(u)mounting of plaintext partitions fixed
init-script fixed (debian)
This commit is contained in:
parent
5fb9108640
commit
8138339ab7
5 changed files with 69 additions and 29 deletions
|
@ -46,7 +46,7 @@ source "$DISTRIBUTION_CONF"
|
|||
[ -w "$LOG_FILE" ] || LOG_FILE=/tmp/$(basename "$LOG_FILE")
|
||||
|
||||
# retrieve configuration directory
|
||||
CONFIG_DIR="$(getent passwd '$CRYPTOBOX_USER' | cut -d ':' -f 6)/config"
|
||||
CONFIG_DIR="$(getent passwd $CRYPTOBOX_USER | cut -d ':' -f 6)/config"
|
||||
CONFIG_MARKER=cryptobox.marker
|
||||
|
||||
## configuration
|
||||
|
@ -251,20 +251,24 @@ function create_crypto()
|
|||
}
|
||||
|
||||
|
||||
function is_config_active()
|
||||
{
|
||||
function is_config_active() {
|
||||
test -f "$CONFIG_DIR/$CONFIG_MARKER"
|
||||
}
|
||||
|
||||
|
||||
function is_mounted()
|
||||
# Parameter: DEVICE
|
||||
{
|
||||
function is_mounted() {
|
||||
local name=$(get_device_mnt_name "$1")
|
||||
test -n "$name" && mountpoint -q "$MNT_PARENT/$name"
|
||||
}
|
||||
|
||||
|
||||
# Parameter: DEVICE
|
||||
function is_encrypted() {
|
||||
"$ROOT_PERM_SCRIPT" is_crypto_partition "$1"
|
||||
}
|
||||
|
||||
|
||||
function get_available_disks()
|
||||
# looks which allowed disks are at the moment connected with the cbox
|
||||
{
|
||||
|
@ -310,7 +314,8 @@ function box_purge()
|
|||
|
||||
|
||||
function turn_off_all_containers() {
|
||||
"$ROOT_PERM_SCRIPT" create_plain "$1"
|
||||
# TODO - needs to be implemented
|
||||
return 0
|
||||
}
|
||||
|
||||
|
||||
|
@ -371,7 +376,7 @@ case "$ACTION" in
|
|||
is_device_allowed "$1" || error_msg 12 "invalid device: $1"
|
||||
if test $# -eq 2
|
||||
then "$ROOT_PERM_SCRIPT" create_crypto "$1" "$2"
|
||||
else TODO "$1"
|
||||
else "$ROOT_PERM_SCRIPT" create_plain "$1"
|
||||
fi
|
||||
true
|
||||
;;
|
||||
|
@ -380,6 +385,11 @@ case "$ACTION" in
|
|||
is_device_allowed "$1" || error_msg 12 "invalid device: $1"
|
||||
is_mounted "$1"
|
||||
;;
|
||||
is_encrypted )
|
||||
[ $# -ne 1 ] && error_msg 10 "invalid number of parameters for 'is_mounted'"
|
||||
is_device_allowed "$1" || error_msg 12 "invalid device: $1"
|
||||
is_encrypted "$1"
|
||||
;;
|
||||
check_config)
|
||||
is_config_active
|
||||
;;
|
||||
|
|
|
@ -282,6 +282,12 @@ sub check_init_running {
|
|||
}
|
||||
|
||||
|
||||
# Parameter: device
|
||||
sub check_device_encryption {
|
||||
return (system("$CB_SCRIPT","is_encrypted",$1) == 0);
|
||||
}
|
||||
|
||||
|
||||
sub is_harddisk_available {
|
||||
my @all_disks = &exec_cb_script("get_available_disks");
|
||||
return @all_disks > 0;
|
||||
|
@ -335,9 +341,13 @@ sub mount_vol {
|
|||
if (&check_mounted($device)) {
|
||||
$pagedata->setValue('Data.Warning', 'IsMounted');
|
||||
} else {
|
||||
open(PW_INPUT, "| $CB_SCRIPT crypto-up $device");
|
||||
print PW_INPUT $pw;
|
||||
close(PW_INPUT);
|
||||
if ($pw eq '') {
|
||||
&exec_cb_script("crypto-up", $device);
|
||||
} else {
|
||||
open(PW_INPUT, "| $CB_SCRIPT crypto-up $device");
|
||||
print PW_INPUT $pw;
|
||||
close(PW_INPUT);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -541,6 +551,7 @@ if ( ! &check_ssl()) {
|
|||
}
|
||||
################ mount_do ########################
|
||||
} elsif ($action eq 'mount_do') {
|
||||
my $is_encrypted = &check_device_encryption($device) if ($device ne '');
|
||||
if ($device eq '') {
|
||||
&debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
|
||||
$pagedata->setValue('Data.Warning', 'InvalidDevice');
|
||||
|
@ -556,13 +567,17 @@ if ( ! &check_ssl()) {
|
|||
} elsif (&check_mounted($device)) {
|
||||
$pagedata->setValue('Data.Warning', 'IsMounted');
|
||||
$pagedata->setValue('Data.Action', 'show_volume');
