<atom:link href="http://people.skolelinux.org/pere/blog/index.rss" rel="self" type="application/rss+xml" />
<item>
- <title>Parallellized boot seem to hold up well in Debian/testing</title>
- <link>http://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html</guid>
- <pubDate>Thu, 27 May 2010 23:55:00 +0200</pubDate>
+ <title>Vinmonopolet bryter loven åpenlyst - og flere planlegger å gjøre det samme</title>
+ <link>http://people.skolelinux.org/pere/blog/Vinmonopolet_bryter_loven___penlyst___og_flere_planlegger____gj__re_det_samme.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Vinmonopolet_bryter_loven___penlyst___og_flere_planlegger____gj__re_det_samme.html</guid>
+ <pubDate>Wed, 16 Jun 2010 11:00:00 +0200</pubDate>
<description>
-<p>A few days ago, parallel booting was enabled in Debian/testing.
-The feature seem to hold up pretty well, but three fairly serious
-issues are known and should be solved:
-
-<p><ul>
-
-<li>The wicd package seen to
-<a href="http://bugs.debian.org/508289">break NFS mounting</a> and
-<a href="http://bugs.debian.org/581586">network setup</a> when
-parallel booting is enabled. No idea why, but the wicd maintainer
-seem to be on the case.</li>
-
-<li>The nvidia X driver seem to
-<a href="http://bugs.debian.org/583312">have a race condition</a>
-triggered more easily when parallel booting is in effect. The
-maintainer is on the case.</li>
-
-<li>The sysv-rc package fail to properly enable dependency based boot
-sequencing (the shutdown is broken) when old file-rc users
-<a href="http://bugs.debian.org/550425">try to switch back</a> to
-sysv-rc. One way to solve it would be for file-rc to create
-/etc/init.d/.legacy-bootordering, and another is to try to make
-sysv-rc more robust. Will investigate some more and probably upload a
-workaround in sysv-rc to help those trying to move from file-rc to
-sysv-rc get a working shutdown.</li>
-
-</ul></p>
-
-<p>All in all not many surprising issues, and all of them seem
-solvable before Squeeze is released. In addition to these there are
-some packages with bugs in their dependencies and run level settings,
-which I expect will be fixed in a reasonable time span.</p>
-
-<p>If you report any problems with dependencies in init.d scripts to
-the BTS, please usertag the report to get it to show up at
-<a href="http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org">the
-list of usertagged bugs related to this</a>.</p>
+<p><a href="http://www.dagbladet.no/2010/06/16/nyheter/innenriks/streik/arbeidsliv/12157858/">Dagbladet
+melder</a> at Vinmonopolet med bakgrunn i vekterstreiken som pågår i
+Norge for tiden, har bestemt seg for med vitende og vilje å bryte
+sentralbanklovens paragraf 14 ved å nekte folk å betale med
+kontanter, og at flere butikker planlegger å følge deres eksempel.
+Jeg synes det er hårreisende hvis de slipper unna med et slikt
+soleklart lovbrudd, og lurer på hva slags muligheter jeg vil ha hvis
+jeg blir nektet å handle med kontakter. Jeg handler i hovedsak med
+kontanter selv, da jeg anser det som en borgerrett å kunne handle
+anonymt uten at det blir registrert. For meg er det et angrep på mitt
+personvern å nekte å ta imot kontakt betaling.</p>
+
+<p><a href="http://www.lovdata.no/all/tl-19850524-028-003.html#14">Paragrafen
+i sentralbankloven</a> lyder:</p>
+
+<blockquote>
+<p>§ 14. Tvungent betalingsmiddel</p>
+
+<p>Bankens sedler og mynter er tvungent betalingsmiddel i Norge. Ingen
+er pliktig til i én betaling å ta imot mer enn femogtyve mynter av
+hver enhet.</p>
+
+<p>Sterkt skadde sedler og mynter er ikke tvungent
+betalingsmiddel. Banken gir nærmere forskrifter om erstatning for
+bortkomne, brente eller skadde sedler og mynter.</p>
+
+<p>Selv om en avtale inneholder klausul om betaling av en
+pengeforpliktelse i gullverdi, kan skyldneren frigjøre seg med tvungne
+betalingsmidler uten hensyn til denne klausul.</p>
+</blockquote>
+
+<p>Det er med bakgrunn i denne lovet ikke tillatt å nekte å ta imot
+kontakt betaling. Det er en lov jeg har sans for, og som jeg mener må
+håndheves strengt.</p>
</description>
</item>
<item>
- <title>More flexible firmware handling in debian-installer</title>
- <link>http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html</guid>
- <pubDate>Sat, 22 May 2010 21:30:00 +0200</pubDate>
+ <title>Officeshots taking shape</title>
+ <link>http://people.skolelinux.org/pere/blog/Officeshots_taking_shape.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Officeshots_taking_shape.html</guid>
+ <pubDate>Sun, 13 Jun 2010 11:40:00 +0200</pubDate>
<description>
-<p>After a long break from debian-installer development, I finally
-found time today to return to the project. Having to spend less time
-working dependency based boot in debian, as it is almost complete now,
-definitely helped freeing some time.</p>
-
-<p>A while back, I ran into a problem while working on Debian Edu. We
-include some firmware packages on the Debian Edu CDs, those needed to
-get disk and network controllers working. Without having these
-firmware packages available during installation, it is impossible to
-install Debian Edu on the given machine, and because our target group
-are non-technical people, asking them to provide firmware packages on
-an external medium is a support pain. Initially, I expected it to be
-enough to include the firmware packages on the CD to get
-debian-installer to find and use them. This proved to be wrong.
