Pentoo minimal version

[GoogleCodeExporter]

I just hate it when I can't use my own laptop during a pentest and have to use 
a crappy windows host instead.

We need a minimal pentoo with msf, nmap, burp and a few others in order to have 
a small footprint iso/vm to deploy quickly during pentests.

Here's an attempt of a minimal use flag for the pentoo meta-package.
E17 was chosen arbitrarily but we can switch to xfce.

We'll probably need to change a few things in pentoo-system too.

Also, we will have to remove grsec and do a 32bit kernel only due to probable 
hw limitation on random machines.

Original issue reported on code.google.com by grimm...@pentoo.ch on 5 Feb 2014 at 10:52

Attachments:

• pentoo-minimal.patch

[GoogleCodeExporter]

it might seem insane, but I was thinking we could use a minipentoo flag and 
still pull in all the meta ebuilds, but just pull in the most popular things 
from each.  This makes it easier to have a mini, normal, and bloated release.

I'm definitely interested in your tool list, but I want input from you and a 
few others. I'll poke my guys to update their list. 

Original comment by sidhayn on 5 Feb 2014 at 4:19

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

package list from thetribe:

support for:
all normal wifi radios
RTL-SDR
BladeRF
HackRF
ubertooth1

wireless
aircrack-ng (airodump, airdrop, aircrack)
kismet (with Wifi DBx support and the normal FULL build you use)
spectool
GPSD
HOSTAP
karma
MDK3
Rfkill
wifite
pyrit

SDR
gqrx
Dsd
multimon-ng
smartnet-scanner
Gnuradio
OsmoComSDR
demos tools ???

wired
skipfish
MSF
set
nmap
wireshark
GPG
arachni
TCPDump
smbclient

Original comment by sidhayn on 5 Feb 2014 at 6:06

• Added labels: Type-Enhancement
• Removed labels: Type-Defect

[GoogleCodeExporter]

pyrit is of the table as well as any cracking tools other than JTR and 
ophcrack. I use the later for extracting hashes (lazyness) so we might as well 
go with only the small tools needed for that.
Set is not needed as this is targeting internal pentest only! (vm use case)

As for the minimal flag in meta package, I fear it will become much harder to 
maintain.
It's easier to have the whole list of tools for minimal in only one place. Also 
why bother making a bloated version? there should only be minimal and normal :-)

Original comment by grimm...@pentoo.ch on 5 Feb 2014 at 8:06

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

more list from thetribe:

airgraph
gpsmon
ngircd
steghide
irssi

nmap
netcat
hping
all of the airo* tools for wireless
bind-tools

dig
wget
lynx
htdig
firefox + some local proxy tool for editing i/o
sqlmap
nikto
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

Original comment by sidhayn on 5 Feb 2014 at 9:15

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

Original comment by blshkv on 10 Feb 2014 at 10:11

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

I'm second for the minimal flag for each ebuild. Or, create pentoo-minimum meta 
ebuild and pull it instead.

The suggested patch is a hack. It will break the automated menu generation 
script for sure

Original comment by blshkv on 13 Feb 2014 at 6:38

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

Issue 248 has been merged into this issue.

Original comment by blshkv on 10 Apr 2014 at 1:09

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

feel free to comment:
https://code.google.com/p/pentoo/source/detail?r=5965

Original comment by blshkv on 11 Sep 2014 at 3:08

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

I think it would be very hard to maintain so I think the easiest way is to do a 
mpentoo ebuild that gets the minimum stuff needed all in one ebuild.
It shouldn't change much as minimal means no bloat aka limited package set.

I'm still waiting for Zero to make a minimal profile so I can hack around with 
the use flags ie remove nvidia, fglrx, etc.
I just saw that it was marked as a duplicate by blshkv:
https://code.google.com/p/pentoo/issues/detail?id=248&can=1&q=minimal

Original comment by grimm...@pentoo.ch on 17 Sep 2014 at 7:03

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

I actually disagree. Having an additional ebuild will be harder to maintain. We 
might even end up with some tools included into the minimal ebuild only.

For the profile, I guess it is a long term solution when we will have 
subprofiles available. As for now, it sounds a bit overkill. Just enable the 
"minipentoo" in the make.conf and you will get it.

At the end of the day, the list of tools is the most important. I've started to 
adjust pentoo* ebuilds, feel free to join, review and make suggestions

Original comment by blshkv on 18 Sep 2014 at 1:24

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

One way or the other, you need to make the binary drivers optional as well as 
the cuda and opencl flag. AFAIK it's not possible now as it's all enabled by 
the profile and I think Zero don't want to have custom USE flags inside the 
livecd stages.

I also think a good way to push forward the minimal version would be to define 
some ground rules on what packages can be in it and what can't.

Original comment by grimm...@pentoo.ch on 18 Sep 2014 at 8:33

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

cuda and opencl as well as the binary drivers are all set during the build 
process. I can easily detect that the user wants mpentoo and just disable all 
of that for a build run.

Original comment by sidhayn on 20 Sep 2014 at 5:13

• Added labels: ****
• Removed labels: ****