Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 19 Apr 2014, 18:28
All times are UTC - 4
 Forum index » House Training » HOWTO ( Solutions )
How to Build a Locked-Down Installation of Puppy
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 5 [66 Posts]   Goto page: 1, 2, 3, 4, 5 Next
Author Message
rcrsn51


Joined: 05 Sep 2006
Posts: 8557
Location: Stratford, Ontario

PostPosted: Sun 12 Apr 2009, 22:32    Post subject:  How to Build a Locked-Down Installation of Puppy  

The forum often has requests for a method to lock down Puppy so nothing can be changed. Many of the replies involve remastering the Live CD. Here is another procedure that may be simpler to manage.

The basic idea is to create a pup_save file and make a backup copy of it. Whenever Puppy is booted, the backup version is copied onto the current version. The user always starts with a pristine pup_save and any changes that are made during a session will disappear on the next boot.

Because this will involve modifying the Puppy initrd.gz file, you may want to make a backup copy in case of problems. Or, if necessary, you can boot off the Live CD and copy the original version from the CD.

The attachment below contains MU's editinit script. Unpack it and save the script in /mnt/home in the the same folder as the initrd.gz file.

Note: Your /mnt/home folder must be formatted as ext for this procedure to work. If it is a FAT or NTFS partition, copy the initrd.gz file into /root. Make the changes and copy it back to its original location.

While still the Puppy folder, open a terminal and type the command:
Code:
./editinit

This will unpack the initrd.gz and open it in leafpad.

Locate the line ##### FINDING PUPPY FILES ##### . In old Puppies, it will be somewhere between lines 300 and 500. In new Puppies it's closer to 700.

In the space ABOVE this line, add the following code. This example is designed for an install of Puppy 4.3.1 on partition sda1 in the folder puppy431. Its savefile is named pup_save.2fs. You will need to modify it for your particular setup.

Code:
mount /dev/sda1 /mnt/data
cp /mnt/data/puppy431/pup_save.bak /mnt/data/puppy431/pup_save.2fs
umount /mnt/data

For an install of Slacko on sda2 in a folder using a 3fs savefile, it would be
Code:
mount /dev/sda2 /mnt/data
cp /mnt/data/slacko/slackosave.bak /mnt/data/slacko/slackosave.3fs
umount /mnt/data

On a FAT32 flash drive, use
Code:
sleep 3
mount -t vfat /dev/sdb1 /mnt/data
cp /mnt/data/slackosave.bak /mnt/data/slackosave.3fs
umount /mnt/data


Save and exit. MU's script will repack the initrd.gz.

Reboot Puppy and verify that it still works. At the moment, nothing has changed because the pup_save.bak file does not exist yet.

Configure your Puppy install. When done, boot off the Live CD using the "puppy pfix=ram" option. Go to the Puppy folder and rename your pup_save.2fs as pup_save.bak.

Reboot normally. As a test, add or delete some files. Reboot. The original setup will be restored.

You may eventually need to modify your locked-down pup_save file. Run Puppy, make the changes and exit as usual. Boot from the Live CD with "puppy pfix=ram". Delete the old pup_save.bak. Rename the updated pup_save.2fs as pup_save.bak.

It's also easy to unlock the machine. Just delete the pup_save.bak.

This procedure should also solve the problem of unattended machines that experience a power failure and need a manual "xwin" restart.
editinit.tar.gz
Description 
gz

 Download 
Filename  editinit.tar.gz 
Filesize  241 Bytes 
Downloaded  675 Time(s) 

Last edited by rcrsn51 on Sun 21 Apr 2013, 10:43; edited 25 times in total
Back to top
View user's profile Send private message 
kayan


Joined: 14 Feb 2008
Posts: 90
Location: India

PostPosted: Thu 23 Apr 2009, 15:11    Post subject:  

thanks that was informative Very Happy
_________________
SAHARA laptop intel celeron M 1.4 GHz/ 768Mb Ram /40GB ,SIS 661 chipset,
Back to top
View user's profile Send private message 
Ray MK


Joined: 05 Feb 2008
Posts: 753
Location: UK

PostPosted: Thu 23 Apr 2009, 17:24    Post subject:  

Hi

Extremely useful info - must try

Best regards - Ray
Back to top
View user's profile Send private message 
ComputerBob


Joined: 26 Jan 2009
Posts: 57
Location: The Beautiful Sunshine State

PostPosted: Thu 23 Apr 2009, 20:23    Post subject:  

On a default frugal install, would the lock-down procedure prevent users from saving browser bookmarks, word processing documents, etc., or are those things saved by default to /mnt/home or somewhere else outside of the pup_save file?
_________________
ComputerBob.com - Making Geek-Speak Chic™
News, Views, Information, Software, Help & Fun - Every Day
ComputerBob.com
Back to top
View user's profile Send private message Visit poster's website 
rcrsn51


Joined: 05 Sep 2006
Posts: 8557
Location: Stratford, Ontario

PostPosted: Fri 24 Apr 2009, 10:21    Post subject:  

Most (all?) applications will save by default to /root, so any user data would be lost on a reboot. But there are ways around this.

