Welcome
Welcome to refracta

You are currently viewing our boards as a guest, which gives you limited access to view most discussions and access our other features. By joining our free community, you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content, and access many other special features. In addition, registered members also see less advertisements. Registration is fast, simple, and absolutely free, so please, join our community today!

Alternative usb installation method, part 3 (jessie)

Stuff that has not yet gone into the official build.

Alternative usb installation method, part 3 (jessie)

Postby fsmithred » Mon Dec 08, 2014 9:36 pm

I just uploaded refracta2usb-0.9.6+sid3.deb to sourceforge and ibiblio testing folders. +sid1 and +sid2 were severely broken. :oops: Throughout the script were commands that can no longer be run by unprivileged user. Some tests were rewritten with new commands and some tests were commented out until satisfactory commands are found.

So far, making a basic live-usb from the main menu works, but you now have to install syslinux from the advanced menu after the contents of the iso are copied. The multiboot task in the advanced menu works. Update almost works right - when it asks you to select the /live folder, you should select the directory in which you want the /live folder placed. At least if you're replacing a system that's in the /live folder that's in the root of the device. Not sure about updating any systems in multiboot folders, as I haven't tried that yet.

Making a persistent partition from the main menu works. That's as far as I've gotten with it. I figured it was time to start part 3 of this discussion, because it looks like it's going to be a long haul.
User avatar
fsmithred
 
Posts: 2095
Joined: Wed Mar 09, 2011 9:13 pm

Re: Alternative usb installation method, part 3 (jessie)

Postby fsmithred » Tue Dec 09, 2014 12:19 am

Had to change the following line in mkpersist. With $DIALOG in the line, got an error message about "--list command not found." Makes no sense to me. The same syntax is used in other places, and it works.

Code: Select all
#PERSISTENCE_TYPE=$($DIALOG --list --radiolist --column ' ' --column '' --width 260 --height 190    FALSE "Persistent home" FALSE "Full persistence" FALSE "Let me edit persistence.conf")

PERSISTENCE_TYPE=$(yad --list --radiolist --column ' ' --column '' --width 260 --height 190 FALSE "Persistent home" FALSE "Full persistence" FALSE "Let me edit persistence.conf")
User avatar
fsmithred
 
Posts: 2095
Joined: Wed Mar 09, 2011 9:13 pm

Re: Alternative usb installation method, part 3 (jessie)

Postby fsmithred » Tue Dec 09, 2014 2:09 am

Boot_ISO (findiso) in advanced menu works.
Create loopback file works.
Mount/Unmount loopback file works.

Still need to remove Add_LUKS (the old hook), update Patch Initrd, test encrypted loopback, test rw media*, and test running live (from CD or USB to USB)

I'm not sure we need to do anything special for read/write live media partition. Just adding the word, persistence, on the boot line makes the first partition writable by root. It gets mounted at /lib/live/mount/persistence/sdX1 instead of /lib/live/mount/medium.
User avatar
fsmithred
 
Posts: 2095
Joined: Wed Mar 09, 2011 9:13 pm

Re: Alternative usb installation method, part 3 (jessie)

Postby dzz » Fri Dec 12, 2014 1:25 am

Throughout the script were commands that can no longer be run by unprivileged user


Code: Select all
/sbin/fdisk -l
/sbin/blkid
syslinux -d syslinux /dev/sdb1

Maybe some others. Your user needs to be added to the "disk" group do do that (blkid may give incomplete or unpredictable results)

I just ran refracta2usb (the version included in the iso) from my newly installed jessie-sysv. The usb was freshly formatted and I needed a refractasnapshot image on it. No problems and it boots.

Perhaps r2u should include a check for "disk" group? I like that root is not required unecessarily.

BTW refractasnapshot (latest version) also worked fine.
dzz
 
Posts: 647
Joined: Wed Apr 27, 2011 11:53 am
Location: Devon, England

Re: Alternative usb installation method, part 3 (jessie)

Postby fsmithred » Mon Feb 16, 2015 6:42 pm

I spent the last few days rewriting refracta2usb and made some major changes. Most notable - you must be root to run it, and it must start from a terminal (not new). All the separate scripts are now functions. Much simpler coding (but still butt-ugly) and you only have to enter the password once, at the start.

