptoBox only accepts encrypted connections (https), so the password is safe from curious eyes. The encrypted connection will be established in a few seconds.
}
InitFailed {
Title = Initialization failed
Text = Please send the logfiles (see above) to the developers of the CryptoBox (cryptobox@systemausfall.org).
}
NoHardDisk {
Title = No hard drive
Text = No hard drive suitable for saving the encrypted filesystem found. Please ensure the BIOS detected the hard drive during power-on of the comuter.
}
}
}

215
cbox-tree.d/usr/share/cryptobox/lang/si.hdf
View file

@ -1,215 +0,0 @@
Lang {
Name = slovenščina
Status = $Id$
Title {
Top = The CryptoBox
Slogan = Privatnost v vsako vas!
Init = CryptoBox zagon
Mount = Aktivacija kriptiranih podatkov
Umount = Deaktivacija kriptiranih podatkov
Config = CryptoBox konfiguracija
Log = CryptoBox dnevnik
ShutDown = Ugasni
Status = Stanje
}
Text {
EnterCurrentCryptoPassword = Vpišite geslo:
EnterNewCryptoPassword = Vpišite novo geslo:
EnterSameCryptoPassword = Ponovite novo geslo:
EnterCurrentAdminPassword = Vnesite trenutno obstoječe geslo administratorja/ke:
EnterNewAdminPassword = Vnesite novo geslo administratorja/ke:
EnterSameAdminPassword = Ponovite novo geslo administratorja/ke:
InitWarning = Med incializacijo bodo VSI PODATKI z vašega trdega diska IZBRISANI!
ConfirmInitHint = Vsled potrditve vaših dejanj vpišite naslednje besedilo:
ConfirmInit = Da, zbirši vse podatke!
PartitionInfo = trenutna porazdelitev trdega diska:
IPAddress = IP CryptoBoxa:
TimeOut = Čas preklica deaktivacije kriptiranega datotečnega sistema:(v minutah)
EmptyLog = Dnevnik CryptoBoxa je prazen.
SelectLanguage = Jezikovne nastavitve:
RedirectNote = Kliknite če vaš iskalnik ne podpira avtomatične preusmeritve.
ProjectHomePage = Spletna stran projekta
ProjectNote = CryptoBox je projekt
DoUmount = Deaktivacija kriptiranega datotečnega sistema
DoMount = Aktivacija kriptiranega datotečnega sistema
Configuration = Konfiguracija
CryptoIsActive = Kriptirani podatki so dostopni.
CryptoIsDown = Kriptirani podatki soso zaèiteni pred kakr nimkoli dostopom.
}
Button {
DoInit = Zagon CryptoBoxa
SaveConfig = Shrani konfiguracijo
Update = Osveži
Mount = Aktivacija kriptiranega datotečnega sistema
Umount = Deaktivacija kriptiranega datotečnega sistema
Config = Konfiguracija
PowerOff = Ugasni
ReBoot = Ponovni zagon
Protocol = Dnevnik
Documentation = Priročnik
Status = Stanje
}
WarningMessage {
InitNotConfirmed {
Title = Potrditev ni uspela
Text = Besedilo mora biti vpisano natanko kot je prikazano!
}
EmptyCryptoPassword {
Title = Nepravilno geslo
Text = Geslo ne sme biti prazno!
}
DifferentCryptoPasswords {
Title = Gesli se ne ujemata!
Text = Obe vnešeni gesli morata biti identični, v zagotovilo, da je vpisano željeno geslo.
}
DifferentAdminPasswords {
Title = Administracijski gesli se ne ujemata
Text = Obe vnešeni gesli morata biti identični, v zagotovilo da je vpisano željeno geslo.
}
WrongAdminPassword {
Title = Napačno administracijsko geslo!
Text = Vnešeno administracijsko geslo je nepravilno. Prosimo poskusite znova!
}
MountFailed {
Title = Aktivacija ni uspela
Text = Kriptiran datotečni sistem se ni aktiviral.Po vsej verjetnosti je bilo geslo napačno.
}
UmountFailed {
Title = Deaktivacija ni uspela
Text = Kriptiran datotečni sistem se ni aktiviral.Datoteke so morda v uporabi. Zaprite vse programe. (naprimer ta nadvse razširjen urejevalnik besedil). V primeru nuje ugasnite CryptoBox!
}
NotInitialized {
Title = Konfiguracija ni najdena
Text = CryptoBox še ni bil konfiguriran.
}
InitNotFinished {
Title = Zagon še ni dovršen
Text = Zagon bo dovršen v nekaj minutah. Po končanem zagonu bo ta možnost omogočena.
}
IsMounted {
Title = Že aktivno
Text = Kriptiran datotečni sistem je že aktiviran.
}
NotMounted {
Title = Onemogočeno
Text = Kriptiran datotečni sistem trenutno ni aktiven.
}
AlreadyConfigured {
Title = Konfiguracija uspela
Text = CryptoBox je đe bil konfiguriran. Če ponovno zaženete bodo vsi podatki izbrisani!
}
InvalidLanguage {
Title = Nepravilna izbira jezika
Text = Izbrani jezik ni na voljo!
}
InvalidIP {
Title = Napačen IP naslov
Text = Izbran omrežni naslov ni veljaven!
}
InvalidTimeOut {
Title = Nepravilen čas preklica
Text = Izbran čas preklica ni veljaven!
}
ConfigTimeOutFailed {
Title = Napaka med spremembo časa preklica
Text = Časa preklica ne morete spremeniti!
}
ConfigLanguageFailed {
Title = Napaka med spremembo jezikovnih nastavitev
Text = Spreminjanje jezikovnih nastavitev ni mogoče.
}
ConfigIPFailed {
Title = Napaka med spreminjanjem omrežnega naslova.
Text = Spreminjanje omrežnega naslova ni mogoče.
}
IPAddressChanged {
Title = Sprememba omrežnega naslova
Text = Omrežni naslov je spremenjen. V nekaj sekundah boste preusmerjeni na nov naslov.
}
}
SuccessMessage {
InitRunning {
Title = Zagon poteka
Text = Zagon bo dokončan v ozadju.
}
ConfigSaved {
Title = Konfiguracija spravljena
Text = Nove nastavitve so sprejete.
}
MountDone {
Title = Kriptiran datotečni sistem aktiviran
Text = Kriptiran datotečni sistem je na voljo.
}
UmountDone {
Title = Kriptiran datotečni sistem deaktiviran.
Text = Kriptiran datotečni sistem je varovan pred vstopom.
}
PowerOff {
Title = Ugasni
Text = CryptoBox se zaustavlja. V nekaj sekundah ga lahko izklopite.(v kolikor se to ne zgodi avtomatično).
}
ReBoot {
Title = Ponovni zagon
Text = CryptoBox se zaganja. V nekaj sekundah bo zopet na voljo.
}
}
ErrorMessage {
UnknownAction {
Title = Neznan zahtevek
Text = Podali ste nedefiniran zahtevek.
}
NoSSL {
Title = Nekriptirana povezava
Text = CryptoBox sprejme le kriptirane povezave (https), da je geslo zaščiteno pred radovednimi očmi. V nekaj sekundah bo kriptirana povezava vzpostavljena.
}
InitFailed {
Title = Zagon ni uspel
Text = Prosim pošljite dnevnik (poglejte zgoraj) razvijalcem CryptoBoxa (cryptobox@systemausfall.org).
}
NoHardDisk {
Title = Ni trdega diska
Text = Primeren trdi disk za shranjenje kriptiranega datotečnega sistema ni zaznan. Poskrbite da bo med zagonom BIOS zaznal trdi disk.
}
}
}

3
cbox-tree.d/usr/share/cryptobox/templates/empty.cs
View file

@ -1,3 +0,0 @@
<!-- $Id$ -->
<!-- what else would you expect here? -->

3
cbox-tree.d/usr/share/cryptobox/templates/error.cs
View file

@ -1,3 +0,0 @@
<!-- $Id$ -->
<?cs call:error(Data.Error) ?>

35
cbox-tree.d/usr/share/cryptobox/templates/footer.cs
View file

@ -1,35 +0,0 @@
<!-- $Id$ -->
<?cs if:Data.Redirect ?>
<p class="warning"><a href="<?cs if:Data.Redirect.URL ?><?cs var:Data.Redirect.URL ?><?cs else ?><?cs call:getSelfURL('action=' + Data.Redirect.Action, '') ?><?cs /if ?>"><?cs var:Lang.Text.RedirectNote ?></a></p>
<?cs /if ?>
</div><!-- end of 'words' -->
<div id="footer">
<!-- Development or not -->
<?cs if:(Data.Status.DevelopmentMode == 1) ?>
<div id="development">!Development Mode!</div>
<?cs /if ?>
<!-- Version -->
v0.3&nbsp;&nbsp;
<a href="http://cryptobox.org" title="<?cs var:Lang.Text.ProjectHomePage ?>">CryptoBox-Home</a> <?cs var:Lang.Text.ProjectNote ?>&nbsp;<a href="https://systemausfall.org/senselab" title="systemausfall.org">sense.lab</a>
</div>
</div>
</div>
<!-- CBOX-STATUS-begin - used for validation - do not touch!
Data.Config.IP=<?cs var:Data.Config.IP ?>
Data.Config.Language=<?cs var:Data.Config.Language ?>
Data.Config.TimeOut=<?cs var:Data.Config.TimeOut ?>
Data.Status.Config=<?cs var:Data.Status.Config ?>
Data.Status.InitRunning=<?cs var:Data.Status.InitRunning ?>
Data.Status.IP=<?cs var:Data.Status.IP ?>
Data.Status.Mounted=<?cs var:Data.Status.Mounted ?>
CBOX-STATUS-end -->
<!-- $Revision$ -->
</body>
</html>

31
cbox-tree.d/usr/share/cryptobox/templates/form_config.cs
View file

@ -1,31 +0,0 @@
<!-- $Id$ -->
<div id="config">
<h1><?cs var:Lang.Title.Config ?></h1>
<?cs call:print_form_header() ?>
<?cs if:Data.Config.AdminPasswordIsSet ?>
<p><label for="current_admin_password"><?cs call:help_popUp(Lang.Text.EnterCurrentAdminPassword,"prove_admin_pw") ?></label><br/>
<input type="password" id="current_admin_password" name="current_admin_password" size="20" tabindex="0" maxlength="40" /> </p>
<?cs /if ?>
<p><label for="ip"><?cs call:help_popUp(Lang.Text.IPAddress,'set_ip_address') ?></label><br/>
<input type="text" id="ip" size="16" maxsize="15" name="ip" tabindex="1"
value="<?cs var:Data.Config.IP ?>" /><p>
<p><label for="timeout"><?cs call:help_popUp(Lang.Text.TimeOut,'set_timeout') ?></label><br/>
<input type="text" id="timeout" size="5" maxsize="5" name="timeout" tabindex="2"
value="<?cs var:Data.Config.TimeOut ?>" /></p>
<p><label for="language"><?cs call:help_popUp(Lang.Text.SelectLanguage,'set_language') ?></label><br/>
<select name="language" tabindex="3">
<?cs each:item = Data.Languages ?>
<option value="<?cs name:item ?>" <?cs if:(name(item) == Data.Config.Language) ?>selected="selected"<?cs /if ?>><?cs var:item ?></option>
<?cs /each ?>
</select></p>
<input type="hidden" name="action" value="config_do" />
<button type="submit" tabindex="100"><?cs var:Lang.Button.SaveConfig ?></button>
</form>
</div>

34
cbox-tree.d/usr/share/cryptobox/templates/form_init.cs
View file

@ -1,34 +0,0 @@
<!-- $Id$ -->
<h1><?cs var:Lang.Title.Init ?></h1>
<div class="init">
<?cs call:print_form_header() ?>
<p class="note"><?cs var:Lang.Text.InitWarning ?></p>
<?cs if:Data.Config.AdminPasswordIsSet ?>
<p><label for="current_admin_password"><?cs call:help_popUp(Lang.Text.EnterCurrentAdminPassword,"prove_admin_pw") ?></label><br/>
<input type="password" id="current_admin_password" name="current_admin_password" size="20" tabindex="0" maxlength="40" /> </p>
<?cs /if ?>
<p><label for="admin_password"><?cs call:help_popUp(Lang.Text.EnterNewAdminPassword,"new_admin_pw") ?></label><br/>
<input type="password" id="admin_password" name="admin_password" size="20" tabindex="1" maxlength="40" /> </p>
<p><label for="admin_password2"><?cs call:help_popUp(Lang.Text.EnterSameAdminPassword,"new_admin_pw_repeat") ?></label><br/>
<input type="password" id="admin_password2" name="admin_password2" size="20" tabindex="2" maxlength="40" /></p>
<p><label for="crypto_password"><?cs call:help_popUp(Lang.Text.EnterNewCryptoPassword,"crypto_pw") ?></label><br/>
<input type="password" id="crypto_password" name="crypto_password" size="20" tabindex="3" maxlength="40" /></p>
<p><label for="crypto_password2"><?cs call:help_popUp(Lang.Text.EnterSameCryptoPassword,'crypto_pw_repeat') ?></label><br/>
<input type="password" id="crypto_password2" name="crypto_password2" size="20" tabindex="4" maxlength="40" /></p>
<p><label for="confirm"><?cs call:help_popUp(Lang.Text.ConfirmInitHint,'confirm_text') ?><br/>
<span class="note" id="confirmtext"><?cs var:Lang.Text.ConfirmInit ?></span></label><br/>
<input type="text" id="confirm" name="confirm" size="30" tabindex="5" maxlength="50" /></p>
<input type="hidden" name="action" value="init_do" />
<button type="submit" tabindex="100"><?cs var:Lang.Button.DoInit ?></button>
</form>
</div>
<hr/>
<div class="partition_info">
<h2><?cs var:Lang.Text.PartitionInfo ?></h2>
<p><?cs var:Data.PartitionInfo ?></p>
</div>

15
cbox-tree.d/usr/share/cryptobox/templates/form_mount.cs
View file

@ -1,15 +0,0 @@
<!-- $Id$ -->
<h1><?cs var:Lang.Title.Mount ?></h1>
<div align="center">
<?cs call:print_form_header() ?>
<p><label for="crypto_passwort"><?cs var:Lang.Text.EnterCurrentCryptoPassword ?></label>
<input type="password" id="crypto_password" name="crypto_password" size="20" tabindex="0" maxlength="40" /></p>
<input type="hidden" name="action" value="mount_do" />
<button type="submit" tabindex="100"><?cs var:Lang.Button.Mount ?></button>
</form>
</div>

19
cbox-tree.d/usr/share/cryptobox/templates/form_shutdown.cs
View file

@ -1,19 +0,0 @@
<!-- $Id$ -->
<h1><?cs var:Lang.Title.ShutDown ?></h1>
<div align="center">
<?cs call:print_form_header() ?>
<input type="hidden" name="action" value="shutdown_do" />
<input type="hidden" name="type" value="poweroff" />
<button type="submit"><?cs var:Lang.Button.PowerOff ?></button>
</form>
&nbsp;
<?cs call:print_form_header() ?>
<input type="hidden" name="action" value="shutdown_do" />
<input type="hidden" name="type" value="reboot" />
<button type="submit"><?cs var:Lang.Button.ReBoot ?></button>
</form>
</div>

12
cbox-tree.d/usr/share/cryptobox/templates/form_umount.cs
View file

@ -1,12 +0,0 @@
<!-- $Id$ -->
<h1><?cs var:Lang.Title.Umount ?></h1>
<div align="center">
<?cs call:print_form_header() ?>
<input type="hidden" name="action" value="umount_do" />
<button type="submit"><?cs var:Lang.Button.Umount ?></button>
</form>
</div>

47
cbox-tree.d/usr/share/cryptobox/templates/header.cs
View file

@ -1,47 +0,0 @@
<!-- $Id$ -->
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CryptoBox</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="expires" content="0" />
<link rel="shortcut icon" href="/favicon.ico" />
<link rel="stylesheet" media="screen" href="<?cs var:Settings.Stylesheet ?>" type="text/css" />
<?cs if:Data.Redirect.URL ?><meta http-equiv="refresh" content="<?cs var:Data.Redirect.Delay ?>;url=<?cs var:Data.Redirect.URL ?>" /><?cs
elif:Data.Redirect.Action ?><meta http-equiv="refresh" content="<?cs var:Data.Redirect.Delay ?>;url=<?cs call:getSelfURL('action=' + Data.Redirect.Action, '') ?>" /><?cs /if ?>
</head>
<body>
<div id="lang">
<?cs each:item = Data.Languages ?>
<a href="<?cs call:getSelfURL('weblang=' + name(item),'weblang') ?><?cs
if:Data.QueryString ?>&<?cs var:Data.QueryString ?><?cs /if ?>"><?cs
var:item ?></a><br/>
<?cs /each ?>
</div>
<div id="main">
<?cs if:(Data.Status.Mounted == 1) ?>
<div id="head_red">
<?cs else ?>
<div id="head_green">
<?cs /if ?>
<h1><?cs var:Lang.Title.Top ?></h1>
<h2><?cs var:Lang.Title.Slogan ?></h2>
</div>
<div id="content">
<div id="menu">
<?cs if:Data.Redirect.URL ?>
<!-- the menu bar is disabled if redirection has been suggested -->
&nbsp;
<?cs else ?>
<?cs include:Settings.TemplateDir + '/nav.cs' ?>
<?cs /if ?>
</div>
<div id="words">

