FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 07-26-2011, 10:33 AM
Samuel Thibault
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

Daniel Baumann, le Tue 26 Jul 2011 12:30:29 +0200, a écrit :
> On 07/26/2011 12:23 PM, Moritz Mühlenhoff wrote:
> > I would suggest a package such as "debian-oem-prep", which
> > contains an init script, which tests a file such a
> > /etc/wipe-all-traces-on-next-boot. If that files exists, all
> > sensitive host data like existing SSH hosts is being removed,
> > and debconf being fired up to configure a new host and domain
> > name.
>
> this is re-inventing the wheel; the stuff should not be generated in the
> first place by the package, and the best way to decide which stuff
> shouldn't be generated is to have the maintainer of the package care
> about this in the very same package (see my other mail).

Well, isn't it simply about not configuring a few packages?

Such as: the maintainer writes in control whether his package should be
configured at install time or first-boot time. And this field is only
used by OEM installers.

That way, most packages are already configured, and the few packages we
don't want to configure aren't.

Samuel


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110726103354.GI8388@const">http://lists.debian.org/20110726103354.GI8388@const
 
Old 07-26-2011, 10:41 AM
Daniel Baumann
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

On 07/26/2011 12:33 PM, Samuel Thibault wrote:
> Well, isn't it simply about not configuring a few packages?

no; see openssh-server.postinst, in the discussed use-case you want to
run everything in there except the creation of the host keys.

the only left problem to work out is to define a way so that upon start,
if enabled (which would be by default to yes upon boot), those packages
that have not configured their "private" stuff yet, to run their
postinsts again (to execute only those commands that create it, see my
other mail before).

--
Address: Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email: daniel.baumann@progress-technologies.net
Internet: http://people.progress-technologies.net/~daniel.baumann/


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4E2E99E7.8050307@progress-technologies.net">http://lists.debian.org/4E2E99E7.8050307@progress-technologies.net
 
Old 07-27-2011, 03:41 AM
Ivan Shmakov
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

>>>>> Daniel Baumann <daniel.baumann@progress-technologies.net> writes:
>>>>> On 07/26/2011 12:33 PM, Samuel Thibault wrote:

>> Well, isn't it simply about not configuring a few packages?

> no; see openssh-server.postinst, in the discussed use-case you want
> to run everything in there except the creation of the host keys.

> the only left problem to work out is to define a way so that upon
> start, if enabled (which would be by default to yes upon boot), those
> packages that have not configured their "private" stuff yet, to run
> their postinsts again (to execute only those commands that create it,
> see my other mail before).

Given how a usual .postinst script is written, its repeated
execution isn't expected to do any harm.

AIUI, the .postinst scripts may be re-executed with
dpkg-reconfigure(8). The --all option may be handy, as well as
the --frontend=noninteractive and --unseen-only ones.

--
FSF associate member #7257


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 86y5zkpezw.fsf@gray.siamics.net">http://lists.debian.org/86y5zkpezw.fsf@gray.siamics.net
 
Old 07-27-2011, 04:12 AM
The Fungi
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

On Wed, Jul 27, 2011 at 10:41:07AM +0700, Ivan Shmakov wrote:
> AIUI, the .postinst scripts may be re-executed with
> dpkg-reconfigure(8).
[...]

In fact, for years I've relied on precisely this behavior to
regenerate SSH host keys when cloning machines (virtual or
physical)...

sudo rm /etc/ssh/*_key* && sudo dpkg-reconfigure openssh-server

--
{ IRL(Jeremy_Stanley); WWW(http://fungi.yuggoth.org/); PGP(43495829);
WHOIS(STANL3-ARIN); SMTP(fungi@yuggoth.org); FINGER(fungi@yuggoth.org);
MUD(kinrui@katarsis.mudpy.org:6669); IRC(fungi@irc.yuggoth.org#ccl);
ICQ(114362511); YAHOO(crawlingchaoslabs); AIM(dreadazathoth); }


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110727041243.GA1336@yuggoth.org">http://lists.debian.org/20110727041243.GA1336@yuggoth.org
 
Old 07-28-2011, 08:19 AM
Daniel Baumann
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

On 07/27/2011 05:41 AM, Ivan Shmakov wrote:
> Given how a usual .postinst script is written, its repeated
> execution isn't expected to do any harm.

for the -live case, this just bloads boottime unnecessarily long (which
is why live-config doesn't do that).

--
Address: Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email: daniel.baumann@progress-technologies.net
Internet: http://people.progress-technologies.net/~daniel.baumann/


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4E311B83.6060908@progress-technologies.net">http://lists.debian.org/4E311B83.6060908@progress-technologies.net
 
Old 07-28-2011, 02:36 PM
Philip Hands
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

On Wed, 27 Jul 2011 04:12:44 +0000, The Fungi <fungi@yuggoth.org> wrote:
> On Wed, Jul 27, 2011 at 10:41:07AM +0700, Ivan Shmakov wrote:
> > AIUI, the .postinst scripts may be re-executed with
> > dpkg-reconfigure(8).
> [...]
>
> In fact, for years I've relied on precisely this behavior to
> regenerate SSH host keys when cloning machines (virtual or
> physical)...
>
> sudo rm /etc/ssh/*_key* && sudo dpkg-reconfigure openssh-server

For a while I've thought that it would be good to have a way of
provoking such packages to reset themselves -- that way one might do
something like:

dpkg-reconfigure --set-state-to-pristine

and that would then find packages that had things like keys to throw
away, by running something like the postinst with perhaps a 'reset'
option.

