Can I get some help with partitions? More quests..

Briefly describe your issue below:

I need a little bit of help as it relates to doing a clean install of Parrot. The problem I run into is that when I use guided partition, it doesn’t allow me to change the / file to more than about 30 gigs. As a result, I end up with a full partition really quickly. Yes I am fairly new to Linux, but I am trying to do a bit of a career change and learn some new things. I’ve searched for awhile to try to find a guide that could let me know which partitions to use. I’ve found some regarding Arch, which seems to suggest ext4 over btfrs, if I got that correctly. Yet it doesn’t seem to pan over from Arch to Debian based. Another thing is I installed VirtualBox and tried to install Parrot OVA, but there wasn’t enough space for me to put it on. FYI, I have a 500 gb SSD.

So in short, should I be using multiple partitions or just have everything in one file (as it suggests for new users)? I’ve done 5+ reinstalls and still can’t figure it out. I did a manual partition with multiple partitions and managed to mess that up. There are some Linux articles that suggest I don’t need to use different partitions at all and install everything on one as long as I encrypt my SSD before logging in (which I have been doing).

Another problem I’ve had as it upgraded me from 4.7 to 4.8, but my screen now stops… I have a total of 5 screens and 2 or 3 of them just flat out freeze all together. MATE for the desktop.

Anyone try KDE on 4.8? I booted LIVE 4.7 into it, and I really liked it, but I don’t want to miss out on the simplicity of MATE.

As for Synaptics, can I upgrade from there? I was reading the upgrade guide on using “sudo parrot-upgrade” since it suggests it will come from the rolling updates. I like synaptics for its simple interface, but the question is whether to select “highest version, installed version, or prefer versions from: rolling-security”. The problem is I’ve noticed that when I’ve selected “prefer versions from: rolling-security”, I run into a problem where it goes back to “Always prefer to the highest version.”

Another question I have is about anonsurf. When you connect to anonsurf, is that considered a first layer of tor? And then if I install tor and open it up, does it run directly through my eth0 or through anonsurf and then connect?

Another problem I’ve had with tor, and it may not be a Parrot problem, but when I request a obfs4 bridge that isn’t built in, it tries to find a file that has a “/.” in it. I don’t necessariyl need a bridge, but I’d like to know how I could fix that on my end?

I was looking at one of the older anonsurf links over at github, and it had a little something called “pandora bomb.” I guess what it does is clean out your RAM completely when you shut down or instruct it. Some of the digital forensics videos I’ve geeked out on suggest it is possible to go ahead and retrieve data from RAM even if the drive is fully encrypted. Is that a feature that comes built in Parrot at all or is possible in the future updates?

Also, is there anything that could help out journalists? I’ve read a lot of articles on how investigative journalists are pretty much on a “watch them” list. They regularly get pulled out after checking in at airports and border crossings and are forced to give over their passwords, where some dipshit goes through every file to try to incriminate them. Any distro available to them where they give an alternative PW or account that logs into a part of the laptop that has no articles, files, sources, etc. on it? There was an article where a journalist said they connected a portable HD and copied everything over and sent him on his way, but who knows what happened with everything they copied over.

Another question is onioncircuits. I noticed parrotsecurity:0 popping up for a brief moment and closing out immediately. Same with clamav after I installed it. I also noticed when I connected to anonsurf and got onto Firefox that even I had removed all telemetry and used about:config to clear out a bunch of things and use DoH and some other things, it was still connecting to Firefox. I understand it would connect to the add-ons installed, but it showed values of telemetry.mozilla.com or something along the lines of that.

Yeah…it’s long, but its better than 10+ topics I guess.

What version of Parrot are you running?
Running 4.8 security (upgraded from 4.7) MATE amd64.

What method did you use to install Parrot?
Used GTK+

Configured to multiboot with other systems? (yes / no)
No muilti-boot

If there are any similar issues or solutions, link to them below:

If there are any error messages or relevant logs, post them below:

I see you have many questions let attempt to answer some:

  1. Partitions- I found this article interesting, yes it is federa but just about all of it applies to any linux system. https://fedoramagazine.org/learning-about-partitions-and-how-to-create-them-for-fedora/
    Now as far what you really need, there are only three: root( /), boot, and an ESP (/boot/efi). Boot is where grub will install its necessaries and where the kernels will reside. It needs to be formated to a linux filesystem, 500MB or more is advisable. The EFI system partition(ESP) modern computers do as you may or may not already know. The ESP doesn’t need to be very large as it only holds the EFI boot loader. Everything else can simply be put in one large root partition, the advantage here is that you only run out of space when the drive is full. You can create seperate partitions but other than the required ones it isn’t needed. It’s really just a matter of use case and personal preference. Most of the system will end up under /usr if that helps.
    As far as encryption, it only protects your data from someone with physical access so it’s not necessary. Again a matter of preference or personal need.

  2. I don’t think 5 simultaneous screens are supported, max I think is 3 but I’m not certain.

  3. Synaptic Package Manager is a GUI for apt, “parrot-upgrade” is a just a script that was created for ease of use. Just make sure you don’t use plain apt upgrade and instead do “apt full-upgrade” or “apt dist-upgrade”. Synaptic can do this as well so you can upgrade there if you wish. As for the versions I can’t really help you there but I wouldn’t worry too much about it on this distrubution.

  4. Anonsurf is a script that routes net traffic through Tor. Head to torproject.org for more info on how Tor functions. The TOR browser only routes browser traffic through Tor while anonsurf applies to all traffic. It doesn’t create an new network interface.

  5. RAM, random access memory is non-volatile so data doesn’t persist after shutdown. Yes it is or perhaps I should say was possible to using certain techniques to recover data from it even after shutdown but this only applies to old long obsolete standards like DDR2. Of course any running system loads data to RAM when active and there are digital forensics tools to dump the contents for later examination. The repository has one or two of these tools I don’t believe they’re installed by default, in any case it’s the sort thing you really would need some university or profesional training in. That’s about as much as I know about it.

Thank you Muroga. Read your post a few times, and the only thing I’m still iffy on is the partitions.

1: For partitons, would this link work: https://wiki.archlinux.org/index.php/Partitioning#Partition_scheme One problem I’ve run into is the order in which every partition needs to be made manually. Is it root (/) first, and then the rest? I recall the guided system installing boot/grub last. I keep messing that part up…

1 cont: And isn’t it a good idea to have some swap? Especially if running Virtual OSes or docker? I have 64gb of RAM to offer to them, and I usually offer about 4-8 gigs depending on the virtual OS. I keep messing that part up. Another thing, which I slightly understand, is that after every update to the kernel to parrot-suggested packages, my root swells and hits 30gb very quickly. Nothing outside of themes and tor installed through the browser launcher and some mate panel add-ons end up in /home, where supposedly the bulk of everything should end up.

1 cont. agian (lol): Here’s the thing about var, tmp, etc. I was messing around with anonsurf on a previous install where I only had everything installed to one partition (without /tmp and /var) and I usually do it through the root terminal. I connected and checked onioncircuits to make sure I was connected, which showed me connected. Yet when I used “anonsurf status”, it showed up as inactive despite showing a connection and relayed an error saying there were files missing in /tmp and /var that it was trying to pull information from. So in order for anonsurf, and other root programs to work, wouldn’t it be necessary to have tmp and var? Sorry, but the more I read on this, the more tabs I end up with and keep doubting myself. I did sign up on edx as suggested for the linux foundation course, but I couldn’t necessarily afford the fee for certification so it was limited to me (I ended up spending a lot on money on a certificate for something else, and the pay off has been negative if anything at all).

  1. I currently have all 5 monitors working. I have two GPUs, but only the 1st GPU works. So I had to get a displayport splitter from BestBuy and 3 screens into the splitter, which feeds in as one single displayport. My problem is that some of the screens freeze. I have auto-suspend off, hiberation, screensaver, off, etc. If I am over at my other desk with another setup for about 15 minutes, and I come back, only 2 screens work. The other have sometimes black and green stripes to a pale orange. I can run my mouse through it because it takes awhile to get back up. But my main screen, where my panel is, stops showing so I need to manually close. I currently have the 5 monitors extended as opposed to mirrored. It just freezes… :-\

  2. I like having a GUI for apt, which is why I use synaptic. It’s straight forward and what not. But I have noticed that when I choose “highest version”, I get different upgrades and installations as opposed to installed version, which might try to downgrade somethings. And rolling-security seems to be what is used when invoking sudo parrot-upgrade??? Not sure. Some clarification would be appreciated. Or should I just stick to parrot upgrades through the terminal and other packages through synaptics?

  3. I’ve been using tor browser on and off, but I wasn’t sure about anonsurf. Does it route everything through the loopback? Because I have both eth0 and lo measuring devices, and it seems to suggest that both are working. In the past, I used to be able to connect to a VPN and then to anonsurf, which killed eth0 all together. Yet I see both eth0 and lo working, but giving me different speeds. Not sure what to think of it…

  4. As for ram cleaning on command or shut-down, the only reason I’m interested and worried is because of what VPNs have been doing. Some VPNs have ditched harddrives and gone all in on RAM so nothing is kept in terms of logs and other traceable material I looked up a counter argument to it, and it was suggested by a crytopgrapher/cyber expert that regardless everything on those VPN servers could still be recovered if they don’t wipe the ram. His argument was that regardless of them moving over, information can still be extracted. I’m curious as to how this might work since I’d realllllllly like to get into cybersecurity field within the next two years or so.

