The officially official Devuan Forum!

You are not logged in.

#1 2017-10-06 18:56:21

macondo
Member
Registered: 2017-06-11
Posts: 17

HOWTO: Post-Installation Configurations

After installing Devuan, the first thing I configure is sudo.

# visudo

Put this line at the bottom of the file:

<your_user_name>  ALL=NOPASSWD:ALL

save/exit/reboot

If you use nano,

# nano /etc/sudoers

ditto as above.

Next, aliases make my life easier,

$ nano .bash_aliases

Paste this:

alias adu="sudo apt-get update && sudo apt-get dist-upgrade"
alias agi="sudo apt-get install"
alias as="apt-cache search"
alias ash="apt-cache show"

logout/login and test it as USER:

$ adu  

Go to .nanorc and type this:

set const
set smooth
set mouse

UFW (Uncomplicated Firewall)

# apt-get install ufw
# ufw enable
# ufw status
# reboot

After coming back do another 'ufw status' to find out if the firewall
is working.

To avoid pinging: go to:

# nano  /etc/ufw/before.rules

And leave this section looking like this:

# ok icmp codes
-A ufw-before-input -p icmp --icmp-type destination-unreachable -j DROP
-A ufw-before-input -p icmp --icmp-type source-quench -j DROP
-A ufw-before-input -p icmp --icmp-type time-exceeded -j DROP
-A ufw-before-input -p icmp --icmp-type parameter-problem -j DROP
-A ufw-before-input -p icmp --icmp-type echo-request -j DROP

Next, go to www.grc.com and click on ShieldsUp, next screen scroll down to Hot
Spots, and click on ShieldsUp again, next screen click on Proceed, next screen
click on All Service Ports and let it check the ports, gives an ok result, the
ports are neon green, and gives you this veredict:

"Your system has achieved a perfect "TruStealth" rating. Not a single packet —
solicited or otherwise — was received from your system as a result of our
security probing tests. Your system ignored and refused to reply to repeated
Pings (ICMP Echo Requests). From the standpoint of the passing probes of any
hacker, this machine does not exist on the Internet. Some questionable personal
security systems expose their users by attempting to "counter-probe the prober",
thus revealing themselves. But your system wisely remained silent in every way.
Very nice."

Startup
To start your apps and window manager: go to .xinitrc as USER,

$ nano .xinitrc

Put this:

#!/bin/sh

setxkbmap -option terminate:ctrl_alt_bksp
xsetroot -solid black
unclutter -idle 2 &
numlockx &

exec <window manager>

I think this is about it, thanks for your patience.

Happy trails,
macondo

Reference: https://help.ubuntu.com/community/UFW


28c15c619859053.jpg
e47bff621643413.jpg

# updatedb

So later I can use 'locate'

Last edited by macondo (2017-10-08 15:11:11)


Desktop Celeron 4 GB RAM Ratpoison
"Sometimes, a man finds his destiny on the road he took to avoid it"

Offline

#2 2017-10-06 19:43:46

golinux
Administrator
Registered: 2016-11-25
Posts: 688

Re: HOWTO: Post-Installation Configurations

Sudo? Really?  Ah now maybe I understand.  Perhaps you're used to Ubuntu's bad habits . . .

Online

#3 2017-10-06 20:32:53

macondo
Member
Registered: 2017-06-11
Posts: 17

Re: HOWTO: Post-Installation Configurations

Really. Perhaps you don't know me, I have never used Ubuntu.


Desktop Celeron 4 GB RAM Ratpoison
"Sometimes, a man finds his destiny on the road he took to avoid it"

Offline

#4 2017-10-06 20:46:01

golinux
Administrator
Registered: 2016-11-25
Posts: 688

Re: HOWTO: Post-Installation Configurations

Fair 'nuf.  A short stint with Ubuntu years ago cured me of the sudo disease.  But let's not sidetrack your howto with THAT discussion.

Online

#5 2017-10-06 20:57:33

greenjeans
Member
Registered: 2017-04-07
Posts: 377
Website

Re: HOWTO: Post-Installation Configurations

golinux wrote:

A short stint with Ubuntu years ago cured me of the sudo disease.

