From b5bb85424e46cfa5c82f2bfad0830aa86398ae54 Mon Sep 17 00:00:00 2001 From: lars Date: Thu, 21 Jul 2005 19:53:49 +0000 Subject: [PATCH] changed references to scripts --- cryptobox.conf.d/etc/cryptobox/cryptobox.conf | 5 ++++- cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh | 6 ++++-- .../etc/rc2.d/S99cryptobox-devel-features.sh | 6 +++--- cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh | 6 ++++-- cryptobox.conf.d/etc/rcS.d/S37cb-network.sh | 6 ++++-- .../cryptobox/{cryptobox.sh => cbox-manage.sh} | 16 ++++++++++------ .../usr/lib/cryptobox/check_smb_idle.sh | 3 +++ .../usr/lib/cryptobox/chroot-start.sh | 8 ++++++++ .../usr/lib/cryptobox/configure-cryptobox.sh | 5 ++++- .../usr/lib/cryptobox/devel-features.sh | 3 +++ cryptobox.conf.d/usr/lib/cryptobox/firewall.sh | 3 +++ .../usr/lib/cryptobox/make_stunnel_cert.sh | 3 +++ cryptobox.conf.d/usr/lib/cryptobox/validate.sh | 7 ++++++- 13 files changed, 59 insertions(+), 18 deletions(-) rename cryptobox.conf.d/usr/lib/cryptobox/{cryptobox.sh => cbox-manage.sh} (96%) diff --git a/cryptobox.conf.d/etc/cryptobox/cryptobox.conf b/cryptobox.conf.d/etc/cryptobox/cryptobox.conf index 93126ac..936fd65 100644 --- a/cryptobox.conf.d/etc/cryptobox/cryptobox.conf +++ b/cryptobox.conf.d/etc/cryptobox/cryptobox.conf @@ -18,8 +18,11 @@ TEST_CASES_DIR=/usr/share/cryptobox/test-cases SUMMARY_TEMPLATE_DIR=/usr/share/cryptobox/templates/test-summary # some files -CB_SCRIPT=/scripts/cryptobox.sh +CB_SCRIPT=/usr/lib/cryptobox/cbox-manage.sh VALIDATE_SCRIPT=/usr/lib/cryptobox/validate.sh +DEV_FEATURES_SCRIPT=/usr/lib/cryptobox/devel-features.sh +FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh +MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh LOG_FILE=/var/log/cryptobox.log DEVELOPMENT_MARKER=/DEVELOPMENT_CRYPTOBOX CERT_FILE=/mnt/cb-etc/stunnel.pem diff --git a/cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh b/cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh index 7324ab5..67ba5c2 100755 --- a/cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh +++ b/cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh @@ -2,15 +2,17 @@ set -eu +. /etc/cryptobox/cryptobox.conf + ACTION=help [ $# -gt 0 ] && ACTION="$1" case "$ACTION" in start ) - /scripts/cryptobox.sh services-up + $CB_SCRIPT services-up ;; stop ) - /scripts/cryptobox.sh services-down + $CB_SCRIPT services-down ;; restart ) $0 stop diff --git a/cryptobox.conf.d/etc/rc2.d/S99cryptobox-devel-features.sh b/cryptobox.conf.d/etc/rc2.d/S99cryptobox-devel-features.sh index 37ca5a2..278fb39 100755 --- a/cryptobox.conf.d/etc/rc2.d/S99cryptobox-devel-features.sh +++ b/cryptobox.conf.d/etc/rc2.d/S99cryptobox-devel-features.sh @@ -8,10 +8,10 @@ set -eu -MARKER=/DEVELOPMENT_CRYPTOBOX +. /etc/cryptobox/cryptobox.conf # return, if it does not exist -[ ! -e "$MARKER" ] && exit 0 +[ ! -e "$DEVELOPMENT_MARKER" ] && exit 0 echo echo "#---------------------------------------------------------------#" @@ -22,4 +22,4 @@ echo "| offers no security at all! |" echo "#---------------------------------------------------------------#" echo -/scripts/devel-features.sh "$@" +$DEV_FEATURES_SCRIPT "$@" diff --git