PROBLEM: As an educational tool Puppy Linux is excellent, but a child or an absolutely new user, could damage or erase a partition of a Hard Disk which is serious.
QUESTION: Does anyone know of any way that Puppy Linux does not read the sda partitions at the start of the boot or during the boot, so that the drive can not be mounted?
REQUEST: If you know any way to do it by means of a Script or some PET, thank you very much in advance.
How to hide or block access to a partition?
-
amigodetux
- Posts: 27
- Joined: Mon 21 Mar 2016, 00:03
How to hide or block access to a partition?
Last edited by amigodetux on Wed 07 Mar 2018, 04:07, edited 1 time in total.
Hi,
There are many ways to accomplish this, depending on how deep you want to go.
In Puppy desktop is Rox pinboard.
It doesn't show drives by default.
Puppy creates icons by a script in /usr/local/bin with name desktop_drive_icon or something similar.
You could delete it, or change it's location.
There are many discussions on this previously, you will have to search.
There are many ways to accomplish this, depending on how deep you want to go.
In Puppy desktop is Rox pinboard.
It doesn't show drives by default.
Puppy creates icons by a script in /usr/local/bin with name desktop_drive_icon or something similar.
You could delete it, or change it's location.
There are many discussions on this previously, you will have to search.
Hi, you don't mention which drive you boot from so it is difficult to offer valid information. However - I would recommend looking at this post to see if it might point you in a useful direction.
I think it may also be possible to run a script in /root/Startup which will delete /dev/sdx (depending on which drive you are aiming for). With the /dev/sdx point missing there is no way for the system to access that device.
Of course it is important to make sure that you leave online any disk that puppy is running from or has it's savefile on. (There are ways to force the savefile to load into RAM so that you can delete the drive you loaded it from but I can't specify how to do that as I do not use savefiles).
So maybe:
- Spin the drive down
- Mark the drive offline
- Delete the /dev/sdx mount point
I think it may also be possible to run a script in /root/Startup which will delete /dev/sdx (depending on which drive you are aiming for). With the /dev/sdx point missing there is no way for the system to access that device.
Of course it is important to make sure that you leave online any disk that puppy is running from or has it's savefile on. (There are ways to force the savefile to load into RAM so that you can delete the drive you loaded it from but I can't specify how to do that as I do not use savefiles).
So maybe:
- Spin the drive down
- Mark the drive offline
- Delete the /dev/sdx mount point
I think deleting the /dev/sdx would be too harsh.
Maybe the kids will only need the desktop icons deleted.
I am running Fatdog mostly, in Fatdog the drive icons are created by udev I think.
I looked in tahrpup's iso, my assumptions in previous post looks totally wrong.
I think drive icons are created by /usr/local/pup_event/pup_event_frontend_d
I looked into /usr/local/pup_event/frontend_startup script, from line 65 it reads #build the desktop icons....
Maybe if we hashed out that whole section, no drive icons will be created.
I can't test it for few days, got to take wife to hospital.
Hopefully my daughter will have a brother or sister tomorrow.
Cya later.
Maybe the kids will only need the desktop icons deleted.
I am running Fatdog mostly, in Fatdog the drive icons are created by udev I think.
I looked in tahrpup's iso, my assumptions in previous post looks totally wrong.
I think drive icons are created by /usr/local/pup_event/pup_event_frontend_d
I looked into /usr/local/pup_event/frontend_startup script, from line 65 it reads #build the desktop icons....
Maybe if we hashed out that whole section, no drive icons will be created.
I can't test it for few days, got to take wife to hospital.
Hopefully my daughter will have a brother or sister tomorrow.
Cya later.
-
amigodetux
- Posts: 27
- Joined: Mon 21 Mar 2016, 00:03
Thank you all of you, for your answers! 
Im starting hiding drive partitions altough i would like not only hide because only works with icons, but you can open hard drives from office suites and other software.
I am thinkig if exist a way that puppy does not read any internal hard drive (any partition windows or linux) from boot, and does not allow read it from any software (gparted, disks, libreoffice etc).
