Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 26 Nov 2014, 16:25
All times are UTC - 4
 Forum index » House Training » HOWTO ( Solutions )
How to Build a Locked-Down Installation of Puppy
Moderators: Flash, Ian, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 5 Posts_count   Goto page: 1, 2, 3, 4, 5 Next
Author Message
rcrsn51


Joined: 05 Sep 2006
Posts: 9260
Location: Stratford, Ontario

PostPosted: Sun 12 Apr 2009, 22:32    Post_subject:  How to Build a Locked-Down Installation of Puppy  

The forum often has requests for a method to lock down Puppy so nothing can be changed. Many of the replies involve remastering the Live CD. Here is another procedure that may be simpler to manage.

The basic idea is to create a pup_save file and make a backup copy of it. Whenever Puppy is booted, the backup version is copied onto the current version. The user always starts with a pristine pup_save and any changes that are made during a session will disappear on the next boot.

Because this will involve modifying the Puppy initrd.gz file, you may want to make a backup copy in case of problems. Or, if necessary, you can boot off the Live CD and copy the original version from the CD.

The attachment below contains MU's editinit script. Unpack it and save the script in /mnt/home in the the same folder as the initrd.gz file.

Note: Your /mnt/home folder must be formatted as ext for this procedure to work. If it is a FAT or NTFS partition, copy the initrd.gz file into /root. Make the changes and copy it back to its original location.

While still in the Puppy folder, open a terminal and type the command:
Code:
./editinit

This will unpack the initrd.gz and open it in leafpad.

Locate the line ##### FINDING PUPPY FILES ##### . In old Puppies, it will be somewhere between lines 300 and 500. In new Puppies it's closer to 700.

In the space ABOVE this line, add the following code. This example is designed for an install of Puppy 4.3.1 on partition sda1 in the folder puppy431. Its savefile is named pup_save.2fs. You will need to modify it for your particular setup.

Code:
mount /dev/sda1 /mnt/data
cp /mnt/data/puppy431/pup_save.bak /mnt/data/puppy431/pup_save.2fs
umount /mnt/data

For an install of Slacko on sda2 in a folder using a 3fs savefile, it would be
Code:
mount /dev/sda2 /mnt/data
cp /mnt/data/slacko/slackosave.bak /mnt/data/slacko/slackosave.3fs
umount /mnt/data

On a FAT32 flash drive, use
Code:
sleep 3
mount -t vfat /dev/sdb1 /mnt/data
cp /mnt/data/slackosave.bak /mnt/data/slackosave.3fs
umount /mnt/data


Save and exit. MU's script will repack the initrd.gz.

Reboot Puppy and verify that it still works. At the moment, nothing has changed because the pup_save.bak file does not exist yet.

Configure your Puppy install. When done, boot off the Live CD using the "puppy pfix=ram" option. Go to the Puppy folder and rename your pup_save.2fs as pup_save.bak.

Reboot normally. As a test, add or delete some files. Reboot. The original setup will be restored.

You may eventually need to modify your locked-down pup_save file. Run Puppy, make the changes and exit as usual. Boot from the Live CD with "puppy pfix=ram". Delete the old pup_save.bak. Rename the updated pup_save.2fs as pup_save.bak.

It's also easy to unlock the machine. Just delete the pup_save.bak.

This procedure should also solve the problem of unattended machines that experience a power failure and need a manual "xwin" restart.
editinit.tar.gz
Description 
gz

 Download 
Filename  editinit.tar.gz 
Filesize  241 Bytes 
Downloaded  744 Time(s) 

Edited_times_total
Back to top
View user's profile Send_private_message 
kayan


Joined: 14 Feb 2008
Posts: 90
Location: India

PostPosted: Thu 23 Apr 2009, 15:11    Post_subject:  

thanks that was informative Very Happy
_________________
SAHARA laptop intel celeron M 1.4 GHz/ 768Mb Ram /40GB ,SIS 661 chipset,
Back to top
View user's profile Send_private_message 
Ray MK


Joined: 05 Feb 2008
Posts: 767
Location: UK

PostPosted: Thu 23 Apr 2009, 17:24    Post_subject:  

Hi

Extremely useful info - must try

Best regards - Ray
Back to top
View user's profile Send_private_message 
ComputerBob


Joined: 26 Jan 2009
Posts: 57
Location: The Beautiful Sunshine State

PostPosted: Thu 23 Apr 2009, 20:23    Post_subject:  

On a default frugal install, would the lock-down procedure prevent users from saving browser bookmarks, word processing documents, etc., or are those things saved by default to /mnt/home or somewhere else outside of the pup_save file?
_________________
ComputerBob.com - Making Geek-Speak Chic™
News, Views, Information, Software, Help & Fun - Every Day
ComputerBob.com
Back to top
View user's profile Send_private_message Visit_website 
rcrsn51


Joined: 05 Sep 2006
Posts: 9260
Location: Stratford, Ontario

PostPosted: Fri 24 Apr 2009, 10:21    Post_subject:  

Most (all?) applications will save by default to /root, so any user data would be lost on a reboot. But there are ways around this.

