Friday, 10 September 2010

Building a Custom LiveCD for Ubuntu

There are many and varied reasons for running a LiveCD based operating system. In no particular order, you can use it on a PC without a hard disk, or more commonly with a malfunctioning hard disk. You can use it on a friends PC, taking all your applications with you. You can use it to do your online banking in a safe environment. You can use it to ... well you get the picture.

So how do you actually go about customising one? And why would you? Well the nice people at Canonical get to decide which of the MANY Ubuntu packages get to live on the LiveCD that you have downloaded. What if they exclude stuff that you want - support for video playback for instance, or the tools for compiling software from source? Of course, the easy option is to just boot the Ubuntu LiveCD and get networking up and running and off you go - you can download whatever other software you want. The trouble is that when you download software it gets stored in RAM which means a) you need to download it again next time which is a pain especially if you do not have internet available, and b) it uses up space in RAM.

So when you get to know what kind of packages you use on a LiveCD on a regular basis, it might just be a good idea to build them into a customised LiveCD. How hard can it be. Hmmm. Quite hard, but not skull crackingly awful. You can build one on either a windows or linux (ubuntu) desktop machine. Building one from Ubuntu itself, is easy to get into - from windows is going to take a bit more time. It is worth going over the windows steps though, because the LiveCD user may just want to have Ubuntu Live rather than installed.

So, for windows you will need XP, Vista or 7, about 10Gb of free disk space, an internet connection, and this software:

VMWare Player This is virtualisation software. It allows you to run virtual machines on Windows. This version is freeware, it only allows you to run machines that someone else has designed.
VMX Builder This is freeware software which lets you design virtual machines to use in VMWare Player without having to pay for VMWare Server.
Unetbootin This software lets you install a LiveCD image to a USB Key.
Ubuntu LiveCD image We are going to use this to both install onto the Virtual Machine AND as the base for the customized CD.

So, use the VMX Builder to setup a machine. Give it a decent amount of RAM, say half of what you have available, a 10Gb harddisk file (make it the expandable kind) access to 2 of your cores if you have a multi core system AND access to your network. Bridging is fine. Also, make sure that you let it access your USB Devices as that is how we are going to get data into and out of the virtual machine. Lastly, tell it to use the CD Image that you downloaded as its CD Drive.

Before you start, get a FAT32 formatted USB Key and stick a copy of the CD Image on it. Then boot your virtual PC and install Ubuntu from the LiveCD. Reboot, and get the VMWare Player to mount the USB Key. You should now be able to proceed with the following instructions.

Native Ubuntu users should start from this point. You don't have to faff around with virtual machines, the one you have should be perfectly fine for this task. So lets get started.

First of all we are going to need some extra packages for our running system to manipulate the CD image. To install these, run this command from a terminal window.

sudo aptitude install squashfs-tools genisoimage

The CD image contains one large archive file which stores all of the disk environment for the LiveCD. The squashfs-tools handles this archive. Basically, we unpack everything, add our extra packages, and then repack everything. The genisoimage [gen]erates the final [iso] [image] which we put onto the USB Key in due course.

Now, make a working directory in [~] home, and copy the image file into it:

mkdir ~/live
cp /media/[whatever]/ubuntu-10.04-desktop-i386.iso ~/live
cd ~/live

The [whatever] will differ depending on exactly where your system mounts the USB Key you just plugged in. Next we are going to actually mount the CD image so we can use it as if we had burned it to a CD and inserted it. We need to create the mount point first of all:

mkdir mnt
sudo mount -o loop ubuntu-10.04-desktop-i386.iso mnt

The loop [o]ption allows us to mount the image file as a folder.

