background part of initialization is always done via 'at'
improved test for 'is_init_running' change IP address after reconfiguration and redirect to new URL display a warning after reconfiguration of IP address log warning, if config partition could not be unmounted actions 'reboot' and 'poweroff' are now handled by 'cbox-manage.sh'
This commit is contained in:
parent
42181f47b0
commit
98e4b4e4b7
|
@ -180,9 +180,22 @@ function is_crypto_mounted()
|
||||||
|
|
||||||
function is_init_running()
|
function is_init_running()
|
||||||
{
|
{
|
||||||
#ps -e | grep -q -E "$MKFS_DATA|$WIPE"
|
check_at_command_queue " box-init-bg"
|
||||||
# this line is good for the "at" stuff - see cryptobox.pl
|
}
|
||||||
[ -n "$(at -l)" ]
|
|
||||||
|
|
||||||
|
# check if a specified command is in an at-queue
|
||||||
|
# Parameter: a regular expression of the commandline
|
||||||
|
# Return: the command is part of an at-queue (0) or not (1)
|
||||||
|
function check_at_command_queue()
|
||||||
|
{
|
||||||
|
# 1) get the available job numbers
|
||||||
|
# 2) remove empty lines (especially the last one)
|
||||||
|
# 3) check every associated command for the regexp
|
||||||
|
at -l | cut -f 1 -d " " | while read jobnum
|
||||||
|
do at -c $jobnum | sed '/^$/d' | tail -1 | grep -q "$1" && return 0
|
||||||
|
done
|
||||||
|
return 1
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -284,8 +297,7 @@ function init_cryptobox_part1()
|
||||||
function init_cryptobox_part2()
|
function init_cryptobox_part2()
|
||||||
# some things to be done in the background
|
# some things to be done in the background
|
||||||
# these are the final steps of initialisation
|
# these are the final steps of initialisation
|
||||||
# thuid must be changed at the first time, therfore it needs to be
|
# the uid must be changed initially, therfore it needs to be mounted
|
||||||
# mounted
|
|
||||||
{
|
{
|
||||||
mkfs_crypto
|
mkfs_crypto
|
||||||
mount "$CRYPTMAPPER_DEV" "$CRYPTO_DIR"
|
mount "$CRYPTMAPPER_DEV" "$CRYPTO_DIR"
|
||||||
|
@ -311,7 +323,7 @@ ACTION=help
|
||||||
|
|
||||||
case "$ACTION" in
|
case "$ACTION" in
|
||||||
config-up )
|
config-up )
|
||||||
# die cruft option hilft vielleicht bei dem Fehler "interleaved files not (yet) supported"
|
# the "cruft" option could help to prevent the error "interleaved files not (yet) supported"
|
||||||
mount -o remount,cruft /
|
mount -o remount,cruft /
|
||||||
if mount_config
|
if mount_config
|
||||||
then echo "Cryptobox configuration successfully loaded"
|
then echo "Cryptobox configuration successfully loaded"
|
||||||
|
@ -319,7 +331,7 @@ case "$ACTION" in
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
config-down )
|
config-down )
|
||||||
mount | grep -q " $CONFIG_DIR" && umount "$CONFIG_DIR"
|
umount "$CONFIG_DIR" || error_msg 4 "Could not unmount configuration partition"
|
||||||
;;
|
;;
|
||||||
network-up )
|
network-up )
|
||||||
kudzu -s -q --class network
|
kudzu -s -q --class network
|
||||||
|
@ -328,7 +340,7 @@ case "$ACTION" in
|
||||||
log_msg "Configured $NET_IFACE for $conf_ip ..."
|
log_msg "Configured $NET_IFACE for $conf_ip ..."
|
||||||
echo "Configured network interface for $NET_IFACE: $conf_ip"
|
echo "Configured network interface for $NET_IFACE: $conf_ip"
|
||||||
log_msg "Starting the firewall ..."
|
log_msg "Starting the firewall ..."
