[https://morketsmerke.github.io/articles/immudex/immudex.html](https://morketsmerke.github.io/articles/immudex/immudex.html)
+### Dodawanie zmian do obrazu płyty:
+
+Aby dołączyć jakiekolwiek zmiany do obrazu płyty należy przed rozpoczęciem
+procesu tworzenia obrazu płyty umieścić modyfikacje, przed poleceniem `tidy` w
+pliku *versions/base.sh*.
+
+### Zmiany jakich należy dokonać przed stworzeniem obrazu płyty:
+
+Obecnie superużytkownik posiada losowe haslo oraz zablokowana
+jest możliwość zalogowania się na niego. Dostęp do 'root' możemy
+uzyskać za pomocą polecenia 'sudo su'.
+Podstawowy użytkownik (z uprawnieniami sudo)
+jest tworzony podczas budowania obrazu. Podejmowanie czynności
+przed stworzeniem obrazu płyty nie jest póki co wymagane.
+
### Tworzenie obrazu płyty dystrybucji:
```
$ git clone https://github.com/xf0r3m/immudex
- $ cd immudex-testing
+ $ cd immudex
$ ./immudex-build --<amd64/i386> --<testing/stable/oldstable>
```
-### Dodawanie zmian do obrazu płyty:
-
-Aby dołączyć jakiekolwiek zmiany do obrazu płyty należy przed rozpoczęciem
-procesu tworzenia obrazu płyty umieścić modyfikacje, przed poleceniem `tidy` w
-pliku *versions/base.sh*.
-
### Zastrzeżenia i uznanie autorstwa:
immudex is not affiliated with Debian. Debian is a registered trademark owned
by Software in the Public Interest, Inc.
-
baseVersion=$(head -1 /etc/apt/sources.list | awk '{print $3}')
-apt install lsb-release -y;
-wget https://dev.mysql.com/get/mysql-apt-config_0.8.25-1_all.deb;
-dpkg -i mysql-apt-config_0.8.25-1_all.deb;
+apt install lsb-release gnupg -y;
+wget https://dev.mysql.com/get/mysql-apt-config_0.8.29-1_all.deb
+dpkg -i mysql-apt-config_0.8.29-1_all.deb;
-sed -i "s/$baseVersion/bullseye/g" /etc/apt/sources.list;
+sed -i "s/$baseVersion/bookworm/g" /etc/apt/sources.list;
apt update;
apt install mysql-server -y
apt-get install --fix-missing
apt-mark hold libmecab2 libssl1.1 mecab-ipadic mecab-ipadic-utf8 mecab-utils mysql-client mysql-common mysql-community-client mysql-community-client-core mysql-community-client-plugins mysql-community-server mysql-community-server-core
-sed -i "s/bullseye/$baseVersion/g" /etc/apt/sources.list;
+sed -i "s/bookworm/$baseVersion/g" /etc/apt/sources.list;
apt update
apt install apache2 libapache2-mod-php php php-mysql -y;
apt autoremove;
apt autoclean;
apt clean;
-rm mysql-apt-config_0.8.25-1_all.deb;
+rm mysql-apt-config_0.8.29-1_all.deb;
cp -vv /etc/apt/sources.list /etc/apt/sources.list.d/nvidia.list;
sed -e 's/main/contrib non-free non-free-firmware/g' -i /etc/apt/sources.list.d/nvidia.list;
apt update;
- apt install -y build-essential dkms linux-headers-\$(uname -r);
- apt install -y nvidia-detect;
- apt install -y nvidia-driver;
+ apt install -y build-essential dkms linux-headers-amd64 nvidia-detect nvidia-driver;
fi
create_enviroment
fi
+#Removing old immudex build directory structure:
if [ -d ${HOME}/build/immudex-${debver}/${arch} ]; then
echo -n "Removing old immudex build directory structure...";
- sudo rm -rvf ${HOME}/build/immudex-${debver} >> immudex_build.log 2>&1;
+ sudo rm -rvf ${HOME}/build/immudex-${debver}/${arch} >> immudex_build.log 2>&1;
if [ $? -eq 0 ]; then echo -e "[ ${GREEN}OK${ENDCOLOR} ]"; fi
fi
echo "-==Setting version for immudex image: $(date)==-" >> immudex_build.log;
echo -n "Setting version for this immudex image...";
(cd ${HOME}/immudex && git log --pretty=oneline) | head -1 | awk '{printf $1}' | tee ${HOME}/build/immudex-${debver}/${arch}/staging/live/version >> immudex_build.log 2>&1;
+echo >> immudex_build.log;
versionShort=$(cut -c 1-7 ${HOME}/build/immudex-${debver}/${arch}/staging/live/version);
if [ $? -eq 0 ]; then echo -e "[ ${GREEN}OK${ENDCOLOR} ]"; fi
+#Setting compilation date for this image:
+echo "-==Setting compilaztion date for immudex image: $(date)==-" >> immudex_build.log;
+echo -n "Setting compilation date for this immudex image...";
+date | tee ${HOME}/build/immudex-${debver}/${arch}/staging/live/compilation_date >> immudex_build.log 2>&1;
+if [ $? -eq 0 ]; then echo -e "[ ${GREEN}OK${ENDCOLOR} ]"; fi
+
#Getting and copying bootloader files
+echo "-==Getting and copying bootloader files: $(date)==-" >> immudex_build.log;
echo -n "Copying bootloader files...";
arch2=$(echo $1 | sed 's/-//g');
cp -v ${HOME}/immudex/isolinux/${arch2}/* ${HOME}/build/immudex-${debver}/${arch}/staging/isolinux >> immudex_build.log 2>&1;
function help() {
echo "immudex-create-media - script used for write iso image to usb drive(mainly)";
- echo "@ 2023 morketsmerke.org";
+ echo "@ 2024 morketsmerke.org";
+ echo "Superuser (root) privileges are required.";
echo "Options:";
echo " --i386-efi - creating 32-bit EFI usb drive with iso image";
echo " (comapatible with immudex only iso images)";
echo " $ immudex-create-media [--i386-efi] [--nuke] <usb_disk> [iso_image]";
}
+if [ $UID -ne 0 ]; then
+ echo "Permission denied!";
+ help;
+ exit 1;
+fi
+
if [ "$1" ] && [ "$1" = "--i386-efi" ]; then target="i386-efi"; shift; fi
if [ "$1" ] && [ "$1" = "--nuke" ]; then target="nuke"; shift; fi
if [ "$1" ] && echo $1 | grep -Eq '/dev/(sd[a-z]|vd[a-z]|mmcblk[0-9])'; then
function help() {
echo "immudex-crypt - script used for listing, open and close crypt_LUKS ppartitions";
- echo "@ 2023 morketsmerke.org";
+ echo "@ 2024 morketsmerke.org";
echo "Superuser (root) privileges are required.";
echo "Options:";
echo " list - displaing list of opened and available crypt_LUKS devices";
exit 1;
fi
- #immudexCryptPID=$$;
- #parentProcessPID=$((immudexCryptPID - 1));
#immudex-crypt RUID is EUID of sudo, which spawning immudex-crypt
export RUID=$(grep '^Uid:' /proc/$(pidof -s sudo)/status | awk '{printf $2}');
export USER=$(grep "$RUID" /etc/passwd | cut -d ":" -f1);
#!/bin/bash
+if [ $UID -ne 0 ]; then
+ echo "Permission denied!";
+ exit 1;
+fi
+
bootID=$(sed 's/-//g' /proc/sys/kernel/random/boot_id | cut -c 26-33);
if hostnamectl > /dev/null 2>&1; then
hName="$(hostnamectl | grep 'Chassis' | cut -d ":" -f 2 | awk '{printf $1}')-${bootID}";
GREEN="\e[32m";
ENDCOLOR="\e[0m";
+if [ $UID -ne 0 ]; then
+ echo "Permission denied!";
+ exit 1;
+fi
+
while [ true ]; do
echo -e "${RED}This script will install immudex on first disk on your machine.${ENDCOLOR}";
echo -e "${RED}It could be destructive for data placed on this disk${ENDCOLR}";
function help() {
echo "immudex-upgrade - script for searching upgrades and upgrade immudex";
- echo "@ 2023 morketsmerke.org";
+ echo "@ 2024 morketsmerke.org";
+ echo "Superuser (root) privileges are required.";
echo "Options:";
echo " --check - check there are upgrades for immudex";
echo " --upgrade - upgrade immudex from given source";
+ echo " --myversion - prints images current commit message";
+ echo " --compilation-date - prints date of image creation";
+ echo " --packages-upgradable [--security] - updates apt (packages) list and";
+ echo " prints available to upgrade packages, with --security modificator";
+ echo " prints only pacakages from security repository branch";
}
+if [ $UID -ne 0 ]; then
+ echo "Permission denied!";
+ help;
+ exit 1;
+fi
+
if [ "$1" ]; then
if [ "$1" ] && [ "$1" = "--check" ]; then
if check_distro_commit; then
if [ -d /tmp/immudex ]; then
(cd /tmp/immudex && git pull > /dev/null 2>&1)
else
- git clone https://github.com/xf0r3m/immudex /tmp;
+ git clone https://github.com/xf0r3m/immudex /tmp/immudex;
fi
(cd /tmp/immudex && git show $(cat /run/live/medium/live/version))
+ elif [ "$1" ] && [ "$1" = "--packages-upgradable" ]; then
+ apt update;
+ if [ "$2" ] && [ "$2" = "--security" ]; then
+ apt list --upgradable | grep 'security';
+ else
+ apt list --upgradable;
+ fi
+ elif [ "$1" ] && [ "$1" = "--compilation-date" ]; then
+ echo "Image was created: $(cat /run/live/medium/live/compilation_date)";
else
help;
exit 1;
fi
cd;
-if [ -x /usr/bin/git ]; then git clone https://git.morketsmerke.org/git/immudex;
-else apt install git -y && git clone https://git.morketsmerke.org/git/immudex;
+if [ -x /usr/bin/git ]; then git clone https://github.com/xf0r3m/immudex;
+else apt install git -y && git clone https://github.com/xf0r3m/immudex;
fi
source ~/immudex/versions/template.sh;
cd;
-git clone https://git.morketsmerke.org/git/xfcedebian-d13;
-cd xfcedebian-d13;
+git clone https://github.com/xf0r3m/xfcedebian;
+cd xfcedebian;
bash install.sh;
cd;
/usr/sbin/ufw default deny incoming;
/usr/sbin/ufw default allow outgoing;
-/usr/sbin/ufw enable;
+#/usr/sbin/ufw enable;
+sed -i '/^ENABLED=/s/ENABLED=no/ENABLED=yes/' /etc/ufw/ufw.conf
echo "immudex" > /etc/hostname;
echo "127.0.1.1 immudex" >> /etc/hosts;
echo "root:${rootPassword}" | chpasswd;
usermod -L root;
-#recreate_users;
-#echo "user ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers;
-#echo "xf0r3m ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers;
-
# Miejsce na twoje zmiany, przed poleceniem 'tidy'
tidy;
projects / immudex.git / commitdiff