Now we need to copy all of the files off the mounted image APART from the large squashed file. Again we want a separate folder to store these files:

mkdir extract-cd
rsync --exclude=/casper/filesystem.squashfs -a mnt/ extract-cd

Next we need to extract the big archive file:

sudo unsquashfs mnt/casper/filesystem.squashfs

It uncompresses to a folder name we want to change by the typical linux method of [m]o[v]ing it.

sudo mv squashfs-root edit

We are going to be chrooting into the filesystem we just unpacked, and we want to use some of the files on our existing machine to point the way to the internet, and to give us access to our current hardware:

sudo cp /etc/resolv.conf edit/etc/
sudo cp /etc/hosts edit/etc/
sudo mount --bind /dev/ edit/dev

Now we chroot in and mount some virtual filesystems:

sudo chroot edit
mount -t proc none /proc
mount -t sysfs none /sys
mount -t devpts none /dev/pts

We also need to set some system variables and create a symbolic link for some reason or another.

export HOME=/root
export LC_ALL=C
dbus-uuidgen > /var/lib/dbus/machine-id
dpkg-divert --local --rename --add /sbin/initctl
ln -s /bin/true /sbin/initctl

I think the dbus command generates a code for this specific machine that some installation stuff may need. No idea what the [initctl] stuff is all about.
Excellent. We are now at the point where we can start to install stuff. First of all, and this was fucking frustrating trying to work this out, we need to enable the universe and multiverse repositories if we want to install packages from them. We need to do this in command line:

sudo nano /etc/apt/sources.list

This next command adds an external repository to the list of places we can download stuff from. It's a biggie but it basically is just a series of commands that run in sequence.

sudo wget`lsb_release -cs`.list --output-document=/etc/apt/sources.list.d/medibuntu.list; sudo apt-get -q update; sudo apt-get --yes -q --allow-unauthenticated install medibuntu-keyring; sudo apt-get -q update

Before installing stuff, it might be a good idea to clean out some stuff we are not going to use. First of all have a look at all the installed packages in order of size:

dpkg-query -W --showformat='${Installed-Size} ${Package}\n' | sort -nr | less

The first on the list looks like a massive package, but what you have to understand is that this is showing you the UNCOMPRESSED sizes. Yeah, thanks for that. If you check on for the ubuntu-docs information, you find it is only taking up a few hundred Kb when squashed.
So what can you remove? Evolution is a prime candidate. Not much use on a LiveCD. You will be using webmail from a LiveCD.

dpkg-query -W --showformat='${Installed-Size} ${Package}\n' | sort -nr | grep evolution

This will show you all packages which have evolution in the title. It should look like this:

58440 evolution-common
8468 evolution-data-server-common
7020 evolution
3584 evolution-exchange
1404 evolution-data-server
1120 evolution-webcal
616 evolution-plugins
320 evolution-couchdb
136 evolution-indicator

You can remove all, apart from evolution-data-server-common which is needed by other applications, by running this command:

apt-get remove --purge evolution-common evolution evolution-exchange evolution-data-server evolution-webcal evolution-plugins evolution-couchdb evolution-indicator

I cannot be bothered with HP printer drivers, so:

apt-get remove --purge hplip-data

The language packs also take up a lot of space, and I do not need anything but English. Find these by running:

dpkg-query -W --showformat='${Installed-Size} ${Package}\n' | sort -nr | grep language-

and then remove the ones we do not want:

apt-get remove --purge language-pack-gnome-fr-base language-pack-gnome-es-base language-pack-gnome-pt-base language-pack-gnome-de-base language-pack-pt-base language-pack-es-base language-pack-fr-base language-pack-de-base language-pack-gnome-bn-base language-pack-bn-base

There are other language packs, but they are to small to worry about clearing up unless you are intent on getting this image as small as possible. The final obvious low hanging fruit are foreign font sets. Do a search for [t]rue[t]ype[f]ont packages:

dpkg-query -W --showformat='${Installed-Size} ${Package}\n' | sort -nr | grep ttf

12584 ttf-unfonts-core - Korean
6200 ttf-takao-pgothic - Japanese
5456 ttf-thai-tlwg - Thai
5184 ttf-wqy-microhei - Don't know for sure, better keep
4204 ttf-freefont - Latin, keep
2632 ttf-indic-fonts-core - Indian
2564 ttf-dejavu-core - Latin, keep
1724 ttf-liberation - Latin, keep
1708 ttf-opensymbol - Symbols, needed for OpenOffice, keep
592 ttf-khmeros-core Cambodian
216 ttf-punjabi-fonts - Punjabi
144 ttf-lao - Lao, where ever Lao is
116 ttf-kacst-one - Arabic

apt-get remove --purge ttf-unfonts-core ttf-takao-pgothic ttf-thai-tlwg ttf-wqy-microhei ttf-indic-fonts-core ttf-khmeros-core ttf-punjabi-fonts ttf-lao ttf-kacst-one

I may be tempted to remove the cups printing system, but the response to:

apt-get remove --purge cups


The following packages will be REMOVED:
  bluez-cups* cups* cups-driver-gutenprint* foo2zjs* foomatic-db* foomatic-db-engine* ghostscript-cups* openprinting-ppds* pxljr* splix* ubuntu-desktop*
0 upgraded, 0 newly installed, 11 to remove and 253 not upgraded.
After this operation, 41.5MB disk space will be freed.

