diff options
-rw-r--r-- | README.md | 8 | ||||
-rw-r--r-- | debootstrap_1.0.89-devuan2.1_all.deb | bin | 0 -> 66720 bytes | |||
-rwxr-xr-x | installMinimalDevuanASCII.sh | 392 |
3 files changed, 400 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..fa1ec9e --- /dev/null +++ b/README.md | |||
@@ -0,0 +1,8 @@ | |||
1 | A script to do a debootstrap install of Devuan ASCII. | ||
2 | |||
3 | I wrote this long ago to install Devuan ASCII on my desktop and my remote | ||
4 | server. It's full of stuff that is specific to my needs. It may be | ||
5 | educational to someone. I did intend to document it, but I got busy with | ||
6 | other stuff. | ||
7 | |||
8 | It assumes the existance of a fileSystem.tar.xz, which I'll commit later. | ||
diff --git a/debootstrap_1.0.89-devuan2.1_all.deb b/debootstrap_1.0.89-devuan2.1_all.deb new file mode 100644 index 0000000..fbd339e --- /dev/null +++ b/debootstrap_1.0.89-devuan2.1_all.deb | |||
Binary files differ | |||
diff --git a/installMinimalDevuanASCII.sh b/installMinimalDevuanASCII.sh new file mode 100755 index 0000000..8d95f5e --- /dev/null +++ b/installMinimalDevuanASCII.sh | |||
@@ -0,0 +1,392 @@ | |||
1 | # User tweakable parameters. | ||
2 | # GOLIVE - CACHE is only needed for the desktop during testing. | ||
3 | #CACHE="sda23" | ||
4 | DISK="sdb2" | ||
5 | MIRROR="http://deb.devuan.org/" | ||
6 | NS="8.8.8.8" | ||
7 | #PASS="password" | ||
8 | TYPE="server" | ||
9 | TZ="Europe/Amsterdam" | ||
10 | USER="onefang" | ||
11 | WORK="/media/devuan_install" | ||
12 | |||
13 | |||
14 | # Filter out the worst of the excess output. | ||
15 | aptInstall () | ||
16 | { | ||
17 | chroot ${WORK} apt-get --yes install $* | grep -v -e "^Selecting previously unselected package " -e "^Preparing to unpack " -e "^ create mode " -e "^ rename " | ||
18 | } | ||
19 | |||
20 | |||
21 | # Setup the disk. | ||
22 | umount /dev/${DISK} | ||
23 | mkdir -p ${WORK} | ||
24 | dpkg -i debootstrap_1.0.89-devuan2.1_all.deb | ||
25 | mkfs.ext4 -j -O extent -L "" /dev/${DISK} | ||
26 | sync | ||
27 | mount /dev/${DISK} ${WORK} | ||
28 | mkdir -p ${WORK}/var/cache/apt/archives | ||
29 | #mount /dev/${CACHE} ${WORK}/var/cache/apt | ||
30 | mount --bind /var/cache/apt/archives ${WORK}/var/cache/apt/archives | ||
31 | |||
32 | |||
33 | # Various env variable tweaks. | ||
34 | export DEBIAN_FRONTEND=readline | ||
35 | export TERM=xterm-color | ||
36 | export LANG=C.UTF-8 | ||
37 | # Prevent some leakage. | ||
38 | export LD_LIBRARY_PATH="" | ||
39 | export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin" | ||
40 | export PKG_CONFIG_PATH="" | ||
41 | export PYTHONINCLUDE="" | ||
42 | export PYTHONPATH="" | ||
43 | export XDG_DATA_DIRS="" | ||
44 | |||
45 | |||
46 | # Start installing it. | ||
47 | debootstrap --arch amd64 --variant=minbase --include=makedev,apt-utils,git,etckeeper,rsyslog,swapspace,debconf-utils ascii ${WORK} ${MIRROR}/merged | ||
48 | |||
49 | # Setup the chroot. | ||
50 | mount -o bind /sys ${WORK}/sys | ||
