diff options
| -rw-r--r-- | conf/fstab | 63 | ||||
| -rw-r--r-- | conf/hosts | 19 | ||||
| -rw-r--r-- | conf/rc.conf | 12 | ||||
| -rw-r--r-- | conf/sudoers | 97 | ||||
| -rw-r--r-- | core/configure.html | 347 | ||||
| -rw-r--r-- | scripts/configure.sh | 55 |
6 files changed, 593 insertions, 0 deletions
diff --git a/conf/fstab b/conf/fstab new file mode 100644 index 0000000..b3133e6 --- /dev/null +++ b/conf/fstab @@ -0,0 +1,63 @@ +# +# /etc/fstab: static file system information +# +# <file system> <dir> <type> <options> <dump> <pass> + +#/dev/#EXT4FS_ROOT# / ext4 defaults 0 1 +#/dev/#BTRFS_ROOT# / btrfs defaults 0 0 +#/dev/#XFS_ROOT# / xfs defaults 0 0 +#/dev/#SWAP# swap swap defaults 0 0 +#/dev/#EXT4FS_HOME# /home ext4 defaults 0 2 +#/dev/#BTRFS_HOME# /home btrfs defaults 0 0 +#/dev/#XFS_HOME# /home xfs defaults 0 0 +#/dev/cdrom /cdrom iso9660 ro,user,noauto,unhide 0 0 +#/dev/dvd /dvd udf ro,user,noauto,unhide 0 0 +#/dev/floppy/0 /floppy vfat user,noauto,unhide 0 0 +devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 +#tmp /tmp tmpfs defaults 0 0 +#shm /dev/shm tmpfs defaults 0 0 +#usb /proc/bus/usb usbfs defaults 0 0 + +#/ +#/dev/sda3: +UUID=f7fce1b0-5117-4b76-8c0e-00870a824ab2 / ext4 defaults 0 1 + +#/boot +#/dev/sda2: +UUID=c8489141-7e72-4ddd-b27f-d21a6686bc23 /boot ext4 defaults,nodev,noexec,nosuid 0 2 + +#/boot/efi +#/dev/sda1: +UUID=F74C-0993 /boot/efi vfat umask=0077 0 2 + +#swap +#/dev/sda4: +UUID=0ec84a34-8255-465d-83b0-091dabafeb41 none swap sw 0 0 + +#/var +#/dev/sda5: +UUID=8a417c13-95cd-40e3-bac7-e71a5a432985 /var ext4 defaults,nodev,noexec,nosuid 0 2 + + +#/tmp +#/dev/sda6: +UUID=2ce9a85c-fc86-4583-9146-5e23de8a000c /tmp ext4 defaults,nodev,nosuid,noexec 1 2 + +#/usr +#/dev/sda7: +UUID=c16a02a6-a1bc-4a5a-bdf3-b843a3e9b196 /usr ext4 defaults,nodev 0 2 + +#/var/ports/work +#pkgmk /var/ports/work tmpfs size=20G,gid=101,uid=101,defaults 0 0 + +## Home /home +#UUID=935a4189-aea5-46c4-8e29-f9e9ace3addf /home ext4 defaults,nodev,nosuid,noexec 0 2 + +devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 + +#/dev/sda8: UUID="d2ba3926-0839-4179-b2b1-62256b51e964" TYPE="ext4" PARTUUID="71c78b3c-2898-47b7-adad-133f2b47eca8" +#/dev/sda10: UUID="1158f1d1-71d9-4f76-a54e-538e34419d0b" TYPE="ext4" PARTUUID="b90776d1-8051-4751-acc6-7477dbb04e4e" +#/dev/sda11: UUID="935a4189-aea5-46c4-8e29-f9e9ace3addf" TYPE="ext4" PARTUUID="6dd2492e-bd14-4177-9bc7-60bc3e330203" +# + +# End of file diff --git a/conf/hosts b/conf/hosts new file mode 100644 index 0000000..2fb89fb --- /dev/null +++ b/conf/hosts @@ -0,0 +1,19 @@ +# +# /etc/hosts: static lookup table for host names +# + +# IPv4 +127.0.0.1 localhost c9 + +#<ip-address> <hostname.domain.org> <aliases> +#192.168.1.9 c9.example.org + +# IPv6 +#::1 ip6-localhost ip6-loopback +#fe00::0 ip6-localnet +#ff00::0 ip6-mcastprefix +#ff02::1 ip6-allnodes +#ff02::2 ip6-allrouters +#ff02::3 ip6-allhosts + +# End of file diff --git a/conf/rc.conf b/conf/rc.conf new file mode 100644 index 0000000..a9fffb8 --- /dev/null +++ b/conf/rc.conf @@ -0,0 +1,12 @@ +# +# /etc/rc.conf: system configuration +# + +FONT=default +KEYMAP=dvorak +TIMEZONE="Europe/Lisbon" +HOSTNAME=c9 +SYSLOG=sysklogd +SERVICES=(lo net crond) + +# End of file diff --git a/conf/sudoers b/conf/sudoers new file mode 100644 index 0000000..3b35ea9 --- /dev/null +++ b/conf/sudoers @@ -0,0 +1,97 @@ +## sudoers file. +## +## This file MUST be edited with the 'visudo' command as root. +## Failure to use 'visudo' may result in syntax or file permission errors +## that prevent sudo from running. +## +## See the sudoers man page for the details on how to write a sudoers file. +## + +## +## Host alias specification +## +## Groups of machines. These may include host names (optionally with wildcards), +## IP addresses, network numbers or netgroups. +# Host_Alias WEBSERVERS = www1, www2, www3 + +## +## User alias specification +## +## Groups of users. These may consist of user names, uids, Unix groups, +## or netgroups. +# User_Alias ADMINS = millert, dowdy, mikef + +## +## Cmnd alias specification +## +## Groups of commands. Often used to group related commands together. +# Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \ +# /usr/bin/pkill, /usr/bin/top +# Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff + +## +## Defaults specification +## +## You may wish to keep some of the following environment variables +## when running commands via sudo. +## +## Locale settings +# Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" +## +## Run X applications through sudo; HOME is used to find the +## .Xauthority file. Note that other programs use HOME to find +## configuration files and this may lead to privilege escalation! +# Defaults env_keep += "HOME" +## +## X11 resource path settings +# Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" +## +## Desktop path settings +# Defaults env_keep += "QTDIR KDEDIR" +## +## Allow sudo-run commands to inherit the callers' ConsoleKit session +# Defaults env_keep += "XDG_SESSION_COOKIE" +## +## Uncomment to enable special input methods. Care should be taken as +## this may allow users to subvert the command being run via sudo. +# Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" +## +## Uncomment to use a hard-coded PATH instead of the user's to find commands +# Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +## +## Uncomment to send mail if the user does not enter the correct password. +# Defaults mail_badpass +## +## Uncomment to enable logging of a command's output, except for +## sudoreplay and reboot. Use sudoreplay to play back logged sessions. +# Defaults log_output +# Defaults!/usr/bin/sudoreplay !log_output +# Defaults!/usr/local/bin/sudoreplay !log_output +# Defaults!REBOOT !log_output + +## +## Runas alias specification +## + +## +## User privilege specification +## +root ALL=(ALL) ALL + +## Uncomment to allow members of group wheel to execute any command +%wheel ALL=(ALL) ALL + +## Same thing without a password +# %wheel ALL=(ALL) NOPASSWD: ALL + +## Uncomment to allow members of group sudo to execute any command +# %sudo ALL=(ALL) ALL + +## Uncomment to allow any user to run sudo if they know the password +## of the user they are running the command as (root by default). +# Defaults targetpw # Ask for the password of the target user +# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw' + +## Read drop-in files from /etc/sudoers.d +## (the '#' here does not indicate a comment) +#includedir /etc/sudoers.d diff --git a/core/configure.html b/core/configure.html new file mode 100644 index 0000000..744e340 --- /dev/null +++ b/core/configure.html @@ -0,0 +1,347 @@ +<!DOCTYPE html> +<html dir="ltr" lang="en"> + <head> + <meta charset='utf-8'> + <title>1.2. Configure</title> + </head> + <body> + + <a href="index.html">Core