3560 lines
268 KiB
HTML
3560 lines
268 KiB
HTML
|
<!DOCTYPE html><html lang="fr">
|
|||
|
<head><meta charset="utf-8">
|
|||
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|||
|
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no"><title>Dell Latitude e6230 - EndeavourOS XFCE sur partition LVM entièrement chiffrée + YubiKey - YannStatic</title>
|
|||
|
|
|||
|
<meta name="description" content="EndeavourOS est une distribution GNU/Linux basée sur Arch Linux">
|
|||
|
<link rel="canonical" href="https://static.rnmkcy.eu/2023/07/01/EndeavourOS-Dell_Latitude_e6230-XFCE-LVM-Chiffre.html"><link rel="alternate" type="application/rss+xml" title="YannStatic" href="/feed.xml">
|
|||
|
|
|||
|
<!-- - include head/favicon.html - -->
|
|||
|
<link rel="shortcut icon" type="image/png" href="/assets/favicon/favicon.png"><link rel="stylesheet" href="/assets/css/main.css"><link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.13/css/all.css" ><!-- start custom head snippets --><link rel="stylesheet" href="/assets/css/expand.css">
|
|||
|
<!-- end custom head snippets --><script>(function() {
|
|||
|
window.isArray = function(val) {
|
|||
|
return Object.prototype.toString.call(val) === '[object Array]';
|
|||
|
};
|
|||
|
window.isString = function(val) {
|
|||
|
return typeof val === 'string';
|
|||
|
};
|
|||
|
|
|||
|
window.hasEvent = function(event) {
|
|||
|
return 'on'.concat(event) in window.document;
|
|||
|
};
|
|||
|
|
|||
|
window.isOverallScroller = function(node) {
|
|||
|
return node === document.documentElement || node === document.body || node === window;
|
|||
|
};
|
|||
|
|
|||
|
window.isFormElement = function(node) {
|
|||
|
var tagName = node.tagName;
|
|||
|
return tagName === 'INPUT' || tagName === 'SELECT' || tagName === 'TEXTAREA';
|
|||
|
};
|
|||
|
|
|||
|
window.pageLoad = (function () {
|
|||
|
var loaded = false, cbs = [];
|
|||
|
window.addEventListener('load', function () {
|
|||
|
var i;
|
|||
|
loaded = true;
|
|||
|
if (cbs.length > 0) {
|
|||
|
for (i = 0; i < cbs.length; i++) {
|
|||
|
cbs[i]();
|
|||
|
}
|
|||
|
}
|
|||
|
});
|
|||
|
return {
|
|||
|
then: function(cb) {
|
|||
|
cb && (loaded ? cb() : (cbs.push(cb)));
|
|||
|
}
|
|||
|
};
|
|||
|
})();
|
|||
|
})();
|
|||
|
(function() {
|
|||
|
window.throttle = function(func, wait) {
|
|||
|
var args, result, thisArg, timeoutId, lastCalled = 0;
|
|||
|
|
|||
|
function trailingCall() {
|
|||
|
lastCalled = new Date;
|
|||
|
timeoutId = null;
|
|||
|
result = func.apply(thisArg, args);
|
|||
|
}
|
|||
|
return function() {
|
|||
|
var now = new Date,
|
|||
|
remaining = wait - (now - lastCalled);
|
|||
|
|
|||
|
args = arguments;
|
|||
|
thisArg = this;
|
|||
|
|
|||
|
if (remaining <= 0) {
|
|||
|
clearTimeout(timeoutId);
|
|||
|
timeoutId = null;
|
|||
|
lastCalled = now;
|
|||
|
result = func.apply(thisArg, args);
|
|||
|
} else if (!timeoutId) {
|
|||
|
timeoutId = setTimeout(trailingCall, remaining);
|
|||
|
}
|
|||
|
return result;
|
|||
|
};
|
|||
|
};
|
|||
|
})();
|
|||
|
(function() {
|
|||
|
var Set = (function() {
|
|||
|
var add = function(item) {
|
|||
|
var i, data = this._data;
|
|||
|
for (i = 0; i < data.length; i++) {
|
|||
|
if (data[i] === item) {
|
|||
|
return;
|
|||
|
}
|
|||
|
}
|
|||
|
this.size ++;
|
|||
|
data.push(item);
|
|||
|
return data;
|
|||
|
};
|
|||
|
|
|||
|
var Set = function(data) {
|
|||
|
this.size = 0;
|
|||
|
this._data = [];
|
|||
|
var i;
|
|||
|
if (data.length > 0) {
|
|||
|
for (i = 0; i < data.length; i++) {
|
|||
|
add.call(this, data[i]);
|
|||
|
}
|
|||
|
}
|
|||
|
};
|
|||
|
Set.prototype.add = add;
|
|||
|
Set.prototype.get = function(index) { return this._data[index]; };
|
|||
|
Set.prototype.has = function(item) {
|
|||
|
var i, data = this._data;
|
|||
|
for (i = 0; i < data.length; i++) {
|
|||
|
if (this.get(i) === item) {
|
|||
|
return true;
|
|||
|
}
|
|||
|
}
|
|||
|
return false;
|
|||
|
};
|
|||
|
Set.prototype.is = function(map) {
|
|||
|
if (map._data.length !== this._data.length) { return false; }
|
|||
|
var i, j, flag, tData = this._data, mData = map._data;
|
|||
|
for (i = 0; i < tData.length; i++) {
|
|||
|
for (flag = false, j = 0; j < mData.length; j++) {
|
|||
|
if (tData[i] === mData[j]) {
|
|||
|
flag = true;
|
|||
|
break;
|
|||
|
}
|
|||
|
}
|
|||
|
if (!flag) { return false; }
|
|||
|
}
|
|||
|
return true;
|
|||
|
};
|
|||
|
Set.prototype.values = function() {
|
|||
|
return this._data;
|
|||
|
};
|
|||
|
return Set;
|
|||
|
})();
|
|||
|
|
|||
|
window.Lazyload = (function(doc) {
|
|||
|
var queue = {js: [], css: []}, sources = {js: {}, css: {}}, context = this;
|
|||
|
var createNode = function(name, attrs) {
|
|||
|
var node = doc.createElement(name), attr;
|
|||
|
for (attr in attrs) {
|
|||
|
if (attrs.hasOwnProperty(attr)) {
|
|||
|
node.setAttribute(attr, attrs[attr]);
|
|||
|
}
|
|||
|
}
|
|||
|
return node;
|
|||
|
};
|
|||
|
var end = function(type, url) {
|
|||
|
var s, q, qi, cbs, i, j, cur, val, flag;
|
|||
|
if (type === 'js' || type ==='css') {
|
|||
|
s = sources[type], q = queue[type];
|
|||
|
s[url] = true;
|
|||
|
for (i = 0; i < q.length; i++) {
|
|||
|
cur = q[i];
|
|||
|
if (cur.urls.has(url)) {
|
|||
|
qi = cur, val = qi.urls.values();
|
|||
|
qi && (cbs = qi.callbacks);
|
|||
|
for (flag = true, j = 0; j < val.length; j++) {
|
|||
|
cur = val[j];
|
|||
|
if (!s[cur]) {
|
|||
|
flag = false;
|
|||
|
}
|
|||
|
}
|
|||
|
if (flag && cbs && cbs.length > 0) {
|
|||
|
for (j = 0; j < cbs.length; j++) {
|
|||
|
cbs[j].call(context);
|
|||
|
}
|
|||
|
qi.load = true;
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
};
|
|||
|
var load = function(type, urls, callback) {
|
|||
|
var s, q, qi, node, i, cur,
|
|||
|
_urls = typeof urls === 'string' ? new Set([urls]) : new Set(urls), val, url;
|
|||
|
if (type === 'js' || type ==='css') {
|
|||
|
s = sources[type], q = queue[type];
|
|||
|
for (i = 0; i < q.length; i++) {
|
|||
|
cur = q[i];
|
|||
|
if (_urls.is(cur.urls)) {
|
|||
|
qi = cur;
|
|||
|
break;
|
|||
|
}
|
|||
|
}
|
|||
|
val = _urls.values();
|
|||
|
if (qi) {
|
|||
|
callback && (qi.load || qi.callbacks.push(callback));
|
|||
|
callback && (qi.load && callback());
|
|||
|
} else {
|
|||
|
q.push({
|
|||
|
urls: _urls,
|
|||
|
callbacks: callback ? [callback] : [],
|
|||
|
load: false
|
|||
|
});
|
|||
|
for (i = 0; i < val.length; i++) {
|
|||
|
node = null, url = val[i];
|
|||
|
if (s[url] === undefined) {
|
|||
|
(type === 'js' ) && (node = createNode('script', { src: url }));
|
|||
|
(type === 'css') && (node = createNode('link', { rel: 'stylesheet', href: url }));
|
|||
|
if (node) {
|
|||
|
node.onload = (function(type, url) {
|
|||
|
return function() {
|
|||
|
end(type, url);
|
|||
|
};
|
|||
|
})(type, url);
|
|||
|
(doc.head || doc.body).appendChild(node);
|
|||
|
s[url] = false;
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
};
|
|||
|
return {
|
|||
|
js: function(url, callback) {
|
|||
|
load('js', url, callback);
|
|||
|
},
|
|||
|
css: function(url, callback) {
|
|||
|
load('css', url, callback);
|
|||
|
}
|
|||
|
};
|
|||
|
})(this.document);
|
|||
|
})();
|
|||
|
</script><script>
|
|||
|
(function() {
|
|||
|
var TEXT_VARIABLES = {
|
|||
|
version: '2.2.6',
|
|||
|
sources: {
|
|||
|
font_awesome: 'https://use.fontawesome.com/releases/v5.0.13/css/all.css',
|
|||
|
jquery: '/assets/js/jquery.min.js',
|
|||
|
leancloud_js_sdk: '//cdn.jsdelivr.net/npm/leancloud-storage@3.13.2/dist/av-min.js',
|
|||
|
chart: 'https://cdn.bootcss.com/Chart.js/2.7.2/Chart.bundle.min.js',
|
|||
|
gitalk: {
|
|||
|
js: 'https://cdn.bootcss.com/gitalk/1.2.2/gitalk.min.js',
|
|||
|
css: 'https://cdn.bootcss.com/gitalk/1.2.2/gitalk.min.css'
|
|||
|
},
|
|||
|
valine: 'https://unpkg.com/valine/dist/Valine.min.js'
|
|||
|
},
|
|||
|
site: {
|
|||
|
toc: {
|
|||
|
selectors: 'h1,h2,h3'
|
|||
|
}
|
|||
|
},
|
|||
|
paths: {
|
|||
|
search_js: '/assets/search.js'
|
|||
|
}
|
|||
|
};
|
|||
|
window.TEXT_VARIABLES = TEXT_VARIABLES;
|
|||
|
})();
|
|||
|
</script>
|
|||
|
</head>
|
|||
|
<body>
|
|||
|
<div class="root" data-is-touch="false">
|
|||
|
<div class="layout--page js-page-root"><!----><div class="page__main js-page-main page__viewport hide-footer has-aside has-aside cell cell--auto">
|
|||
|
|
|||
|
<div class="page__main-inner"><div class="page__header d-print-none"><header class="header"><div class="main">
|
|||
|
<div class="header__title">
|
|||
|
<div class="header__brand"><svg id="svg" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="400" height="478.9473684210526" viewBox="0, 0, 400,478.9473684210526"><g id="svgg"><path id="path0" d="M308.400 56.805 C 306.970 56.966,303.280 57.385,300.200 57.738 C 290.906 58.803,278.299 59.676,269.200 59.887 L 260.600 60.085 259.400 61.171 C 258.010 62.428,256.198 63.600,255.645 63.600 C 255.070 63.600,252.887 65.897,252.598 66.806 C 252.460 67.243,252.206 67.600,252.034 67.600 C 251.397 67.600,247.206 71.509,247.202 72.107 C 247.201 72.275,246.390 73.190,245.400 74.138 C 243.961 75.517,243.598 76.137,243.592 77.231 C 243.579 79.293,241.785 83.966,240.470 85.364 C 239.176 86.740,238.522 88.365,237.991 91.521 C 237.631 93.665,236.114 97.200,235.554 97.200 C 234.938 97.200,232.737 102.354,232.450 104.472 C 232.158 106.625,230.879 109.226,229.535 110.400 C 228.933 110.926,228.171 113.162,226.434 119.500 C 226.178 120.435,225.795 121.200,225.584 121.200 C 225.373 121.200,225.200 121.476,225.200 121.813 C 225.200 122.149,224.885 122.541,224.500 122.683 C 223.606 123.013,223.214 123.593,223.204 124.600 C 223.183 126.555,220.763 132.911,219.410 134.562 C 218.443 135.742,217.876 136.956,217.599 138.440 C 217.041 141.424,215.177 146.434,214.532 146.681 C 214.240 146.794,214.000 147.055,214.000 147.261 C 214.000 147.467,213.550 148.086,213.000 148.636 C 212.450 149.186,212.000 149.893,212.000 150.208 C 212.000 151.386,208.441 154.450,207.597 153.998 C 206.319 153.315,204.913 150.379,204.633 147.811 C 204.365 145.357,202.848 142.147,201.759 141.729 C 200.967 141.425,199.200 137.451,199.200 135.974 C 199.200 134.629,198.435 133.224,196.660 131.311 C 195.363 129.913,194.572 128.123,193.870 125.000 C 193.623 123.900,193.236 122.793,193.010 122.540 C 190.863 120.133,190.147 118.880,188.978 115.481 C 188.100 112.928,187.151 111.003,186.254 109.955 C 185.358 108.908,184.518 107.204,183.847 105.073 C 183.280 103.273,182.497 101.329,182.108 100.753 C 181.719 100.177,180.904 98.997,180.298 98.131 C 179.693 97.265,178.939 95.576,178.624 94.378 C 178.041 92.159,177.125 90.326,175.023 87.168 C 174.375 86.196,173.619 84.539,173.342 83.486 C 172.800 81.429,171.529 79.567,170.131 78.785 C 169.654 78.517,168.697 77.511,168.006 76.549 C 167.316 75.587,166.594 74.800,166.402 74.800 C 166.210 74.800,164.869 73.633,163.421 72.206 C 160.103 68.936,161.107 69.109,146.550 69.301 C 133.437 69.474,128.581 70.162,126.618 72.124 C 126.248 72.495,125.462 72.904,124.872 73.033 C 124.282 73.163,123.088 73.536,122.219 73.863 C 121.349 74.191,119.028 74.638,117.061 74.858 C 113.514 75.254,109.970 76.350,108.782 77.419 C 107.652 78.436,100.146 80.400,97.388 80.400 C 95.775 80.400,93.167 81.360,91.200 82.679 C 90.430 83.195,89.113 83.804,88.274 84.031 C 85.875 84.681,78.799 90.910,74.400 96.243 L 73.400 97.456 73.455 106.028 C 73.526 117.055,74.527 121.238,77.820 124.263 C 78.919 125.273,80.400 127.902,80.400 128.842 C 80.400 129.202,81.075 130.256,81.900 131.186 C 83.563 133.059,85.497 136.346,86.039 138.216 C 86.233 138.886,87.203 140.207,88.196 141.153 C 89.188 142.098,90.000 143.104,90.000 143.388 C 90.000 144.337,92.129 148.594,92.869 149.123 C 93.271 149.410,93.600 149.831,93.600 150.059 C 93.600 150.286,93.932 150.771,94.337 151.136 C 94.743 151.501,95.598 153.004,96.237 154.475 C 96.877 155.947,97.760 157.351,98.200 157.596 C 98.640 157.841,99.900 159.943,101.000 162.267 C 102.207 164.817,103.327 166.644,103.825 166.876 C 104.278 167.087,105.065 168.101,105.573 169.130 C 107.658 173.348,108.097 174.093,110.006 176.647 C 111.103 178.114,112.000 179.725,112.000 180.227 C 112.000 181.048,113.425 183.163,114.678 184.200 C 115.295 184.711,117.396 188.733,117.720 190.022 C 117.855 190.562,118.603 191.633,119.381 192.402 C 120.160 193.171,121.496 195.258,122.351 197.039 C 123.206 198.820,124.167 200.378,124.487 200.501 C 124.807 200.624,125.953 202.496,127.034 204.662 C 128.114 206.828,129.676 209.299,130.505 210.153 C 131.333 211.007,132.124 212.177,132.262 212.753 C 132.618 214.239,134.291 217.048,136.288 219.5
|
|||
|
" href="/">YannStatic</a></div><!--<button class="button button--secondary button--circle search-button js-search-toggle"><i class="fas fa-search"></i></button>--><!-- <li><button class="button button--secondary button--circle search-button js-search-toggle"><i class="fas fa-search"></i></button></li> -->
|
|||
|
<!-- Champ de recherche -->
|
|||
|
<div id="searchbox" class="search search--dark" style="visibility: visible">
|
|||
|
<div class="main">
|
|||
|
<div class="search__header"></div>
|
|||
|
<div class="search-bar">
|
|||
|
<div class="search-box js-search-box">
|
|||
|
<div class="search-box__icon-search"><i class="fas fa-search"></i></div>
|
|||
|
<input id="search-input" type="text" />
|
|||
|
<!-- <div class="search-box__icon-clear js-icon-clear">
|
|||
|
<a><i class="fas fa-times"></i></a>
|
|||
|
</div> -->
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
<!-- Script pointing to search-script.js -->
|
|||
|
<script>/*!
|
|||
|
* Simple-Jekyll-Search
|
|||
|
* Copyright 2015-2020, Christian Fei
|
|||
|
* Licensed under the MIT License.
