How to Build a Locked-Down Installation of Puppy

How to do things, solutions, recipes, tutorials
Message
Author
User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

How to Build a Locked-Down Installation of Puppy

#1 Post by rcrsn51 »

The forum often has requests for a method to lock down Puppy so nothing can be changed. Many of the replies involve remastering the Live CD. Here is another procedure that may be simpler to manage.

The basic idea is to create a pup_save file and make a backup copy of it. Whenever Puppy is booted, the backup version is copied onto the current version. The user always starts with a pristine pup_save and any changes that are made during a session will disappear on the next boot.

Because this will involve modifying the Puppy initrd.gz file, you may want to make a backup copy in case of problems. Or, if necessary, you can boot off the Live CD and copy the original version from the CD.

The attachment below contains MU's editinit script. Unpack it and save the script in /mnt/home in the the same folder as the initrd.gz file.

Note: Your /mnt/home folder must be formatted as ext for this procedure to work. If it is a FAT or NTFS partition, copy the initrd.gz file into /root. Make the changes and copy it back to its original location.

While still in the Puppy folder, open a terminal and type the command:

Code: Select all

./editinit
This will unpack the initrd.gz and open it in leafpad.

Locate the line ##### FINDING PUPPY FILES ##### . In old Puppies, it will be somewhere between lines 300 and 500. In new Puppies it's closer to 700.

In the space ABOVE this line, add the following code. This example is designed for an install of Puppy 4.3.1 on partition sda1 in the folder puppy431. Its savefile is named pup_save.2fs. You will need to modify it for your particular setup.

Code: Select all

mount /dev/sda1 /mnt/data
cp /mnt/data/puppy431/pup_save.bak /mnt/data/puppy431/pup_save.2fs
umount /mnt/data
For an install of Slacko on sda2 in a folder using a 3fs savefile, it would be

Code: Select all

mount /dev/sda2 /mnt/data
cp /mnt/data/slacko/slackosave.bak /mnt/data/slacko/slackosave.3fs
umount /mnt/data
On a FAT32 flash drive, use

Code: Select all

sleep 3
mount -t vfat /dev/sdb1 /mnt/data
cp /mnt/data/slackosave.bak /mnt/data/slackosave.3fs
umount /mnt/data
Save and exit. MU's script will repack the initrd.gz.

Reboot Puppy and verify that it still works. At the moment, nothing has changed because the pup_save.bak file does not exist yet.

Configure your Puppy install. When done, boot off the Live CD using the "puppy pfix=ram" option. Go to the Puppy folder and rename your pup_save.2fs as pup_save.bak.

Reboot normally. As a test, add or delete some files. Reboot. The original setup will be restored.

You may eventually need to modify your locked-down pup_save file. Run Puppy, make the changes and exit as usual. Boot from the Live CD with "puppy pfix=ram". Delete the old pup_save.bak. Rename the updated pup_save.2fs as pup_save.bak.

It's also easy to unlock the machine. Just delete the pup_save.bak.

This procedure should also solve the problem of unattended machines that experience a power failure and need a manual "xwin" restart.
Attachments
editinit.tar.gz
(241 Bytes) Downloaded 1479 times
Last edited by rcrsn51 on Thu 04 Sep 2014, 12:26, edited 26 times in total.

User avatar
kayan
Posts: 90
Joined: Thu 14 Feb 2008, 18:26
Location: India

#2 Post by kayan »

thanks that was informative :D
[color=blue]SAHARA laptop intel celeron M 1.4 GHz/ 768Mb Ram /40GB ,SIS 661 chipset,[/color]

User avatar
Ray MK
Posts: 774
Joined: Tue 05 Feb 2008, 09:10
Location: UK

#3 Post by Ray MK »

Hi

Extremely useful info - must try

Best regards - Ray

User avatar
ComputerBob
Posts: 56
Joined: Mon 26 Jan 2009, 16:58
Location: The Beautiful Sunshine State
Contact:

#4 Post by ComputerBob »

On a default frugal install, would the lock-down procedure prevent users from saving browser bookmarks, word processing documents, etc., or are those things saved by default to /mnt/home or somewhere else outside of the pup_save file?
[color=red][b]Computer[/b][/color][color=blue][b]Bob[/b][/color].com - Making Geek-Speak Chicâ„¢
News, Views, Information, Software, Help & Fun - Every Day
[url=http://www.computerbob.com][b]ComputerBob.com[/b][/url]

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#5 Post by rcrsn51 »

Most (all?) applications will save by default to /root, so any user data would be lost on a reboot. But there are ways around this.

In Firefox, you can move the hidden profile from /root/.mozilla to /mnt/home outside of the pup_save and replace it with a symlink.

You could do the same thing with any configuration folders like .gxine where the playlist is stored.

Similarly, the folder /root/my-documents could be symlinked to an external location. Users would just need to remember to save to that folder instead of directly into /root.

User avatar
ComputerBob
Posts: 56
Joined: Mon 26 Jan 2009, 16:58
Location: The Beautiful Sunshine State
Contact:

#6 Post by ComputerBob »

That's what I suspected, but I wasn't sure. Thanks for confirming it!
[color=red][b]Computer[/b][/color][color=blue][b]Bob[/b][/color].com - Making Geek-Speak Chicâ„¢
News, Views, Information, Software, Help & Fun - Every Day
[url=http://www.computerbob.com][b]ComputerBob.com[/b][/url]

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#7 Post by nooby »

rcrsn51 thanks indeed for sharing this way to do it.

