Difference between revisions of "LMDE"
m |
|||
Line 258: | Line 258: | ||
==Install special software== |
==Install special software== |
||
− | ===pwsafe=== |
||
− | Have to backport from squeeze: get and install those |
||
− | http://ftp.de.debian.org/debian/pool/main/o/openssl/libssl0.9.8_0.9.8o-4squeeze14_amd64.deb |
||
− | http://ftp.de.debian.org/debian/pool/main/p/pwsafe/pwsafe_0.2.0-3_amd64.deb |
||
===virtualbox=== |
===virtualbox=== |
||
Line 274: | Line 270: | ||
https://dl.google.com/linux/direct/google-musicmanager-beta_current_amd64.deb |
https://dl.google.com/linux/direct/google-musicmanager-beta_current_amd64.deb |
||
− | ===bp-tools=== |
||
− | From http://www.eftlab.co.uk/index.php/downloads/bp-tools |
||
− | <br>Needs libpthread-stubs0: |
||
− | http://ftp.de.debian.org/debian/pool/main/libp/libpthread-stubs/libpthread-stubs0_0.3-3_amd64.deb |
||
− | |||
− | apt-get install libsqlite3-dev sqlite3 |
||
− | dpkg --purge bp-tools |
||
− | dpkg -i bp-tools_14.04_amd64_free.deb |
||
===dropbox=== |
===dropbox=== |
||
apt-get install nemo-dropbox |
apt-get install nemo-dropbox |
||
To avoid autostart: |
To avoid autostart: |
||
* Settings / Startup Apps Prefs / disable Dropbox |
* Settings / Startup Apps Prefs / disable Dropbox |
||
− | ===[[Belgian eID]]=== |
||
− | cf http://eid.belgium.be/fr/utiliser_votre_eid/installer_le_logiciel_eid/linux/ |
||
− | <br>-> debian 64 |
||
− | <br>See also https://code.google.com/p/eid-mw/wiki/ChromeLinux : |
||
− | <pre> |
||
− | libnss3-tools - Network Security Service tools |
||
− | </pre> |
||
− | Close Chrome |
||
− | cd |
||
− | modutil -dbdir sql:.pki/nssdb/ -add "Belgium eID" -libfile /usr/lib/libbeidpkcs11.so |
||
− | modutil -dbdir sql:.pki/nssdb/ -list |
||
− | ===EMV-CAP=== |
||
− | python setup.py install |
||
− | And install: |
||
− | <pre> |
||
− | python-pyscard - Python wrapper above PC/SC API |
||
− | </pre> |
||
− | ===IDA Pro=== |
||
− | See http://blog.stalkr.net/2014/01/ida-on-debian-amd64-with-python.html |
||
− | <br>Run installation file |
||
− | <br>It requires libglib2.0-0 but because of chromium/jessie we need the jessie one: |
||
− | apt-get install -t jessie libglib2.0-0:i386 libselinux1:i386 |
||
− | |||
− | apt-get install libstdc++6:i386 libc6-i686:i386 libexpat1:i386 libffi6:i386 libfontconfig1:i386 libfreetype6:i386 libgcc1:i386 libglib2.0-0:i386 \ |
||
− | libice6:i386 libpcre3:i386 libpng12-0:i386 libsm6:i386 libstdc++6:i386 libuuid1:i386 libx11-6:i386 libxau6:i386 libxcb1:i386 \ |
||
− | libxdmcp6:i386 libxext6:i386 libxrender1:i386 zlib1g:i386 |
||
− | apt-get install libpython2.7:i386 |
||
===Skype=== |
===Skype=== |
||
Take Debian 7 multiarch version: http://www.skype.com/en/download-skype/skype-for-linux/downloading/?type=debian32 |
Take Debian 7 multiarch version: http://www.skype.com/en/download-skype/skype-for-linux/downloading/?type=debian32 |
||
Line 346: | Line 307: | ||
Avoid it to start automatically: |
Avoid it to start automatically: |
||
update-rc.d gogoc disable |
update-rc.d gogoc disable |
||
− | ===logkeys=== |
||
− | apt-get install logkeys |
||
− | Find keyboard device to see which eventX to use: |
||
− | grep "^[NH]" /proc/bus/input/devices |
||
− | Edit /etc/default/logkeys: |
||
− | ENABLED=1 |
||
− | LOGFILE=/var/log/logkeys |
||
− | DEVICE=/dev/input/event0 |
||
− | Avoid it to start automatically: |
||
− | update-rc.d logkeys disable |
||
− | Allow starting it without password prompt: |
||
− | <br>Create /etc/sudoers.d/logkeys: |
||
− | <myuser> ALL = NOPASSWD: /etc/init.d/logkeys |
||
− | Provide stealth hooks, under your choice name, e.g. "sl" (for mispelled "ls") etc: |
||
− | #!/bin/bash |
||
− | sudo /etc/init.d/logkeys start >/dev/null |
