Documentation

The following documentation outlines where the Securix saga began and what is to be included with the base image and why it was chosen for base requirements.

Additional documentation, including tutorials and examples will follow in due course.

Background

It became apparent after, approximately, the 247th remaster of Knoppix to include the most recent version of ethereal, nmap, and a few other tools for a custom toolbox, that there had to be an easier way. By easier I refer to the length of time it would require me or my colleagues to have an up-to-date personalised toolkit for everyday work.

The requirements were simple enough, Debian based, live bootable, low resource usage, and upgradeable without complexity. The first three requirements were easily satisifed by Knoppix, however the 'upgradeable without complexity' was not. Morphix was the greatest contender with the perfect philosphy of modularity, however it was a little dated for our bleeding edge requirements. Slax was also a contender but was based on Slackware.

With a little spare time it was decided to blend the best of all worlds. A little bit of Knoppix hardware detection, a dash of Slax style modularity, and a sprinkle of Debian at the core were all a part of the Securix recipe.

The result is a distribution that is aimed to be easily customised to your requirements with minimal complexity, albeit with a little pre-requisite knowledge ;)

Base image components:

  • aufs

    Aufs is a stackable unification filesystem such as Unionfs, which unifies several directories and provides a merged single directory. This not only enables the modulartity of Securix but provides the ability for a true read/write live session.

  • fluxbox

    The fluxbox is the window manager of choice because of its small footprint and low overhead.

  • Iceweasel

    Iceweasel is added as a core component for the simple fact that a lot of applications support if not require one.

  • idesk

    Idesk has also been added to provide an icon capability for the desktop.

  • squashfs

    To ensure the maximum usage of our data medium the squashfs filesystem is used to provide high compression and efficient access.

  • udev

    For dynamic and controllable device node creation, udev was the only choice.

  • X.org

    With the aim of maintaining a Debian based system X.org is provided as the Xserver.

Package structure

The true flexibility of Securix is its ability to add functionality by the simple addition of tools and utilities packages, without the need for any complex remastering. When its time to add or upgrade features just download the appropriate package, copy it to the packages directory on the CD.

Package layout

Each package is a squashfs compressed image, that contains the files in a pseudo linux file structure. The only mandatory file required is the package description file which is contained in the /etc/securix/packages directory. This description file provides all the relevant information for the automagic generation of icons, menu entries and path variables. An example of the internal structure of a package 'foo' is shown below:

foo.package (squashfs)
    |
    +---- /etc/securix/packages
    |       |
    |       +-- foo.xml (description file)
    |
    +---- /lib
    |       |
    |       +--libfoo.so
    |
    +---- /usr/bin/special
    |       |
    |       +-- foo
    |       +-- xfoo
    |
    +---- /usr/share/icons
            |
            +-- foo32.xpm

From the example above the package 'foo.package' contains a binary file called 'xfoo', an associated library called 'libfoo.so' and the description file called 'foo'. The package contents is simply overlayed with the existing file structure during boot up using UNIONFS

Package description file

The package description file contains the required information for transparent integration into the live session. Information includes version numbers, descriptions, menu entries, icon entries, path variables and more.

Recently the description file was moved to an XML format to align itself with todays 'Open Standard' philosiphies. An example description file for the aforementioned 'foo' package may look something like this:

<?xml version='1.0'?>
<package>
    <version>1</version>
    <category>special</category>
    <programs>
        <entry name="foo" description="A program that returns bar." version="1.4" image=""/>
    </programs>
    <menus>
        <entry caption="Foo in the Menu" path="/usr/bin/special/xfoo" image="/usr/share/icon/foo32.xpm"/>
    </menus>
    <icons>
        <entry caption="Foo on the Desktop" path="/usr/bin/special/xfoo" image="/usr/share/icon/foo32.xpm"/>
    </icons>
    <path>/usr/bin/special</path>
    <files>
        <entry hash="1a641987158ec551800617871c6bb3c5" file="/usr/bin/special/foo"/>
        <entry hash="29483592c2417e850243f319a3611ca1" file="/usr/bin/special/xfoo"/>
    </files>
</package>

The above description file will place an entry in the fluxbox menu under the sub category 'Miscellaneous' as entry 'xfoo'. It will also ensure that the PATH '/usr/bin' is available at the console(s).

Copyright © www.securixlive.com 2005-2008

Powered by VMware Written with VIM Powered by Apache Best viewed with Firefox Source maintained with Subversion