|
|
|
@ -15,6 +15,9 @@
|
|
|
|
|
# - the web frontend cgi
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
# TODO: check permissions and owners of config files, directories and scripts before
|
|
|
|
|
# running cbox-root-actions.sh
|
|
|
|
|
|
|
|
|
|
set -eu
|
|
|
|
|
|
|
|
|
|
# read the default setting file, if it exists
|
|
|
|
@ -25,6 +28,9 @@ CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
|
|
|
|
|
# parse config file
|
|
|
|
|
. "$CONF_FILE"
|
|
|
|
|
|
|
|
|
|
# check for writable log file
|
|
|
|
|
[ -w "$LOG_FILE" ] || LOG_FILE=/tmp/$(basename "$LOG_FILE")
|
|
|
|
|
|
|
|
|
|
## configuration
|
|
|
|
|
CERT_TEMP=/tmp/stunnel.pem
|
|
|
|
|
|
|
|
|
@ -54,28 +60,16 @@ function error_msg()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function create_partitions()
|
|
|
|
|
# Parameter: device
|
|
|
|
|
{
|
|
|
|
|
# TODO: allow different layouts
|
|
|
|
|
# TODO: skip config partition if a configuration is already active
|
|
|
|
|
local device=$1
|
|
|
|
|
# first partition size is 1 sector, second goes til end
|
|
|
|
|
# sfdisk -n doesn't actually write (for testing purpose)
|
|
|
|
|
echo -e "0,1,L \n,,L\n" | "$SFDISK" "$device"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function config_set_value()
|
|
|
|
|
# parameters: SettingName [SettingValue]
|
|
|
|
|
# read from stdin if SettingValue is not defined
|
|
|
|
|
{
|
|
|
|
|
mountpoint -q "$CONFIG_DIR" && mount -o rw,remount "$CONFIG_DIR"
|
|
|
|
|
[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && sudo "$ROOT_PERM_SCRIPT" remount_config rw
|
|
|
|
|
if [ $# -gt 1 ]
|
|
|
|
|
then echo -n "$2" > "$CONFIG_DIR/$1"
|
|
|
|
|
else cat - >"$CONFIG_DIR/$1"
|
|
|
|
|
fi
|
|
|
|
|
mountpoint -q "$CONFIG_DIR" && mount -o ro,remount "$CONFIG_DIR"
|
|
|
|
|
[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && sudo "$ROOT_PERM_SCRIPT" remount_config ro
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -84,7 +78,7 @@ function config_get_value()
|
|
|
|
|
{
|
|
|
|
|
# use mounted config, if it exists - otherwise use defaults
|
|
|
|
|
local conf_dir
|
|
|
|
|
if is_config_mounted
|
|
|
|
|
if is_config_active
|
|
|
|
|
then conf_dir=$CONFIG_DIR
|
|
|
|
|
else conf_dir=$CONFIG_DEFAULTS_DIR
|
|
|
|
|
fi
|
|
|
|
@ -112,14 +106,13 @@ function create_config()
|
|
|
|
|
{
|
|
|
|
|
local device=$1
|
|
|
|
|
# create the new configuration filesystem if it is not static
|
|
|
|
|
if is_config_mounted
|
|
|
|
|
if is_config_active
|
|
|
|
|
then log_msg "Using static configuration ..."
|
|
|
|
|
else log_msg "Creating config filesystem ..."
|
|
|
|
|
# filter output through 'tr' to replace tabs
|
|
|
|
|
$MKFS_CONFIG "$device" | tr '\010' ' '
|
|
|
|
|
# mount the config partition rw
|
|
|
|
|
sudo "$ROOT_PERM_SCRIPT" create_config "$device"
|
|
|
|
|
log_msg "Mounting config partition ..."
|
|
|
|
|
mount "$device" "$CONFIG_DIR"
|
|
|
|
|
sudo "$ROOT_PERM_SCRIPT" mount_config "$device"
|
|
|
|
|
sudo "$ROOT_PERM_SCRIPT" remount_config rw
|
|
|
|
|
fi
|
|
|
|
|
# create a marker to recognize a cryptobox partition
|
|
|
|
|
date -I >"$CONFIG_DIR/$CONFIG_MARKER"
|
|
|
|
@ -127,7 +120,7 @@ function create_config()
|
|
|
|
|
cp -a "$CONFIG_DEFAULTS_DIR/." "$CONFIG_DIR"
|
|
|
|
|
|
|
|
|
|
log_msg "Copying temporary certificate file to config filesystem ..."
