(u)mounting of plaintext partitions fixed

init-script fixed (debian)
This commit is contained in:
lars 2006-05-29 09:34:54 +00:00
parent 5fb9108640
commit 8138339ab7
5 changed files with 69 additions and 29 deletions

View file

@ -46,7 +46,7 @@ source "$DISTRIBUTION_CONF"
[ -w "$LOG_FILE" ] || LOG_FILE=/tmp/$(basename "$LOG_FILE")
# retrieve configuration directory
CONFIG_DIR="$(getent passwd '$CRYPTOBOX_USER' | cut -d ':' -f 6)/config"
CONFIG_DIR="$(getent passwd $CRYPTOBOX_USER | cut -d ':' -f 6)/config"
CONFIG_MARKER=cryptobox.marker
## configuration
@ -251,20 +251,24 @@ function create_crypto()
}
function is_config_active()
{
function is_config_active() {
test -f "$CONFIG_DIR/$CONFIG_MARKER"
}
function is_mounted()
# Parameter: DEVICE
{
function is_mounted() {
local name=$(get_device_mnt_name "$1")
test -n "$name" && mountpoint -q "$MNT_PARENT/$name"
}
# Parameter: DEVICE
function is_encrypted() {
"$ROOT_PERM_SCRIPT" is_crypto_partition "$1"
}
function get_available_disks()
# looks which allowed disks are at the moment connected with the cbox
{
@ -310,7 +314,8 @@ function box_purge()
function turn_off_all_containers() {
"$ROOT_PERM_SCRIPT" create_plain "$1"
# TODO - needs to be implemented
return 0
}
@ -371,7 +376,7 @@ case "$ACTION" in
is_device_allowed "$1" || error_msg 12 "invalid device: $1"
if test $# -eq 2
then "$ROOT_PERM_SCRIPT" create_crypto "$1" "$2"
else TODO "$1"
else "$ROOT_PERM_SCRIPT" create_plain "$1"
fi
true
;;
@ -380,6 +385,11 @@ case "$ACTION" in
is_device_allowed "$1" || error_msg 12 "invalid device: $1"
is_mounted "$1"
;;
is_encrypted )
[ $# -ne 1 ] && error_msg 10 "invalid number of parameters for 'is_mounted'"
is_device_allowed "$1" || error_msg 12 "invalid device: $1"
is_encrypted "$1"
;;
check_config)
is_config_active
;;

View file

@ -282,6 +282,12 @@ sub check_init_running {
}
# Parameter: device
sub check_device_encryption {
return (system("$CB_SCRIPT","is_encrypted",$1) == 0);
}
sub is_harddisk_available {
my @all_disks = &exec_cb_script("get_available_disks");
return @all_disks > 0;
@ -335,9 +341,13 @@ sub mount_vol {
if (&check_mounted($device)) {
$pagedata->setValue('Data.Warning', 'IsMounted');
} else {
open(PW_INPUT, "| $CB_SCRIPT crypto-up $device");
print PW_INPUT $pw;
close(PW_INPUT);
if ($pw eq '') {
&exec_cb_script("crypto-up", $device);
} else {
open(PW_INPUT, "| $CB_SCRIPT crypto-up $device");
print PW_INPUT $pw;
close(PW_INPUT);
}
}
}
@ -541,6 +551,7 @@ if ( ! &check_ssl()) {
}
################ mount_do ########################
} elsif ($action eq 'mount_do') {
my $is_encrypted = &check_device_encryption($device) if ($device ne '');
if ($device eq '') {
&debug_msg(DEBUG_INFO, "invalid device: " . $query->param('device'));
$pagedata->setValue('Data.Warning', 'InvalidDevice');
@ -556,13 +567,17 @@ if ( ! &check_ssl()) {
} elsif (&check_mounted($device)) {
$pagedata->setValue('Data.Warning', 'IsMounted');
$pagedata->setValue('Data.Action', 'show_volume');
} elsif ($query->param('crypto_password') eq '') {
} elsif ($is_encrypted && ($query->param('crypto_password') eq '')) {
# leeres Passwort
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
$pagedata->setValue('Data.Action', 'show_volume');
} else {
# mounten
&mount_vol($device, $query->param('crypto_password'));
if ($is_encrypted) {
&mount_vol($device, $query->param('crypto_password'));
} else {
&mount_vol($device);
}
if (!&check_mounted($device)) {
$pagedata->setValue('Data.Warning', 'MountFailed');
$pagedata->setValue('Data.Action', 'show_volume');
@ -747,11 +762,11 @@ if ( ! &check_ssl()) {
&& $current_admin_pw ne $query->param('current_admin_password')) {
$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
$pagedata->setValue('Data.Action', 'form_init_partition');
} elsif ($query->param('crypto_password') ne $query->param('crypto_password2')) {
} elsif (defined($query->param('encryption')) && ($query->param('crypto_password') ne $query->param('crypto_password2'))) {
# different crypto-passwords
$pagedata->setValue('Data.Warning', 'DifferentCryptoPasswords');
$pagedata->setValue('Data.Action', 'form_init_partition');
} elsif ($query->param('crypto_password') eq '') {
} elsif (defined($query->param('encryption')) && ($query->param('crypto_password') eq '')) {
# empty password
$pagedata->setValue('Data.Warning', 'EmptyCryptoPassword');
$pagedata->setValue('Data.Action', 'form_init_partition');
@ -760,7 +775,13 @@ if ( ! &check_ssl()) {
$pagedata->setValue('Data.Warning', 'InitNotConfirmed');
$pagedata->setValue('Data.Action', 'form_init_partition');
} else {
if (&volume_init($device,$query->param('crypto_password'))) {
my $init_result;
if (defined($query->param('encryption'))) {
$init_result = &volume_init($device,$query->param('crypto_password'));
} else {
$init_result = &volume_init($device);
}
if ($init_result) {
#$pagedata->setValue('Data.Success', 'InitRunning');
$pagedata->setValue('Data.Action', 'show_volume');
} else {
@ -863,28 +884,33 @@ $pagedata->setValue('Data.QueryString', "$querystring") if ($querystring ne '');
$pagedata->setValue('Data.Version', CRYPTOBOX_VERSION);
my ($one_disk, $one_name, $isActive);
my ($one_disk, $one_name, $isActive, $isEncrypted);
my $avail_counter = 0; my $active_counter = 0; my $passive_counter = 0;
for $one_disk (&get_available_disks()) {
$one_name = &get_disk_name($one_disk);
$isEncrypted = &check_device_encryption($one_disk);
$pagedata->setValue("Data.Disks.available.${avail_counter}.device",$one_disk);
$pagedata->setValue("Data.Disks.available.${avail_counter}.name",$one_name);
$pagedata->setValue("Data.Disks.available.${avail_counter}.encryption", $isEncrypted? 1 : 0);
$isActive = &check_mounted($one_disk);
if ($isActive) {
$pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",1);
$pagedata->setValue("Data.Disks.active.${active_counter}.device",$one_disk);
$pagedata->setValue("Data.Disks.active.${active_counter}.name",$one_name);
$pagedata->setValue("Data.Disks.active.${avail_counter}.encryption", $isEncrypted? 1 : 0);
$active_counter++;
} else {
$pagedata->setValue("Data.Disks.available.${avail_counter}.isActive",0);
$pagedata->setValue("Data.Disks.passive.${passive_counter}.device",$one_disk);
$pagedata->setValue("Data.Disks.passive.${passive_counter}.name",$one_name);
$pagedata->setValue("Data.Disks.passive.${avail_counter}.encryption", $isEncrypted? 1 : 0);
$passive_counter++;
}
if ($device eq $one_disk) {
$pagedata->setValue('Data.CurrentDisk.device', $one_disk);
$pagedata->setValue('Data.CurrentDisk.name', $one_name);
$pagedata->setValue('Data.CurrentDisk.active', $isActive? 1 : 0);
$pagedata->setValue("Data.CurrentDisk.encryption", $isEncrypted? 1 : 0);
# retrieve capacity information if the device is mounted
if (&check_mounted($device)) {
my $cap_info = &exec_cb_script("get_capacity_info",$device);

