Puli 32/64 bit

A home for all kinds of Puppy related projects
Post Reply
Message
Author
User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Puli 32/64 bit

#1 Post by gjuhasz »

Welcome to Puli


Announcement and changelog for the latest 32-bit version: 6.2.0, for the 64-bit versions: 7.0, 7.1, 7.2. and 7.3.

Magyarul itt, itt, itt, itt és itt

Puli is a member of the Puppy Linux family: a high security, "kiosk" flavor of 666philb's Tahrpup 6.0.6 CE (32-bit, aka Puli 6) and Xenialpup64 CE 7.5 (64-bit, aka Puli 7), intended to boot from a USB pendrive and run safely even if the boot device is unplugged.

Puli supports booting various software-combinations by multiple users on many hardware using the same boot device.

The Puppy Linux Project was established by Barry Kauler in 2003. See legal notice at the bottom of this page.

Special thanks to 666philb, smokey01, pemasu, S-kami, Kros54, Asterix, Sylvander, members of Puppy Linux forums, and to my colleagues, including ethical hackers who helped me with their feedback about Puli.

Kudos to my friend László Fekete for the background pictures. These "brown puli" pics are under copyright protection and can be used exclusively with reference to/within the Puli software.

The 32-bit Puli 6 (v6.2.0) is published with 3.14.79 non-PAE kernel. The 3.14.56 PAE kernel is also preferred. Some k4.x series are available, too. See the tested kernels here.

The 64-bit Puli 7 (latest v7.3) has kernel version 4.19.23. Tested with many kernels between k4.9.58 and k5.0.7 as well.

Earlier barks of Puli are discussed at http://murga-linux.com/puppy/viewtopic.php?t=88691
 
Have fun!

Regards,
gjuhasz


 
I. How to install Puli on a USB pendrive:


If you are an experienced Linux user, consider installing Puli by following the steps written in Appendix A.

However, as many users (still) have Windows XP/7/8/10 only, here I describe a "one-finger-one-minute" method to create a working Puli pendrive in Windows:
 
1. Download Puli and LiLi

  a. The latest 32/64 bit Pulis are available at sourceforge.net repository in form of compressed files in Puli-(version_issuedate) folders. Download the preferred Puli_install.zip file (this description references to Puli 6.0.4 and later versions).

  b. Download the latest version of LinuxLive USB Creator from http://www.linuxliveusb.com. If you have any issue, you can find its earlier, tested and virus-free version at smokey01.com/gjuhasz/LiLi

2. Create the Puli pendrive.

Plug in the pendrive (recommended capacity: 4 GB or bigger) and Run LiLi. Complete the install steps from top to down as follows:

  Step 1: Choose your pendrive in the selection box (be careful - do not select another drive accidentally)

  Step 2: Choose a source - click on the ISO/IMG/ZIP icon and select the Puli_install.zip file

  Step 3: Select Live Mode in the Persistence pane

  Step 4: Tick only the second (FAT32) box

  Step 5: Click the lightning icon. The installation takes about 25-30 seconds. In the below picture, you see the LiLi interface before the installation starts and after it has finished.

  Step 6: You can download some useful packages from Puli-(64/32 bit)/packages subfolders of sourceforge.net repository. Download the selected ones and put them into the /packages folder of your boot pendrive. I uploaded validation files, too (sha and/or md5), so you may check the downloaded stuff if you want. Note that you may find newer versions at the download page of their distributor. See the Useful links section below.

3. Unmount the pendrive. You are ready, Puli is installed.

4. Before rebooting your machine from the Puli pendrive

   a. I recommend to read the following sections, too.

   b. If you know what to do, you may configure some startup parameters in syslinux.cfg and /env-0/puli.cfg  right now.

   c. Ensure that the BIOS/UEFI is configured to boot from pendrive.

5. Give Puli a go!

 
II. Puli in a nutshell:


1. Boot-up the PC from the USB pendrive pre-installed with Puli.

   a. When asked, log in as root.

   b. At the first login, type root as password. (Later you can change it and save it for next logins).

2. The Session Setup dialog pops up.

   a. Check whether timezone, numlock, timesync, hwclock, firewall, locale, and keyboard, etc., are suitable for this session and change them if needed. Your changes in this dialog affect the current session but you can preserve them for the future sessions, too.

   b. You may right-click the Volume tray icon, select Full window and check/adjust Capture, Mic boost, etc.

3. The USB pendrive gets unmounted. Consider pulling it out when the popup message reminds you.

4. Before you finish, be sure that you left no data on the PC.

5. There are different methods to save your work on the (replugged) USB pendrive:

   a. You can preserve the main settings (including passwords, too) by clicking the Save: smart button on the Shutdown dialog or, within the session, in the dialog of the backup desktop icon.. See the next sections for details of this Smart save feature.

   b. Clicking the backup icon on the right of the Desktop immediately creates a compressed Puli_backup_YYYY_MM_DD_HH_MM.tar.gz backup file in the /backup folder of the USB pendrive. Backups include Backup description. 

   c. You can decide to create backup at the end of the session, too, by selecting Save: backup on the Shutdown dialog.

 * Note that the password files, the smartloaded packages (installed into /initrd/pup_rw) and the on-the-fly added .sfs files (arrived into the /initr/pup_ro4... ro8 folders) are excluded from the backups.

6. You can restore a previous status from a backup if you open the /backups folder on the pendrive then drag-and-drop a backup file onto the Restore icon next to it. Of course, the selection of the smartloaded packages should be the same as it was previously. You will receive notification about the packages omitted during backup.

7. Puli provides you with a secure environment. It helps you fight against malicious attackers.

  * Be wary of hardware keyloggers. From the tray, open the virtual keyboard and use it any time to enter passwords or other sensitive text. This way your data will not be disclosed.

  * You may start some features, such as Office programs, evince, etc., in offline mode for your security.

  * See more details about the available security profiles in the next sections.

  * It is recommended to change your session password as follows:

     a. Open console

     b. Issue the passwd command and follow the instructions.

     c. At shutdown time, save  your environment with smart save. The new password shall be used for future logins. See the next sections for details.

