free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'stretch' of https://github.com/bashrc/freedombone

This commit is contained in:
Bob Mottram 2018-03-17 22:13:01 +00:00
parent 707d14b5d1 b2f92bbcc5
commit 47feb45691
3 changed files with 217 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

259
src/freedombone-controlpanel
View File

@ -1780,8 +1780,8 @@ function show_firewall {
echo $"Firewall Settings"
echo ''
while read -r line; do
firewall_name=$(awk "$line" -F '=' '{print $1}')
firewall_port=$(awk "$line" -F '=' '{print $2}')
firewall_name=$(echo "$line" | awk -F '=' '{print $1}')
firewall_port=$(echo "$line" | awk -F '=' '{print $2}')
echo -n -e "$(pad_string "${firewall_name}")"
echo "${firewall_port}"
done < "$FIREWALL_CONFIG"
@ -1881,29 +1881,25 @@ function email_smtp_proxy {
function menu_backup_restore {
while true
do
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Backup and Restore" \
--radiolist $"Choose an operation:" 19 70 12 \
1 $"Backup data to USB drive" off \
2 $"Restore GPG key from USB keydrive" off \
3 $"Restore data from USB drive" off \
4 $"Reinstall mariadb" off \
5 $"Configure remote backups" off \
6 $"Restore from remote backup" off \
7 $"Backup GPG key to USB (master keydrive)" off \
8 $"Backup GPG key to USB (fragment keydrive)" off \
9 $"Format a USB drive (LUKS encrypted)" off \
10 $"Remove backups from a USB drive" off \
11 $"Back to main menu" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
break;;
255) rm -f "$data"
break;;
esac
case $(cat "$data") in
W=(1 $"Backup data to USB drive"
2 $"Restore GPG key from USB keydrive"
3 $"Restore data from USB drive"
4 $"Reinstall mariadb"
5 $"Configure remote backups"
6 $"Restore from remote backup"
7 $"Backup GPG key to USB (master keydrive)"
8 $"Backup GPG key to USB (fragment keydrive)"
9 $"Format a USB drive (LUKS encrypted)"
10 $"Remove backups from a USB drive")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Backup and Restore" --menu $"Choose an operation, or ESC for main menu:" 19 70 12 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
break
fi
case $selection in
1) backup_data;;
2) restore_gpg_key;;
3) restore_data;;
@ -1914,36 +1910,29 @@ function menu_backup_restore {
8) create_keydrive_fragment;;
9) format_drive;;
10) remove_backups;;
11) rm -f "$data"
break;;
esac
rm -f "$data"
done
}
function menu_email {
while true
do
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Email Menu" \
--radiolist $"Choose an operation:" 15 70 8 \
1 $"Add a user to a mailing list" off \
2 $"Remove a user from a mailing list" off \
3 $"Add an email rule" off \
4 $"Block/Unblock an email address" off \
5 $"Block/Unblock email with subject text" off \
6 $"Outgoing Email Proxy" off \
7 $"Extra email domains" off \
8 $"Back to main menu" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
break;;
255) rm -f "$data"
break;;
esac
case $(cat "$data") in
W=(1 $"Add a user to a mailing list"
2 $"Remove a user from a mailing list"
3 $"Add an email rule"
4 $"Block/Unblock an email address"
5 $"Block/Unblock email with subject text"
6 $"Outgoing Email Proxy"
7 $"Extra email domains")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Email Menu" --menu $"Choose an operation, or ESC for main menu:" 15 70 8 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
break
fi
case $selection in
1) add_to_mailing_list;;
2) remove_user_from_mailing_list;;
3) email_rule;;
@ -1951,10 +1940,7 @@ function menu_email {
5) block_unblock_subject;;
6) email_smtp_proxy;;
7) email_extra_domains;;
8) rm -f "$data"
break;;
esac
rm -f "$data"
done
}
@ -2073,66 +2059,52 @@ function domain_blocking_show {
