* scan-device list enhanced
* minor changes in cb-boot services * cbox-manage interrupts without a harddisk
This commit is contained in:
parent
086911e1b8
commit
d88b3c2796
|
@ -4,7 +4,7 @@
|
||||||
LANGUAGE=de
|
LANGUAGE=de
|
||||||
NET_IFACE=eth0
|
NET_IFACE=eth0
|
||||||
SAMBA_USER=nobody
|
SAMBA_USER=nobody
|
||||||
SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3"
|
SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3 /dev/sg /dev/sda /dev/sdb /dev/sdc /dev/sdd"
|
||||||
|
|
||||||
# directories
|
# directories
|
||||||
LANGUAGE_DIR=/usr/share/cryptobox/lang
|
LANGUAGE_DIR=/usr/share/cryptobox/lang
|
||||||
|
|
|
@ -1,26 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
#
|
|
||||||
# this script looks for the devel-features.sh script
|
|
||||||
# if it exists, it will be executed - this is
|
|
||||||
# ONLY FOR DEVELOPMENT CDs!
|
|
||||||
# for release CDs the file devel-features.sh script should never exist!
|
|
||||||
#
|
|
||||||
|
|
||||||
set -eu
|
|
||||||
|
|
||||||
# parse config file
|
|
||||||
. /etc/cryptobox/cryptobox.conf
|
|
||||||
|
|
||||||
# return, if it does not exist
|
|
||||||
[ ! -e "$DEV_FEATURES_SCRIPT" ] && exit 0
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo "#---------------------------------------------------------------#"
|
|
||||||
echo "| WARNING: developers features are enabled |"
|
|
||||||
echo "| This definitely should NOT happen for production CDs! |"
|
|
||||||
echo "| If you are not a developer, then this CD is DANGEROUS, as it |"
|
|
||||||
echo "| offers no security at all! |"
|
|
||||||
echo "#---------------------------------------------------------------#"
|
|
||||||
echo
|
|
||||||
|
|
||||||
$DEV_FEATURES_SCRIPT "$@"
|
|
44
cbox-tree.d/etc/init.d/cb-finish-boot
Executable file
44
cbox-tree.d/etc/init.d/cb-finish-boot
Executable file
|
@ -0,0 +1,44 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
#
|
||||||
|
# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt
|
||||||
|
#
|
||||||
|
|
||||||
|
# parse config file
|
||||||
|
. /etc/cryptobox/cryptobox.conf
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
start )
|
||||||
|
# check if we are on a developers CryptoBox
|
||||||
|
# if not give some usage hints
|
||||||
|
# otherwise give a warning and start the devel features
|
||||||
|
if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
|
||||||
|
echo
|
||||||
|
echo "Hints for usage:"
|
||||||
|
echo " * for some reasons you can not login here :)"
|
||||||
|
echo " * point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cb-manage.sh get_current_ip)'"
|
||||||
|
echo " * configure your CryptoBox via a webbrowser"
|
||||||
|
echo
|
||||||
|
else
|
||||||
|
echo
|
||||||
|
echo "#---------------------------------------------------------------#"
|
||||||
|
echo "| WARNING: Some CryptoBox development features are enabled |"
|
||||||
|
echo "| This should definitely NOT happen for a production CD. |"
|
||||||
|
echo "| as it offers no security at all. |"
|
||||||
|
echo "| If you don't plan to refine this CD, don't use it! |"
|
||||||
|
echo "#---------------------------------------------------------------#"
|
||||||
|
echo
|
||||||
|
$DEV_FEATURES_SCRIPT "$@"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
stop )
|
||||||
|
;;
|
||||||
|
restart )
|
||||||
|
$0 stop
|
||||||
|
$0 start
|
||||||
|
;;
|
||||||
|
* )
|
||||||
|
echo "Syntax: $0 { start | stop | restart }"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
|
@ -1,26 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
#
|
|
||||||
# give some hints for users, who are sitting in front of the cryptobox and are mistakenly
|
|
||||||
# waiting for a login prompt
|
|
||||||
#
|
|
||||||
|
|
||||||
case "$1" in
|
|
||||||
start )
|
|
||||||
echo
|
|
||||||
echo "Hints for usage:
|
|
||||||
echo " * you can not login here :)"
|
|
||||||
echo " * point a webbrowser on another computer to 'http://$(/usr/lib/cryptobox/cb-manage.sh get_current_ip)'"
|
|
||||||
echo " * configure your box via your webbrowser"
|
|
||||||
echo
|
|
||||||
;;
|
|
||||||
stop )
|
|
||||||
;;
|
|
||||||
restart )
|
|
||||||
$0 stop
|
|
||||||
$0 start
|
|
||||||
;;
|
|
||||||
* )
|
|
||||||
echo "Syntax: $0 { start | stop | restart }"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
../init.d/cb-devel-features.sh
|
|
|
@ -1 +0,0 @@
|
||||||
../init.d/cb-devel-features.sh
|
|
|
@ -1 +0,0 @@
|
||||||
../init.d/cb-devel-features.sh
|
|
|
@ -46,13 +46,6 @@ function initial_checks()
|
||||||
local device="$1"
|
local device="$1"
|
||||||
[ ! -b "$device" ] && log_msg "blockdevice $device does not exist" && return 1
|
[ ! -b "$device" ] && log_msg "blockdevice $device does not exist" && return 1
|
||||||
[ ! -x "$SFDISK" ] && log_msg "$SFDISK not found" && return 1
|
[ ! -x "$SFDISK" ] && log_msg "$SFDISK not found" && return 1
|
||||||
# TODO: remove this section, as soon as the crypto algorithms are statically build into the kernel
|
|
||||||
local algos
|
|