93
cbox-tree.d/usr/share/cryptobox/templates/macros.cs
View file

@ -1,93 +0,0 @@
<!-- $Id$ -->
<?cs def:warning(warnname) ?><?cs
each:item = Lang.WarningMessage ?><?cs
if:(name(item) == warnname)
?><div class="warning">
<h1><?cs var:item.Title ?></h1>
<p><?cs var:item.Text ?></p></div>
<?cs
/if ?><?cs
/each ?><?cs
/def ?>
<?cs def:error(errname) ?><?cs
each:item = Lang.ErrorMessage ?><?cs
if:(name(item) == errname)
?><div class="error">
<h1><?cs var:item.Title ?></h1>
<p><?cs var:item.Text ?></p></div>
<?cs
/if ?><?cs
/each ?><?cs
/def ?>
<?cs def:success(succname) ?><?cs
each:item = Lang.SuccessMessage ?><?cs
if:(name(item) == succname)
?><div class="success">
<h1><?cs var:item.Title ?></h1>
<p><?cs var:item.Text ?></p></div>
<?cs
/if ?><?cs
/each ?><?cs
/def ?>
<?cs def:parseTree(root) ?><?cs #
# the output looks quite ugly and is not very helpful as there are
# only a few values
?><!-- data tree
<?cs each:item = root ?><?cs
name:item ?>: <?cs var:item ?><?cs
each:subitem = item ?> / <?cs name:subitem ?>=<?cs var:subitem ?><?cs /each ?>
<?cs /each ?>
-->
<?cs /def ?>
<?cs def:getSelfURL(append,exclude) ?><?cs #
# construct the URL of the script out of the ScriptName, Data.PostData
# (except for the value mentioned in 'exclude') and a possible
# suffix (append)
# e.g.:
# - 'append' is 'weblang=de'
# - 'exclude' is 'weblang'
# BEWARE: both parameters have to be defined!
?><?cs set:PostSuffix='' ?><?cs
set:tmp_concat='?' ?><?cs
each:item = Data.PostData ?><?cs
if:(name(item) != exclude) ?><?cs
set:PostSuffix=PostSuffix + tmp_concat + name(item) + '=' + item ?><?cs
set:tmp_concat='&' ?><?cs
/if ?><?cs
/each ?><?cs
if:(append != '') ?><?cs set:PostSuffix=PostSuffix + tmp_concat + append ?><?cs
/if ?><?cs
var:ScriptName ?><?cs var:PostSuffix ?><?cs
/def ?>
<?cs def:help_popUp_broken(text,filename) ?><?cs #
# show a pop-up information block on the right side of the screen
# usually good for small explanatory texts
# does not work for ie?
?><a class="popup"><?cs
var:text ?><span><?cs
linclude:Settings.DocDir + '/' + Settings.DocLang + '/hints/' + filename + '.html' ?></span></a><?cs
/def ?>
<?cs def:help_popUp(text,filename) ?><?cs #
# TODO: remove this, if on-screen help will die :)
?><?cs var:text ?><?cs
/def ?>
<?cs def:print_form_header() ?><?cs #
# the header of a form - including Data.PostData values as hidden fields
?><form action="<?cs var:ScriptName ?>" method="post" enctype="application/x-www-from-urlencoded" accept-charset="utf-8">
<?cs each:item = Data.PostData
?><input type="hidden" name="<?cs name:item ?>" value="<?cs var:item ?>" /><?cs
/each ?><?cs
/def ?>

16
cbox-tree.d/usr/share/cryptobox/templates/main.cs
View file

@ -1,16 +0,0 @@
<!-- $Id$ -->
<?cs include:Settings.TemplateDir + '/macros.cs' ?>
<?cs include:Settings.TemplateDir + '/header.cs' ?>
<!-- this cryptobox template follows: <?cs var:Data.Action ?> -->
<?cs if:Data.Error ?>
<?cs include:Settings.TemplateDir + '/error.cs' ?>
<?cs else ?>
<?cs if:Data.Warning ?><?cs call:warning(Data.Warning) ?><?cs /if ?>
<?cs if:Data.Success ?><?cs call:success(Data.Success) ?><?cs /if ?>
<?cs include:Settings.TemplateDir + '/' + Data.Action + '.cs' ?>
<?cs /if ?>
<?cs include:Settings.TemplateDir + '/footer.cs' ?>

22
cbox-tree.d/usr/share/cryptobox/templates/nav.cs
View file

@ -1,22 +0,0 @@
<!-- $Id$ -->
<!-- mounting possible? -->
<?cs if:((Data.Status.Config == 1) && (Data.Status.InitRunning == 0)) ?>
<?cs if:(Data.Status.Mounted == 1) ?>
<a href="<?cs call:getSelfURL('action=umount_do','action') ?>" title="<?cs var:Lang.Text.DoUmount ?>"><?cs var:Lang.Button.Umount ?></a>
<?cs else ?>
<a href="<?cs call:getSelfURL('action=mount_ask','action') ?>" title="<?cs var:Lang.Text.DoMount ?>"><?cs var:Lang.Button.Mount ?></a>
<?cs /if ?>
<a href="<?cs call:getSelfURL('action=show_status','action') ?>" title="<?cs var:Lang.Button.Status ?>"><?cs var:Lang.Button.Status ?></a>
<?cs /if ?>
<!-- already initialized (or at least in progress)? -->
<?cs if:(Data.Status.Config == 1) ?>
<a href="<?cs call:getSelfURL('action=config_ask','action') ?>" title="<?cs var:Lang.Text.Configuration ?>"><?cs var:Lang.Button.Config ?></a>
<?cs /if ?>
<a href="<?cs call:getSelfURL('action=init_ask','action') ?>" title="<?cs var:Lang.Button.DoInit ?>"><?cs var:Lang.Button.DoInit ?></a>
<a href="<?cs call:getSelfURL('action=show_log','action') ?>" title="<?cs var:Lang.Button.Protocol ?>"><?cs var:Lang.Button.Protocol ?></a>
<a href="<?cs call:getSelfURL('action=doc','action') ?>" title="<?cs var:Lang.Button.Documentation ?>"><?cs var:Lang.Button.Documentation ?></a>
<a href="<?cs call:getSelfURL('action=shutdown_ask','action') ?>" title="<?cs var:Lang.Button.PowerOff ?>"><?cs var:Lang.Button.PowerOff ?></a>

7
cbox-tree.d/usr/share/cryptobox/templates/show_doc.cs
View file

@ -1,7 +0,0 @@
<!-- $Id$ -->
<div id="doc">
<?cs include:Settings.DocDir + '/' + Settings.DocLang + '/' + Data.Doc.Page + '.html' ?>
</div>

13
cbox-tree.d/usr/share/cryptobox/templates/show_log.cs
View file

@ -1,13 +0,0 @@
<!-- $Id$ -->
<div id="log">
<h1><?cs var:Lang.Title.Log ?></h1>
<?cs if:Data.Log ?>
<p class="console"><?cs var:Data.Log ?></p>
<?cs else ?>
<p><?cs var:Lang.Text.EmptyLog ?></p>
<?cs /if ?>
</div>

5
cbox-tree.d/usr/share/cryptobox/templates/show_status.cs
View file

@ -1,5 +0,0 @@
<!-- $Id$ -->
<h1><?cs var:Lang.Title.Status ?></h1>
<p><?cs if:(Data.Status.Mounted == 1) ?><?cs var:Lang.Text.CryptoIsActive ?>
<?cs else ?><?cs var:Lang.Text.CryptoIsDown ?><?cs /if ?></p>

24
cbox-tree.d/usr/share/doc/cryptobox/README
View file

@ -1,24 +0,0 @@
$Id$
CryptoBox version 0.3
1) Documentation
The documentation is available at https://systemausfall.org/trac/cryptobox/wiki/CryptoBoxUser
2) Building a LiveCD
try: "scripts/cbox-build.sh release"
or look at the developer's documentation: https://systemausfall.org/trac/cryptobox/wiki/CryptoBoxDev
3) Bug reporting
Use our issue tracker at https://systemausfall.org/trac/cryptobox/newticket
4) Licence
All scripts are GPL code (v2.0 or above).
The documentation is licenced under "Creative Commons 2.5 share-alike" (http://creativecommons.org/licenses/by-sa/2.5/).
5) Contributors
Clavdia Horvat, Tadej Brce & Dušan Rebolj - slovenian translation
6) Contact
email: cryptobox@systemausfall.org
The CryptoBox project is mainly driven by sense.lab (https://systemausfall.org/senselab).

18
cbox-tree.d/usr/share/doc/cryptobox/README.Debian
View file

@ -1,18 +0,0 @@
CryptoBox for Debian - installation notes
1) additional dependencies
you need the following packages, which are not (yet) part of the main debian distribution:
* cryptsetup_luks - http://luks.endorphin.org/masses
* clearsilver for perl (>=0.9.14) - http://www.clearsilver.net/downloads/
2) cgi-bin
If you do not use thttpd as your webserver, you should add the cgi-bin path to
your script directory. For apache this would be something like the following:
(file /etc/apache???/conf.d/cryptobox)
Alias /cryptobox-misc /var/www/cryptobox-misc
ScriptAlias /cryptobox /usr/lib/cgi-bin/cryptobox.pl
-- Lars Kruse <devel@sumpfralle.de> Sun, 4 Dec 2005 21:05:45 +0100

BIN
cbox-tree.d/usr/share/doc/cryptobox/changelog.Debian.gz
View file

Binary file not shown.

BIN
cbox-tree.d/usr/share/doc/cryptobox/changelog.gz
View file

Binary file not shown.

18
cbox-tree.d/usr/share/doc/cryptobox/copyright
View file

@ -1,18 +0,0 @@
Copyright (c) 02005 sense.lab <senselab@systemausfall.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License with
your Debian GNU/Linux system, in /usr/share/common-licenses/GPL, or with the
Debian GNU/Linux hello source package as the file COPYING. If not,
write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
Boston, MA 02110-1301 USA
$Id$

93
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBox.html
View file

@ -1,93 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Neuigkeiten&weblang=de">Neuigkeiten</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#berblick&weblang=de">Überblick</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Download&weblang=de">Download</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Spezifikation&weblang=de">Spezifikation</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Dokumentation&weblang=de">Dokumentation</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Entwicklung&weblang=de">Entwicklung</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Mitwirkende&weblang=de">Mitwirkende</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Rechtliches&weblang=de">Rechtliches</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Kommentare&weblang=de">Kommentare</a></li>
</ol>
</div>
</p>
<h1 id="DieCryptoBox">Die CryptoBox</h1>
<p>
<i><a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">English version</a></i>
</p>
<h2 id="Neuigkeiten">Neuigkeiten</h2>
<p>
Das erste Release der <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> ist unter <a class="ext-link" title="https://codecoop.org/projects/cryptobox/" href="https://codecoop.org/projects/cryptobox/&weblang=de">https://codecoop.org/projects/cryptobox/</a> verfügbar.
</p>
<h2 id="berblick">Überblick</h2>
<p>
Die <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> ist eine <a class="ext-link" title="http://de.wikipedia.org/wiki/Live-cd" href="http://de.wikipedia.org/wiki/Live-cd">Live-CD</a> mit der sich jeder alte Rechner in Sekundenschnelle in einen verschlüsselnden Server umwandeln lässt. Damit kannst du sensible Daten speichern, ohne dass du etwas über <a class="ext-link" title="http://de.wikipedia.org/wiki/Kryptografie" href="http://de.wikipedia.org/wiki/Kryptografie&weblang=de">Kryptografie</a> wissen musst.
</p>
<h2 id="Download">Download</h2>
<ul><li><a class="ext-link" title="http://codecoop.org/frs/download.php/32/cryptobox_0.2.iso" href="http://codecoop.org/frs/download.php/32/cryptobox_0.2.iso">Version 0.2</a> [106 MB] - <a href="/trac/cryptobox/wiki/ReleaseNotes/0.2">Release notes</a>
<ul><li><i>bereitgestellt durch <a class="ext-link" title="http://codecoop.org" href="http://codecoop.org">http://codecoop.org</a></i>
</li></ul></li></ul><h2 id="Spezifikation">Spezifikation</h2>
<table class="wiki">
<tr><td>System</td><td>Debian GNU/Linux-basierte Live-CD
</td></tr><tr><td>benötigter Computer</td><td>&#34;ausrangierter&#34; PC (i386 ab p1 mind. 32MB RAM)
</td></tr><tr><td>unterstützte Clients</td><td><a class="ext-link" title="http://de.wikipedia.org/wiki/Liste_der_Betriebssysteme" href="http://de.wikipedia.org/wiki/Liste_der_Betriebssysteme">*nix; *bsd; Windows; Mac OS</a>
</td></tr><tr><td>interner Fileserver</td><td><a class="ext-link" title="http://samba.org" href="http://samba.org">samba</a> (Netzwerkfreigaben)
</td></tr><tr><td>Benutzerschnittstelle</td><td>per Browser bedienbares Web-Interface
</td></tr><tr><td>Verschlüsselung</td><td><a class="ext-link" title="http://de.wikipedia.org/wiki/Advanced_Encryption_Standard" href="http://de.wikipedia.org/wiki/Advanced_Encryption_Standard">AES</a> via device-mapper
</td></tr></table>
<p>
Das Web-Interface der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> ünterstützt derzeit folgende Sprachen:
</p>
<ul><li>deutsch
</li><li>englisch
</li><li>slowenisch
</li></ul><p>
Du kannst gern weitere <a href="/trac/cryptobox/browser/trunk/cbox-tree.d/usr/share/cryptobox/lang/en.hdf">Übersetzungen</a> in andere Sprachen hinzufügen (idealerweise utf-encodiert).
</p>
<h2 id="Dokumentation">Dokumentation</h2>
<p>
Das Nutzerhandbuch ist unter <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=de">CryptoBoxUser</a> verfügbar.
</p>
<h2 id="Entwicklung">Entwicklung</h2>
<p>
Beteilige dich an der Entwicklung der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> und werde reich und schön! ;) <br />
Nee im Ernst, wir freuen uns über jeden partizipierenden Menschen. Du wirst in einem entspannten Team reichlich Erfahrungen sammeln, eine nützliche Sache voranbringen und - wer weiß - vielleicht macht dich das auch schön. Schreib eine Mail an <i>cryptobox[at]systemausfall.org</i> und hab Spaß.
</p>
<p>
Probleme und Anregungen kannst du in unserer <a class="ext-link" title="https://systemausfall.org/trac/cryptobox/newticket" href="https://systemausfall.org/trac/cryptobox/newticket">Fehlerdatenbank</a> melden.
</p>
<p>
Die englischsprachige Entwickler-Doku findest du unter <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=de">CryptoBoxDev</a>.
</p>
<p>
Die Quell-Daten kannst du <a href="/trac/cryptobox/browser/">hier</a> begutachten.
</p>
<p>
Für allgemeine Fragen, schreibe eine Email an <i>cryptobox[at]systemausfall.org</i>.
</p>
<h2 id="Mitwirkende">Mitwirkende</h2>
<p>
<ul><li>Clavdia Horvat, Tadej Brce &amp; Dušan Rebolj - slovenian translation
</li><li><a class="ext-link" title="http://codecoop.org" href="http://codecoop.org">http://codecoop.org</a> - webspace
</li></ul>
</p>
<h2 id="Rechtliches">Rechtliches</h2>
<ol><li>Alle Skripte unterliegen der <a class="ext-link" title="http://www.fsf.org/licensing/licenses/gpl.html" href="http://www.fsf.org/licensing/licenses/gpl.html">GPL</a> - sie sind also quasi vollständig frei.
</li><li>Die Dokumentation unterliegt einer <i><a class="ext-link" title="http://creativecommons.org/licenses/by-sa-nc/2.0/" href="http://creativecommons.org/licenses/by-sa-nc/2.0/">Creative Commons</a></i>-Lizenz, damit wird die Möglichkeit der freien Verbreitung des gesammelten Wissens gewährleistet.
</li><li>Wir übernehmen keinerlei Haftung für eventuelle Folgen, die durch die Nutzung einer <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> entstehen könnten.
</li></ol><hr />
<h2 id="Kommentare">Kommentare</h2>
<p>
</div>
</div>