function domain_blocking {
while true
do
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Domain or User Blocking" \
--radiolist $"Choose an operation:" 14 60 6 \
1 $"Block a domain or user" off \
2 $"Unblock a domain or user" off \
3 $"Block an IP address" off \
4 $"Unblock an IP address" off \
5 $"Show blocked domains and users" off \
6 $"Back to main menu" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
break;;
255) rm -f "$data"
break;;
esac
case $(cat "$data") in
W=(1 $"Block a domain or user"
2 $"Unblock a domain or user"
3 $"Block an IP address"
4 $"Unblock an IP address"
5 $"Show blocked domains and users")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Domain or User Blocking" --menu $"Choose an operation, or ESC for main menu:" 13 70 6 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
break
fi
case $selection in
1) domain_blocking_add;;
2) domain_blocking_remove;;
3) ip_blocking_add;;
4) ip_blocking_remove;;
5) domain_blocking_show;;
6) rm -f "$data"
break;;
esac
rm -f "$data"
done
}
function menu_users {
while true
do
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Manage Users" \
--radiolist $"Choose an operation:" 13 70 6 \
1 $"Add a user" off \
2 $"Delete a user" off \
3 $"Change user password" off \
4 $"Change user ssh public key" off \
5 $"Reset password tries" off \
6 $"Back to main menu" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
break;;
255) rm -f "$data"
break;;
esac
case $(cat "$data") in
W=(1 $"Add a user"
2 $"Delete a user"
3 $"Change user password"
4 $"Change user ssh public key"
5 $"Reset password tries")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Manage Users" --menu $"Choose an operation, or ESC for main menu:" 13 70 6 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
break
fi
case $selection in
1) add_user;;
2) delete_user;;
3) change_password;;
4) change_ssh_public_key;;
5) reset_password_tries;;
6) rm -f "$data"
break;;
esac
rm -f "$data"
done
}
@ -2202,31 +2174,24 @@ function menu_wifi {
fi
fi
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Wifi Menu" \
--radiolist $"${status_str}\\n\\nChoose an operation:" 14 70 6 \
1 $"Enable or disable Wifi" off \
2 $"Configure wifi networks" off \
3 $"Manually edit wifi networks file" off \
4 $"Hotspot settings" off \
5 $"Exit" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
break;;
255) rm -f "$data"
break;;
esac
case $(cat "$data") in
W=(1 $"Enable or disable Wifi"
2 $"Configure wifi networks"
3 $"Manually edit wifi networks file"
4 $"Hotspot settings")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Wifi Menu" --menu $"${status_str}\\n\\nChoose an operation, or ESC for main menu:" 14 70 6 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
break
fi
case $selection in
1) wifi_enable;;
2) wifi_settings;;
3) wifi_edit_networks;;
4) hotspot_settings;;
5) rm -f "$data"
break;;
esac
rm -f "$data"
done
}
@ -2275,41 +2240,38 @@ function menu_app_settings {
function menu_top_level {
while true
do
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Control Panel" \
--radiolist $"Choose an operation:" 30 70 22 \
1 $"About this system" off \
2 $"Passwords" off \
3 $"Backup and Restore" off \
4 $"Show Firewall" off \
5 $"Verify Tripwire Code" off \
6 $"Reset Tripwire" off \
7 $"App Settings" off \
8 $"Add/Remove Apps" off \
9 $"Logging on/off" off \
10 $"Ping enable/disable" off \
11 $"Manage Users" off \
12 $"Email Menu" off \
13 $"Domain or User Blocking" off \
14 $"Security Settings" off \
15 $"Change the name of this system" off \
16 $"Set a static local IP address" off \
17 $"Wifi menu" off \
18 $"Add Clacks" off \