  * If you right-click on a folder, you can encrypt / decrypt its content. See more details in the next section.


 
III. For advanced users:


1. To have additional packages, browse the content of the packages subfolder(s) here and download the selected 32/64 bit ones into the /packages folder of your USB pendrive. Among the proposed packages, you can find advanced Office programs, Java runtime module and other useful software - each of them tested with Puli. Note that the 64-bit Puli is able to run some 32-bit software (the 32bit-compat.sfs package provides multi-arch support for them).

 2. You probably don't use all downloaded packages in a given session. Puli offers easy selection among them in boot time, with the help of the smartload feature:

  * Together with the built-in Puli packages, you can boot any number of extra .sfs, .pet, .deb, .AppImage, .tar.7z, .tar.bz2, .tar.xz and/or .rpm files simply by referencing their file name in separate lines of the /profiles/Common/smartload file of the USB boot device. See the default smartload file included in the release. Puli seeks those referenced packages in the /packages folder of the boot device and auto-loads them during bootup (in the order of their appearance in the smartload file), before the graphic environment (X) starts.

  * For example, to smartload SoftMaker FreeOffice, put a softmaker line in smartload file on your USB boot device. (This is a kind of free but licensed software thus you need to register and obtain your personal license at Softmaker Software GmbH. Alternatively, you can use LibreOffice (without registration) by putting a LibreOffice line in smartload file. See the Useful links section below.

* The content of the smartloaded .tar.bz2 and .tar.xz packages will be unpacked to /opt/ folder (in the preserved structure of the package).
Note that the .tar.7z packages can be encrypted - Puli asks for password at boot time.

* The AppImage files will be smartloaded to the /opt/AppImages folder. An extra icon pops up in the desktop while one or more AppImages present in this folder. (Puli accepts the .AppImage, .appImage, .Appimage, and .appimage file extensions in the same way.) You can run them directly by left-clicking the folder icon then selecting the filename. AppImages (and other executable files) can be run sandboxed if you right-click their name and select firejail in the menu - providing that the firejail package is (smart)loaded.

* You may have more smartload type files prepared, i.e., smartload, smartload1 ... smartload9, smartloada, smartloadb, etc. Then, you may select one from them during bootup by hitting a character (e.g., 1, or 2, or a, or b, or c) when asked. If you don't act, the default smartload file will be used. If your selection refers to a non-existing file or you hit space, then the smartload feature is omitted.

3. Other settings:

* You may add boot parameters, e.g., pkeys=hu plang=hu_HU.UTF-8, to syslinux.cfg on the pendrive (see among the install files) that will be applied in all cases for all machines you want boot with Puli. 

* In addition, you can define machine specific parameters (timezone, numlock, timesync, hwclock, firewall, plang, pkeys, etc) in the env-<macaddress> folders of the (root of the) boot device. The default folder is env-0, that can be accompanied by various env-001ee4532a23 etc., folders after running Puli on different machines. Those folders will be prepared and filled up in /root/tmp folder by Puli that saves them on the boot device if you select the smart save option at the exit or click on the save "Puli-head" any time.

* Booting Puli on the same machine next time, you don't need to deal with the settings. For example, the default timezone (GMT) will be overwritten with the timezone data of puli.cfg found in the machine specific folder. The applicable timezone codes can be read  from /usr/share/zoneinfo, such as Australia/Perth.

* You can place one smartload file in the (root of the) env-<macaddress> folder if you need to load machine specific modules (e.g., nvidia driver) before X starts. For help, an empty smartload file is included in env-0, you only need to (find and) populate its copy in the env-<macaddress> folder. 

* It can happen that some .pet, .sfs, or .deb modules shall be auto-loaded in the X environment. Put a + (plus) sign as the first character in such lines of the selected smartload file (do NOT rename or reassemble the package itself).
Note that the postXload feature of the earlier Pulis can be applied too: you can list such modules, without the starting plus sign, in a postXload file (next to the smartload). There can be only one postXload per env-<macaddress> folders. However, you can apply one common postXload next to the other smartloads in /profiles/Common folder of the boot device. The Puli package includes an empty postXload there (and another one in the env-0 folder, too).  

* Just after boot-up, the advert-blocker feature updates the /etc/hosts file to block annoying commercials.

* By clicking on different Office files, the appropriate program opens based on MIME type, e.g., abiword can catch the .docx files while textmaker can handle the .doc; clicking an .xls can open planmaker while .xlsx can invoke gnumeric, etc.

* Puli automatically creates a Linux swap file in the memory unless you prepare a swap on the hard disk (e.g., using gparted. The swap is pr eferably the same or twice the size as the memory. There is no reason to configure a swap bigger than 4 GB.

* If the USB boot device includes folders named /patch and/or /profiles/Common folder, then Puli merges their content and copies them in the filesystem before starting X. (the content of the patch folder may overwrite those files come from Common). 

* In the Puli package, you can find tricky security profile examples realized by different file structures. They can be selected/activated by clicking their fantasy-named security profile selector icon (the profile name will be copied into the /patch folder on the pendrive). Those profiles are mainly used during browsing the net:


Mild-tempered

   a. This is the default security profile, the only profile in which multiple browser windows or even multiple browsers can run simultaneously.

   b. Chrome, Iron, Slimjet, and Vivaldi browsers open here in Incognito mode. I propose to not change this setting.

   c. The network_tray icon becomes red while suspicious connections are active. They are logged in /var/log/suspicious_connections file.


Rigorous

   a. In this profile, the 64-bit Puli disables all disk drives (e.g., the hard disks stop rotating). The boot device remains active, however it can be plugged out when Puli recommends.    

   b. Puli barks as soon as suspicious connections are detected (only during browsing). Then, to prevent hacker attacks, updates the firewall's blacklist with the suspicious hosts.

   c. Puli does not release the suspicious host but occupies its available ports in SYN_SENT or similar mode. For details, see profile-specific scripts such as /usr/local/bin/defaultbrowser and /usr/bin/netchecker.

   d. If you accidentally get false alarm(s), move those friendly IP addresses from /etc/suspicious_hosts to /etc/friends file (and update your patch structure accordingly).