107
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxDev.html
View file

@ -1,107 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Preparationsfordevelopers&weblang=de">Preparations for developers</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Softwarerequirements&weblang=de">Software requirements</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Packages&weblang=de">Packages</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Kernel&weblang=de">Kernel</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Getthesource&weblang=de">Get the source</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Firstbuild&weblang=de">First build</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Finished&weblang=de">Finished</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Comments&weblang=de">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Developmentworkflow&weblang=de">Development workflow</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Preparations&weblang=de">Preparations</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#CreateaCryptoBoxLiveCD&weblang=de">Create a CryptoBox-LiveCD</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Buildthebasesystem&weblang=de">Build the base system</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Configurethebaseimage&weblang=de">Configure the base image</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Removedevelopmentfeatures&weblang=de">Remove development features</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Createanisoimage&weblang=de">Create an iso image</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#BurntheCD&weblang=de">Burn the CD</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#TesttheCryptoBoxLiveCD&weblang=de">Test the CryptoBox-LiveCD</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Chrootquickampdirtytests&weblang=de">Chroot: quick &amp; dirty tests</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Qemunearlycompleteemulation&weblang=de">Qemu: nearly complete emulation</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Debuggingandmerging&weblang=de">Debugging and merging</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Developmentonarunningsystem&weblang=de">Development on a running system</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Uploadinganewrelease&weblang=de">Uploading a new release</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Comments&weblang=de">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#CustombuildsoftheCryptoBox&weblang=de">Custom builds of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Overview&weblang=de">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Settings&weblang=de">Settings</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#dfsbuildsettings&weblang=de">dfsbuild settings</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#CryptoBoxdevelopmentconfiguration&weblang=de">CryptoBox development configuration</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#SSHconnection&weblang=de">SSH connection</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#qemunetworkconfiguration&weblang=de">qemu network configuration</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Comments&weblang=de">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#CustomconfigurationoftheCryptoBox&weblang=de">Custom configuration of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Overview&weblang=de">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Locations&weblang=de">Locations</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Examples&weblang=de">Examples</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Comments&weblang=de">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#ValidationoftheCryptoBox&weblang=de">Validation of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Overview&weblang=de">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Validate&weblang=de">Validate</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Howtocreateatest&weblang=de">How to create a test</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Comments&weblang=de">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#DetailsoftheCryptoBox&weblang=de">Details of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#dfsbuild&weblang=de">dfsbuild</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#thekernel&weblang=de">the kernel</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#qemu&weblang=de">qemu</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#alternativeLiveCDs&weblang=de">alternative LiveCDs</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#Comments&weblang=de">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#Knownproblems&weblang=de">Known problems</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#qemu&weblang=de">qemu</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#interleavedfilesnotyetsupported&weblang=de">interleaved files not (yet) supported</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#smbdsegfault&weblang=de">smbd: segfault</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#Comments&weblang=de">Comments</a></li>
</ol>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox/de</a>, <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox/en</a>)
</p>
<hr />
<h1 id="Developmentdocumentation">Development documentation</h1>
<p>
The following pages are written for developers only. <br />
Users of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> should read <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=de">CryptoBoxUser</a> instead.
</p>
<ul><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation&weblang=de">CryptoBoxDevPreparation</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow&weblang=de">CryptoBoxDevWorkFlow</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=de">CryptoBoxDevCustomBuild</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure&weblang=de">CryptoBoxDevCustomConfigure</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation&weblang=de">CryptoBoxDevValidation</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground&weblang=de">CryptoBoxDevBackground</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems&weblang=de">CryptoBoxDevKnownProblems</a>
</li></ul><h2 id="Source">Source</h2>
<p>
You may browse the <a href="/trac/cryptobox/browser/">source code</a>.
</p>
<h2 id="Contact">Contact</h2>
<p>
We are waiting for your emails to <i>cryptobox[at]systemausfall.org</i>.
</p>
<h2 id="Bugreports">Bug reports</h2>
<p>
Please use our issue tracker, if you discover problems: <a class="ext-link" title="https://systemausfall.org/trac/cryptobox/newticket" href="https://systemausfall.org/trac/cryptobox/newticket">https://systemausfall.org/trac/cryptobox/newticket</a>
</p>
</div>
</div>

61
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxDevBackground.html
View file

@ -1,61 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#dfsbuild&weblang=de">dfsbuild</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#thekernel&weblang=de">the kernel</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#qemu&weblang=de">qemu</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#alternativeLiveCDs&weblang=de">alternative LiveCDs</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#Comments&weblang=de">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=de">CryptoBoxDev</a>)
</p>
<hr />
<h1 id="DetailsoftheCryptoBox">Details of the CryptoBox</h1>
<h2 id="dfsbuild">dfsbuild</h2>
<p>
The base system of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> Live-CD is created by <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild&weblang=de">dfsbuild</a>.
</p>
<p>
It is recommended to use some kind of caching tool for the retrieval of the debian packages (e.g.: <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher">apt-cacher</a>, <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-proxy" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-proxy">apt-proxy</a> or <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=approx" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=approx">approx</a>). This saves a lot of bandwidth and time.
</p>
<p>
The documentation for <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild">dfsbuild</a> is sparse. But it is quite unlikely, that you will get in direct contact with it, as it is wrapped by <a href="/trac/cryptobox/browser/trunk/scripts/cbox-build.sh">cbox-build</a>. However the following links may help you for specific problems:
</p>
<ul><li><a class="ext-link" title="http://www.debian-administration.org/articles/125" href="http://www.debian-administration.org/articles/125">Debian Administration: Building Debian CD-ROMS Part 1 - dfsbuild</a>
</li><li><a class="ext-link" title="http://www.debian-administration.org/articles/149" href="http://www.debian-administration.org/articles/149">Debian Administration: Getting in deep with dfsbuild</a>
</li></ul><h2 id="thekernel">the kernel</h2>
<p>
The linux kernel for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> is compiled statically. If you want to change it, you could follow this steps:
</p>
<ol><li>get the sources: <tt>apt-get install kernel-tree-2.6.11</tt> (or the version of your choice)
</li><li>copy the exisiting config file <i>kernel/config-2.6.11</i> as <i>.config</i> into your kernel source directory
</li><li>build the debian kernel package <tt>make-kpkg --revision=1.dfs --rootcmd=fakeroot kernel_image</tt>
</li><li>change the kernel in the <i>unpackdebs</i> setting in <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/dfs-cbox.conf">dfs-cbox.conf</a> (see <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=de">CryptoBoxDevCustomBuild</a> for details)
</li></ol><h2 id="qemu">qemu</h2>
<p>
<a class="ext-link" title="http://fabrice.bellard.free.fr/qemu/" href="http://fabrice.bellard.free.fr/qemu/">Qemu</a> is a portable system emulator. It is a convenient tool to ease the development workflow, as you do not need to burn LiveCDs for testing.
</p>
<h2 id="alternativeLiveCDs">alternative LiveCDs</h2>
<p>
We tried some other LiveCDs before we decided to use <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild">dfsbuild</a>. The following pages describe their advantages and disadvantages as the base system for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>:
</p>
<ul><li><a href="/cryptobox?action=doc&page=CryptoBoxKnoppixVerworfen&weblang=de">CryptoBoxKnoppixVerworfen</a> - Knoppix
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxMorphixVerworfen&weblang=de">CryptoBoxMorphixVerworfen</a> - Morphix / IBuild
</li></ul><hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

85
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxDevCustomBuild.html
View file

@ -1,85 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Overview&weblang=de">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Settings&weblang=de">Settings</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#dfsbuildsettings&weblang=de">dfsbuild settings</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#CryptoBoxdevelopmentconfiguration&weblang=de">CryptoBox development configuration</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#SSHconnection&weblang=de">SSH connection</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#qemunetworkconfiguration&weblang=de">qemu network configuration</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Comments&weblang=de">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev">CryptoBoxDev</a>, <a href="/cryptobox?action=doc&page=CryptoBoxDevBackground">CryptoBoxDevBackground</a>, <a href="/trac/cryptobox/wiki/CryptoBoxDevPreparation">CryptoBoxDevPreparation</a>, <a href="/trac/cryptobox/wiki/CryptoBoxDevWorkFlow&weblang=de">CryptoBoxDevWorkFlow</a>)
</p>
<hr />
<h1 id="CustombuildsoftheCryptoBox">Custom builds of the CryptoBox</h1>
<h2 id="Overview">Overview</h2>
<p>
The following sections are useful, if you want to change the default settings of your personal <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> development environment.
</p>
<p>
You should have completed the steps described in <a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation&weblang=de">CryptoBoxDevPreparation</a>.
</p>
<h2 id="Settings">Settings</h2>
<h3 id="dfsbuildsettings">dfsbuild settings</h3>
<p>
All settings for <i>dfsbuild</i> can be found in <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/dfs-cbox.conf">etc-defaults.d/dfs-cbox.conf</a>.
</p>
<p>
If you want to change any of them, you should do the following:
</p>
<ol><li>copy <i>etc-defaults.d/dfs-cbox.conf</i> file to <i>etc-local.d/</i>
</li><li>change <i>etc-local.d/dfs-cbox.conf</i> according to your needs
</li></ol><p>
This allows you to use your own (personal) settings, without interfering with files under version control.
</p>
<h3 id="CryptoBoxdevelopmentconfiguration">CryptoBox development configuration</h3>
<p>
Some settings regarding the building, configuring and validating of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> can be found in <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/cbox-dev.conf&weblang=de">etc-defaults.d/cbox-dev.conf</a>.
</p>
<p>
If you want to change any of them, you should do the following:
</p>
<ol><li>copy <i>etc-defaults.d/cbox-dev.conf</i> file to <i>etc-local.d/</i>
</li><li>change <i>etc-local.d/cbox-dev.conf</i> according to your needs
</li></ol><h3 id="SSHconnection">SSH connection</h3>
<p>
The file <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/ssh_config">ssh_config</a> is used to establish a connection to a running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> system.
</p>
<p>
It can be necessary to change these settings, if:
</p>
<ul><li>you do not want to use the default IP for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>
</li><li>or the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> is not within your local network.
</li></ul><p>
If you want to change some settings, you should do the following:
</p>
<ol><li>copy <i>etc-defaults.d/ssh_config</i> file to <i>etc-local.d/</i>
</li><li>change <i>etc-local.d/ssh_config</i> according to your needs
</li></ol><h3 id="qemunetworkconfiguration">qemu network configuration</h3>
<p>
The file <a href="/trac/cryptobox/browser/trunk/etc-defauolts.d/qemu-ifup">etc-defauolts.d/qemu-ifup</a> is used for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> emulation with <i>qemu</i>. See <i>man qemu</i> for details.
</p>
<p>
If you want to change some settings, you should do the following:
</p>
<ol><li>copy <i>etc-defaults.d/qemu-ifup</i> file to <i>etc-local.d/</i>
</li><li>change <i>etc-local.d/qemu-ifup</i> according to your needs
</li></ol><hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

60
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxDevCustomConfigure.html
View file

@ -1,60 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Overview&weblang=de">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Locations&weblang=de">Locations</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Examples&weblang=de">Examples</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Comments&weblang=de">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=de">CryptoBoxDev</a>)
</p>
<hr />
<h1 id="CustomconfigurationoftheCryptoBox">Custom configuration of the CryptoBox</h1>
<h2 id="Overview">Overview</h2>
<p>
You may change nearly every aspect of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> by using the custom configuration hook directory.
</p>
<p>
Any script inside of this directory will be executed after the default configuration procedure (see <a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow&weblang=de">CryptoBoxDevWorkFlow</a>).
</p>
<p>
The order of execution is defined by the names of the scripts (alphabetically).
</p>
<h2 id="Locations">Locations</h2>
<p>
Some example customization scripts can be found in <a href="/trac/cryptobox/browser/trunk/configure-examples.d">configure-examples.d/</a>.
</p>
<p>
You may put your scripts into <i>configure-local.d/</i>. They will be sourced by <a href="/trac/cryptobox/browser/trunk/scripts/cbox-build.sh">cbox-build.sh</a>.
</p>
<h2 id="Examples">Examples</h2>
<p>
The examples in <a href="/trac/cryptobox/browser/trunk/configure-examples.d">configure-examples.d/</a> can be copied to <i>configure-local.d/</i> and adjusted to your needs.
</p>
<table class="wiki">
<tr><td>set_default_ip</td><td>change the default IP address of the CryptoBox
</td></tr><tr><td>set_default_language</td><td>set the default language
</td></tr><tr><td>set_default_timeout</td><td>set the default idle time for automatic unmounting
</td></tr><tr><td>set_hostname</td><td>change the default hostname
</td></tr><tr><td>set_root_pw</td><td>change the password of root (only useful for a development <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>)
</td></tr><tr><td>import_authorized_keys</td><td>upload a <i>ssh</i> key for passwordless access to a development CryptoBox
</td></tr><tr><td>set_scan_devices</td><td>where to look for usable harddisks
</td></tr></table>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

39
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxDevKnownProblems.html
View file

@ -1,39 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#qemu&weblang=de">qemu</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#interleavedfilesnotyetsupported&weblang=de">interleaved files not (yet) supported</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#smbdsegfault&weblang=de">smbd: segfault</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#Comments&weblang=de">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=de">CryptoBoxDev</a>)
</p>
<hr />
<h1 id="Knownproblems">Known problems</h1>
<h2 id="qemu">qemu</h2>
<h3 id="interleavedfilesnotyetsupported">interleaved files not (yet) supported</h3>
<p>
You should update <i>qemu</i> to version 0.7 or higher.
</p>
<h3 id="smbdsegfault">smbd: segfault</h3>
<p>
This happens under certain circumstances. We do not know a solution for this problem.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

77
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxDevPreparation.html
View file

@ -1,77 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Softwarerequirements&weblang=de">Software requirements</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Packages&weblang=de">Packages</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Kernel&weblang=de">Kernel</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Getthesource&weblang=de">Get the source</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Firstbuild&weblang=de">First build</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Finished&weblang=de">Finished</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Comments&weblang=de">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev">CryptoBoxDev</a>, <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild">CryptoBoxDevCustomBuild</a>, <a href="/trac/cryptobox/wiki/CryptoBoxDevWorkFlow&weblang=de">CryptoBoxDevWorkFlow</a>)
</p>
<hr />
<h1 id="Preparationsfordevelopers">Preparations for developers</h1>
<h2 id="Softwarerequirements">Software requirements</h2>
<h3 id="Packages">Packages</h3>
<p>
We use <a class="ext-link" title="http://debian.org" href="http://debian.org">Debian</a> as our development environment. This was a natural choice, as the CryptoBox-LiveCD is also based on Debian. Other distributions should work too, of course - <i>your mileage may vary</i>.
</p>
<p>
required:
</p>
<ul><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild">dfsbuild</a>
</li><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=subversion" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=subversion">subversion</a>
</li><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=chroot" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=chroot">chroot</a>
</li></ul><p>
recommended:
</p>
<ul><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher">apt-cacher</a>, <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-proxy" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-proxy"> apt-proxy</a> or <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=approx" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=approx">approx</a>
</li><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=qemu" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=qemu">qemu</a>
</li><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=curl" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=curl">curl</a>
</li></ul><h3 id="Kernel">Kernel</h3>
<p>
If you want to use <a class="ext-link" title="http://fabrice.bellard.free.fr/qemu/" href="http://fabrice.bellard.free.fr/qemu/">qemu</a> to test your <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> in a virtual environment, then you will need the <i>tun/tap</i> kernel feature.
</p>
<pre class="wiki">CONFIG_TUN=m
</pre><h2 id="Getthesource">Get the source</h2>
<p>
Download the latest release from our <a class="ext-link" title="http://subversion.tigris.org" href="http://subversion.tigris.org">subversion</a>-Repository:
</p>
<pre class="wiki">svn checkout https://svn.systemausfall.org/svn/cryptobox/trunk
</pre><h2 id="Firstbuild">First build</h2>
<p>
run <tt>scripts/cbox-build.sh release</tt> as <i>root</i> - hopefully, there should be no errors :)
</p>
<p>
Hint: This step will fail, if you did not install <i>apt-cacher</i>. See <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=de">CryptoBoxDevCustomBuild</a> for details on how to change the build-configuration settings (in this case: <i>mirror</i> in <i>dfs-cbox.conf</i>).
</p>
<h2 id="Finished">Finished</h2>
<p>
Now you can start to pariticipate in the development of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> or simply customize your own CryptoBox-LiveCD.
</p>
<p>
See <a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow">CryptoBoxDevWorkFlow</a> for details of how to use the developer's tools of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>.
</p>
<p>
<a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild">CryptoBoxDevCustomBuild</a> shows some examples for local customizations of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

78
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxDevValidation.html
View file

@ -1,78 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Overview&weblang=de">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Validate&weblang=de">Validate</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Howtocreateatest&weblang=de">How to create a test</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Comments&weblang=de">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=de">CryptoBoxDev</a>)
</p>
<hr />
<h1 id="ValidationoftheCryptoBox">Validation of the CryptoBox</h1>
<h2 id="Overview">Overview</h2>
<p>
The validation feature helps you to check the programming logic of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a>. A lot of test cases are defined to verify as many functions of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> as possible.
</p>
<p>
The requests are processed with <a class="ext-link" title="http://curl.haxx.se/" href="http://curl.haxx.se/">curl</a>.
</p>
<p>
The received web page is saved to allow a later design review or css debugging.
</p>
<p>
The current state of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> is represented by ten single values (e.g.: <i>box is configured</i>, <i>IP of the box</i>, <i>current language setting</i>, ...), which are invisibly a part of each html page (as comments). The returned status of every request is compared to the predicted value of the test case.
</p>
<p>
Similar test cases are pooled into test groups (e.g.: <i>initialization</i>, <i>configuration</i> and <i>mounting</i>).
</p>
<h2 id="Validate">Validate</h2>
<p>
Run <i><a href="/trac/cryptobox/browser/trunk/scripts/validate.sh">scripts/validate.sh</a>]</i> to conduct all tests of all groups. See <i>scripts/validate.sh help</i> for other actions.
</p>
<p>
The results will be saved in <i>validation/report</i>.
</p>
<p>
In addition to every single retrieved page, a html page called <i>summary-?.html</i> is created, which contains the state checks of all tests in a group.
</p>
<h2 id="Howtocreateatest">How to create a test</h2>
<p>
All test cases can be found in <i>validation/test-cases</i>.
</p>
<p>
Every test consists of the following files:
</p>
<table class="wiki">
<tr><td>input.curl</td><td>the configuration file for the <i>curl</i> request
</td></tr><tr><td>output</td><td>the predicted state of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> after the call
</td></tr><tr><td>description</td><td>a short description of the test (will be used for the summary)
</td></tr><tr><td>delay</td><td>[optional] time to wait after this test
</td></tr></table>
<p>
Use the existing test cases as templates for new tests.
</p>
<p>
Read <a href="/trac/cryptobox/browser/trunk/validation/test-cases/README">validation/test-cases/README</a> for details.
</p>
<p>
Every logical path of the web interface CGI should be validated by a test case.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

