ttomb makefile mods, uninstall fn, fixes - coffin - secure lan file storage on a device
(HTM) git clone git://parazyd.org/coffin.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) Submodules
(DIR) README
(DIR) LICENSE
---
(DIR) commit 1c14dae88f3588d768af3fa52c35d275cc3f5e56
(DIR) parent b51b18dfcb05b9a27dcf56a8e6d7e319da794d0c
(HTM) Author: parazyd <parazyd@dyne.org>
Date: Tue, 29 Mar 2016 21:21:40 +0200
ttomb makefile mods, uninstall fn, fixes
Diffstat:
M .gitignore | 1 +
M README.md | 4 ++--
M conf/config.sh | 67 ++++++++++++++++++++++++-------
R conf/davpass -> conf/davpasswd | 0
M src/sacrist | 2 +-
M src/tomb/Makefile | 7 +++----
M src/tomb/kdf-keys/Makefile | 13 +++++++------
7 files changed, 66 insertions(+), 28 deletions(-)
---
(DIR) diff --git a/.gitignore b/.gitignore
t@@ -1,2 +1,3 @@
NOTES.md
.*.swp
+test/*
(DIR) diff --git a/README.md b/README.md
t@@ -15,8 +15,8 @@ files are once again unreadable.
Install the needed dependencies, some from the following list may vary
depending on the distro you are using:
```
-zsh cryptsetup libgcrypt20-dev apache2 wipe sshfs inotify-tools
-pinentry-curses pwgen gettext haveged sudo
+# zsh cryptsetup libgcrypt20-dev apache2 wipe sshfs inotify-tools
+pinentry-curses pwgen gettext haveged sudo
```
Clone this repository to the device you will be using.
(DIR) diff --git a/conf/config.sh b/conf/config.sh
t@@ -39,16 +39,22 @@
}
edit-sudo() {
- print "%coffin coffin=(ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)
- [[ $? = 0 ]] && print "Added coffin group to sudoers"
+ if [[ $1 == "add" ]]; then
+ print "%coffin `hostname`=(ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)
+ [[ $? = 0 ]] && print "Added coffin group to sudoers"
+ elif [[ $1 == "remove" ]]; then
+ tmp=`sed '/^%coffin / d' /etc/sudoers`
+ print $tmp | (EDITOR="tee" visudo)
+ [[ $? = 0 ]] && print "Removed coffin group from sudoers"
+ fi
}
# because all cool software has snowmen in them
[[ $1 == "snowman" ]] && {
pushd `pwd`/conf
- print "Creating coffin group..."
- groupadd coffin && print "Done!"
+ groupadd coffin && print "created coffin group"
+ gpasswd -a www-data coffin && print "added www-data to coffin group"
# ssl
print "Generating ssl certificate..."
t@@ -59,16 +65,18 @@ edit-sudo() {
return 1
}
- install -m 640 -d /etc/ssl/coffin
- install -m 440 coffin.pem /etc/ssl/coffin/
- install -m 400 coffin.key /etc/ssl/coffin/
+ install -Dm640 -d /etc/ssl/coffin
+ install -Dm440 coffin.pem /etc/ssl/coffin/
+ install -Dm400 coffin.key /etc/ssl/coffin/
print "Done!"
# Apache
- install -m 774 -g www-data -d /etc/apache2/DAV
- print "DAVLockDB /etc/apache2/DAV/DAVLock" >> /etc/apache2/apache2.conf
- install -m 600 davpasswd /etc/apache2/DAV/
- install -m 640 coffindav.conf /etc/apache2/sites-available/
+ install -Dm774 -g www-data -d /etc/apache2/DAV
+ [[ `grep '^DAVLockDB ' /etc/apache2/apache2.conf` ]] || {
+ print "DAVLockDB /etc/apache2/DAV/DAVLock" >> /etc/apache2/apache2.conf
+ }
+ install -Dm600 davpasswd /etc/apache2/DAV/
+ install -Dm640 coffindav.conf /etc/apache2/sites-available/
apachemods=(dav dav_fs dav_lock ssl)
print "Enabling Apache modules..."
t@@ -76,13 +84,15 @@ edit-sudo() {
a2enmod $i
done
- a2ensite coffindav.conf
+ # [[ -f /etc/apache2/sites-enabled/000-default.conf ]] && a2dissite 000-default.conf
+ [[ -f /etc/apache2/sites-enabled/coffindav.conf ]] || a2ensite coffindav.conf
+
/etc/init.d/apache2 restart
[[ -f /etc/init.d/ssh ]] && { /etc/init.d/ssh start }
- edit-sudo
+ edit-sudo add
- install -m 770 -g coffin -d /home/graveyard
+ install -Dm770 -g coffin -d /home/graveyard
# TODO: add initscript
t@@ -90,7 +100,7 @@ edit-sudo() {
print "######################################"
fprint=`openssl x509 -noout -in coffin.pem -fingerprint \
- awk -F\= '{print $2}'`
+ | awk -F\= '{print $2}'`
print "The fingerptint of your SSL certificate is: $fprint"
print "Compare it and/or set is as trusted when you connect to coffin."