In Firefox, you can move the hidden profile from /root/.mozilla to /mnt/home outside of the pup_save and replace it with a symlink.

You could do the same thing with any configuration folders like .gxine where the playlist is stored.

Similarly, the folder /root/my-documents could be symlinked to an external location. Users would just need to remember to save to that folder instead of directly into /root.
Back to top
View user's profile Send private message 
ComputerBob


Joined: 26 Jan 2009
Posts: 57
Location: The Beautiful Sunshine State

PostPosted: Fri 24 Apr 2009, 13:00    Post subject:  

That's what I suspected, but I wasn't sure. Thanks for confirming it!
_________________
ComputerBob.com - Making Geek-Speak Chic™
News, Views, Information, Software, Help & Fun - Every Day
ComputerBob.com
Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10522
Location: SwedenEurope

PostPosted: Sun 18 Jul 2010, 18:22    Post subject:  

rcrsn51 thanks indeed for sharing this way to do it.

I've not tested it yet but it sure looks very interesting.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 05:44    Post subject:  

Thanks for the guide Smile

Any help please with editing the initrd.gz file? using the script fails as it relies on having leafpad which was not installed.
so I installed leafpad with no change! Leafpad is unable to read the file. (some kind of language encoding error..)

edited the file on a windows machine using notepad++ however more issues copying the script into the file where described, anyhow linux panic crashed when loading the file after repacking with 7zip.

Am using macpup520
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10522
Location: SwedenEurope

PostPosted: Sun 22 May 2011, 06:13    Post subject:  

Could this inird.gz editor change the needed part and rebuild it in same way and using geany editior instead?
http://www.murga-linux.com/puppy/viewtopic.php?t=67805

or can the original script change to geany or has it to do with Leafpad being able to do things that Geany fail to do. Export in a particular format or something?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 8557
Location: Stratford, Ontario

PostPosted: Sun 22 May 2011, 08:26    Post subject:  

Quote:
Any help please with editing the initrd.gz file? using the script fails as it relies on having leafpad which was not installed.


Open the editinit script in a text editor and change Line 10 from "leafpad init" to "geany init".

To turn on line numbering in Geany, look in View > Editor.
Back to top
View user's profile Send private message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 11:57    Post subject:  

Thanks,

Also changed the script to open geany which results in an open page, empty with only one line. noted the error message "encoding not supported"

Already tried unpacking the file manually and have attempted to open with every text editor available, with no luck.


Also tried opening the file with the appropriate devx loaded

am still trying though, perhaps an older live puppy cd? I'm not without some resources yet am new to Linux Smile


Meanwhile am working on the above inird.gz editor script
Back to top
View user's profile Send private message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 12:37    Post subject:  

ok, watching the process I see the initrd.gz file unpacked, which creates a directory named "puppy-init" and a file named initrd the reason leaf or geany or any other text editor can not open the files is because neither file is a text file.

There are however text files buried within the directory "puppy-init" not of them are the correct file. I have previously seen the text entry we are looking for but so far have not been able to edit it..

It is my observation that the file "init" is not being unpacked correctly..


The only file which only remotely resembles the file described is one named "debug-init" ??


Both scripts unpack and repack (occasionally with some error..) however the file "init" can not be found..

Last edited by Indy'spup on Sun 22 May 2011, 13:10; edited 1 time in total
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 8557
Location: Stratford, Ontario

PostPosted: Sun 22 May 2011, 13:04    Post subject:  

I just did a fresh frugal install of Macpup520 in an ext3 partition.

I copied the editinit script to the same location as the initrd.gz file and ran it.

The script ran correctly. However, it uses NicoEdit as a replacement for leafpad. This happens in most recent Puppies where leafpad has been replaced with NicoEdit.

So I have no idea why you are getting different results. Have you changed your locale to something other than the default? Are you working in an ext partition?
Back to top
View user's profile Send private message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 13:20    Post subject:  

WOW!! thanks for testing the script


Sad this means I'm officially going out of my mind Sad


yes ext3 partition and yes the default editor is NicoEdit however none of the text editors can find a file to open

used both scripts which unpack to directories named "puppy-init" or "initrd-editor" but no text editor can find any file to open

Sad

Last edited by Indy'spup on Sun 22 May 2011, 13:39; edited 1 time in total
Back to top
View user's profile Send private message 
Indy'spup

Joined: 11 May 2011
Posts: 50
Location: SoCal

PostPosted: Sun 22 May 2011, 13:28    Post subject:  

As far as the local is concerned I am completely baffled and exhausted by the directory hierarchy structure despite much reading on the topic. I'm absolutely confused as to the need for so many hard links... While I fully understand symbolic linking am still trying to understand this structure.. but am going to save this for another day Smile

Meanwhile when booted to a live cd I found the initrd.gz in /mnt/sda1/puppy520 within a fugal install, so I placed the scripts in this directory and ran them from there..

Last edited by Indy'spup on Sun 22 May 2011, 13:51; edited 3 times in total
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 5 [66 Posts]   Goto page: 1, 2, 3, 4, 5 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » HOWTO ( Solutions )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0741s ][ Queries: 13 (0.0049s) ][ GZIP on ]