lesslinux.org Development Blog

You probably noticed that LessLinux uses Gtk2 only. Even applications like Abiword, Gnumeric and some of the Gnome tools are older versions – some three years old, partially taken from Gnome 2.32. The background of this decision was to provide a persistent look and feel as well as to keep the size smaller.

This is not suitable anymore.

I had to decide between moving to the Mate libs or to Gtk 3. Mate is a fork of the last stable Gnome. This move would probably have given me some updated utilities and libraries but it would not have an provided newer applications like Brasero, Abiword or Gnumeric. So I decided to move to Gtk3. I already moved the easier to move applications like Zenity, Brasero, Abiword, Gnumeric and Evince. Wireshark and the likes will follow soon. Then I will provide images for testing. Afterwards, I will move Ruby-Gnome and the WX based apps like FileZilla and TrueCrypt to Gtk3. However, some Gtk2 programs will stay for a while: Firefox will keep Gtk2 as default for a while and XFCE will not move to Gtk3 in the upcoming version 4.12. At least a version of LessLinux Search and Rescue will be possible that uses Nautilus, Openbox and Midori that will be Gtk3 only.

Nothing spectacular here. Just a fresh stable build. It uses kernel 3.11.7, still sticks with Glibc 2.17 and re-enables the rtl8192se driver. Zswap is enabled which is a great thing for live CDs without swap space.

I am now moving on to kernel 3.12 together with Glbic 2.18 and GCC 4.8.2, but if necessary, another build based on 3.11.8 will follow.

Download this build here:

• lesslinux-search-and-rescue-uluru-20131112-145741.iso

I am proud to announce a fresh development build. This one targets some minor issues in older builds and adds the new kernel from the 3.11 family. However glibc is still 2.17 since I had problems with my cross compilers build with 2.18. The issues adressed are:

• Workaround for sound devices with too strict permissions
• The USB installer now also creates an encrypted swap partition: The swap partition is re-initialized at each boot with a key that is thrown away afterwards
• Gummiboot is updated to 36 to work around keyboard issues on some UEFI implementations
• The layout of the DVD is much friendlier for remastering (kernels are now in /boot/kernel, not in /boot/isolinux anymore)
• A new mechanism for loading to memory just loads to memory if the system is started from optical media an the main memory is larger than size of the ISO plus 1GB – so the DVD burner can be used to backup important data – when used from thumb drive the system is not loaded to main memory

The Realtek WiFi driver rtl8192se that stopped working in linux 3.10 works again with 3.11. However I left it blacklisted for this build. Load it manually with “modprobe -v rtl8192se” if you have an affected card. I also did make some major improvements for speeding up builds. Large parts of the system can now be built distributed with distcc. This together with some fresh tests of self contained builds will be covered in an upcoming post.

Download the test build here: lesslinux-search-and-rescue-uluru-20131017-082921.iso

I just uploaded a fresh stable release. There are no big changes regarding the development build from two weeks ago. The linux kernel now is 3.9.10, Firefox and Thunderbird were also updated. Two small new features are integrated:

USB installer

Install LessLinux search and rescue to a thumb drive. In the installer you can select the default language and specify if an encrypted /home partition should be created. The latter feature is especially handy if you want to store some browser bookmarks or WiFi keys.

DavFS2

Webdav is a nice thing, especially since many providers like Deutsche Telekom or GMX are offering cheap or free Webdav drives. I included the command line client mount.davfs. Currently no certificates are installed and in the mid term I want to provide a simple GUI.

 Download:

As alwas you can download the ISO image lesslinux-search-and-rescue-uluru-20130822-085558.iso from download.lesslinux.org. Burn it to DVD, write it to a thumbdrive with “dd” or Win32DiskImager.

The last weeks saw many improvements that especially targetted reliability. As you probably know, LessLinux contains a feature called “ISOhybrid conversion”: Official ISO images are valid HDD images as well, so you can either burn them on a DVD or “dd” them to a thumb drive (Windows users will take Win32DiskImager to write to an USB drive). Upon first boot, the ISO image is move to the end of the thumb drive and some partitions are created – so part of the thumb drive is still writable and the boot configuration is editable.

More reliability on cheap USB flash drives

During the last weeks I ran into problems with some cheap USB thumb drives: continously reading 8MB and instantly writing them somewhere else often resulted in some flipped bits. Thus I introduced some checks: First, and upon each boot, the binary files in the initramfs (BusyBox, some statically linked binaries, firmware files and kernel modules) are checked and upon failure the system shuts down. Then before doing the ISOhybrid conversion boot files (kernel and initramfs) and the SquashFS containers are checked. During the conversion each block is checked after writing: if moving fails, it is tried again. Some very cheap thumb drives that formerly resulted in nearly 20% corrupt installations are now down to 2%.

Another big change in ISOhybrid conversion is, that we are now very generous with available space: In addition to the last partition for the ISO image, another partition in front of it is created. Both use 125% of the space of the ISO – yes, 250% together. The intention behind this is, that updates are handled much easier this way: The old ISO image can now be piped through Xdelta3 and the STDOUT can be written to the empty partition. As a result, I will begin to offer updates between stable releases from now on.

Encrypted /home

I re-activated a feature that was introduced some three years ago, but could only be used by creating a container file by hand. If you now specify the cheat code

homecont=512-1536

upon first boot, during ISOhybrid conversion a partition with between 512MB and 1.5GB is created and later used for storing the contents of the home directory and settings for WICD. Reasonable sizes for the /home directory are between 256MB and 64GB (if you install to a USB hard disk and have some large directories in your /home directory, e.g. Thunderbird will full IMAP caching).

