Stuff that has not yet gone into the official build.
Post a reply

Re: (experimental) Alternative usb installation method

Sat Feb 09, 2013 4:32 pm

Here it is.
http://distro.ibiblio.org/refracta/test ... b02.tar.gz

Installation _______

Unpack the tarball somewhere in your home directory and then cd to the
resulting refracta2usb directory. See readme.txt. Then run the script.

Code:
   tar -xvzf refracta2usb.tar.gz
   cd refracta2usb
   bash refracta2usb.sh


Prepare a usb stick _______

Plug in usb stick and see what the device name is with:
Code:
dmesg | tail


Zero the beginning of the device: (might be optional)
Code:
   dd if=/dev/zero of=/dev/sdX bs=512 count=4096


Run gparted:
Select the correct drive from the drop-down menu in the upper right corner.
Menu bar - select Device - Create Partition Table
Create a fat32 partition big enough to hold the image, and maybe
enough extra for future images. (e.g. 1000 MiB) Label it if you want.
You can optionally create a second partition at this time and format
it to ext2. Do not label it.
Apply all operations.
Set the fat32 partition to be bootable. (Right-click, Manage Flags, boot)

Note: If the usb stick was formatted as fat32 to begin with, you could
just resize it to make room for the second partition. No need to create
a new partition table.

Exit gparted and run the command:
Code:
   install-mbr /dev/<sdX>      (do this if you zeroed the device)


You might need to unplug and re-plug in the device at this time.

Create a live-USB system _______

Run refracta2usb:
Choose which task you'd like. There are three.

1. Create a live-USB using files taken from a live-CD .iso file.
This is the normal mode. The program asks you which iso file and usb
stick you'd like to use, mounts both the iso and the usb, copies
files from the iso to the usb, copies syslinux files and custom
hooks from its own library to the usb device, and makes the usb
bootable with syslinux.

2. Create a live-USB using files taken from a running live session.
You can do this if you don't want to install Refracta to hard drive.
Files are copied from the running system. (/lib/live/mount/medium)
Burn the iso to a CD and boot into the live system. Then follow this
guide.

3. Update a previously prepared usb stick with a newer (or older)
image, without reformatting the stick. Lets you choose the iso file
and usb device, copies files as in #1 above, but does not copy
syslinux files or run syslinux command. If the stick already
contains a /live/hooks folder, hooks are preserved and not replaced
with the ones from the program's library.

When it's done, you should be able to boot from the usb stick.
Last edited by fsmithred on Sat Feb 09, 2013 4:45 pm, edited 1 time in total.

Re: (experimental) Alternative usb installation method

Sat Feb 09, 2013 4:41 pm

Creating an encrypted /home _______

You'll need to have a second partition on the usb device. Recommended
format is ext2. Don't label this partition. If you didn't create this
during the previous partitioning, do it now.

Boot from usb into the live system. Open a root terminal. Create an
encrypted volume, open it, create a filesystem, mount it and label it if
you want. The disk label will show up on the desktop when the encrypted
volume is opened.
Code:
   cryptsetup luksFormat /dev/sdx2
   cryptsetup luksOpen /dev/sdx2 <label>
   mke2fs -t ext2 /dev/sdx2
   mount /dev/mapper/<label> /mnt
   (optional) e2label /dev/mapper/<label>  <disk-label>

To copy the contents of /home to the second partition, you need to drop
to console. Press ctrl-alt-F1 (or F2) and log in as root. Note the trailing slashes on the rsync command!
Code:
   (slash)etc/init.d/lightdm stop
   rsync -av /home/ /mnt/

Shut down. Plug the usb stick into a running system. Get the uuid of the
encrypted volume (/dev/sdx2) with:
Code:
   /sbin/blkid

Open the system volume (the fat32) and edit syslinux/live.cfg, adding
the uuid to the "use hooks" boot entry. Paste in the uuid immediately
after "lukshome=" like this:
Code:
   label with_hooks
      menu label Refracta (use hooks)
      kernel /live/vmlinuz quiet
      append initrd=/live/initrd.img boot=live ip=frommedia union=aufs config=hooks hooks=file:///lib/live/mount/medium/live/hooks/hookscript lukshome=728B-0851728B-0851728B-0851

When you reboot into the usb stick, choose the "use hooks" item from the
boot menu. You will then have an encrypted, persistent home directory.

Re: (experimental) Alternative usb installation method

Sat Feb 09, 2013 7:45 pm

Tested here, using beta9 image (lukshome, not yet). Boots fine. I like it and will use this simpler version myself in future. Thanks for tidying it up.

Extra options used in snapshot2usb will be done seperately in future, So if you want to use the name "snapshot2usb" I won't be doing any more.

A few observations:

Image size was incorrectly reported as 170M

The reason I used pv while the copy happens, was to get a progress readout (it can take a while)

Some notes on extra cmdline options to suit usb might be helpful (noprompt bootfrom=removable showmounts swapon)

I had in the past uppercase problems with the first directory made in a newly-formatted FAT part. It didn't seem to happen this time, maybe because rsync is used rather than mkdir.

