trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added Malcolm

Browse Source
This commit is contained in:
Trinitor
2021-08-06 10:35:01 +02:00
parent f043730066
commit 70f1922e80
751 changed files with 195277 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
Vagrant/resources/malcolm/malcolm-iso/config/includes.binary/boot/grub/grub.cfg Normal file
View File

@@ -0,0 +1,52 @@
# Copyright (c) 2021 Battelle Energy Alliance, LLC. All rights reserved.
set default=0
set timeout=-1
loadfont $prefix/dejavu-bold-16.pf2
loadfont $prefix/dejavu-bold-14.pf2
loadfont $prefix/unicode.pf2
set gfxmode=auto
insmod all_video
insmod gfxterm
set color_normal=cyan/black
set color_highlight=yellow/black
set menu_color_normal=black/light-gray
set menu_color_highlight=yellow/dark-gray
terminal_output gfxterm
insmod play
play 960 440 1 0 4 440 1
menuentry "Live system" {
linux /live/vmlinuz boot=live components username=analyst nosplash random.trust_cpu=on elevator=deadline cgroup_enable=memory swapaccount=1 cgroup.memory=nokmem
initrd /live/initrd.img
}
menuentry "Install Malcolm (quick install)" {
linux /install/vmlinuz preseed/file=/cdrom/install/preseed_multipar.cfg auto=true priority=high vga=normal locales=en_US.UTF-8 keyboard-layouts=us
initrd /install/initrd.gz
}
menuentry "Install Malcolm (encrypted quick install)" {
linux /install/vmlinuz preseed/file=/cdrom/install/preseed_multipar_crypto.cfg auto=true priority=high vga=normal locales=en_US.UTF-8 keyboard-layouts=us
initrd /install/initrd.gz
}
menuentry "Install Malcolm (advanced configuration)" {
linux /install/vmlinuz preseed/file=/cdrom/install/preseed_minimal.cfg auto=true priority=high vga=normal
initrd /install/initrd.gz
}
menuentry "Install Malcolm (virtual machine single partition quick install)" {
linux /install/vmlinuz preseed/file=/cdrom/install/preseed_vmware.cfg auto=true priority=high vga=normal locales=en_US.UTF-8 keyboard-layouts=us
initrd /install/initrd.gz
}
menuentry "Rescue system in text mode" {
linux /install/vmlinuz rescue/enable=true vga=normal
initrd /install/initrd.gz
}