a/cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh b/cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh index 2c8a499..7d018aa 100755 --- a/cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh +++ b/cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh @@ -2,15 +2,17 @@ set -eu +. /etc/cryptobox/cryptobox.conf + ACTION=help [ $# -gt 0 ] && ACTION="$1" case "$ACTION" in start ) - /scripts/cryptobox.sh config-up + $CB_SCRIPT config-up ;; stop ) - /scripts/cryptobox.sh config-down + $CB_SCRIPT config-down ;; restart ) $0 stop diff --git a/cryptobox.conf.d/etc/rcS.d/S37cb-network.sh b/cryptobox.conf.d/etc/rcS.d/S37cb-network.sh index f685594..eac818a 100755 --- a/cryptobox.conf.d/etc/rcS.d/S37cb-network.sh +++ b/cryptobox.conf.d/etc/rcS.d/S37cb-network.sh @@ -2,15 +2,17 @@ set -eu +. /etc/cryptobox/cryptobox.conf + ACTION=help [ $# -gt 0 ] && ACTION="$1" case "$ACTION" in start ) - /scripts/cryptobox.sh network-up + $CB_SCRIPT network-up ;; stop ) - /scripts/cryptobox.sh network-down + $CB_SCRIPT network-down ;; restart ) $0 stop diff --git a/cryptobox.conf.d/usr/lib/cryptobox/cryptobox.sh b/cryptobox.conf.d/usr/lib/cryptobox/cbox-manage.sh similarity index 96% rename from cryptobox.conf.d/usr/lib/cryptobox/cryptobox.sh rename to cryptobox.conf.d/usr/lib/cryptobox/cbox-manage.sh index 8a433b1..0277dcd 100755 --- a/cryptobox.conf.d/usr/lib/cryptobox/cryptobox.sh +++ b/cryptobox.conf.d/usr/lib/cryptobox/cbox-manage.sh @@ -3,6 +3,10 @@ # this script does EVERYTHING # all other scripts are only frontends :) # +# called by: +# - some rc-scripts +# - the web frontend cgi +# set -eu @@ -10,7 +14,7 @@ set -eu . /etc/cryptobox/cryptobox.conf ## configuration -MARKER="$CONFIG_DIR/cryptobox.marker" +CONFIG_MARKER="$CONFIG_DIR/cryptobox.marker" CERT_TEMP=/tmp/stunnel.pem ##### @@ -86,7 +90,7 @@ function create_config() # mount the config partition rw mount "$device" "$CONFIG_DIR" # create a marker to recognize a cryptobox partition - date -I >"$MARKER" + date -I >"$CONFIG_MARKER" ## write (network) interfaces cp -a "$CONFIG_DEFAULTS_DIR/." "$CONFIG_DIR" @@ -147,7 +151,7 @@ function config_mount_test() function is_config_mounted() { - mount | grep -q " ${CONFIG_DIR} " && [ -f "$MARKER" ] + mount | grep -q " ${CONFIG_DIR} " && [ -f "$CONFIG_MARKER" ] } @@ -282,12 +286,12 @@ case "$ACTION" in conf_ip=$(config_get_value "ip") ifconfig $NET_IFACE "$conf_ip" echo "Configured network interface for $NET_IFACE: $conf_ip" - /scripts/firewall.sh start + $FIREWALL_SCRIPT start # start stunnel if [ -f "$CERT_FILE" ] then USE_CERT=$CERT_FILE else USE_CERT=$CERT_TEMP - /scripts/make_stunnel_cert.sh "$CERT_TEMP" >>"$LOG_FILE" 2>&1 + $MAKE_CERT_SCRIPT "$CERT_TEMP" >>"$LOG_FILE" 2>&1 fi stunnel -p "$USE_CERT" -r localhost:80 -d 443 \ || echo "$USE_CERT not found - not starting stunnel" @@ -296,7 +300,7 @@ case "$ACTION" in ping -b -c 1 $(ifconfig $NET_IFACE | grep Bcast | cut -d ":" -f 3 | cut -d " " -f 1) &>/dev/null ;; network-down ) - /scripts/firewall.sh stop + $FIREWALL_SCRIPT stop killall stunnel ifconfig $NET_IFACE down ;; diff --git a/cryptobox.conf.d/usr/lib/cryptobox/check_smb_idle.sh b/cryptobox.conf.d/usr/lib/cryptobox/check_smb_idle.sh