|
|
|
|
|
# beware: the temp file should always be there - even after reboot - see "mount_config"
|
|
|
|
|
# beware: the temp file should always be there - even after reboot - see "load_config"
|
|
|
|
|
cp -p "$CERT_TEMP" "$CERT_FILE"
|
|
|
|
|
|
|
|
|
|
log_msg "Setting inital values ..."
|
|
|
|
@ -135,12 +128,6 @@ function create_config()
|
|
|
|
|
config_set_value "ip" "$(get_current_ip)"
|
|
|
|
|
# create database of readable names
|
|
|
|
|
config_set_value "names.db" ""
|
|
|
|
|
|
|
|
|
|
# reinitialise configuration
|
|
|
|
|
log_msg "Unmounting config partition ..."
|
|
|
|
|
umount_config
|
|
|
|
|
log_msg "Reload configuration ..."
|
|
|
|
|
mount_config
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -148,30 +135,51 @@ function get_current_ip()
|
|
|
|
|
# not necessarily the same as configured (necessary for validation)
|
|
|
|
|
{
|
|
|
|
|
# filter the output of ifconfig and remove trailing line break
|
|
|
|
|
echo -n $(ifconfig $NET_IFACE | grep "inet" | cut -d ":" -f2 | cut -d " " -f1)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function list_crypto_containers()
|
|
|
|
|
{
|
|
|
|
|
for a in $ALL_PARTITIONS
|
|
|
|
|
do "$CRYPTSETUP" isLuks "/dev/$a" 2>/dev/null && echo "/dev/$a"
|
|
|
|
|
done
|
|
|
|
|
echo -n $("$IFCONFIG" "$NET_IFACE" | grep "inet" | cut -d ":" -f2 | cut -d " " -f1)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function list_unused_partitions()
|
|
|
|
|
function list_partitions_of_type()
|
|
|
|
|
# parameter: { config | crypto | plaindata | unused }
|
|
|
|
|
{
|
|
|
|
|
local config=
|
|
|
|
|
local crypto=
|
|
|
|
|
local plaindata=
|
|
|
|
|
local unused=
|
|
|
|
|
for a in $ALL_PARTITIONS
|
|
|
|
|
do "$CRYPTSETUP" isLuks "/dev/$a" 2>/dev/null || echo "/dev/$a"
|
|
|
|
|
do if sudo "$ROOT_PERM_SCRIPT" is_crypto_partition "/dev/$a"
|
|
|
|
|
then crypto="$crypto /dev/$a"
|
|
|
|
|
elif sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$a"
|
|
|
|
|
then config="$config /dev/$a"
|
|
|
|
|
elif sudo "$ROOT_PERM_SCRIPT" is_plaindata_partition "/dev/$a"
|
|
|
|
|
then plaindata="$plaindata /dev/$a"
|
|
|
|
|
else unused="$unused /dev/$a"
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
case "$1" in
|
|
|
|
|
config )
|
|
|
|
|
echo "$config"
|
|
|
|
|
;;
|
|
|
|
|
crypto )
|
|
|
|
|
echo "$crypto"
|
|
|
|
|
;;
|
|
|
|
|
plaindata )
|
|
|
|
|
echo "$plaindata"
|
|
|
|
|
;;
|
|
|
|
|
unused )
|
|
|
|
|
echo "$unused"
|
|
|
|
|
;;
|
|
|
|
|
* )
|
|
|
|
|
errot_msg "wrong parameter ($1) for list_partition_types in $(basename $0)"
|
|
|
|
|
;;
|
|
|
|
|
esac | tr " " "\n" | grep -v '^$'
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function get_crypto_uuid()
|
|
|
|
|
# Parameter: DEVICE
|
|
|
|
|
{
|
|
|
|
|
"$CRYPTSETUP" luksUUID "$1"
|
|
|
|
|
sudo "$ROOT_PERM_SCRIPT" get_device_name "$1"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -180,7 +188,7 @@ function get_crypto_name()
|
|
|
|
|
# return the readable name of the crypto container, it it is already defined
|
|
|
|
|
# if undefined - return the uuid
|
|
|
|
|
{
|
|
|
|
|
local uuid=$($CRYPTSETUP luksUUID $1)
|
|
|
|
|
local uuid=$(get_crypto_uuid "$1")
