commit f14351710cda56ad2a32eec4dd428ea46aa97eb6
Author: lars <lars@systemausfall.org>
Date:   Thu Jul 21 09:35:28 2005 +0000

    new directory layout (trunk, tags and branches)

diff --git a/cryptobox.conf.d/etc/cryptobox/cryptobox.conf b/cryptobox.conf.d/etc/cryptobox/cryptobox.conf
new file mode 100644
index 0000000..93126ac
--- /dev/null
+++ b/cryptobox.conf.d/etc/cryptobox/cryptobox.conf
@@ -0,0 +1,45 @@
+# this file is directly sourced by some bash scripts
+# so there should be no space around the "="
+
+LANGUAGE=de
+NET_IFACE=eth0
+SAMBA_USER=nobody
+SCAN_DEVICES="/dev/hda /dev/hdb /dev/hdc /dev/hde /dev/hdf /dev/hdg /dev/scd0 /dev/scd1 /dev/scd2 /dev/scd3"
+
+# directories
+LANGUAGE_DIR=/usr/share/cryptobox/lang
+TEMPLATE_DIR=/usr/share/cryptobox/templates
+DOC_DIR=/usr/share/doc/cryptobox/html
+CONFIG_DEFAULTS_DIR=/usr/share/cryptobox/defaults
+REPORT_DIR=/var/www/report
+CONFIG_DIR=/mnt/cb-etc
+CRYPTO_DIR=/mnt/crypto
+TEST_CASES_DIR=/usr/share/cryptobox/test-cases
+SUMMARY_TEMPLATE_DIR=/usr/share/cryptobox/templates/test-summary
+
+# some files
+CB_SCRIPT=/scripts/cryptobox.sh
+VALIDATE_SCRIPT=/usr/lib/cryptobox/validate.sh
+LOG_FILE=/var/log/cryptobox.log
+DEVELOPMENT_MARKER=/DEVELOPMENT_CRYPTOBOX
+CERT_FILE=/mnt/cb-etc/stunnel.pem
+OPENSSL_CONF_FILE=/etc/cryptobox/openssl.cnf
+
+# crypto settings
+HASH=sha512
+ALGO=aes
+CRYPTMAPPER_DEV=/dev/mapper/cryptobox-data
+
+# some programs
+SFDISK=/sbin/sfdisk
+WIPE=/usr/bin/wipe
+MKFS_DATA=/sbin/mkfs.ext3
+MKFS_CONFIG=/sbin/mkfs.ext2
+CRYPTSETUP=/sbin/cryptsetup
+
+# firewall setings
+# do not use multiports (iptables) as the timeout-script depends on
+# single port rules
+# ssh is allowed too, but the server is not started automatically
+ALLOW_TCP_PORTS="22 80 139 443 445"
+ALLOW_UDP_PORTS="137 138"
diff --git a/cryptobox.conf.d/etc/cryptobox/openssl.cnf b/cryptobox.conf.d/etc/cryptobox/openssl.cnf
new file mode 100644
index 0000000..a1a1a63
--- /dev/null
+++ b/cryptobox.conf.d/etc/cryptobox/openssl.cnf
@@ -0,0 +1,65 @@
+#
+# OpenSSL configuration file.
+#
+
+# Establish working directory.
+
+dir = . 
+
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+default_days = 3650
+default_md = md5
+policy = policy_match
+#serial = $dir/serial
+#database = $dir/index.txt
+#new_certs_dir = $dir/newcert
+#certificate = $dir/cacert.pem
+#private_key = $dir/private/cakey.pem
+#preserve = no
+#email_in_dn = no
+#nameopt = default_ca
+#certopt = default_ca
+
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = match
+commonName = supplied
+emailAddress = optional
+
+[ req ]
+default_bits = 1024 # Size of keys
+default_keyfile = stunnel.pem # name of generated keys
+default_md = md5 # message digest algorithm
+distinguished_name = req_distinguished_name
+
+[ req_distinguished_name ]
+# Variable name   Prompt string
+#----------------------   ----------------------------------
+0.organizationName = Organization Name (company)
+organizationalUnitName = Organizational Unit Name (department, division)
+emailAddress = Email Address
+emailAddress_max = 40
+localityName = Locality Name (city, district)
+stateOrProvinceName = State or Province Name (full name)
+#countryName = Country Name (2 letter code)
+#countryName_min = 2
+#countryName_max = 2
+#commonName = Common Name (hostname, IP, or your name)
+#commonName_max = 64
+
+# Default values for the above, for consistency and less typing.
+# Variable name   Value
+#------------------------------   ------------------------------
+0.organizationName_default = CryptoBox
+organizationalUnitName_default = s.l.
+localityName_default = Kugelmugel
+stateOrProvinceName_default = Metropolis
+emailAddress_default = info@systemausfall.org
+
+
+
diff --git a/cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh b/cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh
new file mode 100755
index 0000000..7324ab5
--- /dev/null
+++ b/cryptobox.conf.d/etc/rc2.d/S98cryptobox.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -eu
+
+ACTION=help
+[ $# -gt 0 ] && ACTION="$1"
+
+case "$ACTION" in
+	start )
+		/scripts/cryptobox.sh services-up
+		;;
+	stop )
+		/scripts/cryptobox.sh services-down
+		;;
+	restart )
+		$0 stop
+		$0 start
+		;;
+	* )
+		echo "Syntax: `basename $0` { start | stop | restart }"
+		;;
+  esac
diff --git a/cryptobox.conf.d/etc/rc2.d/S99cryptobox-devel-features.sh b/cryptobox.conf.d/etc/rc2.d/S99cryptobox-devel-features.sh
new file mode 100755
index 0000000..37ca5a2
--- /dev/null
+++ b/cryptobox.conf.d/etc/rc2.d/S99cryptobox-devel-features.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+#
+# this script looks for the file /DEVELOPMENT_CRYPTOBOX
+#  if it exists, the script $DEVEL_SCRIPT be executed - this is
+#  ONLY FOR DEVELOPMENT CDs!
+#  for production CD the file /DEVELOPMENT_CRYPTOBOX should never exist!
+#
+
+set -eu
+
+MARKER=/DEVELOPMENT_CRYPTOBOX
+
+# return, if it does not exist
+[ ! -e "$MARKER" ] && exit 0
+
+echo
+echo "#---------------------------------------------------------------#"
+echo "| WARNING: developers features are enabled                      |"
+echo "|  This definitely should NOT happen for production CDs!        |"
+echo "|  If you are not a developer, then this CD is DANGEROUS, as it |"
+echo "|  offers no security at all!                                   |"
+echo "#---------------------------------------------------------------#"
+echo 
+
+/scripts/devel-features.sh "$@"
diff --git a/cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh b/cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh
new file mode 100755
index 0000000..2c8a499
--- /dev/null
+++ b/cryptobox.conf.d/etc/rcS.d/S22mount-cb-config.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+set -eu
+
+ACTION=help
+[ $# -gt 0 ] && ACTION="$1"
+
+case "$ACTION" in
+	start )
+		/scripts/cryptobox.sh config-up
+		;;
+	stop )
+		/scripts/cryptobox.sh config-down
+		;;
+	restart )
+		$0 stop
+		$0 start
+		;;
+	* )
+		echo "Syntax: `basename $0` { start | stop | restart }"
+		echo
+		;;
+  esac
diff --git a/cryptobox.conf.d/etc/rcS.d/S37cb-network.sh b/cryptobox.conf.d/etc/rcS.d/S37cb-network.sh
new file mode 100755
index 0000000..f685594
--- /dev/null
+++ b/cryptobox.conf.d/etc/rcS.d/S37cb-network.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+set -eu
+
+ACTION=help
+[ $# -gt 0 ] && ACTION="$1"
+
+case "$ACTION" in
+	start )
+		/scripts/cryptobox.sh network-up
+		;;
+	stop )
+		/scripts/cryptobox.sh network-down
+		;;
+	restart )
+		$0 stop
+		$0 start
+		;;
+	* )
+		echo "Syntax: `basename $0` { start | stop | restart }"
+		echo
+		;;
+  esac
diff --git a/cryptobox.conf.d/etc/samba/smb.conf b/cryptobox.conf.d/etc/samba/smb.conf
new file mode 100644
index 0000000..9aa87cf
--- /dev/null
+++ b/cryptobox.conf.d/etc/samba/smb.conf
@@ -0,0 +1,237 @@
+#
+# Sample configuration file for the Samba suite for Debian GNU/Linux.
+#
+#
+# This is the main Samba configuration file. You should read the
+# smb.conf(5) manual page in order to understand the options listed
+# here. Samba has a huge number of configurable options most of which 
+# are not shown in this example
+#
+# Any line which starts with a ; (semi-colon) or a # (hash) 
+# is a comment and is ignored. In this example we will use a #
+# for commentary and a ; for parts of the config file that you
+# may wish to enable
+#
+# NOTE: Whenever you modify this file you should run the command
+# "testparm" to check that you have not many any basic syntactic 
+# errors. 
+#
+
+#======================= Global Settings =======================
+
+[global]
+
+## Browsing/Identification ###
+
+# Change this to the workgroup/NT-domain name your Samba server will part of
+   workgroup = CryptoBoxGroup
+
+# server string is the equivalent of the NT Description field
+   server string = %h cryptobox (Samba %v)
+
+# Windows Internet Name Serving Support Section:
+# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
+;   wins support = no
+
+# WINS Server - Tells the NMBD components of Samba to be a WINS Client
+# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
+;   wins server = w.x.y.z
+
+# This will prevent nmbd to search for NetBIOS names through DNS.
+   dns proxy = no
+
+# What naming service and in what order should we use to resolve host names
+# to IP addresses
+;   name resolve order = lmhosts host wins bcast
+
+
+#### Debugging/Accounting ####
+
+# This tells Samba to use a separate log file for each machine
+# that connects
+   log file = /var/log/samba/log.%m
+
+# Put a capping on the size of the log files (in Kb).
+   max log size = 1000
+
+# If you want Samba to only log through syslog then set the following
+# parameter to 'yes'.
+;   syslog only = no
+
+# We want Samba to log a minimum amount of information to syslog. Everything
+# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
+# through syslog you should set the following parameter to something higher.
+   syslog = 0
+
+# Do something sensible when Samba crashes: mail the admin a backtrace
+   panic action = /usr/share/samba/panic-action %d
+
+
+####### Authentication #######
+
+# "security = user" is always a good idea. This will require a Unix account
+# in this server for every user accessing the server. See
+# /usr/share/doc/samba-doc/htmldocs/ServerType.html in the samba-doc
+# package for details.
+   security = share
+
+# You may wish to use password encryption.  See the section on
+# 'encrypt passwords' in the smb.conf(5) manpage before enabling.
+   encrypt passwords = true
+
+# If you are using encrypted passwords, Samba will need to know what
+# password database type you are using.  
+   passdb backend = tdbsam guest
+
+   obey pam restrictions = yes
+
+   guest account = nobody
+;   invalid users = root
+
+# This boolean parameter controls whether Samba attempts to sync the Unix
+# password with the SMB password when the encrypted SMB password in the
+# passdb is changed.
+;   unix password sync = no
+
+# For Unix password sync to work on a Debian GNU/Linux system, the following
+# parameters must be set (thanks to Augustin Luton <aluton@hybrigenics.fr> for
+# sending the correct chat script for the passwd program in Debian Potato).
+   passwd program = /usr/bin/passwd %u
+   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
+
+# This boolean controls whether PAM will be used for password changes
+# when requested by an SMB client instead of the program listed in
+# 'passwd program'. The default is 'no'.
+;   pam password change = no
+
+
+########## Printing ##########
+
+# If you want to automatically load your printer list rather
+# than setting them up individually then you'll need this
+;   load printers = yes
+
+# lpr(ng) printing. You may wish to override the location of the
+# printcap file
+;   printing = bsd
+;   printcap name = /etc/printcap
+
+# CUPS printing.  See also the cupsaddsmb(8) manpage in the
+# cupsys-client package.
+;   printing = cups
+;   printcap name = cups
+
+# When using [print$], root is implicitly a 'printer admin', but you can
+# also give this right to other users to add drivers and set printer
+# properties
+;   printer admin = @ntadmin
+
+
+######## File sharing ########
+
+# Name mangling options
+   preserve case = yes
+   short preserve case = yes
+
+
+############ Misc ############
+
+# Using the following line enables you to customise your configuration
+# on a per machine basis. The %m gets replaced with the netbios name
+# of the machine that is connecting
+;   include = /home/samba/etc/smb.conf.%m
+
+# Most people will find that this option gives better performance.
+# See smb.conf(5) and /usr/share/doc/samba-doc/htmldocs/speed.html
+# for details
+# You may want to add the following on a Linux system:
+#         SO_RCVBUF=8192 SO_SNDBUF=8192
+   socket options = TCP_NODELAY
+
+# The following parameter is useful only if you have the linpopup package
+# installed. The samba maintainer and the linpopup maintainer are
+# working to ease installation and configuration of linpopup and samba.
+;   message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
+
+# Domain Master specifies Samba to be the Domain Master Browser. If this
+# machine will be configured as a BDC (a secondary logon server), you
+# must set this to 'no'; otherwise, the default behavior is recommended.
+domain master = no
+local master = no
+preferred master = no
+
+# Some defaults for winbind (make sure you're not using the ranges
+# for something else.)
+;   idmap uid = 10000-20000
+;   idmap gid = 10000-20000
+;   template shell = /bin/bash
+
+#======================= Share Definitions =======================
+
+;[homes]
+;   comment = Home Directories
+;   browseable = no
+
+[public]
+    comment = public share
+    path = /mnt/crypto
+    public = yes
+    guest ok = yes
+
+# By default, the home directories are exported read-only. Change next
+# parameter to 'yes' if you want to be able to write to them.
+   writable = yes
+
+# File creation mask is set to 0700 for security reasons. If you want to
+# create files with group=rw permissions, set next parameter to 0775.
+   create mask = 0700
+
+# Directory creation mask is set to 0700 for security reasons. If you want to
+# create dirs. with group=rw permissions, set next parameter to 0775.
+   directory mask = 0700
+
+# Un-comment the following and create the netlogon directory for Domain Logons
+# (you need to configure Samba to act as a domain controller too.)
+;[netlogon]
+;   comment = Network Logon Service
+;   path = /home/samba/netlogon
+;   guest ok = yes
+;   writable = no
+;   share modes = no
+
+;[printers]
+;   comment = All Printers
+;   browseable = no
+;   path = /tmp
+;   printable = yes
+;   public = no
+;   writable = no
+;   create mode = 0700
+
+# Windows clients look for this share name as a source of downloadable
+# printer drivers
+#[print$]
+#   comment = Printer Drivers
+#   path = /var/lib/samba/printers
+#   browseable = yes
+#   read only = yes
+#   guest ok = no
+# Uncomment to allow remote administration of Windows print drivers.
+# Replace 'ntadmin' with the name of the group your admin users are
+# members of.
+;   write list = root, @ntadmin
+
+# The next two parameters show how to auto-mount a CD-ROM when the
+#	cdrom share is accesed. For this to work /etc/fstab must contain
+#	an entry like this:
+#
+#       /dev/scd0   /cdrom  iso9660 defaults,noauto,ro,user   0 0
+#
+# The CD-ROM gets unmounted automatically after the connection to the
+#
+# If you don't want to use auto-mounting/unmounting make sure the CD
+#	is mounted on /cdrom
+#
+;   preexec = /bin/mount /cdrom
+;   postexec = /bin/umount /cdrom
+
diff --git a/cryptobox.conf.d/mnt/crypto/info.txt b/cryptobox.conf.d/mnt/crypto/info.txt
new file mode 100644
index 0000000..b5fc21b
--- /dev/null
+++ b/cryptobox.conf.d/mnt/crypto/info.txt
@@ -0,0 +1 @@
+Hallo
diff --git a/cryptobox.conf.d/scripts/check_smb_idle.sh b/cryptobox.conf.d/scripts/check_smb_idle.sh
new file mode 100755
index 0000000..c94cbc1
--- /dev/null
+++ b/cryptobox.conf.d/scripts/check_smb_idle.sh
@@ -0,0 +1,51 @@
+#!/bin/sh
+#
+# a simple script to check, if there was smb traffic since the last test
+#
+# you may want to adjust the function "filter_ipt_rules" according to your setup
+#
+# any Parameter are ignored
+# 
+# this script has to run as root - as it invokes iptables
+#
+# possible deployment in crontab:
+#   smb_timeout.sh && (/etc/init.d/samba stop; umount /mnt/crypto)
+#
+# the iptables rules you need to detect smb traffic could look like the following:
+#   iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT
+#   iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT
+#
+
+set -eu
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+
+filter_ipt_rules()
+# get the input rules for smb datagram traffic
+{
+	iptables -L INPUT -vnx | grep -E "tcp upt:138|udp dpt:139"
+}
+
+
+function count_traffic()
+{
+	local sum=0
+	# fallback if no rules were found
+	echo "$sum"
+	# extract the number of packets and calculate the sum
+	filter_ipt_rules | sed 's/  */ /g' | cut -d " " -f 3 | while read a
+		do	sum=$((sum+a))
+			echo "$sum"
+	  done | tail -1
+	# sorry for the echo-tail-voodoo - i did not know it better :)
+	iptables -Z INPUT
+}
+
+# config test
+[ -z "`filter_ipt_rules`" ] && echo "[`basename $0`]: Could not find a matching iptables rule!" >&2 && exit 1
+
+# return true if it was idle
+test "`count_traffic`" -eq 0
+exit $?
diff --git a/cryptobox.conf.d/scripts/chroot-start.sh b/cryptobox.conf.d/scripts/chroot-start.sh
new file mode 100755
index 0000000..c5efe91
--- /dev/null
+++ b/cryptobox.conf.d/scripts/chroot-start.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+set -eu
+
+TMPDIRS="var/run tmp root dev var/log"
+TMPROOT="/opt/dfsruntime/runtimemnt"
+
+
+for a in $TMPDIRS
+	do	mkdir -p "$TMPROOT/$a"
+  done
+
+[ ! -e /dev/null ] && mknod "/dev/null" c 1 3 && chmod 666 "/dev/null"
+[ ! -e /dev/urandom ] && mknod "/dev/urandom" c 1 9 && chmod 444 "/dev/urandom"
+[ ! -e /dev/console ] && mknod "/dev/console" c 1 5 && chmod 660 "/dev/console"
+
+[ ! -e /proc/mounts ] && mount -t proc proc /proc
+
+bash
+
+umount proc
+rm -r "$TMPROOT"
+mkdir "$TMPROOT"
diff --git a/cryptobox.conf.d/scripts/configure-cryptobox.sh b/cryptobox.conf.d/scripts/configure-cryptobox.sh
new file mode 100755
index 0000000..b5535f9
--- /dev/null
+++ b/cryptobox.conf.d/scripts/configure-cryptobox.sh
@@ -0,0 +1,44 @@
+#!/bin/sh
+#
+# this script is only called during the making of the cryptobox cd
+#
+
+set -eu
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+RUNTIMEDIR=/opt/dfsruntime/runtimerd
+TUNDEV=$RUNTIMEDIR/dev/net/tun
+
+[ ! -e "/proc/mounts" ] && mount -t proc proc /proc
+
+######### devices ##########
+# create tun device for running under qemu
+if [ ! -e "$TUNDEV" ]
+	then	mkdir -p `dirname "$TUNDEV"`
+		mknod "$TUNDEV" c 10 200
+  fi
+
+######### thttpd ###########
+# change thttpd's config from 'chroot' to 'nochroot' - otherwise no perl script will run
+sed -i "s/^chroot$/nochroot/" /etc/thttpd/thttpd.conf
+# change thttpd-user from www-data to root (permissions for mount, cryptsetup, ...)
+sed -i "s/^user=.*/user=root/" /etc/thttpd/thttpd.conf
+
+######### bashrc ###########
+# remove dfshints from bashrc
+sed -i "/^dfshints$/d" $RUNTIMEDIR/root/.bashrc
+
+########## sshd ############
+# allow empty passwords for ssh
+#  the daemon is NOT started automatically, so you have to start it
+#  manually in case of need - as the root pw is empty and passwd is ro, you
+#  have to allow empty passwords for this rare case
+sed -i 's/^PermitEmptyPass.*$/PermitEmptyPasswords yes/' /etc/ssh/sshd_config
+# turn off PAM for ssh, as it prevents the use of empty passwords (stange behaviour)
+sed -i 's/^UsePAM.*$/UsePAM no/' /etc/ssh/sshd_config
+# allow nput of password
+sed -i 's/^PasswordAuthentication.*$/PasswordAuthentication yes/' /etc/ssh/sshd_config
+
+umount /proc
diff --git a/cryptobox.conf.d/scripts/cryptobox.sh b/cryptobox.conf.d/scripts/cryptobox.sh
new file mode 100755
index 0000000..8a433b1
--- /dev/null
+++ b/cryptobox.conf.d/scripts/cryptobox.sh
@@ -0,0 +1,362 @@
+#!/bin/sh
+#
+# this script does EVERYTHING
+# all other scripts are only frontends :)
+#
+
+set -eu
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+## configuration
+MARKER="$CONFIG_DIR/cryptobox.marker"
+CERT_TEMP=/tmp/stunnel.pem
+
+#####
+
+function error_msg()
+# parameters: ExitCode ErrorMessage
+{
+	echo "[`date`] - $2" | tee -a "$LOG_FILE" >&2
+	# print the execution stack - not usable with busybox
+	#caller | sed 's/^/\t/' >&2
+	exit "$1"
+}
+
+
+function initial_checks()
+# Parameter: device
+{
+	local device="$1"
+	[ ! -b "$device" ] && echo "blockdevice $device does not exist" && return 1
+	## check if we have an existing configpartition
+	## TODO: why this config_mount_test?
