.linux_items cleanup

.linux_items/include/live/airootfs/etc/hostname

@@ -0,0 +1 @@
+wklinux

.linux_items/include/live/airootfs/etc/skel/.aliases

@@ -29,8 +29,6 @@ alias sdu='sudo du -sch --apparent-size'
 alias srmdirs='sudo find -depth -mindepth 1 -type d -exec rmdir "{}" --ignore-fail-on-non-empty \;'
 alias srs='sudo rsync -avhPS --stats --exclude-from="$HOME/.rsync_exclusions"'
 alias srsz='sudo rsync -avhzPS --stats --exclude-from="$HOME/.rsync_exclusions"'
-alias start-wifi='sudo start-wifi'
-alias td='tmux detach'
 alias testdisk='sudo testdisk'
 alias umount='sudo umount'
 alias unmount='sudo umount'

.linux_items/include/live/airootfs/etc/skel/.bash_logout

@@ -1,3 +0,0 @@
-#
-# ~/.bash_logout
-#

.linux_items/include/live/airootfs/etc/skel/.bash_profile

@@ -1,5 +0,0 @@
-#
-# ~/.bash_profile
-#
-
-[[ -f ~/.bashrc ]] && . ~/.bashrc

.linux_items/include/live/airootfs/etc/ufw/after.init

@@ -1,40 +0,0 @@
-#!/bin/sh
-#
-# after.init: if executable, called by ufw-init. See 'man ufw-framework' for
-#             details. Note that output from these scripts is not seen via the
-#             the ufw command, but instead via ufw-init.
-#
-# Copyright 2013 Canonical Ltd.
-#
-#    This program is free software: you can redistribute it and/or modify
-#    it under the terms of the GNU General Public License version 3,
-#    as published by the Free Software Foundation.
-#
-#    This program is distributed in the hope that it will be useful,
-#    but WITHOUT ANY WARRANTY; without even the implied warranty of
-#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#    GNU General Public License for more details.
-#
-#    You should have received a copy of the GNU General Public License
-#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-set -e
-
-case "$1" in
-start)
-    # typically required
-    ;;
-stop)
-    # typically required
-    ;;
-status)
-    # optional
-    ;;
-flush-all)
-    # optional
-    ;;
-*)
-    echo "'$1' not supported"
-    echo "Usage: after.init {start|stop|flush-all|status}"
-    ;;
-esac

.linux_items/include/live/airootfs/etc/ufw/after.rules

@@ -1,30 +0,0 @@
-#
-# rules.input-after
-#
-# Rules that should be run after the ufw command line added rules. Custom
-# rules should be added to one of these chains:
-#   ufw-after-input
-#   ufw-after-output
-#   ufw-after-forward
-#
-
-# Don't delete these required lines, otherwise there will be errors
-*filter
-:ufw-after-input - [0:0]
-:ufw-after-output - [0:0]
-:ufw-after-forward - [0:0]
-# End required lines
-
-# don't log noisy services by default
--A ufw-after-input -p udp --dport 137 -j ufw-skip-to-policy-input
--A ufw-after-input -p udp --dport 138 -j ufw-skip-to-policy-input
--A ufw-after-input -p tcp --dport 139 -j ufw-skip-to-policy-input
--A ufw-after-input -p tcp --dport 445 -j ufw-skip-to-policy-input
--A ufw-after-input -p udp --dport 67 -j ufw-skip-to-policy-input
--A ufw-after-input -p udp --dport 68 -j ufw-skip-to-policy-input
-
-# don't log noisy broadcast
--A ufw-after-input -m addrtype --dst-type BROADCAST -j ufw-skip-to-policy-input
-
-# don't delete the 'COMMIT' line or these rules won't be processed
-COMMIT

.linux_items/include/live/airootfs/etc/ufw/after6.rules

@@ -1,27 +0,0 @@
-#
-# rules.input-after
-#
-# Rules that should be run after the ufw command line added rules. Custom
-# rules should be added to one of these chains:
-#   ufw6-after-input
-#   ufw6-after-output
-#   ufw6-after-forward
-#
-
-# Don't delete these required lines, otherwise there will be errors
-*filter
-:ufw6-after-input - [0:0]
-:ufw6-after-output - [0:0]
-:ufw6-after-forward - [0:0]
-# End required lines
-
-# don't log noisy services by default
--A ufw6-after-input -p udp --dport 137 -j ufw6-skip-to-policy-input
--A ufw6-after-input -p udp --dport 138 -j ufw6-skip-to-policy-input
--A ufw6-after-input -p tcp --dport 139 -j ufw6-skip-to-policy-input
--A ufw6-after-input -p tcp --dport 445 -j ufw6-skip-to-policy-input
--A ufw6-after-input -p udp --dport 546 -j ufw6-skip-to-policy-input
--A ufw6-after-input -p udp --dport 547 -j ufw6-skip-to-policy-input
-
-# don't delete the 'COMMIT' line or these rules won't be processed
-COMMIT

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-bittorent

@@ -1,19 +0,0 @@
-[Transmission]
-title=Transmission
-description=Transmission BitTorrent client
-ports=51413/tcp
-
-[Deluge]
-title=Deluge
-description=Deluge BitTorrent client
-ports=6881:6891/tcp
-
-[KTorrent]
-title=KTorrent
-description=KTorrent BitTorrent client
-ports=6881/tcp|4444/udp
-
-[qBittorrent]
-title=qBittorrent
-description=qBittorrent BitTorrent client
-ports=6881/tcp

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-chat

@@ -1,35 +0,0 @@
-[PeopleNearby]
-title=People Nearby
-description=People Nearby (Bonjour/Salut) functionality in Empathy
-ports=5353/udp|5298
-
-[Bonjour]
-title=Bonjour
-description=Bonjour protocol
-ports=5353/udp|5298
-
-[MSN]
-title=MSN Chat
-description=MSN chat protocol (with file transfer and voice)
-ports=1863|6891:6900/tcp|6901
-
-[MSN SSL]
-title=MSN Chat (SSL)
-description=MSN chat protocol (SSL)
-ports=443/tcp
-
-[AIM]
-title=AIM Talk
-description=AIM talk protocol
-ports=5190/tcp
-
-[Yahoo]
-title=Yahoo Chat
-description=Yahoo chat protocol
-ports=5050
-
-[XMPP]
-title=XMPP Chat
-description=XMPP protocol (Jabber and Google Talk)
-ports=5222/tcp|5269/tcp
-

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-directoryserver

@@ -1,29 +0,0 @@
-[Kerberos KDC]
-title=Kerberos v5 KDC server
-description=Kerberos v5 KDC server
-ports=88
-
-[Kerberos Admin]
-title=Kerberos v5 admin
-description=Kerberos v5 server
-ports=749/tcp
-
-[Kerberos Password]
-title=Kerberos v5 password
-description=Kerberos v5 password
-ports=464/udp
-
-[Kerberos Full]
-title=Kerberos v5 server
-description=Kerberos v5 server
-ports=88,749/tcp|464/udp
-
-[LDAP]
-title=LDAP server
-description=LDAP server
-ports=389/tcp
-
-[LDAPS]
-title=LDAP server (LDAPS)
-description=LDAP server (LDAPS)
-ports=636/tcp

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-dnsserver

@@ -1,4 +0,0 @@
-[DNS]
-title=Internet Domain Name Server
-description=Internet Domain Name Server
-ports=53

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-fileserver

@@ -1,14 +0,0 @@
-[CIFS]
-title=SMB/CIFS server
-description=SMB/CIFS server
-ports=137,138/udp|139,445/tcp
-
-[NFS]
-title=NFS server
-description=NFS and portmap server. Will also need access to mountd, statd and possibly others
-ports=2049,111/tcp|2049,111/udp
-
-[svnserve]
-title=Subversion server
-description=Subversion server for access to Subversion repositories.
-ports=3690/tcp

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-loginserver

@@ -1,14 +0,0 @@
-[Telnet]
-title=Telnet server (insecure)
-description=Telnet server (insecure)
-ports=23/tcp
-
-[SSH]
-title=SSH server
-description=SSH server
-ports=22/tcp
-
-[VNC]
-title=VNC server
-description=VNC server
-ports=5900/tcp

