use the existence of $DEV_FEATURES_SCRIPT" instead of "$DEVELOPMENT_MARKER" - fits better for "harden"

This commit is contained in:
lars 2005-07-23 21:16:56 +00:00
parent 7aaba8761c
commit b399722dca
7 changed files with 9 additions and 16 deletions

View File

@ -47,7 +47,7 @@ IMAGEDIR="$BUILDDIR/image-working"
# template directory for cryptobox specific configuration
TEMPLATEDIR="cryptobox.conf.d"
# the iso image
IMAGEFILE="$BUILDDIR/image.iso"
IMAGEFILE="$BUILDDIR/cryptobox.iso"
# temporary directory
TMPDIR="/tmp/`basename $0`-$$"
HD_IMAGE="/tmp/`basename $0`-testplatte.img"
@ -216,11 +216,6 @@ while [ $# -gt 0 ]
else chroot "$IMAGEDIR" "$CHROOTSTART"
fi
;;
devel )
echo "Developer's features are enabled - do NOT use this CD in a production system!"
# add the development marker to the working copy
echo "BEWARE: this CryptoBox is not usable" > "$IMAGEDIR/DEVELOPMENT_CRYPTOBOX"
;;
burn )
blanknburn_cdrw
;;
@ -228,7 +223,7 @@ while [ $# -gt 0 ]
$0 dfsbuild config harden iso
;;
help|--help )
echo "Syntax: `basename $0` ( dfsbuild | config | iso | release | qemu | revert | chroot | devel | burn | harden | release | help )"
echo "Syntax: `basename $0` ( release | dfsbuild | config | harden | iso | release | qemu | revert | chroot | burn | upload | diff | merge | help )"
echo " (you may specify more than one action)"
echo
;;

View File

@ -24,7 +24,6 @@ DEV_FEATURES_SCRIPT=/usr/lib/cryptobox/devel-features.sh
FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh
MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh
LOG_FILE=/var/log/cryptobox.log
DEVELOPMENT_MARKER=/DEVELOPMENT_CRYPTOBOX
CERT_FILE=/mnt/cb-etc/stunnel.pem
OPENSSL_CONF_FILE=/etc/cryptobox/openssl.cnf

View File

@ -11,7 +11,7 @@ set -eu
. /etc/cryptobox/cryptobox.conf
# return, if it does not exist
[ ! -e "$DEVELOPMENT_MARKER" ] && exit 0
[ ! -e "$DEV_FEATURES_SCRIPT" ] && exit 0
echo
echo "#---------------------------------------------------------------#"

View File

@ -63,7 +63,6 @@ function configure_secure()
dpkg --force-all -P $SECURITY_REMOVE_PACKAGES
# remove development files
rm -f "$DEVELOPMENT_MARKER"
rm -f "$DEV_FEATURES_SCRIPT"
}

View File

@ -2,10 +2,10 @@
#
# this script is part of the boot process of a developer's cryptobox
#
# it should really NEVER be executed on a production system
# it should really NEVER be found on a release CD
#
# called by:
# - /etc/rc2.d/S99cb-devel-features (only if $DEVELPMENT_MARKER exists)
# - /etc/rc2.d/S99cb-devel-features
#
set -eu

View File

@ -22,7 +22,7 @@ use ConfigFile;
my ($pagedata, $pagename);
my ($LANGUAGE_DIR, $LANGUAGE, $TEMPLATE_DIR, $DOC_DIR);
my ($CB_SCRIPT, $LOG_FILE, $DEVELOPMENT_MARKER);
my ($CB_SCRIPT, $LOG_FILE, $IS_DEV);
my $config = ConfigFile::read_config_file('/etc/cryptobox/cryptobox.conf');
@ -32,7 +32,7 @@ $LANGUAGE_DIR = $config->{LANGUAGE_DIR};
$LANGUAGE = $config->{LANGUAGE};
$TEMPLATE_DIR = $config->{TEMPLATE_DIR};
$DOC_DIR = $config->{DOC_DIR};
$DEVELOPMENT_MARKER = $config->{DEVELOPMENT_MARKER};
$IS_DEV = ( -e $config->{DEV_FEATURES_SCRIPT});
#################### subs ######################
@ -391,7 +391,7 @@ $pagedata->setValue('Data.Config.Language', `$CB_SCRIPT get_config language`);
$output = (-e "$LOG_FILE") ? `cat '$LOG_FILE' | sed 's/^/<br>/'` : '';
$pagedata->setValue('Data.Log',"$output");
$pagedata->setValue('Data.Status.DevelopmentMode', 1) if (-e "$DEVELOPMENT_MARKER");
$pagedata->setValue('Data.Status.DevelopmentMode', 1) if ($IS_DEV);
&render();

View File

@ -122,7 +122,7 @@ CASE=$(get_cgi_param case)
header
if [ ! -e "$DEVELOPMENT_MARKER" ]
if [ ! -e "$DEV_FEATURES_SCRIPT" ]
then echo '<p align="center">This action is only availbale for a development CryptoBox-CD.</p>'
elif [ "$ACTION" = "generate" -a -n "$GROUP" ]
then $VALIDATE_SCRIPT check "$GROUP" </dev/null &>/dev/null &