# HG changeset patch # User ft # Date 1415109480 -3600 # Node ID ee0797f464732a4d18d88b741865f85afb87d457 # Parent 25dc3362ba5d8ff8230dbbc7d2b3c93f3bd2ef72 changed some things diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config --- a/osecvm-config Thu Feb 27 17:14:59 2014 +0100 +++ b/osecvm-config Tue Nov 04 14:58:00 2014 +0100 @@ -7,9 +7,9 @@ Standards-Version: 3.9.2 Package: osecvm-config -Version: 0.0.30 +Version: 0.0.42 Maintainer: ft -Pre-Depends: samba,usbmount,python,python-fuse,python-requests,ntfs-3g,rsyslog,logrotate,osecfs,python-webpy,python-netifaces,osecvm-password-receiver,python-netifaces,python-netaddr,ipcalc,file,sudo,hibernate +Pre-Depends: samba,usbmount,python,python-fuse,python-requests,ntfs-3g,rsyslog,logrotate,osecfs,python-webpy,python-netifaces,encryptionprovider,python-netifaces,python-netaddr,ipcalc,file,sudo,hibernate,chromium,update-notifier-common # Depends: # Recommends: # Suggests: @@ -52,6 +52,12 @@ . for f in $PKG_LIST do + + if dpkg-divert --package ${PKG} --list | grep /etc/$f.distrib + then + rm /etc/$f + dpkg-divert --remove --package ${PKG} --rename --divert /etc/$f.distrib /etc/$f + fi dpkg-divert --add --package ${PKG} --rename --divert /etc/$f.distrib /etc/$f [ \! -e /etc/$f -o -L /etc/$f ] && ln -sf /etc/osecvm-configs/$f /etc/$f done diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.31_all.deb Binary file osecvm-config_0.0.31_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.32_all.deb Binary file osecvm-config_0.0.32_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.33_all.deb Binary file osecvm-config_0.0.33_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.34_all.deb Binary file osecvm-config_0.0.34_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.35_all.deb Binary file osecvm-config_0.0.35_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.36_all.deb Binary file osecvm-config_0.0.36_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.37_all.deb Binary file osecvm-config_0.0.37_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.38_all.deb Binary file osecvm-config_0.0.38_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.39_all.deb Binary file osecvm-config_0.0.39_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.40_all.deb Binary file osecvm-config_0.0.40_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.41_all.deb Binary file osecvm-config_0.0.41_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 osecvm-config_0.0.42_all.deb Binary file osecvm-config_0.0.42_all.deb has changed diff -r 25dc3362ba5d -r ee0797f46473 samba/smb.conf --- a/samba/smb.conf Thu Feb 27 17:14:59 2014 +0100 +++ b/samba/smb.conf Tue Nov 04 14:58:00 2014 +0100 @@ -22,7 +22,7 @@ [USB] comment = Zugriff auf USB Sticks - path = /var/run/usbmount/ + path = /tmp/usbmount/ read only = no browseable = yes writeable = yes diff -r 25dc3362ba5d -r ee0797f46473 usbmount/mount.d/00_create_model_symlink --- a/usbmount/mount.d/00_create_model_symlink Thu Feb 27 17:14:59 2014 +0100 +++ b/usbmount/mount.d/00_create_model_symlink Tue Nov 04 14:58:00 2014 +0100 @@ -13,6 +13,23 @@ # set -e +log() +{ + if [ $1 != debug ] || expr "$VERBOSE" : "[yY]" > /dev/null; then + logger -p user.$1 -t "usbmount[$$]" -- "$2" + fi +} + +getRemoteIp () +{ + ip_address=$(ifconfig eth0 | grep "inet " | awk '{ print $2 }' | cut -d ":" -f 2) + ip_netmask=$(ifconfig eth0 | grep "inet " | awk '{ print $4 }' | cut -d ":" -f 2) + remote_ip=$(ipcalc $ip_address/$ip_netmask | grep HostMin | awk '{ print $2}') + + echo $remote_ip +} + + # Replace spaces with underscores, remove special characters in vendor # and model name. UM_VENDOR=`echo "$UM_VENDOR" | sed 's/ /_/g; s/[^0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ._-]//g'` @@ -34,8 +51,37 @@ name="${name}_$partition" fi -mkdir -p "/var/run/usbmount/$name" -osecfs /etc/osecfs/osecfs_usb.cfg /var/run/usbmount/$name ro +set +e +#if [ -f "/media/usb0/opensecurity.tc" ] +#then +# log info "Found Truecrypt file on Stick. Try to mount" +# wget -q -T 3 -t 1 -O /dev/null http://$(getRemoteIp):8090/password?text=Please+enter+the+password +# if [ "$?" != "0" ] +# then +# log err "ERROR: Connection to http://$(getRemoteIp):8090/password?text=Please+enter+the+password