1<table width="100%"> 2<tbody> 3<tr> 4<td width="33%"><a href="../Disklessian/" title="Disklessian">← Previous</a></td> 5<td><a href="../Home/#programs" title="Programs table of contents">↑ Programs TOC</a></td> 6<td width="33%"><a href="../Home/" title="Home">→ Next</a></td> 7</tr> 8</tbody> 9</table> 10 11# Building Disklessian 12 13## Prerequisitions 14 15* Virtual machine for build process 16* User livesys and group livesys in both host and VM 17* GnuPG key pair for user livesys 18* Repository configuration for contrib and non-free 19* Disklessian source archive 20* Developement packages installed 21* Repository directory for modified kernel packages 22* Modified live-build package installed 23* Patched kernel packages 24 25### Virtual machine for build process 26 27During the live system build process some packages related to boot process and init system are installed on the machine doing the build. 28To avoid unwanted changes to your computer system I recommend doing the live system build in a virtual machine. 2950 GB as virtual hard disk are sufficient for the VM, NAT networking is sufficient. Install Debian 10, 9 or 8 on it. The recommended version is Debian GNU/Linux 10 (Buster). 30Install just the base system with SSH server, no desktop. 31 32If you plan to build Disklessian with 64 bit kernel install 64 bit Debian. If you plan to build Disklessian with 32 bit kernel install 32 bit Debian. 33A 32 bit Disklessian runs on both 32 bit and 64 bit processors but does not make any use of multiple cores. 34A 64 bit Disklessian runs on 64 bit processors only and can use multiples cores. 35 36### User livesys and group livesys in both host and VM 37 38Both in the host system and in the virtual machine create a group "livesys" and a user "livesys" in that group. 39The GID for the group livesys must be the same in both host system and virtual machine. 40The UID for the user livesys must be the same in both host system and virtual machine. 41We assume the home directory for the new user is "/home/livesys". 42The /bin/bash shell should be used as login shell for livesys. 43 44### GnuPG key pair for user livesys 45 46The livesys user needs a GnuPG key pair to sign self-made packages and the kernel packages repository. 47<b><i>Warning:</i></b> This GnuPG key is "passed around" and copied to the virtual machine(s) used to build Disklessian archives. I suggest not to use your regular GnuPG key here. 48 49Inside a virtual machine there is typically no entropy source for a cryptographic pseudo random number generator (PRNG) available. So we create the key on the host system. 50On the <b>host</b> system log in as user <b>livesys</b> and create a GnuPG key pair: 51 52~~~bash 53[ -d ~/.gnupg ] || mkdir -p ~/.gnupg 54chmod 700 ~/.gnupg 55gpg2 --gen-key 56~~~ 57 58For the "kind of key" choose "RSA and RSA", for the "key size" use 4096. If you leave the pass phrase empty you are not required to enter the pass phrase when building packages or signing the kernel package repository. 59 60We can list the key using 61 62~~~bash 63gpg2 -K --keyid-format long 64~~~ 65 66Example output looks like 67 68~~~ 69/home/livesys/.gnupg/pubring.kbx 70-------------------------------- 71sec rsa4096/80618284692DE214 2018-07-20 [SC] [verfällt: 2030-07-19] 72 CECC0DD696B3AA47710D01E38FAB15E5ECBF9B2B 73uid [ ultimativ ] Live System Creator <livesys@dk-nuc-vm> 74ssb rsa4096/D185E550FA6830A8 2018-07-20 [E] [verfällt: 2030-07-19] 75~~~ 76 77The key id 80618284692DE214 and the subkey id D185E550FA6830A8 are needed in some steps below. 78 79We export the public key part to file: 80 81~~~bash 82gpg2 --armor --export 80618284692DE214 > ~/80618284692DE214-public.txt 83chmod 644 ~/80618284692DE214-public.txt 84~~~ 85 86Now we transfer data from the host system into the virtual machine: 87 88* /home/livesys/.gnupg 89* /home/livesys/80618284692DE214-public.txt 90 91For the .gnupg directory ensure all files have same permissions on the virtual machine as they have on the host system. 92 93The steps below are executed in the virtual machine. 94 95### Mark GnuPG key as trusted 96 97As <b>root</b> run: 98 99~~~bash 100apt-key add /home/livesys/80618284692DE214-public.txt 101~~~ 102 103### Configure Debian package signing for livesys 104 105Edit the livesys users .bashrc and .profile files, add a line 106 107~~~ 108export DEB_SIGN_KEYID="D185E550FA6830A8" 109~~~ 110 111at end. 112<b><i>Note:</i></b> The <i>subkey</i> id must be specified here. 113 114The user livesys should log out from all sessions in the virtual machine and log back in. Now the DEB_SIGN_KEYID variable should be set in all sessions. 