diff --git a/.gitignore b/.gitignore
index cb1e7b6..f8d599a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -25,6 +25,7 @@
**/etc/openvpn
**/etc/ssh
**/home
+**/root
etc/systemd/system/multi-user.target.wants/openvpn@client.service
**ssl/
!**ssl/.keepme
diff --git a/bdisk/bchroot.py b/bdisk/bchroot.py
index 06f020c..4000c99 100755
--- a/bdisk/bchroot.py
+++ b/bdisk/bchroot.py
@@ -54,6 +54,7 @@ def chroot(chrootdir, chroot_hostname, cmd = '/root/pre-build.sh'):
print("You can view the progress via:\n\n\ttail -f {0}/var/log/chroot_install.log\n".format(chrootdir))
real_root = os.open("/", os.O_RDONLY)
os.chroot(chrootdir)
+ os.system('locale-gen')
os.system('/root/pre-build.sh')
os.fchdir(real_root)
os.chroot('.')
diff --git a/bdisk/bdisk.py b/bdisk/bdisk.py
index 55f36bb..98d685c 100755
--- a/bdisk/bdisk.py
+++ b/bdisk/bdisk.py
@@ -3,6 +3,7 @@ import host
import prep
import bchroot
import build
+import datetime
# we need to:
# 9.) build.genImg (TODO)- build the squashed image, etc. see will_it_blend in old bdisk
@@ -11,6 +12,7 @@ import build
# we also need to figure out how to implement "mentos" (old bdisk) like functionality, letting us reuse an existing chroot install if possible to save time for future builds.
# if not, though, it's no big deal.
if __name__ == '__main__':
+ print('Starting at {0}.'.format(datetime.datetime.now()))
conf = host.parseConfig(host.getConfig())[1]
prep.dirChk(conf)
prep.buildChroot(conf['build'])
@@ -23,3 +25,4 @@ if __name__ == '__main__':
build.genImg(conf['build'], conf['bdisk'])
build.genUEFI(conf['build'], conf['bdisk'])
build.genISO(conf)
+ print('Finished successfully at {0}.'.format(datetime.datetime.now()))
diff --git a/bdisk/build.py b/bdisk/build.py
index 87e7264..60ea991 100755
--- a/bdisk/build.py
+++ b/bdisk/build.py
@@ -88,7 +88,7 @@ def genUEFI(build, bdisk):
if not os.path.isfile(tempdir + '/EFI/shellx64_v2.efi'):
shell2_path = tempdir + '/EFI/shellx64_v2.efi'
print("You are missing {0}. We'll download it for you.".format(shell2_path))
- shell2_url = 'https://github.com/tianocore/edk2/blob/master/ShellBinPkg/UefiShell/X64/Shell.efi?raw=true'
+ shell2_url = 'https://raw.githubusercontent.com/tianocore/edk2/master/ShellBinPkg/UefiShell/X64/Shell.efi'
shell2_fetch = urlopen(shell2_url)
with open(shell2_path, 'wb+') as dl:
dl.write(shell2_fetch.read())
@@ -98,7 +98,7 @@ def genUEFI(build, bdisk):
if not os.path.isfile(tempdir + '/EFI/shellx64_v1.efi'):
shell1_path = tempdir + '/EFI/shellx64_v1.efi'
print("You are missing {0}. We'll download it for you.".format(shell1_path))
- shell1_url = 'https://github.com/tianocore/edk2/blob/master/EdkShellBinPkg/FullShell/X64/Shell_Full.efi?raw=true'
+ shell1_url = 'https://raw.githubusercontent.com/tianocore/edk2/master/EdkShellBinPkg/FullShell/X64/Shell_Full.efi'
shell1_fetch = urlopen(shell1_url)
with open(shell1_path, 'wb+') as dl:
dl.write(shell1_fetch.read())
diff --git a/docs/BDisk_User_Manual.v1.fodt b/docs/BDisk_User_Manual.v1.fodt
new file mode 100644
index 0000000..a772d84
--- /dev/null
+++ b/docs/BDisk_User_Manual.v1.fodt
@@ -0,0 +1,324 @@
+
+
+
+ 2016-12-01T11:27:37.6655108212016-12-01T12:45:33.017762399PT1H7M45S1LibreOffice/5.2.3.3$Linux_X86_64 LibreOffice_project/20m0$Build-3
+
+
+ 0
+ 0
+ 40748
+ 22782
+ true
+ false
+
+
+ view2
+ 11578
+ 3494
+ 0
+ 0
+ 40746
+ 22781
+ 0
+ 1
+ false
+ 100
+ false
+
+
+
+
+ false
+ true
+ true
+ true
+ 0
+ true
+ true
+
+ false
+ false
+ false
+ false
+ false
+ false
+ false
+ false
+ false
+ false
+ false
+ false
+ true
+ true
+ false
+ false
+ true
+ false
+ true
+ false
+ false
+
+ false
+ false
+ true
+ false
+ false
+
+ false
+ false
+ false
+ false
+ true
+ 91633
+ false
+ false
+ true
+ false
+ true
+ true
+ false
+ true
+ 0
+ false
+ true
+ high-resolution
+ false
+ false
+ false
+ false
+ true
+ true
+
+ true
+ false
+ false
+ false
+ true
+ false
+ false
+ false
+
+ true
+ false
+ 38510
+ false
+ 1
+ true
+ false
+ false
+ 0
+ false
+ false
+
+
+ false
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ /
+
+ /
+
+
+
+
+
+
+
+ 12/01/16
+
+
+
+
+
+
+
+
+
+
+
+
+
+ BDISK
+ Manual v1.0
+ Brent Saner
+ bts@square-r00t.net
+
+
+
+
+
+
\ No newline at end of file
diff --git a/extra/dist.build.ini b/extra/dist.build.ini
index a699768..d0baf84 100644
--- a/extra/dist.build.ini
+++ b/extra/dist.build.ini
@@ -69,27 +69,29 @@ desc = j00 got 0wnz0r3d lulz.