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-mailserver

@@ -1,30 +0,0 @@
-[POP3]
-title=Mail server (POP3)
-description=Mail server (POP3)
-ports=110/tcp
-
-[POP3S]
-title=Secure mail server (POP3S)
-description=Secure mail server (POP3S)
-ports=995/tcp
-
-[IMAP]
-title=Mail server (IMAP)
-description=Mail server (IMAP)
-ports=143/tcp
-
-[IMAPS]
-title=Secure mail server (IMAPS)
-description=Secure mail server (IMAPS)
-ports=993/tcp
-
-[SMTP]
-title=Mail server (SMTP)
-description=Mail server (SMTP)
-ports=25/tcp
-
-[Mail submission]
-title=Mail server (Submission)
-description=Mail server (Submission)
-ports=587/tcp
-

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-printserver

@@ -1,9 +0,0 @@
-[IPP]
-title=Cups server (IPP)
-description=Cups server (IPP)
-ports=631
-
-[LPD]
-title=LPD server
-description=LPD server
-ports=515/tcp

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-proxyserver

@@ -1,9 +0,0 @@
-[Socks]
-title=Socks proxy
-description=Socks proxy
-ports=1080/tcp
-
-[Transparent Proxy]
-title=Transparent proxy
-description=Transparent proxy
-ports=8081/tcp

.linux_items/include/live/airootfs/etc/ufw/applications.d/ufw-webserver

@@ -1,19 +0,0 @@
-[WWW]
-title=Web Server
-description=Web server
-ports=80/tcp
-
-[WWW Secure]
-title=Web Server (HTTPS)
-description=Web Server (HTTPS)
-ports=443/tcp
-
-[WWW Full]
-title=Web Server (HTTP,HTTPS)
-description=Web Server (HTTP,HTTPS)
-ports=80,443/tcp
-
-[WWW Cache]
-title=Web Server (8080)
-description=Web Server (8080)
-ports=8080/tcp

.linux_items/include/live/airootfs/etc/ufw/before.init

@@ -1,40 +0,0 @@
-#!/bin/sh
-#
-# before.init: if executable, called by ufw-init. See 'man ufw-framework' for
-#              details. Note that output from these scripts is not seen via the
-#              the ufw command, but instead via ufw-init.
-#
-# Copyright 2013 Canonical Ltd.
-#
-#    This program is free software: you can redistribute it and/or modify
-#    it under the terms of the GNU General Public License version 3,
-#    as published by the Free Software Foundation.
-#
-#    This program is distributed in the hope that it will be useful,
-#    but WITHOUT ANY WARRANTY; without even the implied warranty of
-#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#    GNU General Public License for more details.
-#
-#    You should have received a copy of the GNU General Public License
-#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-set -e
-
-case "$1" in
-start)
-    # typically required
-    ;;
-stop)
-    # typically required
-    ;;
-status)
-    # optional
-    ;;
-flush-all)
-    # optional
-    ;;
-*)
-    echo "'$1' not supported"
-    echo "Usage: before.init {start|stop|flush-all|status}"
-    ;;
-esac

