Re: FAI 2.9 - PB with FAI-NFSROOT
--- Henning Sprang <[EMAIL PROTECTED]> a écrit : > On Thu, 2006-02-09 at 12:19 +0100, tundis phil > wrote: > > Hi, > > > > I just try to install FAI 2.9 on a sarge and I > encounter the following > > problem with fai-nfsroot. > > To install FAI 2.9, I can not do an apt-get since > all the packages are > > in testing, so I dowload them : > > Why do you want exactly 2.9? Is 2.9.1 an option for > you? > Then read the fai homepage or the wiki on how to use > the apt repository > at uni-koeln. There should be 2.9.1. > > Henning > > > Hi, I wanted 2.9.1 to try the new version of FAI. I already try 2.8.4 by the past with FAI-CD. I just see your message today and go to the WIKI for the deb repository URL. I will try with it but I already did with a local mirror. But your soluce is easier than with a local mirror. Thanks too Phil tundis ___ Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international. Téléchargez sur http://fr.messenger.yahoo.com
Re: FAI 2.9 - PB with FAI-NFSROOT
--- Patrick Cornelißen <[EMAIL PROTECTED]> a
écrit :
> tundis phil schrieb:
>
> > It is normal since my source.list is in stable.
> > How can I say to fai-setup to look in a local
> directory for the paquet
> > fai-nfsroot.
>
> Just have a look at the various tutorials how to
> setup a local deb
> repository. I've no link available, but google will
> help you there.
Hi,
I follow your answer and find this URL (I put it here
for the others on the list)
"http://www.debian.org/doc/manuals/quick-reference/ch-package.en.html";
which say
A local deb repository similar to an official Debian
archive can be made in this way:
# aptitude install dpkg-dev
# cd /usr/local
# install -d pool # physical packages are located
here
# install -d
dists/unstable/main/binary-i386
# ls -1 pool | sed 's/_.*$/ priority section/' |
uniq > override
# editor override # adjust priority and section
# dpkg-scanpackages pool override /usr/local/ \
> dists/unstable/main/binary-i386/Packages
# cat > dists/unstable/main/Release << EOF
Archive: unstable
Version: 3.0
Component: main
Origin: Local
Label: Local
Architecture: i386
EOF
# echo "deb file:/usr/local unstable main" \
>> /etc/apt/sources.list
However, I have to modify it by replacing :
cat >
dists/unstable/main/Release << EOF
and
dpkg-scanpackages pool override /usr/local/ \
> dists/unstable/main/binary-i386/Packages
by
cat > dists/unstable/main/binary-i386/Release << EOF
and
dpkg-scanpackages pool override \
> dists/unstable/main/binary-i386/Packages
And my local mirror works.
So I have to try the install now.
Thanks a lot
Phil Tundis
>
> --
> Bye,
> Patrick Cornelissen
> http://www.p-c-software.de
> ICQ:15885533
>
>
___
Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs
exceptionnels pour appeler la France et l'international.
Téléchargez sur http://fr.messenger.yahoo.com
FAI 2.9 - PB with FAI-NFSROOT
Hi, I just try to install FAI 2.9 on a sarge and I encounter the following problem with fai-nfsroot. To install FAI 2.9, I can not do an apt-get since all the packages are in testing, so I dowload them : fai-doc fai-nfsroot fai-client fai-server I do an dpkg -i fai-doc.. fai-client.. fai-server.. Everything goes well and my packages were installed. I modified fai.conf and the source.list. Then I run fai-setup and at the end, I have :Adding additional packages to /usr/lib/fai/nfsroot: fai-nfsroot module-init-tools dhcp3-client ssh file rdate hwinfo portmap bootpc rsync wget rsh-client less dump reiserfsprogs usbutils psmisc pciutils hdparm smartmontools parted mdadm lvm2 dnsutils ntpdate dosfstools cvs jove xfsprogs xfsdump sysutils dialog discover mdetect libnet-perl! netcat libapt-pkg-perl grub lilo dmidecode hwtools read-edid E: Couldn't find package fai-nfsrootIt is normal since my source.list is in stable. How can I say to fai-setup to look in a local directory for the paquet fai-nfsroot. Any help welcome Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international. Téléchargez la version beta.
