Skip to the content of the web site.

Linux | ConfigurationsAndModifications

System Configurations

/etc/

inittab

/etc/rc.d/

This directory contains the startup scripts. These scripts are called by init, which is in turn called by the kernel once it finished loading. A few modifications had to be made to this folder in order to:

rc.S

rc.0

rc.R and rc.R.conf

The script /etc/rc.d/rc.R and its configuration file /etc/rc.d/rc.R.conf are responsible for extracting the contents of the tar bz archives stored in /packed/ into the proper ram disk (actually, ramfs, which allows for dynamic growth) mount points during boot. The rc.R script reads rc.R.conf line by line( ignoring lines starting with #), where each line must take the following format (replacing [.*] with actual information):

[absolute path to mount point, no trailing slash]:[absolute path to archive]:[mount options, see man mount]

For example, if "=/var:/packed/var.tbz:-rw=" was to be placed in /etc/rc.d/rc.R.conf, during boot, rc.R would create the directory /var (if it did not exist), create a ramfs and mount it at /var. After this, rc.R would unpack /packed/var.tbz to /var. The attached file, rc.R.conf, is the actual rc.R configuration used by the display system's OS. If the [absolute path to archive] (parameter 2) is /dev/null, nothing will be extracted to the mount point, leaving the associated ramfs empty. By the way, this is how /tmp is initialized by the display system.

There are 3 advantages of running (part) the OS from RAM. Perhaps the most obvious one is the dramatic decrease in load times. With much of the filesystem residing in RAM, the time to load even the largest software package only takes miliseconds instead of seconds. Once rc.R finishes loading the archives, it only takes about a second in total for X11 to load, and FireFox? to start processing the display pages. Secondly, if modifications are made to the running system (by an attacker or faulty code, for example), restoring the system to its previous state only takes a reboot. Last, but not least, running the OS from RAM minimizes the number of writes to the memory stick. This is important because flash memory starts breaking after about 1 million writes, which is, under heavy filesystem loads, not unheard of.

-- JanosMartonosi - 25 Jan 2006

rc.kiosk

This script calls 915resolution to enable a "mode" to support 1280x768 resolution. If this went successfully, the script makes a call to xinit as the user kiosk to run firefox. This script is intended to replace rc.4, and such, when the system goes to runlevel 4, this script is ran by init. As mentioned earlier, /etc/inittab calls rc.kios in "respawn" mode, that is, if FireFox happens to stop for any reason (due to a crash or close down), it will restart automatically.

rc.iptables

The specifications call for enhanced security, thus the kernel was configured with iptables (firewall) support. But before iptables can be activated, the firewall rules must first be specified. This script achieves just this. The firewall rules themselves prevent any incomming connection attempts from reaching the system and limit outgoing connections to a trusted few. The FirewallScript has been based on David Collie's work. It has been modified to allow outgoing NTP packets as well.

/etc/X11/

!FireFox

-- JanosMartonosi - 23 Nov 2006