151
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxDevWorkFlow.html
View file

@ -1,151 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Preparations&weblang=de">Preparations</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#CreateaCryptoBoxLiveCD&weblang=de">Create a CryptoBox-LiveCD</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Buildthebasesystem&weblang=de">Build the base system</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Configurethebaseimage&weblang=de">Configure the base image</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Removedevelopmentfeatures&weblang=de">Remove development features</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Createanisoimage&weblang=de">Create an iso image</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#BurntheCD&weblang=de">Burn the CD</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#TesttheCryptoBoxLiveCD&weblang=de">Test the CryptoBox-LiveCD</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Chrootquickampdirtytests&weblang=de">Chroot: quick &amp; dirty tests</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Qemunearlycompleteemulation&weblang=de">Qemu: nearly complete emulation</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Debuggingandmerging&weblang=de">Debugging and merging</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Developmentonarunningsystem&weblang=de">Development on a running system</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Uploadinganewrelease&weblang=de">Uploading a new release</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Comments&weblang=de">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev">CryptoBoxDev</a>, <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure">CryptoBoxDevCustomConfigure</a>, <a href="/trac/cryptobox/wiki/CryptoBoxDevPreparation&weblang=de">CryptoBoxDevPreparation</a>)
</p>
<hr />
<h1 id="Developmentworkflow">Development workflow</h1>
<h2 id="Preparations">Preparations</h2>
<p>
You should have completed the steps described in <a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation&weblang=de">CryptoBoxDevPreparation</a>.
</p>
<h2 id="CreateaCryptoBoxLiveCD">Create a CryptoBox-LiveCD</h2>
<p>
The following steps can be executed in the order of their appearance.
</p>
<p>
Usually there is no need to repeat the whole process, after you changed some parts of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>. Especially the first step (building of the base system with <i>dfsbuild</i>) may usually be skipped.
</p>
<p>
Every step of the building process must be executed as <i>root</i>.
</p>
<h3 id="Buildthebasesystem">Build the base system</h3>
<p>
Run <i>scripts/cbox-build.sh dfsbuild</i> to create the base system for the LiveCD.
</p>
<p>
The result can be found in <i>_builddir/cd1/image</i>.
</p>
<p>
If you do not want to use the <i><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher">apt-cacher</a> to save bandwidth and time, then you should modify the </i>mirror<i>-setting in <a href="/trac/cryptobox/browser/trunk/etc-default.d/dfs-cbox.conf">dfs-cbox.conf</a> (see <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=de">CryptoBoxDevCustomBuild</a> for details).</i>
</p>
<h3 id="Configurethebaseimage">Configure the base image</h3>
<p>
Run <i>scripts/cbox-build.sh config</i> to copy the CryptoBox-specific files to the base image.
</p>
<p>
TODO: link to cbox-build.sh-manpage
</p>
<h3 id="Removedevelopmentfeatures">Remove development features</h3>
<p>
The original base system, that was created by <i>dfsbuild</i> contains a lot packages and some scripts, that are only useful during development. You should remove them, as they cause severe security implications.
</p>
<p>
To reduce the CryptoBox-LiveCD to the usable minimum for operational use, you should run <i>scripts/cbox-build.sh harden</i>.
</p>
<h3 id="Createanisoimage">Create an iso image</h3>
<p>
To burn a CryptoBox-LiveCD, you need an bootable <i>iso9660</i>-image.
</p>
<p>
Create the <i>iso</i> image with <i>scripts/cbox-build.sh iso</i>. The resulting file can be found at <i>_builddir/cd1/cryptobox.iso</i>.
</p>
<h3 id="BurntheCD">Burn the CD</h3>
<p>
Do it manually:
</p>
<pre class="wiki">cdrecord -v dev=0,0,0 _builddir/cryptobox.iso
</pre><p>
(change the <i>dev</i> setting according to your setup).
</p>
<p>
Let the script do it for you: <i>scripts/cbox-build.sh burn</i> (maybe you have to change the <i>CDWRITER</i> setting in <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/cbox-dev.conf">cbox-dev.conf</a> - see <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=de">CryptoBoxDevCustomBuild</a>).
</p>
<p>
Of course, it is not wise to use CD-R media. CD-RW consume less resources.
</p>
<h2 id="TesttheCryptoBoxLiveCD">Test the CryptoBox-LiveCD</h2>
<p>
This section is only useful for developers, who want to improve or change the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> system.
</p>
<h3 id="Chrootquickampdirtytests">Chroot: quick &amp; dirty tests</h3>
<p>
If you modified the <i>perl</i>- or <i>shell</i>-scripts of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>, then you can check for syntax errors by running them in a <i>chroot</i> environment. Be careful: you have access to all ressources of your computer, while you are working within a <i>chroot</i> environment - so you can easily repartition your real disk ...
</p>
<p>
To start a <i>chroot</i> environment, you can execute <i>scripts/cbox-dev.sh chroot</i>.
</p>
<p>
For more intensive tests, you may use <i>qemu</i> (see below) or burn real LiveCDs - of course this would take much more time.
</p>
<h3 id="Qemunearlycompleteemulation">Qemu: nearly complete emulation</h3>
<p>
The processor emulator <a class="ext-link" title="http://fabrice.bellard.free.fr/qemu" href="http://fabrice.bellard.free.fr/qemu">qemu</a> allows you test the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> in a virtual environment, that is completely separated from your real computer's resources. It is the tool of choice, if you do nat have a real computer around for testing.
</p>
<p>
Beware - there are some problems, when using <i>qemu</i>:
</p>
<ul><li><i>smbd</i> does not start (segfault)
</li><li>???
</li></ul><p>
To start a <i>qemu</i> emulation of the <i>iso</i> image, you may type:
</p>
<pre class="wiki">scripts/cbox-dev.sh qemu
</pre><h2 id="Debuggingandmerging">Debugging and merging</h2>
<p>
This section is only useful for developers, who want to develop on a running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> system (emulated or real).
</p>
<p>
You may access the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> directly or you can use <i>ssh</i> to open a remote session:
</p>
<pre class="wiki">./cbox-dev.sh ssh
</pre><h3 id="Developmentonarunningsystem">Development on a running system</h3>
<p>
When you run an emulation or test a real LiveCD, you may encounter problems and bugs. To test your fixes for these problems, it is convenient, to change the running test system. Afterwards you can merge these changes to your local development copy.
</p>
<p>
Type <i>scripts/cbox-dev.sh diff</i> to see the changes, you made on the running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> system.
</p>
<p>
Type <i>scripts/cbox-dev.sh merge</i> to merge these changes to your local working copy.
</p>
<h3 id="Uploadinganewrelease">Uploading a new release</h3>
<p>
Alternatively you may also upload a new version of your local working copy to the running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> system.
</p>
<p>
Type <i>scripts/cbox-dev.sh upload</i> - beware: all recent changes you made to the running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> system, are lost.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

59
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxUser.html
View file

@ -1,59 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#Wiegehteslos&weblang=de">Wie geht es los</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#ErsteSchritte&weblang=de">Erste Schritte</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#HinweiseFallstricke&weblang=de">Hinweise / Fallstricke</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#Kommentare&weblang=de">Kommentare</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#DieKonfigurationdeinerCryptoBox&weblang=de">Die Konfiguration deiner CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#berblick&weblang=de">Überblick</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Vorwort&weblang=de">Vorwort</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Initialisierung&weblang=de">Initialisierung</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Konfiguration&weblang=de">Konfiguration</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#HinweiseFallstricke&weblang=de">Hinweise / Fallstricke</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Kommentare&weblang=de">Kommentare</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#TglicheNutzung&weblang=de">Tägliche Nutzung</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#AktivierendesverschlsseltenDateisystems&weblang=de">Aktivieren des verschlüsselten Dateisystems</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#ZugriffaufdieverschlsseltenDaten&weblang=de">Zugriff auf die verschlüsselten Daten</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#AbschaltendesverschlsseltenDateisystems&weblang=de">Abschalten des verschlüsselten Dateisystems</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#AbschaltungderCryptoBox&weblang=de">Abschaltung der CryptoBox</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#NotfallAbschaltung&weblang=de">Notfall-Abschaltung</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#FragenundAntworten&weblang=de">Fragen und Antworten</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Kommentare&weblang=de">Kommentare</a></li>
</ol>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox/de</a>)
</p>
<hr />
<h1 id="Nutzerhandbuch">Nutzerhandbuch</h1>
<p>
Die folgenden Seiten beschreiben die Nutzung der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>.
</p>
<p>
Die online-Version dieses Handbuchs ist ein Wiki. Das bedeutet, dass du diese Seiten verändern kannst. Falls du also Fragen oder Anregungen hast, schreibe bitte deine Anmerkungen in den Kommentar-Abschnitt am Ende der jeweiligen Seite. Die Entwickler werden deine Fragen beantworten und das Handbuch schnellstmöglich aktualisieren. Auf diese Art und Weise kannst du die Nutzbarkeit der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> für alle Nutzer verbessern!
</p>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted&weblang=de">CryptoBoxUserGettingStarted</a> -- die Vorbereitung der Hardware
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration&weblang=de">CryptoBoxUserConfiguration</a> -- die Einrichtung deines neuen verschlüsselten Dateiservers
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse">CryptoBoxUserDailyUse</a> -- die tägliche Nutzung der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>
</li></ol><p>
Die online-Version dieses Handbuchs befindet sich unter <a class="ext-link" title="https://systemausfall.org/trac/cryptobox/wiki/CryptoBoxUser/de" href="https://systemausfall.org/trac/cryptobox/wiki/CryptoBoxUser/de">https://systemausfall.org/trac/cryptobox/wiki/CryptoBoxUser/de</a>.
</p>
<hr />
<p>
</div>
</div>

109
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxUserConfiguration.html
View file

@ -1,109 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#berblick&weblang=de">Überblick</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Vorwort&weblang=de">Vorwort</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Initialisierung&weblang=de">Initialisierung</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Konfiguration&weblang=de">Konfiguration</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#HinweiseFallstricke&weblang=de">Hinweise / Fallstricke</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Kommentare&weblang=de">Kommentare</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=de">CryptoBoxUser/de</a>)
</p>
<hr />
<h1 id="DieKonfigurationdeinerCryptoBox">Die Konfiguration deiner CryptoBox</h1>
<h2 id="berblick">Überblick</h2>
<p>
Alle Funktionen der <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> können durch das komfortable Web-Interface bedient werden. Zur Erst-Einrichtung der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> folge einfach den folgenden Schritten.
</p>
<p>
Falls du in Eile bist, kannst du das <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Vorwort&weblang=de">Vorwort</a> überspringen.
</p>
<p>
Die <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Initialisierung&weblang=de">Initialisierung</a> erklärt die Einrichtung der Festplatte. Dieser Schritt ist nur bei der ersten Einrichtung oder nach einem Festplattenwechsel notwendig.
</p>
<p>
Im <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Konfiguration">Konfigurations</a>-Abschnitt werden die verfügbaren Einstellungen der <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> beschrieben. Hier kannst du beispielsweise die Sprache des Web-Interfaces oder die Netzwerkadresse deiner <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> einstellen.
</p>
<p>
Vergiss nicht, auch den <i><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#HinweiseFallstricke&weblang=de">Hinweise/Fallstricke</a></i>-Abschnitt zu lesen.
</p>
<h2 id="Vorwort">Vorwort</h2>
<p>
Du bist den Anweisungen aus <a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted">CryptoBoxUserGettingStarted</a> gefolgt und sitzt nun vor deinem Arbeits-Rechner. Nun kannst du in deinem Web-Browser das Web-Interface der <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> ansteuern: <i><a class="ext-link" title="https://192.168.0.23" href="https://192.168.0.23&weblang=de">https://192.168.0.23</a></i>.
</p>
<p>
Bevor du Daten auf deiner <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> speichern kannst, muss die Festplatte mit einem verschlüsselten Dateisystem versehen werden. Das klingt kompliziert, ist jedoch mit einem Klick erledigt. :)
</p>
<h2 id="Initialisierung">Initialisierung</h2>
<p>
Klicke auf <i>Initialisierung</i> in der Menü-Zeile.
</p>
<p>
Jetzt wirst du zur Eingabe zweier Passworte aufgefordert (jeweils mit Wiederholung - zum Training deiner Tipp-Fertigkeiten ;)).
</p>
<p>
<a href='/cryptobox-img/screenshots/de_init.png' style='padding:0; border:none'><img src='/cryptobox-img/screenshots/de_init.png?format=raw' alt="de_init.png" title="de_init.png" style="" /></a>
</p>
<ul><li>Das erste Passwort ist das <i>Administrations-Password</i>.
<ul><li>Es schützt die Konfiguration deiner <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>.
</li><li>Dies ist notwendig, um zu verhindern, dass jemand unerlaubt die Daten auf deiner <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> durch eine erneute Initialisierung löscht.
</li><li>Wahrscheinlich wirst du dieses Passwort nie wieder benötigen.
</li><li>Du kannst das Administrations-Passwort leer lassen - dies wird jedoch nicht empfohlen.
</li></ul></li><li>Das <i>Crypto-Passwort</i> ist wesentlich wichtiger, da es der einzige Schutz der Daten auf der verschlüsselten Festplatte ist. Wähle es mit Sorgfalt!
<ul><li>Du benötigst es, um auf deine Daten zuzugreifen.
</li><li>Ein sicheres Passwort sollte aus mindestens 15 Zeichen (einschließlich Ziffern und Sonderzeichen) bestehen. Die Sicherheit deiner Daten steht und fällt mit der Qualität dieses Passworts.
</li></ul></li><li>Um dich daran zu erinnern, dass dieser Schritt die Festplatte der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> komplett löschen wird, musst du den angezeigten roten Warnhinweis im letzten Formularfeld eingeben.
</li><li>Nun kannst du die Initialisierung durch einen Klick auf <i>Initialisiere die CryptoBox</i> abschließen.
</li></ul><p>
Das war es dann auch schon. Kryptographie war wohl nie einfacher zu verwenden, oder? ;)
</p>
<p>
Der Initialisierungsvorgang läuft nun im Hintergrund ab und wird nach wenigen Minuten (abhängig von der Größe deiner Festplatte) abgeschlossen.
</p>
<h2 id="Konfiguration">Konfiguration</h2>
<p>
Im Gegensatz zur Initialisierung, die nur einmal durchgeführt werden muss, kannst du die Konfiguration jederzeit deinen Wünschen anpassen. Dazu klickst du einfach auf <i>Konfiguration</i> in der Menü-Zeile des Web-Interfaces. Nun wird dir ein Formular mit vier Feldern präsentiert:
</p>
<p>
<a href='/cryptobox-img/screenshots/de_config.png' style='padding:0; border:none'><img src='/cryptobox-img/screenshots/de_config.png?format=raw' alt="de_config.png" title="de_config.png" style="" /></a>
</p>
<ul><li>Falls du ein Administrator-Passwort während der <i>Initialisierung</i> festgelegt hast, musst du es nun eingeben. Andernfalls wird dieses Formularfeld nicht angezeigt.
</li><li>Du kannst die voreingestellte Netzwerk-Adresse (IP) verändern, falls sie nicht zu deiner Netzwerk-Struktur passt.
</li><li>Die Zeitabschaltung sorgt dafür, dass nach einer festgelegten Dauer von Inaktivität (in Minuten), das Crypto-Dateisystem deaktiviert wird (damit sind deine Daten wieder geschützt). Laufende Dateiübertragungen werden dadurch natürlich nicht gestört.
<ul><li>Es ist ratsam, eine kurze Abschalt-Zeit einzustellen (wenige Minuten).
</li><li>Der Wert <i>0</i> deaktiviert die automatische Abschaltung.
</li></ul></li><li>Die Sprache ist der Standard für alle Nutzer des CryptoBox-Web-Interfaces. Sie kann individuell durch die Sprach-Links am rechten oberen Bildschirmrand überschrieben werden.
</li></ul><p>
Speichere deine neuen Einstellungen durch einen Klick auf <i>Speichere Konfiguration</i>.
</p>
<p>
Das ist alles - deine <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> ist jetzt bereit für die <a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse&weblang=de">tägliche Nutzung</a>!
</p>
<h2 id="HinweiseFallstricke">Hinweise / Fallstricke</h2>
<ul><li>Alle Daten auf der Festplatte in der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> werden bei der Initialisierung gelöscht.
</li><li>Die Passworte müssen jeweils zweimal eingegeben werden, um die Gefahr von Tipp-Fehlern zu vermindern.
</li><li>Das optionale Administrations-Passwort ist nur für die Konfiguration oder eine erneute Initialisierung erforderlich.
</li><li>Das Crypto-Passwort beschützt deine sensiblen Daten.
</li><li>Falls die <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> nicht über die Adresse <i>192.168.0.23</i> erreichbar ist, musst du die Netzwerk-Adresse deines Arbeits-Rechners für die Dauer der Initialisierung der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> vorübergehend ändern.
</li></ul><p>
<i>zurück zu <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=de">CryptoBoxUser</a></i>
</p>
<hr />
<h2 id="Kommentare">Kommentare</h2>
<p>
</div>
</div>

