When using Ubuntu Live USB there is the option of using persistence to store changes on the USB. It uses aufs to layer a read-write filesystem on top of a read-only squashfs compressed filesystem. This is great, because it fits over 2GB worth stuff into a c. 700MB default live system and still allows changes to be stored.
The bad news is that updates quickly eat the rw space because old versions of applications cannot be removed to free space. Also, removing useless applications (like OO.o/LO in my case) doesn't free space, but can actually consume it.
Here's the process I used to merge changes back to the ro filesystem, in order to hopefully claim back some space. This is based on information on the Live CD Customization page in Ubuntu community documentation and various man pages.
Lets assume we have a directory on the hard drive where we've copied the casper/filesystem.squashfs file on the USB as fs.ro and the casper-rw file as fs.rw. First we mount the aufs by layering these:
mkdir -p tmp-ro tmp-rw tmp-aufs sudo mount -o loop fs.ro tmp-ro/ sudo mount -o loop fs.rw tmp-rw/ sudo mount -t aufs -o br:tmp-rw:tmp-ro none tmp-aufs/
Now tmp-ro shows the squshfs, tmp-rw shows the changes stored in caster-rw and tmp-aufs shows the layered filesystem as the live OS would see it.
Next we can generate the new squashfs using mksquashfs (from squashfs-tools):
sudo mksquashfs tmp-aufs/ filesystem.squashfs
Unfortunately, the mksquashfs from natty doesn't seem to support lzma, so it's gzip compression only
We can also generate new manifests based on the packages installed. I suppose this only matters if you mean to use the USB for installing to a HDD, but I did it anyway:
sudo chroot tmp-aufs/ dpkg-query -W --showformat='${Package} ${Version}\n' \ > filesystem.manifest cp filesystem.manifest filesystem.manifest-desktop sed -i -e '/ubiquity/d' -e '/casper/d' filesystem.manifest-desktop
Now we don't need the original filesystems anymore:
sudo umount tmp-aufs/ sudo umount tmp-rw/ sudo umount tmp-ro/ rm -rf tmp-rw tmp-aufs
Instead we temporarily mount the new squashfs to get the filesystem size:
sudo mount -o loop filesystem.squashfs tmp-ro/ printf $(sudo du -sx --block-size=1 tmp-ro | cut -f1) > filesystem.size sudo umount tmp-ro/ rmdir tmp-ro
Finally, we can make a new casper-rw of whatever size we need (I used 1GB):
dd if=/dev/zero of=casper-rw bs=1M count=1000 mkfs.ext3 -F casper-rw
Now the resulting files can be copied to the USB (back-up the old ones first!) and all should work. This procedure can also be used to easily customize USB installations from within the live environment.
Update: Updated below for 11.04/Natty.
So I had some trouble getting grub-reboot to work, since it only seems to like numbers, but I figured it out. I made a script to reboot to another kernel or OS (Windows for me) once, leaving the default unchanged.
First one must set GRUB_DEFAULT=saved
in /etc/default/grub
and run
update-grub
and grub-set-default
to set the default kernel (usually
'0' for the most recent Linux kernel).
Next, here's the script to immediately reboot to another menu entry from those normally displayed on reboot. It shows a list of available entries and asks which to reboot to. It's for Ubuntu, but may work with other sudo-using distros.
#!/bin/bash
# Read lines as fields IFS=" "
# Find the grub entries hack select opt in `grep menuentry /boot/grub/grub.cfg | sed "s/[^\"']*[\"']\([^\"']*\).*/\1/"` do # Numbering starts with 0 sudo grub-reboot $((REPLY - 1)) # Remove the next to only set the kernel, not actually reboot sudo reboot break done</code>
Running it from a terminal reboots to the chosen kernel or OS, while leaving the default as it was.
Unfortunately grub seems to sometimes discard the old default if one reboots twice in a row to the secondary OS, but I haven't been able to debug enough to report it yet.
Update: In Ubuntu 11.04 a grub2 feature called submenus is enabled by default and breaks the script. Editing /etc/grub.d/10_linux and commenting out the lines regarding submenus is a workaround.
AKA: .NET Sucks
I just had to reinstall a Windows XP virtual machine. To make all my programs run I had to manually hunt down and install four versions of the .NET runtime (1.1, 2.0, 3.0 and 3.5. Soon it will be five with 4.0) and the Visual C++ redistributable. Then Windows Update found several updates/SPs to all of them. In all this took at least eight reboots (lost count), though I might have been able to skip some if I felt daring.
Had I only had a plain old original WinXP CD instead of the SP3 one, I'd also had to install each Service Pack one at a time and reboot a lot more.
Cf. Ubuntu, where the installer downloads updates while you are installing (if you are connected) and even afterwards a single run of the update manager or a couple of apt-get invocations are all that's needed. At most a single reboot is required and only if there's a kernel update.
The encrypted home directory feature of Ubuntu is especially useful with laptops, where if it is lost one probably doesn't want others to have access to data. Unfortunately it messes up ssh access with public keys.
Key authentication
is a very useful feature of ssh that I use all the time. It lets me
avoid constantly typing in passwords and is more secure than password
authentication. It works by storing authorized public keys (by default)
in ~/.ssh/authorized_keys
which of course gets encrypted with the
rest. Therefore one can only log in using ssh if a local session already
exists and has mounted the encrypted directory.
The easiest way to avoid this is to set up ssh access as usual, with the keyfile inside the encrypted home, then copy the file over to the unencrypted directory. Thereafter ssh logins are possible with or without other open sessions. (Just remember to update both files if they need changes.)
To copy the file one needs to log out of any graphical sessions and have an open command line either though ssh or a local prompt (e.g. using Ctrl+Alt+F1). The keyfile can then be copied outside the home:
cp ~/.ssh/authorized_keys /tmp/
The encrypted home can be unmounted (but there should be no programs running that need it):
umount.ecryptfs_private && cd
The latter command moves to the mostly empty directory that holds the encrypted filesystem. The directory was write protected on my system, so writes need to be enabled next:
chmod +w ~
With that out of the way, the .ssh subdirectory can be created and the keyfile can be copied over:
mkdir .ssh
chmod 700 .ssh
mv /tmp/authorized_keys .ssh/
Now the encrypted filesystem can be remounted - though a log out + log in would also do the trick:
mount.ecryptfs_private && cd
I recently moved to Chromium - the open source version of Google's Chrome browser - after I grew tired with Firefox crashing and bloating my system.
Chrome defaults to searching with auto suggestions through the omnibar (location/search bar) using an unencrypted connection, but it is easy to use Google's encrypted search instead. This seems like a good idea with open WiFi connections being very common. Simply Manage search from Preferences and Add a search engine with these details:
The 'en' part of the URL can be changed to use another language. The keyword is very useful for non-default search engines to be able to search e.g. Wikipedia from the omnibar using 'wiki topic' and so on.
As a side effect search suggestions are no longer offered, which I consider a feature. They in effect send Google every character you write to the location bar. (The 'prediction service' option in Under the Hood preferences is related and should probably be disabled by anyone caring about privacy.)