51 | chroot ${WORK} /bin/bash <<- zzzEOFzzz | ||
52 | mount -t proc proc /proc | ||
53 | mount -t devpts devpts /dev/pts | ||
54 | cd /dev | ||
55 | echo "Filling /dev" | ||
56 | MAKEDEV generic | ||
57 | mknod /dev/${DISK} b 259 5 | ||
58 | cd / | ||
59 | etckeeper post-install | grep -v -e "^ create mode " -e "^ rename " | ||
60 | zzzEOFzzz | ||
61 | |||
62 | |||
63 | # Turn off the daily etckeeper commits, and make it stop and complain when there are changes to be comitted. | ||
64 | sed -i -e 's/#AVOID_DAILY_AUTOCOMMITS=1/AVOID_DAILY_AUTOCOMMITS=1/' -e 's/#AVOID_COMMIT_BEFORE_INSTALL=1/AVOID_COMMIT_BEFORE_INSTALL=1/' ${WORK}/etc/etckeeper/etckeeper.conf | ||
65 | |||
66 | # Configure apt. | ||
67 | cat > ${WORK}/etc/apt/sources.list <<- zzzEOFzzz | ||
68 | deb ${MIRROR}/merged ascii main contrib non-free | ||
69 | deb ${MIRROR}/merged ascii-security main contrib non-free | ||
70 | deb ${MIRROR}/merged ascii-updates main contrib non-free | ||
71 | deb ${MIRROR}/devuan ascii-proposed main contrib non-free | ||
72 | deb ${MIRROR}/merged ascii-backports main contrib non-free | ||
73 | zzzEOFzzz | ||
74 | # Keep things minimal. | ||
75 | cat > ${WORK}/etc/apt/apt.conf.d/01lean <<- zzzEOFzzz | ||
76 | APT::Install-Recommends "0"; | ||
77 | APT::AutoRemove::RecommendsImportant "false"; | ||
78 | zzzEOFzzz | ||
79 | cat > ${WORK}/etc/apt/apt.conf.d/99synaptic <<- zzzEOFzzz | ||
80 | APT::Install-Recommends "false"; | ||
81 | zzzEOFzzz | ||
82 | # Not sure, but may need different "profiles" in this file. | ||
83 | cat > ${WORK}/etc/apt/listchanges.conf <<- zzzEOFzzz | ||
84 | [apt] | ||
85 | frontend=pager | ||
86 | pager=mcview | ||
87 | email_address=root | ||
88 | confirm=true | ||
89 | save_seen=/var/lib/apt/listchanges.db | ||
90 | which=both | ||
91 | headers=1 | ||
92 | zzzEOFzzz | ||
93 | |||
94 | #cp /etc/fstab ${WORK}/etc/fstab | ||
95 | cat > ${WORK}/etc/fstab <<- zzzEOFzzz | ||
96 | proc /proc proc nodev,noexec,nosuid 0 0 | ||
97 | /dev/${DISK} / ext4 errors=remount-ro 0 1 | ||
98 | zzzEOFzzz | ||
99 | cat > ${WORK}/etc/adjtime <<- zzzEOFzzz | ||
100 | 0.0 0 0.0 | ||
101 | 0 | ||
102 | UTC | ||
103 | zzzEOFzzz | ||
104 | cat > ${WORK}/etc/timezone <<- zzzEOFzzz | ||
105 | ${TZ} | ||
106 | zzzEOFzzz | ||
107 | rm ${WORK}/etc/localtime | ||
108 | ln -s /usr/share/zoneinfo/${TZ} ${WORK}/etc/localtime | ||
109 | |||
110 | # Provide pre canned answers, so this script can run with minimal user interaction. | ||
111 | # Use something like this to find what to set here - debconf-get-selections | grep locales | ||
112 | chroot ${WORK} debconf-set-selections <<- zzzEOFzzz | ||
113 | console-setup console-setup/codeset47 select # Latin1 and Latin5 - western Europe and Turkic languages | ||
114 | locales locales/locales_to_be_generated multiselect All locales | ||
115 | locales locales/default_environment_locale select en_AU.UTF-8 | ||
116 | keyboard-configuration keyboard-configuration/layout select English (US) | ||
117 | |||