In Firefox, you can move the hidden profile from /root/.mozilla to /mnt/home outside of the pup_save and replace it with a symlink.

You could do the same thing with any configuration folders like .gxine where the playlist is stored.

Similarly, the folder /root/my-documents could be symlinked to an external location. Users would just need to remember to save to that folder instead of directly into /root.
Back to top
View user's profile Send_private_message 
ComputerBob


Joined: 26 Jan 2009
Posts: 57
Location: The Beautiful Sunshine State

PostPosted: Fri 24 Apr 2009, 13:00    Post_subject:  

That's what I suspected, but I wasn't sure. Thanks for confirming it!
_________________
ComputerBob.com - Making Geek-Speak Chic™
News, Views, Information, Software, Help & Fun - Every Day
ComputerBob.com
Back to top
View user's profile Send_private_message Visit_website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sun 18 Jul 2010, 18:22    Post_subject:  

rcrsn51 thanks indeed for sharing this way to do it.

I've not tested it yet but it sure looks very interesting.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 05:44    Post_subject:  

Thanks for the guide Smile

Any help please with editing the initrd.gz file? using the script fails as it relies on having leafpad which was not installed.
so I installed leafpad with no change! Leafpad is unable to read the file. (some kind of language encoding error..)

edited the file on a windows machine using notepad++ however more issues copying the script into the file where described, anyhow linux panic crashed when loading the file after repacking with 7zip.

Am using macpup520
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sun 22 May 2011, 06:13    Post_subject:  

Could this inird.gz editor change the needed part and rebuild it in same way and using geany editior instead?
http://www.murga-linux.com/puppy/viewtopic.php?t=67805

or can the original script change to geany or has it to do with Leafpad being able to do things that Geany fail to do. Export in a particular format or something?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9260
Location: Stratford, Ontario

PostPosted: Sun 22 May 2011, 08:26    Post_subject:  

Quote:
Any help please with editing the initrd.gz file? using the script fails as it relies on having leafpad which was not installed.


Open the editinit script in a text editor and change Line 10 from "leafpad init" to "geany init".

To turn on line numbering in Geany, look in View > Editor.
Back to top
View user's profile Send_private_message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 11:57    Post_subject:  

Thanks,

Also changed the script to open geany which results in an open page, empty with only one line. noted the error message "encoding not supported"

Already tried unpacking the file manually and have attempted to open with every text editor available, with no luck.


Also tried opening the file with the appropriate devx loaded

am still trying though, perhaps an older live puppy cd? I'm not without some resources yet am new to Linux Smile


Meanwhile am working on the above inird.gz editor script
Back to top
View user's profile Send_private_message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 12:37    Post_subject:  

ok, watching the process I see the initrd.gz file unpacked, which creates a directory named "puppy-init" and a file named initrd the reason leaf or geany or any other text editor can not open the files is because neither file is a text file.

There are however text files buried within the directory "puppy-init" not of them are the correct file. I have previously seen the text entry we are looking for but so far have not been able to edit it..

It is my observation that the file "init" is not being unpacked correctly..


The only file which only remotely resembles the file described is one named "debug-init" ??


Both scripts unpack and repack (occasionally with some error..) however the file "init" can not be found..

Edited_time_total
Back to top
View user's profile Send_private_message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9260
Location: Stratford, Ontario

PostPosted: Sun 22 May 2011, 13:04    Post_subject:  

I just did a fresh frugal install of Macpup520 in an ext3 partition.

I copied the editinit script to the same location as the initrd.gz file and ran it.

The script ran correctly. However, it uses NicoEdit as a replacement for leafpad. This happens in most recent Puppies where leafpad has been replaced with NicoEdit.

So I have no idea why you are getting different results. Have you changed your locale to something other than the default? Are you working in an ext partition?
Back to top
View user's profile Send_private_message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 13:20    Post_subject:  

WOW!! thanks for testing the script


Sad this means I'm officially going out of my mind Sad


yes ext3 partition and yes the default editor is NicoEdit however none of the text editors can find a file to open

used both scripts which unpack to directories named "puppy-init" or "initrd-editor" but no text editor can find any file to open

Sad

Edited_time_total
Back to top
View user's profile Send_private_message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 13:28    Post_subject:  

As far as the local is concerned I am completely baffled and exhausted by the directory hierarchy structure despite much reading on the topic. I'm absolutely confused as to the need for so many hard links... While I fully understand symbolic linking am still trying to understand this structure.. but am going to save this for another day Smile

Meanwhile when booted to a live cd I found the initrd.gz in /mnt/sda1/puppy520 within a fugal install, so I placed the scripts in this directory and ran them from there..

Edited_times_total
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 5 Posts_count   Goto page: 1, 2, 3, 4, 5 Next
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » House Training » HOWTO ( Solutions )
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0841s ][ Queries: 13 (0.0041s) ][ GZIP on ]