I've not tested it yet but it sure looks very interesting.
I use Google Search on Puppy Forum
not an ideal solution though

Indy'spup
Posts: 50
Joined: Wed 11 May 2011, 15:32
Location: SoCal

#8 Post by Indy'spup »

Thanks for the guide :)

Any help please with editing the initrd.gz file? using the script fails as it relies on having leafpad which was not installed.
so I installed leafpad with no change! Leafpad is unable to read the file. (some kind of language encoding error..)

edited the file on a windows machine using notepad++ however more issues copying the script into the file where described, anyhow linux panic crashed when loading the file after repacking with 7zip.

Am using macpup520

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#9 Post by nooby »

Could this inird.gz editor change the needed part and rebuild it in same way and using geany editior instead?
http://www.murga-linux.com/puppy/viewtopic.php?t=67805

or can the original script change to geany or has it to do with Leafpad being able to do things that Geany fail to do. Export in a particular format or something?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#10 Post by rcrsn51 »

Any help please with editing the initrd.gz file? using the script fails as it relies on having leafpad which was not installed.
Open the editinit script in a text editor and change Line 10 from "leafpad init" to "geany init".

To turn on line numbering in Geany, look in View > Editor.

Indy'spup
Posts: 50
Joined: Wed 11 May 2011, 15:32
Location: SoCal

#11 Post by Indy'spup »

Thanks,

Also changed the script to open geany which results in an open page, empty with only one line. noted the error message "encoding not supported"

Already tried unpacking the file manually and have attempted to open with every text editor available, with no luck.


Also tried opening the file with the appropriate devx loaded

am still trying though, perhaps an older live puppy cd? I'm not without some resources yet am new to Linux :)


Meanwhile am working on the above inird.gz editor script

Indy'spup
Posts: 50
Joined: Wed 11 May 2011, 15:32
Location: SoCal

#12 Post by Indy'spup »

ok, watching the process I see the initrd.gz file unpacked, which creates a directory named "puppy-init" and a file named initrd the reason leaf or geany or any other text editor can not open the files is because neither file is a text file.

There are however text files buried within the directory "puppy-init" not of them are the correct file. I have previously seen the text entry we are looking for but so far have not been able to edit it..

It is my observation that the file "init" is not being unpacked correctly..


The only file which only remotely resembles the file described is one named "debug-init" ??


Both scripts unpack and repack (occasionally with some error..) however the file "init" can not be found..
Last edited by Indy'spup on Sun 22 May 2011, 17:10, edited 1 time in total.

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#13 Post by rcrsn51 »

I just did a fresh frugal install of Macpup520 in an ext3 partition.

I copied the editinit script to the same location as the initrd.gz file and ran it.

The script ran correctly. However, it uses NicoEdit as a replacement for leafpad. This happens in most recent Puppies where leafpad has been replaced with NicoEdit.

So I have no idea why you are getting different results. Have you changed your locale to something other than the default? Are you working in an ext partition?

Indy'spup
Posts: 50
Joined: Wed 11 May 2011, 15:32
Location: SoCal

#14 Post by Indy'spup »

WOW!! thanks for testing the script


:( this means I'm officially going out of my mind :(


yes ext3 partition and yes the default editor is NicoEdit however none of the text editors can find a file to open

used both scripts which unpack to directories named "puppy-init" or "initrd-editor" but no text editor can find any file to open

:(
Last edited by Indy'spup on Sun 22 May 2011, 17:39, edited 1 time in total.

Indy'spup
Posts: 50
Joined: Wed 11 May 2011, 15:32
Location: SoCal

#15 Post by Indy'spup »

As far as the local is concerned I am completely baffled and exhausted by the directory hierarchy structure despite much reading on the topic. I'm absolutely confused as to the need for so many hard links... While I fully understand symbolic linking am still trying to understand this structure.. but am going to save this for another day :)

Meanwhile when booted to a live cd I found the initrd.gz in /mnt/sda1/puppy520 within a fugal install, so I placed the scripts in this directory and ran them from there..
Last edited by Indy'spup on Sun 22 May 2011, 17:51, edited 3 times in total.

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#16 Post by rcrsn51 »

Indy'spup wrote:/mnt/sda1/puppy520
Is that a Windows partition? How is it formatted? The editinit script ONLY works in an ext partition.

Indy'spup
Posts: 50
Joined: Wed 11 May 2011, 15:32
Location: SoCal

#17 Post by Indy'spup »

I know this is entirely user error lol plz bear with me here..

Fugal install to a ext3 primary partition. /mnt/sda1/puppy520 is the location of this installation when viewed and mounted using the macpup520 live cd

Indy'spup
Posts: 50
Joined: Wed 11 May 2011, 15:32
Location: SoCal

#18 Post by Indy'spup »

WOW!!

I have no idea what I just did but rebooted to the fugal install and this time it's working, go figure..

brb

Indy'spup
Posts: 50
Joined: Wed 11 May 2011, 15:32
Location: SoCal

#19 Post by Indy'spup »

Well, I managed to edit the the initrd file (still not sure how this was possible) but if a day of extraordinary effort didn't blow my mind then the next step will for sure...

lol


What is the significance of the Data directory?

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#20 Post by rcrsn51 »

What is the significance of the Data directory?
Where?

Post Reply