118 | grub-pc grub-pc/install_devices multiselect /dev/${DISK} | ||
119 | |||
120 | courier-base courier-base/webadmin-configmode boolean true | ||
121 | phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2 | ||
122 | |||
123 | wireshark-common wireshark-common/install-setuid boolean false | ||
124 | zzzEOFzzz | ||
125 | |||
126 | |||
127 | # Create user, and set passwords. | ||
128 | cp -r fileSystem/etc/skel/.[^.]* ${WORK}/etc/skel | ||
129 | #chroot ${WORK} useradd -m -U ${USER} -G sudo -s /bin/bash | ||
130 | cp -r fileSystem/etc/skel/.[^.]* ${WORK}/root | ||
131 | #if [ -z "${PASS}" ] | ||
132 | #then | ||
133 | # echo "User ${USER} - " | ||
134 | # chroot ${WORK} passwd ${USER} | ||
135 | # echo "User root - " | ||
136 | # chroot ${WORK} passwd | ||
137 | #else | ||
138 | # chroot ${WORK} passwd ${USER} <<- zzzEOFzzz | ||
139 | # ${PASS} | ||
140 | # ${PASS} | ||
141 | #zzzEOFzzz | ||
142 | # chroot ${WORK} passwd <<- zzzEOFzzz | ||
143 | # toor${PASS} | ||
144 | # toor${PASS} | ||
145 | #zzzEOFzzz | ||
146 | #fi | ||
147 | |||
148 | |||
149 | # Update the debootstrap installed stuff. | ||
150 | chroot ${WORK} /bin/bash <<- zzzEOFzzz | ||
151 | etckeeper commit "Initial 'manual' configurations." | grep -v -e "^ create mode " -e "^ rename " | ||
152 | apt-get update | ||
153 | apt-get --yes dist-upgrade | grep -v -e "^Selecting previously unselected package " -e "^Preparing to unpack " -e "^ create mode " -e "^ rename " | ||
154 | zzzEOFzzz | ||
155 | |||
156 | |||
157 | # Install kernel and friends. | ||
158 | #chroot ${WORK} etckeeper commit "Tweak grub config." | grep -v -e "^ create mode " -e "^ rename " | ||
159 | aptInstall linux-image-`dpkg --print-architecture` linux-headers-`dpkg --print-architecture` os-prober eudev bash-completion psmisc irqbalance grub2 \ | ||
160 | firmware-linux firmware-misc-nonfree amd64-microcode intel-microcode | ||
161 | |||
162 | |||
163 | # Install base stuff that everyone needs. | ||
164 | aptInstall console-setup locales | ||
165 | cat > ${WORK}/etc/default/console-setup <<- zzzEOFzzz | ||
166 | # CONFIGURATION FILE FOR SETUPCON | ||
167 | # Consult the console-setup(5) manual page. | ||
168 | |||
169 | ACTIVE_CONSOLES="/dev/tty[2-6]" | ||
170 | CHARMAP="UTF-8" | ||
171 | CODESET="Lat15" | ||
172 | FONTFACE="Terminus" | ||
173 | FONTSIZE="6x12" | ||
174 | VIDEOMODE= | ||
175 | zzzEOFzzz | ||
176 | cat > ${WORK}/etc/default/keyboard <<- zzzEOFzzz | ||
177 | # KEYBOARD CONFIGURATION FILE | ||
178 | # Consult the keyboard(5) manual page. | ||
179 | |||
180 | XKBMODEL="pc105" | ||
181 | XKBLAYOUT="us" | ||
182 | XKBVARIANT="" | ||
183 | XKBOPTIONS="" | ||
184 | BACKSPACE="guess" | ||
185 | zzzEOFzzz | ||
186 | cat > ${WORK}/etc/default/locale <<- zzzEOFzzz | ||
187 | LANG=en_AU.UTF-8 | ||
188 | zzzEOFzzz | ||
189 | chroot ${WORK} etckeeper commit "Tweak console and keyboard configs." | grep -v -e "^ create mode " -e "^ rename " | ||
190 | |||
191 | aptInstall busybox netbase net-tools iproute2 ifupdown isc-dhcp-client inetutils-ping ntp shorewall shorewall6 dnsutils lynx wget curl \ | ||