.linux_items/include/live/airootfs/etc/ufw/before.rules

@@ -1,77 +0,0 @@
-#
-# rules.before
-#
-# Rules that should be run before the ufw command line added rules. Custom
-# rules should be added to one of these chains:
-#   ufw-before-input
-#   ufw-before-output
-#   ufw-before-forward
-#
-
-# Don't delete these required lines, otherwise there will be errors
-*filter
-:ufw-before-input - [0:0]
-:ufw-before-output - [0:0]
-:ufw-before-forward - [0:0]
-:ufw-not-local - [0:0]
-# End required lines
-
-
-# allow all on loopback
--A ufw-before-input -i lo -j ACCEPT
--A ufw-before-output -o lo -j ACCEPT
-
-# quickly process packets for which we already have a connection
--A ufw-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
--A ufw-before-output -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
--A ufw-before-forward -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-
-# drop INVALID packets (logs these in loglevel medium and higher)
--A ufw-before-input -m conntrack --ctstate INVALID -j ufw-logging-deny
--A ufw-before-input -m conntrack --ctstate INVALID -j DROP
-
-# ok icmp codes for INPUT
--A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT
--A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT
--A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT
--A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT
--A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
-
-# ok icmp code for FORWARD
--A ufw-before-forward -p icmp --icmp-type destination-unreachable -j ACCEPT
--A ufw-before-forward -p icmp --icmp-type source-quench -j ACCEPT
--A ufw-before-forward -p icmp --icmp-type time-exceeded -j ACCEPT
--A ufw-before-forward -p icmp --icmp-type parameter-problem -j ACCEPT
--A ufw-before-forward -p icmp --icmp-type echo-request -j ACCEPT
-
-# allow dhcp client to work
--A ufw-before-input -p udp --sport 67 --dport 68 -j ACCEPT
-
-#
-# ufw-not-local
-#
--A ufw-before-input -j ufw-not-local
-
-# if LOCAL, RETURN
--A ufw-not-local -m addrtype --dst-type LOCAL -j RETURN
-
-# if MULTICAST, RETURN
--A ufw-not-local -m addrtype --dst-type MULTICAST -j RETURN
-
-# if BROADCAST, RETURN
--A ufw-not-local -m addrtype --dst-type BROADCAST -j RETURN
-
-# all other non-local packets are dropped
--A ufw-not-local -m limit --limit 3/min --limit-burst 10 -j ufw-logging-deny
--A ufw-not-local -j DROP
-
-# allow MULTICAST mDNS for service discovery (be sure the MULTICAST line above
-# is uncommented)
--A ufw-before-input -p udp -d 224.0.0.251 --dport 5353 -j ACCEPT
-
-# allow MULTICAST UPnP for service discovery (be sure the MULTICAST line above
-# is uncommented)
--A ufw-before-input -p udp -d 239.255.255.250 --dport 1900 -j ACCEPT
-
-# don't delete the 'COMMIT' line or these rules won't be processed
-COMMIT

