StretchDog

A home for all kinds of Puppy related projects
Post Reply
Message
Author
jss83

#16 Post by jss83 »

Using stretchdog right now and it is just wonderful! I think I can safely make a shift with this. Thank you so much.

err.. spoken too soon.. ran into some trouble. :?

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#17 Post by rufwoof »

Downloaded ISO and frugally installed/booted (Porteus style, save on exit)

I tried removing user puppy from both disk and wheel groups (using deluser puppy disk; deluser puppy wheel) ... logged out and in again and it isn't a member of either of those groups ... but it can still mount partitions by clicking on the desktop drive icons.

More preferably by default user "puppy" shouldn't be able to mount partitions, so if you're running a browser as puppy and a hacker breaks out of that then any unmounted partitions are inaccessible.

How can user puppy be prevented from mounting partitions (force having to Ctrl-Alt-Fn ... login as root and mount a drive, or run sudo to mount a drive)?

EDIT : Further investigation indicates that puppy cannot mount from the cli when it isn't a member of the disk group (mounting is only possible by clicking on the desktop drive icons).
Last edited by rufwoof on Mon 16 Oct 2017, 18:50, edited 1 time in total.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#18 Post by rufwoof »

editing /etc/slim.conf to autlogin as puppy instead of root ... and it still defaults to logging in as root

Code: Select all

# default user, leave blank or remove this line
# for avoid pre-loading the username.
default_user        puppy

# Focus the password field on start when default_user is set
# Set to "yes" to enable this feature
#focus_password      no

# Automatically login the default user (without entering
# the password. Set to "yes" to enable this feature
auto_login          yes
EDIT : http://murga-linux.com/puppy/viewtopic. ... 601#850601

User avatar
fredx181
Posts: 4448
Joined: Wed 11 Dec 2013, 12:37
Location: holland

#19 Post by fredx181 »

Hi rufwoof
How can user puppy be prevented from mounting partitions (force having to Ctrl-Alt-Fn ... login as root and mount a drive, or run sudo to mount a drive)?
Uncomment "chpupsocket $USER:$USER &" in /home/puppy/.config/openbox/autostart

Code: Select all

# chpupsocket $USER:$USER &
(reboot required)

Btw, FYI, puppy can mount (by clicking drive icons) but has no write permissions
editing /etc/slim.conf to autlogin as puppy instead of root ... and it still defaults to logging in as root
Slim is not enabled by default, first enable from "Start Slim" button on Whisker menu or from System > Start/Stop Slim display-manager
(enabling slim will set /etc/inittab to no-auto login, and no auto startx)
Then changing /etc/slim.conf will apply after reboot

Fred
Last edited by fredx181 on Mon 16 Oct 2017, 19:45, edited 1 time in total.

trister
Posts: 137
Joined: Sun 01 Mar 2015, 21:16

#20 Post by trister »

Very good job Fred :)
Very nice Desktop.

The first thing I noticed at start is that I need to run "reconnect" from peasyWifi to get an IP from my router the first time I enter the system. This doesn't seem as much of a problem but since it is a live CD it might matter.

rufwoof wrote:editing /etc/slim.conf to autlogin as puppy instead of root ... and it still defaults to logging in as root
For the previous release of StretchDog64 (in case Fred fix won't do it):
Maybe you have the same problem as me
While slim was running and asking me my username, in the background
/etc/profile executed startx as root (so I had the problem that while I was typing the desktp appeared ).
If this is the case you could try to comment out the "startx" entry in your /etc/profile file.


@ethplorer:

my menu.lst entry is like this :

Code: Select all

title PorteusStretchDog EXIT: changes32
find --set-root --ignore-floppies /puppy_StretchDog64/live/initrd1.xz
kernel /puppy_StretchDog64/live/vmlinuz1 from=/puppy_StretchDog64 changes=EXIT:/puppy_StretchDog64/changes32.dat 
initrd /puppy_StretchDog64/live/initrd1.xz
Btw, If anyone wants to try KODI without installing it :
kodi_2.3a17.1+dfsg1-3_amd64-deb_.squashfs https://1fichier.com/?5sl6u1qbfs
kodi_libs_addon_v001d_.squashfs https://1fichier.com/?gcn37ed4h6
maybe you'll also need this:
python279apt2sfs.squashfs https://1fichier.com/?ytqs6spvxt

User avatar
fredx181
Posts: 4448
Joined: Wed 11 Dec 2013, 12:37
Location: holland

#21 Post by fredx181 »

Thanks trister !
trister wrote:The first thing I noticed at start is that I need to run reconnect from peasyWifi to get an IP from my router the first time I enter the system. This doesn't seem as much of a problem but since it is a live CD it might matter.
Oh, strange, that shouldn't be like that (for me it connects right away)

@all For Info: I probably won't be very active replying in the next days because I have the flu (began yesterday, don't know how it goes in the next days)

Fred

trister
Posts: 137
Joined: Sun 01 Mar 2015, 21:16

#22 Post by trister »

fredx181 wrote:
@all For Info: I probably won't be very active replying in the next days because I have the flu (began yesterday, don't know how it goes in the next days)

Fred
:(
I hope you get well soon.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#23 Post by rufwoof »

@trister http://murga-linux.com/puppy/viewtopic. ... 601#850601 did it for me, logs in as puppy fine now.

@fred. ditto (flu), started today. Feeling pretty lousy.
How can user puppy be prevented from mounting partitions (force having to Ctrl-Alt-Fn ... login as root and mount a drive, or run sudo to mount a drive)?
Uncomment "chpupsocket $USER:$USER &" in /home/puppy/.config/openbox/autostart

Code:
# chpupsocket $USER:$USER &

(reboot required)

Btw, FYI, puppy can mount (by clicking drive icons) but has no write permissions
Not having cli permission to mount is good enough. Quite like still being able to mount from the desktop/gui as that relatively locks out cli breakins from doing something nasty like installing ransomware, but still being able to mount things as puppy from within the desktop environment. Mine mounts with rw permissions after a 'puppy' user desktop drive icon is clicked !!! That's great assuming it continues to work that way as more like running as root in feel, but with the ability to lock down partition access in the event of a hackers browser breakout.

I've adopted jwm as the wm and have set left click of the clock to be the MENU (right mouse click clock to showdesktop).

Not sure why the firewall isn't working under user puppy (shows as green when logged in as root, but under puppy I can't seem to turn it on).
Attachments
s.png
(95.94 KiB) Downloaded 1240 times
Last edited by rufwoof on Mon 16 Oct 2017, 21:36, edited 2 times in total.

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#24 Post by rcrsn51 »

trister wrote:The first thing I noticed at start is that I need to run "reconnect" from peasyWifi to get an IP from my router the first time I enter the system.
This sounds like a timing issue.

Look at the script /etc/rc.d/rc.nework. PWF makes two tries (line 19) with a 5 second pause between (line 23). Each try is controlled by the -t and -T options (line 21).

Maybe increasing some of these will help.

If you watch the boot messages, there should be a line near the end for "udhcpc". Do you see it?

User avatar
prehistoric
Posts: 1744
Joined: Tue 23 Oct 2007, 17:34

#25 Post by prehistoric »

Just want to mention that there is a patch for Debian Stretch for the WPA2 Krack attack. This puts it ahead of many other distros.

User avatar
fredx181
Posts: 4448
Joined: Wed 11 Dec 2013, 12:37
Location: holland

#26 Post by fredx181 »

prehistoric wrote:Just want to mention that there is a patch for Debian Stretch for the WPA2 Krack attack. This puts it ahead of many other distros.
Yes, thanks !
So to upgrade to patched wpasupplicant on StretchDog:

Code: Select all

apt-get update
apt-get install wpasupplicant
Fred

marcelo4768
Posts: 9
Joined: Mon 18 Sep 2017, 15:09

how install full ?

#27 Post by marcelo4768 »

i want to install full stretchdog in a laptop year 2010 with 1,6 ghz and 3 gb ram and 300 gb hdd, help please, i have to use gparted first ? already have deepin installed but i want erase it and use only with stretchdog, my hangout is marcelo4768

User avatar
don570
Posts: 5528
Joined: Wed 10 Mar 2010, 19:58
Location: Ontario

#28 Post by don570 »

i want to install full stretchdog in a laptop year 2010 with 1,6 ghz and 3 gb ram and 300 gb hdd, help please
Open up the iso file(with a click) and read the readme file inside.
Once you get a Porteus install i.e. into a folder named 'live' on hard drive to work
you can then do a full install to an empty partition .
_______________________________________________________
Last edited by don570 on Tue 17 Oct 2017, 19:32, edited 2 times in total.

User avatar
don570
Posts: 5528
Joined: Wed 10 Mar 2010, 19:58
Location: Ontario

pfind 6.3

#29 Post by don570 »

I was able to use the most recent version of pfind 6.3
(it needs a recent version of pfilesearch as well so I put it inside the package)
and I made a debian package so others can try it.

Available:
pfind_6.3_all.deb
Size: 28k
https://drive.google.com/open?id=0B7JZA ... 0djdmtPZUU
--------------------------------------------------------------------

I added a file --->

/usr/local/bin/defaultfilemanager and pointed it to thunar.

'Open location' feature will use it.

________________________________________

ethplorer
Posts: 28
Joined: Fri 21 Apr 2017, 17:43
Contact:

#30 Post by ethplorer »

trister wrote:Very good job Fred :)

@ethplorer:

my menu.lst entry is like this :

Code: Select all

title PorteusStretchDog EXIT: changes32
find --set-root --ignore-floppies /puppy_StretchDog64/live/initrd1.xz
kernel /puppy_StretchDog64/live/vmlinuz1 from=/puppy_StretchDog64 changes=EXIT:/puppy_StretchDog64/changes32.dat 
initrd /puppy_StretchDog64/live/initrd1.xz
Btw, If anyone wants to try KODI without installing it :
kodi_2.3a17.1+dfsg1-3_amd64-deb_.squashfs https://1fichier.com/?5sl6u1qbfs
kodi_libs_addon_v001d_.squashfs https://1fichier.com/?gcn37ed4h6
maybe you'll also need this:
python279apt2sfs.squashfs https://1fichier.com/?ytqs6spvxt
while it does work as it starts to read the vmlinuz and initrd, it suddenly stops telling that it needs Porteus that it has to be in the /puppy_StretchDog64/live/Porteus <--- not sure what it meant actually. Anything else i need to do?

User avatar
don570
Posts: 5528
Joined: Wed 10 Mar 2010, 19:58
Location: Ontario

#31 Post by don570 »

it needs Porteus that it has to be in the /puppy_StretchDog64/live/Porteus <--- not sure what it meant actually. Anything else i need to do?
In this situation two folders were created --> /puppy_StretchDog64/live/

Then you drag the contents of the Porteus folder
into the 'live' folder

_________________________________________

User avatar
don570
Posts: 5528
Joined: Wed 10 Mar 2010, 19:58
Location: Ontario

#32 Post by don570 »

BarryK likes uses default applications.

Here is a list that aren't in Stretch Dog..

/usr/local/bin/defaultaudioplayer
/usr/local/bin/defaultpaint
/usr/local/bin/defaultspreadsheet
/usr/local/bin/defaultterm
/usr/local/bin/defaulttexteditor
/usr/local/bin/defaultwordprocessor
/usr/local/bin/defaultmail
/usr/local/bin/defaultdraw
/usr/local/bin/defaulthtmleditor
/usr/local/bin/defaultimageviewer
_______________________________________

trister
Posts: 137
Joined: Sun 01 Mar 2015, 21:16

#33 Post by trister »

ethplorer wrote:
trister wrote:Very good job Fred :)

@ethplorer:

my menu.lst entry is like this :

Code: Select all

title PorteusStretchDog EXIT: changes32
find --set-root --ignore-floppies /puppy_StretchDog64/live/initrd1.xz
kernel /puppy_StretchDog64/live/vmlinuz1 from=/puppy_StretchDog64 changes=EXIT:/puppy_StretchDog64/changes32.dat 
initrd /puppy_StretchDog64/live/initrd1.xz
...
while it does work as it starts to read the vmlinuz and initrd, it suddenly stops telling that it needs Porteus that it has to be in the /puppy_StretchDog64/live/Porteus <--- not sure what it meant actually. Anything else i need to do?
StretchDog is by default reading initrd1.xz and vmlinuz1 from inside a /live folder.
If you put everything inside that /puppy_StretchDog64 folder/live folder (I've put live inside the puppy_StretchDog64 folder) then it should work.
Note the names are "initrd1.xz " (and not initrd.img which is used for another boot method-not porteus)

The parameter from=/puppy_StretchDog64 tells linux that my live folder is inside /puppy_StretchDog64 folder

The parameter changes=EXIT:/puppy_StretchDog64/changes32.dat tells linux that my save file name is changes32.dat and where it is located

The entry
find --set-root --ignore-floppies /puppy_StretchDog64/live/initrd1.xz
is my favorite :) it searches my puppy_StretchDog64 folder. This means I can move this folder in any drive and I don't have to change anything

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#34 Post by rufwoof »

prehistoric wrote:Just want to mention that there is a patch for Debian Stretch for the WPA2 Krack attack. This puts it ahead of many other distros.
https://marc.info/?l=openbsd-misc&m=150815942414653&w=2
Why did OpenBSD silently release a patch before the embargo?

OpenBSD was notified of the vulnerability on 15 July 2017, before
CERT/CC was involved in the coordination. Quite quickly, Theo de Raadt
replied and critiqued the tentative disclosure deadline: In the open
source world, if a person writes a diff and has to sit on it for a
month, that is very discouraging. Note that I wrote and included a
suggested diff for OpenBSD already, and that at the time the tentative
disclosure deadline was around the end of August. As a compromise, I
allowed them to silently patch the vulnerability. In hindsight this was
a bad decision, since others might rediscover the vulnerability by
inspecting their silent patch. To avoid this problem in the future,
OpenBSD will now receive vulnerability notifications closer to the end
of an embargo.

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#35 Post by rcrsn51 »

rcrsn51 wrote:
trister wrote:The first thing I noticed at start is that I need to run "reconnect" from peasyWifi to get an IP from my router the first time I enter the system.
This sounds like a timing issue.

Look at the script /etc/rc.d/rc.nework. PWF makes two tries (line 19) with a 5 second pause between (line 23). Each try is controlled by the -t and -T options (line 21).

Maybe increasing some of these will help.

If you watch the boot messages, there should be a line near the end for "udhcpc". Do you see it?
No reply? If there is a timing issue here, the only person who can help fix it is the one who is experiencing it.

Post Reply