192 | make dns-root-data resolvconf kmod openssh-server openssh-client traceroute keychain courier-mta cron maildrop | ||
193 | # Prevent root from sshing in, and other sshd tweaks. | ||
194 | sed -i -e 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' -e 's/#Port 22/Port 501/' \ | ||
195 | -e 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/' -e 's/#PermitEmptyPasswords no/PermitEmptyPasswords no/' ${WORK}/etc/ssh/sshd_config | ||
196 | chroot ${WORK} etckeeper commit "Don't let root login to ssh, and other sshd tweaks." | grep -v -e "^ create mode " -e "^ rename " | ||
197 | |||
198 | |||
199 | mkdir -p ${WORK}/etc/network/interfaces.d | ||
200 | cp /etc/network/interfaces ${WORK}/etc/network/interfaces | ||
201 | cp /etc/network/interfaces.d/* ${WORK}/etc/network/interfaces.d | ||
202 | #cat > ${WORK}/etc/network/interfaces <<- zzzEOFzzz | ||
203 | # auto lo | ||
204 | # iface lo inet loopback | ||
205 | # allow-hotplug eth0 | ||
206 | # auto eth0 | ||
207 | # iface eth0 inet dhcp | ||
208 | # allow-hotplug eth1 | ||
209 | # auto eth1 | ||
210 | # iface eth1 inet dhcp | ||
211 | # allow-hotplug eth2 | ||
212 | # auto eth2 | ||
213 | # iface eth2 inet dhcp | ||
214 | #zzzEOFzzz | ||
215 | cp /etc/hosts ${WORK}/etc/hosts | ||
216 | cp /etc/hostname ${WORK}/etc/hostname | ||
217 | #cat > ${WORK}/etc/hosts <<- zzzEOFzzz | ||
218 | # 127.0.0.1 localhost | ||
219 | # 127.0.1.1 ${HOST} | ||
220 | |||
221 | # # The following lines are desirable for IPv6 capable hosts. | ||
222 | # ::1 localhost ip6-localhost ip6-loopback ${HOST} | ||
223 | # fe00::0 ip6-localnet | ||
224 | # ff00::0 ip6-mcastprefix | ||
225 | # ff02::1 ip6-allnodes | ||
226 | # ff02::2 ip6-allrouters | ||
227 | # ff02::3 ip6-allhosts | ||
228 | #zzzEOFzzz | ||
229 | # resolvconf changes this, desktop uses dnsmasq, server uses Google DNS, and we override it ourselves later anyway. | ||
230 | #cat > ${WORK}/etc/resolv.conf <<- zzzEOFzzz | ||
231 | # nameserver ${NS} | ||
232 | #zzzEOFzzz | ||
233 | chroot ${WORK} etckeeper commit "Tweak network configs." | grep -v -e "^ create mode " -e "^ rename " | ||
234 | |||
235 | # Install networking (and btrfs) stuff needed only by desktop. | ||
236 | # Currently the server uses Google DNS directly, not dnsmasq. | ||
237 | if [ "${TYPE}" == "desktop" ] | ||
238 | then | ||
239 | if [ -f /etc/dnsmasq.conf ]; then aptInstall dnsmasq; fi | ||
240 | aptInstall ppp ndisc6 radvd mailfilter fetchmail btrfs-progs | ||
241 | # wide-dhcpv6-client | ||
242 | cp -r /etc/dnsmasq.d ${WORK}/etc | ||
243 | cp /etc/dnsmasq.conf ${WORK}/etc | ||
244 | cp -r /etc/ppp ${WORK}/etc | ||
245 | chroot ${WORK} etckeeper commit "Tweak desktop network configs." | grep -v -e "^ create mode " -e "^ rename " | ||
246 | fi | ||
247 | |||
248 | |||
249 | # Install other stuff that every one needs. | ||
250 | aptInstall pciutils less man-db manpages mc sudo tmux arj bzip2 p7zip-full unace unar unrar-free sysv-rc-conf multitail logrotate logwatch \ | ||