-Next, I hoped it was enough to symlink the relevant firmware packages
-to some useful location on the CD (tried /cdrom/ and
-/cdrom/firmware/). This also proved to not work, and at this point I
-found time to look at the debian-installer code to figure out what was
-going to work.</p>
-
-<p>The firmware loading code is in the hw-detect package, and a closer
-look revealed that it would only look for firmware packages outside
-the installation media, so the CD was never checked for firmware
-packages. It would only check USB sticks, floppies and other
-"external" media devices. Today I changed it to also look in the
-/cdrom/firmware/ directory on the mounted CD or DVD, which should
-solve the problem I ran into with Debian edu. I also changed it to
-look in /firmware/, to make sure the installer also find firmware
-provided in the initrd when booting the installer via PXE, to allow us
-to provide the same feature in the PXE setup included in Debian
-Edu.</p>
-
-<p>To make sure firmware deb packages with a license questions are not
-activated without asking if the license is accepted, I extended
-hw-detect to look for preinst scripts in the firmware packages, and
-run these before activating the firmware during installation. The
-license question is asked using debconf in the preinst, so this should
-solve the issue for the firmware packages I have looked at so far.</p>
-
-<p>If you want to discuss the details of these features, please
-contact us on debian-boot@lists.debian.org.</p>
+<p>For those of us caring about document exchange and
+interoperability, <a href="http://www.officeshots.org/">OfficeShots</a>
+is a great service. It is to ODF documents what
+<a href="http://browsershots.org/">BrowserShots</a> is for web
+pages.</p>
+
+<p>A while back, I was contacted by Knut Yrvin at the part of Nokia
+that used to be Trolltech, who wanted to help the OfficeShots project
+and wondered if the University of Oslo where I work would be
+interested in supporting the project. I helped him to navigate his
+request to the right people at work, and his request was answered with
+a spot in the machine room with power and network connected, and Knut
+arranged funding for a machine to fill the spot. The machine is
+administrated by the OfficeShots people, so I do not have daily
+contact with its progress, and thus from time to time check back to
+see how the project is doing.</p>
+
+<p>Today I had a look, and was happy to see that the Dell box in our
+machine room now is the host for several virtual machines running as
+OfficeShots factories, and the project is able to render ODF documents
+in 17 different document processing implementation on Linux and
+Windows. This is great.</p>
</description>
</item>
<item>
- <title>Magnetstripeinnhold i billetter fra Flytoget og Hurtigruten</title>
- <link>http://people.skolelinux.org/pere/blog/Magnetstripeinnhold_i_billetter_fra_Flytoget_og_Hurtigruten.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Magnetstripeinnhold_i_billetter_fra_Flytoget_og_Hurtigruten.html</guid>
- <pubDate>Fri, 21 May 2010 16:00:00 +0200</pubDate>
+ <title>Lenny->Squeeze upgrades, removals by apt and aptitude</title>
+ <link>http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html</guid>
+ <pubDate>Sun, 13 Jun 2010 09:05:00 +0200</pubDate>
<description>
-<p>For en stund tilbake kjøpte jeg en magnetkortleser for å kunne
-titte på hva som er skrevet inn på magnetstripene til ulike kort. Har
-ikke hatt tid til å analysere mange kort så langt, men tenkte jeg
-skulle dele innholdet på to kort med mine lesere.</p>
-
-<p>For noen dager siden tok jeg flyet til Harstad og Hurtigruten til
-Bergen. Flytoget fra Oslo S til flyplassen ga meg en billett med
-magnetstripe. Påtrykket finner jeg følgende informasjon:</p>
-
-<pre>
-Flytoget Airport Express Train
-
-Fra - Til : Oslo Sentralstasjon
-Kategori : Voksen
-Pris : Nok 170,00
-Herav mva. 8,00% : NOK 12,59
-Betaling : Kontant
-Til - Fra : Oslo Lufthavn
-Utstedt: : 08.05.10
-Gyldig Fra-Til : 08.05.10-07.11.10
-Billetttype : Enkeltbillett
-
-102-1015-100508-48382-01-08
-</pre>
-
-<p>På selve magnetstripen er innholdet
-<tt>;E?+900120011=23250996541068112619257138248441708433322932704083389389062603279671261502492655?</tt>.
-Aner ikke hva innholdet representerer, og det er lite overlapp mellom
-det jeg ser trykket på billetten og det jeg ser av tegn i
-magnetstripen. Håper det betyr at de bruker kryptografiske metoder
-for å gjøre det vanskelig å forfalske billetter.</p>
-
-<p>Den andre billetten er fra Hurtigruten, der jeg mistenker at
-strekkoden på fronten er mer brukt enn magnetstripen (det var i hvert
-fall den biten vi stakk inn i dørlåsen).</p>
-
-<p>Påtrykket forsiden er følgende:</p>
-
-<pre>
-Romnummer 727
-Hurtigruten
-Midnatsol
-Reinholdtsen
-Petter
-Bookingno: SAX69 0742193
-Harstad-Bergen
-Dep: 09.05.2010 Arr: 12.05.2010
-Lugar fra Risøyhamn
-Kost: FRO=4
-</pre>
-
-<p>På selve magnetstripen er innholdet
-<tt>;1316010007421930=00000000000000000000?+E?</tt>. Heller ikke her
-ser jeg mye korrespondanse mellom påtrykk og magnetstripe.</p>
+<p>My
+<a href="http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html">testing
+of Debian upgrades</a> from Lenny to Squeeze continues, and I've
+finally made the upgrade logs available from
+<a href="http://people.skolelinux.org/pere/debian-upgrade-testing/">http://people.skolelinux.org/pere/debian-upgrade-testing/</a>.
+I am now testing dist-upgrade of Gnome and KDE in a chroot using both
+apt and aptitude, and found their differences interesting. This time
+I will only focus on their removal plans.</p>
+
+<p>After installing a Gnome desktop and the laptop task, apt-get wants
+to remove 72 packages when dist-upgrading from Lenny to Squeeze. The
+surprising part is that it want to remove xorg and all
+xserver-xorg-video* drivers. Clearly not a good choice, but I am not
+sure why. When asking aptitude to do the same, it want to remove 129
+packages, but most of them are library packages I suspect are no
+longer needed. Both of them want to remove bluetooth packages, which
+I do not know. Perhaps these bluetooth packages are obsolete?</p>
+
+<p>For KDE, apt-get want to remove 82 packages, among them kdebase
+which seem like a bad idea and xorg the same way as with Gnome. Asking
+aptitude for the same, it wants to remove 192 packages, none which are
+too surprising.</p>
+
+<p>I guess the removal of xorg during upgrades should be investigated
+and avoided, and perhaps others as well. Here are the complete list
+of planned removals. The complete logs is available from the URL
+above. Note if you want to repeat these tests, that the upgrade test
+for kde+apt-get hung in the tasksel setup because of dpkg asking
+conffile questions. No idea why. I worked around it by using
+'<tt>echo >> /proc/<em>pidofdpkg</em>/fd/0</tt>' to tell dpkg to
+continue.</p>
+
+<p><b>apt-get gnome 72</b>
+<br>bluez-gnome cupsddk-drivers deskbar-applet gnome
+ gnome-desktop-environment gnome-network-admin gtkhtml3.14
+ iceweasel-gnome-support libavcodec51 libdatrie0 libgdl-1-0
+ libgnomekbd2 libgnomekbdui2 libmetacity0 libslab0 libxcb-xlib0
+ nautilus-cd-burner python-gnome2-desktop python-gnome2-extras
+ serpentine swfdec-mozilla update-manager xorg xserver-xorg
+ xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
+ xserver-xorg-input-kbd xserver-xorg-input-mouse
+ xserver-xorg-input-synaptics xserver-xorg-input-wacom
+ xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
+ xserver-xorg-video-ati xserver-xorg-video-chips
+ xserver-xorg-video-cirrus xserver-xorg-video-cyrix
+ xserver-xorg-video-dummy xserver-xorg-video-fbdev
+ xserver-xorg-video-glint xserver-xorg-video-i128
+ xserver-xorg-video-i740 xserver-xorg-video-imstt
+ xserver-xorg-video-intel xserver-xorg-video-mach64
+ xserver-xorg-video-mga xserver-xorg-video-neomagic
+ xserver-xorg-video-nsc xserver-xorg-video-nv
+ xserver-xorg-video-openchrome xserver-xorg-video-r128
+ xserver-xorg-video-radeon xserver-xorg-video-radeonhd
+ xserver-xorg-video-rendition xserver-xorg-video-s3
+ xserver-xorg-video-s3virge xserver-xorg-video-savage
+ xserver-xorg-video-siliconmotion xserver-xorg-video-sis
+ xserver-xorg-video-sisusb xserver-xorg-video-tdfx
+ xserver-xorg-video-tga xserver-xorg-video-trident
+ xserver-xorg-video-tseng xserver-xorg-video-v4l
+ xserver-xorg-video-vesa xserver-xorg-video-vga
+ xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-1.9
+ xulrunner-1.9-gnome-support</p>
+
+<p><b>aptitude gnome 129</b>
+
+<br>bluez-gnome bluez-utils cpp-4.3 cupsddk-drivers dhcdbd
+ djvulibre-desktop finger gnome-app-install gnome-mount
+ gnome-network-admin gnome-spell gnome-vfs-obexftp
+ gnome-volume-manager gstreamer0.10-gnomevfs gtkhtml3.14 libao2
+ libavahi-compat-libdnssd1 libavahi-core5 libavcodec51 libbluetooth2
+ libcamel1.2-11 libcdio7 libcucul0 libcupsys2 libcurl3 libdatrie0
+ libdirectfb-1.0-0 libdvdread3 libedataserver1.2-9 libeel2-2.20
+ libeel2-data libepc-1.0-1 libepc-ui-1.0-1 libfaad0 libgail-common
+ libgd2-noxpm libgda3-3 libgda3-common libgdl-1-0 libgdl-1-common
+ libggz2 libggzcore9 libggzmod4 libgksu1.2-0 libgksuui1.0-1 libgmyth0
+ libgnomecups1.0-1 libgnomekbd2 libgnomekbdui2 libgnomeprint2.2-0
+ libgnomeprint2.2-data libgnomeprintui2.2-0 libgnomeprintui2.2-common
+ libgnomevfs2-bin libgpod3 libgraphviz4 libgtkhtml2-0
+ libgtksourceview-common libgtksourceview1.0-0 libgucharmap6
+ libhesiod0 libicu38 libiw29 libkpathsea4 libltdl3 libmagick++10
+ libmagick10 libmalaga7 libmetacity0 libmtp7 libmysqlclient15off
+ libnautilus-burn4 libneon27 libnm-glib0 libnm-util0 libopal-2.2
+ libosp5 libparted1.8-10 libpoppler-glib3 libpoppler3 libpt-1.10.10
+ libpt-1.10.10-plugins-alsa libpt-1.10.10-plugins-v4l libraw1394-8
+ libsensors3 libslab0 libsmbios2 libsoup2.2-8 libssh2-1
+ libsuitesparse-3.1.0 libswfdec-0.6-90 libtalloc1 libtotem-plparser10
+ libtrackerclient0 libxalan2-java libxalan2-java-gcj libxcb-xlib0
+ libxerces2-java libxerces2-java-gcj libxklavier12 libxtrap6
+ libxxf86misc1 libzephyr3 mysql-common nautilus-cd-burner
+ openoffice.org-writer2latex openssl-blacklist p7zip
+ python-4suite-xml python-eggtrayicon python-gnome2-desktop
+ python-gnome2-extras python-gtkhtml2 python-gtkmozembed
+ python-numeric python-sexy serpentine svgalibg1 swfdec-gnome
+ swfdec-mozilla totem-gstreamer update-manager wodim
+ xserver-xorg-video-cyrix xserver-xorg-video-imstt
+ xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
+ zip</p>
+
+<p><b>apt-get kde 82</b>
+
+<br>cupsddk-drivers karm kaudiocreator kcoloredit kcontrol kde kde-core
+ kdeaddons kdeartwork kdebase kdebase-bin kdebase-bin-kde3
+ kdebase-kio-plugins kdesktop kdeutils khelpcenter kicker
+ kicker-applets knewsticker kolourpaint konq-plugins konqueror korn
+ kpersonalizer kscreensaver ksplash libavcodec51 libdatrie0 libkiten1
+ libxcb-xlib0 quanta superkaramba texlive-base-bin xorg xserver-xorg
+ xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
+ xserver-xorg-input-kbd xserver-xorg-input-mouse
+ xserver-xorg-input-synaptics xserver-xorg-input-wacom
+ xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
+ xserver-xorg-video-ati xserver-xorg-video-chips
+ xserver-xorg-video-cirrus xserver-xorg-video-cyrix
+ xserver-xorg-video-dummy xserver-xorg-video-fbdev
+ xserver-xorg-video-glint xserver-xorg-video-i128
+ xserver-xorg-video-i740 xserver-xorg-video-imstt
+ xserver-xorg-video-intel xserver-xorg-video-mach64
+ xserver-xorg-video-mga xserver-xorg-video-neomagic
+ xserver-xorg-video-nsc xserver-xorg-video-nv
+ xserver-xorg-video-openchrome xserver-xorg-video-r128
+ xserver-xorg-video-radeon xserver-xorg-video-radeonhd
+ xserver-xorg-video-rendition xserver-xorg-video-s3
+ xserver-xorg-video-s3virge xserver-xorg-video-savage
+ xserver-xorg-video-siliconmotion xserver-xorg-video-sis
+ xserver-xorg-video-sisusb xserver-xorg-video-tdfx
+ xserver-xorg-video-tga xserver-xorg-video-trident
+ xserver-xorg-video-tseng xserver-xorg-video-v4l
+ xserver-xorg-video-vesa xserver-xorg-video-vga
+ xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-1.9</p>
+
+<p><b>aptitude kde 192</b>
+<br>bluez-utils cpp-4.3 cupsddk-drivers cvs dcoprss dhcdbd
+ djvulibre-desktop dosfstools eyesapplet fifteenapplet finger gettext
+ ghostscript-x imlib-base imlib11 indi kandy karm kasteroids
+ kaudiocreator kbackgammon kbstate kcoloredit kcontrol kcron kdat
+ kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window
+ kdebase-bin-kde3 kdebase-kio-plugins kdeedu-data
+ kdegraphics-kfile-plugins kdelirc kdemultimedia-kappfinder-data
+ kdemultimedia-kfile-plugins kdenetwork-kfile-plugins
+ kdepim-kfile-plugins kdepim-kio-plugins kdeprint kdesktop kdessh
+ kdict kdnssd kdvi kedit keduca kenolaba kfax kfaxview kfouleggs
+ kghostview khelpcenter khexedit kiconedit kitchensync klatin
+ klickety kmailcvt kmenuedit kmid kmilo kmoon kmrml kodo kolourpaint
+ kooka korn kpager kpdf kpercentage kpf kpilot kpoker kpovmodeler
+ krec kregexpeditor ksayit ksim ksirc ksirtet ksmiletris ksmserver
+ ksnake ksokoban ksplash ksvg ksysv ktip ktnef kuickshow kverbos
+ kview kviewshell kvoctrain kwifimanager kwin kwin4 kworldclock
+ kxsldbg libakode2 libao2 libarts1-akode libarts1-audiofile
+ libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1
+ libavahi-core5 libavc1394-0 libavcodec51 libbluetooth2
+ libboost-python1.34.1 libcucul0 libcurl3 libcvsservice0 libdatrie0