.linux_items/include/live/airootfs/etc/ufw/before6.rules

@@ -1,138 +0,0 @@
-#
-# rules.before
-#
-# Rules that should be run before the ufw command line added rules. Custom
-# rules should be added to one of these chains:
-#   ufw6-before-input
-#   ufw6-before-output
-#   ufw6-before-forward
-#
-
-# Don't delete these required lines, otherwise there will be errors
-*filter
-:ufw6-before-input - [0:0]
-:ufw6-before-output - [0:0]
-:ufw6-before-forward - [0:0]
-# End required lines
-
-
-# allow all on loopback
--A ufw6-before-input -i lo -j ACCEPT
--A ufw6-before-output -o lo -j ACCEPT
-
-# drop packets with RH0 headers
--A ufw6-before-input -m rt --rt-type 0 -j DROP
--A ufw6-before-forward -m rt --rt-type 0 -j DROP
--A ufw6-before-output -m rt --rt-type 0 -j DROP
-
-# quickly process packets for which we already have a connection
--A ufw6-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
--A ufw6-before-output -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
--A ufw6-before-forward -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-
-# drop INVALID packets (logs these in loglevel medium and higher)
--A ufw6-before-input -m conntrack --ctstate INVALID -j ufw6-logging-deny
--A ufw6-before-input -m conntrack --ctstate INVALID -j DROP
-
-# ok icmp codes for INPUT (rfc4890, 4.4.1 and 4.4.2)
--A ufw6-before-input -p icmpv6 --icmpv6-type destination-unreachable -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type packet-too-big -j ACCEPT
-# codes 0 and 1
--A ufw6-before-input -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
-# codes 0-2
--A ufw6-before-input -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type echo-request -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type router-solicitation -m hl --hl-eq 255 -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type router-advertisement -m hl --hl-eq 255 -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type neighbor-solicitation -m hl --hl-eq 255 -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type neighbor-advertisement -m hl --hl-eq 255 -j ACCEPT
-# IND solicitation
--A ufw6-before-input -p icmpv6 --icmpv6-type 141 -m hl --hl-eq 255 -j ACCEPT
-# IND advertisement
--A ufw6-before-input -p icmpv6 --icmpv6-type 142 -m hl --hl-eq 255 -j ACCEPT
-# MLD query
--A ufw6-before-input -p icmpv6 --icmpv6-type 130 -s fe80::/10 -j ACCEPT
-# MLD report
--A ufw6-before-input -p icmpv6 --icmpv6-type 131 -s fe80::/10 -j ACCEPT
-# MLD done
--A ufw6-before-input -p icmpv6 --icmpv6-type 132 -s fe80::/10 -j ACCEPT
-# MLD report v2
--A ufw6-before-input -p icmpv6 --icmpv6-type 143 -s fe80::/10 -j ACCEPT
-# SEND certificate path solicitation
--A ufw6-before-input -p icmpv6 --icmpv6-type 148 -m hl --hl-eq 255 -j ACCEPT
-# SEND certificate path advertisement
--A ufw6-before-input -p icmpv6 --icmpv6-type 149 -m hl --hl-eq 255 -j ACCEPT
-# MR advertisement
--A ufw6-before-input -p icmpv6 --icmpv6-type 151 -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
-# MR solicitation
--A ufw6-before-input -p icmpv6 --icmpv6-type 152 -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
-# MR termination
--A ufw6-before-input -p icmpv6 --icmpv6-type 153 -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
-
-# ok icmp codes for OUTPUT (rfc4890, 4.4.1 and 4.4.2)
--A ufw6-before-output -p icmpv6 --icmpv6-type destination-unreachable -j ACCEPT
--A ufw6-before-output -p icmpv6 --icmpv6-type packet-too-big -j ACCEPT
-# codes 0 and 1
--A ufw6-before-output -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
-# codes 0-2
--A ufw6-before-output -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type echo-request -j ACCEPT
--A ufw6-before-input -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
--A ufw6-before-output -p icmpv6 --icmpv6-type router-solicitation -m hl --hl-eq 255 -j ACCEPT
--A ufw6-before-output -p icmpv6 --icmpv6-type neighbor-advertisement -m hl --hl-eq 255 -j ACCEPT
--A ufw6-before-output -p icmpv6 --icmpv6-type neighbor-solicitation -m hl --hl-eq 255 -j ACCEPT
--A ufw6-before-output -p icmpv6 --icmpv6-type router-advertisement -m hl --hl-eq 255 -j ACCEPT
-# IND solicitation
--A ufw6-before-output -p icmpv6 --icmpv6-type 141 -m hl --hl-eq 255 -j ACCEPT
-# IND advertisement
--A ufw6-before-output -p icmpv6 --icmpv6-type 142 -m hl --hl-eq 255 -j ACCEPT
-# MLD query
--A ufw6-before-output -p icmpv6 --icmpv6-type 130 -s fe80::/10 -j ACCEPT
-# MLD report
--A ufw6-before-output -p icmpv6 --icmpv6-type 131 -s fe80::/10 -j ACCEPT
-# MLD done
--A ufw6-before-output -p icmpv6 --icmpv6-type 132 -s fe80::/10 -j ACCEPT
-# MLD report v2
--A ufw6-before-output -p icmpv6 --icmpv6-type 143 -s fe80::/10 -j ACCEPT
-# SEND certificate path solicitation
--A ufw6-before-output -p icmpv6 --icmpv6-type 148 -m hl --hl-eq 255 -j ACCEPT
-# SEND certificate path advertisement
--A ufw6-before-output -p icmpv6 --icmpv6-type 149 -m hl --hl-eq 255 -j ACCEPT
-# MR advertisement
--A ufw6-before-output -p icmpv6 --icmpv6-type 151 -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
-# MR solicitation
--A ufw6-before-output -p icmpv6 --icmpv6-type 152 -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
-# MR termination
--A ufw6-before-output -p icmpv6 --icmpv6-type 153 -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
-
-# ok icmp codes for FORWARD (rfc4890, 4.3.1)
--A ufw6-before-forward -p icmpv6 --icmpv6-type destination-unreachable -j ACCEPT
--A ufw6-before-forward -p icmpv6 --icmpv6-type packet-too-big -j ACCEPT
-# codes 0 and 1
--A ufw6-before-forward -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
-# codes 0-2
--A ufw6-before-forward -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
--A ufw6-before-forward -p icmpv6 --icmpv6-type echo-request -j ACCEPT
--A ufw6-before-forward -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
-# ok icmp codes for FORWARD (rfc4890, 4.3.2)
-# Home Agent Address Discovery Reques
--A ufw6-before-input -p icmpv6 --icmpv6-type 144 -j ACCEPT
-# Home Agent Address Discovery Reply
--A ufw6-before-input -p icmpv6 --icmpv6-type 145 -j ACCEPT
-# Mobile Prefix Solicitation
--A ufw6-before-input -p icmpv6 --icmpv6-type 146 -j ACCEPT
-# Mobile Prefix Advertisement
--A ufw6-before-input -p icmpv6 --icmpv6-type 147 -j ACCEPT
-
-# allow dhcp client to work
--A ufw6-before-input -p udp -s fe80::/10 --sport 547 -d fe80::/10 --dport 546 -j ACCEPT
-
-# allow MULTICAST mDNS for service discovery
--A ufw6-before-input -p udp -d ff02::fb --dport 5353 -j ACCEPT
-
-# allow MULTICAST UPnP for service discovery
--A ufw6-before-input -p udp -d ff02::f --dport 1900 -j ACCEPT
-
-# don't delete the 'COMMIT' line or these rules won't be processed
-COMMIT