||
− | echo "bash: $(basename $0): command not found" |
||
− | exit 127 |
||
− | |||
− | #!/bin/bash |
||
− | sudo /etc/init.d/logkeys stop >/dev/null |
||
− | echo "bash: $(basename $0): command not found" |
||
− | exit 127 |
||
− | ===Wireshark=== |
||
− | <pre> |
||
− | tshark - network traffic analyzer - console version |
||
− | wireshark - network traffic analyzer - GTK+ version |
||
− | </pre> |
||
− | |||
− | apt-get install wireshark tshark |
||
− | dpkg-reconfigure wireshark-common |
||
− | adduser <myuser> wireshark |
||
− | ===GUFW=== |
||
− | Firewall: |
||
− | apt-get install gufw |
||
− | Add entry in menu manually... see /usr/share/applications/gufw.desktop |
||
− | <br>Right-click the Mint Menu, select "Configure" then "Open the menu editor", Click a software category / "New Item". |
||
− | ===libnfc=== |
||
− | apt-get install libnfc5 libnfc-bin libnfc-examples libnfc-dev libnfc-pn53x-examples |
||
− | apt-get install libfreefare0 libfreefare-bin libfreefare-dev libfreefare-doc |
||
− | modprobe -r pn533 |
||
− | adduser <myuser> plugdev |
||
===Exim4=== |
===Exim4=== |
||
apt-get install exim4-daemon-light bsd-mailx |
apt-get install exim4-daemon-light bsd-mailx |
||
Line 403: | Line 322: | ||
+dc_smarthost='<mysmtpserver>::<mysmtpserverport>' |
+dc_smarthost='<mysmtpserver>::<mysmtpserverport>' |
||
+dc_hide_mailname='true' |
+dc_hide_mailname='true' |
||
− | ===mitmproxy=== |
||
− | <pre> |
||
− | mitmproxy - SSL-capable man-in-the-middle HTTP proxy |
||
− | </pre> |
||
− | See http://mitmproxy.org/ |
||
− | apt-get install mitmproxy/jessie python-netlib/jessie |
||
− | After first run of mitmproxy, certs are created. |
||
− | <br>Install ~/.mitmproxy/mitmproxy-ca-cert.cer as authority or: |
||
− | <br>Run mitmproxy, visit http://mitm.it and install certificate |
||
− | |||
− | To run mitmproxy on a router as transparent proxy, e.g. on the exit node of my VPN: |
||
− | <br>I keep same certs as my local ones |
||
− | scp -r .mitmproxy myvpn.box: |
||
− | <br>On myvpn.box I've the following scripts: |
||
− | <br>./mitmproxy: |
||
− | <source lang=bash> |
||
− | iptables -t nat -A PREROUTING -i tap0 -p tcp --dport 80 -j REDIRECT --to-port 8765 |
||
− | iptables -t nat -A PREROUTING -i tap0 -p tcp --dport 443 -j REDIRECT --to-port 8765 |
||
− | export LANG=en_US.UTF-8 |
||
− | mitmproxy -T --host -p 8765 $* |
||
− | iptables -t nat -D PREROUTING -i tap0 -p tcp --dport 80 -j REDIRECT --to-port 8765 |
||
− | iptables -t nat -D PREROUTING -i tap0 -p tcp --dport 443 -j REDIRECT --to-port 8765 |
||
− | </source> |
||
− | ./mitmdump: |
||
− | <source lang=bash> |
||
− | iptables -t nat -A PREROUTING -i tap0 -p tcp --dport 80 -j REDIRECT --to-port 8765 |
||
− | iptables -t nat -A PREROUTING -i tap0 -p tcp --dport 443 -j REDIRECT --to-port 8765 |
||
− | export LANG=en_US.UTF-8 |
||
− | mitmdump -T --host -p 8765 $* |
||
− | iptables -t nat -D PREROUTING -i tap0 -p tcp --dport 80 -j REDIRECT --to-port 8765 |
||
− | iptables -t nat -D PREROUTING -i tap0 -p tcp --dport 443 -j REDIRECT --to-port 8765 |
||
− | </source> |
||
− | And I can call them remotely: |
||
− | <br>vpn_mitmproxy: |
||
− | <source lang=bash> |
||
− | ssh -t myvpn.box ./mitmproxy $* |
||
− | </source> |
||
− | |||
− | vpn_mitmdump: |
||
− | <source lang=bash> |
||
− | ssh myvpn.box ./mitmdump $* |
||
− | </source> |
||
− | ===[[PyCryptoPlus]]=== |
||
− | $ git clone https://github.com/doegox/python-cryptoplus |
||
− | $ cd python-cryptoplus/ |
||
− | # python setup.py install |
||
==Install Debian software== |
==Install Debian software== |
||
===libnfc/libfreefare=== |
===libnfc/libfreefare=== |
Revision as of 21:12, 3 April 2014
Intro
Notes while replacing my Debian by LMDE.