251 | smartmontools rkhunter nmap unhide lm-sensors tofrodos mlocate imagemagick molly-guard file expect debootstrap pinfo parted \ | ||
252 | powermgmt-base checksecurity cruft-ng lsb-release wbritish monit gnupg2 gnupg-agent ssh-askpass whois fail2ban whiptail haveged hddtemp | ||
253 | # logcheck tripwire | integrit | aide | samhain | fcheck debsecan ? | ||
254 | |||
255 | |||
256 | # Install server stuff. | ||
257 | # Don't do drupal7, coz that's a few versions behind, so still have to deal with it manually. | ||
258 | # Plus, I'll want to upgrade to drupal8 sooner or later. | ||
259 | aptInstall certbot courier-imap rsync mariadb-server mariadb-client apache2 polipo prosody-modules vsftpd openvpn easy-rsa bitlbee \ | ||
260 | php7.0 php-pear php7.0-mysql php7.0-gd php7.0-mbstring php7.0-curl php7.0-bz2 libgd-tools php-apcu php-apcu-bc | ||
261 | chroot ${WORK} adduser --system --shell /usr/sbin/nologin --no-create-home ovpn | ||
262 | chroot ${WORK} groupadd ovpn | ||
263 | chroot ${WORK} usermod -g ovpn ovpn | ||
264 | #aptInstall phpmyadmin | ||
265 | #cp -r /etc/bitlbee ${WORK}/etc | ||
266 | #cp -r /var/lib/bitlbee ${WORK}/var/lib | ||
267 | #chroot ${WORK} etckeeper commit "Tweak server configs." | grep -v -e "^ create mode " -e "^ rename " | ||
268 | |||
269 | |||
270 | # Install developer stuff. | ||
271 | aptInstall luajit luarocks uuid-runtime g++ check bison flex colorgcc colormake ccache distcc gdb pkg-config re2c lemon valgrind m4 patch \ | ||
272 | cmake meson build-essential groff git-extras git-doc | ||
273 | aptInstall mono-complete mono-mcs nunit autoconf autogen automake autopoint gettext libtool doxygen nasm gpsim gputils picprog | ||
274 | |||
275 | |||
276 | if [ "${TYPE}" == "desktop" ] | ||
277 | then | ||
278 | # Add repos for the desktop. | ||
279 | cat > ${WORK}/etc/apt/sources.list.d/deb-multimedia.list <<- zzzEOFzzz | ||
280 | deb http://mirror.internode.on.net/pub/deb-multimedia/ stretch main non-free | ||
281 | deb http://mirror.internode.on.net/pub/deb-multimedia/ stretch-backports main | ||
282 | zzzEOFzzz | ||
283 | cat > ${WORK}/etc/apt/sources.list.d/google-chrome.list <<- zzzEOFzzz | ||
284 | deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main | ||
285 | zzzEOFzzz | ||
286 | cat > ${WORK}/etc/apt/sources.list.d/palemoon.list <<- zzzEOFzzz | ||
287 | deb http://download.opensuse.org/repositories/home:/stevenpusser/Debian_9.0/ / | ||
288 | zzzEOFzzz | ||
289 | cat > ${WORK}/etc/apt/sources.list.d/signal.list <<- zzzEOFzzz | ||
290 | deb [arch=amd64] https://updates.signal.org/desktop/apt xenial main | ||
291 | zzzEOFzzz | ||
292 | chroot ${WORK} /bin/bash <<- zzzEOFzzz | ||
293 | wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2016.8.1_all.deb -O deb-multimedia-keyring.deb | ||
294 | dpkg -i deb-multimedia-keyring.deb | ||
295 | wget -nv -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - | ||
