This is in order to remember me how to pass arguments to make in a Makefile so i dont have to dig a "little" on google to find out how so here is an image of a simple Makefile that im using to compile c programs so i can later debug using gdb and with no protection since im learning the linux xploits techniques.
Simple we create the Makefile like this one and the only thing that this Makefile does its to compile a .c program from the command line and put the compiled on the output file given by the user.
toor# joe Makefile
TARGET=default
OUTPUT=default
all:
gcc -ggdb -fno-stack-protector -z execstack -m32 ${TARGET} -o ${OUTPUT}
clean:
rm ${TARGET}
the compile options can be checked online and as we can see its like normal variables on shell scripts.
Wednesday, November 30, 2016
Wednesday, November 16, 2016
Simple Recipt to install Basic Gentoo
Last couple of days i was playing with Arch Linux, at the end it were pretty simple to install on LVM but of course this were just a simple and basic install with LVM perspective, so now ill give a try to Gentoo, because some time ago i tried to install it and i could not get the install since the workload rise up, but now i have some time to do so, and it seems that the wiki it is pretty improved and now it is even more easier to install it but some questions arise and here is a short answer.
By the way this is on VM almos all its by default but its just the starting poing.
By the way this is on VM almos all its by default but its just the starting poing.
stages
the stage are like installation packages like configuration flavors now it seems that Stage1 and Stage2 are not being used anymore Stage3 and Stage4 are the ones availables, Stage 3 tarballs are compiled from stage 2 tarballs, but contain a system set and A cloud stage 4 has been created to aid in the process of VM provisioning. These stage 4 files can be used with diskimage-builder
so we will go with the Stage3 but there are some flavors on Stage3 what i saw its there are some versions or flavors:
- Hardened in wich there are somo more security services
- Systemd
- nomultilib
- uclibc for embedded devices
- cloud
I just follow the handbook from gentoo but since i just want the extract here it is what i did for installing on VM
Partition disk
toor# fdisk /dev/sdan p 1 2048 +2M
t 4
n p 2 enter +128M
a 2
n p 3 enter +2048M
t 3 82
n p 4 enter enter
p
w
toor# mkfs.ext2 /dev/sda2
toor# mkfs.ext4 /dev/sda4
toor# mkswap /dev/sda3
toor# swapon /dev/sda3
toor# mount /dev/sda4 /mnt/gentoo
toor# mkdir /mnt/gentoo/boot
toor# mount /dev/sda2 /mnt/gentoo/boot
toor# date ok ?
toor# cd /mnt/gentoo
toor# links https://www.gentoo.org/downloads/mirrors/
+
°-->releases/(arch)/autobuilds
toor# tar xvjpf stage3-amd64-hardened-20161103.tar.bz2 --xattrs
configure the make.conf options
toor# nano -w /mnt/gentoo/etc/portage/make.conf
CHOST="x86_64-pc-linux-gnu"
PORTDIR="/usr/portage"
DISTDIR="${PORTDIR}/distfiles"
PKGDIR="${PORTDIR}/packages"
CFLAGS="-march=native -O2 -pipe"
CXXFLAGS="${CFLAGS}"
MAKEOPTS="-j2"
toor# mirrorselect -i -o >> /mnt/gentoo/etc/portage/make.conf
toor# mkdir /mnt/gentoo/etc/portage/repos.conf
toor# cp /mnt/gentoo/usr/share/portage/config/repos.conf \
> /mnt/gentoo/etc/portage/repos.conf/
toor# cp -L /etc/resolv.conf /mnt/gentoo/etc/
CHROOT
toor# mount -t proc proc /mnt/gentoo/proc/toor# mount --rbind /sys /mnt/gentoo/sys
toor# mount --make-rslave /mnt/gentoo/sys
toor# mount --rbind /dev /mnt/gentoo/dev
toor# mount --make-rslave /mnt/gentoo/dev
toor# chroot /mnt/gentoo /bin/bash
toor# source /etc/profile
toor# export PS1="(chroot) $PS1"
toor# emerge-webrsync
toor# nano -w /etc/portage/make.conf
USE="-qt4 -gnome kde"
toor# echo "Time/zone" > /etc/timezone
toor# emerge --config sys-libs/timezone-data
toor# nano -w /etc/locale.gen
...