124
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxUserDailyUse.html
View file

@ -1,124 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#AktivierendesverschlsseltenDateisystems&weblang=de">Aktivieren des verschlüsselten Dateisystems</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#ZugriffaufdieverschlsseltenDaten&weblang=de">Zugriff auf die verschlüsselten Daten</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#AbschaltendesverschlsseltenDateisystems&weblang=de">Abschalten des verschlüsselten Dateisystems</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#AbschaltungderCryptoBox&weblang=de">Abschaltung der CryptoBox</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#NotfallAbschaltung&weblang=de">Notfall-Abschaltung</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#FragenundAntworten&weblang=de">Fragen und Antworten</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Kommentare&weblang=de">Kommentare</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxUser">CryptoBoxUser/de</a>, <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration&weblang=de">CryptoBoxUserConfiguration/de</a>)
</p>
<hr />
<h1 id="TglicheNutzung">Tägliche Nutzung</h1>
<h2 id="AktivierendesverschlsseltenDateisystems">Aktivieren des verschlüsselten Dateisystems</h2>
<p>
Du kannst dein verschlüsseltes Dateisystem mit folgenden Schritten aktivieren:
</p>
<ul><li>Wähle mit deinem Web-Browser die Adresse deiner <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> an. Die Voreinstellung ist <a class="ext-link" title="https://192.168.0.23" href="https://192.168.0.23&weblang=de">https://192.168.0.23</a>.
</li><li>Klicke auf <i>Aktivieren der Crypto-Daten</i>. Daraufhin erscheint ein Formular zur Eingabe des Crypto-Passworts.
</li><li>Gib dein Crypto-Passwort ein und klicke auf die darunterliegende Schaltfläche.
</li></ul><p>
<a href='/cryptobox-img/screenshots/de_mount.png' style='padding:0; border:none'><img src='/cryptobox-img/screenshots/de_mount.png?format=raw' alt="de_mount.png" title="de_mount.png" style="" /></a>
</p>
<p>
Nun ist das verschlüsselte Dateisystem verfügbar. Um es zu nutzen, suche in deiner Netzwerkumgebung nach der Netzwerk-Adresse deiner <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> (Voreinstellung: 192.168.0.23). Nun kannst du das Netzlaufwerk wie üblich verwenden.
</p>
<h2 id="ZugriffaufdieverschlsseltenDaten">Zugriff auf die verschlüsselten Daten</h2>
<h3 id="LinuxKommandozeile">Linux - Kommandozeile</h3>
<p>
Um als normaler Nutzer auf die Crypto-Partition zuzugreifen, solltest du folgende Zeile zur <i>/etc/fstab</i> hinzufügen:
</p>
<pre class="wiki">//192.168.0.23/public /mnt/ smbfs defaults,noexec,noauto,user,guest 0 0
</pre><p>
Nun kannst du die Crypto-Partition nach /mnt mounten:
</p>
<pre class="wiki">mount /mnt/
</pre><p>
bzw. unmounten:
</p>
<pre class="wiki">smbumount /mnt
</pre><h3 id="Windows">Windows</h3>
<p>
Starte den Windows Explorer und wähle im Menü unter <i>Extras</i> die Option <i>Netzlaufwerke verbinden</i> aus.
</p>
<p>
<a href='/cryptobox-img/screenshots/de_w98_network_drive.png' style='padding:0; border:none'><img src='/cryptobox-img/screenshots/de_w98_network_drive.png?format=raw' alt="de_w98_network_drive.png" title="de_w98_network_drive.png" style="" /></a>
</p>
<p>
Trage unter <i>Pfad</i> die Adresse des Verzeichnisse der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> ein, auf das du zugreifen willst (Standard: \\192.168.0.23\public). Soll die Verbindung beim jedem Start von Windows wiederhergestellt werden, aktiviere <i>Verbindung beim Start wiederherstellen</i>.
</p>
<p>
Nun kannst du auf das verschlüsselte Dateisystem wie jedes andere Laufwerk benutzen.
</p>
<h2 id="AbschaltendesverschlsseltenDateisystems">Abschalten des verschlüsselten Dateisystems</h2>
<p>
Du kannst das verschlüsselte Dateisystem abschalten, indem du in der Menü-Zeile des Web-Interfaces der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> auf <i>Deaktivierung der Crypto-Daten</i> klickst.
</p>
<p>
Deine Daten sind nun wieder vor jedem Zugriff geschützt.
</p>
<h2 id="AbschaltungderCryptoBox">Abschaltung der CryptoBox</h2>
<p>
Klicke auf <i>System</i> in der Menü-Zeile des Web-Interfaces. Nun kannst du zwischen <i>Abschaltung</i> und <i>Neustart</i> wählen. Die Abschaltung dauert einige Sekunden.
</p>
<p>
Falls dein CryptoBox-Rechner relativ neu ist (ungefähr ab Baujahr 02000), wird er sich nun selbständig abschalten. Andernfalls musst du dies per Hand tun.
</p>
<h2 id="NotfallAbschaltung">Notfall-Abschaltung</h2>
<p>
Falls du deine Daten wirklich schnell vor neugierigen Augen schützen musst, dann ziehe einfach den Stecker der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a>. Dies ist nicht besonders sauber und kann (in sehr seltenen Ausnahmefällen) geöffnete Dateien beschädigen. Es ist jedoch die schnellste Methode zur Sicherung deiner Daten vor unbefugtem Zugriff.
</p>
<p>
<i>zurück zu <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=de">CryptoBoxUser</a></i>
</p>
<hr />
<h2 id="FragenundAntworten">Fragen und Antworten</h2>
<h3 id="WindowsNetzlaufwerkkannnichtverbundenwerden">Windows: Netzlaufwerk kann nicht verbunden werden</h3>
<p>
<a href='/cryptobox-img/screenshots/de_w98_not_logged_in.png' style='padding:0; border:none'><img src='/cryptobox-img/screenshots/de_w98_not_logged_in.png?format=raw' alt="de_w98_not_logged_in.png" title="de_w98_not_logged_in.png" style="" /></a>
</p>
<p>
Erscheint diese Fehlermeldung, hast du dich beim Start von Windows nicht angemeldet bzw. das Anmeldefenster mit der Taste <i>Esc</i> (Escape) verschwinden lassen. Klicke auf <i>Start</i> und <i>Abmelden</i> und melde dich neu an - sobald das Anmeldefenster erscheint, klicke auf <i>OK</i>:
</p>
<p>
<a href='/cryptobox-img/screenshots/de_w98_login.png' style='padding:0; border:none'><img src='/cryptobox-img/screenshots/de_w98_login.png?format=raw' alt="de_w98_login.png" title="de_w98_login.png" style="" /></a>
</p>
<h3 id="Linuxonlyrootcanunmount192168023public">Linux: only root can unmount //192.168.0.23/public</h3>
<p>
Das Unmounten der Crypto-Partition mit <i>umount</i> funktioniert nicht.
</p>
<p>
<strong>Lösung:</strong> Verwende stattdessen:
</p>
<pre class="wiki">smbumount /mnt
</pre><h3 id="LinuxOperationnotpermittedsmbmntfailed1">Linux: Operation not permitted / smbmnt failed: 1</h3>
<p>
Der Versuch die Partition als normaler Nutzer zu mounten schlägt fehl:
</p>
<pre class="wiki">cannot mount on /mnt/: Operation not permitted
smbmnt failed: 1
</pre><p>
<strong>Lösung:</strong> Das Mount-Verzeichnis muss dem selben Nutzer gehören, der den mount-Befehl ausführt (bspw. phil):
</p>
<pre class="wiki">chown phil. /mnt
</pre><hr />
<h2 id="Kommentare">Kommentare</h2>
<p>
</div>
</div>

57
cbox-tree.d/usr/share/doc/cryptobox/html/de/CryptoBoxUserGettingStarted.html
View file

@ -1,57 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#ErsteSchritte&weblang=de">Erste Schritte</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#HinweiseFallstricke&weblang=de">Hinweise / Fallstricke</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#Kommentare&weblang=de">Kommentare</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxUser">CryptoBoxUser/de</a>, <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration&weblang=de">CryptoBoxUserConfiguration/de</a>)
</p>
<hr />
<h1 id="Wiegehteslos">Wie geht es los</h1>
<h2 id="ErsteSchritte">Erste Schritte</h2>
<p>
Die <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> ist schnell aufgebaut:
</p>
<ol><li>Du brauchst einen alten Computer (mindestens 100MHZ, 48MB RAM) (Faustregel: nach 1996 gekauft). Dazu eine passende Netzwerkkarte, ein CD-ROM Laufwerk und eine riesige Festplatte.
<ul><li>Die Festplatte muss nicht riesig sein, je nachdem was du speichern willst, reicht auch 'ne kleine ;)
</li><li>Du brauchst keinen Monitor, keine Tastatur und keine Maus, um die <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> zu benutzen (bzw. nur für die Erst-Einrichtung).
</li><li>Du kannst natürlich einen schnelleren Rechner verwenden - der unbedeutende Performance-Zuwachs wird jedoch wohl nicht durch den erhöhten Energiebedarf gerechtfertigt.
</li></ul></li><li>Lade die aktuellste Version der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> als iso-image herunter und brenne dieses auf einen CD-Rohling.
<ul><li><a class="ext-link" title="http://codecoop.org/projects/cryptobox/" href="http://codecoop.org/projects/cryptobox/">http://codecoop.org/projects/cryptobox/</a>
</li></ul></li><li>Konfiguriere den PC, so dass er vom CD Laufwerk bootet. Dazu solltest du im BIOS als &#34;boot device&#34; &#34;CD-ROM&#34; einstellen.
</li><li>Pack die frisch gebrannte <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> CD ins Laufwerk und starte den Computer.
</li></ol><p>
Wenn der Computer jetzt von der CD startet, hast du alle Anforderungen erfüllt.
</p>
<p>
Du kannst nun zu deinem Arbeits-Rechner in demselben Netzwerk gehen und &#34;<a class="ext-link" title="https://192.168.0.23&#34;" href="https://192.168.0.23&#34;">https://192.168.0.23&#34;</a> ansurfen. Dort sollte die CryptoBox-Konfigurationsseite erscheinen. Ist doch kinderleicht, oder?
</p>
<p>
Die weiteren Schritte werden unter <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration&weblang=de">CryptoBoxUserConfiguration</a> beschrieben.
</p>
<h2 id="HinweiseFallstricke">Hinweise / Fallstricke</h2>
<ul><li>Eventuell musst du für die Einrichtung der <a href="/cryptobox?action=doc&page=CryptoBox&weblang=de">CryptoBox</a> kurzzeitig deine Netzwerkaddresse (IP) ändern. Falls du nicht weißt, wie und warum, dann frage jemanden um Rat ... (wahrscheinlich klappt es aber ohne Änderungen)
</li><li>Falls du eine neue Festplatte kaufen willst, beachte, dass alte PCs nicht mit modernen Festplattengrößen klarkommen.
</li><li>Einige alte PCs können nicht vom CD-ROM-Laufwerk booten.
</li><li>Falls dir der Begriff &#34;BIOS&#34; nichts sagt, bitte Menschen um Hilfe, bevor du was veränderst ;)
</li><li>Vergiss nicht, den CryptoBox-Rechner ans Netzwerk anzuschliessen!
</li><li>Du brauchst einen Monitor und eine Tastatur für die Konfiguration des BIOS.
</li></ul><hr />
<h2 id="Kommentare">Kommentare</h2>
<p>
</div>
</div>

89
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBox.html
View file

@ -1,89 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBox#News&weblang=en">News</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Download&weblang=en">Download</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Specs&weblang=en">Specs</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Documentation&weblang=en">Documentation</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Development&weblang=en">Development</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Acknowledgements&weblang=en">Acknowledgements</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Legalstuff&weblang=en">Legal stuff</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBox#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<h1 id="TheCryptoBox">The CryptoBox</h1>
<p>
<i><a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">deutsche Version</a></i>
</p>
<h2 id="News">News</h2>
<p>
The first release of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> is available at <a class="ext-link" title="https://codecoop.org/projects/cryptobox/" href="https://codecoop.org/projects/cryptobox/&weblang=en">https://codecoop.org/projects/cryptobox/</a>
</p>
<h2 id="Overview">Overview</h2>
<p>
The <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> is a Debian/Linux based <a class="ext-link" title="http://en.wikipedia.org/wiki/Live_CD" href="http://en.wikipedia.org/wiki/Live_CD">live-cd</a>. This CD boots up, starting a secure fileserver. Even non-technical users are able to store their data on its encrypted harddisk. There is no special knowledge about <a class="ext-link" title="http://en.wikipedia.org/wiki/Cryptography" href="http://en.wikipedia.org/wiki/Cryptography&weblang=en">cryptography</a> or servers required at all.
</p>
<h2 id="Download">Download</h2>
<ul><li><a class="ext-link" title="http://codecoop.org/frs/download.php/32/cryptobox_0.2.iso" href="http://codecoop.org/frs/download.php/32/cryptobox_0.2.iso">version 0.2</a> [106 MB] - <a href="/trac/cryptobox/wiki/ReleaseNotes/0.2">Release notes</a>
<ul><li><i>provided by <a class="ext-link" title="http://codecoop.org" href="http://codecoop.org">http://codecoop.org</a></i>
</li></ul></li></ul><h2 id="Specs">Specs</h2>
<table class="wiki">
<tr><td>system</td><td>Debian/Linux based Live-CD
</td></tr><tr><td>needed hardware</td><td> &#34;outdated&#34; PC (i386 p1-100 32MB RAM minimum)
</td></tr><tr><td>supported clients</td><td><a class="ext-link" title="http://en.wikipedia.org/wiki/Operating_System" href="http://en.wikipedia.org/wiki/Operating_System">*nix; *bsd; Windows; Mac OS</a>
</td></tr><tr><td>fileserver</td><td><a class="ext-link" title="http://samba.org" href="http://samba.org">samba</a> (network shares)
</td></tr><tr><td>userinterface</td><td>fully remote controlled via webbrowser
</td></tr><tr><td>encryption</td><td><a class="ext-link" title="http://en.wikipedia.org/wiki/Advanced_Encryption_Standard" href="http://en.wikipedia.org/wiki/Advanced_Encryption_Standard">AES</a> via device-mapper
</td></tr></table>
<p>
The web interface of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> supports the following languages:
</p>
<ul><li>English
</li><li>German
</li><li>Slovenian
</li></ul><p>
Feel free to contribute a <a href="/trac/cryptobox/browser/trunk/cbox-tree.d/usr/share/cryptobox/lang/">translation</a> for another language (preferably utf-encoded).
</p>
<h2 id="Documentation">Documentation</h2>
<p>
The user documentation has its home at <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=en">CryptoBoxUser</a>.
</p>
<h2 id="Development">Development</h2>
<p>
Take a look at the developer's documentation at <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=en">CryptoBoxDev</a>.
</p>
<p>
Report bugs to <a class="ext-link" title="https://systemausfall.org/trac/cryptobox/newticket" href="https://systemausfall.org/trac/cryptobox/newticket">https://systemausfall.org/trac/cryptobox/newticket</a>.
</p>
<p>
Browse the <a href="/trac/cryptobox/browser/">source code</a>.
</p>
<p>
Anything else? Write us an email: <i>cryptobox[at]systemausfall.org</i>
</p>
<h2 id="Acknowledgements">Acknowledgements</h2>
<p>
<ul><li>Clavdia Horvat, Tadej Brce &amp; Dušan Rebolj - slovenian translation
</li><li><a class="ext-link" title="http://codecoop.org" href="http://codecoop.org">http://codecoop.org</a> - webspace
</li></ul>
</p>
<h2 id="Legalstuff">Legal stuff</h2>
<ol><li>All scripts are <a class="ext-link" title="http://www.fsf.org/licensing/licenses/gpl.html" href="http://www.fsf.org/licensing/licenses/gpl.html">GPL licensed</a>
</li><li>The documentation is licensed under a <a class="ext-link" title="http://creativecommons.org/licenses/by-sa-nc/2.0/" href="http://creativecommons.org/licenses/by-sa-nc/2.0/">Creative Commons License</a><i></i>
</li><li>We do not take any warranty for the functionality or usability of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</li></ol><hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