+ libdirectfb-1.0-0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0
+ libgail-common libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-0
+ libicu38 libiec61883-0 libindex0 libiw29 libk3b3 libkcal2b libkcddb1
+ libkdeedu3 libkdepim1a libkgantt0 libkiten1 libkleopatra1 libkmime2
+ libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1
+ libksieve0 libktnef1 liblockdev1 libltdl3 libmagick10 libmimelib1c2a
+ libmozjs1d libmpcdec3 libneon27 libnm-util0 libopensync0 libpisock9
+ libpoppler-glib3 libpoppler-qt2 libpoppler3 libraw1394-8 libsmbios2
+ libssh2-1 libsuitesparse-3.1.0 libtalloc1 libtiff-tools
+ libxalan2-java libxalan2-java-gcj libxcb-xlib0 libxerces2-java
+ libxerces2-java-gcj libxtrap6 mpeglib networkstatus
+ openoffice.org-writer2latex pmount poster psutils quanta quanta-data
+ superkaramba svgalibg1 tex-common texlive-base texlive-base-bin
+ texlive-common texlive-doc-base texlive-fonts-recommended
+ xserver-xorg-video-cyrix xserver-xorg-video-imstt
+ xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
+ xulrunner-1.9</p>
+
</description>
</item>
<item>
- <title>Pieces of the roaming laptop puzzle in Debian</title>
- <link>http://people.skolelinux.org/pere/blog/Pieces_of_the_roaming_laptop_puzzle_in_Debian.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Pieces_of_the_roaming_laptop_puzzle_in_Debian.html</guid>
- <pubDate>Wed, 19 May 2010 19:00:00 +0200</pubDate>
+ <title>Åpne trådløsnett er et samfunnsgode</title>
+ <link>http://people.skolelinux.org/pere/blog/__pne_tr__dl__snett_er_et_samfunnsgode.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/__pne_tr__dl__snett_er_et_samfunnsgode.html</guid>
+ <pubDate>Sat, 12 Jun 2010 12:45:00 +0200</pubDate>
<description>
-<p>Today, the last piece of the puzzle for roaming laptops in Debian
-Edu finally entered the Debian archive. Today, the new
-<a href="http://packages.qa.debian.org/libp/libpam-mklocaluser.html">libpam-mklocaluser</a>
-package was accepted. Two days ago, two other pieces was accepted
-into unstable. The
-<a href="http://packages.qa.debian.org/p/pam-python.html">pam-python</a>
-package needed by libpam-mklocaluser, and the
-<a href="http://packages.qa.debian.org/s/sssd.html">sssd</a> package
-passed NEW on Monday. In addition, the
-<a href="http://packages.qa.debian.org/libp/libpam-ccreds.html">libpam-ccreds</a>
-package we need is in experimental (version 10-4) since Saturday, and
-hopefully will be moved to unstable soon.</p>
-
-<p>This collection of packages allow for two different setups for
-roaming laptops. The traditional setup would be using libpam-ccreds,
-nscd and libpam-mklocaluser with LDAP or Kerberos authentication,
-which should work out of the box if the configuration changes proposed
-for nscd in <a href="http://bugs.debian.org/485282">BTS report
-#485282</a> is implemented. The alternative setup is to use sssd with
-libpam-mklocaluser to connect to LDAP or Kerberos and let sssd take
-care of the caching of passwords and group information.</p>
-
-<p>I have so far been unable to get sssd to work with the LDAP server
-at the University, but suspect the issue is some SSL/GnuTLS related
-problem with the server certificate. I plan to update the Debian
-package to version 1.2, which is scheduled for next week, and hope to
-find time to make sure the next release will include both the
-Debian/Ubuntu specific patches. Upstream is friendly and responsive,
-and I am sure we will find a good solution.</p>
-
-<p>The idea is to set up the roaming laptops to authenticate using
-LDAP or Kerberos and create a local user with home directory in /home/
-when a usre in LDAP logs in via KDM or GDM for the first time, and
-cache the password for offline checking, as well as caching group
-memberhips and other relevant LDAP information. The
-libpam-mklocaluser package was created to make sure the local home
-directory is in /home/, instead of /site/server/directory/ which would
-be the home directory if pam_mkhomedir was used. To avoid confusion
-with support requests and configuration, we do not want local laptops
-to have users in a path that is used for the same users home directory
-on the home directory servers.</p>
-
-<p>One annoying problem with gdm is that it do not show the PAM
-message passed to the user from libpam-mklocaluser when the local user
-is created. Instead gdm simply reject the login with some generic
-message. The message is shown in kdm, ssh and login, so I guess it is
-a bug in gdm. Have not investigated if there is some other message
-type that can be used instead to get gdm to also show the message.</p>
-
-<p>If you want to help out with implementing this for Debian Edu,
-please contact us on debian-edu@lists.debian.org.</p>
+<p>Veldig glad for å oppdage via
+<a href="http://yro.slashdot.org/story/10/06/11/1841256/Finland-To-Legalize-Use-of-Unsecured-Wi-Fi">Slashdot</a>
+at folk i Finland har forstått at åpne trådløsnett er et samfunnsgode.
+Jeg ser på åpne trådløsnett som et fellesgode på linje med retten til
+ferdsel i utmark og retten til å bevege seg i strandsonen. Jeg har
+glede av åpne trådløsnett når jeg finner dem, og deler gladelig nett
+med andre så lenge de ikke forstyrrer min bruk av eget nett.
+Nettkapasiteten er sjelden en begrensning ved normal browsing og enkel
+SSH-innlogging (som er min vanligste nettbruk), og nett kan brukes til
+så mye positivt og nyttig (som nyhetslesing, sjekke været, kontakte
+slekt og venner, holde seg oppdatert om politiske saker, kontakte
+organisasjoner og politikere, etc), at det for meg er helt urimelig å
+blokkere dette for alle som ikke gjør en flue fortred. De som mener
+at potensialet for misbruk er grunn nok til å hindre all den positive
+og lovlydige bruken av et åpent trådløsnett har jeg dermed ingen
+forståelse for. En kan ikke eksistensen av forbrytere styre hvordan
+samfunnet skal organiseres. Da får en et kontrollsamfunn de færreste
+ønsker å leve i, og det at vi har et samfunn i Norge der tilliten til
+hverandre er høy gjør at samfunnet fungerer ganske godt. Det bør vi
+anstrenge oss for å beholde.</p>
</description>
</item>
<item>
- <title>Parallellized boot is now the default in Debian/unstable</title>
- <link>http://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html</guid>
- <pubDate>Fri, 14 May 2010 22:40:00 +0200</pubDate>
+ <title>Automatic upgrade testing from Lenny to Squeeze</title>
+ <link>http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html</guid>
+ <pubDate>Fri, 11 Jun 2010 22:50:00 +0200</pubDate>
<description>
-<p>Since this evening, parallel booting is the default in
-Debian/unstable for machines using dependency based boot sequencing.
