ubuntu-phone team mailing list archive

[Chris Croome <chris@xxxxxxxxxxxxxxxxxxx>]

Hi

On Fri 17-Apr-2015 at 01:02:04PM +0100, Chris Croome wrote:
> 
> Kind of, but it would need some work before I could make it public

In the meantime here are some things you could add to your
http://www.unixarea.de/bq.txt file, but note I have a Nexus 4 running
devel and I haven't tried any of these things on a BQ E 4.5.

----

You can create a /home/phablet/.bash_aliases file with commands you need
to run after an upgrade:

  #!/bin/bash
  
  # Mount the root file system read-write
  alias mnt-root-rw='sudo mount -o rw,remount /'
  
  # Install some extra packages and set vim as the 
  # default editor (edit this list as you wish)
  alias apt-install-essential='sudo apt-get update ; sudo apt-get install apt-utils aptitude cryptsetup git vim lynx screen subversion mutt procmail pwgen gnupg-curl aspell aspell-en iptables-persistent whois ncurses-term nmap arp-scan mosh fetchmail maildrop rdate dnsutils wget; sudo update-alternatives --config editor'

The after upgrading the phone run:

  mnt-root-rw
  apt-install-essential

You will probably need to reboot the phone after that to set the
filesystem back to read-only.

----

If you want to ssh into your phone and you don't know it's IP address
you can use this script to find it (not you need to set a couple of env
vars first and also you need to supply the subnet (I haven't got around
to automating that):

  #!/bin/bash
  
  # This is a script to find a device on a LAN by it's Mac address
  
  if [[ $1 ]]; then
    SUBNET=$1
  else
    /sbin/ifconfig
    echo "Please supply the subnet, eg: $0 192.168.0.0/24"
    exit
  fi
  
  if [[ $PHONE_MAC ]]; then
    echo Mac:   $PHONE_MAC 
  else
    echo You need to set the PHONE_MAC environmental variable to 
    echo the Mac address of your phone, eg add the following to 
    echo your ~/bashrc:
    echo
    echo export PHONE_MAC="10:10:10:10:10:10"
    exit
  fi
  
  if [[ $PHONE_IFACE ]]; then
    echo Iface: $PHONE_IFACE 
  else
    echo You need to set the PHONE_IFACE environmental variable to 
    echo the network interface the phone can be reached on, eg add 
    echo the following to your ~/bashrc:
    echo
    echo export PHONE_IFACE="wlan0"
    exit
  fi
  
  # Nmap and arp scan the network
  sudo nmap -sP $SUBNET > /dev/null
  PHONE_IP=$(sudo arp-scan -I $PHONE_IFACE $SUBNET | grep $PHONE_MAC | awk '{print $1}')
  
  if [[ $PHONE_IP ]]; then
    echo IP:    $PHONE_IP 
  else
    echo "Sorry the phone couldn't be found"
  fi
  
  exit

----

Create an encrypted /home/user/ directory, this needs some additional
packages to be installed, see above, set the wanted username as an
env var first:

  sudo -i
  export NEWUSER="username"

Create a file to use as a disk (set the size as required) and encrypt
and format it:

  fallocate -l 1G /home/$NEWUSER.img
  cryptsetup luksFormat /home/$NEWUSER.img
  cryptsetup luksOpen /home/$NEWUSER.img $NEWUSER
  mkfs.ext4 /dev/mapper/$NEWUSER
  mkdir /home/$NEWUSER
  mount /dev/mapper/$NEWUSER /home/$NEWUSER

Add the new user and add them to the sudo group:

  adduser --disabled-password $NEWUSER
  addgroup $NEWUSER
  adduser $NEWUSER $NEWUSER
  usermod -a -G sudo $NEWUSER

After doing the above you can su to the new user:

  su - $NEWUSER

And you now have a user account with an encrypted filesystem.

You can add the following to /home/phablet/.bash_aliases for mounting
the disk in future (change $NEWUSER to your username first!):

  alias mnt-$NEWUSER='sudo cryptsetup luksOpen /home/$NEWUSER.img $NEWUSER; sudo e2fsck /dev/mapper/$NEWUSER ; sudo mount /dev/mapper/$NEWUSER /home/$NEWUSER'
  
----

Hope the above is of use to someone!

All the best

Chris

-- 
Webarchitects Co-operative
http://webarchitects.coop/
+44 114 276 9709
@webarchcoop