|
||||
} elsif ($query->param('crypto_password') eq '') {
|
||||
} elsif ($is_encrypted && ($query->param('crypto_password') eq '')) {
|
||||
# leeres Passwort
|
||||
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
|
||||
$pagedata->setValue('Data.Action', 'show_volume');
|
||||
} else {
|
||||
# mounten
|
||||
&mount_vol($device, $query->param('crypto_password'));
|
||||
if ($is_encrypted) {
|
||||
&mount_vol($device, $query->param('crypto_password'));
|
||||
} else {
|
||||
&mount_vol($device);
|
||||
}
|
||||
if (!&check_mounted($device)) {
|
||||
$pagedata->setValue('Data.Warning', 'MountFailed');
|
||||
$pagedata->setValue('Data.Action', 'show_volume');
|
||||
|
@ -747,11 +762,11 @@ if ( ! &check_ssl()) {
|
|||
&& $current_admin_pw ne $query->param('current_admin_password')) {
|
||||
$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
|
||||
$pagedata->setValue('Data.Action', 'form_init_partition');
|
||||
} elsif ($query->param('crypto_password') ne $query->param('crypto_password2')) {
|
||||
} elsif (defined($query->param('encryption')) && ($query->param('crypto_password') ne $query->param('crypto_password2'))) {
|
||||
# different crypto-passwords
|
||||
$pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
|
||||
$pagedata->setValue('Data.Action', 'form_init_partition');
|
||||
} elsif ($query->param('crypto_password') eq '') {
|
||||
} elsif (defined($query->param('encryption')) && ($query->param('crypto_password') eq '')) {
|
||||
# empty password
|
||||
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
|
||||
$pagedata->setValue('Data.Action', 'form_init_partition');
|
||||
|
@ -760,7 +775,13 @@ if ( ! &check_ssl()) {
|
|||
$pagedata->setValue('Data.Warning', 'InitNotConfirmed');
|
||||
$pagedata->setValue('Data.Action', 'form_init_partition');
|
||||
} else {
|
||||
if (&volume_init($device,$query->param('crypto_password'))) {
|
||||
my $init_result;
|
||||
if (defined($query->param('encryption'))) {
|
||||
$init_result = &volume_init($device,$query->param('crypto_password'));
|
||||
} else {
|
||||
$init_result = &volume_init($device);
|
||||
}
|
||||
if ($init_result) {
|
||||
#$pagedata->setValue('Data.Success', 'InitRunning');
|
||||
$pagedata->setValue('Data.Action', 'show_volume');
|
||||
} else {
|
||||
|
@ -863,28 +884,33 @@ $pagedata->setValue('Data.QueryString', "$querystring") if ($querystring ne '');
|
|||
|
||||
$pagedata->setValue('Data.Version', CRYPTOBOX_VERSION);
|
||||
|
||||
my ($one_disk, $one_name, $isActive);
|
||||
my ($one_disk, $one_name, $isActive, $isEncrypted);
|
||||
my $avail_counter = 0; my $active_counter = 0; my $passive_counter = 0;
|
||||
for $one_disk (&get_available_disks()) {
|
||||
$one_name = &get_disk_name($one_disk);
|
||||
$isEncrypted = &check_device_encryption($one_disk);
|
||||
$pagedata->setValue("Data.Disks.available.${avail_counter}.device",$one_disk);
|
||||
$pagedata->setValue("Data.Disks.available.${avail_counter}.name",$one_name);
|
||||
$pagedata->setValue("Data.Disks.available.${avail_counter}.encryption", $isEncrypted? 1 : 0);
|
||||
$isActive = &check_mounted($one_disk);
|
||||
if ($isActive) {
|
||||
$pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",1);
|
||||
$pagedata->setValue("Data.Disks.active.${active_counter}.device",$one_disk);
|
||||
$pagedata->setValue("Data.Disks.active.${active_counter}.name",$one_name);
|
||||
$pagedata->setValue("Data.Disks.active.${avail_counter}.encryption", $isEncrypted? 1 : 0);
|
||||
$active_counter++;
|
||||
} else {
|
||||
$pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",0);
|
||||
$pagedata->setValue("Data.Disks.passive.${passive_counter}.device",$one_disk);
|
||||
