* scan-device list enhanced

* minor changes in cb-boot services
* cbox-manage interrupts without a harddisk
This commit is contained in:
age 2005-10-20 12:11:32 +00:00
parent 086911e1b8
commit d88b3c2796
12 changed files with 59 additions and 71 deletions

View File

@ -4,7 +4,7 @@
LANGUAGE=de
NET_IFACE=eth0
SAMBA_USER=nobody
SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3"
SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3 /dev/sg /dev/sda /dev/sdb /dev/sdc /dev/sdd"
# directories
LANGUAGE_DIR=/usr/share/cryptobox/lang

View File

@ -1,26 +0,0 @@
#!/bin/sh
#
# this script looks for the devel-features.sh script
# if it exists, it will be executed - this is
# ONLY FOR DEVELOPMENT CDs!
# for release CDs the file devel-features.sh script should never exist!
#
set -eu
# parse config file
. /etc/cryptobox/cryptobox.conf
# return, if it does not exist
[ ! -e "$DEV_FEATURES_SCRIPT" ] && exit 0
echo
echo "#---------------------------------------------------------------#"
echo "| WARNING: developers features are enabled |"
echo "| This definitely should NOT happen for production CDs! |"
echo "| If you are not a developer, then this CD is DANGEROUS, as it |"
echo "| offers no security at all! |"
echo "#---------------------------------------------------------------#"
echo
$DEV_FEATURES_SCRIPT "$@"

View File

@ -0,0 +1,44 @@
#!/bin/sh
set -eu
#
# we give some hints for users, sitting in front of the cryptobox waiting for a login prompt
#
# parse config file
. /etc/cryptobox/cryptobox.conf
case "$1" in
start )
# check if we are on a developers CryptoBox
# if not give some usage hints
# otherwise give a warning and start the devel features
if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
echo
echo "Hints for usage:"
echo " * for some reasons you can not login here :)"
echo " * point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cb-manage.sh get_current_ip)'"
echo " * configure your CryptoBox via a webbrowser"
echo
else
echo
echo "#---------------------------------------------------------------#"
echo "| WARNING: Some CryptoBox development features are enabled |"
echo "| This should definitely NOT happen for a production CD. |"
echo "| as it offers no security at all. |"
echo "| If you don't plan to refine this CD, don't use it! |"
echo "#---------------------------------------------------------------#"
echo
$DEV_FEATURES_SCRIPT "$@"
fi
;;
stop )
;;
restart )
$0 stop
$0 start
;;
* )
echo "Syntax: $0 { start | stop | restart }"
;;
esac

View File

@ -1,26 +0,0 @@
#!/bin/sh
#
# give some hints for users, who are sitting in front of the cryptobox and are mistakenly
# waiting for a login prompt
#
case "$1" in
start )
echo
echo "Hints for usage:
echo " * you can not login here :)"
echo " * point a webbrowser on another computer to 'http://$(/usr/lib/cryptobox/cb-manage.sh get_current_ip)'"
echo " * configure your box via your webbrowser"
echo
;;
stop )
;;
restart )
$0 stop
$0 start
;;
* )
echo "Syntax: $0 { start | stop | restart }"
;;
esac

View File

@ -1 +0,0 @@
../init.d/cb-devel-features.sh

View File

@ -1 +0,0 @@
../init.d/cb-devel-features.sh

View File

@ -1 +0,0 @@
../init.d/cb-devel-features.sh

View File

@ -46,13 +46,6 @@ function initial_checks()
local device="$1"
[ ! -b "$device" ] && log_msg "blockdevice $device does not exist" && return 1
[ ! -x "$SFDISK" ] && log_msg "$SFDISK not found" && return 1
# TODO: remove this section, as soon as the crypto algorithms are statically build into the kernel
local algos
for algo in "$(config_get_value cipher)" "$(config_get_value hash)"
do local a=$(echo "$algo" | sed 's/-.*$//'); # remove everything after "-" (e.g. for "aes-cbc-essiv:sha256")
grep -q "^name *: $a$" /proc/crypto || modprobe "$a"
grep -q "^name *: $a$" /proc/crypto || { log_msg "$a is not supported by kernel" && return 1; }
done
log_msg "inital checks successful"
return 0
}
@ -157,7 +150,7 @@ function create_crypto()
{
local device="$1"
# passphrase may be passed via command line
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"
}
@ -232,7 +225,11 @@ function find_harddisk()
do grep -q " `basename $a`$" /proc/partitions && echo "$a" && break
done
fi )
[ -z "$dev" ] && echo "no valid partition for initialisation found!" >>"$LOG_FILE"
if [ -z "$dev" ] ; then
echo "no valid harddisk for initialisation found!" >>"$LOG_FILE"
cat /proc/partitions >>"$LOG_FILE"
return 1
fi
echo -n "$dev"
}
@ -262,7 +259,7 @@ function mount_crypto()
{
is_crypto_mounted && echo "Das Crypto-Dateisystem ist bereits aktiv!" && return
local device=`find_harddisk`
[ -z "$device" ] && error_msg 4 'no valid harddisk found!'
[ -z "$device" ] && error_msg 4 'no valid harddisk found!' && return 1
# passphrase is read from stdin
log_msg "Mounting crypto partition ..."
$CRYPTSETUP -h "$(config_get_value hash)" -c "$(config_get_value cipher)" create "`basename $CRYPTMAPPER_DEV`" "${device}2"

View File

@ -26,7 +26,7 @@ Lang {
EnterSameAdminPassword = Das neue Admin-Passwort wiederholen:
InitWarning = Bei der Initialisierung werden ALLE DATEN auf der Festplatte GELÖSCHT!
ConfirmInitHint = Um zu bestätigen, dass du weisst, was du tust, tippe hier bitte exakt Folgendes ein:
ConfirmInit = ja, loesche alle Daten!
ConfirmInit = Ja, loesche alle Daten!
PartitionInfo = Derzeitige Partitionierung der Festplatte:
IPAddress = Netzwerk-Adresse (IP) der CryptoBox:
TimeOut = Zeitabschaltung des Crypto-Dateisystems (in Minuten):

View File

@ -27,7 +27,7 @@ HD_IMAGE="/tmp/`basename $0`-testplatte.img"
MKISOFS_OPTIONS="-allow-multidot -U -D -iso-level 3 -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 1 -boot-info-table -pad -R"
# for burning a CD
CDWRITER="2,0,0"
CDWRITER="0,0,0"
####################### validation ########################

View File

@ -67,6 +67,7 @@ function upload2box()
# be updated this way
{
local DIRS="var/www usr/share/cryptobox usr/lib/cryptobox"
echo "Uploading the following dirs: $DIRS "
[ -e "$TMP_DIR" ] || mkdir -p "$TMP_DIR"
for a in $DIRS
do mkdir -p "$TMP_DIR/$a"
@ -112,10 +113,10 @@ function box_diff()
############################# main #####################################
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'"
[ $# -eq 0 ] && echo "[`basename $0`] - no arguments supplied - maybe you want to use '--help'" && exit 1
ACTION=--help
[ $# -gt 0 ] && ACTION=$1
[ $# -gt 1 ] && $ACTION=$1
case "$1" in
diff )
@ -159,6 +160,7 @@ case "$1" in
echo -e "unknown action: $1"
echo
$0 help
exit 1
exit "1"
;;
esac