uri = https://bdisk.square-r00t.net
; Should the root user have a password? IF THIS IS NOT SET,
-; PASSWORD LOGIN WILL BE DISABLED!
-; If you wish to have a blank password, use the string:
+; PASSWORD LOGIN WILL BE DISABLED! If you wish to have a
+; blank password, use the string:
; BLANK
; Do NOT use a plaintext password here. You will need to
-; generate a salted and hashed string in a
-; shadow-compatible format.
-; If you need help generating one, see docs/HOWTO.hashgen.
+; generate a salted and hashed string in a shadow-compatible
+; format. If you need help generating one, see docs/HOWTO.hashgen.
; If an assistance script is available, the path will be given
; (i.e. extras/bin/hashgen.py).
;
-; Note that if you want an automatic login, this is NOT where
-; it would be set. It should instead be controlled via:
+; Note that if you want an automatic login, this is NOT where it
+; would be set. It should instead be controlled via:
; overlay/etc/systemd/system/getty@ttyN.service.d/autologin.conf
; In the following format:
; [Service]
; Type=idle
; ExecStart=
; ExecStart=-/usr/bin/agetty --autologin --noclear %I 38400 linux
-;(where N is the TTY number). Alternatively, if booting to a GUI,
-; it can be set as according to that GUI (e.g. for LXDE,
+;(where N is the TTY number). Alternatively, if booting to a GUI, it
+; can be set as according to that GUI (e.g. for LXDE,
; overlay/etc/lxdm/lxdm.conf, "autologin=")
+; 0.) MUST be a salted SHA512 string in shadow format
+; 1.) ALL $'s (there should be three of them) MUST be escaped with a second $.
+; e.g.: $6$aBcDeFgHiJ$ZxYw.... would become $$6$$aBcDeFgHiJ$$ZxYw...
root_password =
; Should we create a non-root user on the image?
diff --git a/extra/pre-build.d/etc/pacman.d/mirrorlist b/extra/pre-build.d/etc/pacman.d/mirrorlist
index 0d60fc3..e334475 100644
--- a/extra/pre-build.d/etc/pacman.d/mirrorlist
+++ b/extra/pre-build.d/etc/pacman.d/mirrorlist
@@ -1,6 +1,6 @@
Server = http://mirrors.advancedhosters.com/archlinux/$repo/os/$arch
-Server = http://mirrors.gigenet.com/archlinux/$repo/os/$arch
-Server = http://il.mirrors.linaxe.net/archlinux/$repo/os/$arch
-Server = http://mirror.grig.io/archlinux/$repo/os/$arch
+Server = http://ftp.osuosl.org/pub/archlinux/$repo/os/$arch
Server = http://arch.mirrors.ionfish.org/$repo/os/$arch
-Server = http://cosmos.cites.illinois.edu/pub/archlinux/$repo/os/$arch
+Server = http://mirror.vtti.vt.edu/archlinux/$repo/os/$arch
+Server = http://mirror.metrocast.net/archlinux/$repo/os/$arch
+Server = http://mirror.jmu.edu/pub/archlinux/$repo/os/$arch
diff --git a/extra/pre-build.d/etc/resolvconf.conf b/extra/pre-build.d/etc/resolvconf.conf