$pagedata->setValue("Data.Disks.passive.${passive_counter}.name",$one_name);
|
||||
$pagedata->setValue("Data.Disks.passive.${avail_counter}.encryption", $isEncrypted? 1 : 0);
|
||||
$passive_counter++;
|
||||
}
|
||||
if ($device eq $one_disk) {
|
||||
$pagedata->setValue('Data.CurrentDisk.device', $one_disk);
|
||||
$pagedata->setValue('Data.CurrentDisk.name', $one_name);
|
||||
$pagedata->setValue('Data.CurrentDisk.active', $isActive? 1 : 0);
|
||||
$pagedata->setValue("Data.CurrentDisk.encryption", $isEncrypted? 1 : 0);
|
||||
# retrieve capacity information if the device is mounted
|
||||
if (&check_mounted($device)) {
|
||||
my $cap_info = &exec_cb_script("get_capacity_info",$device);
|
||||
|
|
|
@ -16,13 +16,13 @@
|
|||
# startup switch defaults to zero (enabled)
|
||||
NO_START=${NO_START:-0}
|
||||
|
||||
if [ "$NO_START" = "1" ]
|
||||
then [ $# -eq 0 ] && exit 0
|
||||
[ "$1" = "status" ] && exit 1
|
||||
[ "$1" = "stop" ] && exit 0
|
||||
echo "CryptoBox is disabled by default"
|
||||
exit 0
|
||||
fi
|
||||
#if [ "$NO_START" = "1" ]
|
||||
# then [ $# -eq 0 ] && exit 0
|
||||
# [ "$1" = "status" ] && exit 1
|
||||
# [ "$1" = "stop" ] && exit 0
|
||||
# echo "CryptoBox is disabled by default"
|
||||
# exit 0
|
||||
# fi
|
||||
|
||||
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
|
||||
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
|
||||
|
@ -40,12 +40,12 @@ case "$1" in
|
|||
;;
|
||||
stop )
|
||||
# unmount all active containers
|
||||
"$LIB_DIR/cbox-manage.sh" umount_all
|
||||
"/usr/lib/cryptobox/cbox-manage.sh" umount_all
|
||||
;;
|
||||
restart )
|
||||
"$0" stop
|
||||
"$0" start
|
||||
;
|
||||
;;
|
||||
* )
|
||||
echo "invalid action specified - try { start | stop | restart }" >&2
|
||||
exit 1
|
||||
|
|
|
@ -54,8 +54,8 @@ Lang {
|
|||
DoInit = Initialization
|
||||
SaveConfig = Save configuration
|
||||
Update = Refresh
|
||||
Mount = Activate encrypted filesystem
|
||||
Umount = Deactivate encrypted filesystem
|
||||
Mount = Activate filesystem
|
||||
Umount = Deactivate filesystem
|
||||
Config = Configuration
|
||||
PowerOff = Shutdown
|
||||
ReBoot = Reboot
|
||||
|
|
|
@ -6,8 +6,11 @@
|
|||
<?cs if:!Data.CurrentDisk.active ?>
|
||||
<h2>Mount container</h2>
|
||||
<?cs call:print_form_header() ?>
|
||||
<p><label for="crypto_passwort"><?cs var:html_escape(Lang.Text.EnterCurrentCryptoPassword) ?></label>
|
||||
<input type="password" id="crypto_password" name="crypto_password" size="20" maxlength="40" />
|
||||
<p>
|
||||
<?cs if:Data.CurrentDisk.encryption ?>
|
||||
<label for="crypto_passwort"><?cs var:html_escape(Lang.Text.EnterCurrentCryptoPassword) ?></label>
|
||||
<input type="password" id="crypto_password" name="crypto_password" size="20" maxlength="40" />
|
||||
<?cs /if ?>
|
||||
<input type="hidden" name="device" value="<?cs var:html_escape(Data.CurrentDisk.device) ?>" />
|
||||
<input type="hidden" name="action" value="mount_do" />
|
||||
<button type="submit"><?cs var:Lang.Button.Mount ?></button></p>
|
||||
|
@ -54,6 +57,7 @@
|
|||
<li>Name of container: <?cs var:html_escape(Data.CurrentDisk.name) ?></li>
|
||||
<li>Name of device: <?cs var:html_escape(Data.CurrentDisk.device) ?></li>
|
||||
<li>Current status: <?cs if:Data.CurrentDisk.active ?>active<?cs else ?>passive<?cs /if ?></li>
|
||||
<li>Encryption: <?cs if:Data.CurrentDisk.encryption ?>on<?cs else ?>off<?cs /if ?></li>
|
||||
<?cs if:Data.CurrentDisk.active ?>
|
||||
<li>Size of container: <?cs var:html_escape(Data.CurrentDisk.capacity.size) ?></li>
|
||||
<li>Available space of container: <?cs var:html_escape(Data.CurrentDisk.capacity.free) ?></li>
|
||||
|
|
Loading…
Reference in a new issue