107
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxDev.html
View file

@ -1,107 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Preparationsfordevelopers&weblang=en">Preparations for developers</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Softwarerequirements&weblang=en">Software requirements</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Packages&weblang=en">Packages</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Kernel&weblang=en">Kernel</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Getthesource&weblang=en">Get the source</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Firstbuild&weblang=en">First build</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Finished&weblang=en">Finished</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Comments&weblang=en">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Developmentworkflow&weblang=en">Development workflow</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Preparations&weblang=en">Preparations</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#CreateaCryptoBoxLiveCD&weblang=en">Create a CryptoBox-LiveCD</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Buildthebasesystem&weblang=en">Build the base system</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Configurethebaseimage&weblang=en">Configure the base image</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Removedevelopmentfeatures&weblang=en">Remove development features</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Createanisoimage&weblang=en">Create an iso image</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#BurntheCD&weblang=en">Burn the CD</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#TesttheCryptoBoxLiveCD&weblang=en">Test the CryptoBox-LiveCD</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Chrootquickampdirtytests&weblang=en">Chroot: quick &amp; dirty tests</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Qemunearlycompleteemulation&weblang=en">Qemu: nearly complete emulation</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Debuggingandmerging&weblang=en">Debugging and merging</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Developmentonarunningsystem&weblang=en">Development on a running system</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Uploadinganewrelease&weblang=en">Uploading a new release</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Comments&weblang=en">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#CustombuildsoftheCryptoBox&weblang=en">Custom builds of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Settings&weblang=en">Settings</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#dfsbuildsettings&weblang=en">dfsbuild settings</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#CryptoBoxdevelopmentconfiguration&weblang=en">CryptoBox development configuration</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#SSHconnection&weblang=en">SSH connection</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#qemunetworkconfiguration&weblang=en">qemu network configuration</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Comments&weblang=en">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#CustomconfigurationoftheCryptoBox&weblang=en">Custom configuration of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Locations&weblang=en">Locations</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Examples&weblang=en">Examples</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Comments&weblang=en">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#ValidationoftheCryptoBox&weblang=en">Validation of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Validate&weblang=en">Validate</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Howtocreateatest&weblang=en">How to create a test</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Comments&weblang=en">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#DetailsoftheCryptoBox&weblang=en">Details of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#dfsbuild&weblang=en">dfsbuild</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#thekernel&weblang=en">the kernel</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#qemu&weblang=en">qemu</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#alternativeLiveCDs&weblang=en">alternative LiveCDs</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#Comments&weblang=en">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#Knownproblems&weblang=en">Known problems</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#qemu&weblang=en">qemu</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#interleavedfilesnotyetsupported&weblang=en">interleaved files not (yet) supported</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#smbdsegfault&weblang=en">smbd: segfault</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#Comments&weblang=en">Comments</a></li>
</ol>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox/de</a>, <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox/en</a>)
</p>
<hr />
<h1 id="Developmentdocumentation">Development documentation</h1>
<p>
The following pages are written for developers only. <br />
Users of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> should read <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=en">CryptoBoxUser</a> instead.
</p>
<ul><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation&weblang=en">CryptoBoxDevPreparation</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow&weblang=en">CryptoBoxDevWorkFlow</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=en">CryptoBoxDevCustomBuild</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure&weblang=en">CryptoBoxDevCustomConfigure</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation&weblang=en">CryptoBoxDevValidation</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground&weblang=en">CryptoBoxDevBackground</a>
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems&weblang=en">CryptoBoxDevKnownProblems</a>
</li></ul><h2 id="Source">Source</h2>
<p>
You may browse the <a href="/trac/cryptobox/browser/">source code</a>.
</p>
<h2 id="Contact">Contact</h2>
<p>
We are waiting for your emails to <i>cryptobox[at]systemausfall.org</i>.
</p>
<h2 id="Bugreports">Bug reports</h2>
<p>
Please use our issue tracker, if you discover problems: <a class="ext-link" title="https://systemausfall.org/trac/cryptobox/newticket" href="https://systemausfall.org/trac/cryptobox/newticket">https://systemausfall.org/trac/cryptobox/newticket</a>
</p>
</div>
</div>

61
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxDevBackground.html
View file

@ -1,61 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#dfsbuild&weblang=en">dfsbuild</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#thekernel&weblang=en">the kernel</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#qemu&weblang=en">qemu</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#alternativeLiveCDs&weblang=en">alternative LiveCDs</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevBackground#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=en">CryptoBoxDev</a>)
</p>
<hr />
<h1 id="DetailsoftheCryptoBox">Details of the CryptoBox</h1>
<h2 id="dfsbuild">dfsbuild</h2>
<p>
The base system of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> Live-CD is created by <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild&weblang=en">dfsbuild</a>.
</p>
<p>
It is recommended to use some kind of caching tool for the retrieval of the debian packages (e.g.: <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher">apt-cacher</a>, <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-proxy" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-proxy">apt-proxy</a> or <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=approx" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=approx">approx</a>). This saves a lot of bandwidth and time.
</p>
<p>
The documentation for <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild">dfsbuild</a> is sparse. But it is quite unlikely, that you will get in direct contact with it, as it is wrapped by <a href="/trac/cryptobox/browser/trunk/scripts/cbox-build.sh">cbox-build</a>. However the following links may help you for specific problems:
</p>
<ul><li><a class="ext-link" title="http://www.debian-administration.org/articles/125" href="http://www.debian-administration.org/articles/125">Debian Administration: Building Debian CD-ROMS Part 1 - dfsbuild</a>
</li><li><a class="ext-link" title="http://www.debian-administration.org/articles/149" href="http://www.debian-administration.org/articles/149">Debian Administration: Getting in deep with dfsbuild</a>
</li></ul><h2 id="thekernel">the kernel</h2>
<p>
The linux kernel for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> is compiled statically. If you want to change it, you could follow this steps:
</p>
<ol><li>get the sources: <tt>apt-get install kernel-tree-2.6.11</tt> (or the version of your choice)
</li><li>copy the exisiting config file <i>kernel/config-2.6.11</i> as <i>.config</i> into your kernel source directory
</li><li>build the debian kernel package <tt>make-kpkg --revision=1.dfs --rootcmd=fakeroot kernel_image</tt>
</li><li>change the kernel in the <i>unpackdebs</i> setting in <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/dfs-cbox.conf">dfs-cbox.conf</a> (see <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=en">CryptoBoxDevCustomBuild</a> for details)
</li></ol><h2 id="qemu">qemu</h2>
<p>
<a class="ext-link" title="http://fabrice.bellard.free.fr/qemu/" href="http://fabrice.bellard.free.fr/qemu/">Qemu</a> is a portable system emulator. It is a convenient tool to ease the development workflow, as you do not need to burn LiveCDs for testing.
</p>
<h2 id="alternativeLiveCDs">alternative LiveCDs</h2>
<p>
We tried some other LiveCDs before we decided to use <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild">dfsbuild</a>. The following pages describe their advantages and disadvantages as the base system for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>:
</p>
<ul><li><a href="/cryptobox?action=doc&page=CryptoBoxKnoppixVerworfen&weblang=en">CryptoBoxKnoppixVerworfen</a> - Knoppix
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxMorphixVerworfen&weblang=en">CryptoBoxMorphixVerworfen</a> - Morphix / IBuild
</li></ul><hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

85
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxDevCustomBuild.html
View file

@ -1,85 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Settings&weblang=en">Settings</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#dfsbuildsettings&weblang=en">dfsbuild settings</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#CryptoBoxdevelopmentconfiguration&weblang=en">CryptoBox development configuration</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#SSHconnection&weblang=en">SSH connection</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#qemunetworkconfiguration&weblang=en">qemu network configuration</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev">CryptoBoxDev</a>, <a href="/cryptobox?action=doc&page=CryptoBoxDevBackground">CryptoBoxDevBackground</a>, <a href="/trac/cryptobox/wiki/CryptoBoxDevPreparation">CryptoBoxDevPreparation</a>, <a href="/trac/cryptobox/wiki/CryptoBoxDevWorkFlow&weblang=en">CryptoBoxDevWorkFlow</a>)
</p>
<hr />
<h1 id="CustombuildsoftheCryptoBox">Custom builds of the CryptoBox</h1>
<h2 id="Overview">Overview</h2>
<p>
The following sections are useful, if you want to change the default settings of your personal <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> development environment.
</p>
<p>
You should have completed the steps described in <a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation&weblang=en">CryptoBoxDevPreparation</a>.
</p>
<h2 id="Settings">Settings</h2>
<h3 id="dfsbuildsettings">dfsbuild settings</h3>
<p>
All settings for <i>dfsbuild</i> can be found in <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/dfs-cbox.conf">etc-defaults.d/dfs-cbox.conf</a>.
</p>
<p>
If you want to change any of them, you should do the following:
</p>
<ol><li>copy <i>etc-defaults.d/dfs-cbox.conf</i> file to <i>etc-local.d/</i>
</li><li>change <i>etc-local.d/dfs-cbox.conf</i> according to your needs
</li></ol><p>
This allows you to use your own (personal) settings, without interfering with files under version control.
</p>
<h3 id="CryptoBoxdevelopmentconfiguration">CryptoBox development configuration</h3>
<p>
Some settings regarding the building, configuring and validating of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> can be found in <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/cbox-dev.conf&weblang=en">etc-defaults.d/cbox-dev.conf</a>.
</p>
<p>
If you want to change any of them, you should do the following:
</p>
<ol><li>copy <i>etc-defaults.d/cbox-dev.conf</i> file to <i>etc-local.d/</i>
</li><li>change <i>etc-local.d/cbox-dev.conf</i> according to your needs
</li></ol><h3 id="SSHconnection">SSH connection</h3>
<p>
The file <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/ssh_config">ssh_config</a> is used to establish a connection to a running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> system.
</p>
<p>
It can be necessary to change these settings, if:
</p>
<ul><li>you do not want to use the default IP for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>
</li><li>or the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> is not within your local network.
</li></ul><p>
If you want to change some settings, you should do the following:
</p>
<ol><li>copy <i>etc-defaults.d/ssh_config</i> file to <i>etc-local.d/</i>
</li><li>change <i>etc-local.d/ssh_config</i> according to your needs
</li></ol><h3 id="qemunetworkconfiguration">qemu network configuration</h3>
<p>
The file <a href="/trac/cryptobox/browser/trunk/etc-defauolts.d/qemu-ifup">etc-defauolts.d/qemu-ifup</a> is used for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> emulation with <i>qemu</i>. See <i>man qemu</i> for details.
</p>
<p>
If you want to change some settings, you should do the following:
</p>
<ol><li>copy <i>etc-defaults.d/qemu-ifup</i> file to <i>etc-local.d/</i>
</li><li>change <i>etc-local.d/qemu-ifup</i> according to your needs
</li></ol><hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

60
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxDevCustomConfigure.html
View file

@ -1,60 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Locations&weblang=en">Locations</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Examples&weblang=en">Examples</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=en">CryptoBoxDev</a>)
</p>
<hr />
<h1 id="CustomconfigurationoftheCryptoBox">Custom configuration of the CryptoBox</h1>
<h2 id="Overview">Overview</h2>
<p>
You may change nearly every aspect of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> by using the custom configuration hook directory.
</p>
<p>
Any script inside of this directory will be executed after the default configuration procedure (see <a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow&weblang=en">CryptoBoxDevWorkFlow</a>).
</p>
<p>
The order of execution is defined by the names of the scripts (alphabetically).
</p>
<h2 id="Locations">Locations</h2>
<p>
Some example customization scripts can be found in <a href="/trac/cryptobox/browser/trunk/configure-examples.d">configure-examples.d/</a>.
</p>
<p>
You may put your scripts into <i>configure-local.d/</i>. They will be sourced by <a href="/trac/cryptobox/browser/trunk/scripts/cbox-build.sh">cbox-build.sh</a>.
</p>
<h2 id="Examples">Examples</h2>
<p>
The examples in <a href="/trac/cryptobox/browser/trunk/configure-examples.d">configure-examples.d/</a> can be copied to <i>configure-local.d/</i> and adjusted to your needs.
</p>
<table class="wiki">
<tr><td>set_default_ip</td><td>change the default IP address of the CryptoBox
</td></tr><tr><td>set_default_language</td><td>set the default language
</td></tr><tr><td>set_default_timeout</td><td>set the default idle time for automatic unmounting
</td></tr><tr><td>set_hostname</td><td>change the default hostname
</td></tr><tr><td>set_root_pw</td><td>change the password of root (only useful for a development <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>)
</td></tr><tr><td>import_authorized_keys</td><td>upload a <i>ssh</i> key for passwordless access to a development CryptoBox
</td></tr><tr><td>set_scan_devices</td><td>where to look for usable harddisks
</td></tr></table>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

39
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxDevKnownProblems.html
View file

@ -1,39 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#qemu&weblang=en">qemu</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#interleavedfilesnotyetsupported&weblang=en">interleaved files not (yet) supported</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#smbdsegfault&weblang=en">smbd: segfault</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevKnownProblems#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=en">CryptoBoxDev</a>)
</p>
<hr />
<h1 id="Knownproblems">Known problems</h1>
<h2 id="qemu">qemu</h2>
<h3 id="interleavedfilesnotyetsupported">interleaved files not (yet) supported</h3>
<p>
You should update <i>qemu</i> to version 0.7 or higher.
</p>
<h3 id="smbdsegfault">smbd: segfault</h3>
<p>
This happens under certain circumstances. We do not know a solution for this problem.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

77
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxDevPreparation.html
View file

@ -1,77 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Softwarerequirements&weblang=en">Software requirements</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Packages&weblang=en">Packages</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Kernel&weblang=en">Kernel</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Getthesource&weblang=en">Get the source</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Firstbuild&weblang=en">First build</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Finished&weblang=en">Finished</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev">CryptoBoxDev</a>, <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild">CryptoBoxDevCustomBuild</a>, <a href="/trac/cryptobox/wiki/CryptoBoxDevWorkFlow&weblang=en">CryptoBoxDevWorkFlow</a>)
</p>
<hr />
<h1 id="Preparationsfordevelopers">Preparations for developers</h1>
<h2 id="Softwarerequirements">Software requirements</h2>
<h3 id="Packages">Packages</h3>
<p>
We use <a class="ext-link" title="http://debian.org" href="http://debian.org">Debian</a> as our development environment. This was a natural choice, as the CryptoBox-LiveCD is also based on Debian. Other distributions should work too, of course - <i>your mileage may vary</i>.
</p>
<p>
required:
</p>
<ul><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=dfsbuild">dfsbuild</a>
</li><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=subversion" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=subversion">subversion</a>
</li><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=chroot" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=chroot">chroot</a>
</li></ul><p>
recommended:
</p>
<ul><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher">apt-cacher</a>, <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-proxy" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-proxy"> apt-proxy</a> or <a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=approx" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=approx">approx</a>
</li><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=qemu" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=qemu">qemu</a>
</li><li><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=curl" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=curl">curl</a>
</li></ul><h3 id="Kernel">Kernel</h3>
<p>
If you want to use <a class="ext-link" title="http://fabrice.bellard.free.fr/qemu/" href="http://fabrice.bellard.free.fr/qemu/">qemu</a> to test your <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> in a virtual environment, then you will need the <i>tun/tap</i> kernel feature.
</p>
<pre class="wiki">CONFIG_TUN=m
</pre><h2 id="Getthesource">Get the source</h2>
<p>
Download the latest release from our <a class="ext-link" title="http://subversion.tigris.org" href="http://subversion.tigris.org">subversion</a>-Repository:
</p>
<pre class="wiki">svn checkout https://svn.systemausfall.org/svn/cryptobox/trunk
</pre><h2 id="Firstbuild">First build</h2>
<p>
run <tt>scripts/cbox-build.sh release</tt> as <i>root</i> - hopefully, there should be no errors :)
</p>
<p>
Hint: This step will fail, if you did not install <i>apt-cacher</i>. See <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=en">CryptoBoxDevCustomBuild</a> for details on how to change the build-configuration settings (in this case: <i>mirror</i> in <i>dfs-cbox.conf</i>).
</p>
<h2 id="Finished">Finished</h2>
<p>
Now you can start to pariticipate in the development of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> or simply customize your own CryptoBox-LiveCD.
</p>
<p>
See <a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow">CryptoBoxDevWorkFlow</a> for details of how to use the developer's tools of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</p>
<p>
<a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild">CryptoBoxDevCustomBuild</a> shows some examples for local customizations of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

78
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxDevValidation.html
View file

@ -1,78 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Validate&weblang=en">Validate</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Howtocreateatest&weblang=en">How to create a test</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevValidation#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev&weblang=en">CryptoBoxDev</a>)
</p>
<hr />
<h1 id="ValidationoftheCryptoBox">Validation of the CryptoBox</h1>
<h2 id="Overview">Overview</h2>
<p>
The validation feature helps you to check the programming logic of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a>. A lot of test cases are defined to verify as many functions of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> as possible.
</p>
<p>
The requests are processed with <a class="ext-link" title="http://curl.haxx.se/" href="http://curl.haxx.se/">curl</a>.
</p>
<p>
The received web page is saved to allow a later design review or css debugging.
</p>
<p>
The current state of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> is represented by ten single values (e.g.: <i>box is configured</i>, <i>IP of the box</i>, <i>current language setting</i>, ...), which are invisibly a part of each html page (as comments). The returned status of every request is compared to the predicted value of the test case.
</p>
<p>
Similar test cases are pooled into test groups (e.g.: <i>initialization</i>, <i>configuration</i> and <i>mounting</i>).
</p>
<h2 id="Validate">Validate</h2>
<p>
Run <i><a href="/trac/cryptobox/browser/trunk/scripts/validate.sh">scripts/validate.sh</a>]</i> to conduct all tests of all groups. See <i>scripts/validate.sh help</i> for other actions.
</p>
<p>
The results will be saved in <i>validation/report</i>.
</p>
<p>
In addition to every single retrieved page, a html page called <i>summary-?.html</i> is created, which contains the state checks of all tests in a group.
</p>
<h2 id="Howtocreateatest">How to create a test</h2>
<p>
All test cases can be found in <i>validation/test-cases</i>.
</p>
<p>
Every test consists of the following files:
</p>
<table class="wiki">
<tr><td>input.curl</td><td>the configuration file for the <i>curl</i> request
</td></tr><tr><td>output</td><td>the predicted state of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> after the call
</td></tr><tr><td>description</td><td>a short description of the test (will be used for the summary)
</td></tr><tr><td>delay</td><td>[optional] time to wait after this test
</td></tr></table>
<p>
Use the existing test cases as templates for new tests.
</p>
<p>
Read <a href="/trac/cryptobox/browser/trunk/validation/test-cases/README">validation/test-cases/README</a> for details.
</p>
<p>
Every logical path of the web interface CGI should be validated by a test case.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

