Sync up many changes

- Add new packages
    * nbtscan
    * nmap-frontend
    * rats
    * rkhunter
    * scanmem
- Remove our hardcoded openbox pipe menu, as it is now in Fedora's package
- Do not mount swap partitions...
- Add the fedora user to the wheel group
- Add some useful bash options
- Fix a bunch of menu entries
- Clean up our package list
- Add repository definitions for f9{,-updates}
- Disable the exim service

1 files changed, 25 insertions, 51 deletions

diff --git a/livecd-fedora-security.ks b/livecd-fedora-security.ks
index d962000..941274d 100644
--- a/livecd-fedora-security.ks
+++ b/livecd-fedora-security.ks
@@ -7,13 +7,16 @@ firewall --enabled
 xconfig --startxonboot
 part / --size 1792
 services --enabled=network,NetworkManager --disabled=network,sshd,cups,snortd,sendmail,avahi-daemon,bluetooth,firstboot,isdn,netfs,nfslock,rpcbind,rpcgssd
-repo --name=development --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=i386
+
+repo --name="rawhide" --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=i386
+#repo --name="Fedora 9" --baseurl=http://download.boston.redhat.com/pub/fedora/linux/releases/9/Everything/i386/os/
+#repo --name="Fedora 9 Updates" --baseurl=http://download.boston.redhat.com/pub/fedora/linux/updates/9/i386/
+
 
 %packages
 @core
 @base-x
 @base
-@core
 @dial-up
 @hardware-support
 kernel
@@ -41,7 +44,6 @@ rootfiles
 # duplicate functionality
 -pinfo
 -vorbis-tools
--wget
 # lose the compat stuff
 -compat*
 
@@ -76,9 +78,9 @@ scim-pinyin
 -gnome-pilot
 -evolution
 -vino
+-system-config-network
+-system-config-language
 
-system-config-network
-system-config-language
 firefox
 
 # lots of people want to have this
@@ -100,6 +102,7 @@ hping3
 john
 kismet
 lsof
+nbtscan
 nessus-client
 nessus-gui
 nessus-server
@@ -107,8 +110,12 @@ nc
 nc6
 ngrep
 nmap
+nmap-frontend
 p0f
 pscan
+rats
+rkhunter
+scanmem
 scanssh
 snort
 socat
@@ -179,14 +186,6 @@ if [ -b /dev/live ]; then
    mount -o ro /dev/live /mnt/live
 fi
 
-# enable swaps unless requested otherwise
-swaps=\`blkid -t TYPE=swap -o device\`
-if ! strstr "\`cat /proc/cmdline\`" noswap -a [ -n "\$swaps" ] ; then
-  for s in \$swaps ; do
-    action "Enabling swap partition \$s" swapon \$s
-  done
-fi
-
 # configure X, allowing user to override xdriver
 for o in \`cat /proc/cmdline\` ; do
     case \$o in
@@ -199,11 +198,16 @@ done
 exists system-config-display --noui --reconfig --set-depth=24 \$xdriver
 
 # add fedora user with no passwd
-useradd -c "Fedora Live" fedora
+useradd -c "Fedora Security" fedora
+usermod -G wheel fedora
 passwd -d fedora > /dev/null
 
 echo 'export PATH=$PATH:/sbin:/usr/sbin' >> /home/fedora/.bashrc
 
+# Hilight grep results - man dir_color for more colors
+echo "alias grep='grep --color'" >> /home/fedora/.bashrc
+echo "export GREP_COLOR='1;31'" >> /home/fedora/.bashrc
+
 ##
 ## openbox configuration
 ##
@@ -217,43 +221,12 @@ cat >> /home/fedora/.config/openbox/autostart.sh << OBDONE
 # Run the system-wide support stuff
 . /etc/xdg/openbox/autostart.sh
 
-# Set default Fedora background
-feh --bg-scale /usr/share/backgrounds/images/default.png
-
 OBDONE
 
 # rc.xml
 cp /etc/xdg/openbox/rc.xml /home/fedora/.config/openbox
 sed -i -e 's/Clearlooks/Onyx/' /home/fedora/.config/openbox/rc.xml
 