Crazy

   a. In this profile, the 32-bit Puli disables all disk drives (e.g., the hard disks stop rotating). The boot device remains active, however it can be plugged out when Puli recommends.

   b. Chrome, Iron, Slimjet, and Vivaldi browsers open here in Incognito mode. I propose to not change this setting.

   c. According to the profile name, Puli makes hackers crazy. It disables the network periodically to prevent their session become effective. See the details in /usr/bin/netkiller.

   d. Some browser versions may fail in this profile if the communication with the selected server is wery slow.


Lazy

   a. Similar to the mild profile with one tricky exception. While browsing in this unique profile, your lovely Puli becomes lazy and goes asleep. More precisely, the Linux utilities (those in the /bin folder) become inexecutable, preventing a hacker or even a trojan malware to initiate shell scripts or issue commands. In the script behind the lazy profile selector icon on your USB boot device, you can define the full path where you want to run the "disappeared" Linux utilities in lazy mode. You may leave the default /ban/ setting as is, or write a path like lazybin="/usr/share/foo/" (with slash at the end). Of course, you need to re-activate the lazy profile by clicking its profile selector icon, then reboot. Be careful! If you put an existing folder name above, its original content may be overwritten! Warning! Do NOT select a folder from those in the search path!

   b. Chrome, Iron, Slimjet, and Vivaldi browsers open here in Incognito mode, and you cannot run multiple browsers/browser windows simultaneously. I propose to leave this setting "as is". Firefox runs as spot with limited lazy features, but opens in a sandbox if firejail is installed.

   c. Some features behind icons file, info, edit, write, calc, phone remain active only for you.

   d. During browsing, clicking on the leftmost dog icon toggles between the lazy and the mild profiles. While you see a "glowing" mild icon, you can click on the rest of desktop icons, and the menu items.

   e. The drive icons are replaced by an inactive drives icon during browsing in lazy mode. While toggled to mild mode, clicking on the drives icon invokes pmount.

   f. Warning! Do not unplug any mounted drive while browsing in lazy mode!

   g. If you close the browser, all features are restored in a few seconds (i.e., the dog icon initiates backup and the drive icon(s) appear again).


* It is preferred to browse with the latest version of a properly sandboxed Chromium flavor, or use a modern Mozilla based version.

* Puli supports the following 32/64-bit browsers (in order of preference, which is NOT the order of quality): Chrome-64bit; Iron; SlimJet; Vivaldi; Firefox; Opera; Links and runs them by spot user. It is recommended to use the smartload feature for booting them by selecting one of them in the smartload file. (Note that you if you install more than one browsehere rs, they may interact or even block each other). 

* By default, the Iron, Slimjet and Vivaldi browsers run in Incognito mode, using common bookmarks and settings. It can happen that later versions (which are recommended anyway) cannot keep this compatibility.

* Due to licensing issues, some Chromium based browsers cannot play mpeg4 videos. In those cases, installing or smartloading extra ffmpeg codecs can be a cure. A couple of extra ffmpeg packages are referenced/available in the Puli codec repository.The Opera version is probably compatible with Slimjet and Vivaldi browsers, too.

 * In all profiles, clicking the info icon invokes the preferred browser (in case of the Chromium-based browsers, in non-accelerated, Normal mode). If nothing selected, the Links browser appears. It is configured for smart media recognition capabilities.

* Puli supports Firefox. You can download a relatively new version from the link in my packages. Auto-update to the latest version is configured in Puli. However, you can update my pet package by replacing its /opt/firefox folder with the latest version. Firefox starts in sandbox if firejail is installed.

* You can download the latest Flash player plugin from this link. Its filename is like "adobe-flashplugin_<latest date>.1-0ubuntu0.14.04.1_i386.deb" or its 64-bit counterpart "adobe-flashplugin_<latest date>.1-0ubuntu0.16.04.1_amd64.deb" . Put this smartloadable .deb file in the /packages folder on your boot device. Be sure that only one adobe-flashplugin*.deb file appears among the packages. It installs to /usr/lib/adobe-flashplugin folder (for all browsers).

* Parental control: Append IP addresses or even domain names (e.g., 1.2.3.4 and/or somename.com) as separate lines to the /etc/suspicious_hosts file (of course, copy it into your favorite patch structure on the UBS pendrive, together with /etc/friends). Puli interprets them and feeds the blacklist automatically.

* If you right-click on a folder, you can encrypt / decrypt its content with the menu items. I propose storing your sensitive files in /root/my-documents/Secret/ folder which is encrypted (with AES 256 and password "root") by default. Of course, it is strongly recommended to change the default password to your one at your earliest convenience. The encryption-related options can be found in the dialogs behind the right-click menu items. Note that the Secret folder will be automatically unmounted (i.e., its content toggled to encrypted status) if you create a backup or select smartsave.

* In Puli, the background picture (wallpaper) is the /usr/share/backgrounds/default.jpg, referenced in the third line of /root/Choices/ROX-Filer/PuppyPin file. This line in PuppyPin also defines its displaying mode (Centred, Scaled, Fit, Stretched, Tiled). You can copy your favorite wallpaper to /usr/share/backgrounds/default.jpg to see it on the computer you are actually using (then restart X). Later, if you select Save: smart at shutdown, then these settings will be saved to the env-<macaddress> folder on the boot device. You may try the Desktop > Pwallpaper menu item to change the wallpaper but do this with care. 

* If you connected an MTP (Media Transfer Protocol)-capable device (e.g. a mobile phone) via USB cable but the device is not recognized automatically, open a terminal window and issue mtp+. Now, you can access the device thru the /root/MTP folder. If you finished, issue mtp- before disconnecting the USB cable.


 
 IV. For enthusiasts:


You may need to customize Puli if you want to run it on the same computer. Puli supports this in many ways as follows. But keep in mind that different computers' settings can be incompatible with each other thus their settings should be stored separately, i.e., in different environment folders on the boot device.