151
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxDevWorkFlow.html
View file

@ -1,151 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Preparations&weblang=en">Preparations</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#CreateaCryptoBoxLiveCD&weblang=en">Create a CryptoBox-LiveCD</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Buildthebasesystem&weblang=en">Build the base system</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Configurethebaseimage&weblang=en">Configure the base image</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Removedevelopmentfeatures&weblang=en">Remove development features</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Createanisoimage&weblang=en">Create an iso image</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#BurntheCD&weblang=en">Burn the CD</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#TesttheCryptoBoxLiveCD&weblang=en">Test the CryptoBox-LiveCD</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Chrootquickampdirtytests&weblang=en">Chroot: quick &amp; dirty tests</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Qemunearlycompleteemulation&weblang=en">Qemu: nearly complete emulation</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Debuggingandmerging&weblang=en">Debugging and merging</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Developmentonarunningsystem&weblang=en">Development on a running system</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Uploadinganewrelease&weblang=en">Uploading a new release</a></li>
</ol><li><a href="/cryptobox?action=doc&page=CryptoBoxDevWorkFlow#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxDev">CryptoBoxDev</a>, <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomConfigure">CryptoBoxDevCustomConfigure</a>, <a href="/trac/cryptobox/wiki/CryptoBoxDevPreparation&weblang=en">CryptoBoxDevPreparation</a>)
</p>
<hr />
<h1 id="Developmentworkflow">Development workflow</h1>
<h2 id="Preparations">Preparations</h2>
<p>
You should have completed the steps described in <a href="/cryptobox?action=doc&page=CryptoBoxDevPreparation&weblang=en">CryptoBoxDevPreparation</a>.
</p>
<h2 id="CreateaCryptoBoxLiveCD">Create a CryptoBox-LiveCD</h2>
<p>
The following steps can be executed in the order of their appearance.
</p>
<p>
Usually there is no need to repeat the whole process, after you changed some parts of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>. Especially the first step (building of the base system with <i>dfsbuild</i>) may usually be skipped.
</p>
<p>
Every step of the building process must be executed as <i>root</i>.
</p>
<h3 id="Buildthebasesystem">Build the base system</h3>
<p>
Run <i>scripts/cbox-build.sh dfsbuild</i> to create the base system for the LiveCD.
</p>
<p>
The result can be found in <i>_builddir/cd1/image</i>.
</p>
<p>
If you do not want to use the <i><a class="ext-link" title="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=0&amp;version=all&amp;release=all&amp;keywords=apt-cacher">apt-cacher</a> to save bandwidth and time, then you should modify the </i>mirror<i>-setting in <a href="/trac/cryptobox/browser/trunk/etc-default.d/dfs-cbox.conf">dfs-cbox.conf</a> (see <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=en">CryptoBoxDevCustomBuild</a> for details).</i>
</p>
<h3 id="Configurethebaseimage">Configure the base image</h3>
<p>
Run <i>scripts/cbox-build.sh config</i> to copy the CryptoBox-specific files to the base image.
</p>
<p>
TODO: link to cbox-build.sh-manpage
</p>
<h3 id="Removedevelopmentfeatures">Remove development features</h3>
<p>
The original base system, that was created by <i>dfsbuild</i> contains a lot packages and some scripts, that are only useful during development. You should remove them, as they cause severe security implications.
</p>
<p>
To reduce the CryptoBox-LiveCD to the usable minimum for operational use, you should run <i>scripts/cbox-build.sh harden</i>.
</p>
<h3 id="Createanisoimage">Create an iso image</h3>
<p>
To burn a CryptoBox-LiveCD, you need an bootable <i>iso9660</i>-image.
</p>
<p>
Create the <i>iso</i> image with <i>scripts/cbox-build.sh iso</i>. The resulting file can be found at <i>_builddir/cd1/cryptobox.iso</i>.
</p>
<h3 id="BurntheCD">Burn the CD</h3>
<p>
Do it manually:
</p>
<pre class="wiki">cdrecord -v dev=0,0,0 _builddir/cryptobox.iso
</pre><p>
(change the <i>dev</i> setting according to your setup).
</p>
<p>
Let the script do it for you: <i>scripts/cbox-build.sh burn</i> (maybe you have to change the <i>CDWRITER</i> setting in <a href="/trac/cryptobox/browser/trunk/etc-defaults.d/cbox-dev.conf">cbox-dev.conf</a> - see <a href="/cryptobox?action=doc&page=CryptoBoxDevCustomBuild&weblang=en">CryptoBoxDevCustomBuild</a>).
</p>
<p>
Of course, it is not wise to use CD-R media. CD-RW consume less resources.
</p>
<h2 id="TesttheCryptoBoxLiveCD">Test the CryptoBox-LiveCD</h2>
<p>
This section is only useful for developers, who want to improve or change the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> system.
</p>
<h3 id="Chrootquickampdirtytests">Chroot: quick &amp; dirty tests</h3>
<p>
If you modified the <i>perl</i>- or <i>shell</i>-scripts of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>, then you can check for syntax errors by running them in a <i>chroot</i> environment. Be careful: you have access to all ressources of your computer, while you are working within a <i>chroot</i> environment - so you can easily repartition your real disk ...
</p>
<p>
To start a <i>chroot</i> environment, you can execute <i>scripts/cbox-dev.sh chroot</i>.
</p>
<p>
For more intensive tests, you may use <i>qemu</i> (see below) or burn real LiveCDs - of course this would take much more time.
</p>
<h3 id="Qemunearlycompleteemulation">Qemu: nearly complete emulation</h3>
<p>
The processor emulator <a class="ext-link" title="http://fabrice.bellard.free.fr/qemu" href="http://fabrice.bellard.free.fr/qemu">qemu</a> allows you test the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> in a virtual environment, that is completely separated from your real computer's resources. It is the tool of choice, if you do nat have a real computer around for testing.
</p>
<p>
Beware - there are some problems, when using <i>qemu</i>:
</p>
<ul><li><i>smbd</i> does not start (segfault)
</li><li>???
</li></ul><p>
To start a <i>qemu</i> emulation of the <i>iso</i> image, you may type:
</p>
<pre class="wiki">scripts/cbox-dev.sh qemu
</pre><h2 id="Debuggingandmerging">Debugging and merging</h2>
<p>
This section is only useful for developers, who want to develop on a running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> system (emulated or real).
</p>
<p>
You may access the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> directly or you can use <i>ssh</i> to open a remote session:
</p>
<pre class="wiki">./cbox-dev.sh ssh
</pre><h3 id="Developmentonarunningsystem">Development on a running system</h3>
<p>
When you run an emulation or test a real LiveCD, you may encounter problems and bugs. To test your fixes for these problems, it is convenient, to change the running test system. Afterwards you can merge these changes to your local development copy.
</p>
<p>
Type <i>scripts/cbox-dev.sh diff</i> to see the changes, you made on the running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> system.
</p>
<p>
Type <i>scripts/cbox-dev.sh merge</i> to merge these changes to your local working copy.
</p>
<h3 id="Uploadinganewrelease">Uploading a new release</h3>
<p>
Alternatively you may also upload a new version of your local working copy to the running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> system.
</p>
<p>
Type <i>scripts/cbox-dev.sh upload</i> - beware: all recent changes you made to the running <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> system, are lost.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

60
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxUser.html
View file

@ -1,60 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#Gettingstarted&weblang=en">Getting started</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#FirstSteps&weblang=en">First Steps</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#HintsCaveats&weblang=en">Hints / Caveats</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#Comments&weblang=en">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#ConfigurationofyourCryptoBox&weblang=en">Configuration of your CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Foreword&weblang=en">Foreword</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Initialization&weblang=en">Initialization</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Configuration&weblang=en">Configuration</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#HintsCaveats&weblang=en">Hints / Caveats</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Comments&weblang=en">Comments</a></li>
</ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#DailyuseoftheCryptoBox&weblang=en">Daily use of the CryptoBox</a></li>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Activateyourencryptedfilesystem&weblang=en">Activate your encrypted filesystem</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Useyourencrypteddata&weblang=en">Use your encrypted data</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Deactivateyourencryptedfilesystem&weblang=en">Deactivate your encrypted filesystem</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#ShutdownyourCryptoBox&weblang=en">Shut down your CryptoBox</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Incaseofemergency&weblang=en">In case of emergency</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#QuestionsandAnswers&weblang=en">Questions and Answers</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Comments&weblang=en">Comments</a></li>
</ol>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox/en</a>, <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=en">CryptoBoxUser</a>)
</p>
<hr />
<h1 id="UserDocumentation">User Documentation</h1>
<p>
The following pages describe the easy use of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</p>
<p>
The online version of this manual is a wiki, which means you can edit the pages. So if you have a question or you perceive a description as unclear, please post it on the bottom of the relevant page. The developers will answer your questions and update the manual as fast as possible. This way you can contribute in making the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> a better experience for everyone!
</p>
<ol><li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted&weblang=en">CryptoBoxUserGettingStarted</a> -- first steps to get the Cryptobox up and running
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration&weblang=en">CryptoBoxUserConfiguration</a> -- configure the details of your new encrypted fileserver
</li><li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse">CryptoBoxUserDailyUse</a> -- daily use of your <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>
</li></ol><p>
The online version of this manual can be found at <a class="ext-link" title="https://systemausfall.org/trac/cryptobox/wiki/CryptoBoxUser/en" href="https://systemausfall.org/trac/cryptobox/wiki/CryptoBoxUser/en">https://systemausfall.org/trac/cryptobox/wiki/CryptoBoxUser/en</a>.
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

103
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxUserConfiguration.html
View file

@ -1,103 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Overview&weblang=en">Overview</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Foreword&weblang=en">Foreword</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Initialization&weblang=en">Initialization</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Configuration&weblang=en">Configuration</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#HintsCaveats&weblang=en">Hints / Caveats</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxUser">CryptoBoxUser/en</a>, <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration&weblang=en">CryptoBoxUserConfiguration</a>)
</p>
<hr />
<h1 id="ConfigurationofyourCryptoBox">Configuration of your CryptoBox</h1>
<h2 id="Overview">Overview</h2>
<p>
All parts of administration of the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> are done through a comfortable web interface. If this is the first time you use the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>, just follow the steps below.
</p>
<p>
You can safely ignore the <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Foreword&weblang=en">Foreword</a> if you are in a hurry.
</p>
<p>
<a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Initialization">Initialization</a> describes the process of integrating a new harddisk. You usually have to perform this steps if you start with a new <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> or after replacing the harddisk.
</p>
<p>
In the <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#Configuration">Configuration</a> section, you can configure the <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> according to your personal needs, e.g. change your desired language for the web interface or change the IP address of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</p>
<p>
Do not forget to read the <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration#HintsCaveats&weblang=en">Hints / Caveats</a> section too.
</p>
<h2 id="Foreword">Foreword</h2>
<p>
Okay, you finished the <a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted">CryptoBoxUserGettingStarted</a> and are now sitting in front of a computer that is connected via network with your <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a>. You point a browser to &#34;<a class="ext-link" title="https://192.168.0.23&#34;" href="https://192.168.0.23&#34;">https://192.168.0.23&#34;</a> and the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> interface appears.
</p>
<p>
Before you can save data on your <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>, its harddisk has to be formatted with a cryptographic filesystem. Sounds complicated but don't be scared - it's really a &#34;one click&#34; thing. :)
</p>
<h2 id="Initialization">Initialization</h2>
<p>
Click on <i>Initialize CryptoBox</i> in the title bar.
</p>
<p>
Now you are promted to enter two passwords twice (because we want to train your typing skills ;).
</p>
<ul><li>The first password is the <i>administration password</i>.
<ul><li>It is used to protect the configuration of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</li><li>This is necessary to make sure, that no one without your permission can destroy your data by re-initializing the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</li><li>Chances are good, that you will only need it once.
</li><li>You may leave it empty, but this is not recommended.
</li></ul></li><li>The <i>crypto password</i> is the more important password, protecting the data on your harddisk. Choose it wisely!
<ul><li>You will need it, whenever you want to access your encrypted data.
</li><li>For a secure password consider a length of at least 15 characters including digits and special characters. The security of your encrypted data stands or falls with a good password.
</li></ul></li><li>To avoid mistakes and to remind you on what you're going to do, you have to type the displayed red phrase into the last field.
</li><li>Now you can complete the initialization by clicking on the <i>Initialize !CryptoBox</i> button at the bottom of the form.
</li></ul><p>
That's all. Wasn't it a real &#34;one click&#34; thing? Cryptography has never been easier to use. ;)
</p>
<p>
The initialization process takes place in the background and will be completed after a few minutes, depending on your harddisk's size.
</p>
<h2 id="Configuration">Configuration</h2>
<p>
While the initialization is usually done only once, the configuration can be changed at any time you want. You can reach it by clicking at <i>Configuration</i> in the menu bar of the website. Now you see a form with four fields:
</p>
<ul><li>If you defined a administration passwort during <i>Initialization</i>, you have to enter it first. Otherwise this field does not appear.
</li><li>If the default network address (IP) doesn't fit into your network infrastructure, you can change it in the second field.
</li><li>The timeout defines the amount of time (in minutes) after that the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> deactivates the access to the encrypted data. If you e.g. copy a file on the box, it starts counting at zero, so down-/uploads won't be interrupted.
</li><li>It's good choice to enter a small number (few minutes).
</li><li>A timeout of <i>0</i> turns off the automatic deactivation - this is not recommended.
</li><li>At <i>language preferences</i> you can select the default language for the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> interface.
</li></ul><p>
Complete your changes by clicking on <i>Save configuration</i>.
</p>
<p>
That's all - your <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a> is now ready for <a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse&weblang=en">daily use</a>!
</p>
<h2 id="HintsCaveats">Hints / Caveats</h2>
<ul><li>All data on the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> harddisk will be erased during <i>Initialization</i>.
</li><li>All passwords have to be typed twice to reduce the chance of a typo.
</li><li>The optional adminstration password is necessary for configuration only.
</li><li>The crypto password protects your beloved data.
</li><li>If the cryptobox is not reachable by browsing to 192.168.0.23, you may have to adjust the network settings of your computer for initialization of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</li></ul><p>
<i>back to <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=en">CryptoBoxUser</a></i>
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

114
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxUserDailyUse.html
View file

@ -1,114 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Activateyourencryptedfilesystem&weblang=en">Activate your encrypted filesystem</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Useyourencrypteddata&weblang=en">Use your encrypted data</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Deactivateyourencryptedfilesystem&weblang=en">Deactivate your encrypted filesystem</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#ShutdownyourCryptoBox&weblang=en">Shut down your CryptoBox</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Incaseofemergency&weblang=en">In case of emergency</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#QuestionsandAnswers&weblang=en">Questions and Answers</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserDailyUse#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxUser">CryptoBoxUser/en</a>, <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration">CryptoBoxUserConfiguration/en</a>, <a href="/trac/cryptobox/wiki/CryptoBoxUserDailyUse&weblang=en">CryptoBoxUserDailyUse</a>)
</p>
<hr />
<h1 id="DailyuseoftheCryptoBox">Daily use of the CryptoBox</h1>
<h2 id="Activateyourencryptedfilesystem">Activate your encrypted filesystem</h2>
<p>
You can activate your encrypted filesystem by doing following these steps:
</p>
<ul><li>Point your web browser at the address of your <a href="/cryptobox?action=doc&page=CryptoBox">CryptoBox</a>. The default is <a class="ext-link" title="https://192.168.0.23" href="https://192.168.0.23&weblang=en">https://192.168.0.23</a>.
</li><li>Click on <i>Activation of encrypted data</i>. A new page asking for your crypto password appears.
</li><li>Enter your crypto password and click on the button below labeled <i>activate encrypted filesystem</i>.
</li></ul><p>
Now the filesystem is accessible. To use it, search for a computer in your network neighborhood. When asked for the name, enter the above IP address (default: 192.168.0.23). Now you can use it like any other network resource.
</p>
<h2 id="Useyourencrypteddata">Use your encrypted data</h2>
<h3 id="Linuxcommandline">Linux - command line</h3>
<p>
To use the encrypted data partition with regular user rights add the line below to your <i>/etc/fstab</i>:
</p>
<pre class="wiki">//192.168.0.23/public /mnt/ smbfs defaults,noexec,noauto,user,guest 0 0
</pre><p>
Now you can mount the encrypted data partition to /mnt:
</p>
<pre class="wiki">mount /mnt
</pre><p>
resp. unmount:
</p>
<pre class="wiki">smbumount /mnt
</pre><h3 id="Windows">Windows</h3>
<p>
Run the the Windows Explorer and choose <i>Map network drive</i> in the <i>Extras</i> menu:
</p>
<ul><li>select a drive of your choice
</li><li>enter <i>\\192.168.0.23\public</i> (default setting) as target
</li></ul><p>
Now you can use your encrypted data like any other network resource.
</p>
<h2 id="Deactivateyourencryptedfilesystem">Deactivate your encrypted filesystem</h2>
<p>
You can deactivate the encrypted filesystem by clicking at <i>Deactivation of encrypted data</i> in the web interface of your <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a>.
</p>
<p>
Your data is now protected again.
</p>
<h2 id="ShutdownyourCryptoBox">Shut down your CryptoBox</h2>
<p>
Click at the <i>Shutdown</i> link in the menu of the web interface. There you can choose <i>poweroff</i> or <i>reboot</i>. The shutdown takes some seconds.
</p>
<p>
If the hardware of your <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> is quite recent, it will power-off automatically. Otherwise you have to do it manually.
</p>
<h2 id="Incaseofemergency">In case of emergency</h2>
<p>
If you have to protect the drive really fast, just power-off the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> machine instantly by pulling the plug or pushing the power button. This is not very clean and can (in very rare circumstances) corrupt open files, but it is the fasted method to secure your data.
</p>
<p>
<i>back to <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=en">CryptoBoxUser</a></i>
</p>
<hr />
<h2 id="QuestionsandAnswers">Questions and Answers</h2>
<h3 id="Windowsnetworkdrivecannotbemapped">Windows: network drive cannot be mapped</h3>
<p>
This error message may appear, if you did not login during the booting of you windows machine (or you closed the login dialog by pressing ESC).
</p>
<p>
<strong>Solution:</strong> Choose <i>Logout</i> in the <i>Start</i> menu and login again.
</p>
<h3 id="Linuxonlyrootcanunmount192168023public">Linux: only root can unmount //192.168.0.23/public</h3>
<p>
You can't unmount the partition with <i>umount</i>.
</p>
<p>
<strong>Solution:</strong> Use <i>smbumount</i> instead:
</p>
<pre class="wiki">smbumount /mnt
</pre><h3 id="LinuxOperationnotpermittedsmbmntfailed1">Linux: Operation not permitted / smbmnt failed: 1</h3>
<p>
The attempt to mount the partition as a regular user ends up with:
</p>
<pre class="wiki">cannot mount on /mnt/: Operation not permitted
smbmnt failed: 1
</pre><p>
<strong>Solution:</strong> Set the directory's owner to the same user that mounts the share (e.g. phil):
</p>
<pre class="wiki">chown phil. /mnt
</pre><hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