index 4b92b5a..e133936 100644
--- a/extra/pre-build.d/etc/resolvconf.conf
+++ b/extra/pre-build.d/etc/resolvconf.conf
@@ -1,8 +1,17 @@
# Configuration for resolvconf(8)
# See resolvconf.conf(5) for details
+
resolv_conf=/etc/resolv.conf
# If you run a local name server, you should uncomment the below line and
# configure your subscribers configuration files below.
-#name_servers=127.0.0.1
-append_nameservers='4.2.2.1 4.2.2.2 4.2.2.3'
+#name_servers='2620:0:ccc::2 2620:0:ccd::2 4.2.2.1 4.2.2.2 127.0.0.1 ::1 '
+name_servers='4.2.2.1 4.2.2.2 208.67.220.220 2620:0:ccc::2 2072620:0:ccd::2 208.67.222.222 208.67.222.220 208.67.220.222'
+
+# Write out dnsmasq extended configuration and resolv files
+#dnsmasq_conf=/etc/dnsmasq.d/openresolv.conf
+#dnsmasq_resolv=/etc/dnsmasq.resolv.conf
+
+
+domain=square-r00t.net
+search_domains=square-r00t.net
diff --git a/extra/pre-build.d/root/pre-build.sh b/extra/pre-build.d/root/pre-build.sh
index bed551a..8736bd5 100755
--- a/extra/pre-build.d/root/pre-build.sh
+++ b/extra/pre-build.d/root/pre-build.sh
@@ -4,20 +4,7 @@
dirmngr /dev/null 2>&1
# Import settings.
-if [[ -f /root/VARS.txt ]];
-then
- source /root/VARS.txt
-else
- # TODO: do these defaults via the config stuff in python instead.
- export DISTNAME='BDISK'
- export UXNAME='bdisk'
- export PNAME='BDisk'
- export DISTPUB='r00t^2'
- export DISTDESC='j00 got 0wnz0r3d lulz.'
- export REGUSR="${UXNAME}"
- export REGUSR_PASS=''
- export ROOT_PASS=''
-fi
+source /root/VARS.txt
# Logging!
exec 3>&1 4>&2
@@ -154,3 +141,4 @@ rm -f /root/.viminfo
rm -f /root/apacman-*.pkg.tar.xz
rm -f /root/pre-build.sh
pkill -9 dirmngr
+pkill -9 gpg-agent
diff --git a/extra/templates/VARS.txt.j2 b/extra/templates/VARS.txt.j2
index 678d0ce..cbbd6e2 100644
--- a/extra/templates/VARS.txt.j2
+++ b/extra/templates/VARS.txt.j2
@@ -1,8 +1,8 @@
-export DISTNAME={{ bdisk['name']|upper }}
-export UXNAME={{ bdisk['name']|lower }}
-export PNAME={{ bdisk['name'] }}
-export DISTPUB={{ bdisk['dev'] }}
-export DISTDESC={{ bdisk['desc'] }}
-export REGUSR={{ bdisk['name']|lower }}
-export REGUSR_PASS={{ bdisk['usr_pass'] }}
-export ROOT_PASS={{ bdisk['root_pass'] }}
+export DISTNAME='{{ bdisk['name']|upper }}'
+export UXNAME='{{ bdisk['name']|lower }}'
+export PNAME='{{ bdisk['name'] }}'
+export DISTPUB='{{ bdisk['dev'] }}'
+export DISTDESC='{{ bdisk['desc'] }}'
+export REGUSR='{{ bdisk['name']|lower }}'
+export REGUSR_PASS='{{ bdisk['usr_pass'] }}'
+export ROOT_PASS='{{ bdisk['root_pass'] }}'
diff --git a/overlay/etc/systemd/scripts/livecd.fix.sh b/overlay/etc/systemd/scripts/livecd.fix.sh
index c76a8b7..7334711 100755
--- a/overlay/etc/systemd/scripts/livecd.fix.sh
+++ b/overlay/etc/systemd/scripts/livecd.fix.sh
@@ -3,6 +3,22 @@
#chmod 4755 /opt/google/chrome-beta/chrome-sandbox
chmod 4755 /usr/bin/sudo
+# Fix user perms/ownerships, etc.
+chown -R root:root /root
+for i in $(grep '/home/' /etc/passwd | cut -f1 -d":");
+do
+ chown -R ${i}:${i} /home/${i}
+done
+
+chmod 700 /root/.ssh
+chmod 600 /root/.ssh/authorized_keys
+
+for i in $(find /home -type d -name "*/.ssh");
+do
+ chmod 700 ${i}
+ chmod 600 ${i}/authorized_keys
+done
+
function fuck_you_gimme_net() {
IFACE=$(ifconfig -a -s | egrep -E '^((en|wl)p?|em)' | awk '{print $1}' | tr '\n' ' ' | sed -e 's/\ $//g')
for i in ${IFACE};