...
 
Commits (23)
build-cd
*__pycache__*
#!/bin/sh
# Enable clean room script
systemctl enable pgp-clean-room
#!/bin/sh
# Remove networking stuff
apt purge --yes isc-dhcp-client ifupdown
[Unit]
Description=PGP Clean Room
After=multi-user.target
Conflicts=getty@tty1.service
[Service]
User=pgp
Type=simple
Restart=always
ExecStart=/usr/local/bin/pgp-clean-room
TTYPath=/dev/tty1
TTYReset=yes
TTYVHangup=yes
StandardInput=tty-force
StandardOutput=inherit
StandardError=inherit
[Install]
WantedBy=default.target
#!/usr/bin/python3
from snack import *
import subprocess
from pgpcr import *
screen = SnackScreen()
ret = ButtonChoiceWindow(screen,"Welcome to PGP Clean Room!", "What do you wish to do?", ["GPG", "PKI", "Run Shell", "Quit"] )
screen.finish()
if ret == "gpg":
gpg.main()
elif ret == "pki":
pki.main()
elif ret == "run shell":
subprocess.run(["/bin/bash", "-l"])
elif ret == "quit":
subprocess.run(["/usr/bin/sudo", "shutdown", "now"])
from snack import *
def password():
screen = SnackScreen()
pass1 = Entry(20, password=1)
pass2 = Entry(20, password=1)
ew = EntryWindow(screen, "Password", "Enter your password", [("Password:", pass1), ("Password (again):", pass2)])
screen.finish()
if pass1.value() != pass2.value():
error("Passwords do not match!")
return password()
elif pass1.value() == "":
error("Password cannot be empty!")
return password()
return pass1.value()
def error(msg):
screen = SnackScreen()
ButtonChoiceWindow(screen, "Error", msg, ['Ok'])
screen.finish()
from snack import *
from . import common
def main():
screen = SnackScreen()
bcw = ButtonChoiceWindow(screen, "GPG", "What do you wish to do?", ["New GPG Key", "Mount GPG Key", "Quit to Main Menu"])
screen.finish()
if bcw == "new gpg key":
gengpgkey()
print("Not Implemented Yet")
elif bcw == "mount gpg key":
print("Not Implemented Yet")
def gengpgkey():
screen = SnackScreen()
ew = EntryWindow(screen, "New GPG Key", "Enter User Information", ["Name", "Email Address"])
screen.finish()
name = ew[1][0]
email = ew[1][1]
pw = common.password()
print(name,email,pw)
rsync
pciutils
less
cups
hplip
printer-driver-hpcups
haveged
gnupg2
gnupg-agent
libpth20
pinentry-curses
libccid
pcscd
scdaemon
libksba8
paperkey
opensc
libgfshare-bin
strongswan-starter
mdadm
btrfs-tools
secure-delete
python3-newt
......@@ -21,11 +21,13 @@ fi
WORK_DIR=`pwd`/build-cd
if [ -e "${WORK_DIR}" ];
then
echo "${WORK_DIR} already exists, aborting."
exit 1
echo "${WORK_DIR} already exists, cleaning (requires root)"
cd "${WORK_DIR}"
sudo lb clean --all
else
mkdir -p "${WORK_DIR}"
cd "${WORK_DIR}"
fi
mkdir -p "${WORK_DIR}"
cd "${WORK_DIR}"
if [ ! -z "$LIVE_FLAVOUR" ];
then
......@@ -33,7 +35,7 @@ then
fi
lb config \
--distribution jessie \
--distribution stretch \
--debian-installer live \
--binary-images iso-hybrid \
--archive-areas "main" \
......@@ -43,10 +45,6 @@ lb config \
mkdir -p config/package-lists
#echo task-gnome-desktop > config/package-lists/desktop.list.chroot
echo "rsync pciutils less cups hplip printer-driver-hpcups haveged gnupg2 gnupg-agent libpth20 pinentry-curses libccid pcscd scdaemon libksba8 paperkey opensc libgfshare-bin strongswan-starter mdadm btrfs-tools secure-delete" > config/package-lists/custom.list.chroot
rsync -ar "${RESOURCE_DIR}/" .
# must do this with root, not just fakeroot
......