index c94cbc1..142f658 100755 --- a/cryptobox.conf.d/usr/lib/cryptobox/check_smb_idle.sh +++ b/cryptobox.conf.d/usr/lib/cryptobox/check_smb_idle.sh @@ -15,6 +15,9 @@ # iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT # iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT # +# called by: +# - TODO: this script is not in use, yet +# set -eu diff --git a/cryptobox.conf.d/usr/lib/cryptobox/chroot-start.sh b/cryptobox.conf.d/usr/lib/cryptobox/chroot-start.sh index c5efe91..eb828b1 100755 --- a/cryptobox.conf.d/usr/lib/cryptobox/chroot-start.sh +++ b/cryptobox.conf.d/usr/lib/cryptobox/chroot-start.sh @@ -1,4 +1,12 @@ #!/bin/sh +# +# FOR DEVELOPMENT ONLY! +# +# this script is used to prepare a chroot session for testing +# +# called by: +# - cbox-build.sh +# set -eu diff --git a/cryptobox.conf.d/usr/lib/cryptobox/configure-cryptobox.sh b/cryptobox.conf.d/usr/lib/cryptobox/configure-cryptobox.sh index b5535f9..23423d6 100755 --- a/cryptobox.conf.d/usr/lib/cryptobox/configure-cryptobox.sh +++ b/cryptobox.conf.d/usr/lib/cryptobox/configure-cryptobox.sh @@ -1,6 +1,9 @@ #!/bin/sh # -# this script is only called during the making of the cryptobox cd +# this script is part of the building process of the cryptobox +# +# called by: +# - cbox-build.sh after copying custom files and before creating the iso image # set -eu diff --git a/cryptobox.conf.d/usr/lib/cryptobox/devel-features.sh b/cryptobox.conf.d/usr/lib/cryptobox/devel-features.sh index 9d76b5c..2ff61dc 100755 --- a/cryptobox.conf.d/usr/lib/cryptobox/devel-features.sh +++ b/cryptobox.conf.d/usr/lib/cryptobox/devel-features.sh @@ -4,6 +4,9 @@ # # it should really NEVER be executed on a production system # +# called by: +# - /etc/rc2.d/S99cb-devel-features.sh (only if $DEVELPMENT_MARKER exists) +# set -eu diff --git a/cryptobox.conf.d/usr/lib/cryptobox/firewall.sh b/cryptobox.conf.d/usr/lib/cryptobox/firewall.sh index e1659f3..29f97c5 100644 --- a/cryptobox.conf.d/usr/lib/cryptobox/firewall.sh +++ b/cryptobox.conf.d/usr/lib/cryptobox/firewall.sh @@ -2,6 +2,9 @@ # # set up the firewall of the cryptobox # +# called by: +# - cbox-manage.sh during network-up +# set -u diff --git a/cryptobox.conf.d/usr/lib/cryptobox/make_stunnel_cert.sh b/cryptobox.conf.d/usr/lib/cryptobox/make_stunnel_cert.sh index 4bb8c50..a977cf4 100755 --- a/cryptobox.conf.d/usr/lib/cryptobox/make_stunnel_cert.sh +++ b/cryptobox.conf.d/usr/lib/cryptobox/make_stunnel_cert.sh @@ -4,6 +4,9 @@ # # parameter: "destination file" # +# called by: +# - cbox-manage.sh during network-up if no certificate was found on the config partition +# set -eu diff --git a/cryptobox.conf.d/usr/lib/cryptobox/validate.sh b/cryptobox.conf.d/usr/lib/cryptobox/validate.sh index 751fcad..32105c4 100755 --- a/cryptobox.conf.d/usr/lib/cryptobox/validate.sh +++ b/cryptobox.conf.d/usr/lib/cryptobox/validate.sh @@ -1,9 +1,14 @@ #!/bin/sh # -# do a validation +# do a validation - ONLY FOR DEVELOPMENT! +# +# it will not work, if /var/www/report is read-only (as for a production cd) # # use "--help" for a list of possible actions # +# called by: +# - /var/www/cgi-bin/validate.sh for conducting validation tests +# set -eu