.linux_items/include/live/airootfs/etc/ufw/sysctl.conf

@@ -1,57 +0,0 @@
-#
-# Configuration file for setting network variables. Please note these settings
-# override /etc/sysctl.conf. If you prefer to use /etc/sysctl.conf, please
-# adjust IPT_SYSCTL in /etc/default/ufw.
-#
-
-# Uncomment this to allow this host to route packets between interfaces
-#net/ipv4/ip_forward=1
-#net/ipv6/conf/default/forwarding=1
-#net/ipv6/conf/all/forwarding=1
-
-# Turn on Source Address Verification in all interfaces to prevent some
-# spoofing attacks
-net/ipv4/conf/default/rp_filter=1
-net/ipv4/conf/all/rp_filter=1
-
-# Do not accept IP source route packets (we are not a router)
-net/ipv4/conf/default/accept_source_route=0
-net/ipv4/conf/all/accept_source_route=0
-net/ipv6/conf/default/accept_source_route=0
-net/ipv6/conf/all/accept_source_route=0
-
-# Disable ICMP redirects. ICMP redirects are rarely used but can be used in
-# MITM (man-in-the-middle) attacks. Disabling ICMP may disrupt legitimate
-# traffic to those sites.
-net/ipv4/conf/default/accept_redirects=0
-net/ipv4/conf/all/accept_redirects=0
-net/ipv6/conf/default/accept_redirects=0
-net/ipv6/conf/all/accept_redirects=0
-
-# Ignore bogus ICMP errors
-net/ipv4/icmp_echo_ignore_broadcasts=1
-net/ipv4/icmp_ignore_bogus_error_responses=1
-net/ipv4/icmp_echo_ignore_all=0
-
-# Don't log Martian Packets (impossible packets)
-net/ipv4/conf/default/log_martians=0
-net/ipv4/conf/all/log_martians=0
-
-# Change to '1' to enable TCP/IP SYN cookies This disables TCP Window Scaling
-# (http://lkml.org/lkml/2008/2/5/167)
-net/ipv4/tcp_syncookies=0
-
-#net/ipv4/tcp_fin_timeout=30
-#net/ipv4/tcp_keepalive_intvl=1800
-
-# normally allowing tcp_sack is ok, but if going through OpenBSD 3.8 RELEASE or
-# earlier pf firewall, should set this to 0
-net/ipv4/tcp_sack=1
-
-# Uncomment this to turn off ipv6 autoconfiguration
-#net/ipv6/conf/default/autoconf=0
-#net/ipv6/conf/all/autoconf=0
-
-# Uncomment this to enable ipv6 privacy addressing
-#net/ipv6/conf/default/use_tempaddr=2
-#net/ipv6/conf/all/use_tempaddr=2