It sound crazy, since one of the atractive thing of linux is its powerful manage of drives and partitios, but it is a greate way to protect an internal hard drive of accidental use, deleting files or curious eyes. Ideal for children use and new linux users without experience, so they cannot hava any posibility of damage any internal hard drive. Im imagining something like a first steps mode for new portable puppy users.
These days i have tested several portable distros of linux, but theres is not applications to do this except in Quirky Xerus i found a child proof aplication, but i have yet trying to test this distro, for now my day a day portable distro is X-tahr a derivation of Tahrpup.
Have a nice day/night!
Amigodetux
Centro América
Im starting hiding drive partitions altough i would like not only hide because only works with icons, but you can open hard drives from office suites and other software.
I am thinkig if exist a way that puppy does not read any internal hard drive (any partition windows or linux) from boot, and does not allow read it from any software (gparted, disks, libreoffice etc).
It sound crazy, since one of the atractive thing of linux is its powerful manage of drives and partitios, but it is a greate way to protect an internal hard drive of accidental use, deleting files or curious eyes. Ideal for children use and new linux users without experience, so they cannot hava any posibility of damage any internal hard drive. Im imagining something like a first steps mode for new portable puppy users.
These days i have tested several portable distros of linux, but theres is not applications to do this except in Quirky Xerus i found a child proof aplication, but i have yet trying to test this distro, for now my day a day portable distro is X-tahr a derivation of Tahrpup.
Have a nice day/night!
Amigodetux
Centro América
-
amigodetux
- Posts: 27
- Joined: Mon 21 Mar 2016, 00:03
-
amigodetux
- Posts: 27
- Joined: Mon 21 Mar 2016, 00:03
perdido wrote:Having just read this thread through I see you still have not told us where are you booting puppy linux from? Is it a hard drive, USB stick, or CD?
If I was booting from USB or CD I would go into the BIOS and disable the hard drive(s).
.
Amigodetux wrote:
That is exact what i need! disable the hard drive but not from BIOS, im looking if it is possible to do when puppy starts, writing some instruction in boot parametres or using an application, so after you restart your pc and remove your puppy usb, can use normally your internal OS installed.[quote/]
g/g has discussed the difficulty of fully protecting a Linux computer system, especially Puppy: http://www.murga-linux.com/puppy/viewto ... 290#898290
While building your own kiosk version might be best, doing so is rather difficult. Since, however, you are booting from a USB-Key and your potential miscreant is posited to be either a child or a newby, less onerous actions may be sufficient.
g/g mentioned three weaknesses (and linked to others),
- Gparted (and other partitioning tools) can easily be invoked to trash an entire drive very quickly -- you can use Menu>Setup>Remove Builtin packages to remove Gparted and any other partitioning tools
- "dd" commands can similarly trash a partition very quickly. -- Children and newbies are unlikely to know that command
- the old Linux joke of running the command "rm -rf/" will trash your data -- Children and newbies are unlikely to know that command
nor any of the other commands g/g linked to.
The menu entry Menu>Filesystem>pmount mount/unmount drives is created by /usr/share/applications/pmuont,desktop. You can delete that file, thereby removing the menu entry. The executable called by pmount.desktop is the bash-script is /usr/sbin/pmount. Without a Menu entry, it can only be started by typing "pmount" in the terminal. But you can change the name of /usr/sbin/pmount to something only you would know --as a bad example "opensesame" without the quotes. Typing the command only you know will enable you to access the hard drives. Everyone else will only have access to the USB-drive and its contents.
After making those simple changes, you can remaster. Unless you need your OS to includ an UEFI signature, I recommend shinobar's remasterx, http://www.murga-linux.com/puppy/viewto ... 625#775625. After remastering, install it to the USB-Key. Establish your basic settings --locales, wifi, etc-- and create a SaveFile on your USB-Key. Then boot pfix =ram. An easy way is on bootup select Advanced Menu, then
title WHATEVERPUPPY RAM mode\nBoot up Puppy without pupsave
open a terminal and type in the name you substituted for pmount. Mount your hard-drive and copy the SaveFile into a folder two levels down: that is, from the top of a partition into a folder within another folder. Puppies don't look that far down for SaveFiles.