failed" +# exit 1 +# fi +# +# log info "Password notification sended, wait for response" +# mkdir -p "/media/encrypted" +# /usr/bin/encryptionprovider.py -m eth0 58080 /media/usb0/opensecurity.tc /media/encrypted +# if [ "$?" != "0" ] +# then +# log err "Stick removed. exit" +# exit 1 +# fi +# mkdir -p "/var/run/usbmount/encrypted" +# /usr/bin/osecfs /etc/osecfs/osecfs_usb.cfg "/var/run/usbmount/encrypted" rw +# log info "Encrypted stick mounted" +#else +# mkdir -p "/var/run/usbmount/$name" + chattr -i "/tmp/usbmount" + mkdir -p "/tmp/usbmount/$name" + osecfs /etc/osecfs/osecfs_usb.cfg /tmp/usbmount/$name ro + encryptionprovider.py -i eth0 58081 "$UM_DEVICE" /media/usb0 & + chattr +i "/tmp/usbmount" + #run_initlistener.sh $UM_DEVICE & +#fi exit 0 diff -r 25dc3362ba5d -r ee0797f46473 usbmount/umount.d/00_remove_model_symlink --- a/usbmount/umount.d/00_remove_model_symlink Thu Feb 27 17:14:59 2014 +0100 +++ b/usbmount/umount.d/00_remove_model_symlink Tue Nov 04 14:58:00 2014 +0100 @@ -11,9 +11,18 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. # -set -e +#set -e -umount "/var/run/usbmount/"* -rmdir "/var/run/usbmount/"* +#umount "/var/run/usbmount/"* +#rmdir "/var/run/usbmount/"* + +chattr -i "/tmp/usbmount" +umount "/tmp/usbmount/"* +rmdir "/tmp/usbmount/"* + +#for tcfile in $(/usr/bin/encryptionprovider.py -g) +#do +# /usr/bin/encryptionprovider.py -u "$tcfile" +#done exit 0 diff -r 25dc3362ba5d -r ee0797f46473 usr/share/usbmount/async_usbmount --- a/usr/share/usbmount/async_usbmount Thu Feb 27 17:14:59 2014 +0100 +++ b/usr/share/usbmount/async_usbmount Tue Nov 04 14:58:00 2014 +0100 @@ -38,6 +38,14 @@ return 1 } +getRemoteIp () +{ + ip_address=$(ifconfig eth0 | grep "inet " | awk '{ print $2 }' | cut -d ":" -f 2) + ip_netmask=$(ifconfig eth0 | grep "inet " | awk '{ print $4 }' | cut -d ":" -f 2) + remote_ip=$(ipcalc $ip_address/$ip_netmask | grep HostMin | awk '{ print $2}') + + echo $remote_ip +} ###################################################################### # Main program @@ -72,6 +80,11 @@ log debug "creating /var/run/usbmount directory" fi +if [ ! -e /tmp/usbmount ]; then + mkdir -p /tmp/usbmount + log debug "creating /tmp/usbmount directory" +fi + umask 022 if [ "$1" = add ]; then @@ -94,24 +107,29 @@ then log info "blkid -p $DEVNAME has retured with $BLKID_RESULT" log info "Stick is maybe encrypted. Try decrypt" - wget -q -T 3 -t 1 -O /dev/null http://192.168.56.1:8090/password?text=Please+send+me+the+password + wget -q -T 3 -t 1 -O /dev/null http://$(getRemoteIp):8090/password?text=Please+enter+the+password if [ "$?" != "0" ] then - log err "Connection to http://192.168.56.1:8090/password?text=Please+send+me+the+password failed" + log err "Connection to \"http://$(getRemoteIp):8090/password?text=Please+enter+the+password\" failed" exit 1 fi log info "Password notification sended, wait for response" - /usr/bin/osecvm-password-receiver.py eth0 58080 $DEVNAME /media/usb0 + /usr/bin/encryptionprovider.py -m eth0 58080 $DEVNAME /media/usb0 if [ "$?" != "0" ] then log err "Stick removed. exit" exit 1 fi - mkdir -p "/var/run/usbmount/encrypted" - /usr/bin/osecfs /etc/osecfs/osecfs_usb.cfg "/var/run/usbmount/encrypted" rw + chattr -i "/tmp/usbmount" + mkdir -p "/tmp/usbmount/encrypted" + /usr/bin/osecfs /etc/osecfs/osecfs_usb.cfg "/tmp/usbmount/encrypted" rw log info "Encrypted stick mounted" + + #run_initlistener.sh $DEVNAME & + encryptionprovider.py -i eth0 58081 "$DEVNAME" /media/usb0 & + chattr +i "/tmp/usbmount" exit 0 fi set -e @@ -212,15 +230,16 @@ # A block or partition device has been removed. # Test if it is mounted. - for device in $(/usr/bin/truecrypt -l | awk '{ print $2}') + for device in $(/usr/bin/encryptionprovider.py -g) do if [ "$DEVNAME" = "$device" ] then - log info "encrypted device was removed" - umount "/var/run/usbmount/encrypted" - rmdir "/var/run/usbmount/encrypted" - log info "/usr/bin/truecrypt -d $DEVNAME" - /usr/bin/truecrypt -d "$DEVNAME" + log info "umout encrypted device" + chattr -i "/tmp/usbmount" + umount "/tmp/usbmount/encrypted" + rmdir "/tmp/usbmount/encrypted" + log info "/usr/bin/encryptionprovider.py -u $DEVNAME" + /usr/bin/encryptionprovider.py -u "$DEVNAME" log info "everything done" fi done