Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 18 Aug 2019, 07:30
All times are UTC - 4
 Forum index » Advanced Topics » Puppy Projects
Fatdog64-802/801/800 Final [21 May 2019]
Moderators: Flash, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 13 of 22 [316 Posts]   Goto page: Previous 1, 2, 3, ..., 11, 12, 13, 14, 15, ..., 20, 21, 22 Next
Author Message
belham2

Joined: 15 Aug 2016
Posts: 1667

PostPosted: Thu 02 May 2019, 08:53    Post subject:  

rufwoof wrote:
Thanks James. Yes I've burnt/used multi-session FatDog DVD's for the last couple of Fatdog versions (which btw have worked very well). For 8.0 however I've gone with HDD frugal, primarily booting the exact same session/save folder each/every time and with integrity checks of the mbr, grldr, vmlinuz, initrd, fd64.sfs and (lz4 compressed) tar file of the save folder (fd64save.tar.lz4) - where I've extended the init process to extract that at each boot. Relatively crude checks using diff for the mbr/grldr/vmlinuz, and md5sum checks of the first 10KB of the initrd/fd64.sfs/f64save.tar.lz4 (being compressed that's adequate enough validation for my purposes and flies through very quickly). Nice idea about using multi-session save sessions for validation, think I prefer my current validation setup however, but I'll ponder the option of using multisession within a frugal HDD further. Thanks.

PS the chrome install/update within Fatdog also works very well. Previously I used Firefox, did try the default installed Seamonkey for a while, but find that chrome is much quicker when using a socks proxy. I grabbed a free ssh account from hashbang.sh and use that (ssh into) for a throw away email account and irc. I also use it as a socks proxy and have two versions of launching chrome, one using socks the other not using socks. For the socks version its as easy as running
Code:
ssh -D 9999 -q -C -N xxxxxx@ny1.hashbang.sh &
where xxxxxxx is my hashbang userid (and where 9999 is just a arbitrary selected free local port number), and then running chrome using
Code:
/usr/bin/google-chrome-spot --proxy-server="socks5://localhost:9999"
My fatdog save has the newly installed chrome (clean) set within that, so I know both the system and browser are clean at each bootup. Using socks means my ISP doesn't see where/what I'm doing, other than seeing a ssh connection with encrypted content flowing through that. Visited web sites don't see my IP either. But that does place trust in hashbang.sh, so for banking I run chrome without socks (use my ISP's DNS's/routing). Combined with ctrl-shift-delete (delete cache) between logging into different web sites - and there's nothing much for sites to monitor/grab (such as cross scripting to obtain other sites userids/passwords that otherwise might be available for crackers to grab).

I appreciate it all sounds complex/awkward, but in practice setting up and using those additional security measures is relatively quick/easy. As and when newer versions of chrome are available, I boot (to a clean session), update chrome ... and then save (where I've extended save2flash to create the lz4 compressed tar file (fd64save.tar.lz4) of the save folder and record the md5sum of the first 10KB of that file).



LOL.

Rufwoof, in all honestly, you don't appreciate what you write.

I've followed a lot of your hints, especially on Barry's Easy, for making it more secure, but for nearly everything else and everyone on here, what you write might as well be written in Klingon.

I shudder when I think of someone either coming from Linux generally or (gasp) the Mr. Softie world, and starts trying to do some of the various things you've written over the past year or two regarding this stuff (the Zephyr stuff in Easy got to be like taking one's daily medicine if one wanted to check if Barry had posted anything new).

It'd be better off it you just tell every one to install & run Qubes. Because in all honestly, as much as cluster-f#ck-headache Qubes can be setting it up, let alone running it, it all is way easier than following your stuff.

None of the puppy/deb/barry/Fatdog OS creators are going to incorporate your stuff, even if it would be nice ina few instances, so I am unsure why you keep up the mental gymnastics (for most everyone) who tries to read/comprehend your threads.

Just tell 'em all to install Qubes...because what Qubes does is easier to understand and more comprehensive than this stuff here in pup land that you get into in these various pup threads. I sort of wish you had your own thread for all this stuff, instead of totally confusing people who might come through these pups/different OS threads and see your constant posts about this stuff &, most naturally, becoming totally bewildered if not scared off.

