(u)mounting of plaintext partitions fixed

init-script fixed (debian)
This commit is contained in:
lars 2006-05-29 09:34:54 +00:00
parent 5fb9108640
commit 8138339ab7
5 changed files with 69 additions and 29 deletions

View File

@ -46,7 +46,7 @@ source "$DISTRIBUTION_CONF"
[ -w "$LOG_FILE" ] || LOG_FILE=/tmp/$(basename "$LOG_FILE") [ -w "$LOG_FILE" ] || LOG_FILE=/tmp/$(basename "$LOG_FILE")
# retrieve configuration directory # retrieve configuration directory
CONFIG_DIR="$(getent passwd '$CRYPTOBOX_USER' | cut -d ':' -f 6)/config" CONFIG_DIR="$(getent passwd $CRYPTOBOX_USER | cut -d ':' -f 6)/config"
CONFIG_MARKER=cryptobox.marker CONFIG_MARKER=cryptobox.marker
## configuration ## configuration
@ -251,20 +251,24 @@ function create_crypto()
} }
function is_config_active() function is_config_active() {
{
test -f "$CONFIG_DIR/$CONFIG_MARKER" test -f "$CONFIG_DIR/$CONFIG_MARKER"
} }
function is_mounted()
# Parameter: DEVICE # Parameter: DEVICE
{ function is_mounted() {
local name=$(get_device_mnt_name "$1") local name=$(get_device_mnt_name "$1")
test -n "$name" && mountpoint -q "$MNT_PARENT/$name" test -n "$name" && mountpoint -q "$MNT_PARENT/$name"
} }
# Parameter: DEVICE
function is_encrypted() {
"$ROOT_PERM_SCRIPT" is_crypto_partition "$1"
}
function get_available_disks() function get_available_disks()
# looks which allowed disks are at the moment connected with the cbox # looks which allowed disks are at the moment connected with the cbox
{ {
@ -310,7 +314,8 @@ function box_purge()
function turn_off_all_containers() { function turn_off_all_containers() {
"$ROOT_PERM_SCRIPT" create_plain "$1" # TODO - needs to be implemented
return 0
} }
@ -371,7 +376,7 @@ case "$ACTION" in
is_device_allowed "$1" || error_msg 12 "invalid device: $1" is_device_allowed "$1" || error_msg 12 "invalid device: $1"
if test $# -eq 2 if test $# -eq 2
then "$ROOT_PERM_SCRIPT" create_crypto "$1" "$2" then "$ROOT_PERM_SCRIPT" create_crypto "$1" "$2"
else TODO "$1" else "$ROOT_PERM_SCRIPT" create_plain "$1"
fi fi
true true
;; ;;
@ -380,6 +385,11 @@ case "$ACTION" in
is_device_allowed "$1" || error_msg 12 "invalid device: $1" is_device_allowed "$1" || error_msg 12 "invalid device: $1"
is_mounted "$1" is_mounted "$1"
;; ;;
is_encrypted )
[ $# -ne 1 ] && error_msg 10 "invalid number of parameters for 'is_mounted'"
is_device_allowed "$1" || error_msg 12 "invalid device: $1"
is_encrypted "$1"
;;
check_config) check_config)
is_config_active is_config_active
;; ;;

