initial import

4 files changed, 447 insertions, 0 deletions

diff --git a/10-fedora-livecd-base.conf b/10-fedora-livecd-base.conf
new file mode 100755
index 0000000..3e3f207
--- /dev/null
+++ b/10-fedora-livecd-base.conf
@@ -0,0 +1,95 @@
+#!/bin/bash
+
+# livecd configuration for Base Fedora system
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+
+case $1 in
+    # inquire what packages to install; prints package list on stdout
+    pkgadd)
+	echo "
+bash
+kernel
+passwd
+shadow-utils
+rpm
+yum
+openssh-clients
+rsync
+tree
+wget
+man
+rootfiles
+dhclient
+cpuspeed
+fedora-logos
+file
+tree
+selinux-policy
+selinux-policy-targeted
+grub
+sudo
+"
+	;;
+
+    # run configuration scripts when all packages are installed
+    post)
+	mkdir -p /etc/sysconfig
+
+	cat <<EOF > /etc/sysconfig/clock
+ZONE="America/New_York"
+UTC=true
+ARC=false
+EOF
+
+	cat <<EOF > /etc/sysconfig/network
+NETWORKING=yes
+HOSTNAME=localhost.localdomain
+EOF
+
+	cat <<EOF > /etc/resolv.conf
+EOF
+
+	cat <<EOF > /etc/hosts
+# Do not remove the following line, or various programs
+# that require network functionality will fail.
+127.0.0.1 localhost.localdomain   localhost
+::1       localhost.localdomain   localhost
+EOF
+
+	cat <<EOF > /etc/sysconfig/i18n
+LANG="en_US.UTF-8"
+EOF
+
+	cat <<EOF > /etc/sysconfig/keyboard
+KEYBOARDTYPE="pc"
+KEYTABLE="us"
+EOF
+	pwconv
+	passwd -d root
+	;;
+
+    # run when an livecd install is complete to clean up
+    install-post)
+	;;
+
+    # run when an livecd install is complete; must prints packages to remove
+    install-pkgrem)
+echo "
+fedora-livecd
+"
+	;;
+esac
diff --git a/20-fedora-livecd-gnome.conf b/20-fedora-livecd-gnome.conf
new file mode 100755
index 0000000..bfb937a
--- /dev/null
+++ b/20-fedora-livecd-gnome.conf
@@ -0,0 +1,173 @@
+#!/bin/bash
+
+# livecd configuration for Fedora GNOME
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+
+case $1 in
+    # inquire what packages to install; must print packages to install
+    pkgadd)
+	echo "
+chkconfig
+gdm
+gnome-panel
+nautilus
+metacity
+gnome-themes
+redhat-artwork
+gnome-power-manager
+gnome-volume-manager
+desktop-printing
+gnome-terminal
+gedit
+NetworkManager-gnome
+NetworkManager-vpnc
+NetworkManager-openvpn
+xorg-x11-drivers
+yelp
+eog
+firefox
+totem
+totem-mozplugin
+gnome-session
+system-config-display
+vim-minimal
+vim-X11
+gnome-applets
+compiz
+gucharmap
+gcalctool
+file-roller
+gnome-utils
+gconf-editor
+evince
+nautilus-open-terminal
+gnome-bluetooth
+pirut
+setroubleshoot
+gnome-python2-canvas
+alacarte
+system-config-date
+system-config-users
+system-config-rootpassword
+system-config-printer
+yum-updatesd
+ntfs-3g
+ntfsprogs
+alsa-utils
+dejavu-lgc-fonts
+"
+	;;
+
+    # run configuration scripts when all packages are installed
+    post)
+	perl -i -p -e 's/id:3:initdefault:/id:5:initdefault:/' /etc/inittab
+
+	chkconfig --level 345 network off
+	chkconfig --level 345 NetworkManager on
+
+	cat > /etc/init.d/livecd <<EOF
+#!/bin/bash
+#
+# livecd: Init script for live cd
+#
+# chkconfig: 345 00 99
+# description: Init script for live cd.