|
|
|
|
|
local dbname=$(config_get_value "names.db" | grep "^$uuid:" | cut -d ":" -f 2-)
|
|
|
|
|
if [ -z "$dbname" ]
|
|
|
|
|
then echo -n "$uuid"
|
|
|
|
@ -190,9 +198,10 @@ function get_crypto_name()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function set_crypto_name()
|
|
|
|
|
# TODO: the implementation is quite ugly, but it works (tm)
|
|
|
|
|
# Parameter: DEVICE NAME
|
|
|
|
|
{
|
|
|
|
|
local uuid=$($CRYPTSETUP luksUUID $1)
|
|
|
|
|
local uuid=$(get_crypto_uuid "$1")
|
|
|
|
|
# remove the old setting for this device and every possible entry with the same name
|
|
|
|
|
(config_get_value 'names.db' | sed "/^$uuid:/d; /^[^:]*:$2$/d"; echo "$uuid:$2") | config_set_value 'names.db'
|
|
|
|
|
}
|
|
|
|
@ -208,53 +217,26 @@ function does_crypto_name_exist()
|
|
|
|
|
function create_crypto()
|
|
|
|
|
# Parameter: DEVICE NAME KEYFILE
|
|
|
|
|
# keyfile is necessary, to allow background execution via 'at'
|
|
|
|
|
# TODO: check if the keyfile is still necessary for sudo -b
|
|
|
|
|
{
|
|
|
|
|
local device=$1
|
|
|
|
|
local name=$2
|
|
|
|
|
local keyfile=$3
|
|
|
|
|
# otherwise the web interface will hang
|
|
|
|
|
# passphrase may be passed via command line
|
|
|
|
|
log_msg "Creating crypto partition with the cipher $DEFAULT_CIPHER on $device"
|
|
|
|
|
# the hash is ignored by luks
|
|
|
|
|
# the iter-time specifies the time spent on PBKDF2 - one second is said to be sufficient
|
|
|
|
|
# luksFormat floods the container with random noise automatically
|
|
|
|
|
cat "$keyfile" | $CRYPTSETUP -c "$DEFAULT_CIPHER" luksFormat "$device"
|
|
|
|
|
set_crypto_name "$device" "$name"
|
|
|
|
|
local uuid=$(get_crypto_uuid "$device")
|
|
|
|
|
|
|
|
|
|
# map the crypto container
|
|
|
|
|
cat "$keyfile" | $CRYPTSETUP luksOpen "$device" "$uuid"
|
|
|
|
|
|
|
|
|
|
local key=$(<"$keyfile")
|
|
|
|
|
# remove the passphrase-file as soon as possible
|
|
|
|
|
dd if=/dev/zero of="$keyfile" bs=512 count=1 2>/dev/null
|
|
|
|
|
rm "$keyfile"
|
|
|
|
|
|
|
|
|
|
# filter output through 'tr' to replace tabs
|
|
|
|
|
$MKFS_DATA "$CRYPTMAPPER_DIR/$uuid" | tr '\0101' ' '
|
|
|
|
|
|
|
|
|
|
# set user for samba
|
|
|
|
|
# TODO: rename SAMBA_USER to something like FILE_USER
|
|
|
|
|
mkdir -p "$MNT_PARENT/$name"
|
|
|
|
|
mount "$CRYPTMAPPER_DIR/$uuid" "$MNT_PARENT/$name"
|
|
|
|
|
chown $SAMBA_USER "$MNT_PARENT/$name"
|
|
|
|
|
umount_crypto "$device"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log_msg "Creating crypto partition with the cipher $DEFAULT_CIPHER on $device"
|
|
|
|
|
echo "$key" | sudo "$ROOT_PERM_SCRIPT" create_crypto "$device"
|
|
|
|
|
|
|
|
|
|
function config_mount_test()
|
|
|
|
|
# Parameter: device
|
|
|
|
|
{
|
|
|
|
|
local device=$1
|
|
|
|
|
local STATUS=0
|
|
|
|
|
mount "${device}" "$CONFIG_DIR" &>/dev/null || true
|
|
|
|
|
is_config_mounted && STATUS=1
|
|
|
|
|
umount "$CONFIG_DIR" &>/dev/null || true
|
|
|
|
|
# return code is the result of this expression
|
|
|
|
|
test 1 -eq "$STATUS"
|
|
|
|
|
set_crypto_name "$device" "$name"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function is_config_mounted()
|
|
|
|
|
function is_config_active()
