[debian-edu-commits] r83704 - trunk/src/debian-edu-config
ccscanf-guest at alioth.debian.org
ccscanf-guest at alioth.debian.org
Thu Aug 21 20:46:26 UTC 2014
Author: ccscanf-guest
Date: 2014-08-21 20:46:26 +0000 (Thu, 21 Aug 2014)
New Revision: 83704
Added:
trunk/src/debian-edu-config/README.migrated2git
Removed:
trunk/src/debian-edu-config/Makefile
trunk/src/debian-edu-config/README
trunk/src/debian-edu-config/README.ldap
trunk/src/debian-edu-config/bin/
trunk/src/debian-edu-config/cf/
trunk/src/debian-edu-config/debian/
trunk/src/debian-edu-config/doc/
trunk/src/debian-edu-config/etc/
trunk/src/debian-edu-config/gosa-netgroups/
trunk/src/debian-edu-config/ldap-bootstrap/
trunk/src/debian-edu-config/ldap-schemas/
trunk/src/debian-edu-config/ldap-tools/
trunk/src/debian-edu-config/lib/
trunk/src/debian-edu-config/sbin/
trunk/src/debian-edu-config/share/
trunk/src/debian-edu-config/testsuite/
trunk/src/debian-edu-config/var/
trunk/src/debian-edu-config/www/
Log:
Migration to git.
Deleted: trunk/src/debian-edu-config/Makefile
===================================================================
--- trunk/src/debian-edu-config/Makefile 2014-08-21 11:46:44 UTC (rev 83703)
+++ trunk/src/debian-edu-config/Makefile 2014-08-21 20:46:26 UTC (rev 83704)
@@ -1,499 +0,0 @@
-PACKAGE = debian-edu-config
-
-PROGS = \
- debian-edu-ldapserver \
- debconf-set-selections-edu \
- ltsp-arch-debian-edu \
- update-ini-file
-
-SPROGS = cfengine-debian-edu \
- debian-edu-fsautoresize \
- debian-edu-hd-warn \
- debian-edu-hwsetup \
- debian-edu-ltsp \
- debian-edu-ltsp-audiodivert \
- debian-edu-pxeinstall \
- debian-edu-restart-services \
- debian-edu-test-install \
- debian-edu-update-netblock \
- snakeoil-on-ice
-
-INSTALL = install -D -p -m 755
-INSTALL_DATA= install -D -p -m 644
-
-prefix = /usr/local
-sysconfdir = /etc
-cfdir = $(sysconfdir)/cfengine/debian-edu
-bindir = $(prefix)/bin
-sbindir = $(prefix)/sbin
-docdir = $(prefix)/share/doc/$(PACKAGE)
-mandir = $(prefix)/share/man
-gosadir = $(sysconfdir)/gosa
-ldapdir = $(sysconfdir)/ldap
-schemadir = $(ldapdir)/schema
-dhcpdir = $(sysconfdir)/dhcp
-libdir = /usr/lib
-pkglibdir = $(libdir)/debian-edu-config
-mailcapdir = $(libdir)/mime/packages
-vardir = /var
-wwwdir = /etc/debian-edu/www
-
-
-CFFILES = \
- cf.adduser \
- cf.apache2 \
- cf.apt \
- cf.cfengine \
- cf.cups \
- cf.dhcpserver \
- cf.exim \
- cf.imap \
- cf.homes \
- cf.iceweasel \
- cf.inetd \
- cf.kdm \
- cf.krb5client \
- cf.ldapserver \
- cf.ldapclient \
- cf.bind \
- cf.ltsp \
- cf.pxeinstall \
- cf.lwat \
- cf.fstab \
- cf.mplayer \
- cf.nagios3 \
- cf.ntp \
- cf.samba \
- cf.squid \
- cf.syslog \
- cf.sysstat \
- cf.testsetup \
- cfd.conf \
- cfengine.conf
-
-CFBINFILES = \
- cfd \
- cfrunhosts.pl
-
-# Files to install in /etc/
-SYSCONFFILES = \
- asound.conf \
- apt/apt.conf.d/90squid \
- apt/apt.conf.d/99-edu-prefer-iceweasel \
- bind/named.conf.ldap2zone \
- bind/db.intern \
- bind/db.10.in-addr.arpa. \
- bind/db.subnet00.intern. \
- bind/db.subnet01.intern. \
- bind/db.0.168.192.in-addr.arpa. \
- bind/db.1.168.192.in-addr.arpa. \
- X11/Xsession.d/05debian-edu-truncate-xerrorlog \
- X11/Xsession.d/10debian-edu-one-login-per-host \
- desktop-profiles/debian-edu-config.listing \
- debian-edu/hd-warn.conf \
- debian-edu/nightkill.conf \
- debian-edu/lts.conf.dist \
- default/munin-node \
- cfengine/cfservd.conf \
- cfengine/update.conf \
- cfengine/inputs/cfagent.conf \
- cups/cupsd-debian-edu.conf \
- dhcp/dhclient-exit-hooks.d/wpad-proxy-update \
- dhcp/dhcpd-debian-edu.conf \
- dhcp/dhclient-debian-edu.conf \
- exim4/exim-ldap-client-v4.conf \
- exim4/exim-ldap-server-v4.conf \
- filesystems \
- gosa/gosa.conf \
- php5/apache2/php-debian-edu.ini \
- insserv/overrides/kdm \
- insserv/overrides/ntp \
- insserv.conf.d/debian-edu-config \
- ldap/rootDSE-debian-edu.ldif \
- ldap/slapd-squeeze_debian-edu.conf \
- ldap/ssl/slapd-cert.cnf \
- samba/netlogon/1stlogon/1stlogon.bat \
- samba/netlogon/config/get_time.bat \
- samba/netlogon/config/penguin.bat \
- samba/netlogon/config/setglobals.bat \
- samba/netlogon/config/standarddrives-students.bat \
- samba/netlogon/config/standarddrives-teachers.bat \
- samba/netlogon/debian-edu-login.bat \
- samba/netlogon/_default_/default.bat \
- samba/netlogon/install/shortcut.vbs \
- samba/netlogon/logon-admins.bat \
- samba/netlogon/logon-jradmins.bat \
- samba/netlogon/logon-students.bat \
- samba/netlogon/logon-teachers.bat \
- samba/netlogon/mozilla/firefox/prefs.js \
- samba/netlogon/mozilla/mkmozapd.bat \
- samba/netlogon/mozilla/profiles.ini.FIREFOX \
- samba/netlogon/mozilla/profiles.ini.THUNDERBIRD \
- samba/netlogon/registry/proxy-ie/proxy-settings-hkcu.reg \