-Apparently the testing of concurrent booting has been wider than
-expected, if I am to believe the
-<a href="http://lists.debian.org/debian-devel/2010/05/msg00122.html">input
-on debian-devel@</a>, and I concluded a few days ago to move forward
-with the feature this weekend, to give us some time to detect any
-remaining problems before Squeeze is frozen. If serious problems are
-detected, it is simple to change the default back to sequential boot.
-The upload of the new sysvinit package also activate a new upstream
-version.</p>
-
-More information about
-<a href="http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot">dependency
-based boot sequencing</a> is available from the Debian wiki. It is
-currently possible to disable parallel booting when one run into
-problems caused by it, by adding this line to /etc/default/rcS:</p>
+<p>The last few days I have done some upgrade testing in Debian, to
+see if the upgrade from Lenny to Squeeze will go smoothly. A few bugs
+have been discovered and reported in the process
+(<a href="http://bugs.debian.org/585410">#585410</a> in nagios3-cgi,
+<a href="http://bugs.debian.org/584879">#584879</a> already fixed in
+enscript and <a href="http://bugs.debian.org/584861">#584861</a> in
+kdebase-workspace-data), and to get a more regular testing going on, I
+am working on a script to automate the test.</p>
+
+<p>The idea is to create a Lenny chroot and use tasksel to install a
+Gnome or KDE desktop installation inside the chroot before upgrading
+it. To ensure no services are started in the chroot, a policy-rc.d
+script is inserted. To make sure tasksel believe it is to install a
+desktop on a laptop, the tasksel tests are replaced in the chroot
+(only acceptable because this is a throw-away chroot).</p>
+
+<p>A naive upgrade from Lenny to Squeeze using aptitude dist-upgrade
+currently always fail because udev refuses to upgrade with the kernel
+in Lenny, so to avoid that problem the file /etc/udev/kernel-upgrade
+is created. The bug report
+<a href="http://bugs.debian.org/566000">#566000</a> make me suspect
+this problem do not trigger in a chroot, but I touch the file anyway
+to make sure the upgrade go well. Testing on virtual and real
+hardware have failed me because of udev so far, and creating this file
+do the trick in such settings anyway. This is a
+<a href="http://www.linuxquestions.org/questions/debian-26/failed-dist-upgrade-due-to-udev-config_sysfs_deprecated-nonsense-804130/">known
+issue</a> and the current udev behaviour is intended by the udev
+maintainer because he lack the resources to rewrite udev to keep
+working with old kernels or something like that. I really wish the
+udev upstream would keep udev backwards compatible, to avoid such
+upgrade problem, but given that they fail to do so, I guess
+documenting the way out of this mess is the best option we got for
+Debian Squeeze.</p>
+
+<p>Anyway, back to the task at hand, testing upgrades. This test
+script, which I call <tt>upgrade-test</tt> for now, is doing the
+trick:</p>
<blockquote><pre>
-CONCURRENCY=none
+#!/bin/sh
+set -ex
+
+if [ "$1" ] ; then
+ desktop=$1
+else
+ desktop=gnome
+fi
+
+from=lenny
+to=squeeze
+
+exec &lt; /dev/null
+unset LANG
+mirror=http://ftp.skolelinux.org/debian
+tmpdir=chroot-$from-upgrade-$to-$desktop
+fuser -mv .
+debootstrap $from $tmpdir $mirror
+chroot $tmpdir aptitude update
+cat > $tmpdir/usr/sbin/policy-rc.d &lt;&lt;EOF
+#!/bin/sh
+exit 101
+EOF
+chmod a+rx $tmpdir/usr/sbin/policy-rc.d
+exit_cleanup() {
+ umount $tmpdir/proc
+}
+mount -t proc proc $tmpdir/proc
+# Make sure proc is unmounted also on failure
+trap exit_cleanup EXIT INT
+
+chroot $tmpdir aptitude -y install debconf-utils
+
+# Make sure tasksel autoselection trigger. It need the test scripts
+# to return the correct answers.
+echo tasksel tasksel/desktop multiselect $desktop | \
+ chroot $tmpdir debconf-set-selections
+
+# Include the desktop and laptop task
+for test in desktop laptop ; do
+ echo > $tmpdir/usr/lib/tasksel/tests/$test &lt;&lt;EOF
+#!/bin/sh
+exit 2
+EOF
+ chmod a+rx $tmpdir/usr/lib/tasksel/tests/$test
+done
+
+DEBIAN_FRONTEND=noninteractive
+DEBIAN_PRIORITY=critical
+export DEBIAN_FRONTEND DEBIAN_PRIORITY
+chroot $tmpdir tasksel --new-install
+
+echo deb $mirror $to main > $tmpdir/etc/apt/sources.list
+chroot $tmpdir aptitude update
+touch $tmpdir/etc/udev/kernel-upgrade
+chroot $tmpdir aptitude -y dist-upgrade
+fuser -mv
</pre></blockquote>
-<p>If you report any problems with dependencies in init.d scripts to
-the BTS, please usertag the report to get it to show up at
-<a href="http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org">the
-list of usertagged bugs related to this</a>.</p>
+<p>I suspect it would be useful to test upgrades with both apt-get and
+with aptitude, but I have not had time to look at how they behave
+differently so far. I hope to get a cron job running to do the test
+regularly and post the result on the web. The Gnome upgrade currently
+work, while the KDE upgrade fail because of the bug in
+kdebase-workspace-data</p>
+
+<p>I am not quite sure what kind of extract from the huge upgrade logs
+(KDE 167 KiB, Gnome 516 KiB) it make sense to include in this blog
+post, so I will refrain from trying. I can report that for Gnome,
+aptitude report 760 packages upgraded, 448 newly installed, 129 to
+remove and 1 not upgraded and 1024MB need to be downloaded while for
+KDE the same numbers are 702 packages upgraded, 507 newly installed,
+193 to remove and 0 not upgraded and 1117MB need to be downloaded</p>
+
+<p>I am very happy to notice that the Gnome desktop + laptop upgrade
+is able to migrate to dependency based boot sequencing and parallel
+booting without a hitch. Was unsure if there were still bugs with
+packages failing to clean up their obsolete init.d script during
+upgrades, and no such problem seem to affect the Gnome desktop+laptop
+packages.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Skolelinux er laget for sentraldrifting, naturligvis</title>
+ <link>http://people.skolelinux.org/pere/blog/Skolelinux_er_laget_for_sentraldrifting__naturligvis.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Skolelinux_er_laget_for_sentraldrifting__naturligvis.html</guid>
+ <pubDate>Wed, 9 Jun 2010 12:30:00 +0200</pubDate>
+ <description>
+<p>Det er merkelig hvordan myter om Skolelinux overlever. En slik
+myte er at Skolelinux ikke kan sentraldriftes og ha sentralt plasserte
+tjenermaskiner. I siste Computerworld Norge er
+<a href="http://www.idg.no/computerworld/article169432.ece">IT-sjef
+Viggo Billdal i Steinkjer intervjuet</a>, og forteller uten
+blygsel:</p>
+
+<blockquote><p>Vi hadde Skolelinux, men det har vi sluttet med. Vi testet
+om det lønte seg med Microsoft eller en åpen plattform. Vi fant ut at