|
|
|
|
|
{
|
|
|
|
|
test -f "$CONFIG_DIR/$CONFIG_MARKER"
|
|
|
|
|
}
|
|
|
|
@ -263,8 +245,8 @@ function is_config_mounted()
|
|
|
|
|
function is_crypto_mounted()
|
|
|
|
|
# Parameter: DEVICE
|
|
|
|
|
{
|
|
|
|
|
local uuid=$(get_crypto_uuid $1)
|
|
|
|
|
test -e "$CRYPTMAPPER_DIR/$uuid"
|
|
|
|
|
local name=$(get_crypto_uuid "$1")
|
|
|
|
|
[ -n "$name" ] && mountpoint -q "$MNT_PARENT/$name"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -313,22 +295,17 @@ function get_available_disks()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function mount_config()
|
|
|
|
|
function load_config()
|
|
|
|
|
{
|
|
|
|
|
# error if dynamic configuration is active
|
|
|
|
|
# return if static configuration is active
|
|
|
|
|
if is_config_mounted && mountpoint -q "$CONFIG_DIR"
|
|
|
|
|
then error_msg 3 "configuration directory ($CONFIG_DIR) is already mounted!"
|
|
|
|
|
else is_config_mounted && return
|
|
|
|
|
fi
|
|
|
|
|
is_config_active && [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ] && return
|
|
|
|
|
# look for a configuration partition
|
|
|
|
|
# modify all scan_devices to get regular expressions like "^hda[0-9]*$"
|
|
|
|
|
local scan_regex=$(echo "SCAN_DEVICES" | tr " " "\n" | sed 's/^/^/; s/$/[0-9]*$/')
|
|
|
|
|
echo "$ALL_PARTITIONS" | grep "$scan_regex" | while read part
|
|
|
|
|
list_partitions_of_type config | head -1 | while read part
|
|
|
|
|
do log_msg "Trying to load configuration from /dev/$part ..."
|
|
|
|
|
if config_mount_test "/dev/$part"
|
|
|
|
|
if sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$part"
|
|
|
|
|
then log_msg "configuraton found on $part"
|
|
|
|
|
mount "/dev/$part" "$CONFIG_DIR"
|
|
|
|
|
sudo "$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
|
|
|
|
|
# copy certificate to /tmp in case of re-initialization
|
|
|
|
|
# /tmp should be writable, so tmpfs has to be mounted before (/etc/rcS.d)
|
|
|
|
|
cp "$CERT_FILE" "$CERT_TEMP"
|
|
|
|
@ -342,10 +319,10 @@ function mount_config()
|
|
|
|
|
|
|
|
|
|
function umount_config()
|
|
|
|
|
{
|
|
|
|
|
is_config_mounted || return
|
|
|
|
|
is_config_active || return
|
|
|
|
|
# only try to unmount, if it is not static (the config of a live-cd is always dynamic)
|
|
|
|
|
if mountpoint -q "$CONFIG_DIR"
|
|
|
|
|
then umount "$CONFIG_DIR"
|
|
|
|
|
if [ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ]
|
|
|
|
|
then sudo "$ROOT_PERM_SCRIPT" umount_config
|
|
|
|
|
else true
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
@ -357,21 +334,9 @@ function mount_crypto()
|
|
|
|
|
local device=$1
|
|
|
|
|
[ -z "$device" ] && error_msg 4 'No valid harddisk found!' && return 1
|
|
|
|
|
is_crypto_mounted "$device" && echo "The crypto filesystem is already active!" && return
|
|
|
|
|
local uuid=$(get_crypto_uuid "$device")
|
|
|
|
|
local name=$(get_crypto_name "$device")
|
|
|
|
|
# passphrase is read from stdin
|
|
|
|
|
log_msg "Mounting crypto partition $name ($device)"
|
|
|
|
|
$CRYPTSETUP luksOpen "$device" "$uuid"
|
|
|
|
|
[ -e "$MNT_PARENT/$name" ] || mkdir -p "$MNT_PARENT/$name"
|
|
|
|
|
if mount "$CRYPTMAPPER_DIR/$uuid" "$MNT_PARENT/$name"