|
|||
|
*/
|
|||
|
|
|||
|
(function(){
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$Templater_7 = {
|
|||
|
compile: compile,
|
|||
|
setOptions: setOptions
|
|||
|
}
|
|||
|
|
|||
|
const options = {}
|
|||
|
options.pattern = /\{(.*?)\}/g
|
|||
|
options.template = ''
|
|||
|
options.middleware = function () {}
|
|||
|
|
|||
|
function setOptions (_options) {
|
|||
|
options.pattern = _options.pattern || options.pattern
|
|||
|
options.template = _options.template || options.template
|
|||
|
if (typeof _options.middleware === 'function') {
|
|||
|
options.middleware = _options.middleware
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function compile (data) {
|
|||
|
return options.template.replace(options.pattern, function (match, prop) {
|
|||
|
const value = options.middleware(prop, data[prop], options.template)
|
|||
|
if (typeof value !== 'undefined') {
|
|||
|
return value
|
|||
|
}
|
|||
|
return data[prop] || match
|
|||
|
})
|
|||
|
}
|
|||
|
|
|||
|
'use strict';
|
|||
|
|
|||
|
function fuzzysearch (needle, haystack) {
|
|||
|
var tlen = haystack.length;
|
|||
|
var qlen = needle.length;
|
|||
|
if (qlen > tlen) {
|
|||
|
return false;
|
|||
|
}
|
|||
|
if (qlen === tlen) {
|
|||
|
return needle === haystack;
|
|||
|
}
|
|||
|
outer: for (var i = 0, j = 0; i < qlen; i++) {
|
|||
|
var nch = needle.charCodeAt(i);
|
|||
|
while (j < tlen) {
|
|||
|
if (haystack.charCodeAt(j++) === nch) {
|
|||
|
continue outer;
|
|||
|
}
|
|||
|
}
|
|||
|
return false;
|
|||
|
}
|
|||
|
return true;
|
|||
|
}
|
|||
|
|
|||
|
var _$fuzzysearch_1 = fuzzysearch;
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
/* removed: const _$fuzzysearch_1 = require('fuzzysearch') */;
|
|||
|
|
|||
|
var _$FuzzySearchStrategy_5 = new FuzzySearchStrategy()
|
|||
|
|
|||
|
function FuzzySearchStrategy () {
|
|||
|
this.matches = function (string, crit) {
|
|||
|
return _$fuzzysearch_1(crit.toLowerCase(), string.toLowerCase())
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$LiteralSearchStrategy_6 = new LiteralSearchStrategy()
|
|||
|
|
|||
|
function LiteralSearchStrategy () {
|
|||
|
this.matches = function (str, crit) {
|
|||
|
if (!str) return false
|
|||
|
|
|||
|
str = str.trim().toLowerCase()
|
|||
|
crit = crit.trim().toLowerCase()
|
|||
|
|
|||
|
return crit.split(' ').filter(function (word) {
|
|||
|
return str.indexOf(word) >= 0
|
|||
|
}).length === crit.split(' ').length
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$Repository_4 = {
|
|||
|
put: put,
|
|||
|
clear: clear,
|
|||
|
search: search,
|
|||
|
setOptions: __setOptions_4
|
|||
|
}
|
|||
|
|
|||
|
/* removed: const _$FuzzySearchStrategy_5 = require('./SearchStrategies/FuzzySearchStrategy') */;
|
|||
|
/* removed: const _$LiteralSearchStrategy_6 = require('./SearchStrategies/LiteralSearchStrategy') */;
|
|||
|
|
|||
|
function NoSort () {
|
|||
|
return 0
|
|||
|
}
|
|||
|
|
|||
|
const data = []
|
|||
|
let opt = {}
|
|||
|
|
|||
|
opt.fuzzy = false
|
|||
|
opt.limit = 10
|
|||
|
opt.searchStrategy = opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
|
|||
|
opt.sort = NoSort
|
|||
|
opt.exclude = []
|
|||
|
|
|||
|
function put (data) {
|
|||
|
if (isObject(data)) {
|
|||
|
return addObject(data)
|
|||
|
}
|
|||
|
if (isArray(data)) {
|
|||
|
return addArray(data)
|
|||
|
}
|
|||
|
return undefined
|
|||
|
}
|
|||
|
function clear () {
|
|||
|
data.length = 0
|
|||
|
return data
|
|||
|
}
|
|||
|
|
|||
|
function isObject (obj) {
|
|||
|
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Object]'
|
|||
|
}
|
|||
|
|
|||
|
function isArray (obj) {
|
|||
|
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Array]'
|
|||
|
}
|
|||
|
|
|||
|
function addObject (_data) {
|
|||
|
data.push(_data)
|
|||
|
return data
|
|||
|
}
|
|||
|
|
|||
|
function addArray (_data) {
|
|||
|
const added = []
|
|||
|
clear()
|
|||
|
for (let i = 0, len = _data.length; i < len; i++) {
|
|||
|
if (isObject(_data[i])) {
|
|||
|
added.push(addObject(_data[i]))
|
|||
|
}
|
|||
|
}
|
|||
|
return added
|
|||
|
}
|
|||
|
|
|||
|
function search (crit) {
|
|||
|
if (!crit) {
|
|||
|
return []
|
|||
|
}
|
|||
|
return findMatches(data, crit, opt.searchStrategy, opt).sort(opt.sort)
|
|||
|
}
|
|||
|
|
|||
|
function __setOptions_4 (_opt) {
|
|||
|
opt = _opt || {}
|
|||
|
|
|||
|
opt.fuzzy = _opt.fuzzy || false
|
|||
|
opt.limit = _opt.limit || 10
|
|||
|
opt.searchStrategy = _opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
|
|||
|
opt.sort = _opt.sort || NoSort
|
|||
|
opt.exclude = _opt.exclude || []
|
|||
|
}
|
|||
|
|
|||
|
function findMatches (data, crit, strategy, opt) {
|
|||
|
const matches = []
|
|||
|
for (let i = 0; i < data.length && matches.length < opt.limit; i++) {
|
|||
|
const match = findMatchesInObject(data[i], crit, strategy, opt)
|
|||
|
if (match) {
|
|||
|
matches.push(match)
|
|||
|
}
|
|||
|
}
|
|||
|
return matches
|
|||
|
}
|
|||
|
|
|||
|
function findMatchesInObject (obj, crit, strategy, opt) {
|
|||
|
for (const key in obj) {
|
|||
|
if (!isExcluded(obj[key], opt.exclude) && strategy.matches(obj[key], crit)) {
|
|||
|
return obj
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function isExcluded (term, excludedTerms) {
|
|||
|
for (let i = 0, len = excludedTerms.length; i < len; i++) {
|
|||
|
const excludedTerm = excludedTerms[i]
|
|||
|
if (new RegExp(excludedTerm).test(term)) {
|
|||
|
return true
|
|||
|
}
|
|||
|
}
|
|||
|
return false
|
|||
|
}
|
|||
|
|
|||
|
/* globals ActiveXObject:false */
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$JSONLoader_2 = {
|
|||
|
load: load
|
|||
|
}
|
|||
|
|
|||
|
function load (location, callback) {
|
|||
|
const xhr = getXHR()
|
|||
|
xhr.open('GET', location, true)
|
|||
|
xhr.onreadystatechange = createStateChangeListener(xhr, callback)
|
|||
|
xhr.send()
|
|||
|
}
|
|||
|
|
|||
|
function createStateChangeListener (xhr, callback) {
|
|||
|
return function () {
|
|||
|
if (xhr.readyState === 4 && xhr.status === 200) {
|
|||
|
try {
|
|||
|
callback(null, JSON.parse(xhr.responseText))
|
|||
|
} catch (err) {
|
|||
|
callback(err, null)
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function getXHR () {
|
|||
|
return window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP')
|
|||
|
}
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$OptionsValidator_3 = function OptionsValidator (params) {
|
|||
|
if (!validateParams(params)) {
|
|||
|
throw new Error('-- OptionsValidator: required options missing')
|
|||
|
}
|
|||
|
|
|||
|
if (!(this instanceof OptionsValidator)) {
|
|||
|
return new OptionsValidator(params)
|
|||
|
}
|
|||
|
|
|||
|
const requiredOptions = params.required
|
|||
|
|
|||
|
this.getRequiredOptions = function () {
|
|||
|
return requiredOptions
|
|||
|
}
|
|||
|
|
|||
|
this.validate = function (parameters) {
|
|||
|
const errors = []
|
|||
|
requiredOptions.forEach(function (requiredOptionName) {
|
|||
|
if (typeof parameters[requiredOptionName] === 'undefined') {
|
|||
|
errors.push(requiredOptionName)
|
|||
|
}
|
|||
|
})
|
|||
|
return errors
|
|||
|
}
|
|||
|
|
|||
|
function validateParams (params) {
|
|||
|
if (!params) {
|
|||
|
return false
|
|||
|
}
|
|||
|
return typeof params.required !== 'undefined' && params.required instanceof Array
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$utils_9 = {
|
|||
|
merge: merge,
|
|||
|
isJSON: isJSON
|
|||
|
}
|
|||
|
|
|||
|
function merge (defaultParams, mergeParams) {
|
|||
|
const mergedOptions = {}
|
|||
|
for (const option in defaultParams) {
|
|||
|
mergedOptions[option] = defaultParams[option]
|
|||
|
if (typeof mergeParams[option] !== 'undefined') {
|
|||
|
mergedOptions[option] = mergeParams[option]
|
|||
|
}
|
|||
|
}
|
|||
|
return mergedOptions
|
|||
|
}
|
|||
|
|
|||
|
function isJSON (json) {
|
|||
|
try {
|
|||
|
if (json instanceof Object && JSON.parse(JSON.stringify(json))) {
|
|||
|
return true
|
|||
|
}
|
|||
|
return false
|
|||
|
} catch (err) {
|
|||
|
return false
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
var _$src_8 = {};
|
|||
|
(function (window) {
|
|||
|
'use strict'
|
|||
|
|
|||
|
let options = {
|
|||
|
searchInput: null,
|
|||
|
resultsContainer: null,
|
|||
|
json: [],
|
|||
|
success: Function.prototype,
|
|||
|
searchResultTemplate: '<li><a href="{url}" title="{desc}">{title}</a></li>',
|
|||
|
templateMiddleware: Function.prototype,
|
|||
|
sortMiddleware: function () {
|
|||
|
return 0
|
|||
|
},
|
|||
|
noResultsText: 'No results found',
|
|||
|
limit: 10,
|
|||
|
fuzzy: false,
|
|||
|
debounceTime: null,
|
|||
|
exclude: []
|
|||
|
}
|
|||
|
|
|||
|
let debounceTimerHandle
|
|||
|
const debounce = function (func, delayMillis) {
|
|||
|
if (delayMillis) {
|
|||
|
clearTimeout(debounceTimerHandle)
|
|||
|
debounceTimerHandle = setTimeout(func, delayMillis)
|
|||
|
} else {
|
|||
|
func.call()
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
const requiredOptions = ['searchInput', 'resultsContainer', 'json']
|
|||
|
|
|||
|
/* removed: const _$Templater_7 = require('./Templater') */;
|
|||
|
/* removed: const _$Repository_4 = require('./Repository') */;
|
|||
|
/* removed: const _$JSONLoader_2 = require('./JSONLoader') */;
|
|||
|
const optionsValidator = _$OptionsValidator_3({
|
|||
|
required: requiredOptions
|
|||
|
})
|
|||
|
/* removed: const _$utils_9 = require('./utils') */;
|
|||
|
|
|||
|
window.SimpleJekyllSearch = function (_options) {
|
|||
|
const errors = optionsValidator.validate(_options)
|
|||
|
if (errors.length > 0) {
|
|||
|
throwError('You must specify the following required options: ' + requiredOptions)
|
|||
|
}
|
|||
|
|
|||
|
options = _$utils_9.merge(options, _options)
|
|||
|
|
|||
|
_$Templater_7.setOptions({
|
|||
|
template: options.searchResultTemplate,
|
|||
|
middleware: options.templateMiddleware
|
|||
|
})
|
|||
|
|
|||
|
_$Repository_4.setOptions({
|
|||
|
fuzzy: options.fuzzy,
|
|||
|
limit: options.limit,
|
|||
|
sort: options.sortMiddleware,
|
|||
|
exclude: options.exclude
|
|||
|
})
|
|||
|
|
|||
|
if (_$utils_9.isJSON(options.json)) {
|
|||
|
initWithJSON(options.json)
|
|||
|
} else {
|
|||
|
initWithURL(options.json)
|
|||
|
}
|
|||
|
|
|||
|
const rv = {
|
|||
|
search: search
|
|||
|
}
|
|||
|
|
|||
|
typeof options.success === 'function' && options.success.call(rv)
|
|||
|
return rv
|
|||
|
}
|
|||
|
|
|||
|
function initWithJSON (json) {
|
|||
|
_$Repository_4.put(json)
|
|||
|
registerInput()
|
|||
|
}
|
|||
|
|
|||
|
function initWithURL (url) {
|
|||
|
_$JSONLoader_2.load(url, function (err, json) {
|
|||
|
if (err) {
|
|||
|
throwError('failed to get JSON (' + url + ')')
|
|||
|
}
|
|||
|
initWithJSON(json)
|
|||
|
})
|
|||
|
}
|
|||
|
|
|||
|
function emptyResultsContainer () {
|
|||
|
options.resultsContainer.innerHTML = ''
|
|||
|
}
|
|||
|
|
|||
|
function appendToResultsContainer (text) {
|
|||
|
options.resultsContainer.innerHTML += text
|
|||
|
}
|
|||
|
|
|||
|
function registerInput () {
|
|||
|
options.searchInput.addEventListener('input', function (e) {
|
|||
|
if (isWhitelistedKey(e.which)) {
|
|||
|
emptyResultsContainer()
|
|||
|
debounce(function () { search(e.target.value) }, options.debounceTime)
|
|||
|
}
|
|||
|
})
|
|||
|
}
|
|||
|
|
|||
|
function search (query) {
|
|||
|
if (isValidQuery(query)) {
|
|||
|
emptyResultsContainer()
|
|||
|
render(_$Repository_4.search(query), query)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function render (results, query) {
|
|||
|
const len = results.length
|
|||
|
if (len === 0) {
|
|||
|
return appendToResultsContainer(options.noResultsText)
|
|||
|
}
|
|||
|
for (let i = 0; i < len; i++) {
|
|||
|
results[i].query = query
|
|||
|
appendToResultsContainer(_$Templater_7.compile(results[i]))
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function isValidQuery (query) {
|
|||
|
return query && query.length > 0
|
|||
|
}
|
|||
|
|
|||
|
function isWhitelistedKey (key) {
|
|||
|
return [13, 16, 20, 37, 38, 39, 40, 91].indexOf(key) === -1
|
|||
|
}
|
|||
|
|
|||
|
function throwError (message) {
|
|||
|
throw new Error('SimpleJekyllSearch --- ' + message)
|
|||
|
}
|
|||
|
})(window)
|
|||
|
|
|||
|
}());
|
|||
|
</script>
|
|||
|
|
|||
|
<!-- Configuration -->
|
|||
|
<script>
|
|||
|
SimpleJekyllSearch({
|
|||
|
searchInput: document.getElementById('search-input'),
|
|||
|
resultsContainer: document.getElementById('results-container'),
|
|||
|
json: '/search.json',
|
|||
|
//searchResultTemplate: '<li><a href="https://static.rnmkcy.eu{url}">{date} {title}</a></li>'
|
|||
|
searchResultTemplate: '<li><a href="{url}">{date} {title}</a></li>'
|
|||
|
})
|
|||
|
</script>
|
|||
|
<!-- Fin déclaration champ de recherche --></div><nav class="navigation">
|
|||
|
<ul><li class="navigation__item"><a href="/archive.html">Etiquettes</a></li><li class="navigation__item"><a href="/htmldoc.html">Documents</a></li><li class="navigation__item"><a href="/liens_ttrss.html">Liens</a></li><li class="navigation__item"><a href="/aide-jekyll-text-theme.html">Aide</a></li></ul>
|
|||
|
</nav></div>
|
|||
|
</header>
|
|||
|
|
|||
|
</div><div class="page__content"><div class ="main"><div class="grid grid--reverse">
|
|||
|
<div class="col-main cell cell--auto"><!-- start custom main top snippet --><div id="results-container" class="search-result js-search-result"></div><!-- end custom main top snippet -->
|
|||
|
<article itemscope itemtype="http://schema.org/Article"><div class="article__header"><header><h1 style="color:Tomato;">Dell Latitude e6230 - EndeavourOS XFCE sur partition LVM entièrement chiffrée + YubiKey</h1></header></div><meta itemprop="headline" content="Dell Latitude e6230 - EndeavourOS XFCE sur partition LVM entièrement chiffrée + YubiKey"><div class="article__info clearfix"><ul class="left-col menu"><li>
|
|||
|
<a class="button button--secondary button--pill button--sm"
|
|||
|
href="/archive.html?tag=archlinux">archlinux</a>
|
|||
|
</li><li>
|
|||
|
<a class="button button--secondary button--pill button--sm"
|
|||
|
href="/archive.html?tag=chiffrement">chiffrement</a>
|
|||
|
</li><li>
|
|||
|
<a class="button button--secondary button--pill button--sm"
|
|||
|
href="/archive.html?tag=lvm">lvm</a>
|
|||
|
</li></ul><ul class="right-col menu"><li>
|
|||
|
<i class="far fa-calendar-alt"></i> <span title="Création" style="color:#FF00FF">1r juil. 2023</span>
|
|||
|
|
|||
|
<span title="Modification" style="color:#00FF7F">21 juin 2024</span></li></ul></div><meta itemprop="datePublished" content="2024-06-21T00:00:00+02:00">
|
|||
|
<meta itemprop="keywords" content="archlinux,chiffrement,lvm"><div class="js-article-content">
|
|||
|
<div class="layout--article"><!-- start custom article top snippet -->
|
|||
|
<style>
|
|||
|
#myBtn {
|
|||
|
display: none;
|
|||
|
position: fixed;
|
|||
|
bottom: 10px;
|
|||
|
right: 10px;
|
|||
|
z-index: 99;
|
|||
|
font-size: 12px;
|
|||
|
font-weight: bold;
|
|||
|
border: none;
|
|||
|
outline: none;
|
|||
|
background-color: white;
|
|||
|
color: black;
|
|||
|
cursor: pointer;
|
|||
|
padding: 5px;
|
|||
|
border-radius: 4px;
|
|||
|
}
|
|||
|
|
|||
|
#myBtn:hover {
|
|||
|
background-color: #555;
|
|||
|
}
|
|||
|
</style>
|
|||
|
|
|||
|
<button onclick="topFunction()" id="myBtn" title="Haut de page">⇧</button>
|
|||
|
|
|||
|
<script>
|
|||
|
//Get the button
|
|||
|
var mybutton = document.getElementById("myBtn");
|
|||
|
|
|||
|
// When the user scrolls down 20px from the top of the document, show the button
|
|||
|
window.onscroll = function() {scrollFunction()};
|
|||
|
|
|||
|
function scrollFunction() {
|
|||
|
if (document.body.scrollTop > 20 || document.documentElement.scrollTop > 20) {
|
|||
|
mybutton.style.display = "block";
|
|||
|
} else {
|
|||
|
mybutton.style.display = "none";
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// When the user clicks on the button, scroll to the top of the document
|
|||
|
function topFunction() {
|
|||
|
document.body.scrollTop = 0;
|
|||
|
document.documentElement.scrollTop = 0;
|
|||
|
}
|
|||
|
</script>
|
|||
|
|
|||
|
|
|||
|
<!-- end custom article top snippet -->
|
|||
|
<div class="article__content" itemprop="articleBody"><details>
|
|||
|
<summary><b>Afficher/cacher Sommaire</b></summary>
|
|||
|
<!-- affichage sommaire -->
|
|||
|
<div class="toc-aside js-toc-root"></div>
|
|||
|
</details><p><em>EndeavourOS est une distribution GNU/Linux basée sur Arch Linux</em></p>
|
|||
|
|
|||
|
<p><img src="/images/EndeavourOS_Logo.png" alt="" width="90" /> <img src="/images/dell-latitude-e6230.png" alt="Dell Latitude E6230" width="150" /><br />
|
|||
|
<a href="/2022/12/22/Dell_Latitude_E6230_Caracteristiques_generales_Documentation_et_Bios.html">Portable Dell Latitude E6230 - matériel , documentation et bios</a></p>
|
|||
|
|
|||
|
<h2 id="création-clé-endeavouros-usb-live">Création clé EndeavourOS USB Live</h2>
|
|||
|
|
|||
|
<p>Télécharger le dernier fichier iSO <a href="https://endeavouros.com/latest-release/">https://endeavouros.com/latest-release/</a><br />
|
|||
|
<strong>Endeavouros_Cassini_Nova-03-2023_R3.iso</strong> et <strong>Endeavouros_Cassini_Nova-03-2023_R3.iso.sha512sum</strong></p>
|
|||
|
|
|||
|
<p>Vérifier checksum</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sha512sum -c Endeavouros_Cassini_Nova-03-2023_R3.iso.sha512sum
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><strong>Endeavouros_Cassini_Nova-03-2023_R3.iso: Réussi</strong></p>
|
|||
|
|
|||
|
<p>Créer la clé bootable<br />
|
|||
|
Pour savoir sur quel périphérique, connecter la clé sur un port USB d’un ordinateur et lancer la commande <code class="language-plaintext highlighter-rouge">sudo dmesg</code><br />
|
|||
|
Dans le cas présent , le périphérique est <strong>/dev/sde</strong></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo dd if=Endeavouros_Cassini_Nova-03-2023_R3.iso of=/dev/sde bs=4M
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext warning highlighter-rouge">Installer une distribution EndeavourOS sur une partition LVM est impossible avec l'outil "Calamarès"</code></p>
|
|||
|
|
|||
|
<h2 id="installation-endeavouros-xfce-sur-partition-lvm-entièrement-chiffrée">Installation EndeavourOS XFCE sur partition LVM entièrement chiffrée</h2>
|
|||
|
|
|||
|
<p><a href="/2022/12/22/Dell_Latitude_E6230_Caracteristiques_generales_Documentation_et_Bios.html">Portable Dell Latitude E6230 - matériel , documentation et bios</a></p>
|
|||
|
|
|||
|
<h3 id="installation-via-usb-live">Installation via USB LIVE</h3>
|
|||
|
|
|||
|
<p>Démarrage avec la clé USB insérée dans le portable DELL Latitude e6230 et appui sur F12 pour un accès au menu<br />
|
|||
|
Choisir UEFI specific storage</p>
|
|||
|
|
|||
|
<p>Vous arrivez sur la page de sélection<br />
|
|||
|
<img src="/images/endos0001.png" alt="" width="400" /><br />
|
|||
|
Valider le choix par défaut</p>
|
|||
|
|
|||
|
<p>Changer le clavier en FR<br />
|
|||
|
<img src="/images/endos0001a.png" alt="" width="600" /><br />
|
|||
|
<img src="/images/endos0001b.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/endos0001c.png" alt="" width="200" /><br />
|
|||
|
Supprimer <strong>English(US)</strong> pour ne garder que <strong>French</strong> et <strong>Close</strong></p>
|
|||
|
|
|||
|
<p>Ouvrir un <strong>Terminal Emulator</strong> dans le live endeavour<br />
|
|||
|
<img src="/images/endos0001d.png" alt="" width="600" /></p>
|
|||
|
|
|||
|
<h3 id="partionner-un-disque">Partionner un disque</h3>
|
|||
|
|
|||
|
<p>en mode su</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo -s
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Le disque : <code class="language-plaintext highlighter-rouge">lsblk</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sda 8:0 0 447.1G 0 disk
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>On partitionne un disque en 3 avec <code class="language-plaintext highlighter-rouge">gdisk</code></p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Partition 1 : 512M EFI (code ef00) système de fichier FAT32</li>
|
|||
|
<li>Partition 2 : 438G LVM (code 8e00) système de fichier EXT4</li>
|
|||
|
<li>Partition restante pour Installation temporaire</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<p>Zapper le disque,</p>
|
|||
|
|
|||
|
<p>(<strong>Attention</strong> Ceci effacera de manière irréversible toutes les données de votre disque, veuillez sauvegarder toutes les données importantes) :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sgdisk --zap-all /dev/sda
|
|||
|
# OU
|
|||
|
wipefs -a /dev/sda
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Créer une table de partition GPT à l’aide de la commande <code class="language-plaintext highlighter-rouge">sgdisk</code> :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sgdisk --clear --new=1:0:+550MiB --typecode=1:ef00 --new=2:0:+438G --typecode=2:8e00 /dev/sda
|
|||
|
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Format la partition EFI</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mkfs.fat -F32 /dev/sda1
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="installer-endeavouros-sur-une-partition-temporaire">Installer EndeavourOS sur une partition temporaire</h3>
|
|||
|
|
|||
|
<p>Lancer l’installation<br />
|
|||
|
<img src="/images/endos0002.png" alt="" width="600" /></p>
|
|||
|
|
|||
|
<p><img src="/images/endos0003.png" alt="" width="600" /><br />
|
|||
|
Choix du “pas en ligne”</p>
|
|||
|
|
|||
|
<p><img src="/images/endos0004.png" alt="" width="600" /><br />
|
|||
|
Français</p>
|
|||
|
|
|||
|
<p><img src="/images/endos0005.png" alt="" width="600" /></p>
|
|||
|
|
|||
|
<p><img src="/images/endos0006.png" alt="" width="600" /></p>
|
|||
|
|
|||
|
<p><img src="/images/endos0006n.png" alt="" width="600" /></p>
|
|||
|
|
|||
|
<p><img src="/images/endos0007n.png" alt="" width="600" /></p>
|
|||
|
|
|||
|
<p><img src="/images/endos0007n1.png" alt="" /></p>
|
|||
|
|
|||
|
<p>Renseigner nom identifiant nom ordi et mot de passe (mp idem pour root)<br />
|
|||
|
Laissez Calamares terminer l’installation.</p>
|
|||
|
|
|||
|
<p>L’installation démarre<br />
|
|||
|
<img src="/images/endos0013.png" alt="" width="600" /><br />
|
|||
|
Installation en cours, patienter …</p>
|
|||
|
|
|||
|
<p><img src="/images/endos0014.png" alt="" width="600" /><br />
|
|||
|
L’installation est terminée, cliquer “Redémarrer maintenant” et sur <strong>Terminé</strong>, oter la clé USB, et redémarrer sur endeavour</p>
|
|||
|
|
|||
|
<p>Vérifiez si vous pouvez accéder au système crypté.
|
|||
|
Vous devriez maintenant avoir un système crypté LUKS (sans les trucs amusants comme les volumes logiques, la partition /home séparée, etc.).</p>
|
|||
|
|
|||
|
<p><code class="language-plaintext info highlighter-rouge">Réinsérer la clé USB et redémarrer dans l'environnement Live-Cd</code></p>
|
|||
|
|
|||
|
<p>Commuter le clavier en FR<br />
|
|||
|
Ouvrir un terminal et basculer en mode su : <code class="language-plaintext highlighter-rouge">sudo -s</code></p>
|
|||
|
|
|||
|
<p><strong>Facultatif</strong><br />
|
|||
|
Pour un accès sur la machine via SSH depuis un poste distant<br />
|
|||
|
Lancer le service : <code class="language-plaintext highlighter-rouge">sudo systemctl start sshd</code><br />
|
|||
|
Ouvrir le port 22 firewall: <code class="language-plaintext highlighter-rouge">sudo firewall-cmd --zone=public --add-port=22/tcp --permanent</code><br />
|
|||
|
Créer un mot de passe à liveuser : <code class="language-plaintext highlighter-rouge">passwd liveuser</code>
|
|||
|
Relever l’adresse ip de la machine : <code class="language-plaintext highlighter-rouge">ip a</code></p>
|
|||
|
|
|||
|
<h3 id="convertir-déchiffrer-et-monter-le-système-temporaire">Convertir Déchiffrer et monter le système temporaire</h3>
|
|||
|
|
|||
|
<p>Le système temporaire chiffré /dev/sda3</p>
|
|||
|
|
|||
|
<p>Conversion chiffrement luks2</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cryptsetup convert /dev/sda3 --type luks2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>WARNING!
|
|||
|
========
|
|||
|
This operation will convert /dev/sda3 to LUKS2 format.
|
|||
|
|
|||
|
|
|||
|
Are you sure? (Type 'yes' in capital letters): YES
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Confirmer par la saisie YES</p>
|
|||
|
|
|||
|
<p>Dans l’environnement live-CD, ouvrez un Terminal ,basulez en mode su et tapez (ou marquez et copiez la ligne avec ctrl-c et collez dans le terminal avec shift-ctrl-v ) …</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cryptsetup luksOpen /dev/sda3 crypttemp <span class="c"># saisir la phrase mot de passe de l'installation</span>
|
|||
|
<span class="nb">mkdir</span> <span class="nt">-p</span> /media/crypttemp
|
|||
|
mount /dev/mapper/crypttemp /media/crypttemp
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Nos données d’installation temporaires sont désormais accessibles sous <code class="language-plaintext highlighter-rouge">/media/crypttemp</code> et peuvent être copiées sur le nouveau système que nous allons mettre en place dans les prochaines étapes.</p>
|
|||
|
|
|||
|
<h3 id="configurer-le-nouveau-système-lvmonluks">Configurer le nouveau système LVMonLUKS</h3>
|
|||
|
|
|||
|
<p>Chiffrer la partition /dev/sda2,saisrr la passphrase définitive</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cryptsetup luksFormat <span class="nt">--type</span> luks2 /dev/sda2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Une demande de confirmation est exigée</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>WARNING!
|
|||
|
========
|
|||
|
This will overwrite data on /dev/sda2 irrevocably.
|
|||
|
|
|||
|
Are you sure? (Type 'yes' in capital letters): YES
|
|||
|
Enter passphrase for /dev/sda2:
|
|||
|
Verify passphrase:
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Choisissez un mot de passe sécurisé ( <a href="https://xkcd.com/936/">https://xkcd.com/936/</a> )</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cryptsetup luksOpen /dev/sda2 crypt
|
|||
|
Enter passphrase <span class="k">for</span> /dev/sda2:
|
|||
|
pvcreate /dev/mapper/crypt
|
|||
|
Physical volume <span class="s2">"/dev/mapper/crypt"</span> successfully created.
|
|||
|
vgcreate vg0 /dev/mapper/crypt
|
|||
|
Volume group <span class="s2">"vg0"</span> successfully created
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Une bonne taille de départ pour le volume racine (lvroot) est d’environ 30 Go. Si vous envisagez d’utiliser ultérieurement un fichier d’échange résidant sur root, vous devez en tenir compte.<br />
|
|||
|
Le redimensionnement ultérieur des volumes est assez facile, alors n’y réfléchissez pas trop.<br />
|
|||
|
Vous pouvez attribuer tout l’espace libre restant au volume d’accueil,<br />
|
|||
|
<code class="language-plaintext highlighter-rouge">lvcreate --extents 100%FREE vg0 -n lvhome</code><br />
|
|||
|
mais pour augmenter les volumes plus tard et pour les instantanés , il faut de l’espace vide à l’intérieur du groupe de volumes, donc je choisis généralement une taille pour lvhome qui laisse environ 30 Go d’espace inutilisé global dans le volume groupe (en supposant un lecteur de 500 Go, par exemple 500 – 0,512 – 40 – 430 = 29,488)</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># 40G root dont 8 swapfile</span>
|
|||
|
lvcreate <span class="nt">-L</span> 40G vg0 <span class="nt">-n</span> lvroot <span class="c"># Logical volume "lvroot" created.</span>
|
|||
|
lvcreate <span class="nt">-L</span> 110G vg0 <span class="nt">-n</span> lvhome <span class="c"># Logical volume "lvhome" created.</span>
|
|||
|
lvcreate <span class="nt">-l</span> 100%FREE vg0 <span class="nt">-n</span> lvhome <span class="c"># Logical volume "lvhome" created.</span>
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Créez un système de fichiers ext4 sur les volumes logiques.</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mkfs.ext4 <span class="nt">-L</span> root /dev/mapper/vg0-lvroot
|
|||
|
mkfs.ext4 <span class="nt">-L</span> home /dev/mapper/vg0-lvhome
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="monter-le-nouveau-système-sur-mnt">Monter le nouveau système sur “mnt”</h3>
|
|||
|
|
|||
|
<p>Monter le nouveau système sur <code class="language-plaintext highlighter-rouge">/mnt</code> pour les systèmes UEFI</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mount /dev/mapper/vg0-lvroot /mnt
|
|||
|
<span class="nb">mkdir</span> <span class="nt">-p</span> /mnt/home
|
|||
|
mount /dev/mapper/vg0-lvhome /mnt/home
|
|||
|
<span class="nb">mkdir</span> <span class="nt">-p</span> /mnt/efi
|
|||
|
mount /dev/sda1 /mnt/efi
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>lsblk
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>devrait maintenant fournir une sortie similaire à la suivante (ignorez les tailles, celles-ci proviennent d’une installation de test) …</p>
|
|||
|
|
|||
|
<p>pour les systèmes UEFI :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
|
|||
|
loop0 7:0 0 1.7G 1 loop /run/archiso/airootfs
|
|||
|
sda 8:0 0 111.8G 0 disk
|
|||
|
├─sda1 8:1 0 550M 0 part /mnt/efi
|
|||
|
├─sda2 8:2 0 100G 0 part
|
|||
|
│ └─crypt 254:1 0 100G 0 crypt
|
|||
|
│ ├─vg0-lvroot 254:2 0 40G 0 lvm /mnt
|
|||
|
│ └─vg0-lvhome 254:3 0 60G 0 lvm /mnt/home
|
|||
|
└─sda3 8:3 0 11.3G 0 part
|
|||
|
└─crypttemp 254:0 0 11.3G 0 crypt /media/crypttemp
|
|||
|
sdb 8:16 1 3.7G 0 disk
|
|||
|
├─sdb1 8:17 1 1.8G 0 part /run/archiso/bootmnt
|
|||
|
└─sdb2 8:18 1 113M 0 part
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="copier-le-système-temporaire">Copier le système temporaire</h3>
|
|||
|
|
|||
|
<p>pour vider les nouveaux points de montage</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rsync -avA /media/crypttemp/ /mnt
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><em>Veuillez patienter quelques minutes</em></p>
|
|||
|
|
|||
|
<h3 id="démonter-le-système-temporaire">Démonter le système temporaire</h3>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>umount /media/crypttemp
|
|||
|
cryptsetup luksClose crypttemp
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="ajouter-un-fichier-de-clé-existant-luks">Ajouter un fichier de clé existant LUKS</h3>
|
|||
|
|
|||
|
<p>Nous allons maintenant ajouter une deuxième clé saisie à la création chiffrement sur /dev/sda2<br />
|
|||
|
Nous ferons référence à cette clé à l’étape suivante.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cryptsetup luksAddKey /dev/sda2 /mnt/crypto_keyfile.bin
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="configurer-crypttab">Configurer “crypttab”</h3>
|
|||
|
|
|||
|
<p>Configuration <code class="language-plaintext highlighter-rouge">/etc/crypttab</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cryptsetup luksUUID /dev/sda2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>renvoie <strong>0b5f9165-989d-4211-9734-7303c9bd771b</strong><br />
|
|||
|
Votre UUID sera différent, alors <u>**assurez-vous d'utiliser votre UUID à l'étape suivante !**</u></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nano /mnt/etc/crypttab
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>contient une ligne non commentée commençant par <code class="language-plaintext highlighter-rouge">luks-</code>…<br />
|
|||
|
Remplacez cette ligne par la suivante ; <u>**n'oubliez pas d' utiliser votre UUID**</u></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cryptlvm UUID=0b5f9165-989d-4211-9734-7303c9bd771b /crypto_keyfile.bin luks
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Sauvegarder et quitter.</p>
|
|||
|
|
|||
|
<h3 id="basculer-en-chroot">Basculer en chroot</h3>
|
|||
|
|
|||
|
<p>Passer en chroot</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>arch-chroot /mnt
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="configurer-fstab">Configurer “fstab”</h3>
|
|||
|
|
|||
|
<p>Configurer /etc/fstab</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>blkid -s UUID -o value /dev/mapper/vg0-lvroot
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>renvoie l’UUID du volume racine : <strong>e2e8bb75-02b8-4cf9-aa76-b793e91c431c</strong>.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>blkid -s UUID -o value /dev/mapper/vg0-lvhome
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>renvoie l’UUID du volume d’accueil : <strong>d8ae2ca4-2c2c-409a-9d49-243dcde32ec7</strong>.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nano /etc/fstab
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>contient une ligne commençant par <code class="language-plaintext highlighter-rouge">/dev/mapper/luks-</code>…<br />
|
|||
|
<strong>Supprimez</strong> cette ligne et ajoutez ce qui suit (<u>**n'oubliez pas d' utiliser vos UUID**</u>)</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>UUID=e2e8bb75-02b8-4cf9-aa76-b793e91c431c / ext4 defaults,acl,noatime,discard 0 0
|
|||
|
UUID=d8ae2ca4-2c2c-409a-9d49-243dcde32ec7 /home ext4 defaults,acl,noatime,discard 0 0
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Sauvegarder et quitter.</p>
|
|||
|
|
|||
|
<h3 id="ajout-fichier-échange">Ajout fichier échange</h3>
|
|||
|
|
|||
|
<p>Utilisez dd pour créer un fichier d’échange de la taille de votre choix.<br />
|
|||
|
Création d’un fichier d’échange de 8192 Mo (pour tous les systèmes de fichiers)</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>dd if=/dev/zero of=/swapfile bs=1M count=8192 status=progress
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Remplacez <code class="language-plaintext highlighter-rouge">count=8192</code> par la quantité de Mo que vous souhaitez installer pour l’utilisation du fichier d’échange :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>chmod 600 /swapfile
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Pour donner au fichier d’échange des permissions de racine seulement.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mkswap /swapfile
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Pour faire du fichier un espace de pagination et enfin pour activer le fichier :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>swapon /swapfile
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Modifier /etc/fstab pour activer le fichier d’échange</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nano /etc/fstab
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Ajoutez la ligne suivante…</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/swapfile none swap defaults,pri=-2 0 0
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Sauvegarder et quitter.</p>
|
|||
|
|
|||
|
<blockquote>
|
|||
|
<p>Remarque : le fichier d’échange doit être spécifié par son emplacement sur le système de fichiers, et non par son UUID ou son LABEL.</p>
|
|||
|
</blockquote>
|
|||
|
|
|||
|
<p>pour vérifier :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>swapon --show
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><img src="/images/swapon.png" alt="Texte alternatif" /></p>
|
|||
|
|
|||
|
<h3 id="modifier-les-options-du-noyau">Modifier les options du noyau</h3>
|
|||
|
|
|||
|
<p>Dans <strong>systemd-boot</strong>, vous éditez le fichier d’entrée approprié qui se trouve sur votre partition EFI dans le répertoire <code class="language-plaintext highlighter-rouge">loader/entries</code><br />
|
|||
|
Chaque entrée est une option de démarrage dans le menu et chacune a une ligne appelée options. Vous pouvez modifier ces entrées directement, mais ces changements peuvent être écrasés lors de l’installation ou de la mise à jour de paquets.</p>
|
|||
|
|
|||
|
<p>Pour effectuer les changements, au lieu de modifier les entrées, modifiez le fichier <code class="language-plaintext highlighter-rouge">/etc/kernel/cmdline</code> qui est un fichier d’une ligne contenant une liste d’options du noyau.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nano /etc/kernel/cmdline
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>UUID de /dev/sda2 : <code class="language-plaintext highlighter-rouge">blkid -s UUID -o value /dev/sda2</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nvme_load=YES nowatchdog rw rd.luks.uuid=2c8e7bb4-9286-47e9-8823-12b79bf2810c root=/dev/mapper/vg0-lvroot
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Exécutez ensuite <code class="language-plaintext highlighter-rouge">sudo reinstall-kernels</code> qui remplira les entrées et régénérera les initrds.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>reinstall-kernels
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="sortie-du-chroot-et-démontage">Sortie du chroot et démontage</h3>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>exit
|
|||
|
umount -R /mnt
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="redémarrez-sur-le-système-lvmonluks-chiffré">Redémarrez sur le système LVMonLUKS chiffré</h3>
|
|||
|
|
|||
|
<p>Oter la clé USB , redémarrer</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>reboot
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext info highlighter-rouge">FINI! Vous devriez maintenant avoir un système LVMonLUKS fonctionnel avec un volume logique séparé pour /home</code></p>
|
|||
|
|
|||
|
<h2 id="endeavouros-xfce">EndeavourOS XFCE</h2>
|
|||
|
|
|||
|
<h3 id="mise-à-jour-système">Mise à jour Système</h3>
|
|||
|
|
|||
|
<p>Mode graphique<br />
|
|||
|
<img src="/images/eos-cassini-009.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/eos-cassini-009a.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/eos-cassini-009c.png" alt="" width="300" /></p>
|
|||
|
|
|||
|
<p><img src="/images/eos-cassini-010.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/eos-cassini-010a.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/eos-cassini-010b.png" alt="" width="300" /></p>
|
|||
|
|
|||
|
<p><img src="/images/eos-cassini-011.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/eos-cassini-011a.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/eos-cassini-011b.png" alt="" width="300" /><br />
|
|||
|
<img src="/images/eos-cassini-011c.png" alt="" width="400" /></p>
|
|||
|
|
|||
|
<p>Résumé<br />
|
|||
|
<img src="/images/eos-welcome.png" alt="" /></p>
|
|||
|
|
|||
|
<h3 id="déverrouillage-des-volumes-luks2">Déverrouillage des volumes LUKS2</h3>
|
|||
|
|
|||
|
<p>Description</p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Slot 0 pour le déverrouillage du volume par saisie d’une phrase mot de passe.</li>
|
|||
|
<li>Slot 1 et 2 pour le déverrouillage par des clés (2 ième clé en cas de perte ou casse) avec un appui sur une touche.</li>
|
|||
|
<li>Slot 3 - Ajout d’une phrase mot de passe pour le recovery</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<p>Au final nous aurons 4 “slot” utilisés</p>
|
|||
|
|
|||
|
<p>Installer librairie libfido2 pour la prise en charge des clés Yubico et SoloKeys</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo pacman -S libfido2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h4 id="enroler-clé-usb-yubikey-5-nfc">Enroler clé USB YubiKey 5 NFC</h4>
|
|||
|
|
|||
|
<p><img src="/images/yubikey5nfc.png" alt="" height="150" /></p>
|
|||
|
|
|||
|
<p>Vérifier que la YubiKey est insérée dans un port USB</p>
|
|||
|
|
|||
|
<p>Lister et enroler la yubikey</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>systemd-cryptenroll --fido2-device=list
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>PATH MANUFACTURER PRODUCT
|
|||
|
/dev/hidraw4 Yubico YubiKey OTP+FIDO+CCID
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Enroler la clé pour le déverrouillage du disque chiffré /dev/sda2</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemd-cryptenroll --fido2-device=auto /dev/sda2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>🔐 Please enter current passphrase for disk /dev/sda2: *********************
|
|||
|
Requested to lock with PIN, but FIDO2 device /dev/hidraw4 does not support it, disabling.
|
|||
|
Initializing FIDO2 credential on security token.
|
|||
|
👆 (Hint: This might require confirmation of user presence on security token.)
|
|||
|
Generating secret key on FIDO2 security token.
|
|||
|
👆 In order to allow secret key generation, please confirm presence on security token.
|
|||
|
New FIDO2 token enrolled as key slot 1.
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p class="info">Le <strong>Y</strong> de la clé se met à clignoter , il suffit de poser son doigt sur l’emplacement du <strong>Y</strong> pour le déverrouillage</p>
|
|||
|
|
|||
|
<p>Retirer la première clé et insérer la seconde clé USB YubiKey 5 NFC, puis exécuter la commande</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemd-cryptenroll --fido2-device=auto /dev/sda2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>🔐 Please enter current passphrase for disk /dev/sda2: *********************
|
|||
|
Requested to lock with PIN, but FIDO2 device /dev/hidraw4 does not support it, disabling.
|
|||
|
Initializing FIDO2 credential on security token.
|
|||
|
👆 (Hint: This might require confirmation of user presence on security token.)
|
|||
|
Generating secret key on FIDO2 security token.
|
|||
|
👆 In order to allow secret key generation, please confirm presence on security token.
|
|||
|
New FIDO2 token enrolled as key slot 2.
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h4 id="enroler-une-passphrase-de-recouvrement-option">Enroler une passphrase de recouvrement (OPTION)</h4>
|
|||
|
|
|||
|
<p>Les jetons et puces de sécurité FIDO2, PKCS#11 et TPM2 s’associent bien avec les clés de recouvrement : puisque vous n’avez plus besoin de taper votre mot de passe tous les jours, il est logique de vous en débarrasser et d’enregistrer à la place une clé de recouvrement à forte entropie que vous imprimez ou scannez hors écran et conservez dans un endroit physique sûr.<br />
|
|||
|
Voici comment procéder :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemd-cryptenroll --recovery-key /dev/sda2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>🔐 Please enter current passphrase for disk /dev/nvme0n1p2: ***********
|
|||
|
A secret recovery key has been generated for this volume:
|
|||
|
|
|||
|
🔐 vbcrnbjn-vkrkihte-rctbufne-nlihihjl-tegudteu-rkjthcgd-hvhuvgik-rugeregh
|
|||
|
|
|||
|
Please save this secret recovery key at a secure location. It may be used to
|
|||
|
regain access to the volume if the other configured access credentials have
|
|||
|
been lost or forgotten. The recovery key may be entered in place of a password
|
|||
|
whenever authentication is requested.
|
|||
|
New recovery key enrolled as key slot 3.
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Cette opération génère une clé, l’enregistre dans le volume LUKS2, l’affiche à l’écran et génère un code QR que vous pouvez scanner en dehors de l’écran si vous le souhaitez.<br />
|
|||
|
La clé possède la plus grande entropie et peut être saisie partout où vous pouvez saisir une phrase d’authentification.<br />
|
|||
|
C’est pourquoi il n’est pas nécessaire de modifier le fichier /etc/crypttab pour que la clé de récupération fonctionne.</p>
|
|||
|
|
|||
|
<h4 id="enroler-une-clé-usb-solokeys-option">Enroler une clé USB SoloKeys (OPTION)</h4>
|
|||
|
|
|||
|
<p><img src="/images/solokeys.png" alt="" /></p>
|
|||
|
|
|||
|
<p>Lister la clé</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>systemd-cryptenroll --fido2-device=list
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>PATH MANUFACTURER PRODUCT
|
|||
|
/dev/hidraw1 SoloKeys Solo 4.1.5
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Ajout de la solokeys</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemd-cryptenroll --fido2-device=auto /dev/sda2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>🔐 Please enter current passphrase for disk /dev/sda2: ***********
|
|||
|
Requested to lock with PIN, but FIDO2 device /dev/hidraw1 does not support it, disabling.
|
|||
|
Initializing FIDO2 credential on security token.
|
|||
|
👆 (Hint: This might require confirmation of user presence on security token.)
|
|||
|
Generating secret key on FIDO2 security token.
|
|||
|
👆 In order to allow secret key generation, please confirm presence on security token.
|
|||
|
New FIDO2 token enrolled as key slot 3.