+Microsoft egentlig var totalt sett bedre egnet. Det var store
+driftskostnader med Skolelinux, blant annet på grunn av
+desentraliserte servere. Det var komplisert, så vi gikk vekk fra det
+og bruker nå bare Windows.</p></blockquote>
+
+<p>En <a
+href="https://init.linpro.no/pipermail/skolelinux.no/bruker/2010-June/009101.html">rask
+sjekk</a> mot den norske brukerlista i Skolelinuxprosjektet forteller
+at Steinkjers forsøk foregikk fram til 2004/2005, og at Røysing skole
+i Steinkjer skal ha vært svært fornøyd med Skolelinux men at kommunen
+overkjørte skolen og krevde at de gikk over til Windows. Et søk på
+nettet sendte meg til
+<a href="http://www.dn.no/multimedia/archive/00090/Dagens_it_nr__18_90826a.pdf">Dagens
+IT nr. 18 2005</a> hvor en kan lese på side 18:</p>
+
+<blockquote><p>Inge Tømmerås ved Røysing skole i Steinkjer kjører ennå
+Microsoft, men forteller at kompetanseutfordringen med Skolelinux ikke
+var så stor. Jeg syntes Skolelinux var utrolig lett å drifte uten
+forkunnskaper. Men man må jo selvsagt ha tilgang på ekstern kompetanse
+til installasjoner og maskinvarefeil, sier Tømmerås.</p></blockquote>
+
+<p>Som systemarkitekten bak Skolelinux, kan jeg bare riste på hodet
+over påstanden om at Skolelinux krever desentraliserte tjenere.
+Skolelinux-arkitekturen er laget for sentralisert drift og plassering
+av tjenerne lokalt eller sentralt alt etter behov og nettkapasitet.
+Den er modellert på nettverks- og tjenerløsningen som brukes på
+Universitetet i Tromsø og Oslo, der jeg jobber med utvikling av
+driftstjenester. Dette er det heldigvis noen som har fått med seg, og
+jeg er glad for å kunne sitere fra en kommentar på den overnevnte
+artikkelen. Min venn og gamle kollega Sturle Sunde forteller der:
+
+<blockquote>
+<p>I Flora kommune køyrer vi Skulelinux på skular med alt frå 15 til
+meir enn 500 elevar. Dei store skulane har eigen tenar, for det er
+mest praktisk. Eg, som er driftsansvarleg for heile nettet, ser
+sjeldan dei tenarane fysisk, men at dei står der gjer skulane mindre
+avhengige av eksterne linjer som er trege eller dyre. Dei minste
+skulane har ikkje eigen tenar. Å bruke sentral tenar er heller ikkje
+noko problem. Småskulane klarar seg fint med 1 mbit-linje til ein
+sentral tenar eller tenaren på ein større skule.</p>
+
+<p>Det beste med Skulelinux er halvtjukke klientar. Dei treng ikkje
+harddisk og brukar minimalt med ressursar på tenaren fordi dei køyrer
+programma lokalt. Eit klasserom med 30 sju-åtte år gamle maskiner har
+mykje meir CPU og RAM totalt enn nokon moderne tenar til under
+millionen. Det trengst to kommandoar på den sentrale tenaren for å
+oppdatere alle klientane, både tynne og halvtjukke. Vi har ingen
+problem med diskar som ryk heller, som var eit problem før fordi
+elevane sat og sparka i maskinene. Og dei krev lite bandbreidde i
+nettet, so det er fullt mogleg å køyre slike på småskular med trege
+linjer mot tenaren på ein større skule.</p>
+
+<p>Flora kommune har nesten 800 Linux-maskiner i sitt skulenett, og
+ein person som tek seg av drift av heile nettet, inkludert tenarar,
+klientar, operativsystem, programvare, heimekontorløysing og
+administrasjon av brukarar.</p>
+
+<p>No skal det seiast at vi ikkje køyrer rein Skulelinux ut av
+boksen. Vi har gjort ein del tilpassingar mot noko Novell-greier som
+var der frå før, og som har komplisert installasjonen vår. Etter at
+oppsettet var gjort har løysinga vore stabil og kravd minimalt med
+arbeid.</p>
+</blockquote>
+
+<p>Jeg vet at Narvik, Harstad og Oslo er kommuner der Skolelinux
+sentraldriftes med sentrale tjenere. Det forteller meg at Steinkjers
+IT-sjef neppe bør skylde på Skolelinux-løsningen for sine 5 år gamle
+minner.</p>
</description>
</item>
<item>
- <title>Sitesummary tip: Listing MAC address of all clients</title>
- <link>http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html</guid>
- <pubDate>Fri, 14 May 2010 21:10:00 +0200</pubDate>
+ <title>Upstart or sysvinit - as init.d scripts see it</title>
+ <link>http://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html</guid>
+ <pubDate>Sun, 6 Jun 2010 23:55:00 +0200</pubDate>
<description>
-<p>In the recent Debian Edu versions, the
-<a href="http://wiki.debian.org/DebianEdu/HowTo/SiteSummary">sitesummary
-system</a> is used to keep track of the machines in the school
-network. Each machine will automatically report its status to the
-central server after boot and once per night. The network setup is
-also reported, and using this information it is possible to get the
-MAC address of all network interfaces in the machines. This is useful
-to update the DHCP configuration.</p>
-
-<p>To give some idea how to use sitesummary, here is a one-liner to
-ist all MAC addresses of all machines reporting to sitesummary. Run
-this on the collector host:</p>
+<p>If Debian is to migrate to upstart on Linux, I expect some init.d
+scripts to migrate (some of) their operations to upstart job while
+keeping the init.d for hurd and kfreebsd. The packages with such
+needs will need a way to get their init.d scripts to behave
+differently when used with sysvinit and with upstart. Because of
+this, I had a look at the environment variables set when a init.d
+script is running under upstart, and when it is not.</p>
+
+<p>With upstart, I notice these environment variables are set when a
+script is started from rcS.d/ (ignoring some irrelevant ones like
+COLUMNS):</p>
<blockquote><pre>
-perl -MSiteSummary -e 'for_all_hosts(sub { print join(" ", get_macaddresses(shift)), "\n"; });'
+DEFAULT_RUNLEVEL=2
+previous=N
+PREVLEVEL=
+RUNLEVEL=
+runlevel=S
+UPSTART_EVENTS=startup
+UPSTART_INSTANCE=
+UPSTART_JOB=rc-sysinit
</pre></blockquote>
-<p>This will list all MAC addresses assosiated with all machine, one
-line per machine and with space between the MAC addresses.</p>
+<p>With sysvinit, these environment variables are set for the same
+script.</p>
-<p>To allow system administrators easier job at adding static DHCP
-addresses for hosts, it would be possible to extend this to fetch
-machine information from sitesummary and update the DHCP and DNS
-tables in LDAP using this information. Such tool is unfortunately not
-written yet.</p>
+<blockquote><pre>
+INIT_VERSION=sysvinit-2.88
+previous=N
+PREVLEVEL=N
+RUNLEVEL=S
+runlevel=S
+</pre></blockquote>
+
+<p>The RUNLEVEL and PREVLEVEL environment variables passed on from
+sysvinit are not set by upstart. Not sure if it is intentional or not
+to not be compatible with sysvinit in this regard.</p>
+
+<p>For scripts needing to behave differently when upstart is used,
+looking for the UPSTART_JOB environment variable seem to be a good
+choice.</p>
</description>
</item>
<item>
- <title>systemd, an interesting alternative to upstart</title>