+	# config_mount_test "$device"
+	[ ! -x "$WIPE" ] && echo "$WIPE not found" && return 1
+	[ ! -x "$SFDISK" ] && echo "$SFDISK not found" && return 1
+	for a in $ALGO $HASH
+		do	grep -q "^name *: $a$" /proc/crypto || modprobe "$a"
+			grep -q "^name *: $a$" /proc/crypto || { echo "$a is not supported by kernel" && return 1; }
+	  done
+	mount | grep -q "^$device[ 1-9] " && echo "$device is mounted" && return 1
+	return 0
+}
+
+
+function create_partitions()
+# Parameter: device
+{
+	local device="$1"
+	# first partition size is 1 sector, second goes til end
+	# sfdisk -n doesn't actually write (for testing purpose)
+	echo -e "0,1,L \n,,L\n" | $SFDISK "$device"
+}
+
+
+function config_set_value()
+# parameters: SettingName SettingValue
+{
+	mount -o rw,remount "$CONFIG_DIR"
+	echo "$2" > "$CONFIG_DIR/$1"
+	mount -o ro,remount "$CONFIG_DIR"
+}
+
+
+function config_get_value()
+# parameters: SettingName
+{
+	# use mounted config, if it exists - otherwise use defaults
+	local conf_dir
+	if is_config_mounted
+		then	conf_dir=$CONFIG_DIR
+		else	conf_dir=$CONFIG_DEFAULTS_DIR
+	  fi
+	[ -z "$1" ] && error_msg 1 "empty setting name"
+	[ ! -e "$conf_dir/$1" ] && error_msg 2 "unknown configuration value ($1)"
+	cat "$conf_dir/$1"
+}
+
+
+function create_config()
+# Parameter: device
+{
+	local device="${1}1"
+	$MKFS_CONFIG "$device"
+	# mount the config partition rw
+	mount "$device" "$CONFIG_DIR"
+	# create a marker to recognize a cryptobox partition
+	date -I >"$MARKER" 
+	## write (network) interfaces 
+	cp -a "$CONFIG_DEFAULTS_DIR/." "$CONFIG_DIR"
+
+	# copy stunnel cert
+	cp -p "$CERT_TEMP" "$CERT_FILE"
+
+	# beware: config_set_value remounts the config partition read-only
+	config_set_value "device" "$1"
+
+	config_set_value "ip" "$(get_current_ip)"
+
+	# reinitialise configuration
+	umount "$CONFIG_DIR"
+	mount_config
+}
+
+
+function get_current_ip()
+# not necessarily the same as configured (necessary for validation)
+{
+	ifconfig $NET_IFACE | grep "inet" | cut -d ":" -f2 | cut -d " " -f1
+}
+
+
+function create_crypto()
+# Parameter: device
+{
+	local device="$1"
+	# flood the crypto partition with noise
+	# - not needed -
+	#$WIPE -kq -R /dev/urandom "${device}2"
+
+	# passphrase may be passed via command line
+	$CRYPTSETUP -h "$HASH" -c "$ALGO" create "$CRYPTMAPPER_DEV" "${device}2"
+}
+
+
+function mkfs_crypto()
+# split from create_crypto to allow background execution via web interface
+{
+	$MKFS_DATA "$CRYPTMAPPER_DEV"
+}
+
+
+function config_mount_test()
+# Parameter: device
+{
+	local device="${1}"
+	local STATUS=0
+	mount "${device}1" "$CONFIG_DIR" &>/dev/null || true
+	is_config_mounted && STATUS=1
+	umount "$CONFIG_DIR" &>/dev/null || true
+	# return code is the result of this expression
+	[ 1 -eq "$STATUS" ] && return 0
+	return 1
+}
+
+
+function is_config_mounted()
+{
+	mount | grep -q " ${CONFIG_DIR} " && [ -f "$MARKER" ]
+}
+
+
+function is_crypto_mounted()
+{
+	mount | grep -q " ${CRYPTO_DIR} "
+}
+
+
+function is_init_running()
+{
+	ps -e | grep -q -E "$MKFS_DATA|$WIPE"
+}
+
+
+function find_harddisk()
+# look for the harddisk to be partitioned
+{
+	local dev=$(
+		if is_config_mounted
+		  then	config_get_value "device"
+		  else	for a in $SCAN_DEVICES
+			do	grep -q " `basename $a`$" /proc/partitions && echo "$a" && break
+			    done
+		fi )
+	[ -z "$dev" ] && error_msg 4 "no valid partition for initialisation found!"
+	echo -n "$dev"
+}
+
+
+function mount_config()
+{
+	is_config_mounted && error_msg 3 "configuration directory ($CONFIG_DIR) is already mounted!"
+	local device=$(
+	    for a in $SCAN_DEVICES
+		do	echo "Trying to load configuration from $a ..." >&2
+			config_mount_test "$a" && echo "$a" && break
+		  done )
+	if [ -n "$device" ] && mount "${device}1" "$CONFIG_DIR"
+		then	echo "configuraton found on $device" >&2
+			config_set_value "device" "$device"
+			return 0
+		else	echo "failed to locate harddisk" >&2
+			return 1
+	fi
+}
+
+
+function mount_crypto()
+{
+	is_crypto_mounted && echo "Das Crypto-Dateisystem ist bereits aktiv!"
+	local device=`find_harddisk`
+	# passphrase is read from stdin
+	$CRYPTSETUP -h "$HASH" -c "$ALGO" create "$CRYPTMAPPER_DEV" "${device}2"
+	if mount "$CRYPTMAPPER_DEV" "$CRYPTO_DIR"
+		then	/etc/init.d/samba start
+		else	dmsetup remove "$CRYPTMAPPER_DEV"
+			return 1
+	fi
+}
+
+
+function umount_crypto()
+{
+	# do not break on error
+	set +e
+	# thttpd removes PATH for cgis
+	/etc/init.d/samba stop
+	ps -e | grep -q " samba$" && killall samba
+	ps -e | grep -q " samba$" && killall -9 samba
+	umount "$CRYPTO_DIR"
+	$CRYPTSETUP remove "$CRYPTMAPPER_DEV"
+	set -e
+}
+
+		
+function init_cryptobox_part1()
+# this is only the first part of initialisation that takes no time - good for a smooth web interface
+{
+	umount_crypto || true
+	umount "$CONFIG_DIR" || true
+	local device=`find_harddisk`
+	initial_checks "$device" || error_msg 5 "Failure during initialisation - bye, bye"
+	create_partitions "$device"
+	create_config "$device"
+	create_crypto "$device"
+}
+
+
+function init_cryptobox_part2()
+# some things to be done in the background
+# these are the final steps of initialisation
+# thuid must be changed at the first time, therfore it needs to be
+# mounted
+{
+	mkfs_crypto
+	mount "$CRYPTMAPPER_DEV" "$CRYPTO_DIR"
+	chown $SAMBA_USER "$CRYPTO_DIR"
+	umount_crypto
+}
+
+
+function init_cryptobox_complete()
+{
+	init_cryptobox_part1
+	init_cryptobox_part2
+}
+
+### main ###
+
+# set PATH because thttpd removes /sbin and /usr/sbin for cgis
+export PATH=/usr/sbin:/usr/bin:/sbin:/bin
+
+
+ACTION=help
+[ $# -gt 0 ] && ACTION="$1"
+
+case "$ACTION" in
+	config-up )
+		# die cruft option hilft vielleicht bei dem Fehler "interleaved files not (yet) supported"
+		mount -o remount,cruft /
+		if mount_config
+		  then	echo "Cryptobox configuration successfully loaded"
+		  else	error_msg 3 "Could not find a configuration partition!"
+		 fi
+		;;
+	config-down )
+		umount "$CONFIG_DIR"
+		;;
+	network-up )
+		kudzu -s -q --class network
+		conf_ip=$(config_get_value "ip")
+		ifconfig $NET_IFACE "$conf_ip"
+		echo "Configured network interface for $NET_IFACE: $conf_ip"
+		/scripts/firewall.sh start
+		# start stunnel
+		if [ -f "$CERT_FILE" ] 
+		   then	USE_CERT=$CERT_FILE
+		   else USE_CERT=$CERT_TEMP
+			/scripts/make_stunnel_cert.sh "$CERT_TEMP" >>"$LOG_FILE" 2>&1
+		  fi
+		stunnel -p "$USE_CERT" -r localhost:80 -d 443 \
+			|| echo "$USE_CERT not found - not starting stunnel"
+		# this ping allows other hosts to get the IP of
+		# the box, in case of misconfiguration
+		ping -b -c 1 $(ifconfig $NET_IFACE | grep Bcast | cut -d ":" -f 3 | cut -d " " -f 1) &>/dev/null
+		;;
+	network-down )
+		/scripts/firewall.sh stop
+		killall stunnel
+		ifconfig $NET_IFACE down
+		;;
+	services-up )
+		/etc/init.d/thttpd start
+		;;
+	services-down )
+		/etc/init.d/samba stop
+		/etc/init.d/thttpd stop
+		;;
+	box-init )
+		# this is good for commandline only, as it takes a lot of time
+		init_cryptobox_complete >>"$LOG_FILE" 2>&1
+		;;
+	box-init-fg )
+		# only partitioning and configuration
+		# this is nice for the web interface, as it is fast
+		# output redirection does not work, as it prevents cryptsetup from asking
+		# for a password
+		init_cryptobox_part1 >>"$LOG_FILE" 2>&1
+		;;
+	box-init-bg )
+		# do it in the background to provide a smoother web interface
+		# messages and errors get written to $LOG_FILE
+		# the 'exec' output redirection does not work, if called by a cgi, so
+		# redirect it as usual
+		init_cryptobox_part2 </dev/null >>"$LOG_FILE" 2>&1 &
+		;;
+	is_crypto_mounted )
+		is_crypto_mounted
+		;;
+	is_config_mounted )
+		is_config_mounted
+		;;
+	is_init_running )
+		is_init_running
+		;;
+	crypto-mount )
+		mount_crypto
+		;;
+	crypto-umount )
+		umount_crypto
+		;;
+	set_config )
+		[ $# -ne 3 ] && error_msg 7 "'set_config' requires two parameters"
+		config_set_value "$2" "$3"
+		;;
+	get_config )
+		[ $# -ne 2 ] && error_msg 6 "'get_config' requires exactly one parameter"
+		config_get_value "$2"
+		;;
+	diskinfo )
+		$SFDISK -L -q -l `find_harddisk`
+		;;
+	get_current_ip )
+		get_current_ip
+		;;
+	* )
+		# TODO: update this!
+		echo "Syntax: `basename $0` { mount_config | umount_config | init }"
+		echo
+		;;
+  esac
diff --git a/cryptobox.conf.d/scripts/devel-features.sh b/cryptobox.conf.d/scripts/devel-features.sh
new file mode 100755
index 0000000..9d76b5c
--- /dev/null
+++ b/cryptobox.conf.d/scripts/devel-features.sh
@@ -0,0 +1,62 @@
+#!/bin/sh
+#
+# this script is part of the boot process of a developer's cryptobox
+#
+# it should really NEVER be executed on a production system
+# 
+
+set -eu
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+MIRROR_DIR=/tmp/mirror
+MIRROR_ORIG_DIR=/tmp/mirror.orig
+WRITE_DIRS="/usr/share/cryptobox /var/www /scripts /usr/lib/cryptobox"
+
+ACTION="--help"
+[ $# -gt 0 ] && ACTION="$1"
+
+case "$ACTION" in
+	start )
+		# start ssh daemon
+		/etc/init.d/ssh start
+
+		# copy cryptobox files to tmpfs
+		for a in $WRITE_DIRS
+			do	mkdir -p "$MIRROR_DIR/$a"
+				cp -a "$a/." "$MIRROR_DIR/$a"
+				mount --bind "$MIRROR_DIR/$a" "$a"
+		  done
+		$0 set_diff_base
+
+		# thttpd needs to be restarted to reopen its files
+		/etc/init.d/thttpd restart
+		;;
+	set_diff_base )
+		# the present content of the tmpfs mirror get copied to
+		# MIRROR_ORIG_DIR for later diffs
+		# whenever you merged a diff, you should call this function
+		[ -e "$MIRROR_ORIG_DIR" ] && rm -rf "$MIRROR_ORIG_DIR"
+		cp -a "$MIRROR_DIR" "$MIRROR_ORIG_DIR"
+		;;
+	diff )
+		cd "`dirname \"$MIRROR_ORIG_DIR\"`" 
+		# diff and remove "binary files differ"-warnings (vi-swap-files)
+		diff -ruN "`basename \"$MIRROR_ORIG_DIR\"`" "`basename \"$MIRROR_DIR\"`" | grep -v "^Binary files"
+		;;
+	stop )
+		/etc/init.d/ssh stop
+		for a in $WRITE_DIRS
+			do	umount "$MIRROR_DIR/$a"
+		  done
+		rm -rf "$MIRROR_DIR"
+		;;
+	restart )
+		$0 stop
+		$0 start
+		;;
+	* )
+		echo "Syntax: `basename $0` { start | stop | restart }"
+		;;
+  esac
diff --git a/cryptobox.conf.d/scripts/firewall.sh b/cryptobox.conf.d/scripts/firewall.sh
new file mode 100644
index 0000000..e1659f3
--- /dev/null
+++ b/cryptobox.conf.d/scripts/firewall.sh
@@ -0,0 +1,52 @@
+#!/bin/sh
+#
+# set up the firewall of the cryptobox
+#
+
+set -u
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+
+ACTION="help"
+[ $# -gt 0 ] && ACTION=$1
+
+case "$ACTION" in 
+	start)
+		iptables -P INPUT DROP
+		iptables -P FORWARD DROP
+		iptables -P OUTPUT ACCEPT
+
+		OFILE=/proc/sys/net/ipv4/tcp_syncookies
+		[ -e "$OFILE" ] && echo 1 >"$OFILE"
+
+		iptables -F
+		iptables -X 
+		iptables -Z
+
+		iptables -A INPUT -i lo -j ACCEPT
+
+		for a in $ALLOW_TCP_PORTS
+		    do	iptables -A INPUT -i $NET_IFACE -p tcp --dport $a -j ACCEPT
+		  done
+		
+		for a in $ALLOW_UDP_PORTS
+		    do	iptables -A INPUT -i $NET_IFACE -p udp --dport $a -j ACCEPT
+		  done
+		
+		iptables -A INPUT -i $NET_IFACE -p icmp -j ACCEPT
+	;;
+	stop)
+		iptables -P INPUT ACCEPT
+		iptables -P FORWARD ACCEPT
+		iptables -P OUTPUT ACCEPT
+		iptables -F
+		iptables -X 
+		iptables -Z
+	;;
+	*)
+		echo "usage $0 start | stop"
+	;;
+esac
+
diff --git a/cryptobox.conf.d/scripts/make_stunnel_cert.sh b/cryptobox.conf.d/scripts/make_stunnel_cert.sh
new file mode 100755
index 0000000..4bb8c50
--- /dev/null
+++ b/cryptobox.conf.d/scripts/make_stunnel_cert.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# this script creates the stunnel certificate for https
+#
+# parameter: "destination file"
+#
+
+set -eu
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+
+## vcert values are in openssl.conf
+CERTFILE="$1"
+TMP_FILE=/tmp/cryptobox-cert.tmp
+
+[ ! -f "$CONF_FILE" ] && echo "`basename $0`: $CONF_FILE not found" && exit 2
+# this command creates the certificate
+# this is required, because the certbuilding asks for 5 returns
+echo -ne "\n\n\n\n\n" | openssl req -new -x509 -nodes -days 3650 -config "$OPENSSL_CONF_FILE" -out "$CERTFILE" -keyout "$CERTFILE"
+chmod 600 "$CERTFILE"
+
+# next step needs a lot of randomdata
+dd if=/dev/urandom of="$TMP_FILE" bs=1024 count=1024
+openssl dhparam -rand "$TMP_FILE" 512 >> "$CERTFILE"
+rm "$TMP_FILE"
+
+#ln -sf ${CERTPATH}stunnel.pem ${CERTPATH}`openssl x509 -noout -hash < "${CERTPATH}stunnel.pem"`.0
+
+## print out cert values
+#openssl x509 -subject -dates -fingerprint -in stunnel.pem
diff --git a/cryptobox.conf.d/usr/lib/cryptobox/validate.sh b/cryptobox.conf.d/usr/lib/cryptobox/validate.sh
new file mode 100755
index 0000000..751fcad
--- /dev/null
+++ b/cryptobox.conf.d/usr/lib/cryptobox/validate.sh
@@ -0,0 +1,93 @@
+#!/bin/sh
+#
+# do a validation
+#
+# use "--help" for a list of possible actions
+#
+
+set -eu
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+
+function error_die()
+{
+	echo "$2" >&2
+	exit $1
+}
+
+
+function do_single()
+# Parameter: "test case dir" "output directory for results"
+{
+	local TESTNAME=$(basename $1)
+	curl --insecure --silent --output "${2}/${TESTNAME}.html" --config "$1/input.curl"
+	[ -e "${2}/${TESTNAME}.html" ] && sed "1,/CBOX-STATUS-begin/d; /CBOX-STATUS-end/,\$d" "${2}/${TESTNAME}.html" >"${2}/${TESTNAME}.status"
+	# the diff option "-B" is required, because the status output of 
+	# the cryptobox.pl script contains some blank lines
+	diff -NB "${2}/${TESTNAME}.status" "$1/output" >"${2}/${TESTNAME}.diff" || true
+	rm "${2}/${TESTNAME}.status"
+	cp "$1/description" "${2}/${TESTNAME}.desc"
+}
+
+
+function do_series()
+# parameter: name of the test case
+{
+	[ -d "$REPORT_DIR/$1" ] && rm -r "$REPORT_DIR/$1"
+	mkdir -p "$REPORT_DIR/$1"
+	find "$TEST_CASES_DIR/$1" -type d -maxdepth 1 -mindepth 1 | grep -v "/\.\.*$" | sort | while read a
+		do	do_single "$a" "$REPORT_DIR/$1"
+	  done
+	create_summary "$REPORT_DIR/$1" >"$REPORT_DIR/$1/summary.html"
+	tar czf "$REPORT_DIR/${1}-results.tar.gz" -C "$REPORT_DIR" "$1"
+	echo "$REPORT_DIR/${1}-results.tar.gz"
+}
+
+
+create_summary()
+# parameter: directory of results
+{
+	cat "$SUMMARY_TEMPLATE_DIR/header"
+	find "$1" -type f -name \*.desc -maxdepth 1 | sort | while read a
+	    do	TESTNAME=$(basename ${a%.desc})
+		TESTDESCRIPTION=$(cat $a)
+	    	sed "s#_TESTNAME_#$TESTNAME#g; s/_TESTDESCRIPTION_/$TESTDESCRIPTION/" "$SUMMARY_TEMPLATE_DIR/single_header"
+		local DIFF_FILE=${a%.desc}.diff
+		if [ -s "$DIFF_FILE" ]
+		   then	cat "$SUMMARY_TEMPLATE_DIR/result-error"
+			cat "$DIFF_FILE"
+		   else	cat "$SUMMARY_TEMPLATE_DIR/result-ok"
+			echo "no differences found"
+		 fi
+		cat "$SUMMARY_TEMPLATE_DIR/single_footer"
+		rm "$DIFF_FILE" "$a"
+	  done
+	cat "$SUMMARY_TEMPLATE_DIR/footer"
+}
+
+
+ACTION="--help"
+[ $# -gt 0 ] && ACTION=$1
+
+case "$ACTION" in
+	list )
+		find "$TEST_CASES_DIR" -type d -maxdepth 1 -mindepth 1 | grep -v "/\.\.*$" | sort | while read a
+			do	echo $(basename "$a")
+		  done
+		;;
+	check )
+		[ $# -ne 2 ] && error_die 1 "Syntax: $(basename $0) check NAME"
+		CASE_DIR="$TEST_CASES_DIR/$2"
+		[ ! -d "$CASE_DIR" ] && error_die 2 "the test case was not found ($CASE_DIR)!"
+		do_series "$2"
+		;;
+	* )
+		echo "Syntax of $(basename $0)"
+		echo -e "\t list \t\t - show a list of available test cases"
+		echo -e "\t check NAME \t - execute a test case - if successful the filename of the report is printed"
+		echo -e "\t help \t\t - this syntax information"
+		echo
+		;;
+  esac
diff --git a/cryptobox.conf.d/usr/lib/perl5/ClearSilver.pm b/cryptobox.conf.d/usr/lib/perl5/ClearSilver.pm
new file mode 100644
index 0000000..41dd00f
--- /dev/null
+++ b/cryptobox.conf.d/usr/lib/perl5/ClearSilver.pm
@@ -0,0 +1,68 @@
+package ClearSilver;
+
+use 5.006;
+use strict;
+use warnings;
+
+require Exporter;
+require DynaLoader;
+
+our @ISA = qw(Exporter DynaLoader);
+
+# Items to export into callers namespace by default. Note: do not export
+# names by default without a very good reason. Use EXPORT_OK instead.
+# Do not simply export all your public functions/methods/constants.
+
+# This allows declaration	use ClearSilver ':all';
+# If you do not need this, moving things directly into @EXPORT or @EXPORT_OK
+# will save memory.
+our %EXPORT_TAGS = ( 'all' => [ qw(
+	
+) ] );
+
+our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
+
+our @EXPORT = qw(
+	
+);
+our $VERSION = '0.01';
+
+bootstrap ClearSilver $VERSION;
+
+# Preloaded methods go here.
+
+1;
+__END__
+# Below is stub documentation for your module. You better edit it!
+
+=head1 NAME
+
+ClearSilver - Perl extension for blah blah blah
+
+=head1 SYNOPSIS
+
+  use ClearSilver;
+  blah blah blah
+
+=head1 DESCRIPTION
+
+Stub documentation for ClearSilver, created by h2xs. It looks like the
+author of the extension was negligent enough to leave the stub
+unedited.
+
+Blah blah blah.
+
+=head2 EXPORT
+
+None by default.
+
+
+=head1 AUTHOR
+
+A. U. Thor, E<lt>a.u.thor@a.galaxy.far.far.awayE<gt>
+
+=head1 SEE ALSO
+
+L<perl>.
+
+=cut
diff --git a/cryptobox.conf.d/usr/lib/perl5/auto/ClearSilver/.packlist b/cryptobox.conf.d/usr/lib/perl5/auto/ClearSilver/.packlist
new file mode 100644
index 0000000..a79f4e0
--- /dev/null
+++ b/cryptobox.conf.d/usr/lib/perl5/auto/ClearSilver/.packlist
@@ -0,0 +1,4 @@
+/tmp/clearsilver-perl/local/lib/perl/5.8.7/ClearSilver.pm
+/tmp/clearsilver-perl/local/lib/perl/5.8.7/auto/ClearSilver/ClearSilver.bs
+/tmp/clearsilver-perl/local/lib/perl/5.8.7/auto/ClearSilver/ClearSilver.so
+/tmp/clearsilver-perl/local/man/man3/ClearSilver.3pm
diff --git a/cryptobox.conf.d/usr/lib/perl5/auto/ClearSilver/ClearSilver.bs b/cryptobox.conf.d/usr/lib/perl5/auto/ClearSilver/ClearSilver.bs
new file mode 100644
index 0000000..e69de29
diff --git a/cryptobox.conf.d/usr/lib/perl5/auto/ClearSilver/ClearSilver.so b/cryptobox.conf.d/usr/lib/perl5/auto/ClearSilver/ClearSilver.so
new file mode 100755
index 0000000..310964f
Binary files /dev/null and b/cryptobox.conf.d/usr/lib/perl5/auto/ClearSilver/ClearSilver.so differ
diff --git a/cryptobox.conf.d/usr/share/cryptobox/defaults/ip b/cryptobox.conf.d/usr/share/cryptobox/defaults/ip
new file mode 100644
index 0000000..1cad3c7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/defaults/ip
@@ -0,0 +1 @@
+192.168.0.23
diff --git a/cryptobox.conf.d/usr/share/cryptobox/defaults/language b/cryptobox.conf.d/usr/share/cryptobox/defaults/language
new file mode 100644
index 0000000..7673daa
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/defaults/language
@@ -0,0 +1 @@
+de
diff --git a/cryptobox.conf.d/usr/share/cryptobox/defaults/timeout b/cryptobox.conf.d/usr/share/cryptobox/defaults/timeout
new file mode 100644
index 0000000..64bb6b7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/defaults/timeout
@@ -0,0 +1 @@
+30
diff --git a/cryptobox.conf.d/usr/share/cryptobox/lang/de.hdf b/cryptobox.conf.d/usr/share/cryptobox/lang/de.hdf
new file mode 100644
index 0000000..ce31283
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/lang/de.hdf
@@ -0,0 +1,113 @@
+Lang {
+
+  Menu {
+
+  }
+
+
+  Title {
+  	Init		= Initialisierung der CryptoBox
+	Mount		= Aktivierung der Cryptodaten
+	Umount		= Deaktivierung der Cryptodaten
+	Config		= Konfiguration der CryptoBox
+	Log		= Protokoll der CryptoBox
+  }
+
+
+  Text {
+	EnterNewPassword	= Das neue Passwort eingeben:
+	EnterSamePassword	= Das neue Passwort wiederholen:
+  	InitWarning		= Bei der Initialisierung werden ALLE DATEN auf der Festplatte GEL&Ouml;SCHT!
