lesslinux.org Development Blog

My latest image might have broken USB boot support due to a new version of the NASM assembler. This is fixed in the latest unstable build. Besides this the TeamViewer BLOB is fixed now (there is no directory teamviewer9 anymore in the tarball). Hivex correctly builds the ruby bindings and I based my “reset shell” tool on the new hivex library instead on chntpw. Firefox got updated to 34.0, Thunderbird to 31.3.

Have fun! lesslinux-search-and-rescue-uluru-20141203-124327.iso

I just prepared a fresh build based on kernel 3.17.4. The biggest difference is that the kernel configuration is now based on Ubuntus 3.16. On the one hand this means many drivers are included that your live system will never need, on the other hand some drivers are known to work better in this configuration. The initrd is now bigger by around 20MB per kernel (kernels are included for 32 bit PAE, 32 bit non PAE and 64 bit). If this is too big for you, tinker around with the kernel configuration for your own builds.

Cairo dock now uses gnome-menus-3. This re-introduces icons and allows a nice search box. A much bigger change is the addition of i3. Start with the additional boot parameter

    xinitrc=/etc/lesslinux/xinitrc_i3

to start with three terminals in i3: One root terminal and two with normal users privileges. I know there are quite some i3 users out there and I would be happy to hear from you and share your experiences.

Grab it here: lesslinux-search-and-rescue-uluru-20141127-055823.iso lesslinux-search-and-rescue-uluru-20141127-164346.iso

Update: I just added i3status and changed the urxvt terminal in i3 mode to a much better readable font.

I just want to introduce a new tool. Fred, the forensic registry editor by Daniel Gillen is included in the latest builds.

FRED, the forensic registry editor allows write access to the registry

Mehr »

We made some progress in both handling of BLOBs (binary large objects, programs like Google Chrome or TeamViewer that are only available as binary packages. A new feature is the integration of OpenVAS, a vulnerability scanner to detect unsafe devices in your networks. I am especially proud for my wrapper script to start OpenVAS: This does all necessary preparation work, so you do not have to manually download vulnerability definitions or rebuild databases. However, OpenVAS is still fat and occupies more than 1.2GB RAM when started from DVD! So, some preparation is recommended.

Mehr »

I just uploaded an image that fixes BLOB support. To use it:

• dd the ISO to an USB thumb drive
• Pass blobsize=512 (any value between 256 and 2048 makes sense) as boot parameter upon first boot – this wil create the LessLinuxBlob partition upon first boot
• Download Chrome stable for i386 and put the deb to the folder /lesslinux/blobpart – use a file manager with root privileges for this
• Reboot – Chrome is now contained in the menus

Besides this, Thunderbird and Firefox both got updated to 31.1.0, the kernel received a smaller upgrade to 3.16.2. The tools for acessing disk drives now use a different architecture. mmcblk devices (some card readers) are now recognized correctly, it works a bit faster and should be easier to integrate with upcoming releases of SaferSurf.

Download lesslinux-search-and-rescue-uluru-20140909-083241.iso

About one and a half years ago I started implementing suport for the possibility to persistently add binary applications to LessLinux. This enables adding closed source binary only software without polluting the open source build tree. BLOB support was used in a commercial derivative to include TeamViewer. Now it is also possible to add Google Chrome – quite some users requested this feature since Chrome has very good multimedia support and implements a remote desktop solution.

Mehr »

I just finished initial tests on a fresh development build for LessLinux Search and Rescue. Kernel is 3.15.9 and more than 100 packages have been updated. This thing feels quite stable, but there are reasons not to mark it stable yet:

• Booting via HTTP or FTP will fail with this image since the tmpfs where the ISO is stored is too small. This will soon be fixed in upcoming images by providing an appropriate cheat code.

• The BusyBox 1.21.1 built against uClibc has been replaced by BusyBox 1.22.1 linked against musl-libc – this should allow some cleanups in all init scripts as well as removing the statically linked modprobe binary in the initramfs.

• There are a few statically linked (against glibc) binaries in the initramfs currently that either will be moved to musl or entirely removed. The new update procedure might allow the removal of xdelta3 from the initramfs for example.

• Of course kernel 3.16 has to be added and tested. Expect this to happen with 3.16.1

But for most usage scenarios this unstable build will perform better and more stable than recent stable versions. Escpecially when booted from DVD or USB. Now, go, grab it here:

lesslinux-search-and-rescue-uluru-20140811-134719.iso

Sorry, no English version yet. You may run “LessLinux Safersurf” in English by changing lang=de to lang=en, but some tools will still use german localization, international builds will follow.

Leser einiger deutscher Computerzeitschriften kennen meine Systeme zum “Sicheren Surfen”. Den Anfang machte das 2009 und 2010 zusammen mit dem BSI entwickelte System “COMPUTER BILD Sicher Surfen”, nach 2011 wurde es etwas still um dieses System, bis mit der NSA-Affäre das Interesse stieg. Ich habe mich daher zur Veröffentlichung einer reinen Open Source Variante entschieden. Wie bisher ist eine Kernkomponente für erhöhte Sicherheit die Verwendung von Mandatory Access Control: Das sorgt dafür, dass nur wenige Prozesse aufs Internet zugreifen dürfen und Prozesse, die aufs Internet zugreifen, dürfen nur eine kleine Auswahl anderer Prozesse starten. Weitere Sicherheitsmerkmale betreffen das Dateisystem: Sowohl das persistent gehaltene Heimatverzeichnis als auch der Auslagerungsspeicher werden stark verschlüsselt.

Das System ist dazu gedacht, auf einen wenigstens 8GB großen USB-Stick installiert zu werden, unter Windows sollte hierfür der Win32DiskImager verwendet werden.

Mehr »

I just finished building a fresh unstable using kernel 3.15.4. During the boot process no legacy map files for kernel modules are used anymore. So please tell me should booting from USB fail. A major change is that the stage03 build command and git SHA1SUM are now available in /etc/lesslinux/updater (look at the screenshot). This makes checking out corresponding sources and building modified ISOs much easier.

The version from the git tree and the build command are now accessible in /etc/lesslinux/updater.

Download lesslinux-search-and-rescue-uluru-20140707-145441.iso

I am proud to announce a new series. This is called “big fall full” – codenamed “Jabba”. It solves two purposes:

1. Provide a simple way to include all packages that are built in the second stage in the live ISO
2. Give the most simple starting point for building LessLinux and derived distributions

The second big change is that LessLinux development now takes place completely on GitHub. Scroll down to read how these two news fit together seamlessly!

Using Jabba builds

Of course you can use the Jabba builds as rescue system as well or as a nice replacement for the now defunct LFS Live CD, to start building LFS even when you do not have Linux system installed on some hard drive. Jabba builds will be released after major architectural changes or updates of core components like the used default compiler or the C library. This means mandatory releases every six to nine months and maybe convenience releases after updating kernels.

Jabba intentionally uses a really minimalistic user interface. After booting, the GUI consists of just two terminals, one with root privileges and one as normal user. You might start an XFCE- or LXQT-panel, but be warned: there might be many duplicate or non-functional entries in the menus. Thus it is easier most of the time to start needed programs by hand.

Mehr »