Refracta 9.0 (Devuan-2.0 ASCII) release notes This is Refracta-9.0. It is based on Devuan ascii and uses Devuan repositories for packages. The installed packages and the desktop environment (xfce-4.12) are relatively unchanged from the previous few versions of Refracta. WHAT'S NEW - - gvfs is back, so removable media show up on the desktop. - libsystemd0 is installed. (It's required for xorg.) ======================================================================== SETUP ======================================================================== PASSWORDS The root password is root. The user password is user. You can use the 'su' command to become root. When running from live media, you can use 'sudo ' for root permissions or use 'sudo -i' to get a root terminal. ==================================================================== CHANGE LANGUAGE/LOCALE and KEYBOARD LAYOUT To change only the keyboard layout on the desktop, click on the "us" next to the date on the panel, and select the layout you want. Preconfigured choices are U.S. English, U.K. (gb) English, and German (de). To add another layout, right-click on the "us" and select Properties. Click on Add, and select the one you want. The maximum number of layouts you can have is four. You can also use the keyboard shortcut, Alt-Shift to toggle through the choices. To change the locale at the boot screen, press TAB and append the boot options at the bottom of the screen with the appropriate locale. This information is also available in the Help section at the boot screen. Examples: At a plain boot prompt (from the Help screens) boot: live locales=de_DE.UTF-8 keyboard-layouts=de After TAB on boot menu > /live/vmlinuz initrd=/live/initrd.img boot=live locales=de_DE.UTF-8 keyboard-layouts=de See 'man live-config' for more info and for standard live-config options. To change the locale after booting the system, and to add locales, open a terminal and give the command: sudo /etc/init.d/lxdm stop You will be dropped to console, where you can log in as root (or log in as user and prepend the next commands with 'sudo'.) To change the default locale or to add locales: dpkg-reconfigure locales To change the console keyboard layout and the language used in the system messages: dpkg-reconfigure console-data Be sure to make a sane choice, most likely one that begins with "pc". You'll need to log out of the console and log in again to see the change. To return to the desktop: /etc/init.d/lxdm start You can also select the language at the graphical login screen. Any locales that have been added will show up as a choice. You'll still need to change the keyboard layout from the panel applet once you're on the desktop. ==================================================================== SYSTEM and NETWORK INFORMATION For System Information, look in the menu under System --> System Profiler and Benchmark, or use one of the command-line utilities. (lshw or hwinfo) To get the current IP and MAC addresses, run 'ip a' as user. The network manager can be found in the menu under Network -> Wicd. For wired ethernet, you shouldn't need to use it. For wireless, see below. If you like to configure static IP in /etc/network/interfaces, then you may want to disable or remove wicd. To disable wicd: Run sysv-rc-conf and un-check all boxes for wicd. To remove wicd: 'apt-get remove wicd' or 'aptitude remove wicd' OPENSSH-SERVER: WARNING Openssh-server is running. If you are not behind a router/firewall, then port 22 is open to the internet and will allow connections from anyone who knows your IP address and login/password. To disable openssh-server: Run sysv-rc-conf and un-check all boxes for ssh. To remove openssh-server: 'apt-get remove openssh-server' or 'aptitude remove openssh-server' WIRELESS CONFIGURATION Menu: Network --> Wicd Network Manager --> select the right network if you see any. You might need to go into Preferences and add the name of your wireless interface. Preferences are accessed from the down-arrow next to Refresh on the tool bar. The default wireless interface is wlan0. Then hit Refresh to see nearby wireless networks. Properties: WPA 1/2 (Passphrase) Optional: Static IP and DNS Connect (Note: If this doesn't work, see the next section for wireless drivers or scroll to the bottom of this document for manual network configuration, or use a wire - eth0 is set for dhcp.) WIRELESS DRIVERS Wireless drivers from the non-free repository are not installed, but there are package files for them in /home/user/wireless_drivers. They can be installed as root with: dpkg -i or gdebi If you don't know which driver to use, there are a couple of ways to figure it out. 1. Run 'lspci' to see what Network controller is listed, then search for it in the package descriptions. For example, if lspci shows: 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8723AE PCIe Wireless Network Adapter Then look in the firmware descriptions in the wireless_drivers folder in your home to find one that matches the name of your wireless adapter, in this case, firmware-realtek. 