X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/a5a0cfbbd7e03bed72e71ec7a3dce33f7f836571..89c527ec6b7ffb3549922017fdc362d27cdecf05:/blog/index.html diff --git a/blog/index.html b/blog/index.html index accf9b665f..8cd4102548 100644 --- a/blog/index.html +++ b/blog/index.html @@ -20,901 +20,1172 @@
-
Caching password, user and group on a roaming Debian laptop
-
2010-07-01 11:40
+
DND hedrer overvåkning av barn med Rosingsprisen
+
2010-11-23 14:15
-

For a laptop, centralized user directories and password checking is -a bit troubling. Laptops are typically used also when not connected -to the network, and it is vital for a user to be able to log in or -unlock the screen saver also when a central server is unavailable. -This is possible by caching passwords and directory information (user -and group attributes) locally, and the packages to do so are available -in Debian. Here follow two recipes to set this up in Debian/Squeeze. -It is also possible to set up in Debian/Lenny, but require more manual -setup there because pam-auth-update is missing in Lenny.

- -

LDAP/Kerberos + nscd + libpam-ccreds + libpam-mklocaluser/pam_mkhomedir

- -This is the traditional method with a twist. The password caching is -provided by libpam-ccreds (version 10-4 or later is needed on -Squeeze), and the directory caching is done by nscd. The directory -lookup and password checking is done using LDAP. If one want to use -Kerberos for password checking the libpam-ldapd package can be -replaced with libpam-krb5 or libpam-heimdal. If one is happy having a -local home directory with the path listed in LDAP, one can use the -pam_mkhomedir module from pam-modules to make this happen instead of -using libpam-mklocaluser. A setup for pam-auth-update to enable -pam_mkhomedir will have to be written until a fix for -bug #568577 is in the -archive. Because I believe it is a bad idea to have local home -directories using misleading paths like /site/server/partition/, I -prefer to create a local user with the home directory in /home/. This -is done using the libpam-mklocaluser package.

- -

These packages need to be installed and configured

- -
-libnss-ldapd libpam-ldapd nscd libpam-ccreds libpam-mklocaluser
-
- -

The ldapd packages will ask for LDAP connection information, and -one have to fill in the values that fits ones own site. Make sure the -PAM part uses encrypted connections, to make sure the password is not -sent in clear text to the LDAP server. I've been unable to get TLS -certificate checking for a self signed certificate working, which make -LDAP authentication unsafe for Debian Edu (nslcd is not checking if it -is talking to the correct LDAP server), and very much welcome feedback -on how to get this working.

- -

Because nscd do not have a default configuration fit for offline -caching until bug #485282 -is fixed, this configuration should be used instead of the one -currently in /etc/nscd.conf. The changes are in the fields -reload-count and positive-time-to-live, and is based on the -instructions I found in the -LDAP for Mobile Laptops -instructions by Flyn Computing.

- -
-	debug-level		0
-	reload-count		unlimited
-	paranoia		no
-
-	enable-cache		passwd		yes
-	positive-time-to-live	passwd		2592000
-	negative-time-to-live	passwd		20
-	suggested-size		passwd		211
-	check-files		passwd		yes
-	persistent		passwd		yes
-	shared			passwd		yes
-	max-db-size		passwd		33554432
-	auto-propagate		passwd		yes
-
-	enable-cache		group		yes
-	positive-time-to-live	group		2592000
-	negative-time-to-live	group		20
-	suggested-size		group		211
-	check-files		group		yes
-	persistent		group		yes
-	shared			group		yes
-	max-db-size		group		33554432
-	auto-propagate		group		yes
-
-	enable-cache		hosts		no
-	positive-time-to-live	hosts		2592000
-	negative-time-to-live	hosts		20
-	suggested-size		hosts		211
-	check-files		hosts		yes
-	persistent		hosts		yes
-	shared			hosts		yes
-	max-db-size		hosts		33554432
-
-	enable-cache		services	yes
-	positive-time-to-live	services	2592000
-	negative-time-to-live	services	20
-	suggested-size		services	211
-	check-files		services	yes
-	persistent		services	yes
-	shared			services	yes
-	max-db-size		services	33554432
-
- -

While we wait for a mechanism to update /etc/nsswitch.conf -automatically like the one provided in -bug #496915, the file -content need to be manually replaced to ensure LDAP is used as the -directory service on the machine. /etc/nsswitch.conf should normally -look like this:

- -
-passwd:         files ldap
-group:          files ldap
-shadow:         files ldap
-hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
-networks:       files
-protocols:      files
-services:       files
-ethers:         files
-rpc:            files
-netgroup:       files ldap
-
- -

The important parts are that ldap is listed last for passwd, group, -shadow and netgroup.

