* scan-device list enhanced

* minor changes in cb-boot services
* cbox-manage interrupts without a harddisk

cbox-tree.d/etc/cryptobox/cryptobox.conf

@@ -4,7 +4,7 @@
 LANGUAGE=de
 NET_IFACE=eth0
 SAMBA_USER=nobody
-SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3"
+SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3 /dev/sg /dev/sda /dev/sdb /dev/sdc /dev/sdd"
 
 # directories
 LANGUAGE_DIR=/usr/share/cryptobox/lang

cbox-tree.d/etc/init.d/cb-devel-features.sh

@@ -1,26 +0,0 @@
-#!/bin/sh
-#
-# this script looks for the devel-features.sh script
-#  if it exists, it will be executed - this is
-#  ONLY FOR DEVELOPMENT CDs!
-#  for release CDs the file devel-features.sh script should never exist!
-#
-
-set -eu
-
-# parse config file
-. /etc/cryptobox/cryptobox.conf
-
-# return, if it does not exist
-[ ! -e "$DEV_FEATURES_SCRIPT" ] && exit 0
-
-echo
-echo "#---------------------------------------------------------------#"
-echo "| WARNING: developers features are enabled                      |"
-echo "|  This definitely should NOT happen for production CDs!        |"
-echo "|  If you are not a developer, then this CD is DANGEROUS, as it |"
-echo "|  offers no security at all!                                   |"
-echo "#---------------------------------------------------------------#"
-echo 
-
-$DEV_FEATURES_SCRIPT "$@"

cbox-tree.d/etc/init.d/cb-finish-boot

@@ -0,0 +1,44 @@
+#!/bin/sh
+set -eu
+#
+# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt
+#
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+case "$1" in
+	start )
+	   # check if we are on a developers CryptoBox
+		# if not give some usage hints
+		# otherwise give a warning and start the devel features
+		if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
+			echo
+			echo "Hints for usage:"
+			echo "	* for some reasons you can not login here :)"
+			echo "	* point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cb-manage.sh get_current_ip)'"
+			echo "	* configure your CryptoBox via a webbrowser"
+			echo
+		else	
+			echo
+			echo "#---------------------------------------------------------------#"
+			echo "| WARNING: Some CryptoBox development features are enabled      |"
+			echo "|  This should definitely NOT happen for a production CD.       |"
+			echo "|  as it offers no security at all.                             |"
+			echo "|  If you don't plan to refine this CD, don't use it!           |"
+			echo "#---------------------------------------------------------------#"
+			echo 
+			$DEV_FEATURES_SCRIPT "$@"
+		fi
+		;;
+	stop )
+		;;
+	restart )
+		$0 stop
+		$0 start
+		;;
+	* )
+		echo "Syntax: $0 { start | stop | restart }"
+		;;
+  esac
+

cbox-tree.d/etc/init.d/cb-hints.sh

@@ -1,26 +0,0 @@
-#!/bin/sh
-#
-# give some hints for users, who are sitting in front of the cryptobox and are mistakenly 
-# waiting for a login prompt
-#
-
-case "$1" in
-	start )
-		echo
-		echo "Hints for usage:
-		echo "	* you can not login here :)"
-		echo "	* point a webbrowser on another computer to 'http://$(/usr/lib/cryptobox/cb-manage.sh get_current_ip)'"
-		echo "	* configure your box via your webbrowser"
-		echo
-		;;
-	stop )
-		;;
-	restart )
-		$0 stop
-		$0 start
-		;;
-	* )
-		echo "Syntax: $0 { start | stop | restart }"
-		;;
-  esac
-