2. If you have another linux installed on that computer, and wireless is working in that installation, boot into it and run: dpkg --get-selections | grep firmware and you will see all packages with "firmware" in the name. One of them will be for the wireless controller. Install it with dpkg -i as shown above. For manual wireless setup, scroll to the bottom of this document. DISPLAY If you need to configure xorg.conf from the console, run display-savior (/usr/local/bin/display-savior). It will create /etc/X11/xorg.conf according to the options you select. WEB BROWSER Firefox-ESR can be started from the Menu or from the drop-down next to the terminal icon in the panel. Cookies are allowed for all sites. To change this, go to Edit --> Preferences --> Privacy --> "Use custom settings for history" NoScript is installed and enabled. Use the "S" icon in the upper right (currently next to the Home icon) to whitelist sites or to disable it. You can convert youtube or other video files to avi, mkv, mp4, and OggTheora video files, or to mp3 or flac audio files using youtube2what from the command line, or from the file manager, you can right-click on the video file and select 'youtube2what'. An alternate method to convert audio or video files is to us WinFF (in the Multimedia menu). PRINTER SETUP In the Application Menu, select System -> Printers, or start the cups print manager manually by opening a web browser and going to http://localhost:631 then go into Administration Give the root password when you're asked for one. SCANNER Plug in scanner and open XSane. Scan. ======================================================================== INSTALLATION TO HARD DRIVE ======================================================================== If you want to install Refracta, run Refracta Installer. If you want to do a debootstrap install of pure Devuan, follow the instructions in /home/user/debootstrap_devuan or your own instructions, or use the more detailed instructions here - https://git.devuan.org/dev1fanboy/Upgrade-Install-Devuan/wikis/Minimal-install-guide There are now only two versions of Refracta Installer. If you select Refracta Installer from the System menu, you'll get the gui version, which uses Yad for a graphical front end. If you don't have Yad installed, you can run the cli script. You can call either script from command line with 'refractainstaller' for the cli-based script or 'refractainstaller-yad' for the gui. Both scripts support installation on UEFI or BIOS hardware. See comments in /etc/refractainstaller.conf for various options that can be set there. See /usr/lib/refractainstaller/installer_exclude.list if you want to change the list of files/directories that won't be copied to the installed system. INSTALLING TO RAID OR LVM This can be done using the cli installer and some manual preparations. See https://dev1galaxy.org/viewtopic.php?id=2323 INSTALLING PACKAGES and PACKAGE SOURCES You can install software from the repository using apt, apt-get, aptitude or Synaptic Package Manager. You need to update the package cache before you can install anything. As root, run 'apt-get update' or 'aptitude update' first, or in Synaptic, click on Reload. WARNING: Synaptic may not start from the menu, or worse, it might start without requiring a password. If synaptic does not start with the normal 'Synaptic Package Manager' menu entry, use the alternate entry, which will ask for the root password. If synaptic starts without requiring a password, and if that's a security risk for you, you should remove the package and just use the command-line for installing packages. NOTE: Gparted has the same issue. This is Refracta-9.0 (Xfce version) built from a Devuan debootstrap install. It was built from the ground up without systemd or its libraries installed. *** Uncomment the deb-src lines in /etc/apt/sources.list if you want to install source packages. Apt is set not to install recommended and suggested packages along with any packages you choose to install. This helps to reduce the size of the live-CD image. To change this behavior, edit /etc/apt/apt.conf and comment out the two lines with double forward slashes, like this: //APT::Install-Recommends 0; //APT::Install-Suggests 0; INSTALLED SOFTWARE This build contains a lot of command-line utilities. A partial list follows. For a complete list of installed packages, see Refracta/package_list on the installation media. cryptsetup curl htop ddrescue dosfstools ethtool fdupes fuse hardinfo hddtemp hdparm hwinfo iftop irssi lm-sensors lshw lvm2 ntfs-3g ntfsprogs openssh-server p7zip-full partimage pppconfig pppoeconf ps_mem.py read-edid rsync sdparm smartmontools squashfs-tools sshfs sysv-rc-conf testdisk unzip w3m whois zsync CONTRIB and NON-FREE REPOSITORIES The contrib and non-free repositories are not enabled at this time. They may be enabled in a future release. Until then, you can add the words, "contrib" and/or "non-free" to /etc/apt/sources.list like this: deb http://us.mirror.devuan.org/merged/ ascii main contrib non-free Update the package cache after editing sources.list. BACKPORTS REPOSITORY Newer versions of the linux kernel and other software are available in the backports repository. Uncomment the deb line in /etc/apt/sources.list # Devuan Backports deb http://packages.devuan.org/merged ascii-backports main Then run: apt-get (or aptitude) update apt-get (or aptitude) -t ascii-backports install ... After you get what you want, comment out the deb line and run update again. (Note: At this time, backports priority is pinned to 100 to prevent accidental replacement of packages with backported versions. June 2016 See /etc/apt/preferences.d/releases) ======================================================================== SNAPSHOT ======================================================================== MAKE YOUR OWN LIVE-CD After you install to hard drive and configure the software and desktop the way you want, run Refracta Snapshot (from the System menu) or run refractasnapshot (in a console) to create an iso image that you can burn to CD. You need a lot of free space on the hard drive to create a snapshot. Run 'df -h' to make sure you're not using more than around 30-35% of the disk. (Less free space is needed if some of the used space is taken up by other snapshots or by a saved copy of the system in the work directory.) See comments in /etc/refractasnapshot.conf for various options that can be set there. See /usr/lib/refractasnapshot/snapshot_exclude.list if you want to change the list of files/directories that won't be copied to the live system. MAKE YOUR OWN LIVE-USB 1. refracta2usb (Preferred method) This script will create a bootable usb device and puts the filesystem from your live-CD image into a pre-formatted fat32 partition. You can create a second partition, formatted as ext2 on the stick. The second partition can be used to store files. It can be used in the standard debian-live manner of persistence, or with the use of some custom scripts in Refracta, it can be used as an encrypted /home directory. (see /usr/share/doc/refracta2usb/readme.refracta2usb.txt) 2. iso-hybrid (only if you must) This is good if you just need to transfer the image to removable media for the purpose of installation to hard drive, or if you just want to check out Refracta without burning a CD. Use the dd command, and be careful! A usb drive prepared this way will act like a live-CD. It will be a read-only system, and you will not be able to create a second partition on the device. If you later want to use the device for data storage, you'll need to zero the first 2048 KB before re-writing the partition table. ============================================ Quick Notes / Howtos ============================================= ___ SSH INTO LIVE-CD FROM REMOTE CLIENT ___ From remote-client: ssh user@host(or IP number) The ssh server is turned on and root access with password is allowed on the live-CD. Root access gets disabled upon installation. If you wish to turn it off during a session, go to the System menu, choose Services and un-check the box for ssh. Or, from the command line: /etc/init.d/ssh start|stop|restart ============================================= ___ MOUNT A REMOTE SHARE WITH SSHFS ___ # mount sshfs user@host:/home/user # unmount fusermount -u ================================ ___ MOUNT/UNMOUNT ENCRYPTED PARTITION ___ cryptsetup luksOpen /dev/sdX label mount /dev/mapper/label umount cryptsetup luksClose /dev/mapper/label ================================== ___ MOUNT/UNMOUNT ENCRYPTED LVM ___ sudo cryptsetup luksOpen /dev/sdxY label # then run lvdisplay to get the vg name and lv name sudo vgchange -a y mount /dev/mapper/ umount sudo vgchange -a n sudo cryptsetup luksClose label ==================================== ___ TO CREATE AN ENCRYPTED PARTITION ___ cryptsetup luksFormat /dev/sdxY cryptsetup luksOpen /dev/sdxY label