Doc Index</a> + + <h1 id="chroot">1.1.2. Configure</h1> + + <p>If you don't have active chroot and don't are + yet inside chroot follow this steps from + <a href="install.html">install</a>;</p> + + <pre> + $ export CHROOT=/mnt + </pre> + + <pre> + $ export BLK_EFI=/dev/sda1 + $ export BLK_BOOT=/dev/sda2 + $ export BLK_ROOT=/dev/sda3 + $ export BLK_VAR=/dev/sda5 + $ export BLK_USR=/dev/sda7 + + $ export BLK_HOME=/dev/sda8 + + $ sudo mount $BLK_BOOT $CHROOT/boot + $ sudo mount $BLK_EFI $CHROOT/boot/efi + $ sudo mount $BLK_VAR $CHROOT/var + $ sudo mount $BLK_USR $CHROOT/usr + + $ sudo mount $BLK_HOME $CHROOT/home + </pre> + + <p>Activate Chroot;</p> + + <pre> + $ sudo mount --bind /dev $CHROOT/dev + $ sudo mount -vt devpts devpts $CHROOT/dev/pts + $ sudo mount -vt tmpfs shm $CHROOT/dev/shm + $ sudo mount -vt proc proc $CHROOT/proc + $ sudo mount -vt sysfs sysfs $CHROOT/sys + </pre> + + <pre> + $ sudo chroot $CHROOT /usr/bin/env -i \ + HOME=/root TERM="$TERM" PS1='\u:\w\$ ' \ + PATH=/bin:/usr/bin:/sbin:/usr/sbin \ + /bin/bash --login + </pre> + + <h2 id="hostname">1.2.1. Set hostname and hosts</h2> + + <p>Give it a name, this example we will call it c9;</p> + + <pre> + # hostname c9 + </pre> + + <p>Edit /etc/hosts to contain your hostname and FQDN, + this example also uses c9.example.org. If you wish get a + subdomain from + <a href="http://freedns.afraid.org">afraid.org</a> + pointing to your public ip, example of static 192.168.1.9 ip + with c9.example.org pointing to c9 host;</p> + + <pre> + # + # /etc/hosts: static lookup table for host names + # + + # IPv4 + 127.0.0.1 localhost c9 + #<ip-address> <hostname.domain.org> <aliases> + # 192.168.1.9 c9.example.org + </pre> + + <h2 id="time">1.2.2. Set timezone</h2> + + <p>Setup timezone;</p> + + <pre> + # tzselect + Please identify a location so that time zone rules can be set correctly. + Please select a continent, ocean, "coord", or "TZ". + 1) Africa + 2) Americas + 3) Antarctica + 4) Asia + 5) Atlantic Ocean + 6) Australia + 7) Europe + 8) Indian Ocean + 9) Pacific Ocean + 10) coord - I want to use geographical coordinates. + 11) TZ - I want to specify the time zone using the Posix TZ format. + #? 7 + + Please select a country whose clocks agree with yours. + 1) ?land Islands 18) Greece 35) Norway + 2) Albania 19) Guernsey 36) Poland + 3) Andorra 20) Hungary 37) Portugal + 4) Austria 21) Ireland 38) Romania + 5) Belarus 22) Isle of Man 39) Russia + 6) Belgium 23) Italy 40) San Marino + 7) Bosnia & Herzegovina 24) Jersey 41) Serbia + 8) Britain (UK) 25) Latvia 42) Slovakia + 9) Bulgaria 26) Liechtenstein 43) Slovenia + 10) Croatia 27) Lithuania 44) Spain + 11) Czech Republic 28) Luxembourg 45) Svalbard & Jan Mayen + 12) Denmark 29) Macedonia 46) Sweden + 13) Estonia 30) Malta 47) Switzerland + 14) Finland 31) Moldova 48) Turkey + 15) France 32) Monaco 49) Ukraine + 16) Germany 33) Montenegro 50) Vatican City + 17) Gibraltar 34) Netherlands + #? 37 + + Please select one of the following time zone regions. + 1) mainland + 2) Madeira Islands + 3) Azores + #? 1 + + The following information has been given: + + Portugal + mainland + + Therefore TZ='Europe/Lisbon' will be used. + Local time is now: Sun Aug 9 17:36:05 WEST 2016. + Universal Time is now: Sun Aug 9 16:36:05 UTC 2016. + Is the above information OK? + 1) Yes + 2) No + #? 1 + + You can make this change permanent for yourself by appending the line + TZ='Europe/Lisbon'; export TZ + to the file '.profile' in your home directory; then log out and log in again. + + Here is that TZ value again, this time on standard output so that you + can use the /usr/bin/tzselect command in shell scripts: + Europe/Lisbon + # + </pre> + + <h2 id="locale">1.2.3. Set locale</h2> + + + <pre> + # localedef -i en_US -f UTF-8 en_US.UTF-8 + </pre> + + <h2 id="user">1.2.4. Users</h2> + + <h3>1.2.4.1. Set root password</h3> + + <pre> + # passwd + </pre> + + <h3>1.2.4.2. Create Administrator User</h3> + + <pre> + # useradd -U -m -s /bin/bash c9admin + # passwd c9admin + </pre> + + <pre> + # chmod 0700 /root + # chmod 0700 /home/c9admin + </pre> + + <h3>1.2.4.3 Add Administrator to Wheel group</h3> + + <pre> + # usermod -a -G wheel c9admin + </pre> + + <pre> + bash-4.3# sudoedit /etc/sudoers + </pre> + + <pre> + ## Uncomment to allow members of group wheel to execute any command + %wheel ALL=(ALL) ALL + </pre> + + <h2 id="fstab">1.2.5. File system table</h2> + + <p>First we will discover block id (UUID) of + <a href="install.html#step2">target partition</a>, + blkid list all while vol_id --uuid /dev/sdb1 returns + only uuid. Add all block ids to the end of file + /etc/fstab</a> + </p> + + <pre> + # blkid >> /etc/fstab + </pre> + + <p>Read <a href="http://linux-audit.com/securing-mount-points-on-linux/" title="Securing mount points">Securing mount points</a>, + and edit /etc/fstab according to your disk layout.</p> + + <pre> + # + # /etc/fstab: static file system information + # + # <file system> <dir> <type> <options> <dump> <pass> + + #/dev/#EXT4FS_ROOT# / ext4 defaults 0 1 + #/dev/#BTRFS_ROOT# / btrfs defaults 0 0 + #/dev/#XFS_ROOT# / xfs defaults 0 0 + #/dev/#SWAP# swap swap defaults 0 0 + #/dev/#EXT4FS_HOME# /home ext4 defaults 0 2 + #/dev/#BTRFS_HOME# /home btrfs defaults 0 0 + #/dev/#XFS_HOME# /home xfs defaults 0 0 + #/dev/cdrom /cdrom iso9660 ro,user,noauto,unhide 0 0 + #/dev/dvd /dvd udf ro,user,noauto,unhide 0 0 + #/dev/floppy/0 /floppy vfat user,noauto,unhide 0 0 + #tmp /tmp tmpfs defaults 0 0 + #shm /dev/shm tmpfs defaults 0 0 + #usb /proc/bus/usb usbfs defaults 0 0 + + + #/ + #/dev/sda3: + UUID=f7fce1b0-5117-4b76-8c0e-00870a824ab2 / ext4 defaults 0 1 + + #/boot + #/dev/sda2: + UUID=c8489141-7e72-4ddd-b27f-d21a6686bc23 /boot ext4 defaults,nodev,noexec,nosuid 0 2 + + #/boot/efi + #/dev/sda1: + UUID=F74C-0993 /boot/efi vfat umask=0077 0 2 + + #swap + #/dev/sda4: + UUID=0ec84a34-8255-465d-83b0-091dabafeb41 none swap sw 0 0 + + #/var + #/dev/sda5: + UUID=8a417c13-95cd-40e3-bac7-e71a5a432985 /var ext4 defaults,nodev,noexec,nosuid 0 2 + + + #/tmp + #/dev/sda6: + UUID=2ce9a85c-fc86-4583-9146-5e23de8a000c /tmp ext4 defaults,nodev,nosuid,noexec 1 2 + + #/usr + #/dev/sda7: + UUID=c16a02a6-a1bc-4a5a-bdf3-b843a3e9b196 /usr ext4 defaults,nodev 0 2 + + #/var/ports/work + #pkgmk /var/ports/work tmpfs size=20G,gid=101,uid=101,defaults 0 0 + + ## Home /home + #UUID=935a4189-aea5-46c4-8e29-f9e9ace3addf /home ext4 defaults,nodev,nosuid,noexec 0 2 + + devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 + + #/dev/sda8: UUID="d2ba3926-0839-4179-b2b1-62256b51e964" TYPE="ext4" PARTUUID="71c78b3c-2898-47b7-adad-133f2b47eca8" + #/dev/sda10: UUID="1158f1d1-71d9-4f76-a54e-538e34419d0b" TYPE="ext4" PARTUUID="b90776d1-8051-4751-acc6-7477dbb04e4e" + #/dev/sda11: UUID="935a4189-aea5-46c4-8e29-f9e9ace3addf" TYPE="ext4" PARTUUID="6dd2492e-bd14-4177-9bc7-60bc3e330203" + # + + # End of file + </pre> + + <p>Pass option control in wich order fsck checks devices. If is + a multiple partition scheme; 1 for root, 2 for others or 0 to + disable.