Verified Commit 0eefe656 authored by Clark's avatar Clark
Browse files

Updates for Ubuntu template

parent 96a1ea71
......@@ -444,8 +444,100 @@ Creating custom virtual machines for QubesOS for Ubuntu and Windows.
** TODO Ubuntu
Recreate this guide (and rebuild default template):
https://blockforums.org/topic/310-guide-to-installing-qbuntu-ubuntu-1804-bionic-templatevm-in-qubes-402-rc1-more-screenshots/
Going to use qubes-builder package to build a "official" Ubuntu template. Start by creating a template (later to be deleted) that is used to build the Ubuntu template from =dom0=, then launch a terminal.
#+BEGIN_SRC sh
qvm-clone fedora-30 ubuntu-builder && \
qvm-prefs ubuntu-builder netvm sys-firewall && \
qvm-volume extend ubuntu-builder:private 30GB && \
qvm-run -a ubuntu-builder gnome-terminal
#+END_SRC
Then on the =ubuntu-builder= terminal, build the Ubuntu template...
#+BEGIN_SRC sh
gpg2 --import /usr/share/qubes/qubes-master-key.asc
#+END_SRC
Trust the master key just imported above...
#+BEGIN_SRC sh
gpg2 --edit-key 0x427F11FD0FAA4B080123F01CDDFA1A3E36879494
trust
5
y
q
#+END_SRC
Then verify the Qubes developer keys.
#+BEGIN_SRC sh
gpg2 --fetch-keys https://keys.qubes-os.org/keys/qubes-developers-keys.asc && \
sudo dnf install -y git createrepo rpm-build rpm-sign make python-sh rpmdevtools rpm-sign dialog && \
git clone https://github.com/QubesOS/qubes-builder && \
cd qubes-builder && \
sed -i "/DIST_DOM0/c\DIST_DOM0 ?= fc30" ./example-configs/qubes-os-r4.0.conf && \
sed -i "/DISTS_VM/c\DISTS_VM ?=" ./example-configs/qubes-os-r4.0.conf && \
./setup
#+END_SRC
Once setup begins, provide the following responses to each setup question.
| Question | Setting |
|----------------------------------------+---------------------------------------------------------|
| Download all dependencies? | Y |
| Add Key 0x36879494 | Yes |
| Add Key 0x42CFA724 | Yes |
| Qubes Release To Use To Build Packages | 4.0 (my installed version) |
| Source Repos To Use To Build Packages | QuesOS/qubes- (Stable) |
| Git Clone Faster? | Yes |
| Choose Pre-Built Packages | [none] |
| Build Template Only | Yes |
| Template... | ... |
| Builder Plugins Selection | (focal: builder-deb; fedora-31: builder-rpm, mgmt-salt) |
| Get Sources | Yes |
fc31+xfce
focal+desktop
builder-rpm
builder-debian
mgmt-salt
Then:
make install-deps
make get-sources
make qubes-vm
make template
Then on =dom0=.
#+BEGIN_SRC sh
qvm-run --pass-io ubuntu-builder 'cat /home/user/qubes-builder/qubes-src/linux-template-builder/rpm/install-templates.sh' > install-templates.sh && \
chmod +x install-template.sh && \
./install-template.sh
#+END_SRC
Then, add missing =qubes= packages using the repository hosted by =unman= of the Qubes OS project. https://qubes.3isec.org/
......@@ -454,10 +546,14 @@ First, import his Qubes OS GPG Signing key from 0x8B3F30F9C8C0C2EF using =sudo a
Then append the repository to =/etc/apt/sources.list=.
#+BEGIN_SRC sh
deb https://qubes.3isec.org/4.0 bionic main
deb https://qubes.3isec.org/4.0 focal main
#+END_SRC
Then =sudo apt update && sudo apt install qubes-gpg-split=.
Then =sudo apt update= and install some additional qubes packages.
#+BEGIN_SRC sh
sudo apt install qubes-gpg-split qubes-usb-proxy qubes-pdf-converter qubes-img-converter
#+END_SRC
** Windows VM
......@@ -668,7 +764,7 @@ On =dom0=, update =/etc/qubes-rpc/policy/qubes.Gpg= file so that it contains onl
bytecache-dev bytecache-gpg-vault ask,default_target=bytecache-gpg-vault
#+END_SRC
Restart =bytecache-gpg-vault= and =bytecache-dev=.
Restart =bytecache-gpg-vault= and =bytecache-dev=.
After restarting, test the split GPG vault by exporting the public key, which can then be provided to Gitlab (or Github), replacing the pub-key ID below with your own.
......@@ -790,10 +886,10 @@ rustup update
Install various libraries for Python.
#+BEGIN_SRC sh
sudo apt install -y python3-venv && \
sudo apt install -y python3-venv python3-pip python-pip && \
pip3 install --upgrade --user pip && \
pip3 install --user jedi autopep8 yapf flake8 flake8-bandit keystone-engine capstone ropper unicorn
pip install virtualenv
pip3 install --user jedi autopep8 yapf flake8 flake8-bandit keystone-engine capstone ropper unicorn && \
pip install virtualenv
#+END_SRC
** Ethereum
......@@ -826,7 +922,7 @@ sudo npm install -g truffle ganache-cli solium
** R
Install R from CRAN.
To install R on Debian-10 (Buster).
#+BEGIN_SRC sh
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E19F5F87128899B192B1A2C2AD5F960A256A04AF && \
......@@ -835,6 +931,15 @@ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E19F5F87128899B192
sudo apt install -y r-base
#+END_SRC
To install R on Ubuntu-18 (Bionic Beaver).
#+BEGIN_SRC sh
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E298A3A825C0D65DFD57CBB651716619E084DAB9 && \
sudo add-apt-repository 'deb https://cloud.r-project.org/bin/linux/ubuntu bionic-cran40/' && \
sudo apt update && \
sudo apt install -y r-base
#+END_SRC
** GDB
GDB is the GNU Project Debugger, facilitating low level analysis of executable programs by stepping through each operation. GDB comes with Debian, but I also install a few GDB utilities to enhance the debugging process.
......@@ -850,9 +955,9 @@ sudo apt install -y gdb && \
Radare2 is a reverse engineering framework.
#+BEGIN_SRC sh
sudo apt install radare2 && \
sudo apt install -y radare2 && \
r2pm init && \
r2pm -i rarop
r2pm update
#+END_SRC
** Zoom
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment