bugfixes all over

This commit is contained in:
lars 2005-12-13 20:39:14 +00:00
parent 0d9534c8aa
commit ea8dc17a17
6 changed files with 62 additions and 63 deletions

View File

@ -10,8 +10,7 @@ CONF_FILE=${CONF_FILE:-/etc/cryptobox/cryptobox.conf}
if [ -e "$CONF_FILE" ]
then . "$CONF_FILE"
# create mount and config directories with appropriate permissions
[ ! -e "$MNT_PARENT" ] && mkdir -p "$MNT_PARENT" && \
chown "$WEB_USER" "$MNT_PARENT" && chmod 700 "$MNT_PARENT"
[ ! -e "$MNT_PARENT" ] && mkdir -p "$MNT_PARENT"
[ ! -e "$CONFIG_DIR" ] && mkdir -p "$CONFIG_DIR" && \
chown "$WEB_USER" "$CONFIG_DIR" && chmod 700 "$CONFIG_DIR"
[ ! -e "$LOG_FILE" ] && touch "$LOG_FILE" && chown "$WEB_USER" "$LOG_FILE"

View File

@ -5,7 +5,8 @@ LANGUAGE=en
NET_IFACE=eth0
FILE_USER=cryptobox-data
WEB_USER=www-data
SCAN_DEVICES="hda hdb hdc hdd hde hdf hdg scd sg sda sdb sdc sdd"
SCAN_DEVICES="sda"
#SCAN_DEVICES="hda hdb hdc hdd hde hdf hdg scd sg sda sdb sdc sdd"
# set this to "1" to create a dedicated configuration partition (very small)
# this should only be necessary, if your root filesystem is read-only (as for a live-cd)

View File

@ -48,7 +48,7 @@ case "$1" in
if [ ! -e "$DEV_FEATURES_SCRIPT" ]; then
echo
echo "How to use the CryptoBox:"
echo " * point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)'"
echo " * point a webbrowser from another computer to 'http://$(/usr/lib/cryptobox/cbox-manage.sh get_current_ip)/cryptobox'"
echo " * configure your CryptoBox via a webbrowser"
echo
else
@ -68,9 +68,9 @@ case "$1" in
# exit if not running
"$0" status || exit 0
# shut down
"$CB_SCRIPT" services-up
"$CB_SCRIPT" network-up
"$CB_SCRIPT" config-up
"$CB_SCRIPT" services-down
"$CB_SCRIPT" network-down
"$CB_SCRIPT" config-down
;;
restart | reload | force-reload )
$0 stop

View File

@ -404,7 +404,7 @@ if ( ! &check_ssl()) {
if ($query->param('type') eq 'reboot') {
&system_reboot();
$pagedata->setValue('Data.Success', 'ReBoot');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "180");
} else {
&system_poweroff();
@ -441,7 +441,7 @@ if ( ! &check_ssl()) {
} else {
$pagedata->setValue('Data.Success', 'UmountDone');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
}
}
@ -459,7 +459,7 @@ if ( ! &check_ssl()) {
} elsif (&check_mounted()) {
$pagedata->setValue('Data.Warning', 'IsMounted');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
} elsif ($query->param('crypto_password') eq '') {
# leeres Passwort
@ -474,7 +474,7 @@ if ( ! &check_ssl()) {
} else {
$pagedata->setValue('Data.Success', 'MountDone');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
}
}
@ -491,7 +491,7 @@ if ( ! &check_ssl()) {
} elsif (&check_mounted()) {
$pagedata->setValue('Data.Warning', 'IsMounted');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
} else {
$pagedata->setValue('Data.Action', 'form_mount');
@ -504,7 +504,7 @@ if ( ! &check_ssl()) {
} elsif ( ! &check_mounted()) {
$pagedata->setValue('Data.Warning', 'NotMounted');
$pagedata->setValue('Data.Action', 'empty');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
} else {
$pagedata->setValue('Data.Action', 'form_umount');
@ -606,13 +606,13 @@ if ( ! &check_ssl()) {
} else {
$pagedata->setValue('Data.Success', 'ConfigSaved');
}
$pagedata->setValue('Data.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "30");
}
}
#################### status #########################
} elsif ($action eq 'status') {
} elsif ($action eq 'show_status') {
if ( ! &check_config()) {
$pagedata->setValue('Data.Warning', 'NotInitialized');
$pagedata->setValue('Data.Action', 'form_init');
@ -622,8 +622,8 @@ if ( ! &check_ssl()) {
$pagedata->setValue('Data.Redirect.Action', 'form_config');
$pagedata->setValue('Data.Redirect.Delay', "30");
} else {
$pagedata->setValue('Data.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "60");
}
################### box_purge #######################
@ -655,8 +655,8 @@ if ( ! &check_ssl()) {
$pagedata->setValue('Data.Redirect.Action', 'form_config');
$pagedata->setValue('Data.Redirect.Delay', "60");
} elsif (&check_config()) {
$pagedata->setValue('Data.Action', 'status');
$pagedata->setValue('Data.Redirect.Action', 'status');
$pagedata->setValue('Data.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Action', 'show_status');
$pagedata->setValue('Data.Redirect.Delay', "60");
} else {
$pagedata->setValue('Data.Action', 'form_init');