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p class="info">Lors du boot , le <strong>S</strong> de la SoloKeys passe au ROUGE et il suffit d’appuyer sur le voyant pour qu’il repasse au vert afin de lancer le processus de déchiffrement et finir le démarrage</p>
|
|||
|
|
|||
|
<h3 id="prise-en-charge-yubikey-option">Prise en charge YubiKey (OPTION)</h3>
|
|||
|
|
|||
|
<p>Les options timeout de <a href="https://www.man7.org/linux/man-pages/man5/crypttab.5.html">crypttab</a></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>timeout=
|
|||
|
Spécifie le délai d'attente pour la demande d'un mot de passe. Si aucune unité
|
|||
|
n'est spécifiée, l'unité utilisée est la seconde. Les unités prises en charge sont s, ms, us,
|
|||
|
min, h, d. Un délai de 0 permet d'attendre indéfiniment (valeur par défaut).
|
|||
|
|
|||
|
token-timeout=
|
|||
|
Spécifie le temps d'attente maximum pour que les dispositifs de sécurité configurés (c'est-à-dire FIDO2, PKCS#11, TPM2) apparaissent.
|
|||
|
configurés (c'est-à-dire FIDO2, PKCS#11, TPM2). Prend une valeur
|
|||
|
en secondes (mais d'autres unités de temps peuvent être spécifiées,
|
|||
|
voir systemd.time(7) pour les formats supportés). La valeur par défaut est 30s.
|
|||
|
Une fois le délai spécifié écoulé, l'authentification par
|
|||
|
mot de passe est tentée. Notez que ce délai s'applique à
|
|||
|
l'attente de l'apparition du dispositif de sécurité - il ne s'applique pas
|
|||
|
ne s'applique pas à la demande de code PIN pour le dispositif (le cas échéant)
|
|||
|
ou autre. Passez 0 pour désactiver le délai et attendre indéfiniment.
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Configurer /etc/crypttab</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /etc/crypttab
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># <name> <device> <password> <options>
|
|||
|
#cryptlvm UUID=0b5f9165-989d-4211-9734-7303c9bd771b /crypto_keyfile.bin luks
|
|||
|
cryptlvm UUID=0b5f9165-989d-4211-9734-7303c9bd771b - fido2-device=auto,token-timeout=20s
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Sauvegarder et quitter.</p>
|
|||
|
|
|||
|
<p>Réinitialiser</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo reinstall-kernels
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext info highlighter-rouge">Redémarrer la machine</code></p>
|
|||
|
|
|||
|
<h3 id="historique-de-la-ligne-de-commande">Historique de la ligne de commande</h3>
|
|||
|
|
|||
|
<p>Ajoutez la recherche d’historique de la ligne de commande au terminal<br />
|
|||
|
Se connecter en utilisateur<br />
|
|||
|
Tapez un début de commande précédent, puis utilisez shift + up (flèche haut) pour rechercher l’historique filtré avec le début de la commande.</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># Global, tout utilisateur</span>
|
|||
|
<span class="nb">echo</span> <span class="s1">'"\e[1;2A": history-search-backward'</span> | <span class="nb">sudo tee</span> <span class="nt">-a</span> /etc/inputrc
|
|||
|
<span class="nb">echo</span> <span class="s1">'"\e[1;2B": history-search-forward'</span> | <span class="nb">sudo tee</span> <span class="nt">-a</span> /etc/inputrc
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="activation-ssh-avec-clés">Activation SSH avec clés</h3>
|
|||
|
|
|||
|
<p><strong>Etablir une liaison temporaire SSH</strong></p>
|
|||
|
|
|||
|
<p>Pour un accès sur la machine via SSH depuis un poste distant<br />
|
|||
|
Lancer et activer le service : <code class="language-plaintext highlighter-rouge">sudo systemctl enable sshd --now</code><br />
|
|||
|
Ouvrir le port 22 firewall: <code class="language-plaintext highlighter-rouge">sudo firewall-cmd --zone=public --add-port=22/tcp</code><br />
|
|||
|
Relever l’adresse ip de la machine : <code class="language-plaintext highlighter-rouge">ip a</code> 192.168.0.22 dans notre cas</p>
|
|||
|
|
|||
|
<p>Se connecter depuis un poste distant <code class="language-plaintext highlighter-rouge">ssh yano@192.168.0.22</code></p>
|
|||
|
|
|||
|
<p><strong>SSH avec clés</strong></p>
|
|||
|
|
|||
|
<p><strong>A - Poste appelant</strong><br />
|
|||
|
Générer une paire de clé curve25519-sha256 (ECDH avec Curve25519 et SHA2) nommé <strong>e6230</strong> pour une liaison SSH avec le portable E6230.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh-keygen -t ed25519 -o -a 100 -f ~/.ssh/e6230
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Envoyer les clés depuis le poste distant</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh-copy-id -i ~/.ssh/e6230.pub yano@192.168.0.22
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>On se connecte sur la machine</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh yano@192.168.0.22
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><strong>B - Dell Latitude e6230</strong><br />
|
|||
|
Modification fichier configuration ssh sur le dell e6230 pour le port</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /etc/ssh/sshd_config
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Port 56230
|
|||
|
PasswordAuthentication no
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext warning highlighter-rouge">IL FAUT ACTIVER LE PORT 56230 EN ZONE "PUBLIC" DU PAREFEU !</code></p>
|
|||
|
|
|||
|
<p>Ajouter le nouveau port à la zone configurée de firewalld (“public” par défaut).</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">sudo </span>firewall-cmd <span class="nt">--zone</span><span class="o">=</span>public <span class="nt">--add-port</span><span class="o">=</span>56230/tcp <span class="nt">--permanent</span>
|
|||
|
<span class="nb">sudo </span>systemctl restart firewalld
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Redémarrer sshd</p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">sudo </span>systemctl restart sshd
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Se connecter depuis le poste appelant</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh yano@192.168.0.22 -p 56230 -i /home/yann/.ssh/e6230
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Ouvrir un terminal</p>
|
|||
|
|
|||
|
<p><strong>Motd</strong></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /etc/motd
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> _____ _ ___ ____
|
|||
|
| ____| _ __ __| | ___ __ _ __ __ ___ _ _ _ __ / _ \ / ___|
|
|||
|
| _| | '_ \ / _` | / _ \ / _` |\ \ / // _ \ | | | || '__|| | | |\___ \
|
|||
|
| |___ | | | || (_| || __/| (_| | \ V /| (_) || |_| || | | |_| | ___) |
|
|||
|
|_____||_| |_| \__,_| \___| \__,_| \_/ \___/ \__,_||_| \___/ |____/
|
|||
|
____ _ _ _ _ _ _ _
|
|||
|
| _ \ ___ | || | | | __ _ | |_ (_)| |_ _ _ __| | ___
|
|||
|
| | | | / _ \| || | | | / _` || __|| || __|| | | | / _` | / _ \
|
|||
|
| |_| || __/| || | | |___| (_| || |_ | || |_ | |_| || (_| || __/
|
|||
|
|____/ \___||_||_| |_____|\__,_| \__||_| \__| \__,_| \__,_| \___|
|
|||
|
__ ____ _____ ___
|
|||
|
___ / /_ |___ \ |___ / / _ \
|
|||
|
/ _ \| '_ \ __) | |_ \ | | | |
|
|||
|
| __/| (_) |/ __/ ___) || |_| |
|
|||
|
\___| \___/|_____||____/ \___/
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Modifier sudoers pour accès sudo sans mot de passe à l’utilisateur <strong>yano</strong></p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>su <span class="c"># mot de passe root identique utilisateur</span>
|
|||
|
<span class="nb">echo</span> <span class="s2">"yano ALL=(ALL) NOPASSWD: ALL"</span> <span class="o">>></span> /etc/sudoers.d/20-yano
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="créer-les-dossiers-utilisateur">Créer les dossiers “utilisateur”</h3>
|
|||
|
|
|||
|
<p>Créer les dossiers <code class="language-plaintext highlighter-rouge">.keepassx</code> , <code class="language-plaintext highlighter-rouge">Notes</code> , <code class="language-plaintext highlighter-rouge">scripts</code> <code class="language-plaintext highlighter-rouge">statique/images</code> et <code class="language-plaintext highlighter-rouge">statique/_posts</code></p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">mkdir</span> <span class="nt">-p</span> ~/<span class="o">{</span>.ssh,.keepassx,scripts,media<span class="o">}</span>
|
|||
|
<span class="nb">mkdir</span> <span class="nt">-p</span> ~/media/statique/<span class="o">{</span>images,_posts<span class="o">}</span>
|
|||
|
<span class="nb">mkdir</span> <span class="nt">-p</span> ~/Documents/Dossiers-Locaux-Thunderbird
|
|||
|
<span class="nb">mkdir</span> <span class="nt">-p</span> ~/media/Notes
|
|||
|
<span class="c"># Lien pour affichage des images avec éditeur Retext</span>
|
|||
|
<span class="nb">sudo ln</span> <span class="nt">-s</span> /home/yano/media/statique/images /images
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="modification-clavier-portable">Modification clavier portable</h3>
|
|||
|
|
|||
|
<p><em>Manipulations à effectuer sur un terminal de la machine</em><br />
|
|||
|
Pas de touches “>” “<” sur clavier ex Qwerty du portable Dell Latitude e6230<br />
|
|||
|
La commande suivante permet d’afficher la disposition actuelle de votre clavier</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>xmodmap -pke
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Sur un clavier normal Azerty</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>keycode 94 = less greater less greater bar brokenbar bar
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Sur le clavier du portable on va utiliser la touches <code class="language-plaintext highlighter-rouge">²</code> et shift <code class="language-plaintext highlighter-rouge">²</code> keycode 49<br />
|
|||
|
Pour modifier la fonction d’une touche on invoque simplement xmodmap avec en argument la chaîne de caractères que l’on souhaite modifier :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>xmodmap -e "keycode 49 = less greater less greater bar brokenbar bar"
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><strong>Pour rendre les modifications permanentes</strong> ,créer ou modifier <strong>~/.xmodmap.conf</strong> et ajouter</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>echo "keycode 49 = less greater less greater bar brokenbar bar" >> ~/.xmodmap.conf
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><u>Exécuter au lancement de la session</u><br />
|
|||
|
Menu → Paramètres → Session et démarrage ,onglet <strong>Démarrage automatique d’application</strong><br />
|
|||
|
Clique sur <strong>+</strong> :<br />
|
|||
|
Nom : <strong>Modif clavier</strong><br />
|
|||
|
Description : <strong>attribution touche</strong><br />
|
|||
|
Commande : <strong>/usr/bin/xmodmap /home/yano/.xmodmap.conf</strong><br />
|
|||
|
Déclencher : à la connexion<br />
|
|||
|
Puis cliquer sur <strong>OK</strong></p>
|
|||
|
|
|||
|
<p>Déconnexion/Reconnexion utilisateur pour prise en charge</p>
|
|||
|
|
|||
|
<h3 id="paramètres-xfce">Paramètres XFCE</h3>
|
|||
|
|
|||
|
<p>On déplace le <strong>tableau de bord</strong> du bas vers le haut de l’écran</p>
|
|||
|
|
|||
|
<p>Modification du <strong>tableau de bord</strong> , clic-droit → Tableau de bord → Préférences de tableau de bord → Eléments</p>
|
|||
|
|
|||
|
<p>Affichage date et heure<br />
|
|||
|
<img src="/images/eos-cassini-012.png" alt="" /><br />
|
|||
|
ou <strong>format personnalisé</strong> dans <strong>Horloge</strong> : <code class="language-plaintext highlighter-rouge">%e %b %Y %R</code></p>
|
|||
|
|
|||
|
<p><strong>Options</strong></p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Gestionnaire d’alimentation (Batterie et Branché)<br />
|
|||
|
<img src="/images/eos-cassini-013.png" alt="" width="400" /></li>
|
|||
|
<li>Les fonds d’écran (1366x768) –> <code class="language-plaintext highlighter-rouge">/usr/share/endeavouros/backgrounds/</code></li>
|
|||
|
<li>
|
|||
|
<p>Démarre auto ou pas de la session, modifier le fichier <code class="language-plaintext highlighter-rouge">/etc/lightdm/lightdm.conf</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> sudo nano /etc/lightdm/lightdm.conf
|
|||
|
|
|||
|
[Seat:*]
|
|||
|
autologin-user=yano
|
|||
|
</code></pre></div> </div>
|
|||
|
</li>
|
|||
|
<li>
|
|||
|
<p>Ecran de veille (FACULTATIF)<br />
|
|||
|
<strong>On remplace l’application **xfce4-screensaver</strong> (goodies) par <strong>xscreensaver</strong></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> sudo pacman -R xfce4-screensaver
|
|||
|
sudo pacman -S xscreensaver
|
|||
|
</code></pre></div> </div>
|
|||
|
|
|||
|
<p>ATTENTION! Il faut supprimer quelques fichiers pour un avoir un menu xfce plus propre.<br />
|
|||
|
<code class="language-plaintext highlighter-rouge">sudo rm /usr/share/applications/xscreensaver.desktop</code><br />
|
|||
|
<code class="language-plaintext highlighter-rouge">rm ~/.gnome/apps/xscreensaver.desktop</code></p>
|
|||
|
</li>
|
|||
|
<li>
|
|||
|
<p>Catégorie Settings uniquement <br />
|
|||
|
<img src="/images/xscreensaver-param.png" alt="" width="300" /></p>
|
|||
|
</li>
|
|||
|
<li>Préférences économiseur écran <strong>XScreenSaver Settings</strong>
|
|||
|
<ul>
|
|||
|
<li>Considérer l’ordinateur inactif après: 20 min</li>
|
|||
|
<li>Verrouillage écran INACTIF</li>
|
|||
|
</ul>
|
|||
|
</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<h3 id="lecteur-carte-à-puce--nfc">Lecteur carte à puce + NFC</h3>
|
|||
|
|
|||
|
<p><em>comment configurer votre système pour utiliser un lecteur de carte à puce</em></p>
|
|||
|
|
|||
|
<p>Installez ccid et opensc à partir des référentiels officiels</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo pacman -S ccid opensc
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Si le lecteur de carte ne dispose pas d’un clavier NIP, définissez <code class="language-plaintext highlighter-rouge">enable_pinpad = false</code> dans le fichier de configuration opensc <strong>/etc/opensc.conf</strong></p>
|
|||
|
|
|||
|
<p>Démarrer le service pcscd.service</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemctl start pcscd.service # démarrer
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<blockquote>
|
|||
|
<p><strong>Conseil</strong>: Si vous obtenez le <code class="language-plaintext highlighter-rouge">Failed to start pcscd.service: Unit pcscd.socket not found</code>. erreur <code class="language-plaintext highlighter-rouge">Failed to start pcscd.service: Unit pcscd.socket not found</code>. , rechargez simplement les unités systemd avec cette commande <code class="language-plaintext highlighter-rouge">systemctl daemon-reload</code></p>
|
|||
|
</blockquote>
|
|||
|
|
|||
|
<p>Status</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemctl status pcscd.service
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>● pcscd.service - PC/SC Smart Card Daemon
|
|||
|
Loaded: loaded (/usr/lib/systemd/system/pcscd.service; indirect; preset: disabled)
|
|||
|
Active: active (running) since Fri 2023-05-12 18:24:39 CEST; 10s ago
|
|||
|
TriggeredBy: ● pcscd.socket
|
|||
|
Docs: man:pcscd(8)
|
|||
|
Main PID: 2386 (pcscd)
|
|||
|
Tasks: 6 (limit: 19046)
|
|||
|
Memory: 1.4M
|
|||
|
CPU: 61ms
|
|||
|
CGroup: /system.slice/pcscd.service
|
|||
|
└─2386 /usr/bin/pcscd --foreground --auto-exit
|
|||
|
|
|||
|
mai 12 18:24:39 e6230 systemd[1]: Started PC/SC Smart Card Daemon.
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Activation</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemctl enable pcscd.service
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>lecteur de carte <code class="language-plaintext highlighter-rouge">pcsc-tools</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo pacman -S pcsc-tools
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>et lancez l’utilitaire <code class="language-plaintext highlighter-rouge">pcsc_scan</code> , puis (connectez le lecteur de carte à puce si non interne) insérez une carte. Si vous voyez une sortie comme celle-ci, le lecteur de carte à puce ainsi que la carte ont été reconnus avec succès.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Mon Jul 29 14:43:50 2019
|
|||
|
Reader 0: Broadcom Corp 5880 [Contacted SmartCard] (0123456789ABCD) 00 00
|
|||
|
Event number: 2
|
|||
|
Card state: Card inserted,
|
|||
|
ATR: 3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C
|
|||
|
|
|||
|
[...]
