From 9e340a5485024e575e610086ae9d642c3c91de8f Mon Sep 17 00:00:00 2001 From: Marco Buratto Date: Mon, 29 Oct 2018 14:39:05 +0100 Subject: [PATCH 1/3] README: a different incipit --- README.md | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 4a50a97..ddc4d4c 100644 --- a/README.md +++ b/README.md @@ -4,21 +4,12 @@ Next Generation Linux live distributions concepts A live operating system allows booting from a removable medium, such a USB key, without the need of being installed to the hard drive. -Once written onto a USB key, a common live operating system is usually made up of one ISO9660 partition, containing the kernel, the initrd, the compressed filesystem.squashfs image and the second stage bootloader, usually *isolinux* (the boot sector code linking the second stage bootloader is contained within the MBR of the key). Modern lives also add a UEFI partition. +None of the existing live operating systems provide a kernel update feature: the kernel and the initrd are the only components that a live operating system cannot update, because they lay outside of the data persistence partition (if any) and usually the system partition is ISO9660-formatted. This will soon lead to an outdated operating system, particularly unsafe if used as a desktop-replacement or for security-critical activities. -If you need a live system which does data persistence, you will find another partition, usually an EXT4 one. This is pretty common as well. - -There are a few live distibutions which support the UEFI Secure Boot (Debian lives do not), but no distribution is capable of updating the kernel maintaining a ISO9660 filesystem, which is the best option for a live. - -The aim of the liveng project is to give the Community a set of best practices in order to transform a common Debian Linux live into a live(ng) operating system which does: +The aim of the liveng project is to give the Community a set of best practices in order to transform a common (Debian Stretch) Linux live into a live(ng) operating system which features: * native encrypted persistence; * kernel update (on a live ISO 9660 filesystem!); * UEFI, with UEFI Secure Boot compatibility, with a real efi partition. - -As the base of liveng we have chosen the Debian Stretch live distribution. - -This Github repository hosts: -* source documentation files for Read the Docs, see https://liveng.readthedocs.io; -* a set of proof-of-concepts scripts. +This Github repository hosts all the source documentation files for Read the Docs, see https://liveng.readthedocs.io. From 870b531c92d67974b42a4effb5a24578380b664c Mon Sep 17 00:00:00 2001 From: Marco Buratto Date: Mon, 29 Oct 2018 14:46:42 +0100 Subject: [PATCH 2/3] README and index: a different incipit --- README.md | 2 +- docs/source/index.rst | 16 +++++++++++++--- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index ddc4d4c..05e948a 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ A live operating system allows booting from a removable medium, such a USB key, None of the existing live operating systems provide a kernel update feature: the kernel and the initrd are the only components that a live operating system cannot update, because they lay outside of the data persistence partition (if any) and usually the system partition is ISO9660-formatted. This will soon lead to an outdated operating system, particularly unsafe if used as a desktop-replacement or for security-critical activities. -The aim of the liveng project is to give the Community a set of best practices in order to transform a common (Debian Stretch) Linux live into a live(ng) operating system which features: +The aim of the liveng project is to give the Community a set of best practices in order to turn a common (Debian Stretch) Linux live into a live(ng) operating system which features: * native encrypted persistence; * kernel update (on a live ISO 9660 filesystem!); diff --git a/docs/source/index.rst b/docs/source/index.rst index 8c27731..4ecb931 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -5,13 +5,23 @@ liveng A live operating system allows booting from a removable medium, such a USB key, without the need of being installed to the hard drive. -Once written onto a USB key, a common live operating system is usually made up of one ISO9660 partition, containing the kernel, the initrd, the compressed filesystem.squashfs image and the second stage bootloader, usually *isolinux* (the boot sector code linking the second stage bootloader is contained within the MBR of the key). Modern lives also add a UEFI partition (some add a "fake" one). + +Why liveng +^^^^^^^^^^ + +None of the existing live operating systems provide a **kernel update feature**: the kernel and the initrd are the only components that a live operating system cannot update, because they lay outside of the data persistence partition (if any) and usually the system partition is ISO9660-formatted. This will soon lead to an outdated operating system, particularly unsafe if used as a desktop-replacement or for security-critical activities. + + +More features +^^^^^^^^^^^^^ + +Once written onto a USB key, a common live operating system is usually made up of one ISO9660 partition, containing the kernel, the initrd, the compressed filesystem.squashfs image and the second stage bootloader, usually *isolinux* (the boot sector code linking the second stage bootloader is contained within the MBR of the key). Modern lives also add a UEFI partition (some add a "fake" one). If you need a live system which does data persistence, you will find (or need to create) another partition, usually an EXT4 one. This is pretty common as well. -There are a few live distibutions which support the UEFI Secure Boot (Debian lives do not), but no distribution is capable of updating the kernel maintaining a ISO9660 filesystem, which is the best option for a live. +There are only a few live distibutions which support the UEFI Secure Boot (Debian lives do not), and, as stated before, no distribution is capable of updating the kernel maintaining a ISO9660 filesystem, which is the best option for a live. -The aim of the liveng project is to give the Community a set of best practices in order to transform a common Debian Linux live into a live(ng) operating system which does: +The full aim of the liveng project is to give the Community a set of best practices in order to turn a common Debian Linux live into a live(ng) operating system which features: * native encrypted persistence; * kernel update (on a live ISO 9660 filesystem!); From 7884ca79902a572511cdb437a3537b4a7091b9b4 Mon Sep 17 00:00:00 2001 From: Marco Buratto Date: Mon, 29 Oct 2018 14:51:09 +0100 Subject: [PATCH 3/3] README and index: a different incipit --- docs/source/index.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/source/index.rst b/docs/source/index.rst index 4ecb931..058faf3 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -23,9 +23,9 @@ There are only a few live distibutions which support the UEFI Secure Boot (Debia The full aim of the liveng project is to give the Community a set of best practices in order to turn a common Debian Linux live into a live(ng) operating system which features: -* native encrypted persistence; +* native **encrypted persistence**; * kernel update (on a live ISO 9660 filesystem!); -* UEFI, with UEFI Secure Boot compatibility, with a real efi partition. +* UEFI, with **UEFI Secure Boot compatibility**, with a real efi partition. As the base of liveng we have chosen the Debian Stretch live distribution.