- <link>http://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html</guid>
- <pubDate>Thu, 13 May 2010 22:20:00 +0200</pubDate>
+ <title>A manual for standards wars...</title>
+ <link>http://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html</guid>
+ <pubDate>Sun, 6 Jun 2010 14:15:00 +0200</pubDate>
<description>
-<p>The last few days a new boot system called
-<a href="http://www.freedesktop.org/wiki/Software/systemd">systemd</a>
-has been
-<a href="http://0pointer.de/blog/projects/systemd.html">introduced</a>
-
-to the free software world. I have not yet had time to play around
-with it, but it seem to be a very interesting alternative to
-<a href="http://upstart.ubuntu.com/">upstart</a>, and might prove to be
-a good alternative for Debian when we are able to switch to an event
-based boot system. Tollef is
-<a href="http://bugs.debian.org/580814">in the process</a> of getting
-systemd into Debian, and I look forward to seeing how well it work. I
-like the fact that systemd handles init.d scripts with dependency
-information natively, allowing them to run in parallel where upstart
-at the moment do not.</p>
-
-<p>Unfortunately do systemd have the same problem as upstart regarding
-platform support. It only work on recent Linux kernels, and also need
-some new kernel features enabled to function properly. This means
-kFreeBSD and Hurd ports of Debian will need a port or a different boot
-system. Not sure how that will be handled if systemd proves to be the
-way forward.</p>
-
-<p>In the mean time, based on the
-<a href="http://lists.debian.org/debian-devel/2010/05/msg00122.html">input
-on debian-devel@</a> regarding parallel booting in Debian, I have
-decided to enable full parallel booting as the default in Debian as
-soon as possible (probably this weekend or early next week), to see if
-there are any remaining serious bugs in the init.d dependencies. A
-new version of the sysvinit package implementing this change is
-already in experimental. If all go well, Squeeze will be released
-with parallel booting enabled by default.</p>
+<p>Via the
+<a href="http://feedproxy.google.com/~r/robweir/antic-atom/~3/QzU4RgoAGMg/weekly-links-10.html">blog
+of Rob Weir</a> I came across the very interesting essay named
+<a href="http://faculty.haas.berkeley.edu/shapiro/wars.pdf">The Art of
+Standards Wars</a> (PDF 25 pages). I recommend it for everyone
+following the standards wars of today.</p>
</description>
</item>
<item>
- <title>Parallellizing the boot in Debian Squeeze - ready for wider testing</title>
- <link>http://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html</guid>
- <pubDate>Thu, 6 May 2010 23:25:00 +0200</pubDate>
+ <title>Sitesummary tip: Listing computer hardware models used at site</title>
+ <link>http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html</guid>
+ <pubDate>Thu, 3 Jun 2010 12:05:00 +0200</pubDate>
<description>
-<p>These days, the init.d script dependencies in Squeeze are quite
-complete, so complete that it is actually possible to run all the
-init.d scripts in parallell based on these dependencies. If you want
-to test your Squeeze system, make sure
-<a href="http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot">dependency
-based boot sequencing</a> is enabled, and add this line to
-/etc/default/rcS:</p>
+<p>When using sitesummary at a site to track machines, it is possible
+to get a list of the machine types in use thanks to the DMI
+information extracted from each machine. The script to do so is
+included in the sitesummary package, and here is example output from
+the Skolelinux build servers:</p>
<blockquote><pre>
-CONCURRENCY=makefile
+maintainer:~# /usr/lib/sitesummary/hardware-model-summary
+ vendor count
+ Dell Computer Corporation 1
+ PowerEdge 1750 1
+ IBM 1
+ eserver xSeries 345 -[8670M1X]- 1
+ Intel 2
+ [no-dmi-info] 3
+maintainer:~#
</pre></blockquote>
-<p>That is it. It will cause sysv-rc to use the startpar tool to run
-scripts in parallel using the dependency information stored in
-/etc/init.d/.depend.boot, /etc/init.d/.depend.start and
-/etc/init.d/.depend.stop to order the scripts. Startpar is configured
-to try to start the kdm and gdm scripts as early as possible, and will
-start the facilities required by kdm or gdm as early as possible to
-make this happen.</p>
-
-<p>Give it a try, and see if you like the result. If some services
-fail to start properly, it is most likely because they have incomplete
-init.d script dependencies in their startup script (or some of their
-dependent scripts have incomplete dependencies). Report bugs and get
-the package maintainers to fix it. :)</p>
-
-<p>Running scripts in parallel could be the default in Debian when we
-manage to get the init.d script dependencies complete and correct. I
-expect we will get there in Squeeze+1, if we get manage to test and
-fix the remaining issues.</p>
-
-<p>If you report any problems with dependencies in init.d scripts to
-the BTS, please usertag the report to get it to show up at
-<a href="http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org">the
-list of usertagged bugs related to this</a>.</p>
+<p>The quality of the report depend on the quality of the DMI tables
+provided in each machine. Here there are Intel machines without model
+information listed with Intel as vendor and mo model, and virtual Xen
+machines listed as [no-dmi-info]. One can add -l as a command line
+option to list the individual machines.</p>
+
+<p>A larger list is
+<a href="http://narvikskolen.no/sitesummary/">available from the the
+city of Narvik</a>, which uses Skolelinux on all their shools and also
+provide the basic sitesummary report publicly. In their report there
+are ~1400 machines. I know they use both Ubuntu and Skolelinux on
+their machines, and as sitesummary is available in both distributions,
+it is trivial to get all of them to report to the same central
+collector.</p>
</description>
</item>
<item>
- <title>Forcing new users to change their password on first login</title>
- <link>http://people.skolelinux.org/pere/blog/Forcing_new_users_to_change_their_password_on_first_login.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Forcing_new_users_to_change_their_password_on_first_login.html</guid>
- <pubDate>Sun, 2 May 2010 13:47:00 +0200</pubDate>
+ <title>Togsatsing på norsk, mot sykkel</title>
+ <link>http://people.skolelinux.org/pere/blog/Togsatsing_p___norsk__mot_sykkel.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Togsatsing_p___norsk__mot_sykkel.html</guid>
+ <pubDate>Wed, 2 Jun 2010 23:45:00 +0200</pubDate>
<description>
-<p>One interesting feature in Active Directory, is the ability to
-create a new user with an expired password, and thus force the user to
-change the password on the first login attempt.</p>
-