I do not particularly want to mess with the ubuntu-desktop meta file. This makes sure that your LiveCD has all the basic Ubuntu Desktop files installed. Still, 41.5MB is 41.5MB. I will leave this one for future experiment.

I am also going to remove rhythmbox, because it does take up a lot of space, and like evolution it is really the type of application you need to set up on an installed machine rather than running from a LiveCD.

apt-get remove --purge rhythmbox

Even after all of those deletions, once I recompressed the image I found I had saved a paltry 90Mb or so. Ho hum. Once you have carried out all the removals, a good strategy is to upgrade all your remaining packages to the latest versions. You do NOT want to upgrade the Kernel or Grub because that causes bad things to happen and will stop the Live USB stick booting. So, create the following files to 'pin' those packages to their current versions:

sudo cat > hold_back_kernel << "EOF"
Package: linux-generic linux-headers-generic linux-image-generic linux-restricted-modules-generic
Pin: version
Pin-Priority: 1001
sudo mv hold_back_kernel /etc/apt/preferences.d/
sudo cat > hold_back_grub << "EOF"
Package: grub-common
Pin: version 1.98-1ubuntu5
Pin-Priority: 1001
sudo mv hold_back_grub /etc/apt/preferences.d/
sudo apt-get update

You can check that the version numbers are correct (they should be for the Live CD you have downloaded) and check the system knows about the new rules by running these commands:

sudo apt-cache policy
dpkg -l linux-generic
dpkg -l grub-common

The last few lines of all of that should look like this (you can see the version numbers match up):

Pinned packages:
     linux-headers-generic ->
     linux-image-generic ->
     grub-common -> 1.98-1ubuntu5
     linux-generic ->
ubuntu@ubuntu:~$ dpkg -l linux-generic
| Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                                   Version                                Description
ii  linux-generic                                           Complete Generic Linux kernel
ubuntu@ubuntu:~$ dpkg -l grub-common
| Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                                   Version                                Description
ii  grub-common                            1.98-1ubuntu5                          GRand Unified Bootloader, version 2 (common files)

You should now be able to run the upgrade excluding those troublesome packages.

sudo apt-get upgrade

We can now run a massive install command to add the extra packages that we want.

sudo apt-get install \
build-essential linux-headers-generic libgtk2.0-dev patch bison texinfo \
ubuntu-desktop \
adblock-plus flashplugin-installer openjdk-6-jre icedtea6-plugin \
\ myspell-en-gb \
ttf-mscorefonts-installer \
smplayer vlc avidemux audacity pitivi \
totem totem-plugins-extra gstreamer0.10-pitfdll gstreamer0.10-ffmpeg gstreamer0.10-plugins-bad gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-ugly gstreamer0.10-plugins-ugly-multiverse \
non-free-codecs libavcodec-unstripped-52 libdvdcss2 libdvdread4 libdvdnav4 \
lame mjpegtools twolame mpeg2dec liba52-0.7.4-dev ffmpeg ffmpeg2theora w32codecs \
keepassx \
xchm comix ghostscript ghostscript-x gqview \
wine \
transmission \
f-spot dcraw gimp gimp-data-extras gimp-help-en \
celestia celestia-common celestia-common-nonfree stellarium googleearth googleearth-data \
subversion yasm \
autoconf libtool zlib1g-dev libbz2-dev intltool libglib2.0-dev \
libdbus-glib-1-dev libgtk2.0-dev libgudev-1.0-dev \
libwebkit-dev libnotify-dev libgstreamer0.10-dev \
libgstreamer-plugins-base0.10-dev \

I also want a couple of bits of software which are not available in the repositories. The first is Handbrake which is used to auto convert between video formats, and then Truecrypt which is a handy encryption system.