View File

@ -282,6 +282,12 @@ sub check_init_running {
} }
# Parameter: device
sub check_device_encryption {
return (system("$CB_SCRIPT","is_encrypted",$1) == 0);
}
sub is_harddisk_available { sub is_harddisk_available {
my @all_disks = &exec_cb_script("get_available_disks"); my @all_disks = &exec_cb_script("get_available_disks");
return @all_disks > 0; return @all_disks > 0;
@ -335,9 +341,13 @@ sub mount_vol {
if (&check_mounted($device)) { if (&check_mounted($device)) {
$pagedata->setValue('Data.Warning', 'IsMounted'); $pagedata->setValue('Data.Warning', 'IsMounted');
} else { } else {
open(PW_INPUT, "| $CB_SCRIPT crypto-up $device"); if ($pw eq '') {
print PW_INPUT $pw; &exec_cb_script("crypto-up", $device);
close(PW_INPUT); } else {
open(PW_INPUT, "| $CB_SCRIPT crypto-up $device");
print PW_INPUT $pw;
close(PW_INPUT);
}
} }
} }
@ -541,6 +551,7 @@ if ( ! &check_ssl()) {
} }
################ mount_do ######################## ################ mount_do ########################
} elsif ($action eq 'mount_do') { } elsif ($action eq 'mount_do') {
my $is_encrypted = &check_device_encryption($device) if ($device ne '');
if ($device eq '') { if ($device eq '') {
&debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device')); &debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
$pagedata->setValue('Data.Warning', 'InvalidDevice'); $pagedata->setValue('Data.Warning', 'InvalidDevice');
@ -556,13 +567,17 @@ if ( ! &check_ssl()) {
} elsif (&check_mounted($device)) { } elsif (&check_mounted($device)) {
$pagedata->setValue('Data.Warning', 'IsMounted'); $pagedata->setValue('Data.Warning', 'IsMounted');
$pagedata->setValue('Data.Action', 'show_volume'); $pagedata->setValue('Data.Action', 'show_volume');
} elsif ($query->param('crypto_password') eq '') { } elsif ($is_encrypted && ($query->param('crypto_password') eq '')) {
# leeres Passwort # leeres Passwort
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword'); $pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
$pagedata->setValue('Data.Action', 'show_volume'); $pagedata->setValue('Data.Action', 'show_volume');
} else { } else {
# mounten # mounten
&mount_vol($device, $query->param('crypto_password')); if ($is_encrypted) {
&mount_vol($device, $query->param('crypto_password'));
} else {
&mount_vol($device);
}
if (!&check_mounted($device)) { if (!&check_mounted($device)) {
$pagedata->setValue('Data.Warning', 'MountFailed'); $pagedata->setValue('Data.Warning', 'MountFailed');
$pagedata->setValue('Data.Action', 'show_volume'); $pagedata->setValue('Data.Action', 'show_volume');
@ -747,11 +762,11 @@ if ( ! &check_ssl()) {
&& $current_admin_pw ne $query->param('current_admin_password')) { && $current_admin_pw ne $query->param('current_admin_password')) {
$pagedata->setValue('Data.Warning', 'WrongAdminPassword'); $pagedata->setValue('Data.Warning', 'WrongAdminPassword');
$pagedata->setValue('Data.Action', 'form_init_partition'); $pagedata->setValue('Data.Action', 'form_init_partition');
} elsif ($query->param('crypto_password') ne $query->param('crypto_password2')) { } elsif (defined($query->param('encryption')) && ($query->param('crypto_password') ne $query->param('crypto_password2'))) {
# different crypto-passwords # different crypto-passwords
$pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords'); $pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
$pagedata->setValue('Data.Action', 'form_init_partition'); $pagedata->setValue('Data.Action', 'form_init_partition');
} elsif ($query->param('crypto_password') eq '') { } elsif (defined($query->param('encryption')) && ($query->param('crypto_password') eq '')) {
# empty password # empty password
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword'); $pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
$pagedata->setValue('Data.Action', 'form_init_partition'); $pagedata->setValue('Data.Action', 'form_init_partition');
