Bläddra i källkod

Reboot after hrng setup

Bob Mottram 10 år sedan
förälder
incheckning
3ae61a3937
1 ändrade filer med 13 tillägg och 14 borttagningar
  1. 13
    14
      install-freedombone.sh

+ 13
- 14
install-freedombone.sh Visa fil

@@ -157,10 +157,8 @@ function random_number_generator {
157 157
   if [ $USE_HWRNG == "yes" ]; then
158 158
     apt-get -y install rng-tools
159 159
     sed -i 's|#HRNGDEVICE=/dev/hwrng|HRNGDEVICE=/dev/hwrng|g' /etc/default/rng-tools
160
-    # TODO there should be a system restart at this point to enable /dev/hwrng
161
-    service rng-tools restart
162
-	# Test that it works
163
-	cat /dev/hwrng | rngtest -c 1000
160
+    echo 'random_number_generator' >> $COMPLETION_FILE
161
+    reboot
164 162
   else
165 163
 	apt-get -y install haveged
166 164
   fi
@@ -346,11 +344,21 @@ function configure_firewall {
346 344
   echo 'configure_firewall' >> $COMPLETION_FILE
347 345
 }
348 346
 
347
+function save_firewall_settings {
348
+  iptables-save > /etc/firewall.conf
349
+  ip6tables-save > /etc/firewall6.conf
350
+  printf '#!/bin/sh\n' > /etc/network/if-up.d/iptables
351
+  printf 'iptables-restore < /etc/firewall.conf\n' >> /etc/network/if-up.d/iptables
352
+  printf 'ip6tables-restore < /etc/firewall6.conf\n' >> /etc/network/if-up.d/iptables
353
+  chmod +x /etc/network/if-up.d/iptables
354
+}
355
+
349 356
 function configure_firewall_for_ssh {
350 357
   if [ grep -Fxq "configure_firewall_for_ssh" $COMPLETION_FILE ]; then
351 358
 	  return
352 359
   fi
353 360
   iptables -A INPUT -i eth0 -p tcp --dport $SSH_PORT -j ACCEPT
361
+  save_firewall_settings
354 362
   echo 'configure_firewall_for_ssh' >> $COMPLETION_FILE
355 363
 }
356 364
 
@@ -362,18 +370,10 @@ function configure_firewall_for_email {
362 370
   iptables -A INPUT -i eth0 -p tcp --dport 587 -j ACCEPT
363 371
   iptables -A INPUT -i eth0 -p tcp --dport 465 -j ACCEPT
364 372
   iptables -A INPUT -i eth0 -p tcp --dport 993 -j ACCEPT
373
+  save_firewall_settings
365 374
   echo 'configure_firewall_for_email' >> $COMPLETION_FILE
366 375
 }
367 376
 
368
-function save_firewall_settings {
369
-  iptables-save > /etc/firewall.conf
370
-  ip6tables-save > /etc/firewall6.conf
371
-  printf '#!/bin/sh\n' > /etc/network/if-up.d/iptables
372
-  printf 'iptables-restore < /etc/firewall.conf\n' >> /etc/network/if-up.d/iptables
373
-  printf 'ip6tables-restore < /etc/firewall6.conf\n' >> /etc/network/if-up.d/iptables
374
-  chmod +x /etc/network/if-up.d/iptables
375
-}
376
-
377 377
 function configure_internet_protocol {
378 378
   if [ grep -Fxq "configure_internet_protocol" $COMPLETION_FILE ]; then
379 379
 	  return
@@ -826,7 +826,6 @@ time_synchronisation
826 826
 configure_firewall
827 827
 configure_firewall_for_ssh
828 828
 configure_firewall_for_email
829
-save_firewall_settings
830 829
 configure_internet_protocol
831 830
 script_to_make_self_signed_certificates
832 831
 configure_email