</p> + + <h2 id="rcconf">1.2.6. Initialization Scripts</h2> + + <p>Edit /etc/rc.conf and define keyboard layout, hostname and timezone, + more information about + <a href="http://crux.nu/Main/Handbook3-1#ConfigurationVariables">configuration variables</a>. + </p> + + <pre> + # + # /etc/rc.conf: system configuration + # + + FONT=default + KEYMAP=dvorak + TIMEZONE="Europe/Lisbon" + HOSTNAME=c9 + SYSLOG=sysklogd + SERVICES=(lo net crond) + + # End of file + </pre> + + <p>Content of /etc/inittab shows layout organization and default + run level;</p> + + <pre> + # + # /etc/inittab: system runlevel description + # + + # Runlevels: + # 0 Halt + # 1(S) Single-user + # 2 Multi-user + # 3-5 Not used + # 6 Reboot + + id:2:initdefault: + + rc::sysinit:/etc/rc + rs:S1:wait:/etc/rc.single + rm:2:wait:/etc/rc.multi + rd:06:wait:/etc/rc.shutdown + su:S:wait:/sbin/sulogin -p + + c1:2:respawn:/sbin/agetty --noclear 38400 tty1 linux + c2:2:respawn:/sbin/agetty 38400 tty2 linux + c3:2:respawn:/sbin/agetty 38400 tty3 linux + c4:2:respawn:/sbin/agetty 38400 tty4 linux + c5:2:respawn:/sbin/agetty 38400 tty5 linux + c6:2:respawn:/sbin/agetty 38400 tty6 linux + #s1:2:respawn:/sbin/agetty 38400 ttyS0 vt100 + + ca::ctrlaltdel:/sbin/shutdown -t3 -r now + + # End of file + </pre> + + + <a href="index.html">Core OS Index</a> + <p>This is part of the c9 Manual. + Copyright (C) 2016 + Silvino Silva. + See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + for copying conditions.</p> + + + </body> +</html> diff --git a/scripts/configure.sh b/scripts/configure.sh new file mode 100644 index 0000000..e812bda --- /dev/null +++ b/scripts/configure.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +ADMIN_USER=c9admin +#ADMIN_PASS= + +DIR=$(dirname "$PWD"); +DIR_CONF=$DIR"/conf" + +printf "DIR_CONF="$DIR"\n"; +printf "DIR_CONF="$DIR_CONF"\n"; +printf "ADMIN_USER="$ADMIN_USER"\n" + +printf "1.1.3 mount point to chroot (/mnt):" +read CHROOT + +#configure_crux() { + + echo "1.2.1. Set hostname and hosts;" + cp $DIR_CONF/hosts $CHROOT/etc/ + vim $CHROOT/etc/hosts + + echo "1.2.2. Set timezone;" + chroot $CHROOT /bin/bash -c tzselect + + echo "1.2.3. Set locale;" + chroot $CHROOT /bin/bash -c "localedef -i en_US -f UTF-8 en_US.UTF-8" + echo "1.2.4.2. Create Administrator $ADMIN_USER;" + + chroot $CHROOT /usr/bin/env -i \ + HOME=/root TERM="$TERM" PS1='\u:\w\$ ' \ + PATH=/bin:/usr/bin:/sbin:/usr/sbin \ + /bin/bash -c "useradd -m -s /bin/bash $ADMIN_USER" + +# echo "$ADMIN_USER:$ADMIN_PASS" >$CHROOT/root/foo +# chroot $CHROOT 'chpasswd </root/foo' +# rm $CHROOT/root/foo +# + echo "1.2.4.3. Add Administrator $ADMIN_USER to wheel group;" + chroot $CHROOT /bin/bash -c "usermod -a -G wheel $ADMIN_USER" + echo "1.2.4.3. Uncomment to allow members of group wheel to execute any command\n +# %wheel ALL=(ALL) ALL" + cp $DIR_CONF/sudoers $CHROOT/etc/ + + echo "1.2.5. File system table;" + cp $DIR_CONF/fstab $CHROOT/etc/ + blkid >> $CHROOT/etc/fstab + vim $CHROOT/etc/fstab + + echo "1.2.6. Initialization Scripts;" + cp $DIR_CONF/rc.conf $CHROOT/etc/ + vim $CHROOT/etc/rc.conf + +#} + +printf "Chroot to /mnt and set root and admin password:" |