itbugfixes and improvements from rc1 - coffin - secure lan file storage on a device Err parazyd.org 70 hgit clone git://parazyd.org/coffin.git URL:git://parazyd.org/coffin.git parazyd.org 70 1Log /git/coffin/log.gph parazyd.org 70 1Files /git/coffin/files.gph parazyd.org 70 1Refs /git/coffin/refs.gph parazyd.org 70 1Submodules /git/coffin/file/.gitmodules.gph parazyd.org 70 1README /git/coffin/file/README.md.gph parazyd.org 70 1LICENSE /git/coffin/file/LICENSE.gph parazyd.org 70 i--- Err parazyd.org 70 1commit 4f1ff06e39b1edb7dc038da5b4609a5d42b36ab2 /git/coffin/commit/4f1ff06e39b1edb7dc038da5b4609a5d42b36ab2.gph parazyd.org 70 1parent 285f102b38b479f81485a138875d8df782835bde /git/coffin/commit/285f102b38b479f81485a138875d8df782835bde.gph parazyd.org 70 hAuthor: parazyd URL:mailto:parazyd@dyne.org parazyd.org 70 iDate: Sun, 3 Apr 2016 20:01:56 +0200 Err parazyd.org 70 i Err parazyd.org 70 ibugfixes and improvements from rc1 Err parazyd.org 70 i Err parazyd.org 70 iDiffstat: Err parazyd.org 70 i M Makefile | 2 +- Err parazyd.org 70 i M conf/config.sh | 15 +++++++++++---- Err parazyd.org 70 i M src/zlibs/features | 44 +++++++++++++++++++++---------- Err parazyd.org 70 i M src/zlibs/hooks | 23 ++++++++++++----------- Err parazyd.org 70 i M src/zlibs/ttab | 29 +++++++++++++++++++++-------- Err parazyd.org 70 i Err parazyd.org 70 i5 files changed, 75 insertions(+), 38 deletions(-) Err parazyd.org 70 i--- Err parazyd.org 70 1diff --git a/Makefile b/Makefile /git/coffin/file/Makefile.gph parazyd.org 70 it@@ -1,8 +1,8 @@ Err parazyd.org 70 i all: Err parazyd.org 70 i+ @./conf/config.sh checkdep Err parazyd.org 70 i make -C src Err parazyd.org 70 i @./conf/config.sh gen-ssl Err parazyd.org 70 i @./conf/config.sh gen-init Err parazyd.org 70 i- @./conf/config.sh checkdep Err parazyd.org 70 i Err parazyd.org 70 i install: Err parazyd.org 70 i make -C src install Err parazyd.org 70 1diff --git a/conf/config.sh b/conf/config.sh /git/coffin/file/conf/config.sh.gph parazyd.org 70 it@@ -75,12 +75,12 @@ EOF Err parazyd.org 70 i Err parazyd.org 70 i apachemods() { Err parazyd.org 70 i if [[ $1 == "on" ]]; then Err parazyd.org 70 i- mods=(ssl dav dav_fs dav_lock) Err parazyd.org 70 i+ mods=(ssl dav dav_fs dav_lock auth_digest) Err parazyd.org 70 i for i in $mods; do Err parazyd.org 70 i- a2enmod $i Err parazyd.org 70 i+ a2enmod $i # NOTE: a2en* is only on debian Err parazyd.org 70 i done Err parazyd.org 70 i elif [[ $1 == "off" ]]; then Err parazyd.org 70 i- mods=(dav_lock dav_fs dav ssl) Err parazyd.org 70 i+ mods=(auth_digest dav_lock dav_fs dav ssl) Err parazyd.org 70 i for i in $mods; do Err parazyd.org 70 i a2dismod $i Err parazyd.org 70 i done Err parazyd.org 70 it@@ -122,7 +122,14 @@ ckdistro() { Err parazyd.org 70 i # apache Err parazyd.org 70 i install -Dm775 -g www-data -d /etc/apache2/DAV Err parazyd.org 70 i [[ `grep '^DAVLockDB ' /etc/apache2/apache2.conf` ]] || { Err parazyd.org 70 i- print "DAVLockDB /etc/apache2/DAV/DAVLock" >> /etc/apache2/apache2.conf Err parazyd.org 70 i+ cat << EOF >> /etc/apache2/apache2.conf Err parazyd.org 70 i+ Err parazyd.org 70 i+ Options Indexes Err parazyd.org 70 i+ AllowOverride None Err parazyd.org 70 i+ Require all granted Err parazyd.org 70 i+ Err parazyd.org 70 i+DAVLockDB /etc/apache2/DAV/DAVLock Err parazyd.org 70 i+EOF Err parazyd.org 70 i } Err parazyd.org 70 i install -Dm600 davpasswd /etc/apache2/DAV/davpasswd Err parazyd.org 70 i install -Dm640 apachedav /etc/apache2/sites-available/coffindav.conf Err parazyd.org 70 1diff --git a/src/zlibs/features b/src/zlibs/features /git/coffin/file/src/zlibs/features.gph parazyd.org 70 it@@ -6,23 +6,40 @@ create-webdav-hook() { Err parazyd.org 70 i davconf="/etc/apache2/sites-available/coffindav.conf" Err parazyd.org 70 i davpass="/etc/apache2/DAV/davpasswd" Err parazyd.org 70 i Err parazyd.org 70 i- if [[ $entry =~ webdav && -f $COFFINDOT/webdav.conf ]]; then Err parazyd.org 70 i+ if [[ $entry =~ webdav && -f $COFFINDOT/davpasswd ]]; then Err parazyd.org 70 i act "Found WebDAV data. Setting up..." Err parazyd.org 70 i Err parazyd.org 70 i- [[ -f $COFFINDOT/davpasswd ]] && { Err parazyd.org 70 i- cat $COFFINDOT/davpasswd >> $davpass Err parazyd.org 70 i- [[ $? = 0 ]] && { Err parazyd.org 70 i- rm $COFFINDOT/davpasswd Err parazyd.org 70 i- gpasswd -a www-data $undertaker # NOTE: consider standalone group Err parazyd.org 70 i- act "Added new WebDAV user" Err parazyd.org 70 i- } Err parazyd.org 70 i+ cat $COFFINDOT/davpasswd >> $davpass Err parazyd.org 70 i+ [[ $? = 0 ]] || { Err parazyd.org 70 i+ die "Failed setting up WebDAV." Err parazyd.org 70 i+ return 1 Err parazyd.org 70 i } Err parazyd.org 70 i+ rm $COFFINDOT/davpasswd Err parazyd.org 70 i+ gpasswd -a www-data $undertaker # NOTE: consider standalone group Err parazyd.org 70 i+ act "Added new WebDAV user" Err parazyd.org 70 i+ Err parazyd.org 70 i sed -i -e :a -e '$d;N;2,3ba' -e 'P;D' $davconf Err parazyd.org 70 i- cat $COFFINDOT/webdav.conf >> $davconf Err parazyd.org 70 i+# cat $COFFINDOT/webdav.conf >> $davconf Err parazyd.org 70 i+ cat << EOF >> $davconf Err parazyd.org 70 i+ Err parazyd.org 70 i+ alias /${tombid} /media/${tombid} Err parazyd.org 70 i+ Err parazyd.org 70 i+ Dav On Err parazyd.org 70 i+ AllowOverride none Err parazyd.org 70 i+ Options Indexes Err parazyd.org 70 i+ AuthType Digest Err parazyd.org 70 i+ AuthName WebDAV Err parazyd.org 70 i+ AuthUserFile /etc/apache2/DAV/davpasswd Err parazyd.org 70 i+ Require user ${undertaker} Err parazyd.org 70 i+ Err parazyd.org 70 i+ Err parazyd.org 70 i+ Err parazyd.org 70 i+ Err parazyd.org 70 i+EOF Err parazyd.org 70 i act "Wrote to $davconf" Err parazyd.org 70 i /etc/init.d/apache2 reload Err parazyd.org 70 i [[ $? = 0 ]] || warn "Apache is funky" Err parazyd.org 70 i- rm $COFFINDOT/webdav.conf Err parazyd.org 70 i+# rm $COFFINDOT/webdav.conf Err parazyd.org 70 i act "Done setting