cbox-tree.d/etc/rc0.d/K10cb-devel-features

@@ -1 +0,0 @@
-../init.d/cb-devel-features.sh

cbox-tree.d/etc/rc3.d/S99cb-devel-features

@@ -1 +0,0 @@
-../init.d/cb-devel-features.sh

cbox-tree.d/etc/rc6.d/K10cb-devel-features

@@ -1 +0,0 @@
-../init.d/cb-devel-features.sh

cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh

@@ -46,13 +46,6 @@ function initial_checks()
 	local device="$1"
 	[ ! -b "$device" ] && log_msg "blockdevice $device does not exist" && return 1
 	[ ! -x "$SFDISK" ] && log_msg "$SFDISK not found" && return 1
-	# TODO: remove this section, as soon as the crypto algorithms are statically build into the kernel
-	local algos
-	for algo in "$(config_get_value cipher)" "$(config_get_value hash)"
-		do	local a=$(echo "$algo" | sed 's/-.*$//');	# remove everything after "-" (e.g. for "aes-cbc-essiv:sha256")
-			grep -q "^name *: $a$" /proc/crypto || modprobe "$a"
-			grep -q "^name *: $a$" /proc/crypto || { log_msg "$a is not supported by kernel" && return 1; }
-	  done
 	log_msg "inital checks successful"
 	return 0
 }
@@ -157,7 +150,7 @@ function create_crypto()
 {
 	local device="$1"
 	# passphrase may be passed via command line
-	$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
+	$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
 }
 
 
@@ -232,7 +225,11 @@ function find_harddisk()
 			do	grep -q " `basename $a`$" /proc/partitions && echo "$a" && break
 			    done
 		fi )
-	[ -z "$dev" ] && echo "no valid partition for initialisation found!" >>"$LOG_FILE"
+	if [ -z "$dev" ] ; then
+		echo "no valid harddisk for initialisation found!" >>"$LOG_FILE"
+		cat /proc/partitions >>"$LOG_FILE"
+		return 1
+	fi
 	echo -n "$dev"
 }
 
@@ -262,7 +259,7 @@ function mount_crypto()
 {
 	is_crypto_mounted && echo "Das Crypto-Dateisystem ist bereits aktiv!" && return
 	local device=`find_harddisk`
-	[ -z "$device" ] && error_msg 4 'no valid harddisk found!'
+	[ -z "$device" ] && error_msg 4 'no valid harddisk found!' && return 1
 	# passphrase is read from stdin
 	log_msg "Mounting crypto partition ..."
 	$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"

cbox-tree.d/usr/share/cryptobox/lang/de.hdf

@@ -26,7 +26,7 @@ Lang {
 		EnterSameAdminPassword	= Das neue Admin-Passwort wiederholen:
 		InitWarning		= Bei der Initialisierung werden ALLE DATEN auf der Festplatte GELÖSCHT!
 		ConfirmInitHint		= Um zu bestätigen, dass du weisst, was du tust, tippe hier bitte exakt Folgendes ein:
-		ConfirmInit		= ja, loesche alle Daten!
+		ConfirmInit		= Ja, loesche alle Daten!
 		PartitionInfo		= Derzeitige Partitionierung der Festplatte:
 		IPAddress		= Netzwerk-Adresse (IP) der CryptoBox:
 		TimeOut			= Zeitabschaltung des Crypto-Dateisystems (in Minuten):

etc-defaults.d/cbox-dev.conf

@@ -27,7 +27,7 @@ HD_IMAGE="/tmp/`basename $0`-testplatte.img"
 MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
 
 # for burning a CD
-CDWRITER="2,0,0"
+CDWRITER="0,0,0"
 
 
 ####################### validation ########################

scripts/cbox-dev.sh

@@ -67,6 +67,7 @@ function upload2box()
 # be updated this way
 {
 	local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
+	echo "Uploading the following dirs: $DIRS "
 	[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
 	for a in $DIRS
 		do	mkdir -p "$TMP_DIR/$a"
@@ -112,10 +113,10 @@ function box_diff()
 
 ############################# main #####################################
 
-[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'"
+[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'" && exit 1
 
 ACTION=--help
-[ $# -gt 0 ] && ACTION=$1
+[ $# -gt 1 ] && $ACTION=$1
 
 case "$1" in
 	diff )
@@ -159,6 +160,7 @@ case "$1" in
 		echo -e "unknown action: $1"
 		echo
 		$0 help
-		exit 1
+		exit "1"
 		;;
   esac
+