||||||
for algo in "$(config_get_value cipher)" "$(config_get_value hash)"
|
|
||||||
do local a=$(echo "$algo" | sed 's/-.*$//'); # remove everything after "-" (e.g. for "aes-cbc-essiv:sha256")
|
|
||||||
grep -q "^name *: $a$" /proc/crypto || modprobe "$a"
|
|
||||||
grep -q "^name *: $a$" /proc/crypto || { log_msg "$a is not supported by kernel" && return 1; }
|
|
||||||
done
|
|
||||||
log_msg "inital checks successful"
|
log_msg "inital checks successful"
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
@ -157,7 +150,7 @@ function create_crypto()
|
||||||
{
|
{
|
||||||
local device="$1"
|
local device="$1"
|
||||||
# passphrase may be passed via command line
|
# passphrase may be passed via command line
|
||||||
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
|
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -232,7 +225,11 @@ function find_harddisk()
|
||||||
do grep -q " `basename $a`$" /proc/partitions && echo "$a" && break
|
do grep -q " `basename $a`$" /proc/partitions && echo "$a" && break
|
||||||
done
|
done
|
||||||
fi )
|
fi )
|
||||||
[ -z "$dev" ] && echo "no valid partition for initialisation found!" >>"$LOG_FILE"
|
if [ -z "$dev" ] ; then
|
||||||
|
echo "no valid harddisk for initialisation found!" >>"$LOG_FILE"
|
||||||
|
cat /proc/partitions >>"$LOG_FILE"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
echo -n "$dev"
|
echo -n "$dev"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -262,7 +259,7 @@ function mount_crypto()
|
||||||
{
|
{
|
||||||
is_crypto_mounted && echo "Das Crypto-Dateisystem ist bereits aktiv!" && return
|
is_crypto_mounted && echo "Das Crypto-Dateisystem ist bereits aktiv!" && return
|
||||||
local device=`find_harddisk`
|
local device=`find_harddisk`
|
||||||
[ -z "$device" ] && error_msg 4 'no valid harddisk found!'
|
[ -z "$device" ] && error_msg 4 'no valid harddisk found!' && return 1
|
||||||
# passphrase is read from stdin
|
# passphrase is read from stdin
|
||||||
log_msg "Mounting crypto partition ..."
|
log_msg "Mounting crypto partition ..."
|
||||||
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
|
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
|
||||||
|
|
|
@ -26,7 +26,7 @@ Lang {
|
||||||
EnterSameAdminPassword = Das neue Admin-Passwort wiederholen:
|
EnterSameAdminPassword = Das neue Admin-Passwort wiederholen:
|
||||||
InitWarning = Bei der Initialisierung werden ALLE DATEN auf der Festplatte GELÖSCHT!
|
InitWarning = Bei der Initialisierung werden ALLE DATEN auf der Festplatte GELÖSCHT!
|
||||||
ConfirmInitHint = Um zu bestätigen, dass du weisst, was du tust, tippe hier bitte exakt Folgendes ein:
|
ConfirmInitHint = Um zu bestätigen, dass du weisst, was du tust, tippe hier bitte exakt Folgendes ein:
|
||||||
ConfirmInit = ja, loesche alle Daten!
|
ConfirmInit = Ja, loesche alle Daten!
|
||||||
PartitionInfo = Derzeitige Partitionierung der Festplatte:
|
PartitionInfo = Derzeitige Partitionierung der Festplatte:
|
||||||
IPAddress = Netzwerk-Adresse (IP) der CryptoBox:
|
IPAddress = Netzwerk-Adresse (IP) der CryptoBox:
|
||||||
TimeOut = Zeitabschaltung des Crypto-Dateisystems (in Minuten):
|
TimeOut = Zeitabschaltung des Crypto-Dateisystems (in Minuten):
|
||||||
|
|
|
@ -27,7 +27,7 @@ HD_IMAGE="/tmp/`basename $0`-testplatte.img"
|
||||||
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
|
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
|
||||||
|
|
||||||
# for burning a CD
|
# for burning a CD
|
||||||
CDWRITER="2,0,0"
|
CDWRITER="0,0,0"
|
||||||
|
|
||||||
|
|
||||||
####################### validation ########################
|
####################### validation ########################
|
||||||
|
|
|
@ -67,6 +67,7 @@ function upload2box()
|
||||||
# be updated this way
|
# be updated this way
|
||||||
{
|
{
|
||||||
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
|
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
|
||||||
|
echo "Uploading the following dirs: $DIRS "
|
||||||
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
|
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
|
||||||
for a in $DIRS
|
for a in $DIRS
|
||||||
do mkdir -p "$TMP_DIR/$a"
|
do mkdir -p "$TMP_DIR/$a"
|
||||||
|
@ -112,10 +113,10 @@ function box_diff()
|
||||||
|
|
||||||
############################# main #####################################
|
############################# main #####################################
|
||||||
|
|
||||||
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'"
|
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'" && exit 1
|
||||||
|
|
||||||
ACTION=--help
|
ACTION=--help
|
||||||
[ $# -gt 0 ] && ACTION=$1
|
[ $# -gt 1 ] && $ACTION=$1
|
||||||
|
|
||||||
case "$1" in
|
case "$1" in
|
||||||
diff )
|
diff )
|
||||||
|
@ -159,6 +160,7 @@ case "$1" in
|
||||||
echo -e "unknown action: $1"
|
echo -e "unknown action: $1"
|
||||||
echo
|
echo
|
||||||
$0 help
|
$0 help
|
||||||
exit 1
|
exit "1"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue