diff options
| author | Silvino Silva <silvino@bk.ru> | 2017-02-01 05:10:24 +0000 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2017-02-01 05:10:24 +0000 |
| commit | ed23bb3344ec5be2893db8d8d838c38c9f2baacd (patch) | |
| tree | 662a5e7ce5569249b63c9f4925ba4f75b4c44575 /core | |
| parent | aac4d4e7e8de530495e0e0827ddf7680c7e65e69 (diff) | |
| parent | a671b0c01821d46d9f783393b887d7987ec10161 (diff) | |
| download | doc-ed23bb3344ec5be2893db8d8d838c38c9f2baacd.tar.gz | |
New release 0.3.0
Diffstat (limited to 'core')
| -rw-r--r-- | core/conf/fstab | 2 | ||||
| -rw-r--r-- | core/conf/hosts | 22 | ||||
| -rw-r--r-- | core/conf/rc.d/iptables | 111 | ||||
| -rw-r--r-- | core/configure.html | 2 | ||||
| -rw-r--r-- | core/install.html | 153 |
5 files changed, 139 insertions, 151 deletions
diff --git a/core/conf/fstab b/core/conf/fstab index b579488..67bc4e4 100644 --- a/core/conf/fstab +++ b/core/conf/fstab @@ -15,7 +15,7 @@ #/dev/floppy/0 /floppy vfat user,noauto,unhide 0 0 #devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 #tmp /tmp tmpfs defaults 0 0 -#shm /dev/shm tmpfs defaults 0 0 +shm /dev/shm tmpfs defaults 0 0 #usb /proc/bus/usb usbfs defaults 0 0 devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 diff --git a/core/conf/hosts b/core/conf/hosts index ee776e2..449949b 100644 --- a/core/conf/hosts +++ b/core/conf/hosts @@ -1,13 +1,27 @@ # # /etc/hosts: static lookup table for host names # - -# IPv4 +# IPv4 LocalHosts 127.0.0.1 localhost.localdomain localhost -127.0.0.1 c9.localdomain c9 +127.0.0.1 c9.core c9 + +127.0.0.1 wiki.localhost +127.0.0.1 git.localhost +127.0.0.1 doc.localhost +127.0.0.1 ports.localhost + +# IPv4 Intranet +#<ip-address> <hostname.domain.org> <aliases> + +10.0.0.254 c9.core +10.0.0.254 wiki.c9.core +10.0.0.254 git.c9.core +10.0.0.254 doc.c9.core +10.0.0.254 ports.c9.core +# IPv4 Internet #<ip-address> <hostname.domain.org> <aliases> -192.168.1.9 core.privat-network.net c9.core +10.0.0.254 core.privat-network.net # IPv6 #::1 ip6-localhost ip6-loopback diff --git a/core/conf/rc.d/iptables b/core/conf/rc.d/iptables index 3f29928..bb5cf91 100644 --- a/core/conf/rc.d/iptables +++ b/core/conf/rc.d/iptables @@ -3,80 +3,79 @@ # /etc/rc.d/iptables: load/unload iptable rules # -case $1 in -start) - echo "Starting IPv4 firewall filter table..." - /usr/sbin/iptables-restore < /etc/iptables/rules.v4 - ;; -stop) - echo "Stopping firewall and deny everyone..." - iptables -F - iptables -X - iptables -t nat -F - iptables -t nat -X - iptables -t mangle -F - iptables -t mangle -X - iptables -t raw -F - iptables -t raw -X - iptables -t security -F - iptables -t security -X +rules=rules.v4 +#rules=vlan.v4 + +iptables_clear () { + echo "clear all iptables tables" + iptables -F + iptables -X + iptables -t nat -F + iptables -t nat -X + iptables -t mangle -F + iptables -t mangle -X + iptables -t raw -F + iptables -t raw -X + iptables -t security -F + iptables -t security -X +} +case $1 in + start) + iptables_clear + echo "starting IPv4 firewall filter table..." + /usr/sbin/iptables-restore < /etc/iptables/${rules} + ;; + stop) + iptables_clear + echo "stopping firewall and deny everyone..." /usr/sbin/iptables -P INPUT DROP /usr/sbin/iptables -P FORWARD DROP /usr/sbin/iptables -P OUTPUT DROP - # Unlimited on local - /usr/sbin/iptables -A INPUT -i lo -j ACCEPT - /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT + # Unlimited on local + /usr/sbin/iptables -A INPUT -i lo -j ACCEPT + /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT - # log everything else and drop - /usr/sbin/iptables -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " - /usr/sbin/iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: " - /usr/sbin/iptables -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " + # log everything else and drop + /usr/sbin/iptables -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " + /usr/sbin/iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: " + /usr/sbin/iptables -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " - ;; -open) - echo "Outgoing Open firewall and deny everyone..." - iptables -F - iptables -X - iptables -t nat -F - iptables -t nat -X - iptables -t mangle -F - iptables -t mangle -X - iptables -t raw -F - iptables -t raw -X - iptables -t security -F - iptables -t security -X + ;; + open) + iptables_clear + echo "outgoing Open firewall and deny everyone..." /usr/sbin/iptables -P INPUT DROP /usr/sbin/iptables -P FORWARD DROP /usr/sbin/iptables -P OUTPUT ACCEPT - # Unlimited on local - /usr/sbin/iptables -A INPUT -i lo -j ACCEPT - /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT - - # Accept passive - /usr/sbin/iptables -A INPUT -p tcp --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT + /usr/sbin/iptables -A OUTPUT -j ACCEPT - /usr/sbin/iptables -A INPUT -p udp --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT + # Unlimited on local + /usr/sbin/iptables -A INPUT -i lo -j ACCEPT + /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT + # Accept passive + /usr/sbin/iptables -A INPUT -p tcp --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT + /usr/sbin/iptables -A INPUT -p udp --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT - # log everything else and drop - /usr/sbin/iptables -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " - #/usr/sbin/iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: " - /usr/sbin/iptables -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " + # log everything else and drop + /usr/sbin/iptables -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " + /usr/sbin/iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: " + /usr/sbin/iptables -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " - ;; + ;; -restart) - $0 stop - $0 start - ;; -*) + restart) + $0 stop + $0 start + ;; + *) - echo "usage: $0 [start|stop|restart]" - ;; + echo "usage: $0 [start|stop|restart]" + ;; esac # End of file diff --git a/core/configure.html b/core/configure.html index d7bbc25..66ed69c 100644 --- a/core/configure.html +++ b/core/configure.html @@ -222,7 +222,7 @@ #/dev/dvd /dvd udf ro,user,noauto,unhide 0 0 #/dev/floppy/0 /floppy vfat user,noauto,unhide 0 0 #tmp /tmp tmpfs defaults 0 0 - #shm /dev/shm tmpfs defaults 0 0 + shm /dev/shm tmpfs defaults 0 0 #usb /proc/bus/usb usbfs defaults 0 0 devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 diff --git a/core/install.html b/core/install.html index f95910f..be98a0d 100644 --- a/core/install.html +++ b/core/install.html @@ -18,6 +18,13 @@ <a href="http://crux.nu/Main/Handbook3-2">Hand book 3.2</a>, .</p> + <p>If you are booting from crux iso and is not your keyboard + layout of choice run;</p> + + <pre> + # loadkeys dvorak + </pre> + <h2 id="step1">1.1.1. Download Iso</h2> <a href="http://crux.nu/Main/Download">Download Page</a> @@ -33,143 +40,114 @@ <p>Prepare disk or target location where new system will be installed. Follow steps describe how to create efi and - separate partitions such as; boot, root, var, tmp, - usr, ports, swap and home. Information about + separate partitions such as; + bios grub, EFI, swap, boot, root, var, usr and home. + Information about <a href="http://devil-detail.blogspot.pt/2013/07/install-grub2-on-gpt-disk-dedicated-partition.html">gpt partition table</a>. </p> + <p>Create gpt label and set unit size to use;</p> <pre> (parted) mklabel gpt + (parted) unit mib + </pre> + + <h3>bootloader</h3> + + <p>Partition used by grub boot loader. Partition size 2M;</p> + + <pre> + mkpart primary 1 3 + name 1 grub + set 1 bios_grub on </pre> <h3>/boot/efi</h3> <p>EFI System Partition, ESP type EF00. Partition with between 500M and 100M is recommended for standard - installations.</p> + installations. Partition size 128M;</p> <pre> - (parted) mkpart ESP fat32 1MiB 120MiB + (parted) mkpart ESP fat32 3 131 + (parted) name 2 boot + (parted) set 2 boot on </pre> + <h3>Swap (ram)</h3> + + <p>Swap partition general advice is same size as memory ram, + ports system configured to build on ram need at least 34G + to build firefox. Other swap partitions can be added later for port + build on ram. Partition size 512M;</p> + <pre> - (parted) align-check opt 1 + (parted) mkpart primary linux-swap 131 643 + (parted) name 3 swap </pre> <h3>/boot</h3> - <p>Boot partition. Partition with 1G provides - room for crux iso to boot directly from grub.</p> - - <pre> - (parted) mkpart primary ext4 120MiB 1000MiB - </pre> + <p>Boot partition. Partition with 1G provide room for kernels and + crux iso that can be directly boot from grub (without root partition). + Partition size 1G;</p> <pre> - (parted) align-check optimal 2 + (parted) mkpart primary ext4 643 1667 + (parted) name 4 boot </pre> <h3>/</h3> - <p>Normal installation root partition uses 200MB-500MB, being - 1G recommended. Since we have plenty of space a partition - with 2G will be used to host a complete backup of final installation - configuration.</p> + <p>Normal core crux installation root partition uses approximately 2G, + without /usr 200MB-500M. Minimum 2G is recommended. Partition size 2.4G;</p> <pre> - (parted) mkpart primary ext4 1000MiB 3000MiB + (parted) mkpart primary ext4 1667 4096 + (parted) name 5 root </pre> - <pre> - (parted) align-check optimal 3 - </pre> + <p>Core system can be installed from here, additional partitions can be + created now or later.</p> <h3>/var</h3> - <p>Var partition is recommended 100MiB-500MiB, we will - use 1G;</dd> - - <pre> - (parted) mkpart primary ext4 3000MiB 4000MiB - </pre> - - <pre> - (parted) align-check optimal 4 - </pre> - - <h3>/tmp</h3> - - <p>Temp partition with 20M-50M;</dd> - - <pre> - (parted) mkpart primary ext4 4000MiB 4050MiB - </pre> + <p>Var partition is recommended 100MiB-500MiB. Partition size 1G;</dd> <pre> - (parted) align-check optimal 5 + (parted) mkpart primary ext4 4096 5120 + (parted) name 6 var </pre> <h3>/usr</h3> - <p>User partition with 4G is recommended for a desktop - setup, we will use 8G;</dd> - - <pre> - (parted) mkpart primary ext4 4050MiB 12000MiB - </pre> + <p>User partition with 4G-8G is recommended for a desktop setup, we will use 8G;</dd> <pre> - (parted) align-check optimal 6 + (parted) mkpart primary ext4 5120 13312 + (parted) name 7 usr </pre> <h3>/home</h3> - <p>Home partition with 180G;</dd> - - <pre> - (parted) mkpart primary ext4 12000MiB 192000MiB - </pre> - - <pre> - (parted) align-check optimal 7 - </pre> - - <h3>/usr/ports</h3> - - <p>Ports partition with 120G allows to host sources, package - backups and ports;</dd> - - <pre> - (parted) mkpart primary ext4 192000MiB 312000MiB - </pre> - - <pre> - (parted) align-check optimal 8 - </pre> - - <h3>Swap (ram)</h3> - - <p>Swap partition general advice is same size as memory ram, - ports system configured to build on ram need at least 30G - to build firefox. Other swap partitions can be added later for port - build on ram.</p> + <p>Home partition can have limited size for later creation of lvm or fill the rest of + disk space;</dd> <pre> - (parted) mkpart primary linux-swap 312000MiB 342000MiB + (parted) mkpart primary ext4 13312 -1 + (parted) name 8 home </pre> - <p>Create filesystems;</p> + <h3>Create filesystems</h3> <pre> - $ export BLK_EFI=/dev/sda1 - $ export BLK_BOOT=/dev/sda2 - $ export BLK_ROOT=/dev/sda3 - $ export BLK_VAR=/dev/sda4 - $ export BLK_TMP=/dev/sda5 - $ export BLK_USR=/dev/sda6 - $ export BLK_HOME=/dev/sda7 - $ export BLK_PRT=/dev/sda8 - $ export BLK_SWAP=/dev/sda9 + $ export BLK_EFI=/dev/sda2 + $ export BLK_SWAP=/dev/sda3 + $ export BLK_BOOT=/dev/sda4 + $ export BLK_ROOT=/dev/sda5 + $ export BLK_VAR=/dev/sda6 + $ export BLK_USR=/dev/sda7 + $ export BLK_HOME=/dev/sda8 </pre> <pre> @@ -184,10 +162,8 @@ $ sudo mkfs.ext4 $BLK_BOOT $ sudo mkfs.ext4 $BLK_ROOT $ sudo mkfs.ext4 $BKL_VAR - $ sudo mkfs.ext4 $BKL_TMP $ sudo mkfs.ext4 $BKL_USR $ sudo mkfs.ext4 $BKL_HOME - $ sudo mkfs.ext4 $BKL_PRT </pre> <h2 id="step3">1.1.3. Prepare Install</h2> @@ -222,7 +198,6 @@ $ sudo mkdir -p $CHROOT/var/lib/pkg $ sudo mount $BLK_USR $CHROOT/usr - $ sudo mount $BLK_PRT $CHROOT/usr/ports $ sudo mount $BLK_HOME $CHROOT/home </pre> |