[debian-edu-commits] [Git][debian-edu/debian-edu-config][master] 5 commits: Care for a proper /etc/network/interfaces file in case of a plain main server
Wolfgang Schweer
gitlab at salsa.debian.org
Fri Feb 5 11:35:35 GMT 2021
Wolfgang Schweer pushed to branch master at Debian Edu / debian-edu-config
Commits:
59496f9b by Wolfgang Schweer at 2021-02-05T12:22:53+01:00
Care for a proper /etc/network/interfaces file in case of a plain main server
Adjust debian/debian-edu-config.postinst to exclude a plain main server and also
to cleanup existing entries.
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
1b431161 by Wolfgang Schweer at 2021-02-05T12:26:54+01:00
Adjust and improve share/debian-edu-config/tools/configure-edu-gateway
Adjust execution condition to reflect recent changes, improve feedback for users.
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
76ecaad2 by Wolfgang Schweer at 2021-02-05T12:29:47+01:00
Improve the sbin/debian-edu-ltsp-install tool
Make it easier to configure the iPXE menu and to describe the needed steps in the manual:
Improve /etc/ltsp/ltsp.conf content (here document).
Rework Debian Edu specifíc iPXE menu setup.
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
7a8e9a92 by Wolfgang Schweer at 2021-02-05T12:33:08+01:00
Workaround X2Go bug #890517 to prevent killer from kicking out users
Add share/debian-edu-config/killer.cron file. The modified cron job will only
run if no X2Go user is logged in on the related LTSP-Server.
Add code to cf3/cf.workarounds to replace the existing killer cron job
on systems with LTSP-Server profile.
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
48c5eb66 by Wolfgang Schweer at 2021-02-05T12:34:37+01:00
Add changelog entries for last commits
Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>
- - - - -
7 changed files:
- Makefile
- cf3/cf.workarounds
- debian/changelog
- debian/debian-edu-config.postinst
- sbin/debian-edu-ltsp-install
- + share/debian-edu-config/killer.cron
- share/debian-edu-config/tools/configure-edu-gateway
Changes:
=====================================
Makefile
=====================================
@@ -341,6 +341,7 @@ install: install-testsuite
share/debian-edu-config/sudo-ldap.conf \
share/debian-edu-config/isc-dhcp-server.service \
share/debian-edu-config/isc-dhcp-server.service.eth1_only \
+ share/debian-edu-config/killer.cron \
share/pam-configs/edu-group \
share/pam-configs/edu-umask \
share/perl5/Debian/Edu.pm \
=====================================
cf3/cf.workarounds
=====================================
@@ -2,6 +2,8 @@ bundle agent workarounds
{
# Create missing GOsa² related directory to avoid confusion just in case an
# admin is setting up a system of type printer.
+#
+# Workaround X2Go bug #890517.
vars:
@@ -13,4 +15,13 @@ files:
"$(gosa_file)"
create => "true";
+
+ debian.ltspserver.installation::
+
+ "/etc/cron.hourly/killer"
+ delete => tidy;
+
+ "/etc/cron.hourly/killer"
+ copy_from => local_cp("/usr/share/debian-edu-config/killer.cron"),
+ perms => mog("755","root","root");
}
=====================================
debian/changelog
=====================================
@@ -1,3 +1,21 @@
+debian-edu-config (2.11.48) UNRELEASED; urgency=medium
+
+ * debian/debian-edu-config.postinst: Care for a proper /etc/network/interfaces
+ file in case of a plain main server.
+ * share/debian-edu-config/tools/configure-edu-gateway: Adjust execution
+ condition to reflect recent changes, improve feedback for users.
+ * sbin/debian-edu-ltsp-install: Make it easier to configure the iPXE menu and
+ to describe the needed steps in the manual.
+ - Improve /etc/ltsp/ltsp.conf content (here document).
+ - Rework Debian Edu specifíc iPXE menu setup.
+ * Workaround X2Go bug #890517 to prevent killer from kicking out users:
+ - Add share/debian-edu-config/killer.cron file. The modified cron job will
+ only run if no X2Go user is logged in on the related LTSP-Server.
+ - Add code to cf3/cf.workarounds to replace the existing killer cron job
+ on systems with LTSP-Server profile.
+
+ -- Wolfgang Schweer <wschweer at arcor.de> Tue, 02 Feb 2021 15:39:59 +0100
+
debian-edu-config (2.11.47) unstable; urgency=medium
[ Wolfgang Schweer ]
=====================================
debian/debian-edu-config.postinst
=====================================
@@ -159,25 +159,20 @@ configure)
chmod 600 /etc/sssd/sssd-debian-edu.conf
chown root:root /etc/sssd/sssd-debian-edu.conf
- # Add post-up stanza to interfaces file to let proxy changes take effect
- # immediately after reboot (would take up to 15 min. otherwise). Exclude the
- # gateway; the script doesn't make sense and would taint network setup.