64
cbox-tree.d/usr/share/doc/cryptobox/html/en/CryptoBoxUserGettingStarted.html
View file

@ -1,64 +0,0 @@
<div class="wikipage">
<div id="searchable"><p>
<div class='wiki-toc'>
<h4>Table of Contents</h4>
<ol>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#FirstSteps&weblang=en">First Steps</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#HintsCaveats&weblang=en">Hints / Caveats</a></li>
<li><a href="/cryptobox?action=doc&page=CryptoBoxUserGettingStarted#Comments&weblang=en">Comments</a></li>
</ol>
</div>
</p>
<p>
<strong>Navigation:</strong> ( <a href="/cryptobox?action=doc&page=CryptoBoxUser">CryptoBoxUser/en</a>, <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration">CryptoBoxUserConfiguration/en</a>, <a href="/trac/cryptobox/wiki/CryptoBoxUserGettingStarted&weblang=en">CryptoBoxUserGettingStarted</a>)
</p>
<hr />
<h1 id="Gettingstarted">Getting started</h1>
<h2 id="FirstSteps">First Steps</h2>
<p>
Getting the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> started doesn't take much:
</p>
<ol><li>You need an old Computer (at least 100MHz, 48MB RAM) (rule of thumb: bought at least after 1996). This PC needs a network card, a CD-ROM drive and a huge harddisk.
<ul><li>Well the disk doesn't need to be huge, it should just suit your filestorage needs ;)
</li><li>You don't need a monitor or a keyboard to use your <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> (with one exception, see below).
</li><li>Of course, you may use a faster computer, but they usually consume much more energy and do not provide signifcant advantages.
</li></ul></li><li>Then download the latest version of the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> as an iso-image and burn this image onto a CD.
<ul><li><a class="ext-link" title="http://codecoop.org/projects/cryptobox/" href="http://codecoop.org/projects/cryptobox/">http://codecoop.org/projects/cryptobox/</a>
</li></ul></li><li>Configure your PC, so it can boot from the CD. Therefore you have to enter the BIOS and configure the CD-ROM as boot device.
</li><li>Insert the shiny new <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> CD you've just burned and start the computer.
</li></ol><p>
If it now boots from the CD, you accomplished all of the requirements.
</p>
<p>
Now you can just go to your current desktop computer and point your browser to <a class="ext-link" title="https://192.168.0.23" href="https://192.168.0.23">https://192.168.0.23</a> where the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> interface should be displayed. Easy - isn't it?
</p>
<p>
For further steps go to <a href="/cryptobox?action=doc&page=CryptoBoxUserConfiguration&weblang=en">CryptoBoxUserConfiguration</a>.
</p>
<h2 id="HintsCaveats">Hints / Caveats</h2>
<p>
</p>
<ul><li>Maybe you need to change the network address (IP) of your PC to configure the <a href="/cryptobox?action=doc&page=CryptoBox&weblang=en">CryptoBox</a> for the first time. Ask someone for help, if you don't know how and why ...
</li><li>If you're going to buy a new harddisk keep in mind that very old hardware can't handle current disk sizes!
</li><li>Some old PCs are not able to boot from CD.
</li><li>If you don't know what a BIOS is, better ask someone, before you try to change something. ;)
</li><li>Don't forget to connect your PC to your local area network!
</li><li>To configure the BIOS, you need a keyboard and a monitor. But this has to be done only once.
</li></ul><p>
<i>back to <a href="/cryptobox?action=doc&page=CryptoBoxUser&weblang=en">CryptoBoxUser</a></i>
</p>
<hr />
<h2 id="Comments">Comments</h2>
<p>
</div>
</div>

BIN
cbox-tree.d/var/www/cryptobox-misc/antlogo100px.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 7.1 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/antlogo100px_green.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 8.4 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/antlogo100px_red.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 8 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/backg.gif
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 13 KiB

391
cbox-tree.d/var/www/cryptobox-misc/cryptobox.css
View file

@ -1,391 +0,0 @@
body {
background-image: url(backg.gif);
background-position: top center;
background-attachment: fixed;
background-repeat: no-repeat;
text-align: center;
margin: 0;
padding: 0;
font-family: verdana, lucida, arial, helvetica, sans-serif;
}
#main {
background: none;
width: 600px;
padding: 0px;
margin-left: auto;
margin-right: auto;
}
#main h1, h2, h3 {
font-family: sans-serif, arial;
font-weight: normal;
letter-spacing: 0.05em;
color: #acacac;
font-variant: small-caps;
padding: 0 1em;
text-align: left;
}
#main h1 {
font-size: 2em;
}
#main h2 {
font-size: 1.5em;
}
#main h3 {
font-size: 1.2em;
}
#head {
width: 600px;
height: 120px;
margin: 0;
padding: 0;
background-image: url(antlogo100px.png);
background-position: top right;
background-attachment: scroll;
background-repeat: no-repeat;
}
#head_green {
width: 600px;
height: 120px;
margin: 0;
padding: 0;
background-image: url(antlogo100px_green.png);
background-position: top right;
background-attachment: scroll;
background-repeat: no-repeat;
}
#head_red {
width: 600px;
height: 120px;
margin: 0;
padding: 0;
background-image: url(antlogo100px_red.png);
background-position: top right;
background-attachment: scroll;
background-repeat: no-repeat;
}
#development {
font-weight: bold;
}
#content {
margin: 0;
padding: 0;
width: 600px;
font-size: 0.9em;
min-height: 300px;
}
#content a {
line-height: 1.2em;
color: black;
text-decoration: none;
font-weight: bold;
font-size: 0.9em;
}
#content a:hover {
text-decoration: underline;
}
#content a:visited {
color: #acacac;
}
#content p {
font-size: 0.9em;
padding: 0 1em;
text-align: justify;
}
#menu {
text-align: center;
border-top: 1px solid #5e5e5e;
border-bottom: 1px solid #5e5e5e;
background-color: #ACE149;
}
#menu a:link, #menu a:visited {
color: #5e5e5e;
margin: 5px;
text-decoration: none;
border: none;
padding: 4px;
font-size: 0.8em;
}
#menu a:hover {
color: #8e8e8e;
}
#words {
width: 565px;
padding: 1.1em 0em 1.1em 1.1em;
margin-top: 0;
}
#words h1{
font-size: 1.8em;
}
#words h2{
font-size: 1.4em;
}
#words ol, #words ul {
font-size: 0.9em;
}
#words ol li {
padding: 0 1em;
line-height: 1.7em;
}
#words ul li {
padding: 0 1em;
line-height: 1.7em;
list-style-image: url(list.gif);
}
#footer {
clear: both;
text-align: center;
border-top: 1px solid #5e5e5e;
border-bottom: 1px solid #5e5e5e;
background-color: #ACE149;
font-size: 0.8em;
color: #5e5e5e;
}
#footer a:link, #footer a:visited {
color: #5e5e5e;
margin: 5px;
text-decoration: none;
border: none;
padding: 4px;
}
#footer a:hover {
text-decoration: underline;
}
#confirmtext span {
color: red;
font-weight: bold;
}
/* -------=-=-=- warnings, errors and success messages-=-=-=-------- */
#words div.warning,div.error,div.success {
margin-top: 20px;
margin-bottom: 20px;
padding-top: 10px;
padding-bottom: 15px;
color: #707070;
}
#words .warning,.error,.success {
border: 1px dashed #808080;
text-align: center;
color: #5e5e5e;
text-decoration: none;
font-weight: bold;
font-size: 0.9em;
padding-left: 40px;
padding-right: 40px;
}
#words .warning {
background-color: #f5f5f5;
}
#words .error {
background-color: #f5f5f5;
}
#words .success {
/* nice green color - but no one likes it right?
background-color: #90EE90; */
}
#words div.warning,div.error,div.success h1,h2 {
color: #808080;
}
#words .warning,.error,.success a {
color: #5e5e5e;
text-decoration: none;
font-weight: bold;
font-size: 0.9em;
}
#words .note {
text-align: center;
color: #F48659;
font-style: italic;
}
/* ----------------------=-=-=- Forms -=-=-=--------------------- */
/* pretty forms and buttons */
input {
border: 1px solid #BFBFBF;
color: #949494;
background-color: white;
padding: 2px 5px 1px 5px;
font-size: 1em;
}
input:hover {
border: 1px solid #ACE149;
color: #7DA721;
background-color: white;
font-size: 1em;
}
textarea {
font-family: arial, verdana, helvetica, sans-serif;
font-size: 1.1em;
border: 1px solid #BFBFBF;
color: #949494;
padding: 2px 5px 1px 5px;
width: 450px;
}
textarea:hover {
color: #7DA721;
background-color: white;
border: 1px solid #ACE149;
}
button {
color: #5e5e5e;
background-color: #ACE149;
border: 1px solid #5e5e5e;
font-size: 0.8em;
font-weight: bold;
cursor: pointer;
}
button:hover {
color: #5e5e5e;
background-color: #D0F0A0;
border: 1px solid #ACE149;
font-size: 0.8em;
font-weight: bold;
cursor: pointer;
}
#words form label {
min-width: 20em;
}
#words form p {
text-align: center;
}
/* ------------=-=-=- language selection -=-=-=------------- */
#lang {
position: absolute;
float: right;
right: 5px;
top: 5px;
text-align: right;
}
#lang a {
color: #acacac;
font-family: verdana, lucida, arial, helvetica, sans-serif;
font-size: smaller;
}
#lang a:hover {
color: #707070;
}
/* ------------=-=-=- documentation -=-=-=------------- */
#doc ol,ul li {
text-align: left;
margin-left: 20px;
}
#doc dl dt {
text-align: left;
margin-left: 20px;
font-style: italic;
}
#doc h1 {
padding-top: 25px;
}
#doc h2 {
padding-top: 20px;
}
#doc h3 {
padding-top: 10px;
}
/* ------------=-=-=- special things -=-=-=------------- */
#partition_info p, #log p.console {
margin-left: 10%;
margin-right: 10%;
font-family: monospace
text-align: left;
}
/* ---------=-=-=-=- onscreen help -=-=-=-=--------- */
/* not active anymore */
#words a.popup {
line-height: inherit;
color: inherit;
background-color: inherit;
text-decoration: inherit;
font-weight: inherit;
font-size: inherit;
}
#words a.popup:hover {
text-decoration: inherit;
}
#words a.popup span {
display: none;
position: fixed;
bottom: 10px;
left: 9%;
width: 80%;
background: #f0f0f0;
padding: 10px;
border-color: #e0e0e0;
border-width: 2px;
border-style: solid;
margin: 0;
}
#words a.popup:hover span {
display: inline;
}
#words a.popup span p {
text-align: left;
}
#words a.popup span h3 {
color: #909090;
margin-top: 0px;
}

BIN
cbox-tree.d/var/www/cryptobox-misc/list.gif
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 51 B

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/de_config.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 78 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/de_init.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 61 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/de_mount.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 58 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/de_w98_login.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 3.6 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/de_w98_network_drive.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 3.3 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/de_w98_not_logged_in.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.8 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/en_config.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 83 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/en_mount.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 70 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/en_w98_login.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 3.4 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/en_w98_network_drive.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.9 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/screenshots/en_w98_not_logged_in.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.8 KiB

BIN
cbox-tree.d/var/www/cryptobox-misc/smile.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 356 B

BIN
cbox-tree.d/var/www/cryptobox-misc/smile4.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 275 B

BIN
cbox-tree.d/var/www/cryptobox-misc/somerights20.gif
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.8 KiB

35
configure-examples.d/README
View file

@ -1,35 +0,0 @@
1) Overview
the files in this directory are examples for specific hook scripts to change the
configuration of the box
2) How to use these scripts
Copy the scripts, you would like to use into 'configure-local.d'.
They will be sourced in alphabetic order AFTER the default configuration of the
cryptobox.
3) The examples
set_root_pw
- replace the empty root password (the default) with a choosen password
- useful if your development cryptobox:
- is located in an insecure environment
- or your development team is geographically distributed, so the
cryptobox for testing has to be publicly available
import_authorized_keys
- create a new rsa key (etc-local.d/id_rsa) and copy the public
key to the image directory
- this is useful, if you secured the development cryptobox with a
password (see 'set_root_pw')
set_default_???
- change the default setting for:
- IP
- language
- or idle timeout
set_hostname
- change the default hostname ("cryptobox")
set_scan_devices
- change the default selection of devices, that can be used as the crypto harddisk

19
configure-examples.d/import_authorized_keys
View file

@ -1,19 +0,0 @@
# import a public rsa key into the cryptobox for ssh authentication
#
# see README in configure-examples.d for details
#
SSH_KEY_FILE="$LOCALCONF_DIR/id_rsa"
# create a rsa key if it does not yet exist
if [ ! -e "$SSH_KEY_FILE" ]
then echo "Creating ssh key ($SSH_KEY_FILE) ..."
mkdir -p $(dirname "$SSH_KEY_FILE")
ssh-keygen -t rsa -b 1024 -N '' -q -f "$SSH_KEY_FILE"
fi
# copy new public ssh key to ~/.ssh/authorized_keys on cryptobox
echo "Copying local public ssh key file to the box ..."
mkdir -p "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh"
cp "${SSH_KEY_FILE}.pub" "$IMAGE_DIR/opt/dfsbuild/runtimerd/root/.ssh/authorized_keys"

3
configure-examples.d/set_default_ip
View file

@ -1,3 +0,0 @@
# set the default IP of the cryptobox
echo -n "192.168.0.23" >"$IMAGE_DIR"/usr/share/cryptobox/defaults/ip

3
configure-examples.d/set_default_language
View file

@ -1,3 +0,0 @@
# set the default language of the cryptobox
echo -n "en" >"$IMAGE_DIR"/usr/share/cryptobox/defaults/language

5
configure-examples.d/set_default_timeout
View file

@ -1,5 +0,0 @@
# set the default idle timeout of the cryptobox
# idle time in minutes (before turning off the crypto filesystem automatically)
# "0" -> no automatic deactivation
echo -n "15" >"$IMAGE_DIR"/usr/share/cryptobox/defaults/timeout

3
configure-examples.d/set_hostname
View file

@ -1,3 +0,0 @@
# change the hostname (default value: "cryptobox")
echo "cryptobox" >"$IMAGE_DIR"/etc/hostname

10
configure-examples.d/set_root_pw
View file

@ -1,10 +0,0 @@
# replace the empty root password of an development cryptobox with a choosen one
#
# see misc/custom-configure.d/README for details
#
# set the password to your needs
NEW_ROOT_PASSWORD=foobar
echo "Setting a root password ..."
echo "root:$NEW_ROOT_PASSWORD" | chroot "$IMAGE_DIR" "$CHROOTSTART" chpasswd root

3
configure-examples.d/set_scan_devices
View file

@ -1,3 +0,0 @@
# change the selection of devices, that can be used as the crypto harddisk
sed -i '#s#^SCAN_DEVICES=.*$#SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3"#' "$IMAGE_DIR"/etc/cryptobox/cryptobox.conf

4
etc-defaults.d/README
View file

@ -1,4 +0,0 @@
this directory contains some configuration files for the development of the CryptoBox
If you want to use different local settings, then you should copy the respective
configuration file to the directory "etc-local.d" and adapt it to your needs.

Some files were not shown because too many files have changed in this diff Show more