mke2fs -j /dev/mapper/label or: mke2fs -t ext4 /dev/mapper/label Then mount/unmount as above. ==================================== ___ MOUNT NTFS PARTITION ___ mount -t ntfs-3g -o rw,umask=000 /dev/sdxY ================================== ___ MOUNT WINDOWS SHARE ___ # This needs troubleshooting. mount.cifs //windows-host/user -o uid=user,gid=user umount.cifs # This works: Thunar (File Manager) --> Network --> choose a workgroup ================================= ___ EXAMINE AND MOUNT RAID ARRAY ___ # Commands to get information. mdadm --examine /dev/sda2 mdadm --detail /dev/md0 mdadm -E -s (examine and scan config file for missing information) cat /proc/mdstat ls -l /dev/md* mdadm -Q /dev/sd[a-f][1-9] mdadm --examine /dev/sda2 mdadm --detail /dev/md0 mdadm -E -s (examine and scan config file for missing information) cat /proc/mdstat ls -l /dev/md* mdadm -Q /dev/sd[a-f][1-9] OR... mdadm --assemble /dev/md0 /dev/sda15 /dev/sdb15 fdisk -l /dev/sda or parted /dev/sda print (or vgdisplay -v) to find out what your MD base volumes are. mount /dev/md0 ================================= ___ VNC over SSH ___ (Optional) Add ssh authorization key: ssh-add /path-to-key/id_rsa There are several ways to start a vnc session. 1. Use custom scripts: vncssh (on client) and vncserv (on server) If xserver is running and user is logged in to desktop on remote-host, open a terminal on the client and run vncssh. vncssh [user@][:xdisplay] [port] (user, xdisplay and port are optional) Examples: vncssh someserver.com:0 vncssh fred@homeserver 1234 If user is not logged in on remote host, but xserver is running: vncssh root@remote-host 2. If the server does not have the vncserv script, but it does have x11vnc installed, you can edit /usr/local/bin/vncssh and change: cmd="/usr/local/bin/vncserv" to cmd="x11vnc -auth /var/run/lightdm/root/:0 -localhost -display :0" 3. Do it manually, without the scripts: Start remote vnc server over ssh: ssh -t -L 5900:localhost:5900 user@remote-host 'x11vnc -localhost -display :0' If user is not logged in on remote host, or if the remote host is using some display manager other than lightdm, do something like the following. Log into remote host through ssh and get the auth file from 'ps ax | grep auth'. For lightdm, it will probably be /var/run/lightdm/root/:0 and for gdm3, find the line in the output that has gmd3 in it and look to the end for a filename with random characters in it. Then exit and run: ssh -t -L 5900:localhost:5900 root@remote-host 'x11vnc \ -auth /path/to/authfile -localhost -display :0' Once you've started the remote vnc server, open another terminal, and connect to the remote desktop with: vncviewer -encodings "copyrect tight hextile" localhost:0 4. If xserver is not running on the remote-host, you won't be able to use x11vnc. You can remedy this on the server by installing xvfb and editing /usr/local/bin/vncserv to uncomment the following lines: #else # x11vnc -create -env FD_PROG=/usr/bin/xfce4-session \ # -env X11VNC_FINDDISPLAY_ALWAYS_FAILS=1 \ # -env X11VNC_CREATE_GEOM=${1:-1024x768x16} \ # -gone 'killall Xvfb' \ # -bg -nopw ___ YET ANOTHER WAY TO DO VNC ___ This way is ok on a local network but is not as secure as with ssh. On the server: Main menu --> Internet --> X11VNC Server Click OK (or change the port if you want) Another window comes up, check the box next to "Accept Connections" Optionally, you can create a password. Click Apply or OK On the client, issue the command: vncviewer A small window comes up; enter the name or IP number of the remote server. Click OK (Alternate: 'vncviewer remote-host:0) For more details, see http://www.karlrunge.com/x11vnc/ ================================= ___ SAMPLE WIRELESS CONFIGURATION ___ Sample wireless configuration Manual configuration (not needed if wicd works) Edit /etc/network/interfaces This example is for WPA2 Personal encryption with shared ASCII key. Items marked with ### are only needed for encrypted networks. Use appropriate local IP numbers. # wireless interface iface wlan0 inet static wpa-driver wext wpa-ssid ### wpa-proto is WPA for WPA1 (aka WPA) or RSN for WPA2 wpa-proto RSN ### wpa-pairwise and wpa-group is TKIP for WPA1 or CCMP for WPA2 wpa-pairwise CCMP wpa-group CCMP ### use 'wpa_passphrase [passphrase]' to generate hex-key ### enter the result below wpa-psk address 192.168.xxx.xxx netmask 255.255.255.0 gateway 192.168.1.1 (maybe) auto wlan0 Start/stop the interface with: ifup wlan0 ifdown wlan0 Add router or dns server address to /etc/resolv.conf nameserver 192.168.1.1 ====================================== _____read-edid_____ get-edid | parse-edid ======================================