This included recovery of some settings so those are not notes for an install from scratch.
LMDE 201403
Installation
See http://www.linuxmint.com/download_lmde.php
Linux Mint has a nice graphical tool for manual repartitioning but not yet LMDE...
Install LMDE with manual partitioning
- it tells us we should mount target partition ourselves under /target
- crypsetup luksOpen /dev/sda1 sda1_crypt # has to be the same ref as in the crypttab later
- mount /dev/sda1_crypt /target
- continue installation
- inject proper config in /etc/crypttab and /etc/fstab
First I mount /home in /home.old (mkdir /home.old) so I can access both fresh user homedir and old one, then move content of /home into /home.old and change fstab to mount on /home next time
Add Debian repositories
LMDE is based on Debian testing but with some delay and I had quickly the issue that my chromium profile was saved by a chroimum version newer than the one in LMDE repos.
/etc/apt/sources.list.d/debian.list :
deb http://ftp.be.debian.org/debian/ jessie main contrib non-free deb-src http://ftp.be.debian.org/debian/ jessie main contrib non-free
We need some pinning to avoid jessie taking over the LMDE repositories. The problem is that they have both the exact same keywords:
$ apt-cache policy [...] 500 http://debian.linuxmint.com/latest// testing/main amd64 Packages release o=Debian,a=testing,n=jessie,l=Debian,c=main 500 http://ftp.be.debian.org/debian/ jessie/main amd64 Packages release o=Debian,a=testing,n=jessie,l=Debian,c=main
So we can only differentiate by origin:
/etc/apt/preferences.d/debian-package-repositories.pref:
+Package: * Pin: origin ftp.be.debian.org Pin-Priority: 400
apt-get update
And to use Jessie repo e.g.:
apt-get install chromium/jessie
Tuning
To be able to use encfs & sshfs:
adduser <myuser> fuse
Cinnamon tuning:
- pin progs to panel: drag & drop from menu
- change user picture: Settings / Account details
- Hide Icons on the Desktop: Settings / Desktop
- Add a Program Shortcut to the Mint Menu: Right-click the Mint Menu, select "Configure" then "Open the menu editor", Click a software category / "New Item".
applet Multicode System Monitor: see http://cinnamon-spices.linuxmint.com/applets/view/79
apt-get install gir1.2-gtop-2.0
Settings / Applets / Get more / search network -> NMulticode System Monitor
Right click on bar / add applets
Install software
First ones
First ones are:
etckeeper - store /etc in git, mercurial, bzr or darcs
to save /etc with git
intel-microcode - Processor microcode firmware for Intel CPUs
to fix some warnings at boot time about some missing ucode:
platform microcode: firmware: agent aborted loading intel-ucode/06-2a-07 (not found?)
