Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 02 Sep 2015, 22:51
All times are UTC - 4
 Forum index » House Training » Users ( For the regulars )
"Read only" puppy on HDD
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 2 [28 Posts]   Goto page: Previous 1, 2
Author Message
rcrsn51


Joined: 05 Sep 2006
Posts: 10183
Location: Stratford, Ontario

PostPosted: Sat 29 Jun 2013, 08:15    Post subject:  

greengeek wrote:
I just tried changing the permissions for a puppy sfs file (pup-431.sfs) and found I can still delete it. Does that seem odd?

No. As the root user, you can over-ride those permissions.
Back to top
View user's profile Send private message 
TwoPuppies


Joined: 29 Dec 2010
Posts: 35
Location: Melbourne, Australia

PostPosted: Thu 27 Aug 2015, 22:38    Post subject:  

Are you aware that you can disable the "Save File" question at Shutdown, so that the system will never ask you if you want to create a Save File?

To do this:

Go to /etc/rc.d/rc.shutdown and open it as text.

Find the line
Code:
if [ $PUPMODE -eq 5 ];then #ifpupmode5


and change it to
Code:
fi #end ifpupmode5


Save the file.

What I usually do to create a "Read Only" Puppy on HDD is the following:

    1. Boot from the Live CD.

    2. Apply any customisations to the Operating System that I require, including the above modification to /etc/rc.d/rc.shutdown regarding the Save file. (Note that if you are running from a Live CD the pupmode number might be different.)

    3. Do a re-master so that my customisations are included in a new SFS file.

    4. Carry out a Frugal Install, using my newly re-mastered SFS as its basis.

So, now, when my new Operating System boots up, what I get is...

    An Operating System that boots from a secure, read-only SFS file.
    I still have all my personal customisations.
    No mounted drives or partitions.
    No automatic saves to a Save File (because there isn't one).
    No annoying question every time I shut down about creating a Save File.
    No possibility of creating a Save File by accidentally selecting the wrong option at shutdown.

If I do decide that I want to save something, I just plug in and mount a USB Flash Drive as required, save to it, then unmount it again afterwards.

If, in the future, having a Save File becomes desirable, just change the line in /etc/rc.d/rc.shutdown back to what it was originally and the Save File option at shutdown will reappear.

_________________
What you really need is two puppies:
Puppy Linux, and the sort with four legs and a tail.

Back to top
View user's profile Send private message 
bigpup


Joined: 11 Oct 2009
Posts: 6431
Location: Charleston S.C. USA

PostPosted: Fri 28 Aug 2015, 01:21    Post subject:  

The only Puppy install that is truly unable to be written to and unchanged is a live Puppy CD/DVD that is burned as a closed session.

As a closed session you have locked the CD/DVD from being written on.

A multisession CD/DVD is still open to be written to.
That is why you can place saves on it when you shutdown.
The saves are burned to the CD/DVD at shutdown.

If you put Puppy on a device that can be written to (HDD, USB flash drive, SD card not locked, etc.....)
Malware always has the chance it could modify what is on the device.
Malware:
Any software designed to do something that the user would not wish it to do, hasn't asked it to do, and often has no knowledge of until it's too late. Types of malware include backdoor, virus, worm, Trojan horse.
Malware typically affects the system on which it is run, e.g. by deleting or corrupting files.

Even a closed session burned CD/DVD does not stop malware from doing something to what is in memory, while you are using it.

The Puppy sfs is always used as read only by Puppies operating processes, but nothing is stopping a properly written malware from changing that on a device that could be written on.
I would think it would need to be a malware that is designed to look for this read only condition and know how to change it.

_________________
I have found, in trying to help people, that the things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
Back to top
View user's profile Send private message 
Ted Dog


Joined: 13 Sep 2005
Posts: 3477
Location: Heart of Texas

PostPosted: Fri 28 Aug 2015, 09:00    Post subject:  

You could get a usb dvd burner or a bluray if your machine is 64bit and run Fatdog64 but a DVD burner is nice to have for a read only setup. I can't think of any other booting device that can be read only sdcards do have the write protect switch but its not hardware based computers can ignore it.
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 10183
Location: Stratford, Ontario

PostPosted: Fri 28 Aug 2015, 10:49    Post subject:  

Ted Dog wrote:
... or a bluray if your machine is 64bit and run Fatdog64 ...

