Hope not too silly question from a ISO builder newbie...

I have to build a minimal custom Kali ISO that only includes the packages that are needed for students to complete their computer security homework. I have prepared my new kali.list.chroot, updated the desktop image and links, and copied useful material to ease students' work.

Students will perform their exercises at the lab and they will need root privileges to complete their attacks. They are supposed to be hackers (not crackers), but they may execute wrong commands (the nightmare is rm -rf).

Therefore I want to disable automatic mounting of hard drives.

Is there a best way to do it?

Should I override some of the existing boot time scripts?
Or I have to add a new hook that unmounts disks? (this solution looks to me a bit too dirt)

Many thanks in advance.

if you look at the live.cfg file for grub, there is a forensic mode that might interest you, i think it only mounts the ISO (or whatever it is installed on) as read only. i am not 100% sure but if you copy over the appended option (i think its nomount or noautomount) it might work.

if you look at the live.cfg file for grub, there is a forensic mode that might interest you, i think it only mounts the ISO (or whatever it is installed on) as read only. i am not 100% sure but if you copy over the appended option (i think its nomount or noautomount) it might work.

Very bright idea. Many thanks St0ner1995.
After cleaning and resetting environment variables, additional files, packages, etc. I found the live.cfg file and edited it, added the noswap noautomount options (removed unnecessary items), and built the ISO. However something went wrong, the Kali splashfs image was changed with a default isolinux debian one and the graphical environment didn't start, stopped on a blank screen.

Nevertheless, launching the standard forensic mode is enough for my purposes.

BTW, I tried deleting the live-build-config folder, recloning with git and starting everything from scratch, the live.cfg file is only available after the first custom ISO generation (maybe there is another way to have everything available on the disk from the beginning but I don't know it). So after the first perfect build, I had the same problem.

Thanks for the support.

something went wrong, the Kali splashfs image was changed with a default isolinux debian one and the graphical environment didn't start, stopped on a blank screen.

That could just be because isolinux supports those options but debian on its own does not. there might be another way of going about it though

That could just be because isolinux supports those options but debian on its own does not. there might be another way of going about it though

I guess debian supports these options, as they are the same as the ones used by Kali-forensic mode. I fear it is just that manually overwriting the live.cfg alters some delicate equilibrium in the ISO build scripts. I should have a look at the scripts or other approaches but overwhelmed by other tasks I will have no chance to invest much time on this at the moment...

Thanks