- samba/netlogon/win7+samba_domain-membership/DownloadWinRessourceKits.bat \
- samba/netlogon/win7+samba_domain-membership/README_Win7-Domain-Membership.txt \
- samba/netlogon/win7+samba_domain-membership/SeSystemTimePrivilege.bat \
- samba/netlogon/win7+samba_domain-membership/Win7_Samba3DomainMember.reg \
- samba/smb-debian-edu-client.conf \
- samba/smb-debian-edu.conf \
- samba/smb-winbind-debian-edu.conf \
- security/pam_mount-winbind-debian-edu.conf \
- security/pam_mount-stateless-debian-edu.conf \
- smbldap-tools/smbldap_bind.conf \
- smbldap-tools/smbldap.conf \
- sssd/sssd-debian-edu.conf \
- xdg/autostart/welcome-webpage.desktop \
- lsb-release \
- apache2/mods-available/debian-edu-userdir.conf \
- apache2/sites-available/debian-edu-default \
- apache2/sites-available/debian-edu-ssl-default \
- apache2/conf.d/debian-edu-config-doc \
- nagios3/debian-edu/cgi.cfg \
- nagios3/debian-edu/commands.cfg \
- nagios3/debian-edu/contactgroups.cfg \
- nagios3/debian-edu/contacts.cfg \
- nagios3/debian-edu/dependencies.cfg \
- nagios3/debian-edu/htpasswd.users \
- nagios3/debian-edu/escalations.cfg \
- nagios3/debian-edu/hostextinfo.cfg \
- nagios3/debian-edu/hostgroups.cfg \
- nagios3/debian-edu/hosts.cfg \
- nagios3/debian-edu/host_templates.cfg \
- nagios3/debian-edu/nagios.cfg \
- nagios3/debian-edu/resources.cfg \
- nagios3/debian-edu/serviceextinfo.cfg \
- nagios3/debian-edu/servicegroups.cfg \
- nagios3/debian-edu/services.cfg \
- nagios3/debian-edu/service_templates.cfg \
- nagios3/debian-edu/timeperiods.cfg \
- munin/debian-edu-munin-node.conf \
- polkit-1/localauthority.conf.d/80-edu-admin.conf \
- powerdns/pdns.d/pdns-debian-edu.conf\
- dbus-1/system.d/hal-debian-edu.conf
-
-LIBFILES = \
- mime/packages/debian-edu-mailcap
-
-SYSCONFSCRIPTS = \
- ltspfs/mounter.d/edu-notify \
- mklocaluser.d/20-debian-edu-config \
- NetworkManager/dispatcher.d/02debian-edu-config \
- shutdown-at-night/clients-generator \
- resolvconf/update.d/bind-debian-edu \
- resolvconf/update.d/ltsp-chroots \
- wicd/scripts/preconnect/set_wireless_mac_from_eth0 \
- X11/Xsession-debian-edu \
- samba/smbaddclient.sh \
- samba/smbldap-machineadd-gosa
-
-SCHEMAS = \
- samba.schema \
- dhcp.schema \
- dnsdomainaux.schema \
- ltspclientaux.schema \
- eduorg-200210-openldap.schema \
- eduperson-200806-openldap.schema \
- kerberos.schema \
- noreduperson-1.5-openldap.schema \
- samba3.schema \
- sudo.schema \
- trust.schema \
- gosystem.schema \
- gofon.schema \
- goto.schema \
- gosa-samba3.schema \
- gofax.schema \
- goserver.schema \
- goto-mime.schema
-
-LDIFS = \
- root.ldif \
- autofs.ldif \
- firstuser.ldif \
- ipnetworks.ldif \
- netgroup.ldif \
- samba.ldif \
- sudo.ldif \
- krb5.ldif \
- ltsp.ldif \
- gosa.ldif \
- gosa-server.ldif
-
-LDAPPROGRAMS = \
- ldap-add-host-to-netgroup \
- ldap-add-user-to-group \
- ldap-createuser-krb5 \
- ldappasswd2 \
- ldap2netgroup \
- ldap-debian-edu-install \
- ldap-server-getcert \
- mkslapdcert \
- sitesummary2ldapdhcp
-
-WWWFILES = \
- index.html.ca \
- index.html.de \
- index.html.en \
- index.html.es \
- index.html.fr \
- index.html.it \
- index.html.ja \
- index.html.nb \
- index.html.nl \
- index.html.pt \
- index.html.ru \
- index.html.zh \
- skl-ren_css.css \
- logo-trans.png \
- wpad.dat
-
-KIOSKFILES = \
- share/debian-edu/students/share/apps/kdesktop/Desktop/kalzium.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/chguserpw.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/kmplot.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/kstars.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/ooo-impress.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/ooo-writer.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/gcompris.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/gimp-2.2.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/kgeography.desktop \
- share/debian-edu/students/share/apps/kdesktop/Desktop/stopmotion.desktop \
- share/debian-edu/students/share/config/kdeglobals \
- share/debian-edu/students/share/config/konqiconviewrc \
- share/debian-edu/students/share/config/uiserverrc \
- share/debian-edu/students/share/services/update_ksycoca \
- share/debian-edu/students/share/config/menus/applications.menu \
- share/debian-edu/students/share/config/menus/kde-applications.menu \
- share/debian-edu/students/share/applications/kalzium.desktop \
- share/debian-edu/students/share/applications/kbruch.desktop \
- share/debian-edu/students/share/applications/klatin.desktop \
- share/debian-edu/students/share/applications/kmplot.desktop \
- share/debian-edu/students/share/applications/kpercentage.desktop \