Re : Strange problem with fai-mirror not finding the kernel package from my mirror
Hi, I just use Fai-cd and I had the same problem. I resolved it by putting some a line in the script /usr/sbin/fai-cd. In the old script, there was : deb file:/file/mirror stable main I replace it by deb file:/file/mirror stable main deb file:/file/mirror sarge main I think the problem came for the section of the kernel, it was sarge and now it is stable, so you need the two sections (sarge et stable) in order to have all the packages. Phil Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international. Téléchargez la version beta.
error hostname in cfengine
hi, I'm a new french user of fai. I've some problem with the $(HOSTNAME) variable. My environment is : - DHCP server but I'm not the administrator , - boot client by floppy, - Intern Debian mirror (not the FAI server). in the script /usr/sbin/make-fai-bootfloppy, I modified the line of the FAI-DHCP to force the hostname : append="ip=persohost::dhcp root=/dev/nfs FAI_FLAGS=verbose,sshd,createvt,syslogd nfsroot=X.X.X.X:/usr/lib/fai/nfsroot FAI_ACTION=install" I obtain in the log files : - error.log cfengine.log:Currently non existent variable $(HOSTNAME) - cfengine.log persohost: No preconfiguration file Currently non existent variable $(HOSTNAME) Accepted domain name:undefined.domain If anybody can help me. thanks Philippe tund Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/
Re: FAI package dependencies
On Thu, 28 Feb 2002, Matthew Palmer wrote: > Any particular reason why FAI needs to run debootstrap, but doesn't depend > on it? FAI version 2.2.3, trying to work with woody. Maybe because it needs debootstrap only if you want to install woodies. But it should at least be in the recommended list. -- Philippe Biondi Cartel Sécurité Security Consultant/R&D http://www.cartel-securite.fr Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Re: Automatic installation documentation
On Wed, 27 Feb 2002, Chad C. Walstrom wrote:
> On Wed, Feb 27, 2002 at 01:28:05PM +0100, Phil wrote:
> > I've begun to write sth that output a LaTeX report giving details
> > about the hardware...[snipped for brevity]...
>
> Very cool. Perl or Python? Parsing the fai install logs?
It's bash for the moment (just a proof of concept :)).
Maybe perl is a good choice,.. but I like python too much :)
It just gathers informations on the machine. There is nothing related
directly to FAI, but it could.
Little ugly extract :
--
cat << EOF
\appendix
\chapter{Liste des paquetages et de leur version}
\label{anx.packages}
%% Generated with
%% grep -E "^(Package:|Version:|Status:|$)" < /var/lib/dpkg/status | awk
'BEGIN{RS="\n\n";FS="( |\n)"} ; {if (\$6 == "installed") {print \$2,\$8}}'
\begin{twocolumn}
\small
\begin{verbatim}
EOF
grep -E "^(Package:|Version:|Status:|$)" < /var/lib/dpkg/status | \
awk 'BEGIN{RS="\n\n";FS="( |\n)"} ; {if ($6 == "installed") {print $2,$8}}'
cat < #!/bin/sh
> dpkg=/bin/dpkg
>
> # Set the column width
> COLUMNS=132
> export COLUMNS
>
> # Run dpkg -l
> $dpkg -l $@
Thanks for the COLUMNS trick!
The code above will become
COLUMNS=1000 dpkg -l | awk '/^ii/{print $2 $3}'
--
Philippe Biondi Cartel Sécurité
Security Consultant/R&D http://www.cartel-securite.fr
Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99
PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Automatic installation documentation
Hi, Do some of you know about a tool that is able to make an installation documentation. This will be about the same as generating a report on the machine. I've begun to write sth that output a LaTeX report giving details about the hardware, listing some important files as /etc/network/interfaces, reporting the partitioning of the disks, giving the list of packages with their versions and the .config in appendix. Does this already exists ? Btw, do you know a simple way to get the equivalent of dpkg -l (to get the list of packages installed with their version) but which is not truncated. (For the moment I have to parse myself /var/lib/dpkg/status.) -- Philippe Biondi Cartel Sécurité Security Consultant/R&D http://www.cartel-securite.fr Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Re: Install ext3fs with FAI
On Thu, 24 Jan 2002, Phil wrote:
> Hi,
>
> Here is a patch to setup_harddisk that enable the use of ext3 easily :
> If you don't specify the type of partition, you'll have auto in the fstab.
>
> In the disk_config, just add the -j option after the semi-colon to format
> with ext3. Add ext3 if you want the keyword ext3 be in fstab in place of
> auto.
>
> If you don't put the -j flag, you'll have ext2 partitions, but you'll need
> to give the ext2 option to have the ext2 keyword in fstab in place of
> auto.
Well, it seems that I did not diff with the right file so that the patch I
posted had a little error.
This new patch will fix that, and will add some comments in the headers.
Moreover, I've patched the readme file, for you, Thomas, because
you`re worth it ;)
--
Philippe Biondi Cartel Sécurité
Security Consultant/R&D http://www.cartel-securite.fr
Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99
PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
--- README.disk_config.old Fri Jan 25 18:50:42 2002
+++ README.disk_config Fri Jan 25 19:00:01 2002
@@ -17,12 +17,12 @@
disk_config sdb
-primary /tmp300-500 rw ;
+primary /tmp300-500 rw ;ext2
primary /backup preserve2rw
logical swap50-100
logical /scratch2 100-300 rw ;-m 30
logical - preserve7
-logical /var100 ;
+logical /var100 ;-j
logical /var/tmppreserve9;format
primary /tmp/mytmp -300
@@ -82,16 +82,29 @@
options are known:
-i: Bytes per inode
-(only ext2 filesystem)
+(only ext2/3 filesystem)
-m : Reserved blocks percentage for superuser
-(only ext2 filesystem)
+(only ext2/3 filesystem)
+ -j : Create the filesystem with an ext3 journal
-c : Check for bad blocks
+ ext2: flag the partition as ext2 instead of auto in /etc/fstab
+ ext3: flag the partition as ext3 instead of auto in /etc/fstab
format : Always format this partition even if preserve
reiser : create a reiser file system, not an ext2
The order of the extra options is not relevant. For more information
see mke2fs(8).
+Thus, we have the following interactions between -j, ext2 and ext3 :
+ : an ext2 fs flagged as auto in the fstab
+-j : an ext3 fs flagged as auto in the fstab
+ext2: an ext2 fs flagged as ext2 in the fstab
+-j ext2 : an ext3 fs flagged as ext2 in the fstab
+-j ext3 : an ext3 fs flagged as ext3 in the fstab
+ext3 : an ext2 fs flagged as ext3 in the fstab !!BAD!!
+
+The use of auto in the fstab for ext3fs enable a non-ext3 enabled kernel or
+tool to cope with these partitions.
Preserving partitions:
109c109
< #(only ext2 filesystem)
---
> #(only ext2/3 filesystem)
111c111,112
< #(only ext2 filesystem)
---
> #(only ext2/3 filesystem)
> # -j : format in ext3
439c440
< ($options !~ /\b(ext2|swap|dosfat16|winfat32|reiser)\b/i ) &&
($options .= " ext2");
---
> ($options !~ /\b(ext2|ext3|auto|swap|dosfat16|winfat32|reiser)\b/i
>) && ($options .= " auto");
466c467
< ($options =~ /\bext2\b/i) && ($MPID{$mountpoint} = 83); # Linux native
---
> ($options =~ /\b(ext[23]|auto)\b/i) && ($MPID{$mountpoint} = 83); #
>Linux native
773,774c774,775
< if ($MPOptions{$mountpoint} =~ /\bext2\b/i) {
< print "Make Extended 2 Filesystem:\n";
---
> if ($MPOptions{$mountpoint} =~ /\b(ext[23]|auto)\b/i) {
> print "Make Extended 2/3 Filesystem:\n";
778a780
> ($MPOptions{$mountpoint} =~ /(\-j)\b/) && ($command .= " $1");
814c816
< $type = "ext2";
---
> $type = "auto";
815a818,819
> ($MPOptions{'/'} =~ /\b(ext3)\b/i) && ($type = "ext3");
> ($MPOptions{'/'} =~ /\b(ext2)\b/i) && ($type = "ext2");
829c833
< $type = "ext2";
---
> $type = "auto";
831a836,837
> ($MPOptions{$mountpoint} =~ /\b(ext3)\b/i) && ($type = "ext3");
> ($MPOptions{$mountpoint} =~ /\b(ext2)\b/i) && ($type = "ext2");
packages that start a daemon
Hi, Is there any way to prevent a package (as apache, or ssh) to start the daemon it has just installed ? -- Philippe Biondi Cartel Sécurité Security Consultant/R&D http://www.cartel-securite.fr Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Re: Install ext3fs with FAI
Hi,
Here is a patch to setup_harddisk that enable the use of ext3 easily :
If you don't specify the type of partition, you'll have auto in the fstab.
In the disk_config, just add the -j option after the semi-colon to format
with ext3. Add ext3 if you want the keyword ext3 be in fstab in place of
auto.
If you don't put the -j flag, you'll have ext2 partitions, but you'll need
to give the ext2 option to have the ext2 keyword in fstab in place of
auto.
