Index: scripts/crypt_setup.sh =================================================================== diff -u -r0b8105f416aad119a9d58a407dbf84e79fe72aa1 -rccddb9de7bc94036e130e034b1de67dca00e028d --- scripts/crypt_setup.sh (.../crypt_setup.sh) (revision 0b8105f416aad119a9d58a407dbf84e79fe72aa1) +++ scripts/crypt_setup.sh (.../crypt_setup.sh) (revision ccddb9de7bc94036e130e034b1de67dca00e028d) @@ -32,7 +32,7 @@ ERR_CRYPTSETUP_MOUNT_TYPE=131 ERR_CRYPTSETUP_MOUNT_OPEN=132 ERR_CRYPTSETUP_MOUNT_MOUNT=133 -ERR_CRYPTSETUP_MOUNT_MOUNT=134 +ERR_CRYPTSETUP_MOUNT_ISMOUNT=134 # is used in Application do not modify [DeviceController] LOC_DEV="/dev/mmcblk0p7" LOC_DIR="configurations" @@ -52,7 +52,7 @@ function isMounted() { if [ "$( sudo mount | grep "$DEV_MNT" )" != "" ]; then echo "partition already mounted" - exit $ERR_CRYPTSETUP_MOUNT_MOUNT + exit $ERR_CRYPTSETUP_MOUNT_ISMOUNT fi } Index: scripts/globals.sh =================================================================== diff -u -r0b8105f416aad119a9d58a407dbf84e79fe72aa1 -rccddb9de7bc94036e130e034b1de67dca00e028d --- scripts/globals.sh (.../globals.sh) (revision 0b8105f416aad119a9d58a407dbf84e79fe72aa1) +++ scripts/globals.sh (.../globals.sh) (revision ccddb9de7bc94036e130e034b1de67dca00e028d) @@ -103,7 +103,8 @@ LAUNCH_SCR=run.sh SETUP_CONF_FILE="setup.conf" -SETUP_ENABLE_MANUFACTURING_MODE="ManufacturingMode 1" +SETUP_ENABLE_MANUFACTURING_MODE="ManufacturingMode" +SETUP_ENABLE_UpdatingING_MODE="UpdatingMode" APPLICATION_PARAMS="&" Index: scripts/lockdown.sh =================================================================== diff -u -r0b8105f416aad119a9d58a407dbf84e79fe72aa1 -rccddb9de7bc94036e130e034b1de67dca00e028d --- scripts/lockdown.sh (.../lockdown.sh) (revision 0b8105f416aad119a9d58a407dbf84e79fe72aa1) +++ scripts/lockdown.sh (.../lockdown.sh) (revision ccddb9de7bc94036e130e034b1de67dca00e028d) @@ -195,58 +195,61 @@ chmod -R o-rwx /home/denali chmod u+rx /home/denali/denali - # Give read-only access to denali by making the group owner. - mkdir -p /var/configurations/CloudSync - chown -R cloud.denali /var/configurations/CloudSync - chmod -R g-w,g+r,o-rwx /var/configurations/CloudSync + # ***** denali + # Give read-write access to denali by making it the owner. + mkdir -p /media/sd-card/log + chown -R denali.denali /media/sd-card/log + mkdir -p /media/sd-card/service + chown -R denali.denali /media/sd-card/service + # Give read-only access to cloud by making the group owner. mkdir -p /var/configurations/treatment chown -R denali.cloud /var/configurations/treatment chmod -R g-w,g+r,o-rwx /var/configurations/treatment # Give read-only access to cloud by making the group owner. - mkdir -p /var/configurations/treatment/pending/ + mkdir -p /var/configurations/treatment/pending chown -R denali.cloud /var/configurations/treatment/pending/ chmod -R g-w,g+r,o-rwx /var/configurations/treatment/pending/ + # Give read-only access to Settings/Systems + chown -R denali.denali /var/configurations/Settings + # ***** cloud # Give read-only access to denali by making the group owner. + chown -R cloud.denali /var/configurations/CloudSync + chmod -R g-w,g+r,o-rwx /var/configurations/CloudSync + + # Give read-only access to denali by making the group owner. mkdir -p /media/sd-card/cloudsync chown -R cloud.denali /media/sd-card/cloudsync chmod -R u+rw,g+rw,o-rwx /media/sd-card/cloudsync - # Give read-write access to denali by making it the owner. - mkdir -p /media/sd-card/log - chown -R denali.denali /media/sd-card/log - - mkdir -p /media/sd-card/service - chown -R denali.denali /media/sd-card/service - # Set the immutable attribute for all of the files. chattr -R +i /home/cloud/* chattr -R +i /home/denali/* # Add Denali and Cloud to other