build it yourself or grab some stage2 aka core
mkdir -p /data/kernels/sabotage/ cd /data/kernels/sabotage/ #wget http://ftp.barfooze.de/pub/sabotage/sabotage-1.1.24-x86_64-rootfs-core-1f74666.tar.xz wget http://mirrors.2f30.org/sabotage/sabotage-1.1.24-x86_64-rootfs-core-1f74666.tar.xz ln -s sabotage-1.1.24-x86_64-rootfs-core-1f74666.tar.xz sabotage.tar.gz
mkdir -p /data/guests/sabotage/lala/ cd /data/guests/sabotage/
sparse file right below the 8589934591
bytes limit for tar and ustar formats: 8192 - 1 MiB
dd if=/dev/zero of=sabotage.reiser4 bs=1M count=0 seek=8191 # --or-- even better, just one block of 4K behind # 8589934591 - 4096 #dd if=/dev/zero of=sabotage.reiser4 bs=8589930496 count=0 seek=1
REISER4
mkfs.reiser4 --discard --force --yes sabotage.reiser4 mount sabotage.reiser4 lala/
–or– EXT4
dd if=/dev/zero of=sabotage.ext4 bs=1M count=0 seek=8191 mkfs.ext4 sabotage.ext4 #dumpe2fs sabotage.ext4 | grep features #tune2fs -O ^metadata_csum sabotage.ext4 mount sabotage.ext4 lala/
tar xaf /data/kernels/sabotage/sabotage.tar.xz mv sabotage-rootfs-core-1f74666/rootfs/* lala/ ls -alF sabotage-rootfs-core-1f74666/rootfs/ # all gone rm -rf sabotage-rootfs-core-1f74666/ cp -pi lala/etc/fstab lala/etc/fstab.dist vi lala/etc/fstab /dev/xvda1 / reiser4 defaults 0 1 proc /proc proc defaults 0 0 devpts /dev/pts devpts defaults 0 0 shm /dev/shm tmpfs nodev,nosuid 0 0 mv lala/etc/service/ttyS0/ lala/etc/service/hvc0/ sed -i 's/ttyS0/hvc0/g' lala/etc/service/hvc0/run
assuming some XEN DomU-capable kernel in da place. otherwise grab our kernel builds.
mkdir lala/lib/modules/ tar xzf /data/kernels/5.2.21.domureiser4.modules.tar.gz -C lala/lib/modules/
remove hwclock and that hotplug thing line 23
cp -pi lala/etc/rc.boot lala/etc/rc.boot.dist chmod -x lala/etc/rc.boot.dist vi lala/etc/rc.boot (remove hwclock) #echo /sbin/mdev > /proc/sys/kernel/hotplug (get rid of the `/tmp/` write-test condition right after rw=true) cp -pi lala/etc/rc.shutdown lala/etc/rc.shutdown.dist chmod -x lala/etc/rc.shutdown.dist vi lala/etc/rc.shutdown (remove hwclock there also) ls -lF lala/etc/rc.modules # no exist echo modprobe tmem > lala/etc/rc.modules chmod +x lala/etc/rc.modules cp -pi lala/etc/rc.local lala/etc/rc.local.dist chmod -x lala/etc/rc.local.dist vi lala/etc/rc.local do_static_ip=true if=eth0 ip=10.1.1.9 nm=255.255.255.0 gw=10.1.1.254 cp -pi lala/etc/profile lala/etc/profile.dist vi lala/etc/profile TZ="Europe/Moscow" #TZ="Europe/Paris" case "$-" in *i*) alias ls='ls --group-directories-first --color=auto' alias ll='ls --group-directories-first --color=auto -alh' alias cp='cp -i' alias mv='mv -i' alias rm='rm -i' ;; esac du -sh lala/ # v1.1.19 ext4 174M # v1.1.19 reiser4 454M # v1.1.24 ext4 293M # v1.1.24 reiser4 789M rm -f lala/root/.ash_history
default password is sabotage but that’s already too complicated to remember
ls -lhF lala/etc/shadow cp -pi lala/etc/shadow lala/etc/shadow.dist chroot lala/ passwd -d root diff -bu lala/etc/shadow.dist lala/etc/shadow #mv lala/etc/shadow lala/etc/shadow.dist #echo root:*:15082:0::::: > lala/etc/shadow #chmod 400 lala/etc/shadow
no need for RSA host key and enable the daemon at boot-time
cat lala/var/service/dropbear/run ls -lF lala/var/service/dropbear/down rm -f lala/var/service/dropbear/down
and you’re done
umount lala/ rmdir lala/
assuming a domU kernel, as stated above
ls -lhF /data/kernels/5.2.21.domureiser4.vmlinuz vi sabotage kernel = "/data/kernels/vmlinuz" root = "/dev/xvda1 ro console=hvc0 mitigations=off" #extra = "init=/bin/mksh" name = "sabotage" vcpus = 2 memory = 1024 disk = ['tap:tapdisk:aio:/data/guests/sabotage/sabotage.reiser4,xvda1,w'] vif = [ 'bridge=guestbr0, vifname=sabotage.0' ] type = "pvh" xl create sabotage -c lsmod | grep tmem free -m
post-installation
check connection
ping -c3 opendns.com
eventually mount the system read-write
mount mount -o remount,rw / #-n
chose packages are already there with the v1.1.24 core?
#butch search ksh #butch install mksh #butch install openssh #butch install htop ln -s mksh /bin/ksh
install a few packages
butch search ... butch install ...
re-enable some services e.g.
butch-install-service openssh /var/service/openssh/run rm -f /var/service/openssh/down
and eventually further tune your environment and MKSH shell
or just make a template out of it
sync rm -f .ash_history ^] xl shu sabotage cd ../ newtemplate.bash sabotage
You’re now ready to reboot and switch to read-only mode.
reboot
your system should be read-only but /var/
and /tmp/
mount ps auxfww | grep ssh
in case you just want a chroot instead of a XEN guest
mkdir lala/ mount saboage.ext4 lala/ mount -o bind /dev/ lala/dev/ mount -o bind /dev/pts/ lala/dev/pts/ mount -o bind /proc/ lala/proc/ mount -o bind /sys/ lala/sys/ chroot lala/ /bin/mksh
and once you’re done
umount -R lala/
generate some host keys otherwise the daemon won’t start
ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -C "root@sabotage" -N ""
fix that
/etc/rc.boot: line 23: can't create /proc/sys/kernel/hotplug: nonexistent directory
To create a user, it’s a bit specific.
adduser -s /bin/sh -G GROUPNAME -D USERNAME # -D Don't assign a password chmod 700 /home/USERNAME/
/etc/ssh/sshd_config line 6: Deprecated option UsePrivilegeSeparation
==> remove that useless line
Subsystem sftp /opt/openssh/lib/ssh/sftp-server
Index of /sabotage/ http://mirrors.2f30.org/sabotage/
Index of /pub/sabotage/ http://ftp.barfooze.de/pub/sabotage/
Runit tools in busybox - up to the task? https://busybox.net/kill_it_with_fire.txt