With a Frugal Install, except for the SaveFile, the system files are READ-Only. You can't write to them (or modify them unless you know how: See below). The worst that can happen is that someone could screw-up the contents of the SaveFile. In such case, you could again boot your Puppy pfix=ram, delete the screwed-up SaveFile and copy the protected SaveFile onto your USB-Key.
It is possible to open intrd.gz and YourPuppy_XXX.sfs with Archiving/Extracting applications. So I suggest that while your "removing builtins" these be removed as well.
It is also possible to delete initrd, vmlinuz, YourPuppy_XXX.sfs and (if it has it) zdrv_YourPuppy_XXX.sfs.
Initrd and vmlinuz are accessed/copied ONLY during bootup. Puppies automatically mount the partition on which the SaveFile is located. I was wondering --don't want to take the time now to test-- if you located initrd.gz, vmlinux and YourPuppy_XXX.sfs on, say sda, with another copy of YourPuppy_XXX.sfs and the SaveFile on the USB-key, would sda be automatically mounted? If not, I think the system would use the YourPuppy_XXX.sfs on the USB-Key unless it was deleted in which case Puppy might still boot, using the YourPuppy_XXX.sfs on the hard-drive which would enable a quick repair of the problem.
But perhaps the easiest way to recover from someone screwing up the USB-Key is to have a 2nd copy, safely stored out of sight.
mikesLr
While building your own kiosk version might be best, doing so is rather difficult. Since, however, you are booting from a USB-Key and your potential miscreant is posited to be either a child or a newby, less onerous actions may be sufficient.
g/g mentioned three weaknesses (and linked to others),
- Gparted (and other partitioning tools) can easily be invoked to trash an entire drive very quickly -- you can use Menu>Setup>Remove Builtin packages to remove Gparted and any other partitioning tools
- "dd" commands can similarly trash a partition very quickly. -- Children and newbies are unlikely to know that command
- the old Linux joke of running the command "rm -rf/" will trash your data -- Children and newbies are unlikely to know that command
nor any of the other commands g/g linked to.
The menu entry Menu>Filesystem>pmount mount/unmount drives is created by /usr/share/applications/pmuont,desktop. You can delete that file, thereby removing the menu entry. The executable called by pmount.desktop is the bash-script is /usr/sbin/pmount. Without a Menu entry, it can only be started by typing "pmount" in the terminal. But you can change the name of /usr/sbin/pmount to something only you would know --as a bad example "opensesame" without the quotes. Typing the command only you know will enable you to access the hard drives. Everyone else will only have access to the USB-drive and its contents.
After making those simple changes, you can remaster. Unless you need your OS to includ an UEFI signature, I recommend shinobar's remasterx, http://www.murga-linux.com/puppy/viewto ... 625#775625. After remastering, install it to the USB-Key. Establish your basic settings --locales, wifi, etc-- and create a SaveFile on your USB-Key. Then boot pfix =ram. An easy way is on bootup select Advanced Menu, then
title WHATEVERPUPPY RAM mode\nBoot up Puppy without pupsave
open a terminal and type in the name you substituted for pmount. Mount your hard-drive and copy the SaveFile into a folder two levels down: that is, from the top of a partition into a folder within another folder. Puppies don't look that far down for SaveFiles.
With a Frugal Install, except for the SaveFile, the system files are READ-Only. You can't write to them (or modify them unless you know how: See below). The worst that can happen is that someone could screw-up the contents of the SaveFile. In such case, you could again boot your Puppy pfix=ram, delete the screwed-up SaveFile and copy the protected SaveFile onto your USB-Key.
It is possible to open intrd.gz and YourPuppy_XXX.sfs with Archiving/Extracting applications. So I suggest that while your "removing builtins" these be removed as well.
It is also possible to delete initrd, vmlinuz, YourPuppy_XXX.sfs and (if it has it) zdrv_YourPuppy_XXX.sfs.