I'm not trying to knock what you do, but it honestly does no service to any of these threads on murga (unless it is was in its own dedicated thread).

Incredibly, in some threads, like Easy) you literally take over the whole thread and have even more posts than Barry himself (something that, again, you do not appreciate). Go count....your are running on a near 3 posts for every post Barry has ever posted in the Easy thread. it is just unreal.....[/u][/i]
Back to top
View user's profile Send private message 
rufwoof


Joined: 24 Feb 2014
Posts: 3325

PostPosted: Thu 02 May 2019, 10:18    Post subject:  

belham2 wrote:

LOL.

Rufwoof, in all honestly, you don't appreciate what you write.

I've followed a lot of your hints, especially on Barry's Easy, for making it more secure, but for nearly everything else and everyone on here, what you write might as well be written in Klingon.
...
None of the puppy/deb/barry/Fatdog OS creators are going to incorporate your stuff, even if it would be nice in a few instances, so I am unsure why you keep up the mental gymnastics (for most everyone) who tries to read/comprehend your threads.

Each to their own. Some bounce creative ideas around - that naturally tends to have many disregarded, a small number stick - such as this. Human nature, often those who are creative individuals lack the skills/abilities to see ideas through development/production. Others are better at progressing ideas through to production, but may lack the abilities to sustain the product/service, whilst yet others may excel at such sustainment/maintenance. Each of those skills adds-value one way or another. Yet others detract, commonly via insults or critique. I'm much in the first camp, generation of ideas, but lacking reliable/accurate coding skills to see those through. Fred is a excellent example of excelling at production. Whilst you seemingly fall into the critical group (search belham2 posts and of the first page 15 posts presented, including the one above 3 are clearly critical. A 20% rate!).
http://murga-linux.com/puppy/viewtopic.php?p=1014326#1014326
Quote:
It must wholeheartedly be miserable to wake up and look at oneself in the morning like this.

And to think a person goes through the whole day, day after day, week after week, like this....wow and...sad......

_________________
( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 3357
Location: The Blue Marble

PostPosted: Thu 02 May 2019, 12:29    Post subject:  

rufwoof, you know what.

I was just about to suggest to you to start up your own thread "RufWoof's Guide to Internet Security", and put your suggestions and recommendations there for safe keeping, lest they get drowned and buried by other posts in the future.

Your postings about security and how to improve them are valuable.

They may not be always practical, they may not always be new, or novel, and I may not agree with some of what you say. But at least the information is there for all to use and learn. The truth is, not everyone knows everything (me included). The thing that I like about your posts is that you give step by step instructions and sometimes the entire code. It is one thing to read elsewhere about suggested ideas to do intrusion detection but it's another thing to see the steps presented to you, written in the context of the distro here (Fatdog, EasyOS, etc). Even I have to admit that I have learnt a thing or two (or more) from you. (E.g. most recent example is the SOCKS proxy. I use other ways to do this - I use sshuttle that will directly __ALL__ traffic transparently via ssh server, but it's always good to have alternative).

If you actually take my advice, you can put a tag of sorts on which distro you're doing it ("For Fatdog only", or "For EasyOS Only", or "For all common Puppies", etc), or perhaps you can have one post that outlines the general steps with additional extra steps "in case you run Fatdog", or "in case you run EasyOS", etc.

You can, of course, and is encouraged to still post in the actual Fatdog or EasyOS or other puppies thread, putting a link to the more elaborate details in your thread, e.g. "Improved security for storing SSH keys" and then link it there.

I'm saying this out of genuine concern that your post may get buried or forgotten. In fact, perhaps you can ask Flash to get your thread sticky.

Belham2, it is true that rufwoof's post is not for everyone. For example, rufwoof likes to run in console only, using framebuffer apps when needed. Most people probably won't run Puppies like that. But he does have some valuable advices; again some may not be directly practical, but conceptually they are sound and in the future (when we can work out the trade-off between convinience and security) some of these may even get implemented.

