<link>http://people.skolelinux.org/pere/blog/</link>
<atom:link href="http://people.skolelinux.org/pere/blog/index.rss" rel="self" type="application/rss+xml" />
+ <item>
+ <title>More flexible firmware handling in debian-installer</title>
+ <link>http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html</guid>
+ <pubDate>Sat, 22 May 2010 21:30:00 +0200</pubDate>
+ <description>
+<p>After a long break from debian-installer development, I finally
+found time today to return to the project. Having to spend less time
+working dependency based boot in debian, as it is almost complete now,
+definitely helped freeing some time.</p>
+
+<p>A while back, I ran into a problem while working on Debian Edu. We
+include some firmware packages on the Debian Edu CDs, those needed to
+get disk and network controllers working. Without having these
+firmware packages available during installation, it is impossible to
+install Debian Edu on the given machine, and because our target group
+are non-technical people, asking them to provide firmware packages on
+an external medium is a support pain. Initially, I expected it to be
+enough to include the firmware packages on the CD to get
+debian-installer to find and use them. This proved to be wrong.
+Next, I hoped it was enough to symlink the relevant firmware packages
+to some useful location on the CD (tried /cdrom/ and
+/cdrom/firmware/). This also proved to not work, and at this point I
+found time to look at the debian-installer code to figure out what was
+going to work.</p>
+
+<p>The firmware loading code is in the hw-detect package, and a closer
+look revealed that it would only look for firmware packages outside
+the installation media, so the CD was never checked for firmware
+packages. It would only check USB sticks, floppies and other
+"external" media devices. Today I changed it to also look in the
+/cdrom/firmware/ directory on the mounted CD or DVD, which should
+solve the problem I ran into with Debian edu. I also changed it to
+look in /firmware/, to make sure the installer also find firmware
+provided in the initrd when booting the installer via PXE, to allow us
+to provide the same feature in the PXE installer provided in Debian
+Edu.</p>
+
+<p>To make sure firmware deb packages with a license questions are not
+activated without asking if the license is accepted, I extended
+hw-detect to look for preinst scripts in the firmware packages, and
+run these before activating the firmware during installation. The
+license question is asked using debconf in the preinst, so this should
+solve the issue for the firmware packages I have looked at so far.</p>
+
+<p>If you want to discuss the details of these features, please
+contact us on debian-boot@lists.debian.org.</p>
+</description>
+ </item>
+
<item>
<title>Magnetstripeinnhold i billetter fra Flytoget og Hurtigruten</title>
<link>http://people.skolelinux.org/pere/blog/Magnetstripeinnhold_i_billetter_fra_Flytoget_og_Hurtigruten.html</link>
</description>
</item>
- <item>
- <title>Kerberos for Debian Edu/Squeeze?</title>
- <link>http://people.skolelinux.org/pere/blog/Kerberos_for_Debian_Edu_Squeeze_.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Kerberos_for_Debian_Edu_Squeeze_.html</guid>
- <pubDate>Wed, 14 Apr 2010 17:20:00 +0200</pubDate>
- <description>
-<p><a href="http://www.nuug.no/aktiviteter/20100413-kerberos/">Yesterdays
-NUUG presentation</a> about Kerberos was inspiring, and reminded me
-about the need to start using Kerberos in Skolelinux. Setting up a
-Kerberos server seem to be straight forward, and if we get this in
-place a long time before the Squeeze version of Debian freezes, we
-have a chance to migrate Skolelinux away from NFSv3 for the home
-directories, and over to an architecture where the infrastructure do
-not have to trust IP addresses and machines, and instead can trust
-users and cryptographic keys instead.</p>
-
-<p>A challenge will be integration and administration. Is there a
-Kerberos implementation for Debian where one can control the
-administration access in Kerberos using LDAP groups? With it, the
-school administration will have to maintain access control using flat
-files on the main server, which give a huge potential for errors.</p>
-
-<p>A related question I would like to know is how well Kerberos and
-pam-ccreds (offline password check) work together. Anyone know?</p>
-
-<p>Next step will be to use Kerberos for access control in Lwat and
-Nagios. I have no idea how much work that will be to implement. We
-would also need to document how to integrate with Windows AD, as such
-shared network will require two Kerberos realms that need to cooperate
-to work properly.</p>
-
-<p>I believe a good start would be to start using Kerberos on the
-skolelinux.no machines, and this way get ourselves experience with
-configuration and integration. A natural starting point would be
-setting up ldap.skolelinux.no as the Kerberos server, and migrate the
-rest of the machines from PAM via LDAP to PAM via Kerberos one at the
-time.</p>
-
-<p>If you would like to contribute to get this working in Skolelinux,
-I recommend you to see the video recording from yesterdays NUUG
-presentation, and start using Kerberos at home. The video show show
-up in a few days.</p>
-</description>
- </item>
-
</channel>
</rss>
projects / homepage.git / blobdiff