- share/debian-edu/students/share/applications/kstars.desktop \
- share/debian-edu/students/share/applications/kturtle.desktop \
- share/debian-edu/students/share/applications/kvoctrain.desktop \
- share/debian-edu/students/share/applications/kwordquiz.desktop \
- share/debian-edu/students/share/applications/oocalc.desktop \
- share/debian-edu/students/share/applications/ooimpress.desktop \
- share/debian-edu/students/share/applications/oowriter.desktop \
- share/debian-edu/root/share/apps/kdesktop/Desktop/tjener.desktop
-
-all:
- $(MAKE) -C www
-
-install: install-testsuite
- install -d $(DESTDIR)$(bindir)
- install -d $(DESTDIR)$(sbindir)
- install -d $(DESTDIR)$(sysconfdir) $(DESTDIR)$(sysconfdir)/cups
- install -d $(DESTDIR)$(ldapdir)
- install -d $(DESTDIR)$(dhcpdir)
- install -d $(DESTDIR)$(mailcapdir)
-
-# program's manpages are autodetected.
- set -e ; for prog in $(PROGS); do \
- $(INSTALL) bin/$$prog $(DESTDIR)$(bindir) ; \
- if [ -e "share/man/man1/$$prog.1" ]; \
- then \
- $(INSTALL_DATA) "share/man/man1/$$prog.1" $(DESTDIR)$(mandir)/man1/$$sprog.1 ; \
- fi \
- done
-# Using manpages autodetection :
- set -e ; for sprog in $(SPROGS); do \
- $(INSTALL) sbin/$$sprog $(DESTDIR)$(sbindir) ; \
- if [ -e "share/man/man8/$$sprog.8" ]; \
- then \
- $(INSTALL_DATA) "share/man/man8/$$sprog.8" $(DESTDIR)$(mandir)/man8/$$sprog.8 ; \
- fi \
- done
-
- $(INSTALL_DATA) README $(DESTDIR)$(docdir)/README
-
-# Samba roaming profile examples in different languages
- set -e ; for l in en de nb; do \
- $(INSTALL_DATA) doc/examples/smb-roaming-profiles-$$l.conf \
- $(DESTDIR)$(docdir)/examples/smb-roaming-profiles-$$l.conf ; \
- done
-
- set -e ; for cf in $(CFFILES); do \
- $(INSTALL_DATA) cf/$$cf $(DESTDIR)$(cfdir)/$$cf; \
- done
- set -e ; for cf in $(CFBINFILES); do \
- $(INSTALL) cf/$$cf $(DESTDIR)$(cfdir)/$$cf; \
- done
-
- set -e ; for file in $(SYSCONFFILES) ; do \
- $(INSTALL_DATA) etc/$$file $(DESTDIR)$(sysconfdir)/$$file; \
- done
-
- mkdir -p $(DESTDIR)$(sysconfdir)/init.d
- set -e ; for file in $(SYSCONFSCRIPTS) ; do \
- $(INSTALL) etc/$$file $(DESTDIR)$(sysconfdir)/$$file; \
- done
-
- set -e ; for file in $(LIBFILES) ; do \
- $(INSTALL_DATA) lib/$$file $(DESTDIR)$(libdir)/$$file; \
- done
-
- set -e ; for f in \
- share/debian-edu-config/d-i/finish-install \
- share/debian-edu-config/d-i/pre-pkgsel \
- share/debian-edu-config/tools/auto-addfirmware \
- share/debian-edu-config/tools/passwd \
- share/debian-edu-config/tools/cups-queue-autoflush \
- share/debian-edu-config/tools/cups-queue-autoreenable \
- share/debian-edu-config/tools/debian-edu-winbind \
- share/debian-edu-config/tools/get-default-homepage \
- share/debian-edu-config/tools/gosa-create \
- share/debian-edu-config/tools/gosa-create-host \
- share/debian-edu-config/tools/gosa-remove \
- share/debian-edu-config/tools/gosa-sync \
- share/debian-edu-config/tools/gosa-sync-dns-nfs \
- share/debian-edu-config/tools/iceweasel-plugin-support \
- share/debian-edu-config/tools/kerberos-kdc-init \
- share/debian-edu-config/tools/ldap2bind-updatezonelist \
- share/debian-edu-config/tools/ldap-user-clean-attic.sh \
- share/debian-edu-config/tools/ldapdump.sh \
- share/debian-edu-config/tools/locate-syslog-collector \
- share/debian-edu-config/tools/logoutkill.sh \
- share/debian-edu-config/tools/ltsp-addfirmware \
- share/debian-edu-config/tools/missing-desktop-file \
- share/debian-edu-config/tools/movehome \
- share/debian-edu-config/tools/nbdquery \
- share/debian-edu-config/tools/nbdswap-cleanup \
- share/debian-edu-config/tools/nightkill.sh \
- share/debian-edu-config/tools/notify-local-users \
- share/debian-edu-config/tools/password-fix-squeeze-r0 \
- share/debian-edu-config/tools/pipegraph \
- share/debian-edu-config/tools/preseed-ldap-kerberos \
- share/debian-edu-config/tools/preseed-sitesummary \
- share/debian-edu-config/tools/pxe-addfirmware \
- share/debian-edu-config/tools/qemu-test-network \
- share/debian-edu-config/tools/run-at-firstboot \
- share/debian-edu-config/tools/setup-roaming \
- share/debian-edu-config/tools/show-welcome-webpage \
- share/debian-edu-config/tools/sssd-generate-config \
- share/debian-edu-config/tools/squid-update-cachedir \
- share/debian-edu-config/tools/subnet-change \
- share/debian-edu-config/tools/update-iceweasel-homepage \
- share/debian-edu-config/tools/update-proxy-from-wpad \
- share/debian-edu-config/tools/wpad-extract \
- share/debian-edu-config/ltsp_set_runlevel \
- share/debian-edu-config/ltsp_local_mount \
- share/debian-edu-config/ltspfs-mounter-kde \
- share/initramfs-tools/scripts/nfs-bottom/before-ltsp \
- share/ltsp/ltsp_config.d/debian-edu-config-ldap \