|
|||
|
Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
|
|||
|
3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C
|
|||
|
OpenPGP Card V2
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Activer le service pcscd.service</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemctl enable pcscd.service # activer
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Vérifier également la lecture NFC</p>
|
|||
|
|
|||
|
<h3 id="vnc">VNC</h3>
|
|||
|
|
|||
|
<p><em>Se connecter VNC via SSH</em></p>
|
|||
|
|
|||
|
<h4 id="portable-dell-latitude-e6230">Portable DELL Latitude e6230</h4>
|
|||
|
|
|||
|
<p>installer x11vnc</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S x11vnc
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Générer un mot de passe dans le dossier root</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">sudo</span> <span class="nt">-s</span>
|
|||
|
x11vnc <span class="nt">-storepasswd</span> <span class="s2">"mot_de_passe"</span> /root/.vnc_passwd
|
|||
|
<span class="nb">exit</span>
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><em>stored passwd in file: /root/.vnc_passwd</em></p>
|
|||
|
|
|||
|
<p>Ajouter le nouveau port 5900 à la zone configurée de firewalld (“public” par défaut).</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">sudo </span>firewall-cmd <span class="nt">--zone</span><span class="o">=</span>public <span class="nt">--add-port</span><span class="o">=</span>5900/tcp <span class="nt">--permanent</span>
|
|||
|
<span class="nb">sudo </span>systemctl restart firewalld
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Lancement manuel en console et en session utilisateur pour valider et enregistrer le mot de passe VNC</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">sudo </span>x11vnc <span class="nt">-xkb</span> <span class="nt">-noxrecord</span> <span class="nt">-noxfixes</span> <span class="nt">-noxdamage</span> <span class="nt">-display</span> :0 <span class="nt">-auth</span> /var/run/lightdm/root/:0 <span class="nt">-usepw</span>
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Saisir le mot de passe VNC 2 fois ( la seconde pour vérification) et répondre <code class="language-plaintext highlighter-rouge">y</code> pour écriture</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Enter VNC password:
|
|||
|
Verify password:
|
|||
|
Write password to /root/.vnc/passwd? [y]/n y
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Arrêt par Ctrl+C</p>
|
|||
|
|
|||
|
<h4 id="poste-appelant">Poste Appelant</h4>
|
|||
|
|
|||
|
<p><u>Première fenêtre de terminal</u></p>
|
|||
|
|
|||
|
<p>Tunnel SSH<br />
|
|||
|
Utilisez le drapeau <code class="language-plaintext highlighter-rouge">-localhost</code> avec <strong>x11vnc</strong> pour qu’il se lie à l’interface locale.<br />
|
|||
|
Une fois que c’est fait, vous pouvez utiliser SSH pour tunneliser le port ; puis, connectez-vous à VNC via SSH.</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># SSH avec clés</span>
|
|||
|
ssh <span class="nt">-f</span> <span class="nt">-L</span> 5900:localhost:5900 <span class="nt">-p</span> 56230 <span class="nt">-i</span> ~/.ssh/e6230 yano@192.168.0.20 <span class="s1">'sudo x11vnc -xkb -noxrecord -noxfixes -noxdamage -display :0 -auth /var/run/lightdm/root/:0 -usepw'</span>
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><u>Seconde fenêtre de terminal</u><br />
|
|||
|
Exécuter la commande suivante</p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>vncviewer <span class="nt">-PreferredEncoding</span><span class="o">=</span>ZRLE localhost:0
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><img src="/images/vnc_login.png" alt="" width="200" /><br />
|
|||
|
Saisir le mot de passe pour la connexion VNC</p>
|
|||
|
|
|||
|
<p><img src="/images/vnc-e6230-1.png" alt="" width="600" /></p>
|
|||
|
|
|||
|
<p>Si le curseur est mal affiché, c’est possible de mettre l’option -cursor à la ligne de commande x11vnc
|
|||
|
<code class="language-plaintext info highlighter-rouge">Le programme écoute sur le port 9500. Il faut penser à ouvrir le parefeu du Latitude e6230 sur ce port en TCP</code></p>
|
|||
|
|
|||
|
<p><u>Script - VNC via Tunnel SSH</u></p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Ouverture distant et redirection du port 5900 via tunnel ssh, reprise de la main (nohup)</li>
|
|||
|
<li>On mémorise le processus ssh (pidof)</li>
|
|||
|
<li>Lancement de vncviewer</li>
|
|||
|
<li>
|
|||
|
<p>En sortie du viewer, on tue le processus ssh … avec kill</p>
|
|||
|
|
|||
|
<p>nano ~/scripts/vncdell.sh</p>
|
|||
|
</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c">#!/bin/bash</span>
|
|||
|
|
|||
|
<span class="nb">nohup </span>ssh <span class="nt">-f</span> <span class="nt">-L</span> 5900:localhost:5900 <span class="nt">-p</span> 56230 <span class="nt">-i</span> ~/.ssh/e6230 yano@192.168.8.20 <span class="s1">'sudo x11vnc -xkb -noxrecord -noxfixes -noxdamage -display :0 -auth /var/run/lightdm/root/:0 -usepw'</span>
|
|||
|
<span class="nv">p</span><span class="o">=</span><span class="si">$(</span>pidof <span class="nt">-s</span> ssh<span class="si">)</span>
|
|||
|
<span class="c"># tempo</span>
|
|||
|
<span class="nb">echo</span> <span class="s2">"Patienter 5 secondes..."</span>
|
|||
|
<span class="nb">sleep </span>5
|
|||
|
vncviewer <span class="nt">-PreferredEncoding</span><span class="o">=</span>ZRLE localhost:0
|
|||
|
<span class="nb">kill</span> <span class="nv">$p</span>
|
|||
|
<span class="nb">echo</span> <span class="s2">"FIN VNC"</span>
|
|||
|
|
|||
|
<span class="nb">exit </span>0
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Droits en exécution</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>chmod +x ~/scripts/vncdell.sh
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Au lancement du script</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sh ~/scripts/vncdell.sh
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><img src="/images/vnc-e6230A.png" alt="" width="200" /><br />
|
|||
|
Saisir le mot de passe VNC</p>
|
|||
|
|
|||
|
<h3 id="applications-et-paquets">Applications et Paquets</h3>
|
|||
|
|
|||
|
<p>On commence par tout ce qui est graphique : gimp, cups (gestion de l’imprimante) et hplip (si vous avez une imprimante scanner Hewlett Packard). Le paquet python-pyqt5 est indispensable pour l’interface graphique de HPLIP+scan. Webkigtk2 étant indispensable pour la lecture de l’aide en ligne de Gimp. outil rsync, Retext éditeur markdown, firefox fr, thunderbird, libreoffice, gdisk, bluefish, <strong>Double Commander</strong> , <strong>Menulibre</strong> pour la gestion des menus , outils android</p>
|
|||
|
|
|||
|
<p>Lancer la commande</p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay <span class="nt">-S</span> cups system-config-printer gimp hplip libreoffice-fresh-fr thunderbird-i18n-fr jq figlet p7zip xsane tmux calibre retext bluefish gedit doublecmd-gtk2 terminator filezilla minicom zenity android-tools yt-dlp qrencode zbar xclip nmap jre-openjdk-headless openbsd-netcat borg xterm gparted tigervnc xournalpp qbittorrent
|
|||
|
|
|||
|
<span class="c"># Scripts to aid in installing Arch Linux (ex: arch-chroot)</span>
|
|||
|
yay <span class="nt">-S</span> arch-install-scripts
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Gestion des menus du bureau, construction du paquet avant installation</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S menulibre
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Firefox en français si l’option non validé lors de l’installation</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S firefox-i18n-fr
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h4 id="minicom">Minicom</h4>
|
|||
|
|
|||
|
<p>Paramétrage de l’application terminale <strong>minicom</strong></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> sudo minicom -s
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<blockquote>
|
|||
|
<p>Seul les paramètres à modifier sont cités</p>
|
|||
|
</blockquote>
|
|||
|
|
|||
|
<p>Configuration du port série<br />
|
|||
|
<img src="/images/minicom01.png" alt="" /><br />
|
|||
|
A - Port série : <strong>/dev/ttyUSB0</strong><br />
|
|||
|
F - Contrôle de flux matériel : <strong>Non</strong><br />
|
|||
|
<img src="/images/minicom02.png" alt="" /><br />
|
|||
|
Echap<br />
|
|||
|
Enregistrer config. sous dfl<br />
|
|||
|
<img src="/images/minicom03.png" alt="" /><br />
|
|||
|
Sortir de Minicom</p>
|
|||
|
|
|||
|
<h4 id="son">Son</h4>
|
|||
|
|
|||
|
<p><strong><u>PulseAudio</u></strong><br />
|
|||
|
La gestion <strong>coupure</strong>, <strong>vol+</strong> et <strong>vol-</strong> du son se fait à l’aide des touches spécifique du clavier<br />
|
|||
|
<img src="/images/e6230-sound-keys.png" alt="alt text" title="Touches Son - Dell Latitude E6230" /></p>
|
|||
|
|
|||
|
<h4 id="flameshot-copie-écran">Flameshot (copie écran)</h4>
|
|||
|
|
|||
|
<p><strong>Copie écran (flameshot)</strong><br />
|
|||
|
<a href="https://github.com/lupoDharkael/flameshot"><strong>Flameshot</strong></a> c’est un peu THE TOOL pour faire des captures d’écrans</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S flameshot
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Lancer l’application XFCE Flameshot et l’icône est visible dans la barre des tâches<br />
|
|||
|
<img src="/images/flameshot_e6230-1a.png" alt="" width="300" /></p>
|
|||
|
|
|||
|
<p>Paramétrage de flameshot, clic droit sur icône , Configuration<br />
|
|||
|
<img src="/images/flameshot_e6230-1b.png" alt="" width="300" /><br />
|
|||
|
Paramétrage de flameshot<br />
|
|||
|
<img src="/images/flameshot01.png" alt="" width="300" /></p>
|
|||
|
|
|||
|
<h4 id="scrpy-émulation-android">scrpy émulation android</h4>
|
|||
|
|
|||
|
<p>Utilise adb et le port USB</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S scrcpy
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><em>Les icônes pour lancer l’application sont générés à l’installation</em></p>
|
|||
|
|
|||
|
<p>Créer le dossier (OPTION)</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mkdir -p $HOME/.local/share/applications
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Créer le fichier <code class="language-plaintext highlighter-rouge">$HOME/.local/share/applications/scrcpy-android.desktop</code> avec le contenu suivant</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[Desktop Entry]
|
|||
|
Version=1.1
|
|||
|
Type=Application
|
|||
|
Name=ScrCpy (Android)
|
|||
|
Comment=Votre smartphone sur le bureau
|
|||
|
Icon=phone
|
|||
|
Exec=/usr/bin/scrcpy
|
|||
|
Path=/home/yann
|
|||
|
Actions=
|
|||
|
Categories=Utility;X-XFCE;X-Xfce-Toplevel;
|
|||
|
Terminal=false
|
|||
|
StartupNotify=false
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h4 id="client-nextcloud">Client Nextcloud</h4>
|
|||
|
|
|||
|
<p>Installation client nextcloud</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S nextcloud-client libgnome-keyring gnome-keyring
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Démarrer le client nextcloud , après avoir renseigné l’url ,login et mot de passe pour la connexion</p>
|
|||
|
|
|||
|
<p>Trousseau de clé avec mot de passe idem connexion utilisateur</p>
|
|||
|
|
|||
|
<p>Paramétrage</p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Menu → Lancer <strong>Client de synchronisation nextcloud</strong></li>
|
|||
|
<li>Adresse du serveur : <a href="https://cloud.xoyaz.xyz">https://cloud.xoyaz.xyz</a><br />
|
|||
|
<img src="/images/nextcloud_xfce01.png" alt="" width="300" /></li>
|
|||
|
<li>Nom d’utilisateur : yann</li>
|
|||
|
<li>Mot de passe : xxxxx<br />
|
|||
|
<img src="/images/nextcloud_xfce02.png" alt="" width="200" /><br />
|
|||
|
<img src="/images/nextcloud_xfce03.png" alt="" width="300" /><br />
|
|||
|
<img src="/images/nextcloud_xfce04.png" alt="" width="200" /></li>
|
|||
|
<li>Sauter les dossiers à synchroniser, Ignorer la configuration des dossiers</li>
|
|||
|
<li>Trousseau de clés = mot de passe connexion utilisateur<br />
|
|||
|
<img src="/images/nextcloud_xfce05.png" alt="" width="400" /></li>
|
|||
|
<li>Paramètres nextcloud<br />
|
|||
|
<img src="/images/e6230-nextcloud-a.png" alt="" width="400" /></li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<p>Saisir les différents dossiers à synhroniser<br />
|
|||
|
<img src="/images/e6230-nextcloud.png" alt="" width="400" /></p>
|
|||
|
|
|||
|
<p>Au prochain redémarrage, il faudra confirmer le mot de passe du trousseau</p>
|
|||
|
|
|||
|
<h4 id="gestion-mot-de-passe-keepassxc">Gestion mot de passe (keepassxc)</h4>
|
|||
|
|
|||
|
<p><img src="/images/KeePassXC.png" alt="" width="50" /><br />
|
|||
|
Ajouter une synchronisation de dossier nextcloud : /home/yano/.keepassx (local) → Home/.keepasx (serveur)<br />
|
|||
|
Télécharger la clé <strong>yannick_keepassxc.key</strong> dans <strong>~/.ssh</strong></p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>scp <span class="nt">-P</span> 56230 <span class="nt">-i</span> ~/.ssh/e6230 ~/.ssh/yannick_keepassxc.key yano@192.168.0.9:/home/yano/.ssh/
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Installer keepassxc</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S keepassxc
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Ajouter aux favoris “KeepassXC” et lancer l’application → <strong>Ouvrir une base de données existante</strong><br />
|
|||
|
Base de données –> Ouvrir une base de données (afficher les fichiers cachés) : <strong>~/.keepassx/yannick_xc.kdbx</strong> –> Ouvrir<br />
|
|||
|
<img src="/images/e6230-keepassx01.png" alt="" width="400" /></p>
|
|||
|
|
|||
|
<p><strong>Affichage → Thème</strong> : Sombre<br />
|
|||
|
<strong>Affichage → Mode compact</strong> , un redémarrage de l’application est nécessaire</p>
|
|||
|
|
|||
|
<h4 id="thunderbird">Thunderbird</h4>
|
|||
|
|
|||
|
<p>Ajouter thunderbird aux favoris et lancer</p>
|
|||
|
|
|||
|
<p><strong>Comptes de messagerie</strong></p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Paramètrer les différents compte de messagerie</li>
|
|||
|
<li>Compte ProtonMail
|
|||
|
<ol>
|
|||
|
<li>Comment paramétrer Mozilla Thunderbird pour ProtonMail Bridge, ouvrir le lien suivant <a href="/2022/08/06/Proton_Mail.html">Proton Mail</a>
|
|||
|
<ul>
|
|||
|
<li>Paramétrer le compte de messagerie ProtonMail</li>
|
|||
|
</ul>
|
|||
|
</li>
|
|||
|
</ol>
|
|||
|
</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<p><em>Si vous souhaitez que Thunderbird soit minimisé dans la zone de notification, vous devez installer une application indépendante pour déplacer Thunderbird dans la zone de notification chaque fois qu’il est minimisé. Sous Linux, je recommande KDocker (disponible dans de nombreuses distributions Linux).</em></p>
|
|||
|
|
|||
|
<p><em>KDocker est pratique lorsque vous souhaitez intégrer une application graphique dans la barre d’état système, étant donné que l’application en question ne dispose pas de sa propre fonctionnalité pour la placer dans la barre d’état système. Bien qu’elle n’ait pas été mise à jour depuis 2005, la dernière version publiée le 5 avril 2005 est suffisamment bonne et, selon le site officiel, elle fonctionne avec tous les gestionnaires de fenêtres conformes à la norme NET WM. Pour n’en citer que quelques-uns : KDE, GNOME, Xfce, Blackbox ou Fluxbox. Je ne l’ai utilisé que dans KDE 3.5.9, mais je suis sûr qu’il fonctionne bien dans les autres environnements de bureau aussi, si vous ne voulez pas utiliser une application d’ancrage native, comme ALLTray pour GNOME.</em></p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Paramètres → Modules complémentaires et thèmes
|
|||
|
<ul>
|
|||
|
<li><strong>Thèmes</strong> : Activer <strong>sombre</strong></li>
|
|||
|
<li><strong>Extensions</strong> : Installer <strong>Minimize on Close</strong></li>
|
|||
|
</ul>
|
|||
|
</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<p><strong>Calendriers et contacts</strong></p>
|
|||
|
|
|||
|
<p><code class="language-plaintext highlighter-rouge">Alt+m</code> pour afficher la bare de menu<br />
|
|||
|
<img src="/images/e6230-thunderbird02.png" alt="" width="400" /></p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li><strong>Calendrier</strong><br />
|
|||
|
<img src="/images/e6230-thunderbird03.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/e6230-thunderbird04.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/e6230-thunderbird05.png" alt="" width="400" /><br />
|
|||
|
Saisir le mot de passe<br />
|
|||
|
<img src="/images/e6230-thunderbird06.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/e6230-thunderbird07.png" alt="" width="400" /></li>
|
|||
|
<li><strong>Contacts</strong><br />
|
|||
|
Outils → Carnet d’adresses<br />
|
|||
|
<img src="/images/e6230-thunderbird08.png" alt="" width="400" /><br />
|
|||
|
<img src="/images/e6230-thunderbird09.png" alt="" width="250" /><br />
|
|||
|
<img src="/images/e6230-thunderbird10.png" alt="" width="250" /><br />
|
|||
|
<img src="/images/e6230-thunderbird11.png" alt="" width="250" /></li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<h4 id="radio-via-internet-facultatif">Radio via internet (facultatif)</h4>
|
|||
|
|
|||
|
<p>Installation au choix</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S radiotray
|
|||
|
yay -S geocode-glib tuner-git
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h4 id="double-commander">Double Commander</h4>
|
|||
|
|
|||
|
<p><em>Double Commander est un gestionnaire de fichiers open source multiplateforme avec deux panneaux côte à côte. Il s’inspire de Total Commander</em></p>
|
|||
|
|
|||
|
<p>Application GTK ou QT</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S doublecmd-gtk2
|
|||
|
yay -S doublecmd-qt5
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Les paramètres sont stockés dans le dossier <code class="language-plaintext highlighter-rouge">~/.config/doublecmd</code></p>
|
|||
|
|
|||
|
<h4 id="développement">Développement</h4>
|
|||
|
|
|||
|
<p><strong>Wing personal python IDE</strong> → <a href="https://wingware.com/downloads/wing-personal">Téléchargement</a></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># Décompression de la version téléchargée
|
|||
|
tar xjvf wing-personal-9.1.1.0-linux-x64.tar.bz2
|
|||
|
# Passage en root
|
|||
|
sudo -s
|
|||
|
# Lancement procédure installation
|
|||
|
cd wing-personal-9.1.1.0-linux-x64
|
|||
|
./wing-install.py
|
|||
|
# Suppression dossier et fichier
|
|||
|
cd ..
|
|||
|
rm -rf wing-personal*
|
|||
|
# sortie root
|
|||
|
exit
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h2 id="vpn---wireguard">VPN - Wireguard</h2>
|
|||
|
|
|||
|
<p>Au choix GtkWg ou Mullvad</p>
|
|||
|
|
|||
|
<h3 id="gtkwg">GtkWg</h3>
|
|||
|
|
|||
|
<p>Pour utiliser wireguard il faut installer openresolv qui ets en conflit avec systemd-resolvconf</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo pacman -S openresolv
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext highlighter-rouge">:: openresolv et systemd-resolvconf sont en conflit. Supprimer systemd-resolvconf ? [o/N] o</code></p>
|
|||
|
|
|||
|
<p>Installer wireguard</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S wireguard-tools
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Le dossier et les droits</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo mkdir -p /usr/local/share/gtkwg
|
|||
|
# copier le contenu d'une archive dans gtkwg
|
|||
|
sudo chown $USER:$USER -R /usr/local/share/gtkwg
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Structure dossier</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/usr/local/share/gtkwg/
|
|||
|
├── button-green.png
|
|||
|
├── button-red.png
|
|||
|
├── data
|
|||
|
│ ├── country.json
|
|||
|
│ └── wg-config.json
|
|||
|
├── dns-logo.png
|
|||
|
├── flags
|
|||
|
│ ├── fr.png
|
|||
|
│ ├── gb.png
|
|||
|
│ └── za.png
|
|||
|
├── GtkMullvadConfig.py
|
|||
|
├── GtkSpeed.py
|
|||
|
├── GtkWgGui.py
|
|||
|
├── GtkWgLatence.py
|
|||
|
├── GtkWgTest.py
|
|||
|
├── GtkWgTray.py
|
|||
|
├── GtkWgTray.sh
|
|||
|
├── install.sh
|
|||
|
├── LISEZMOI.md
|
|||
|
├── menulibre-gtkwg.desktop
|
|||
|
├── mullvad_config_linux_all
|
|||
|
│ ├── fr-par-wg-004.conf
|
|||
|
│ ├── gb-lon-wg-005.conf
|
|||
|
│ └── za-jnb-wg-002.conf
|
|||
|
├── progressbar.py
|
|||
|
├── __pycache__
|
|||
|
│ └── wgcom.cpython-311.pyc
|
|||
|
├── speed.png
|
|||
|
├── speedtestfr.py
|
|||
|
├── speedtest.py
|
|||
|
├── spinner.py
|
|||
|
├── stopwatch.png
|
|||
|
├── subpro.py
|
|||
|
├── wgcom.py
|
|||
|
└── wireguard_icon.png
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Les fichiers .sh et .py sont exécutable (<code class="language-plaintext highlighter-rouge">chmod +x</code>)</p>
|
|||
|
|
|||
|
<p>Le fichier desktop <code class="language-plaintext highlighter-rouge">.local/share/applications/menulibre-gtkwg.desktop</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[Desktop Entry]
|
|||
|
Version=1.0
|
|||
|
Type=Application
|
|||
|
Name=Wireguard
|
|||
|
Comment=IconTray/Configuration
|
|||
|
Icon=/usr/local/share/gtkwg/wireguard_icon.png
|
|||
|
Exec=/usr/bin/python /usr/local/share/gtkwg/GtkWgTray.py
|
|||
|
Path=/usr/local/share/gtkwg/
|
|||
|
NoDisplay=false
|
|||
|
Categories=Utility;
|
|||
|
StartupNotify=false
|
|||
|
Terminal=false
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Un fichier de paramétrage <code class="language-plaintext highlighter-rouge">/etc/wireguard/wg0.conf</code></p>
|
|||
|
|
|||
|
<p>Paramétrage → Session et démarrage → Démérrage automatique d’application<br />
|
|||
|
+Ajouter</p>
|
|||
|
|
|||
|
<p>Nom: wireguard<br />
|
|||
|
Description: systray wireguard<br />
|
|||
|
Commande: /usr/bin/sh /usr/local/share/gtkwg/GtkWgTray.sh<br />
|
|||
|
Déclencher: à la connexion</p>
|
|||
|
|
|||
|
<h3 id="mullvad">Mullvad</h3>
|
|||
|
|
|||
|
<p>Installation</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yay -S mullvad-vpn-bin
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h4 id="paramétrage">Paramétrage</h4>
|
|||
|
|
|||
|
<p><img src="/images/mullvad-vpn-bin01.png" alt="" width="150" /> <img src="/images/mullvad-vpn-bin02.png" alt="" width="150" /><br />
|
|||
|
<img src="/images/mullvad-vpn-bin03.png" alt="" width="150" /> <img src="/images/mullvad-vpn-bin04.png" alt="" width="150" /></p>
|
|||
|
|
|||
|
<h2 id="annexe">Annexe</h2>
|
|||
|
|
|||
|
<h3 id="plymouth">Plymouth</h3>
|
|||
|
|
|||
|
<p><a href="/2023/10/14/Plymouth_Processus_de_demarrage_graphique.html">Plymouth - Processus de démarrage graphique</a></p>
|
|||
|
|
|||
|
<h3 id="borgbackup">BorgBackup</h3>
|
|||
|
|
|||
|
<p><a href="/2023/10/31/BorgBackup_vers-Boite_de_stockage.html#borg---laptop-dell-e6230">Borg - Laptop Dell e6230</a></p>
|
|||
|
|
|||
|
<p>Passphrase et dépôt</p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">mkdir</span> <span class="nt">-p</span> /root/.borg
|
|||
|
<span class="c"># ajout phrase</span>
|
|||
|
<span class="nb">echo</span> <span class="s2">"<La phrase de passe forte>"</span> <span class="o">></span> /root/.borg/e6230.passphrase
|
|||
|
<span class="c"># ajout dépôt</span>
|
|||
|
<span class="nb">echo</span> <span class="s2">"ssh://u326239@u326239.your-storagebox.de:23/./backup/borg/e6230"</span> <span class="o">></span> /root/.borg/e6230.repository
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Initialisation dépôt distant</p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">export </span><span class="nv">BORG_PASSPHRASE</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">cat</span> /root/.borg/e6230.passphrase<span class="si">)</span><span class="s2">"</span>
|
|||
|
<span class="nb">export </span><span class="nv">BORG_RSH</span><span class="o">=</span><span class="s1">'ssh -i /root/.ssh/id_borg_ed25519'</span>
|
|||
|
<span class="nv">BORG_REPOSITORY</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">cat</span> /root/.borg/e6230.repository<span class="si">)</span><span class="s2">"</span>
|
|||
|
borg init <span class="nt">--encryption</span><span class="o">=</span>repokey <span class="nv">$BORG_REPOSITORY</span>
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Le résultat de la commande</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>By default repositories initialized with this version will produce security
|
|||
|
errors if written to with an older version (up to and including Borg 1.0.8).
|
|||
|
|
|||
|
If you want to use these older versions, you can disable the check by running:
|
|||
|
borg upgrade --disable-tam ssh://u326239@u326239.your-storagebox.de:23/./backup/borg/e6230
|
|||
|
|
|||
|
See https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability for details about the security implications.
|
|||
|
|
|||
|
IMPORTANT: you will need both KEY AND PASSPHRASE to access this repo!
|
|||
|
If you used a repokey mode, the key is stored in the repo, but you should back it up separately.
|
|||
|
Use "borg key export" to export the key, optionally in printable format.
|
|||
|
Write down the passphrase. Store both at safe place(s).