* The naming convention for the environment folders is: env-<macaddress> where macaddress is a 12-position hexadecimal number, for example, env-0123456789ab. Puli recognizes whether the name of one environment folder matches with the given machine at boot time. If no matching folder found, it will be created in /root/tmp using the content of the env-0 folder and your actual settings (and will be saved at shutdown time if you select Save:smart)

*  You can select a smartload file during the boot process, earliest after the purple "copying to ram" text appears, but latest in 5 seconds after you see the "Press a key to smartload a package set..." message. You can reference there as many files as you want - even a truncated but unique basename, e.g., "wine", or (if you are unsure about capitals in the filename), even "?ine" can be enough to locate "wine-3.10_v3.1.pet". Note that while, on the one hand, only the memory limits the number of the auto-loaded packages; on the other hand, they cannot be uninstalled in the given session (however, try to re-install the same package then uninstall it). The possible errors are displayed in a simplified mode and logged in the /root/tmp/ folder with details.

* The auto-loaded files are merged into the /initrd/pup_rw folder: first, the content of the Common folder, then the content of the environment<macaddress> folder, then the content of the smartloaded files (starting with the environment-specific smartload tem the rest in the order of their appearance), then the content of the patch folder, then the content of the security profile. That is, you can overwrite a just loaded file with another one, e.g., files loaded from /Common folder with files loaded from /patch folder, etc., but each overwrite their counterpart in /initrd/pup_ro2. Puli uses the rsync -a command for this.

* Note that although Puli accepts .rpm files, they mostly need additional libraries to run properly.

* The firewall can either be set as strong or lite. If you need to create a different firewall, you may set up the firewall rules manually then put them in your patch structure. Later, you can easily recognize the active one based on the color of the tray icon (green = strong-Puli version, yellow = lite-Puli version, blue = user-configured).

* In the Session Setup dialog, you can decide whether the current session settings are valid for the future sessions, too.

* After login (more specifically, after you click OK on the QuickSetup window in the X environment), files in the /root/Startup folder are executed. Intentionally, the Puli-specific zsupp script is the last one amongst them. Of course, you can amend it and put in the /patch folder to replace its default version.

* Note that the files in the /root/.config/autostart folder are executed each time just after restarting X. Consequently, at first boot, they start BEFORE you click OK on the QuickSetup window.

* The BootManager has been tailored for Puli as some of its functions are not applicable in PUPMODE 5, and others are implemented in a better way. Use with caution.

* As in other Puppies, you may install five additional .sfs files on-the-fly later (into /initrd/pup_ro4 ... /initrd/pup_ro8). However, Puli offers a workaround if you need to load more than five .sfs files on-the-fly. Menu item Setup > Merge SFS files gets (based on their alphabetical order) the *.sfs files found in /root folder, then merges them into /root/puli.sfs. Move it to the pendrive and reference it as a single item to load/unload it using the Settings > SFS-Load menu item from the desktop.

* In contrast to other puppies, you cannot save your session as puli.2fs on the USB pendrive or elsewhere. Instead, use the backup desktop icon or the Save: backup option at the Shutdown dialog. Note that the auto-loaded extra packages are not included in the backup file thus you may need to use the same smartload file next time to restore the same environment.

* As already mentioned, you can save some session settings to auto-load them next time by clicking the Save: smart button either in the Shutdown dialog or, within the session, in the dialog of the backup desktop icon. If clicked, then the control files within the /smartsave folder will be executed. Note that some Puli-specific .pet or .sfs packages may add their own control files to the /smartsave folder on the boot device as /profiles/Common/smartsave.

* If you are experienced enough, you may activate the restore_latest.pet package by the appropriate row in your smartload file (as an example, see the /smarloadr file in the install kit). With these settings the latest backup will be auto-restored at boot time. Note that cumulative backups are possible, i. e., you may restore more backup files after each other, even those created in different security setups on different machines. Puli tries to manage this, and sends warning messages if needed. You may see unforeseen behavior in extreme cases, however.

* Beyond the above mentioned dynamically changing "latest" backup, you can auto-restore another "fixed" backup, too. For this, activate the restore_fixed.pet package in your smartload file. With these settings, Puli will seek a backup file placed in the /backups/fixed folder of the boot device to auto-restore it at boot time. Note that this is independent from the restore_latest feature, so you can apply them even together if needed. Restoring backups begin after the security profile is in place. Note that no security profile will be restored from backups.

* In your smartload file, you can reference a specific package (force_mild.pet, or force_rigorous.pet, etc.,) to replace the preset security profile with another one. With this feature, the single-key boot-time setup can include a smart security pr ofile selection.

* You may refresh the puli<version>.sfs file, e.g., to update it with the content of the actual patch structure:

   a. Ensure that the pendrive is plugged in (either mounted or unmounted).

   b. Open a terminal and issue refresh

   c. The temporary files are in the /root/squashfs-root folder. When the script asks for this, you can manually edit the content of /root/squashfs-root, update it with patch files, etc. Be careful with adding new links: relative links should not point out of the /ro ot/squashfs-root folder.

   d. Wait until all operations are finished.

* The shrink script does the same as refresh except that it calls the Remove Builtin Files utility before writing back to the USB pendrive. The temporary files are in the /root/squashfs-root folder. You can manually edit the content there when the script asks for this.

* Clicking some icons open built-in or smartloaded programs based on their preference order. You can change the preferences in the /usr/local/bin/defaultxxx files of the given profile(s). For example, the write desktop icon may have this preference order to open: LibreOffice, SoftMaker FreeOffice, Abiword - depending on which one is installed; the paint desktop icon may havepreference order as: Gimp, Mypaint, LazPaint, nomacs, mtpaint. The draw desktop icon may have this preference order to open: Inkscape, AzDrawing, Inklite; the record desktop icon has this preference order to open: SimpleScreenRecorder, XvidCap - the latter is the default. The phone desktop icon has this preference order to open: Skype, https:/appear.in, xchat, etc. Note that usage of https:/appear.in is limited in some browser versions because they do not allow camera/mic in WebRTC API.

* Skype is not available for 32-bit Linux anymore.

* You can try web plugins available for some browsers and can even create smartloadable modules from them. Such modules can replace the standard Skype, Teamviewer, etc packages.

* The zip desktop icon opens PackIt. Xarchive remains available via the menus.

* Notice that some common Puppy utilities, e.g., default applications chooser, have been removed in favor of the Puli specific features.

* Notice also that the .DirIcon of the selected profile folder appears on the Desktop as backup icon.

* As mentioned above, Puli intends to disable all disk drives except the boot device. This is made by the /usr/bin/diskdrop script, which runs in all cases by default. However, this function is enabled only in the Crazy profile and neutralized in the rest (by an empty diskdrop script in the /usr/bin folder of those profiles). The disabled drives cannot be fully restored within the session. However, you can try to restore them with the /usr/bin/diskrise script, which needs the boot device be plugged in. After diskrise, identifiers of the restored  drives can change (e.g., sda1 appears instead of hda1 stb).

* Warning! Puli detaches the pendrive at the end of the shutdown process to prevent the dirty bit set. Some machines remember this detached status until they are physically removed. In this case, unplug the pendrive after Shutdown. Never fix t he dirty bit in Windows! Puli resets it next time during the bootup process.

* To accelerate its boot process, Windows 10 doesn’t fully shut down by default. Instead, it actually hibernates. Thus, the NTFS filesystem of Windows 10 appears as read-only in Puli (as in all Linux flavors). If you need to write to this partition from Puli, either permanently change the default power options of your Windows 10 or keep the Shift button while selecting Shutdown in your Windows 10. 

* By default, the Windows-encrypted drives are inaccessible. You may download and try Linux-based decrypting programs such as dislocker.

* Some USB install tools, other than LiLi, do not accept .zip files. In this case, simply rename the Puli_install.zip file to Puli_install.iso. This renamed file will be accepted for installation.

* The Puli package includes the folders/files for booting in UEFI mode. 

 

V. Useful links

Appendix A. How to install Puli in Linux environment

In the first section above, I described an easy method for installing Puli in Windows XP/7/8/10 environment. For an experienced Linux user, using the latest wine can be considered (except of FAT32 formatting the pendrive and ticking the bootable flag, I recommend using GParted for this subtask). However, the below solutions are also easy and straightforward:

If you have a 32-bit Puppy Linux distro/puplet such as Puli 6.x.x or Puli 3.8.3 bark 6 or pemasu's Upup Precise 3.8.3.1:

1. Create a bootable USB pendrive

   a. Click the Install icon on the desktop. Then in the Install dialog, click the BootFlash USB installer button and follow the instructions there. (If you don't have Install icon, try to select menu item Setup / BootFlash install Puppy to USB.)

    * Bootflash may not be on your Puppy's desktop menu. It may, however, be builtin. Try opening a terminal and typing bootflash

    * Worst case, download and use my bootflash utility

   b. When finished, delete all files from the pendrive except ldlinux.sys.

2. Copy Puli to the pendrive.

   a. The latest 32/64 bit Pulis are available at sourceforge.net repository in form of compressed files in Puli-(version_issuedate) folders. Download the preferred Puli_install.zip file that contains the Puli runtime structure.

   b. Open the unpacked structure and copy its content into the (root of the) USB pendrive.

3. Unmount the pendrive.


If you have another 32-bit Linux

   a. The latest 32/64 bit Pulis are available at sourceforge.net repository in form of compressed files in Puli-(version_issuedate) folders. Download the preferred Puli_install.zip file that contains the Puli runtime structure.

   b. Simply rename the just downloaded Puli_install.zip file to Puli_install.iso

   c. Download one from the Linux based USB install tools.

   d. Start the Linux based USB install tool, and follow the steps there. In the appropriate selection box, choose the "fake" Puli_install.iso file as source.

Before rebooting your machine from the pendrive

   a. You can download some useful packages from Puli-(64/32 bit)/packages subfolders of sourceforge.net repository. Download the selected ones and put them into the /packages folder of your boot pendrive. I uploaded validation files, too (sha and/or md5), so you may check the downloaded stuff if you want. Note that you may find newer versions at the download page of their distributor. See the Useful links section above.

  b. I recommend to read the above sections, too.

   c. If you know what to do, you may configure some startup parameters in syslinux.cfg and in puli.cfg right now.

   d. Ensure that the BIOS is configured to boot from pendrive. The boot procedure may fail if some Puli files, i.e., initrd.gz, *drv_puli(version).sfs, and/or puli(version).sfs remained accessible on your hard disk.


You are ready. Puli is installed. Give it a go!
Attachments
PuLiLi.jpg
Installing Puli with LinuxLive USB Creator
(70.88 KiB) Downloaded 16741 times
Puli_profiles.png
Profile icons in Puli (Mild, Rigorous, Crazy and Lazy)
(17.13 KiB) Downloaded 19228 times
Last edited by gjuhasz on Wed 17 Jun 2020, 17:12, edited 215 times in total.

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Puli 6.0

#2 Post by gjuhasz »

Announcement and changelog for the latest 32-bit version: 6.2.0, for the latest 64-bit versions: 7.0 and 7.1.
However, you may find relevant info about the main Puli features based on earlier posts, too.


A nice screenshot showing a little lazy puli dog.
Attachments
Puli-6.0.jpg
See http://whitepuli.hu/new_home/2013_c/2013_cinkos_sunny_04.jpg
(29.87 KiB) Downloaded 27167 times
Last edited by gjuhasz on Thu 12 Dec 2019, 21:22, edited 4 times in total.

Dpup
Posts: 83
Joined: Tue 05 Aug 2008, 23:26

Puli 6.0

#3 Post by Dpup »

Thanks for another great release.

In addition to testing on various netbooks laptops, desktops that I posted about for Bark 6, I am also testing Puli 6.0 on a new Dell 17 inch Laptop with AMD Quad-Core A8-5545M that came with Win 8.1 installed.

The party guests mostly thought no way was Puli 6.0 going to work on such a new Laptop. But surprise, when I took the USB drive from my key chain loaded with Puli 6.0 which I have been using on more than half dozen other computers, it booted and connected to WPA2 AES account and worked just fine for all functional areas that we tested.

The only downside was using the new Win 8.1. It seemed to me and the other technology guests that for all the $Billions spent developing Win 8.1 the released product is a step backwards. Puli 6.0 along with other Puppy Linux releases just do more of what most of us need and use day to day, is more responsive, and much easier to use !!!

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Re: Puli 6.0

#4 Post by gjuhasz »

Dpup wrote:The party guests mostly thought no way was Puli 6.0 going to work on such a new Laptop. But surprise, when I took the USB drive from my key chain loaded with Puli 6.0 which I have been using on more than half dozen other computers, it booted and connected to WPA2 AES account and worked just fine for all functional areas that we tested.
Dear Dpup, thanks for your presentation.

As there is a New Year starting today, many of us feel this is the best time for relax. Yeah, a day for laziness. And we let our pets do the same.

My Puli buries his bone before he "turns inward".

Similarly, Puli 6.0, in its "lazy" profile, hides the files of the disarmed (access-denied) /bin/ folder from strangers before letting his Master browse alone. Of course, the Master can tell him where to hide. By default, those files (bash, busybox, etc.) would act in the /ban/ folder, but since this a holiday today, why not drink to you with such a folder name like:

"Best wishes to all of you. Hope you have a great time in 2015 and always!"

Using the accurate Linux syntax, on the USB boot device, in the second line of /mnt/sdb1/3-lazy script:

Code: Select all

lazybin="/Best_wishes_to_all_of_you_Hope_you_have_a_great_time_in_2015_and_always/"

Have fun!

gjuhasz
Attachments
Happy_New_Year.jpg
(47.96 KiB) Downloaded 19186 times

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Puli 6.0 and updates of Tahrpup

#5 Post by gjuhasz »

Just to confirm:

Puli works fine with the updated vmlinuz and zdrv files included in tahrpup 6.01 and/or 6.02. Kudos to 666philb and the tahrpup team!

Only the zdrv shall be renamed from zdrv_tahr_6.0.2.sfs to zdrv_puli_6.0.sfs - the vmlinuz file is applicable "as is".

FYI: Puli update is coming soon with

* Minor bugfixes and security patches
* Comfort features
* Smaller footprint

Have fun!

gjuhasz

totolanio
Posts: 202
Joined: Sun 04 Jan 2015, 02:19

#6 Post by totolanio »

You should write a little description of the purpose of Puli, maybe ? Such as usage examples etc...

It's too vague for a non pro like me.
Main puppy used : LxPup tahr.
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=97623]Multiple package installer/remover.[/url]

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

purpose of Puli

#7 Post by gjuhasz »

totolanio wrote:You should write a little description of the purpose of Puli, maybe ? Such as usage examples etc...
It's too vague for a non pro like me.
Dear totolanio, let me explain the purpose in a form of a FAQ:

Q: What is the difference between Puli and other distros?
A: Most of the Linux distros are optimized for hard disk installation, although many of them can boot from live CD/DVD or from pendrive. Puli is for pendrive only.

Q: Then what is the advantage of Puli compared to other distros that boot from pendrive?
A: There are unique security features. The user is asked to unplug the pendrive just after the system starts. Also, Puli has some tricky profiles specially designed to resist the known (and even some unknown) web attacks. Advanced users can create their own profiles e.g., by combining the features of the existing ones.

Q: Do you mean surviving any kind of web attacks, or defense against new viruses etc?
A: I am dare to say yes, but the level of protection and the behavior depends on the selected profile. For example, code execution of viruses/trojans is prevented while browsing / skyping in the "lazy" profile. Man-in-the middle attacks have no chance to build up themselves in the "crazy" profile. Beyond this, a firewall is in place and the critical web apps are executed by spot user.

Q: What about preventing phishing?
A: Puli cannot do too much if the user intentionally responds to a malicious "phishing" request and shares, e.g., his/her IDs with passwords and other pieces of sensitive info. But Puli can be rigorous and has sharp teeth...
What it can do for his "crazy master" in such cases? Barking, blinking red icons, terminating the network connection, blacklisting suspicious sites, and/or even hiding the operational system from attackers. :) according to the selected profile. Note that Puli automatically updates the (black)list of malicious websites just after it starts.

Q: What is the size of Puli?
A: Puli consists of a "skeleton" (about 188 MB, including all security features mentioned above) plus a configurable set of extra packages than can be co-loaded at boot time. Users can preset the features according to their current needs thus omit all "nice to have" modules that only waste time and resources for the actual session.

Q: How to save the session? To the unplugged pendrive???
A: Puli is unique in this aspect, too. In other distros, if the user deletes a file or makes something wrong, then the system can be corrupted forever - maybe a king size backup helps. But in Puli, you can return to any previous status.

There are three options:
  • 1) Save your files manually (during the active session), then log out without auto-save. In this case the pendrive remains untouched thus you boot into the same environment next time
    2) A “smart save
Last edited by gjuhasz on Thu 12 Feb 2015, 16:54, edited 24 times in total.

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

purpose of Puli

#8 Post by gjuhasz »

Please find an example of the loadsfs file used by my son (Puli 6.0.2 beta, mild profile chosen). Remind that this is the config file to select the extra packages to be loaded at boot time :

Code: Select all

-audacity
-azdrawing
-AzPainter
-Blender
-Calibre
-devx
-dreamchess
-fonts
-gimp-2.4
-gimp-precise
google-chrome-stable_34
-inkscape
jre-1.7
-jre-1.8
-lazpaint
-LibreOffice
-linphone-3.6.1-xv
-LP2_GimpPainter
-mypaint
Minecraft
-Skype-4.3.0.37ap
-SoftMaker697
-SweetHome3D
-teamviewer-10
-wine_puli_wt-1.7.21
I prefer loading another set of extra files (by removing the "dash" character that precedes the package names by default): google-chrome (lazy profile), fonts, Skype, SoftMaker and teamviewer, sometimes Calibre. They can be anywhere on the boot device, either as .pet or .sfs packages (except chrome, which must be .deb).

My daughter selected google-chrome (mild profile), mypaint (or LP2_GimpPainter, or sometimes Blender) and Skype .

An average user does not need to deal with configuration details deeper than the above selections in loadsfs.

That's all. Our machines are: one HP6600 (3GB, ATI HD 5400) and one HP7600 (2GB). Swap installed in both (same size as the memory). I also use a fast 64-bit Dell laptop (i5, 4GB, no swap).
Puli runs fine on all of the above machines booted from any of our pendrives. There is no need to reconfigure anything.

See the post of forum member Dpup, too.

----------------

A couple of additional comments, just FYI:

I am among the users who dislike the "carved in stone" distros because they (we) feel discomfort if one or more features become obsolete. Most of those distros face a risk that altering/replacing/upgrading a single module crashes the whole installation. In contrast, Puli was designed to support such upgrade attempts, e.g., no other distros tolerate upgrading Chrome then returning to a previous one (e.g., to compare stable/beta/dev versions).

In the promised new Puli (probably 6.0.2, already in beta), the extra modules may include "rampup" and "after party" scripts to prepare and/or clean up the module environment before and/or after running it.In our case, for example, the "rampup" script of the Minecraft module
1) looks around for saved worlds and loads them,
2) force installs the java runtime if it is missing,
3) disconnects the network
4) starts the game as spot.
The "after party" script adds its two-cents to the "smart save" configurator describing which worlds shall be saved to where in the frame of the shutdown process.


Have fun!

Regards,

gjuhasz

User avatar
Q5sys
Posts: 1105
Joined: Thu 11 Dec 2008, 19:49
Contact:

Re: purpose of Puli

#9 Post by Q5sys »

gjuhasz wrote:Barks as soon as suspicious connections are detected (only during browsing). Then, to prevent hacker attacks, updates the firewall's blacklist with the suspicious hosts.
what metrics is it using to determine whats 'suspicious'?
Im on the road right now so i can download and test this until tonight, but please tell me that everything web facing isnt running as root. :)

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Re: purpose of Puli

#10 Post by gjuhasz »

Q5sys wrote: what metrics is it using to determine whats 'suspicious'?
Dear Q5sys,

Please take a look into the defaultbrowser file of the "rigorous" profile (you can find it on the boot device, as /profiles/1-rigorous/usr/local/bin/defaultbrowser).
Between Lines 70 ... 77, the established connections are checked based on some specific patterns set, e.g., if only the IP address and non-standard ports are evaluated as "suspicious".
If this (example) pattern matches, then Puli disconnects the networks (Line 90), updates the firewall (Line 94), then barks before reconnecting (Line 104).

Similar patterns are built in the default "Mild" mode but the consequences are not as rigid there as in the Rigorous mode.

Of course, as I wrote above, the pattern(s) here are only examples. You can borrow ideas from Snort or similar systems or even create your own.

Note that preventing web-attacks is a complex task thus other modules need to co-operate (with the help of config items in /etc/hosts, /etc/friends, /etc/rc.d/rc.firewall and so on.)

There are other funny methods within Puli. For example, you are browsing while " /bin is in the bin " :) thanks to the Lazy profile of Puli.
I do hope that my examples in Puli inspire users to combine them or invent something new.
Q5sys wrote:please tell me that everything web facing isn't running as root
Puli is a funny dog. Of course, for example, Skype runs under spot user in each mode. See details in /profiles/3-lazy/usr/local/bin/defaultchat file.

Have fun!

Regards,

gjuhasz

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

In cases of Bootflash not found

#11 Post by gjuhasz »

I received a PM from a friend:
Your installation instructions require the use of bootflash, suggesting employment of prior version of Puli or Upup 3.8.3. I used Upup before I remembered that almost all of my current Pups employ Openbox or Lxde. Sometimes the Menus produced by those window-managers fail to list installed applications. They're finicky about having the category definition end with a ";", sometimes about the first of multiple categories, and sometimes just for sport.

With the exception of Carolina, every recent Pup I examined which didn't show bootflash on its menu had bootflash built in. It could be started by typing "bootflash" in a terminal.

Suggest your instructions include something like:

Bootflash may not be on your Puppy's menu. It may, however, be builtin. Try opening a terminal and typing,

Code: Select all

bootflash 
I searched several repos --including Carolina's-- but couldn't find a "bootflash" pet. Maybe its called something else. If it can't be found on any repo, perhaps you could offer a pet. Not being kernel or hardware dependent, it will probably be compatible with any Pup.
Thanks for your recommendations. I modified both the first post above and http://www.smokey01.com/gjuhasz/readme.html accordingly.

Please find http://www.smokey01.com/gjuhasz/sfs/bootflash-0.6p.pet attached, too.

Thanks again.

Have fun!

Regards,

gjuhasz
Attachments
bootflash-0.6p.pet
MD5sum: 3fa226bfd2cf7281e32ef0d2647549cc
(162.84 KiB) Downloaded 1404 times

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Announcement: Puli 6.0.2

#12 Post by gjuhasz »

Let me proudly announce the new Puli 6.0.2

Available at http://smokey01.com/gjuhasz

See details in the first post.

* Some updates kindly applied from Tahrpup 6.0.2 CE - kudos to 666philb and CE Team.
* Minor bugfixes (e.g., in /etc/rc.d/rc.local)
* Improved security: known link redirectors / URL shorteners (often used by hackers for man-in-the-middle attacks) blocked in /etc/hosts
* New comfort feature: "After party" tasks can be put into /smartsave folder in separate files. They will be auto-executed before shutdown. See details in my above post sent on Wed 11 Feb 2015, 12:15.
* Smaller footprint

Have fun!

gjuhasz[/quote]

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Re: Announcement: Puli 6.0.2

#13 Post by gjuhasz »

gjuhasz wrote:Let me proudly announce the new Puli 6.0.2
Let me attach a nice screenshot:

http://commons.wikimedia.org/wiki/File: ... kutyak.jpg

Have fun!

gjuhasz
Attachments
Little_white_puli_dogs.jpg
GNU Free Documentation License, see background pic at http://commons.wikimedia.org/wiki/File:Feh%C3%A9r_puli_kiskutyak.jpg
(60.39 KiB) Downloaded 18014 times

User avatar
PFan
Posts: 14
Joined: Sat 15 Oct 2011, 02:01
Location: Vermont

#14 Post by PFan »

Hello,
I just wanted to say thank you for this puppy. I'm not using it exactly as you intended, but it works very well for me. My concern was less about on line security, and more about the ability to remove the USB drive once everything was running. It works beautifully on this oldish Dell Latitude

[/img]
Attachments
screeny.jpg
(131.29 KiB) Downloaded 1448 times

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Python/Blender bug fixed

#15 Post by gjuhasz »

I uploaded a pet file for my favorite 3D tool Blender 2.74 rc2 to http://www.smokey01.com/gjuhasz/packages/Blender/2.74/

Tested with Puli. Probably works with other puppies, too.

My two-cents to this thingy: I fixed the always-resurrecting Blender/Python bug: Invoking Help (or any external URL from within Blender) creates a ROX-Filer zombie.

If you can live with this bug, you may restore the original webbrowser.py file from the "original" subfolder of the above URL to your machine as

Code: Select all

/opt/blender/2.74/python/lib/python3.4/webbrowser.py

The patched version is already included in the pet file but you can also find a copy in the "patched" folder there.


Have fun!


Regards,

gjuhasz
Attachments
450px-Splash_274.jpg
(28.66 KiB) Downloaded 17649 times
Last edited by gjuhasz on Mon 09 Nov 2015, 15:00, edited 2 times in total.

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#16 Post by greengeek »

What changes are required to allow the usb stick to be removed once booting is finished? I haven't used puli yet but this sounds like a cool feature to have.

User avatar
gjuhasz
Posts: 422
Joined: Mon 29 Sep 2008, 14:28

Puli boot procedure

#17 Post by gjuhasz »

greengeek wrote:What changes are required to allow the usb stick to be removed once booting is finished? I haven't used puli yet but this sounds like a cool feature to have.
The boot procedure in Puli differs from what is applied in the rest of puppies.

1. First, Puli boots its minimal setup
2. Then, the previously saved work files/patches are loaded from the /patch folder of the pendrive,
3. Then the user-selected set of pet/sfs files and optionally a deb package of a Chrome browser are loaded (the list of participants is in the smartload file). See details in /etc/rc.d/rc.local file. A bit tricky but ensures safe removing the pendrive at the end of the boot process.
4. Then some post-boot housekeeping can happen, by executing Puli-specific files in the /root/Startup folder and finally the /usr/bin/patch file.
5. At the end of the boot process, Puli safely unmounts the boot device then displays the pop-up message "Now you can safely unplug the USB drive"

Loading other sfs/pet packages run-time, without requesting the pendrive kept mounted, is also available in Puli based on tailoring of many "standard" scripts (loadsfs, petget, etc.)

Of course, appropriate actions are available also at shutdown time to ensure that user files are saved on (configurable) storage devices (e.g., on the same boot pendrive). Controlled by the files in the /smartsave folder - they will be executed (sh) before shutdown. Beyond its default content, this folder can be populated either by the user or by the Puli specific pet/sfs files.

The backside of the above is that some comfort features such as those in Quickpet are reduced in Puli; while others such as Default Aplications Chooser are removed.

Have fun!

Regards,

gjuhasz

Dpup
Posts: 83
Joined: Tue 05 Aug 2008, 23:26

Puli 6.0.2

#18 Post by Dpup »

Want to report outstanding capability of Puli 6.0.2 connection to my new GroPro Hero4 action camera, other cameras, and Android MTP devices. The MTP+, and MTP- works very well and devices are instantly recognized.

My grand kids are in many sports activities and create a lot of video clips and photos. We organize, edit, add titles sub titles, comments, special effects to the media using Blender and Inkscape you posted, along with Puppy Tahr versions of Openshot, Avidemux, Gimp, Peasyscale, FFconvert, and Wine with portable Winff to batch transcode for various Android e-readers, tablets, and smart phones.

Many thanks for another great Puppy release !!!

Additional Comment for gjuhasz:
Noticed that Puli 6.0.2 MTP is different than the official Pup 6.0.2. Simply put the Puli version works with my Android devices while the Pup 6.0.2 does not recognize some devices. Curious what is different, and can the Pup 6.0.2, now 6.0.3 be modified to have same MTP as Puli 6.0.2.

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#19 Post by Lobster »

:D

Very well done. I don't have a need for such a high degree of secure computing. A standard boot from a DVD, closed pen drive ISO of any Puppy would be more than required.

I would be interested in a version that recorded the pushing, probes, javascript, cookies etc that ISP'S, servers, crackers and those in the know use to project and protect.

Again I have no interest other than a technical curiosity, it is not something I will be attempting.

Really like the Puli concept. Simple. Clever.
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#20 Post by Sylvander »

@gjuhasz

I'm beginning to give Puli 6.0.2 a try.

1. I reformatted my 4GB Flash Drive as ext4.

2. Ran bootflash, and that re-formatted the Flash Drive as FAT32.
Must it be FAT32?
Might I be able to copy all of the necessary folder/files [including ldlinux.sys] to the partition formatted as ext3 or ext4?

3. I failed to understand the SFS folder thing.
If I click on your link, and then click on the SFS link, there are all kinds of things in there [mostly pet files].
Am I to copy ALL of the content of the linked SFS folder into the root of the Flash Drive, or make a folder named SFS in the root and copy into that SFS folder?

4. Your explanation in the 1st post is rather long and complex, but I'll read it bit-by-bit, and attempt to understand it.

Post Reply