-#
-# Gnome pipe menu
-#
-cat >> /home/fedora/.config/openbox/obgnome.py << OBGNOME
-#!/usr/bin/python -tt
-import gobject
-import gmenu
-def walk_menu(entry):
-    if entry.get_type() == gmenu.TYPE_DIRECTORY:
-        print '<menu id="%s" label="%s">' % (entry.menu_id, entry.get_name())
-        map(walk_menu, entry.get_contents())
-        print '</menu>'
-    elif entry.get_type() == gmenu.TYPE_ENTRY and not entry.is_excluded:
-        print """
-            <item label="%s">
-              <action name="Execute">
-                <command>%s</command>
-              </action>
-            </item>
-        """ % (entry.get_name(), entry.get_exec())
-
-print "<openbox_pipe_menu>"
-map(walk_menu, gmenu.lookup_tree('applications.menu').root.get_contents())
-print "</openbox_pipe_menu>"
-OBGNOME
-chown fedora:fedora /home/fedora/.config/openbox/obgnome.py
-chmod a+x /home/fedora/.config/openbox/obgnome.py
-
 # menu.xml
 cat >> /home/fedora/.config/openbox/menu.xml << OBDONE
 <?xml version="1.0" encoding="UTF-8"?>
@@ -268,13 +241,13 @@ cat >> /home/fedora/.config/openbox/menu.xml << OBDONE
     <action name="Execute"><command>gnome-terminal -e "sh -c 'hping3; bash'"</command></action>
   </item>
   <item label="nc6">
-    <action name="Execute"><command>gnome-terminal -e "sh -c 'nc6; bash'"</command></action>
+    <action name="Execute"><command>gnome-terminal -e "sh -c 'nc6 -h; bash'"</command></action>
   </item>
   <item label="nc">
     <action name="Execute"><command>gnome-terminal -e "sh -c 'nc; bash'"</command></action>
   </item>
   <item label="ngrep">
-    <action name="Execute"><command>gnome-terminal -e "sh -c 'ngrep; bash'"</command></action>
+    <action name="Execute"><command>gnome-terminal -e "sh -c 'ngrep -h; bash'"</command></action>
   </item>
   <item label="nessus">
     <action name="Execute"><command>gnome-terminal -e "sh -c 'nessus; bash'"</command></action>
@@ -283,7 +256,7 @@ cat >> /home/fedora/.config/openbox/menu.xml << OBDONE
     <action name="Execute"><command>gnome-terminal -e "sh -c 'nmap; bash'"</command></action>
   </item>
   <item label="p0f">
-    <action name="Execute"><command>gnome-terminal -e "sh -c 'p0f; bash'"</command></action>
+    <action name="Execute"><command>gnome-terminal -e "sh -c 'p0f -h; bash'"</command></action>
   </item>
   <item label="scanssh">
     <action name="Execute"><command>gnome-terminal -e "sh -c 'scanssh; bash'"</command></action>
@@ -292,7 +265,7 @@ cat >> /home/fedora/.config/openbox/menu.xml << OBDONE
     <action name="Execute"><command>gnome-terminal -e "sh -c 'socat; bash'"</command></action>
   </item>
   <item label="tcpdump">
-    <action name="Execute"><command>gnome-terminal -e "sh -c 'tcpdump; bash'"</command></action>
+    <action name="Execute"><command>gnome-terminal -e "sh -c 'tcpdump -h; bash'"</command></action>
   </item>
   <item label="tiger">
     <action name="Execute"><command>gnome-terminal -e "sh -c 'tiger; bash'"</command></action>
@@ -325,7 +298,7 @@ cat >> /home/fedora/.config/openbox/menu.xml << OBDONE
     <action name="Execute"><command>gnome-terminal -e "sh -c 'chkrootkit; bash'"</command></action>
   </item>
   <item label="clamav">
-    <action name="Execute"><command>gnome-terminal -e "sh -c 'clamav; bash'"</command></action>
+    <action name="Execute"><command>gnome-terminal -e "sh -c 'clamscan; bash'"</command></action>
   </item>
   <item label="dd_rescue">
     <action name="Execute"><command>gnome-terminal -e "sh -c 'dd_rescue; bash'"</command></action>
@@ -382,7 +355,7 @@ cat >> /home/fedora/.config/openbox/menu.xml << OBDONE
     <action name="Execute"><command>gnome-terminal -e "sh -c 'snort; bash'"</command></action>
   </item>
   <item label="tripwire">
-    <action name="Execute"><command>gnome-terminal -e "sh -c 'tripwire; bash'"</command></action>
+    <action name="Execute"><command>gnome-terminal -e "sh -c 'tripwire --help; bash'"</command></action>
   </item>
 </menu>
 
@@ -454,6 +427,7 @@ chkconfig --level 345 atd off 2>/dev/null
 chkconfig --level 345 anacron off 2>/dev/null
 chkconfig --level 345 readahead_early off 2>/dev/null
 chkconfig --level 345 readahead_later off 2>/dev/null
+chkconfig --level 345 exim off 2>/dev/null
 
 # Stopgap fix for RH #217966; should be fixed in HAL instead
 touch /media/.hal-mtab