+
+. /etc/init.d/functions
+
+if ! strstr "\`cat /proc/cmdline\`" livecd || [ "\$1" != "start" ] || [ -e /.livecd-configured ] ; then
+    exit 0
+fi
+
+touch /.livecd-configured
+
+# mount livecd
+mkdir -p /mnt/livecd
+mount -o ro -t iso9660 /dev/livecd /mnt/livecd
+
+# configure X
+system-config-display --noui --reconfig --set-depth=24
+
+# unmute sound card
+alsaunmute 0 2> /dev/null
+
+# add fedora user with no passwd
+useradd -c "Fedora live CD" fedora
+passwd -d fedora > /dev/null
+# make fedora user use GNOME (TODO: make gdm DTRT instead of this hack)
+echo "gnome-session" > /home/fedora/.xsession
+chmod a+x /home/fedora/.xsession
+chown fedora:fedora /home/fedora/.xsession
+if [ -e /usr/share/icons/hicolor/96x96/apps/fedora-logo-icon.png ] ; then
+    cp /usr/share/icons/hicolor/96x96/apps/fedora-logo-icon.png /home/fedora/.face
+    chown fedora:fedora /home/fedora/.face
+    # TODO: would be nice to get e-d-s to pick this one up too... but how?
+fi
+
+# setup a11y if requested
+#
+# todo: support also:
+#  - high contrast scheme
+#  - magnifier
+#  - on-screen keyboard
+#  - keyboard modifiers
+#
+#if strstr "\`cat /proc/cmdline\`" a11y_screenreader ; then
+#    gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t boolean /desktop/gnome/interface/accessibility true > /dev/null
+#    gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t list --list-type string /desktop/gnome/accessibility/startup/exec_ats [orca] > /dev/null
+#    # gah, orca is _kinda_ broken; need to fix the Orca RPM package instead
+#    # but need to do this since login on the live CD takes a long time...
+#    sed -e "s/sleep 30/sleep 600/" /usr/bin/orca > /usr/bin/orca.new
+#    mv /usr/bin/orca.new /usr/bin/orca
+#    chmod a+x /usr/bin/orca
+#fi
+
+# change wallpaper to l33t livecd wallpaper
+gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /desktop/gnome/background/picture_filename /usr/share/backgrounds/images/fedora-livecd-wallpaper.jpg > /dev/null
+
+# set up autologin for user fedora
+echo "[daemon]" > /etc/gdm/custom.conf
+echo "AutomaticLoginEnable=true" >> /etc/gdm/custom.conf
+echo "AutomaticLogin=fedora" >> /etc/gdm/custom.conf
+
+# turn off firstboot for livecd boots
+echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
+
+# don't start yum-updatesd for livecd boots
+chkconfig --levels 345 yum-updatesd off
+
+# Stopgap fix for RH #217966; should be fixed in HAL instead
+touch /media/.hal-mtab
+
+EOF
+	chmod a+x /etc/init.d/livecd
+	/sbin/chkconfig --add livecd
+	;;
+
+    # run when an livecd install is complete to clean up
+    install-post)
+	/sbin/chkconfig --del livecd
+	rm -f /etc/init.d/livecd
+	;;
+
+    # run when an livecd install is complete; must prints packages to remove
+    install-pkgrem)
+echo "
+fedora-livecd-gnome
+"
+	;;
+esac
diff --git a/30-fedora-livecd-security.conf b/30-fedora-livecd-security.conf
new file mode 100755
index 0000000..4063d7f
--- /dev/null
+++ b/30-fedora-livecd-security.conf
@@ -0,0 +1,121 @@
+#!/bin/bash
+
+# livecd configuration for Fedora Security Auditing/Penetration Testing/Forensics livecd
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  US
+
+
+case $1 in
+    # inquire what packages to install; prints package list on stdout
+    pkgadd)
+	echo "
+scim
+scim-libs
