-IR/AE v0.0.7.1
-
-Amendment: actually we're not doing that whole thing with locked down mounts
-I'm keeping the fstab around for future use, but for now that technology is not easily achievable
-
----
-
-IR/AE v0.0.7
-
-Remember in v0.0.2 when we made ALL of /etc and /var have rw+exec+suid?
-This update reverts that behaviour, because it was a security vulnerability.
-
-Instead, we do something much more paranoid - we draw inspiration from OpenBSD's pledge syscall, but kinda in reverse.
-With pledge, you signal what behaviours you need as your program starts up, gradually dropping privs as they are no longer required.
-With the IRAE startup sequence, we start with the bare minimum of privs - root has noexec,nodev,nosuid - and then give exec/dev/suid privs where needed.
-In our case, only the directories /etc/runit,/usr/bin,/usr/lib,/usr/libexec get exec, and even then they don't get suid.
-Among the few programs that do request suid privs in a base Linux install, about a quarter get denied those privs because those programs are either outdated or have other ways to be run with modified privs.
-
-Something pledge does have that IRAE doesn't is the ability to lock the program from making any more pledge calls, stopping a potentially compromised program from modifying its privs.
-We could accomplish this by stopping the kernel from mounting ANY new filesystems, but this obviously gets in the way of day-to-day tasks like mounting USB drives, or setting up containers.
-
-I'm not sure how to address this behaviour.
-As far as I know, Linux has no way to restrict mounts to *only* a particular part of the filesystem - ideally we would only allow new mounts in /mnt and /home - which might be possible with a highly custom SELinux module but is currently too complicated for now.
-
-The other big thing we did was fully add our initrd infra - codenamed init3 to the base IRAE image.
-init3 can be found in the directory /initrd
-
----
-
-IR/Abigail Everlasting v0.0.6 Second Edition
-
-Building a kernel and initrd required to boot the system is now considered within the scope of IRAE, expect infra in the next update
-
-Added packages:
-* pax-utils - provides the lddtree utility, which is used for our intrd infrastructure
-* busybox - general shell for initrd
-
-We REPLACED ConsoleKit2 with elogind, because CK2 hasn't been maintained since 2017
-
----
-
-Abigail Everlasting v0.0.6 First Edition
-
-Added the following packages to a default install:
-* vsv - a simple runit service manager, similar to systemctl on systemd
-* NetworkManager-{openconnect,openvpn,strongswan,pptp} - support for VPNs in NetworkManager
-* gnome-ssh-askpass - a simple GTK askpass program, meant so that people using encfs can get a nicer password dialog
-* podman - Container manager
-
-PodMan is the big package there - it should allow unprivileged containers, opposed to a traditional chroot, which requires root privs to bind-mount appropriate filesystems and exec the chroot syscall.
-Unprivileged containers are needed because some software should not necesarilly be flatpak'ed - common command line tools, or virtual machine managers (libvirt), or software that needs suid.
-Flatpak is a wonderful application format, but not a catch-all solution.
-By leveraging podman, we can set up an unprivileged traditional package-based Linux environment while keeping the host system immutable.
-
-This release is also the first to use the 20191109 tarball
-
----
-
-Abigail v0.0.5.9
-
-Few major changes since 0052
-Last update before 006
-
----
-
-Abigail v0.0.5.2
-
-Added xtools for if some folx want to build Void packages
-Might use this to transition mtowards using our own custom-built pkges
-
----
-
-Abigail v0.0.5.1
-
-Added lvm2 to pkgs because I have the big dumb
-
----
-
-Abigail v0.0.5
-
-Refined the build system a little bit, so that /rw would be automatically created, and also (hopefully) got LightDM to work on startup
-
----
-
-Abigail v0.0.4.9
-
-Updated version of 0.0.4
-Mostly involved adding some stuff for pulseaudio, no major changes
-
----
-
-Abigail v0.0.4
-
-Went back to using Void as a base system, and kept the /.pkgs /.svcs files from 0.0.2
-The build process was further automated by the file /.build, and patches were added to the directory /.patches
-
-An xfce4 desktop was packaged in this release, but users are free to compile other desktops as they like
-
-The biggest change was that we reverted to using glibc over musl. musl presented some interesting challenges, and hohnestly there's not much reason to use it anyways.
-
----
-
-Abby v0.0.3-kiss
-
-Third prototype.
-Experimented with using KISS Linux as a base instead of Void.
-Kiss retained many of the benefits of Gentoo, without the USE-based dependency hell that bootstrapping from Gentoo (which I tried originally) involved.
-Kiss was dropped due to having too few packages in its repos, and due to Flatpak failing to compile.
-
-This release was relatively insignifigant.
-
----
-
-Abyssal Penguin v0.0.2
-
-Second prototype!
-The previous version booted fine, but NetworkManager failed to work and xorg (granted, I'm testing this on a nvidia system) would always do the black-screen-no-response-cursor thingy
-
-The build process was improved, I added the files /.pkgs and /.svcs, which describe the packages used to build the base system, and the services enabled in the base system, respectively
-As such, most of the build process consists of two bash for-loops.
-
-The file /etc/runit/core-services/03-filesystems.sh still needs fixing.
-I opened an issue with upstream Void
-
-We switched to using musl-based Void
-
-Finally, the biggest change is that the entirety of /etc and /var is now mutable.
-This was decided after I took a look at how Fedora Silverblue was doing their OS; it should hopefully result in less fuckery, and means I won't have to rebuild the rootfs every time I find /another/ directory that needs rw
-From a security standpoint, this opens up a few new theoretical attack vectors, but given that you still need root to write to /etc or /var, it shouldn't be too big a deal
-
----
-
-Abyssal Penguin v0.0.1
-
-Prototype!
-I think I have a working rootfs now
-
-TODO: automate the build process
-
-BUILD:
-extract voidstrap tarball
-update it
-install: NetworkManager acpi acpid encfs gpm base-devel linux lm_sensors openntpd xz xorg xdm wget ecryptfs-utils btrfs-progs e2fsprogs hfsprogs reiserfs-progs reiser4-progs xfs-progs
-enable: NetworkManager acpid gpm ldm sshd openntpd xdm
-!!fix /etc/runit/core-services/03-filesystems.sh to not panic on a readonly root
projects / eostre.git / commitdiff