296 | wget -nv -O - https://download.opensuse.org/repositories/home:stevenpusser/Debian_9.0/Release.key | apt-key add - | ||
297 | wget -nv -O - https://updates.signal.org/desktop/apt/keys.asc | apt-key add - | ||
298 | rm deb-multimedia-keyring.deb | ||
299 | etckeeper commit "Adding external repos." | grep -v -e "^ create mode " -e "^ rename " | ||
300 | apt-get update | ||
301 | apt-get --yes dist-upgrade | grep -v -e "^Selecting previously unselected package " -e "^Preparing to unpack " -e "^ create mode " -e "^ rename " | ||
302 | zzzEOFzzz | ||
303 | |||
304 | |||
305 | # Install basic X stuff. | ||
306 | aptInstall xinit x11-xserver-utils xserver-xorg libgl1-nvidia-glx nvidia-driver fonts-liberation xfonts-100dpi xfonts-75dpi xfonts-base xfonts-scalable xscreensaver | ||
307 | # Note - the wacom driver should be installed below, rather than above, otherwise I think that's what's stopping all input. | ||
308 | aptInstall lxdm lxde lxlauncher lxtask lxlock openbox obconf gtk2-engines-xfce menu xdg-utils menu-xdg desktop-base desktop-file-utils \ | ||
309 | termit synaptic qgit git-cola suckless-tools stterm surf surf2 awesome awesome-extra lxqt qt4-qtconfig xserver-xorg-input-wacom | ||
310 | # Have LXDM show the keyboard selector, not show the list of users, and not show that huge Login: image. | ||
311 | sed -i -e 's/keyboard=0/keyboard=1/' -e 's/disable=0/disable=1/' \ | ||
312 | -e 's\bg=/usr/share/images/desktop-base/login-background.svg\bg=/usr/share/images/desktop-base/your-way_darkpurpy-wide-large.svg\' ${WORK}/etc/lxdm/lxdm.conf | ||
313 | cp -r fileSystem/usr/share/lxdm/themes/Industrial/login.png ${WORK}/usr/share/lxdm/themes/Industrial | ||
314 | chroot ${WORK} etckeeper commit "Adjust lxdm config." | grep -v -e "^ create mode " -e "^ rename " | ||
315 | |||
316 | |||
317 | # Install other desktop stuff. | ||
318 | # NOTE - this drags in whiptail, or would if we didn't install it ourselves above. | ||
319 | aptInstall gparted qasmixer pulseaudio pavucontrol paman paprefs pavumeter gnome-colors geeqie smplayer smplayer-themes hexchat hexchat-plugins hexchat-otr hexchat-lua \ | ||
320 | geany geany-plugin-addons geany-plugin-lua geany-plugin-markdown geany-plugin-scope geany-plugin-spellcheck | ||
321 | aptInstall claws-mail claws-mail-plugins claws-mail-extra-plugins claws-mail-themes claws-mail-tools clawsker keepassx keepass2 qalculate-gtk conky-all | ||
322 | aptInstall gimp gimp-cbmplugs gimp-data-extras gimp-dds gimp-gap gimp-gluas gimp-gmic gimp-help-common gimp-help-en gimp-lensfun gimp-plugin-registry gimp-texturize gimp-ufraw \ | ||
323 | create-resources blender meld graphicsmagick makehuman dia dia-shapes inkscape muse musescore firefox-esr chromium dillo netsurf links2 ddd wireshark etherape spacenavd \ | ||
324 | dasher cheese libreoffice linphone tortoisehg evince galternatives | ||
325 | aptInstall libvirt0 libvirt-deamon-system virt-manager virt-viewer virtinst qemu-utils qemu-kvm qemu-system-arm qemu-system-x86 qemu-system-misc qemu-efi fslint | ||