---

Aside: rufwoof, the reason why I asked about multisesion for frugal install is that they behave similarly to EasyOS "snapshots". You can configure your system, then save the session (as SFS), and configure the system not to perform automatic save ever again. Each time you boot, you boot with a certain set of SFS-es that you can verify, and run with RAM layer only. That sounds very similar to EasyOS and to what you're doing; so I thoght using a facility that Fatdog already have can simplify things for you. Just a suggestion, though, and perhaps one more fun thing you can play with.

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread.
Back to top
View user's profile Send private message 
dr. Dan


Joined: 20 Apr 2015
Posts: 82
Location: Oregon, U.S.A.

PostPosted: Thu 02 May 2019, 21:12    Post subject:  

re: rufwoof's posts.

rufwoof, I personally am fascinated by the stuff you post. When I have the capability, I think them through and tuck an idea or two away for future reference. I have recommended some to a friend who does networking and who can appreciate more of the nuances of your techniques.

Having written that, I hope that you will start a different thread. I also hope you will post here with summaries and links to that other thread. The reason is that about 4 years ago, I was jumping into the Linux pool, running Fatdog64 700, and before too long I found this forum. The information I found here, combined with the help files included and online, got me going sucessfully. In particular, this forum provided timely solutions to various small issues that cropped up here and there, and informed me of the existence of 701, 702, 710 etc. It also allowed me to ask questions and learn of details I could not have otherwise come across, allowing me to progress from using it on a small hobby laptop for browsing and e-mail to making it my primary system. Here's my point: If the 700 thread had had as many pages of your detailed, security-focused posts as this one and the 720 thread have, I might well have given up on it. I have to wonder whether there have been curious seekers, possibly arriving at Fatdog64 by way of the recent spike in numbers at DistroWatch, who decided that this forum, and perhaps the OS as well, is too technical, too focused, or otherwise not for them.

As I said, I appreciate (within my own level of comprehension) what you post, and I hope that some time, when the years have increased my education, I can implement some of it, but this thread, as the primary feedback and troubleshooting venue for Fatdog64, isn't the most useful location for the level of detail your posts attain.

Keep posting, I'll keep reading and learning.
Dan
Back to top
View user's profile Send private message 
rufwoof


Joined: 24 Feb 2014
Posts: 3325

PostPosted: Fri 03 May 2019, 05:21    Post subject:  

dr. Dan wrote:
Here's my point: If the 700 thread had had as many pages of your detailed, security-focused posts as this one...

Dr Dan. Wont take long and would be appreciated if you'd go through this Fatdog64-800 Final thread and point to the specific posts made by me to which you are referring. To help with that I did make single posts on pages 5, 6 and 10 (no posts by me in the other single digit pages), so out of those and the posts on pages 11, 12, 13. Thanks.

_________________
( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 
fatdog

Joined: 16 Apr 2013
Posts: 99

PostPosted: Sat 04 May 2019, 08:11    Post subject:  

Fatdog64-801 is released. Please refer to first post.
_________________
-= The Fatdog Team (kirk, jamesbond, SFR and step) =-
Contributed Fatdog64 packages thread
This account is used for announcements only. Send PM directly to members' handle.
Back to top
View user's profile Send private message 
shevy

Joined: 13 Feb 2019
Posts: 2

PostPosted: Sat 04 May 2019, 14:46    Post subject:  

Not sure if this belongs here ... sorry.

My question is - how difficult (or easy) is it to customize the .iso release?

I am asking mostly because I love a lean base, but on a DVD I would then like to put e. g. KDE5. I can compile the whole KDE5 stack here on my home system via self-written scripts but I actually have never fully remastered any .iso (I know how to e. g. mount it, modify stuff, then re-mount it, but this is all quite different from actually doing it AND making it work).

Specifically what I would be seeking is something that used to be as simple as oldschool SLAX. SLAX is still active and alive but it switched to debian and I'd at the least would like oldschool linux without systemd. (I hope puppy didn't switch to systemd but I think a long time ago it was not using systemd.)
Back to top
View user's profile Send private message 
quirkian2new

Joined: 06 Oct 2015
Posts: 136
Location: on the inter-planet train

PostPosted: Sat 04 May 2019, 22:07    Post subject:
Subject description: FD-801
 

Thanks FD team for your 801.

I have a suggestion, see if you think it makes any sense. I suggest that the iso be distributed by default of medium initrd instead of huge initrd (with a boot option “copy fd64.sfs to ram” and another boot option “NOT copy fd64.sfs to ram” ) for the following reason:

For a MS windows user (or linux newbie), he may concern about 3 things if he wants to try FD64 :

- whether it would mess up his existing Windows partition rendering the machine boot failure

- whether the FD livecd is easy to boot (tackling such fu_king uefi obstacle, because Nowadays many machines are pre-installed MS windows and hardware manufacturers have to follow M$ monopoly rules ).

- whether the boot process is fast enough to lead them to gui desktop

FD64 livecd addressed first 2 concerns, but as you know CD/DVDROM drive is usually very slow. It is rather annoying sitting and waiting the CD/DVDROM spin, spin, spin, spin and then spin and the noise of such spinning even un-bearable (some MS windows users may not have much patience, me at least haha ). Such sitting and waiting may defeat a potential person's motivation if he just wants to try FD64. me think it may attract more potential newbies trying FD64.

For existing FD64 user, he /she would be more familiar and can easily re-pack medium initrd to huge initrd.

Such medium initrd , together with the extrasfs introduced in FD720, may potentially reduce the number of times of re-mastering needed( the re-mastering process may, sometimes, give unexpected outcome although the remastering script is already extensively tested ).

Thank you

-------------------------
Edit : after second thought, if the team consider the above suggestion conflicts too much with the way you are currently practise, is it possible that 2 iso files are distributed in parallel, that is the traditional huge initrd iso as well as the iso me suggested ?
Back to top
View user's profile Send private message 
tatemono

Joined: 29 May 2010
Posts: 11

PostPosted: Sat 04 May 2019, 23:32    Post subject:  

shevy wrote:
Not sure if this belongs here ... sorry.

My question is - how difficult (or easy) is it to customize the .iso release?

I am asking mostly because I love a lean base, but on a DVD I would then like to put e. g. KDE5. I can compile the whole KDE5 stack here on my home system via self-written scripts but I actually have never fully remastered any .iso (I know how to e. g. mount it, modify stuff, then re-mount it, but this is all quite different from actually doing it AND making it work).

Specifically what I would be seeking is something that used to be as simple as oldschool SLAX. SLAX is still active and alive but it switched to debian and I'd at the least would like oldschool linux without systemd. (I hope puppy didn't switch to systemd but I think a long time ago it was not using systemd.)


There is a thread called 'Fatdog64 - custom initrd' and it could be helpful to your problem.
Please refer to the following URL:
http://www.murga-linux.com/puppy/viewtopic.php?t=95912
Back to top
View user's profile Send private message 
tatemono

Joined: 29 May 2010
Posts: 11

PostPosted: Sun 05 May 2019, 00:10    Post subject: Long boot time when booting from a CD/DVD drive
Subject description: FD-801
 

quirkian2new wrote:
Thanks FD team for your 801.

I have a suggestion, see if you think it makes any sense. I suggest that the iso be distributed by default of medium initrd instead of huge initrd (with a boot option “copy fd64.sfs to ram” and another boot option “NOT copy fd64.sfs to ram” ) for the following reason:

For a MS windows user (or linux newbie), he may concern about 3 things if he wants to try FD64 :

- whether it would mess up his existing Windows partition rendering the machine boot failure

- whether the FD livecd is easy to boot (tackling such fu_king uefi obstacle, because Nowadays many machines are pre-installed MS windows and hardware manufacturers have to follow M$ monopoly rules ).

- whether the boot process is fast enough to lead them to gui desktop

FD64 livecd addressed first 2 concerns, but as you know CD/DVDROM drive is usually very slow. It is rather annoying sitting and waiting the CD/DVDROM spin, spin, spin, spin and then spin and the noise of such spinning even un-bearable (some MS windows users may not have much patience, me at least haha ). Such sitting and waiting may defeat a potential person's motivation if he just wants to try FD64. me think it may attract more potential newbies trying FD64.

For existing FD64 user, he /she would be more familiar and can easily re-pack medium initrd to huge initrd.