+ # Add post-up and update-hostname stanzas to interfaces file to let proxy
+ # changes take effect immediately after reboot (would take up to 15 minutes
+ # otherwise). Exclude a plain main server and the gateway; the script
+ # doesn't make sense in both cases and would taint network setup.
+ if ! grep -Eq "(Main-Server)" /etc/debian-edu/config ; then
rm -f /etc/network/if-up.d/wpad-proxy-update
- if [ -f /etc/network/interfaces ] && ! grep -q gateway /etc/hostname && \
- ! grep -q update-proxy /etc/network/interfaces ; then
- sed -i '/iface eth0 inet dhcp/a \ post-up \/usr\/share\/debian-edu-config\/tools\/update-proxy-from-wpad' \
- /etc/network/interfaces
- fi
-
- # Add post-up stanza to interfaces file to let hostname changes take effect
- # immediately after reboot (would take up to 15 min. otherwise). Exclude the
- # gateway; the script doesn't make sense and would taint network setup.
rm -f /etc/network/if-up.d/hostname
- if [ -f /etc/network/interfaces ] && ! grep -q gateway /etc/hostname && \
- ! grep -q update-hostname /etc/network/interfaces ; then
- sed -i '/iface eth0 inet dhcp/a \ post-up \/usr\/sbin\/update-hostname-from-ip' \
- /etc/network/interfaces
- fi
+ if [ -f /etc/network/interfaces ] && ! grep -q gateway /etc/hostname && \
+ ! grep -q update-proxy /etc/network/interfaces ; then
+ sed -i '/iface eth0 inet dhcp/a \ post-up \/usr\/share\/debian-edu-config\/tools\/update-proxy-from-wpad' \
+ sed -i '/iface eth0 inet dhcp/a \ post-up \/usr\/sbin\/update-hostname-from-ip' \
+ /etc/network/interfaces
+ fi
+ fi
# silence dovecot's message: if you have trouble with authentication failures,
# enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork
@@ -248,6 +243,12 @@ configure)
rm -f /etc/profile.d/edu-firefox-nfs.sh
fi
fi
+ # Ensure the main server interfaces file doesn't contain post-up stanzas.
+ if dpkg --compare-versions "$2" lt "2.11.48" ; then
+ if [ -f /etc/network/interfaces ] ; then
+ sed -i '/post-up/d' /etc/network/interfaces
+ fi
+ fi
;;
esac
=====================================
sbin/debian-edu-ltsp-install
=====================================
@@ -17,7 +17,7 @@
# Author/Copyright: Wolfgang Schweer <wschweer at arcor.de>
# Licence: GPL2+
# first edited: 2019-11-21
-# last edited: 2020-12-09
+# last edited: 2021-02-04
set -e
@@ -138,6 +138,27 @@ IPXE_DESKTOP_I386_IMG="Desktop Mode X2Go Thin Client (very old machines, 32-Bit)
# Provide a full menu name for x86_64.img
IPXE_X86_64_IMG="Diskless Workstation (64-Bit)"
+##### Set default boot value ######
+# Default value is x86_64 or x86_32 (arch specific, Diskless Workstation)
+# Plain X2Go Thin Client (64-Bit)
+#DEFAULT_IMAGE="bare-amd64"
+# Plain X2Go Thin Client (32-Bit)
+#DEFAULT_IMAGE="bare-i386"
+# Display Mode X2Go Thin Client (64-Bit)
+#DEFAULT_IMAGE="display-amd64"
+# Desktop Mode X2Go Thin Client (64-Bit)
+#DEFAULT_IMAGE="desktop-amd64"
+# Install Debian Edu/amd64 (64-Bit)
+#DEFAULT_IMAGE="amd64"
+# Install Debian Edu/i386 (32-Bit)
+#DEFAULT_IMAGE="i386"
+
+##### Set default iPXE menu timeout ######
+# Default value is 5000 milliseconds, i.e. 5 seconds.
+#MENU_TIMEOUT="5000"
+# Don't show the menu.
+#MENU_TIMEOUT="-1"
+
# Debian Edu specific
DNS_SERVER=10.0.2.2
SEARCH_DOMAIN=intern
@@ -417,11 +438,6 @@ EOF
ltsp initrd
mv /srv/tftp/ltsp/ltsp.img /srv/tftp/ltsp/"$thin_type"-"$arch"/ltsp.img
- # Create the iPXE menu entry
- ltsp ipxe
- # ipxe menue edit (because ltsp.img has been stored in an image specific dir).
- sed -i 's#ltsp/ltsp.img#ltsp/${img}/ltsp.img#' /srv/tftp/ltsp/ltsp.ipxe
-
# Clean up ltsp.conf from image specific items.
sed -i '/POST_INIT/d' /etc/ltsp/ltsp.conf
fi
@@ -456,10 +472,7 @@ EOF
# next modification avoids ltsp command error if lot of images are available.
ALL_IMAGES=1 ltsp kernel
ltsp initrd
- ltsp ipxe
mv /srv/tftp/ltsp/ltsp.img /srv/tftp/ltsp/"$(uname -m)"/ltsp.img
- # ipxe menue edit (because ltsp.img has been stored in an image specific dir).
- sed -i 's#ltsp/ltsp.img#ltsp/${img}/ltsp.img#' /srv/tftp/ltsp/ltsp.ipxe
# Clean up ltsp.conf from specific items.
sed -i '/PRE_INIT_MAIN/d' /etc/ltsp/ltsp.conf
@@ -520,6 +533,9 @@ if [ ! -x /sbin/start-stop-daemon.REAL ] ; then
exportfs -rav
fi
+# Generate the LTSP specific iPXE menu
+ltsp ipxe
+
# Add PXE installation related entries to iPXE menu.
if ! grep -q main-server /srv/tftp/ltsp/ltsp.ipxe && \
[ -f /srv/tftp/debian-installer/amd64/linux ] ; then
@@ -532,3 +548,6 @@ item\
' /srv/tftp/ltsp/ltsp.ipxe
cat /srv/tftp/debian-edu/install.cfg >>/srv/tftp/ltsp/ltsp.ipxe
fi
+
+# Make sure /srv/tftp/ltsp/ltsp.ipxe is Debian Edu specific.
+sed -i 's#ltsp/ltsp.img#ltsp/${img}/ltsp.img#' /srv/tftp/ltsp/ltsp.ipxe
=====================================
share/debian-edu-config/killer.cron
=====================================
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+if [ "$(ps aux | grep sshd: | grep @notty)" = "" ] && [ -x /usr/sbin/killer ] ; then /usr/sbin/killer; fi
=====================================
share/debian-edu-config/tools/configure-edu-gateway
=====================================
@@ -9,6 +9,7 @@
# Author/Copyright: Wolfgang Schweer <wschweer at arcor.de>
# Licence: GPL2+
# first edited: 2020-04-17
+# last edited: 2021-02-03
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -47,7 +48,7 @@ EOF
fi
# Prevent to do this more than one time
-if [ -e /etc/network/if-up.d/wpad-proxy-update ] ; then
+if ! grep -Eq 10.0.0.0 /etc/default/enable-nat ; then
sed -i 's/auto eth0/auto eth0 eth1/' /etc/network/interfaces
sed -i '/eth1/ s/dhcp/static/' /etc/network/interfaces
sed -i '/post-up/d' /etc/network/interfaces
@@ -66,10 +67,20 @@ if [ -e /etc/network/if-up.d/wpad-proxy-update ] ; then
service networking start
sed -i 's#NAT=#NAT="10.0.0.0/8"#' /etc/default/enable-nat
service enable-nat restart
+ echo ""
+ echo "The system has been configured as gateway."
+ echo ""
+else
+ echo ""
+ echo "The system has already been configured as gateway."
+ echo ""
fi
# Optionally install, configure, enable and start shorewall.
if [ "yes" = "$2" ] && [ ! -d /etc/shorewall ] ; then
+ echo ""
+ echo "Now setting up shorewall like requested."
+ echo ""
if grep -q / /etc/debian_version ; then
dist=$(cat /etc/debian_version | cut -d/ -f1)
else
@@ -91,11 +102,9 @@ if [ "yes" = "$2" ] && [ ! -d /etc/shorewall ] ; then
fi
# Give feedback
- echo ""
-echo "The system has been configured as gateway."
- echo ""
if [ -e /etc/shorewall/snat ] ; then
- echo "Shorewall has been configured for this two-interfaces setup."
+ echo ""
+ echo "Shorewall has been configured for the two-interfaces setup on this system."
echo ""
echo "See https://shorewall.org/two-interface.htm#System for detailed information."
echo ""
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/compare/edb6ca54562eda4f2dd6ea90dd862b8dd3a82a7e...48c5eb669f4bbb2d484bec7337ebd25f9a96e943
--
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/compare/edb6ca54562eda4f2dd6ea90dd862b8dd3a82a7e...48c5eb669f4bbb2d484bec7337ebd25f9a96e943
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-edu-commits/attachments/20210205/d550846a/attachment-0001.html>
More information about the debian-edu-commits
mailing list