# Filename:
#   fedora-live-gnome-security.ks
# Description:
#   A live OS based on Fedora for use in security auditing, forensics research, and penetration testing.
#   Stripped down version of the Fedora Security spin with the GNOME environment.
# Maintainers:
#  Matthew Sullivan <sullivan.matt (the 'at' symbol) gmail (dot) com>
# Acknowledgements:
#   This project is based on the Fedora Security spin, maintained by:
#   Hiemanshu Sharma <hiemanshu [AT] fedoraproject <dot> org>
#   Christoph Wickert <cwickert [AT] fedoraproject <dot> org>
#   Joerg Simon  <jsimon [AT] fedoraproject <dot> org>


%include fedora-live-gnome-security-base.ks
%include fedora-live-gnome-security-minimization.ks

%packages

# internet
firefox

# Command line
cnetworkmanager
irssi
mutt
ntfs-3g
wget
lynx
yum-utils
yum-presto

# dictionaries are big
#-aspell-*
#-hunspell-*
#-man-pages-*
#-words

# more fun with space saving
-*gimp*

#GUI Stuff
@gnome-desktop
xarchiver
gnome-bluetooth
pavucontrol
rdesktop

# save some space
-autofs
-nss_db
-sendmail
-acpid

# save even more space, experimental... don't really know what I'm doing here :-/
-*games*
-cheese
-*printer*
-system-config-firewall
-setroubleshoot
-bind*
-evolution-data-server
-festival*
-gnome-applets
-gnome-pilot
-httpd
-httpd-tools
-*help*

###################### Security Stuffs ############################
security-menus

# Reconnaissance
dsniff
hping3
nc6
nc
ncrack
nessus-client
nessus-gui
nessus-server
ngrep
nmap
nmap-frontend
p0f
sing
scanssh
scapy
socat
tcpdump
wireshark-gnome
xprobe2
nbtscan
tcpxtract
firewalk
hunt

ettercap
ettercap-gtk
iptraf
picviz
etherape
lynis

# Forensics
dd_rescue
gparted
testdisk
foremost
sleuthkit
examiner

# Wireless
aircrack-ng
airsnort
kismet

# Password cracking
john
ophcrack

# Useful tools
lsof
ntop
scrot
mc
epdfview

# Other necessary components
screen
vim-enhanced
gnome-menus
gnome-terminal

# make sure debuginfo doesn't end up on the live image
-\*debug
%end

%post
cat >> /etc/rc.d/init.d/livesys << EOF
# disable screensaver locking
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-screensaver/lock_enabled false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /desktop/gnome/lockdown/disable_lock_screen true >/dev/null

# set up timed auto-login for after 5 seconds
cat >> /etc/gdm/custom.conf << FOE
[daemon]
TimedLoginEnable=true
TimedLogin=liveuser
TimedLoginDelay=5
FOE

# LXDE and LXDM configuration
# create /etc/sysconfig/desktop (needed for installation)
#cat > /etc/sysconfig/desktop <<EOF
#PREFERRED=/usr/bin/startlxde
#DISPLAYMANAGER=/usr/sbin/lxdm
#EOF

#cat >> /etc/rc.d/init.d/livesys << EOF
# disable screensaver locking and make sure gamin gets started
#cat > /etc/xdg/lxsession/LXDE/autostart << FOE
#/usr/libexec/gam_server
#@lxpanel --profile LXDE
#@pcmanfm2 --desktop --profile lxde
#@pulseaudio -D
#FOE

# set up preferred apps 
cat > /etc/xdg/libfm/pref-apps.conf << FOE 
[Preferred Applications]
WebBrowser=mozilla-firefox.desktop
#MailClient=fedora-claws-mail.desktop
FOE

# set up auto-login for liveuser
#sed -i 's|# autologin=dgod|autologin=liveuser|g' /etc/lxdm/lxdm.conf

# Show harddisk install on the desktop
#sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop

# Create Desktop folder
mkdir /home/liveuser/Desktop
#cp /usr/share/applications/liveinst.desktop /home/liveuser/Desktop

# Add autostart for parcellite
#cp /usr/share/applications/fedora-parcellite.desktop /etc/xdg/autostart

# Turn off PackageKit-command-not-found while uninstalled
sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf

# this goes at the end after all other changes.
chown -R liveuser:liveuser /home/liveuser
restorecon -R /home/liveuser

EOF

%end