On 09/26/2018 01:03 PM, Andrew McGlashan wrote: > > Adding to this problem is the fact that the "devuan" user has, by > default, full SUDO rights without needing any password as well; the > latter is probably easily fixed with an adjusted sudoers file, but the > auto-login is a major security risk, > > How do I stop those automatic logins on the ttys ?
Add the following to the boot command: noautologin nocomponents=sudo > > Doing this setup, I can travel with two USB sticks, use just about any > computer and boot up the LIVE USB, then apply my setup form the > encrypted one > > The other thing I would like would be to be able to do is to use a daily > LIVE DEVUAN USB image to keep it up to date and safer (particularly the > kernel or really anything that would need a reboot to pickup the new > version), but I don't know if daily images are available anywhere for it. > There aren't any daily images or even weekly images. If you want your live images to get all the latest security fixes, you'll need to make your own. You can do that either with live-sdk (which will pull the latest packages from the repo) or refractasnapshot (which will copy the running system to make a live iso. I generally use a dedicated system in a VM for this.) You might also want to take a look at refracta2usb. It can make a live usb with one or more persistent volumes, encrypted or not. I think you can do what you want with a single usb. http://www.ibiblio.org/refracta/docs/readme.refracta2usb.txt https://sourceforge.net/projects/refracta/files/tools/refracta2usb-2.3.6.deb fsmithred _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
