You are not logged in.

#76 2017-12-22 21:51:06

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

Disabled the haveged .service (it's still installed though) and removed the autostart for the GNOME keyring & polkit stuff 'cos I don't need that **** any more tongue

Interestingly, the kernel brings up the wired interface automagically so no networking services at all are needed to connect cool

The desktop should now boot to >150MiB (64-bit), which I think is pretty good for the functionality on offer.


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#77 2017-12-25 09:12:23

devnull
Member
Registered: 2017-06-29
Posts: 63

Re: SharpBang (♯!) "live" ISO image

thank you for the work on it, I'll try and report back soon!

Offline

#78 2017-12-25 09:26:54

BLizgreat!
Resident Babbler - vll!
Registered: 2015-10-03
Posts: 1,180

Re: SharpBang (♯!) "live" ISO image

150mbs !?!?!? What are ya trying to dethrone ubuntu as king of bloat or what ?!?!?! Messing around and couldn't resist again. tongue

Offline

#79 2018-01-07 19:49:15

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

Image updated with a kernel that has CONFIG_TABLE_ISOLATION enabled for protection against the Meltdown vulnerability.

It's arguably pointless with a "live" ISO but my OCD would not let me leave this alone big_smile


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#80 2018-01-07 21:11:11

brontosaurusrex
Middle Office
Registered: 2015-09-29
Posts: 1,909
Website

Re: SharpBang (♯!) "live" ISO image

Why pointless? The bad guys are reading the contents of cpu cache, right (Unless I got that wrong)?

Online

#81 2018-01-07 21:41:48

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

^ Well, it's only a local vulnerability and it doesn't seem likely (or possible) that anybody would boot the ISO and then have several other users log in and thus allow one of them to exploit the hole.

I don't think firefox-esr allows for the context switching that the exploit is based on so the setup should be OK otherwise (AFAIK).


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#82 2018-01-08 08:42:14

brontosaurusrex
Middle Office
Registered: 2015-09-29
Posts: 1,909
Website

Re: SharpBang (♯!) "live" ISO image

I missed the "local" bit, from what i read it could be a web page (theoretically), but can't find the proper link right now.

edit, this: https://www.bleepingcomputer.com/news/s … e-attacks/

Last edited by brontosaurusrex (2018-01-08 09:56:35)

Online

#83 2018-01-08 19:18:13

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

Firefox v57.0.3 could be used as an attack vector, yes, but v57.0.4 has had it's fancy timing system crippled to break this.

The firefox-esr package used by #! (and BL) does not have this "feature" and so is "safe" to use.


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#84 2018-01-09 06:26:56

Eon
Member
From: Mumbai, IN
Registered: 2015-09-29
Posts: 71

Re: SharpBang (♯!) "live" ISO image

Holy cow, just bumped upon this thread and sounds really interesting. Honestly I'm willing to experiment with anything that runs on less and less resources, so I will definitely give this a try. big_smile

Offline

#85 2018-02-24 20:58:41

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

Updated the image to kernel 4.15.5, it now has full generic retpoline and __user pointer sanitisation along with the PTI mitigation so both Spectre and Meltdown are covered.


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#86 2018-02-25 01:07:01

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

Added dnssec-trigger because my "hardcoded" configuration didn't work and also a menu entry for the network manager (grml-network).


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#87 2018-02-25 11:21:11

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

OK, finally fixed the resolv.conf issue and stopped dhclient from overwriting the namesevers.

New version uploaded now.


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#88 2018-03-18 14:05:31

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

Updated the image and managed to strip 60MiB off after realising that /boot/* isn't needed in the live system.

It's now at 809MiB, which is pretty good for the functionality on offer.

I also now have the means to produce an installable system for this — if there was any interest I could package up the configuration changes and push out an installer ISO.


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#89 2018-03-18 17:22:02

beaker
Member
Registered: 2016-03-06
Posts: 127

Re: SharpBang (♯!) "live" ISO image

Head_on_a_Stick wrote:

— if there was any interest I could package up the configuration changes and push out an installer ISO.

I would be interested smile

Offline

#90 2018-03-18 17:38:09

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

^ Noted smile

It may take a while but it should be fairly simple because I have removed all of the BunsenLabs packages from this desktop and it uses pure Debian repositories (apart from the Liquorix kernel) and so only needs some configuration files in a single package to set it all up glasses


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#91 2018-03-25 15:53:21

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

Updated the image to kernel 4.15.11

Also added xserver-xorg-video-qxl for improved performance under KVM/QEMU with SPICE.


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#92 2018-03-25 20:25:44

beaker
Member
Registered: 2016-03-06
Posts: 127

Re: SharpBang (♯!) "live" ISO image

Is this an installable iso?

Offline

#93 2018-03-25 20:37:04

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

^ No, not yet, that will have to wait until after Helium is released so it doesn't distract me too much big_smile


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#94 2018-03-25 20:49:10

beaker
Member
Registered: 2016-03-06
Posts: 127

Re: SharpBang (♯!) "live" ISO image

ok - no worries

Offline

#95 2018-04-23 20:59:14

Head_on_a_Stick
Member
From: London
Registered: 2015-09-29
Posts: 8,759
Website

Re: SharpBang (♯!) "live" ISO image

Another image update: new kernel & firefox-esr version.

Under the hood I have restructured the configuration from a hacky /etc/skel method to a more refined sharp-user-setup script activated by /etc/X11/Xsession.d/22-sharp-user-setup (this is in line with BunsenLabs' method).

The obsession package has been removed and replaced with sharp-exit.

Now that the Helium release is imminent I will start to look at packaging up the configuration (perhaps with a sharpbang-desktop-task) and making an installable ISO image.


“Et ignotas animum dimittit in artes.” — Ovid, Metamorphoses, VIII., 18.

Forum Rules   •   How to report a problem   •   Software that rocks

Offline

#96 2019-10-26 07:45:45

orionH
Member
Registered: 2017-11-15
Posts: 20

Re: SharpBang (♯!) "live" ISO image

Awesome work Head_on_a_Stick.

https://head-on-a-stick.github.io/

Offline

Board footer

Powered by FluxBB