.linux_items/include/live/airootfs/etc/xdg/xfce4/kiosk/kioskrc

@@ -1,3 +0,0 @@
-[xfce4-session]
-SaveSession=None
-

.linux_items/include/live/airootfs/root/.automated_script.sh

@@ -1,34 +0,0 @@
-#!/bin/bash
-
-script_cmdline ()
-{
-    local param
-    for param in $(< /proc/cmdline); do
-        case "${param}" in
-            script=*) echo "${param#*=}" ; return 0 ;;
-        esac
-    done
-}
-
-automated_script ()
-{
-    local script rt
-    script="$(script_cmdline)"
-    if [[ -n "${script}" && ! -x /tmp/startup_script ]]; then
-        if [[ "${script}" =~ ^http:// || "${script}" =~ ^ftp:// ]]; then
-            wget "${script}" --retry-connrefused -q -O /tmp/startup_script >/dev/null
-            rt=$?
-        else
-            cp "${script}" /tmp/startup_script
-            rt=$?
-        fi
-        if [[ ${rt} -eq 0 ]]; then
-            chmod +x /tmp/startup_script
-            /tmp/startup_script
-        fi
-    fi
-}
-
-if [[ $(tty) == "/dev/tty1" ]]; then
-    automated_script
-fi

.linux_items/include/live/airootfs/root/.zlogin

@@ -1 +0,0 @@
-~/.automated_script.sh

.linux_items/include/live/airootfs/root/install.txt

@@ -1,3 +0,0 @@
-View this installation guide online at
-https://wiki.archlinux.org/index.php/Installation_Guide
-

.linux_items/include/live/airootfs/usr/share/applications/SpeedTest.desktop

@@ -1,10 +0,0 @@
-[Desktop Entry]
-Version=1.0
-Type=Application
-Name=SpeedTest
-Comment=
-Exec=urxvt -titile SpeedTest -hold -e speedtest
-Icon=network-workgroup
-Path=/usr/local/bin
-Terminal=false
-StartupNotify=false

.linux_items/include/live/mkinitcpio.conf

@@ -1,2 +0,0 @@
-HOOKS="base udev memdisk archiso_shutdown archiso archiso_loop_mnt archiso_pxe_common archiso_pxe_nbd archiso_pxe_http archiso_pxe_nfs archiso_kms block pcmcia filesystems keyboard"
-COMPRESSION="xz"

.linux_items/packages/dependencies

@@ -2,6 +2,7 @@ archiso
 attr
 base-devel
 curl
+git
 libewf
 progsreiserfs
 rsync

.linux_items/packages/live

@@ -0,0 +1,95 @@
+aic94xx-firmware
+alsa-utils
+antiword
+bash-pipes
+bc
+bluez
+bluez-utils
+cbatticon
+chntpw
+cmatrix
+colordiff
+compton
+conky
+curl
+dmidecode
+dos2unix
+dunst
+e2fsprogs
+feh
+ffmpeg
+firefox
+gnome-keyring
+gparted
+gsmartcontrol
+gtk-theme-arc-git
+hardinfo
+hexedit
+hfsprogs
+htop
+i3-gaps
+i3lock-fancy-git
+i3status
+inxi
+ldns
+libewf
+libinput
+linux-firmware
+lm_sensors
+mdadm
+mediainfo
+mesa-demos
+mkvtoolnix-cli
+mprime-bin
+mpv
+mupdf
+ncdu
+network-manager-applet
+networkmanager
+oblogout
+openbox-patched
+p7zip
+papirus-icon-theme
+pasystray
+pavucontrol
+progsreiserfs
+pulseaudio
+qemu-guest-agent
+reiserfsprogs
+rfkill
+rng-tools
+rofi
+rxvt-unicode
+speedtest-cli
+spice-vdagent
+terminus-font
+testdisk-wip
+thunar
+tint2
+tk
+tmux
+tree
+ttf-font-awesome
+ttf-inconsolata
+udevil
+udisks2
+ufw
+unzip
+veracrypt
+vim
+virtualbox-guest-modules-arch
+virtualbox-guest-utils
+wd719x-firmware
+wimlib
+xf86-input-libinput
+xf86-video-amdgpu
+xf86-video-fbdev
+xf86-video-intel
+xf86-video-nouveau
+xf86-video-vesa
+xorg-server
+xorg-xdpyinfo
+xorg-xev
+xorg-xinit
+xorg-xinput
+zsh