19 $"Check for updates" off \
20 $"Power off the system" off \
21 $"Restart the system" off \
22 $"Exit" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
W=(1 $"About this system"
2 $"Passwords"
3 $"Backup and Restore"
4 $"Show Firewall"
5 $"Verify Tripwire Code"
6 $"Reset Tripwire"
7 $"App Settings"
8 $"Add/Remove Apps"
9 $"Logging on/off"
10 $"Ping enable/disable"
11 $"Manage Users"
12 $"Email Menu"
13 $"Domain or User Blocking"
14 $"Security Settings"
15 $"Change the name of this system"
16 $"Set a static local IP address"
17 $"Wifi menu"
18 $"Add Clacks"
19 $"Check for updates"
20 $"Power off the system"
21 $"Restart the system")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Administrator Control Panel" --menu $"Choose an operation, or ESC to exit:" 28 60 28 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
break
fi
please_wait
case $(cat "$data") in
case $selection in
1) show_about;;
2) view_or_change_passwords;;
3) menu_backup_restore;;
@ -2335,10 +2297,7 @@ function menu_top_level {
19) check_for_updates;;
20) shut_down_system;;
21) restart_system;;
22) rm -f "$data"
break;;
esac
rm -f "$data"
done
}

172
src/freedombone-controlpanel-user
View File

@ -283,34 +283,25 @@ function gpg_set_trust {
fpr=$(gpg --with-colons --fingerprint "$TRUST_ADDRESS" | grep fpr | head -n 1 | awk -F ':' '{print $10}')
if [ ${#fpr} -gt 2 ]; then
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"Trust a PGP/GPG key or website domain" \
--radiolist $"Set the trust level for $TRUST_ADDRESS:" 18 70 10 \
1 $"I don't know or won't say" off \
2 $"I do NOT trust" off \
3 $"I trust marginally" on \
4 $"I trust fully" off \
5 $"I trust ultimately" off 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
return;;
255) rm -f "$data"
return;;
esac
TRUST_LEVEL=$(cat "$data")
if [ "${TRUST_LEVEL}" -ge 1 ] ; then
if [ "${TRUST_LEVEL}" -le 5 ] ; then
if echo -e "trust\\n${TRUST_LEVEL}\\ny\\nsave\\n" | gpg --command-fd 0 --edit-key "$fpr"; then
gpg --update-trustdb
dialog --title $"Trust a PGP/GPG key or website domain" \
--backtitle $"Freedombone User Control Panel" \
--msgbox $"$TRUST_ADDRESS was set to trust level ${TRUST_LEVEL}" 6 50
fi
fi
W=(1 $"I don't know or won't say"
2 $"I do NOT trust"
3 $"I trust marginally"
4 $"I trust fully"
5 $"I trust ultimately")
# shellcheck disable=SC2068
TRUST_LEVEL=$(dialog --backtitle $"Freedombone User Control Panel" --title $"Trust a PGP/GPG key or website domain" --menu $"Set the trust level for $TRUST_ADDRESS:" 18 70 10 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$TRUST_LEVEL" ]; then
return;
fi
if echo -e "trust\\n${TRUST_LEVEL}\\ny\\nsave\\n" | gpg --command-fd 0 --edit-key "$fpr"; then
gpg --update-trustdb
dialog --title $"Trust a PGP/GPG key or website domain" \
--backtitle $"Freedombone User Control Panel" \
--msgbox $"$TRUST_ADDRESS was set to trust level ${TRUST_LEVEL}" 6 50
fi
rm -f "$data"
fi
}
@ -732,29 +723,25 @@ function gpg_key_trust {
function menu_encryption_keys {
while true
do
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"My Encryption Keys" \
--radiolist $"Choose an operation:" 19 70 11 \
1 $"Show your PGP/GPG key" off \
2 $"Show your full PGP/GPG key, including private key" off \
3 $"Publish your PGP/GPG key so that others can find it" off \
4 $"Add someone's PGP/GPG key" off \
5 $"Remove someone's PGP/GPG key" off \
6 $"Sign a PGP/GPG key or website domain" off \
7 $"Refresh your PGP/GPG keys" off \
8 $"Add an ssh key for logging in" off \
9 $"Remove an ssh key for logging in" off \
10 $"Set the trust level for a PGP/GPG key" off \
11 $"Back to main menu" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