+	InitDescription		= Schritt ist nur einmalig vor der ersten Nutzung notwendig.<br>F&uuml;r den t&auml;glichen Gebrauch musst du das verschl&uuml;sselte Dateisystem lediglich aktivieren und deaktivieren
+	ConfirmInitHint		= Um zu best&auml;tigen, dass du weisst, was du tust, tippe hier bitte exakt Folgendes ein:
+  	ConfirmInit		= ja, loesche alle Daten!
+	PartitionInfo		= Derzeitige Partitionierung der Festplatte:
+	IPAddress		= Netwerk-Adresse (IP) der CryptoBox:
+	TimeOut			= Zeitabschaltung des Crypto-Dateisystems (in Minuten):
+	EmptyLog		= Das Logbuch der CryptoBox ist leer.
+	SelectLanguage		= Spracheinstellung:
+  }
+
+
+  Button {
+  	DoInit		= CryptoBox initialisieren
+	SaveConfig	= Speichere Konfiguration
+	Update		= Aktualisieren
+	Mount		= CryptoDaten aktivieren
+	Umount		= CryptoDaten deaktivieren
+  }
+
+
+  Warning {
+    InitNotConfirmed {
+    	Title =	Best&auml;tigung schlug fehl
+	Text =	Der Best&auml;tigungssatz muss exakt eingegeben werden!
+    }
+
+    EmptyPassword {
+    	Title =	Ung&uuml;ltige Eingabe
+	Text =	Das Passwort darf nicht leer sein!
+    }
+
+    DifferentPasswords {
+    	Title =	Ungleiche Passworte
+	Text =	Die beiden Passworte m&uuml;ssen identisch sein, um sicherzustellen, dass dies das gew&uuml;nschte Passwort ist.
+    }
+
+    MountFailed {
+	Title =	Aktivierung schlug fehl
+	Text =	Das verschl&uuml;sselte Dateisystem konnte nicht aktiviert werden. Wahrscheinlich war das Passwort falsch.
+    }
+
+    UmountFailed {
+	Title =	Deaktivierung schlug fehl
+	Text =	Das verschl&uuml;sselte Dateisystem konnte nicht abgeschaltet werden. Wahrscheinlich sind noch Dateien ge&ouml;ffnet. Also schlie&szlig;e alle potentiell unsauberen Programme (beispielsweise die weitverbreitete Textverarbeitung). Notfalls ziehe einfach den Stromstecker!
+	}
+
+    NotConfigured {
+    	Title = Keine Konfiguration gefunden
+	Text = Die CryptoBox wurde noch nicht eingerichtet.
+	}
+
+    InitNotFinished {
+    	Title = Initalisierung noch nicht abgeschlossen
+	Text = Die Initialisierung wird in wenigen Minuten beendet sein. Erst danach ist diese Aktion m&ouml;glich.
+	}
+
+    IsMounted {
+    	Title = Bereits aktiv
+	Text = Das verschl&uuml;sselte Dateisystem ist bereits aktiv.
+	}
+
+    NotMounted {
+    	Title = Nicht aktiv
+	Text = Das verschl&uuml;sselte Dateisystem ist derzeit nicht aktiv.
+	}
+
+    AlreadyConfigured {
+    	Title = Konfiguration gefunden
+	Text = Die CryptoBox wurde bereits eingerichtet. Bei einer erneuten Initialisierung werden alle Daten gel&ouml;scht!
+	}
+    }
+
+
+  Error {
+
+    UnknownAction {
+    	Title =	Unbekannte Aktion
+	Text =	Du hast eine undefinierte Aktion angefordert. Falls du dies nicht bewusst getan hast, solltest du es deinem Administrator mitteilen, damit er das Problem an die Entwickler der CryptoBox weiterleiten kann.
+    }
+
+    MountUnavailableInitRunning {
+	Title =	Die Initialisierung der CryptoBox l&auml;uft noch ...
+	Text =	Solange die Einrichtung der Crypto-Partition nicht abgeschlossen ist, kannst du die CryptoBox nicht aktivieren. Versuche es in ein paar Minuten noch einmal</a>.
+    }
+
+    MountUnavailableNotInitialized {
+	Title =	Die CryptoBox wurde noch nicht initialisiert
+    	Text =	Nach dem Abschluss der einmaligen <a href="/cgi-bin/init-cryptobox.pl" title="Initialisierung">Neueinrichtung</a> kannst du die Crypto-Partition nutzen.
+    }
+
+  }
+
+}
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/config_form.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/config_form.cs
new file mode 100644
index 0000000..559861d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/config_form.cs
@@ -0,0 +1,23 @@
+<div id="config">
+    <h1><?cs var:Lang.Title.Config ?></h1>
+
+    <form action="<?cs var:ScriptName ?>" method="post"
+	    enctype="application/x-www-form-urlencoded">
+	<table class="form">
+	    <tr><td><?cs var:Lang.Text.IPAddress ?></td><td>
+		<input type="text" size="16" maxsize="15" name="ip"
+		    value="<?cs var:Data.Config.IP ?>" /></td></tr>
+	    <tr><td><?cs var:Lang.Text.TimeOut ?></td><td>
+		<input type="text" size="16" maxsize="5" name="timeout"
+		    value="<?cs var:Data.Config.TimeOut ?>" /></td></tr>
+	    <tr><td><?cs var:Lang.Text.SelectLanguage ?></td><td>
+		<select name="language">
+			<option value="de">Deutsch</option>
+			<option value="en">English</option>
+		</select></td></tr>
+	    <tr><td colspan="2">
+		<button type="submit" name="action" value="config_do">
+		    <?cs var:Lang.Button.SaveConfig ?></button></td></tr>
+	</table>
+    </form>
+</div>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/doc.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/doc.cs
new file mode 100644
index 0000000..9b2be3f
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/doc.cs
@@ -0,0 +1,5 @@
+<div class="doc">
+
+<?cs include:DocDir + '/' + Data.Doc.Page ?>
+
+</div>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/error.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/error.cs
new file mode 100644
index 0000000..6360103
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/error.cs
@@ -0,0 +1 @@
+<?cs call:error(Data.Error) ?>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/footer.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/footer.cs
new file mode 100644
index 0000000..a9e6196
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/footer.cs
@@ -0,0 +1,21 @@
+    </div><!-- end of 'words' -->
+
+    <div id="footer">
+	<a href="https://systemausfall.org/prj/cryptobox" title="Projekt-Seite">CryptoBox-Home</a>&nbsp;&nbsp;Die CryptoBox ist ein Projekt von <a href="https://systemausfall.org/senselab" title="systemausfall.org">sense.lab</a>
+    </div>
+
+  </div>
+</div>
+
+<!-- CBOX-STATUS-begin - necessary for validation - do not touch!
+Data.Config.IP=<?cs var:Data.Config.IP ?>
+Data.Config.Language=<?cs var:Data.Config.Language ?>
+Data.Config.TimeOut=<?cs var:Data.Config.TimeOut ?>
+Data.Status.Config=<?cs var:Data.Status.Config ?>
+Data.Status.InitRunning=<?cs var:Data.Status.InitRunning ?>
+Data.Status.IP=<?cs var:Data.Status.IP ?>
+Data.Status.Mounted=<?cs var:Data.Status.Mounted ?>
+CBOX-STATUS-end -->
+
+</body>
+</html>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/header.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/header.cs
new file mode 100644
index 0000000..953da02
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/header.cs
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+	<title>CryptoBox</title>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+	<meta http-equiv="pragma" content="no-cache" />
+	<meta http-equiv="cache-control" content="no-cache" />
+	<meta http-equiv="expires" content="0" />
+	<link rel="stylesheet" media="screen" href="/cryptobox.css" type="text/css" />
+</head>
+<body>
+
+<div id="main">
+  <div id="head">
+	<h1>Die CryptoBox</h1>
+	<h2>und zwar umsonst!</h2>
+  </div>
+
+  <div id="content">
+    <div id="menu">
+ 	<?cs include:TemplateDir + '/nav.cs' ?>
+    </div>
+  
+    <div id="words">
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/init_form.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/init_form.cs
new file mode 100644
index 0000000..bfe90b6
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/init_form.cs
@@ -0,0 +1,37 @@
+<h1><?cs var:Lang.Title.Init ?></h1>
+
+  <div class="init">
+	<form action="<?cs var:ScriptName ?>" method="post" enctype="application/x-www-form-urlencoded">
+
+	    <table class="form">
+	        <!-- TODO: replace colgroup by css? -->
+		<colgroup><col align="right" width="50%"/><col align="left" width="50%"/></colgroup>
+		<caption style="caption-side:top; text-align:center; font-weight:bold; color:red">
+		<?cs var:Lang.Text.InitWarning ?></caption>
+		<tr><td colspan="2" style="text-align:center"></td></tr>
+		<tr><td align="right"><?cs var:Lang.Text.EnterNewPassword ?></td><td>
+		  <input type="password" name="password" size="20" tabindex="1" maxlength="40" />
+		</td></tr>
+		<tr><td align="right"><?cs var:Lang.Text.EnterSamePassword ?> </td><td>
+		  <input type="password" name="password2" size="20" tabindex="2" maxlength="40" />
+		</td></tr>
+		<tr><td colspan="2" align="center">
+		  <?cs var:Lang.Text.ConfirmInitHint ?> <span id="confirmtext"><?cs var:Lang.Text.ConfirmInit ?></span></td></tr>
+		<tr><td colspan="2" align="center">
+		  <input type="text" name="confirm" size="30" tabindex="3" maxlength="50" />
+		</td></tr>
+		<tr><td colspan="2" align="center" style="padding:3%">
+		  <button type="submit" name="action" value="init_do"><?cs var:Lang.Button.DoInit ?></button>
+		</td></tr>
+	    </table>
+	</form>
+  </div>
+
+  <div class="partition_info">
+	<hr/>
+	<h2><?cs var:Lang.Text.PartitionInfo ?></h2>
+	<!-- TODO: CSS! -->
+	<p style="margin-left:10%; margin-right:10%; font-family:monospace">
+	  <?cs var:Data.PartitionInfo ?>
+	</p>
+  </div>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/intro.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/intro.cs
new file mode 100644
index 0000000..b0741c0
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/intro.cs
@@ -0,0 +1 @@
+this is the cryptobox!
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/macros.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/macros.cs
new file mode 100644
index 0000000..5b45034
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/macros.cs
@@ -0,0 +1,33 @@
+<?cs def:warning(warnname) ?><?cs
+    each:item = Lang.Warning ?><?cs 
+      if:(name(item) == warnname)
+        ?><div class="warning">
+		<h1><?cs var:item.Title ?></h1>
+		<p><?cs var:item.Text ?></p></div>
+	<?cs
+      /if ?><?cs
+    /each ?><?cs
+/def ?>
+
+
+<?cs def:error(errname) ?><?cs
+    each:item = Lang.Error ?><?cs 
+      if:(name(item) == errname)
+        ?><div class="error">
+		<h1><?cs var:item.Title ?></h1>
+		<p><?cs var:item.Text ?></p>
+	<?cs
+      /if ?><?cs
+    /each ?><?cs
+/def ?>
+
+
+<?cs def:parseTree(root) ?>
+<!-- the output looks quite ugly and is not very helpful as there are only a few values -->
+    <!-- data tree
+    <?cs each:item = root ?><?cs
+	name:item ?>: <?cs var:item ?><?cs
+	each:subitem = item ?> / <?cs name:subitem ?>=<?cs var:subitem ?><?cs /each ?>
+    <?cs /each ?>
+    -->
+<?cs /def ?>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/main.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/main.cs
new file mode 100644
index 0000000..5666d3f
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/main.cs
@@ -0,0 +1,11 @@
+<?cs include:TemplateDir + '/macros.cs' ?>
+<?cs include:TemplateDir + '/header.cs' ?>
+
+<?cs if:Data.Error ?>
+	<?cs include:TemplateDir + '/error.cs' ?>
+<?cs else ?>
+	<?cs if:Data.Warning ?><?cs call:warning(Data.Warning) ?><?cs /if ?>
+	<?cs include:TemplateDir + '/' + Data.Action + '.cs' ?>
+<?cs /if ?>
+
+<?cs include:TemplateDir + '/footer.cs' ?>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/mount_form.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/mount_form.cs
new file mode 100644
index 0000000..ab2ed5d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/mount_form.cs
@@ -0,0 +1,15 @@
+<h1>Aktivierung des verschl&uuml;sselten Dateisystems</h1>
+
+<div align="center">
+  <table border="0">
+    <form action="<?cs var:ScriptName ?>" method="post"
+	    enctype="application/x-www-form-urlencoded">
+	<tr><td align="right">Passwort eingeben: </td><td>
+	<input type="password" name="password" size="20" tabindex="0"
+	    maxlength="40" /></td></tr>
+	<tr><td colspan="2" align="center" style="padding:3%">
+	<button type="submit" name="action" value="mount_do">Dateisystem aktivieren</button>
+	    </td></tr>
+    </form>
+  </table>
+</div>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/nav.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/nav.cs
new file mode 100644
index 0000000..63bf9d1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/nav.cs
@@ -0,0 +1,22 @@
+<!-- mounting possible? -->
+<?cs if:((Data.Status.Config == 1) && (Data.Status.InitRunning == 0)) ?>
+    <?cs if:(Data.Status.Mounted == 1) ?>
+	<a href="<?cs var:ScriptName ?>?action=umount_do" title="Deaktivierung des verschl&uuml;sselten Dateisystems">Deaktivierung</a>
+    <?cs else ?>
+	<a href="<?cs var:ScriptName ?>?action=mount_ask" title="Aktivierung des verschl&uuml;sselten Dateisystems">Aktivierung</a>
+    <?cs /if ?>
+<?cs /if ?>
+
+<!-- already initialized (or at least in progress)? -->
+<?cs if:(Data.Status.Config == 1) ?>
+	<a href="<?cs var:ScriptName ?>?action=config_ask" title="Einstellungen">Einstellungen</a>
+<?cs /if ?>
+
+<a href="<?cs var:ScriptName ?>?action=init_ask" title="Ersteinrichtung">Initialisierung</a>
+<a href="<?cs var:ScriptName ?>?action=show_log" title="Ereignis-Protokoll">Protokoll</a>
+<a href="<?cs var:ScriptName ?>?action=doc" title="Nutzer-Handbuch">Hilfe</a>
+
+<?cs if:Data.Status.DevelopmentMode ?>
+    <a href="/cgi-bin/validate.sh" title="Validation">Test-Sequenzen</a>
+    <a href="/report/" title="Validierungsergebnisse">Test-Report</a>
+<?cs /if ?>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/show_log.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/show_log.cs
new file mode 100644
index 0000000..fb0764d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/show_log.cs
@@ -0,0 +1,11 @@
+<div id="log">
+
+	<h1><?cs var:Lang.Title.Log ?></h1>
+
+	<?cs if:Data.Log ?>
+		<p class="console"><?cs var:Data.Log ?></p>
+	<?cs else ?>
+		<p><?cs var:Lang.Text.EmptyLog ?></p>
+	<?cs /if ?>
+
+</div>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/README b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/README
new file mode 100644
index 0000000..a1f2417
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/README
@@ -0,0 +1,17 @@
+every report summary will be constructed this way:
+
+- header
+
+	- single_header
+	- result-ok | result-error
+	  <the diff>
+	- single_footer
+
+	- single_header
+	- result-ok | result-error
+	  <the diff>
+	- single_footer
+
+	...
+
+- footer
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/footer b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/footer
new file mode 100644
index 0000000..64ab34f
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/footer
@@ -0,0 +1,12 @@
+	</div><!-- end of 'validation' -->
+
+    </div><!-- end of 'words' -->
+
+    <div id="footer">
+	<a href="https://systemausfall.org/prj/cryptobox" title="Projekt-Seite">CryptoBox-Home</a>&nbsp;&nbsp;Die CryptoBox ist ein Projekt von <a href="https://systemausfall.org/senselab" title="systemausfall.org">sense.lab</a>
+    </div>
+
+  </div>
+</div>
+</body>
+</html>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/header b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/header
new file mode 100644
index 0000000..35f890e
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/header
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CryptoBox</title>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+	<meta http-equiv="pragma" content="no-cache" />
+	<meta http-equiv="cache-control" content="no-cache" />
+	<meta http-equiv="expires" content="0" />
+	<link rel="stylesheet" media="screen" href="/cryptobox.css" type="text/css" />
+</head>
+<body>
+
+<div id="main">
+  <div id="head">
+	<h1>Die CryptoBox</h1>
+	<h2>und zwar umsonst!</h2>
+  </div>
+
+  <div id="content">
+  
+    <div id="words">
+
+	<div id="validation">
+
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/result-error b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/result-error
new file mode 100644
index 0000000..46002e1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/result-error
@@ -0,0 +1 @@
+<p class="error">
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/result-ok b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/result-ok
new file mode 100644
index 0000000..3ce9342
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/result-ok
@@ -0,0 +1 @@
+<p class="valid">
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/single_footer b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/single_footer
new file mode 100644
index 0000000..a1a9917
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/single_footer
@@ -0,0 +1,2 @@
+</p>
+</div>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/single_header b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/single_header
new file mode 100644
index 0000000..7a784b7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/test-summary/single_header
@@ -0,0 +1,5 @@
+<div class="single_case">
+
+    <h1>_TESTNAME_</h1>
+    <h2>_TESTDESCRIPTION_</h2>
+
diff --git a/cryptobox.conf.d/usr/share/cryptobox/templates/umount_form.cs b/cryptobox.conf.d/usr/share/cryptobox/templates/umount_form.cs
new file mode 100644
index 0000000..85d3169
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/templates/umount_form.cs
@@ -0,0 +1,13 @@
+<h1><?cs var:Lang.Title.Umount ?></h1>
+
+<div align="center">
+  <table border="0">
+    <form action="<?cs var:ScriptName ?>" method="post"
+		enctype="application/x-www-form-urlencoded">
+	<tr><td colspan="2" align="center" style="padding:3%">
+	<button type="submit" name="action"
+		value="umount_do"><?cs var:Lang.Button.Umount ?></button>
+	</td></tr>
+    </form>
+  </table>
+</div>
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/description
new file mode 100644
index 0000000..09b8487
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/description
@@ -0,0 +1 @@
+show the main page
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/input.curl
new file mode 100644
index 0000000..f26cbd6
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/000-main/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/description
new file mode 100644
index 0000000..021c5a8
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/description
@@ -0,0 +1 @@
+display the init form
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/input.curl
new file mode 100644
index 0000000..f7b381e
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=init_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/010-init_ask/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/description
new file mode 100644
index 0000000..152094d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/description
@@ -0,0 +1 @@
+try initialisation with empty passwords
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/input.curl
new file mode 100644
index 0000000..4c0e110
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=init_do
+data	password=
+data	password2=
+data	confirm=ja%2C%20loesche%20alle%20Daten%21
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/020-init_empty_pw/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/description
new file mode 100644
index 0000000..7cda7f8
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/description
@@ -0,0 +1 @@
+try initialisation with different passwords
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/input.curl
new file mode 100644
index 0000000..d8f4a9b
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=init_do
+data	password=hallo
+data	password2=hall
+data	confirm=ja%2C%20loesche%20alle%20Daten%21
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/030-init_different_pw/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/description
new file mode 100644
index 0000000..5d192f7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/description
@@ -0,0 +1 @@
+try initialisation with wrong confirmation text
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/input.curl
new file mode 100644
index 0000000..01afbdb
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=init_do
+data	password=hallo
+data	password2=hallo
+data	confirm=something
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/040-init_wrong_confirmation/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/description
new file mode 100644
index 0000000..c17e908
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/description
@@ -0,0 +1 @@
+display mount form before initialisation
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/input.curl
new file mode 100644
index 0000000..9f3fe6f
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=mount_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/050-mount_ask_before_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/description
new file mode 100644
index 0000000..71bb94d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/description
@@ -0,0 +1 @@
+try mounting before initialisation
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/input.curl
new file mode 100644
index 0000000..5e1b21d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/input.curl
@@ -0,0 +1,3 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=mount_do
+data	password=hallo
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/060-mount_do_before_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/description
new file mode 100644
index 0000000..74666c4
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/description
@@ -0,0 +1 @@
+display umount form before initialisation
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/input.curl
new file mode 100644
index 0000000..5e64636
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=umount_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/070-umount_ask_before_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/description
new file mode 100644
index 0000000..b29462c
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/description
@@ -0,0 +1 @@
+try unmounting before initialisation
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/input.curl
new file mode 100644
index 0000000..c2aa465
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=umount_do
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/080-umount_do_before_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/description
new file mode 100644
index 0000000..f892aae
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/description
@@ -0,0 +1 @@
+display configuration form before initialisation
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/input.curl
new file mode 100644
index 0000000..8451813
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=config_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/090-config_ask_before_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/description
new file mode 100644
index 0000000..7bc7c71
