Package: bilibop Version: 0.4.16~quidame Architecture: amd64 Maintainer: bilibop project Installed-Size: 50 Depends: bilibop-lockfs (= 0.4.16~quidame), bilibop-rules (= 0.4.16~quidame) Homepage: https://un.poivron.org/~quidame/wiki/bilibop Priority: extra Section: metapackages Filename: pool/main/b/bilibop/bilibop_0.4.16~quidame_amd64.deb Size: 10828 SHA256: 2a1133f49920f5ddc5b8ed20355bde095a9c2fd60471ddaf4188736eb26b7ae3 SHA1: e489555328892b109ad47c628e0dc0ee00138c16 MD5sum: 1094ef6dba8b386d25eda5f8739a45bd Description: run Debian GNU/Linux from external media - metapackage Bilibop helps to maintain a Debian GNU/Linux operating system installed on an external media (USB, FireWire, Flash memory, eSATA). It hardens standard rules and policies to make the system more robust in this particular situation. . The installation of this metapackage will install other BILIBOP packages as dependencies. You should not install it, unless your system is writable and runs from an external device. . Some features may require Linux kernel 2.6.37 or higher to work properly. Package: bilibop-common Source: bilibop Version: 0.4.16~quidame Architecture: amd64 Maintainer: bilibop project Installed-Size: 212 Depends: udev Suggests: aufs-tools, bilibop-lockfs, bilibop-device-policy, cryptsetup, dmsetup, lvm2 Homepage: https://un.poivron.org/~quidame/wiki/bilibop Priority: optional Section: admin Filename: pool/main/b/bilibop/bilibop-common_0.4.16~quidame_amd64.deb Size: 62886 SHA256: bb9678567c7713b44fbce044122e519cac2d5ff798fa5f119a935fc7cbf0d3ee SHA1: c4ed3545a3204d63f3023e375bbfebb0a3d59436 MD5sum: 8f20f481b5d25e11945ef28a67190d4f Description: shell functions for bilibop scripts Bilibop helps to maintain a Debian GNU/Linux operating system installed on an external media (USB, FireWire, Flash memory, eSATA). It hardens standard rules and policies to make the system more robust in this particular situation. . This package provides shell functions usable by other bilibop scripts on the running system or into the initramfs environment. These functions use /dev, /proc and /sys databases to output the drive name or the partition hosting the running system, and are fully usable by any unprivileged user or application. Dm-crypt, LVM, loop devices and aufs root filesystems (and any combination of them) are supported. A 'drivemap' command is also provided, to show block devices in a tree of dependencies. . Some features may require Linux kernel 2.6.37 or higher to work properly. Package: bilibop-lockfs Source: bilibop Version: 0.4.16~quidame Architecture: amd64 Maintainer: bilibop project Installed-Size: 191 Depends: bilibop-common (= 0.4.16~quidame), initramfs-tools, initscripts (>= 2.88dsf-13.3) Recommends: aufs-tools, cryptsetup Suggests: bilibop-device-policy, gnome-icon-theme, libnotify-bin, plymouth Homepage: https://un.poivron.org/~quidame/wiki/bilibop Priority: optional Section: admin Filename: pool/main/b/bilibop/bilibop-lockfs_0.4.16~quidame_amd64.deb Size: 38908 SHA256: cc81168dcd5cacec60dcbdbc743e25ddedf1d1366ba11e6b97295f7b39264db0 SHA1: 9b5778777af9d6908a51923b8191d7ee82f79672 MD5sum: e9b701c109c9d0bbcbd771a9003559b8 Description: lock filesystems and write changes into RAM Bilibop helps to maintain a Debian GNU/Linux operating system installed on an external media (USB, FireWire, Flash memory, eSATA). It hardens standard rules and policies to make the system more robust in this particular situation. . If the lockfs feature is enabled (in a configuration file, in the boot commandline or by a heuristic), nothing will be written on the filesystems listed in /etc/fstab, except for those that have been whitelisted, or for the encrypted swap devices. . The root filesystem is locked (set readonly, using aufs) by an initramfs script which also modifies the temporary fstab to prepare other filesystems to be locked later by a mount helper script. . bilibop-lockfs provides the following features: * whitelist based policy: filesystems on which you want to allow persistent changes must be explicitly listed in a configuration file. * not only filesystems are set read-only, but also block devices: this forbids changes of the partition table, boot sectors, LUKS headers and LVM