|
|
|
|
|
then true
|
|
|
|
|
# log_msg "Mount succeeded - now starting samba ..."
|
|
|
|
|
# /etc/init.d/samba start
|
|
|
|
|
return 0
|
|
|
|
|
else log_msg "Mount failed - removing the crypto device $uuid ..."
|
|
|
|
|
$CRYPTSETUP luksClose "$uuid"
|
|
|
|
|
return 1
|
|
|
|
|
fi
|
|
|
|
|
log_msg "Mounting a crypto partition from $device"
|
|
|
|
|
sudo "$ROOT_PERM_SCRIPT" mount "$device"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -379,39 +344,17 @@ function umount_crypto()
|
|
|
|
|
# Parameter: DEVICE
|
|
|
|
|
{
|
|
|
|
|
local device=$1
|
|
|
|
|
# do not break on error
|
|
|
|
|
set +e
|
|
|
|
|
# TODO: do not stop samba - or do it just temporarily
|
|
|
|
|
#if ps -e | grep -q " [sn]mbd$"
|
|
|
|
|
# then log_msg "Stopping samba ..."
|
|
|
|
|
# /etc/init.d/samba stop
|
|
|
|
|
# ps -e | grep -q " smbd$" && killall smbd
|
|
|
|
|
# ps -e | grep -q " nmbd$" && killall nmbd
|
|
|
|
|
# ps -e | grep -q " smbd$" && killall -9 smbd
|
|
|
|
|
# ps -e | grep -q " nmbd$" && killall -9 nmbd
|
|
|
|
|
# fi
|
|
|
|
|
local uuid=$(get_crypto_uuid $device)
|
|
|
|
|
local name=$(get_crypto_name $device)
|
|
|
|
|
if mountpoint -q "$MNT_PARENT/$name"
|
|
|
|
|
then log_msg "Unmounting crypto partition ..."
|
|
|
|
|
umount "$MNT_PARENT/$name"
|
|
|
|
|
rmdir "$MNT_PARENT/$name"
|
|
|
|
|
fi
|
|
|
|
|
if [ -e "$CRYPTMAPPER_DIR/$uuid" ]
|
|
|
|
|
then log_msg "Removing dev-mapper ..."
|
|
|
|
|
$CRYPTSETUP luksClose "$uuid"
|
|
|
|
|
fi
|
|
|
|
|
set -e
|
|
|
|
|
sudo "$ROOT_PERM_SCRIPT" umount "$uuid"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function box_purge()
|
|
|
|
|
# removing just the first bytes from the harddisk should be enough
|
|
|
|
|
{
|
|
|
|
|
local device
|
|
|
|
|
get_available_disks | while read a
|
|
|
|
|
do log_msg "Purging $device ..."
|
|
|
|
|
dd if=/dev/zero of=$device bs=1M count=1
|
|
|
|
|
do log_msg "Purging $a ..."
|
|
|
|
|
sudo "$ROOT_PERM_SCRIPT" trash_device "$a"
|
|
|
|
|
log_msg " "
|
|
|
|
|
done
|
|
|
|
|
}
|
|
|
|
@ -423,9 +366,10 @@ function init_cryptobox()
|
|
|
|
|
local device=$(find_harddisk)
|
|
|
|
|
[ -z "$device" ] && log_msg 'No valid harddisk found!' && return 1
|
|
|
|
|
turn_off_all_crypto
|
|
|
|
|
is_config_mounted && umount_config || true
|
|
|
|
|
log_msg "Initializing config partition on $device ..."
|
|
|
|
|
is_config_active && umount_config || true
|
|
|
|
|
log_msg "Partitioning the device ($device) ..."