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/description
@@ -0,0 +1 @@
+try configuring before initialisation
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/input.curl
new file mode 100644
index 0000000..ea23ddb
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=config_do
+data	language=de
+data	ip=192.168.0.23
+data	timeout=30
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/output
new file mode 100644
index 0000000..e218e20
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/100-config_do_before_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=0
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/description
new file mode 100644
index 0000000..c3f6acf
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/description
@@ -0,0 +1 @@
+initialize the box
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/input.curl
new file mode 100644
index 0000000..353e8b7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=init_do
+data	password=hallo
+data	password2=hallo
+data	confirm=ja%2C%20loesche%20alle%20Daten%21
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/110-init_valid/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/description
new file mode 100644
index 0000000..a5fcf46
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/description
@@ -0,0 +1 @@
+display mount form while initialization is running
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/input.curl
new file mode 100644
index 0000000..9f3fe6f
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=mount_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/120-mount_ask_during_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/description
new file mode 100644
index 0000000..f1f65df
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/description
@@ -0,0 +1 @@
+try mounting while initialisation is running
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/input.curl
new file mode 100644
index 0000000..5e1b21d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/input.curl
@@ -0,0 +1,3 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=mount_do
+data	password=hallo
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/130-mount_do_during_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/description
new file mode 100644
index 0000000..302bbfb
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/description
@@ -0,0 +1 @@
+display umount form while initialization is running
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/input.curl
new file mode 100644
index 0000000..5e64636
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=umount_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/140-umount_ask_during_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/description
new file mode 100644
index 0000000..fe1a227
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/description
@@ -0,0 +1 @@
+try unmounting while initialization is running
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/input.curl
new file mode 100644
index 0000000..c2aa465
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=umount_do
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/150-umount_do_during_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/description
new file mode 100644
index 0000000..b13458b
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/description
@@ -0,0 +1 @@
+display configuration form while initialization is running
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/input.curl
new file mode 100644
index 0000000..8451813
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=config_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/160-config_ask_during_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/description
new file mode 100644
index 0000000..6d70373
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/description
@@ -0,0 +1 @@
+try configuring while initialization is running
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/input.curl
new file mode 100644
index 0000000..d31c23e
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=config_do
+data	language=en
+data	ip=192.168.0.23
+data	timeout=40
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/170-config_do_during_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/description
new file mode 100644
index 0000000..f6eb07b
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/description
@@ -0,0 +1 @@
+display initialization form while initialization is running
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/input.curl
new file mode 100644
index 0000000..f7b381e
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=init_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/180-init_ask_during_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/description
new file mode 100644
index 0000000..ba98e9a
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/description
@@ -0,0 +1 @@
+try initialization while initialization is running
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/input.curl
new file mode 100644
index 0000000..353e8b7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=init_do
+data	password=hallo
+data	password2=hallo
+data	confirm=ja%2C%20loesche%20alle%20Daten%21
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/output
new file mode 100644
index 0000000..73f10c1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/1-init/190-init_do_during_init/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=1
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/description
new file mode 100644
index 0000000..5d80f37
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/description
@@ -0,0 +1 @@
+display mount form
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/input.curl
new file mode 100644
index 0000000..9f3fe6f
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=mount_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/output
new file mode 100644
index 0000000..b213cd7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/010-mount_ask/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/description
new file mode 100644
index 0000000..955c3e3
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/description
@@ -0,0 +1 @@
+try mounting with empty password
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/input.curl
new file mode 100644
index 0000000..d20b6db
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/input.curl
@@ -0,0 +1,3 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=mount_do
+data	password=
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/output
new file mode 100644
index 0000000..b213cd7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/020-mount_empty_pw/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/description
new file mode 100644
index 0000000..ef8182a
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/description
@@ -0,0 +1 @@
+try mounting without password
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/input.curl
new file mode 100644
index 0000000..bda8780
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=mount_do
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/output
new file mode 100644
index 0000000..b213cd7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/025-mount_no_pw/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/description
new file mode 100644
index 0000000..084b9b9
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/description
@@ -0,0 +1 @@
+try to mount with wrong password
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/input.curl
new file mode 100644
index 0000000..5e1b21d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/input.curl
@@ -0,0 +1,3 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=mount_do
+data	password=hallo
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/output
new file mode 100644
index 0000000..b213cd7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/030-mount_do_invalid_pw/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/description
new file mode 100644
index 0000000..78d4574
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/description
@@ -0,0 +1 @@
+mount it successfully
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/input.curl
new file mode 100644
index 0000000..5e1b21d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/input.curl
@@ -0,0 +1,3 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=mount_do
+data	password=hallo
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/output
new file mode 100644
index 0000000..8b4b280
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/040-mount_do_valid/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=1
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/description
new file mode 100644
index 0000000..4512d72
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/description
@@ -0,0 +1 @@
+display mount form while mounted
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/input.curl
new file mode 100644
index 0000000..9f3fe6f
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=mount_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/output
new file mode 100644
index 0000000..8b4b280
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/050-mount_ask_while_mounted/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=1
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/description
new file mode 100644
index 0000000..dde6b6e
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/description
@@ -0,0 +1 @@
+try mounting while mounted
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/input.curl
new file mode 100644
index 0000000..5e1b21d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/input.curl
@@ -0,0 +1,3 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=mount_do
+data	password=hallo
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/output
new file mode 100644
index 0000000..8b4b280
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/060-mount_do_while_mounted/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=1
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/description
new file mode 100644
index 0000000..53369c6
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/description
@@ -0,0 +1 @@
+display umount form
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/input.curl
new file mode 100644
index 0000000..5e64636
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=umount_ask
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/output
new file mode 100644
index 0000000..8b4b280
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/070-umount_ask/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=1
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/description
new file mode 100644
index 0000000..375ebee
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/description
@@ -0,0 +1 @@
+unmount
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/input.curl
new file mode 100644
index 0000000..c2aa465
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/input.curl
@@ -0,0 +1 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl?action=umount_do
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/output
new file mode 100644
index 0000000..b213cd7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/2-mount/080-umount_do/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/description
new file mode 100644
index 0000000..8d13350
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/description
@@ -0,0 +1 @@
+try to set an invalid language
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/input.curl
new file mode 100644
index 0000000..8d39483
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=config_do
+data	language=xy
+data	ip=192.168.0.23
+data	timeout=30
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/output
new file mode 100644
index 0000000..b213cd7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/100-config_invalid_lang/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/description
new file mode 100644
index 0000000..0c1ada2
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/description
@@ -0,0 +1 @@
+try to set an invalid IP
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/input.curl
new file mode 100644
index 0000000..9804a24
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=config_do
+data	language=de
+data	ip=192-168.0.23
+data	timeout=30
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/output
new file mode 100644
index 0000000..b213cd7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/110-config_invalid_ip/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/description
new file mode 100644
index 0000000..3c69e9d
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/description
@@ -0,0 +1 @@
+try to set an invalid timeout
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/input.curl
new file mode 100644
index 0000000..160f5b8
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=config_do
+data	language=de
+data	ip=192.168.0.23
+data	timeout=X
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/output
new file mode 100644
index 0000000..b213cd7
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/120-config_invalid_timeout/output
@@ -0,0 +1,7 @@
+Data.Config.IP=192.168.0.23
+Data.Config.Language=de
+Data.Config.TimeOut=30
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/description b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/description
new file mode 100644
index 0000000..4c9f0df
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/description
@@ -0,0 +1 @@
+configure the box
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/input.curl b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/input.curl
new file mode 100644
index 0000000..dfbacef
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/input.curl
@@ -0,0 +1,5 @@
+url	https://192.168.0.23/cgi-bin/cryptobox.pl
+data	action=config_do
+data	language=en
+data	ip=10.1.1.1
+data	timeout=7
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/output b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/output
new file mode 100644
index 0000000..4b76127
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/3-config/500-config_valid/output
@@ -0,0 +1,7 @@
+Data.Config.IP=10.1.1.1
+Data.Config.Language=en
+Data.Config.TimeOut=7
+Data.Status.Config=1
+Data.Status.InitRunning=0
+Data.Status.IP=192.168.0.23
+Data.Status.Mounted=0
diff --git a/cryptobox.conf.d/usr/share/cryptobox/test-cases/README b/cryptobox.conf.d/usr/share/cryptobox/test-cases/README
new file mode 100644
index 0000000..c903f98
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/cryptobox/test-cases/README
@@ -0,0 +1,7 @@
+the validate-script requires the following directory structure:
+
+- NAME_OF_SERIES
+    - NAME_OF_TEST_CASE
+	- description	- a short description of the setup
+	- input.curl	- options for the request via curl
+	- output	- the expected status output for this request (it is send as html comment)
diff --git a/cryptobox.conf.d/usr/share/doc/cryptobox/html/CryptoBox.html b/cryptobox.conf.d/usr/share/doc/cryptobox/html/CryptoBox.html
new file mode 100644
index 0000000..1ddaec1
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/doc/cryptobox/html/CryptoBox.html
@@ -0,0 +1,231 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
+<meta name="robots" content="index,nofollow">
+
+
+<title>CryptoBox - howto</title>
+<link rel=stylesheet type=text/css charset=utf-8 media=all href=../cryptobox.css>
+</head>
+<body>
+
+<div id="page" lang="en" dir="ltr"><!-- start page -->
+
+
+<h1 id="title"><a title="Click to do a full-text search for this title" href="/wikis/howto/CryptoBox?action=fullsearch&amp;value=%22CryptoBox%22&amp;context=180">CryptoBox</a></h1>
+<div lang="en" id="content" dir="ltr">
+<a id="top"></a>
+<ol>
+
+<li>
+<a href="#head-97e3ed911f9a14c537e247a2719dc86b73056dde">Ãœberblick</a>
+<ol>
+
+<li>
+<a href="#head-b44206765ef44c91cbfd0ba23b33b43a192eeb8d">Was kann die CryptoBox?</a>
+</li>
+
+<li>
+<a href="#head-81e691d388494e38d5f72c5a2f7abf5632625b6d">Was brauchst du?</a>
+</li>
+
+</ol>
+
+<li>
+<a href="#head-4a62d30abaeb5cd5d2e4545aabd13e81a819504f">Nutzung</a>
+<ol>
+
+<li>
+<a href="#head-52db644c60a52bcaed2c809cb51e1255bec6eb6e">Einrichtung</a>
+</li>
+
+<li>
+<a href="#head-705e3d9ef31243833f13eb8a9827381f27727407">tägliche Nutzung</a>
+</li>
+
+<li>
+<a href="#head-2dbc1550a8c92d00f6cbb94131b3e90651792212">Optimierung</a>
+</li>
+
+</ol>
+
+<li>
+<a href="#head-40e05c4967bb03e29499d0696362590be5c646d8">Entwicklung</a>
+<ol>
+
+<li>
+<a href="#head-ecfc074956b9f39a0fbfab314758db9cf39df4ce">Anforderungen</a>
+</li>
+
+<li>
+<a href="#head-c90560cd155843d48d791e731b9b6c0ee852dc9d">Mitmachen</a>
+</li>
+
+<li>
+<a href="#head-64a0a5e5f036e433b2a7101016e6e6af96f5a29d">Versionsverwaltung</a>
+</li>
+
+</ol>
+
+<li>
+<a href="#head-a3671f2dd22b53b402496f62c4f62c847220f2a1">Rechtliches</a>
+</li>
+
+</ol>
+<p> </p>
+<hr>
+<p> </p>
+
+<h2 id="head-97e3ed911f9a14c537e247a2719dc86b73056dde">Ãœberblick</h2>
+
+<p>Die CryptoBox ist eine Live-CD mit der sich jeder alte Rechner in Sekundenschnelle in einen verschlüsselnden Server umwandeln lässt. Damit kannst du sensible Daten speichern, ohne dass du Ahnung von Kryptografie haben musst. Das <a href="/wikis/howto/CryptoBoxKonzept">CryptoBoxKonzept</a> beschreibt die technischen Feinheiten näher. </p>
+
+<h3 id="head-b44206765ef44c91cbfd0ba23b33b43a192eeb8d">Was kann die CryptoBox?</h3>
+
+<ul>
+<li><p> Ein vollständiger <a class="interwiki" title="WikiPediaDe" href="http://de.wikipedia.org/wiki/Samba_%28Software%29"><img src="/moin-base/modern/img/moin-inter.png" alt="[WikiPediaDe]" height="16" width="16">Samba</a>-Dateiserver (für alle freien Betriebssysteme, sowie Windows und Mac OS) bietet Zugriff auf deine Daten. </p>
+</li>
+<li><p> Deine Daten werden mit <a class="external" href="http://de.wikipedia.org/wiki/Advanced_Encryption_Standard"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> AES</a> verschlüsselt (256 Bit Schlüssellänge). </p>
+</li>
+<li><p> Das Web-Interface bietet dir kinderleichten Zugriff auf alle Funktionen der CryptoBox. </p>
+<ul>
+<li><p> Verwaltung des verschlüsselten Dateisystems </p>
+</li>
+<li><p> Konfiguration der Netzwerk- und Sicherheitseinstellungen </p>
+</li>
+<li><p> abgesehen von deinem <a class="interwiki" title="WikiPediaDe" href="http://de.wikipedia.org/wiki/Webbrowser"><img src="/moin-base/modern/img/moin-inter.png" alt="[WikiPediaDe]" height="16" width="16">Browser</a> brauchst du keine weiteren Programme </p>
+</li>
+</ul>
+</li>
+</ul>
+
+<h3 id="head-81e691d388494e38d5f72c5a2f7abf5632625b6d">Was brauchst du?</h3>
+
+<ul>
+<li><p> einen ausrangierten Rechner  </p>
+<ul>
+<li><p> jeder gängige PC ab Baujahr 1992 genügt </p>
+</li>
+<li><p> Monitor, Tastatur, Maus usw. sind nicht erforderlich </p>
+</li>
+</ul>
+</li>
+<li><p> eine Festplatte (in deiner Wunschgröße) </p>
+</li>
+<li><p> eine Netzwerk-Karte </p>
+</li>
+<li><p> die CryptoBox-CD </p>
+</li>
+<li><p> keinerlei Wissen über Netzwerke oder Kryptografie </p>
+</li>
+</ul>
+
+<h2 id="head-4a62d30abaeb5cd5d2e4545aabd13e81a819504f">Nutzung</h2>
+
+
+<h3 id="head-52db644c60a52bcaed2c809cb51e1255bec6eb6e">Einrichtung</h3>
+
+<ol type="1">
+<li><p>Lade dir ein <a class="interwiki" title="WikiPediaDe" href="http://de.wikipedia.org/wiki/ISO-Image"><img src="/moin-base/modern/img/moin-inter.png" alt="[WikiPediaDe]" height="16" width="16">iso-Image</a> aus dem <a class="external" href="https://systemausfall.org/toolforge/cryptobox/download"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> Download-Bereich</a> herunter. <em>[in wenigen Tagen verfügbar]</em> </p>
+</li>
+<li><p>Kopiere dieses Image auf eine CD (RW). </p>
+</li>
+<li><p>Starte den zukünftigen Datei-Server mit der CryptoBox-LiveCD. </p>
+</li>
+<li><p>Benutze das Web-Interface der CryptoBox für: </p>
+<ol type="1">
+<li><p>die Netzwerk- und Sicherheitseinstellungen </p>
+</li>
+<li><p>die Einrichtung des verschlüsselten Dateisystems </p>
+</li>
+</ol>
+</li>
+<li><p>Fertig ist deine persönliche CryptoBox. </p>
+</li>
+</ol>
+
+<h3 id="head-705e3d9ef31243833f13eb8a9827381f27727407">tägliche Nutzung</h3>
+
+<ol type="1">
+<li><p>Schalte deine CryptoBox ein. -kurz warten- </p>
+</li>
+<li><p>Gib im Browser das Kennwort fuer die verschlüsselten Daten ein. </p>
+</li>
+<li><p>Verwende die Daten der auf deiner CryptoBox bequem als Netzlaufwerk. </p>
+</li>
+</ol>
+
+<h3 id="head-2dbc1550a8c92d00f6cbb94131b3e90651792212">Optimierung</h3>
+
+<ol type="1">
+<li><p>Du hast einen Verbesserungsvorschlag oder findest gar einen Fehler. </p>
+</li>
+<li><p>Schreib's in unsere <a class="external" href="https://systemausfall.org/trac/cryptobox"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> Gedankensammelstelle</a> </p>
+</li>
+<li><p>Wir beheben das Problem oder nehmen, bei Unklarheiten, Kontakt mit dir auf. </p>
+</li>
+</ol>
+
+<h2 id="head-40e05c4967bb03e29499d0696362590be5c646d8">Entwicklung</h2>
+
+<p>Eine CryptoBox-LiveCD wird in folgenden Schritten erstellt: </p>
+<ol type="1">
+<li><p>ein minimales <a class="external" href="http://www.debian.org"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> debian</a>-System erzeugen (mit <a class="interwiki" title="DebianPackage" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=1&amp;version=all&amp;release=all&amp;keywords=dfsbuild"><img src="/moin-base/modern/img/moin-inter.png" alt="[DebianPackage]" height="16" width="16">dfsbuild</a>) </p>
+</li>
+<li><p>spezifische Anpassungen des Systems vornehmen </p>
+</li>
+<li><p>die Verwaltungs- und <em>cgi</em>-Skripte hinzufügen </p>
+</li>
+<li><p>ein iso-Image daraus erzeugen </p>
+</li>
+</ol>
+<p>Diese Schritte werden automatisiert durch ein Skript ausgeführt und können beliebig angepasst werden. </p>
+<p>Ausführlichere Infos gibt's unter <a href="/wikis/howto/CryptoBoxDev">CryptoBoxDev</a>. </p>
+
+<h3 id="head-ecfc074956b9f39a0fbfab314758db9cf39df4ce">Anforderungen</h3>
+
+<ul>
+<li><p> ein <a class="external" href="http://www.debian.org"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> debian</a>-System (eine <em>chroot</em>-Umgebung genügt auch) </p>
+</li>
+<li><p> <a class="interwiki" title="DebianPackage" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=1&amp;version=all&amp;release=all&amp;keywords=qemu"><img src="/moin-base/modern/img/moin-inter.png" alt="[DebianPackage]" height="16" width="16">qemu</a> zum Testen des erzeugten Systems in einer virtuellen Umgebung </p>