@ -760,7 +775,13 @@ if ( ! &check_ssl()) {
$pagedata->setValue('Data.Warning', 'InitNotConfirmed'); $pagedata->setValue('Data.Warning', 'InitNotConfirmed');
$pagedata->setValue('Data.Action', 'form_init_partition'); $pagedata->setValue('Data.Action', 'form_init_partition');
} else { } else {
if (&volume_init($device,$query->param('crypto_password'))) { my $init_result;
if (defined($query->param('encryption'))) {
$init_result = &volume_init($device,$query->param('crypto_password'));
} else {
$init_result = &volume_init($device);
}
if ($init_result) {
#$pagedata->setValue('Data.Success', 'InitRunning'); #$pagedata->setValue('Data.Success', 'InitRunning');
$pagedata->setValue('Data.Action', 'show_volume'); $pagedata->setValue('Data.Action', 'show_volume');
} else { } else {
@ -863,28 +884,33 @@ $pagedata->setValue('Data.QueryString', "$querystring") if ($querystring ne '');
$pagedata->setValue('Data.Version', CRYPTOBOX_VERSION); $pagedata->setValue('Data.Version', CRYPTOBOX_VERSION);
my ($one_disk, $one_name, $isActive); my ($one_disk, $one_name, $isActive, $isEncrypted);
my $avail_counter = 0; my $active_counter = 0; my $passive_counter = 0; my $avail_counter = 0; my $active_counter = 0; my $passive_counter = 0;
for $one_disk (&get_available_disks()) { for $one_disk (&get_available_disks()) {
$one_name = &get_disk_name($one_disk); $one_name = &get_disk_name($one_disk);
$isEncrypted = &check_device_encryption($one_disk);
$pagedata->setValue("Data.Disks.available.${avail_counter}.device",$one_disk); $pagedata->setValue("Data.Disks.available.${avail_counter}.device",$one_disk);
$pagedata->setValue("Data.Disks.available.${avail_counter}.name",$one_name); $pagedata->setValue("Data.Disks.available.${avail_counter}.name",$one_name);
$pagedata->setValue("Data.Disks.available.${avail_counter}.encryption", $isEncrypted? 1 : 0);
$isActive = &check_mounted($one_disk); $isActive = &check_mounted($one_disk);
if ($isActive) { if ($isActive) {
$pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",1); $pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",1);
$pagedata->setValue("Data.Disks.active.${active_counter}.device",$one_disk); $pagedata->setValue("Data.Disks.active.${active_counter}.device",$one_disk);
$pagedata->setValue("Data.Disks.active.${active_counter}.name",$one_name); $pagedata->setValue("Data.Disks.active.${active_counter}.name",$one_name);
$pagedata->setValue("Data.Disks.active.${avail_counter}.encryption", $isEncrypted? 1 : 0);
$active_counter++; $active_counter++;
} else { } else {
$pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",0); $pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",0);
$pagedata->setValue("Data.Disks.passive.${passive_counter}.device",$one_disk); $pagedata->setValue("Data.Disks.passive.${passive_counter}.device",$one_disk);
$pagedata->setValue("Data.Disks.passive.${passive_counter}.name",$one_name); $pagedata->setValue("Data.Disks.passive.${passive_counter}.name",$one_name);
$pagedata->setValue("Data.Disks.passive.${avail_counter}.encryption", $isEncrypted? 1 : 0);
$passive_counter++; $passive_counter++;
} }
if ($device eq $one_disk) { if ($device eq $one_disk) {
$pagedata->setValue('Data.CurrentDisk.device', $one_disk); $pagedata->setValue('Data.CurrentDisk.device', $one_disk);
$pagedata->setValue('Data.CurrentDisk.name', $one_name); $pagedata->setValue('Data.CurrentDisk.name', $one_name);
$pagedata->setValue('Data.CurrentDisk.active', $isActive? 1 : 0); $pagedata->setValue('Data.CurrentDisk.active', $isActive? 1 : 0);
$pagedata->setValue("Data.CurrentDisk.encryption", $isEncrypted? 1 : 0);
# retrieve capacity information if the device is mounted # retrieve capacity information if the device is mounted
if (&check_mounted($device)) { if (&check_mounted($device)) {
my $cap_info = &exec_cb_script("get_capacity_info",$device); my $cap_info = &exec_cb_script("get_capacity_info",$device);