user groups as needed. usermod -a -G video denali usermod -a -G input denali - usermod -a -G tty denali + usermod -a -G tty denali } function cleanup() { # ----------------------------------------- Remove the setup files post_log_dash " Remove the setup files " - + rm $SETUP_CONF_FILE rm /home/root/setup.sh rm -frd $HOME/.ssh rm -frd /media/sd-card/* - + } function main() { cleanup - + secureDenali secureCloudSync @@ -256,7 +259,7 @@ secureIPTables secureSsh - + } # Running the main function Index: scripts/setup.sh =================================================================== diff -u -r0b8105f416aad119a9d58a407dbf84e79fe72aa1 -rccddb9de7bc94036e130e034b1de67dca00e028d --- scripts/setup.sh (.../setup.sh) (revision 0b8105f416aad119a9d58a407dbf84e79fe72aa1) +++ scripts/setup.sh (.../setup.sh) (revision ccddb9de7bc94036e130e034b1de67dca00e028d) @@ -153,28 +153,32 @@ iptables -A INPUT -p icmp --icmp-type echo-request -s $CloudSync_DRT_SERVER_IP -j ACCEPT } -function manufacturingMode() { - if [ "$(grep $SETUP_ENABLE_MANUFACTURING_MODE $SETUP_CONF_FILE)" != "" ]; then +function executionMode() { + if [ "$(grep $SETUP_ENABLE_MANUFACTURING_MODE $SETUP_CONF_FILE)" = "" ]; then # -E for Maunufacturing mode # -a for disabling the non-minimizable Alarms + APPLICATION_PARAMS="-U -a" + else + # -U for Updating mode + # -a for disabling the non-minimizable Alarms APPLICATION_PARAMS="-E -a" - enableDRT - applicationPOST - testApplicationShasum_setup - startCloudSync_setup - startApplication_setup fi + enableDRT + applicationPOST + testApplicationShasum_setup + startCloudSync_setup + startApplication_setup } function main() { disable_autostart format_sdcard set_timezone - set_datetime "$1" "$2" + # set_datetime "$1" "$2" diable_b2qt_services setup_denali enable_autostart - manufacturingMode + executionMode } main "$1" "$2" Index: scripts/start.sh =================================================================== diff -u -r0b8105f416aad119a9d58a407dbf84e79fe72aa1 -rccddb9de7bc94036e130e034b1de67dca00e028d --- scripts/start.sh (.../start.sh) (revision 0b8105f416aad119a9d58a407dbf84e79fe72aa1) +++ scripts/start.sh (.../start.sh) (revision ccddb9de7bc94036e130e034b1de67dca00e028d) @@ -142,13 +142,13 @@ # 2 - The UI still needs to be executed to decrypt the /var/configurations, otherwise the configurations can not be updated, # and I don't have the ability to just decrypt and exit right now. # Note: after the Cybersecurity release I will improve the user experience and will make it easier for manufacturing. - CONTINUE="y" +# CONTINUE="y" -# echo_star_comment -# echo_star_message "Do you want to run in the Manufacturing Mode?" -# echo_star_comment -# read -p "Continue? [y,n]" -n 1 -r CONTINUE -# echo "" # to echo prompts on new line + echo_star_comment + echo_star_message "Do you want to run in the Manufacturing Mode?" + echo_star_comment + read -p "Continue? [y,n]" -n 1 -r CONTINUE + echo "" # to echo prompts on new line if [ "$CONTINUE" == "y" ]; then sshRun "echo $SETUP_ENABLE_MANUFACTURING_MODE > $SETUP_CONF_FILE" echo_star_message "Set the setup in manufacturing mode" @@ -232,10 +232,12 @@ function connect() { echo_dash_comment - echo_dash_message "please ssh into device $DST_IP and run ./setup.sh " + echo_dash_message "please ssh into device $DST_IP and run ./setup.sh" echo_dash_comment read -p "Hit enter to continue" sshRun # the setup.sh has to run on the device while user has logged into the device. + #TODO needs to handle the SD-Card format question + # sshRun "./setup.sh" # the setup.sh has to run on the device while user has logged into the device. } function wipe_device() { Index: scripts/usb_mount.sh =================================================================== diff -u -r2f75b72d23e1a377fd13805c12cc897df912e5c6 -rccddb9de7bc94036e130e034b1de67dca00e028d --- scripts/usb_mount.sh (.../usb_mount.sh) (revision 2f75b72d23e1a377fd13805c12cc897df912e5c6) +++ scripts/usb_mount.sh (.../usb_mount.sh) (revision ccddb9de7bc94036e130e034b1de67dca00e028d) @@ -1,29 +1,29 @@ -#!