115When building Debian packages or repositories the specified key is used for signing. 116 117### Repository configuration for contrib and non-free 118 119As **root** edit the /etc/apt/sources.list file and make sure to use not just the "main" repository branch but also "contrib" and "non-free". 120Change lines like: 121 122~~~ 123deb http://deb.debian.org/debian/ buster main 124deb-src http://deb.debian.org/debian/ buster main 125~~~ 126 127to 128 129~~~ 130deb http://deb.debian.org/debian/ buster main contrib non-free 131deb-src http://deb.debian.org/debian/ buster main contrib non-free 132~~~ 133 134The point is to replace all occurances of "main" by "main contrib non-free". 135 136As **root** run 137 138~~~bash 139apt-get update 140~~~ 141 142to update the list of available packages. 143 144### Disklessian source archive 145 146As user **livesys** create a "Downloads" directory, so the "/home/livesys/Downloads" directory exists. The file downloaded in the next step is placed in this directory. 147The Disklessian archive is available from the [Download area](http://sourceforge.net/projects/dktools/files/disklessian/) on the SourceForge project page. From the disklessian-<i>date</i> directory indicating the most recent version download the disklessian-<i>date</i>.tar.gz file. 148 149Run 150 151~~~bash 152tar xzf disklessian-2019-07-18.tar.gz 153~~~ 154 155to unpack the archive. Now you have a new directory "/home/livesys/Downloads/disklessian". 156 157### Development packages 158 159Package installation must be done as user **root**. Switch to that user either by 160 161~~~bash 162su - root 163~~~ 164 165or 166 167~~~bash 168sudo -i 169~~~ 170 171As root run: 172 173~~~bash 174apt-get -y install build-essential po4a core-utils udisks2 175apt-get -y build-dep linux-image-amd64 176/home/livesys/disklessian/livesys-data/root-install-packages.sh 177~~~ 178 179### Repository directory for modified kernel packages 180 181As <b>root</b> run: 182 183~~~bash 184/home/livesys/disklessian/livesys-data/root-create-repodir.sh 185~~~ 186 187### Modified live-build package 188 189The original live-build packages in Debian Buster and Stretch do not allow to create network-bootable live systems. 190 191#### Download live-build package sources 192 193As user **livesys** download the live-build package source: 194 195~~~bash 196mkdir /home/livesys/Downloads/live-build 197cd /home/livesys/Downloads/live-build 198git clone http://anonscm.debian.org/git/debian-live/live-build.git 199cd /home/livesys/Downloads/live-build/live-build 200~~~ 201 202#### Allow netboot live systems 203 204Now modify the scripts/build/binary\_grub-efi and replace 205 206~~~bash 207case "${LIVE_IMAGE_TYPE}" in 208 hdd*|netboot) 209 Echo_warning "Bootloader in this image type not yet supported by live-build." 210 Echo_warning "This would produce a not bootable image, aborting (FIXME)." 211 exit 1 212 ;; 213esac 214~~~ 215 216by 217 218~~~bash 219case "${LIVE_IMAGE_TYPE}" in 220 hdd*) 221 Echo_warning "Bootloader in this image type not yet supported by live-build." 222 Echo_warning "This would produce a not bootable image, aborting (FIXME)." 223 exit 1 224 ;; 225 netboot) 226 Echo_warning "Bootloader in this image type not yet supported by live-build." 227 Echo_warning "This might produce a not bootable image (FIXME)." 228 Echo_warning "Probably it helps to disable UEFI secure boot to boot the live system." 229 ;; 230esac 231~~~ 232 233The exact text of the Echo\_warning texts does not matter, the important point is to have no exit instruction in the netboot branch. 234 235#### Switch to Debian Buster 236 237At this time (2019-07-21) the unmodified live-build package produces Debian Stretch based live systems even when running on a Debian Buster system. 238Modify the functions/defaults.sh file and replace 239 240~~~ 241LB_DISTRIBUTION="${LB_DISTRIBUTION:-stretch}" 242~~~ 243 244by 245 246~~~ 247LB_DISTRIBUTION="${LB_DISTRIBUTION:-buster}" 248~~~ 249 250to produce live systems based on Debian Buster. 251 252#### Build and install package 253 254Now run 255 256~~~bash 257dpkg-buildpackage -b -uc -us 258~~~ 259 260This should produce a live-build\_<i>20190315</i>\_all.deb file in the /home/livesys/Downloads/live-build directory, the date may differ. 