Index: scripts/decommission.sh =================================================================== diff -u --- scripts/decommission.sh (revision 0) +++ scripts/decommission.sh (revision 171d48df58e510ae24a2abed14c52af564b375ee) @@ -0,0 +1,236 @@ +#!/bin/sh + +########################################################################### +# +# Copyright (c) 2021-2023 Diality Inc. - All Rights Reserved. +# +# THIS CODE MAY NOT BE COPIED OR REPRODUCED IN ANY FORM, IN PART OR IN +# WHOLE, WITHOUT THE EXPLICIT PERMISSION OF THE COPYRIGHT OWNER. +# +# @file decommission.sh +# +# @author (last) Vy Duong +# @date (last) 26-May-2023 +# @author (original) Vy Duong +# @date (original) 26-May-2023 +# +############################################################################ + +# @details +# This file is called by UI Software to decommission the device + +#TODO This script needs to be integrated with the globals.sh + +ERR_REMOVE_PRM_DIR=150 +ERR_REMOVE_PRM_FIL=151 +ERR_REMOVE_CMD_DIR=152 +ERR_REMOVE_CMD_FIL=153 +ERR_REMOVE_DEL_DIR=154 +ERR_REMOVE_DEL_FIL=155 + +ERR_CLEAN_SETTINGS_CONF_PASSNOTFOUNT=159 +ERR_CLEAN_SETTINGS_CONF_OVERWRITE=160 +ERR_CLEAN_SETTINGS_DFLT_RESTORE=161 + +ERR_CLEAN_LOGS=162 + +ERR_COUDSYNC_TOKENS=163 + +LOC_WIFI_CONFIGURATION="/etc/wpa_supplicant/wpa_supplicant-wlan0.conf" +LOC_BLUETOOTH_DEVCACHE="/var/lib/bluetooth/" +LOC_SETTINGS_CONF="/var/configurations/Settings/System.conf" +LOC_SETTINGS_DFLT="/var/configurations/Settings/System.dflt" +LOC_LOG_BASE_FOLDER="/media/sd-card/" +LOC_TX_LOG_BASE_FOLDER="/var/configurations/treatment/" +LOC_COUDSYNC_TOKENS="/var/configurations/CloudSync/" + +TRUE=1 +FALSE=0 +function false() { echo $FALSE; } +function true () { echo $TRUE ; } + +# check if the passed argument is a non-zero number +function isNonZero () + # $1 - mutant: the argument to be detected +{ + local _ok_=$FALSE + if [[ $1 =~ ^[0-9]+$ ]]; then + if (( $1 )); then + _ok_=$TRUE + fi + fi + echo $_ok_ +} + +# checks if the passed argument is a number +function isNumber () + # $1 - mutant: the argument to be detected +{ + local _ok_=$FALSE + if [[ $1 =~ ^[0-9]+$ ]]; then + _ok_=$TRUE + fi + echo $_ok_ +} + +# checks if the passed argument is a directory +function isDirectory() + # $1 - string: the argument to be detected +{ + local _ok_=$FALSE + if [[ -d $1 ]]; then + _ok_=$TRUE + fi + echo $_ok_ +} + +# checks if the passed argument is a file +function isFile() + # $1 - string: the argument to be detected +{ + local _ok_=$FALSE + if [[ -f $1 ]]; then + _ok_=$TRUE + fi + echo $_ok_ +} + +# checks if the passed argument exists +function exits() + # $1 - string: the argument to be detected +{ + local _ok_=$FALSE + if [[ -e $1 ]]; then + _ok_=$TRUE + fi + echo $_ok_ +} + +# exits with the exit code if the condistion ($1) is non-zero +function exitError () + # $1 - number: boolean result to exit if non-zero, with exit code + # $1 - number: exit code + # $2 - string: echo message [optional] +{ + if (( $2 )); then + echo $3 + fi + + if (( $(isNonZero $1) )); then + exit $2 + fi +} + +# removes all the files in the directory and subdirectory in a recursive manner +function clearFolderContent() + # $1 - Directory path + # $2 - Directory alias name +{ + local _has_error_=$[ ! $(isDirectory $1)] + exitError $_has_error_ $ERR_REMOVE_PRM_DIR "'$1' is not a directory" + + rm -rf "$1/*/*" + _has_error_=$? + exitError $_has_error_ $ERR_REMOVE_CMD_DIR "Failed $2 folder deletion" + + list=("$1"/*) + fileCount=${#list[@]} + _has_error_=$fileCount + exitError $_has_error_ $ERR_REMOVE_DEL_DIR "Remained '$fileCount' file(s) undeleted" +} + +# exits rm command fails or if file was not removed +function removeSingleFile() + # $1 - path to file + # $2 - file alias name +{ + local _has_error_=$[ ! $(isFile $1)] + exitError $_has_error_ $ERR_REMOVE_PRM_FIL "'$1' is not a file" + + rm "$1" + _has_error_=$? + exitError $_has_error_ $ERR_REMOVE_CMD_FIL "Failed $2 file deletion" + + _has_error_=$(exists $1) + exitError $_has_error_ $ERR_REMOVE_DEL_FIL "Remained $2 file undeleted" +} + +function deleteWiFi() { + SCRIPTS=/home/$(whoami)/scripts + $SCRIPTS/wifi_disconnect_network.sh wlan0 +} + +function deleteBluetooth() { + SCRIPTS=/home/$(whoami)/scripts + $SCRIPTS/bluetooth_paired_clear.sh +} + +function defaultSettings() { + local _has_error_=$FALSE + + cp $LOC_SETTINGS_DFLT $LOC_SETTINGS_CONF # reset the settings to default settings + _has_error_=$? + exitError $_has_error_ $ERR_CLEAN_SETTINGS_CONF_OVERWRITE "Service settings overwrite failed" +} + +function deleteLogFiles() { + # handling log deletion in a special manner: + # - Log files generated today + # - are not deleted + # - not part of the checking whether deletion was successful + # - setting maxDepth to 2 due to path used is root level with sd-card/ folders of logs + find "$LOC_LOG_BASE_FOLDER" -maxdepth 2 -type f -daystart -mtime +0 | xargs rm + _has_error_=!$? + exitError $_has_error_ $ERR_REMOVE_CMD_FIL "Log file deletion" + + fileCount=$(find "$LOC_LOG_BASE_FOLDER" -maxdepth 2 -type f -daystart -mtime +0 | wc -l) + _has_error_=$fileCount + exitError $_has_error_ $ERR_REMOVE_DEL_FIL "Remained '$fileCount' file undeleted" + + # Deleting treatment logs in encrypted partition: + find "$LOC_TX_LOG_BASE_FOLDER" -maxdepth 2 -type f | xargs rm + + _has_error_=!$? + exitError $_has_error_ $ERR_REMOVE_CMD_FIL "Tx Log file deletion" + + fileCount=$(find "$LOC_TX_LOG_BASE_FOLDER" -maxdepth 2 -type f | wc -l) + _has_error_=$fileCount + exitError $_has_error_ $ERR_REMOVE_DEL_FIL "Remained '$fileCount' file undeleted" +} + +function deletePartitionPassword() { + # TODO it is not clear how + # and by the way it is not user dependent password toget reset + # it is managed by UI App and it will be working regardless of the user. + # ./crupt_setup + echo "" # cannot be empty, syntax error +} + +function deleteCloudSyncTokens() { + # TODO this will always fail due to the fact that + # the security design, makes any Linux user responsible for each application/service + # therfore denali user does not have access to the cloud user files + # and cannot delete the CloudSync tokens and credentials. + clearFolderContent $LOC_COUDSYNC_TOKENS "CloudSync Tokens" $ERR_COUDSYNC_TOKENS +} + +# delete WiFi settings +# delete Bluetooth settings +# settings.conf to default (including service password) +# delete logs +# delete service password + +# delete partition password +# delete cloudsync tokens +function main() { + deleteWiFi + deleteBluetooth + defaultSettings + deleteLogFiles + deletePartitionPassword + deleteCloudSyncTokens +} + +main +echo "" +exit 0 Index: scripts/factory_reset.sh =================================================================== diff -u --- scripts/factory_reset.sh (revision 0) +++ scripts/factory_reset.sh (revision 171d48df58e510ae24a2abed14c52af564b375ee) @@ -0,0 +1,242 @@ +#!