Building custom LiveUSB distributions
The Liberté build process is distribution-neutral, and is fully automated.
- You do not need to be a Gentoo user — any modern x86 or x86-64 Linux distribution should suffice
- A full build takes ~8.5 hours on dual-core 2.66 GHz Intel E8200
- An incremental build with no package upgrades takes ~25 minutes
- About 8 GiB of disk space is required
- Filesystem must support
- Outbound HTTP(S) connections must be allowed (the
*_proxyenvironment variables are honored when set)
Let's assume that the Liberté package is in
./liberte, and the build root is
/tmp/livecd. Clone the git tree:
git clone https://github.com/mkdesu/liberte.git
You might want to adjust
liberte/conf/version (don't use spaces).
The following command builds the image (execute as
Read the (straightforward)
build script to see how to customize the result by manually performing the individual steps. Subsequent invocations of
build will perform an incremental build, unless the
fresh parameter is supplied. After a successful build, follow the installation instructions.
In order to ensure that your custom build has kept the anonymity features intact, it is necessary to perform some manual testing, which is most easily done by running Liberté in a virtual machine. This easily allows for, e.g., network packets analysis by connecting Wireshark to the VM's network interface — an alternative to adding Wireshark to the build. Events log is available in
- Network traffic
- DHCP hostname not being sent (check all fields), absence of non-DHCP/Tor traffic (Tor uses
httpports), contrast with the Unsafe Browser traffic.
- X server screen locking
- Zap (
Ctrl-Alt-Bksp) and VT Switch (
Ctrl-Alt-F*) key sequences are disabled, closing the laptop lid launches screen lock (and disables SysRq (
SysRq-*) and PowerOff buttons for its duration), booting with closed lid launches screen lock on X startup.
- Reboot and shutdown
- Memory is wiped before reboot / shutdown (best seen with a memory dump in VM after creating a large file in Unionfs), memory is wiped on boot media extraction,
qemulate.shscript works as intended.
- Web browsing and chat
- Browsing privacy (Torification, UTC timezone), XChat privacy (using SSL connections for desired networks), Pidgin privacy (OTR plugin), Unsafe Browser partial privacy (no Torification, UTC timezone) and distinctive look-and-feel.
- Cables communication
- Identity is kept between reboots, sending to self, sending to another node (
Bcc:, refusal to send if an address is incorrect), sending to/from Tor and I2P-based addresses, sending to node which is temporarily offline, reliability (boot media removal while nodes communicate, temporal substitution of wrong certificates for sender and recipient, etc.), timing out of unsent messages.
- Other communication tasks
- GnuPG keys search and retrieval, SSH connections (omitting username initially substitutes
- Time synchronization
- HTP synchronizes time and catches up with network interface changes, same for NTP (if enabled), Tor starts up when the clock is wrong (more than 1.5h into past / future).
- System security
- User sees only own processes, kernel log (
dmesg) and loaded modules list are not available,
rootpassword is disabled,
paxtestproduces correct output, hard drives are spun down after boot.
- Media automounting
- Mountpoints are automatically added and removed under
/mediafor USB/SD(HC)/CD/DVD media, all supported filesystems are recognized, hibernated NTFS partitions are available in read-only mode.
- Automatic tests
- All automatic tests (
Live media framework
You can use Liberté's build framework to master your own Gentoo-based LiveUSBs/CDs. For a non-anonimity oriented distribution, you will most likely want to at least turn off the firewall (grep for
src/root/setup), disable forwarding of all HTTP requests to Tor (see
src/etc/privoxy/config), and customize the packages list in
src/var/lib/portage/world. Note that
src/root/setup-copy explicitly checks that Perl and Python have been uninstalled — disable these checks if necessary. Use
enter script with the single directory argument to work with the non-pruned distribution tree.
Since I don't want to write extensive documentation for the build system, below is a brief comparison with larch v8, a live CD/DVD/USB-stick construction kit for Arch Linux, which does have such a documentation.
|Feature||Liberté build framework||larch|
|Build requirements||any Linux, POSIX shell||any Linux, Python|
|Build customization||monolithic||profile-based, multilayer|
|Initramfs scripts||custom, very fast and robust (no genkernel)||Arch's mkinitcpio|
|Unification file system||overlayfs||aufs|
|Persistence||encrypted, archived changes upon shutdown, user configuration only||no encryption, write-through to live media layer, entire file system|
|Target platforms||i686 (x86_64 build host is fine)||i686 or x86_64|
|Installation from live media||not supported (live deployment only)||supported (e.g., install Arch on hard disk)|
|Auto-configuration||extensive support||regular Arch|