261 262As **root** install the package and make sure it is not upgraded to newer original live-build packages: 263 264~~~bash 265apt-get -y purge live-build 266cd /home/livesys/Downloads/live-build 267dpkg -i live-build_20190315_all.deb 268aptitude hold live-build 269~~~ 270 271### Patched kernel packages 272 273#### Upgrade system 274 275As <b>root</b> run: 276 277~~~bash 278apt-get update && apt-get -y dist-upgrade 279sleep 5 280shutdown -r now 281~~~ 282 283This makes sure to get and run the most recent kernel. In the next step we download the sources for exactly that kernel. 284 285#### Obtain kernel sources 286 287As <b>root</b> run: 288 289~~~bash 290uname -a 291aptitude search '^linux\-source' 292apt-get install linux-source-4.19 293~~~ 294 295The version number depends on the kernel to use, choose the most recent version number shown by "aptitude search ...". 296 297#### Unpack and configure sources 298 299As <b>livesys</b> run: 300 301~~~bash 302cd 303[ ! -d kernel ] || rm -fr kernel 304mkdir kernel 305cd kernel 306tar -xaf /usr/src/linux-source-4.19.tar.xz 307cd linux-source-4.19 308cp /usr/src/linux-config-4.19/config.amd64_none_amd64.xz . 309xz -d config.amd64_none_amd64.xz 310cp config.amd64_none_amd64 .config 311~~~ 312 313When working on a 64 bit Debian GNU/Linux installation: 314On Debian Buster or Stretch use config.amd64_none_amd64 as described above. On Debian Jessie use config.i386_none_amd64 instead. 315The live systems you build will run on 64 bit processors only. 316 317When working on a 32 bit Debian GNU/Linux installation: 318Use config.i386_none_586 to support legacy processors without PAE support. 319Use config.i386_none_686-pae instead to produce a kernel using and requiring PAE support. 320On 32 bit Debian building a 686-pae or 586 kernel you have to modify the files 321 322* /home/livesys/disklessian/livesys-data/livesys-build-kernel.sh 323* /home/livesys/disklessian/livesys-data/livesys-repository.sh 324* /home/livesys/disklessian/custom/setup.sh 325 326and set the ARCHITECTURE variable in the first two files. 327<i>Note:</i> In livesys-build-kernel.sh the value to choose is "486", in livesys-repository.sh the value to choose is "i386". 328In custom/setup.sh set the KERNELFLAVOUR to "686-pae" or "586" corresponding to the config file used. 329 330#### Apply kernel patch to disable disk access 331 332As <b>livesys</b> run: 333 334~~~bash 335cd 336cd kernel 337cd linux-source-4.19 338patch ./include/linux/libata.h /home/livesys/disklessian/livesys-data/patch_ata_dev_enabled.txt 339~~~ 340 341Alternatively you can modify the include/linux/libata.h file manually and change 342 343~~~c 344static inline unsigned int ata_dev_enabled(const struct ata_device *dev) 345{ 346 return ata_class_enabled(dev->class); 347} 348~~~ 349 350to 351 352~~~c 353static inline unsigned int ata_dev_enabled(const struct ata_device *dev) 354{ 355return ((ATA_DEV_ATAPI == dev->class) ? (ata_class_enabled(dev->class)) : (0)); 356} 357~~~ 358 359#### Build kernel and create packages 360 361As <b>livesys</b> modify the /home/livesys/disklessian/livesys-data/livesys-build-kernel.sh file, replace 362 363~~~bash 364make deb-pkg LOCALVERSION="-no-hd-${ARCHITECTURE}" KDEB_PKGVERSION=$(make kernelversion)-1 365~~~ 366 367by 368 369~~~ 370make -j 2 deb-pkg LOCALVERSION="-no-hd-${ARCHITECTURE}" KDEB_PKGVERSION=$(make kernelversion)-1 371~~~ 372 373The number argument to the -j option should match the number of processors assigned to the virtual machine. 374You can run 375 376~~~bash 377nproc 378~~~ 379 380to find that number. 381 382Now run the script: 383 384~~~bash 385cd /home/livesys/kernel/linux-4.19 386/home/livesys/disklessian/livesys-data/livesys-build-kernel.sh 387~~~ 388 389As a result you should find 3 or 4 \*.deb files in the /home/livesys/kernel directory. 390 391#### Copy packages to separated directory 392 393As <b>livesys</b> run: 394 395~~~bash 396[ ! -d /home/livesys/packages/kernel ] || rm -fr /home/livesys/packages/kernel 397[ -d /home/livesys/packages/kernel ] || mkdir -p /home/livesys/packages/kernel 398chmod 755 /home/livesys/packages/kernel 399cp /home/livesys/kernel/linux*.deb /home/livesys/packages/kernel 400chmod 644 /home/livesys/packages/kernel/* 401~~~ 402 403#### Create changes file for reprepro 404 405As <b>livesys</b> run: 406 407~~~bash 408cd /home/livesys/packages/kernel 409changestool --create-with-all-fields kernel.changes add linux-image*.deb 410changestool kernel.changes setdistribution stable 411~~~ 412 413Inspect the kernel.changes file, after the 414 415~~~ 416Version: ... 417~~~ 418 419line there should be a line 420 421~~~ 422Distribution: stable 423~~~ 424 425Manually add the line if it is missing. 426 427#### Integrate packages into repository 428 429<b>For this step you must be logged in to the virtual machine as user <i>livesys</i>! 