Initrd and vmlinuz are accessed/copied ONLY during bootup. Puppies automatically mount the partition on which the SaveFile is located. I was wondering --don't want to take the time now to test-- if you located initrd.gz, vmlinux and YourPuppy_XXX.sfs on, say sda, with another copy of YourPuppy_XXX.sfs and the SaveFile on the USB-key, would sda be automatically mounted? If not, I think the system would use the YourPuppy_XXX.sfs on the USB-Key unless it was deleted in which case Puppy might still boot, using the YourPuppy_XXX.sfs on the hard-drive which would enable a quick repair of the problem.
But perhaps the easiest way to recover from someone screwing up the USB-Key is to have a 2nd copy, safely stored out of sight.
mikesLr
Hello amigodelux.
You have not told us the age of the child, either.
If (s)he is a younger kid whose only interest is games, simply putting the partition or
disk off line may be enough. Here is a simple way to prevent access to some drives,
that was not discussed above.
For the sake of example, we will say the that you have two partitions on your
hard drive and that your personal files are on partition sda2, and the main Puppy
files are on partition sda1.
Depending on the version and breed of your Puppy, if you do
sda1 may appear as /mnt/home -- OR as /mnt/home AND as /mnt/sda1. It does
not matter since our goal here is to prevent access to sda2. But please do not
touch or edit anything related to your basic Puppy partition (i.e. /mnt/home).
In directory /etc/rc.d is a small file called rc.local. This file is actually a script that
is loaded before many other files during the boot process. Certainly before the
contents of /root/Startup. While rc.local is not a hidden file, if you do not know what
it does, you will not go looking for it. This is its advantage over putting a script with
similar function in the /root/Startup directory, which is in plain view, for all to see.
So we will use /etc/rc.d/rc.local. Below is the one-liner script that should be added
at the end of file /etc/rc.d/rc.local:The line is divided in two parts, separated by the two ampersands.
On the left-hand side, it detects if sda2 is mounted.
If it is, the command on the right-hand side un-mounts it.
How-to:
Open file /etc/rc.d/rc.local in your editor, and copy-and-paste the above
line at the very bottom of it. Save the file, quit your editor and reboot.
Now at each boot, this check will be done, and sda2 will be unmounted as needed.
~~~~~~~~~~~~~~~~~~~
If the child is a teen-ager wishing to assert him/herself at dad's expense, e.g. to
show dad (s)he's become a Linux wiz
, that would be another strategy, IMO.
This strategy would be essentially the same as sharing your system with another
responsible adult: use USB thumb drives or portable HDs to save your personal
files, encrypt your own pupsave file.
Also perhaps, seriously consider the option of booting from DVD (which would
become like the key to the computer / Puppy system). Even -- why not? --, each
of you could have his own Puppy on DVD or USB stick?
Finally if the child is old enough, you may not need to implement a Bash one-liner
script to prevent access to drive X: a "not to go there", agreed-upon, moral
responsibility script may work even better.
IHTH
You have not told us the age of the child, either.
If (s)he is a younger kid whose only interest is games, simply putting the partition or
disk off line may be enough. Here is a simple way to prevent access to some drives,
that was not discussed above.
For the sake of example, we will say the that you have two partitions on your
hard drive and that your personal files are on partition sda2, and the main Puppy
files are on partition sda1.
Depending on the version and breed of your Puppy, if you do
Code: Select all
rox /mntsda1 may appear as /mnt/home -- OR as /mnt/home AND as /mnt/sda1. It does
not matter since our goal here is to prevent access to sda2. But please do not
touch or edit anything related to your basic Puppy partition (i.e. /mnt/home).
In directory /etc/rc.d is a small file called rc.local. This file is actually a script that
is loaded before many other files during the boot process. Certainly before the
contents of /root/Startup. While rc.local is not a hidden file, if you do not know what
it does, you will not go looking for it. This is its advantage over putting a script with
similar function in the /root/Startup directory, which is in plain view, for all to see.