|
||||||
$FIREWALL_SCRIPT start
|
"$FIREWALL_SCRIPT" start
|
||||||
# start stunnel
|
# start stunnel
|
||||||
if [ -f "$CERT_FILE" ]
|
if [ -f "$CERT_FILE" ]
|
||||||
then USE_CERT=$CERT_FILE
|
then USE_CERT=$CERT_FILE
|
||||||
|
@ -358,8 +370,10 @@ case "$ACTION" in
|
||||||
/etc/init.d/thttpd stop
|
/etc/init.d/thttpd stop
|
||||||
;;
|
;;
|
||||||
box-init )
|
box-init )
|
||||||
# this is good for commandline only, as it takes a lot of time
|
# do complete initialization
|
||||||
init_cryptobox_complete >>"$LOG_FILE" 2>&1
|
"$0" box-init-fg
|
||||||
|
# the background part will recall itself as an at-command
|
||||||
|
"$0" box-init-bg
|
||||||
;;
|
;;
|
||||||
box-init-fg )
|
box-init-fg )
|
||||||
# only partitioning and configuration
|
# only partitioning and configuration
|
||||||
|
@ -371,7 +385,12 @@ case "$ACTION" in
|
||||||
box-init-bg )
|
box-init-bg )
|
||||||
# do it in the background to provide a smoother web interface
|
# do it in the background to provide a smoother web interface
|
||||||
# messages and errors get written to $LOG_FILE
|
# messages and errors get written to $LOG_FILE
|
||||||
init_cryptobox_part2 </dev/null >>"$LOG_FILE" 2>&1
|
|
||||||
|
# make sure, that this is always called via 'at':
|
||||||
|
if check_at_command_queue " box-init-bg"
|
||||||
|
then init_cryptobox_part2 </dev/null >>"$LOG_FILE" 2>&1
|
||||||
|
else echo -n "'$0' box-init-bg" | at now
|
||||||
|
fi
|
||||||
;;
|
;;
|
||||||
is_crypto_mounted )
|
is_crypto_mounted )
|
||||||
is_crypto_mounted
|
is_crypto_mounted
|
||||||
|
@ -382,6 +401,11 @@ case "$ACTION" in
|
||||||
is_init_running )
|
is_init_running )
|
||||||
is_init_running
|
is_init_running
|
||||||
;;
|
;;
|
||||||
|
update_ip_address )
|
||||||
|
# reconfigure the network interface to a new IP address
|
||||||
|
# wait for 15 seconds to finish present http requests
|
||||||
|
echo -n "sleep 15; ifconfig $NET_IFACE `get_config ip`" | at now
|
||||||
|
;;
|
||||||
crypto-mount )
|
crypto-mount )
|
||||||
mount_crypto
|
mount_crypto
|
||||||
;;
|
;;
|
||||||
|
@ -399,6 +423,16 @@ case "$ACTION" in
|
||||||
diskinfo )
|
diskinfo )
|
||||||
$SFDISK -L -q -l `find_harddisk`
|
$SFDISK -L -q -l `find_harddisk`
|
||||||
;;
|
;;
|
||||||
|
poweroff )
|
||||||
|
is_crypto_mounted && umount_crypto
|
||||||
|
log_msg "Turning off the CryptoBox ..."
|
||||||
|
echo "poweroff" | at now
|
||||||
|
;;
|
||||||
|
reboot )
|
||||||
|
is_crypto_mounted && umount_crypto
|
||||||
|
log_msg "Rebooting the CryptoBox ..."
|
||||||
|
echo "reboot" | at now
|
||||||
|
;;
|
||||||
get_current_ip )
|
get_current_ip )
|
||||||
get_current_ip
|
get_current_ip
|
||||||
;;
|
;;
|
||||||
|
|
|
@ -104,6 +104,11 @@ Lang {
|
||||||
Title = Ungültige Zeitabschaltung
|
Title = Ungültige Zeitabschaltung
|
||||||
Text = Der ausgewählte Wert der Zeitabschaltung ist nicht gültig!
|
Text = Der ausgewählte Wert der Zeitabschaltung ist nicht gültig!
|
||||||
}
|
}
|
||||||
|
|
||||||
|
IPAddressChanged {
|
||||||
|
Title = Änderung der Netzwerk-Adresse
|
||||||
|
Text = Die Netzwerk-Adresse der CryptoBox wurde verändert. In wenigen Sekunden werden sie zu der neuen Adresse umgeleitet.
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -130,12 +135,12 @@ Lang {
|
||||||
|
|
||||||
PowerOff {
|
PowerOff {
|
||||||
Title = Abschaltung
|
Title = Abschaltung
|
||||||
Text = Die CryptoBox wird gerade heruntergefahren. Spätestens in ein paar Minuten kannst du sie ausschalten.
|
Text = Die CryptoBox wird gerade heruntergefahren. In wenigen Sekunden können sie sie ausschalten (falls dies nicht automatisch geschieht).
|
||||||
}
|
}
|
||||||
|
|
||||||
ReBoot {
|
ReBoot {
|
||||||
Title = Neustart
|
Title = Neustart
|
||||||
Text = Die CryptoBox wird gerade neu gestartet. Spätestens in ein paar Minuten ist sie wieder verfügbar.
|
Text = Die CryptoBox wird gerade neu gestartet. In wenigen Sekunden ist sie wieder verfügbar.