Such medium initrd , together with the extrasfs introduced in FD720, may potentially reduce the number of times of re-mastering needed( the re-mastering process may, sometimes, give unexpected outcome although the remastering script is already extensively tested ).

Thank you

-------------------------
Edit : after second thought, if the team consider the above suggestion conflicts too much with the way you are currently practise, is it possible that 2 iso files are distributed in parallel, that is the traditional huge initrd iso as well as the iso me suggested ?


Fatdog ISO file is so-called 'isohybrid' ISO image. In other words, the ISO file could be written either on a USB pen drive or on a CD/DVD disc.
Generally speaking, booting from a USB pen drive is much faster than booting from a CD/DVD drive. Please ask your friends who would like to try using Fatdog Linux to boot from a USB pen drive instead of a CD/DVD drive.
Back to top
View user's profile Send private message 
rufwoof


Joined: 24 Feb 2014
Posts: 3325

PostPosted: Sun 05 May 2019, 07:04    Post subject:  

jamesbond wrote:
I use sshuttle that will direct __ALL__ traffic transparently via ssh server

Do you have eztables activate when running sshuttle James? I couldn't get it to work when eztables in on.

_________________
( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 
quirkian2new

Joined: 06 Oct 2015
Posts: 136
Location: on the inter-planet train

PostPosted: Sun 05 May 2019, 10:13    Post subject:  

@tatemono,

thanks for advice, i know that the iso is of hybridiso nature. but what i really mean is that the iso contain a built-in menu/option that one can choose NOT to load the fd64.sfs totally into ram. thanks
Back to top
View user's profile Send private message 
bigpup


Joined: 11 Oct 2009
Posts: 12442
Location: S.C. USA

PostPosted: Sun 05 May 2019, 20:57    Post subject:  

This anyone that developed Fatdog?
https://www.ebay.com/i/123193243676?chn=ps

_________________
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
YaPI(any iso installer) http://www.murga-linux.com/puppy/viewtopic.php?t=107601
Back to top
View user's profile Send private message 
fatdog

Joined: 16 Apr 2013
Posts: 99

PostPosted: Mon 06 May 2019, 02:27    Post subject:  

bigpup wrote:
This anyone that developed Fatdog?
https://www.ebay.com/i/123193243676?chn=ps


Thanks bigpup for the notice.

The answer is: No. None of us. We do not know that person; we are not affiliated with that person; and we do not endorse that person's products or activities.

We do not sell or otherwise distribute physical media in whatever forms (CD, DVD, USB flash drive, etc). Fatdog64 is officially distributed as softcopy only, in the form of ISO-hybrid .iso files, which is made available free for all to download without a fee; and the only official place to get Fatdog is from its website and mirrors, as listed in the first post of this thread.

_________________
-= The Fatdog Team (kirk, jamesbond, SFR and step) =-
Contributed Fatdog64 packages thread
This account is used for announcements only. Send PM directly to members' handle.
Back to top
View user's profile Send private message 
bigpup


Joined: 11 Oct 2009
Posts: 12442
Location: S.C. USA

PostPosted: Mon 06 May 2019, 03:14    Post subject:  

After I posted that info.
I hope you did not think I was thinking you guys/gals were trying to make money off of Puppy Linux.
It was info to show you something about Fatdog.

Well, it has always been that you could offer burned CD/DVD or USB flash drives of Linux OS's.
But you are limited to only a very small charge to cover your cost.
That is only the fare thing and does not bother anyone.

The best example is:
https://www.osdisc.com/products/puppy

To me this is someone trying to make money from Puppy Linux.
https://www.google.com/search?q=puppy+linux&source=lnms&tbm=shop&sa=X&ved=0ahUKEwjpl8foq4biAhUjc98KHQKFBKYQ_AUIESgE&biw=1366&bih=571

_________________
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
YaPI(any iso installer) http://www.murga-linux.com/puppy/viewtopic.php?t=107601
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 13 of 22 [316 Posts]   Goto page: Previous 1, 2, 3, ..., 11, 12, 13, 14, 15, ..., 20, 21, 22 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Puppy Projects
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1138s ][ Queries: 13 (0.0410s) ][ GZIP on ]