break;;
255) rm -f "$data"
break;;
esac
case $(cat "$data") in
W=(1 $"Show your PGP/GPG key"
2 $"Show your full PGP/GPG key, including private key"
3 $"Publish your PGP/GPG key so that others can find it"
4 $"Add someone's PGP/GPG key"
5 $"Remove someone's PGP/GPG key"
6 $"Sign a PGP/GPG key or website domain"
7 $"Refresh your PGP/GPG keys"
8 $"Add an ssh key for logging in"
9 $"Remove an ssh key for logging in"
10 $"Set the trust level for a PGP/GPG key")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone User Control Panel" --title $"My Encryption Keys" --menu $"Choose an operation, or ESC for main menu:" 19 70 11 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
break
fi
case $selection in
1) show_gpg_key;;
2) show_full_gpg_key;;
3) publish_gpg_key;;
@ -765,45 +752,35 @@ function menu_encryption_keys {
8) add_ssh_key;;
9) remove_ssh_key;;
10) gpg_key_trust;;
11) rm -f "$data"
break;;
esac
rm -f "$data"
done
}
function menu_email {
while true
do
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"Change Email Filtering Rules" \
--radiolist $"Choose an operation:" 14 70 7 \
1 $"Add yourself to a mailing list" off \
2 $"Remove yourself from a mailing list" off \
3 $"Add an email rule for an address" off \
4 $"Add an email rule for a subject" off \
5 $"Block or unblock an email address" off \
6 $"Block or unblock email with subject text" off \
7 $"Back to main menu" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
break;;
255) rm -f "$data"
break;;
esac
case $(cat "$data") in
W=(1 $"Add yourself to a mailing list"
2 $"Remove yourself from a mailing list"
3 $"Add an email rule for an address"
4 $"Add an email rule for a subject"
5 $"Block or unblock an email address"
6 $"Block or unblock email with subject text")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone User Control Panel" --title $"Change Email Filtering Rules" --menu $"Choose an operation, or ESC for main menu:" 14 70 7 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
break
fi
case $selection in
1) add_to_mailing_list;;
2) remove_user_from_mailing_list;;
3) email_rule_address;;
4) email_rule_subject;;
5) block_unblock_email;;
6) block_unblock_subject;;
7) rm -f "$data"
break;;
esac
rm -f "$data"
done
}
@ -899,28 +876,24 @@ function show_your_email_address {
function menu_top_level {
while true
do
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"User Control Panel" \
--radiolist $"Choose an operation:" 20 60 13 \
1 $"Use Email" off \
2 $"Show your Email Address" off \
3 $"Change Email Filtering/Blocking Rules" off \
4 $"Run an App" off \
5 $"Browse the Web" off \
6 $"My Encryption Keys" off \
7 $"Set an outgoing email proxy" off \
8 $"Administrator controls" off \
9 $"Exit to the command line" off \
10 $"Log out" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
case $(cat "$data") in
W=(1 $"Use Email"
2 $"Show your Email Address"
3 $"Change Email Filtering/Blocking Rules"
4 $"Run an App"
5 $"Browse the Web"
6 $"My Encryption Keys"
7 $"Set an outgoing email proxy"
8 $"Administrator controls"
9 $"Exit to the command line")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone User Control Panel" --title $"User Control Panel" --menu $"Choose an operation, or ESC to log out:" 20 60 13 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
kill -HUP "$(pgrep -s 0 -o)"
break
fi
case $selection in
1) mutt;;
2) show_your_email_address;;
3) menu_email;;
@ -929,11 +902,8 @@ function menu_top_level {
6) menu_encryption_keys;;
7) smtp_proxy;;
8) menu_admin;;
9) rm -f "$data"
break;;
10) kill -HUP "$(pgrep -s 0 -o)";;
9) break;;
esac
rm -f "$data"