/bin/sh + +########################################################################### +# +# Copyright (c) 2021-2023 Diality Inc. - All Rights Reserved. +# +# THIS CODE MAY NOT BE COPIED OR REPRODUCED IN ANY FORM, IN PART OR IN +# WHOLE, WITHOUT THE EXPLICIT PERMISSION OF THE COPYRIGHT OWNER. +# +# @file factory_reset.sh +# +# @author (last) Vy Duong +# @date (last) 26-May-2023 +# @author (original) Vy Duong +# @date (original) 26-May-2023 +# +############################################################################ + +# @details +# This file is called by UI Software to remove and reset the device + +#TODO This script needs to be integrated with the globals.sh + +ERR_REMOVE_PRM_DIR=150 +ERR_REMOVE_PRM_FIL=151 +ERR_REMOVE_CMD_DIR=152 +ERR_REMOVE_CMD_FIL=153 +ERR_REMOVE_DEL_DIR=154 +ERR_REMOVE_DEL_FIL=155 + +ERR_CLEAN_SETTINGS_CONF_PASSNOTFOUND=159 +ERR_CLEAN_SETTINGS_CONF_OVERWRITE=160 +ERR_CLEAN_SETTINGS_DFLT_RESTORE=161 + +ERR_CLEAN_LOGS=162 + +LOC_WIFI_CONFIGURATION="/etc/wpa_supplicant/wpa_supplicant-wlan0.conf" +LOC_BLUETOOTH_DEVCACHE="/var/lib/bluetooth/" +LOC_SETTINGS_CONF="/var/configurations/Settings/System.conf" +LOC_SETTINGS_DFLT="/var/configurations/Settings/System.dflt" +LOC_LOG_BASE_FOLDER="/media/sd-card/" +LOC_TX_LOG_BASE_FOLDER="/var/configurations/treatment/" +LOC_SCRIPTS=$HOME/scripts +LOC_SCRIPTS_BRIGHTNESS=$LOC_SCRIPTS/brightness_set.sh + +DEFAULT_BRIGHTNESS_LEVEL=10 + + +TRUE=1 +FALSE=0 +function false() { echo $FALSE; } +function true () { echo $TRUE ; } + +# check if the passed argument is a non-zero number +function isNonZero () + # $1 - mutant: the argument to be detected +{ + local _ok_=$FALSE + if [[ $1 =~ ^[0-9]+$ ]]; then + if (( $1 )); then + _ok_=$TRUE + fi + fi + echo $_ok_ +} + +# checks if the passed argument is a number +function isNumber () + # $1 - mutant: the argument to be detected +{ + local _ok_=$FALSE + if [[ $1 =~ ^[0-9]+$ ]]; then + _ok_=$TRUE + fi + echo $_ok_ +} + +# checks if the passed argument is a directory +function isDirectory() + # $1 - string: the argument to be detected +{ + local _ok_=$FALSE + if [[ -d $1 ]]; then + _ok_=$TRUE + fi + echo $_ok_ +} + +# checks if the passed argument is a file +function isFile() + # $1 - string: the argument to be detected +{ + local _ok_=$FALSE + if [[ -f $1 ]]; then + _ok_=$TRUE + fi + echo $_ok_ +} + +# checks if the passed argument exists +function exists() + # $1 - string: the argument to be detected +{ + local _ok_=$FALSE + if [[ -e $1 ]]; then + _ok_=$TRUE + fi + echo $_ok_ +} + +# exits with the exit code if the condition ($1) is non-zero +function exitError () + # $1 - number: boolean result to exit if non-zero, with exit code + # $1 - number: exit code + # $2 - string: echo message [optional] +{ + if (( $2 )); then + echo "$3" + fi + + if (( $(isNonZero $1) )); then + exit $2 + fi +} + +# removes all the files in the directory and sub-directory in a recursive manner +function clearFolderContent() + # $1 - Directory path + # $2 - Directory alias name +{ + local _has_error_=$[ ! $(isDirectory $1)] + exitError $_has_error_ $ERR_REMOVE_PRM_DIR "'$1' is not a directory" + + rm -rf "$1/*/*" + _has_error_=$? + exitError $_has_error_ $ERR_REMOVE_CMD_DIR "Failed $2 folder deletion" + + list=("$1"/*) + fileCount=${#list[@]} + _has_error_=$fileCount + exitError $_has_error_ $ERR_REMOVE_DEL_DIR "Remained '$fileCount' file(s) undeleted" +} + +# exits rm command fails or if file was not removed +function removeSingleFile() + # $1 - path to file + # $2 - file alias name +{ + local _has_error_=$[ ! $(isFile $1)] + exitError $_has_error_ $ERR_REMOVE_PRM_FIL "'$1' is not a file" + + rm -f "$1" + _has_error_=$? + exitError $_has_error_ $ERR_REMOVE_CMD_FIL "Failed $2 file deletion" + + _has_error_=$(exists $1) + exitError $_has_error_ $ERR_REMOVE_DEL_FIL "Remained $2 file undeleted" +} + +function deleteWiFi() { + SCRIPTS=/home/$(whoami)/scripts + $SCRIPTS/wifi_disconnect_network.sh wlan0 +} + +function deleteBluetooth() { + SCRIPTS=/home/$(whoami)/scripts + $SCRIPTS/bluetooth_paired_clear.sh +} + +function defaultSettings() { + local _has_error_=$FALSE + + servicePasswordLine=$(grep -A1 "\[Service\]" "$LOC_SETTINGS_CONF" | grep Password) # store the service password line + _has_error_= [[ -z "$servicePasswordLine" ]] + exitError $_has_error_ $ERR_CLEAN_SETTINGS_CONF_PASSNOTFOUND "Password not found in '$LOC_SETTINGS_CONF'" + + cp $LOC_SETTINGS_DFLT $LOC_SETTINGS_CONF # reset the settings to default settings + _has_error_=$? + exitError $_has_error_ $ERR_CLEAN_SETTINGS_CONF_OVERWRITE "Service settings overwrite failed" + + sed -i "s/^.*Password.*$/$servicePasswordLine/" $LOC_SETTINGS_CONF # keep the service password + _has_error_=$? + exitError $_has_error_ $ERR_CLEAN_SETTINGS_DFLT_RESTORE "Service password restore failed" +} + +function defaultBrightness() { + $LOC_SCRIPTS_BRIGHTNESS $DEFAULT_BRIGHTNESS_LEVEL +} + +function deleteLogFiles() { + # handling log deletion in a special manner: + # - Log files generated today + # - are not deleted + # - not part of the checking whether deletion was successful + # - setting maxDepth to 2 due to path used is root level with sd-card/ folders of logs + # NOTE: find command always return true / non-zero! when using with exec + # TODO: Checking the file count should be fixed later + + # Remove the contents of the log folder + rm "$LOC_LOG_BASE_FOLDER"/log/* + _has_error_=!$? + exitError $_has_error_ $ERR_REMOVE_CMD_FIL "Log file deletion" + + # Remove the contents of the service folder + rm "$LOC_LOG_BASE_FOLDER"/service/* + _has_error_=!$? + exitError $_has_error_ $ERR_REMOVE_CMD_FIL "Service file deletion" + + fileCount=$(find "$LOC_LOG_BASE_FOLDER" -maxdepth 2 -type f -daystart -mtime +0 | wc -l) + _has_error_=$fileCount + exitError $_has_error_ $ERR_REMOVE_DEL_FIL "Remained '$fileCount' file undeleted" + + # Deleting treatment logs in encrypted partition: + find "$LOC_TX_LOG_BASE_FOLDER" -maxdepth 2 -type f | xargs rm + + _has_error_=!