up WebDAV" Err parazyd.org 70 i else Err parazyd.org 70 i act "No WebDAV data found" Err parazyd.org 70 it@@ -47,7 +64,7 @@ delete-webdav-hook() { Err parazyd.org 70 i create-sshfs-hook() { Err parazyd.org 70 i fn create-sshfs-hook Err parazyd.org 70 i Err parazyd.org 70 i- if [[ $entry =~ sshfs && -f $COFFINDOT/sshpubkey ]]; then Err parazyd.org 70 i+ if [[ $entry =~ sshfs && -f $COFFINDOT/$tombid.pub ]]; then Err parazyd.org 70 i act "Found SSH data. Setting up..." Err parazyd.org 70 i Err parazyd.org 70 i [[ -d /home/$undertaker/.ssh ]] || mkdir -p /home/$undertaker/.ssh Err parazyd.org 70 it@@ -72,10 +89,9 @@ delete-sshfs-hook() { Err parazyd.org 70 i ckreq || return 1 Err parazyd.org 70 i Err parazyd.org 70 i authkeys="/home/$undertaker/.ssh/authorized_keys" Err parazyd.org 70 i- tempkeys="/home/$undertaker/.ssh/tempkeys" Err parazyd.org 70 i Err parazyd.org 70 i- grep -v $tombid $authkeys > $tempkeys Err parazyd.org 70 i- mv $tempkeys $authkeys Err parazyd.org 70 i+ grep -v $tombid $authkeys > $authkeys.tmp Err parazyd.org 70 i+ mv $authkeys.tmp $authkeys Err parazyd.org 70 i Err parazyd.org 70 i act "Deleted SSH data" Err parazyd.org 70 i } Err parazyd.org 70 1diff --git a/src/zlibs/hooks b/src/zlibs/hooks /git/coffin/file/src/zlibs/hooks.gph parazyd.org 70 it@@ -42,7 +42,7 @@ create-new-tomb() { Err parazyd.org 70 i $(id $undertaker &>/dev/null) Err parazyd.org 70 i [[ $? = 0 ]] || { Err parazyd.org 70 i warn "User $undertaker not found. Creating..." Err parazyd.org 70 i- useradd -G coffin -m -s /bin/nologin $undertaker Err parazyd.org 70 i+ useradd -G coffin -m -s /bin/sh $undertaker Err parazyd.org 70 i act "Created user $undertaker" Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 it@@ -89,33 +89,34 @@ delete-tomb() { Err parazyd.org 70 i act "Deleting tomb" Err parazyd.org 70 i Err parazyd.org 70 i undertaker=${entry[(ws@:@)2]} && xxx "Undertaker: $undertaker" Err parazyd.org 70 i- tombid=${entry[(ws@:@)2]} && xxx "Tombid: $tombid" Err parazyd.org 70 i+ tombid=${entry[(ws@:@)3]} && xxx "Tombid: $tombid" Err parazyd.org 70 i Err parazyd.org 70 i- [[ $(id $undertaker &>/dev/null) ]] || { Err parazyd.org 70 i- die "User $undertaker not found. Exiting..." Err parazyd.org 70 i- return 1 Err parazyd.org 70 i+ [[ $(id $undertaker) ]] || { Err parazyd.org 70 i+ die "User $undertaker not found. Exiting..." \ Err parazyd.org 70 i+ && return 1 Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 i [[ -f $GRAVEYARD/$tombid.tomb ]] || { Err parazyd.org 70 i- die "Tomb $tombid.tomb not found. Exiting..." Err parazyd.org 70 i- return 1 Err parazyd.org 70 i+ die "Tomb $tombid.tomb not found. Exiting..." \ Err parazyd.org 70 i+ && return 1 Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 i [[ -f $COFFINDOT/$tombid.key ]] || { Err parazyd.org 70 i- die "Key of $tombid not found. Exiting..." Err parazyd.org 70 i- return 1 Err parazyd.org 70 i+ die "Key of $tombid not found. Exiting..." \ Err parazyd.org 70 i+ && return 1 Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 i compare-key Err parazyd.org 70 i [[ $? = 0 ]] && { Err parazyd.org 70 i sudo -u $undertaker $TOMB slam $tombid Err parazyd.org 70 i+ update-tombs del Err parazyd.org 70 i Err parazyd.org 70 i grep -v ${undertaker}:${tombid} $TTAB > $TTAB.tmp Err parazyd.org 70 i- [[ $? = 0 ]] && mv $TTAB.tmp $TTAB && \ Err parazyd.org 70 i+ mv $TTAB.tmp $TTAB && \ Err parazyd.org 70 i act "Removed from ttab" Err parazyd.org 70 i Err parazyd.org 70 i grep -v ${keyhash} $TOMBPASSWD > $TOMBPASSWD.tmp Err parazyd.org 70 i- [[ $? = 0 ]] && mv $TOMBPASSWD.tmp $TOMBPASSWD && \ Err parazyd.org 70 i+ mv $TOMBPASSWD.tmp $TOMBPASSWD && \ Err parazyd.org 70 i chmod 600 $TOMBPASSWD && \ Err parazyd.org 70 i act "Removed from tombpasswd" Err parazyd.org 70 i Err parazyd.org 70 1diff --git a/src/zlibs/ttab b/src/zlibs/ttab /git/coffin/file/src/zlibs/ttab.gph parazyd.org 70 it@@ -1,5 +1,24 @@ Err parazyd.org 70 i #!/usr/bin/env zsh Err parazyd.org 70 i Err parazyd.org 70 i+update-tombs() { Err parazyd.org 70 i+ fn update-tombs $* Err parazyd.org 70 i+ req=(happ) Err parazyd.org 70 i+ happ="$1" Err parazyd.org 70 i+ ckreq || return 1 Err parazyd.org 70 i+ Err parazyd.org 70 i+ if [[ $happ == "add" ]]; then Err parazyd.org 70 i+ print "${undertaker}:${keyhash}:${keyuuid}" >> $TOMBS && \ Err parazyd.org 70 i+ chmod 600 $TOMBS && \ Err parazyd.org 70 i+ act "Added info to $TOMBS" Err parazyd.org 70 i+ elif [[ $happ == "del" ]]; then Err parazyd.org 70 i+ cp $TOMBS $TMPTOMBS Err parazyd.org 70 i+ grep -v "${keyhash}:${keyuuid}" $TMPTOMBS > $TOMBS && \ Err parazyd.org 70 i+ chmod 600 $TOMBS && \ Err parazyd.org 70 i+ act "Removed from $TOMBS" Err parazyd.org 70 i+ rm $TMPTOMBS Err parazyd.org 70 i+ fi Err parazyd.org 70 i+} Err parazyd.org 70 i+ Err parazyd.org 70 i ttab-magic() { Err parazyd.org 70 i fn ttab-magic Err parazyd.org 70 i Err parazyd.org 70 it@@ -21,11 +40,7 @@ ttab-magic() { Err parazyd.org 70 i act "compare-key -> true" Err parazyd.org 70 i sudo -u $undertaker $TOMB slam $tombid Err parazyd.org 70 i Err parazyd.org 70 i- cp $TOMBS $TMPTOMBS Err parazyd.org 70 i- grep -v "${keyhash}:${keyuuid}" $TMPTOMBS > $TOMBS && \ Err parazyd.org 70 i- chmod 600 $TOMBS && \ Err parazyd.org 70 i- act "Updated $TOMBS" Err parazyd.org 70 i- rm $TMPTOMBS Err parazyd.org 70 i+ update-tombs del Err parazyd.org 70 i continue Err parazyd.org 70 i } Err parazyd.org 70 i Err parazyd.org 70 it@@ -45,9 +60,7 @@ ttab-magic() { Err parazyd.org 70 i Err parazyd.org 70 i [[ -d "/media/$tombid" ]] && { Err parazyd.org 70 i chmod g+rw /media/$tombid Err parazyd.org 70 i- print "${undertaker}:${keyhash}:${keyuuid}" >> $TOMBS && \ Err parazyd.org 70 i- chmod 600 $TOMBS && \ Err parazyd.org 70 i- act "Added info to $TOMBS" Err parazyd.org 70 i+ update-tombs add Err parazyd.org 70 i } Err parazyd.org 70 i } Err parazyd.org 70 i done Err parazyd.org 70 .