Directory structure on the live-usb is slightly different. Multiboot is assumed - you must name a target directory, and the files (intact iso, iso contents or live mount) all go in that folder. There's no /live folder in the root of the device anymore.

Other major change is that the syslinux directory no longer comes from the iso. That was causing cases of mismatched syslinux bootloader and syslinux modules. Now, the menu and help files get copied from a template folder in the package, and the modules come from the host system. That way, when 'syslinux -d syslinux' runs and/or the mbr gets written, it's with the same version of syslinux as the modules. This seems to be working - I can install syslinux alternately in jessie or wheezy, and the stick still boots.

Only major problem seems to be encryption. I've made custom initrds with both the alpha9 and alpha21 versions of patch-initrd, and it does not ask for the password at boot. Instead of mounting the loopfile, it mounts the partition at /lib/live/mount/persistence/sdXn. The loopfile does contain persistence.conf, so I know it's getting mounted when it's created.

It's still buggy, so no release yet, but that should be soon. Here's the changelog so far...
Code: Select all
  * Root must run refracta2usb. Solves blkid and 'syslinux -d' issues.
  * Solves multiple password entries and su vs. sudo issues.
  *
  * Reorganized refracta2usb to combine functions for creating live-usb.
  * Multiboot is assumed. Use iso contents, intact iso, running live-cd
  * or live-usb as a source.
  *
  * Reorganized menus: Main menu (to create) and Tools (to manage).
  * Added -t,--tools command line option to start with Tools menu.
  *
  * Syslinux folder gets created from host instead of copied from iso or
  * from packgage. This solves mismatched versions of syslinux modules
  * and syslinux mbr.
  *
  * install_syslinux_bootloader script is now a function in main script.
  * mkpersist script is now functions.mkpersist run from main script.
  * mkloopback script converted to functions.mkloopback
  * mount/unmount loopfile and delete loop device converted to functions.
  *
  * Eliminated mkusbcrypt and old refracta hooks.
  * Eliminated Update task. Just delete the folder and add a new one.
  * Added test for boot flag on first partition.
  * All tasks return to menu instead of exiting.
  * Trapped cleanup so it runs on any exit.
  *
  * Boot menu entries for persistent partition or loopback file use
  * "$target_name" (the directory that contains the live system) instead
  * of "Refracta".
 
User avatar
fsmithred
 
Posts: 2095
Joined: Wed Mar 09, 2011 9:13 pm

Re: Alternative usb installation method, part 3 (jessie)

Postby dzz » Wed Apr 22, 2015 10:16 am

Just started to look again at new stuff, after some months mostly away. It's unfortunate this is getting more difficult to run without root.

Only major problem seems to be encryption. I've made custom initrds with both the alpha9 and alpha21 versions of patch-initrd, and it does not ask for the password at boot. Instead of mounting the loopfile, it mounts the partition at /lib/live/mount/persistence/sdXn. The loopfile does contain persistence.conf, so I know it's getting mounted when it's created

Same here, newer cryptsetup was the cause. The clue was in the live-boot log (near the top), cryptsetup was unavailable in initramfs. Adding "CRYPTSETUP=yes" (no quotes) to (/)etc/initramfs-tools/initramfs.conf then update-initramfs fixed it.

Other issue is, dependency fusiso has been removed from jessie (It's still in wheezy and sid).. "archivemounter" seems the only alternative in jessie. Archivemounter is fuse-based and can mount iso, tar, xz, cpio and whatever else, as user.

I just updated the rw patch for live-boot 4.0.2 .. will post details later. In 4.0.2 the fstab.d bug is finally fixed, swap works again without patching.

Posting from a live session, jessie-nosystemd iso on HD, booted "findiso" by grub, using luks full-persistence file on the live-media partition.

Code: Select all
[email protected]:~$ cat /proc/cmdline
boot=live showmounts noprompt findiso=/exefce/snapshot-20150418_2328.iso mountmode=rw,noatime components=locales,sudo locales=en_GB.UTF-8 keyboard-layouts=gb vga=791 swap  persistence persistence-encryption=none,luks persistence-path=exefce/luks/ debug=1

EDIT:

Before this would work, it was necessary to do
Code: Select all
CRYPTSETUP=y update-initramfs -u

Editing initramfs.conf turned out to make no difference at all.

In a live seesion, if you can't get update-live-initramfs to work, use /usr/sbin/update-initramfs.orig.initramfs-tools .. (need to copy the regenerated one to where you can get at it later)
dzz
 
Posts: 647
Joined: Wed Apr 27, 2011 11:53 am
Location: Devon, England

Re: Alternative usb installation method, part 3 (jessie)

Postby fsmithred » Wed Apr 22, 2015 9:21 pm

I think I ran into the missing fuseiso issue, but then I forgot about it, because it's installed in my jessie. I've got sid and experimental in sources.list.

Here's what I've been using lately to make live usb -
http://distro.ibiblio.org/refracta/file ... a01.tar.gz
It's self-contained - just unpack the tarball and run snapshot2usb. If a previous version of refracta2usb is not installed on the system, there may be missing dependencies. But it won't use any of the installed refracta2usb files.

The help file contains some updated information to explain the changes.
User avatar
fsmithred
 
Posts: 2095
Joined: Wed Mar 09, 2011 9:13 pm

Re: Alternative usb installation method, part 3 (jessie)

Postby dzz » Thu Apr 23, 2015 12:13 am

Latest patch-live-initrd (probably the last before jessie release) is posted here: http://www.exegnulinux.net/refracta/exp ... 2-1.tar.gz

For anyone who did not know, this supports mounting the live-media partition RW, therefore a separate partition is not required for persistence. This option remains a debian-live "wishlist" bug since July 2013 although a similar patch submitted to debian-live before even then was summarily dismissed.

Included is an option to recompress as xz. This can cut 7-8 MB in a snapshot iso with minimal decompression lag. The script will automatically detect XZ/gzip for decompression.

Note my previous post, if you want to use a luks persistence file for jessie.

Only tested here, any help appreciated.
dzz
 
Posts: 647
Joined: Wed Apr 27, 2011 11:53 am
Location: Devon, England

Re: Alternative usb installation method, part 3 (jessie)

Postby fsmithred » Thu Apr 23, 2015 11:33 am

First test with a recent jessie-sysv build.
Applied all patches automatically, used gz compression. Made an encrypted loopback file on second partition.
Booted ok, didn't ask for password. Used the old "basemountmode=rw..."
First partition is mounted at /lib/live/mount/medium.
Second partition is mounted at /lib/live/mount/persistence/sdd2.
Loopfile is not mounted. User can write to first partition, but not to second. Root can write to both.

Code: Select all
[email protected]:~$ cat /proc/cmdline
BOOT_IMAGE=/jessie-dev-test/live/vmlinuz initrd=/jessie-dev-test/live/initrd.custom1.gz boot=live ip=frommedia union=aufs basemountmode=rw,noatime,umask=000 live-media-path=/jessie-dev-test/live persistence persistence-media=removable-usb persistence-path=/loopfiles/ persistence-label=testluks persistence-encryption=none,luks


Edit: Doh! Forgot to add cryptsetup.
User avatar
fsmithred
 
Posts: 2095
Joined: Wed Mar 09, 2011 9:13 pm

Re: Alternative usb installation method, part 3 (jessie)

Postby fsmithred » Thu Apr 23, 2015 1:15 pm

It works! I edited initramfs.conf and added the variable on the command line. Not sure if both are needed. Encrypted loopfile is mounted.

So, am I understanding correctly that you need to rebuild the initrd with cryptsetup before you make the snapshot? Or at least have the system that the live image was made from so that you can run update-initramfs and then patch it and then add it to an existing live-usb (that's what I did.) Guess I need to compare extracted initrds. If there's a way that we can patch the initrd for cryptsetup instead of rebuilding, it means that I can have encrypted persistence on a live-usb that has somebody else's live image (like a stock debian-live or buntu or something else.) without having to install and create a snapshot.
User avatar
fsmithred
 
Posts: 2095
Joined: Wed Mar 09, 2011 9:13 pm

Next

Return to Experimental

Who is online

Users browsing this forum: No registered users and 1 guest

suspicion-preferred