I'm interested in producing a live-usb that runs Linux without any networking capabilities. No WiFi, bluetooth, ethernet or in general any network IO capabilites at all. Essentially an OS-level air-gap to complement a physical air-gap.
What would be the best way of going about this? I figure I could start by compiling the kernel, and then hacking and slashing my way through to remove all the networking capabilities whilst ensuring it still builds, but I imagine that there might be an easier way. For example, I am told that Qubes neatly segregates all networking into a VM, and I imagine that hacking that out might be easier than working with the kernel directly.
I'm imagining that this will need some effort, but wanted to ask first to check that there was no obvious way to do it.