+</li>
+</ul>
+
+<h3 id="head-c90560cd155843d48d791e731b9b6c0ee852dc9d">Mitmachen</h3>
+
+<p>Beteilige dich an der Entwicklung der CryptoBox und werde reich und schön! <img src="/moin-base/modern/img/smile4.png" alt=";)" height="15" width="15"> <br>
+ Nee im Ernst, wir freuen uns über jeden partizipierenden Menschen. Du wirst in einem entspannten Team reichlich Erfahrungen sammeln, eine nützliche Sache voranbringen und - wer weiß - vielleicht macht dich das auch schön, hehe. Schreib eine Mail an <em>svn-cryptobox[at]lists.systemausfall.org</em> und hab Spaß. </p>
+
+<h3 id="head-64a0a5e5f036e433b2a7101016e6e6af96f5a29d">Versionsverwaltung</h3>
+
+<p>Wir verwenden <a class="external" href="http://subversion.tigris.org"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> subversion</a> zur Koordination der Arbeit an der CryptoBox. Der Lese-Zugang zum Repository ist öffentlich. </p>
+<p>Das Repository ist über folgende Adressen erreichbar: </p>
+<dl>
+<dt>Kommandozeile</dt>
+<dd><p><a href="https://svn.systemausfall.org/svn/cryptobox"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> https://svn.systemausfall.org/svn/cryptobox</a> </p>
+</dd>
+<dt>Web-Interface</dt>
+<dd><p><a href="https://systemausfall.org/websvn/cryptobox"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> https://systemausfall.org/websvn/cryptobox</a> </p>
+</dd>
+</dl>
+
+<h2 id="head-a3671f2dd22b53b402496f62c4f62c847220f2a1">Rechtliches</h2>
+
+<ol type="1">
+<li><p>Alle Skripte unterliegen der <a class="external" href="http://www.fsf.org/licensing/licenses/gpl.html"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> GPL</a> - sie sind also quasi vollständig frei. </p>
+</li>
+<li><p>Die Dokumentation unterliegt einer <em><a class="external" href="http://creativecommons.org/licenses/by-sa/2.5/"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> Creative Commons</a></em>-Lizenz, damit wird die Möglichkeit der freien Verbreitung des gesammelten Wissens gewährleistet. </p>
+</li>
+<li><p>Wir übernehmen keinerlei Haftung für eventuelle Folgen, die durch die Nutzung einer CryptoBox entstehen könnten. </p>
+</li>
+</ol>
+<a id="bottom"></a>
+
+</div>
+<p id="pageinfo" class="info" lang="en" dir="ltr">last edited 2005-07-07 14:35:55 by <span title=""></span></p>
+
+</div> <!-- end page -->
+</body>
+</html>
+
diff --git a/cryptobox.conf.d/usr/share/doc/cryptobox/html/CryptoBoxDev.html b/cryptobox.conf.d/usr/share/doc/cryptobox/html/CryptoBoxDev.html
new file mode 100644
index 0000000..95e7b01
--- /dev/null
+++ b/cryptobox.conf.d/usr/share/doc/cryptobox/html/CryptoBoxDev.html
@@ -0,0 +1,344 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
+<meta name="robots" content="index,nofollow">
+
+
+<title>CryptoBoxDev - howto</title>
+<link rel=stylesheet type=text/css charset=utf-8 media=all href=../cryptobox.css>
+</head>
+<body>
+
+<div id="page" lang="en" dir="ltr"><!-- start page -->
+
+
+<h1 id="title"><a title="Click to do a full-text search for this title" href="/wikis/howto/CryptoBoxDev?action=fullsearch&amp;value=%22CryptoBoxDev%22&amp;context=180">CryptoBoxDev</a></h1>
+<div lang="en" id="content" dir="ltr">
+<a id="top"></a>
+<ol>
+
+<li>
+<a href="#head-6eb518f032b739c4ddc4336b19cefd3fa16e20aa">Komponenten</a>
+<ol>
+
+<li>
+<a href="#head-734d8f8dd2dc75137657154aab53d33f64f891bd">dfsbuild</a>
+</li>
+
+<li>
+<a href="#head-254d88cf784c8561fa87b86fb6114b5024808a3f">cb-build</a>
+<ol>
+
+<li>
+<a href="#head-5850d37242fe07221892c0126989304825831e5c">Beispiele</a>
+</li>
+
+</ol>
+
+<li>
+<a href="#head-b4a0271d176c624fda4d38f5c138aefe0a329bca">der CryptoBox-Kernel</a>
+</li>
+
+<li>
+<a href="#head-d81befa59fe38bcf5ffae7c0c4c42141d74395eb">Verwendung des Subversion-Repositories</a>
+</li>
+
+</ol>
+
+<li>
+<a href="#head-488d495ca9bbbac0c903c2de823c13efa299cc43">Ablauf</a>
+<ol>
+
+<li>
+<a href="#head-ccb175f65be28296434126b424a7d8d0ca40c4c5">der erste Bootvorgang</a>
+</li>
+
+<li>
+<a href="#head-ae7819ff9abff3fbdc393673215b858ba4528109">per webfrontend mounten</a>
+</li>
+
+</ol>
+
+<li>
+<a href="#head-2968dfa19053089622a83f46a999c6d2f8d0c7de">Bugs</a>
+</li>
+
+<li>
+<a href="#head-3627c73e59109bcdb97aeeb51d07efa784bb633e">Hints</a>
+</li>
+
+<li>
+<a href="#head-4b1cd21b02476764e3cb220094117e69699f3ba9">andere Ansätze</a>
+<ol>
+
+<li>
+<a href="#head-032dea2c5aba735742a9e935ee55629bf2739194">Knoppix</a>
+</li>
+
+<li>
+<a href="#head-0eec3ed15826633b2667c982fb486e988514faac">Morphix / IBuild</a>
+</li>
+
+</ol>
+
+</li>
+
+</ol>
+<p> </p>
+<hr>
+<p> </p>
+
+<h2 id="head-6eb518f032b739c4ddc4336b19cefd3fa16e20aa">Komponenten</h2>
+
+<p>Eine <a href="/wikis/howto/CryptoBox">CryptoBox</a> CD wird in wenigen Schritten erstellt. Die Basisarbeit erledigt 'dfsbuild' und die genaue Konfiguration macht 'cb-build'. </p>
+
+<h3 id="head-734d8f8dd2dc75137657154aab53d33f64f891bd">dfsbuild</h3>
+
+<p>Das Linux Grundsystem für die <a href="/wikis/howto/CryptoBox">CryptoBox</a> CD wird mit <a class="interwiki" title="DebianPackage" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=1&amp;version=all&amp;release=all&amp;keywords=dfsbuild"><img src="/moin-base/modern/img/moin-inter.png" alt="[DebianPackage]" height="16" width="16">dfsbuild</a> gebaut. Das ist ein Programm, welches eine <a class="external" href="http://www.debian.org"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> Debian</a> Live-CD erzeugt.<br>
+ <em>(Wir entwickeln die <a href="/wikis/howto/CryptoBox">CryptoBox</a> bisher auf Debian/Linux-Systemen. Prinzipiell dürfte es auch mit deiner Lieblingsdistro funktionieren, nur der anfängliche Einrichtungsaufwand wird dadurch größer.)</em> </p>
+<p>Für "dfsbuild" bietet sich <a class="badinterwiki" title="DebianPackages" href="/wikis/howto/InterWiki"><img src="/moin-base/modern/img/moin-inter.png" alt="[DebianPackages]" height="16" width="16">apt-cacher</a> an. Damit brauchst du nicht für jeden Bau des Grundsystems alle Debian-Pakete erneut herunter laden. </p>
+<p>Installation: </p>
+<ul>
+<li><p> <tt>apt-get&nbsp;install&nbsp;dfsbuild&nbsp;apt-cacher</tt> </p>
+</li>
+</ul>
+<p>Die <em>dfsbuild</em>-Dokumentation ist noch recht spärlich. Du kommst aber kaum in direkten Kontakt mit <em>dfsbuild</em>, da es durch 'cb-build' aufgerufen wird. Die folgenden Links helfen dir vielleicht trotzdem weiter: </p>
+<ul>
+<li><p> <a class="external" href="http://www.debian-administration.org/articles/125"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> dfsbuild1</a> </p>
+</li>
+<li><p> <a class="external" href="http://www.debian-administration.org/articles/149"><img src="/moin-base/modern/img/moin-www.png" alt="[WWW]" height="11" width="11"> dfsbuild2</a> </p>
+</li>
+</ul>
+
+<h3 id="head-254d88cf784c8561fa87b86fb6114b5024808a3f">cb-build</h3>
+
+<p>Die wichtige Kleinarbeit, damit aus dem dfsbuild-System eine <a href="/wikis/howto/CryptoBox">CryptoBox</a> wird, erledigt <em>cb-build.sh</em>.<br>
+ Das Script und die bestehenden Konfigurationsdateien liegen im <a class="interwiki" title="SubVersion" href="/websvn/cryptobox"><img src="/moin-base/modern/img/moin-inter.png" alt="[SubVersion]" height="16" width="16">cryptobox-Repository</a>. </p>
+<p>Mit diesem Script baust du deine eigene <a href="/wikis/howto/CryptoBox">CryptoBox</a>-CD. Hier ein kurzer Ãœberblick: </p>
+<div>
+<table>
+<tr>
+<td>
+<p> <em>Aktion</em> </p>
+</td>
+<td>
+<p> <em>Beschreibung</em> </p>
+</td>
+</tr>
+<tr>
+<td>
+<p> dfsbuild </p>
+</td>
+<td>
+<p> startet dfsbuild und legt eine Arbeitskopie an </p>
+</td>
+</tr>
+<tr>
+<td>
+<p> config </p>
+</td>
+<td>
+<p> kopiert die Konfiguration (cryptobox.conf.d) in die Arbeitskopie </p>
+</td>
+</tr>
+<tr>
+<td>
+<p> iso </p>
+</td>
+<td>
+<p> erstellt das iso-image </p>
+</td>
+</tr>
+<tr>
+<td>
+<p> chroot </p>
+</td>
+<td>
+<p> für kleine Tests reicht auch chroot (<strong>Vorsicht</strong>: dabei riskierst du, deine reale Festplatte zu überschreiben) </p>
+</td>
+</tr>
+<tr>
+<td>
+<p> qemu </p>
+</td>
+<td>
+<p> startet das image mit <em>qemu</em> (zum sicheren Testen) </p>
+</td>
+</tr>
+<tr>
+<td>
+<p> revert </p>
+</td>
+<td>
+<p> Wiederherstellung des dfsbuild-Endprodukts - falls mensch mit <em>config</em> die Arbeitskopie übertrieben verschmutzt hat </p>
+</td>
+</tr>
+</table>
+</div>
+<p>Das kannst mehrere Aktionen als Parameter angeben. </p>
+
+<h4 id="head-5850d37242fe07221892c0126989304825831e5c">Beispiele</h4>
+
+<dl>
+<dt>Die erste Erstellung des Grundsystems</dt>
+<dd><p><tt>./cb-build.sh&nbsp;dfsbuild</tt> </p>
+</dd>
+<dt>Anpassungen vornehmen, ISO-Image erstellen und per ''qemu'' testen</dt>
+<dd><p><tt>./cb-build.sh&nbsp;config&nbsp;iso&nbsp;qemu</tt> </p>
+</dd>
+</dl>
+
+<h3 id="head-b4a0271d176c624fda4d38f5c138aefe0a329bca">der CryptoBox-Kernel</h3>
+
+<p>Der Kernel für die <a href="/wikis/howto/CryptoBox">CryptoBox</a> wird statisch kompiliert. Wenn du ihn selbst bauen/verändern willst, dann am einfachsten so: </p>
+<ul>
+<li><p> apt-get install kernel-tree-2.6.8 </p>
+</li>
+<li><p> schnapp dir /boot/config-2.6.8 von einer gebauten <a href="/wikis/howto/CryptoBox">CryptoBox</a> CD und verändere sie nach deinen Wünschen </p>
+</li>
+<li><p> zum Erstellen des Debian-Pakets: <tt>&nbsp;make-kpkg&nbsp;--revision=1.dfs&nbsp;--rootcmd=fakeroot&nbsp;kernel_image</tt> </p>
+</li>
+<li><p> nun musst du eventuell in der <em>dfsbuild.conf</em> den Namen des vorherigen Kernel-Pakets durch deinen neuen ersetzen </p>
+</li>
+</ul>
+
+<h3 id="head-d81befa59fe38bcf5ffae7c0c4c42141d74395eb">Verwendung des Subversion-Repositories</h3>
+
+<p>Erstellung einer lokalen Arbeitskopie des Entwickler-Repositories: <tt>svn&nbsp;checkout&nbsp;https://svn.systemausfall.org/svn/cryptobox&nbsp;deincryptoboxverzeichnis</tt> </p>
+<p>Deine Änderungen an der <a href="/wikis/howto/CryptoBox">CryptoBox</a> klannst du per <tt>svn&nbsp;commit</tt> in unser Repository übertragen. Dazu musst du, aber vorher Schreibrechte erhalten (die wir gerne vergeben). <img src="/moin-base/modern/img/smile.png" alt=":)" height="15" width="15"> </p>
+
+<h2 id="head-488d495ca9bbbac0c903c2de823c13efa299cc43">Ablauf</h2>
+
+<p>Hier werden wichtige interne Abläufe der Cryptobox beschrieben. </p>
+
+<h3 id="head-ccb175f65be28296434126b424a7d8d0ca40c4c5">der erste Bootvorgang</h3>
+
+<ul>
+<li><p> checken ob config partition auf der platte liegt </p>
+<ul>
+<li><p> testmount der ersten partition </p>
+</li>
+</ul>
+</li>
+<li><p> wenn ja, configs einlesen und system normal starten </p>
+</li>
+<li><p> wenn nicht: </p>
+<ul>
+<li><p> webserver starten und anbieten die gefundene platte "hinzurichten" </p>
+<ul>
+<li><p> nutzerdaten sammeln (ip adresse, netzwerkname usw.) </p>
+</li>
+<li><p> <em>abfrage ob wirklich: wipe -f -k -R /dev/urandom /dev/?d? (fortschritt anzeigen)</em> </p>
+<ul>
+<li><p> <em>wenn nicht, dann hilfeseite zeigen</em> </p>
+</li>
+</ul>
+</li>
+<li><p> partitionen anlegen  </p>
+<ul>
+<li><p> erste part. mkfs &amp; mount (config) </p>
+</li>
+<li><p> fstab drauf schreiben </p>
+</li>
+<li><p> crypttab  dito </p>
+</li>
+<li><p> interfaces dito </p>
+</li>
+<li><p> smb.conf dito </p>
+</li>
+</ul>
+</li>
+<li><p> kennwort abfrage per cgi </p>
+</li>
+<li><p> zweite part. cryptsetup &amp; mkfs &amp; mount (crypto) </p>
+</li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+
+<h3 id="head-ae7819ff9abff3fbdc393673215b858ba4528109">per webfrontend mounten</h3>
+
+<ul>
+<li><p> pw abfrage </p>
+</li>
+<li><p> checken ob mount geklappt hat </p>
+</li>
+<li><p> samba starten </p>
+</li>
+<li><p> ... </p>
+</li>
+<li><p> nach timeout oder auf wunsch samba stoppen </p>
+</li>
+<li><p> cryptodevice entfernen </p>
+</li>
+</ul>
+<hr>
+<p> </p>
+
+<h2 id="head-2968dfa19053089622a83f46a999c6d2f8d0c7de">Bugs</h2>
+
+<ul>
+<li><p> unter qemu trat immer wieder ein Fehler "interleaved files not (yet) supported" auf </p>
+<ul>
+<li><p> willkürlich waren manche Verzeichnisse ungültig (also hatten nur das Datei-Attribut) </p>
+</li>
+<li><p> die nicht-standardkonformen mkisofs-Optionen "-U -D" haben das Problem nicht behoben </p>
+</li>
+</ul>
+</li>
+<li><p> eventuell hängt dies mit dem vorherigen Fehler zusammen: das System verhält sich systematisch fehlerhaft (beispielsweise löst der Start von <em>nmbd</em> generell ein <em>segfault</em> aus) </p>
+</li>
+</ul>
+
+<h2 id="head-3627c73e59109bcdb97aeeb51d07efa784bb633e">Hints</h2>
+
+<ul>
+<li><p> Du brauchst etwa 1GB Plattenplatz für den Bau einer Cryptobox. Das eigentliche CD-Image wird aber nur knapp 250MB groß. </p>
+</li>
+<li><p> Für <em>dfsbuild</em> bietet sich <a class="interwiki" title="DebianPackage" href="http://packages.debian.org/cgi-bin/search_packages.pl?searchon=names&amp;subword=1&amp;version=all&amp;release=all&amp;keywords=apt-cacher"><img src="/moin-base/modern/img/moin-inter.png" alt="[DebianPackage]" height="16" width="16">apt-cacher</a> an. Damit müssen die Debian-Pakete nicht bei jedem neuen <em>dfsbuild</em>-Vorgang erneut heruntergeladen werden. </p>
+</li>
+<li><p> cb-build muss für folgende Vorgänge mit root Rechten laufen: <tt>dfsbuild,&nbsp;config,&nbsp;chroot,&nbsp;revert</tt> </p>
+</li>
+<li><p> <em>cb-build.sh</em> verwendet relative Pfad-Angaben - du solltest es also aus dem Verzeichnis heraus starten, in dem sich beispielsweise auch <em>cb-build.sh</em> befindet. </p>
+</li>
+<li><p> Netzwerk für <em>qemu</em>: </p>
+<ul>
+<li><p> dein Systemkernel muss das <em>tun/tap</em>-Netzwerkgerät unterstützen <strong>(TODO: entsprechende Zeile der Kernel-Config einfuegen)</strong> </p>
+</li>
+<li><p> eventuell musst du "misc/qemu-ifup.sh" an dein System anpassen </p>
+</li>
+</ul>
+</li>
+</ul>
+<hr>
+<p> </p>
+
+<h2 id="head-4b1cd21b02476764e3cb220094117e69699f3ba9">andere Ansätze</h2>
+
+<p>Hier findest du ältere Ideen, die zum Teil schon recht umfangreiche Gestalt angenommen haben aber momentan von uns nicht weiter verfolgt werden. </p>
+
+<h3 id="head-032dea2c5aba735742a9e935ee55629bf2739194">Knoppix</h3>
+
+<ul>
+<li><p> <a href="/wikis/howto/CryptoBoxKnoppixVerworfen">CryptoBoxKnoppixVerworfen</a> </p>
+</li>
+</ul>
+
+<h3 id="head-0eec3ed15826633b2667c982fb486e988514faac">Morphix / IBuild</h3>
+
+<ul>
+<li><p> <a href="/wikis/howto/CryptoBoxMorphixVerworfen">CryptoBoxMorphixVerworfen</a> </p>
+</li>
+</ul>
+<a id="bottom"></a>
+
+</div>
+<p id="pageinfo" class="info" lang="en" dir="ltr">last edited 2005-07-07 19:01:07 by <span title=""></span></p>
+
+</div> <!-- end page -->
+</body>
+</html>
+
diff --git a/cryptobox.conf.d/var/www/cgi-bin/cryptobox.pl b/cryptobox.conf.d/var/www/cgi-bin/cryptobox.pl
new file mode 100755
index 0000000..ddd3a67
--- /dev/null
+++ b/cryptobox.conf.d/var/www/cgi-bin/cryptobox.pl
@@ -0,0 +1,301 @@
+#!/usr/bin/perl
+#
+# Vorbereitung:
+#  - die Variable "MNTIMAGE" (siehe unten) setzen - es muss der Name der cryptoloop-image-Datei sein
+#  - in die /etc/fstab einen passenden Eintrag einfuegen, z.B.:
+#     /data/cryptoimage.loop	/mnt/crypto	auto	noauto,user,loop,encryption=aes,keybits=256
+#  - ein Image erstellen (als root):
+#   dd if=/dev/zero of=cryptoimage.loop bs=1M count=10
+#   losetup -k 256 -e aes /dev/loop1 cryptoimage.loop
+#   mkfs.ext3 /dev/loop1
+#   losetup -d /dev/loop1
+#
+
+
+###############################################
+
+use strict;
+use CGI;
+use ClearSilver;
+use ConfigFile;
+
+my ($pagedata, $pagename);
+
+my ($LANGUAGE_DIR, $LANGUAGE, $TEMPLATE_DIR, $DOC_DIR);
+my ($CB_SCRIPT, $LOG_FILE, $DEVELOPMENT_MARKER);
+
+my $config = ConfigFile::read_config_file('/etc/cryptobox/cryptobox.conf');
+
+$CB_SCRIPT = $config->{CB_SCRIPT};
+$LOG_FILE = $config->{LOG_FILE};
+$LANGUAGE_DIR = $config->{LANGUAGE_DIR};
+$LANGUAGE = $config->{LANGUAGE};
+$TEMPLATE_DIR = $config->{TEMPLATE_DIR};
+$DOC_DIR = $config->{DOC_DIR};
+$DEVELOPMENT_MARKER = $config->{DEVELOPMENT_MARKER};
+
+
+#################### subs ######################
+
+sub load_hdf()
+{
+	my $hdf = ClearSilver::HDF->new();
+
+	$hdf->readFile("$LANGUAGE_DIR/$LANGUAGE" . '.hdf');
+
+	$hdf->setValue("TemplateDir","$TEMPLATE_DIR");
+	$hdf->setValue("DocDir","$DOC_DIR");
+	$hdf->setValue("ScriptName", $ENV{'SCRIPT_NAME'});
+
+	return $hdf;
+}
+
+sub check_mounted
+{
+	return (system("$CB_SCRIPT","is_crypto_mounted") == 0);
+}
+
+
+sub check_config
+{
+	return (system("$CB_SCRIPT","is_config_mounted") == 0);
+}
+
+
+sub check_init_running
+{
+	return (system("$CB_SCRIPT","is_init_running") == 0);
+}
+
+
+sub get_current_ip
+# the IP of eth0 - not the configured value of the box (only for validation)
+{
+	return `$CB_SCRIPT get_current_ip`;
+}
+
+
+sub render()
+{
+	$pagedata->setValue("PageName","$pagename");
+	my $pagefile = "$TEMPLATE_DIR/main.cs";
+	print "Content-Type: text/html\n\n";
+
+	my $cs = ClearSilver::CS->new($pagedata);
+	$cs->parseFile($pagefile);
+
+	print $cs->render();
+}
+
+
+sub mount_vol
+{
+	my $pw = shift;
+
+	if (&check_mounted) {
+		$pagedata->setValue('Data.Warning', 'Das Dateisystem war bereits aktiv!');
+		return 0;
+	}
+
+	# TODO: the output is always empty?
+	my $output = open(PW_INPUT, "| $CB_SCRIPT crypto-mount");
+	print PW_INPUT $pw;
+	close(PW_INPUT);
+
+	$pagedata->setValue('Data.ProgOutput',"$output") if ($output);
+
+	if (!&check_mounted()) {
+	    	$pagedata->setValue('Data.Warning', 'MountFailed');
+		$pagedata->setValue('Data.Action', 'umount_form');
+	}
+}
+
+
+sub umount_vol
+{
+	unless (&check_mounted) {
+		$pagedata->setValue('Data.Warning', 'Das Dateisystem war bereits inaktiv!');
+		return 0;
+	}
+
+	# TODO: check if "system" returns output
+	my $output = `$CB_SCRIPT crypto-umount`;
+	$pagedata->setValue('Data.ProgOutput',"$output") if ($output);
+
+	if (!&check_mounted()) {
+	    	$pagedata->setValue('Data.Warning', 'UmountFailed');
+		$pagedata->setValue('Data.Action', 'mount_form');
+	}
+}
+
+
+sub box_init
+{
+	# TODO: redirect output to pagedata
+	my $pw = shift;
+
+	# partitioning, config and initial cryptsetup
+	open(PW_INPUT, "|$CB_SCRIPT box-init-fg");
+	print PW_INPUT $pw;
+	close(PW_INPUT);
+
+	# wipe and mkfs takes some time
+	my $output = `$CB_SCRIPT box-init-bg`;
+
+	# TODO: "output" has to get filtered through something like "s/$/<br>/" - in perl, please!
+	$pagedata->setValue('Data.ProgOutput',"$output") if ($output);
+}
+
+
+################### main #########################
+
+my $query = new CGI;
+
+$pagedata = load_hdf();
+
+
+#TODO: check result of actions and set Data.Error for failures
+
+if ($query->param) {
+    my $action = $query->param('action');
+
+    if ($action eq 'umount_do') {
+	if ( ! &check_config()) {
+	    $pagedata->setValue('Data.Warning', 'NotConfigured');
+	    $pagedata->setValue('Data.Action', 'init_form');
+	} elsif (&check_init_running()) {
+	    $pagedata->setValue('Data.Warning', 'InitNotFinished');
+	    $pagedata->setValue('Data.Action', 'mount_form');
+	} elsif ( ! &check_mounted()) {
+	    $pagedata->setValue('Data.Warning', 'NotMounted');
+	    $pagedata->setValue('Data.Action', 'mount_form');
+	} else {
+	    # unmounten
+	    &umount_vol();
+	    $pagedata->setValue('Data.Action', 'mount_form');
+	}
+    } elsif ($action eq 'mount_do') {
+	# mount requested
+	if ( ! &check_config()) {
+	    $pagedata->setValue('Data.Warning', 'NotConfigured');
+	    $pagedata->setValue('Data.Action', 'init_form');
+	} elsif (&check_init_running()) {
+	    $pagedata->setValue('Data.Warning', 'InitNotFinished');
+	    $pagedata->setValue('Data.Action', 'mount_form');
+	} elsif (&check_mounted()) {
+	    $pagedata->setValue('Data.Warning', 'IsMounted');
+	    $pagedata->setValue('Data.Action', 'umount_form');
+	} elsif ($query->param('password') eq '') {
+	    # leeres Passwort
+	    $pagedata->setValue('Data.Warning', 'EmptyPassword');
+	    $pagedata->setValue('Data.Action', 'mount_form');
+	} else  {
+	    # mounten
+	    &mount_vol($query->param('password'));
+	    $pagedata->setValue('Data.Action', 'umount_form');
+	}
+    } elsif ($action eq 'mount_ask') {
+	if ( ! &check_config()) {
+	    $pagedata->setValue('Data.Warning', 'NotConfigured');
+	    $pagedata->setValue('Data.Action', 'init_form');
+	} elsif (&check_init_running()) {
+	    $pagedata->setValue('Data.Warning', 'InitNotFinished');
+	    $pagedata->setValue('Data.Action', 'mount_form');
+	} elsif (&check_mounted()) {
+	    $pagedata->setValue('Data.Warning', 'IsMounted');
+	    $pagedata->setValue('Data.Action', 'intro');
+	} else {
+	    $pagedata->setValue('Data.Action', 'mount_form');
+	}
+    } elsif ($action eq 'umount_ask') {
+	if ( ! &check_config()) {
+	    $pagedata->setValue('Data.Warning', 'NotConfigured');
+	    $pagedata->setValue('Data.Action', 'init_form');
+	} elsif ( ! &check_mounted()) {
+	    $pagedata->setValue('Data.Warning', 'NotMounted');
+	    $pagedata->setValue('Data.Action', 'mount_form');
+	} else {
+	    $pagedata->setValue('Data.Action', 'umount_form');
+	}
+    } elsif ($action eq 'init_ask') {
+	if (&check_init_running()) {
+	    $pagedata->setValue('Data.Warning', 'InitNotFinished');
+	    $pagedata->setValue('Data.Action', 'intro');
+	} elsif (&check_config()) {
+	    $pagedata->setValue('Data.Warning', 'AlreadyConfigured');
+	    $pagedata->setValue('Data.Action', 'init_form');
+	} else {
+	    $pagedata->setValue('Data.Action', 'init_form');
+	}
+    } elsif ($action eq 'init_do') {
+	if ($query->param('password') ne $query->param('password2')) {
+		# different passwords
+		$pagedata->setValue('Data.Warning', 'DifferentPasswords');
+		$pagedata->setValue('Data.Action', 'init_form');
+	} elsif ($query->param('password') eq '') {
+		# empty password
+		$pagedata->setValue('Data.Warning', 'EmptyPassword');
+		$pagedata->setValue('Data.Action', 'init_form');
+	} elsif ($query->param('confirm') ne $pagedata->getValue('Lang.Text.ConfirmInit','')) {
+		# wrong confirm string
+		$pagedata->setValue('Data.Warning', 'InitNotConfirmed');
+		$pagedata->setValue('Data.Action', 'init_form');
+	} else {
+		# do init
+		&box_init($query->param('password'));
+		$pagedata->setValue('Data.Action', 'config_form');
+    	}
+    } elsif ($action eq 'config_ask') {
+	if ( ! &check_config()) {
+	    $pagedata->setValue('Data.Warning', 'NotConfigured');
+	    $pagedata->setValue('Data.Action', 'init_form');
+	} else {
+	    $pagedata->setValue('Data.Action', 'config_form');
+	}
+    } elsif ($action eq 'config_do') {
+	# TODO: not implemented yet!