430Logging in as another user and attempting to use "su" in a terminal is not sufficient, reprepro will fail to ask for a passphrase for the GPG key to sign repository data! 431</b> 432 433~~~bash 434/home/livesys/disklessian/livesys-data/livesys-repository.sh 435~~~ 436 437The system will ask you for the GPG keys passphrase unless you decided to let the pass phrase empty while creating the key. 438After completing the command you can log out and log into your normal user account. 439 440#### Test local repository 441 442As <b>root</b> run: 443 444~~~bash 445cp /home/livesys/disklessian/livesys-data/apt-disklessian.txt /etc/apt/sources.list.d/disklessian.list 446chmod 644 /etc/apt/sources.list.d/disklessian.list 447apt-get update 448~~~ 449 450This should not result in error messages about missing GPG keys... 451Go back to previous state, run 452 453~~~bash 454rm -fr /etc/apt/sources.list.d/disklessian.list 455apt-get update 456~~~ 457 458to remove the repository from the build systems repository list. 459 460--- 461 462## Example - Build ISO for USB device or CD/DVD 463 464### Prepare persistent configuration directory 465 466As **livesys** run 467 468~~~bash 469cd /home/livesys/Downloads/disklessian 470mkdir /home/livesys/custom-disklessian 471ln -s /home/livesys/custom-disklessian custom 472~~~ 473 474Customization for a Disklessian live system is stored in the "custom" subdirectory of the working directory. 475Creating the real directory outside the working directory allows to re-use the customization later after we have deleted this working directory and downloaded a newer version of the Disklessian archive. 476 477### Configure live system 478 479#### Create setup script custom/setup.sh 480 481Create a new file custom/setup.sh with the following contents 482 483~~~bash 484#! /bin/bash 485 486~~~ 487 488Open the mklivesys.sh file in a text editor and mark the text between the blocks (including the blocks) 489 490~~~bash 491# ##### START OF CONFIGURATION SECTION ##### 492# 493# 494~~~ 495 496and 497 498~~~bash 499# 500# 501# ##### END OF CONFIGURATION SECTION ##### 502~~~ 503 504Copy the marked text and paste it at the end of the custom/setup.sh file. 505 506Now we have a customization template file still configured to the defaults. 507 508#### The LIVESYSTYPE variable 509 510The debian-build-disklessian.sh script invokes the mklivesys.sh and passes "disklessian" as first argument. 511The mklivesys.sh script sets the LIVESYSTYPE variable to the live system type, one from: 512 513* dktoolian 514* disklessian 515 516This variable is used later in configuration. 517 518#### The DEBVMAJ variable 519 520At startup the mklivesys.sh script reads the /etc/debian\_version file and sets the DEBVMAJ variable to the Debian version code name, one from: 521 522* buster 523* stretch 524* jessie 525 526This variable is used later in configuration. 527 528#### Modify setup script custom/setup.sh 529 530Now the have to modify variables in the custom/setup.sh file depending on our configuration decisions. 531 532##### Basic decisions 533 534**DESKTOP** 535Which graphical desktop to use? 536The following choices are available: 537 538* xfce 539* gnome 540* lxde 541* mate 542* lxqt 543* cinnamon 544* kde 545 546Recommended value: "gnome" or "xfce". The remaining desktop choices are experimental (not fully supported). The LXQT desktop is available on Debian Buster and Stretch only. 547<b>Note:</b> For Disklessian you can <i>not</i> choose "none" here. 548 549**LIVETYPE** 550What media use to boot? 551The following choices are available: 552 553* hybrid 554* nfs 555* hdd 556 557Use "hybrid" to produce an ISO for USB devices or CD/DVD. 558Use "nfs" for a PXE bootable live system, you have to set NFSSERVER to the IP address of the used NFS server and NFSPATH to the shared NFS root directory of the live system. Network boot is covered more detailed in the next example. 559Use "hdd" to produce a live system you can save on a hard disk partition. Unfortunately building hdd images is disabled in the live-build package in Debian Buster and Stretch, so this option is not available. 560 561**CONFIGURED** 562Did you configure the basic decisions? 563Available choices, as for all booleans: 564 565* yes 566* no 567 568Set this to "yes". The purpose of this variable is to prevent live system building without basic configuration. 569 570##### Kernel to use 571 572**KERNELFLAVOUR** 573Processor type the kernel is made for, one from: 574 575* amd64 576* 686-pae 577* 586 578 579**KERNELVERSION** 580The kernel version number. 