-<p>I'm not quite sure how to do that with the LDAP setup in Debian
-Edu, but did some initial testing with a local account. The account
-and password aging information is available in /etc/shadow, but
-unfortunately, it is not possible to specify an expiration time for
-passwords, only a maximum age for passwords.</p>
-
-<p>A freshly created account (using adduser test) will have these
-settings in /etc/shadow:</p>
-
-<blockquote><pre>
-root@tjener:~# chage -l test
-Last password change : May 02, 2010
-Password expires : never
-Password inactive : never
-Account expires : never
-Minimum number of days between password change : 0
-Maximum number of days between password change : 99999
-Number of days of warning before password expires : 7
-root@tjener:~#
-</pre></blockquote>
+<p>Det står dårlig til med toget når en finner på å la det
+<a href="http://www.aftenposten.no/nyheter/iriks/article3677060.ece">kappkjøre
+med sykkel</a>... Jeg tror det trengs strukturendringer for å få
+fikset på togproblemene i Norge.</p>
-<p>The only way I could come up with to create a user with an expired
-account, is to change the date of the last password change to the
-lowest value possible (January 1th 1970), and the maximum password age
-to the difference in days between that date and today. To make it
-simple, I went for 30 years (30 * 365 = 10950) and January 2th (to
-avoid testing if 0 is a valid value).</p>
-
-<p>After using these commands to set it up, it seem to work as
-intended:</p>
-
-<blockquote><pre>
-root@tjener:~# chage -d 1 test; chage -M 10950 test
-root@tjener:~# chage -l test
-Last password change : Jan 02, 1970
-Password expires : never
-Password inactive : never
-Account expires : never
-Minimum number of days between password change : 0
-Maximum number of days between password change : 10950
-Number of days of warning before password expires : 7
-root@tjener:~#
-</pre></blockquote>
-
-<p>So far I have tested this with ssh and console, and kdm (in
-Squeeze) login, and all ask for a new password before login in the
-user (with ssh, I was thrown out and had to log in again).</p>
-
-<p>Perhaps we should set up something similar for Debian Edu, to make
-sure only the user itself have the account password?</p>
-
-<p>If you want to comment on or help out with implementing this for
-Debian Edu, please contact us on debian-edu@lists.debian.org.</p>
-
-<p>Update 2010-05-02 17:20: Paul Tötterman tells me on IRC that the
-shadow(8) page in Debian/testing now state that setting the date of
-last password change to zero (0) will force the password to be changed
-on the first login. This was not mentioned in the manual in Lenny, so
-I did not notice this in my initial testing. I have tested it on
-Squeeze, and '<tt>chage -d 0 username</tt>' do work there. I have not
-tested it on Lenny yet.</p>
-
-<p>Update 2010-05-02-19:05: Jim Paris tells me via email that an
-equivalent command to expire a password is '<tt>passwd -e
-username</tt>', which insert zero into the date of the last password
-change.</p>
-</description>
- </item>
-
- <item>
- <title>Thoughts on roaming laptop setup for Debian Edu</title>
- <link>http://people.skolelinux.org/pere/blog/Thoughts_on_roaming_laptop_setup_for_Debian_Edu.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Thoughts_on_roaming_laptop_setup_for_Debian_Edu.html</guid>
- <pubDate>Wed, 28 Apr 2010 20:40:00 +0200</pubDate>
- <description>
-<p>For some years now, I have wondered how we should handle laptops in
-Debian Edu. The Debian Edu infrastructure is mostly designed to
-handle stationary computers, and less suited for computers that come
-and go.</p>
-
-<p>Now I finally believe I have an sensible idea on how to adjust
-Debian Edu for laptops, by introducing a new profile for them, for
-example called Roaming Workstations. Here are my thought on this.
-The setup would consist of the following:</p>
-
-<ul>
-
- <li>During installation, the user name of the owner / primary user of
- the laptop is requested and a local home directory is set up for
- the user, with uid and gid information fetched from the LDAP
- server. This allow the user to work also when offline. The
- central home directory can be available in a subdirectory on
- request, for example mounted via CIFS. It could be mounted
- automatically when a user log in while on the Debian Edu network,
- and unmounted when the machine is taken away (network down,
- hibernate, etc), it can be set up to do automatic mounting on
- request (using autofs), or perhaps some GUI button on the desktop
- can be used to access it when needed. Perhaps it is enough to use
- the fish protocol in KDE?</li>
-
- <li>Password checking is set up to use LDAP or Kerberos
- authentication when the machine is on the Debian Edu network, and
- to cache the password for offline checking when the machine unable
- to reach the LDAP or Kerberos server. This can be done using
- <a href="http://www.padl.com/OSS/pam_ccreds.html">libpam-ccreds</a>
- or the Fedora developed
- <a href="https://fedoraproject.org/wiki/Features/SSSD">System
- Security Services Daemon</a> packages.</li>
-
- <li>File synchronisation with the central home directory is set up
- using a shared directory in both the local and the central home
- directory, using unison.</li>
-
- <li>Printing should be set up to print to all printers broadcasting
- their existence on the local network, and should then work out of
- the box with CUPS. For sites needing accurate printer quotas, some
- system with Kerberos authentication or printing via ssh could be
- implemented.</li>
-
- <li>For users that should have local root access to their laptop,
- sudo should be used to allow this to the local user.</li>
-
- <li>It would be nice if user and group information from LDAP is
- cached on the client, but given that there are entries for the
- local user and primary group in /etc/, it should not be needed.</li>
-
-</ul>
-
-<p>I believe all the pieces to implement this are in Debian/testing at
-the moment. If we work quickly, we should be able to get this ready
-in time for the Squeeze release to freeze. Some of the pieces need
-tweaking, like libpam-ccreds should get support for pam-auth-update
-(<a href="http://bugs.debian.org/566718">#566718</a>) and nslcd (or
-perhaps debian-edu-config) should get some integration code to stop
-its daemon when the LDAP server is unavailable to avoid long timeouts
-when disconnected from the net. If we get Kerberos enabled, we need
-to make sure we avoid long timeouts there too.</p>
-
-<p>If you want to help out with implementing this for Debian Edu,
-please contact us on debian-edu@lists.debian.org.</p>
+<p>Mon tro hva toglinje mellom Narvik og Tromsø ville hatt slags
+effekt på området der?</p>
</description>
</item>
projects / homepage.git / blobdiff