+scim-bridge
+scim-bridge-gtk
+scim-anthy
+scim-hangul
+scim-pinyin
+scim-chewing
+scim-m17n
+m17n-lib
+m17n-db
+m17n-db-*
+scim-tables
+scim-tables-*
+scim-sinhala
+
+gnome-mag
+gok
+orca
+
+fonts-arabic
+fonts-bengali
+fonts-chinese
+fonts-gujarati
+fonts-hebrew
+fonts-hindi
+fonts-japanese
+fonts-kannada
+fonts-korean
+fonts-malayalam
+fonts-oriya
+fonts-punjabi
+fonts-sinhala
+fonts-tamil
+fonts-telugu
+
+gnome-theme-clearlooks-bigpack
+xscreensaver-extras-gss
+xscreensaver-gl-extras-gss
+gparted
+
+# Other useful stuff
+irssi
+screen
+gtk-recordmydesktop
+byzanz
+istanbul
+
+# Security tools
+aide
+aircrack-ng
+airsnort
+chkrootkit
+clamav
+dd_rescue
+gpart
+hexedit
+hping3
+john
+kismet
+lsof
+nessus-client
+nessus-gui
+nessus-server
+nc
+nc6
+ngrep
+nmap
+p0f
+pscan
+scanssh
+snort
+socat
+splint
+tcpdump
+testdisk
+tiger
+tripwire
+wireshark-gnome
+xprobe2
+"
+	;;
+
+    # run configuration scripts when all packages are installed
+    post)
+	;;
+
+    # run when an livecd install is complete to clean up
+    install-post)
+	;;
+
+    # run when an livecd install is complete; must prints packages to remove
+    install-pkgrem)
+echo "
+fedora-livecd-security
+"
+	;;
+esac
diff --git a/fedora-security-livecd.spec b/fedora-security-livecd.spec
new file mode 100644
index 0000000..6b8db57
--- /dev/null
+++ b/fedora-security-livecd.spec
@@ -0,0 +1,58 @@
+Name: fedora-security-livecd
+Version: 0.1
+Release: 3%{?dist}
+Summary: The configuration files for a Fedora-based security LiveCD
+License: GPL
+Group: System Environment/Base
+URL: http://fedoraproject.org/wiki/LukeMacken/SecurityLiveCD
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Source0: 10-fedora-livecd-base.conf
+Source1: 20-fedora-livecd-gnome.conf
+Source2: 30-fedora-livecd-security.conf
+# Wallpaper from Diana Fong, see http://www.isity.net/blog/?p=29
+Source3: fedora-livecd-wallpaper.jpg
+Autoreq: 0
+
+%description
+This package contains the configuration files for building a 
+Fedora-based security LiveCD for use in security auditing,
+penetration testing, forensics research, and much more.
+
+
+%prep
+
+%build
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+mkdir -p $RPM_BUILD_ROOT/etc/livecd/
+mkdir -p $RPM_BUILD_ROOT/usr/share/backgrounds/images
+install -m 755 %{SOURCE0} $RPM_BUILD_ROOT/etc/livecd/
+install -m 755 %{SOURCE1} $RPM_BUILD_ROOT/etc/livecd/
+install -m 755 %{SOURCE2} $RPM_BUILD_ROOT/etc/livecd/
+install -m 644 %{SOURCE3} $RPM_BUILD_ROOT/usr/share/backgrounds/images/
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(-,root,root,-)
+%dir /etc/livecd
+/etc/livecd/10-fedora-livecd-base.conf
+/etc/livecd/20-fedora-livecd-gnome.conf
+/usr/share/backgrounds/images/fedora-livecd-wallpaper.jpg
+/etc/livecd/30-fedora-livecd-security.conf
+
+%changelog
+* Wed Mar  7 2007 Luke Macken <lmacken@redhat.com> - 1.0-3%{?dist}
+- Another patch from Till Maas to add airsnort, gpart, p0f, scanssh,
+  nessus-{client,gui,server}, splint, testdisk, tiger, tripwire,
+  screen, gtk-recordmydesktop, byzanz, istanbul
+- Also adding pscan
+
+* Wed Mar  7 2007 Luke Macken <lmacken@redhat.com> - 1.0-2%{?dist}
+- Patch from Till Maas to add dd_rescue and aircrack-ng to livecd
+
+* Mon Mar  4 2007 Luke Macken <lmacken@redhat.com> - 1.0-1%{?dist}
+- Initial package