There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 46.5
Changelog v46.5
Now with heal-harddrive.sh script included from Martin Sugioarto. Check Instructions of use.
WARNING:
Be aware that running it on a drive containing a filesystem will DESTROY data, metadata and perhaps even the entire filesystem.
MAKE SURE YOU HAVE BACKUPS!
You can grab it from Here. (48.4 Mb)
root password: solobsd
lunes, 18 de julio de 2016
lunes, 4 de julio de 2016
SoloBSD Mastering: GELI
Ok, since I am reading Michael Lucas' FreeBSD Mastery: Storage Essentials I decided to get my hands dirty and learn about GELI and disk encryption. Here are my notes:
First of all, you need a new device to encrypt, you can encrypt existing devices, but you need to backup data first. I assume too that you have GELI up and running.
- Randomizing the device.
We want our device to be filled by randomness, so we apply three teaspoons of it:
I went the easy way and encrypted without a key file, this is NOT RECOMMENDED, so create your key file. (You can find how in the book :) )dd if=/dev/random of=/dev/ada0p1 bs=1m
- Initializing the provider.
You will receive the next message:geli init -s 4096 /dev/ada1p1
Metadata backup can be found in /var/backups/ad1p1.eli and can be restored with the following command:
# geli restore /var/backups/ada1p1.eli /dev/ada1p1
- Activate the device.
Ok now you have your device ready, let's create a new filesystem on it and mount it:geli attach /dev/ada1p1
newfs -j /dev/ada1p1.eli
Done? Ok now unmount and detach it.mount /dev/ada1p1.eli /mnt/
umount /mnt
Groovy!geli detach ada1p1.eli
Editando en Modo de Rescate
Cuando necesites cambiar la configuración de algún archivo, mientras estás en modo de rescate, solo debes hacer:
Y listo!# fsck -y # mount -u / # /rescue/vi /etc/fstab # mount -a # exit
lunes, 20 de junio de 2016
SoloBSD 10.3-STABLE-v46.4
There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 46.4
Changelog v46.4
You can grab it from Here. (47.6 Mb)
root password: solobsd
Changelog v46.4
You can grab it from Here. (47.6 Mb)
root password: solobsd
viernes, 17 de junio de 2016
SoloBSD Mastering: ezjail and iocage
Today I decided to give a try again on jails in FreeBSD/HardenedBSD and found this great Tutorial about handling jails with ezjail.
I must confess that this is the first time I am playing around with jails, mostly because I have always used BSD systems inside Virtual Machines and didn´t know if I can run jails inside VMs. But now I know you can!
It is really simple to deploy a jail using ezjail, you can customize your jail using the configuration file and you are good to go. I have small issues on HardenedBSD because ezjail by default fetches source packages from ftp.freebsd.org. I wanted to create a HardenedBSD jail fetching packages but at the moment the project doesn´t have an FTP site configured for this. So I had to go with FreeBSD sources.
I had to install it without ports because HardenedBSD doesn´t use portsnap. But at the end I was able to log into the jail without any problems and was able to install packages inside of the jail. I know there are several more ways to install FreeBSD inside a jail, which I will explore in future posts.
UPDATE:
I just tried with iocage, following this excellent Tutorial and I think it is easier to manage jails with it. You need less things to be configured in order to run the jail.
This time the test system was PC-BSD, and pulled FreeBSD 10.2-RELEASE sources, this system is running with ZFS and iocage created all datasets needed automatically, how cool is that?
Comparing with Docker, I think I like jails more!
I must confess that this is the first time I am playing around with jails, mostly because I have always used BSD systems inside Virtual Machines and didn´t know if I can run jails inside VMs. But now I know you can!
It is really simple to deploy a jail using ezjail, you can customize your jail using the configuration file and you are good to go. I have small issues on HardenedBSD because ezjail by default fetches source packages from ftp.freebsd.org. I wanted to create a HardenedBSD jail fetching packages but at the moment the project doesn´t have an FTP site configured for this. So I had to go with FreeBSD sources.
I had to install it without ports because HardenedBSD doesn´t use portsnap. But at the end I was able to log into the jail without any problems and was able to install packages inside of the jail. I know there are several more ways to install FreeBSD inside a jail, which I will explore in future posts.
UPDATE:
I just tried with iocage, following this excellent Tutorial and I think it is easier to manage jails with it. You need less things to be configured in order to run the jail.
This time the test system was PC-BSD, and pulled FreeBSD 10.2-RELEASE sources, this system is running with ZFS and iocage created all datasets needed automatically, how cool is that?
Comparing with Docker, I think I like jails more!
miércoles, 1 de junio de 2016
SoloBSD 10.3-STABLE-v46.2
There is a new build of SoloBSD 10.3-STABLE based on the latest HardenedBSD stable branch version 46.2
SoloBSD Mastering: GitHub
For some weeks, I have been trying to use GitHub to manage the SoloBSD Project and make things easier for me.
So I started documenting myself and first I got to this useful Cheat Sheet. With the help of this one I was able to clone, pull, make changes to my code and push them to the remote repo. But something was missing, I need to sync my modified repo with the official HardenedBSD Stable repo in order to have the latest commits in mine.
I found this straightforward video:
- Add an upstream inside my project's path.
- Fetch the changes from it.
- Merge the changes into my code.
- Push them into my remote repo.
Voilà! Now my GitHub repo is synced with the HardenedBSD Stable repo.
Groovy!
Suscribirse a:
Entradas (Atom)