- share/ltsp/ltsp_config.d/debian-edu-config-rwbind \
- share/ltsp/ltsp_config.d/debian-edu-fix-etc-hosts \
- ; do \
- $(INSTALL) $$f $(DESTDIR)/usr/$$f ; \
- done
-
- set -e ; for f in share/debian-edu/common/share/config/kcookiejarrc \
- share/debian-edu/common/share/apps/kicker/default-apps \
- share/debian-edu/common/share/config/artsmessagerc \
- share/debian-edu/common/share/config/kdeglobals \
- share/debian-edu/common/share/config/kdeprintrc \
- share/debian-edu/common/share/config/kpersonalizerrc \
- share/debian-edu/common/share/config/konquerorrc \
- share/debian-edu/common/share/config/kickoffrc \
- share/debian-edu/common/share/config/nepomukserverrc \
- share/debian-edu/networked-kde3/share/config/kioslaverc \
- share/debian-edu/networked-kde3/share/config/adept_notifierrc \
- share/debian-edu/networked-kde3/share/config/networkmanagementrc \
- share/debian-edu/networked-kde3/share/applications/pwdchange.desktop \
- share/debian-edu/thin-client/share/config/kcmartsrc \
- ; do \
- $(INSTALL_DATA) $$f $(DESTDIR)/usr/$$f ; \
- done
-
- set -e ; for f in $(KIOSKFILES) ; do \
- $(INSTALL_DATA) "$$f" "$(DESTDIR)/usr/$$f" ; \
- done
-
- set -e ; for f in \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/000-arch-detection \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/000-default-dist \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/002-default-apt-keyring \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/010-set-resolver \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/011-http-nopipeline \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/015-edu-apt-source \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/020-rootpath \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/025-bootprompt-opts \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/032-edu-pkgs \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/035-default-lts-conf \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/045-remove-udev-net-rules \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/050-nbdquery \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/095-umount-error \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/098-etckeeper \
- share/ltsp/plugins/ltsp-build-client/Debian-custom/099-mount-cdrom \
- ; do \
- $(INSTALL_DATA) $$f $(DESTDIR)/usr/$$f ; \
- done
-
- $(INSTALL_DATA) sbin/debian-edu-fsautoresizetab $(DESTDIR)/usr/share/debian-edu-config/fsautoresizetab
-
- set -e ; for f in \
- share/debian-edu-config/rsyslog-collector \
- share/debian-edu-config/iceweacel-networked-prefs.js \
- share/debian-edu-config/default-ltsp-client-setup \
- share/iceweasel/defaults/preferences/debian-edu.js \
- share/pam-configs/edu-group \
- share/pam-configs/edu-umask \
- share/perl5/Debian/Edu.pm \
- share/debian-edu-config/pam-config-ccreds-check \
- share/debian-edu-config/pam-config-ccreds-save \
- share/debian-edu-config/pam-config-mkhomedir \
- share/debian-edu-config/pam-config-krb5 \
- ; do \
- $(INSTALL_DATA) $$f $(DESTDIR)/usr/$$f ; \
- done
-
-# Using manpages autodetection :
- set -e ; for program in $(LDAPPROGRAMS) ; do \
- $(INSTALL) ldap-tools/$$program $(DESTDIR)$(bindir)/$$program; \
- if [ -e "share/man/man1/$$program.1" ]; \
- then \
- $(INSTALL_DATA) "share/man/man1/$$program.1" $(DESTDIR)$(mandir)/man1/$$sprog.1 ; \
- fi \
- done
- set -e ; for schema in $(SCHEMAS) ; do \
- $(INSTALL_DATA) ldap-schemas/$$schema $(DESTDIR)$(schemadir)/$$schema;\
- done
- set -e ; for ldif in $(LDIFS) ; do \
- $(INSTALL_DATA) ldap-bootstrap/$$ldif $(DESTDIR)$(ldapdir)/$$ldif ; \
- done
-
- set -e ; for file in $(WWWFILES) ; do \
- $(INSTALL_DATA) www/$$file $(DESTDIR)/$(wwwdir)/$$file ; \
- done
-
- chmod 700 $(DESTDIR)/var/lib/maildirs/
-
-install-testsuite:
- set -e ; for f in \
- share/debian-edu-config/testsuite-lib.sh \
- ; do \
- $(INSTALL_DATA) $$f $(DESTDIR)/usr/$$f ; \
- done
-
- install -d $(DESTDIR)$(pkglibdir)/testsuite
- set -e ; for test in testsuite/* ; do \
- $(INSTALL) $$test $(DESTDIR)$(pkglibdir)/$$test; \
- done
-
-
-
-clean:
- $(MAKE) -C www $@
- # Remove CVS cruft
- -find . -name '.#*' | xargs rm
-
-dist:
- debuild -us -uc
-
-status:
- $(MAKE) -C www stats
-
-i18n-poke:
- podebconf-report-po
- podebconf-report-po --podir www
Deleted: trunk/src/debian-edu-config/README
===================================================================
--- trunk/src/debian-edu-config/README 2014-08-21 11:46:44 UTC (rev 83703)
+++ trunk/src/debian-edu-config/README 2014-08-21 20:46:26 UTC (rev 83704)
@@ -1,327 +0,0 @@
-Skolelinux autoconfig system
-============================
-
-Uses cfengine to automatically configure the hosts.
-
-This package is used for all configuration that is impossible to do
-using debconf answers during first time install. Configuration
-changes, replacement config files and extra files to install in a
-Skolelinux installation belong to this package.
-
-All the configuration done in this package should in principle be
-possible to do using debconf answers. We should strive to get patches
-into the Debian packages or upstream source, to reduce the need for
-Skolelinux specific configuration.
-
-Adding / replacing config files
--------------------------------
-
-If we want to install (add) a file which is not included in another
-Debian package, the file should be installed as a normal file in the
-Debian package. This is only useful if the file can be safely
-installed for all profiles.
-
-If the file already exist in another package, we should try to use
-cfengine edit commands to modify the existing file. If the changes
-are massive, it will be more sensible to replace the existing file
-with out of our files, and only in this case should we use the
-masterfiles to copy an replacement file on top of the existing
-configuration file.
-
-To debug the variable expantion, cfengine-debian-edu -d3 2>&1 |less' can be used.
-
-Source overview
----------------
-
- cf/ - the cfengine configuration files, installed into
- /etc/cfengine/debian-edu
- cf/masterfiles/ - Replacement config files copied into place using
- cfengine. Use this if the file already exist in
- another Debian package.
- etc/... - New files installed into /etc/...
- bin/ - New files installed into /usr/bin/
- share/... - New files installed into /usr/share/...
-
-Contact Petter Reinholdtsen <pere at hungry.com> if you have questions.
-
-What is configured
-==================
-
-This is a high-level description on the configuration changes done by
-this package, including the files related to che configuration change.
-
-DNS server (powerdns)
-------------------
-
- Preconfigured DNS zone .intern with DNS names for services used by
- debian-edu. Also includes the DHCP distributed IP addressess used.
- The address range is separated into groups.
-
- http://wiki.debian.org/DebianEdu/Documentation/Lenny/Architecture
- includes a list of services that are set up by default in a Skolelinux
- network, please update it when you add new services.
-
- Where possible the DNS name correspond to the service name in /etc/services,
- where this is not possible the common name of the service is used as the DNS
- name. All configuration files will, if possible, refer to the service by name
- (without the domain name) thus making it easy for schools to change either
- their domain (if they have an own DNS domain), or the IP addresses they use.
-
-DHCP server (dhcp)
--------------------
-
- Contains info on the IP range and DNS server used on the network,
- and what to hand out to the clients. Also contain LTSP
- configuration options.
-
-syslog (rsyslog)
-----------------
-
- The main-server profile is configured as a syslog message collector,
- and all clients (workstation and thin-client-server) is configured
- to send all syslog messages to the host behind the DNS name syslog.
-
-NTP clients and server
-----------------------
-
- The main-server profile is configured as a publicly available NTP
- server, and the workstation and thin-client-server profiles are
- configured as NTP clients using the host behind the DNS name ntp as
- their NTP server.
-
-LDAP server (slapd)
--------------------
-
- Prepare it to work as NIS replacement for PAM, NSS and
- automount (autofs). Also prepare it work as backend storage for
- Samba domain controller.
- Prepare it to contain gosa and sudoers default configuration.
-
-
-NFS server (nfs-kernel-server)
-------------------------------
-
-HTTP proxy (squid)
-------------------
-
-SMB domain controller and file server (samba)
----------------------------------------------
-
- Samba server is configured as workgroup 'skolelinux' and ldap-based
- authentication. Printing is configured with cups, and an automatic
- drive mapping is set for a connected user on its home at h:\
- The samba server act as a domain controller and wins (windows name
- service) server.
- Samba client workstations are using tjener as their auth server,wins
- and domain controller. Their netbios name is automatically set.
- Roaming profiles are on by default, but the profiles are not separated
- from the homes data into specific directories for each Windows
- -Version like Win2K or WinXP.
-
-
-SMTP and IMAP post office (exim and dovecot)
----------------------------------------------
-
- Dovecot imap server is configured and can be accessed using kerberos
- ticket/gssapi.
-
- Exim is configured as a simple local mail relay on workstations and
- as a server for local users on servers. Local users are searched in
- the ldap database using exim ldap module.
