use the existence of $DEV_FEATURES_SCRIPT" instead of "$DEVELOPMENT_MARKER" - fits better for "harden"

This commit is contained in:
lars 2005-07-23 21:16:56 +00:00
parent 7aaba8761c
commit b399722dca
7 changed files with 9 additions and 16 deletions

View File

@ -47,7 +47,7 @@ IMAGEDIR="$BUILDDIR/image-working"
# template directory for cryptobox specific configuration # template directory for cryptobox specific configuration
TEMPLATEDIR="cryptobox.conf.d" TEMPLATEDIR="cryptobox.conf.d"
# the iso image # the iso image
IMAGEFILE="$BUILDDIR/image.iso" IMAGEFILE="$BUILDDIR/cryptobox.iso"
# temporary directory # temporary directory
TMPDIR="/tmp/`basename $0`-$$" TMPDIR="/tmp/`basename $0`-$$"
HD_IMAGE="/tmp/`basename $0`-testplatte.img" HD_IMAGE="/tmp/`basename $0`-testplatte.img"
@ -216,11 +216,6 @@ while [ $# -gt 0 ]
else chroot "$IMAGEDIR" "$CHROOTSTART" else chroot "$IMAGEDIR" "$CHROOTSTART"
fi fi
;; ;;
devel )
echo "Developer's features are enabled - do NOT use this CD in a production system!"
# add the development marker to the working copy
echo "BEWARE: this CryptoBox is not usable" > "$IMAGEDIR/DEVELOPMENT_CRYPTOBOX"
;;
burn ) burn )
blanknburn_cdrw blanknburn_cdrw
;; ;;
@ -228,7 +223,7 @@ while [ $# -gt 0 ]
$0 dfsbuild config harden iso $0 dfsbuild config harden iso
;; ;;
help|--help ) help|--help )
echo "Syntax: `basename $0` ( dfsbuild | config | iso | release | qemu | revert | chroot | devel | burn | harden | release | help )" echo "Syntax: `basename $0` ( release | dfsbuild | config | harden | iso | release | qemu | revert | chroot | burn | upload | diff | merge | help )"
echo " (you may specify more than one action)" echo " (you may specify more than one action)"
echo echo
;; ;;

View File

@ -24,7 +24,6 @@ DEV_FEATURES_SCRIPT=/usr/lib/cryptobox/devel-features.sh
FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh
MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh
LOG_FILE=/var/log/cryptobox.log LOG_FILE=/var/log/cryptobox.log
DEVELOPMENT_MARKER=/DEVELOPMENT_CRYPTOBOX
CERT_FILE=/mnt/cb-etc/stunnel.pem CERT_FILE=/mnt/cb-etc/stunnel.pem
OPENSSL_CONF_FILE=/etc/cryptobox/openssl.cnf OPENSSL_CONF_FILE=/etc/cryptobox/openssl.cnf

View File

@ -11,7 +11,7 @@ set -eu
. /etc/cryptobox/cryptobox.conf . /etc/cryptobox/cryptobox.conf
# return, if it does not exist # return, if it does not exist
[ ! -e "$DEVELOPMENT_MARKER" ] && exit 0 [ ! -e "$DEV_FEATURES_SCRIPT" ] && exit 0
echo echo
echo "#---------------------------------------------------------------#" echo "#---------------------------------------------------------------#"

View File

@ -63,7 +63,6 @@ function configure_secure()
dpkg --force-all -P $SECURITY_REMOVE_PACKAGES dpkg --force-all -P $SECURITY_REMOVE_PACKAGES
# remove development files # remove development files
rm -f "$DEVELOPMENT_MARKER"
rm -f "$DEV_FEATURES_SCRIPT" rm -f "$DEV_FEATURES_SCRIPT"
} }

View File

@ -2,10 +2,10 @@
# #
# this script is part of the boot process of a developer's cryptobox # this script is part of the boot process of a developer's cryptobox
# #
# it should really NEVER be executed on a production system # it should really NEVER be found on a release CD
# #
# called by: # called by:
# - /etc/rc2.d/S99cb-devel-features (only if $DEVELPMENT_MARKER exists) # - /etc/rc2.d/S99cb-devel-features
# #
set -eu set -eu

View File

@ -22,7 +22,7 @@ use ConfigFile;
my ($pagedata, $pagename); my ($pagedata, $pagename);
my ($LANGUAGE_DIR, $LANGUAGE, $TEMPLATE_DIR, $DOC_DIR); my ($LANGUAGE_DIR, $LANGUAGE, $TEMPLATE_DIR, $DOC_DIR);
my ($CB_SCRIPT, $LOG_FILE, $DEVELOPMENT_MARKER); my ($CB_SCRIPT, $LOG_FILE, $IS_DEV);
my $config = ConfigFile::read_config_file('/etc/cryptobox/cryptobox.conf'); my $config = ConfigFile::read_config_file('/etc/cryptobox/cryptobox.conf');
@ -32,7 +32,7 @@ $LANGUAGE_DIR = $config->{LANGUAGE_DIR};
$LANGUAGE = $config->{LANGUAGE}; $LANGUAGE = $config->{LANGUAGE};
$TEMPLATE_DIR = $config->{TEMPLATE_DIR}; $TEMPLATE_DIR = $config->{TEMPLATE_DIR};
$DOC_DIR = $config->{DOC_DIR}; $DOC_DIR = $config->{DOC_DIR};
$DEVELOPMENT_MARKER = $config->{DEVELOPMENT_MARKER}; $IS_DEV = ( -e $config->{DEV_FEATURES_SCRIPT});
#################### subs ###################### #################### subs ######################
@ -391,7 +391,7 @@ $pagedata->setValue('Data.Config.Language', `$CB_SCRIPT get_config language`);
$output = (-e "$LOG_FILE") ? `cat '$LOG_FILE' | sed 's/^/<br>/'` : ''; $output = (-e "$LOG_FILE") ? `cat '$LOG_FILE' | sed 's/^/<br>/'` : '';
$pagedata->setValue('Data.Log',"$output"); $pagedata->setValue('Data.Log',"$output");
$pagedata->setValue('Data.Status.DevelopmentMode', 1) if (-e "$DEVELOPMENT_MARKER"); $pagedata->setValue('Data.Status.DevelopmentMode', 1) if ($IS_DEV);
&render(); &render();

View File

@ -122,7 +122,7 @@ CASE=$(get_cgi_param case)
header header
if [ ! -e "$DEVELOPMENT_MARKER" ] if [ ! -e "$DEV_FEATURES_SCRIPT" ]
then echo '<p align="center">This action is only availbale for a development CryptoBox-CD.</p>' then echo '<p align="center">This action is only availbale for a development CryptoBox-CD.</p>'
elif [ "$ACTION" = "generate" -a -n "$GROUP" ] elif [ "$ACTION" = "generate" -a -n "$GROUP" ]
then $VALIDATE_SCRIPT check "$GROUP" </dev/null &>/dev/null & then $VALIDATE_SCRIPT check "$GROUP" </dev/null &>/dev/null &