print "######################################"
t@@ -98,7 +108,34 @@ edit-sudo() {
popd
}
+# `make uninstall`
[[ $1 == "unsnowman" ]] && {
print "Uninstalling coffin. Why? Why? Why?"
print "*cries*\n"
+
+ # /etc/init.d/coffin stop
+
+ # uncomment if you wish to revert apache
+ #revert=1
+ [[ $revert = 0 ]] || {
+ a2dissite coffindav.conf
+ a2ensite 000-default.conf
+ rm -rv /home/graveyard/DAV
+ rm -v /etc/apache2/sites-available/coffindav.conf
+
+ /etc/init.d/apache2 restart
+ }
+ sed -i '/^DAVLockDB / d' /etc/apache2/apache2.conf
+ [[ $? = 0 ]] && print "removed entry from apache2.conf"
+
+ # groupdel coffin
+ edit-sudo remove
+
+ # rm -v /etc/init.d/coffin
+ rm -rv /etc/ssl/coffin
+ rm -v ../src/tomb-kdb-hexencode
+ rm -v ../src/tomb-kdb-pbkdf2
+ rm -v ../src/tomb-kdb-pbkdf2-gensalt
+ rm -v ../src/tomb-kdb-pbkdf2-getiter
+ rm -v ../src/tomb
}
(DIR) diff --git a/conf/davpass b/conf/davpasswd
(DIR) diff --git a/src/sacrist b/src/sacrist
t@@ -54,7 +54,7 @@ KEYMOUNT="${KEYMOUNT:-/media/tombkey}" # Directory where keys get mounted
COFFINDOT="$KEYMOUNT/.coffin" # .coffin directory on the usb key
TTAB="$COFFINDOT/ttab" # Our ttab
HOOKS="$COFFINDOT/hook"
-TOMB="${TOMB:-/usr/local/bin/tomb}"
+TOMB="$R/src/tomb/tomb"
# Main
req=(happenz device)
(DIR) diff --git a/src/tomb/Makefile b/src/tomb/Makefile
t@@ -1,6 +1,6 @@
PROG = tomb
-PREFIX ?= /usr/local
-MANDIR ?= ${PREFIX}/share/man
+PREFIX = ../
+REALPREFIX = $(realpath $(PREFIX))
all:
@echo
t@@ -13,8 +13,7 @@ all:
@echo
install:
- install -Dm755 ${PROG} ${DESTDIR}${PREFIX}/bin/${PROG}
- install -Dm644 doc/${PROG}.1 ${DESTDIR}${MANDIR}/man1/${PROG}.1
+ install -Dm755 ${PROG} ${REALPREFIX}/${PROG}
@echo
@echo "Tomb is installed succesfully. To install language translations, make sure"
@echo "gettext is also installed, then 'cd extras/translations' and 'make install' there."
(DIR) diff --git a/src/tomb/kdf-keys/Makefile b/src/tomb/kdf-keys/Makefile
t@@ -1,5 +1,6 @@
-PREFIX ?= /usr/local
+PREFIX ?= ../../
+REALPREFIX = $(realpath $(PREFIX))
all:
$(CC) -O2 -o tomb-kdb-pbkdf2 pbkdf2.c -lgcrypt
t@@ -11,8 +12,8 @@ clean:
rm -f tomb-kdb-pbkdf2 tomb-kdb-pbkdf2-getiter tomb-kdb-pbkdf2-gensalt tomb-kdb-hexencode
install:
- install -Dm755 tomb-kdb-pbkdf2 ${DESTDIR}${PREFIX}/bin/tomb-kdb-pbkdf2
- install -Dm755 tomb-kdb-pbkdf2-getiter ${DESTDIR}${PREFIX}/bin/tomb-kdb-pbkdf2-getiter
- install -Dm755 tomb-kdb-pbkdf2-gensalt ${DESTDIR}${PREFIX}/bin/tomb-kdb-pbkdf2-gensalt
- install -Dm755 tomb-kdb-hexencode ${DESTDIR}${PREFIX}/bin/tomb-kdb-hexencode
- @echo "Tomb-kdb auxiliary binaries installed in ${DESTDIR}${PREFIX}/bin"
+ install -Dm755 tomb-kdb-pbkdf2 ${REALPREFIX}/tomb-kdb-pbkdf2
+ install -Dm755 tomb-kdb-pbkdf2-getiter ${REALPREFIX}/tomb-kdb-pbkdf2-getiter
+ install -Dm755 tomb-kdb-pbkdf2-gensalt ${REALPREFIX}/tomb-kdb-pbkdf2-gensalt
+ install -Dm755 tomb-kdb-hexencode ${REALPREFIX}/tomb-kdb-hexencode
+ @echo "Tomb-kdb auxiliary binaries installed in ${REALPREFIX}"