That statement implies that only Fatdog is capable of using Bluray. Is that what you meant?
Back to top
View user's profile Send private message 
Ted Dog


Joined: 13 Sep 2005
Posts: 3477
Location: Heart of Texas

PostPosted: Fri 28 Aug 2015, 11:35    Post subject:  

Yes unless you know of another that can multisession, as a save back of the OS not at a user program like what you have provided. Fatdog64 does at OS level. Hope others can tell the difference. Its easy to add but I do not know of any other puppylinux spin that does ( the OS has to be constructed with the same iso_level as the multisession ) again trival change.
Back to top
View user's profile Send private message 
Wognath

Joined: 19 Apr 2009
Posts: 250

PostPosted: Fri 28 Aug 2015, 12:52    Post subject:  

This may be close to what the OP wanted. I have a frugal HD install of unicornpup on a netbook, pupmode 13, "save=never". A startup script checks the md5sum of the save file, as 8-bit suggested, then unmounts the HD before making wifi connection. If I need to make changes, I mount the HD, run save2flash and update the md5sum. (I modified save2flash to avoid accidental saves since by default it automatically mounts the HD.) The save file hasn't changed spontaneously so far.

Some experts gave me advice here. I set this up for public wifi use (firewall + vpn) and consider it pretty safe. Of course, if I've missed something, I'd like to know it.
Back to top
View user's profile Send private message 
Ted Dog


Joined: 13 Sep 2005
Posts: 3477
Location: Heart of Texas

PostPosted: Fri 28 Aug 2015, 14:04    Post subject:  

I am curious, do you have links for the code changes needed for this. Found the orginal thread interesting but incomplete.
Back to top
View user's profile Send private message 
Wognath

Joined: 19 Apr 2009
Posts: 250

PostPosted: Fri 28 Aug 2015, 15:29    Post subject:  

TedDog, this was new territory for me, so I probably consulted about 100 links, but I don't remember them Sad Anyway, the scripts I came up with are attached.
scripts.tar
Description 
tar

 Download 
Filename  scripts.tar 
Filesize  10 KB 
Downloaded  6 Time(s) 
Back to top
View user's profile Send private message 
d4p


Joined: 12 Mar 2007
Posts: 413

PostPosted: Sat 29 Aug 2015, 01:27    Post subject:  

You can use CDFS partition as "Read only" puppy on HDD.
I have used CDFS partition on my internal Hard drive for years.
Back to top
View user's profile Send private message 
greengeek

Joined: 20 Jul 2010
Posts: 3221
Location: New Zealand

PostPosted: Today, at 15:12    Post subject:  

d4p wrote:
You can use CDFS partition as "Read only" puppy on HDD.
I have used CDFS partition on my internal Hard drive for years.
It appears that my Gparted does not offer this option. What method do you use to create the partition?
Back to top
View user's profile Send private message 
starhawk

Joined: 22 Nov 2010
Posts: 4060
Location: Everybody knows this is nowhere...

PostPosted: Today, at 15:39    Post subject:  

Guys? Guys...? You're way overthinking this.

Format the partition ext3 or ext4, depending on the vintage of your intended Pup.

Install Puppy.

Install the grub4dos bootloader, and (at the end) edit menu.lst -- the entries should look like this...

Code:
title Carolina Vanguard 1.3 (sdb1)
  uuid 2530f5ca-398c-4a56-ad66-a6c8bb47da20
  kernel /vmlinuz    ro pmedia=ataflash pfix=fsck
  initrd /initrd.gz

title Carolina Vanguard 1.3 (sdb1) RAM mode\nBoot up Puppy without pupsave
  uuid 2530f5ca-398c-4a56-ad66-a6c8bb47da20
  kernel /vmlinuz    ro pmedia=ataflash pfix=ram
  initrd /initrd.gz


Adding the 'ro' boot parameter forces the kernel to mount the root filesystem as read-only (source). Bingo, job done.

_________________

Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 10183
Location: Stratford, Ontario

PostPosted: Today, at 15:58    Post subject:  

@starhawk: What are you claiming? That by using the "ro" boot argument, you can protect a directory like /usr from being changed?

That's not my experience.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 2 of 2 [28 Posts]   Goto page: Previous 1, 2
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » Users ( For the regulars )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1417s ][ Queries: 13 (0.0216s) ][ GZIP on ]