How To Install bilibop-lockfs on Kali Linux
Introduction
In this tutorial we learn how to install bilibop-lockfs on Kali Linux.
What is bilibop-lockfs
bilibop-lockfs is:
Bilibop helps to maintain a Debian GNU/Linux operating system installed on an external media (USB, FireWire, Flash memory, eSATA). It hardens standard rules and policies to make the system more robust in this particular situation.
If the lockfs feature is enabled (in a configuration file, in the boot commandline or by a heuristic), nothing will be written on the filesystems listed in /etc/fstab, except for those that have been whitelisted, or for the encrypted swap devices. More, bilibop-lockfs now is able to detect if the drive has been locked by a physical switch, and then overrides its own settings to unconditionally apply a ‘hard’ policy.
The root filesystem is locked (set readonly, using either aufs or overlay) by an initramfs script which also modifies the temporary fstab to prepare other filesystems to be locked later by a mount helper script.
bilibop-lockfs provides the following features:
- whitelist based policy: filesystems on which you want to allow persistent changes must be explicitly listed in a configuration file.
- swap devices policy: they can be used ‘as is’, noauto, only if encrypted, only if encrypted with a random key, or not used at all.
- not only filesystems are set read-only, but also block devices: this forbids changes of the partition table, boot sectors, LUKS headers and LVM metadata.
- plymouth messages to know at boot time if bilibop-lockfs is enabled or not, or if an error occurred.
- desktop notifications at startup about filesystems status, to inform the user that volatile or persistent changes are allowed or not, and where.
This package can be used as an alternative to fsprotect or overlayroot, especially for writable operating systems embedded on a USB stick; but it may also be installed on public or personal computers, for daily use, kiosks, testing purposes, or as a tool in anti-forensics strategies.
There are three methods to install bilibop-lockfs on Kali Linux. We can use apt-get, apt and aptitude. In the following sections we will describe each method. You can choose one of them.
Install bilibop-lockfs Using apt-get
Update apt database with apt-get using the following command.
sudo apt-get updateAfter updating apt database, We can install bilibop-lockfs using apt-get by running the following command:
sudo apt-get -y install bilibop-lockfsInstall bilibop-lockfs Using apt
Update apt database with apt using the following command.
sudo apt updateAfter updating apt database, We can install bilibop-lockfs using apt by running the following command:
sudo apt -y install bilibop-lockfsInstall bilibop-lockfs Using aptitude
If you want to follow this method, you might need to install aptitude on Kali Linux first since aptitude is usually not installed by default on Kali Linux. Update apt database with aptitude using the following command.
sudo aptitude updateAfter updating apt database, We can install bilibop-lockfs using aptitude by running the following command:
sudo aptitude -y install bilibop-lockfsHow To Uninstall bilibop-lockfs on Kali Linux
To uninstall only the bilibop-lockfs package we can use the following command:
sudo apt-get remove bilibop-lockfsUninstall bilibop-lockfs And Its Dependencies
To uninstall bilibop-lockfs and its dependencies that are no longer needed by Kali Linux, we can use the command below:
sudo apt-get -y autoremove bilibop-lockfsRemove bilibop-lockfs Configurations and Data
To remove bilibop-lockfs configuration and data from Kali Linux we can use the following command:
sudo apt-get -y purge bilibop-lockfsRemove bilibop-lockfs configuration, data, and all of its dependencies
We can use the following command to remove bilibop-lockfs configurations, data and all of its dependencies, we can use the following command:
sudo apt-get -y autoremove --purge bilibop-lockfsDependencies
bilibop-lockfs have the following dependencies:
References
Summary
In this tutorial we learn how to install bilibop-lockfs package on Kali Linux using different package management tools: apt, apt-get and aptitude.