50
Vagrant/resources/malcolm/malcolm-iso/config/includes.binary/install/preseed_base.cfg Normal file
View File

@@ -0,0 +1,50 @@
# Copyright (c) 2021 Battelle Energy Alliance, LLC. All rights reserved.
d-i hw-detect/load_firmware boolean true
d-i clock-setup/utc boolean true
d-i time/zone string Universal
d-i clock-setup/ntp boolean false
d-i clock-setup/ntp-server string 0.debian.pool.ntp.org
d-i popularity-contest/participate boolean false
localepurge localepurge/dontbothernew boolean false
localepurge localepurge/mandelete boolean true
localepurge localepurge/none_selected boolean false
localepurge localepurge/nopurge multiselect en, en_US, en_us.UTF-8, C.UTF-8
localepurge localepurge/quickndirtycalc boolean true
localepurge localepurge/remove_no note
localepurge localepurge/showfreedspace boolean false
localepurge localepurge/use-dpkg-feature boolean false
localepurge localepurge/verbose boolean false
# d-i passwd/username string analyst
# d-i passwd/user-fullname string analyst
d-i passwd/user-default-groups string audio cdrom video netdev plugdev docker vboxsf
d-i passwd/root-login boolean true
# crypted passwords via: mkpasswd -m sha-512 -S $(pwgen -ns 16 1) <password>
# uncomment to preseed passwords; otherwise installer will prompt
# d-i passwd/user-password-crypted password $6$FmMaqNyrr4TFmnJA$I2AViJlyJnRRq6G2omVVUIbvhfMGzS7iXxiexrzvMAtl5sE/kCzdKhWHTfQI2eh.HNTr5EY8gl/eGY2fwOa2u/
# d-i passwd/root-password-crypted password $6$IdgQYj2LVNUML3O1$sW2W75vVk4K4c1XAjqfrswL7GlhXWCW3jf5MVzMYAloY/soCpctkzQLKy0TXo4IS8bvGw4SJH5yZG1ZpHmRVB1
d-i apt-setup/use_mirror boolean false
d-i finish-install/reboot_in_progress note
d-i preseed/late_command string \
echo 'deb http://deb.debian.org/debian buster main contrib non-free' > /target/etc/apt/sources.list; \
echo 'deb http://security.debian.org/debian-security buster/updates main contrib non-free' >> /target/etc/apt/sources.list; \
echo 'deb http://deb.debian.org/debian buster-updates main contrib non-free' >> /target/etc/apt/sources.list; \
in-target bash /usr/local/bin/agg-init.sh; \
in-target bash -c "(dmidecode -s system-product-name | grep -q VMware) || apt-get purge -y open-vm-tools-desktop"; \
in-target bash -c "(dmidecode -s system-product-name | grep -q VirtualBox) || apt-get purge -y virtualbox-guest*"; \
in-target sed -r -i 's@(^.+\s+/(tmp|var/tmp)\s+ext4\s+.*defaults)@\1,nosuid,nodev,noexec@g' /etc/fstab; \
in-target sed -r -i 's@(^.+/media/cdrom[0-9]*.+)(noauto)(.*)@\1\2,nosuid,nodev,noexec\3@g' /etc/fstab; \
in-target sed -r -i 's@(^.+\s+/(home)\s+ext4\s+.*defaults)@\1,nosuid,nodev@g' /etc/fstab; \
in-target bash -c "( echo '\EFI\debian\grubx64.efi' > /boot/efi/startup.nsh ) || true"; \
in-target sed -i 's#^\(GRUB_CMDLINE_LINUX_DEFAULT="quiet\)"$#\1 random.trust_cpu=on elevator=deadline cgroup_enable=memory swapaccount=1 cgroup.memory=nokmem apparmor=1 security=apparmor ipv6.disable=1 audit=1"#' /etc/default/grub; \
in-target sed -i 's#^\(GRUB_CMDLINE_LINUX="\)"$#\1apparmor=1 security=apparmor audit=1"#' /etc/default/grub; \
in-target sed -i 's#^\(GRUB_DISTRIBUTOR=\).*$#\1"Hedgehog"#' /etc/default/grub; \
in-target cp /usr/share/images/desktop-base/Malcolm_background.png /boot/grub; \
in-target bash /usr/local/bin/preseed_late_user_config.sh; \
in-target grub-mkconfig -o /boot/grub/grub.cfg;

151
Vagrant/resources/malcolm/malcolm-iso/config/includes.binary/install/preseed_multipar.cfg Normal file
View File

@@ -0,0 +1,151 @@
# Copyright (c) 2021 Battelle Energy Alliance, LLC. All rights reserved.
d-i debian-installer/locale string en_US.UTF-8
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap skip-config
d-i keyboard-configuration/layout string "American English"
d-i preseed/include string preseed_base.cfg
###################################################################################################
# install root filesystem on smallest non-USB disk
d-i partman/early_command string \
ROOT_DISK=$(sh /preseed_partman_determine_disk.sh); \
pvremove -ff -y "$ROOT_DISK"*; \
debconf-set partman-auto/disk "$ROOT_DISK"; \
debconf-set grub-installer/bootdev "$ROOT_DISK"; \
sed -i.bak 's/-f $id\/skip_erase/-d $id/g' /lib/partman/lib/crypto-base.sh;
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i partman-auto/method string lvm
d-i partman-auto-lvm/new_vg_name string main
d-i partman-auto-lvm/guided_size string max
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-md/confirm boolean true
d-i partman-md/confirm_nooverwrite boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-basicmethods/method_only boolean false
d-i partman-efi/non_efi_system boolean true
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt
d-i partman/mount_style select uuid
d-i partman-auto/choose_recipe select custom
d-i partman-auto/expert_recipe string \
custom :: \
1 1 1 free \
$bios_boot{ } \
method{ biosgrub } \
. \
256 256 256 fat32 \
$primary{ } \
$iflabel{ gpt } \
$reusemethod{ } \
method{ efi } format{ } \
mountpoint{ /boot/efi } \
. \
1024 1024 1024 ext4 \
$primary{ } \
$bootable{ } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /boot } \
. \
8192 8241 16384 linux-swap \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ swap } \
method{ swap } \
format{ } \
. \
12000 16000 24000 ext4 \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ root } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ / } \
. \
18000 24000 28000 ext4 \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ var } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /var } \
. \
2000 4000 6000 ext4 \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ varlog } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /var/log } \
. \
2000 4000 6000 ext4 \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ varlogaudit } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /var/log/audit } \
. \
2000 4000 6000 ext4 \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ vartmp } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /var/tmp } \
. \
2000 4000 6000 ext4 \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ tmp } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /tmp } \
. \
6000 8000 1000000000 ext4 \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ home } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /home } \
.
###################################################################################################