-
-X terminal server solution (LTSP)
----------------------------------
-
-Printer system (CUPS)
----------------------
-
- Configure CUPS to work out of the box. Disable non-encrypted access
- for all hosts except localhost.
-
- cf/cf.cups
- etc/cups/cupsd-debian-edu.conf
-
-HTTP server (apache2)
---------------------
-
- For now, Apache configuration is only tuned to know user homepage
- are on /skole/tjener/home*/*/public_html (see cf/cf.apache2)
-
-
-KDE client config
------------------
- 1. share/debian-edu/common
- -> settings common to all debian-edu profiles
- - Disable kpersonalizer startup on initial login.
- - Disable warning dialog box presented when the sound card is missing.
- - Configure printsystem to use cups
- - Enable javascript for konqueror
- - Accept cookies by default
- - Add mime-type for ms-word documents (*.doc;*.DOC;*.dot;*.DOT)
- 2. share/debian-edu/networked-kd3
- -> settings common to all networked profiles (everything but standalone)
- - Set proxy settings and force them using kiosk (kde 3 > specific)
- 3. share/debian-edu/networked-kde2
- - Set proxy settings and force them using kiosk (kde 3 > specific)
- 4. share/debian-edu/thin-client
- - enable esd sound on thin clients
- 5. share/debian-edu/students
- -> eye candy and restrictions for members of the students group
- - put some of the learning tools on the Desktop
- - create a standard k-panel
- - disable shell access, run-commands, new session starting, k-panel
- configuration and accessing root programs via kde
-
-SSH (openssh)
--------------
-
- Enable X11 forwarding by default.
- cf/cf.ssh
-
-inetd
------
-
- Disable unused network services (discard, daytime, time) on all
- hosts, and diable SMTP listening on all client machines.
- cf/cf.inetd
-
-Design choices
-==============
-
-Local device access
--------------------
- Petter Reinholdtsen, 2006-10-17
-
- The local user should have access to some of the local devices
- (sound, cdrom, etc) after logging in on the console or via
- kdm/gdm/xdm/etc, but not when logging in from remote via ssh. There
- are as far as I know two ways to make this happen. One way is to
- add the local user to the groups needed to access these devices, the
- other is to change the permissions on these devices to give access
- to the local user. The former is done using pam_group, while the
- latter is done using pam_devperm. Both have advantages and
- weaknesses.
-
- pam_group
- ---------
-
- By updating /etc/pam.d/common-auth and /etc/security/group.conf it is
- possible to add the logged in user to the grous needed (audio,
- floppy, cdrom, plugdev, video). In addition to getting access to
- the devices present during login, it also make sure hotplugged
- devices like USB sticks work (group membership in plugdev take care
- of this).
-
- The problem with this method is that every member of the groups in
- question can create a setgid program to gain access to the devices
- also when not logged into the machine. This will make it possible
- to record from the microphone, read and from the floppy, cdrom and
- usb stick, as well as play unwanted sound on other users computers.
- It is also possible to start long-running processes in the
- background to keep the access privileges to the devices in question.
-
- There are some problems with this apporach with kde 3.5, as it
- switched from using pmount (which work) to using hal callouts which
- do not. More info on bug #377689.
-
---- /etc/pam.d/common-auth.orig 2006-10-17 11:25:40.000000000 +0000
-+++ /etc/pam.d/common-auth 2006-10-17 11:25:29.000000000 +0000
-@@ -7,4 +7,5 @@
- # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
- # traditional Unix authentication mechanisms.
- #
-+auth optional pam_group.so
- auth required pam_unix.so nullok_secure
---- /etc/security/group.conf.orig 2006-10-17 11:27:32.000000000 +0000
-+++ /etc/security/group.conf 2006-10-17 11:31:43.000000000 +0000
-@@ -55,6 +55,8 @@
- #xsh; tty* ;*;Al0900-1800;floppy
-
-
-+*; tty*&!ttyp*; *; Al0000-2400; audio,cdrom,floppy,plugdev,video
-+*; :0; *; Al0000-2400; audio,cdrom,floppy,plugdev,video
-
- #
- # End of group.conf file
-
- pam_devperm
- -----------
-
- By installing libpam-devperm and updating /etc/pam.d/common-sessionn
- (and /etc/logindevperm to fix bug #393661 and get access to
- /dev/dsp), it is possible to modify the permissions of relevant
- devices when a user log in, and reset the permissions when the user
- log out. The user of the device is changed to the logged in user,
- and the mode is normally set to 0600 granting exclusive access.
-
- The problem with this method is that hotplug devices do not work, as
- they are not available when the user is logged in, and the device
- ownership is only modified when the user log in. Another problem is
- that the user can keep the access privileges for the devices after
- he log out by starting long-running processes in the background.
-
---- /etc/pam.d/common-session.orig 2006-10-17 11:23:21.000000000 +0000
-+++ /etc/pam.d/common-session 2006-10-17 10:42:08.000000000 +0000
-@@ -7,3 +7,4 @@
- # non-interactive). The default is pam_unix.