581Leave empty for automatic detection (kernel version from build system) or run: 582 583~~~bash 584uname -a 585~~~ 586 587The example output 588 589~~~ 590Linux dk-nuc 4.19.0-5-amd64 #1 SMP Debian 4.19.37-5+deb10u1 (2019-07-19) x86_64 GNU/Linux 591~~~ 592 593indicates 4.19.37 as kernel version number. 594 595##### Package installation 596 597**PUBKEYFILE** 598Name of the file containing the livesys users public GnuPG key. 599In our example we use PUBKEYFILE="/home/livesys/80618284692DE214-public.txt". 600 601**UPDATESYSTEM** 602Boolean. Update the build host before building a live system? 603Recommended value: "yes", unless you manually update the build host before creating multiple live systems. 604 605**APTRECOMMENDS** 606This boolean is ignored when building Disklessian, it is only used when building DKtoolian. 607 608**ALLOWNONFREE** 609Boolean. Allow or deny the use of non-free firmware files or packages. 610When producing live systems for use by yourself set this to "yes". 611<i>Note:</i> Live systems containing non-free firmware files are not redistributable. If you plan to offer the live system to the public, choose "no" here. 612 613**ALLOWUNSIGNEDPKG** 614Boolean. Allow or deny the use of unsigned packages. 615Recommended value: "no" unless you want to add unsigned self-made packages to your live system. 616 617**ALLOWAPTINDICES** 618Boolean. Add apt indices to the live system. 619Recommended value: "no". 620 621**ALLOWLIBREOFF** 622Boolean. Allow or deny installation of LibreOffice files. 623Recommended value: "no" unless you need LibreOffice in the live system. 624 625##### Additional data to inject 626 627**DATADIR** 628Root directory for additional contents or "-" for no additional contents. 629Leave the value empty to use the default /usr/local/disklessian. 630If you set DATADIR="/opt/myfiles", the file "/opt/myfile/usr/local/share/abc/def.txt" appears as "/usr/local/share/abc/def.txt" in the running live system. 631A number of variations of the directory name is also used: 632 633* ${DATADIR} 634* ${DATADIR}-${DESKTOP} 635* ${DATADIR}-${DEBVMAJ} 636* ${DATADIR}-${DEBVMAJ}-${DESKTOP} 637* ${DATADIR}-${LIVESYSTYPE} 638* ${DATADIR}-${LIVESYSTYPE}-${DESKTOP} 639* ${DATADIR}-${LIVESYSTYPE}-${DEBVMAJ} 640* ${DATADIR}-${LIVESYSTYPE}-${DEBVMAJ}-${DESKTOP} 641 642Another place to inject files into the live system are subdirectories of the custom directory. This is explained later. 643 644##### Networking 645 646**SHORTIFNAMES** 647Boolean. Use short interface names like "eth0" and "wlan0" instead of long names. 648Recommended value: "yes" unless you are sure long interface names work for your network interfaces. 649On my Debian 10 system I have an external WiFi adapter attached via USB. Using long interface names results in WiFi deauthentication. Some web articles say that some firmware and/or kernel modules use buffers for interface names designed too small for the long names. 650 651**LIVEAPPENDIP** 652IP settings to append to the live systems kernel parameters, one from: 653 654* <i>device</i>:<i>address</i>:<i>netmask</i>:<i>gateway</i>:<i>nameserver</i><br>i.e. "eth0:192.0.2.42:255.255.255.0:192.0.2.1:192.0.2.50" to specify network interface, IP address, net mask, default gateway and DNS server to use. 655* dhcp<br>to use the DHCP protocol to obtain network setup. 656* bootp<br>to use the BOOTP protocol. 657* rarp<br>to use the RARP protocol. 658* on<br>to attempt DHCP, BOOTP and RARP. 659* frommedia<br>to check the live systems /etc/network/interfaces file. 660* none<br>to disable networking. 661 662##### Network time synchronization 663 664**NTPSERVER** 665NTP server to query, either IP address or host name. 666Leave empty to not use NTP. 667 668**USENTPDAEMON** 669Boolean. Run NTP daemon and query NTP server regularly or set time just once at startup. 670Ignored if no NTP server specified. 671 672##### Text console setup 673 674Disklessian always uses a graphical desktop, so we can ignore the variables related to the text console: 675 676* **LIVEAPPENDVGA** 677* **CONSOLEFONT** 678 679##### Accessability 680 681**BOOTMENUBEEP** 682Boolean. Beep when boot menu is shown? 683A beep informs blind or visually impaired people when the boot menu is shown so they can add kernel parameters for screen readers... 684 685##### Publisher information 686 687**PUBLISHER** 688Who publishes this live system? 689Enter the name of the person or the organization publishing this live system. 690 691##### Debugging 692 693**VERBOSE** 694Boolean. Show debug output during live system __creation__. 