$? + exitError $_has_error_ $ERR_REMOVE_CMD_FIL "Tx Log file deletion" + + fileCount=$(find "$LOC_TX_LOG_BASE_FOLDER" -maxdepth 2 -type f | wc -l) + _has_error_=$fileCount + exitError $_has_error_ $ERR_REMOVE_DEL_FIL "Remained '$fileCount' file undeleted" +} + +# delete WiFi settings +# delete Bluetooth settings +# settings.conf to default +# brightness to default (10) +# delete logs +# keep partition password +# keep service password +# keep cloudsync tokens +function main() { + deleteWiFi + deleteBluetooth + defaultSettings + defaultBrightness + deleteLogFiles +} + +main +echo "" +exit 0 Index: scripts/rootsshaccess.sh =================================================================== diff -u --- scripts/rootsshaccess.sh (revision 0) +++ scripts/rootsshaccess.sh (revision 171d48df58e510ae24a2abed14c52af564b375ee) @@ -0,0 +1,123 @@ +#!/bin/sh +########################################################################### +# +# Copyright (c) 2021-2023 Diality Inc. - All Rights Reserved. +# +# THIS CODE MAY NOT BE COPIED OR REPRODUCED IN ANY FORM, IN PART OR IN +# WHOLE, WITHOUT THE EXPLICIT PERMISSION OF THE COPYRIGHT OWNER. +# +# @file ssh_access.sh +# +# @author (last) Behrouz NematiPour +# @date (last) 23-aug-2023 +# @author (original) Behrouz NematiPour +# @date (original) 23-aug-2023 +# +############################################################################ + +TERM=dumb + +ECHO_STRING="ssh connection" +SSHD_CONFIG="/etc/ssh/sshd_config" +ERR_EXECUTION=201 + +_enable=1 +_disable=0 + +#TODO Move to globals.sh +function check_num() { + if [ $1 != 0 ]; then + echo "$1" + exit $ERR_EXECUTION + fi +} + + +function sshd_set() { + if [ $_enable == $1 ]; then + sudo systemctl start sshd.socket + check_num $? ", started" + else + # is is always disabled but to make sure and be backward compatible will do it again. + sudo systemctl disable sshd.socket + check_num $? ", disabled" + # stop the ssh service + sudo systemctl stop sshd.socket + check_num $? ", stopped" + fi +} + +function sshd_get() { + out=$(sudo systemctl status sshd.socket | grep "Active: active (listening)") + if [ -n "$out" ]; then + echo $_enable + else + echo $_disable + fi +} + +function root_set() { + if [ $_enable == $1 ]; then + sudo sed -i '/PermitRootLogin/c\PermitRootLogin yes' $SSHD_CONFIG + check_num $? " enabled" + else + sudo sed -i '/PermitRootLogin/c\PermitRootLogin no' $SSHD_CONFIG + check_num $? " disalbed" + fi +} + +function root_get() { + if [ "$(grep -ir "^PermitRootLogin" $SSHD_CONFIG | tr -s ' ' | cut -f2 -d' ')" == "yes" ]; then + echo $_enable + else + echo $_disable + fi +} + +function handleCommand() { + local state=$1 + # sshd and root + local sshd_disable=0 # 0 0 + local sshd_enable=1 # 1 0 + local root_enable=2 # 1 1 + + case $1 in + $sshd_disable) + sshd_set $_disable + root_set $_disable + ;; + $sshd_enable) + sshd_set $_enable + root_set $_disable + ;; + $root_enable) + sshd_set $_enable + root_set $_enable + ;; + esac +} + +function toCheckState() { + local sshd=$(sshd_get) + local root=$(root_get) + case $sshd in + $_disable) + echo 0 + ;; + $_enable) + echo $(( $sshd + $root )) + ;; + esac +} + +case "$#" in + 0) + echo $(toCheckState) + ;; + 1) + handleCommand $1 + ;; +esac + +echo "" +exit 0