#!/bin/sh #cnas-default-settings # Default settings file for CryptoNAS Live # # This file is a shell script included by the live-helper # scripts. Settings in "cnas-custom-settings" override # those here if that file exists. # Therefore, if you want to make local customizations to # your build settings, you should do: # "cp cnas-default-settings cnas-custom-settings" # and make changes to "cnas-custom-settings". # # Values in config/bootstrap, config/chroot, config/binary, # etc. will be used if they are not redefined by # cnas-custom-settings or cnas-default-settings. # # I've tried to include in this file the settings that # are most likely to be changed by a developer or custom # builder. If an option isn't here, you should look in # config/bootstrap, config/chroot, config/binary, # config/source, or config/common. # An "effective inclusion" diagram in Open Office format # will eventually be included in the repository for # documentation. # -----common----- # Internal stuff (FIXME) # The `--force-yes' option should be removed once `apt' is made to # recognize and use all the relevant GPG keys. `--yes' can stay. APT_OPTIONS="--yes" # $LH_ARCHITECTURE: select chroot architecture # (Default: autodetected) # Note: Debian Live is also designed to work on AMD64 and PowerPC LH_ARCHITECTURE="i386" # $LH_APT_SECURE: set apt/aptitude security # (Default: enabled) # Setting $LH_APT_SECURE to "disabled" breaks cdebootstrap # in the "bootstrap" build stage under Etch. LH_APT_SECURE="enabled" #-----bootstrap----- # $LH_MIRROR_BOOTSTRAP: set mirror to bootstrap from # # (1) apt-cacher (default) LH_MIRROR_BOOTSTRAP="http://127.0.0.1:3142/apt-cacher/ftp.debian.org/debian/" # (2) apt-proxy #LH_MIRROR_BOOTSTRAP="http://127.0.0.1:9999/debian" # (3) no caching proxy for apt #LH_MIRROR_BOOTSTRAP="http://ftp.us.debian.org/debian/" # $LH_MIRROR_CHROOT: set mirror to fetch packages from # (Default: http://ftp.us.debian.org/debian/) LH_MIRROR_CHROOT=$LH_MIRROR_BOOTSTRAP # $LH_MIRROR_CHROOT_SECURITY: set security mirror to fetch packages from # (Default: http://security.debian.org/) LH_MIRROR_CHROOT_SECURITY="http://127.0.0.1:3142/apt-cacher/security.debian.org/" #-----chroot----- # $LH_HOOKS: set hook commands # (Default: empty) LH_HOOKS="" # $LH_INTERACTIVE: set interactive build # (Default: disabled) LH_INTERACTIVE="disabled" # $LH_KEYRING_PACKAGES: set keyring packages # (Default: empty) LH_KEYRING_PACKAGES="" # $LH_LANGUAGE: set language to use # (Default: empty) LH_LANGUAGE="en" # $LH_LINUX_FLAVOURS: set kernel flavour to use # (Default: autodetected) # CryptoNAS will be VERY slow on anything less than a Pentium, # but you can add other flavors here if you want to. Note that # the first flavor in the list will be the default. #LH_LINUX_FLAVOURS="486 686" LH_LINUX_FLAVOURS="686" # $LH_LINUX_PACKAGES: set kernel packages to use # (Default: autodetected) LH_LINUX_PACKAGES="linux-image-2.6 ${LH_UNION_FILESYSTEM}-modules-2.6 squashfs-modules-2.6" #LH_LINUX_PACKAGES="" # $LH_PACKAGES: set packages to install # (Default: empty) LH_PACKAGES="" # $LH_PACKAGES_LISTS: set package list to install # (Default: standard) # FIXME: Use "minimal cryptonas" for CryptoNAS releases # Use "standard cryptonas-devel" for development LH_PACKAGES_LISTS="standard cryptonas-devel" #-----binary----- # $LH_BINARY_IMAGES: set image