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="partages-disque-réseau">Partages disque réseau</h3>
|
|||
|
|
|||
|
<h4 id="samba">Samba</h4>
|
|||
|
|
|||
|
<p><em>Les machines sont sur le réseau 192.168.0.0/24</em><br />
|
|||
|
<a href="/2022/08/03/Partage_disque_externe_USB_sur_Freebox.html">Partage disque externe USB sur Freebox</a></p>
|
|||
|
|
|||
|
<h4 id="nfs-ou-sshfs">NFS ou SSHFS</h4>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Utiliser NFS si toutes les machines sont sur le réseau local</li>
|
|||
|
<li>Utiliser SSHFS si toutes les machines NE sont PAS sur le réseau local</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<p><strong>NFS</strong></p>
|
|||
|
|
|||
|
<p><em>Les machines sont sur le réseau 192.168.0.0/24</em> <br />
|
|||
|
<a href="/2024/01/10/NFS.html">NFS (Network File System), partages réseau linux</a></p>
|
|||
|
|
|||
|
<p><strong>SSHFS</strong><br />
|
|||
|
<img src="/images/sshfs-logo.png" alt="" width="50" /><br />
|
|||
|
<em>SSHFS sert à monter sur son système de fichier, un autre système de fichier distant, à travers une connexion SSH, le tout avec des droits utilisateur.</em></p>
|
|||
|
|
|||
|
<p>Créer une connexion ssh sur le serveur Lenovo avec clé</p>
|
|||
|
|
|||
|
<p>Depuis la machine portable DELL Latitude e6230</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh-keygen -t ed25519 -o -a 100 -f ~/.ssh/rnmkcy.eu_key
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Ajouter la clé publique rnmkcy.eu_key.pub au fichier authorized_keys du serveur lenovo (82.64.18.243)</p>
|
|||
|
|
|||
|
<p>Tester la connexion SSH depuis le portable DELL port 55215</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh -p 55215 -i ~/.ssh/rnmkcy.eu_key leno@82.64.18.243
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Installer sshfs</p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">sudo </span>apt <span class="nb">install </span>sshfs <span class="c"># debian</span>
|
|||
|
<span class="nb">sudo </span>pacman <span class="nt">-S</span> sshfs <span class="c"># archlinux</span>
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Exemple de montage manuel<br />
|
|||
|
<code class="language-plaintext highlighter-rouge">sshfs -oIdentityFile=<clé privée> utilisateur@domaine.tld:<dossier distant> <dossier local> -C -p <port si dfférent de 22></code></p>
|
|||
|
|
|||
|
<p>Partage du dossier /sharenfs serveur Lenovo avec /mmnt/sharenfs machine DELL<br />
|
|||
|
Créer le point de montage local</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo mkdir /mnt/sharenfs
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><u>Accès utilisateur sécurisé</u><br />
|
|||
|
Lors du montage automatique via fstab, le système de fichiers sera généralement monté par root. Par défaut, cela produit des résultats indésirables si vous souhaitez accéder en tant qu’utilisateur ordinaire et limiter l’accès aux autres utilisateurs.Ajouter la ligne suivante au fichier <code class="language-plaintext highlighter-rouge">/etc/fstab</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>leno@82.64.18.243:/sharenfs /mnt/sharenfs fuse.sshfs noauto,x-systemd.automount,_netdev,user,idmap=user,follow_symlinks,identityfile=/home/yano/.ssh/rnmkcy.eu_key,port=55215,allow_other,default_permissions,uid=1000,gid=1000 0 0
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Recharger les daemons</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemctl daemon-reload
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Pour pouvoir exécuter mount -av et consulter la sortie de débogage, supprimez les éléments suivants</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>noauto,x-systemd.automount
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Lancer le montage en mode vue pour valider la clé SSH</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo mount -av
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/efi : déjà monté
|
|||
|
/ : ignoré
|
|||
|
/home : déjà monté
|
|||
|
/tmp : déjà monté
|
|||
|
none : ignoré
|
|||
|
The authenticity of host '[82.64.18.243]:55215 ([82.64.18.243]:55215)' can't be established.
|
|||
|
ED25519 key fingerprint is SHA256:UXJCYtFENT8AKvmNe5TugLM1mXDdIcSOQ3o3oeAxd5I.
|
|||
|
This key is not known by any other names.
|
|||
|
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
|
|||
|
Warning: Permanently added '[82.64.18.243]:55215' (ED25519) to the list of known hosts.
|
|||
|
/mnt/sharenfs : successfully mounted
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h2 id="endeavouros-virt-manager">EndeavourOS Virt-Manager</h2>
|
|||
|
|
|||
|
<h3 id="complete-edition-vmm-kvm-qemu">Complete Edition (VMM KVM QEMU)</h3>
|
|||
|
|
|||
|
<p><a href="/2023/05/31/EndeavourOS-Virt-Manager_Complete_Edition.html">EndeavourOS Virt-Manager Complete Edition (VMM KVM QEMU)</a></p>
|
|||
|
|
|||
|
<h3 id="networkmanager-bridge">NetworkManager Bridge</h3>
|
|||
|
|
|||
|
<p><em>Créer un ‘bridged network’ ou réseau bridgé sur l’interface réelle pour une utilisation avec virt-manager (Qemu/KVM). On utilise un réseau bridgé pour les machines virtualisées pour qu’elles aient une vrai adresse IP sur le réseau local et qu’elles soient accessibles comme un ordinateur réel.</em></p>
|
|||
|
|
|||
|
<p>nmcli peut créer des ponts à partir du gestionnaire de réseau.<br />
|
|||
|
Passer en mode su<br />
|
|||
|
Créer un pont br0 avec STP désactivé (pour éviter que le pont ne soit annoncé sur le réseau)</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli connection add type bridge ifname br0 stp no
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext highlighter-rouge">Connexion « bridge-br0 » (7f5a043a-257d-4c2b-869e-9de51d7246ea) ajoutée avec succès.</code></p>
|
|||
|
|
|||
|
<p>Faites de votre interface Ethernet <strong>eno1</strong> un esclave du pont</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli connection add type bridge-slave ifname eno1 master br0
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext highlighter-rouge">Connexion « bridge-slave-eno1 » (a3468d56-deed-47d6-bcac-56e2d4261a27) ajoutée avec succès.</code></p>
|
|||
|
|
|||
|
<p>Mettre fin à la connexion existante si active (vous pouvez obtenir le nom de la connexion avec <code class="language-plaintext highlighter-rouge">nmcli connection show --active</code>) :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli connection down Connection
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h4 id="activation-du-pont-bridge-br0">Activation du pont (bridge) br0</h4>
|
|||
|
|
|||
|
<p>Mettre en place le nouveau pont :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli connection up bridge-br0
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext highlighter-rouge">Connexion activée (master waiting for slaves) (Chemin D-Bus actif : /org/freedesktop/NetworkManager/ActiveConnection/5)</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli connection up bridge-slave-eno1
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><code class="language-plaintext highlighter-rouge">Connexion activée (chemin D-Bus actif : /org/freedesktop/NetworkManager/ActiveConnection/6)</code></p>
|
|||
|
|
|||
|
<p><img src="/images/e6230_nmcli_bridge.png" alt="" width="350" /></p>
|
|||
|
|
|||
|
<p>Si l’interface par défaut de NetworkManager pour le périphérique que vous avez ajouté au pont se connecte automatiquement, vous pouvez la désactiver en cliquant sur la roue dentée à côté d’elle dans les paramètres du réseau, et en décochant <strong>Connecter automatiquement</strong> sous Identité.</p>
|
|||
|
|
|||
|
<p>Vérification</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli connection show
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><img src="/images/nmcli-e6230-01g.png" alt="nmcli-e6230" /></p>
|
|||
|
|
|||
|
<h4 id="assigner-au-pont-une-ip-statique-facultatif">Assigner au pont une ip statique (facultatif)</h4>
|
|||
|
|
|||
|
<p>On veut que le pont br0 est une adresse 192.168.0.20<br />
|
|||
|
son adresse mac est <code class="language-plaintext highlighter-rouge">56:c6:b3:31:ff:27</code></p>
|
|||
|
|
|||
|
<p>Pour le wlan on veut 192.168.0.21
|
|||
|
son adresse mac est <code class="language-plaintext highlighter-rouge">a6:cb:63:52:dc:7a</code></p>
|
|||
|
|
|||
|
<p>On va créer un bail statique dans la box<br />
|
|||
|
Paramètres → Mode avancé → DHCP → Baux statiques → Ajouter un bail DHCP statique<br />
|
|||
|
<img src="/images/bail-statique.png" alt="Texte alternatif" width="300" /><br />
|
|||
|
<code class="language-plaintext info highlighter-rouge">Redémarrer la machine</code></p>
|
|||
|
|
|||
|
<h4 id="paramétrage-graphique-networkmanager">Paramétrage graphique NetworkManager</h4>
|
|||
|
|
|||
|
<p>Paramétrage réseau pour un démarrage auto sur le pont br0 si le réseau filaire est branché</p>
|
|||
|
|
|||
|
<p>Modifier les paramètres réseau, clic droit sur icône réseau<br />
|
|||
|
<img src="/images/networkmanager-10.png" alt="" width="300" /></p>
|
|||
|
|
|||
|
<p>Créer un pont réseau nommé br0 en cliquant sur le <strong>+</strong><br />
|
|||
|
<img src="/images/networkmanager-10a.png" alt="" width="300" /><br />
|
|||
|
Saisir un nom après avoir cliquer sur <strong>Créer</strong><br />
|
|||
|
<img src="/images/networkmanager-11.png" alt="" width="300" /></p>
|
|||
|
|
|||
|
<p><strong>Pont entre connexions</strong> → <strong>Ajouter</strong><br />
|
|||
|
<img src="/images/networkmanager-12.png" alt="" width="300" /><br />
|
|||
|
Enregistrer</p>
|
|||
|
|
|||
|
<p>Le pont réseau<br />
|
|||
|
<img src="/images/networkmanager-13.png" alt="" width="300" /><br />
|
|||
|
<img src="/images/networkmanager-14.png" alt="" width="300" /><br />
|
|||
|
Enregistrer</p>
|
|||
|
|
|||
|
<p>Il faut désactiver la connexion automatique du réseau filaire<br />
|
|||
|
<img src="/images/networkmanager-15.png" alt="" width="300" /></p>
|
|||
|
|
|||
|
<h4 id="création-de-vlans-via-ncmli">Création de VLANs via ncmli</h4>
|
|||
|
|
|||
|
<p><a href="https://www.baeldung.com/linux/vlans-create"><em>VLAN</em></a>* sur les liens et les ponts à l’aide de l’outil de ligne de commande de NetworkManager, nmcli*</p>
|
|||
|
|
|||
|
<p>Pour commencer, vérifions les interfaces disponibles :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli device
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>DEVICE TYPE STATE CONNECTION
|
|||
|
br0 bridge connecté bridge-br0
|
|||
|
wlan0 wifi connecté Freebox-3966D6
|
|||
|
lo loopback connecté (en externe) lo
|
|||
|
eno1 ethernet connecté Ethernet-eno1
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Ensuite, créons une interface VLAN</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli con add type vlan con-name vlan-eno1.100 ifname eno1.100 dev eno1 id 100 ip4 192.168.0.25/24
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><em>Connexion « vlan-eno1.100 » (9aa8cded-7814-4e84-af15-09672e0b2563) ajoutée avec succès.</em></p>
|
|||
|
|
|||
|
<p>Nous devons fournir les options con-name, dev et ifname. L’option con-name spécifie la nouvelle connexion VLAN créée, l’option dev spécifie l’interface physique sur laquelle se trouve ce VLAN, et l’option ifname (nom de l’interface VLAN, par exemple vlan-eno1.100) spécifie l’interface à laquelle lier la connexion.</p>
|
|||
|
|
|||
|
<p>Vérifions si l’interface est créée</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nmcli device
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>DEVICE TYPE STATE CONNECTION
|
|||
|
eno1 ethernet connecté Ethernet automatique
|
|||
|
br0 bridge connecté bridge-br0
|
|||
|
eno1.100 vlan connecté vlan-eno1.100
|
|||
|
wlan0 wifi connecté Freebox-3966D6
|
|||
|
lo loopback connecté (en externe) lo
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h2 id="maintenance">Maintenance</h2>
|
|||
|
|
|||
|
<h3 id="ouvrir-un-disque-chiffré-luks2">Ouvrir un disque chiffré LUKS2</h3>
|
|||
|
|
|||
|
<p>Installer les outils archlinux</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>pacman -S arch-install-scripts
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cryptsetup luksOpen /dev/sda2 crypt
|
|||
|
|
|||
|
mount /dev/mapper/vg0-lvroot /mnt
|
|||
|
mkdir -p /mnt/home
|
|||
|
mount /dev/mapper/vg0-lvhome /mnt/home
|
|||
|
mkdir -p /mnt/efi
|
|||
|
mount /dev/sda1 /mnt/efi
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="liste-des-clés-et-mots-de-passe-luks2">Liste des clés et mots de passe LUKS2</h3>
|
|||
|
|
|||
|
<p>Le déchiffrement du disque dur /dev/sda2 peut être réalisé de plusieurs manière</p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>Phrase mot de passe</li>
|
|||
|
<li>Clés FIDO2 (Solokeys et Yubico)</li>
|
|||
|
<li>Pharse de recouvrement</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<p>Chacune des possibilités est stockée dans un “SLOT” (8 max, de 0 à 7)<br />
|
|||
|
Lister les “SLOT” : <code class="language-plaintext highlighter-rouge">sudo cryptsetup luksDump /dev/sda2</code></p>
|
|||
|
|
|||
|
<p>Il y a 5 slots utilisés</p>
|
|||
|
|
|||
|
<ul>
|
|||
|
<li>slot 0 : Phrase de passe</li>
|
|||
|
<li>slot 1 : Phrase de recouvrement</li>
|
|||
|
<li>slot 2 : Yubikeys Fido2 24 554 586</li>
|
|||
|
<li>slot 3 : Yubikeys Fido2 24 554 581</li>
|
|||
|
<li>slot 4 : Solokeys</li>
|
|||
|
</ul>
|
|||
|
|
|||
|
<p>Tester les différentes clés enregistrées</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code># Phrase de passe
|
|||
|
sudo cryptsetup --verbose open --token-id=0 --test-passphrase /dev/sda2
|
|||
|
|
|||
|
Le jeton 0 a besoin d'une ressource supplémentaire qui est manquante.
|
|||
|
Saisissez la phrase secrète pour /dev/sda2 :
|
|||
|
Emplacement de clé 0 déverrouillé.
|
|||
|
Commande réussie.
|
|||
|
|
|||
|
# Yubico 24 554 586
|
|||
|
sudo cryptsetup --verbose open --test-passphrase /dev/sda2
|
|||
|
|
|||
|
Asking FIDO2 token for authentication.
|
|||
|
👆 Please confirm presence on security token to unlock.
|
|||
|
Emplacement de clé 2 déverrouillé.
|
|||
|
Commande réussie.
|
|||
|
|
|||
|
# Yubico 24 554 581
|
|||
|
sudo cryptsetup --verbose open --test-passphrase /dev/sda2
|
|||
|
|
|||
|
Asking FIDO2 token for authentication.
|
|||
|
👆 Please confirm presence on security token to unlock.
|
|||
|
Emplacement de clé 3 déverrouillé.
|
|||
|
Commande réussie.
|
|||
|
|
|||
|
# Solokeys
|
|||
|
sudo cryptsetup --verbose open --test-passphrase /dev/sda2
|
|||
|
|
|||
|
Asking FIDO2 token for authentication.
|
|||
|
👆 Please confirm presence on security token to unlock.
|
|||
|
Emplacement de clé 4 déverrouillé.
|
|||
|
Commande réussie.
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Procédure de vérification</p>
|
|||
|
|
|||
|
<p>Désactiver l’historique</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>set +o history
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Vérifier la phrase mot de passe</p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">printf</span> <span class="s2">"anycurrentpassphrase"</span> | <span class="se">\</span>
|
|||
|
<span class="nb">sudo </span>cryptsetup luksOpen <span class="nt">--test-passphrase</span> /dev/sda2 <span class="o">&&</span> <span class="se">\</span>
|
|||
|
<span class="nb">echo</span> <span class="s2">"Il y a une clé disponible avec ce passphrase."</span>
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Réactiver l’historique</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>set -o history
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="lightdm">Lightdm</h3>
|
|||
|
|
|||
|
<p><em>Utilise <code class="language-plaintext highlighter-rouge">lightdm-slick-greeter</code> Un greeter basé sur GTK plus axé sur l’apparence que <code class="language-plaintext highlighter-rouge">lightdm-gtk-greeter</code></em></p>
|
|||
|
|
|||
|
<p>Les paramètres sont dans le fichier <code class="language-plaintext highlighter-rouge">/etc/lightdm/slick-greeter.conf</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[Greeter]
|
|||
|
background=/usr/share/endeavouros/backgrounds/endeavouros-wallpaper.png
|
|||
|
draw-user-backgrounds=false
|
|||
|
draw-grid=true
|
|||
|
theme-name=Arc-Dark
|
|||
|
icon-theme-name=Qogir
|
|||
|
cursor-theme-name=Qogir
|
|||
|
cursor-theme-size=16
|
|||
|
show-a11y=false
|
|||
|
show-power=false
|
|||
|
background-color=#000000
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Si vous changez l’image de fond, il désactiver draw-grid</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>background=/usr/share/endeavouros/backgrounds/light_sky_stars_85555_1366x768_yano.jpg
|
|||
|
draw-grid=false
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<h3 id="récupérer-la-partition-temporaire">Récupérer la partition temporaire</h3>
|
|||
|
|
|||
|
<p><strong>Ajouter la partition temporaire à la partition LUKS</strong></p>
|
|||
|
|
|||
|
<p>Vous pouvez simplement reformater /dev/sda3 et l’utiliser comme stockage non chiffré, mais ici, nous allons récupérer l’espace</p>
|
|||
|
|
|||
|
<p><code class="language-plaintext info highlighter-rouge">Redémarrer sur un environnement Live-Cd</code></p>
|
|||
|
|
|||
|
<p>Basculer le clavier en FR</p>
|
|||
|
|
|||
|
<p><strong>Supprimer sda3 (installation temporaire EndeavourOS)</strong></p>
|
|||
|
|
|||
|
<p>Pour supprimer /dev/sda3</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo fdisk /dev/sda
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Eentrez simplement les caractères ci-dessous dans l’ordre indiqué.</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>> p
|
|||
|
> d
|
|||
|
> 3 (delete partition 3)
|
|||
|
> w (write changes to disk)
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><strong>Étendre /dev/sda2 (partition LUKS) et le groupe de volumes</strong></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo fdisk /dev/sda
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>> d
|
|||
|
> 2 (delete partition 2)
|
|||
|
> n
|
|||
|
> 2 (recreate partition 2)
|
|||
|
> (first sector is 'default'; press enter)
|
|||
|
> (last sector is 'default'; press enter)
|
|||
|
> n (keep existing filesystem signature)
|
|||
|
> w (write changes to disk)
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Partition LUKS</p>
|
|||
|
|
|||
|
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">sudo </span>cryptsetup luksOpen /dev/sda2 crypt
|
|||
|
<span class="nb">sudo </span>cryptsetup resize crypt <span class="nt">-v</span>
|
|||
|
|
|||
|
<span class="nb">sudo </span>e2fsck <span class="nt">-f</span> /dev/mapper/vg0-lvroot
|
|||
|
<span class="nb">sudo </span>e2fsck <span class="nt">-f</span> /dev/mapper/vg0-lvhome
|
|||
|
|
|||
|
<span class="nb">sudo </span>pvresize /dev/mapper/crypt
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Le groupe de volumes vg0 contient maintenant l’espace que nous avons libéré en supprimant <code class="language-plaintext highlighter-rouge">/dev/sda3</code><br />
|
|||
|
Il a été ajouté en tant qu’espace libre pouvant être utilisé pour des instantanés ou une affectation future au volume racine</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> VG #PV #LV #SN Attr VSize VFree
|
|||
|
vg0 1 3 0 wz--n- 446,57g 196,57g
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Oter la clé Live et redémarrer la machine</p>
|
|||
|
|
|||
|
<h3 id="bluetooth">Bluetooth</h3>
|
|||
|
|
|||
|
<p><strong>Activation</strong><br />
|
|||
|
Bluetooth n’est pas actif par défaut, en raison de plusieurs risques de sécurité et pour éviter une consommation d’énergie inutile.</p>
|
|||
|
|
|||
|
<p>Les packages nécessaires sont installés par défaut, mais ils sont dans leur état désactivé par défaut.</p>
|
|||
|
|
|||
|
<p>Pour pouvoir utiliser Bluetooth, vous devez démarrer le service ou l’activer si vous avez besoin que Bluetooth soit exécuté à chaque démarrage :</p>
|
|||
|
|
|||
|
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">sudo </span>systemctl start bluetooth <span class="c"># pour le démarrer pour la session restera désactivé après le redémarrage.</span>
|
|||
|
<span class="nb">sudo </span>systemctl <span class="nb">enable </span>bluetooth <span class="c"># à activer par défaut, s'exécutera après chaque démarrage.</span>
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Version bluetooth : <code class="language-plaintext highlighter-rouge">sudo inxi -E</code></p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Bluetooth:
|
|||
|
Device-1: Intel AX210 Bluetooth driver: btusb type: USB
|
|||
|
Report: btmgmt ID: hci0 state: up address: C8:15:4E:49:64:DD bt-v: 5.3
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>La plupart des ordinateurs de bureau auront des outils de configuration dans leurs outils de configuration, sinon voir en bas à propos de Et installer des outils d’interface graphique graphique pour configurer et gérer Bluetooth .</p>
|
|||
|
|
|||
|
<p>Si vous souhaitez vous assurer que tous les packages sont toujours installés ou si vous pouvez en supprimer certains, en utilisant une installation personnalisée, etc., installez-le manuellement :</p>
|
|||
|
|
|||
|
<p>Avec Pipewire</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo pacman -S --needed bluez bluez-utils
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Et installez des outils d’interface graphique graphique pour configurer et gérer Bluetooth :</p>
|
|||
|
|
|||
|
<p>blueman (gtk) recommandé pour les applications basées sur GTK [peut être utilisé indépendamment des environnements de bureau]</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo pacman -S blueman
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p>Il est utile de l’exécuter en tant que root pour que les premiers appareils connectés puissent les utiliser. Mais essayez d’abord en tant qu’utilisateur normal !</p>
|
|||
|
|
|||
|
<p>Gérer les appareils Bluetooth via l’outil CLI.(<a href="https://www.makeuseof.com/manage-bluetooth-linux-with-bluetoothctl/">How to Manage Bluetooth Devices on Linux Using bluetoothctl</a>)</p>
|
|||
|
|
|||
|
<p>le processus habituel pour connecter un nouvel appareil est le suivant :</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>bluetoothctl ----> scan on ------> trust ----> pair ---> connect
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<p><strong>Souris Bluetooth Pebble Mouse 2 M350s</strong><br />
|
|||
|
Basculez entre 3 de vos dispositifs d’une simple pression sur le bouton Easy-Switch.<br />
|
|||
|
Position 2 pour le portable DELL latitude e6230<br />
|
|||
|
<img src="/images/Peeble-Mouse.png" alt="" width="400" /></p>
|
|||
|
|
|||
|
<p>Liste des appareils</p>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>bluetoothctl devices
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Device 98:52:3D:79:B3:F1 Soundcore Liberty Air 2-L
|
|||
|
Device D0:33:94:1E:38:C8 Pebble M350s
|
|||
|
</code></pre></div></div>
|
|||
|
|
|||
|
</div>
|
|||
|
|
|||
|
|
|||
|
|
|||
|
<div class="d-print-none"><footer class="article__footer"><meta itemprop="dateModified" content="2023-07-01T00:00:00+02:00"><!-- start custom article footer snippet -->
|
|||
|
|
|||
|
<!-- end custom article footer snippet -->
|
|||
|
<!--
|
|||
|
<div align="right"><a type="application/rss+xml" href="/feed.xml" title="S'abonner"><i class="fa fa-rss fa-2x"></i></a>
|
|||
|
|
|||
|
 </div>
|
|||
|
-->
|
|||
|
</footer>
|
|||
|
<div class="article__section-navigator clearfix"><div class="previous"><span>PRÉCÉDENT</span><a href="/2023/06/16/Application_Android_de_sauvegarde-donnees_incluses_avec_adb.html">Android adb - Application de sauvegarde, données incluses</a></div><div class="next"><span>SUIVANT</span><a href="/2023/07/01/Yubikey.html">Yubico - YubiKey 5 NFC</a></div></div></div>
|
|||
|
|
|||
|
</div>
|
|||
|
|
|||
|
<script>(function() {
|
|||
|
var SOURCES = window.TEXT_VARIABLES.sources;
|
|||
|
window.Lazyload.js(SOURCES.jquery, function() {
|
|||
|
$(function() {
|
|||
|
var $this ,$scroll;
|
|||
|
var $articleContent = $('.js-article-content');
|
|||
|
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
|
|||
|
var scroll = hasSidebar ? '.js-page-main' : 'html, body';
|
|||
|
$scroll = $(scroll);
|
|||
|
|
|||
|
$articleContent.find('.highlight').each(function() {
|
|||
|
$this = $(this);
|
|||
|
$this.attr('data-lang', $this.find('code').attr('data-lang'));
|
|||
|
});
|
|||
|
$articleContent.find('h1[id], h2[id], h3[id], h4[id], h5[id], h6[id]').each(function() {
|
|||
|
$this = $(this);
|
|||
|
$this.append($('<a class="anchor d-print-none" aria-hidden="true"></a>').html('<i class="fas fa-anchor"></i>'));
|
|||
|
});
|
|||
|
$articleContent.on('click', '.anchor', function() {
|
|||
|
$scroll.scrollToAnchor('#' + $(this).parent().attr('id'), 400);
|
|||
|
});
|
|||
|
});
|
|||
|
});
|
|||
|
})();
|
|||
|
</script>
|
|||
|
|
|||
|
</div><section class="page__comments d-print-none"></section></article><!-- start custom main bottom snippet -->
|
|||
|
<!-- end custom main bottom snippet -->
|
|||
|
</div>
|
|||
|
</div></div></div></div>
|
|||
|
</div><script>(function() {
|
|||
|
var SOURCES = window.TEXT_VARIABLES.sources;
|
|||
|
window.Lazyload.js(SOURCES.jquery, function() {
|
|||
|
var $body = $('body'), $window = $(window);
|
|||
|
var $pageRoot = $('.js-page-root'), $pageMain = $('.js-page-main');
|
|||
|
var activeCount = 0;
|
|||
|
function modal(options) {
|
|||
|
var $root = this, visible, onChange, hideWhenWindowScroll = false;
|
|||
|
var scrollTop;
|
|||
|
function setOptions(options) {
|
|||
|
var _options = options || {};
|
|||
|
visible = _options.initialVisible === undefined ? false : show;
|
|||
|
onChange = _options.onChange;
|
|||
|
hideWhenWindowScroll = _options.hideWhenWindowScroll;
|
|||
|
}
|
|||
|
function init() {
|
|||
|
setState(visible);
|
|||
|
}
|
|||
|
function setState(isShow) {
|
|||
|
if (isShow === visible) {
|
|||
|
return;
|
|||
|
}
|
|||
|
visible = isShow;
|
|||
|
if (visible) {
|
|||
|
activeCount++;
|
|||
|
scrollTop = $(window).scrollTop() || $pageMain.scrollTop();
|
|||
|
$root.addClass('modal--show');
|
|||
|
$pageMain.scrollTop(scrollTop);
|
|||
|
activeCount === 1 && ($pageRoot.addClass('show-modal'), $body.addClass('of-hidden'));
|
|||
|
hideWhenWindowScroll && window.hasEvent('touchstart') && $window.on('scroll', hide);
|
|||
|
$window.on('keyup', handleKeyup);
|
|||
|
} else {
|
|||
|
activeCount > 0 && activeCount--;
|
|||
|
$root.removeClass('modal--show');
|
|||
|
$window.scrollTop(scrollTop);
|
|||
|
activeCount === 0 && ($pageRoot.removeClass('show-modal'), $body.removeClass('of-hidden'));
|
|||
|
hideWhenWindowScroll && window.hasEvent('touchstart') && $window.off('scroll', hide);
|
|||
|
$window.off('keyup', handleKeyup);
|
|||
|
}
|
|||
|
onChange && onChange(visible);
|
|||
|
}
|
|||
|
function show() {
|
|||
|
setState(true);
|
|||
|
}
|
|||
|
function hide() {
|
|||
|
setState(false);
|
|||
|
}
|
|||
|
function handleKeyup(e) {
|
|||
|
// Char Code: 27 ESC
|
|||
|
if (e.which === 27) {
|
|||
|
hide();
|
|||
|
}
|
|||
|
}
|
|||
|
setOptions(options);
|
|||
|
init();
|
|||
|
return {
|
|||
|
show: show,
|
|||
|
hide: hide,
|
|||
|
$el: $root
|
|||
|
};
|
|||
|
}
|
|||
|
$.fn.modal = modal;
|
|||
|
});
|
|||
|
})();
|
|||
|
</script><div class="modal modal--overflow page__search-modal d-print-none js-page-search-modal"><script>
|
|||
|
(function () {
|
|||
|
var SOURCES = window.TEXT_VARIABLES.sources;
|
|||
|
window.Lazyload.js(SOURCES.jquery, function() {
|
|||
|
// search panel
|
|||
|
var search = (window.search || (window.search = {}));
|
|||
|
var useDefaultSearchBox = window.useDefaultSearchBox === undefined ?
|
|||
|
true : window.useDefaultSearchBox ;
|
|||
|
|
|||
|
var $searchModal = $('.js-page-search-modal');
|
|||
|
var $searchToggle = $('.js-search-toggle');
|
|||
|
var searchModal = $searchModal.modal({ onChange: handleModalChange, hideWhenWindowScroll: true });
|
|||
|
var modalVisible = false;
|
|||
|
search.searchModal = searchModal;
|
|||
|
|
|||
|
var $searchBox = null;
|
|||
|
var $searchInput = null;
|
|||
|
var $searchClear = null;
|
|||
|
|
|||
|
function getModalVisible() {
|
|||
|
return modalVisible;
|
|||
|
}
|
|||
|
search.getModalVisible = getModalVisible;
|
|||
|
|
|||
|
function handleModalChange(visible) {
|
|||
|
modalVisible = visible;
|
|||
|
if (visible) {
|
|||
|
search.onShow && search.onShow();
|
|||
|
useDefaultSearchBox && $searchInput[0] && $searchInput[0].focus();
|
|||
|
} else {
|
|||
|
search.onShow && search.onHide();
|
|||
|
useDefaultSearchBox && $searchInput[0] && $searchInput[0].blur();
|
|||
|
setTimeout(function() {
|
|||
|
useDefaultSearchBox && ($searchInput.val(''), $searchBox.removeClass('not-empty'));
|
|||
|
search.clear && search.clear();
|
|||
|
window.pageAsideAffix && window.pageAsideAffix.refresh();
|
|||
|
}, 400);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
$searchToggle.on('click', function() {
|
|||
|
modalVisible ? searchModal.hide() : searchModal.show();
|
|||
|
});
|
|||
|
// Char Code: 83 S, 191 /
|
|||
|
$(window).on('keyup', function(e) {
|
|||
|
if (!modalVisible && !window.isFormElement(e.target || e.srcElement) && (e.which === 83 || e.which === 191)) {
|
|||
|
modalVisible || searchModal.show();
|
|||
|
}
|
|||
|
});
|
|||
|
|
|||
|
if (useDefaultSearchBox) {
|
|||
|
$searchBox = $('.js-search-box');
|
|||
|
$searchInput = $searchBox.children('input');
|
|||
|
$searchClear = $searchBox.children('.js-icon-clear');
|
|||
|
search.getSearchInput = function() {
|
|||
|
return $searchInput.get(0);
|
|||
|
};
|
|||
|
search.getVal = function() {
|
|||
|
return $searchInput.val();
|
|||
|
};
|
|||
|
search.setVal = function(val) {
|
|||
|
$searchInput.val(val);
|
|||
|
};
|
|||
|
|
|||
|
$searchInput.on('focus', function() {
|
|||
|
$(this).addClass('focus');
|
|||
|
});
|
|||
|
$searchInput.on('blur', function() {
|
|||
|
$(this).removeClass('focus');
|
|||
|
});
|
|||
|
$searchInput.on('input', window.throttle(function() {
|
|||
|
var val = $(this).val();
|
|||
|
if (val === '' || typeof val !== 'string') {
|
|||
|
search.clear && search.clear();
|
|||
|
} else {
|
|||
|
$searchBox.addClass('not-empty');
|
|||
|
search.onInputNotEmpty && search.onInputNotEmpty(val);
|
|||
|
}
|
|||
|
}, 400));
|
|||
|
$searchClear.on('click', function() {
|
|||
|
$searchInput.val(''); $searchBox.removeClass('not-empty');
|
|||
|
search.clear && search.clear();
|
|||
|
});
|
|||
|
}
|
|||
|
});
|
|||
|
})();
|
|||
|
</script><div class="search search--dark">
|
|||
|
<div class="main">
|
|||
|
<div class="search__header">Recherche</div>
|
|||
|
<div class="search-bar">
|
|||
|
<div class="search-box js-search-box">
|
|||
|
<div class="search-box__icon-search"><i class="fas fa-search"></i></div>
|
|||
|
<input id="search-input" type="text" />
|
|||
|
<div class="search-box__icon-clear js-icon-clear">
|
|||
|
<a><i class="fas fa-times"></i></a>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
<button class="button button--theme-dark button--pill search__cancel js-search-toggle">
|
|||
|
Annuler</button>
|
|||
|
</div>
|
|||
|
<div id="results-container" class="search-result js-search-result"></div>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
<!-- Script pointing to search-script.js -->
|
|||
|
<script>/*!
|
|||
|
* Simple-Jekyll-Search
|
|||
|
* Copyright 2015-2020, Christian Fei
|
|||
|
* Licensed under the MIT License.
|
|||
|
*/
|
|||
|
|
|||
|
(function(){
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$Templater_7 = {
|
|||
|
compile: compile,
|
|||
|
setOptions: setOptions
|
|||
|
}
|
|||
|
|
|||
|
const options = {}
|
|||
|
options.pattern = /\{(.*?)\}/g
|
|||
|
options.template = ''
|
|||
|
options.middleware = function () {}
|
|||
|
|
|||
|
function setOptions (_options) {
|
|||
|
options.pattern = _options.pattern || options.pattern
|
|||
|
options.template = _options.template || options.template
|
|||
|
if (typeof _options.middleware === 'function') {
|
|||
|
options.middleware = _options.middleware
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function compile (data) {
|
|||
|
return options.template.replace(options.pattern, function (match, prop) {
|
|||
|
const value = options.middleware(prop, data[prop], options.template)
|
|||
|
if (typeof value !== 'undefined') {
|
|||
|
return value
|
|||
|
}
|
|||
|
return data[prop] || match
|
|||
|
})
|
|||
|
}
|
|||
|
|
|||
|
'use strict';
|
|||
|
|
|||
|
function fuzzysearch (needle, haystack) {
|
|||
|
var tlen = haystack.length;
|
|||
|
var qlen = needle.length;
|
|||
|
if (qlen > tlen) {
|
|||
|
return false;
|
|||
|
}
|
|||
|
if (qlen === tlen) {
|
|||
|
return needle === haystack;
|
|||
|
}
|
|||
|
outer: for (var i = 0, j = 0; i < qlen; i++) {
|
|||
|
var nch = needle.charCodeAt(i);
|
|||
|
while (j < tlen) {
|
|||
|
if (haystack.charCodeAt(j++) === nch) {
|
|||
|
continue outer;
|
|||
|
}
|
|||
|
}
|
|||
|
return false;
|
|||
|
}
|
|||
|
return true;
|
|||
|
}
|
|||
|
|
|||
|
var _$fuzzysearch_1 = fuzzysearch;
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
/* removed: const _$fuzzysearch_1 = require('fuzzysearch') */;
|
|||
|
|
|||
|
var _$FuzzySearchStrategy_5 = new FuzzySearchStrategy()
|
|||
|
|
|||
|
function FuzzySearchStrategy () {
|
|||
|
this.matches = function (string, crit) {
|
|||
|
return _$fuzzysearch_1(crit.toLowerCase(), string.toLowerCase())
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$LiteralSearchStrategy_6 = new LiteralSearchStrategy()
|
|||
|
|
|||
|
function LiteralSearchStrategy () {
|
|||
|
this.matches = function (str, crit) {
|
|||
|
if (!str) return false
|
|||
|
|
|||
|
str = str.trim().toLowerCase()
|
|||
|
crit = crit.trim().toLowerCase()
|
|||
|
|
|||
|
return crit.split(' ').filter(function (word) {
|
|||
|
return str.indexOf(word) >= 0
|
|||
|
}).length === crit.split(' ').length
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$Repository_4 = {
|
|||
|
put: put,
|
|||
|
clear: clear,
|
|||
|
search: search,
|
|||
|
setOptions: __setOptions_4
|
|||
|
}
|
|||
|
|
|||
|
/* removed: const _$FuzzySearchStrategy_5 = require('./SearchStrategies/FuzzySearchStrategy') */;
|
|||
|
/* removed: const _$LiteralSearchStrategy_6 = require('./SearchStrategies/LiteralSearchStrategy') */;
|
|||
|
|
|||
|
function NoSort () {
|
|||
|
return 0
|
|||
|
}
|
|||
|
|
|||
|
const data = []
|
|||
|
let opt = {}
|
|||
|
|
|||
|
opt.fuzzy = false
|
|||
|
opt.limit = 10
|
|||
|
opt.searchStrategy = opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
|
|||
|
opt.sort = NoSort
|
|||
|
opt.exclude = []
|
|||
|
|
|||
|
function put (data) {
|
|||
|
if (isObject(data)) {
|
|||
|
return addObject(data)
|
|||
|
}
|
|||
|
if (isArray(data)) {
|
|||
|
return addArray(data)
|
|||
|
}
|
|||
|
return undefined
|
|||
|
}
|
|||
|
function clear () {
|
|||
|
data.length = 0
|
|||
|
return data
|
|||
|
}
|
|||
|
|
|||
|
function isObject (obj) {
|
|||
|
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Object]'
|
|||
|
}
|
|||
|
|
|||
|
function isArray (obj) {
|
|||
|
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Array]'
|
|||
|
}
|
|||
|
|
|||
|
function addObject (_data) {
|
|||
|
data.push(_data)
|
|||
|
return data
|
|||
|
}
|
|||
|
|
|||
|
function addArray (_data) {
|
|||
|
const added = []
|
|||
|
clear()
|
|||
|
for (let i = 0, len = _data.length; i < len; i++) {
|
|||
|
if (isObject(_data[i])) {
|
|||
|
added.push(addObject(_data[i]))
|
|||
|
}
|
|||
|
}
|
|||
|
return added
|
|||
|
}
|
|||
|
|
|||
|
function search (crit) {
|
|||
|
if (!crit) {
|
|||
|
return []
|
|||
|
}
|
|||
|
return findMatches(data, crit, opt.searchStrategy, opt).sort(opt.sort)
|
|||
|
}
|
|||
|
|
|||
|
function __setOptions_4 (_opt) {
|
|||
|
opt = _opt || {}
|
|||
|
|
|||
|
opt.fuzzy = _opt.fuzzy || false
|
|||
|
opt.limit = _opt.limit || 10
|
|||
|
opt.searchStrategy = _opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
|
|||
|
opt.sort = _opt.sort || NoSort
|
|||
|
opt.exclude = _opt.exclude || []
|
|||
|
}
|
|||
|
|
|||
|
function findMatches (data, crit, strategy, opt) {
|
|||
|
const matches = []
|
|||
|
for (let i = 0; i < data.length && matches.length < opt.limit; i++) {
|
|||
|
const match = findMatchesInObject(data[i], crit, strategy, opt)
|
|||
|
if (match) {
|
|||
|
matches.push(match)
|
|||
|
}
|
|||
|
}
|
|||
|
return matches
|
|||
|
}
|
|||
|
|
|||
|
function findMatchesInObject (obj, crit, strategy, opt) {
|
|||
|
for (const key in obj) {
|
|||
|
if (!isExcluded(obj[key], opt.exclude) && strategy.matches(obj[key], crit)) {
|
|||
|
return obj
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function isExcluded (term, excludedTerms) {
|
|||
|
for (let i = 0, len = excludedTerms.length; i < len; i++) {
|
|||
|
const excludedTerm = excludedTerms[i]
|
|||
|
if (new RegExp(excludedTerm).test(term)) {
|
|||
|
return true
|
|||
|
}
|
|||
|
}
|
|||
|
return false
|
|||
|
}
|
|||
|
|
|||
|
/* globals ActiveXObject:false */
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$JSONLoader_2 = {
|
|||
|
load: load
|
|||
|
}
|
|||
|
|
|||
|
function load (location, callback) {
|
|||
|
const xhr = getXHR()
|
|||
|
xhr.open('GET', location, true)
|
|||
|
xhr.onreadystatechange = createStateChangeListener(xhr, callback)
|
|||
|
xhr.send()
|
|||
|
}
|
|||
|
|
|||
|
function createStateChangeListener (xhr, callback) {
|
|||
|
return function () {
|
|||
|
if (xhr.readyState === 4 && xhr.status === 200) {
|
|||
|
try {
|
|||
|
callback(null, JSON.parse(xhr.responseText))
|
|||
|
} catch (err) {
|
|||
|
callback(err, null)
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function getXHR () {
|
|||
|
return window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP')
|
|||
|
}
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$OptionsValidator_3 = function OptionsValidator (params) {
|
|||
|
if (!validateParams(params)) {
|
|||
|
throw new Error('-- OptionsValidator: required options missing')
|
|||
|
}
|
|||
|
|
|||
|
if (!(this instanceof OptionsValidator)) {
|
|||
|
return new OptionsValidator(params)
|
|||
|
}
|
|||
|
|
|||
|
const requiredOptions = params.required
|
|||
|
|
|||
|
this.getRequiredOptions = function () {
|
|||
|
return requiredOptions
|
|||
|
}
|
|||
|
|
|||
|
this.validate = function (parameters) {
|
|||
|
const errors = []
|
|||
|
requiredOptions.forEach(function (requiredOptionName) {
|
|||
|
if (typeof parameters[requiredOptionName] === 'undefined') {
|
|||
|
errors.push(requiredOptionName)
|
|||
|
}
|
|||
|
})
|
|||
|
return errors
|
|||
|
}
|
|||
|
|
|||
|
function validateParams (params) {
|
|||
|
if (!params) {
|
|||
|
return false
|
|||
|
}
|
|||
|
return typeof params.required !== 'undefined' && params.required instanceof Array
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
'use strict'
|
|||
|
|
|||
|
var _$utils_9 = {
|
|||
|
merge: merge,
|
|||
|
isJSON: isJSON
|
|||
|
}
|
|||
|
|
|||
|
function merge (defaultParams, mergeParams) {
|
|||
|
const mergedOptions = {}
|
|||
|
for (const option in defaultParams) {
|
|||
|
mergedOptions[option] = defaultParams[option]
|
|||
|
if (typeof mergeParams[option] !== 'undefined') {
|
|||
|
mergedOptions[option] = mergeParams[option]
|
|||
|
}
|
|||
|
}
|
|||
|
return mergedOptions
|
|||
|
}
|
|||
|
|
|||
|
function isJSON (json) {
|
|||
|
try {
|
|||
|
if (json instanceof Object && JSON.parse(JSON.stringify(json))) {
|
|||
|
return true
|
|||
|
}
|
|||
|
return false
|
|||
|
} catch (err) {
|
|||
|
return false
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
var _$src_8 = {};
|
|||
|
(function (window) {
|
|||
|
'use strict'
|
|||
|
|
|||
|
let options = {
|
|||
|
searchInput: null,
|
|||
|
resultsContainer: null,
|
|||
|
json: [],
|
|||
|
success: Function.prototype,
|
|||
|
searchResultTemplate: '<li><a href="{url}" title="{desc}">{title}</a></li>',
|
|||
|
templateMiddleware: Function.prototype,
|
|||
|
sortMiddleware: function () {
|
|||
|
return 0
|
|||
|
},
|
|||
|
noResultsText: 'No results found',
|
|||
|
limit: 10,
|
|||
|
fuzzy: false,
|
|||
|
debounceTime: null,
|
|||
|
exclude: []
|
|||
|
}
|
|||
|
|
|||
|
let debounceTimerHandle
|
|||
|
const debounce = function (func, delayMillis) {
|
|||
|
if (delayMillis) {
|
|||
|
clearTimeout(debounceTimerHandle)
|
|||
|
debounceTimerHandle = setTimeout(func, delayMillis)
|
|||
|
} else {
|
|||
|
func.call()
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
const requiredOptions = ['searchInput', 'resultsContainer', 'json']
|
|||
|
|
|||
|
/* removed: const _$Templater_7 = require('./Templater') */;
|
|||
|
/* removed: const _$Repository_4 = require('./Repository') */;
|
|||
|
/* removed: const _$JSONLoader_2 = require('./JSONLoader') */;
|
|||
|
const optionsValidator = _$OptionsValidator_3({
|
|||
|
required: requiredOptions
|
|||
|
})
|
|||
|
/* removed: const _$utils_9 = require('./utils') */;
|
|||
|
|
|||
|
window.SimpleJekyllSearch = function (_options) {
|
|||
|
const errors = optionsValidator.validate(_options)
|
|||
|
if (errors.length > 0) {
|
|||
|
throwError('You must specify the following required options: ' + requiredOptions)
|
|||
|
}
|
|||
|
|
|||
|
options = _$utils_9.merge(options, _options)
|
|||
|
|
|||
|
_$Templater_7.setOptions({
|
|||
|
template: options.searchResultTemplate,
|
|||
|
middleware: options.templateMiddleware
|
|||
|
})
|
|||
|
|
|||
|
_$Repository_4.setOptions({
|
|||
|
fuzzy: options.fuzzy,
|
|||
|
limit: options.limit,
|
|||
|
sort: options.sortMiddleware,
|
|||
|
exclude: options.exclude
|
|||
|
})
|
|||
|
|
|||
|
if (_$utils_9.isJSON(options.json)) {
|
|||
|
initWithJSON(options.json)
|
|||
|
} else {
|
|||
|
initWithURL(options.json)
|
|||
|
}
|
|||
|
|
|||
|
const rv = {
|
|||
|
search: search
|
|||
|
}
|
|||
|
|
|||
|
typeof options.success === 'function' && options.success.call(rv)
|
|||
|
return rv
|
|||
|
}
|
|||
|
|
|||
|
function initWithJSON (json) {
|
|||
|
_$Repository_4.put(json)
|
|||
|
registerInput()
|
|||
|
}
|
|||
|
|
|||
|
function initWithURL (url) {
|
|||
|
_$JSONLoader_2.load(url, function (err, json) {
|
|||
|
if (err) {
|
|||
|
throwError('failed to get JSON (' + url + ')')
|
|||
|
}
|
|||
|
initWithJSON(json)
|
|||
|
})
|
|||
|
}
|
|||
|
|
|||
|
function emptyResultsContainer () {
|
|||
|
options.resultsContainer.innerHTML = ''
|
|||
|
}
|
|||
|
|
|||
|
function appendToResultsContainer (text) {
|
|||
|
options.resultsContainer.innerHTML += text
|
|||
|
}
|
|||
|
|
|||
|
function registerInput () {
|
|||
|
options.searchInput.addEventListener('input', function (e) {
|
|||
|
if (isWhitelistedKey(e.which)) {
|
|||
|
emptyResultsContainer()
|
|||
|
debounce(function () { search(e.target.value) }, options.debounceTime)
|
|||
|
}
|
|||
|
})
|
|||
|
}
|
|||
|
|
|||
|
function search (query) {
|
|||
|
if (isValidQuery(query)) {
|
|||
|
emptyResultsContainer()
|
|||
|
render(_$Repository_4.search(query), query)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function render (results, query) {
|
|||
|
const len = results.length
|
|||
|
if (len === 0) {
|
|||
|
return appendToResultsContainer(options.noResultsText)
|
|||
|
}
|
|||
|
for (let i = 0; i < len; i++) {
|
|||
|
results[i].query = query
|
|||
|
appendToResultsContainer(_$Templater_7.compile(results[i]))
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function isValidQuery (query) {
|
|||
|
return query && query.length > 0
|
|||
|
}
|
|||
|
|
|||
|
function isWhitelistedKey (key) {
|
|||
|
return [13, 16, 20, 37, 38, 39, 40, 91].indexOf(key) === -1
|
|||
|
}
|
|||
|
|
|||
|
function throwError (message) {
|
|||
|
throw new Error('SimpleJekyllSearch --- ' + message)
|
|||
|
}
|
|||
|
})(window)
|
|||
|
|
|||
|
}());
|
|||
|
</script>
|
|||
|
|
|||
|
<!-- Configuration -->
|
|||
|
<script>
|
|||
|
SimpleJekyllSearch({
|
|||
|
searchInput: document.getElementById('search-input'),
|
|||
|
resultsContainer: document.getElementById('results-container'),
|
|||
|
noResultsText: '<p>Aucun résultat!</p>',
|
|||
|
json: '/search.json',
|
|||
|
searchResultTemplate: '<li><a href="{url}">{date} {title}</a> (Création {create})</li>'
|
|||
|
})
|
|||
|
</script>
|
|||
|
|
|||
|
</div></div>
|
|||
|
|
|||
|
|
|||
|
<script>(function() {
|
|||
|
var SOURCES = window.TEXT_VARIABLES.sources;
|
|||
|
window.Lazyload.js(SOURCES.jquery, function() {
|
|||
|
function scrollToAnchor(anchor, duration, callback) {
|
|||
|
var $root = this;
|
|||
|
$root.animate({ scrollTop: $(anchor).position().top }, duration, function() {
|
|||
|
window.history.replaceState(null, '', window.location.href.split('#')[0] + anchor);
|
|||
|
callback && callback();
|
|||
|
});
|
|||
|
}
|
|||
|
$.fn.scrollToAnchor = scrollToAnchor;
|
|||
|
});
|
|||
|
})();
|
|||
|
(function() {
|
|||
|
var SOURCES = window.TEXT_VARIABLES.sources;
|
|||
|
window.Lazyload.js(SOURCES.jquery, function() {
|
|||
|
function affix(options) {
|
|||
|
var $root = this, $window = $(window), $scrollTarget, $scroll,
|
|||
|
offsetBottom = 0, scrollTarget = window, scroll = window.document, disabled = false, isOverallScroller = true,
|
|||
|
rootTop, rootLeft, rootHeight, scrollBottom, rootBottomTop,
|
|||
|
hasInit = false, curState;
|
|||
|
|
|||
|
function setOptions(options) {
|
|||
|
var _options = options || {};
|
|||
|
_options.offsetBottom && (offsetBottom = _options.offsetBottom);
|
|||
|
_options.scrollTarget && (scrollTarget = _options.scrollTarget);
|
|||
|
_options.scroll && (scroll = _options.scroll);
|
|||
|
_options.disabled !== undefined && (disabled = _options.disabled);
|
|||
|
$scrollTarget = $(scrollTarget);
|
|||
|
isOverallScroller = window.isOverallScroller($scrollTarget[0]);
|
|||
|
$scroll = $(scroll);
|
|||
|
}
|
|||
|
function preCalc() {
|
|||
|
top();
|
|||
|
rootHeight = $root.outerHeight();
|
|||
|
rootTop = $root.offset().top + (isOverallScroller ? 0 : $scrollTarget.scrollTop());
|
|||
|
rootLeft = $root.offset().left;
|
|||
|
}
|
|||
|
function calc(needPreCalc) {
|
|||
|
needPreCalc && preCalc();
|
|||
|
scrollBottom = $scroll.outerHeight() - offsetBottom - rootHeight;
|
|||
|
rootBottomTop = scrollBottom - rootTop;
|
|||
|
}
|
|||
|
function top() {
|
|||
|
if (curState !== 'top') {
|
|||
|
$root.removeClass('fixed').css({
|
|||
|
left: 0,
|
|||
|
top: 0
|
|||
|
});
|
|||
|
curState = 'top';
|
|||
|
}
|
|||
|
}
|
|||
|
function fixed() {
|
|||
|
if (curState !== 'fixed') {
|
|||
|
$root.addClass('fixed').css({
|
|||
|
left: rootLeft + 'px',
|
|||
|
top: 0
|
|||
|
});
|
|||
|
curState = 'fixed';
|
|||
|
}
|
|||
|
}
|
|||
|
function bottom() {
|
|||
|
if (curState !== 'bottom') {
|
|||
|
$root.removeClass('fixed').css({
|
|||
|
left: 0,
|
|||
|
top: rootBottomTop + 'px'
|
|||
|
});
|
|||
|
curState = 'bottom';
|
|||
|
}
|
|||
|
}
|
|||
|
function setState() {
|
|||
|
var scrollTop = $scrollTarget.scrollTop();
|
|||
|
if (scrollTop >= rootTop && scrollTop <= scrollBottom) {
|
|||
|
fixed();
|
|||
|
} else if (scrollTop < rootTop) {
|
|||
|
top();
|
|||
|
} else {
|
|||
|
bottom();
|
|||
|
}
|
|||
|
}
|
|||
|
function init() {
|
|||
|
if(!hasInit) {
|
|||
|
var interval, timeout;
|
|||
|
calc(true); setState();
|
|||
|
// run calc every 100 millisecond
|
|||
|
interval = setInterval(function() {
|
|||
|
calc();
|
|||
|
}, 100);
|
|||
|
timeout = setTimeout(function() {
|
|||
|
clearInterval(interval);
|
|||
|
}, 45000);
|
|||
|
window.pageLoad.then(function() {
|
|||
|
setTimeout(function() {
|
|||
|
clearInterval(interval);
|
|||
|
clearTimeout(timeout);
|
|||
|
}, 3000);
|
|||
|
});
|
|||
|
$scrollTarget.on('scroll', function() {
|
|||
|
disabled || setState();
|
|||
|
});
|
|||
|
$window.on('resize', function() {
|
|||
|
disabled || (calc(true), setState());
|
|||
|
});
|
|||
|
hasInit = true;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
setOptions(options);
|
|||
|
if (!disabled) {
|
|||
|
init();
|
|||
|
}
|
|||
|
$window.on('resize', window.throttle(function() {
|
|||
|
init();
|
|||
|
}, 200));
|
|||
|
return {
|
|||
|
setOptions: setOptions,
|
|||
|
refresh: function() {
|
|||
|
calc(true, { animation: false }); setState();
|
|||
|
}
|
|||
|
};
|
|||
|
}
|
|||
|
$.fn.affix = affix;
|
|||
|
});
|
|||
|
})();
|
|||
|
(function() {
|
|||
|
var SOURCES = window.TEXT_VARIABLES.sources;
|
|||
|
window.Lazyload.js(SOURCES.jquery, function() {
|
|||
|
function toc(options) {
|
|||
|
var $root = this, $window = $(window), $scrollTarget, $scroller, $tocUl = $('<ul class="toc toc--ellipsis"></ul>'), $tocLi, $headings, $activeLast, $activeCur,
|
|||
|
selectors = 'h1,h2,h3', container = 'body', scrollTarget = window, scroller = 'html, body', disabled = false,
|
|||
|
headingsPos, scrolling = false, hasRendered = false, hasInit = false;
|
|||
|
|
|||
|
function setOptions(options) {
|
|||
|
var _options = options || {};
|
|||
|
_options.selectors && (selectors = _options.selectors);
|
|||
|
_options.container && (container = _options.container);
|
|||
|
_options.scrollTarget && (scrollTarget = _options.scrollTarget);
|
|||
|
_options.scroller && (scroller = _options.scroller);
|
|||
|
_options.disabled !== undefined && (disabled = _options.disabled);
|
|||
|
$headings = $(container).find(selectors).filter('[id]');
|
|||
|
$scrollTarget = $(scrollTarget);
|
|||
|
$scroller = $(scroller);
|
|||
|
}
|
|||
|
function calc() {
|
|||
|
headingsPos = [];
|
|||
|
$headings.each(function() {
|
|||
|
headingsPos.push(Math.floor($(this).position().top));
|
|||
|
});
|
|||
|
}
|
|||
|
function setState(element, disabled) {
|
|||
|
var scrollTop = $scrollTarget.scrollTop(), i;
|
|||
|
if (disabled || !headingsPos || headingsPos.length < 1) { return; }
|
|||
|
if (element) {
|
|||
|
$activeCur = element;
|
|||
|
} else {
|
|||
|
for (i = 0; i < headingsPos.length; i++) {
|
|||
|
if (scrollTop >= headingsPos[i]) {
|
|||
|
$activeCur = $tocLi.eq(i);
|
|||
|
} else {
|
|||
|
$activeCur || ($activeCur = $tocLi.eq(i));
|
|||
|
break;
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
$activeLast && $activeLast.removeClass('active');
|
|||
|
($activeLast = $activeCur).addClass('active');
|
|||
|
}
|
|||
|
function render() {
|
|||
|
if(!hasRendered) {
|
|||
|
$root.append($tocUl);
|
|||
|
$headings.each(function() {
|
|||
|
var $this = $(this);
|
|||
|
$tocUl.append($('<li></li>').addClass('toc-' + $this.prop('tagName').toLowerCase())
|
|||
|
.append($('<a></a>').text($this.text()).attr('href', '#' + $this.prop('id'))));
|
|||
|
});
|
|||
|
$tocLi = $tocUl.children('li');
|
|||
|
$tocUl.on('click', 'a', function(e) {
|
|||
|
e.preventDefault();
|
|||
|
var $this = $(this);
|
|||
|
scrolling = true;
|
|||
|
setState($this.parent());
|
|||
|
$scroller.scrollToAnchor($this.attr('href'), 400, function() {
|
|||
|
scrolling = false;
|
|||
|
});
|
|||
|
});
|
|||
|
}
|
|||
|
hasRendered = true;
|
|||
|
}
|
|||
|
function init() {
|
|||
|
var interval, timeout;
|
|||
|
if(!hasInit) {
|
|||
|
render(); calc(); setState(null, scrolling);
|
|||
|
// run calc every 100 millisecond
|
|||
|
interval = setInterval(function() {
|
|||
|
calc();
|
|||
|
}, 100);
|
|||
|
timeout = setTimeout(function() {
|
|||
|
clearInterval(interval);
|
|||
|
}, 45000);
|
|||
|
window.pageLoad.then(function() {
|
|||
|
setTimeout(function() {
|
|||
|
clearInterval(interval);
|
|||
|
clearTimeout(timeout);
|
|||
|
}, 3000);
|
|||
|
});
|
|||
|
$scrollTarget.on('scroll', function() {
|
|||
|
disabled || setState(null, scrolling);
|
|||
|
});
|
|||
|
$window.on('resize', window.throttle(function() {
|
|||
|
if (!disabled) {
|
|||
|
render(); calc(); setState(null, scrolling);
|
|||
|
}
|
|||
|
}, 100));
|
|||
|
}
|
|||
|
hasInit = true;
|
|||
|
}
|
|||
|
|
|||
|
setOptions(options);
|
|||
|
if (!disabled) {
|
|||
|
init();
|
|||
|
}
|
|||
|
$window.on('resize', window.throttle(function() {
|
|||
|
init();
|
|||
|
}, 200));
|
|||
|
return {
|
|||
|
setOptions: setOptions
|
|||
|
};
|
|||
|
}
|
|||
|
$.fn.toc = toc;
|
|||
|
});
|
|||
|
})();
|
|||
|
/*(function () {
|
|||
|
|
|||
|
})();*/
|
|||
|
</script><script>
|
|||
|
/* toc must before affix, since affix need to konw toc' height. */(function() {
|
|||
|
var SOURCES = window.TEXT_VARIABLES.sources;
|
|||
|
var TOC_SELECTOR = window.TEXT_VARIABLES.site.toc.selectors;
|
|||
|
window.Lazyload.js(SOURCES.jquery, function() {
|
|||
|
var $window = $(window);
|
|||
|
var $articleContent = $('.js-article-content');
|
|||
|
var $tocRoot = $('.js-toc-root'), $col2 = $('.js-col-aside');
|
|||
|
var toc;
|
|||
|
var tocDisabled = false;
|
|||
|
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
|
|||
|
var hasToc = $articleContent.find(TOC_SELECTOR).length > 0;
|
|||
|
|
|||
|
function disabled() {
|
|||
|
return $col2.css('display') === 'none' || !hasToc;
|
|||
|
}
|
|||
|
|
|||
|
tocDisabled = disabled();
|
|||
|
|
|||
|
toc = $tocRoot.toc({
|
|||
|
selectors: TOC_SELECTOR,
|
|||
|
container: $articleContent,
|
|||
|
scrollTarget: hasSidebar ? '.js-page-main' : null,
|
|||
|
scroller: hasSidebar ? '.js-page-main' : null,
|
|||
|
disabled: tocDisabled
|
|||
|
});
|
|||
|
|
|||
|
$window.on('resize', window.throttle(function() {
|
|||
|
tocDisabled = disabled();
|
|||
|
toc && toc.setOptions({
|
|||
|
disabled: tocDisabled
|
|||
|
});
|
|||
|
}, 100));
|
|||
|
|
|||
|
});
|
|||
|
})();
|
|||
|
(function() {
|
|||
|
var SOURCES = window.TEXT_VARIABLES.sources;
|
|||
|
window.Lazyload.js(SOURCES.jquery, function() {
|
|||
|
var $window = $(window), $pageFooter = $('.js-page-footer');
|
|||
|
var $pageAside = $('.js-page-aside');
|
|||
|
var affix;
|
|||
|
var tocDisabled = false;
|
|||
|
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
|
|||
|
|
|||
|
affix = $pageAside.affix({
|
|||
|
offsetBottom: $pageFooter.outerHeight(),
|
|||
|
scrollTarget: hasSidebar ? '.js-page-main' : null,
|
|||
|
scroller: hasSidebar ? '.js-page-main' : null,
|
|||
|
scroll: hasSidebar ? $('.js-page-main').children() : null,
|
|||
|
disabled: tocDisabled
|
|||
|
});
|
|||
|
|
|||
|
$window.on('resize', window.throttle(function() {
|
|||
|
affix && affix.setOptions({
|
|||
|
disabled: tocDisabled
|
|||
|
});
|
|||
|
}, 100));
|
|||
|
|
|||
|
window.pageAsideAffix = affix;
|
|||
|
});
|
|||
|
})();
|
|||
|
</script><!---->
|
|||
|
|
|||
|
</div>
|
|||
|
<script>(function () {
|
|||
|
var $root = document.getElementsByClassName('root')[0];
|
|||
|
if (window.hasEvent('touchstart')) {
|
|||
|
$root.dataset.isTouch = true;
|
|||
|
document.addEventListener('touchstart', function(){}, false);
|
|||
|
}
|
|||
|
})();
|
|||
|
</script>
|
|||
|
</body>
|
|||
|
</html>
|
|||
|
|