toor# locale-gen
toor# eselect locale list
...
toor# eselect locale set #
toor# env-update && source /etc/profile &&
export PS1="(chroot) $PS1"
toor# emerge --ask sys-kernel/gentoo-sources
toor# emerge --ask sys-apps/pciutils
get info
toor# lspci
toor# lsmod
toor# cd /usr/src/linux
toor# make menuconfig
toor# make && make modules_install
toor# make install
toor# nano -w /etc/fstab
...
toor# nano -w /etc/conf.d/hostname
...
toor# emerge --ask --noreplace net-misc/netifrc
toor# passwd
toor# cd /etc/init.d
toor# ln -s net.lo net.eth0
toor# rc-update add net.eth0 default
toor# emerge app-admin/sysklogd && rc-update add sysklogd default && emerge sys-process/cronie && rc-update add cronie default && crontab /etc/crontab && emerge sys-apps/mlocate && rc-update add sshd default && emerge net-misc/dhcpcd && rc-update add dhcpd default && emerge sys-boot/grub:2 && grub-install /dev/sda
toor# grub-mkconfig -o /boot/grub/grub.cfg
toor# nano -w /etc/conf.d/net
config_eno6777777="dhcp"
Read /usr/share/doc/netifrc-*/net.example.bz2 for a list of all available options. Be sure to also read up on the DHCP client man page if specific DHCP options need to be set.
If the system has several network interfaces, then repeat the above steps for config_eth1, config_eth2, etc.
toor# cd
toor# exit
toor# umount -l /mnt/gentoo/dev{/shm,/pts,} && umount /mnt/gentoo{/boot,/sys,/proc,}
toor# reboot
toor# emerge -s joe
toor# emerge app-editors/joe
using upgrade to plasma
toor# eselect profile list
select plasma
toor# eselect profile set 8
toor# grep -e "qt[[:digit:]]" -e "handbook" -e "kde" -e "plasma" /etc/portage/make.conf
remove ocurrences if exist
toor# grep -e "qt[[:digit:]]$" -e "qt[[:digit:]] " -e "handbook$" -e "handbook " -R /etc/portage/package.use
toor# grep -e "kde$" -e "kde " -e "plasma$" -e "plasma " -R /etc/portage/package.use
toor# emerge app-portage/gentoolkit
toor# for x in libkscreen kde-gtk-config ksshaskpass freespacenotifier kcheckpass kcminit kdebase-cursors kdebase-startkde kdm kephal khotkeys kinfocenter klipper kmenuedit krunner kscreensaver ksmserver ksplash kstartupconfig kstyles ksysguard ksystraycmd kwin kwrited libkgreeter libkworkspace liboxygenstyle libplasmaclock libplasmagenericshell libtaskmanager plasma-workspace powerdevil qguiplatformplugin_kde solid-actions-kcm systemsettings; do equery -q d ${x} | sed -e "s/-[0-9].*//"; done | sed -e "/kdebase-meta/g" -e "/kde-meta/g" | xargs emerge --deselect --pretend
...
all working ok so do it with out --pretend
toor# ...
toor# emerge --changed-use --newrepo --deep world
...
lot of time
...
toor# emerge kde-plasma/plasma-meta && emerge kde-plasma/plasma-desktop
usr$ joe ~/.xinitrc
exec startkde
usr$ startx
toor# emerge --changed-use --newrepo --deep world
...
lot of time
...
toor# emerge kde-plasma/plasma-meta && emerge kde-plasma/plasma-desktop
usr$ joe ~/.xinitrc
exec startkde
usr$ startx
Until here i have kde-plasma installed but ill need more customization since i started x and some very simple desktop environmnet showed to me but for now i think this is finish for step one.
