[X] My Assistant

Personal notes: Since there is one for Linux (although I personally wouldn't recommend it) I decided that why the hell not write one for FreeBSD.
So that's what I've done, I hope someone will find this useful.


Sections:
0..................... Intro and Requirements
1................................................. Jails
 1.1............................... Building a jail
  1.2.................. Configurating the jail
2................................................. Hath
 2.1................... The user environment
  2.2...........................Setting up HATH
3............................................ daemon
 3.1............................... The rc.d script

Syntax:
* = Optional
# = Comment, only #!<content> is needed in the script section
example* = To be replaced with your data, i.e /path/to/dest or "name"
Green = File
Blue = Command
Yellow = Directory



0. Introduction and Requirements
This guide is written to be both for people who've never used FreeBSD and for those who have but does not know how to build a jail or want to see if there's something they might want to improve in their current setup.

I choose FreeBSD because of it's extremely stable and secure Operating System.

If you're intrested in FreeBSD I recommend testing it, go to freebsd.org or pcbsd.org to download and try it.
If you got any additional questions or problem feel free to either contact me via PM or reply.

Requirements:

• A computer with FreeBSD installed
• Having access to root
• The minimum requirements to run HATH
• Having some UNIX experience

Recommended:

• The default/GENERIC kernel
• X.org or SSH
• FreeBSD experience

1. FreeBSD Jail

If you need to know what a jail is, it's basically a copy of the existing OS or a Virtual Machine but the hardware isn't virtualized.

It works mostly the same way chroot does, that it does not allow any processes to communicate with the outside system and that it has it's own IP address and hostname to function as a normal system would.

And another thing about jails is that they very portable so you can just copy the jail folder and put it on any computer running FreeBSD and let the processes spawned do it's work.



1.1 Building a Jail

To build a jail we will use the following commands:

CODE

#For sh
*     setenv D /usr/jail
#for bash
*     export D /usr/jail

mkdir -p $D                              # Or the specific path to jail if D is not declared
cd /usr/src

# Only needed if you haven't done make world or make buildworld
make buildworld

make installworld DESTDIR=$D             # Or the specific path to jail if D is not declared
make distribution DESTDIR=$D             # Or the specific path to jail if D is not declared
mount -t devfs devfs $D/dev              # Or the specific path to jail if D is not declared

After these command has finished and everything went smooth, you are now almost ready to play around with the jail you created.

What you need to do next is to use your favorite editor to edit rc.conf and add these lines:

CODE

#ifconfig aliases
ifconfig_example-interface0_alias0="inet 10.0.0.199 netmask 255.255.255.0"

#   Jail
jail_enable="YES"

jail_list="example"


# example
jail_example_rootdir=/usr/jail/example
jail_example_hostname="example.org"
jail_example_ip="10.0.0.199"
jail_example_devfs_enable="YES"
jail_example_devfs_ruleset="devfsrules_jail"

Then restart the computer.
It may take a while for the jail to start, but after it greets you with the login screen you should see if the jail works by using these commands:
                        jls
                        jexec JID sh


If everything works, congratulation on your successful jail installation!



2. Hentai At Home

Hentai At Home is written in Java by Tenboro and thus isn't the most secure type of program you can have, which is why we've created it's own jail for it and it's own user so in case an attacker uses a 0-day exploit they will only gain a small part of the system.

It also bundled together with SQLite which is the database for Hentai At Home.



2.1 Setting up the user environment

Now it's time to get things running, you may notice that you can't ping or start installing new software on the jail, that's because we don't have an resolv.conf in our /etc so use this command for it:
                        resolvconf

or you can just copy your existing resolv.conf:
cp /etc/resolv.conf /usr/jail/example/etc/resolv.conf

Now you should be able to start downloading software or use the ports.
If the /usr/ports does not exist use portsnap to download the latest ports tree or mount them from the outside *not recommended* and you still wont be able to use ping.

for downloading ports:

CODE

portsnap fetch extract

After you've done that you got a choice between openjre or diablo-jre, after you've chosen which one you want go ahead and install it:

CODE

# using ports
cd /usr/ports/java/example-jre16
make config; make install clean

# using pkg_add
pkg_add -r example-jre16

Now it's time to setup the hath user:

this we do easiest with the adduser command.

CODE

Username: example
Full name: *  Exampela Exampulus
Uid (Leave empty for default):
Login group [example]:
Login group is a. Invite a into other groups? []:
Login class [default]:
Shell (sh csh tcsh bash rbash nologin) [sh]: rbash or nologin

2.2 Installing HATH

Now it's time to download the hath client and set it up.

CODE

cd /usr/home/example
login example
fetch http://hentaiathome.net/get/HentaiAtHome_1.0.10.zip
unzip HentaiAtHome_1.0.10.zip
chmod a-rw HentaiAtHome.jar HentaiAtHomeGUI.jar sqlite-jdbc-3.7.2.jar

After that's done run the H@H client to see if everything works and to make it so it doesn't ask for the key next time you will start H@H.




3. Daemons

A daemon in the UNIX world is something designed to start up when you boot the computer, remain silent and only talk through logs.

This is that system administrators can save time and avoid accidental CTRL+C/CTRL+Z when working with the terminal.



3.1 Using the rc daemon
In FreeBSD, it uses rc, to enable and disable certain services, daemons, etc. Which is done every time at
boot.
This is done by scripts written in sh.

We will create two scripts, one for rc.d and one for the shell.

Here's the script for the shell:
/usr/local/bin/hath

CODE

#!/bin/sh


autologin()
{
    # Variable
    user='example'
    cd /usr/home/example
    su ${user} -c "/usr/local/bin/java -jar /usr/home/${name}/HentaiAtHome.jar --silentstart"
}



autologin

you will of course need to change it's permissions:
chmod a+x /usr/local/bin/hath

Then you will need the rc.d script:

/etc/rc.d/hathd

CODE

#!/bin/sh
#
#  Hentai@Home
#

# PROVIDE: H@H
# REQUIRE: SHELL JDK cleanvar

. /etc/rc.subr

name="hath"
rcvar=`hathd_enable`
command="/usr/local/bin/${name}"

run_rc_command "$1"

and again you will need to change it's permissions:
chmod a+x /etc/rc.d/hathd

And lastly you need to edit rc.conf with your favorite editor and insert:

CODE

hathd_enable="YES"

Then you just need to restart the jail and you're done (easiest would be to restart the computer again, but you can use the jail command)!

/etc/rc.d/jail stop example

Congratulations you should now have a working jail running!

Enjoy those HATH points and thanks for reading!
Now I'm off to do some private business..


This post has been edited by GanGun : Feb 1 2014, 17:14

Why not recommend Linux? Was not that hard to setup on Windows or Linux. Looks about the same difficulty on FreeBSD.

Why not recommend Linux? Was not that hard to setup on Windows or Linux. Looks about the same difficulty on FreeBSD.

It is mostly the same.

It's not that I hate Linux, it's just that I want other OS:es to share the cake in the open source community.
And Linux in my opinion does not exceed that far ahead of FreeBSD and in fact it's more about availability than the core structure that makes Linux good choice.