326 | # These all get updated from deb-multimedia, so don't install them before that's enabled. | ||
327 | aptInstall gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly vlc ffmpeg cinelerra | ||
328 | aptInstall google-chrome-stable palemoon signal-desktop | ||
329 | fi | ||
330 | |||
331 | # monitoring shit docs | ||
332 | # awstats collectd collectd-utils libmariadbclient18 libatasmart4 | ||
333 | # icinga icinga-doc fping nagios-images monitoring-plugins libjson-perl libdata-validate-domain-perl libdata-validate-ip-perl libmonitoring-plugin-perl | ||
334 | # Some hacking of the external plugins is needed. mailq, rbl. | ||
335 | # Manually install CGraphz, coz it's not in the repo. | ||
336 | |||
337 | |||
338 | # Make apt nicer. | ||
339 | aptInstall apt-listbugs apt-listchanges apt-transport-https apt-show-versions apt-file apt-forktracer | ||
340 | chroot ${WORK} apt-file update | ||
341 | |||
342 | |||
343 | cp -r fileSystem/* ${WORK} | ||
344 | #cp -r /etc/rsyslog.d ${WORK}/etc | ||
345 | #cp -r /etc/sysctl.d ${WORK}/etc | ||
346 | #cp /etc/sysctl.conf ${WORK}/etc | ||
347 | #chroot ${WORK} chown -R ${USER}:${USER} /home/${USER} | ||
348 | #cp /usr/share/sounds/* ${WORK}/usr/share/sounds | ||
349 | #chroot ${WORK} etckeeper commit "Tweak the rest of the configs and file system." | grep -v -e "^ create mode " -e "^ rename " | ||
350 | |||
351 | |||
352 | #chroot ${WORK} sensors-detect | ||
353 | #chroot ${WORK} etckeeper commit "Detected sensors" | grep -v -e "^ create mode " -e "^ rename " | ||
354 | |||
355 | |||
356 | # Clean up. | ||
357 | |||
358 | chroot ${WORK} /bin/bash <<- zzzEOFzzz | ||
359 | sysv-rc-conf apache2 off | ||
360 | sysv-rc-conf avahi-daemon off | ||
361 | sysv-rc-conf bitlbee off | ||
362 | sysv-rc-conf courier off | ||
363 | sysv-rc-conf courier-authdaemon off | ||
364 | sysv-rc-conf courier-imap off | ||
365 | sysv-rc-conf courier-imap-ssl off | ||
366 | sysv-rc-conf courier-msa off | ||
367 | sysv-rc-conf courier-mta off | ||
368 | sysv-rc-conf courier-mta-ssl off | ||
369 | sysv-rc-conf courierfilter off | ||
370 | sysv-rc-conf distcc off | ||
371 | sysv-rc-conf fail2ban off | ||
372 | sysv-rc-conf fetchmail off | ||
373 | sysv-rc-conf monit off | ||
374 | sysv-rc-conf mysql off | ||
375 | sysv-rc-conf openvpn off | ||
376 | sysv-rc-conf polipo off | ||
377 | sysv-rc-conf prosody off | ||
378 | sysv-rc-conf radvd off | ||
379 | sysv-rc-conf rsync off | ||
380 | sysv-rc-conf spamassassin off | ||
381 | sysv-rc-conf vsftpd off | ||
382 | etckeeper commit "Turn off services." | grep -v -e "^ create mode " -e "^ rename " | ||
383 | zzzEOFzzz | ||
384 | |||
385 | chroot ${WORK} apt-get --yes autoremove | ||
386 | chroot ${WORK} etckeeper commit "Cleaning out autoremoves." | grep -v -e "^ create mode " -e "^ rename " | ||
387 | umount ${WORK}/dev/pts | ||
388 | umount ${WORK}/proc | ||
389 | umount ${WORK}/sys | ||
390 | umount ${WORK}/var/cache/apt/archives | ||
391 | |||
392 | #update-grub | ||