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -179,7 +179,6 @@ sub umount_vol
|
||||||
|
|
||||||
sub box_init
|
sub box_init
|
||||||
{
|
{
|
||||||
# TODO: redirect output to pagedata
|
|
||||||
my $pw = shift;
|
my $pw = shift;
|
||||||
|
|
||||||
# partitioning, config and initial cryptsetup
|
# partitioning, config and initial cryptsetup
|
||||||
|
@ -187,22 +186,22 @@ sub box_init
|
||||||
print PW_INPUT $pw;
|
print PW_INPUT $pw;
|
||||||
close(PW_INPUT);
|
close(PW_INPUT);
|
||||||
|
|
||||||
# wipe and mkfs takes some time - it will be done in background
|
# wipe and mkfs takes some time - it will be done in the background
|
||||||
system("echo $CB_SCRIPT box-init-bg | at now + 1 minutes >>$LOG_FILE 2>&1");
|
system("$CB_SCRIPT", "box-init-bg");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
sub system_poweroff()
|
sub system_poweroff()
|
||||||
{
|
{
|
||||||
&umount_vol();
|
&umount_vol();
|
||||||
system("echo /sbin/poweroff | at now + 1 minutes >>$LOG_FILE 2>&1");
|
system("$CB_SCRIPT", "poweroff");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
sub system_reboot()
|
sub system_reboot()
|
||||||
{
|
{
|
||||||
&umount_vol();
|
&umount_vol();
|
||||||
system("echo /sbin/reboot | at now + 1 minutes >>$LOG_FILE 2>&1");
|
system("$CB_SCRIPT", "reboot");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -402,7 +401,20 @@ if ( ! &check_ssl()) {
|
||||||
} else {
|
} else {
|
||||||
system("$CB_SCRIPT", "set_config", "language", $query->param('language'));
|
system("$CB_SCRIPT", "set_config", "language", $query->param('language'));
|
||||||
system("$CB_SCRIPT", "set_config", "timeout", $query->param('timeout'));
|
system("$CB_SCRIPT", "set_config", "timeout", $query->param('timeout'));
|
||||||
system("$CB_SCRIPT", "set_config", "ip", $query->param('ip'));
|
# check, if the ip was reconfigured
|
||||||
|
if ($query->param('ip') ne `$CB_SCRIPT get_config ip`)
|
||||||
|
{
|
||||||
|
# set the new value
|
||||||
|
system("$CB_SCRIPT", "set_config", "ip", $query->param('ip'));
|
||||||
|
# reconfigure the network interface
|
||||||
|
system("$CB_SCRIPT", "update_ip_address");
|
||||||
|
# redirect to the new address
|
||||||
|
$pagedata->setValue('Data.Redirect.URL', "https://" . $query->param('ip') . $ENV{'SCRIPT_NAME'});
|
||||||
|
$pagedata->setValue('Data.Redirect.Delay', "5");
|
||||||
|
# display a warning for the redirection
|
||||||
|
$pagedata->setValue('Data.Warning', 'IPAddressChanged');
|
||||||
|
}
|
||||||
|
|
||||||
# TODO: check for success by comparing with new config and report success
|
# TODO: check for success by comparing with new config and report success
|
||||||
$pagedata->setValue('Data.Success', 'ConfigSaved');
|
$pagedata->setValue('Data.Success', 'ConfigSaved');
|
||||||
$pagedata->setValue('Data.Action', 'intro');
|
$pagedata->setValue('Data.Action', 'intro');
|
||||||
|
@ -423,7 +435,7 @@ if ( ! &check_ssl()) {
|
||||||
##################### pweroff #######################
|
##################### pweroff #######################
|
||||||
} elsif ($action eq 'shutdown_ask') {
|
} elsif ($action eq 'shutdown_ask') {
|
||||||
$pagedata->setValue('Data.Action', 'shutdown_form');
|
$pagedata->setValue('Data.Action', 'shutdown_form');
|
||||||
##################### reboot ######################
|
##################### reboot ########################
|
||||||
} elsif ($action eq 'shutdown_do') {
|
} elsif ($action eq 'shutdown_do') {
|
||||||
if ($query->param('type') eq 'reboot') {
|
if ($query->param('type') eq 'reboot') {
|
||||||
&system_reboot();
|
&system_reboot();
|
||||||
|
|
Loading…
Reference in New Issue