So we will use /etc/rc.d/rc.local. Below is the one-liner script that should be added
at the end of file /etc/rc.d/rc.local:
Code: Select all
[ "`mount | grep sda2`" ] && umount /mnt/sda2On the left-hand side, it detects if sda2 is mounted.
If it is, the command on the right-hand side un-mounts it.
How-to:
Open file /etc/rc.d/rc.local in your editor, and copy-and-paste the above
line at the very bottom of it. Save the file, quit your editor and reboot.
Now at each boot, this check will be done, and sda2 will be unmounted as needed.
~~~~~~~~~~~~~~~~~~~
If the child is a teen-ager wishing to assert him/herself at dad's expense, e.g. to
show dad (s)he's become a Linux wiz
, that would be another strategy, IMO. This strategy would be essentially the same as sharing your system with another
responsible adult: use USB thumb drives or portable HDs to save your personal
files, encrypt your own pupsave file.
Also perhaps, seriously consider the option of booting from DVD (which would
become like the key to the computer / Puppy system). Even -- why not? --, each
of you could have his own Puppy on DVD or USB stick?
Finally if the child is old enough, you may not need to implement a Bash one-liner
script to prevent access to drive X: a "not to go there", agreed-upon, moral
responsibility script may work even better.
IHTH
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
-
amigodetux
- Posts: 27
- Joined: Mon 21 Mar 2016, 00:03
musher0 wrote:Hello amigodelux.
You have not told us the age of the child, either.
If (s)he is a younger kid whose only interest is games, simply putting the partition or
disk off line may be enough. Here is a simple way to prevent access to some drives,
that was not discussed above.
For the sake of example, we will say the that you have two partitions on your
hard drive and that your personal files are on partition sda2, and the main Puppy
files are on partition sda1.
Depending on the version and breed of your Puppy, if you doCode: Select all
rox /mnt
sda1 may appear as /mnt/home -- OR as /mnt/home AND as /mnt/sda1. It does
not matter since our goal here is to prevent access to sda2. But please do not
touch or edit anything related to your basic Puppy partition (i.e. /mnt/home).
In directory /etc/rc.d is a small file called rc.local. This file is actually a script that
is loaded before many other files during the boot process. Certainly before the
contents of /root/Startup. While rc.local is not a hidden file, if you do not know what
it does, you will not go looking for it. This is its advantage over putting a script with
similar function in the /root/Startup directory, which is in plain view, for all to see.
So we will use /etc/rc.d/rc.local. Below is the one-liner script that should be added
at the end of file /etc/rc.d/rc.local:The line is divided in two parts, separated by the two ampersands.Code: Select all
[ "`mount | grep sda2`" ] && umount /mnt/sda2
On the left-hand side, it detects if sda2 is mounted.
If it is, the command on the right-hand side un-mounts it.
How-to:
Open file /etc/rc.d/rc.local in your editor, and copy-and-paste the above
line at the very bottom of it. Save the file, quit your editor and reboot.
Now at each boot, this check will be done, and sda2 will be unmounted as needed.
~~~~~~~~~~~~~~~~~~~
If the child is a teen-ager wishing to assert him/herself at dad's expense, e.g. to
show dad (s)he's become a Linux wiz
This strategy would be essentially the same as sharing your system with another
responsible adult: use USB thumb drives or portable HDs to save your personal
files, encrypt your own pupsave file.
Also perhaps, seriously consider the option of booting from DVD (which would
become like the key to the computer / Puppy system). Even -- why not? --, each
of you could have his own Puppy on DVD or USB stick?
Finally if the child is old enough, you may not need to implement a Bash one-liner
script to prevent access to drive X: a "not to go there", agreed-upon, moral
responsibility script may work even better.
IHTH
amigodetux wrote:Thanks musher0, in fact I want to give a remastering of my puppy to some people of different ages (15, 16, 40) and I thought that they do not have experience with linux. I think a small introductory course will be important
This week I tested several portable linux systems (Porteus, Slax, Knoppix, Debian-Minino) And not as a professional technician but as a common end user, I can safely say that Puppy Linux is the fastest portable operating system and light that exists to perform common tasks of day to day.
Regards,