--
Philippe Biondi Cartel Sécurité
Security Consultant/R&D http://www.cartel-securite.fr
Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99
PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
--- ../../sbin/setup_harddisks Fri Jan 11 17:27:41 2002
+++ setup_harddisks Wed Jan 23 21:30:06 2002
@@ -436,7 +436,7 @@
&& die "ERROR: unable to preserve partitions of size 0.\n$line\n
";
} else {
# If not preserve we must know the filesystemtype
- ($options !~ /\b(ext2|swap|dosfat16|winfat32|reiser)\b/i ) &&
($options .= " ext2");
+ ($options !~ /\b(ext2|ext3|auto|swap|dosfat16|winfat32|reiser)\b/i
+) && ($options .= " auto");
}
if($size =~ /^(\d*)(\-?)(\d*)$/){
$Min = $1;
@@ -463,7 +463,7 @@
# fstaboptions
$MPfstaboptions{$mountpoint} = $fstaboptions;
# extra options
- ($options =~ /\bext2\b/i) && ($MPID{$mountpoint} = 83); # Linux native
+ ($options =~ /\b(ext[23]|auto)\b/i) && ($MPID{$mountpoint} = 83); #
+Linux native
($options =~ /\bswap\b/i) && ($MPID{$mountpoint} = 82); # Linux swap
($options =~ /\bdosfat16\b/i) && ($MPID{$mountpoint} = 6); # DOS FAT
16bit (>=32MB, will be changed later)
($options =~ /\bwinfat32\b/i) && ($MPID{$mountpoint} = "b"); # Win 95
FAT 32
@@ -770,8 +770,8 @@
next;
}
# Linux Extended 2 file system
- if ($MPOptions{$mountpoint} =~ /\bext2\b/i) {
- print "Make Extended 2 Filesystem:\n";
+ if ($MPOptions{$mountpoint} =~ /\b(ext[23]|auto)\b/i) {
+ print "Make Extended 2/3 Filesystem:\n";
$command = "mke2fs $mke2fs_options";
($MPOptions{$mountpoint} =~ /(\-c)\b/i) && ($command .= " $1");
($MPOptions{$mountpoint} =~ /(\-i\s*\d+)\b/) && ($command .= " $1");
@@ -811,8 +811,10 @@
#
EOM
# 1. /
-$type = "ext2";
+$type = "auto";
($MPOptions{'/'} =~ /\b(reiser)\b/i) && ($type = "reiserfs");
+($MPOptions{'/'} =~ /\b(ext3)\b/i) && ($type = "ext3");
+($MPOptions{'/'} =~ /\b(ext2)\b/i) && ($type = "ext2");
$FileSystemTab .=
BuildfstabLine("/dev/$MountpointPart{'/'}","/",$type,$MPfstaboptions{'/'},0,1);
# 2. swap partitions
foreach $mountpoint (%PartMountpoint){
@@ -826,9 +828,11 @@
foreach $mountpoint (sort %PartMountpoint){
next if ( ($mountpoint !~ /^\//) || ($mountpoint eq "/"));
$device = $MountpointPart{$mountpoint};
- $type = "ext2";
+ $type = "auto";
($MPOptions{$mountpoint} =~ /\b(dosfat16|winfat32)\b/i) && ($type = "vfat");
($MPOptions{$mountpoint} =~ /\b(reiser)\b/i) && ($type = "reiserfs");
+ ($MPOptions{$mountpoint} =~ /\b(ext3)\b/i) && ($type = "ext3");
+ ($MPOptions{$mountpoint} =~ /\b(ext2)\b/i) && ($type = "ext2");
$FileSystemTab .=
BuildfstabLine("/dev/$device",$mountpoint,$type,$MPfstaboptions{$mountpoint},0,2);
}
# write it
Re: [PATCH] more that one scripts for the same class
Hi! On Tue, 22 Jan 2002, Jens Ruehmkorf wrote: > that's the way we do it for nais since two years. Have a look at > http://cvs.sf.net/cgi-bin/viewcvs.cgi/nais/nais/install/init.d/execute_scripts.sh > to see how we did that (because the aim is the same). How do this is related to fai ? -- Philippe Biondi Cartel Sécurité Security Consultant/R&D http://www.cartel-securite.fr Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Re: Censoring configuration files
On 22 Jan 2002, Ronan KERYELL wrote:
> A meta-problem about using tools such as cfengine, FAI, JumpStart,... : many people
> ask me my configuration files but they contain of course many passwords, PPP
> accounts, etc. :-(
>
> So I'm looking for a good way to automate the publication of my config
> file AND censoring sensitive information...
>
> Any idea for an elegant way ?
>
> To add some mark-up in config files ? But not always safe for the
> application ?
>
> To add an abstract description of each file describing what to overide ?
>
> < Insert your good idea here :-) >
What about a script that we'll call getpasswd that will look in a password
base (that will be as secure as the config files..).
They could be either plain text or crypted, as needed.
Possible implementation :
---8<[getpasswd]---
#! /bin/bash
BASE=/tmp/pwdbase
awk "/^$1[ \t]/ {print \$2}" < $BASE
---8<--
---8<[pwdbase]-
rootmd5 4e8492ec9f7136f948fe129f5d6430ac
rootdes 17/Ep09Pgb6ZA
ap password
---8<--
So that the config files only contain things like that :
PASSWD=`getpasswd ap`
Moreover, if one passwd must be given in more than one place, you only
need to modify it at this centralised place to change it evrywhere.
And if theidentifiers are clear enough, this is a good point for config
files to be published.
(I hope the weather is good in Brest :))
--
Philippe Biondi Cartel Sécurité
Security Consultant/R&D http://www.cartel-securite.fr
Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99
PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
[PATCH] more that one scripts for the same class
Hi,
I wanted to use a shell script and a cfengine script for the same class.
Moreover I needed to control the execution order of them.
This patch will do the following, when it's time to execute scripts in
/fai/script : for each class, if there is a script with the same name, it
is executed, as usual. But now, if there is a directory with this name,
fai will execute each S??* script inside this directory, following the
order of ??.