It won't work for non-Refracta images (but that is simple to change, see below)

The yad dialog is good but a 3rd-party-app dependency is not.

######################################################

I tried using /isolinux from the image like this (device and mountpoints are for me only):

Code:
USBDEV=sdb1

USBMOUNTPOINT=/media/refracta-usb

# must exist and iso already mounted
ISOMOUNTPOINT=/media/isomount

pmount $USBDEV $USBMOUNTPOINT

cp -a $ISOMOUNTPOINT/isolinux $USBMOUNTPOINT/syslinux

mv $USBMOUNTPOINT/syslinux/isolinux.cfg $USBMOUNTPOINT/syslinux/syslinux.cfg

# -I stops grep processing binaries
ISOLINUX_REFS=$(grep -Ir isolinux $USBMOUNTPOINT |awk -F ":" '{print $1}')

for i in $ISOLINUX_REFS; do sed -i 's:isolinux:syslinux:'g $i; done

pumount $USBDEV

syslinux -d syslinux /dev/$USBDEV


It worked (with the image's default menu) and should work like that for any isolinux-based Debian image.

Re: (experimental) Alternative usb installation method

Sun Feb 10, 2013 8:46 pm

mkusbcrypt
http://distro.ibiblio.org/refracta/testing/mkusbcrypt
This script takes a partition on a usb stick and makes prepares it for use as an encrypted home.



When you partition the usb stick, make a second partition, formatted ext2.
Run refracta2usb to put OS on the first partition.
Boot the usb stick.
Get mkusbcrypt at the above link (or figure out how to sftp it to the running live system.)
Drop to console: ctrl-alt-F1 and log in as root.
Run the script. It will kill your xsession, lead you through creating an encrypted partition, and then restart the display manager.

bash mkusbcrypt


Reboot the stick, choosing the "use hooks" item from the boot menu. Do it this way or fail:
Highlight the "use hooks" item.
Hit TAB
Type in the correct device name for your encrypted partition (probably /dev/sdb2) so that the line ends with
lukshome=/dev/sdb2 (or whatever the correct device is.)

Enter the passphrase you gave when you created the encrypted volume.
Enjoy your encrypted, read/write home partition.

Still need to add some stuff to the script, but it works.
Haven't figured out a good way to pass the uuid to the boot menu, but I got as far as saving the uuid in a text file in the primary user's home directory. Look at uuid_info.
Code mostly copied from refractainstaller and display-savior.

Re: (experimental) Alternative usb installation method

Mon Feb 11, 2013 6:40 pm

This does not seem to work on a machine that sees my usb stick as fd0. The only way I can boot that stick is to start with grub, drop to command-line, and boot it manually.
Code:
root (fd0)
linux /live/vmlinuz boot=live union=aufs
initrd /live/initrd.img
boot

Re: (experimental) Alternative usb installation method

Mon Feb 11, 2013 7:36 pm

Must be an ancient machine or a misconfigured bios setting..

Re: (experimental) Alternative usb installation method

Tue Feb 12, 2013 2:54 am

dzz wrote:Must be an ancient machine or a misconfigured bios setting..


Or a Dell. Core2Duo 1.8GHz. Oh, and no CMOS battery. Put one in and it dies in a day. Maybe not the most reliable test machine, but that's all I had available today. Same stick is working fine on my usual test machine.

Re: (experimental) Alternative usb installation method

Tue Feb 12, 2013 3:59 pm

http://distro.ibiblio.org/refracta/testing/mkusbcrypt
Newer version, same link. More sanity checks, more information on screen.

Re: (experimental) Alternative usb installation method

Mon Mar 11, 2013 5:22 am

Code:
install-mbr

sounds more easy than it is:
Code:
ROOT# install-mbr
bash: install-mbr: command not found
ROOT# which install-mbr
ROOT# apt-cache search install-mbr
ROOT# apt-file show install-mbr
ROOT# apt-cache search install mbr
libembryo-dbg - Debugging symbols for libembryo
p7zip-full - 7z and 7za file archivers with high compression ratio
ROOT#

and all the web gives is the manpages and such
https://duckduckgo.com/html/

-
aha:
ROOT# apt-cache search mbr --names-only | grep -v rola
libembryo-bin - SMALL compiler creating Embryo bytecode
libembryo-dbg - Debugging symbols for libembryo
libembryo-dev - Development files for libembryo1
libembryo-doc - libembryo1 development documentation
libembryo1 - SMALL-based abstract machine (AMX) bytecode interpreter
umbrello - UML modelling tool and code generator
mbr - Master Boot Record for IBM-PC compatible computers.
remembrance-agent - Emacs mode to help find relevant texts
making an educated guess i went for "mbr".

-
sigh. yad needed. next reboot.

Re: (experimental) Alternative usb installation method

Mon Mar 11, 2013 6:43 am

Some hours later, lots of reboots and downloads, i got this:
MBR-FA
directly after boot, on both devices, a PC and a laptop, with two different isos: the refracta-live itself and network-security-toolkit (i think based on fedora)
To make sure i can boot from SD-card, which i did in the past, i used unetbootin with refracta, and that worked.
(not with persistence, sure). Strange enough.
Post a reply