* scan-device list enhanced
* minor changes in cb-boot services * cbox-manage interrupts without a harddisk
This commit is contained in:
parent
086911e1b8
commit
d88b3c2796
12 changed files with 59 additions and 71 deletions
|
@ -4,7 +4,7 @@
|
|||
LANGUAGE=de
|
||||
NET_IFACE=eth0
|
||||
SAMBA_USER=nobody
|
||||
SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3"
|
||||
SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3 /dev/sg /dev/sda /dev/sdb /dev/sdc /dev/sdd"
|
||||
|
||||
# directories
|
||||
LANGUAGE_DIR=/usr/share/cryptobox/lang
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# this script looks for the devel-features.sh script
|
||||
# if it exists, it will be executed - this is
|
||||
# ONLY FOR DEVELOPMENT CDs!
|
||||
# for release CDs the file devel-features.sh script should never exist!
|
||||
#
|
||||
|
||||
set -eu
|
||||
|
||||
# parse config file
|
||||
. /etc/cryptobox/cryptobox.conf
|
||||
|
||||
# return, if it does not exist
|
||||
[ ! -e "$DEV_FEATURES_SCRIPT" ] && exit 0
|
||||
|
||||
echo
|
||||
echo "#---------------------------------------------------------------#"
|
||||
echo "| WARNING: developers features are enabled |"
|
||||
echo "| This definitely should NOT happen for production CDs! |"
|
||||
echo "| If you are not a developer, then this CD is DANGEROUS, as it |"
|
||||
echo "| offers no security at all! |"
|
||||
echo "#---------------------------------------------------------------#"
|
||||
echo
|
||||
|
||||
$DEV_FEATURES_SCRIPT "$@"
|
44
cbox-tree.d/etc/init.d/cb-finish-boot
Executable file
44
cbox-tree.d/etc/init.d/cb-finish-boot
Executable file
|
@ -0,0 +1,44 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
#
|
||||
# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt
|
||||
#
|
||||
|
||||
# parse config file
|
||||
. /etc/cryptobox/cryptobox.conf
|
||||
|
||||
case "$1" in
|
||||
start )
|
||||
# check if we are on a developers CryptoBox
|
||||
# if not give some usage hints
|
||||
# otherwise give a warning and start the devel features
|
||||
if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
|
||||
echo
|
||||
echo "Hints for usage:"
|
||||
echo " * for some reasons you can not login here :)"
|
||||
echo " * point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cb-manage.sh get_current_ip)'"
|
||||
echo " * configure your CryptoBox via a webbrowser"
|
||||
echo
|
||||
else
|
||||
echo
|
||||
echo "#---------------------------------------------------------------#"
|
||||
echo "| WARNING: Some CryptoBox development features are enabled |"
|
||||
echo "| This should definitely NOT happen for a production CD. |"
|
||||
echo "| as it offers no security at all. |"
|
||||
echo "| If you don't plan to refine this CD, don't use it! |"
|
||||
echo "#---------------------------------------------------------------#"
|
||||
echo
|
||||
$DEV_FEATURES_SCRIPT "$@"
|
||||
fi
|
||||
;;
|
||||
stop )
|
||||
;;
|
||||
restart )
|
||||
$0 stop
|
||||
$0 start
|
||||
;;
|
||||
* )
|
||||
echo "Syntax: $0 { start | stop | restart }"
|
||||
;;
|
||||
esac
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# give some hints for users, who are sitting in front of the cryptobox and are mistakenly
|
||||
# waiting for a login prompt
|
||||
#
|
||||
|
||||
case "$1" in
|
||||
start )
|
||||
echo
|
||||
echo "Hints for usage:
|
||||
echo " * you can not login here :)"
|
||||
echo " * point a webbrowser on another computer to 'http://$(/usr/lib/cryptobox/cb-manage.sh get_current_ip)'"
|
||||
echo " * configure your box via your webbrowser"
|
||||
echo
|
||||
;;
|
||||
stop )
|
||||
;;
|
||||
restart )
|
||||
$0 stop
|
||||
$0 start
|
||||
;;
|
||||
* )
|
||||
echo "Syntax: $0 { start | stop | restart }"
|
||||
;;
|
||||
esac
|
||||
|
|
@ -1 +0,0 @@
|
|||
../init.d/cb-devel-features.sh
|
|
@ -1 +0,0 @@
|
|||
../init.d/cb-devel-features.sh
|
|