View file

@ -16,13 +16,13 @@
# startup switch defaults to zero (enabled)
NO_START=${NO_START:-0}
if [ "$NO_START" = "1" ]
then [ $# -eq 0 ] && exit 0
[ "$1" = "status" ] && exit 1
[ "$1" = "stop" ] && exit 0
echo "CryptoBox is disabled by default"
exit 0
fi
#if [ "$NO_START" = "1" ]
# then [ $# -eq 0 ] && exit 0
# [ "$1" = "status" ] && exit 1
# [ "$1" = "stop" ] && exit 0
# echo "CryptoBox is disabled by default"
# exit 0
# fi
# set CONF_FILE to default value, if not configured in /etc/default/cryptobox
CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
@ -40,12 +40,12 @@ case "$1" in
;;
stop )
# unmount all active containers
"$LIB_DIR/cbox-manage.sh" umount_all
"/usr/lib/cryptobox/cbox-manage.sh" umount_all
;;
restart )
"$0" stop
"$0" start
;
;;
* )
echo "invalid action specified - try { start | stop | restart }" >&2
exit 1

View file

@ -54,8 +54,8 @@ Lang {
DoInit = Initialization
SaveConfig = Save configuration
Update = Refresh
Mount = Activate encrypted filesystem
Umount = Deactivate encrypted filesystem
Mount = Activate filesystem
Umount = Deactivate filesystem
Config = Configuration
PowerOff = Shutdown
ReBoot = Reboot

View file

@ -6,8 +6,11 @@
<?cs if:!Data.CurrentDisk.active ?>
<h2>Mount container</h2>
<?cs call:print_form_header() ?>
<p><label for="crypto_passwort"><?cs var:html_escape(Lang.Text.EnterCurrentCryptoPassword) ?></label>
<input type="password" id="crypto_password" name="crypto_password" size="20" maxlength="40" />
<p>
<?cs if:Data.CurrentDisk.encryption ?>
<label for="crypto_passwort"><?cs var:html_escape(Lang.Text.EnterCurrentCryptoPassword) ?></label>
<input type="password" id="crypto_password" name="crypto_password" size="20" maxlength="40" />
<?cs /if ?>
<input type="hidden" name="device" value="<?cs var:html_escape(Data.CurrentDisk.device) ?>" />
<input type="hidden" name="action" value="mount_do" />
<button type="submit"><?cs var:Lang.Button.Mount ?></button></p>
@ -54,6 +57,7 @@
<li>Name of container: <?cs var:html_escape(Data.CurrentDisk.name) ?></li>
<li>Name of device: <?cs var:html_escape(Data.CurrentDisk.device) ?></li>
<li>Current status: <?cs if:Data.CurrentDisk.active ?>active<?cs else ?>passive<?cs /if ?></li>
<li>Encryption: <?cs if:Data.CurrentDisk.encryption ?>on<?cs else ?>off<?cs /if ?></li>
<?cs if:Data.CurrentDisk.active ?>
<li>Size of container: <?cs var:html_escape(Data.CurrentDisk.capacity.size) ?></li>
<li>Available space of container: <?cs var:html_escape(Data.CurrentDisk.capacity.free) ?></li>