changed references to scripts

cryptobox.conf.d/etc/cryptobox/cryptobox.conf

@@ -18,8 +18,11 @@ TEST_CASES_DIR=/usr/share/cryptobox/test-cases
 SUMMARY_TEMPLATE_DIR=/usr/share/cryptobox/templates/test-summary
 
 # some files
-CB_SCRIPT=/scripts/cryptobox.sh
+CB_SCRIPT=/usr/lib/cryptobox/cbox-manage.sh
 VALIDATE_SCRIPT=/usr/lib/cryptobox/validate.sh
+DEV_FEATURES_SCRIPT=/usr/lib/cryptobox/devel-features.sh
+FIREWALL_SCRIPT=/usr/lib/cryptobox/firewall.sh
+MAKE_CERT_SCRIPT=/usr/lib/cryptobox/make_stunnel_cert.sh
 LOG_FILE=/var/log/cryptobox.log
 DEVELOPMENT_MARKER=/DEVELOPMENT_CRYPTOBOX
 CERT_FILE=/mnt/cb-etc/stunnel.pem

cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh

@@ -2,15 +2,17 @@
 
 set -eu
 
+. /etc/cryptobox/cryptobox.conf
+
 ACTION=help
 [ $# -gt 0 ] && ACTION="$1"
 
 case "$ACTION" in
 	start )
-		/scripts/cryptobox.sh services-up
+		$CB_SCRIPT services-up
 		;;
 	stop )
-		/scripts/cryptobox.sh services-down
+		$CB_SCRIPT services-down
 		;;
 	restart )
 		$0 stop

cryptobox.conf.d/etc/rc2.d/S99cryptobox-devel-features.sh

@@ -8,10 +8,10 @@
 
 set -eu
 
-MARKER=/DEVELOPMENT_CRYPTOBOX
+. /etc/cryptobox/cryptobox.conf
 
 # return, if it does not exist
-[ ! -e "$MARKER" ] && exit 0
+[ ! -e "$DEVELOPMENT_MARKER" ] && exit 0
 
 echo
 echo "#---------------------------------------------------------------#"
@@ -22,4 +22,4 @@ echo "|  offers no security at all!                                   |"
 echo "#---------------------------------------------------------------#"
 echo 
 
-/scripts/devel-features.sh "$@"
+$DEV_FEATURES_SCRIPT "$@"

cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh

@@ -2,15 +2,17 @@
 
 set -eu
 
+. /etc/cryptobox/cryptobox.conf
+
 ACTION=help
 [ $# -gt 0 ] && ACTION="$1"
 
 case "$ACTION" in
 	start )
-		/scripts/cryptobox.sh config-up
+		$CB_SCRIPT config-up
 		;;
 	stop )
-		/scripts/cryptobox.sh config-down
+		$CB_SCRIPT config-down
 		;;
 	restart )
 		$0 stop

cryptobox.conf.d/etc/rcS.d/S37cb-network.sh

@@ -2,15 +2,17 @@
 
 set -eu
 
+. /etc/cryptobox/cryptobox.conf
+
 ACTION=help
 [ $# -gt 0 ] && ACTION="$1"
 
 case "$ACTION" in
 	start )
-		/scripts/cryptobox.sh network-up
+		$CB_SCRIPT network-up
 		;;
 	stop )
-		/scripts/cryptobox.sh network-down
+		$CB_SCRIPT network-down
 		;;
 	restart )
 		$0 stop

cryptobox.conf.d/usr/lib/cryptobox/cbox-manage.sh

@@ -3,6 +3,10 @@
 # this script does EVERYTHING
 # all other scripts are only frontends :)
 #
+# called by:
+#	- some rc-scripts
+#	- the web frontend cgi
+#
 
 set -eu
 
@@ -10,7 +14,7 @@ set -eu
 . /etc/cryptobox/cryptobox.conf
 
 ## configuration
-MARKER="$CONFIG_DIR/cryptobox.marker"
+CONFIG_MARKER="$CONFIG_DIR/cryptobox.marker"
 CERT_TEMP=/tmp/stunnel.pem
 