Dont forget that this were realized for a VM environment in an actual Machine several more configuration has to be done and this is only the bare bones of the most basic install.
Dont forget that this were realized for a VM environment in an actual Machine several more configuration has to be done and this is only the bare bones of the most basic install.
After all of these for me it was way more simple to install OpenBSD than Gentoo or Arch linux it seems that Gentoo its for super geeks, Arch for Geeks.
references
https://wiki.gentoo.org/wiki/Systemd
https://wiki.gentoo.org/wiki/Hardened_Gentoo
https://wiki.gentoo.org/wiki/Project:Hardened_uClibc
https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/System
https://wiki.gentoo.org/wiki/KDE/Plasma_5_upgrade#Preparations
Monday, November 7, 2016
SIMPLE RECIPE FOR ARCH LINUX FULL ENCRYPTED --LVM
Few days later i just want to give a try to arch Linux, since i like to try different things so i came across with Arch and some people love it some people don't so i give it a try and wanted to see if i can just encrypt it all and then play with it
so my first toughs were that it smells like OpenBSD at the installation process i mean set up the disk and then sync over the Internet
the other thing that i notice its that the wiki it huge and usually i like to get things done as quick as possible but i take me some spare time to get things done so this is my personal recipe to start and then move forward in case i want it to, this are all the minimal configuration to install it i use a virtual machine so things may go different in each case
toor# parted -s /dev/sda mklabel msdos
toor# parted -s /dev/sda mkpart primary 2048s 100%
toor# cryptsetup luksFormat /dev/sda1
at the beggining i used to type yes but it is actually 'YES' damm me :|
o by the way this is all in LVM setup sorry forget it to tell about it
creating LVM partitionstoor# pvcreate /dev/mapper/lvm
toor# vgcreate vg /dev/mapper/lvm
toor# lvcreate -L 2G vg -n swap
toor# lvcreate -l 100%FREE vg -n root
Formating and activating swap
toor# mkfs.ext4 /dev/mapper/vg-root
toor# mkswap /dev/mapper/vg-swap
toor# mount /dev/mapper/vg-root /mnt
toor# swapon /dev/mapper/vg-swap
preparing boot
toor# mkfs.ext2 /dev/sda1
toor# mkdir /mnt/boot
toor# mount /dev/sda1 /mnt/boot
Basic Install
toor# pacstrap /mnt base
toor# genfstab -U /mnt >> /mnt/etc/fstab
toor# arch-chroot /mnt
toor# ln -s /usr/share/zoneinfo/Region/City /etc/localtime
toor# hwclock --systohc
modifi according the /etc/locale.gen and i like to use joe so
toor# pacman -S joe
toor# locale-gen
set LANG and KEYMAP
/etc/locale.conf
LANG=en_US.UTF-8
Add hooks
/etc/vconsole.confKEYMAP=la-latin1
toor# mkinitcpio -p linux/etc/mkinitcpio.conf
HOOKS = "... encrypt lvm2 ..."
toor# pacman -S grub
Edit grub
/etc/default/grub
GRUB_ENABLE_CRYPTODISK=y
GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda1:lvm"
toor# grup-mkconfig -o /boot/grub/grub.cfg
it will complain with some warning like:
WARNING: failed to connect to lvmetad: No such file or directory. Falling back to internal scanning
no problem at all at least this is what wiki says
https://wiki.archlinux.org/index.php/GRUB#Warning_when_installing_in_chroot
toor# grup-install /dev/sda
toor# passwd
...
toor# ctrl+D
#reboot
here we have installed the system but it needs a little more to have a full system, this is just for the beginnign
references:
https://wiki.archlinux.org/
http://www.pavelkogan.com/2014/05/23/luks-full-disk-encryption/
Subscribe to:
Posts (Atom)