/bin/sh -########################################################################### -# -# Copyright (c) 2021-2023 Diality Inc. - All Rights Reserved. -# -# THIS CODE MAY NOT BE COPIED OR REPRODUCED IN ANY FORM, IN PART OR IN -# WHOLE, WITHOUT THE EXPLICIT PERMISSION OF THE COPYRIGHT OWNER. -# -# @file unmountUSB.sh -# -# @author (last) Behrouz NematiPour -# @date (last) 11-May-2021 -# @author (original) Behrouz NematiPour -# @date (original) 11-May-2021 -# -############################################################################ - -# $1 - usb device -# $2 - usb drive -# eg. sudo mount -o "noexec,sync,nodev,nosuid" /dev/sda1 /media/usb/ -sudo mount -o "noexec,sync,nodev,nosuid" $1 $2 -if [ $? == 0 ]; then - echo "" - exit 0 -else - echo "usb drive $2 cannot be mounted." - exit 1001 -fi - +#!/bin/sh +########################################################################### +# +# Copyright (c) 2021-2023 Diality Inc. - All Rights Reserved. +# +# THIS CODE MAY NOT BE COPIED OR REPRODUCED IN ANY FORM, IN PART OR IN +# WHOLE, WITHOUT THE EXPLICIT PERMISSION OF THE COPYRIGHT OWNER. +# +# @file unmountUSB.sh +# +# @author (last) Behrouz NematiPour +# @date (last) 11-May-2021 +# @author (original) Behrouz NematiPour +# @date (original) 11-May-2021 +# +############################################################################ + +# $1 - usb device +# $2 - usb drive +# eg. sudo mount -o "noexec,sync,nodev,nosuid" /dev/sda1 /media/usb/ +sudo mount -o "noexec,sync,nodev,nosuid" $1 $2 +if [ $? == 0 ]; then + echo "" + exit 0 +else + echo "usb drive $2 cannot be mounted." + exit 1001 +fi + Index: scripts/usb_unmount.sh =================================================================== diff -u -r2f75b72d23e1a377fd13805c12cc897df912e5c6 -rccddb9de7bc94036e130e034b1de67dca00e028d --- scripts/usb_unmount.sh (.../usb_unmount.sh) (revision 2f75b72d23e1a377fd13805c12cc897df912e5c6) +++ scripts/usb_unmount.sh (.../usb_unmount.sh) (revision ccddb9de7bc94036e130e034b1de67dca00e028d) @@ -1,28 +1,28 @@ -#!/bin/sh -########################################################################### -# -# Copyright (c) 2021-2023 Diality Inc. - All Rights Reserved. -# -# THIS CODE MAY NOT BE COPIED OR REPRODUCED IN ANY FORM, IN PART OR IN -# WHOLE, WITHOUT THE EXPLICIT PERMISSION OF THE COPYRIGHT OWNER. -# -# @file unmountUSB.sh -# -# @author (last) Behrouz NematiPour -# @date (last) 11-May-2021 -# @author (original) Behrouz NematiPour -# @date (original) 11-May-2021 -# -############################################################################ - -# $1 - usb device -# $2 - usb drive -sudo umount $2 -if [ $? == 0 ]; then - echo "" - exit 0 -else - echo "usb drive $2 cannot be unmounted." - exit 1001 -fi - +#!/bin/sh +########################################################################### +# +# Copyright (c) 2021-2023 Diality Inc. - All Rights Reserved. +# +# THIS CODE MAY NOT BE COPIED OR REPRODUCED IN ANY FORM, IN PART OR IN +# WHOLE, WITHOUT THE EXPLICIT PERMISSION OF THE COPYRIGHT OWNER. +# +# @file unmountUSB.sh +# +# @author (last) Behrouz NematiPour +# @date (last) 11-May-2021 +# @author (original) Behrouz NematiPour +# @date (original) 11-May-2021 +# +############################################################################ + +# $1 - usb device +# $2 - usb drive +sudo umount $2 +if [ $? == 0 ]; then + echo "" + exit 0 +else + echo "usb drive $2 cannot be unmounted." + exit 1001 +fi +