+	system("$CB_SCRIPT", "set_config", "language", $query->param('language'));
+	system("$CB_SCRIPT", "set_config", "timeout", $query->param('timeout'));
+	system("$CB_SCRIPT", "set_config", "ip", $query->param('ip'));
+	$pagedata->setValue('Data.Action', 'intro');
+    } elsif ($action eq 'show_log') {
+	$pagedata->setValue('Data.Action', 'show_log');
+    } elsif ($action eq 'doc') {
+	if ($query->param('page')) {
+	    $pagedata->setValue('Data.Doc.Page', $query->param('page'));
+	} else {
+	    $pagedata->setValue('Data.Doc.Page', 'CryptoBox.html');
+	}
+	$pagedata->setValue('Data.Action', 'doc');
+    } else {
+	$pagedata->setValue('Data.Error', 'UnknownAction');
+    }
+} else {
+    $pagedata->setValue('Data.Action', 'intro');
+}
+
+# check state of the cryptobox
+$pagedata->setValue('Data.Status.Config', &check_config() ? 1 : 0);
+$pagedata->setValue('Data.Status.InitRunning', &check_init_running() ? 1 : 0);
+$pagedata->setValue('Data.Status.Mounted', &check_mounted() ? 1 : 0);
+my $output = &get_current_ip();
+$pagedata->setValue('Data.Status.IP', "$output");
+
+$output = `$CB_SCRIPT diskinfo 2>&1 | sed 's/^/<br>/'`;
+$pagedata->setValue('Data.PartitionInfo',"$output");
+
+# preset config settings for clearsilver
+$pagedata->setValue('Data.Config.IP', `$CB_SCRIPT get_config ip`);
+$pagedata->setValue('Data.Config.TimeOut', `$CB_SCRIPT get_config timeout`);
+$pagedata->setValue('Data.Config.Language', `$CB_SCRIPT get_config language`);
+
+# read log - TODO: use perl filtering
+$output = (-e "$LOG_FILE") ? `cat '$LOG_FILE' | sed 's/^/<br>/'` : '';
+$pagedata->setValue('Data.Log',"$output");
+
+$pagedata->setValue('Data.Status.DevelopmentMode', 1) if (-e "$DEVELOPMENT_MARKER");
+
+&render();
+
+exit 0;
+
diff --git a/cryptobox.conf.d/var/www/cgi-bin/validate.sh b/cryptobox.conf.d/var/www/cgi-bin/validate.sh
new file mode 100755
index 0000000..1ba09a4
--- /dev/null
+++ b/cryptobox.conf.d/var/www/cgi-bin/validate.sh
@@ -0,0 +1,139 @@
+#!/bin/sh
+
+set -eu
+
+# parse config file
+. /etc/cryptobox/cryptobox.conf
+
+
+function get_cgi_param()
+# parse the query string for a parameter
+{
+	# thttpd does not set query string if it is empty
+	set | grep -q "^QUERY_STRING=" || return 0
+	# filter the value
+	echo "$QUERY_STRING" | sed 's/&/\n/g' | grep "^$1=" | cut -d '=' -f 2-
+}
+
+
+function header()
+{
+	echo "Content-Type: text/html"
+	echo
+	echo '<?xml version="1.0" encoding="utf-8"?>
+		<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+		<html xmlns="http://www.w3.org/1999/xhtml">
+		<head>
+			<title>CryptoBox</title>
+			<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+		        <meta http-equiv="pragma" content="no-cache" />
+			<meta http-equiv="cache-control" content="no-cache" />
+			<meta http-equiv="expires" content="0" />
+		</head>
+		<body>'
+
+	echo "<p align=\"right\"><a href=\"$SCRIPT_NAME\">Main page</a></p>"
+	
+	# nav bar
+	echo '<div id="groups_generate">'
+		list_groups4generate
+	echo '</div>'
+	echo '<div id="groups_display">'
+		list_groups4display
+	echo '</div>'
+
+	echo '<p><hr/></p>'
+	
+	if [ -n "$GROUP" ]
+	  then	echo '<div id="cases" style="float:left">'
+	  		list_cases "$GROUP"
+		echo '</div>'
+	 fi
+
+	echo '<div id="content">'
+}
+
+
+function footer()
+{
+	echo '</div>'
+	echo '</body></html>'
+}
+
+
+function list_groups4generate()
+{
+	echo '<p><b>Generate report: </b>'
+	local list=$($VALIDATE_SCRIPT list)
+	if [ -z "$list" ]
+	  then	echo 'none'
+	  else for a in $list
+		    do	echo "<a href=\"${SCRIPT_NAME}?action=generate&group=$a\">$a</a>&nbsp;"
+		  done
+	 fi
+	echo '</p>'
+}
+
+
+function list_groups4display()
+{
+	echo '<p><b>View generated report: </b>'
+	local list=$(find "$REPORT_DIR" -type d -mindepth 1 -maxdepth 1 | sort | while read a
+			do echo $(basename "$a"); done)
+	if [ -z "$list" ]
+	  then	echo 'none available'
+	  else for a in $list
+		    do	echo "<a href=\"${SCRIPT_NAME}?action=display&group=$a\">$a</a>&nbsp;"
+		  done
+	 fi
+	echo '</p>'
+}
+
+
+function list_cases()
+# parameter: group
+{
+	echo '<p>'
+	if [ -d "$REPORT_DIR/$1" ]
+	  then	find "$REPORT_DIR/$1" -type f -name \*.html | while read a; do basename "${a%.html}"; done | sort | while read a
+		    do	echo "<a href=\"/report/$1/${a}.html\">$a</a><br/>"
+		  done
+	 fi
+	echo '</p>'
+}
+
+
+function display_case()
+# parameter: group case
+{
+	local FILE="$REPORT_DIR/$1/${2}.html"
+	if [ -e "$FILE" ]
+	  then	cat "$FILE" | sed '1,/<body/d; /<\/body>/,$d'
+	  else	echo "<p align=\"center\">File ($FILE) not found!</p>"
+	fi
+}
+
+
+########### main ##############
+
+ACTION=$(get_cgi_param action)
+GROUP=$(get_cgi_param group)
+CASE=$(get_cgi_param case)
+
+header
+
+if [ ! -e "$DEVELOPMENT_MARKER" ]
+  then	echo '<p align="center">This action is only availbale for a development CryptoBox-CD.</p>'
+elif [ "$ACTION" = "generate" -a -n "$GROUP" ]
+   then	$VALIDATE_SCRIPT check "$GROUP" </dev/null &>/dev/null &
+  	echo '<p align="center">Validation will take some minutes ...</p>'
+elif [ "$ACTION" = "display" ]
+  then	if [ -n "$GROUP" -a -n "$CASE" ]
+	  then	display_case "$GROUP" "$CASE"
+	elif [ -n "$GROUP" ]
+	  then	display_case "$GROUP" "summary"
+	fi
+else	[ -n "$ACTION" ] && echo "<p align=\"center\">Unknown action ($ACTION)!</p>"
+fi
+
+footer
diff --git a/cryptobox.conf.d/var/www/cryptobox.css b/cryptobox.conf.d/var/www/cryptobox.css
new file mode 100644
index 0000000..2482864
--- /dev/null
+++ b/cryptobox.conf.d/var/www/cryptobox.css
@@ -0,0 +1,152 @@
+body {
+	background-image: url(/img/backg.gif);
+	background-position: top center;
+	background-attachment: scroll;
+	background-repeat: no-repeat;
+	text-align: center;
+	margin: 0;
+	padding: 0;
+	font-family: verdana, lucida, arial, helvetica, sans-serif;
+}
+
+#main {
+	background: none;
+	width: 600px;
+	padding: 0px;
+	text-align: left;
+	margin-left: auto;
+	margin-right: auto;
+}
+
+#main h1, h2 {
+	font-family: sans-serif, arial;
+	font-weight: normal;
+	letter-spacing: 0.05em;
+	color: #acacac;
+	font-variant: small-caps;
+	padding: 0 1em;
+	text-align: left;
+}
+
+#main h1{
+	font-size: 2em;
+}
+
+#main h2{
+	font-size: 1.5em;
+}
+
+#head {
+	width: 600px;
+	height: 120px;
+	margin: 0;
+	padding: 0;
+}
+
+#content {
+	margin: 0;
+	padding: 0;
+	width: 600px;
+	text-align: left;
+	font-size: 0.9em;
+}
+
+#content a {
+	line-height: 1.2em;
+	color: #000000;
+	text-decoration: none;
+	font-weight: bold;
+	font-size: 0.9em;
+}
+
+#content a:hover {
+	text-decoration: underline;
+}
+
+#content a:visited {
+	color: #acacac;
+	}
+
+#content p {
+	font-size: 0.9em;
+	text-indent: 1em;
+	padding: 0 1em;
+	text-align: justify;
+}
+
+#menu {
+   text-align: center;
+   border-top: 1px solid #5e5e5e;
+   border-bottom: 1px solid #5e5e5e;
+   background-color: #7fb945;
+}
+
+#menu a:link, #menu a:visited {
+   color: white;
+   margin: 5px;
+   text-decoration: none;
+   border: none;
+   padding: 4px;
+   font-size: 0.8em;
+}
+
+#menu a:hover {
+   color: #4E732A;
+}
+
+#words {
+	float: left;
+	padding: 1.1em 0em 1.1em 1.1em;
+	margin-top: 0;
+}
+	
+#words ol, #words ul {
+	font-size: 0.9em;
+}
+
+#words ol li {
+	padding: 0 1em;
+	line-height: 1.7em;
+}
+
+#words ul li {
+	padding: 0 1em;
+	line-height: 1.7em;
+	list-style: none;
+	background: url(/img/list.gif) center left no-repeat;
+}
+
+#footer {
+	clear: both;
+	text-align: center;
+	border-top: 1px solid #5e5e5e;
+	border-bottom: 1px solid #5e5e5e;
+	background-color: #7fb945;
+	font-size: 0.8em;
+	color: white;
+}
+
+#footer a:link, #footer a:visited {
+	color: white;
+	margin: 5px;
+	text-decoration: none;
+	border: none;
+	padding: 4px;
+}
+
+#footer a:hover {
+	text-decoration: underline;
+}
+
+#confirmtext span {
+	color: red;
+	font-weight: bold;
+	}
+
+div.warning {
+	background-color: #FF6060;
+	text-align: center;
+	padding: 10px;
+	border-style: dashed;
+	color: #00FF80;
+	}
diff --git a/cryptobox.conf.d/var/www/errors/err404.html b/cryptobox.conf.d/var/www/errors/err404.html
new file mode 120000
index 0000000..79c5d6f
--- /dev/null
+++ b/cryptobox.conf.d/var/www/errors/err404.html
@@ -0,0 +1 @@
+../index.html
\ No newline at end of file
diff --git a/cryptobox.conf.d/var/www/img/backg.gif b/cryptobox.conf.d/var/www/img/backg.gif
new file mode 100644
index 0000000..8e37ccc
Binary files /dev/null and b/cryptobox.conf.d/var/www/img/backg.gif differ
diff --git a/cryptobox.conf.d/var/www/img/list.gif b/cryptobox.conf.d/var/www/img/list.gif
new file mode 100644
index 0000000..fe15cc9
Binary files /dev/null and b/cryptobox.conf.d/var/www/img/list.gif differ
diff --git a/cryptobox.conf.d/var/www/index.html b/cryptobox.conf.d/var/www/index.html
new file mode 100644
index 0000000..a78db3e
--- /dev/null
+++ b/cryptobox.conf.d/var/www/index.html
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>CryptoBox</title>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+	<meta http-equiv="refresh" content="0;/cgi-bin/cryptobox.pl">
+	<link rel="stylesheet" media="screen" href="/cryptobox.css" type="text/css" />
+</head>
+<body>
+
+<p>Please go to the <a href="/cgi-bin/cryptobox.pl" title="CryptoBox">CryptoBox-Interface</a></p>
+
+</body>
+</html>
+
diff --git a/dfs.cbox.conf b/dfs.cbox.conf
new file mode 100644
index 0000000..d0bd86f
--- /dev/null
+++ b/dfs.cbox.conf
@@ -0,0 +1,240 @@
+# arch-tag: Default configuration file
+# Copyright (c) 2004 John Goerzen
+
+[DEFAULT]
+######################################################################
+# Overall settings, set defaults for all archs
+######################################################################
+
+# Name of generated disc & hostname
+# BEWARE: hostname does not work - you have to set the hostname manually at the end of this file
+name = CryptoBox
+
+# Version of generated disc
+version = 0.0.1
+
+# Person that built it
+builder = s.l.
+
+# Repositories to mirror.  Details about each one are configured below.
+dlrepos = sarge
+
+# Repository to build the CD with.  Must be in above list.
+suite = sarge
+
+# Whether or not to use zftree compression on ISO image
+compress = no
+
+# Files to never compress if the above is yes
+# If a dir is given, that dir and everything below is not compressed
+dontcompress = /boot
+        /etc/*boot*
+        /opt/dfsruntime/initrd.dfs
+
+# Location of dfsbuild support files
+libdir = /usr/lib/dfsbuild
+
+# Location of docs for CD
+docdir = /usr/share/doc/dfsbuild
+
+# Bootloader to place on CD.  Choices are:
+# grub-hd              GRUB with ElTorito hard disk emulation (not working yet)
+# grub-no-emul         "raw" ElTorito image
+# aboot                Alpha SRM bootloader
+# yaboot               PowerPC bootloader
+# (usually set in arch area)
+#bootloader = grub-no-emul
+
+
+# Packages to install on live FS, on all archs, besides base system
+allpackages =	util-linux 
+		grub
+		parted
+		dmsetup
+		e2tools 
+		e2fsprogs
+		perl
+		vim 
+		nano 
+		ssh 
+		less 
+		zip 
+		unzip 
+		tar 
+		bash 
+		coreutils 
+		module-init-tools 
+		iputils-tracepath 
+		iputils-ping 
+		iptraf
+		iptables 
+		ifupdown 
+		dhcp-client
+		bzip2 
+		busybox-static
+		usbutils 
+		pciutils 
+		hotplug 
+		discover 
+		hdparm 
+		binutils
+		ntpdate 
+		e2fsprogs 
+		debconf 
+		sysutils 
+		thttpd
+		stunnel
+		samba
+		cryptsetup
+		hashalot
+		kudzu
+		wipe
+		elinks
+		ssh
+		strace
+		python-clearsilver
+		# needed for validation
+		curl
+		# needed for cryptobox.pl
+		libconfigfile-perl
+		## unnoetig
+		#gawk 
+		#e2undel 
+		#dfsbuild
+		#kernel-package 
+		#libncurses5-dev
+		#tla 
+		#build-essential 
+		#g++
+		#smbclient 
+		#debhelper 
+		#bind9-host 
+		#whois 
+		#dnsutils 
+		#cpio 
+		#devscripts 
+		#cdebootstrap 
+		#diff 
+		#patch 
+
+# Default mirror for "repo" sections
+mirror = http://localhost/apt-cacher/ftp.de.debian.org/debian
+#mirror = http://ftp.debian.org/debian
+#mirror = http://mirrors/debian
+
+# Devices to probe for CD
+devices = scd0 scd1 scd2 scd3 scd4 hda hdb hdc hdd hde hdf hdg
+
+# Files to place on the ramdisk
+ramdisk_files = /etc/resolv.conf
+        /etc/lvm*
+        /tmp
+        /var/tmp
+        /dev
+        /etc/fstab
+	/var/lib/dhcp
+	/var/lib/samba
+	/var/log
+	/var/cache/samba
+        /var/lock
+        /var/run
+        /var/state
+	/etc/mtab
+        /root
+        /etc/network
+        /var/lib/misc
+        /var/lib/urandom
+	/etc/hotpug
+
+# Directories to create on live fs
+makedirs = /root/.elinks
+
+# Files to delete from live fs
+deletefiles = /etc/rcS.d/*discover 
+        /etc/rcS.d/*hotplug
+        /etc/rcS.d/*lvm
+
+######################################################################
+# Arch settings: i386
+######################################################################
+
+[i386]
+# Name of any kernel images to install directly from your current filesystem
+#kernels = /boot/vmlinuz-2.4.27-2-386
+
+# Modules to copy from host filesystem
+#modules = /lib/modules/2.4.27-2-386
+
+# Debs from local fs to unpack on live FS (will not be configured)
+unpackdebs = kernel/kernel-image-2.6.8_1.dfs_i386.deb
+
+# Other packages to install besides the list in DEFAULT
+packages = %(allpackages)s
+
+# Debs from local fs to isntall on live fs
+# installdebs = 
+
+# Bootloader (see options under default)
+bootloader = grub-no-emul
+
+# Extra lines for grub config
+grubconfig = timeout 3
+
+#####################################################################
+# Repository configuration
+######################################################################
+
+# Repositories to download
+[repo stable]
+suite = stable
+
+[repo testing]
+suite = testing
+
+[repo unstable]
+suite = unstable
+
+[repo amd64]
+suite = unstable
+# Override default mirror
+mirror = http://debian-amd64.alioth.debian.org/pure64/
+# Override default arch
+arch = amd64
+
+######################################################################
+# Text to add to existing files
+######################################################################
+
+[appendfiles]
+/etc/fstab = /dev/mapper/staub	/mnt/crypto	auto	noauto,defaults	0	0
+
+/etc/network/interfaces = auto lo
+ iface lo inet loopback
+
+# /etc/modules =
+
+/etc/issue = This is the CryptoBox!
+
+/root/.bashrc = export WWW_HOME="file:///opt/dfsruntime/home.html"
+ dfshints
+
+######################################################################
+# Files to create or truncate
+######################################################################
+
+[createfiles]
+/etc/hostname = CryptoBox
+
+/etc/syslog.conf = *.*             /dev/tty8
+ *.info                            /dev/tty7
+
+/etc/hosts = 127.0.0.1 localhost
+
+/etc/kernel-img.conf = do_initrd = Yes
+
+######################################################################
+# Symlinks to create (from = to format)
+######################################################################
+
+[symlinks]
+/etc/mtab = /proc/mounts
diff --git a/install_clearsilver.txt b/install_clearsilver.txt
new file mode 100644
index 0000000..d2edb92
--- /dev/null
+++ b/install_clearsilver.txt
@@ -0,0 +1,26 @@
+as there is no debian-package for the perl bindings of clearsilver, you have to add it manually to the tree of the cbox-tree
+
+1) download
+- get it from: http://www.clearsilver.net/downloads
+- unpack (tar xzf . ...)