Also, anyone have any thoughts on udemy? I can’t spit out 1000s for edx or coursera, but I can drop about 20 bucks for their courses. Unfortunately they’re not accredited…so yeah.

Thanks for coming to and answering my TED Tal…err TED questions.

Sure I don’t see why not from what I see, as I’ve been saying it’s really up to the user…regretfully this fact also has a way of making the process more difficult than is often necessary. So many options/choices.

First there is actually mostly no real order, the only contraints that I know of are that boot needs to be(or is best) as the 1 partition. Because we almost certainly need an EFI system partition and that is mounted under /boot as /boot/efi you’ll probably make that one next. Then we can have root and as many other partitions as we like (assuming we’re using GPT partition table). As for /boot/grub yes the installer does this last but this is because it is installing the grub bootloader which we need for the OS to start properly, this is basically always done last in installing a distro. There are reasons why grub is best called at the end but I won’t get into that though it doesn’t change the partitioning needed. Now if you have problems installing grub that can be done manually if necessary but it can be tricky for the inexperienced.

Now as to you root problem why don’t you try just making /boot, /boot/efi, and root ( / ) which will fill the remainder of the drive or will it not let you make it larger than 30gb in any scenario? If so that shouldn’t happen since putting the whole system in one large root partition is one of the options in guided partitioning… If you don’t like that you can make root 30gb and pull out /usr on it’s own partition, as I mentioned this is the directory where most of the operating system/applications will go so make this just as large as root. Under this scheme you’ll find root will remain quite empty even more so if /var is also on its own partition. Var short for Variable holds the variable or changing system data like logs, it doesn’t need to be nearly as large as /usr perhaps only 10-12gb.

We can recap with an example, this is how I decided to hack up my disk. You’ll notice I have /boot /dev/sda1 and I made it frankly probably a little too large at nearly 2gb. I then made a giant ESP, followed by root (notice how much is used), then you see /usr which aside from /home where I have many downloads is the largest single filesystem. Most of the system data will go under /usr and some more under /var while your data will be on /home. I choose to make a /tmp partition as well because I felt like it, this is a special mountpoint that gets flushed on shutdown. Finally you’ll opt or optional, which is supposed to be for additional or optional system addons…if I didn’t choose to use it would stay basically empty so it’s really not necessary to make a partition for this at all. In fact the directory only exists because certain software packages(mostly third party apps) want to save to it. Last because I wanted to play with lvm’s I made an 8gb partition and made it a physical volume along with an sdcard that isn’t shown into a single volume group.
Oh and swap, yes you’re generally right in my opinion that its good to have swap but most modern machines really don’t need it especially if there is plenty of ram. The great thing is swap can be pretty painlessly added or removed any time during or after the installation process though I’ve heard having swap lets the installer finish it’s process faster but thats only a rumour asaik.

vlcsnap-2020-02-10-01h15m37s434

Okay moving on from that. Onioncircuit I can’t say as to exactly what the issue is there but I can say tmp and var are always there whether they are on they own partitions or not. I personally am having issues getting mine to even open so I think it could be an application bug. Onioncircuits as I understand it, I rarely use Tor services, should allow you to look at the different node connections of the already running Tor daemon(background service/process) but I think it might have its own Tor stack like Onionshare does…???..you should ask a dev more about it.
I know the Tor browser only sends browser traffic through Tor which as you correctly identified makes use of loopback interface for routing but the loopback interface is part of a sort of trick it uses. Yeah Tor doesn’t necessarily work alongside VPN’s but there are many different VPN protocols so some may but many can not.
Can’t help you with the screens but anytime you have a piece of hardware that you have problems with take a look at the dmesg (hw device and kernel msg log) in a terminal. It may give you some ideas about what exactly the problem is but knowing won’t necessarily mean it’s realistically something you can fix.

Finally I don’t know much about the ins and outs of memory technologies but servers use a different kind of RAM than do desktops or mobile devices that use error correction and buffering, etc. so maybe this allows some data to persist, they also can use special nvram (think Intel Optane) to increase their processing power. This maybe what was referred to although if it’s a free VPN service unless they’re getting charitable donations they’re almost certainly selling users data to maintain the service…totally legal as shocking as that may sound.

I’m going to end this hear as I think I’m making less and less sense the more I type…I hope it’s understandable.

1 Like

Thanks. You made sense, no problem. I don’t use Tor or anonsurf often, but only once in awhile. I just like knowing a certain software/app works properly. As for onioncircuits, I tried launching it from a terminal and found it didn’t open due to a Python Django file being denied access. Gave it permissions as a user to execute and write, but didn’t work. Even root after that. Still nothing. It worked after I deleted the file and onioncircuits popped up.

Going to make notes of everything. Thanks again!