done
}

106
src/freedombone-sec
View File

@ -924,86 +924,66 @@ function remove_tor_bridge_relay {
}
function menu_tor_bridges {
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Tor Bridges" \
--radiolist $"Choose an operation:" 14 50 6 \
1 $"Show bridges" off \
2 $"Add a bridge" off \
3 $"Remove a bridge" off \
4 $"Make this system into a bridge" off \
5 $"Stop being a bridge" off \
6 $"Go Back/Exit" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
W=(1 $"Show bridges"
2 $"Add a bridge"
3 $"Remove a bridge"
4 $"Make this system into a bridge"
5 $"Stop being a bridge")
case $(cat "$data") in
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Security Settings" --menu $"Choose an operation, or ESC to go back:" 14 50 6 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
exit 0
fi
case $selection in
1)
show_tor_bridges
rm -f "$data"
exit 0
;;
2)
add_tor_bridge
rm -f "$data"
exit 0
;;
3)
remove_tor_bridge
rm -f "$data"
exit 0
;;
4)
add_tor_bridge_relay
rm -f "$data"
exit 0
;;
5)
remove_tor_bridge_relay
rm -f "$data"
exit 0
;;
6)
rm -f "$data"
exit 0
;;
esac
rm -f "$data"
}
function menu_security_settings {
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Security Settings" \
--radiolist $"Choose an operation:" 23 76 23 \
1 $"Run STIG tests" off \
2 $"Fix STIG test failures" off \
3 $"Show ssh host public key" off \
4 $"Tor bridges" off \
5 $"Password storage" off \
6 $"Export passwords" off \
7 $"Regenerate ssh host keys" off \
8 $"Regenerate Diffie-Hellman keys" off \
9 $"Update cipersuite" off \
10 $"Create a new Let's Encrypt certificate" off \
11 $"Renew Let's Encrypt certificate" off \
12 $"Delete a Let's Encrypt certificate" off \
13 $"Enable GPG based authentication (monkeysphere)" off \
14 $"Register a website with monkeysphere" off \
15 $"Allow ssh login with passwords" off \
16 $"Go Back/Exit" on 2> "$data"
sel=$?
case $sel in
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
W=(1 $"Run STIG tests"
2 $"Fix STIG test failures"
3 $"Show ssh host public key"
4 $"Tor bridges"
5 $"Password storage"
6 $"Export passwords"
7 $"Regenerate ssh host keys"
8 $"Regenerate Diffie-Hellman keys"
9 $"Update cipersuite"
10 $"Create a new Let's Encrypt certificate"
11 $"Renew Let's Encrypt certificate"
12 $"Delete a Let's Encrypt certificate"
13 $"Enable GPG based authentication (monkeysphere)"
14 $"Register a website with monkeysphere"
15 $"Allow ssh login with passwords")
# shellcheck disable=SC2068
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Security Settings" --menu $"Choose an operation, or ESC to exit:" 23 76 23 "${W[@]}" 3>&2 2>&1 1>&3)
if [ ! "$selection" ]; then
exit 0
fi
clear
@ -1019,13 +999,12 @@ function menu_security_settings {
import_settings
export_settings
case $(cat "$data") in
case $selection in
1)
clear
echo $'Running STIG tests...'
echo ''
${PROJECT_NAME}-tests --stig showall
rm -f "$data"
exit 0
;;
2)
@ -1034,28 +1013,23 @@ function menu_security_settings {
echo ''
${PROJECT_NAME}-tests --stig fix
echo $'Fixes applied. You will need to run the STIG tests again to be sure that they were all fixed.'
rm -f "$data"
exit 0
;;
3)
dialog --title $"SSH host public keys" \
--msgbox "\n$(get_ssh_server_key)" 12 60
rm -f "$data"
--msgbox "\\n$(get_ssh_server_key)" 12 60
exit 0
;;
4)
menu_tor_bridges
rm -f "$data"
exit 0
;;
5)
store_passwords
rm -f "$data"
exit 0
;;
6)
export_passwords
rm -f "$data"
exit 0
;;
7)
@ -1086,15 +1060,9 @@ function menu_security_settings {
15)
allow_ssh_passwords
change_ssh_settings
rm -f "$data"
exit 0
;;
16)
rm -f "$data"
exit 0
;;
esac
rm -f "$data"
change_website_settings
change_imap_settings