+
+
+2) configuration
+./configure --disable-python --disable-ruby --disable-csharp --disable-apache --disable-java --disable-compression --enable-perl --enable-gettext --prefix=/tmp/clearsilver-perl
+
+
+3) fix a problem in scripts/document.py
+change the first line to "#!/usr/bin/env python"
+
+
+4) build it
+- make
+- make install
+
+
+5) cp to the cbox
+cp -a /tmp/clearsilver-perl/local/lib/perl/5.8.7/. cryptobox.conf.d/usr/lib/perl5
+rm cryptobox.conf.d/usr/lib/perl5/perllocal.pod
+
+6) dependencies
+add python-clearsilver to the box (dfsbuild.conf)
diff --git a/kernel/config-2.6.8_1_dfs b/kernel/config-2.6.8_1_dfs
new file mode 100644
index 0000000..aa78357
--- /dev/null
+++ b/kernel/config-2.6.8_1_dfs
@@ -0,0 +1,1173 @@
+#
+# Automatically generated make config: don't edit
+#
+CONFIG_X86=y
+CONFIG_MMU=y
+CONFIG_UID16=y
+CONFIG_GENERIC_ISA_DMA=y
+
+#
+# Code maturity level options
+#
+CONFIG_EXPERIMENTAL=y
+# CONFIG_CLEAN_COMPILE is not set
+CONFIG_BROKEN=y
+CONFIG_BROKEN_ON_SMP=y
+
+#
+# General setup
+#
+CONFIG_SWAP=y
+# CONFIG_SYSVIPC is not set
+CONFIG_POSIX_MQUEUE=y
+CONFIG_BSD_PROCESS_ACCT=y
+# CONFIG_BSD_PROCESS_ACCT_V3 is not set
+CONFIG_SYSCTL=y
+# CONFIG_AUDIT is not set
+CONFIG_LOG_BUF_SHIFT=14
+CONFIG_HOTPLUG=y
+CONFIG_IKCONFIG=y
+CONFIG_IKCONFIG_PROC=y
+# CONFIG_EMBEDDED is not set
+CONFIG_KALLSYMS=y
+# CONFIG_KALLSYMS_EXTRA_PASS is not set
+CONFIG_FUTEX=y
+CONFIG_EPOLL=y
+CONFIG_IOSCHED_NOOP=y
+CONFIG_IOSCHED_AS=y
+CONFIG_IOSCHED_DEADLINE=y
+CONFIG_IOSCHED_CFQ=y
+# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
+
+#
+# Loadable module support
+#
+CONFIG_MODULES=y
+CONFIG_MODULE_UNLOAD=y
+CONFIG_MODULE_FORCE_UNLOAD=y
+CONFIG_OBSOLETE_MODPARM=y
+# CONFIG_MODVERSIONS is not set
+CONFIG_KMOD=y
+
+#
+# Processor type and features
+#
+CONFIG_X86_PC=y
+# CONFIG_X86_ELAN is not set
+# CONFIG_X86_VOYAGER is not set
+# CONFIG_X86_NUMAQ is not set
+# CONFIG_X86_SUMMIT is not set
+# CONFIG_X86_BIGSMP is not set
+# CONFIG_X86_VISWS is not set
+# CONFIG_X86_GENERICARCH is not set
+# CONFIG_X86_ES7000 is not set
+# CONFIG_M386 is not set
+# CONFIG_M486 is not set
+CONFIG_M586=y
+# CONFIG_M586TSC is not set
+# CONFIG_M586MMX is not set
+# CONFIG_M686 is not set
+# CONFIG_MPENTIUMII is not set
+# CONFIG_MPENTIUMIII is not set
+# CONFIG_MPENTIUMM is not set
+# CONFIG_MPENTIUM4 is not set
+# CONFIG_MK6 is not set
+# CONFIG_MK7 is not set
+# CONFIG_MK8 is not set
+# CONFIG_MCRUSOE is not set
+# CONFIG_MWINCHIPC6 is not set
+# CONFIG_MWINCHIP2 is not set
+# CONFIG_MWINCHIP3D is not set
+# CONFIG_MCYRIXIII is not set
+# CONFIG_MVIAC3_2 is not set
+CONFIG_X86_GENERIC=y
+# CONFIG_X86_EMU486 is not set
+CONFIG_X86_CMPXCHG=y
+CONFIG_X86_XADD=y
+CONFIG_X86_L1_CACHE_SHIFT=7
+CONFIG_RWSEM_XCHGADD_ALGORITHM=y
+CONFIG_X86_PPRO_FENCE=y
+CONFIG_X86_F00F_BUG=y
+CONFIG_X86_WP_WORKS_OK=y
+CONFIG_X86_INVLPG=y
+CONFIG_X86_BSWAP=y
+CONFIG_X86_POPAD_OK=y
+CONFIG_X86_ALIGNMENT_16=y
+CONFIG_X86_INTEL_USERCOPY=y
+# CONFIG_HPET_TIMER is not set
+# CONFIG_SMP is not set
+# CONFIG_PREEMPT is not set
+# CONFIG_X86_UP_APIC is not set
+CONFIG_X86_MCE=y
+# CONFIG_X86_MCE_NONFATAL is not set
+# CONFIG_TOSHIBA is not set
+# CONFIG_I8K is not set
+# CONFIG_MICROCODE is not set
+# CONFIG_X86_MSR is not set
+# CONFIG_X86_CPUID is not set
+
+#
+# Firmware Drivers
+#
+# CONFIG_EDD is not set
+CONFIG_NOHIGHMEM=y
+# CONFIG_HIGHMEM4G is not set
+# CONFIG_HIGHMEM64G is not set
+# CONFIG_MATH_EMULATION is not set
+# CONFIG_MTRR is not set
+# CONFIG_EFI is not set
+# CONFIG_REGPARM is not set
+
+#
+# Power management options (ACPI, APM)
+#
+CONFIG_PM=y
+CONFIG_SOFTWARE_SUSPEND=y
+# CONFIG_PM_DISK is not set
+
+#
+# ACPI (Advanced Configuration and Power Interface) Support
+#
+CONFIG_ACPI=y
+CONFIG_ACPI_BOOT=y
+CONFIG_ACPI_INTERPRETER=y
+CONFIG_ACPI_SLEEP=y
+CONFIG_ACPI_SLEEP_PROC_FS=y
+# CONFIG_ACPI_AC is not set
+# CONFIG_ACPI_BATTERY is not set
+# CONFIG_ACPI_BUTTON is not set
+CONFIG_ACPI_FAN=m
+CONFIG_ACPI_PROCESSOR=m
+CONFIG_ACPI_THERMAL=m
+# CONFIG_ACPI_ASUS is not set
+# CONFIG_ACPI_TOSHIBA is not set
+# CONFIG_ACPI_DEBUG is not set
+CONFIG_ACPI_BUS=y
+CONFIG_ACPI_EC=y
+CONFIG_ACPI_POWER=y
+CONFIG_ACPI_PCI=y
+CONFIG_ACPI_SYSTEM=y
+# CONFIG_X86_PM_TIMER is not set
+
+#
+# APM (Advanced Power Management) BIOS Support
+#
+CONFIG_APM=y
+# CONFIG_APM_IGNORE_USER_SUSPEND is not set
+CONFIG_APM_DO_ENABLE=y
+CONFIG_APM_CPU_IDLE=y
+# CONFIG_APM_DISPLAY_BLANK is not set
+# CONFIG_APM_RTC_IS_GMT is not set
+# CONFIG_APM_ALLOW_INTS is not set
+CONFIG_APM_REAL_MODE_POWER_OFF=y
+
+#
+# CPU Frequency scaling
+#
+# CONFIG_CPU_FREQ is not set
+
+#
+# Bus options (PCI, PCMCIA, EISA, MCA, ISA)
+#
+CONFIG_PCI=y
+# CONFIG_PCI_GOBIOS is not set
+# CONFIG_PCI_GOMMCONFIG is not set
+# CONFIG_PCI_GODIRECT is not set
+CONFIG_PCI_GOANY=y
+CONFIG_PCI_BIOS=y
+CONFIG_PCI_DIRECT=y
+CONFIG_PCI_MMCONFIG=y
+# CONFIG_PCI_LEGACY_PROC is not set
+CONFIG_PCI_NAMES=y
+CONFIG_ISA=y
+# CONFIG_EISA is not set
+# CONFIG_MCA is not set
+# CONFIG_SCx200 is not set
+
+#
+# PCMCIA/CardBus support
+#
+# CONFIG_PCMCIA is not set
+CONFIG_PCMCIA_PROBE=y
+
+#
+# PCI Hotplug Support
+#
+# CONFIG_HOTPLUG_PCI is not set
+
+#
+# Executable file formats
+#
+CONFIG_BINFMT_ELF=y
+# CONFIG_BINFMT_AOUT is not set
+# CONFIG_BINFMT_MISC is not set
+
+#
+# Device Drivers
+#
+
+#
+# Generic Driver Options
+#
+# CONFIG_STANDALONE is not set
+# CONFIG_PREVENT_FIRMWARE_BUILD is not set
+CONFIG_FW_LOADER=m
+
+#
+# Memory Technology Devices (MTD)
+#
+# CONFIG_MTD is not set
+
+#
+# Parallel port support
+#
+CONFIG_PARPORT=m
+CONFIG_PARPORT_PC=m
+CONFIG_PARPORT_PC_FIFO=y
+# CONFIG_PARPORT_PC_SUPERIO is not set
+# CONFIG_PARPORT_OTHER is not set
+CONFIG_PARPORT_1284=y
+
+#
+# Plug and Play support
+#
+CONFIG_PNP=y
+CONFIG_PNP_DEBUG=y
+
+#
+# Protocols
+#
+CONFIG_ISAPNP=y
+CONFIG_PNPBIOS=y
+# CONFIG_PNPBIOS_PROC_FS is not set
+
+#
+# Block devices
+#
+CONFIG_BLK_DEV_FD=m
+# CONFIG_BLK_DEV_XD is not set
+# CONFIG_PARIDE is not set
+# CONFIG_BLK_CPQ_DA is not set
+# CONFIG_BLK_CPQ_CISS_DA is not set
+# CONFIG_BLK_DEV_DAC960 is not set
+# CONFIG_BLK_DEV_UMEM is not set
+# CONFIG_BLK_DEV_LOOP is not set
+# CONFIG_BLK_DEV_NBD is not set
+# CONFIG_BLK_DEV_SX8 is not set
+CONFIG_BLK_DEV_RAM=y
+CONFIG_BLK_DEV_RAM_SIZE=4096
+CONFIG_BLK_DEV_INITRD=y
+# CONFIG_LBD is not set
+
+#
+# ATA/ATAPI/MFM/RLL support
+#
+CONFIG_IDE=y
+CONFIG_BLK_DEV_IDE=y
+
+#
+# Please see Documentation/ide.txt for help/info on IDE drives
+#
+# CONFIG_BLK_DEV_IDE_SATA is not set
+# CONFIG_BLK_DEV_HD_IDE is not set
+CONFIG_BLK_DEV_IDEDISK=y
+CONFIG_IDEDISK_MULTI_MODE=y
+CONFIG_BLK_DEV_IDECD=y
+# CONFIG_BLK_DEV_IDETAPE is not set
+# CONFIG_BLK_DEV_IDEFLOPPY is not set
+# CONFIG_BLK_DEV_IDESCSI is not set
+# CONFIG_IDE_TASK_IOCTL is not set
+# CONFIG_IDE_TASKFILE_IO is not set
+
+#
+# IDE chipset support/bugfixes
+#
+CONFIG_IDE_GENERIC=y
+# CONFIG_BLK_DEV_CMD640 is not set
+# CONFIG_BLK_DEV_IDEPNP is not set
+CONFIG_BLK_DEV_IDEPCI=y
+CONFIG_IDEPCI_SHARE_IRQ=y
+# CONFIG_BLK_DEV_OFFBOARD is not set
+CONFIG_BLK_DEV_GENERIC=y
+CONFIG_BLK_DEV_OPTI621=y
+CONFIG_BLK_DEV_RZ1000=y
+CONFIG_BLK_DEV_IDEDMA_PCI=y
+# CONFIG_BLK_DEV_IDEDMA_FORCED is not set
+CONFIG_IDEDMA_PCI_AUTO=y
+# CONFIG_IDEDMA_ONLYDISK is not set
+CONFIG_BLK_DEV_ADMA=y
+CONFIG_BLK_DEV_AEC62XX=y
+CONFIG_BLK_DEV_ALI15X3=y
+# CONFIG_WDC_ALI15X3 is not set
+CONFIG_BLK_DEV_AMD74XX=y
+CONFIG_BLK_DEV_ATIIXP=y
+CONFIG_BLK_DEV_CMD64X=y
+CONFIG_BLK_DEV_TRIFLEX=y
+CONFIG_BLK_DEV_CY82C693=y
+CONFIG_BLK_DEV_CS5520=y
+CONFIG_BLK_DEV_CS5530=y
+CONFIG_BLK_DEV_HPT34X=y
+# CONFIG_HPT34X_AUTODMA is not set
+CONFIG_BLK_DEV_HPT366=y
+CONFIG_BLK_DEV_SC1200=y
+CONFIG_BLK_DEV_PIIX=y
+CONFIG_BLK_DEV_NS87415=y
+# CONFIG_BLK_DEV_PDC202XX_OLD is not set
+# CONFIG_BLK_DEV_PDC202XX_NEW is not set
+# CONFIG_BLK_DEV_SVWKS is not set
+# CONFIG_BLK_DEV_SIIMAGE is not set
+CONFIG_BLK_DEV_SIS5513=y
+CONFIG_BLK_DEV_SLC90E66=y
+CONFIG_BLK_DEV_TRM290=y
+CONFIG_BLK_DEV_VIA82CXXX=y
+# CONFIG_IDE_ARM is not set
+# CONFIG_IDE_CHIPSETS is not set
+CONFIG_BLK_DEV_IDEDMA=y
+# CONFIG_IDEDMA_IVB is not set
+CONFIG_IDEDMA_AUTO=y
+# CONFIG_BLK_DEV_HD is not set
+
+#
+# SCSI device support
+#
+CONFIG_SCSI=m
+# CONFIG_SCSI_PROC_FS is not set
+
+#
+# SCSI support type (disk, tape, CD-ROM)
+#
+CONFIG_BLK_DEV_SD=m
+# CONFIG_CHR_DEV_ST is not set
+# CONFIG_CHR_DEV_OSST is not set
+CONFIG_BLK_DEV_SR=m
+# CONFIG_BLK_DEV_SR_VENDOR is not set
+CONFIG_CHR_DEV_SG=m
+# CONFIG_CHR_DEV_SCH is not set
+
+#
+# Some SCSI devices (e.g. CD jukebox) support multiple LUNs
+#
+# CONFIG_SCSI_MULTI_LUN is not set
+# CONFIG_SCSI_CONSTANTS is not set
+# CONFIG_SCSI_LOGGING is not set
+
+#
+# SCSI Transport Attributes
+#
+# CONFIG_SCSI_SPI_ATTRS is not set
+# CONFIG_SCSI_FC_ATTRS is not set
+
+#
+# SCSI low-level drivers
+#
+# CONFIG_BLK_DEV_3W_XXXX_RAID is not set
+# CONFIG_SCSI_3W_9XXX is not set
+# CONFIG_SCSI_7000FASST is not set
+# CONFIG_SCSI_ACARD is not set
+# CONFIG_SCSI_AHA152X is not set
+# CONFIG_SCSI_AHA1542 is not set
+# CONFIG_SCSI_AACRAID is not set
+# CONFIG_SCSI_AIC7XXX is not set
+# CONFIG_SCSI_AIC7XXX_OLD is not set
+# CONFIG_SCSI_AIC79XX is not set
+# CONFIG_SCSI_DPT_I2O is not set
+# CONFIG_SCSI_ADVANSYS is not set
+# CONFIG_SCSI_IN2000 is not set
+# CONFIG_SCSI_MEGARAID is not set
+# CONFIG_SCSI_SATA is not set
+# CONFIG_SCSI_BUSLOGIC is not set
+# CONFIG_SCSI_CPQFCTS is not set
+# CONFIG_SCSI_DMX3191D is not set
+# CONFIG_SCSI_DTC3280 is not set
+# CONFIG_SCSI_EATA is not set
+# CONFIG_SCSI_EATA_PIO is not set
+# CONFIG_SCSI_FUTURE_DOMAIN is not set
+# CONFIG_SCSI_GDTH is not set
+# CONFIG_SCSI_GENERIC_NCR5380 is not set
+# CONFIG_SCSI_GENERIC_NCR5380_MMIO is not set
+# CONFIG_SCSI_IPS is not set
+# CONFIG_SCSI_INITIO is not set
+# CONFIG_SCSI_INIA100 is not set
+# CONFIG_SCSI_PPA is not set
+# CONFIG_SCSI_IMM is not set
+# CONFIG_SCSI_NCR53C406A is not set
+# CONFIG_SCSI_SYM53C8XX_2 is not set
+# CONFIG_SCSI_IPR is not set
+# CONFIG_SCSI_PAS16 is not set
+# CONFIG_SCSI_PCI2000 is not set
+# CONFIG_SCSI_PCI2220I is not set
+# CONFIG_SCSI_PSI240I is not set
+# CONFIG_SCSI_QLOGIC_FAS is not set
+# CONFIG_SCSI_QLOGIC_ISP is not set
+# CONFIG_SCSI_QLOGIC_FC is not set
+# CONFIG_SCSI_QLOGIC_1280 is not set
+# CONFIG_SCSI_SEAGATE is not set
+# CONFIG_SCSI_SYM53C416 is not set
+# CONFIG_SCSI_DC395x is not set
+# CONFIG_SCSI_DC390T is not set
+# CONFIG_SCSI_T128 is not set
+# CONFIG_SCSI_U14_34F is not set
+# CONFIG_SCSI_ULTRASTOR is not set
+# CONFIG_SCSI_NSP32 is not set
+# CONFIG_SCSI_DEBUG is not set
+
+#
+# Old CD-ROM drivers (not SCSI, not IDE)
+#
+# CONFIG_CD_NO_IDESCSI is not set
+
+#
+# Multi-device support (RAID and LVM)
+#
+CONFIG_MD=y
+# CONFIG_BLK_DEV_MD is not set
+CONFIG_BLK_DEV_DM=y
+CONFIG_DM_CRYPT=y
+CONFIG_DM_SNAPSHOT=y
+CONFIG_DM_MIRROR=y
+CONFIG_DM_ZERO=y
+
+#
+# Fusion MPT device support
+#
+# CONFIG_FUSION is not set
+
+#
+# IEEE 1394 (FireWire) support
+#
+CONFIG_IEEE1394=y
+
+#
+# Subsystem Options
+#
+# CONFIG_IEEE1394_VERBOSEDEBUG is not set
+# CONFIG_IEEE1394_OUI_DB is not set
+# CONFIG_IEEE1394_EXTRA_CONFIG_ROMS is not set
+
+#
+# Device Drivers
+#
+
+#
+# Texas Instruments PCILynx requires I2C
+#
+# CONFIG_IEEE1394_OHCI1394 is not set
+
+#
+# Protocol Drivers
+#
+# CONFIG_IEEE1394_SBP2 is not set
+# CONFIG_IEEE1394_ETH1394 is not set
+# CONFIG_IEEE1394_RAWIO is not set
+# CONFIG_IEEE1394_CMP is not set
+
+#
+# I2O device support
+#
+# CONFIG_I2O is not set
+
+#
+# Networking support
+#
+CONFIG_NET=y
+
+#
+# Networking options
+#
+CONFIG_PACKET=y
+CONFIG_PACKET_MMAP=y
+# CONFIG_NETLINK_DEV is not set
+CONFIG_UNIX=y
+CONFIG_NET_KEY=m
+CONFIG_INET=y
+CONFIG_IP_MULTICAST=y
+# CONFIG_IP_ADVANCED_ROUTER is not set
+# CONFIG_IP_PNP is not set
+CONFIG_NET_IPIP=m
+# CONFIG_NET_IPGRE is not set
+# CONFIG_IP_MROUTE is not set
+# CONFIG_ARPD is not set
+# CONFIG_SYN_COOKIES is not set
+CONFIG_INET_AH=m
+CONFIG_INET_ESP=m
+CONFIG_INET_IPCOMP=m
+
+#
+# IP: Virtual Server Configuration
+#
+# CONFIG_IP_VS is not set
+# CONFIG_IPV6 is not set
+CONFIG_NETFILTER=y
+# CONFIG_NETFILTER_DEBUG is not set
+
+#
+# IP: Netfilter Configuration
+#
+CONFIG_IP_NF_CONNTRACK=m
+# CONFIG_IP_NF_FTP is not set
+# CONFIG_IP_NF_IRC is not set
+# CONFIG_IP_NF_TFTP is not set
+# CONFIG_IP_NF_AMANDA is not set
+# CONFIG_IP_NF_QUEUE is not set
+CONFIG_IP_NF_IPTABLES=m
+CONFIG_IP_NF_MATCH_LIMIT=m
+CONFIG_IP_NF_MATCH_IPRANGE=m
+CONFIG_IP_NF_MATCH_MAC=m
+CONFIG_IP_NF_MATCH_PKTTYPE=m
+# CONFIG_IP_NF_MATCH_MARK is not set
+CONFIG_IP_NF_MATCH_MULTIPORT=m
+CONFIG_IP_NF_MATCH_TOS=m
+CONFIG_IP_NF_MATCH_RECENT=m
+CONFIG_IP_NF_MATCH_ECN=m
+CONFIG_IP_NF_MATCH_DSCP=m
+CONFIG_IP_NF_MATCH_AH_ESP=m
+CONFIG_IP_NF_MATCH_LENGTH=m
+CONFIG_IP_NF_MATCH_TTL=m
+CONFIG_IP_NF_MATCH_TCPMSS=m
+CONFIG_IP_NF_MATCH_HELPER=m
+CONFIG_IP_NF_MATCH_STATE=m
+CONFIG_IP_NF_MATCH_CONNTRACK=m
+CONFIG_IP_NF_MATCH_OWNER=m
+CONFIG_IP_NF_FILTER=m
+CONFIG_IP_NF_TARGET_REJECT=m
+CONFIG_IP_NF_NAT=m
+CONFIG_IP_NF_NAT_NEEDED=y
+# CONFIG_IP_NF_TARGET_MASQUERADE is not set
+# CONFIG_IP_NF_TARGET_REDIRECT is not set
+# CONFIG_IP_NF_TARGET_NETMAP is not set
+# CONFIG_IP_NF_TARGET_SAME is not set
+# CONFIG_IP_NF_NAT_LOCAL is not set
+# CONFIG_IP_NF_NAT_SNMP_BASIC is not set
+# CONFIG_IP_NF_MANGLE is not set
+CONFIG_IP_NF_TARGET_LOG=m
+# CONFIG_IP_NF_TARGET_ULOG is not set
+# CONFIG_IP_NF_TARGET_TCPMSS is not set
+# CONFIG_IP_NF_ARPTABLES is not set
+# CONFIG_IP_NF_COMPAT_IPCHAINS is not set
+# CONFIG_IP_NF_COMPAT_IPFWADM is not set
+# CONFIG_IP_NF_RAW is not set
+# CONFIG_IP_NF_MATCH_ADDRTYPE is not set
+# CONFIG_IP_NF_MATCH_REALM is not set
+CONFIG_XFRM=y
+CONFIG_XFRM_USER=m
+
+#
+# SCTP Configuration (EXPERIMENTAL)
+#
+# CONFIG_IP_SCTP is not set
+# CONFIG_ATM is not set
+# CONFIG_BRIDGE is not set
+# CONFIG_VLAN_8021Q is not set
+# CONFIG_DECNET is not set
+# CONFIG_LLC2 is not set
+# CONFIG_IPX is not set
+# CONFIG_ATALK is not set
+# CONFIG_X25 is not set
+# CONFIG_LAPB is not set
+# CONFIG_NET_DIVERT is not set
+# CONFIG_ECONET is not set
+# CONFIG_WAN_ROUTER is not set
+# CONFIG_NET_HW_FLOWCONTROL is not set
+
+#
+# QoS and/or fair queueing
+#
+# CONFIG_NET_SCHED is not set
+# CONFIG_NET_CLS_ROUTE is not set
+
+#
+# Network testing
+#
+# CONFIG_NET_PKTGEN is not set
+# CONFIG_NETPOLL is not set
+# CONFIG_NET_POLL_CONTROLLER is not set
+# CONFIG_HAMRADIO is not set
+# CONFIG_IRDA is not set
+# CONFIG_BT is not set
+CONFIG_NETDEVICES=y
+# CONFIG_DUMMY is not set
+# CONFIG_BONDING is not set
+# CONFIG_EQUALIZER is not set
+CONFIG_TUN=m
+# CONFIG_NET_SB1000 is not set
+
+#
+# ARCnet devices
+#
+# CONFIG_ARCNET is not set
+
+#
+# Ethernet (10 or 100Mbit)
+#
+CONFIG_NET_ETHERNET=y
+CONFIG_MII=y
+# CONFIG_HAPPYMEAL is not set
+# CONFIG_SUNGEM is not set
+CONFIG_NET_VENDOR_3COM=y
+CONFIG_EL1=m
+CONFIG_EL2=m
+CONFIG_ELPLUS=m
+CONFIG_EL16=m
+CONFIG_EL3=m
+CONFIG_3C515=m
+CONFIG_VORTEX=m
+CONFIG_TYPHOON=m
+CONFIG_LANCE=m
+CONFIG_NET_VENDOR_SMC=y
+CONFIG_WD80x3=m
+CONFIG_ULTRA=m
+CONFIG_SMC9194=m
+CONFIG_NET_VENDOR_RACAL=y
+CONFIG_NI5010=m
+CONFIG_NI52=m
+CONFIG_NI65=m
+
+#
+# Tulip family network device support
+#
+CONFIG_NET_TULIP=y
+CONFIG_DE2104X=m
+CONFIG_TULIP=m
+CONFIG_TULIP_MWI=y
+CONFIG_TULIP_MMIO=y
+CONFIG_TULIP_NAPI=y
+CONFIG_TULIP_NAPI_HW_MITIGATION=y
+CONFIG_DE4X5=m
+CONFIG_WINBOND_840=m
+CONFIG_DM9102=m
+CONFIG_AT1700=m
+CONFIG_DEPCA=m
+CONFIG_HP100=m
+CONFIG_NET_ISA=y
+# CONFIG_E2100 is not set
+CONFIG_EWRK3=m
+CONFIG_EEXPRESS=m
+CONFIG_EEXPRESS_PRO=m
+# CONFIG_HPLAN_PLUS is not set
+# CONFIG_HPLAN is not set
+# CONFIG_LP486E is not set
+# CONFIG_ETH16I is not set
+CONFIG_NE2000=m
+# CONFIG_ZNET is not set
+# CONFIG_SEEQ8005 is not set
+CONFIG_NET_PCI=y
+CONFIG_PCNET32=m
+CONFIG_AMD8111_ETH=m
+# CONFIG_AMD8111E_NAPI is not set
+CONFIG_ADAPTEC_STARFIRE=m
+# CONFIG_ADAPTEC_STARFIRE_NAPI is not set
+CONFIG_AC3200=m
+CONFIG_APRICOT=m
+CONFIG_B44=m
+CONFIG_FORCEDETH=m
+CONFIG_CS89x0=m
+CONFIG_EEPRO100=m
+# CONFIG_EEPRO100_PIO is not set
