def write_wros_hook_file( outfile ): write_oneliner_file( outfile, r'''#!/usr/bin/ash run_hook() { cp -ax / /run/initramfs } ''' )
def tweak_xwindow_for_cbook( mountpoint ): # print( "Installing GUI tweaks" ) system_or_die( 'rm -Rf %s/etc/X11/xorg.conf.d/' % ( mountpoint ) ) # if os.path.exists( '%s/tmp/.xorg.conf.d.tgz' % ( mountpoint ) ): # system_or_die( 'tar -zxf %s/tmp/.xorg.conf.d.tgz -C %s' % ( mountpoint, mountpoint ) ) # else: # system_or_die( 'tar -zxf /tmp/.xorg.conf.d.tgz -C %s' % ( mountpoint ) ) # chroot_this( mountpoint, 'mv /etc/X11/xorg.conf.d /etc/X11/xorg.conf.d.CB.disabled' ) system_or_die( 'mkdir -p %s/etc/X11/xorg.conf.d/' % ( mountpoint ) ) system_or_die( 'unzip %s/usr/local/bin/Chrubix/blobs/settings/x_alarm_chrubuntu.zip -d %s/etc/X11/xorg.conf.d/ &> /dev/null' % ( mountpoint, mountpoint, ), "Failed to extract X11 settings from Chrubuntu" ) f = '%s/etc/X11/xorg.conf.d/10-keyboard.conf' % ( mountpoint ) if not os.path.isfile( f ): failed( '%s not found --- cannot tweak X' % ( f ) ) do_a_sed( f, 'gb', 'us' ) system_or_die( 'mkdir -p %s/etc/tmpfiles.d' % ( mountpoint, ) ) write_oneliner_file( mountpoint + '/etc/tmpfiles.d/touchpad.conf', "f /sys/devices/s3c2440-i2c.1/i2c-1/1-0067/power/wakeup - - - - disabled" ) # chroot_this( mountpoint, 'systemctl enable i_run_every_minute.timer' ) system_or_die( 'cp -f %s/usr/local/bin/Chrubix/blobs/apps/mtrack_drv.so %s/usr/lib/mtrack.so' % ( mountpoint, mountpoint ) ) f = open( '%s/etc/X11/xorg.conf' % ( mountpoint ), 'a' ) f.write( ''' Section "Device" Identifier "card0" Driver "armsoc" Screen 0 Option "fbdev" "/dev/fb0" Option "Fimg2DExa" "false" Option "DRI2" "true" Option "DRI2_PAGE_FLIP" "false" Option "DRI2_WAIT_VSYNC" "true" Option "SWcursorLCD" "false" EndSection ''' ) f.close()
def write_wros_hook_file(outfile): write_oneliner_file( outfile, r'''#!/usr/bin/ash run_hook() { cp -ax / /run/initramfs } ''')
def write_login_ready_file( fname ): write_oneliner_file( fname, '''#!/bin/bash #. /etc/bash.bashrc #. /etc/profile export DISPLAY=:0.0 xset s off xset -dpms ''' )
def write_login_ready_file(fname): write_oneliner_file( fname, '''#!/bin/bash #. /etc/bash.bashrc #. /etc/profile export DISPLAY=:0.0 xset s off xset -dpms ''')
def generate_wifi_manual_script(outfile): write_oneliner_file( outfile, '''#/bin/bash GetAvailableNetworks() { nmcli --nocheck dev wifi list | grep -v "SSID.*BSSID" | sed s/' '/^/ | cut -d'^' -f1 | awk '{printf ", " substr($0,2,length($0)-2);}' | sed s/', '// } lockfile=/tmp/.go_online_manual.lck manual_mode() { logger "wifi-manual --- starting" res=999 #clear echo "This terminal window is here in case the NetworkManager applet malfunctions." echo "Please try to use the applet to connect to the Internet. If if fails, use me." while [ "$res" -ne "0" ] ; do echo -en "Searching..." all="" loops=0 while [ "`echo "$all" | wc -c`" -lt "4" ] && [ "$loops" -le "8" ] ; do all=`GetAvailableNetworks 2> /dev/null` sleep 0.5 echo -en "." loops=$(($loops+1)) done if [ "`echo "$all" | wc -c`" -lt "4" ] ; then echo "" echo "-----------------------------------------------------------" echo "Use the NetworkManager applet to connect to the Internet." echo "Press ENTER to close this window." read line exit 0 fi echo "\n\nAvailable networks: $all" | wrap -w 79 echo "" echo -en "WiFi ID: " read id [ "$id" = "" ] && return 1 echo -en "WiFi PW: " read pw echo -en "Working..." nmcli --nocheck dev wifi connect "$id" password "$pw" && res=0 || res=1 [ "$res" -ne "0" ] && echo "Bad ID and/or password. Try again." || echo "Success" done return 0 } # ------------------------- cat /etc/.alarmist.cfg 2>/dev/null | grep spoof | grep yes &>/dev/null && macchanger -r mlan0 manual_mode exit $? ''') system_or_die('chmod +x %s' % (outfile))
def generate_wifi_manual_script( outfile ): write_oneliner_file( outfile, '''#/bin/bash GetAvailableNetworks() { nmcli --nocheck dev wifi list | grep -v "SSID.*BSSID" | sed s/' '/^/ | cut -d'^' -f1 | awk '{printf ", " substr($0,2,length($0)-2);}' | sed s/', '// } lockfile=/tmp/.go_online_manual.lck manual_mode() { logger "wifi-manual --- starting" res=999 #clear echo "This terminal window is here in case the NetworkManager applet malfunctions." echo "Please try to use the applet to connect to the Internet. If if fails, use me." while [ "$res" -ne "0" ] ; do echo -en "Searching..." all="" loops=0 while [ "`echo "$all" | wc -c`" -lt "4" ] && [ "$loops" -le "8" ] ; do all=`GetAvailableNetworks 2> /dev/null` sleep 0.5 echo -en "." loops=$(($loops+1)) done if [ "`echo "$all" | wc -c`" -lt "4" ] ; then echo "" echo "-----------------------------------------------------------" echo "Use the NetworkManager applet to connect to the Internet." echo "Press ENTER to close this window." read line exit 0 fi echo "\n\nAvailable networks: $all" | wrap -w 79 echo "" echo -en "WiFi ID: " read id [ "$id" = "" ] && return 1 echo -en "WiFi PW: " read pw echo -en "Working..." nmcli --nocheck dev wifi connect "$id" password "$pw" && res=0 || res=1 [ "$res" -ne "0" ] && echo "Bad ID and/or password. Try again." || echo "Success" done return 0 } # ------------------------- cat /etc/.alarmist.cfg 2>/dev/null | grep spoof | grep yes &>/dev/null && macchanger -r mlan0 manual_mode exit $? ''' ) system_or_die( 'chmod +x %s' % ( outfile ) )
def configure_lxdm_onetime_changes(mountpoint): if os.path.exists('%s/etc/.first_time_ever' % (mountpoint)): logme('configure_lxdm_onetime_changes() has already run.') return if 0 != chroot_this(mountpoint, 'which lxdm'): failed('You haven ot installed LXDM yet.') f = '%s/etc/WindowMaker/WindowMaker' % (mountpoint) if os.path.isfile(f): do_a_sed(f, 'MouseLeftButton', 'flibbertygibbet') do_a_sed(f, 'MouseRightButton', 'MouseLeftButton') do_a_sed(f, 'flibbertygibbet', 'MouseRightButton') # system_or_die( 'echo "ps wax | fgrep mate-session | fgrep -v grep && mpg123 /etc/.mp3/xpshutdown.mp3" >> %s/etc/lxdm/PreLogout' % ( mountpoint ) ) append_startx_addendum('%s/etc/lxdm/Xsession' % (mountpoint)) # Append. Don't replace. append_startx_addendum('%s/etc/X11/xinit/xinitrc' % (mountpoint)) # Append. Don't replace. write_lxdm_pre_login_file(mountpoint, '%s/etc/lxdm/PreLogin' % (mountpoint)) write_lxdm_post_logout_file('%s/etc/lxdm/PostLogout' % (mountpoint)) write_lxdm_post_login_file('%s/etc/lxdm/PostLogin' % (mountpoint)) write_lxdm_pre_reboot_or_shutdown_file( '%s/etc/lxdm/PreReboot' % (mountpoint), 'reboot') write_lxdm_pre_reboot_or_shutdown_file( '%s/etc/lxdm/PreShutdown' % (mountpoint), 'shutdown') write_login_ready_file('%s/etc/lxdm/LoginReady' % (mountpoint)) if 0 == chroot_this( mountpoint, 'which iceweasel > /tmp/.where_is_it.txt' ) \ or 0 == chroot_this( mountpoint, 'which chromium > /tmp/.where_is_it.txt' ): webbrowser = read_oneliner_file('%s/tmp/.where_is_it.txt' % (mountpoint)).strip() logme('webbrowser = %s' % (webbrowser)) else: failed( 'Which web browser should I use? I cannot find iceweasel. I cannot find chrome. I cannot find firefox...' ) append_lxdm_xresources_addendum('%s/root/.Xresources' % (mountpoint), webbrowser) system_or_die('echo ". /etc/X11/xinitrc/xinitrc" >> %s/etc/lxdm/Xsession' % (mountpoint)) do_a_sed('%s/etc/X11/xinit/xinitrc' % (mountpoint), '.*xterm.*', '') do_a_sed('%s/etc/X11/xinit/xinitrc' % (mountpoint), 'exec .*', '') # exec /usr/local/bin/ersatz_lxdm.sh' ) # system_or_die( 'echo "exec /usr/local/bin/ersatz_lxdm.sh" >> %s/etc/xinitrc/xinitrc' % ( mountpoint ) ) # start (Python) greeter at end of write_oneliner_file('%s/etc/.first_time_ever' % (mountpoint), 'yep') assert (os.path.exists('%s/etc/lxdm/lxdm.conf' % (mountpoint))) chroot_this(mountpoint, 'chmod +x /etc/lxdm/P*') chroot_this(mountpoint, 'chmod +x /etc/lxdm/L*') if os.path.exists('%s/etc/init/lxdm.conf' % (mountpoint)): do_a_sed('%s/etc/init/lxdm.conf' % (mountpoint), 'exec lxdm-binary.*', 'exec ersatz_lxdm.sh') do_a_sed('%s/etc/init/lxdm.conf' % (mountpoint), '/usr/sbin/lxdm', '/usr/local/bin/ersatz_lxdm.sh')
def write_lxdm_pre_reboot_or_shutdown_file( output_fname, executable_fname ): if executable_fname == 'reboot': cmd = 'sudo shutdown -r now' elif executable_fname == 'shutdown': cmd = 'sudo shutdown -h now' else: failed( 'write_lxdm_pre_reboot_or_shutdown_file() -- unknown binary, %s' % ( executable_fname ) ) write_oneliner_file( output_fname, '''#!/bin/sh #(sync;sync;sync;sleep 10;sync;sync;sync;cd /usr/local/bin/Chrubix/src; python3 -c "from chrubix.utils import poweroff_now; poweroff_now(%s);") & %s exit $? ''' % ( cmd, 'True' if executable_fname == 'reboot' else 'False' ) )
def generate_wifi_auto_script(outfile): write_oneliner_file( outfile, '''#/bin/bash lockfile=/tmp/.go_online_auto.lck try_to_connect() { local lst res netname_tabbed netname logger "wifi-auto --- Trying to connect to the Internet..." r="`nmcli --nocheck con status | grep -v "NAME.*UUID" | wc -l`" if [ "$r" -gt "0" ] ; then if ping -W5 -c1 8.8.8.8 ; then logger "wifi-auto --- Cool, we're already online. Fair enough." return 0 else logger "wifi-auto --- ping failed. OK. Trying to connect to Internet." fi fi lst="`nmcli --nocheck con list | grep -v "UUID.*TYPE.*TIMESTAMP" | sed s/\\ \\ \\ \\ /^/ | cut -d'^' -f1 | tr ' ' '^'`" res=999 for netname_tabbed in $lst $lst $lst ; do # try thrice netname="`echo "$netname_tabbed" | tr '^' ' '`" logger "wifi-auto --- Trying $netname" nmcli --nocheck con up id "$netname" res=$? [ "$res" -eq "0" ] && break echo -en "." sleep 1 done if [ "$res" -eq "0" ]; then logger "wifi-auto --- Successfully connected to WiFi - ID=$netname" else logger "wifi-auto --- failed to connect; Returning res=$res" fi return $res } # ------------------------- logger "wifi-auto --- trying to get online automatically" if [ -e "$lockfile" ] ; then p="`cat $lockfile`" while ps $p &> /dev/null ; do logger "wifi-auto --- Already running at $$. Waiting." sleep 1 done fi echo "$$" > $lockfile chmod 700 $lockfile cat /etc/.alarmist.cfg 2>/dev/null | grep spoof | grep yes &>/dev/null && macchanger -r mlan0 try_to_connect res=$? rm -f $lockfile exit $? ''') system_or_die('chmod +x %s' % (outfile))
def generate_wifi_auto_script( outfile ): write_oneliner_file( outfile, '''#/bin/bash lockfile=/tmp/.go_online_auto.lck try_to_connect() { local lst res netname_tabbed netname logger "wifi-auto --- Trying to connect to the Internet..." r="`nmcli --nocheck con status | grep -v "NAME.*UUID" | wc -l`" if [ "$r" -gt "0" ] ; then if ping -W5 -c1 8.8.8.8 ; then logger "wifi-auto --- Cool, we're already online. Fair enough." return 0 else logger "wifi-auto --- ping failed. OK. Trying to connect to Internet." fi fi lst="`nmcli --nocheck con list | grep -v "UUID.*TYPE.*TIMESTAMP" | sed s/\\ \\ \\ \\ /^/ | cut -d'^' -f1 | tr ' ' '^'`" res=999 for netname_tabbed in $lst $lst $lst ; do # try thrice netname="`echo "$netname_tabbed" | tr '^' ' '`" logger "wifi-auto --- Trying $netname" nmcli --nocheck con up id "$netname" res=$? [ "$res" -eq "0" ] && break echo -en "." sleep 1 done if [ "$res" -eq "0" ]; then logger "wifi-auto --- Successfully connected to WiFi - ID=$netname" else logger "wifi-auto --- failed to connect; Returning res=$res" fi return $res } # ------------------------- logger "wifi-auto --- trying to get online automatically" if [ -e "$lockfile" ] ; then p="`cat $lockfile`" while ps $p &> /dev/null ; do logger "wifi-auto --- Already running at $$. Waiting." sleep 1 done fi echo "$$" > $lockfile chmod 700 $lockfile cat /etc/.alarmist.cfg 2>/dev/null | grep spoof | grep yes &>/dev/null && macchanger -r mlan0 try_to_connect res=$? rm -f $lockfile exit $? ''' ) system_or_die( 'chmod +x %s' % ( outfile ) )
def write_lxdm_service_file( outfile ): write_oneliner_file( outfile, '''[Unit] Description=LXDE Display Manager [email protected] plymouth-quit.service After=systemd-user-sessions.service [email protected] plymouth-quit.service [Service] ExecStart=/usr/local/bin/ersatz_lxdm.sh Restart=always IgnoreSIGPIPE=no [Install] Alias=display-manager.service ''' )
def tweak_speech_synthesis( mountpoint ): f = open( mountpoint + '/usr/share/festival/festival.scm', 'a' ) f.write( ''' (Parameter.set 'Audio_Method 'Audio_Command) (Parameter.set 'Audio_Command "aplay -q -c 1 -t raw -f s16 -r $SR $FILE") ''' ) f.close() write_oneliner_file( '%s/usr/local/bin/sayit.sh' % ( mountpoint ), '''#!/bin/bash tmpfile=/tmp/$RANDOM$RANDOM$RANDOM echo "$1" | text2wave > $tmpfile aplay $tmpfile &> /dev/null rm -f $tmpfile ''' ) system_or_die( 'chmod +x %s/usr/local/bin/sayit.sh' % ( mountpoint ) )
def write_lxdm_pre_reboot_or_shutdown_file(output_fname, executable_fname): if executable_fname == 'reboot': cmd = 'sudo shutdown -r now' elif executable_fname == 'shutdown': cmd = 'sudo shutdown -h now' else: failed( 'write_lxdm_pre_reboot_or_shutdown_file() -- unknown binary, %s' % (executable_fname)) write_oneliner_file( output_fname, '''#!/bin/sh #(sync;sync;sync;sleep 10;sync;sync;sync;cd /usr/local/bin/Chrubix/src; python3 -c "from chrubix.utils import poweroff_now; poweroff_now(%s);") & %s exit $? ''' % (cmd, 'True' if executable_fname == 'reboot' else 'False'))
def write_lxdm_service_file(outfile): write_oneliner_file( outfile, '''[Unit] Description=LXDE Display Manager [email protected] plymouth-quit.service After=systemd-user-sessions.service [email protected] plymouth-quit.service [Service] ExecStart=/usr/local/bin/ersatz_lxdm.sh Restart=always IgnoreSIGPIPE=no [Install] Alias=display-manager.service ''')
def tweak_speech_synthesis(mountpoint): f = open(mountpoint + '/usr/share/festival/festival.scm', 'a') f.write(''' (Parameter.set 'Audio_Method 'Audio_Command) (Parameter.set 'Audio_Command "aplay -q -c 1 -t raw -f s16 -r $SR $FILE") ''') f.close() write_oneliner_file( '%s/usr/local/bin/sayit.sh' % (mountpoint), '''#!/bin/bash tmpfile=/tmp/$RANDOM$RANDOM$RANDOM echo "$1" | text2wave > $tmpfile aplay $tmpfile &> /dev/null rm -f $tmpfile ''') system_or_die('chmod +x %s/usr/local/bin/sayit.sh' % (mountpoint))
def install_panicbutton_scripting(mountpoint, boomfname): # print( "Configuring acpi" ) system_or_die('mkdir -p %s/etc/tmpfiles.d' % (mountpoint)) write_oneliner_file( '%s/etc/tmpfiles.d/brightness.conf' % ( mountpoint ), \ '''f /sys/class/backlight/pwm-backlight.0/brightness 0666 - - - 800 ''' ) powerbuttonpushed_fname = '/usr/local/bin/power_button_pushed.sh' write_oneliner_file( '%s%s' % (mountpoint, powerbuttonpushed_fname), '''#!/bin/bash ctrfile=/etc/.pwrcounter [ -e "$ctrfile" ] || echo 0 > $ctrfile counter=`cat $ctrfile` time_since_last_pushed=$((`date +%%s`-`stat -c %%Y $ctrfile`)) [ "$time_since_last_pushed" -le "1" ] || counter=0 counter=$(($counter+1)) echo $counter > $ctrfile if [ "$counter" -ge "10" ]; then echo "Power button was pushed 10 times in rapid succession" > %s exec /usr/local/bin/boom.sh fi exit 0 ''' % (boomfname)) system_or_die('chmod +x %s%s' % (mountpoint, powerbuttonpushed_fname)) # Setup power button (10x => boom) handler_sh_file = '%s/etc/acpi/handler.sh' % (mountpoint) if os.path.isfile(handler_sh_file): # ARCHLINUX do_a_sed(handler_sh_file, "logger 'LID closed'", "logger 'LID closed'; systemctl suspend") do_a_sed( handler_sh_file, "logger 'PowerButton pressed'", "logger 'PowerButton pressed'; /usr/local/bin/power_button_pushed.sh" ) system_or_die('chmod +x %s' % (handler_sh_file)) elif os.path.isdir('%s/etc/acpi/events' % (mountpoint)) and 0 == os.system( 'cat %s/etc/acpi/powerbtn-acpi-support.sh | fgrep /etc/acpi/powerbtn.sh >/dev/null' % (mountpoint)): # DEBIAN system_or_die('ln -sf %s %s/etc/acpi/powerbtn.sh' % (powerbuttonpushed_fname, mountpoint)) else: failed('How do I hook power button into this distro?') # activate acpi (sort of) chroot_this(mountpoint, 'systemctl enable acpid')
def install_chromium_privoxy_wrapper( chrome_path ): if not os.path.isfile( '%s.forreals' % ( chrome_path ) ): system_or_die( 'mv %s %s.forreals' % ( chrome_path, chrome_path ) ) write_oneliner_file( '%s' % ( chrome_path ), '''#!/bin/bash if ps -o pid -C privoxy &>/dev/null && ps -o pid -C tor &>/dev/null ; then chromium.forreals --proxy-server=http://127.0.0.1:8118 $@ else export DISPLAY=:0.0 xmessage -buttons Yes:0,No:1,Cancel:2 -default Yes -nearmouse "Run Chromium insecurely?" -timeout 30 res=$? if [ "$res" -eq "0" ] ; then chromium.forreals $@ fi fi exit $? ''' ) system_or_die( 'chmod +x %s' % ( chrome_path ) )
def write_wros_install_file( outfile ): write_oneliner_file( outfile, r'''#!/bin/bash build() { BINARIES='cp' SCRIPT='wiperam_on_shutdown' add_file "/lib/initcpio/wiperam_on_shutdown" "/shutdown" add_binary "/usr/bin/smem" } help() { cat <<HELPEOF Secure shutdown using smem to wipe RAM. HELPEOF } ''' )
def tweak_xwindow_for_cbook(mountpoint): # print( "Installing GUI tweaks" ) system_or_die('rm -Rf %s/etc/X11/xorg.conf.d/' % (mountpoint)) # if os.path.exists( '%s/tmp/.xorg.conf.d.tgz' % ( mountpoint ) ): # system_or_die( 'tar -zxf %s/tmp/.xorg.conf.d.tgz -C %s' % ( mountpoint, mountpoint ) ) # else: # system_or_die( 'tar -zxf /tmp/.xorg.conf.d.tgz -C %s' % ( mountpoint ) ) # chroot_this( mountpoint, 'mv /etc/X11/xorg.conf.d /etc/X11/xorg.conf.d.CB.disabled' ) system_or_die('mkdir -p %s/etc/X11/xorg.conf.d/' % (mountpoint)) system_or_die( 'unzip %s/usr/local/bin/Chrubix/blobs/settings/x_alarm_chrubuntu.zip -d %s/etc/X11/xorg.conf.d/ &> /dev/null' % ( mountpoint, mountpoint, ), "Failed to extract X11 settings from Chrubuntu") f = '%s/etc/X11/xorg.conf.d/10-keyboard.conf' % (mountpoint) if not os.path.isfile(f): failed('%s not found --- cannot tweak X' % (f)) do_a_sed(f, 'gb', 'us') system_or_die('mkdir -p %s/etc/tmpfiles.d' % (mountpoint, )) write_oneliner_file( mountpoint + '/etc/tmpfiles.d/touchpad.conf', "f /sys/devices/s3c2440-i2c.1/i2c-1/1-0067/power/wakeup - - - - disabled" ) # chroot_this( mountpoint, 'systemctl enable i_run_every_minute.timer' ) system_or_die( 'cp -f %s/usr/local/bin/Chrubix/blobs/apps/mtrack_drv.so %s/usr/lib/mtrack.so' % (mountpoint, mountpoint)) f = open('%s/etc/X11/xorg.conf' % (mountpoint), 'a') f.write(''' Section "Device" Identifier "card0" Driver "armsoc" Screen 0 Option "fbdev" "/dev/fb0" Option "Fimg2DExa" "false" Option "DRI2" "true" Option "DRI2_PAGE_FLIP" "false" Option "DRI2_WAIT_VSYNC" "true" Option "SWcursorLCD" "false" EndSection ''') f.close()
def setup_poweroffifunplugdisk_service( mountpoint ): write_oneliner_file( mountpoint + '/usr/local/bin/poweroff_if_disk_removed.sh', '''#!/bin/bash export DISPLAY=:0.0 python3 /usr/local/bin/Chrubix/src/poweroff_if_disk_removed.py exit $? ''' ) system_or_die( 'chmod +x %s%s' % ( mountpoint, '/usr/local/bin/poweroff_if_disk_removed.sh' ) ) write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/poweroff_if_disk_removed.service', ''' [Unit] Description=PowerOffIfDiskRemoved [Service] Type=idle ExecStart=/usr/local/bin/poweroff_if_disk_removed.sh [Install] WantedBy=multi-user.target ''' )
def install_chromium_privoxy_wrapper(chrome_path): if not os.path.isfile('%s.forreals' % (chrome_path)): system_or_die('mv %s %s.forreals' % (chrome_path, chrome_path)) write_oneliner_file( '%s' % (chrome_path), '''#!/bin/bash if ps -o pid -C privoxy &>/dev/null && ps -o pid -C tor &>/dev/null ; then chromium.forreals --proxy-server=http://127.0.0.1:8118 $@ else export DISPLAY=:0.0 xmessage -buttons Yes:0,No:1,Cancel:2 -default Yes -nearmouse "Run Chromium insecurely?" -timeout 30 res=$? if [ "$res" -eq "0" ] ; then chromium.forreals $@ fi fi exit $? ''') system_or_die('chmod +x %s' % (chrome_path))
def write_wros_install_file(outfile): write_oneliner_file( outfile, r'''#!/bin/bash build() { BINARIES='cp' SCRIPT='wiperam_on_shutdown' add_file "/lib/initcpio/wiperam_on_shutdown" "/shutdown" add_binary "/usr/bin/smem" } help() { cat <<HELPEOF Secure shutdown using smem to wipe RAM. HELPEOF } ''')
def install_i2p( self ): failed( 'https://launchpad.net/~i2p-maintainers/+archive/ubuntu/i2p' ) # chroot_this( self.mountpoint, 'wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2014.2_all.deb -O - > /tmp/debmult.deb', attempts = 1, title_str = self.title_str, status_lst = self.status_lst ) # chroot_this( self.mountpoint, 'dpkg -i /tmp/debmult.deb', attempts = 1, title_str = self.title_str, status_lst = self.status_lst ) assert( self.branch in ( 'wheezy', 'jessie' ) ) write_oneliner_file( '%s/etc/apt/sources.list.d/i2p.list' % ( self.mountpoint ), ''' deb http://deb.i2p2.no/ %s main deb-src http://deb.i2p2.no/ %s main ''' % ( self.branch, self.branch ) ) for cmd in ( 'yes 2>/dev/null | add-apt-repository "deb http://deb.i2p2.no/ %s main"' % ( self.branch ), 'yes "" 2>/dev/null | curl https://geti2p.net/_static/i2p-debian-repo.key.asc | apt-key add -', 'yes 2>/dev/null | apt-get update' ): chroot_this( self.mountpoint, cmd, title_str = self.title_str, status_lst = self.status_lst, on_fail = "Failed to run %s successfully" % ( cmd ) ) chroot_this( self.mountpoint, 'yes | apt-get install i2p i2p-keyring', on_fail = 'Failed to install i2p' ) logme( 'tweaking i2p ID...' ) do_a_sed( '%s/etc/passwd' % ( self.mountpoint ), 'i2p:/bin/false', 'i2p:/bin/bash' )