type # (Default: usb-hdd) # Valid choices are: # "iso" for CD-ROM builds # "usb-hdd" for other block devices # "net" for netboot # "tar" for ??? LH_BINARY_IMAGES="usb-hdd" # $LH_ENCRYPTION: set encrytion # (Default: disabled) LH_ENCRYPTION="disabled" # $LH_HOSTNAME: set hostname # (Default: cryptonas) LH_HOSTNAME="cryptonas" # $LH_ISO_PREPARER: set iso preparer # (Default: live-helper 1.0~a48; http://packages.qa.debian.org/live-helper) LH_ISO_PREPARER="live-helper 1.0~a48; http://packages.qa.debian.org/live-helper" # $LH_ISO_PUBLISHER: set iso publisher # (Default: Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org) LH_ISO_PUBLISHER="CryptoNAS project; http://cryptonas.org; cryptobox-dev@lists.systemausfall.org" # $LH_ISO_VOLUME: set iso volume (max 32 chars) # (Default: Debian Live $(date +%Y%m%d-%H:%M)) LH_ISO_VOLUME="CryptoNAS Live $(date +%Y%m%d-%H:%M)" #-----source----- # $LH_SOURCE: set source option # This is the easiest way to comply with the GNU GPL if you're # redistributing CryptoNAS on a CD-ROM. # (Default: disabled) LH_SOURCE="disabled" # It is recommended that CryptoNAS-specific variable # definitions follow the CNAS_FOO or _CNAS_FOO conventions to # avoid polluting the shared live-helper namespace. Additionally, # only variables starting with "CNAS_" will be available at # runtime via the scoreboard file. ############################################################### #deletefiles (at build time, from old dfsbuild config)="/etc/rcS.d/*discover \ #/etc/rcS.d/*lvm \ #/var/log/dpkg.log \ #/var/log/bootstrap.log" #CNAS_MAKEDIRS="" CNAS_ROOT_FS="/root" CNAS_HARDNESS="devel" CNAS_SCOREBOARD_DIR="/usr/share/cryptonas-live" # remove rc symlinks for these services CNAS_SERVICES_OFF="ssh setserial nviboot mountnfs ntpdate" # This part only applies if CNAS_HARDNESS is set to "secure": #CNAS_REMOVE_PACKAGES="strace \ # nvi nano vim vim-common vim-tiny \ # unzip zip aptitude tasksel locate \ # ssh elinks curl wget netkit-inetd telnet \ # exim4-daemon-light exim4-config exim4-base \ # ppp pppconfig pppoe pppoeconf iptables \ # subversion w3m wget lynx less screen \ # info iptables man-db manpages \ # openssh-server openssh-client" #CNAS_REMOVE_PACKAGES="strace nvi nano vim vim-common vim-tiny unzip zip aptitude tasksel locate ssh elinks curl wget netkit-inetd telnet exim4-daemon-light exim4-config exim4-base ppp pppconfig pppoe pppoeconf iptables subversion w3m wget lynx less screen info iptables man-db manpages openssh-server openssh-client" # config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/modules and # config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/network/interfaces # will now be used at boot time if they exist. The developer can specify # alternative files using the $CNAS_KMODULES and $CNAS_INTERFACES # variables. CNAS_INTERFACES="$CNAS_SCOREBOARD_DIR/etc.d/network/interfaces" CNAS_KMODULES="$CNAS_SCOREBOARD_DIR/etc.d/modules" # $LH_ENCRYPTION: set encryption type/key size # Encryption of the Debian Live media is broken under Etch. It may # work under Lenny. In particular, the loop-aes runtime is broken # in casper or initramfs-tools. #LH_ENCRYPTION="aes256" # More stuff from dfsbuild live-cd implementation to figure out: #/etc/profile = export TERM=vt100 # #/etc/syslog.conf = *.* /dev/tty8 # *.info /dev/tty7 #/etc/kernel-img.conf = do_initrd = Yes