The lump of packages near the end of the long list above (subversion to libgstreamer) contains the dependencies for Handbrake. Handbrake itself is installed using the svn system:

cd /tmp
svn checkout svn:// hb-trunk
cd hb-trunk
./configure --launch
cd build
make install

Truecrypt is a pain in the arse since they want you to accept their stupid licence instead of just releasing under the GPL.

cd /tmp
tar -xzvf truecrypt-7.0-linux-x86.tar.gz

Extract the package file - it automatically stores it in /tmp. We need to extract it to /, and it auto installs to the correct folders. So:

cd /
tar -xzvf /tmp/truecrypt_7.0_i386.tar.gz

And that is that for Truecrypt.

If you were stupid enough to upgrade the kernel package, it is extremely likely that doing a upgrade of all the packages will change the kernel version. To ensure that the new kernel is actually used, you need to go into the ...
...folder and copy the latest versions of the vmlinuz compressed kernel and the initrd.img files to the ...
...folder. You then need to delete the existing initrd.lz file, and rename the initrd.img file you just copied over to replace it. Do the same with the vmlinuz files. This has NEVER worked for me so I do not upgrade the kernel package.

If you want the clock in the LiveCD machine to show the proper time, take a moment and set your time zone and keyboard for UK use:

sudo setxkbmap gb
sudo cp -v --remove-destination /usr/share/zoneinfo/Europe/London /etc/localtime

We now need to clean up some user account stuff incase any of the installed packages made changes:

awk -F: '$3 > 999' /etc/passwd
usermod -u 500 $hit #where hit is any user ID greater than 999

Right, and we are good to do a general clean up:

aptitude clean
rm -rf /tmp/* ~/.bash_history
rm /etc/resolv.conf
rm /var/lib/dbus/machine-id
rm /sbin/initctl
dpkg-divert --rename --remove /sbin/initctl
umount /proc
umount /sys
umount /dev/pts
sudo umount edit/dev

The [rm] commands obviously [r]e[m]ove stuff, and the remaining commands undo the setup commands we used to get into the [chroot] environment. Virtually every time I do this I get a fucking annoying error telling me that it can't umount these things because they are in use. Well, you know what I say to that? Hello Mr. Reboot.

Once the system has come back on, fire up a terminal and:

cd ~/live

Now, update the .manifest file which is a list of installed packages:
chmod +w extract-cd/casper/filesystem.manifest
sudo chroot edit dpkg-query -W --showformat='${Package} ${Version}\n' > extract-cd/casper/filesystem.manifest
sudo cp extract-cd/casper/filesystem.manifest extract-cd/casper/filesystem.manifest-desktop
sudo sed -i '/ubiquity/d' extract-cd/casper/filesystem.manifest-desktop
sudo sed -i '/casper/d' extract-cd/casper/filesystem.manifest-desktop

Now delete the existing squashed archive and replace it. Don't worry if it cannot find one, there shouldn't be one the first time you run through these instructions.
sudo rm extract-cd/casper/filesystem.squashfs
sudo mksquashfs edit extract-cd/casper/filesystem.squashfs

That last command will take most time of anything here, as it (re)compressess all the packages we want. If you are feeling particularly narcisstic you can edit the disk details (change the image name) that pop up on boot:

sudo nano extract-cd/README.diskdefines

Now we need to rebuild the md5sum check file:
cd extract-cd
sudo rm md5sum.txt
find -type f -print0 | sudo xargs -0 md5sum | grep -v isolinux/ | sudo tee md5sum.txt

That will probably take two [sudo] password requests - one for the straight [sudo] and one for the [| sudo] piped version. Do not know why. Irritating as fuck.

And finally we need to build a new iso image:

sudo mkisofs -D -r -V "$IMAGE_NAME" -cache-inodes -J -l -b isolinux/isolinux.bin -c isolinux/ -no-emul-boot -boot-load-size 4 -boot-info-table -o ../ubuntu-10.04-desktop-i386-custom.iso .

Once you have that image you use the unetbootin software (which comes in both windows and linux flavours) to load the image onto the USB Key. Job done.

No comments:

Post a Comment