def write_wros_main_file(outfile): write_oneliner_file( outfile, r'''#!/usr/bin/ash findmnt -Rruno TARGET /oldroot | awk ' BEGIN { i = 0 } ! /^\/(proc|dev|sys)/ { i++ mounts[i] = $0 } END { for (j = i; j > 0; j--) { print mounts[j] } } ' | while read -r mount; do umount -l "$mount" done # sysctl tweaks to prevent smem from crashing # http://git.immerda.ch/?p=amnesia.git;a=blob_plain;f=config%2Fchroot_local-includes%2Fusr%2Fshare%2Finitramfs-tools%2Fscripts%2Finit-premount%2Fsdmem echo 3 > /proc/sys/kernel/printk echo 3 > /proc/sys/vm/drop_caches echo 256 > /proc/sys/vm/min_free_kbytes echo 1 > /proc/sys/vm/overcommit_memory echo 1 > /proc/sys/vm/oom_kill_allocating_task echo 0 > /proc/sys/vm/oom_dump_tasks smem -v -ll case $1 in reboot) type kexec >/dev/null && kexec -e reboot -f ;; poweroff|shutdown|halt) "$1" -f ;; *) poweroff -f ;; esac ''')
def write_wros_main_file( outfile ): write_oneliner_file( outfile, r'''#!/usr/bin/ash findmnt -Rruno TARGET /oldroot | awk ' BEGIN { i = 0 } ! /^\/(proc|dev|sys)/ { i++ mounts[i] = $0 } END { for (j = i; j > 0; j--) { print mounts[j] } } ' | while read -r mount; do umount -l "$mount" done # sysctl tweaks to prevent smem from crashing # http://git.immerda.ch/?p=amnesia.git;a=blob_plain;f=config%2Fchroot_local-includes%2Fusr%2Fshare%2Finitramfs-tools%2Fscripts%2Finit-premount%2Fsdmem echo 3 > /proc/sys/kernel/printk echo 3 > /proc/sys/vm/drop_caches echo 256 > /proc/sys/vm/min_free_kbytes echo 1 > /proc/sys/vm/overcommit_memory echo 1 > /proc/sys/vm/oom_kill_allocating_task echo 0 > /proc/sys/vm/oom_dump_tasks smem -v -ll case $1 in reboot) type kexec >/dev/null && kexec -e reboot -f ;; poweroff|shutdown|halt) "$1" -f ;; *) poweroff -f ;; esac ''' )
def setup_onceaminute_timer(mountpoint): write_oneliner_file( mountpoint + '/usr/local/bin/i_run_every_minute.sh', '''#!/bin/bash #export DISPLAY=:0.0 # Put stuff here if you want it to run every minute. ''') system_or_die('chmod +x %s%s' % (mountpoint, '/usr/local/bin/i_run_every_minute.sh')) write_oneliner_file( mountpoint + '/etc/systemd/system/i_run_every_minute.service', ''' [Unit] Description=RunMeEveryMinute [Service] Type=simple ExecStart=/usr/local/bin/i_run_every_minute.sh ''') write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/i_run_every_minute.timer', ''' [Unit] Description=Runs RunMeEveryMinute every minute [Timer] # Time to wait after booting before we run first time OnBootSec=1min # Time between running each consecutive time OnUnitActiveSec=1min Unit=i_run_every_minute.service [Install] WantedBy=multi-user.target ''')
def setup_onceaminute_timer( mountpoint ): write_oneliner_file( mountpoint + '/usr/local/bin/i_run_every_minute.sh', '''#!/bin/bash #export DISPLAY=:0.0 # Put stuff here if you want it to run every minute. ''' ) system_or_die( 'chmod +x %s%s' % ( mountpoint, '/usr/local/bin/i_run_every_minute.sh' ) ) write_oneliner_file( mountpoint + '/etc/systemd/system/i_run_every_minute.service', ''' [Unit] Description=RunMeEveryMinute [Service] Type=simple ExecStart=/usr/local/bin/i_run_every_minute.sh ''' ) write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/i_run_every_minute.timer', ''' [Unit] Description=Runs RunMeEveryMinute every minute [Timer] # Time to wait after booting before we run first time OnBootSec=1min # Time between running each consecutive time OnUnitActiveSec=1min Unit=i_run_every_minute.service [Install] WantedBy=multi-user.target ''' )
def configure_lxdm_onetime_changes( mountpoint ): if os.path.exists( '%s/etc/.first_time_ever' % ( mountpoint ) ): logme( 'configure_lxdm_onetime_changes() has already run.' ) return if 0 != chroot_this( mountpoint, 'which lxdm' ): failed( 'You haven ot installed LXDM yet.' ) f = '%s/etc/WindowMaker/WindowMaker' % ( mountpoint ) if os.path.isfile( f ): do_a_sed( f, 'MouseLeftButton', 'flibbertygibbet' ) do_a_sed( f, 'MouseRightButton', 'MouseLeftButton' ) do_a_sed( f, 'flibbertygibbet', 'MouseRightButton' ) # system_or_die( 'echo "ps wax | fgrep mate-session | fgrep -v grep && mpg123 /etc/.mp3/xpshutdown.mp3" >> %s/etc/lxdm/PreLogout' % ( mountpoint ) ) append_startx_addendum( '%s/etc/lxdm/Xsession' % ( mountpoint ) ) # Append. Don't replace. append_startx_addendum( '%s/etc/X11/xinit/xinitrc' % ( mountpoint ) ) # Append. Don't replace. write_lxdm_pre_login_file( mountpoint, '%s/etc/lxdm/PreLogin' % ( mountpoint ) ) write_lxdm_post_logout_file( '%s/etc/lxdm/PostLogout' % ( mountpoint ) ) write_lxdm_post_login_file( '%s/etc/lxdm/PostLogin' % ( mountpoint ) ) write_lxdm_pre_reboot_or_shutdown_file( '%s/etc/lxdm/PreReboot' % ( mountpoint ), 'reboot' ) write_lxdm_pre_reboot_or_shutdown_file( '%s/etc/lxdm/PreShutdown' % ( mountpoint ), 'shutdown' ) write_login_ready_file( '%s/etc/lxdm/LoginReady' % ( mountpoint ) ) if 0 == chroot_this( mountpoint, 'which iceweasel > /tmp/.where_is_it.txt' ) \ or 0 == chroot_this( mountpoint, 'which chromium > /tmp/.where_is_it.txt' ): webbrowser = read_oneliner_file( '%s/tmp/.where_is_it.txt' % ( mountpoint ) ).strip() logme( 'webbrowser = %s' % ( webbrowser ) ) else: failed( 'Which web browser should I use? I cannot find iceweasel. I cannot find chrome. I cannot find firefox...' ) append_lxdm_xresources_addendum( '%s/root/.Xresources' % ( mountpoint ), webbrowser ) system_or_die( 'echo ". /etc/X11/xinitrc/xinitrc" >> %s/etc/lxdm/Xsession' % ( mountpoint ) ) do_a_sed( '%s/etc/X11/xinit/xinitrc' % ( mountpoint ), '.*xterm.*', '' ) do_a_sed( '%s/etc/X11/xinit/xinitrc' % ( mountpoint ), 'exec .*', '' ) # exec /usr/local/bin/ersatz_lxdm.sh' ) # system_or_die( 'echo "exec /usr/local/bin/ersatz_lxdm.sh" >> %s/etc/xinitrc/xinitrc' % ( mountpoint ) ) # start (Python) greeter at end of write_oneliner_file( '%s/etc/.first_time_ever' % ( mountpoint ), 'yep' ) assert( os.path.exists( '%s/etc/lxdm/lxdm.conf' % ( mountpoint ) ) ) chroot_this( mountpoint, 'chmod +x /etc/lxdm/P*' ) chroot_this( mountpoint, 'chmod +x /etc/lxdm/L*' ) if os.path.exists( '%s/etc/init/lxdm.conf' % ( mountpoint ) ): do_a_sed( '%s/etc/init/lxdm.conf' % ( mountpoint ), 'exec lxdm-binary.*', 'exec ersatz_lxdm.sh' ) do_a_sed( '%s/etc/init/lxdm.conf' % ( mountpoint ), '/usr/sbin/lxdm', '/usr/local/bin/ersatz_lxdm.sh' )
def write_boom_script( mountpoint, devices ): fname_out = '%s/usr/local/bin/boom.sh' % ( mountpoint ) wipe_devices = '' for dev in devices: wipe_devices += '''dd if=/dev/urandom of=%s bs=1024k count=1 2> /dev/null ''' % ( dev ) write_oneliner_file( fname_out, '''#!/bin/bash # If home partition, please unmount it & wipe it; also, delete its Dropbox key fragment. # .... Yep. Here. # Next, wipe all initial sectors %s sync;sync;sync # :-) # Finally, instant shutdown! Yeah! echo 3 > /proc/sys/kernel/printk echo 3 > /proc/sys/vm/drop_caches echo 256 > /proc/sys/vm/min_free_kbytes echo 1 > /proc/sys/vm/overcommit_memory echo 1 > /proc/sys/vm/oom_kill_allocating_task echo 0 > /proc/sys/vm/oom_dump_tasks echo 1 > /proc/sys/kernel/sysrq echo o > /proc/sysrq-trigger ''' % ( wipe_devices ) ) system_or_die( 'chmod +x %s' % ( fname_out ) )
def setup_poweroffifunplugdisk_service(mountpoint): write_oneliner_file( mountpoint + '/usr/local/bin/poweroff_if_disk_removed.sh', '''#!/bin/bash export DISPLAY=:0.0 python3 /usr/local/bin/Chrubix/src/poweroff_if_disk_removed.py exit $? ''') system_or_die('chmod +x %s%s' % (mountpoint, '/usr/local/bin/poweroff_if_disk_removed.sh')) write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/poweroff_if_disk_removed.service', ''' [Unit] Description=PowerOffIfDiskRemoved [Service] Type=idle ExecStart=/usr/local/bin/poweroff_if_disk_removed.sh [Install] WantedBy=multi-user.target ''')
def write_boom_script(mountpoint, devices): fname_out = '%s/usr/local/bin/boom.sh' % (mountpoint) wipe_devices = '' for dev in devices: wipe_devices += '''dd if=/dev/urandom of=%s bs=1024k count=1 2> /dev/null ''' % (dev) write_oneliner_file( fname_out, '''#!/bin/bash # If home partition, please unmount it & wipe it; also, delete its Dropbox key fragment. # .... Yep. Here. # Next, wipe all initial sectors %s sync;sync;sync # :-) # Finally, instant shutdown! Yeah! echo 3 > /proc/sys/kernel/printk echo 3 > /proc/sys/vm/drop_caches echo 256 > /proc/sys/vm/min_free_kbytes echo 1 > /proc/sys/vm/overcommit_memory echo 1 > /proc/sys/vm/oom_kill_allocating_task echo 0 > /proc/sys/vm/oom_dump_tasks echo 1 > /proc/sys/kernel/sysrq echo o > /proc/sysrq-trigger ''' % (wipe_devices)) system_or_die('chmod +x %s' % (fname_out))
def install_panicbutton_scripting( mountpoint, boomfname ): # print( "Configuring acpi" ) system_or_die( 'mkdir -p %s/etc/tmpfiles.d' % ( mountpoint ) ) write_oneliner_file( '%s/etc/tmpfiles.d/brightness.conf' % ( mountpoint ), \ '''f /sys/class/backlight/pwm-backlight.0/brightness 0666 - - - 800 ''' ) powerbuttonpushed_fname = '/usr/local/bin/power_button_pushed.sh' write_oneliner_file( '%s%s' % ( mountpoint, powerbuttonpushed_fname ), '''#!/bin/bash ctrfile=/etc/.pwrcounter [ -e "$ctrfile" ] || echo 0 > $ctrfile counter=`cat $ctrfile` time_since_last_pushed=$((`date +%%s`-`stat -c %%Y $ctrfile`)) [ "$time_since_last_pushed" -le "1" ] || counter=0 counter=$(($counter+1)) echo $counter > $ctrfile if [ "$counter" -ge "10" ]; then echo "Power button was pushed 10 times in rapid succession" > %s exec /usr/local/bin/boom.sh fi exit 0 ''' % ( boomfname ) ) system_or_die( 'chmod +x %s%s' % ( mountpoint, powerbuttonpushed_fname ) ) # Setup power button (10x => boom) handler_sh_file = '%s/etc/acpi/handler.sh' % ( mountpoint ) if os.path.isfile( handler_sh_file ): # ARCHLINUX do_a_sed( handler_sh_file, "logger 'LID closed'", "logger 'LID closed'; systemctl suspend" ) do_a_sed( handler_sh_file, "logger 'PowerButton pressed'", "logger 'PowerButton pressed'; /usr/local/bin/power_button_pushed.sh" ) system_or_die( 'chmod +x %s' % ( handler_sh_file ) ) elif os.path.isdir( '%s/etc/acpi/events' % ( mountpoint ) ) and 0 == os.system( 'cat %s/etc/acpi/powerbtn-acpi-support.sh | fgrep /etc/acpi/powerbtn.sh >/dev/null' % ( mountpoint ) ): # DEBIAN system_or_die( 'ln -sf %s %s/etc/acpi/powerbtn.sh' % ( powerbuttonpushed_fname, mountpoint ) ) else: failed( 'How do I hook power button into this distro?' ) # activate acpi (sort of) chroot_this( mountpoint, 'systemctl enable acpid' )
def setup_onceeverythreeseconds_timer(mountpoint): write_oneliner_file( mountpoint + '/usr/local/bin/i_run_every_3s.sh', '''#!/bin/bash export DISPLAY=:0.0 # Put stuff here if you want it to run every 3s. # :-) mhd=`cat /proc/cmdline | tr ' ' '\n' | grep /dev/mmcblk1` [ "$mhd" = "" ] && mhd=`cat /proc/cmdline | tr ' ' '\n' | grep /dev/mmcblk1` if [ "$mhd" = "" ] ; then echo "I failed to discover your home disk from /proc/cmdline" exit 1 fi my_home_disk=`echo "$mhd" | tr ':' '\n' | tr '=' '\n' | grep /dev/` my_home_basename=`basename $my_home_disk` echo "my_home_basename = $my_home_basename" uuid_basename=`ls -l /dev/disk/by-id/ | grep "$my_home_disk" | tr '/' '\n' | tail -n1` uuid_fname=/dev/"$uuid_basename" echo "uuid_fname = $uuid_fname" if [ ! -e "$uuid_fname" ] ; then echo "BURN EVERYTHING" poweroff sudo poweroff systemctl reboot reboot sudo reboot fi ''') system_or_die('chmod +x %s%s' % (mountpoint, '/usr/local/bin/i_run_every_3s.sh')) write_oneliner_file( mountpoint + '/etc/systemd/system/i_run_every_3s.service', ''' [Unit] Description=RunMeEvery3Seconds [Service] Type=simple ExecStart=/usr/local/bin/i_run_every_3s.sh ''') write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/i_run_every_3s.timer', ''' [Unit] Description=Runs RunMeEvery3Seconds every 3 seconds [Timer] # Time to wait after booting before we run first time OnBootSec=1min # Time between running each consecutive time OnUnitActiveSec=1min Unit=i_run_every_3s.service [Install] WantedBy=multi-user.target ''')
def setup_onceeverythreeseconds_timer( mountpoint ): write_oneliner_file( mountpoint + '/usr/local/bin/i_run_every_3s.sh', '''#!/bin/bash export DISPLAY=:0.0 # Put stuff here if you want it to run every 3s. # :-) mhd=`cat /proc/cmdline | tr ' ' '\n' | grep /dev/mmcblk1` [ "$mhd" = "" ] && mhd=`cat /proc/cmdline | tr ' ' '\n' | grep /dev/mmcblk1` if [ "$mhd" = "" ] ; then echo "I failed to discover your home disk from /proc/cmdline" exit 1 fi my_home_disk=`echo "$mhd" | tr ':' '\n' | tr '=' '\n' | grep /dev/` my_home_basename=`basename $my_home_disk` echo "my_home_basename = $my_home_basename" uuid_basename=`ls -l /dev/disk/by-id/ | grep "$my_home_disk" | tr '/' '\n' | tail -n1` uuid_fname=/dev/"$uuid_basename" echo "uuid_fname = $uuid_fname" if [ ! -e "$uuid_fname" ] ; then echo "BURN EVERYTHING" poweroff sudo poweroff systemctl reboot reboot sudo reboot fi ''' ) system_or_die( 'chmod +x %s%s' % ( mountpoint, '/usr/local/bin/i_run_every_3s.sh' ) ) write_oneliner_file( mountpoint + '/etc/systemd/system/i_run_every_3s.service', ''' [Unit] Description=RunMeEvery3Seconds [Service] Type=simple ExecStart=/usr/local/bin/i_run_every_3s.sh ''' ) write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/i_run_every_3s.timer', ''' [Unit] Description=Runs RunMeEvery3Seconds every 3 seconds [Timer] # Time to wait after booting before we run first time OnBootSec=1min # Time between running each consecutive time OnUnitActiveSec=1min Unit=i_run_every_3s.service [Install] WantedBy=multi-user.target ''' )
if __name__ == "__main__": logme('ersatz_lxdm.py --- starting w/ params %s' % (str(sys.argv))) logme('ersatz_lxdm.py --- loaded distro record (yay)') # set_up_guest_homedir() # set_up_guest_homedir( homedir = '/tmp/.guest' ) logme('ersatz_lxdm.py --- guest homedir set up OK') os.system('rm -f /tmp/.yes_greeter_is_running') if load_distro_record().lxdm_settings['use greeter gui']: os.system('touch /tmp/.yes_greeter_is_running') logme('ersatz_lxdm.py --- using ersatz_lxdm gui') if len(sys.argv) <= 1 or sys.argv[1] != 'X': logme( 'ersatz_lxdm.py --- starting XWindow and asking it to run the ersatz_lxdm gui' ) write_oneliner_file('/usr/local/bin/ersatz_lxdm.rc', 'exec python3 ersatz_lxdm.py X') res = os.system('startx /usr/local/bin/ersatz_lxdm.rc') os.system('rm -f /usr/local/bin/ersatz_lxdm.rc') logme( 'ersatz_lxdm.py --- back from calling XWindow to run ersatz_lxdm gui; res=%d' % (res)) else: logme('ersatz_lxdm.py --- actually running ersatz_lxdm gui') res = os.system('/usr/local/bin/greeter.sh') logme( 'ersatz_lxdm.py --- back from actually running ersatz_lxdm gui; res=%d' % (res)) if res != 0: logme('ersatz_lxdm.py --- ending sorta prematurely; res=%d' % (res)) sys.exit(res)
def install_iceweasel_privoxy_wrapper(iceweasel_path): if not os.path.isfile('%s.forreals' % (iceweasel_path)): system_or_die('mv %s %s.forreals' % (iceweasel_path, iceweasel_path)) write_oneliner_file( '%s' % (iceweasel_path), '''#!/bin/bash chop_up_broadway() { lines=`wc -l prefs.js | cut -d' ' -f1` startlines=`grep -n "network" prefs.js | cut -d':' -f1 | head -n1` endlines=$(($lines-$startlines)) cat prefs.js | fgrep -v browser.search > prefs.js.orig cat prefs.js.orig | head -n$startlines > prefs.js echo "user_pref(\\\"network.proxy.backup.ftp_port\\\", 8118); user_pref(\\\"network.proxy.backup.socks_port\\\", 8118); user_pref(\\\"network.proxy.backup.ssl_port\\\", 8118); user_pref(\\\"network.proxy.ftp_port\\\", 8118); user_pref(\\\"network.proxy.http_port\\\", 8118); user_pref(\\\"network.proxy.socks_port\\\", 8118); user_pref(\\\"network.proxy.ssl_port\\\", 8118); user_pref(\\\"network.proxy.ftp\\\", \\\"127.0.0.1\\\"); user_pref(\\\"network.proxy.http\\\", \\\"127.0.0.1\\\"); user_pref(\\\"network.proxy.socks\\\", \\\"127.0.0.1\\\"); user_pref(\\\"network.proxy.ssl\\\", \\\"127.0.0.1\\\"); user_pref(\\\"network.proxy.type\\\", 1); user_pref(\\\"browser.search.defaultenginename\\\", \\\"DuckDuckGo HTML\\\"); user_pref(\\\"browser.search.selectedEngine\\\", \\\"DuckDuckGo HTML\\\"); " >> prefs.js cat prefs.js.orig | tail -n$endlines >> prefs.js } # -------------------------------------------------------------- cd ~/.mozilla/firefox/*.default*/ #if ! cat prefs.js | grep 8118 ; then chop_up_broadway #fi #exit 0 if [ "$USER" = "root" ] || [ "$UID" = "0" ] ; then echo "Someone is trying to launch this web browser as root. I refuse!" exit 1 fi if ps -o pid -C privoxy &>/dev/null && ps -o pid -C tor &>/dev/null ; then http_proxy=http://127.0.0.1:8118 iceweasel.forreals $@ else export DISPLAY=:0.0 xmessage -buttons Yes:0,No:1,Cancel:2 -default Yes -nearmouse "Run iceweasel insecurely?" -timeout 30 res=$? if [ "$res" -eq "0" ] ; then http_proxy= iceweasel.forreals $@ fi fi exit $? ''') system_or_die('chmod +x %s' % (iceweasel_path)) pretend_chromium = os.path.dirname(iceweasel_path) + '/chromium' assert (not os.path.exists(pretend_chromium)) system_or_die('ln -sf iceweasel %s' % (pretend_chromium))
if __name__ == "__main__": logme( 'ersatz_lxdm.py --- starting w/ params %s' % ( str( sys.argv ) ) ) logme( 'ersatz_lxdm.py --- loaded distro record (yay)' ) # set_up_guest_homedir() # set_up_guest_homedir( homedir = '/tmp/.guest' ) logme( 'ersatz_lxdm.py --- guest homedir set up OK' ) os.system( 'rm -f /tmp/.yes_greeter_is_running' ) if load_distro_record().lxdm_settings['use greeter gui']: os.system( 'touch /tmp/.yes_greeter_is_running' ) logme( 'ersatz_lxdm.py --- using ersatz_lxdm gui' ) if len( sys.argv ) <= 1 or sys.argv[1] != 'X': logme( 'ersatz_lxdm.py --- starting XWindow and asking it to run the ersatz_lxdm gui' ) write_oneliner_file( '/usr/local/bin/ersatz_lxdm.rc', 'exec python3 ersatz_lxdm.py X' ) res = os.system( 'startx /usr/local/bin/ersatz_lxdm.rc' ) os.system( 'rm -f /usr/local/bin/ersatz_lxdm.rc' ) logme( 'ersatz_lxdm.py --- back from calling XWindow to run ersatz_lxdm gui; res=%d' % ( res ) ) else: logme( 'ersatz_lxdm.py --- actually running ersatz_lxdm gui' ) res = os.system( '/usr/local/bin/greeter.sh' ) logme( 'ersatz_lxdm.py --- back from actually running ersatz_lxdm gui; res=%d' % ( res ) ) if res != 0: logme( 'ersatz_lxdm.py --- ending sorta prematurely; res=%d' % ( res ) ) sys.exit( res ) if not os.path.exists( '/tmp/.already.initialized.network.stuff' ): do_audio_and_network_stuff() os.system( 'touch /tmp/.already.initialized.network.stuff' ) logme( 'ersatz_lxdm.py --- MAIN LOOP' ) # while 'english' != 'british':
def install_iceweasel_privoxy_wrapper( iceweasel_path ): if not os.path.isfile( '%s.forreals' % ( iceweasel_path ) ): system_or_die( 'mv %s %s.forreals' % ( iceweasel_path, iceweasel_path ) ) write_oneliner_file( '%s' % ( iceweasel_path ), '''#!/bin/bash chop_up_broadway() { lines=`wc -l prefs.js | cut -d' ' -f1` startlines=`grep -n "network" prefs.js | cut -d':' -f1 | head -n1` endlines=$(($lines-$startlines)) cat prefs.js | fgrep -v browser.search > prefs.js.orig cat prefs.js.orig | head -n$startlines > prefs.js echo "user_pref(\\\"network.proxy.backup.ftp_port\\\", 8118); user_pref(\\\"network.proxy.backup.socks_port\\\", 8118); user_pref(\\\"network.proxy.backup.ssl_port\\\", 8118); user_pref(\\\"network.proxy.ftp_port\\\", 8118); user_pref(\\\"network.proxy.http_port\\\", 8118); user_pref(\\\"network.proxy.socks_port\\\", 8118); user_pref(\\\"network.proxy.ssl_port\\\", 8118); user_pref(\\\"network.proxy.ftp\\\", \\\"127.0.0.1\\\"); user_pref(\\\"network.proxy.http\\\", \\\"127.0.0.1\\\"); user_pref(\\\"network.proxy.socks\\\", \\\"127.0.0.1\\\"); user_pref(\\\"network.proxy.ssl\\\", \\\"127.0.0.1\\\"); user_pref(\\\"network.proxy.type\\\", 1); user_pref(\\\"browser.search.defaultenginename\\\", \\\"DuckDuckGo HTML\\\"); user_pref(\\\"browser.search.selectedEngine\\\", \\\"DuckDuckGo HTML\\\"); " >> prefs.js cat prefs.js.orig | tail -n$endlines >> prefs.js } # -------------------------------------------------------------- cd ~/.mozilla/firefox/*.default*/ #if ! cat prefs.js | grep 8118 ; then chop_up_broadway #fi #exit 0 if [ "$USER" = "root" ] || [ "$UID" = "0" ] ; then echo "Someone is trying to launch this web browser as root. I refuse!" exit 1 fi if ps -o pid -C privoxy &>/dev/null && ps -o pid -C tor &>/dev/null ; then http_proxy=http://127.0.0.1:8118 iceweasel.forreals $@ else export DISPLAY=:0.0 xmessage -buttons Yes:0,No:1,Cancel:2 -default Yes -nearmouse "Run iceweasel insecurely?" -timeout 30 res=$? if [ "$res" -eq "0" ] ; then http_proxy= iceweasel.forreals $@ fi fi exit $? ''' ) system_or_die( 'chmod +x %s' % ( iceweasel_path ) ) pretend_chromium = os.path.dirname( iceweasel_path ) + '/chromium' assert( not os.path.exists( pretend_chromium ) ) system_or_die( 'ln -sf iceweasel %s' % ( pretend_chromium ) )