This file is indexed.

/usr/sbin/bbstored-config is in boxbackup-server 0.11.1~r2837-1.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
#!/usr/bin/perl
use strict;

# should be running as root
if($> != 0)
{
	printf "\nWARNING: this should be run as root\n\n"
}

# check and get command line parameters
if($#ARGV < 2)
{
	print <<__E;

Setup bbstored config utility.

Bad command line parameters.
Usage:
    bbstored-config config-dir server-hostname username [raidfile-config]

Parameters:
    config-dir       is usually /etc/boxbackup
    server-hostname  is the hostname that clients will use to connect to
                     this server
    username         is the user to run the server under
    raidfile-config  is optional. Use if you have a non-standard
                     raidfile.conf file.

__E
	exit(1);
}

# check for OPENSSL_CONF environment var being set
if(exists $ENV{'OPENSSL_CONF'})
{
	print <<__E;

---------------------------------------

WARNING:
    You have the OPENSSL_CONF environment variable set.
    Use of non-standard openssl configs may cause problems.

---------------------------------------

__E
}

# default locations
my $default_config_location = '/etc/boxbackup/bbstored.conf';

# command line parameters
my ($config_dir,$server,$username,$raidfile_config) = @ARGV;

$raidfile_config = $config_dir . '/raidfile.conf' unless $raidfile_config ne '';

# check server exists, but don't bother checking that it's actually this machine.
{
	my @r = gethostbyname($server);
	if($#r < 0)
	{
		die "Server '$server' not found. (check server name, test DNS lookup failed.)"
	}
}

# check this exists
if(!-f $raidfile_config)
{
	print "The RaidFile configuration file $raidfile_config doesn't exist.\nYou may need to create it with raidfile-config.\nWon't configure bbstored without it.\n";
	exit(1);
}

# check that the user exists
die "You shouldn't run bbstored as root" if $username eq 'root';
my $user_uid = 0;
(undef,undef,$user_uid) = getpwnam($username);
if($user_uid == 0)
{
	die "User $username doesn't exist\n";
}

# check that directories are writeable
open RAIDCONF,$raidfile_config or die "Can't open $raidfile_config";
{
	my %done = ();
	while(<RAIDCONF>)
	{
		next unless m/Dir\d\s*=\s*(.+)/;
		my $d = $1;
		$d = $d.'/backup' if -e $d.'/backup';
		print "Checking permissions on $d\n";
		my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = stat($d);
		my $req_perms = ($uid == $user_uid)?0700:0007;
		if(($mode & $req_perms) != $req_perms)
		{
			print "$username doesn't appear to have the necessary permissions on $d\n";
			print "Either adjust permissions, or create a directory 'backup' inside the\n";
			print "directory specified in raidfile.conf which is writable.\n";
			exit(1);
		}
	}
}
close RAIDCONF;

# ssl stuff
my $private_key = "$config_dir/bbstored/$server-key.pem";
my $certificate_request = "$config_dir/bbstored/$server-csr.pem";
my $certificate = "$config_dir/bbstored/$server-cert.pem";
my $ca_root_cert = "$config_dir/bbstored/clientCA.pem";

# other files
my $config_file = "$config_dir/bbstored.conf";
my $accounts_file = "$config_dir/bbstored/accounts.txt";

# summarise configuration

print <<__E;

Setup bbstored config utility.

Configuration:
   Writing configuration file: $config_file
   Writing empty accounts file: $accounts_file
   Server hostname: $server
   RaidFile config: $raidfile_config

__E

# create directories
if(!-d $config_dir)
{
	print "Creating $config_dir...\n";
	mkdir $config_dir,0755 or die "Can't create $config_dir";
}

if(!-d "$config_dir/bbstored")
{
	print "Creating $config_dir/bbstored\n";
	mkdir "$config_dir/bbstored",0755 or die "Can't create $config_dir/bbstored";
}

# create blank accounts file
if(!-f $accounts_file)
{
	print "Creating blank accounts file\n";
	open ACC,">$accounts_file";
	close ACC;
}

# generate the private key for the server
if(!-f $private_key)
{
	print "Generating private key...\n";
	if(system("openssl genrsa -out $private_key 2048") != 0)
	{
		die "Couldn't generate private key."
	}
}

# generate a certificate request
if(!-f $certificate_request)
{
	die "Couldn't run openssl for CSR generation" unless
		open(CSR,"|openssl req -new -key $private_key -sha1 -out $certificate_request");
	print CSR <<__E;
.
.
.
.
.
$server
.
.
.

__E
	close CSR;
	print "\n\n";
	die "Certificate request wasn't created.\n" unless -f $certificate_request
}

# write the configuration file
print "Writing configuration file $config_file\n";
open CONFIG,">$config_file" or die "Can't open config file for writing";
print CONFIG <<__E;

RaidFileConf = $raidfile_config
AccountDatabase = $accounts_file

# Uncomment this line to see exactly what commands are being received from clients.
# ExtendedLogging = yes

# scan all accounts for files which need deleting every 15 minutes.

TimeBetweenHousekeeping = 900

Server
{
	PidFile = /var/run/bbstored.pid
	User = $username
	ListenAddresses = inet:$server
	CertificateFile = $certificate
	PrivateKeyFile = $private_key
	TrustedCAsFile = $ca_root_cert
}


__E

close CONFIG;

# explain to the user what they need to do next
my $daemon_args = ($config_file eq $default_config_location)?'':" $config_file";

print <<__E;

===================================================================

bbstored basic configuration complete.

What you need to do now...

1) Sign $certificate_request
   using the bbstored-certs utility.

2) Install the server certificate and root CA certificate as
      $certificate
      $ca_root_cert

3) You may wish to read the configuration file
      $config_file
   and adjust as appropraite.

4) Create accounts with bbstoreaccounts

5) Start the backup store daemon with the command
      /usr/local/sbin/bbstored$daemon_args
   in /etc/rc.local, or your local equivalent.

===================================================================

__E