You and me both.

Never understood the use of sudo, on a list of "worst ideas ever for linux" it ranks right up there with dconf and systemd IMO.


https://sourceforge.net/projects/vuu-do/
Vuu-do GNU/Linux, minimal 64 and 32 bit Devuan-based openbox and mate systems to build on, maximal versions if you prefer your linux fully-loaded.

Please donate to support Devuan and init freedom! https://devuan.org/os/donate

Offline

#6 2017-10-06 21:23:24

MiyoLinux
Member
Registered: 2016-12-05
Posts: 311

Re: HOWTO: Post-Installation Configurations

I don't know what I did here, but after clicking on the picture, I was taken to a "Roblox" site at some point. I'm not sure how it happened though.


I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.

Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned. wink

Offline

#7 2017-10-07 09:52:06

boycottsystemd
Member
Registered: 2017-09-25
Posts: 20

Re: HOWTO: Post-Installation Configurations

UFW (Uncomplicated Firewall)

Does Devuan Jessie have any default firewall ? I did not install any and I got this result in test:

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet.

Offline

#8 2017-10-07 19:04:36

fsmithred
Administrator
Registered: 2016-11-25
Posts: 471

Re: HOWTO: Post-Installation Configurations

There is no default firewall front-end installed in debian or devuan. There is iptables, but no rules are in place.  If you install some services that listen for connections, then you will have open ports. (examples: openssh-server, mysql-server, apache2, samba)

If you're behind a router, the router is being scanned, and unless you set up port-forwarding in the router, the outside world can't see the open ports on your computer.

Offline

#9 2017-10-07 23:43:14

garyz.dev1
Member
Registered: 2017-06-15
Posts: 79

Re: HOWTO: Post-Installation Configurations

sudo   - so what do you use for root priviledges??
(I used sudo before I used ubuntu)
I'm in the sudoers file but still have to do the password from time to time
[with the ALL settings in sudoers!}

Offline

#10 2017-10-07 23:49:09

macondo
Member
Registered: 2017-06-11
Posts: 17

Re: HOWTO: Post-Installation Configurations

With this:
<your_user_name>  ALL=NOPASSWD:ALL

you need NO passwd...


Desktop Celeron 4 GB RAM Ratpoison
"Sometimes, a man finds his destiny on the road he took to avoid it"

Offline

#11 2017-10-07 23:54:21

garyz.dev1
Member
Registered: 2017-06-15
Posts: 79

Re: HOWTO: Post-Installation Configurations

thanks @macondo
I didn't have the NOPASSWD in the sudoers file,
(fwiw - I had to 'sudo visude' to modify the file !)

Offline

#12 2017-10-07 23:58:13

macondo
Member
Registered: 2017-06-11
Posts: 17

Re: HOWTO: Post-Installation Configurations

np


Desktop Celeron 4 GB RAM Ratpoison
"Sometimes, a man finds his destiny on the road he took to avoid it"

Offline

#13 2017-10-08 00:00:04

garyz.dev1
Member
Registered: 2017-06-15
Posts: 79

Re: HOWTO: Post-Installation Configurations

@greenjeans wrote:

Never understood the use of sudo, on a list of "worst ideas ever for linux" it ranks right up there with dconf and systemd IMO.

'
well - as I understand it - Linux is a multi-user system - so someone has to be the boss/admin
Now it is true that most linux downloads are most likely for single user/desktops - so root/sudo becomes a grey area.: IMO
Not sure what the answer is - there is a lot of debate about it
'
I am not taking a stand on it

garyz

Offline

#14 2017-10-08 16:14:38

boycottsystemd
Member
Registered: 2017-09-25
Posts: 20

Re: HOWTO: Post-Installation Configurations

thanks @fsmithred

Offline

#15 2017-10-10 18:50:12

fog
Member
Registered: 2017-10-09
Posts: 28

Re: HOWTO: Post-Installation Configurations

sudo history is a bit older than linux not to mention ubuntu. sudo development is/was maintained by OBSD (although OBSD uses mainly doas rather than sudo nowdays) however system is as secure as one make it.

Offline

Board footer