91
Vagrant/resources/malcolm/malcolm-iso/config/includes.binary/install/preseed_vmware.cfg Normal file
View File

@@ -0,0 +1,91 @@
# Copyright (c) 2021 Battelle Energy Alliance, LLC. All rights reserved.
d-i debian-installer/locale string en_US.UTF-8
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap skip-config
d-i keyboard-configuration/layout string "American English"
d-i preseed/include string preseed_base.cfg
###################################################################################################
# install root filesystem on smallest non-USB disk
d-i partman/early_command string \
ROOT_DISK=$(sh /preseed_partman_determine_disk.sh); \
pvremove -ff -y "$ROOT_DISK"*; \
debconf-set partman-auto/disk "$ROOT_DISK"; \
debconf-set grub-installer/bootdev "$ROOT_DISK"; \
sed -i.bak 's/-f $id\/skip_erase/-d $id/g' /lib/partman/lib/crypto-base.sh;
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i partman-auto/method string lvm
d-i partman-auto-lvm/new_vg_name string main
d-i partman-auto-lvm/guided_size string max
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-md/confirm boolean true
d-i partman-md/confirm_nooverwrite boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-basicmethods/method_only boolean false
d-i partman-efi/non_efi_system boolean true
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt
d-i partman/mount_style select uuid
d-i partman-auto/choose_recipe select custom
d-i partman-auto/expert_recipe string \
custom :: \
1 1 1 free \
$bios_boot{ } \
method{ biosgrub } \
. \
256 256 256 fat32 \
$primary{ } \
$iflabel{ gpt } \
$reusemethod{ } \
method{ efi } format{ } \
mountpoint{ /boot/efi } \
. \
1024 1024 1024 ext4 \
$primary{ } \
$bootable{ } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ /boot } \
. \
8192 8241 16384 linux-swap \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ swap } \
method{ swap } \
format{ } \
. \
12000 16000 1000000000 ext4 \
$defaultignore{ } \
$lvmok{ } \
in_vg { main } lv_name{ root } \
method{ format } \
format{ } \
use_filesystem{ } \
filesystem{ ext4 } \
mountpoint{ / } \
.
###################################################################################################

29
Vagrant/resources/malcolm/malcolm-iso/config/includes.binary/isolinux/advanced.cfg Normal file
View File

@@ -0,0 +1,29 @@
label live
menu label ^Live system
kernel /live/vmlinuz
append boot=live components username=analyst nosplash random.trust_cpu=on elevator=deadline cgroup_enable=memory swapaccount=1 cgroup.memory=nokmem initrd=/live/initrd.img --
label install
menu label ^Install Malcolm (quick install)
kernel /install/vmlinuz
append file=/preseed_multipar.cfg initrd=/install/initrd.gz auto=true priority=high locales=en_US.UTF-8 keyboard-layouts=us --
label installenc
menu label ^Install Malcolm (encrypted quick install)
kernel /install/vmlinuz
append file=/preseed_multipar_crypto.cfg initrd=/install/initrd.gz auto=true priority=high locales=en_US.UTF-8 keyboard-layouts=us --
label installadv
menu label ^Install Malcolm (advanced configuration)
kernel /install/vmlinuz
append file=/preseed_minimal.cfg initrd=/install/initrd.gz auto=true priority=high --
label installvm
menu label ^Install Malcolm (virtual machine single partition quick install)
kernel /install/vmlinuz
append file=/preseed_vmware.cfg initrd=/install/initrd.gz auto=true priority=high locales=en_US.UTF-8 keyboard-layouts=us --
label rescue
menu label ^Rescue system in text mode
kernel /install/vmlinuz
append rescue/enable=true initrd=/install/initrd.gz --

0
Vagrant/resources/malcolm/malcolm-iso/config/includes.binary/isolinux/install.cfg Normal file
View File