View File

@ -16,13 +16,13 @@
# startup switch defaults to zero (enabled) # startup switch defaults to zero (enabled)
NO_START=${NO_START:-0} NO_START=${NO_START:-0}
if [ "$NO_START" = "1" ] #if [ "$NO_START" = "1" ]
then [ $# -eq 0 ] && exit 0 # then [ $# -eq 0 ] && exit 0
[ "$1" = "status" ] && exit 1 # [ "$1" = "status" ] && exit 1
[ "$1" = "stop" ] && exit 0 # [ "$1" = "stop" ] && exit 0
echo "CryptoBox is disabled by default" # echo "CryptoBox is disabled by default"
exit 0 # exit 0
fi # fi
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox # set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf} CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
@ -40,12 +40,12 @@ case "$1" in
;; ;;
stop ) stop )
# unmount all active containers # unmount all active containers
"$LIB_DIR/cbox-manage.sh" umount_all "/usr/lib/cryptobox/cbox-manage.sh" umount_all
;; ;;
restart ) restart )
"$0" stop "$0" stop
"$0" start "$0" start
; ;;
* ) * )
echo "invalid action specified - try { start | stop | restart }" >&2 echo "invalid action specified - try { start | stop | restart }" >&2
exit 1 exit 1

View File

@ -54,8 +54,8 @@ Lang {
DoInit = Initialization DoInit = Initialization
SaveConfig = Save configuration SaveConfig = Save configuration
Update = Refresh Update = Refresh
Mount = Activate encrypted filesystem Mount = Activate filesystem
Umount = Deactivate encrypted filesystem Umount = Deactivate filesystem
Config = Configuration Config = Configuration
PowerOff = Shutdown PowerOff = Shutdown
ReBoot = Reboot ReBoot = Reboot

View File

@ -6,8 +6,11 @@
<?cs if:!Data.CurrentDisk.active ?> <?cs if:!Data.CurrentDisk.active ?>
<h2>Mount container</h2> <h2>Mount container</h2>
<?cs call:print_form_header() ?> <?cs call:print_form_header() ?>
<p><label for="crypto_passwort"><?cs var:html_escape(Lang.Text.EnterCurrentCryptoPassword) ?></label> <p>
<input type="password" id="crypto_password" name="crypto_password" size="20" maxlength="40" /> <?cs if:Data.CurrentDisk.encryption ?>
<label for="crypto_passwort"><?cs var:html_escape(Lang.Text.EnterCurrentCryptoPassword) ?></label>
<input type="password" id="crypto_password" name="crypto_password" size="20" maxlength="40" />
<?cs /if ?>
<input type="hidden" name="device" value="<?cs var:html_escape(Data.CurrentDisk.device) ?>" /> <input type="hidden" name="device" value="<?cs var:html_escape(Data.CurrentDisk.device) ?>" />
<input type="hidden" name="action" value="mount_do" /> <input type="hidden" name="action" value="mount_do" />
<button type="submit"><?cs var:Lang.Button.Mount ?></button></p> <button type="submit"><?cs var:Lang.Button.Mount ?></button></p>
@ -54,6 +57,7 @@
<li>Name of container: <?cs var:html_escape(Data.CurrentDisk.name) ?></li> <li>Name of container: <?cs var:html_escape(Data.CurrentDisk.name) ?></li>
<li>Name of device: <?cs var:html_escape(Data.CurrentDisk.device) ?></li> <li>Name of device: <?cs var:html_escape(Data.CurrentDisk.device) ?></li>
<li>Current status: <?cs if:Data.CurrentDisk.active ?>active<?cs else ?>passive<?cs /if ?></li> <li>Current status: <?cs if:Data.CurrentDisk.active ?>active<?cs else ?>passive<?cs /if ?></li>
<li>Encryption: <?cs if:Data.CurrentDisk.encryption ?>on<?cs else ?>off<?cs /if ?></li>
<?cs if:Data.CurrentDisk.active ?> <?cs if:Data.CurrentDisk.active ?>
<li>Size of container: <?cs var:html_escape(Data.CurrentDisk.capacity.size) ?></li> <li>Size of container: <?cs var:html_escape(Data.CurrentDisk.capacity.size) ?></li>
<li>Available space of container: <?cs var:html_escape(Data.CurrentDisk.capacity.free) ?></li> <li>Available space of container: <?cs var:html_escape(Data.CurrentDisk.capacity.free) ?></li>