695 696**SERIALCONSOLE** 697Boolean. Write messages to serial console while live system __is running__. 698If this flag is not set, users of the live system can add kernel parameters like "console=ttyS1 console=tty0" when booting the live system. 699 700##### Localization 701 702**LANGSHORT** 703Short name for the language, i.e. "de" or "en". 704Recommended value: leave empty for automatic selection (language the build system uses). 705 706**LANGFULL** 707Full language, region and encoding string, i.e. "de\_DE.UTF-8" or "en\_US.UTF-8". 708Recommended value: leave empty for automatic selection (same settings as used on the build system). 709 710**LIVEAPPENDLOCALES** 711Locales settings appended as kernel parameters, same style as LANGFULL. 712Recommended value: leave empty for automatic selection (LANGFULL settings). 713 714**LIVEAPPENDTIMEZONE** 715Timezone settings appended as kernel parameters. 716Recommended value: leave empty for automatic selection (same settings as used on the build system). 717 718**CONSKEYMAP** 719Ignored when building Disklessian. 720 721**XKBMODEL** 722**XKBLAYOUT** 723**XKBVARIANT** 724**XKBOPTIONS** 725**XKBBACKSPACE** 726Values for the /etc/default/keyboard file, see keyboard(5). 727Recommended values: leave empty for automatic selection matching the current settings on the build system. 728 729**LIVEAPPENDKBDLAYOUTS** 730Keyboard layout appended as kernel parameters. 731Recommended value: leave empty for automatic selection ($LANGSHORT). 732Use LIVEAPPENDKBDLAYOUTS="-" to avoid appending keyboard layout related kernel parameters. 733 734##### Other live system options 735 736**LIVEAPPENDCUSTOM** 737Other kernel parameters you want to append. 738Recommended value: leave empty. 739Example choices: 740 741* live-config.noautologin<br>to avoid automatic login to the live system. 742* live-config.noroot<br>to deny sudo for the live system user. 743 744##### WiFi 745 746<b><i>Security note:</i></b> Create images containing WiFi access data only for yourself or for use by specific persons or on specific computers. 747Publishing an image with included WiFi access data discloses your WiFi access data to the public! 748 749**WIFISSID** 750**WIFIPSK** 751**WIFIMAC** 752**WIFIUUID** 753Data to set up a WPA2 personal WiFi connection. 754 755##### Package download optimization 756 757For all the variables below you can leave the value empty to choose a default. 758 759**PARENTMIRRORBOOTSTRAP** 760Mirror for bootstrapping the live system. 761The default http://ftp.de.debian.org/debian/ is probably a good choice for users in Germany, other users should select a server better matching their country. 762 763**PARENTMIRRORCHROOT** 764Mirror used in the chroot stage. 765Recommended value: leave empty to use $PARENTMIRRORBOOTSTRAP. 766 767**PARENTMIRRORCHROOTSECURITY** 768Mirror for security updates used in the chroot stage. 769Recommended value: leave empty to use http://security.debian.org/debian/ as default. 770 771**PARENTMIRRORCHROOTUPDATES** 772Mirror for package updates used in the chroot stage. 773Recommended value: leave empty to use $PARENTMIRRORCHROOT. 774 775**PARENTMIRRORCHROOTBACKPORTS** 776Mirror for backports in the chroot stage. 777Recommended value: leave empty to use http://backports.debian.org/debian-backports/ as default. 778 779**PARENTMIRRORBINARY** 780Mirror used by the live system. 781Recommended value: leave empty to use http://http.debian.net/debian/ as default. 782 783**PARENTMIRRORBINARYSECURITY** 784Mirror for security updates used by the live system. 785Recommended value: leave empty to use http://security.debian.org/ as default. 786 787**PARENTMIRRORBINARYUPDATES** 788Mirror for packages updates used by the live system. 789Recommended value: leave empty to use $PARENTMIRRORBINARY as default. 790 791**PARENTMIRRORBINARYBACKPORTS** 792Mirror for backports used by the live system. 793Recommended value: leave empty to use http://backports.debian.org/debian-backports/ as default. 794 795**PARENTMIRRORDEBIANINSTALLER** 796Mirror to fetch Debian installer images from. 797Recommended value: leave empty to use $PARENTMIRRORBOOTSTRAP. 798 799**MIRRORBOOTSTRAP** 800Mirror used to bootstrap the derivative from. 801Leave empty to use http://ftp.de.debian.org/debian/ as default. 802<b>The default is probably not an optimal choice for users from outside Europe.</b> 803 804**MIRRORCHROOT** 805Mirror used in the chroot stage to build the derivative. 806Recommended value: leave empty to use $MIRRORBOOTSTRAP. 807 808**MIRRORCHROOTSECURITY** 809Mirror for security updates used in the chroot stage to build the derivative. 810Recommended value: leave empty to use http://security.debian.org/debian/ as default. 811 812**MIRRORCHROOTUPDATES** 813Mirror for package updates used in the chroot stage to build the derivative. 814Recommended value: leave empty to use $MIRRORCHROOT. 815 816**MIRRORCHROOTBACKPORTS** 817Mirror for backports used in the chroot stage to build the derivative. 818Recommended value: leave empty to use http://backports.debian.org/debian-backports/ as default. 819 820**MIRRORBINARY** 821Derivative package mirror used by the live system. 822Recommended value: leave empty to use the live-build packages default. 823 824**MIRRORBINARYSECURITY** 825Derivatives security package mirror used by the live system. 826Recommended value: leave empty to use the live-build packages defaults. 827 828**MIRRORBINARYUPDATES** 829Derivatives backports package mirror used by the live system. 830Recommended value: leave empty to use the live-build packages defaults. 831 832**MIRRORBINARYBACKPORTS** 833Derivatives backports package mirror used by the live system. 834Recommended value: leave empty to use the live-build packages defaults. 835 836**MIRRORDEBIANINSTALLER** 837Derivatives mirror used to fetch Debian installer images. 838Recommended value: leave empty to use the live-build packages defaults. 839 840#### Add further packages from Debian repositories 841 842The package lists contain one package name per line, optionally followed by a comment (started by '#'). Create and/or modify the files as necessary. 843 844* custom/pkg.txt 845* custom/pkg-${DESKTOP}.txt 846* custom/pkg-${DEBVMAJ}.txt 847* custom/pkg-${DEBVMAJ}-${DESKTOP}.txt 848* custom/pkg-${LIVESYSTYPE}.txt 849* custom/pkg-${LIVESYSTYPE}-${DESKTOP}.txt 850* custom/pkg-${LIVESYSTYPE}-${DEBVMAJ}.txt 851* custom/pkg-${LIVESYSTYPE}-${DEBVMAJ}-${DESKTOP}.txt 852 853The custom/pkg.txt file is used always, the custom/pkg-disklessian-buster-gnome.txt is only used when building a Disklessian live system based on Debian Buster with Gnome desktop. 854 855#### Add further packages (\*.deb files) 856 857Create one of the directories named below and place the \*.deb files there: 858 859* custom/pkgs 860* custom/pkgs-${DESKTOP} 861* custom/pkgs-${DEBVMAJ} 862* custom/pkgs-${DEBVMAJ}-${DESKTOP} 863* custom/pkgs-${LIVESYSTYPE} 864* custom/pkgs-${LIVESYSTYPE}-${DESKTOP} 865* custom/pkgs-${LIVESYSTYPE}-${DEBVMAJ} 866* custom/pkgs-${LIVESYSTYPE}-${DEBVMAJ}-${DESKTOP} 867 868The contents of the custom/pkgs directory is always used. The contents of the custom/pkgs-disklessian-buster-xfce directory is only used when building a Disklessian live system based on Debian Buster with XFCE desktop. 869 870#### Add files to the live system 871 872Create one of the directories named below and place the files to add to the live system there: 873 874* custom/root 875* custom/root-${DESKTOP} 876* custom/root-${DEBVMAJ} 877* custom/root-${DEBVMAJ}-${DESKTOP} 878* custom/root-${LIVESYSTYPE} 879* custom/root-${LIVESYSTYPE}-${DESKTOP} 880* custom/root-${LIVESYSTYPE}-${DEBVMAJ} 881* custom/root-${LIVESYSTYPE}-${DEBVMAJ}-${DESKTOP} 882 883The contents of the custom/root directory is always used. The contents of the custom/root-disklessian-buster-none directory is only used when building a Disklessian live system based on Debian Buster without graphical desktop. 884 885#### Special case: /etc files 886 887Some configuration files in the live systems /etc directory and subdirectories are generated or overwritten automatically at boot time. To provide corrected versions for such files, place them in the /usr/share/dklivesys/etc directory of the live system, i.e. by using the custom/root/usr/share/dklivesys/etc or ${DATADIR}/usr/share/dklivesys/etc directory. 888 889A special hook copies the contents of the live systems /usr/share/dklivesys/etc to /etc at the end of the boot process immediately before the user login is allowed. 890 891If — for example — your DHCP service provides incomplete information about DNS servers, you might want to place a correct resolv.conf file in the custom/root/usr/share/dklivesys/etc directory. 892 893#### Add hooks 894 895Hooks are scripts executed when building the live system. The files must be executable. 896The file name should have a 4 digits decimal number at start. The file name suffixes ".hook.chroot" and ".hook.binary" must be used to indicate whether to execute the hook in the chroot stage or in the binary stage. 897Place the hook scripts in one of the directories below: 898 899* custom/hooks 900* custom/hooks-${DESKTOP} 901* custom/hooks-${DEBVMAJ} 902* custom/hooks-${DEBVMAJ}-${DESKTOP} 903* custom/hooks-${LIVESYSTYPE} 904* custom/hooks-${LIVESYSTYPE}-${DESKTOP} 905* custom/hooks-${LIVESYSTYPE}-${DEBVMAJ} 906* custom/hooks-${LIVESYSTYPE}-${DEBVMAJ}-${DESKTOP} 907 908The hooks in the custom/hooks directory are always used. The hooks in the custom/hooks-disklessian-buster-gnome directory are used only when building a Disklessian live system based on Debian Buster with Gnome desktop. 909 910### Build live system 911 912As **root** execute 913 914~~~bash 915cd /home/livesys/Downloads/disklessian 916./debian-build-disklessian.sh 917~~~ 918 919On success an *.iso file is created in the livesys directory. 920 921### Install ISO file on CD/DVD 922 923To create a CD or DVD use your favourite CD/DVD writer application. 924 925### Install ISO file on USB 926 927<b><i>Warning:</i></b> Installing the ISO file to USB stick as shown here overwrites all data on the USB stick. That means all data previously saved to that USB stick is lost. Make sure to use a new USB stick or a USB stick not containing valuable data. 928 929#### Install ISO file to USB on Windows 930 931On Windows there are several tools available to install an ISO file to USB. Here are two suggestions: 932 933Program|Homepage 934-------|-------- 935UNetbootin|[http://unetbootin.github.io](http://unetbootin.github.io) 936Rufus|[http://rufus.ie](http://rufus.ie) 937 938#### Install ISO file to USB on Linux 939 940After attaching the USB stick wait some seconds. 941 942As **root** run 943 944~~~bash 945dmesg 946~~~ 947 948The example output 949 950~~~ 951[ 9995.686615] scsi 4:0:0:0: Direct-Access Imation Swivel PMAP PQ: 0 ANSI: 4 952[ 9995.687431] sd 4:0:0:0: Attached scsi generic sg2 type 0 953[ 9996.866161] sd 4:0:0:0: [sdc] 15116736 512-byte logical blocks: (7.74 GB/7.21 GiB) 954[ 9996.866418] sd 4:0:0:0: [sdc] Write Protect is on 955[ 9996.866425] sd 4:0:0:0: [sdc] Mode Sense: 23 00 80 00 956[ 9996.866662] sd 4:0:0:0: [sdc] No Caching mode page found 957[ 9996.866669] sd 4:0:0:0: [sdc] Assuming drive cache: write through 958[ 9996.888969] sdc: sdc1 959[ 9996.890600] sd 4:0:0:0: [sdc] Attached SCSI removable disk 960~~~ 961 962indicates that the system assigned the device name sdc to the stick. 963 964So we run 965 966~~~bash 967mount | grep sdc 968~~~ 969 970The example output 971 972~~~ 973/dev/sdc1 on /media/krause/SWIVEL type vfat (ro,nosuid,nodev,relatime,uid=3023,gid=3001,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,showexec,utf8,flush,errors=remount-ro,uhelper=udisks2) 974~~~ 975 976shows that partition sdc1 is currently mounted. 977 978We run 979 980~~~bash 981umount /dev/sdc1 982~~~ 983 984to unmount the file system. 985 986Now we can use 987 988~~~bash 989cd /home/livesys/Downloads/dktools-4.24.0/livesys 990dd if=live-image-amd64.hybrid.iso of=/dev/sdc bs=1048576 conv=fdatasync 991sleep 5 992sync 993sleep 5 994udisksctl power-off --block-device /dev/sdc 995~~~ 996 997to write the ISO file to USB. 998 999 1000--- 1001 1002## FAQ 1003 1004### How do I add WiFi access 1005 1006<b>Security note:</b> Create images containing WiFi access data only for yourself or for use by specific persons or on specific computers. 1007Publishing an image with included WiFi access data discloses your WiFi access data to the public! 1008 1009* Many (most ?) WiFi devices do not work without non-free firmware files. Probably you want to set ALLOWNONFREE="yes" in custom/setup.sh 1010* Create a live system without WiFi access first. 1011* Run the live system. 1012* Manually connect to WiFi, enter the WiFi key/password when asked. 1013* Connection data is stored in a new file in the /etc/NetworkManager/system-connections directory in the live system. Copy that file into the /home/livesys/disklessian/custom/root/etc/NetworkManager/system-connections directory (recommended) or the ${DATADIR}/etc/NetworkManager/system-connections directory of the build system in the virtual machine used to build the live system. Create the /.../etc/NetworkManager/system-connections directory and the parent directories if not yet present.<br><b>Correct file ownership and permissions:</b> Only root should have permission to read or write the file. 1014* Now build the live system once again. 1015 1016<table width="100%"> 1017<tbody> 1018<tr> 1019<td width="33%"><a href="../Disklessian/" title="Disklessian">← Previous</a></td> 1020<td><a href="../Home/#programs" title="Programs table of contents">↑ Programs TOC</a></td> 1021<td width="33%"><a href="../Home/" title="Home">→ Next</a></td> 1022</tr> 1023</tbody> 1024</table> 1025