@ -1 +0,0 @@
|
|||
../init.d/cb-devel-features.sh
|
|
@ -46,13 +46,6 @@ function initial_checks()
|
|||
local device="$1"
|
||||
[ ! -b "$device" ] && log_msg "blockdevice $device does not exist" && return 1
|
||||
[ ! -x "$SFDISK" ] && log_msg "$SFDISK not found" && return 1
|
||||
# TODO: remove this section, as soon as the crypto algorithms are statically build into the kernel
|
||||
local algos
|
||||
for algo in "$(config_get_value cipher)" "$(config_get_value hash)"
|
||||
do local a=$(echo "$algo" | sed 's/-.*$//'); # remove everything after "-" (e.g. for "aes-cbc-essiv:sha256")
|
||||
grep -q "^name *: $a$" /proc/crypto || modprobe "$a"
|
||||
grep -q "^name *: $a$" /proc/crypto || { log_msg "$a is not supported by kernel" && return 1; }
|
||||
done
|
||||
log_msg "inital checks successful"
|
||||
return 0
|
||||
}
|
||||
|
@ -157,7 +150,7 @@ function create_crypto()
|
|||
{
|
||||
local device="$1"
|
||||
# passphrase may be passed via command line
|
||||
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
|
||||
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
|
||||
}
|
||||
|
||||
|
||||
|
@ -232,7 +225,11 @@ function find_harddisk()
|
|||
do grep -q " `basename $a`$" /proc/partitions && echo "$a" && break
|
||||
done
|
||||
fi )
|
||||
[ -z "$dev" ] && echo "no valid partition for initialisation found!" >>"$LOG_FILE"
|
||||
if [ -z "$dev" ] ; then
|
||||
echo "no valid harddisk for initialisation found!" >>"$LOG_FILE"
|
||||
cat /proc/partitions >>"$LOG_FILE"
|
||||
return 1
|
||||
fi
|
||||
echo -n "$dev"
|
||||
}
|
||||
|
||||
|
@ -262,7 +259,7 @@ function mount_crypto()
|
|||
{
|
||||
is_crypto_mounted && echo "Das Crypto-Dateisystem ist bereits aktiv!" && return
|
||||
local device=`find_harddisk`
|
||||
[ -z "$device" ] && error_msg 4 'no valid harddisk found!'
|
||||
[ -z "$device" ] && error_msg 4 'no valid harddisk found!' && return 1
|
||||
# passphrase is read from stdin
|
||||
log_msg "Mounting crypto partition ..."
|
||||
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
|
||||
|
|
|
@ -26,7 +26,7 @@ Lang {
|
|||
EnterSameAdminPassword = Das neue Admin-Passwort wiederholen:
|
||||
InitWarning = Bei der Initialisierung werden ALLE DATEN auf der Festplatte GELÖSCHT!
|
||||
ConfirmInitHint = Um zu bestätigen, dass du weisst, was du tust, tippe hier bitte exakt Folgendes ein:
|
||||
ConfirmInit = ja, loesche alle Daten!
|
||||
ConfirmInit = Ja, loesche alle Daten!
|
||||
PartitionInfo = Derzeitige Partitionierung der Festplatte:
|
||||
IPAddress = Netzwerk-Adresse (IP) der CryptoBox:
|
||||
TimeOut = Zeitabschaltung des Crypto-Dateisystems (in Minuten):
|
||||
|
|
|
@ -27,7 +27,7 @@ HD_IMAGE="/tmp/`basename $0`-testplatte.img"
|
|||
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
|
||||
|
||||
# for burning a CD
|
||||
CDWRITER="2,0,0"
|
||||
CDWRITER="0,0,0"
|
||||
|
||||
|
||||
####################### validation ########################
|
||||
|
|
|
@ -67,6 +67,7 @@ function upload2box()
|
|||
# be updated this way
|
||||
{
|
||||
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
|
||||
echo "Uploading the following dirs: $DIRS "
|
||||
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
|
||||
for a in $DIRS
|
||||
do mkdir -p "$TMP_DIR/$a"
|
||||
|
@ -112,10 +113,10 @@ function box_diff()
|
|||
|
||||
############################# main #####################################
|
||||
|
||||
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'"
|
||||
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'" && exit 1
|
||||
|
||||
ACTION=--help
|
||||
[ $# -gt 0 ] && ACTION=$1
|
||||
[ $# -gt 1 ] && $ACTION=$1
|
||||
|
||||
case "$1" in
|
||||
diff )
|
||||
|
@ -159,6 +160,7 @@ case "$1" in
|
|||
echo -e "unknown action: $1"
|
||||
echo
|
||||
$0 help
|
||||
exit 1
|
||||
exit "1"
|
||||
;;
|
||||
esac
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue