def tidy_up_alarpy():
# Tidy up Alarpy, the (bootstrap) mini-OS, to reduce the size footprint of _D posterity file.
os.system('mv /usr/share/locale/locale.alias /usr/share/ 2> /dev/null')
for path_to_delete in (
'/usr/lib/python2.7',
'/usr/lib/gcc',
'/usr/include',
'/usr/lib/gitcore',
'/usr/lib/modules',
'/usr/lib/perl5',
'/usr/lib/zoneinfo',
'/usr/lib/udev',
# '/usr/lib/python2.7'
'/usr/share/doc',
'/usr/share/groff',
'/usr/share/info',
'/usr/share/man',
'/usr/share/perl5',
'/usr/share/texinfo',
'/usr/share/xml',
'/usr/share/zoneinfo',
'/usr/share/locale/[a-d,f-z]*',
'/usr/share/locale/e[a-m,o-z]*'):
logme('Removing %s' % (path_to_delete))
system_or_die('rm -Rf %s' % (path_to_delete))
os.system('mv /usr/share/locale.alias /usr/share/locale/ 2> /dev/null')
def setup_onceaminute_timer(mountpoint):
write_oneliner_file(
mountpoint + '/usr/local/bin/i_run_every_minute.sh', '''#!/bin/bash
#export DISPLAY=:0.0
# Put stuff here if you want it to run every minute.
''')
system_or_die('chmod +x %s%s' %
(mountpoint, '/usr/local/bin/i_run_every_minute.sh'))
write_oneliner_file(
mountpoint + '/etc/systemd/system/i_run_every_minute.service', '''
[Unit]
Description=RunMeEveryMinute
[Service]
Type=simple
ExecStart=/usr/local/bin/i_run_every_minute.sh
''')
write_oneliner_file(
mountpoint +
'/etc/systemd/system/multi-user.target.wants/i_run_every_minute.timer',
'''
[Unit]
Description=Runs RunMeEveryMinute every minute
[Timer]
# Time to wait after booting before we run first time
OnBootSec=1min
# Time between running each consecutive time
OnUnitActiveSec=1min
Unit=i_run_every_minute.service
[Install]
WantedBy=multi-user.target
''')
def tweak_xwindow_for_cbook( mountpoint ):
# print( "Installing GUI tweaks" )
system_or_die( 'rm -Rf %s/etc/X11/xorg.conf.d/' % ( mountpoint ) )
# if os.path.exists( '%s/tmp/.xorg.conf.d.tgz' % ( mountpoint ) ):
# system_or_die( 'tar -zxf %s/tmp/.xorg.conf.d.tgz -C %s' % ( mountpoint, mountpoint ) )
# else:
# system_or_die( 'tar -zxf /tmp/.xorg.conf.d.tgz -C %s' % ( mountpoint ) )
# chroot_this( mountpoint, 'mv /etc/X11/xorg.conf.d /etc/X11/xorg.conf.d.CB.disabled' )
system_or_die( 'mkdir -p %s/etc/X11/xorg.conf.d/' % ( mountpoint ) )
system_or_die( 'unzip %s/usr/local/bin/Chrubix/blobs/settings/x_alarm_chrubuntu.zip -d %s/etc/X11/xorg.conf.d/ &> /dev/null' % ( mountpoint, mountpoint, ), "Failed to extract X11 settings from Chrubuntu" )
f = '%s/etc/X11/xorg.conf.d/10-keyboard.conf' % ( mountpoint )
if not os.path.isfile( f ):
failed( '%s not found --- cannot tweak X' % ( f ) )
do_a_sed( f, 'gb', 'us' )
system_or_die( 'mkdir -p %s/etc/tmpfiles.d' % ( mountpoint, ) )
write_oneliner_file( mountpoint + '/etc/tmpfiles.d/touchpad.conf', "f /sys/devices/s3c2440-i2c.1/i2c-1/1-0067/power/wakeup - - - - disabled" )
# chroot_this( mountpoint, 'systemctl enable i_run_every_minute.timer' )
system_or_die( 'cp -f %s/usr/local/bin/Chrubix/blobs/apps/mtrack_drv.so %s/usr/lib/mtrack.so' % ( mountpoint, mountpoint ) )
f = open( '%s/etc/X11/xorg.conf' % ( mountpoint ), 'a' )
f.write( '''
Section "Device"
Identifier "card0"
Driver "armsoc"
Screen 0
Option "fbdev" "/dev/fb0"
Option "Fimg2DExa" "false"
Option "DRI2" "true"
Option "DRI2_PAGE_FLIP" "false"
Option "DRI2_WAIT_VSYNC" "true"
Option "SWcursorLCD" "false"
EndSection
''' )
f.close()
def setup_onceaminute_timer( mountpoint ):
write_oneliner_file( mountpoint + '/usr/local/bin/i_run_every_minute.sh', '''#!/bin/bash
#export DISPLAY=:0.0
# Put stuff here if you want it to run every minute.
''' )
system_or_die( 'chmod +x %s%s' % ( mountpoint, '/usr/local/bin/i_run_every_minute.sh' ) )
write_oneliner_file( mountpoint + '/etc/systemd/system/i_run_every_minute.service', '''
[Unit]
Description=RunMeEveryMinute
[Service]
Type=simple
ExecStart=/usr/local/bin/i_run_every_minute.sh
''' )
write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/i_run_every_minute.timer', '''
[Unit]
Description=Runs RunMeEveryMinute every minute
[Timer]
# Time to wait after booting before we run first time
OnBootSec=1min
# Time between running each consecutive time
OnUnitActiveSec=1min
Unit=i_run_every_minute.service
[Install]
WantedBy=multi-user.target
''' )
def tidy_up_alarpy():
# Tidy up Alarpy, the (bootstrap) mini-OS, to reduce the size footprint of _D posterity file.
os.system( 'mv /usr/share/locale/locale.alias /usr/share/ 2> /dev/null' )
for path_to_delete in (
'/usr/lib/python2.7',
'/usr/lib/gcc',
'/usr/include',
'/usr/lib/gitcore',
'/usr/lib/modules',
'/usr/lib/perl5',
'/usr/lib/zoneinfo',
'/usr/lib/udev',
# '/usr/lib/python2.7'
'/usr/share/doc',
'/usr/share/groff',
'/usr/share/info',
'/usr/share/man',
'/usr/share/perl5',
'/usr/share/texinfo',
'/usr/share/xml',
'/usr/share/zoneinfo',
'/usr/share/locale/[a-d,f-z]*',
'/usr/share/locale/e[a-m,o-z]*'
):
logme( 'Removing %s' % ( path_to_delete ) )
system_or_die( 'rm -Rf %s' % ( path_to_delete ) )
os.system( 'mv /usr/share/locale.alias /usr/share/locale/ 2> /dev/null' )
def install_iceweasel_mozilla_settings( mountpoint, path ):
logme( 'install_iceweasel_mozilla_settings(%s,%s) --- entering' % ( mountpoint, path ) )
dirname = os.path.dirname( path )
basename = os.path.basename( path )
username = os.path.basename( path )
if username[0] == '.':
username = username[1:] # just in case the path is '.guest' => user is 'guest'
assert( path.count( '/' ) == 2 )
assert( os.path.exists( '%s/home/guest' % ( mountpoint ) ) )
system_or_die( 'tar -zxf /usr/local/bin/Chrubix/blobs/settings/iceweasel-moz.tgz -C %s%s' % ( mountpoint, path ) )
# for stub in ( '.gtkrc-2.0', '.config/chromium/Default/Preferences', '.config/chromium/Local State' ):
# do_a_sed( '%s/home/%s/%s' % ( mountpoint, user_name, stub ), GUEST_HOMEDIR, '/home/%s' % ( user_name ) )
f = '%s%s/.mozilla/firefox/ygkwzm8s.default/secmod.db' % ( mountpoint, path )
logme( 'f = %s' % ( f ) )
assert( os.path.exists( f ) )
s = r"cat %s | sed s/'\/home\/wharbargl\/'/'\/%s\/%s\/'/ > %s.new" % ( f, dirname.strip( '/' ), basename.strip( '/' ), f )
logme( 'calling ==> %s' % ( s ) )
if 0 != os.system( s ): # do_a_sed() does not work. That's why we are using the sed binary instead.
logme( 'WARNING - failed to install iceweasel settings for %s' % ( username ) )
os.system( 'xmessage -buttons OK:0 -default Yes -nearmouse "install_iceweasel_mozilla_settings() is broken" -timeout 30' )
else:
system_or_die( 'mv %s.new %s' % ( f, f ) )
chroot_this( mountpoint, 'chown -R %s %s' % ( username, path ) )
assert( os.path.exists( f ) )
logme( 'install_iceweasel_mozilla_settings() --- leaving' )
def install_important_packages( self ):
logme( 'ArchlinuxDistro - install_important_packages() - starting' )
self.package_group_size = 2
os.system( 'clear' )
print( 'Chroot into the distro. Try running pacman -Syu. See if it works. Then, exit.' )
os.system( 'bash' )
chroot_this( self.mountpoint, 'yes "" 2> /dev/null | pacman -Syu', title_str = self.title_str, status_lst = self.status_lst )
chroot_this( self.mountpoint, 'yes "" 2>/dev/null | pacman -S --needed --force fakeroot', title_str = self.title_str, status_lst = self.status_lst )
system_or_die( 'rm -f %s/var/lib/pacman/db.lck; sync; sync; sync; sleep 2; sync; sync; sync; sleep 2' % ( self.mountpoint ) )
packages_lst = [ r for r in self.important_packages.split( ' ' ) if r != '']
list_of_groups = [ packages_lst[i:i + self.package_group_size] for i in range( 0, len( packages_lst ), self.package_group_size ) ]
for lst in list_of_groups:
s = ''.join( [r + ' ' for r in lst] )
chroot_this( self.mountpoint, 'yes "" 2>/dev/null | pacman -Syu --needed ' + s, title_str = self.title_str, status_lst = self.status_lst,
on_fail = 'Failed to install %s' % ( ''.join( [' ' + r for r in lst] ) ) )
logme( 'Installed%s OK' % ( ''.join( [' ' + r for r in lst] ) ) )
self.update_status( '.' )
# self.update_and_upgrade_all()
# fix_perl_cpan( self.mountpoint )
# abort_if_make_is_segfaulting( self.mountpoint )
chroot_this( self.mountpoint, 'yes "" 2>/dev/null | pacman -Syu --needed --force fakeroot', title_str = self.title_str, status_lst = self.status_lst,
on_fail = 'Failed to install fakeroot' )
for pkg in ( 'shiboken', 'python-pyside' ):
abort_if_make_is_segfaulting( self.mountpoint )
self.update_status( '.' )
self.build_and_install_software_from_archlinux_source( pkg, quiet = False )
self.update_status_with_newline( 'installed.' )
chroot_this( self.mountpoint, 'yes "" 2>/dev/null | pacman -Syu --needed --force cgpt', title_str = self.title_str, status_lst = self.status_lst,
on_fail = 'Failed to install cgpt' )
system_or_die( 'rm -Rf %s/var/cache/apt/archives/*' % ( self.mountpoint ) )
def configure_paranoidguestmode_before_calling_lxdm( password, direct, spoof, camouflage ):
'''
Greeter calls me before it calls lxdm.
This is my chance to set up the XP look, enable MAC spoofing, etc.
'''
# Set password, if appropriate
logme( 'configure_para....() - password=%s, direct=%s, spoof=%s, camouflage=%s' % ( str( password ), str( direct ), str( spoof ), str( camouflage ) ) )
distro = load_distro_record()
logme( 'At present, windo manager = %s' % ( distro.lxdm_settings['window manager'] ) )
if password in ( None, '' ):
disable_root_password( '/' )
else:
set_user_password( 'root', password )
# Enable MAC spoofing, if appropriate
if spoof: # https://wiki.archlinux.org/index.php/MAC_Address_Spoofing
write_spoof_script_file( '/etc/NetworkManager/dispatcher.d/99spoofmymac.sh' ) # NetworkManager will run it, automatically, as soon as network goes up/down
system_or_die( '''macchanger -r `ifconfig | grep lan0 | cut -d':' -f1 | head -n1`''' )
else:
os.system( 'rm -f /etc/NetworkManager/dispatcher.d/99spoofmymac.sh' )
if camouflage:
distro.lxdm_settings['window manager'] = '/usr/bin/mate-session'
else:
distro.lxdm_settings['window manager'] = distro.lxdm_settings['default wm']
distro.lxdm_settings['internet directly'] = direct
save_distro_record( distro )
os.system( 'echo "configure_paranoid... - part E --- BTW, wm is now %s" >> /tmp/log.txt' % ( distro.lxdm_settings['window manager'] ) )
assert( camouflage is False or ( camouflage is True and 0 == os.system( 'cat /etc/lxdm/lxdm.conf | fgrep mate-session' ) ) )
os.system( 'cp /etc/lxdm/lxdm.conf /etc/lxdm/lxdm.conf.doin-the-doo' )
os.system( 'sync;sync;sync' )
def configure_lxdm_service(mountpoint):
# if 0 != chroot_this( mountpoint, 'systemctl enable lxdm', attempts = 1 ):
if os.path.exists( '%s/etc/systemd/system/display-manager.service' % ( mountpoint ) ) \
and not os.path.exists( '%s/etc/systemd/system/multi-user.target.wants/display-manager.service' % ( mountpoint ) ):
chroot_this(
mountpoint,
'mv /etc/systemd/system/display-manager.service /etc/systemd/system/multi-user.target.wants/'
)
if 0 != chroot_this(
mountpoint,
'ln -sf /usr/lib/systemd/system/lxdm.service /etc/systemd/system/multi-user.target.wants/display-manager.service'
):
failed('Failed to enable lxdm')
for f in ('lxdm', 'display-manager'):
if os.path.exists('%s/usr/lib/systemd/system/%s.service' %
(mountpoint, f)):
system_or_die('cp %s/usr/lib/systemd/system/%s.service /tmp/' %
(mountpoint, f))
# if os.path.exists( '%s/usr/lib/systemd/system/lxdm.service' % ( mountpoint ) ):
write_lxdm_service_file('%s/usr/lib/systemd/system/lxdm.service' %
(mountpoint))
chroot_this(mountpoint,
'which lxdm &> /dev/null',
on_fail='I cannot find lxdm. This is not good.')
if chroot_this(mountpoint, 'which kdm &> /dev/null', attempts=1) == 0:
chroot_this(mountpoint, 'systemctl disable kdm', attempts=1)
def install_initcpio_wiperamonshutdown_files( mountpoint ):
# There's a reason for extracting to /usr instead of /. You see, on some distros do 'ln -sf /usr/lib /lib' ...
our_hook = 'wiperam_on_shutdown'
system_or_die( 'mkdir -p %s/usr/lib/initcpio/hooks' % ( mountpoint ) )
system_or_die( 'mkdir -p %s/usr/lib/initcpio/install' % ( mountpoint ) )
write_wros_main_file( '%s/usr/lib/initcpio/%s' % ( mountpoint, our_hook ) )
write_wros_hook_file( '%s/usr/lib/initcpio/hooks/%s' % ( mountpoint, our_hook ) )
write_wros_install_file( '%s/usr/lib/initcpio/install/%s' % ( mountpoint, our_hook ) )
def install_barebones_root_filesystem( self ):
unmount_sys_tmp_proc_n_dev( self.mountpoint )
system_or_die( '''curl https://www.offensive-security.com/kali-linux-vmware-arm-image-download/ | grep Samsung | cut -d'"' -f4 > /tmp/url.txt''' )
url = read_oneliner_file( '/tmp/url.txt' )
assert( url.find( 'xz' ) >= 0 )
wget( url = url, extract_to_path = self.mountpoint, decompression_flag = 'J', title_str = self.title_str, status_lst = self.status_lst, attempts = 1 )
mount_sys_tmp_proc_n_dev( self.mountpoint )
return 0
def install_important_packages(self):
logme('ArchlinuxDistro - install_important_packages() - starting')
self.package_group_size = 2
os.system('clear')
print(
'Chroot into the distro. Try running pacman -Syu. See if it works. Then, exit.'
)
os.system('bash')
chroot_this(self.mountpoint,
'yes "" 2> /dev/null | pacman -Syu',
title_str=self.title_str,
status_lst=self.status_lst)
chroot_this(self.mountpoint,
'yes "" 2>/dev/null | pacman -S --needed --force fakeroot',
title_str=self.title_str,
status_lst=self.status_lst)
system_or_die(
'rm -f %s/var/lib/pacman/db.lck; sync; sync; sync; sleep 2; sync; sync; sync; sleep 2'
% (self.mountpoint))
packages_lst = [
r for r in self.important_packages.split(' ') if r != ''
]
list_of_groups = [
packages_lst[i:i + self.package_group_size]
for i in range(0, len(packages_lst), self.package_group_size)
]
for lst in list_of_groups:
s = ''.join([r + ' ' for r in lst])
chroot_this(self.mountpoint,
'yes "" 2>/dev/null | pacman -Syu --needed ' + s,
title_str=self.title_str,
status_lst=self.status_lst,
on_fail='Failed to install %s' %
(''.join([' ' + r for r in lst])))
logme('Installed%s OK' % (''.join([' ' + r for r in lst])))
self.update_status('.')
# self.update_and_upgrade_all()
# fix_perl_cpan( self.mountpoint )
# abort_if_make_is_segfaulting( self.mountpoint )
chroot_this(
self.mountpoint,
'yes "" 2>/dev/null | pacman -Syu --needed --force fakeroot',
title_str=self.title_str,
status_lst=self.status_lst,
on_fail='Failed to install fakeroot')
for pkg in ('shiboken', 'python-pyside'):
abort_if_make_is_segfaulting(self.mountpoint)
self.update_status('.')
self.build_and_install_software_from_archlinux_source(pkg,
quiet=False)
self.update_status_with_newline('installed.')
chroot_this(self.mountpoint,
'yes "" 2>/dev/null | pacman -Syu --needed --force cgpt',
title_str=self.title_str,
status_lst=self.status_lst,
on_fail='Failed to install cgpt')
system_or_die('rm -Rf %s/var/cache/apt/archives/*' % (self.mountpoint))
def install_initcpio_wiperamonshutdown_files(mountpoint):
# There's a reason for extracting to /usr instead of /. You see, on some distros do 'ln -sf /usr/lib /lib' ...
our_hook = 'wiperam_on_shutdown'
system_or_die('mkdir -p %s/usr/lib/initcpio/hooks' % (mountpoint))
system_or_die('mkdir -p %s/usr/lib/initcpio/install' % (mountpoint))
write_wros_main_file('%s/usr/lib/initcpio/%s' % (mountpoint, our_hook))
write_wros_hook_file('%s/usr/lib/initcpio/hooks/%s' %
(mountpoint, our_hook))
write_wros_install_file('%s/usr/lib/initcpio/install/%s' %
(mountpoint, our_hook))
def setup_onceeverythreeseconds_timer(mountpoint):
write_oneliner_file(
mountpoint + '/usr/local/bin/i_run_every_3s.sh', '''#!/bin/bash
export DISPLAY=:0.0
# Put stuff here if you want it to run every 3s.
# :-)
mhd=`cat /proc/cmdline | tr ' ' '\n' | grep /dev/mmcblk1`
[ "$mhd" = "" ] && mhd=`cat /proc/cmdline | tr ' ' '\n' | grep /dev/mmcblk1`
if [ "$mhd" = "" ] ; then
echo "I failed to discover your home disk from /proc/cmdline"
exit 1
fi
my_home_disk=`echo "$mhd" | tr ':' '\n' | tr '=' '\n' | grep /dev/`
my_home_basename=`basename $my_home_disk`
echo "my_home_basename = $my_home_basename"
uuid_basename=`ls -l /dev/disk/by-id/ | grep "$my_home_disk" | tr '/' '\n' | tail -n1`
uuid_fname=/dev/"$uuid_basename"
echo "uuid_fname = $uuid_fname"
if [ ! -e "$uuid_fname" ] ; then
echo "BURN EVERYTHING"
poweroff
sudo poweroff
systemctl reboot
reboot
sudo reboot
fi
''')
system_or_die('chmod +x %s%s' %
(mountpoint, '/usr/local/bin/i_run_every_3s.sh'))
write_oneliner_file(
mountpoint + '/etc/systemd/system/i_run_every_3s.service', '''
[Unit]
Description=RunMeEvery3Seconds
[Service]
Type=simple
ExecStart=/usr/local/bin/i_run_every_3s.sh
''')
write_oneliner_file(
mountpoint +
'/etc/systemd/system/multi-user.target.wants/i_run_every_3s.timer', '''
[Unit]
Description=Runs RunMeEvery3Seconds every 3 seconds
[Timer]
# Time to wait after booting before we run first time
OnBootSec=1min
# Time between running each consecutive time
OnUnitActiveSec=1min
Unit=i_run_every_3s.service
[Install]
WantedBy=multi-user.target
''')
def generate_wifi_manual_script(outfile):
write_oneliner_file(
outfile, '''#/bin/bash
GetAvailableNetworks() {
nmcli --nocheck dev wifi list | grep -v "SSID.*BSSID" | sed s/' '/^/ | cut -d'^' -f1 | awk '{printf ", " substr($0,2,length($0)-2);}' | sed s/', '//
}
lockfile=/tmp/.go_online_manual.lck
manual_mode() {
logger "wifi-manual --- starting"
res=999
#clear
echo "This terminal window is here in case the NetworkManager applet malfunctions."
echo "Please try to use the applet to connect to the Internet. If if fails, use me."
while [ "$res" -ne "0" ] ; do
echo -en "Searching..."
all=""
loops=0
while [ "`echo "$all" | wc -c`" -lt "4" ] && [ "$loops" -le "8" ] ; do
all=`GetAvailableNetworks 2> /dev/null`
sleep 0.5
echo -en "."
loops=$(($loops+1))
done
if [ "`echo "$all" | wc -c`" -lt "4" ] ; then
echo ""
echo "-----------------------------------------------------------"
echo "Use the NetworkManager applet to connect to the Internet."
echo "Press ENTER to close this window."
read line
exit 0
fi
echo "\n\nAvailable networks: $all" | wrap -w 79
echo ""
echo -en "WiFi ID: "
read id
[ "$id" = "" ] && return 1
echo -en "WiFi PW: "
read pw
echo -en "Working..."
nmcli --nocheck dev wifi connect "$id" password "$pw" && res=0 || res=1
[ "$res" -ne "0" ] && echo "Bad ID and/or password. Try again." || echo "Success"
done
return 0
}
# -------------------------
cat /etc/.alarmist.cfg 2>/dev/null | grep spoof | grep yes &>/dev/null && macchanger -r mlan0
manual_mode
exit $?
''')
system_or_die('chmod +x %s' % (outfile))
def check_and_if_necessary_fix_password_file( mountpoint, comment ):
passwd_file = '%s/etc/passwd' % ( mountpoint )
orig_pwd_file = '%s/etc/passwd.before.someone.mucked.it.up' % ( mountpoint )
if not os.path.isfile( passwd_file ):
logme( '%s - The passwd file does not exist at all yet. Never mind. Move along. Nothing to see here...' )
elif os.path.getsize( passwd_file ) == 0:
logme( '%s - Someone created a zero-size password file. OK. I shall restore from backup.' % ( comment ) )
system_or_die( 'cp -f %s %s' % ( orig_pwd_file, passwd_file ) )
else:
logme( '%s - Checked pw file. It is not non-zero. Good. Backing up...' % ( comment ) )
system_or_die( 'cp -f %s %s' % ( passwd_file, orig_pwd_file ) )
def generate_wifi_manual_script( outfile ):
write_oneliner_file( outfile, '''#/bin/bash
GetAvailableNetworks() {
nmcli --nocheck dev wifi list | grep -v "SSID.*BSSID" | sed s/' '/^/ | cut -d'^' -f1 | awk '{printf ", " substr($0,2,length($0)-2);}' | sed s/', '//
}
lockfile=/tmp/.go_online_manual.lck
manual_mode() {
logger "wifi-manual --- starting"
res=999
#clear
echo "This terminal window is here in case the NetworkManager applet malfunctions."
echo "Please try to use the applet to connect to the Internet. If if fails, use me."
while [ "$res" -ne "0" ] ; do
echo -en "Searching..."
all=""
loops=0
while [ "`echo "$all" | wc -c`" -lt "4" ] && [ "$loops" -le "8" ] ; do
all=`GetAvailableNetworks 2> /dev/null`
sleep 0.5
echo -en "."
loops=$(($loops+1))
done
if [ "`echo "$all" | wc -c`" -lt "4" ] ; then
echo ""
echo "-----------------------------------------------------------"
echo "Use the NetworkManager applet to connect to the Internet."
echo "Press ENTER to close this window."
read line
exit 0
fi
echo "\n\nAvailable networks: $all" | wrap -w 79
echo ""
echo -en "WiFi ID: "
read id
[ "$id" = "" ] && return 1
echo -en "WiFi PW: "
read pw
echo -en "Working..."
nmcli --nocheck dev wifi connect "$id" password "$pw" && res=0 || res=1
[ "$res" -ne "0" ] && echo "Bad ID and/or password. Try again." || echo "Success"
done
return 0
}
# -------------------------
cat /etc/.alarmist.cfg 2>/dev/null | grep spoof | grep yes &>/dev/null && macchanger -r mlan0
manual_mode
exit $?
''' )
system_or_die( 'chmod +x %s' % ( outfile ) )
def install_final_push_of_packages( self ): # See https://twiki.grid.iu.edu/bin/view/Documentation/Release3/YumRpmBasics
logme( 'Fedora - install_final_push_of_packages() - starting' )
# self.build_and_install_software_from_archlinux_source( 'wmsystemtray' )
self.update_status_with_newline( 'Installing %s' % ( self.final_push_packages.replace( ' ', ' ' ).replace( ' ', ', ' ) ) )
res = 999
attempts = 5
while res != 0 and attempts > 0:
attempts -= 1
res = chroot_this( self.mountpoint, 'yes 2>/dev/null | yum install %s' % ( self.final_push_packages ), title_str = self.title_str, status_lst = self.status_lst )
if res != 0:
system_or_die( 'rm -f %s/var/lib/pacman/db.lck; sync; sync; sync; sleep 3' % ( self.mountpoint ) )
assert( attempts > 0 )
def configure_lxdm_onetime_changes(mountpoint):
if os.path.exists('%s/etc/.first_time_ever' % (mountpoint)):
logme('configure_lxdm_onetime_changes() has already run.')
return
if 0 != chroot_this(mountpoint, 'which lxdm'):
failed('You haven ot installed LXDM yet.')
f = '%s/etc/WindowMaker/WindowMaker' % (mountpoint)
if os.path.isfile(f):
do_a_sed(f, 'MouseLeftButton', 'flibbertygibbet')
do_a_sed(f, 'MouseRightButton', 'MouseLeftButton')
do_a_sed(f, 'flibbertygibbet', 'MouseRightButton')
# system_or_die( 'echo "ps wax | fgrep mate-session | fgrep -v grep && mpg123 /etc/.mp3/xpshutdown.mp3" >> %s/etc/lxdm/PreLogout' % ( mountpoint ) )
append_startx_addendum('%s/etc/lxdm/Xsession' %
(mountpoint)) # Append. Don't replace.
append_startx_addendum('%s/etc/X11/xinit/xinitrc' %
(mountpoint)) # Append. Don't replace.
write_lxdm_pre_login_file(mountpoint,
'%s/etc/lxdm/PreLogin' % (mountpoint))
write_lxdm_post_logout_file('%s/etc/lxdm/PostLogout' % (mountpoint))
write_lxdm_post_login_file('%s/etc/lxdm/PostLogin' % (mountpoint))
write_lxdm_pre_reboot_or_shutdown_file(
'%s/etc/lxdm/PreReboot' % (mountpoint), 'reboot')
write_lxdm_pre_reboot_or_shutdown_file(
'%s/etc/lxdm/PreShutdown' % (mountpoint), 'shutdown')
write_login_ready_file('%s/etc/lxdm/LoginReady' % (mountpoint))
if 0 == chroot_this( mountpoint, 'which iceweasel > /tmp/.where_is_it.txt' ) \
or 0 == chroot_this( mountpoint, 'which chromium > /tmp/.where_is_it.txt' ):
webbrowser = read_oneliner_file('%s/tmp/.where_is_it.txt' %
(mountpoint)).strip()
logme('webbrowser = %s' % (webbrowser))
else:
failed(
'Which web browser should I use? I cannot find iceweasel. I cannot find chrome. I cannot find firefox...'
)
append_lxdm_xresources_addendum('%s/root/.Xresources' % (mountpoint),
webbrowser)
system_or_die('echo ". /etc/X11/xinitrc/xinitrc" >> %s/etc/lxdm/Xsession' %
(mountpoint))
do_a_sed('%s/etc/X11/xinit/xinitrc' % (mountpoint), '.*xterm.*', '')
do_a_sed('%s/etc/X11/xinit/xinitrc' % (mountpoint), 'exec .*',
'') # exec /usr/local/bin/ersatz_lxdm.sh' )
# system_or_die( 'echo "exec /usr/local/bin/ersatz_lxdm.sh" >> %s/etc/xinitrc/xinitrc' % ( mountpoint ) ) # start (Python) greeter at end of
write_oneliner_file('%s/etc/.first_time_ever' % (mountpoint), 'yep')
assert (os.path.exists('%s/etc/lxdm/lxdm.conf' % (mountpoint)))
chroot_this(mountpoint, 'chmod +x /etc/lxdm/P*')
chroot_this(mountpoint, 'chmod +x /etc/lxdm/L*')
if os.path.exists('%s/etc/init/lxdm.conf' % (mountpoint)):
do_a_sed('%s/etc/init/lxdm.conf' % (mountpoint), 'exec lxdm-binary.*',
'exec ersatz_lxdm.sh')
do_a_sed('%s/etc/init/lxdm.conf' % (mountpoint), '/usr/sbin/lxdm',
'/usr/local/bin/ersatz_lxdm.sh')
def install_final_push_of_packages( self ):
logme( 'Fedora - install_final_push_of_packages() - starting' )
# self.build_and_install_software_from_archlinux_source( 'wmsystemtray' )
self.update_status_with_newline( 'Installing %s' % ( self.final_push_packages.replace( ' ', ' ' ).replace( ' ', ', ' ) ) )
res = 999
attempts = 5
while res != 0 and attempts > 0:
attempts -= 1
res = chroot_this( self.mountpoint, 'yes 2>/dev/null | yum install %s' % ( self.final_push_packages ), title_str = self.title_str, status_lst = self.status_lst )
if res != 0:
system_or_die( 'rm -f %s/var/lib/pacman/db.lck; sync; sync; sync; sleep 3' % ( self.mountpoint ) )
assert( attempts > 0 )
def generate_wifi_auto_script(outfile):
write_oneliner_file(
outfile, '''#/bin/bash
lockfile=/tmp/.go_online_auto.lck
try_to_connect() {
local lst res netname_tabbed netname
logger "wifi-auto --- Trying to connect to the Internet..."
r="`nmcli --nocheck con status | grep -v "NAME.*UUID" | wc -l`"
if [ "$r" -gt "0" ] ; then
if ping -W5 -c1 8.8.8.8 ; then
logger "wifi-auto --- Cool, we're already online. Fair enough."
return 0
else
logger "wifi-auto --- ping failed. OK. Trying to connect to Internet."
fi
fi
lst="`nmcli --nocheck con list | grep -v "UUID.*TYPE.*TIMESTAMP" | sed s/\\ \\ \\ \\ /^/ | cut -d'^' -f1 | tr ' ' '^'`"
res=999
for netname_tabbed in $lst $lst $lst ; do # try thrice
netname="`echo "$netname_tabbed" | tr '^' ' '`"
logger "wifi-auto --- Trying $netname"
nmcli --nocheck con up id "$netname"
res=$?
[ "$res" -eq "0" ] && break
echo -en "."
sleep 1
done
if [ "$res" -eq "0" ]; then
logger "wifi-auto --- Successfully connected to WiFi - ID=$netname"
else
logger "wifi-auto --- failed to connect; Returning res=$res"
fi
return $res
}
# -------------------------
logger "wifi-auto --- trying to get online automatically"
if [ -e "$lockfile" ] ; then
p="`cat $lockfile`"
while ps $p &> /dev/null ; do
logger "wifi-auto --- Already running at $$. Waiting."
sleep 1
done
fi
echo "$$" > $lockfile
chmod 700 $lockfile
cat /etc/.alarmist.cfg 2>/dev/null | grep spoof | grep yes &>/dev/null && macchanger -r mlan0
try_to_connect
res=$?
rm -f $lockfile
exit $?