debian
apt-listchanges - package change history notification tool apt-rdepends - Recursively lists package dependencies dlocate - fast alternative to dpkg -L and dpkg -S equivs - Circumvent Debian package dependencies
system tools
bridge-utils - Utilities for configuring the Linux Ethernet bridge extlinux - collection of boot loaders (ext2/3/4 and btrfs bootloader) memtest86+ - thorough real-mode memory tester openssh-server - secure shell (SSH) server, for secure access from remote machines openvpn - virtual private network daemon pcscd - Middleware to access a smart card using PC/SC (daemon side) pcsc-tools - Some tools to use with smart cards and PC/SC smartmontools - control and monitor storage systems using S.M.A.R.T. usbview - USB device viewer uuid - the Universally Unique Identifier Command-Line Tool wfrench - French dictionary words for /usr/share/dict wine - Windows API implementation - standard suite
utils
an - very fast anagram generator baobab - GNOME disk usage analyzer bleachbit - delete unnecessary files from the system calibre - e-book converter and library management comix - GTK Comic Book Viewer gnumeric - spreadsheet application for GNOME - main program gt5 - shell program to display visual disk usage with navigation htop - interactive processes viewer impressive - PDF presentation tool with eye candies iotop - simple top-like I/O monitor link-grammar - Carnegie Mellon University's link grammar parser mc - Midnight Commander - a powerful file manager mosh - Mobile shell that supports roaming and intelligent local echo polygen - generator of random sentences from grammar definitions powertop - diagnose issues with power consumption and management psutils - PostScript document handling utilities pv - Shell pipeline element to meter data passing through pyp - sed/awk-like tool with Python language screen - terminal multiplexer with VT100/ANSI terminal emulation signing-party - Various OpenPGP related tools synergy - Share mouse, keyboard and clipboard over the network transgui - Front-end to remotely control Transmission unetbootin - installer of Linux/BSD distributions to a partition or USB drive unison - file-synchronization tool for Unix and Windows wodim - command line CD/DVD writing tool
devel
ddd - The Data Display Debugger, a graphical debugger frontend dissy - graphical frontend for objdump git-annex - manage files with git, without checking their contents into git gitk - fast, scalable, distributed revision control system (revision tree visualizer) git-svn - fast, scalable, distributed revision control system (svn interoperability) gperf - Perfect hash function generator hexedit - view and edit files in hexadecimal or in ASCII indent - C language source code formatting program lua5.1 - Simple, extensible, embeddable programming language meld - graphical tool to diff and merge files nasm - General-purpose x86 assembler uncrustify - C, C++, C#, D, Java and Pawn source code beautifier wdiff - Compares two files word by word
ipython - enhanced interactive Python shell python-tk - Tkinter - Writing Tk applications with Python python-setuptools - Python Distutils Enhancements (setuptools compatibility) libpython2.7-dev - Header files and a static library for Python (v2.7)
autoconf - automatic configure script builder automake - Tool for generating GNU Standards-compliant Makefiles colormake - simple wrapper around make to colorize output libpcsclite-dev - Middleware to access a smart card using PC/SC (development files) libssl-dev - Secure Sockets Layer toolkit - development files libtool - Generic library support script libusb-1.0-0-dev - userspace USB programming library development files libusb-dev - userspace USB programming library development files
elec/embedded
android-tools-adb - Android Debug Bridge CLI tool android-tools-fastboot - Android Fastboot protocol CLI tool arduino - AVR development board IDE and built-in libraries gerbv - Gerber file viewer for PCB design opensc - Smart card utilities with support for PKCS#15 compatible cards
data
antiword - Converts MS Word files to text, PS and PDF cabextract - Microsoft Cabinet file unpacker catdoc - MS-Word to TeX or plain text converter dos2unix - convert text file line endings between CRLF and LF furiusisomount - ISO, IMG, BIN, MDF and NRG image management utility gpsprune - visualize, edit, convert and prune GPS data lsdvd - read the content info of a DVD mtd-utils - Memory Technology Device Utilities mtp-tools - Media Transfer Protocol (MTP) library tools page-crunch - PDF and PS manipulation for printing needs pdfchain - graphical user interface for the PDF Tool Kit pdftk - tool for manipulating PDF documents pgpdump - PGP packet visualizer pst-utils - tools for reading Microsoft Outlook PST files qprint - encoder and decoder for quoted-printable encoding recode - Character set conversion utility
audio
id3v2 - A command line id3v2 tag editor mp3blaster - Full-screen console mp3 and Ogg Vorbis player musescore - Full featured WYSIWYG score editor sox - Swiss army knife of sound processing
picture