|
|
|
|
|
create_partitions "$device"
|
|
|
|
|
log_msg "Initializing config partition on ${device}1 ..."
|
|
|
|
|
# TODO: this should not be hard-coded
|
|
|
|
|
create_config "${device}1"
|
|
|
|
|
}
|
|
|
|
@ -463,7 +407,7 @@ case "$ACTION" in
|
|
|
|
|
then conf_ip=$(config_get_value "ip")
|
|
|
|
|
log_msg "Configuring $NET_IFACE for $conf_ip ..."
|
|
|
|
|
echo "Configuring network interface for $NET_IFACE: $conf_ip"
|
|
|
|
|
ifconfig $NET_IFACE "$conf_ip"
|
|
|
|
|
"$IFCONFIG" "$NET_IFACE" "$conf_ip"
|
|
|
|
|
fi
|
|
|
|
|
if [ "${EXEC_FIREWALL_RULES:-0}" = 1 ]
|
|
|
|
|
then log_msg "Starting the firewall ..."
|
|
|
|
@ -492,15 +436,17 @@ case "$ACTION" in
|
|
|
|
|
fi
|
|
|
|
|
if [ "${SKIP_NETWORK_CONFIG:-1}" != 1 ]
|
|
|
|
|
then log_msg "Shutting the network interface down ..."
|
|
|
|
|
ifconfig "$NET_IFACE" down
|
|
|
|
|
"$IFCONFIG" "$NET_IFACE" down
|
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
services-up )
|
|
|
|
|
# the mount point has to be writeable
|
|
|
|
|
# this action is called as root - so we are allowed to umount
|
|
|
|
|
mount -t tmpfs tmpfs "$MNT_PARENT"
|
|
|
|
|
# is something special necessary?
|
|
|
|
|
;;
|
|
|
|
|
services-down )
|
|
|
|
|
# this action is called as root - so we are allowed to umount
|
|
|
|
|
umount "$MNT_PARENT"
|
|
|
|
|
# TODO: we should not depend on samba and thttpd
|
|
|
|
|
# /etc/init.d/samba stop || true
|
|
|
|
@ -533,10 +479,10 @@ case "$ACTION" in
|
|
|
|
|
create_crypto "$@"
|
|
|
|
|
;;
|
|
|
|
|
crypto-list )
|
|
|
|
|
list_crypto_containers
|
|
|
|
|
list_partitions_of_type crypto
|
|
|
|
|
;;
|
|
|
|
|
crypto-list-unused )
|
|
|
|
|
list_unused_partitions
|
|
|
|
|
list_partitions_of_type unused
|
|
|
|
|
;;
|
|
|
|
|
crypto-name )
|
|
|
|
|
# Parameter: DEVICE
|
|
|
|
@ -547,7 +493,7 @@ case "$ACTION" in
|
|
|
|
|
is_crypto_mounted "$1"
|
|
|
|
|
;;
|
|
|
|
|
is_config_mounted )
|
|
|
|
|
is_config_mounted
|
|
|
|
|
is_config_active
|
|
|
|
|
;;
|
|
|
|
|
is_init_running )
|
|
|
|
|
is_init_running
|
|
|
|
@ -560,7 +506,7 @@ case "$ACTION" in
|
|
|
|
|
# reconfigure the network interface to a new IP address
|
|
|
|
|
# wait for 5 seconds to finish present http requests
|
|
|
|
|
if [ "${SKIP_NETWORK_CONFIG:-1}" != 1 ]
|
|
|
|
|
then echo -n "sleep 5; ifconfig $NET_IFACE $(config_get_value ip)" | at now
|
|
|
|
|
then echo -n "sleep 5; sudo $ROOT_PERM_SCRIPT update_network" | at now
|
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
get_available_disks )
|
|
|
|
@ -579,7 +525,7 @@ case "$ACTION" in
|
|
|
|
|
;;
|
|
|
|
|
diskinfo )
|
|
|
|
|
get_available_disks | while read a
|
|
|
|
|
do "$SFDISK" -L -q -l "$a"
|
|
|
|
|
do sudo "$ROOT_PERM_SCRIPT" diskinfo "$a"
|
|
|
|
|
done
|
|
|
|
|
;;
|
|
|
|
|
box-purge )
|
|
|
|
|