View File

@ -110,8 +110,9 @@ function create_config()
# Parameter: device
{
local device=$1
unload_config
# create the new configuration filesystem if it is not static
if is_config_active || [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ]
if [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ]
then log_msg "Using static configuration ..."
else log_msg "Creating config filesystem ..."
sudo "$ROOT_PERM_SCRIPT" create_config "$device"
@ -163,17 +164,9 @@ function list_partitions_of_type()
fi
done
case "$1" in
config )
echo "$config"
;;
crypto )
echo "$crypto"
;;
plaindata )
echo "$plaindata"
;;
unused )
echo "$unused"
config | crypto | plaindata | unused )
# dirty hack, but it works
eval "echo \$$1"
;;
* )
errot_msg "wrong parameter ($1) for list_partition_types in $(basename $0)"
@ -303,27 +296,30 @@ function get_available_disks()
function load_config()
{
# error if dynamic configuration is active
# return if static configuration is active
is_config_active && [ "$USE_SEPERATE_CONFIG_PARTITION" != "1" ] && return
unload_config
local status=0
# look for a configuration partition
list_partitions_of_type config | head -1 | while read part
do log_msg "Trying to load configuration from /dev/$part ..."
if sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$part"
then log_msg "configuraton found on $part"
sudo "$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
# copy certificate to /tmp in case of re-initialization
# /tmp should be writable, so tmpfs has to be mounted before (/etc/rcS.d)
[ "$USE_STUNNEL" = 1 ] && cp "$CERT_FILE" "$CERT_TEMP"
return
fi
done
log_msg "failed to locate config partition"
return 1
[ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ] && \
list_partitions_of_type config | while read part && [ "$status" = 0 ]
do log_msg "Trying to load configuration from /dev/$part ..."
if sudo "$ROOT_PERM_SCRIPT" is_config_partition "/dev/$part"
then log_msg "configuraton found on $part"
sudo "$ROOT_PERM_SCRIPT" mount_config "/dev/$part"
status=1
fi
done
if is_config_active
then # copy certificate to /tmp in case of re-initialization
# /tmp should be writable, so tmpfs has to be mounted before (/etc/rcS.d)
[ "$USE_STUNNEL" = 1 ] && cp "$CERT_FILE" "$CERT_TEMP"
else log_msg "failed to locate config partition"
return 1
fi
true
}
function umount_config()
function unload_config()
{
is_config_active || return
# only try to unmount, if it is not static (the config of a live-cd is always dynamic)
@ -362,7 +358,7 @@ function box_purge()
# TODO: not ALL harddisks, please!
get_available_disks | while read a
do log_msg "Purging $a ..."
sudo "$ROOT_PERM_SCRIPT" trash_device "$a" >>"$LOG_FILE" 2>&1
sudo "$ROOT_PERM_SCRIPT" trash_device "$a"
done
}
@ -373,7 +369,7 @@ function init_cryptobox()
local device=$(find_harddisk)
[ -z "$device" ] && log_msg 'No valid harddisk found!' && return 1
turn_off_all_crypto