metadata. * management of swap devices, that can be used as is, noauto, only if encrypted or not used at all. * desktop notifications at startup about filesystems status, to inform the user that volatile or persistent changes are allowed or not, and where. . This package can be used as an alternative to fsprotect, especially for writable operating systems embedded on a USB stick; but it may also be installed on public or personal computers, for daily use, testing purposes or as a tool in anti-forensics strategies. . Some features may require Linux kernel 2.6.37 or higher to work properly. Package: bilibop-rules Source: bilibop Version: 0.4.16~quidame Architecture: amd64 Maintainer: bilibop project Installed-Size: 227 Depends: bilibop-common (= 0.4.16~quidame), initramfs-tools, initscripts (>= 2.88dsf-13.3), debconf (>= 0.5) | debconf-2.0 Recommends: grub-common, lvm2, udisks Suggests: bilibop-lockfs, cryptsetup, grub-coreboot | grub-efi-amd64 | grub-efi-ia32 | grub-ieee1275 | grub-pc, pmount, policykit-1 Conflicts: bilibop-udev Provides: bilibop-device-policy Homepage: https://un.poivron.org/~quidame/wiki/bilibop Priority: optional Section: admin Filename: pool/main/b/bilibop/bilibop-rules_0.4.16~quidame_amd64.deb Size: 48616 SHA256: ef2d79099a0ab80cd5fc64ed21afe9b84e8e9d3bf416f05b0112f9d032c1c561 SHA1: 84c3c4abfb5cbf363b69307ce63bc67fc88b0330 MD5sum: 2637b7d1fb3c0f3dd65f4b6f7d9e6f27 Description: device management rules for OS running from external media Bilibop helps to maintain a Debian GNU/Linux operating system installed on an external media (USB, FireWire, Flash memory, eSATA). It hardens standard rules and policies to make the system more robust in this particular situation. . This package provides a udev rules file to manage the external drive hosting the running system. Its main goal is to forbid low-level write access on this drive and its partitions by any unprivileged user or application, but some other convenient and optional rules have been added for desktop-level management of the system disk and partitions (need udisks), as well as the internal disks of the computer. The 'lsbilibop' command allows the admin to update udev properties of the devices after the configuration file has been modified. . To ease device management, bilibop-rules also provides helper scripts to: * build custom bilibop udev rules running faster than the generic ones * make some persistent and cumulative rules files unpersistent * use either a fake or an always-up-to-date grub device map * filter Physical Volumes, to activate only those needed by the system . This package is not designed to be used on internal disks. It works only for OS installed on removable and writable media, including LiveUSB systems. See also the bilibop-udev package. . Some features may require Linux kernel 2.6.37 or higher to work properly. Package: bilibop-udev Source: bilibop Version: 0.4.16~quidame Architecture: amd64 Maintainer: bilibop project Installed-Size: 66 Depends: bilibop-common (= 0.4.16~quidame) Suggests: bilibop-lockfs Conflicts: bilibop-rules Provides: bilibop-device-policy Homepage: https://un.poivron.org/~quidame/wiki/bilibop Priority: optional Section: admin Filename: pool/main/b/bilibop/bilibop-udev_0.4.16~quidame_amd64.deb Size: 12892 SHA256: 70d06816d93412e0f1de5e1e6d187b3766de1badf5141745619fa391a279e930 SHA1: 31371ec904d0e7bfc91fdd748c693b9d766c44f3 MD5sum: 33d4c299c8adcfa3595780580985cb64 Description: minimal udev rule for Debian GNU/Linux running from external media Bilibop helps to maintain a Debian GNU/Linux operating system installed on an external media (USB, FireWire, Flash memory, eSATA). It hardens standard rules and policies to make the system more robust in this particular situation. . This package provides a udev rules file to manage the external drive hosting the running system. Its goal is to forbid low-level write access on this drive and its partitions by any unprivileged user or application. . This package is not designed to be used on internal disks. It works only for OS installed on removable and writable media, especially LiveUSB systems. See also the bilibop-rules package. . Some features may require Linux kernel 2.6.37 or higher to work properly.