- #
- session required pam_unix.so
-+session required pam_devperm.so
---- /etc/logindevperm.orig 2006-10-17 10:51:58.000000000 +0000
-+++ /etc/logindevperm 2006-10-17 10:53:08.000000000 +0000
-@@ -24,7 +24,7 @@
- :0 0600 /dev/cdrecorder:/dev/cdrecorder1:/dev/cdrecorder2:/dev/cdrecorder3
- :0 0600 /dev/dvd:/dev/dvd1:/dev/dvd2:/dev/dvd3
- :0 0600 /dev/zip:/dev/zip1:/dev/zip2:/dev/zip3
--:0 0600 /dev/dsp0:/dev/dsp1:/dev/dsp2:/dev/dsp3
-+:0 0600 /dev/dsp:/dev/dsp0:/dev/dsp1:/dev/dsp2:/dev/dsp3
- :0 0600 /dev/fd0:/dev/fd0u1440:/dev/fd0h1440:/dev/fd0u720:/dev/fd0h720
- :0 0600 /dev/fd1:/dev/fd1u1440:/dev/fd1h1440:/dev/fd1u720:/dev/fd1h720
- :0 0600 /dev/sequencer:/dev/sequencer2:/dev/music
-
- Conclusion
- ----------
-
- I recommend using the pam_group mechanism to get a working hotplug
- support, and recommend solving the setgid-issue by adding the nosuid
- mount flag to the partitions where users can add files (/home/,
- /tmp/, /dev/shm/, /var/lock/), and solving the problem with
- long-running processes by running some kind of idle-job killer to
- kill long-running processes.
-
-
-
-Ideas for LDAP based client configuration, reducing the amount of
-configuration stored on clients.
-=================================================================
-
-The basic idea is to let the clients derive all the information they
-need by starting with the DHCP reply and continue from there. At the
-moment, clients have LDAP tree information hardcoded. This can be
-fetched dynamically from the LDAP server, if the LDAP server can be
-located. The LDAP server can be found using the same mechanism used
-by MS AD, by adding the _ldap._tcp SRV records, or just using our
-'ldap' DNS alias as before.
-
- - use _ldap._tcp SRV record to find LDAP server
- - use ldap "root" object to find LDAP tree info (like AD
- defaultNamingContext attribute)
- "ldapsearch -x -s base -h $server -b '' -x '*'"
- - subnet three with relevant information? AD have subtree
- "CN=Subnets,CN=Sites,CN=Configuration,$base" with objectClass=subnet
- objects.
- - like printers to use?
- - like proxy setting?
- - like browser home page?
- - proxy configuration using WPAD provided by DHCP or from LDAP?
- "Web Access ProtocolDiscovery" (WAPD).
- - browser home page provided from LDAP for the host and/or user
- - LDAP populated using sitesummary information
- - for host group membership
- - for dhcp mac address binding
- - for dns names
- - LTSP configuration?
-
-Can the browser fetch configuration from LDAP?
-
-An alternative is to use the avahi service announcement mechanism.
Deleted: trunk/src/debian-edu-config/README.ldap
===================================================================
--- trunk/src/debian-edu-config/README.ldap 2014-08-21 11:46:44 UTC (rev 83703)
+++ trunk/src/debian-edu-config/README.ldap 2014-08-21 20:46:26 UTC (rev 83704)
@@ -1,168 +0,0 @@
-
-
-NB! DENNE FILEN ER UTDATERT, OG FØLGER IKKE NÅVÆRENDE KONVENSJONER
-
-
-GENERELT
-
-LDAP-basen skal innehalde opplysningar naudsynt for autentisering,
-tilgangsstyring for nettverksressursar (epost, diskusjonslister,
-internettilgang og filområde) og forholdet mellom klasse/elev/lærar.
-Andre attributtar for dei ulike elementa i treet skal også lagrast, så
-som epostadresser, telefonnummer, foresatte og personnummer (viss
-Datatilsynet tillet det).
-
-NASJONAL STRUKTUR
-
-Eit effektivt driftsopplegg krever at kvar skule har sitt eige
-namnerom slik at ein ikkje får namnekollisjonar når ein går over til
-meir sentral drift. Ved å bruke ein hierarkisk modell oppnår vi dette
-ganske enkelt. Ein hierarkisk modell gjer det også mogleg å delegere
-ansvar for å halde ei undergrein oppdatert.
-
-Det er naturleg å bruke same organisering som det er i det offentlege
-allereie, med andre ord ei inndeling i fylke og kommunar. Å kutte ut
-fylkesdelen fungerer ikkje sidan fleire kommunenamn vert brukt i to
-fylke (Sande i Vestfold og Møre og Romsdal, Bø i Telemark og Nordland,
-m.fl.). I Oslo deler vi inn etter bydel sidan det fylket ikkje er
-delt inn i kommunar (Kommentar: Dette er kanskje ikkje praktisk, sidan
-alle skulane i Oslo vert styrt sentralt.)
-
-NAMNEKONVENSJONAR
-
-Toppen av treet er "o=skolelinux,c=no". Når/viss Staten kjem inn og
-vil ta over drifta av opplegget vårt, kan det vere naturleg å bytte ut
-toppen av treet med noko anna. Vår programvare bør vere budd på at
-noko slikt kan skje.
-
-Neste trinn er "l=fylke". Vi brukar dei vanlege tobokstavs-
-stuttingane for fylkesnamn, "mr", "sf", "nt", "vf" osv. Merk at Oslo
-er "oslo", ikkje "os".
-
-Så kjem "l=kommune". Namnet vert skrive fullt ut. Det går fint å
-bruke norske teikn og blanke i dette namnet.
-
-Til sist kjem "o=skule". Namnet på skulen må vere unikt innanfor
-kommunen, og det er opptil kvar enkelt skule å velje namnet som vert
-brukt her. Eg synest det vil vere naturleg å skrive namnet fullt ut,
-men droppe "overflødige" ord. T.d. "Hole barne- og ungdomsskole" vert
-til berre "Hole", "Hole BU", eller kanskje "HBU" om det er den vanlege
-lokale stuttinga.