is_config_active && umount_config || true
unload_config || true
log_msg "Partitioning the device ($device) ..."
sudo "$ROOT_PERM_SCRIPT" partition_disk "$device" "0,1,L \n,,L\n"
log_msg "Initializing config partition on ${device}1 ..."
@ -407,13 +403,10 @@ case "$ACTION" in
fi
;;
config-down )
if is_config_active && [ "$USE_SEPERATE_CONFIG_PARTITION" = "1" ]
then umount_config || error_msg 4 "Could not unmount configuration partition"
else true
fi
unload_config || error_msg 4 "Could not unmount configuration partition"
;;
network-up )
if [ "$SKIP_NETWORK_CONFIG}" != 1 ]
if [ "$SKIP_NETWORK_CONFIG" != 1 ]
then conf_ip=$(config_get_value "ip")
log_msg "Configuring $NET_IFACE for $conf_ip ..."
echo "Configuring network interface for $NET_IFACE: $conf_ip"
@ -445,7 +438,8 @@ case "$ACTION" in
fi
if [ "$USE_STUNNEL" = 1 ]
then log_msg "Stopping stunnel ..."
killall stunnel
# TODO: what about a pid?
killall stunnel 2>/dev/null || true
fi
if [ "$SKIP_NETWORK_CONFIG" != 1 ]
then log_msg "Shutting the network interface down ..."
@ -455,12 +449,17 @@ case "$ACTION" in
services-up )
# the mount point has to be writeable
# this action is called as root - so we are allowed to umount
mount -t tmpfs tmpfs "$MNT_PARENT"
# is something special necessary?
# TODO: do this only for ro-filesystem
# TODO: this way of mounting is evil
if mountpoint -q "$MNT_PARENT"
then true
else mount -t tmpfs tmpfs "$MNT_PARENT"
fi
true
;;
services-down )
# this action is called as root - so we are allowed to umount
umount "$MNT_PARENT"
mountpoint -q "$MNT_PARENT" && umount "$MNT_PARENT"
# TODO: we should not depend on samba and thttpd
# /etc/init.d/samba stop || true
# /etc/init.d/thttpd stop || true
@ -545,7 +544,7 @@ case "$ACTION" in
log_msg "Cleaning the CryptoBox ..."
turn_off_all_crypto
"$0" config-down
box_purge
box_purge >>"$LOG_FILE" 2>&1
;;
poweroff )
log_msg "Turning off the CryptoBox ..."
@ -580,7 +579,7 @@ case "$ACTION" in
echo " set_config NAME VALUE - change a configuration setting"
echo " get_config NAME - retrieve a configuration setting"
echo " diskinfo - show the partition table of the harddisk"
echo " box-purge - destroy partitiontable of the harddisk (delete everything)"
echo " box-purge - destroy partitiontable of all harddisks (delete everything)"
echo " poweroff - shutdown the cryptobox"
echo " reboot - reboot the cryptobox"
echo

View File

@ -7,7 +7,7 @@
<?cs else ?>
<a href="<?cs call:getSelfURL('action=mount_ask','action') ?>" title="<?cs var:Lang.Text.DoMount ?>"><?cs var:Lang.Button.Mount ?></a>
<?cs /if ?>
<a href="<?cs call:getSelfURL('action=status','action') ?>" title="<?cs var:Lang.Button.Status ?>"><?cs var:Lang.Button.Status ?></a>
<a href="<?cs call:getSelfURL('action=show_status','action') ?>" title="<?cs var:Lang.Button.Status ?>"><?cs var:Lang.Button.Status ?></a>
<?cs /if ?>
<!-- already initialized (or at least in progress)? -->