darktable - virtual lighttable and darkroom for photographers exif - command-line utility to show EXIF information in JPEG files gifsicle - Tool for manipulating GIF images gimp-data-extras - An extra set of brushes, palettes, and gradients for The GIMP gimp-lensfun - Gimp plugin to correct lens distortion using the lensfun library gimp-texturize - generates large textures from a small sample gnuplot - Command-line driven interactive plotting program graphviz - rich set of graph drawing tools inkscape - vector-based drawing program jhead - manipulate the non-image part of Exif compliant JPEG files jpeginfo - Prints information and tests integrity of JPEG/JFIF files jpegpixi - Remove hot spots from JPEG images with minimal quality loss netpbm - Graphics conversion tools between image formats plotutils - GNU plotutils command line tools based on libplot pngtools - series of tools for PNG (Portable Network Graphics) images rawtherapee - raw image converter and digital photo processor
hugin - panorama photo stitcher - GUI tools autopano-sift-c - Automatically create control points for panorama image
video
cheese - tool to take pictures and videos from your webcam gaupol - subtitle editor for text-based subtitle files mencoder - MPlayer's Movie Encoder metacam - extract EXIF information from digital camera files mkvtoolnix - Set of command-line tools to work with Matroska files mkvtoolnix-gui - Set of tools to work with Matroska files - GUI frontend mp4tools - Suite of scripts to encode Audio and Video in many formats mpegdemux - MPEG1/2 system stream demultiplexer mplayer2 - next generation movie player for Unix-like systems
cclive - lightweight command line video extraction tool mimms - mms (e.g. mms://) stream downloader quvi - command line program to extract video download links youtube-dl - downloader of videos from YouTube and other sites
net
chromium-inspector - page inspector for the Chromium browser chromium - Chromium web browser esniper - simple, lightweight tool for sniping ebay auctions iftop - displays bandwidth usage information on an network interface ipcalc - parameter calculator for IPv4 addresses ipmitool - utility for IPMI control with kernel driver or LAN interface iptraf - Interactive Colorful IP LAN Monitor ipv6calc - small utility for manipulating IPv6 addresses mozplugger - Plugin allowing external viewers to be launched inside Mozilla subnetcalc - IPv4/IPv6 Subnet Calculator upnp-inspector - Python UPnP framework analyser upnp-router-control - UPnP compliant router manager
icedove - mail/news client with RSS and integrated spam filter support enigmail - GPG support for Thunderbird and Debian Icedove
Install special software
virtualbox
wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add - echo "deb http://download.virtualbox.org/virtualbox/debian wheezy contrib" > /etc/apt/sources.list.d/virtualbox.list apt-get update apt-get install virtualbox-4.3 /etc/init.d/vboxdrv setup
And extension pack at https://www.virtualbox.org/wiki/Downloads
google-musicmanager
https://dl.google.com/linux/direct/google-musicmanager-beta_current_amd64.deb
dropbox
apt-get install nemo-dropbox
To avoid autostart:
- Settings / Startup Apps Prefs / disable Dropbox
Skype
Take Debian 7 multiarch version: http://www.skype.com/en/download-skype/skype-for-linux/downloading/?type=debian32
dpkg -i skype-debian_4.2.0.13-1_i386.deb apt-get -f install dpkg -i skype-debian_4.2.0.13-1_i386.deb
Problem of sound? see http://forums.linuxmint.com/viewtopic.php?f=48&t=143634
Edit /etc/pulse/default.pa:
-load-module module-udev-detect +load-module module-udev-detect tsched=0
Googleearth
apt-get install googleearth-package make-googleearth-package dpkg -i googleearth_6.0.3.2197+1.1.0-1_amd64.deb apt-get -f install (dpkg -i googleearth_6.0.3.2197+1.1.0-1_amd64.deb)
Psi-plus
psi-plus - Qt-based XMPP/Jabber client (basic version) psi-plus-plugins - plugins for Psi+ libqca2-plugin-ossl - SSL/TLS support for the Qt Cryptographic Architecture
Recover backuped config:
~/.cache/psi+ ~/.config/psi+ ~/.local/share/psi+
Gogoc
gogoc - Client to connect to IPv6 tunnel brokers
Recover backuped config:
/etc/gogoc/
Avoid it to start automatically:
update-rc.d gogoc disable
Exim4
apt-get install exim4-daemon-light bsd-mailx
Check /etc/mailname for your machine FQDN
Add to /etc/aliases:
root: <myuser>
Add to /etc/email-addresses:
<myuser>: <myemail>
Add to /etc/exim4/passwd.client:
<mysmtpserver>:<myuser>:<mypwd>
Edit /etc/exim4/update-exim4.conf.conf:
+dc_eximconfig_configtype='satellite' +dc_other_hostnames= +dc_readhost='<mydomain>' +dc_smarthost='<mysmtpserver>::<mysmtpserverport>' +dc_hide_mailname='true'
Install Debian software
libnfc/libfreefare
libfreefare-bin - MIFARE card manipulations binaries libfreefare-dev - MIFARE card manipulations library (development files) libfreefare-doc - documentation for libfreefare libnfc-bin - Near Field Communication (NFC) binaries libnfc-dev - Near Field Communication (NFC) library (development files) libnfc-examples - Near Field Communication (NFC) examples libnfc-pn53x-examples - Near Field Communication (NFC) examples for PN53x chips only
Better to pin what we always want from Debian directly:
Add to /etc/apt/preferences.d/debian-package-repositories.pref
Package: libnfc* Pin: origin ftp.be.debian.org Pin-Priority: 990 Package: libfreefare* Pin: origin ftp.be.debian.org Pin-Priority: 990
Then
apt-get install libnfc-bin libnfc-dev libnfc-examples libnfc-pn53x-examples apt-get install libfreefare-bin libfreefare-dev libfreefare-doc
Install Security software
See Security packages.