Changes between Version 5 and Version 6 of doc/TorBOX/Dev/ChangeRoot


Ignore:
Timestamp:
Jul 3, 2012, 2:38:12 PM (7 years ago)
Author:
proper
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • doc/TorBOX/Dev/ChangeRoot

    v5 v6  
    44# save as ~/TorBOX-chroot
    55
    6 
     6# TODO:
     7# Changing disk uuids has do be done somewhere...
    78
    89# Verbose output.
    910set -x
    10 
    11 
    12 
    13 
    1411
    1512
     
    6865
    6966do_chroot() {
     67# Discussion: This would leak uuid of the host disk!
     68#  We would need to phrase it and somehow to remove the uuids. How?
     69#  And only use relevant stuff...
     70#  grep -v rootfs /proc/mounts > /etc/mtab
     71
     72# No longer needed?
     73# Missing info on mounted /dev/loop, needs testing.
     74# (proper) Please elborate.
     75#echo "/dev/sda1 / ext4 rw,noatime,errors=remount-ro 0 0
     76#proc /proc proc rw,noexec,nosuid,nodev 0 0
     77#sysfs /sys sysfs rw,noexec,nosuid,nodev 0 0
     78#none /sys/fs/fuse/connections fusectl rw 0 0
     79#none /sys/kernel/debug debugfs rw 0 0
     80#none /sys/kernel/security securityfs rw 0 0
     81#udev /dev devtmpfs rw,mode=0755 0 0
     82#devpts /dev/pts devpts rw,noexec,nosuid,gid=5,mode=0620 0 0
     83#tmpfs /run tmpfs rw,noexec,nosuid,size=10%,mode=0755 0 0
     84#none /run/lock tmpfs rw,noexec,nosuid,nodev,size=5242880 0 0
     85#none /run/shm tmpfs rw,nosuid,nodev 0 0" > /etc/mtab
     86
    7087# Review: not sure if we better mount more or less of them.
    7188mount --bind /dev $CHROOT_FOLDER/dev
     
    7592# Discussion: we may also think about mounting everything,
    7693#             i.e. recursively mounting.
     94#             i.e. mount --rbind
    7795
    7896# Fixes "Can not write log, openpty() failed (/dev/pts not mounted?)"
     
    8098# http://www.gentoo.org/proj/en/base/amd64/howtos/index.xml?part=1&chap=2
    8199# for the idea.
     100# Would not be needed if we used mount --rbind.
    82101# Review: not sure if we better ommit it.
    83102mount -o bind /dev/pts $XXX/dev/pts
     
    110129
    111130
     131# Currently not used.
    112132inside_chroot() {
    113 # chroot $XXX ...
    114 
    115 
     133# chroot $CHROOT_FOLDER ...
    116134
    117135# TODO: sources.list incomplete. Bug in preseed?
    118136
    119 
    120 ## http://lifeonubuntu.com/how-to-prevent-server-daemons-from-starting-during-apt-get-install/
    121 ## Prevents Tor from connecting the the public Tor network while building
    122 ## (for bridge users). Should also take care of chroot mount getting locked
    123 echo "#!/bin/sh
    124 exit 101" > /usr/sbin/policy-rc.d
    125 chmod 755 /usr/sbin/policy-rc.d
    126 
    127 echo '
    128 # TorBOX
    129 Acquire::http { Proxy "http://127.0.0.1:3142"; };
    130 ' > /tmp/apt.conf
    131 
    132 apt-get --config-file /tmp/apt.conf update
    133 apt-get --config-file /tmp/apt.conf --yes dist-upgrade
    134 
    135 # apt-get --config-file purge locales
    136 # sudo dpkg-reconfigure locales
    137 # sudo locale-gen en_US.UTF-8
    138 
    139 
    140 # ...
    141 
    142 ## make daemons start again
    143 rm -f /usr/sbin/policy-rc.d
     137# No longer neccessary.
     138# Lets keep it in case we need it again.
     139# locale-gen en_US.UTF-8
     140# dpkg-reconfigure locales
     141# echo 'LANG="en_US.UTF-8"' > /etc/default/locale
     142
     143# TODO: No longer neccessary?
     144#echo "GRUB_TERMINAL=console" >> /etc/default/grub
     145#update-grub
     146
     147# TODO: No longer neccessary? Move to T-G/W script?
     148#useradd -m -d /home/user -s /bin/bash user
     149#usermod -a -G adm,cdrom,audio,dip,sudo,plugdev user
    144150}
    145151
     
    156162
    157163
    158 # TODO:
    159 # Changing disk uuids has do be done somewhere...
    160 
    161 
    162 
    163 # Do we need this any longer or can it be moved to
    164 # T-G/W scripts?
    165 inside_chroot_old() {
    166 # part of the script that runs inside of chroot
    167 
    168 # VARIABLES
    169 ROOT_UUID="26ada0c0-1165-4098-884d-aafd2220c2c6"
    170 
    171 # TODO this would leak uuid of the host disk!
    172 #grep -v rootfs /proc/mounts > /etc/mtab
    173 
    174 ## TODO Missing info on mounted /dev/loop, needs testing.
    175 echo "/dev/sda1 / ext4 rw,noatime,errors=remount-ro 0 0
    176 proc /proc proc rw,noexec,nosuid,nodev 0 0
    177 sysfs /sys sysfs rw,noexec,nosuid,nodev 0 0
    178 none /sys/fs/fuse/connections fusectl rw 0 0
    179 none /sys/kernel/debug debugfs rw 0 0
    180 none /sys/kernel/security securityfs rw 0 0
    181 udev /dev devtmpfs rw,mode=0755 0 0
    182 devpts /dev/pts devpts rw,noexec,nosuid,gid=5,mode=0620 0 0
    183 tmpfs /run tmpfs rw,noexec,nosuid,size=10%,mode=0755 0 0
    184 none /run/lock tmpfs rw,noexec,nosuid,nodev,size=5242880 0 0
    185 none /run/shm tmpfs rw,nosuid,nodev 0 0" > /etc/mtab
    186 
    187 #No longer neccessary?
    188 #locale-gen en_US.UTF-8
    189 # dpkg-reconfigure locales
    190 #echo 'LANG="en_US.UTF-8"' > /etc/default/locale
    191 
    192 apt-get update
    193 apt-get dist-upgrade --yes
    194 apt-get install dialog sudo bash lsb-release net-tools iptables ed nano iputils-ping isc-dhcp-client \
    195 kbd console-setup ifupdown netbase less dnsutils --yes
    196 # something is broken...
    197 #console-tools console-data
    198 
    199 #No longer neccessary.
    200 #apt-get install linux-generic --yes
    201 
    202 #No longer neccessary.
    203 #echo "GRUB_TERMINAL=console" >> /etc/default/grub
    204 #update-grub
    205 
    206 echo "UUID="$ROOT_UUID" /               ext4    noatime,errors=remount-ro 0       1
    207 # swap...
    208 " > /etc/fstab
    209 
    210 useradd -m -d /home/user -s /bin/bash user
    211 usermod -a -G adm,cdrom,audio,dip,sudo,plugdev user
    212 }
    213 
    214 
    215 
    216164################################################################
    217165# -tg-mount                                                    #