If this was done in a flexible way, allowing behaviour to be modified
via debconf questions, or similar, it should be able to handle the cases
where you have a live CD, or have cloned a machine's disk, and want to
change it's name and keys and mailname etc.

It occurs to me that one might want to use this to allow someone to move
a disk to a new machine without that resulting in your ethernet being
renamed from eth0 to eth1 (but perhaps that's getting out of scope for
this).

Cheers, Phil.
--
|)| Philip Hands [+44 (0)20 8530 9560] http://www.hands.com/
|-| HANDS.COM Ltd. http://www.uk.debian.org/
|(| 10 Onslow Gardens, South Woodford, London E18 1NE ENGLAND
 
Old 07-28-2011, 02:52 PM
Daniel Baumann
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

On 07/28/2011 04:36 PM, Philip Hands wrote:
> For a while I've thought that it would be good to have a way of
> provoking such packages to reset themselves

absolutely, see the other thread on devel from before:
http://lists.debian.org/debian-devel/2011/07/msg00698.html

--
Address: Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email: daniel.baumann@progress-technologies.net
Internet: http://people.progress-technologies.net/~daniel.baumann/


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4E3177AF.4000709@progress-technologies.net">http://lists.debian.org/4E3177AF.4000709@progress-technologies.net
 
Old 08-13-2011, 10:51 AM
Hector Oron
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

Hello,

Getting late to discussion, apologies for that.

2011/7/26 Jonas Smedegaard <dr@jones.dk>:
> On 11-07-26 at 12:03pm, Paul Wise wrote:

>> We were thinking that it might be nice to add support to
>> openssh-server for installing the package, not generating the host
>> keys and then generating them on first boot. debconf pre-seeding could
>> be one way to do that, but it would be quite specific and a more
>> general solution might be desirable.
>>
>> So, I was wondering if anyone has any ideas on this topic?

> Uhm, I did have an idea for this, but have forgotten it again now.
>
> Cc'ing Hector who might recall our discussion on this exact issue a few
> weeks ago...

Indeed, openssh keys as well as udev fpostinst creates
/etc/udev/rules.d/70-persistent-net.rules which hardcodes MAC
addresses. Maybe some other packages are as well affected.

Jonas and I discussed this problem and we had some random ideas. We
discussed on allowing preinst and postinst in two stages, one stage
being a 'generic' way and the other a 'unique' way.

So basically preinst/postinst would only run generic part when image
is generated and the unique part would be executed once the image
boots in the final device.

Best regards,
--
Â*Héctor Orón Â*-.. . -... .. .- -. Â* -.. . ...- . .-.. --- .--. . .-.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CAODfWeFPxw_VZRc�4R7Z2=UqJvFs=JuCZExFQLvFSj-NyPw@mail.gmail.com
 
Old 08-13-2011, 01:55 PM
Ben Hutchings
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

On Sat, 2011-08-13 at 12:51 +0200, Hector Oron wrote:
> Hello,
>
> Getting late to discussion, apologies for that.
>
> 2011/7/26 Jonas Smedegaard <dr@jones.dk>:
> > On 11-07-26 at 12:03pm, Paul Wise wrote:
>
> >> We were thinking that it might be nice to add support to
> >> openssh-server for installing the package, not generating the host
> >> keys and then generating them on first boot. debconf pre-seeding could
> >> be one way to do that, but it would be quite specific and a more
> >> general solution might be desirable.
> >>
> >> So, I was wondering if anyone has any ideas on this topic?
>
> > Uhm, I did have an idea for this, but have forgotten it again now.
> >
> > Cc'ing Hector who might recall our discussion on this exact issue a few
> > weeks ago...
>
> Indeed, openssh keys as well as udev fpostinst creates
> /etc/udev/rules.d/70-persistent-net.rules which hardcodes MAC
> addresses. Maybe some other packages are as well affected.
[...]

There is a new network device naming scheme that uses physical location
(slot number or firmware-provided port number) to name PCI network
devices. So far this is implemented in Fedora 15 and RHEL 6.1 (!). I
assume this would generate consistent device names for network devices
in VMs if the configurations differ only by MAC address.

Marco, do you have any plans for using this scheme as an option or as
the default?

Ben.
 
Old 08-13-2011, 04:15 PM
Colin Watson
 
Default support for installing unconfigured systems (VM images, Debian Live images, preinstalled mobile/tablet images)

On Sat, Aug 13, 2011 at 02:55:51PM +0100, Ben Hutchings wrote:
> There is a new network device naming scheme that uses physical location
> (slot number or firmware-provided port number) to name PCI network
> devices. So far this is implemented in Fedora 15 and RHEL 6.1 (!). I
> assume this would generate consistent device names for network devices
> in VMs if the configurations differ only by MAC address.
>
> Marco, do you have any plans for using this scheme as an option or as
> the default?

This is implemented in the biosdevname package, which I think we should
get into Debian. I got it into Ubuntu a while back, but have been
neglecting to sync up Debian. Alex, what's the progress of your ITP
(#617820)? Would you like to work together based on my Ubuntu package
(https://launchpad.net/ubuntu/+source/biosdevname), which in turn was
somewhat based on the packaging provided by upstream?

--
Colin Watson [cjwatson@debian.org]


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110813161559.GC32525@riva.dynamic.greenend.org.u k">http://lists.debian.org/20110813161559.GC32525@riva.dynamic.greenend.org.u k
 

Thread Tools




All times are GMT. The time now is 01:39 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org