+CONFIG_E100=m
+# CONFIG_E100_NAPI is not set
+CONFIG_FEALNX=m
+CONFIG_NATSEMI=m
+CONFIG_NE2K_PCI=m
+CONFIG_8139CP=m
+CONFIG_8139TOO=m
+CONFIG_8139TOO_PIO=y
+CONFIG_8139TOO_TUNE_TWISTER=y
+CONFIG_8139TOO_8129=y
+# CONFIG_8139_OLD_RX_RESET is not set
+CONFIG_SIS900=m
+CONFIG_EPIC100=m
+CONFIG_SUNDANCE=m
+# CONFIG_SUNDANCE_MMIO is not set
+CONFIG_TLAN=m
+CONFIG_VIA_RHINE=m
+# CONFIG_VIA_RHINE_MMIO is not set
+CONFIG_VIA_VELOCITY=m
+# CONFIG_NET_POCKET is not set
+
+#
+# Ethernet (1000 Mbit)
+#
+# CONFIG_DL2K is not set
+# CONFIG_E1000 is not set
+# CONFIG_NS83820 is not set
+# CONFIG_HAMACHI is not set
+# CONFIG_YELLOWFIN is not set
+# CONFIG_R8169 is not set
+# CONFIG_SK98LIN is not set
+# CONFIG_TIGON3 is not set
+
+#
+# Ethernet (10000 Mbit)
+#
+# CONFIG_IXGB is not set
+# CONFIG_S2IO is not set
+
+#
+# Token Ring devices
+#
+# CONFIG_TR is not set
+
+#
+# Wireless LAN (non-hamradio)
+#
+# CONFIG_NET_RADIO is not set
+
+#
+# Wan interfaces
+#
+# CONFIG_WAN is not set
+# CONFIG_FDDI is not set
+# CONFIG_HIPPI is not set
+# CONFIG_PLIP is not set
+# CONFIG_PPP is not set
+# CONFIG_SLIP is not set
+# CONFIG_NET_FC is not set
+# CONFIG_SHAPER is not set
+# CONFIG_NETCONSOLE is not set
+
+#
+# ISDN subsystem
+#
+# CONFIG_ISDN is not set
+
+#
+# Telephony Support
+#
+# CONFIG_PHONE is not set
+
+#
+# Input device support
+#
+CONFIG_INPUT=y
+
+#
+# Userland interfaces
+#
+CONFIG_INPUT_MOUSEDEV=y
+# CONFIG_INPUT_MOUSEDEV_PSAUX is not set
+CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
+CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
+# CONFIG_INPUT_JOYDEV is not set
+# CONFIG_INPUT_TSDEV is not set
+# CONFIG_INPUT_EVDEV is not set
+# CONFIG_INPUT_EVBUG is not set
+
+#
+# Input I/O drivers
+#
+# CONFIG_GAMEPORT is not set
+CONFIG_SOUND_GAMEPORT=y
+CONFIG_SERIO=y
+CONFIG_SERIO_I8042=y
+# CONFIG_SERIO_SERPORT is not set
+# CONFIG_SERIO_CT82C710 is not set
+# CONFIG_SERIO_PARKBD is not set
+# CONFIG_SERIO_PCIPS2 is not set
+
+#
+# Input Device Drivers
+#
+CONFIG_INPUT_KEYBOARD=y
+CONFIG_KEYBOARD_ATKBD=y
+# CONFIG_KEYBOARD_SUNKBD is not set
+# CONFIG_KEYBOARD_LKKBD is not set
+# CONFIG_KEYBOARD_XTKBD is not set
+# CONFIG_KEYBOARD_NEWTON is not set
+# CONFIG_INPUT_MOUSE is not set
+# CONFIG_INPUT_JOYSTICK is not set
+# CONFIG_INPUT_TOUCHSCREEN is not set
+# CONFIG_INPUT_MISC is not set
+
+#
+# Character devices
+#
+CONFIG_VT=y
+CONFIG_VT_CONSOLE=y
+CONFIG_HW_CONSOLE=y
+# CONFIG_SERIAL_NONSTANDARD is not set
+
+#
+# Serial drivers
+#
+# CONFIG_SERIAL_8250 is not set
+
+#
+# Non-8250 serial port support
+#
+CONFIG_UNIX98_PTYS=y
+# CONFIG_LEGACY_PTYS is not set
+CONFIG_PRINTER=m
+# CONFIG_LP_CONSOLE is not set
+# CONFIG_PPDEV is not set
+# CONFIG_TIPAR is not set
+# CONFIG_QIC02_TAPE is not set
+
+#
+# IPMI
+#
+# CONFIG_IPMI_HANDLER is not set
+
+#
+# Watchdog Cards
+#
+# CONFIG_WATCHDOG is not set
+CONFIG_HW_RANDOM=y
+# CONFIG_NVRAM is not set
+CONFIG_RTC=y
+# CONFIG_DTLK is not set
+# CONFIG_R3964 is not set
+# CONFIG_APPLICOM is not set
+# CONFIG_SONYPI is not set
+
+#
+# Ftape, the floppy tape device driver
+#
+# CONFIG_FTAPE is not set
+# CONFIG_AGP is not set
+# CONFIG_DRM is not set
+# CONFIG_MWAVE is not set
+# CONFIG_RAW_DRIVER is not set
+# CONFIG_HPET is not set
+# CONFIG_HANGCHECK_TIMER is not set
+
+#
+# I2C support
+#
+# CONFIG_I2C is not set
+
+#
+# Dallas's 1-wire bus
+#
+# CONFIG_W1 is not set
+
+#
+# Misc devices
+#
+# CONFIG_IBM_ASM is not set
+
+#
+# Multimedia devices
+#
+# CONFIG_VIDEO_DEV is not set
+
+#
+# Digital Video Broadcasting Devices
+#
+# CONFIG_DVB is not set
+
+#
+# Graphics support
+#
+# CONFIG_FB is not set
+# CONFIG_VIDEO_SELECT is not set
+
+#
+# Console display driver support
+#
+CONFIG_VGA_CONSOLE=y
+# CONFIG_MDA_CONSOLE is not set
+CONFIG_DUMMY_CONSOLE=y
+
+#
+# Sound
+#
+# CONFIG_SOUND is not set
+
+#
+# USB support
+#
+CONFIG_USB=m
+# CONFIG_USB_DEBUG is not set
+
+#
+# Miscellaneous USB options
+#
+CONFIG_USB_DEVICEFS=y
+# CONFIG_USB_BANDWIDTH is not set
+# CONFIG_USB_DYNAMIC_MINORS is not set
+
+#
+# USB Host Controller Drivers
+#
+CONFIG_USB_EHCI_HCD=m
+# CONFIG_USB_EHCI_SPLIT_ISO is not set
+# CONFIG_USB_EHCI_ROOT_HUB_TT is not set
+CONFIG_USB_OHCI_HCD=m
+CONFIG_USB_UHCI_HCD=m
+
+#
+# USB Device Class drivers
+#
+# CONFIG_USB_BLUETOOTH_TTY is not set
+# CONFIG_USB_ACM is not set
+CONFIG_USB_PRINTER=m
+CONFIG_USB_STORAGE=m
+# CONFIG_USB_STORAGE_DEBUG is not set
+CONFIG_USB_STORAGE_RW_DETECT=y
+CONFIG_USB_STORAGE_DATAFAB=y
+CONFIG_USB_STORAGE_FREECOM=y
+CONFIG_USB_STORAGE_ISD200=y
+CONFIG_USB_STORAGE_DPCM=y
+CONFIG_USB_STORAGE_HP8200e=y
+# CONFIG_USB_STORAGE_SDDR09 is not set
+# CONFIG_USB_STORAGE_SDDR55 is not set
+# CONFIG_USB_STORAGE_JUMPSHOT is not set
+
+#
+# USB Human Interface Devices (HID)
+#
+# CONFIG_USB_HID is not set
+
+#
+# USB HID Boot Protocol drivers
+#
+# CONFIG_USB_KBD is not set
+# CONFIG_USB_MOUSE is not set
+# CONFIG_USB_AIPTEK is not set
+# CONFIG_USB_WACOM is not set
+# CONFIG_USB_KBTAB is not set
+# CONFIG_USB_POWERMATE is not set
+# CONFIG_USB_MTOUCH is not set
+# CONFIG_USB_EGALAX is not set
+# CONFIG_USB_XPAD is not set
+# CONFIG_USB_ATI_REMOTE is not set
+
+#
+# USB Imaging devices
+#
+# CONFIG_USB_MDC800 is not set
+# CONFIG_USB_MICROTEK is not set
+# CONFIG_USB_HPUSBSCSI is not set
+
+#
+# USB Multimedia devices
+#
+
+#
+# Video4Linux support is needed for USB Multimedia device support
+#
+
+#
+# USB Network adaptors
+#
+# CONFIG_USB_CATC is not set
+# CONFIG_USB_KAWETH is not set
+# CONFIG_USB_PEGASUS is not set
+# CONFIG_USB_RTL8150 is not set
+# CONFIG_USB_USBNET is not set
+
+#
+# USB port drivers
+#
+# CONFIG_USB_USS720 is not set
+
+#
+# USB Serial Converter support
+#
+# CONFIG_USB_SERIAL is not set
+
+#
+# USB Miscellaneous drivers
+#
+# CONFIG_USB_TIGL is not set
+# CONFIG_USB_AUERSWALD is not set
+# CONFIG_USB_RIO500 is not set
+# CONFIG_USB_LEGOTOWER is not set
+# CONFIG_USB_LCD is not set
+# CONFIG_USB_LED is not set
+# CONFIG_USB_CYTHERM is not set
+# CONFIG_USB_PHIDGETSERVO is not set
+# CONFIG_USB_TEST is not set
+
+#
+# USB Gadget Support
+#
+# CONFIG_USB_GADGET is not set
+
+#
+# File systems
+#
+CONFIG_EXT2_FS=y
+CONFIG_EXT2_FS_XATTR=y
+# CONFIG_EXT2_FS_POSIX_ACL is not set
+# CONFIG_EXT2_FS_SECURITY is not set
+CONFIG_EXT3_FS=y
+CONFIG_EXT3_FS_XATTR=y
+# CONFIG_EXT3_FS_POSIX_ACL is not set
+# CONFIG_EXT3_FS_SECURITY is not set
+CONFIG_JBD=y
+# CONFIG_JBD_DEBUG is not set
+CONFIG_FS_MBCACHE=y
+# CONFIG_REISERFS_FS is not set
+# CONFIG_JFS_FS is not set
+# CONFIG_XFS_FS is not set
+# CONFIG_MINIX_FS is not set
+# CONFIG_ROMFS_FS is not set
+# CONFIG_QUOTA is not set
+# CONFIG_AUTOFS_FS is not set
+# CONFIG_AUTOFS4_FS is not set
+
+#
+# CD-ROM/DVD Filesystems
+#
+CONFIG_ISO9660_FS=y
+CONFIG_JOLIET=y
+CONFIG_ZISOFS=y
+CONFIG_ZISOFS_FS=y
+# CONFIG_UDF_FS is not set
+
+#
+# DOS/FAT/NT Filesystems
+#
+# CONFIG_MSDOS_FS is not set
+# CONFIG_VFAT_FS is not set
+# CONFIG_NTFS_FS is not set
+
+#
+# Pseudo filesystems
+#
+CONFIG_PROC_FS=y
+CONFIG_PROC_KCORE=y
+CONFIG_SYSFS=y
+# CONFIG_DEVFS_FS is not set
+# CONFIG_DEVPTS_FS_XATTR is not set
+CONFIG_TMPFS=y
+# CONFIG_HUGETLBFS is not set
+# CONFIG_HUGETLB_PAGE is not set
+CONFIG_RAMFS=y
+
+#
+# Miscellaneous filesystems
+#
+# CONFIG_ADFS_FS is not set
+# CONFIG_AFFS_FS is not set
+# CONFIG_ASFS_FS is not set
+# CONFIG_HFS_FS is not set
+# CONFIG_HFSPLUS_FS is not set
+# CONFIG_BEFS_FS is not set
+# CONFIG_BFS_FS is not set
+# CONFIG_EFS_FS is not set
+CONFIG_CRAMFS=y
+# CONFIG_VXFS_FS is not set
+# CONFIG_HPFS_FS is not set
+# CONFIG_QNX4FS_FS is not set
+# CONFIG_SYSV_FS is not set
+# CONFIG_UFS_FS is not set
+
+#
+# Network File Systems
+#
+# CONFIG_NFS_FS is not set
+# CONFIG_NFSD is not set
+# CONFIG_EXPORTFS is not set
+# CONFIG_SMB_FS is not set
+# CONFIG_CIFS is not set
+# CONFIG_NCP_FS is not set
+# CONFIG_CODA_FS is not set
+# CONFIG_AFS_FS is not set
+
+#
+# Partition Types
+#
+# CONFIG_PARTITION_ADVANCED is not set
+CONFIG_MSDOS_PARTITION=y
+
+#
+# Native Language Support
+#
+CONFIG_NLS=y
+CONFIG_NLS_DEFAULT="iso8859-15"
+CONFIG_NLS_CODEPAGE_437=m
+# CONFIG_NLS_CODEPAGE_737 is not set
+# CONFIG_NLS_CODEPAGE_775 is not set
+CONFIG_NLS_CODEPAGE_850=m
+# CONFIG_NLS_CODEPAGE_852 is not set
+# CONFIG_NLS_CODEPAGE_855 is not set
+# CONFIG_NLS_CODEPAGE_857 is not set
+# CONFIG_NLS_CODEPAGE_860 is not set
+# CONFIG_NLS_CODEPAGE_861 is not set
+# CONFIG_NLS_CODEPAGE_862 is not set
+# CONFIG_NLS_CODEPAGE_863 is not set
+# CONFIG_NLS_CODEPAGE_864 is not set
+# CONFIG_NLS_CODEPAGE_865 is not set
+# CONFIG_NLS_CODEPAGE_866 is not set
+# CONFIG_NLS_CODEPAGE_869 is not set
+# CONFIG_NLS_CODEPAGE_936 is not set
+# CONFIG_NLS_CODEPAGE_950 is not set
+# CONFIG_NLS_CODEPAGE_932 is not set
+# CONFIG_NLS_CODEPAGE_949 is not set
+# CONFIG_NLS_CODEPAGE_874 is not set
+# CONFIG_NLS_ISO8859_8 is not set
+# CONFIG_NLS_CODEPAGE_1250 is not set
+# CONFIG_NLS_CODEPAGE_1251 is not set
+CONFIG_NLS_ASCII=m
+CONFIG_NLS_ISO8859_1=m
+# CONFIG_NLS_ISO8859_2 is not set
+# CONFIG_NLS_ISO8859_3 is not set
+# CONFIG_NLS_ISO8859_4 is not set
+# CONFIG_NLS_ISO8859_5 is not set
+# CONFIG_NLS_ISO8859_6 is not set
+# CONFIG_NLS_ISO8859_7 is not set
+# CONFIG_NLS_ISO8859_9 is not set
+# CONFIG_NLS_ISO8859_13 is not set
+# CONFIG_NLS_ISO8859_14 is not set
+CONFIG_NLS_ISO8859_15=y
+# CONFIG_NLS_KOI8_R is not set
+# CONFIG_NLS_KOI8_U is not set
+CONFIG_NLS_UTF8=m
+
+#
+# Profiling support
+#
+# CONFIG_PROFILING is not set
+
+#
+# Kernel hacking
+#
+# CONFIG_DEBUG_KERNEL is not set
+CONFIG_EARLY_PRINTK=y
+# CONFIG_DEBUG_SPINLOCK_SLEEP is not set
+# CONFIG_FRAME_POINTER is not set
+# CONFIG_4KSTACKS is not set
+
+#
+# Security options
+#
+# CONFIG_SECURITY is not set
+
+#
+# Cryptographic options
+#
+CONFIG_CRYPTO=y
+CONFIG_CRYPTO_HMAC=y
+CONFIG_CRYPTO_NULL=m
+# CONFIG_CRYPTO_MD4 is not set
+CONFIG_CRYPTO_MD5=m
+CONFIG_CRYPTO_SHA1=m
+CONFIG_CRYPTO_SHA256=m
+CONFIG_CRYPTO_SHA512=m
+CONFIG_CRYPTO_DES=m
+CONFIG_CRYPTO_BLOWFISH=m
+CONFIG_CRYPTO_TWOFISH=m
+# CONFIG_CRYPTO_SERPENT is not set
+CONFIG_CRYPTO_AES_586=m
+# CONFIG_CRYPTO_CAST5 is not set
+CONFIG_CRYPTO_CAST6=m
+# CONFIG_CRYPTO_TEA is not set
+# CONFIG_CRYPTO_ARC4 is not set
+CONFIG_CRYPTO_KHAZAD=m
+CONFIG_CRYPTO_DEFLATE=m
+# CONFIG_CRYPTO_MICHAEL_MIC is not set
+CONFIG_CRYPTO_CRC32C=m
+# CONFIG_CRYPTO_TEST is not set
+
+#
+# Library routines
+#
+CONFIG_CRC_CCITT=m
+CONFIG_CRC32=m
+CONFIG_LIBCRC32C=m
+CONFIG_ZLIB_INFLATE=y
+CONFIG_ZLIB_DEFLATE=m
+CONFIG_X86_BIOS_REBOOT=y
+CONFIG_PC=y
diff --git a/kernel/kernel-image-2.6.8_1.dfs_i386.deb b/kernel/kernel-image-2.6.8_1.dfs_i386.deb
new file mode 100644
index 0000000..6846495
Binary files /dev/null and b/kernel/kernel-image-2.6.8_1.dfs_i386.deb differ
diff --git a/misc/makeCert.sh b/misc/makeCert.sh
new file mode 100755
index 0000000..651c729
--- /dev/null
+++ b/misc/makeCert.sh
@@ -0,0 +1,92 @@
+#!/bin/sh
+set -u
+
+## http://www2.goldfisch.at/knowledge/142 beschreibt's recht gut
+
+
+CA_DIR="CA/"
+# enthaelt das Verzeichnis "demoCA" (siehe unten: CA-Erzeugung)
+
+KEYSIZE=1024
+CONFIG="openssl.conf"
+TIME="365"
+
+TMPREQ="/tmp/mein-apache-cert.req"
+TMPRAN="/tmp/mein-apache-cert.random"
+CSR_FILE=$1.csr
+KEY_FILE1=$1-temp.key
+KEY_FILE2=$1.key
+CRT_FILE=$1.crt
+
+
+if test -z "$1";
+       then    echo "Syntax: $0 ZERTIFIKATS-DATEI [CA-Datei]"
+               echo "  (die Dateienedungen (key, csr, crt) werden automatisch angefuegt)"     
+               exit 1
+  fi
+
+echo "Erzeuge Zufallszahlen ..."
+echo "-----------------------------------------------"
+# erzeugt eine große menge an zufallszahlen abhängig von keysize
+dd if=/dev/urandom of=$TMPRAN bs=$KEYSIZE count=$KEYSIZE || exit 2
+sleep 1
+
+echo -e "\nErzeuge den Schluessel ..."
+echo "-----------------------------------------------"
+openssl genrsa -rand $TMPRAN $KEYSIZE > $KEY_FILE1 || exit 3
+# z.B.: -des3 um Verschluesselung des Zertifikats zu aktivieren
+
+# found that way in http://www.rpatrick.com/tech/makecert/
+openssl rsa -in $KEY_FILE1 -out $KEY_FILE2
+chmod go-rwx $KEY_FILE2
+
+echo -e "\nErzeuge die X509-Informationen ..."
+echo "-----------------------------------------------"
+# wichtige parameter werden aus der config gelesen
+openssl req -new -x509 -key $KEY_FILE2 -config $CONFIG > $TMPREQ || exit 4
+#openssl req -new -x509 -key $KEY_FILE -config $CONFIG > $TMPREQ || exit 4
+chmod go-rwx $TMPREQ
+
+echo -e "\nFuege das Zertifikat zusammen ..."
+echo "-----------------------------------------------"
+cat $TMPREQ $KEY_FILE2 >$CSR_FILE || exit 5
+chmod go-rwx $CSR_FILE
+
+echo -e "\nLoesche temporaere Dateien ..."
+echo "-----------------------------------------------"
+rm $TMPRAN $TMPREQ $KEY_FILE1
+
+echo -e "\nDie Signierungsanforderung $CSR_FILE wurde erzeugt!"
+
+test -e "$CA_DIR" || exit 0
+
+# nun wird per CA zertifiziert ...
+# die CA wird erstmalig durch das Skript CA.sh mit dem Parameter "-newca" erstellt
+
+AKT_DIR=`pwd`
+
+echo -e "\nDiese wird nun von der CA signiert ...\n"
+
+echo "--kopiere"
+cp $CSR_FILE ${CA_DIR}newreq.pem
+
+[ -f newcert.pem ] && rm newcert.pem
+echo "--signiere"
+openssl x509 -x509toreq -in ${CA_DIR}newreq.pem -days $TIME -signkey ${CA_DIR}newreq.pem -out ${CA_DIR}tmp.pem || exit 6
+echo "-signiere"
+openssl ca -config $CONFIG -policy policy_anything -days $TIME -out ${CA_DIR}newcert.pem -infiles ${CA_DIR}tmp.pem || exit 7
+echo "foo"
+[ -f tmp.pem ] && rm tmp.pem && echo "tmp.pem gloescht"
+
+if [ ! -s newcert.pem ];
+	then	echo "Fehler: das neue Zertifikat wurde nicht erstellt!"
+		exit 8
+  fi
+
+rm newreq.pem
+echo $AKT_DIR
+mv newcert.pem ${AKT_DIR}/$CRT_FILE || echo "fehla 9" && exit 9
+cd $AKT_DIR
+rm $CSR_FILE
+
+echo -e "\nFertig!"
diff --git a/misc/qemu-ifup b/misc/qemu-ifup
new file mode 100755
index 0000000..b3d5664
--- /dev/null
+++ b/misc/qemu-ifup
@@ -0,0 +1,55 @@
+#!/bin/sh
+#
+# this is the qemu-ifup script that should be run at qemu's boot
+#
+
+# determine the interface to the outside
+IF_WORLD=`/sbin/route -n | grep " UG " | sed "s/  */ /g" | cut -d " " -f 8 | head -1`
+# nothing found? - sorry!
+[ -z "$IF_WORLD" ] && IF_WORLD=eth0
+
+
+if [ "$UID" -ne 0 ] 
+	then	sudo $0 $*
+		exit 0
+  fi
+
+echo "Laufe als root ..."
+
+IPT=/sbin/iptables
+[ ! -x $IPT ] && IPT=/usr/sbin/iptables
+
+IPT_RULES="	FORWARD -i tun0 -o $IF_WORLD -j ACCEPT
+		FORWARD -i $IF_WORLD -o tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
+		POSTROUTING -t nat -o $IF_WORLD -j MASQUERADE
+		INPUT -i tun0 -j ACCEPT
+		OUTPUT -o tun0 -j ACCEPT"
+
+aktiviere_forward()
+{
+	echo "$IPT_RULES" | while read a
+		do	$IPT -A $a
+	  done
+	echo 1 >/proc/sys/net/ipv4/ip_forward
+}
+
+deaktiviere_forward()
+{
+	echo "$IPT_RULES" | while read a
+		do	$IPT -D $a
+	  done
+	echo 0 >/proc/sys/net/ipv4/ip_forward
+}
+
+case "$1" in
+	stop )
+		deaktiviere_forward
+		#/etc/init.d/dhcp stop
+		;;
+	* )
+		/sbin/ifconfig $1 192.168.0.1
+		#/etc/init.d/dhcp start
+		aktiviere_forward
+		;;
+  esac
+
diff --git a/misc/userdocexport.sh b/misc/userdocexport.sh
new file mode 100755
index 0000000..fc58d25
--- /dev/null
+++ b/misc/userdocexport.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+set -u
+
+## diese Seiten aus dem Wiki ziehen und entschlacken
+SITES="CryptoBox CryptoBoxDev"
+DEST_PATH="cryptobox.conf.d/var/www/userdoc/"
+[ ! -e $DEST_PATH ] && echo "$DEST_PATH does not exist" && exit
+
+for SITE in $SITES; do
+	SITE_SRC="https://systemausfall.org/wikis/howto/$SITE"
+	SITE_TMP="/tmp/$SITE"
+	SITE_DEST="${DEST_PATH}${SITE}.html"
+
+	[ -e $SITE_TMP ] && echo "$SITE_TMP exists" && exit
+	wget -O $SITE_TMP $SITE_SRC || exit 
+	sed -n "1,/\<title\>/p" $SITE_TMP > $SITE_DEST
+	echo "<link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="../cryptobox.css">" >> $SITE_DEST
+	echo -e "</head>\n<body>\n" >> $SITE_DEST
+	sed -n /\<\!--\ start\ page\ --\>/,/\<\!--\ end\ page\ --\>/p $SITE_TMP >> $SITE_DEST
+	echo -e "</body>\n</html>\n" >> $SITE_DEST
+	rm $SITE_TMP
+done