Remove ransomware from registry

Some ransomware writes a shell entry that cannot be removed from a running windows system. I was disappointed with license and usability of Kasperskys ransomware removal tool, so I wrote one myself: This tool scans all your hard disks for Windows installations (currently XP, Vista, 7 and 8 are supported, 8.1 might work as well), then it reads the shell entries and gives you a button to reset the shell to the default “explorer.exe”.

Some Eyecandy, notes on network

I created some commonly used functions for displaying a progress bar during startup and ISOhybrid conversion. Sadly, kernel 3.10.5 contains some bugs in some wireless staging drivers that result in no connection or crashes (especially sad when considering those drivers worked in 3.9.11), so I had to blacklist rtl8192se. To speed up boot, ethernet drives are loaded after udev is started. If you intend to netboot lesslinux, please take a look in the handbook.

Download

Download the build lesslinux-search-and-rescue-uluru-20130807-124945.iso and burn it to DVD or use “dd” or Win32ImageWriter to write it to a thumb drive.

 PS: This build still uses Firefox 22.0 and Thunderbird 17.0.8, some pending updates on the Xorg subsystem are not yet included and I plan to add and configure GRUB as an alternative bootloader on UEFI systems (in the mid term, this should reduce the size of ISOs by ~50MB). So now you know why the build is labeled testing. From the stability standpoind there are no reasons (besides the broken WiFi drivers) not to use it.

After kernel 3.8.13 was declared EOL I switched to kernel 3.9 and moved the build system to GCC 4.8.0. Besides the new kernel this release adds lots of changes and improvements. Mehr »

I just completed a fresh build based on kernel 3.8.12 and GCC 4.7.2 that introduces support for secure boot. The ISO now supports four modes: If burned to a DVD it boots on BIOS and UEFI machines – the same when written to a USB thumb drive. Many thanks to Thomas Schmitt of Xorriso fame for helping me to accomplish this. I have also rewritten the scripts that do the conversion from the raw ISO written to thumbdrive from a MBR partitioned HDD to a GPT partitioned disk with two boot partitions – one for UEFI and one with legacy MBR for BIOS.

UEFI should work flawless on most machines, you just have to add the hash of the kernel /l308sf.efi to your MOK database – upon first boot you are prompted to do so. There are still some features that are not yet complete. For example the safe startup or options for VNC access are not yet included into the boot menu used on UEFI machines. The build is generally considered “Gamma” quality. I assume there won’t be more builds based on kernel 3.8 since this is declared deprecated. I have begun moving to 3.9, so expect some Beta builds based on 3.9 and GCC 4.8 soon.

• Download lesslinux-search-and-rescue-uluru-20130510-125805.iso

There will be some major changes for builders ahead. If you plan to do builds based on this or later releases, please contact me.

We are working on our first images that work on UEFI secure boot as well as on normal BIOSes. This is quite a challenge, since until now images were prepared with genisoimage and later patched with isohybrid to contain a partition table. This resulted in images that could either written to CD or to USB stick. When written to a USB thumb drive some magic in the initramfs moved ISO filesystem and bootloader and created a new MBR partition table with one empty FAT32 partition at the start of the USB stick. This way the majority of space of a thumb drive could still be used – especially users with drives of 8GB or larger appreciated this feature. Mehr »

I just uploaded the first build containing linux kernel 3.8.0. Besides the new kernel, glibc got updated to 2.17. The most significant change is that now a (cross compiled) kernel for x86_64 is included. If necessary it will be accompagnied by a 64 bit busybox in one of the next builds. So currently three kernels are used: the 64 bit kernel, a kernel for 32 bit systems with PAE and a kernel for 32 bit systems  without PAE. This number will be reduced to two as soon as the 64 bit kernel proves stable. Choosing the right kernel is (hopefully) done by syslinux’ ifcpu64.c32 module. To see which kernel was booted, run “uname -a” from a terminal.

Please note that just the kernel is 64 bit, so chrooting to 64 bit linux environments should be possible now. Since I also plan to add EFI support with gummiboot we need a 64 bit kernel to be booted directly by the EFI loader (32 bit kernels will not boot on 64 bit EFI without intermediate loaders like GRUB).

• Download this unstable build: lesslinux-search-and-rescue-uluru-20130226-123741.iso

I just uploaded a fresh build that includes some significant changes on driver loading – especially WiFi now works much better. Of course most packages were also replaced by fresh versions: Linux kernel 3.7.9 is included, Firefox got updated to 19.0 (the first release with the pdf.js PDF renderer included). Other changes are relevant for the use in companies where LessLinux is bootet via the network – either for repairing, inspecting, enrolling Windows on client machines or the usage as thin client:

• a root password hash can now be set via boot command line
• the thin client chooser now got much more configurable regarding mapping of Xfreerdps parameters and thus “real world usable” (in fact we use LessLinux as thinclient OS already in a small office netwerk with around ten clients)
• the possibility to pass through to USB printers has been added

This build still uses kernel series 3.7 and Glibc 2.16. Due to some major changes I suspect this to remain for a few stable builds while unstable builds will soon move to 3.8 and Glibc 2.17. Download this build here:

• Download lesslinux-search-and-rescue-uluru-20130221-145507.iso

I would also like to point to the handbook I started writing. For now it just contains ~10 pages on stuff that is interesting for administrators – like netbooting, using LessLinux as a thin client or remote access to running LessLinux hosts. The hand book is work in progress and will be frequently be updated. The latest version can be downloaded from here:

• LessLinux handbook current

Since the handbook is regularily updated as work on LessLinux continues it might contain documentation on features that are not yet avaialable in the build you just downloaded. In this case refer to the version of the handbook that is contained in the buildscripts tarball of a certain release. Future releases also will add the handbook as part of the CD.