 #####
@@ -86,7 +90,7 @@ function create_config()
 	# mount the config partition rw
 	mount "$device" "$CONFIG_DIR"
 	# create a marker to recognize a cryptobox partition
-	date -I >"$MARKER" 
+	date -I >"$CONFIG_MARKER" 
 	## write (network) interfaces 
 	cp -a "$CONFIG_DEFAULTS_DIR/." "$CONFIG_DIR"
 
@@ -147,7 +151,7 @@ function config_mount_test()
 
 function is_config_mounted()
 {
-	mount | grep -q " ${CONFIG_DIR} " && [ -f "$MARKER" ]
+	mount | grep -q " ${CONFIG_DIR} " && [ -f "$CONFIG_MARKER" ]
 }
 
 
@@ -282,12 +286,12 @@ case "$ACTION" in
 		conf_ip=$(config_get_value "ip")
 		ifconfig $NET_IFACE "$conf_ip"
 		echo "Configured network interface for $NET_IFACE: $conf_ip"
-		/scripts/firewall.sh start
+		$FIREWALL_SCRIPT start
 		# start stunnel
 		if [ -f "$CERT_FILE" ] 
 		   then	USE_CERT=$CERT_FILE
 		   else USE_CERT=$CERT_TEMP
-			/scripts/make_stunnel_cert.sh "$CERT_TEMP" >>"$LOG_FILE" 2>&1
+			$MAKE_CERT_SCRIPT "$CERT_TEMP" >>"$LOG_FILE" 2>&1
 		  fi
 		stunnel -p "$USE_CERT" -r localhost:80 -d 443 \
 			|| echo "$USE_CERT not found - not starting stunnel"
@@ -296,7 +300,7 @@ case "$ACTION" in
 		ping -b -c 1 $(ifconfig $NET_IFACE | grep Bcast | cut -d ":" -f 3 | cut -d " " -f 1) &>/dev/null
 		;;
 	network-down )
-		/scripts/firewall.sh stop
+		$FIREWALL_SCRIPT stop
 		killall stunnel
 		ifconfig $NET_IFACE down
 		;;

cryptobox.conf.d/usr/lib/cryptobox/check_smb_idle.sh

@@ -15,6 +15,9 @@
 #   iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT
 #   iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT
 #
+# called by:
+#	- TODO: this script is not in use, yet
+#
 
 set -eu
 

cryptobox.conf.d/usr/lib/cryptobox/chroot-start.sh

@@ -1,4 +1,12 @@
 #!/bin/sh
+#
+# FOR DEVELOPMENT ONLY!
+#
+# this script is used to prepare a chroot session for testing
+#
+# called by:
+#	- cbox-build.sh
+#
 
 set -eu
 

cryptobox.conf.d/usr/lib/cryptobox/configure-cryptobox.sh

@@ -1,6 +1,9 @@
 #!/bin/sh
 #
-# this script is only called during the making of the cryptobox cd
+# this script is part of the building process of the cryptobox
+#
+# called by:
+#	- cbox-build.sh after copying custom files and before creating the iso image
 #
 
 set -eu

cryptobox.conf.d/usr/lib/cryptobox/devel-features.sh

@@ -4,6 +4,9 @@
 #
 # it should really NEVER be executed on a production system
 # 
+# called by:
+#	- /etc/rc2.d/S99cb-devel-features.sh (only if $DEVELPMENT_MARKER exists)
+#
 
 set -eu
 

cryptobox.conf.d/usr/lib/cryptobox/firewall.sh

@@ -2,6 +2,9 @@
 #
 # set up the firewall of the cryptobox
 #
+# called by:
+#	- cbox-manage.sh during network-up
+#
 
 set -u
 

cryptobox.conf.d/usr/lib/cryptobox/make_stunnel_cert.sh

@@ -4,6 +4,9 @@
 #
 # parameter: "destination file"
 #
+# called by:
+#	- cbox-manage.sh during network-up if no certificate was found on the config partition
+#
 
 set -eu
 

cryptobox.conf.d/usr/lib/cryptobox/validate.sh

@@ -1,9 +1,14 @@
 #!/bin/sh
 #
-# do a validation
+# do a validation - ONLY FOR DEVELOPMENT!
+#
+# it will not work, if /var/www/report is read-only (as for a production cd)
 #
 # use "--help" for a list of possible actions
 #
+# called by:
+#	- /var/www/cgi-bin/validate.sh for conducting validation tests
+#
 
 set -eu