SELinux Plug Computer Gentoo Distribution
Contents |
SELinux-Enabled Plug Computer Gentoo Distribution (SGD): the base of raindrop
Raindrop is a methodology to setup SELinux contexts to isolate uploads of software to the Plug Computer. In order to test and development Raindrop, the Gentoo distribution focuses on SELinux and other core Linux and FreeBSD security features (e.g., Mandatory Access Controls) to find a suitable method for a distributed Application Store. Of course, by default, the Gentoo distribution for the Plug Computer is set to permissive mode.
Getting the SELinux Plug Computer Gentoo Distribution
The SELinux-enabled Linux kernel and JFFS2 file system image are provided below. Once you download them, please visit the page, Getting the Plug Computer Running with an Operating System, to understand how to flash the Plug Computer after bringing it up using TFTP and NFS, Setting up TFTP and NFS.
* uImage [1] * JFFS2 File system Image [2] * Tar, bzipped file system for NFS mounting as NFS root [3]
Please verify the MD5 checksum after downloading the files listed above with the checksum files on the website:
* MD5 uImage file [4] * MD5 JFFS2 File System file [5] * MD5 of Tar, bzipped File System file for NFS Mount [6]
Now, once we have these we recommend you follow the steps to first boot the Plug Computer using TFTP and NFS and then, you can flash the system using these attached tools for Gentoo (tar, bzipped) on ARM if you like.
Flashing the Plug Computer with the SGD
The Plug Computer can be flashed as discussed at Flashing an Operating System onto the Plug. However, if you downloaded the uImage.6plug and the associated JFFS2 image file from above, you can skip the section on making a JFFS2 file system image with mkfs.jffs2 from the mtd-utils package. Instead, just go the section where you use set the correct U-Boot parameters, use flash_eraseall, and then, cat and nandwrite for the kernel and JFFS2 image, respectively.
How to Use Gentoo on the Plug
Using Gentoo on the Plug Computer provides a suggested method for using the Plug's physical connections along with Gentoo's emerge capability to extend the Plug Computer.
Accessing the Plug Computer with Gentoo
On the network, if you are using a Windows Vista or W7 computer, you can use the network mapping tool with LLTD to see the Plug Computer, which starts the Linux-compatible, lld2d, LLTD daemon. Whether flashed or using TFTP and NFS first, the Plug Computer is accessible via serial cable or on the network with SSH using the following login information:
* user: root; with password: plugtop
Checking Permissions on the SGD after Flashing or NFS Boot
There are some permission related components that may need set after untaring the root file system on another system and then booting the Plug Computer from that NFS mount. Please make sure of the following settings to have the Gentoo features start as expected:
* For SSH, /etc/ssh/ssh_[d_,r_]host_key need set to 0600:
* chmod 0600 /mnt/flash/etc/ssh_*host_key
* For lighttpd, /var/log/lighttpd and /var/lib/lighttpd set to ownership uid and gid for lighttpd:
* chown -R lighttpd:lighttpd /var/log/lighttpd
* chown -R lighttpd:lighttpd /var/lib/lighttpd
The JFFS2 image should have all the correct UIDs and GIDs for the system to start as expected.