--
Philippe Biondi Cartel Sécurité
Security Consultant/R&D http://www.cartel-securite.fr
Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99
PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
--- subroutines~Mon Jan 21 23:46:12 2002
+++ subroutines Mon Jan 21 23:47:21 2002
@@ -572,17 +572,11 @@
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-task_configure() {
-
-# execute scripts; cfengine, shell, perl and expect scripts are known types
-cd /fai/scripts
-
-local class filetype shelldebug
-
-for class in $classes ; do
-if [ -x $class -a -f $class ]; then
-filetype=`file $class`
+do_script() {
+local file
+file=$1
+filetype=`file $file`
shelldebug=
case $filetype in
*"Bourne shell script"*)
@@ -594,34 +588,56 @@
case $filetype in
*"Bourne shell script"*|*"Bourne-Again shell script"*)
- echo "Executing $shelldebug shell: $class"
- echo "= shell: $class =" >> /tmp/shell.log 2>&1
- $shelldebug ./$class >> /tmp/shell.log 2>&1
+ echo "Executing $shelldebug shell: $file"
+ echo "= shell: $file =" >> /tmp/shell.log 2>&1
+ $shelldebug ./$file >> /tmp/shell.log 2>&1
;;
*"cfengine script"*)
- echo "Executing cfengine: $class"
- echo "= cfengine: $class =" >> /tmp/cfengine.log 2>&1
- ./$class --no-lock -v -f $class -D${cfclasses} >> /tmp/cfengine.log 2>&1
+ echo "Executing cfengine: $file"
+ echo "= cfengine: $file =" >> /tmp/cfengine.log 2>&1
+ ./$file --no-lock -v -f $file -D${cfclasses} >> /tmp/cfengine.log 2>&1
;;
*"perl script"*)
- echo "Executing perl: $class"
- echo "= perl: $class =" >> /tmp/perl.log 2>&1
- ./$class >> /tmp/perl.log 2>&1
+ echo "Executing perl: $file"
+ echo "= perl: $file =" >> /tmp/perl.log 2>&1
+ ./$file >> /tmp/perl.log 2>&1
;;
*"expect script"*)
- echo "Executing expect: $class"
- echo "= expect: $class =" >> /tmp/expect.log 2>&1
- ./$class >> /tmp/expect.log 2>&1
+ echo "Executing expect: $file"
+ echo "= expect: $file =" >> /tmp/expect.log 2>&1
+ ./$file >> /tmp/expect.log 2>&1
;;
- *) echo "File $class has unsupported type $filetype." ;;
+ *) echo "File $file has unsupported type $filetype." ;;
esac
+}
+
+task_configure() {
+
+# execute scripts; cfengine, shell, perl and expect scripts are known types
+cd /fai/scripts
+
+local class filetype shelldebug
+
+for class in $classes ; do
+if [ -x $class -a -f $class ]; then
+ do_script $class
+elif [ -d $class ]; then
+[ "$verbose" ] && echo "Executing scripts of $class"
+cd $class
+for f in `ls S[0-9]*` ; do
+if [ -x $f -a -f $f ]; then
+ do_script $f
+fi
+done
+cd ..
fi
done
}
+
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
task_finish() {
creating ICP vortex raid arrays
Hi, I'd like to automate also the creation of the RAID array with ICP Vortex. There is a binary only curses-like interface to do so under linux, but no command line tool to do so. I mean, I don't know any. Do some of you have ever done that or have some ideas on how to do that ? -- Philippe BiondiCartel Sécurité Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Re: [PATCH] patch to speed up bootpc queries
On Fri, 4 Jan 2002, Geert Stappers wrote: > At 0:51 +0100 1/4/02, Phil wrote: > >On Thu, 3 Jan 2002, Geert Stappers wrote: > > > >> >Moreover, > >> >I don't see why every NIC in $netdevices should query a bootp server. > >> >One answered query should be enough. > >> > >> Even a single NIC computer does three(3) BOOTP-requests: > >> - BootROM "where to get my kernel-image" request > >> - Kernel "where to get my NFS root" request > >> - FAI "where is the FAI info" request > >I was only talking about the last item. > > > >> > >> On a multi NIC computer, FAI has to check every netdevice, > >> because the BOOTP server could anywhere. > >Why should FAI keep on doing requests on other interfaces when it gets a > >reply on one ? > > > Why worry about about a extra BOOTP request, > when we have a complete installation to do > on mostly single NIC computers? Because most of my machines have more than one NIC ;) One extra bootp request cost about 1min. On a one NIC machine, an installation take less than 9min. On a four NIC machine, you loose 3 min for nothing, that's a 33% time increase ! When you know how easy it is to guess the correct interface and to stop when you got what you wanted, it's IMHO too bad not to do so. Moreover, that's the first time I see an algorithm that keep on doing things when it found what it wanted, or I've not beeing told yet in which case doing so was needed. Best, regards, Phil. -- Philippe BiondiCartel Informatique Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Re: [PATCH] patch to speed up bootpc queries
On Thu, 3 Jan 2002, Geert Stappers wrote: > >Moreover, > >I don't see why every NIC in $netdevices should query a bootp server. > >One answered query should be enough. > > Even a single NIC computer does three(3) BOOTP-requests: > - BootROM "where to get my kernel-image" request > - Kernel "where to get my NFS root" request > - FAI "where is the FAI info" request I was only talking about the last item. > > On a multi NIC computer, FAI has to check every netdevice, > because the BOOTP server could anywhere. Why should FAI keep on doing requests on other interfaces when it gets a reply on one ? -- Philippe BiondiCartel Informatique Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Re: [PATCH] patch to speed up bootpc queries
On Thu, 3 Jan 2002, Thomas Lange wrote: > >>>>> On Thu, 3 Jan 2002 16:11:23 +0100 (CET), Phil <[EMAIL PROTECTED]> said: > > > Hi, When rcS_fai tries to get bootp parameters, it does a query > > on every interface the machine has. This can take a lot of time > > for nothing. > > This could be made much simpler. If the variable $netdevices is > defined, then only this list of interfaces is used and not all > available ethernet devices. Define this variable in /etc/fai.conf (the > next fai version will use /etc/fai/fai.conf) and rebuild the nfsroot > or copy trhis file to $NFSROOT/etc/fai.conf. Here's an example > > /etc/fai.conf: > netdevices=eth0 This is not so easy as you can't be sure about which interface will become eth0 or eth1. For example, the machine I'm using has a dual eepro100. I've pluged the wire on LAN1 and it became eth1 (and LAN2 is eth0). So if I want to carry on using LAN1, I must put netdevices=eth1. But I won't be able to install machines with only one NIC. Moreover, I don't see why every NIC in $netdevices should query a bootp server. One answered query should be enough. I agree we should test if the query is correctly answerd (ie with T17? options) to stop asking bootp servers. I also agree that, with my patch, you can query twice on the same NIC. Am I broken ? ;) -- Philippe BiondiCartel Informatique Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
[PATCH] patch to use mylex RAID adapters
Hi,
As you may know, mylex cards make disks appear as /dev/rd/cxdy (controller
x, disk y) and partitions as /dev/rd/cxdypz. This break some assuptions
done in setup_harddisks. This patch try to correct them, without breaking
the existing. It seems to work. Tell me what you think about it.
ps: don't forget : you can't use more than the seventh partition (c0d0p1
to c0d0p7).
Regards, Phil.
--
Philippe BiondiCartel Informatique
Security Consultant/R&D http://www.cartel-info.fr
Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99
PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
--- /usr/lib/fai/nfsroot/sbin/setup_harddisk~ Fri Nov 16 17:56:16 2001
+++ /usr/lib/fai/nfsroot/sbin/setup_harddiskThu Jan 3 16:02:50 2002
@@ -238,7 +238,7 @@
}
$result = `sh -c "LC_ALL=C sfdisk -d -q"`;
foreach $line(split(/\n/,$result)){
- if($line =~ /# partition table of \/dev\/([a-z]+)/i){
+ if($line =~ /# partition table of \/dev\/(.+?)$/i){
$disk = $1;
}
if($line =~
/^\/dev\/(.+?)\s*:\s+start=\s*(\d+),\s+size=\s*(\d+),\s+Id=\s*([a-z0-9]+)\b(.*)$/i){
@@ -306,7 +306,7 @@
if ($paras =~ / end/i){
$disk = "";
} else {
- if($paras =~ / (\/dev\/)?([a-z]+)/i){
+ if($paras =~ / (\/dev\/)?(.+)$/i){
$disk = "$2";
($DiskMountpoints{$disk})
&& die "ERROR: there are more than one configuration of disk
$disk.\n";
@@ -326,6 +326,9 @@
}
if ($disk){
+ #for Mylex : partitions are /dev/rd/c0d0p1
+ my $partletter = "";
+ if($disk =~ /\//) { $partletter = "p"; }
# primary|partition - command
if($line =~ /^(primary|logical)\s+(.*)$/i){
$command = $1;
@@ -368,7 +371,7 @@
($PrimPartNo == 3) && ($disk =~ /^sd/) && ($PrimPartNo++);
($PrimPartNo >4 ) && die "ERROR: Too much primary partitions (max
4).".
" All logicals together need one primary too.\n";
- $MountpointPart{$mountpoint} = "$disk$PrimPartNo";
+ $MountpointPart{$mountpoint} = "$disk$partletter$PrimPartNo";
if($options =~ /\bboot\b/i){
($BootPartition) && die "ERROR: only one partition can be
bootable at a time.";
$BootPartition = $MountpointPart{$mountpoint};
@@ -378,7 +381,7 @@
($NoMoreLogicals != 0) && die "ERROR: the logical partitions must
be together.\n";
$MPPrimary{$mountpoint} = "";
$LogPartNo++;
- $MountpointPart{$mountpoint} = "$disk$LogPartNo";
+ $MountpointPart{$mountpoint} = "$disk$partletter$LogPartNo";
if (!$MPPrimary{$extmp}){
$MPPreserve{$extmp} = "";
$MPPrimary{$extmp} = "yes";
@@ -390,7 +393,7 @@
($PrimPartNo >4 )
&& die "ERROR: too much primary partitions (max 4).".
" All logicals together need one primary too.\n";
- $MountpointPart{$extmp} = "$disk$PrimPartNo";
+ $MountpointPart{$extmp} = "$disk$partletter$PrimPartNo";
$DiskMountpoints{$disk} .= " $extmp";
}
($options =~ /\bboot\b/i) && die "ERROR: line $a, only primary
partitions can be bootable.\n";
@@ -677,7 +680,9 @@
$sfdiskTables{$disk} .= "$line\n";
}
print $sfdiskTables{$disk};
- $filename = "/tmp/$disk.sfdisk";
+ ( $filename = $disk) =~ s/\///g;
+ $filename="/tmp/$filename.sfdisk";
+# $filename = (($filename = $disk) =~ s/\///g, '/tmp' . $filename . '.sfdisk');
if(($test != 1) && ($filename)){
open(FILE, ">$filename") || die "unable to write temporary file
$filename\n";
print FILE $sfdiskTables{$disk};
[PATCH] patch to speed up bootpc queries
Hi,
When rcS_fai tries to get bootp parameters, it does a query on every
interface the machine has. This can take a lot of time for nothing.
the following patch tries the defaut interface first, and break the loop
after the first successfull query. (use the attached file to avoid
copy-paste diff problems)
-8<--
--- /usr/lib/fai/nfsroot/usr/share/fai/subroutines~ Fri Nov 16 17:56:16 2001
+++ /usr/lib/fai/nfsroot/usr/share/fai/subroutines Thu Jan 3 16:00:23 2002
@@ -228,11 +228,14 @@
local device
local bootlog=/tmp/bootp.log
+# test the default interface first!
+testdev="`route -n | awk '/^0.0.0.0/ { print $8}'` $netdevices"
# define all bootpc information as variables
-for device in $netdevices; do
+for device in $testdev; do
echo "Sending BOOTP request using device $device"
echo "* --- network device $device ---" >> $bootlog
bootpc --dev $device --timeoutwait $timeout --returniffail >> $bootlog 2>&1
+ if [ $? -eq 0 ]; then break; fi
done
[ -n "$verbose" -a -f $bootlog ] && echo "Reading $bootlog"
-8<--
--
Philippe BiondiCartel Informatique
Security Consultant/R&D http://www.cartel-info.fr
Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99
PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
--- /usr/lib/fai/nfsroot/usr/share/fai/subroutines~ Fri Nov 16 17:56:16 2001
+++ /usr/lib/fai/nfsroot/usr/share/fai/subroutines Thu Jan 3 16:00:23 2002
@@ -228,11 +228,14 @@
local device
local bootlog=/tmp/bootp.log
+# test the default interface first!
+testdev="`route -n | awk '/^0.0.0.0/ { print $8}'` $netdevices"
# define all bootpc information as variables
-for device in $netdevices; do
+for device in $testdev; do
echo "Sending BOOTP request using device $device"
echo "* --- network device $device ---" >> $bootlog
bootpc --dev $device --timeoutwait $timeout --returniffail >> $bootlog 2>&1
+ if [ $? -eq 0 ]; then break; fi
done
[ -n "$verbose" -a -f $bootlog ] && echo "Reading $bootlog"
Re: FAI for woody or potato WAS Re: Problems with bootp andself-compiled kernels
On Mon, 17 Dec 2001, Thomas Lange wrote: > >>>>> On Mon, 17 Dec 2001 16:42:14 +0100 (CET), Phil <[EMAIL PROTECTED]> said: > > > On Mon, 17 Dec 2001, Thomas Lange wrote: > >> FAI 2.2.3 is for potato, where the tar command needs -I, in > >> woody a new tar version needs -j. So it seems you using a mix > >> of potato and woody packages. > > > FAI 2.2.3 is the version distributed for woody and sid. > > FAI was first released after the potato was the stable release, so it > could not go into potato, but is always in the tree of unstable and > testing. But I wanted to support the stable Debian version. It is also > mentioned in the README, that the default templates and configurations > are for potato (See also NEWS file). > > Maybe the next version of FAI will be the "woody default" version and potato > support will be dropped. But I'm not sure when to drop potato support. There are for me 3 versions that can be used : - the server distrib - the nfsroot distrib - the installed distrib Why do we want them to be the same ? I don't see any reason. What I'd expect is that the fai package which is in the (where is in [potato,woody,sid]) repository work on a machine with distrib x. That mean that only scripts that are run on the server have to work for distrib . What about releasing different packages for each distrib version we want to install (we will suppose that nfsroot distrib=installed distrib) ? There could be a fai-common package with scripts that run on the intallation server, then fai-potato, a fai-woody and a fai-sid packages that contains scripts that will run on the installed machine. -- Philippe BiondiCartel Informatique Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Re: Problems with bootp and self-compiled kernels
On Mon, 17 Dec 2001, Thomas Lange wrote: > > Btw, I tried to apt-get source fai-kernel. > > > the I option is used in tar and it should be -j : > > FAI 2.2.3 is for potato, where the tar command needs -I, in woody a > new tar version needs -j. So it seems you using a mix of potato and > woody packages. FAI 2.2.3 is the version distributed for woody and sid. -- Philippe BiondiCartel Informatique Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Problems creating a woody nfsroot
Hi, It seems that fai-setup has some hardcoded potato-related pathes : # fai-setup Adding system user fai... Adding new user fai (103) with group nogroup. Creating home directory /home/fai. Generating public/private rsa1 key pair. Your identification has been saved in /home/fai/.ssh/identity. Your public key has been saved in /home/fai/.ssh/identity.pub. The key fingerprint is: d6:38:7f:d2:18:9d:14:f8:c5:ba:02:d1:32:2e:8d:5b fai@ /home/fai/.ssh/authorized_keys created. User account fai set up. Creating FAI nfsroot can take a long time and will need more than 130MB disk space in /usr/lib/fai/nfsroot. [...] (installing nfsroot with debootstrap) cp: cannot create regular file `usr/lib/perl5/Debian/Fai.pm': No such file or directory Moreover, I'm not sure of my fai.conf : -8<- FAI_ARCH=`dpkg --print-installation-architecture` ftpserver=ftp.uk.debian.org debdist=woody # distribution: potato, woody, sid FAI_DEBOOTSTRAP="$debdist http://$ftpserver/debian"; FAI_SOURCES_LIST="deb http://$ftpserver/debian $debdist main contrib non-free deb http://$ftpserver/debian $debdist/non-US main contrib non-free" NFSROOT_PACKAGES="ssh expect portmap libdetect0 discover reiserfsprogs dpkg-dev" FAI_ROOTPW="56hNVqht51tzc" SSH_IDENTITY=/home/pbi/.ssh/id_dsa.pub UTC=yes KERNELPACKAGE=/usr/lib/fai/kernel/kernel-image-2.2.19_BOOTP1_i386.deb KERNELVERSION=2.2.19 LOGUSER=fai FAI_REMOTESH=ssh FAI_REMOTECP=scp NFSROOT=/usr/lib/fai/nfsroot FAI_CONFIGDIR=/usr/share/fai -8<- Btw, the default value for FAI_CONFIGDIR is /usr/local/share/fai. Doesn't that sound weird for a package ? -- Philippe BiondiCartel Informatique Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
Problems with bootp and self-compiled kernels
Hi all! I wanted to add aic7xxx support in the boot kernel (I don't know if it should have been loaded automatically as a module, but it did not do so) but I was not able to boot because the kernel did not send any bootp requests. To be sure I did not misconfigure my kernel, I took a fresh vanilla 2.2.19, copied /usr/lib/fai/nfsroot/boot/config-2.2.19 to .config, made menuconfig to create config.h and compiled this kernel, which I put in place of the old one in /usr/lib/fai/nfsroot/boot/. Then I make-fai-floppy. But the result is the same. (an extract of the .config : [...] # # Networking options # CONFIG_PACKET=m CONFIG_NETLINK=y # CONFIG_RTNETLINK is not set CONFIG_NETLINK_DEV=m # CONFIG_FIREWALL is not set CONFIG_FILTER=y CONFIG_UNIX=m CONFIG_INET=y CONFIG_IP_MULTICAST=y # CONFIG_IP_ADVANCED_ROUTER is not set CONFIG_IP_PNP=y # CONFIG_IP_PNP_DHCP is not set CONFIG_IP_PNP_BOOTP=y # CONFIG_IP_PNP_RARP is not set # CONFIG_IP_ROUTER is not set # CONFIG_NET_IPIP is not set CONFIG_NET_IPGRE=m # CONFIG_NET_IPGRE_BROADCAST is not set # CONFIG_IP_MROUTE is not set # CONFIG_IP_ALIAS is not set # CONFIG_SYN_COOKIES is not set CONFIG_INET_RARP=m CONFIG_SKB_LARGE=y CONFIG_IPV6=m # CONFIG_IPV6_EUI64 is not set [...] ) Any Idea ? Btw, I tried to apt-get source fai-kernel. the I option is used in tar and it should be -j : [...] tar Ixf /usr/src/kernel-source-2.2.19.tar.bz2 tar: Warning: the -I option is not supported; perhaps you meant -j or -T? Try `tar --help' for more information. make: *** [unpack-stamp] Error 2 for iinfo, here it is : deneb:/tmp/fai-kernels-1.1.3$ find -type f | xargs grep "tar Ixf" ./debian/rules: tar Ixf /usr/src/$(kname).tar.bz2 Thanks. -- Philippe BiondiCartel Informatique Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