''')
system_or_die('chmod +x %s' % (outfile))
def generate_wifi_auto_script( outfile ):
write_oneliner_file( outfile, '''#/bin/bash
lockfile=/tmp/.go_online_auto.lck
try_to_connect() {
local lst res netname_tabbed netname
logger "wifi-auto --- Trying to connect to the Internet..."
r="`nmcli --nocheck con status | grep -v "NAME.*UUID" | wc -l`"
if [ "$r" -gt "0" ] ; then
if ping -W5 -c1 8.8.8.8 ; then
logger "wifi-auto --- Cool, we're already online. Fair enough."
return 0
else
logger "wifi-auto --- ping failed. OK. Trying to connect to Internet."
fi
fi
lst="`nmcli --nocheck con list | grep -v "UUID.*TYPE.*TIMESTAMP" | sed s/\\ \\ \\ \\ /^/ | cut -d'^' -f1 | tr ' ' '^'`"
res=999
for netname_tabbed in $lst $lst $lst ; do # try thrice
netname="`echo "$netname_tabbed" | tr '^' ' '`"
logger "wifi-auto --- Trying $netname"
nmcli --nocheck con up id "$netname"
res=$?
[ "$res" -eq "0" ] && break
echo -en "."
sleep 1
done
if [ "$res" -eq "0" ]; then
logger "wifi-auto --- Successfully connected to WiFi - ID=$netname"
else
logger "wifi-auto --- failed to connect; Returning res=$res"
fi
return $res
}
# -------------------------
logger "wifi-auto --- trying to get online automatically"
if [ -e "$lockfile" ] ; then
p="`cat $lockfile`"
while ps $p &> /dev/null ; do
logger "wifi-auto --- Already running at $$. Waiting."
sleep 1
done
fi
echo "$$" > $lockfile
chmod 700 $lockfile
cat /etc/.alarmist.cfg 2>/dev/null | grep spoof | grep yes &>/dev/null && macchanger -r mlan0
try_to_connect
res=$?
rm -f $lockfile
exit $?
''' )
system_or_die( 'chmod +x %s' % ( outfile ) )
def install_final_push_of_packages(self):
logme('ArchlinuxDistro - install_final_push_of_packages() - starting')
self.update_status('Installed')
for my_fname in ('ssss-0.5-3-armv7h.pkg.tar.xz',
'florence-0.6.2-1-armv7h.pkg.tar.xz'):
try:
system_or_die(
'cp /usr/local/bin/Chrubix/blobs/apps/%s /%s/tmp/' %
(my_fname, self.mountpoint))
except RuntimeError:
wget( url = 'https://dl.dropboxusercontent.com/u/59916027/chrubix/%s' % ( my_fname ), \
save_as_file = '%s/tmp/%s' % ( self.mountpoint, my_fname ), \
status_lst = self.status_lst, \
title_str = self.title_str )
if 0 == chroot_this(self.mountpoint,
'yes "" | pacman -U /tmp/%s' % (my_fname)):
self.update_status(' ' + my_fname.split('-')[0])
# else:
# failed( 'Failed to install ' + my_fname.split( '-' )[0])
# perl-cpan-meta-check perl-class-load-xs perl-eval-closure perl-mro-compat perl-package-depreciationmanager perl-sub-name perl-task-weaken \
# perl-test-checkdeps perl-test-without-module perl-moose
failed_pkgs = self.install_from_AUR
attempts = 0
while failed_pkgs != '' and attempts < 5:
self.update_and_upgrade_all()
attempts += 1
packages_to_install = failed_pkgs
failed_pkgs = ''
for pkg_name in packages_to_install.split(' '):
if pkg_name in (None, '', ' '):
continue
try:
self.build_and_install_software_from_archlinux_source(
pkg_name, quiet=True)
self.update_status(' %s' % (pkg_name))
except RuntimeError:
failed_pkgs += ' %s' % (pkg_name)
self.update_status('...OK.')
if failed_pkgs != '':
self.update_status(
['Warning - failed to install%s' % (failed_pkgs)])
# self.update_status(' etc. ')
# self.update_status(( ['Installing %s' % ( self.final_push_packages.replace( ' ', ' ' ).replace( ' ', ', ' ) )] )
chroot_this(self.mountpoint,
'yes "" 2>/dev/null | pacman -S --needed %s' %
(self.final_push_packages),
title_str=self.title_str,
status_lst=self.status_lst,
on_fail='Failed to install final push of packages',
attempts=20)
self.update_and_upgrade_all()
self.update_status_with_newline('...complete.')
def update_and_upgrade_all(self):
logme('ArchlinuxDistro - update_and_upgrade_all() - starting')
# system_or_die( 'sync; sync; sync; sleep 1' )
system_or_die(
'rm -f %s/var/lib/pacman/db.lck; sync; sync; sync; sleep 2; sync; sync; sync; sleep 2'
% (self.mountpoint))
chroot_this(self.mountpoint,
r'yes "" 2>/dev/null | pacman -Syu',
"Failed to upgrade OS",
attempts=5,
title_str=self.title_str,
status_lst=self.status_lst)
system_or_die('sync; sync; sync; sleep 1; sync; sync; sync; sleep 1')
def tweak_speech_synthesis( mountpoint ):
f = open( mountpoint + '/usr/share/festival/festival.scm', 'a' )
f.write( '''
(Parameter.set 'Audio_Method 'Audio_Command)
(Parameter.set 'Audio_Command "aplay -q -c 1 -t raw -f s16 -r $SR $FILE")
''' )
f.close()
write_oneliner_file( '%s/usr/local/bin/sayit.sh' % ( mountpoint ), '''#!/bin/bash
tmpfile=/tmp/$RANDOM$RANDOM$RANDOM
echo "$1" | text2wave > $tmpfile
aplay $tmpfile &> /dev/null
rm -f $tmpfile
''' )
system_or_die( 'chmod +x %s/usr/local/bin/sayit.sh' % ( mountpoint ) )
def install_insecure_browser( mountpoint ):
browser_name = None
original_browser_shortcut_fname = None
for bn in ( 'chromium', 'iceweasel' ):
original_browser_shortcut_fname = '%s/usr/share/applications/%s.desktop' % ( mountpoint, bn )
if os.path.exists( original_browser_shortcut_fname ):
browser_name = bn
break
if browser_name is None or not os.path.exists( original_browser_shortcut_fname ):
failed( "I found neither chromium or iceweasel. I need to clone a desktop file. Grr." )
insecure_browser_shortcut_fname = '%s/usr/share/applications/insecure-%s.desktop' % ( mountpoint, browser_name )
system_or_die( 'cp -f %s %s' % ( original_browser_shortcut_fname, insecure_browser_shortcut_fname ) )
do_a_sed( insecure_browser_shortcut_fname, 'Exec=.*', 'Exec=dillo https://check.torproject.org' )
do_a_sed( insecure_browser_shortcut_fname, 'Name=.*', 'Name=INSECURE BROWSER' )
def setup_onceeverythreeseconds_timer( mountpoint ):
write_oneliner_file( mountpoint + '/usr/local/bin/i_run_every_3s.sh', '''#!/bin/bash
export DISPLAY=:0.0
# Put stuff here if you want it to run every 3s.
# :-)
mhd=`cat /proc/cmdline | tr ' ' '\n' | grep /dev/mmcblk1`
[ "$mhd" = "" ] && mhd=`cat /proc/cmdline | tr ' ' '\n' | grep /dev/mmcblk1`
if [ "$mhd" = "" ] ; then
echo "I failed to discover your home disk from /proc/cmdline"
exit 1
fi
my_home_disk=`echo "$mhd" | tr ':' '\n' | tr '=' '\n' | grep /dev/`
my_home_basename=`basename $my_home_disk`
echo "my_home_basename = $my_home_basename"
uuid_basename=`ls -l /dev/disk/by-id/ | grep "$my_home_disk" | tr '/' '\n' | tail -n1`
uuid_fname=/dev/"$uuid_basename"
echo "uuid_fname = $uuid_fname"
if [ ! -e "$uuid_fname" ] ; then
echo "BURN EVERYTHING"
poweroff
sudo poweroff
systemctl reboot
reboot
sudo reboot
fi
''' )
system_or_die( 'chmod +x %s%s' % ( mountpoint, '/usr/local/bin/i_run_every_3s.sh' ) )
write_oneliner_file( mountpoint + '/etc/systemd/system/i_run_every_3s.service', '''
[Unit]
Description=RunMeEvery3Seconds
[Service]
Type=simple
ExecStart=/usr/local/bin/i_run_every_3s.sh
''' )
write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/i_run_every_3s.timer', '''
[Unit]
Description=Runs RunMeEvery3Seconds every 3 seconds
[Timer]
# Time to wait after booting before we run first time
OnBootSec=1min
# Time between running each consecutive time
OnUnitActiveSec=1min
Unit=i_run_every_3s.service
[Install]
WantedBy=multi-user.target
''' )
def tweak_speech_synthesis(mountpoint):
f = open(mountpoint + '/usr/share/festival/festival.scm', 'a')
f.write('''
(Parameter.set 'Audio_Method 'Audio_Command)
(Parameter.set 'Audio_Command "aplay -q -c 1 -t raw -f s16 -r $SR $FILE")
''')
f.close()
write_oneliner_file(
'%s/usr/local/bin/sayit.sh' % (mountpoint), '''#!/bin/bash
tmpfile=/tmp/$RANDOM$RANDOM$RANDOM
echo "$1" | text2wave > $tmpfile
aplay $tmpfile &> /dev/null
rm -f $tmpfile
''')
system_or_die('chmod +x %s/usr/local/bin/sayit.sh' % (mountpoint))
def install_barebones_root_filesystem(self):
unmount_sys_tmp_proc_n_dev(self.mountpoint)
system_or_die(
'''curl https://www.offensive-security.com/kali-linux-vmware-arm-image-download/ | grep Samsung | cut -d'"' -f4 > /tmp/url.txt'''
)
url = read_oneliner_file('/tmp/url.txt')
assert (url.find('xz') >= 0)
wget(url=url,
extract_to_path=self.mountpoint,
decompression_flag='J',
title_str=self.title_str,
status_lst=self.status_lst,
attempts=1)
mount_sys_tmp_proc_n_dev(self.mountpoint)
return 0
def configure_lxdm_service( mountpoint ):
# if 0 != chroot_this( mountpoint, 'systemctl enable lxdm', attempts = 1 ):
if os.path.exists( '%s/etc/systemd/system/display-manager.service' % ( mountpoint ) ) \
and not os.path.exists( '%s/etc/systemd/system/multi-user.target.wants/display-manager.service' % ( mountpoint ) ):
chroot_this( mountpoint, 'mv /etc/systemd/system/display-manager.service /etc/systemd/system/multi-user.target.wants/' )
if 0 != chroot_this( mountpoint, 'ln -sf /usr/lib/systemd/system/lxdm.service /etc/systemd/system/multi-user.target.wants/display-manager.service' ):
failed( 'Failed to enable lxdm' )
for f in ( 'lxdm', 'display-manager' ):
if os.path.exists( '%s/usr/lib/systemd/system/%s.service' % ( mountpoint, f ) ):
system_or_die( 'cp %s/usr/lib/systemd/system/%s.service /tmp/' % ( mountpoint, f ) )
# if os.path.exists( '%s/usr/lib/systemd/system/lxdm.service' % ( mountpoint ) ):
write_lxdm_service_file( '%s/usr/lib/systemd/system/lxdm.service' % ( mountpoint ) )
chroot_this( mountpoint, 'which lxdm &> /dev/null', on_fail = 'I cannot find lxdm. This is not good.' )
if chroot_this( mountpoint, 'which kdm &> /dev/null' , attempts = 1 ) == 0:
chroot_this( mountpoint, 'systemctl disable kdm', attempts = 1 )
def check_and_if_necessary_fix_password_file(mountpoint, comment):
passwd_file = '%s/etc/passwd' % (mountpoint)
orig_pwd_file = '%s/etc/passwd.before.someone.mucked.it.up' % (mountpoint)
if not os.path.isfile(passwd_file):
logme(
'%s - The passwd file does not exist at all yet. Never mind. Move along. Nothing to see here...'
)
elif os.path.getsize(passwd_file) == 0:
logme(
'%s - Someone created a zero-size password file. OK. I shall restore from backup.'
% (comment))
system_or_die('cp -f %s %s' % (orig_pwd_file, passwd_file))
else:
logme('%s - Checked pw file. It is not non-zero. Good. Backing up...' %
(comment))
system_or_die('cp -f %s %s' % (passwd_file, orig_pwd_file))
def install_chromium_privoxy_wrapper( chrome_path ):
if not os.path.isfile( '%s.forreals' % ( chrome_path ) ):
system_or_die( 'mv %s %s.forreals' % ( chrome_path, chrome_path ) )
write_oneliner_file( '%s' % ( chrome_path ), '''#!/bin/bash
if ps -o pid -C privoxy &>/dev/null && ps -o pid -C tor &>/dev/null ; then
chromium.forreals --proxy-server=http://127.0.0.1:8118 $@
else
export DISPLAY=:0.0
xmessage -buttons Yes:0,No:1,Cancel:2 -default Yes -nearmouse "Run Chromium insecurely?" -timeout 30
res=$?
if [ "$res" -eq "0" ] ; then
chromium.forreals $@
fi
fi
exit $?
''' )
system_or_die( 'chmod +x %s' % ( chrome_path ) )
def tweak_xwindow_for_cbook(mountpoint):
# print( "Installing GUI tweaks" )
system_or_die('rm -Rf %s/etc/X11/xorg.conf.d/' % (mountpoint))
# if os.path.exists( '%s/tmp/.xorg.conf.d.tgz' % ( mountpoint ) ):
# system_or_die( 'tar -zxf %s/tmp/.xorg.conf.d.tgz -C %s' % ( mountpoint, mountpoint ) )
# else:
# system_or_die( 'tar -zxf /tmp/.xorg.conf.d.tgz -C %s' % ( mountpoint ) )
# chroot_this( mountpoint, 'mv /etc/X11/xorg.conf.d /etc/X11/xorg.conf.d.CB.disabled' )
system_or_die('mkdir -p %s/etc/X11/xorg.conf.d/' % (mountpoint))
system_or_die(
'unzip %s/usr/local/bin/Chrubix/blobs/settings/x_alarm_chrubuntu.zip -d %s/etc/X11/xorg.conf.d/ &> /dev/null'
% (
mountpoint,
mountpoint,
), "Failed to extract X11 settings from Chrubuntu")
f = '%s/etc/X11/xorg.conf.d/10-keyboard.conf' % (mountpoint)
if not os.path.isfile(f):
failed('%s not found --- cannot tweak X' % (f))
do_a_sed(f, 'gb', 'us')
system_or_die('mkdir -p %s/etc/tmpfiles.d' % (mountpoint, ))
write_oneliner_file(
mountpoint + '/etc/tmpfiles.d/touchpad.conf',
"f /sys/devices/s3c2440-i2c.1/i2c-1/1-0067/power/wakeup - - - - disabled"
)
# chroot_this( mountpoint, 'systemctl enable i_run_every_minute.timer' )
system_or_die(
'cp -f %s/usr/local/bin/Chrubix/blobs/apps/mtrack_drv.so %s/usr/lib/mtrack.so'
% (mountpoint, mountpoint))
f = open('%s/etc/X11/xorg.conf' % (mountpoint), 'a')
f.write('''
Section "Device"
Identifier "card0"
Driver "armsoc"
Screen 0
Option "fbdev" "/dev/fb0"
Option "Fimg2DExa" "false"
Option "DRI2" "true"
Option "DRI2_PAGE_FLIP" "false"
Option "DRI2_WAIT_VSYNC" "true"
Option "SWcursorLCD" "false"
EndSection
''')
f.close()
def setup_poweroffifunplugdisk_service( mountpoint ):
write_oneliner_file( mountpoint + '/usr/local/bin/poweroff_if_disk_removed.sh', '''#!/bin/bash
export DISPLAY=:0.0
python3 /usr/local/bin/Chrubix/src/poweroff_if_disk_removed.py
exit $?
''' )
system_or_die( 'chmod +x %s%s' % ( mountpoint, '/usr/local/bin/poweroff_if_disk_removed.sh' ) )
write_oneliner_file( mountpoint + '/etc/systemd/system/multi-user.target.wants/poweroff_if_disk_removed.service', '''
[Unit]
Description=PowerOffIfDiskRemoved
[Service]
Type=idle
ExecStart=/usr/local/bin/poweroff_if_disk_removed.sh
[Install]
WantedBy=multi-user.target
''' )
def install_chromium_privoxy_wrapper(chrome_path):
if not os.path.isfile('%s.forreals' % (chrome_path)):
system_or_die('mv %s %s.forreals' % (chrome_path, chrome_path))
write_oneliner_file(
'%s' % (chrome_path), '''#!/bin/bash
if ps -o pid -C privoxy &>/dev/null && ps -o pid -C tor &>/dev/null ; then
chromium.forreals --proxy-server=http://127.0.0.1:8118 $@
else
export DISPLAY=:0.0
xmessage -buttons Yes:0,No:1,Cancel:2 -default Yes -nearmouse "Run Chromium insecurely?" -timeout 30
res=$?
if [ "$res" -eq "0" ] ; then
chromium.forreals $@
fi
fi
exit $?
''')
system_or_die('chmod +x %s' % (chrome_path))
def configure_paranoidguestmode_before_calling_lxdm(password, direct, spoof,
camouflage):
'''
Greeter calls me before it calls lxdm.
This is my chance to set up the XP look, enable MAC spoofing, etc.
'''
# Set password, if appropriate
logme(
'configure_para....() - password=%s, direct=%s, spoof=%s, camouflage=%s'
% (str(password), str(direct), str(spoof), str(camouflage)))
distro = load_distro_record()
logme('At present, windo manager = %s' %
(distro.lxdm_settings['window manager']))
if password in (None, ''):
disable_root_password('/')
else:
set_user_password('root', password)
# Enable MAC spoofing, if appropriate
if spoof: # https://wiki.archlinux.org/index.php/MAC_Address_Spoofing
write_spoof_script_file(
'/etc/NetworkManager/dispatcher.d/99spoofmymac.sh'
) # NetworkManager will run it, automatically, as soon as network goes up/down
system_or_die(
'''macchanger -r `ifconfig | grep lan0 | cut -d':' -f1 | head -n1`'''
)
else:
os.system('rm -f /etc/NetworkManager/dispatcher.d/99spoofmymac.sh')
if camouflage:
distro.lxdm_settings['window manager'] = '/usr/bin/mate-session'
else:
distro.lxdm_settings['window manager'] = distro.lxdm_settings[
'default wm']
distro.lxdm_settings['internet directly'] = direct
save_distro_record(distro)
os.system(
'echo "configure_paranoid... - part E --- BTW, wm is now %s" >> /tmp/log.txt'
% (distro.lxdm_settings['window manager']))
assert (camouflage is False
or (camouflage is True and 0
== os.system('cat /etc/lxdm/lxdm.conf | fgrep mate-session')))
os.system('cp /etc/lxdm/lxdm.conf /etc/lxdm/lxdm.conf.doin-the-doo')
os.system('sync;sync;sync')
def install_final_push_of_packages( self ):
logme( 'ArchlinuxDistro - install_final_push_of_packages() - starting' )
self.update_status( 'Installed' )
for my_fname in ( 'ssss-0.5-3-armv7h.pkg.tar.xz', 'florence-0.6.2-1-armv7h.pkg.tar.xz' ):
try:
system_or_die( 'cp /usr/local/bin/Chrubix/blobs/apps/%s /%s/tmp/' % ( my_fname, self.mountpoint ) )
except RuntimeError:
wget( url = 'https://dl.dropboxusercontent.com/u/59916027/chrubix/%s' % ( my_fname ), \
save_as_file = '%s/tmp/%s' % ( self.mountpoint, my_fname ), \
status_lst = self.status_lst, \
title_str = self.title_str )
if 0 == chroot_this( self.mountpoint, 'yes "" | pacman -U /tmp/%s' % ( my_fname ) ):
self.update_status( ' ' + my_fname.split( '-' )[0] )
# else:
# failed( 'Failed to install ' + my_fname.split( '-' )[0])
# perl-cpan-meta-check perl-class-load-xs perl-eval-closure perl-mro-compat perl-package-depreciationmanager perl-sub-name perl-task-weaken \
# perl-test-checkdeps perl-test-without-module perl-moose
failed_pkgs = self.install_from_AUR
attempts = 0
while failed_pkgs != '' and attempts < 5:
self.update_and_upgrade_all()
attempts += 1
packages_to_install = failed_pkgs
failed_pkgs = ''
for pkg_name in packages_to_install.split( ' ' ):
if pkg_name in ( None, '', ' ' ):
continue
try:
self.build_and_install_software_from_archlinux_source( pkg_name, quiet = True )
self.update_status( ' %s' % ( pkg_name ) )
except RuntimeError:
failed_pkgs += ' %s' % ( pkg_name )
self.update_status( '...OK.' )
if failed_pkgs != '':
self.update_status( ['Warning - failed to install%s' % ( failed_pkgs )] )
# self.update_status(' etc. ')
# self.update_status(( ['Installing %s' % ( self.final_push_packages.replace( ' ', ' ' ).replace( ' ', ', ' ) )] )
chroot_this( self.mountpoint, 'yes "" 2>/dev/null | pacman -S --needed %s' % ( self.final_push_packages ), title_str = self.title_str, status_lst = self.status_lst,
on_fail = 'Failed to install final push of packages', attempts = 20 )
self.update_and_upgrade_all()
self.update_status_with_newline( '...complete.' )
def download_package_source( self, package_name, filenames_lst = None ):
logme( 'ArchlinuxDistro - download_package_source() - starting' )
# self.update_status(( [ "Downloading %s package into %s OS" % ( package_name, self.name ) ] )
system_or_die( 'mkdir -p %s/%s/%s' % ( self.mountpoint, self.sources_basedir, package_name ) )
os.chdir( '%s/%s/%s' % ( self.mountpoint, self.sources_basedir, package_name ) )
if os.path.isfile( '%s/%s/%s/PKGBUILD' % ( self.mountpoint, self.sources_basedir, package_name ) ):
self.update_status( '' ) # += "." # ..Still working" # No need to download anything. We have PKGBUILD already.
elif filenames_lst in ( None, [] ):
url = 'aur.archlinux.org/packages/%s/%s/%s.tar.gz' % ( package_name[:2], package_name, package_name )
wget( url = url, extract_to_path = '%s/%s' % ( self.mountpoint, self.sources_basedir ), quiet = True , title_str = self.title_str, status_lst = self.status_lst )
else:
for fname in filenames_lst:
file_to_download = '%s/%s/%s/%s' % ( self.mountpoint, self.sources_basedir, package_name, fname )
try:
os.unlink( file_to_download )
except IOError:
pass
wget( url = 'http://projects.archlinux.org/svntogit/packages.git/plain/trunk/%s?h=packages/%s' \
% ( fname, package_name ), save_as_file = file_to_download, attempts = 20,
quiet = True, title_str = self.title_str, status_lst = self.status_lst )
system_or_die( 'mv PKGBUILD PKGBUILD.ori' )
system_or_die( r"cat PKGBUILD.ori | sed s/march/phr34k/ | sed s/\'libutil-linux\'// | sed s/\'java-service-wrapper\'// | sed s/arch=\(.*/arch=\(\'%s\'\)/ | sed s/phr34k/march/ > PKGBUILD" % ( self.architecture ) )
chroot_this( self.mountpoint, 'chown -R guest %s/%s' % ( self.sources_basedir, package_name ) )
call_makepkg_or_die( mountpoint = self.mountpoint, \
package_path = '%s/%s' % ( self.sources_basedir, package_name ), \
cmd = 'cd %s/%s && makepkg --skipchecksums --nobuild -f' % ( self.sources_basedir, package_name ),
errtxt = 'Failed to download %s' % ( package_name ) )
return 0
def configure_lxdm_onetime_changes( mountpoint ):
if os.path.exists( '%s/etc/.first_time_ever' % ( mountpoint ) ):
logme( 'configure_lxdm_onetime_changes() has already run.' )
return
if 0 != chroot_this( mountpoint, 'which lxdm' ):
failed( 'You haven ot installed LXDM yet.' )
f = '%s/etc/WindowMaker/WindowMaker' % ( mountpoint )
if os.path.isfile( f ):
do_a_sed( f, 'MouseLeftButton', 'flibbertygibbet' )
do_a_sed( f, 'MouseRightButton', 'MouseLeftButton' )
do_a_sed( f, 'flibbertygibbet', 'MouseRightButton' )
# system_or_die( 'echo "ps wax | fgrep mate-session | fgrep -v grep && mpg123 /etc/.mp3/xpshutdown.mp3" >> %s/etc/lxdm/PreLogout' % ( mountpoint ) )
append_startx_addendum( '%s/etc/lxdm/Xsession' % ( mountpoint ) ) # Append. Don't replace.
append_startx_addendum( '%s/etc/X11/xinit/xinitrc' % ( mountpoint ) ) # Append. Don't replace.
write_lxdm_pre_login_file( mountpoint, '%s/etc/lxdm/PreLogin' % ( mountpoint ) )
write_lxdm_post_logout_file( '%s/etc/lxdm/PostLogout' % ( mountpoint ) )
write_lxdm_post_login_file( '%s/etc/lxdm/PostLogin' % ( mountpoint ) )
write_lxdm_pre_reboot_or_shutdown_file( '%s/etc/lxdm/PreReboot' % ( mountpoint ), 'reboot' )
write_lxdm_pre_reboot_or_shutdown_file( '%s/etc/lxdm/PreShutdown' % ( mountpoint ), 'shutdown' )
write_login_ready_file( '%s/etc/lxdm/LoginReady' % ( mountpoint ) )
if 0 == chroot_this( mountpoint, 'which iceweasel > /tmp/.where_is_it.txt' ) \
or 0 == chroot_this( mountpoint, 'which chromium > /tmp/.where_is_it.txt' ):
webbrowser = read_oneliner_file( '%s/tmp/.where_is_it.txt' % ( mountpoint ) ).strip()
logme( 'webbrowser = %s' % ( webbrowser ) )
else:
failed( 'Which web browser should I use? I cannot find iceweasel. I cannot find chrome. I cannot find firefox...' )
append_lxdm_xresources_addendum( '%s/root/.Xresources' % ( mountpoint ), webbrowser )
system_or_die( 'echo ". /etc/X11/xinitrc/xinitrc" >> %s/etc/lxdm/Xsession' % ( mountpoint ) )
do_a_sed( '%s/etc/X11/xinit/xinitrc' % ( mountpoint ), '.*xterm.*', '' )
do_a_sed( '%s/etc/X11/xinit/xinitrc' % ( mountpoint ), 'exec .*', '' ) # exec /usr/local/bin/ersatz_lxdm.sh' )
# system_or_die( 'echo "exec /usr/local/bin/ersatz_lxdm.sh" >> %s/etc/xinitrc/xinitrc' % ( mountpoint ) ) # start (Python) greeter at end of
write_oneliner_file( '%s/etc/.first_time_ever' % ( mountpoint ), 'yep' )
assert( os.path.exists( '%s/etc/lxdm/lxdm.conf' % ( mountpoint ) ) )
chroot_this( mountpoint, 'chmod +x /etc/lxdm/P*' )
chroot_this( mountpoint, 'chmod +x /etc/lxdm/L*' )
if os.path.exists( '%s/etc/init/lxdm.conf' % ( mountpoint ) ):
do_a_sed( '%s/etc/init/lxdm.conf' % ( mountpoint ), 'exec lxdm-binary.*', 'exec ersatz_lxdm.sh' )
do_a_sed( '%s/etc/init/lxdm.conf' % ( mountpoint ), '/usr/sbin/lxdm', '/usr/local/bin/ersatz_lxdm.sh' )
def write_boom_script( mountpoint, devices ):
fname_out = '%s/usr/local/bin/boom.sh' % ( mountpoint )
wipe_devices = ''
for dev in devices:
wipe_devices += '''dd if=/dev/urandom of=%s bs=1024k count=1 2> /dev/null
''' % ( dev )
write_oneliner_file( fname_out, '''#!/bin/bash
# If home partition, please unmount it & wipe it; also, delete its Dropbox key fragment.
# .... Yep. Here.
# Next, wipe all initial sectors
%s
sync;sync;sync # :-)
# Finally, instant shutdown! Yeah!
echo 3 > /proc/sys/kernel/printk
echo 3 > /proc/sys/vm/drop_caches
echo 256 > /proc/sys/vm/min_free_kbytes
echo 1 > /proc/sys/vm/overcommit_memory
echo 1 > /proc/sys/vm/oom_kill_allocating_task
echo 0 > /proc/sys/vm/oom_dump_tasks
echo 1 > /proc/sys/kernel/sysrq
echo o > /proc/sysrq-trigger
''' % ( wipe_devices ) )
system_or_die( 'chmod +x %s' % ( fname_out ) )
def install_insecure_browser(mountpoint):
browser_name = None
original_browser_shortcut_fname = None
for bn in ('chromium', 'iceweasel'):
original_browser_shortcut_fname = '%s/usr/share/applications/%s.desktop' % (
mountpoint, bn)
if os.path.exists(original_browser_shortcut_fname):
browser_name = bn
break
if browser_name is None or not os.path.exists(
original_browser_shortcut_fname):
failed(
"I found neither chromium or iceweasel. I need to clone a desktop file. Grr."
)
insecure_browser_shortcut_fname = '%s/usr/share/applications/insecure-%s.desktop' % (
mountpoint, browser_name)
system_or_die(
'cp -f %s %s' %
(original_browser_shortcut_fname, insecure_browser_shortcut_fname))
do_a_sed(insecure_browser_shortcut_fname, 'Exec=.*',
'Exec=dillo https://check.torproject.org')
do_a_sed(insecure_browser_shortcut_fname, 'Name=.*',
'Name=INSECURE BROWSER')
def install_iceweasel_mozilla_settings(mountpoint, path):
logme('install_iceweasel_mozilla_settings(%s,%s) --- entering' %
(mountpoint, path))
dirname = os.path.dirname(path)
basename = os.path.basename(path)
username = os.path.basename(path)
if username[0] == '.':
username = username[
1:] # just in case the path is '.guest' => user is 'guest'
assert (path.count('/') == 2)
assert (os.path.exists('%s/home/guest' % (mountpoint)))
system_or_die(
'tar -zxf /usr/local/bin/Chrubix/blobs/settings/iceweasel-moz.tgz -C %s%s'
% (mountpoint, path))
# for stub in ( '.gtkrc-2.0', '.config/chromium/Default/Preferences', '.config/chromium/Local State' ):
# do_a_sed( '%s/home/%s/%s' % ( mountpoint, user_name, stub ), GUEST_HOMEDIR, '/home/%s' % ( user_name ) )
f = '%s%s/.mozilla/firefox/ygkwzm8s.default/secmod.db' % (mountpoint, path)
logme('f = %s' % (f))
assert (os.path.exists(f))
s = r"cat %s | sed s/'\/home\/wharbargl\/'/'\/%s\/%s\/'/ > %s.new" % (
f, dirname.strip('/'), basename.strip('/'), f)
logme('calling ==> %s' % (s))
if 0 != os.system(
s
): # do_a_sed() does not work. That's why we are using the sed binary instead.
logme('WARNING - failed to install iceweasel settings for %s' %
(username))
os.system(
'xmessage -buttons OK:0 -default Yes -nearmouse "install_iceweasel_mozilla_settings() is broken" -timeout 30'
)
else:
system_or_die('mv %s.new %s' % (f, f))
chroot_this(mountpoint, 'chown -R %s %s' % (username, path))
assert (os.path.exists(f))
logme('install_iceweasel_mozilla_settings() --- leaving')
def write_boom_script(mountpoint, devices):
fname_out = '%s/usr/local/bin/boom.sh' % (mountpoint)
wipe_devices = ''
for dev in devices:
wipe_devices += '''dd if=/dev/urandom of=%s bs=1024k count=1 2> /dev/null
''' % (dev)
write_oneliner_file(
fname_out, '''#!/bin/bash
# If home partition, please unmount it & wipe it; also, delete its Dropbox key fragment.
# .... Yep. Here.
# Next, wipe all initial sectors
%s
sync;sync;sync # :-)
# Finally, instant shutdown! Yeah!
echo 3 > /proc/sys/kernel/printk
echo 3 > /proc/sys/vm/drop_caches
echo 256 > /proc/sys/vm/min_free_kbytes
echo 1 > /proc/sys/vm/overcommit_memory
echo 1 > /proc/sys/vm/oom_kill_allocating_task
echo 0 > /proc/sys/vm/oom_dump_tasks
echo 1 > /proc/sys/kernel/sysrq
echo o > /proc/sysrq-trigger
''' % (wipe_devices))
system_or_die('chmod +x %s' % (fname_out))
def setup_poweroffifunplugdisk_service(mountpoint):
write_oneliner_file(
mountpoint + '/usr/local/bin/poweroff_if_disk_removed.sh',
'''#!/bin/bash
export DISPLAY=:0.0
python3 /usr/local/bin/Chrubix/src/poweroff_if_disk_removed.py
exit $?
''')
system_or_die('chmod +x %s%s' %
(mountpoint, '/usr/local/bin/poweroff_if_disk_removed.sh'))
write_oneliner_file(
mountpoint +
'/etc/systemd/system/multi-user.target.wants/poweroff_if_disk_removed.service',
'''
[Unit]
Description=PowerOffIfDiskRemoved
[Service]
Type=idle
ExecStart=/usr/local/bin/poweroff_if_disk_removed.sh
[Install]
WantedBy=multi-user.target
''')
def install_panicbutton_scripting(mountpoint, boomfname):
# print( "Configuring acpi" )
system_or_die('mkdir -p %s/etc/tmpfiles.d' % (mountpoint))
write_oneliner_file( '%s/etc/tmpfiles.d/brightness.conf' % ( mountpoint ), \
'''f /sys/class/backlight/pwm-backlight.0/brightness 0666 - - - 800
''' )
powerbuttonpushed_fname = '/usr/local/bin/power_button_pushed.sh'
write_oneliner_file(
'%s%s' % (mountpoint, powerbuttonpushed_fname), '''#!/bin/bash
ctrfile=/etc/.pwrcounter
[ -e "$ctrfile" ] || echo 0 > $ctrfile
counter=`cat $ctrfile`
time_since_last_pushed=$((`date +%%s`-`stat -c %%Y $ctrfile`))
[ "$time_since_last_pushed" -le "1" ] || counter=0
counter=$(($counter+1))
echo $counter > $ctrfile
if [ "$counter" -ge "10" ]; then
echo "Power button was pushed 10 times in rapid succession" > %s
exec /usr/local/bin/boom.sh
fi
exit 0
''' % (boomfname))
system_or_die('chmod +x %s%s' % (mountpoint, powerbuttonpushed_fname))
# Setup power button (10x => boom)
handler_sh_file = '%s/etc/acpi/handler.sh' % (mountpoint)
if os.path.isfile(handler_sh_file):
# ARCHLINUX
do_a_sed(handler_sh_file, "logger 'LID closed'",
"logger 'LID closed'; systemctl suspend")
do_a_sed(
handler_sh_file, "logger 'PowerButton pressed'",
"logger 'PowerButton pressed'; /usr/local/bin/power_button_pushed.sh"
)
system_or_die('chmod +x %s' % (handler_sh_file))
elif os.path.isdir('%s/etc/acpi/events' % (mountpoint)) and 0 == os.system(
'cat %s/etc/acpi/powerbtn-acpi-support.sh | fgrep /etc/acpi/powerbtn.sh >/dev/null'
% (mountpoint)):
# DEBIAN
system_or_die('ln -sf %s %s/etc/acpi/powerbtn.sh' %
(powerbuttonpushed_fname, mountpoint))
else:
failed('How do I hook power button into this distro?')
# activate acpi (sort of)
chroot_this(mountpoint, 'systemctl enable acpid')
def install_panicbutton_scripting( mountpoint, boomfname ):
# print( "Configuring acpi" )
system_or_die( 'mkdir -p %s/etc/tmpfiles.d' % ( mountpoint ) )
write_oneliner_file( '%s/etc/tmpfiles.d/brightness.conf' % ( mountpoint ), \
'''f /sys/class/backlight/pwm-backlight.0/brightness 0666 - - - 800
''' )
powerbuttonpushed_fname = '/usr/local/bin/power_button_pushed.sh'
write_oneliner_file( '%s%s' % ( mountpoint, powerbuttonpushed_fname ), '''#!/bin/bash
ctrfile=/etc/.pwrcounter
[ -e "$ctrfile" ] || echo 0 > $ctrfile
counter=`cat $ctrfile`
time_since_last_pushed=$((`date +%%s`-`stat -c %%Y $ctrfile`))
[ "$time_since_last_pushed" -le "1" ] || counter=0
counter=$(($counter+1))
echo $counter > $ctrfile
if [ "$counter" -ge "10" ]; then
echo "Power button was pushed 10 times in rapid succession" > %s
exec /usr/local/bin/boom.sh
fi
exit 0
''' % ( boomfname ) )
system_or_die( 'chmod +x %s%s' % ( mountpoint, powerbuttonpushed_fname ) )
# Setup power button (10x => boom)
handler_sh_file = '%s/etc/acpi/handler.sh' % ( mountpoint )
if os.path.isfile( handler_sh_file ):
# ARCHLINUX
do_a_sed( handler_sh_file, "logger 'LID closed'", "logger 'LID closed'; systemctl suspend" )
do_a_sed( handler_sh_file, "logger 'PowerButton pressed'", "logger 'PowerButton pressed'; /usr/local/bin/power_button_pushed.sh" )
system_or_die( 'chmod +x %s' % ( handler_sh_file ) )
elif os.path.isdir( '%s/etc/acpi/events' % ( mountpoint ) ) and 0 == os.system( 'cat %s/etc/acpi/powerbtn-acpi-support.sh | fgrep /etc/acpi/powerbtn.sh >/dev/null' % ( mountpoint ) ):
# DEBIAN
system_or_die( 'ln -sf %s %s/etc/acpi/powerbtn.sh' % ( powerbuttonpushed_fname, mountpoint ) )
else:
failed( 'How do I hook power button into this distro?' )
# activate acpi (sort of)
chroot_this( mountpoint, 'systemctl enable acpid' )
def download_package_source(self, package_name, filenames_lst=None):
logme('ArchlinuxDistro - download_package_source() - starting')
# self.update_status(( [ "Downloading %s package into %s OS" % ( package_name, self.name ) ] )
system_or_die('mkdir -p %s/%s/%s' %
(self.mountpoint, self.sources_basedir, package_name))
os.chdir('%s/%s/%s' %
(self.mountpoint, self.sources_basedir, package_name))
if os.path.isfile(
'%s/%s/%s/PKGBUILD' %
(self.mountpoint, self.sources_basedir, package_name)):
self.update_status(
''
) # += "." # ..Still working" # No need to download anything. We have PKGBUILD already.
elif filenames_lst in (None, []):
url = 'aur.archlinux.org/packages/%s/%s/%s.tar.gz' % (
package_name[:2], package_name, package_name)
wget(url=url,
extract_to_path='%s/%s' %
(self.mountpoint, self.sources_basedir),
quiet=True,
title_str=self.title_str,
status_lst=self.status_lst)
else:
for fname in filenames_lst:
file_to_download = '%s/%s/%s/%s' % (
self.mountpoint, self.sources_basedir, package_name, fname)
try:
os.unlink(file_to_download)
except IOError:
pass
wget( url = 'http://projects.archlinux.org/svntogit/packages.git/plain/trunk/%s?h=packages/%s' \
% ( fname, package_name ), save_as_file = file_to_download, attempts = 20,
quiet = True, title_str = self.title_str, status_lst = self.status_lst )
system_or_die('mv PKGBUILD PKGBUILD.ori')
system_or_die(
r"cat PKGBUILD.ori | sed s/march/phr34k/ | sed s/\'libutil-linux\'// | sed s/\'java-service-wrapper\'// | sed s/arch=\(.*/arch=\(\'%s\'\)/ | sed s/phr34k/march/ > PKGBUILD"
% (self.architecture))
chroot_this(
self.mountpoint,
'chown -R guest %s/%s' % (self.sources_basedir, package_name))
call_makepkg_or_die( mountpoint = self.mountpoint, \
package_path = '%s/%s' % ( self.sources_basedir, package_name ), \
cmd = 'cd %s/%s && makepkg --skipchecksums --nobuild -f' % ( self.sources_basedir, package_name ),
errtxt = 'Failed to download %s' % ( package_name ) )
return 0
import urwid
if __name__ == "__main__":
logme('stage2.py --- starting')
testval = urwid # stop silly warning in Eclipse
distro = chrubix.load_distro_record()
distro.mountpoint = '/'
# Rebuild etc. shouldn't be necessary. Stage 1 took care of all that jazz.
# Rebuild kernel, mk*fs, cryptsetup w/ KTHX and PHEZ enabled... but re-use the original kthx special code, please!
# Build; install them (on myself)
# mkfs.xfs (?) /dev/mmcblk1p2
distro.update_status_with_newline('*** STAGE 2 INSTALLING! ***')
# distro.update_status_with_newline( 'kernel dev = %s; spare dev = %s; root dev = %s' % ( distro.kernel_dev, distro.spare_dev, distro.root_dev ) )
system_or_die(
'%s %s %s' %
(distro.crypto_filesystem_mkfs_binary,
distro.crypto_filesystem_formatting_options, distro.spare_dev),
status_lst=distro.status_lst,
title_str=distro.title_str)
# system_or_die( 'yes Y | mkfs -t ext4 %s' % ( distro.spare_dev ), status_lst = distro.status_lst, title_str = distro.title_str )
# mount it
# system_or_die( 'mkdir -p /tmp/.p2' )
# system_or_die( 'mount %s /tmp/.p2' % ( distro.spare_dev ) )
# distro.remove_all_junk()
distro.update_status_with_newline(
'Building a squashfs and installing kernel')
res = distro.squash_OS(
prefixpath='/tmp/.p2'
) # Compress filesystem => sqfs. Also rebuild+install MBR, initramfs, etc.
if res != 0:
distro.update_status_with_newline('I failed abysmally.')
print("FAILED ABYSMALLY.\n")
def install_iceweasel_privoxy_wrapper(iceweasel_path):
if not os.path.isfile('%s.forreals' % (iceweasel_path)):
system_or_die('mv %s %s.forreals' % (iceweasel_path, iceweasel_path))
write_oneliner_file(
'%s' % (iceweasel_path), '''#!/bin/bash
chop_up_broadway() {
lines=`wc -l prefs.js | cut -d' ' -f1`
startlines=`grep -n "network" prefs.js | cut -d':' -f1 | head -n1`
endlines=$(($lines-$startlines))
cat prefs.js | fgrep -v browser.search > prefs.js.orig
cat prefs.js.orig | head -n$startlines > prefs.js
echo "user_pref(\\\"network.proxy.backup.ftp_port\\\", 8118);
user_pref(\\\"network.proxy.backup.socks_port\\\", 8118);
user_pref(\\\"network.proxy.backup.ssl_port\\\", 8118);
user_pref(\\\"network.proxy.ftp_port\\\", 8118);
user_pref(\\\"network.proxy.http_port\\\", 8118);
user_pref(\\\"network.proxy.socks_port\\\", 8118);
user_pref(\\\"network.proxy.ssl_port\\\", 8118);
user_pref(\\\"network.proxy.ftp\\\", \\\"127.0.0.1\\\");
user_pref(\\\"network.proxy.http\\\", \\\"127.0.0.1\\\");
user_pref(\\\"network.proxy.socks\\\", \\\"127.0.0.1\\\");
user_pref(\\\"network.proxy.ssl\\\", \\\"127.0.0.1\\\");
user_pref(\\\"network.proxy.type\\\", 1);
user_pref(\\\"browser.search.defaultenginename\\\", \\\"DuckDuckGo HTML\\\");
user_pref(\\\"browser.search.selectedEngine\\\", \\\"DuckDuckGo HTML\\\");
" >> prefs.js
cat prefs.js.orig | tail -n$endlines >> prefs.js
}
# --------------------------------------------------------------
cd ~/.mozilla/firefox/*.default*/
#if ! cat prefs.js | grep 8118 ; then
chop_up_broadway
#fi
#exit 0
if [ "$USER" = "root" ] || [ "$UID" = "0" ] ; then
echo "Someone is trying to launch this web browser as root. I refuse!"
exit 1
fi
if ps -o pid -C privoxy &>/dev/null && ps -o pid -C tor &>/dev/null ; then
http_proxy=http://127.0.0.1:8118 iceweasel.forreals $@
else
export DISPLAY=:0.0
xmessage -buttons Yes:0,No:1,Cancel:2 -default Yes -nearmouse "Run iceweasel insecurely?" -timeout 30
res=$?
if [ "$res" -eq "0" ] ; then
http_proxy= iceweasel.forreals $@
fi
fi
exit $?
''')
system_or_die('chmod +x %s' % (iceweasel_path))
pretend_chromium = os.path.dirname(iceweasel_path) + '/chromium'
assert (not os.path.exists(pretend_chromium))
system_or_die('ln -sf iceweasel %s' % (pretend_chromium))
def install_iceweasel_privoxy_wrapper( iceweasel_path ):
if not os.path.isfile( '%s.forreals' % ( iceweasel_path ) ):
system_or_die( 'mv %s %s.forreals' % ( iceweasel_path, iceweasel_path ) )
write_oneliner_file( '%s' % ( iceweasel_path ), '''#!/bin/bash
chop_up_broadway() {
lines=`wc -l prefs.js | cut -d' ' -f1`
startlines=`grep -n "network" prefs.js | cut -d':' -f1 | head -n1`
endlines=$(($lines-$startlines))
cat prefs.js | fgrep -v browser.search > prefs.js.orig
cat prefs.js.orig | head -n$startlines > prefs.js
echo "user_pref(\\\"network.proxy.backup.ftp_port\\\", 8118);
user_pref(\\\"network.proxy.backup.socks_port\\\", 8118);
user_pref(\\\"network.proxy.backup.ssl_port\\\", 8118);
user_pref(\\\"network.proxy.ftp_port\\\", 8118);
user_pref(\\\"network.proxy.http_port\\\", 8118);
user_pref(\\\"network.proxy.socks_port\\\", 8118);
user_pref(\\\"network.proxy.ssl_port\\\", 8118);
user_pref(\\\"network.proxy.ftp\\\", \\\"127.0.0.1\\\");
user_pref(\\\"network.proxy.http\\\", \\\"127.0.0.1\\\");
user_pref(\\\"network.proxy.socks\\\", \\\"127.0.0.1\\\");
user_pref(\\\"network.proxy.ssl\\\", \\\"127.0.0.1\\\");
user_pref(\\\"network.proxy.type\\\", 1);
user_pref(\\\"browser.search.defaultenginename\\\", \\\"DuckDuckGo HTML\\\");
user_pref(\\\"browser.search.selectedEngine\\\", \\\"DuckDuckGo HTML\\\");
" >> prefs.js
cat prefs.js.orig | tail -n$endlines >> prefs.js
}
# --------------------------------------------------------------
cd ~/.mozilla/firefox/*.default*/
#if ! cat prefs.js | grep 8118 ; then
chop_up_broadway
#fi
#exit 0
if [ "$USER" = "root" ] || [ "$UID" = "0" ] ; then
echo "Someone is trying to launch this web browser as root. I refuse!"
exit 1
fi
if ps -o pid -C privoxy &>/dev/null && ps -o pid -C tor &>/dev/null ; then
http_proxy=http://127.0.0.1:8118 iceweasel.forreals $@
else
export DISPLAY=:0.0
xmessage -buttons Yes:0,No:1,Cancel:2 -default Yes -nearmouse "Run iceweasel insecurely?" -timeout 30
res=$?
if [ "$res" -eq "0" ] ; then
http_proxy= iceweasel.forreals $@
fi
fi
exit $?
''' )
system_or_die( 'chmod +x %s' % ( iceweasel_path ) )
pretend_chromium = os.path.dirname( iceweasel_path ) + '/chromium'
assert( not os.path.exists( pretend_chromium ) )
system_or_die( 'ln -sf iceweasel %s' % ( pretend_chromium ) )
def update_and_upgrade_all( self ):
logme( 'ArchlinuxDistro - update_and_upgrade_all() - starting' )
# system_or_die( 'sync; sync; sync; sleep 1' )
system_or_die( 'rm -f %s/var/lib/pacman/db.lck; sync; sync; sync; sleep 2; sync; sync; sync; sleep 2' % ( self.mountpoint ) )
chroot_this( self.mountpoint, r'yes "" 2>/dev/null | pacman -Syu', "Failed to upgrade OS", attempts = 5, title_str = self.title_str, status_lst = self.status_lst )
system_or_die( 'sync; sync; sync; sleep 1; sync; sync; sync; sleep 1' )
distro.install_expatriate_software_into_a_debianish_OS(
package_name = pkg,
method = how_we_do_it )
good_list.append( pkg )
except ( IOError, SyntaxError, RuntimeError ):
bad_list.append( pkg )
print( "good:", good_list )
print( "bad :", bad_list )
elif argv[2] == 'logmein':
distro = load_distro_record( '/' if os.system( 'cat /proc/cmdline 2>/dev/null | fgrep root=/dev/dm-0 > /dev/null' ) != 0 else MYDISK_MTPT )
for cmd in (
'mkdir -p /tmp/.sda2',
'mount /dev/sda2 /tmp/.sda2',
'/usr/local/bin/redo_mbr.sh > /tmp/.sda2/log_me_in.sh'
):
system_or_die( cmd )
os.system( 'sync;sync;sync;sync' )
system_or_die( 'umount /tmp/.sda2' )
elif argv[2] == 'build-from-debian':
distro = generate_distro_record_from_name( argv[3] )
distro.mountpoint = MYDISK_MTPT
pkg = argv[4]
distro.build_and_install_package_from_debian_source( pkg, 'jessie' )
elif argv[2] == 'build-from-jessie-for-stretch':
distro = generate_distro_record_from_name( 'debianstretch' )
distro.mountpoint = '/'
distro.build_and_install_package_from_debian_source( argv[3], 'jessie' )
# sys.exit( 0 )
print( "Building %s from Deb-ish => %s" % ( pkg, argv[3] ) )
distro.build_and_install_package_from_debian_source( pkg, 'wheezy' if argv[3] == 'debianwheezy' else 'jessie' )
elif argv[2] == 'build-from-ubuntu':
import urwid
if __name__ == "__main__":
logme( 'stage2.py --- starting' )
testval = urwid # stop silly warning in Eclipse
distro = chrubix.load_distro_record()
distro.mountpoint = '/'
# Rebuild etc. shouldn't be necessary. Stage 1 took care of all that jazz.
# Rebuild kernel, mk*fs, cryptsetup w/ KTHX and PHEZ enabled... but re-use the original kthx special code, please!
# Build; install them (on myself)
# mkfs.xfs (?) /dev/mmcblk1p2
distro.update_status_with_newline( '*** STAGE 2 INSTALLING! ***' )
# distro.update_status_with_newline( 'kernel dev = %s; spare dev = %s; root dev = %s' % ( distro.kernel_dev, distro.spare_dev, distro.root_dev ) )
system_or_die( '%s %s %s' % ( distro.crypto_filesystem_mkfs_binary, distro.crypto_filesystem_formatting_options, distro.spare_dev ), status_lst = distro.status_lst, title_str = distro.title_str )
# system_or_die( 'yes Y | mkfs -t ext4 %s' % ( distro.spare_dev ), status_lst = distro.status_lst, title_str = distro.title_str )
# mount it
# system_or_die( 'mkdir -p /tmp/.p2' )
# system_or_die( 'mount %s /tmp/.p2' % ( distro.spare_dev ) )
# distro.remove_all_junk()
distro.update_status_with_newline( 'Building a squashfs and installing kernel' )
res = distro.squash_OS( prefixpath = '/tmp/.p2' ) # Compress filesystem => sqfs. Also rebuild+install MBR, initramfs, etc.
if res != 0:
distro.update_status_with_newline( 'I failed abysmally.' )
print( "FAILED ABYSMALLY.\n" )
print( "Type 'exit' to reboot\n" )
os.system( 'bash' )
else:
distro.update_status_with_newline( 'Done. Success!' )
os.system( 'clear' )
for pkg in dct[how_we_do_it]:
try:
distro.install_expatriate_software_into_a_debianish_OS(
package_name=pkg, method=how_we_do_it)
good_list.append(pkg)
except (IOError, SyntaxError, RuntimeError):
bad_list.append(pkg)
print("good:", good_list)
print("bad :", bad_list)
elif argv[2] == 'logmein':
distro = load_distro_record('/' if os.system(
'cat /proc/cmdline 2>/dev/null | fgrep root=/dev/dm-0 > /dev/null'
) != 0 else MYDISK_MTPT)
for cmd in ('mkdir -p /tmp/.sda2', 'mount /dev/sda2 /tmp/.sda2',
'/usr/local/bin/redo_mbr.sh > /tmp/.sda2/log_me_in.sh'):
system_or_die(cmd)
os.system('sync;sync;sync;sync')
system_or_die('umount /tmp/.sda2')
elif argv[2] == 'build-from-debian':
distro = generate_distro_record_from_name(argv[3])
distro.mountpoint = MYDISK_MTPT
pkg = argv[4]
distro.build_and_install_package_from_debian_source(pkg, 'jessie')
elif argv[2] == 'build-from-jessie-for-stretch':
distro = generate_distro_record_from_name('debianstretch')
distro.mountpoint = '/'
distro.build_and_install_package_from_debian_source(argv[3], 'jessie')
# sys.exit( 0 )
print("Building %s from Deb-ish => %s" % (pkg, argv[3]))
distro.build_and_install_package_from_debian_source(
pkg, 'wheezy' if argv[3] == 'debianwheezy' else 'jessie')