-
-AVBILDNING TIL EPOST-ADRESSER
-
-Overgangen frå ein Distinguished Name[1] i LDAP til eit epostdomene er
-rett fram. Norid tilrår at æøå vert gjort om til aoa. Tilsvarande
-vert gjort for bokstavar med aksent, c cedilla o.l. Blanke vert gjort
-om til bindestrek, og punktum vert fjerna.
-
-[1] Distinguished Name (DN) er termen som vert brukt om unike
- objekt-IDar.
-
-Nokon døme:
-
- Eining: Ytre Herøy Ungdomsskule, Herøy kommune, Møre og Romsdal
- LDAP DN: o=YHU,l=Herøy,l=mr,o=skolelinux,c=no
- Domene: yhu.heroy.mr.skolelinux.no
-
- Eining: Oslo Katedralskole, St. Hanshaugen-Ullevål bydel, Oslo
- LDAP DN: o=Oslo Katedralskole,l=St. Hanshaugen-Ullevål,l=oslo,
- o=skolelinux,c=no
- Domene: oslo-katedralskole.st-hanshaugen-ulleval.oslo.skolelinux.no
-
-Viss vi kuttar ut inndelinga i bydelar i Oslo, og leiinga på
-Katedralskolen ønskte det, kunne vi i staden få:
-
- Eining: Oslo Katedralskole, Oslo
- LDAP DN: o=Katta,l=oslo,o=skolelinux,c=no
- Domene: katta.oslo.skolelinux.no
-
-Domenet kan uansett overstyrast eksplisitt med attributten
-"associatedDomain".
-
-
-
-TREET FOR KVAR SKULE
-
-
-Toppnoden for skulen består av
- objectClass: organization
- objectClass: lisSchool
-Dette omfattar verdiar som postadresse, gateadresse, telefonnummer,
-faksnummer osv.
-
-Under toppnoden finn vi fire greiner.
-
-GREIN 1: organizationalUnit: Elev
-
-I denne greina finn vi eitt objekt for kvar elev ved skulen. Ein elev
-er sett saman av klassane
-
- objectClass: inetOrgPerson
- ... inneheld attributtar for namn, adresse, telefonnummer osv.
-
- objectClass: posixAccount
- ... inneheld all informasjon som skal til for å autentisere ein
- brukar i eit POSIX-miljø (i praksis Unix).
-
- objectClass: lisPerson
- ... inneheld
- emailAlias: gyldige epost-aliasar, "k.t.homme", "kjetil.t.homme",
- osv.
- owner: referanse til læraren som er klasseforstandar.
- vedkomande er autorisert til å endre verdiar i dette
- objektet.
- dataOfBirth: fødselsdato
- uniqueIdentifier:
- personnummer eller annan identifikator gyldig også
- utanfor denne skulen.
-
-Kvar elev kan ha eitt eller fleire lisKinship-objekt under seg.
-Attributtane i lisKinship er "kinship" og "kin". "kinship" er namnet
-på forholdet ("mor", "far", "tante", "verge"), "kin" er ein referanse
-til ein annan person i LDAP-treet. Sidan det er kinship som vert
-brukt for å lage eit unikt namn for dette objektet, kan ein elev kun
-ha éi tante registrert på seg.
-
-
-GREIN 2: organizationalUnit: Tilsett
-
-I denne greina finn vi alle tilsette på skulen. Dei tilsette er sett
-saman av same objektklassene som elevane, med berre små forskjellar i
-semantikken. dateOfBirth er valfritt for elevar også, men det er
-mindre sannsynleg at dette vert lagt inn på tilsette. "owner" vert
-sannsynlegvis heller ikkje brukt, men kan brukast for å la ein
-avdelingsleiar manipulere sine undersåttar.
-
-
-GREIN 3: organizationalUnit: Kontakt
-
-I denne greina finn vi personopplysningar om alle eksterne
-kontaktpersonar. Greina finnest hovudsakleg for å ha opplysningar om
-elevane sine foresatte, men det er fritt fram å leggje inn andre
-(seljarar, sensorar osv.) Praktisk som ei felles adressebok for
-skulen. "objectClass: inetOrgPerson" vert brukt.
-
-
-
-GREIN 4: organizationalUnit: Klasse
-
-Her ligg alle klassene/faga registrert. I småskulen vil ein vanlegvis
-ha berre ei klasse ("2B"), kanskje to ("2B" og "2B gym"). Generelt
-har ein eigne "klasser" for kvar undervisningsaktivitet der anten
-elevar eller lærar er forskjellige.
-
-Kvart klasseobjekt er av typen "objectClass: lisClass". Attributtane
-er:
-
- owner: Ansvarleg lærar (skrivetilgang til objektet)
- teacher: Peikar til lærar som er med på denne undervisnings-
- aktiviteten
- student: Peikar til student som er med på ...
- timeAndPlace: Spesifikasjon av tid og stad for aktiviteten
- seeAlso: Peikar til klasseobjekt som elevlista skal kopierast
- frå.
-
-Alle desse attributtane er valfrie og kan ein eller fleire verdiar.
-Merk at ein lærar må leggjast inn som "teacher" sjølv om han står
-oppført som "owner".
Added: trunk/src/debian-edu-config/README.migrated2git
===================================================================
--- trunk/src/debian-edu-config/README.migrated2git (rev 0)
+++ trunk/src/debian-edu-config/README.migrated2git 2014-08-21 20:46:26 UTC (rev 83704)
@@ -0,0 +1,2 @@
+The package debian-edu-install has been migrated to Git on Alioth:
+http://anonscm.debian.org/gitweb/?p=debian-edu/debian-edu-config.git;a=summary
More information about the debian-edu-commits
mailing list