- -

With these changes in place, any user in LDAP will be able to log -in locally on the machine using for example kdm, get a local home -directory created and have the password as well as user and group -attributes cached. - -

LDAP/Kerberos + nss-updatedb + libpam-ccreds + - libpam-mklocaluser/pam_mkhomedir

- -

Because nscd have had its share of problems, and seem to have -problems doing proper caching, I've seen suggestions and recipes to -use nss-updatedb to copy parts of the LDAP database locally when the -LDAP database is available. I have not tested such setup, because I -discovered sssd.

- -

LDAP/Kerberos + sssd + libpam-mklocaluser

- -

A more flexible and robust setup than the nscd combination -mentioned earlier that has shown up recently, is the -sssd package from Redhat. -It is part of the FreeIPA project -to provide a Active Directory like directory service for Linux -machines. The sssd system combines the caching of passwords and user -information into one package, and remove the need for nscd and -libpam-ccreds. It support LDAP and Kerberos, but not NIS. Version -1.2 do not support netgroups, but it is said that it will support this -in version 1.5 expected to show up later in 2010. Because the -sssd package -was missing in Debian, I ended up co-maintaining it with Werner, and -version 1.2 is now in testing. - -

These packages need to be installed and configured to get the -roaming setup I want

- -
-libpam-sss libnss-sss libpam-mklocaluser
-
- -The complete setup of sssd is done by editing/creating -/etc/sssd/sssd.conf. - -
-[sssd]
-config_file_version = 2
-reconnection_retries = 3
-sbus_timeout = 30
-services = nss, pam
-domains = INTERN
-
-[nss]
-filter_groups = root
-filter_users = root
-reconnection_retries = 3
-
-[pam]
-reconnection_retries = 3
-
-[domain/INTERN]
-enumerate = false
-cache_credentials = true
-
-id_provider = ldap
-auth_provider = ldap
-chpass_provider = ldap
-
-ldap_uri = ldap://ldap
-ldap_search_base = dc=skole,dc=skolelinux,dc=no
-ldap_tls_reqcert = never
-ldap_tls_cacert = /etc/ssl/certs/ca-certificates.crt
-
- -

I got the same problem here with certificate checking. Had to set -"ldap_tls_reqcert = never" to get it working.

- -

With the libnss-sss package in testing at the moment, the -nsswitch.conf file is update automatically, so there is no need to -modify it manually.

- -

If you want to help out with implementing this for Debian Edu, -please contact us on debian-edu@lists.debian.org.

+

Jeg registrerer med vond smak i munnen at Den Norske Dataforening +hedrer +overvåkning av barn med Rosingsprisen for kreativitet i år. Jeg +er glad jeg nå er meldt ut av DND.

+ +

Å elektronisk overvåke sine barn er ikke å gjøre dem en tjeneste, +men et overgrep mot individer i utvikling som bør læres opp til å ta +egne valg.

+ +

For å sitere Datatilsynets nye leder, Bjørn Erik Thon, i +et intervju +med Computerworld Norge:

+ +

+- For alle som har barn, meg selv inkludert, er førstetanken at det +hadde vært fint å vite hvor barnet sitt er til enhver tid. Men ungene +har ikke godt av det. De er små individer som skal søke rundt og finne +sine små gjemmesteder og utvide horisonten, uten at foreldrene ser dem +i kortene. Det kan være fristende, men jeg ville ikke gått inn i +dette. +

+ +

Det er skremmende å se at DND mener en tjeneste som legger opp til +slike overgrep bør hedres. Å flytte oppveksten for barn inn i en +virtuell +Panopticon er et +grovt overgrep og vil gjøre skade på barnenes utvikling, og foreldre +burde tenke seg godt om før de gir etter for sine instinkter her.

+ +

Blipper-tjenesten får meg til å tenke på bøkene til +John Twelve +Hawks, som forbilledlig beskriver hvordan et totalitært +overvåkningssamfunn bygges sakte men sikkert rundt oss, satt sammen av +gode intensjoner og manglende bevissthet om hvilke prinsipper et +liberalt demokrati er fundamentert på. Jeg har hatt stor glede av å +lese alle de tre bøkene.

- Tags: debian edu, english, ldap, nuug. + Tags: norsk, personvern, sikkerhet.
-
LUMA, a very nice LDAP GUI
-
2010-06-28 00:30
+
Lenny->Squeeze upgrades of the Gnome and KDE desktop, now with apt-get autoremove
+
2010-11-22 14:15
-

The last few days I have been looking into the status of the LDAP -directory in Debian Edu, and in the process I started to miss a GUI -tool to browse the LDAP tree. The only one I was able to find in -Debian/Squeeze and Lenny is -LUMA, which has proved to -be a great tool to get a overview of the current LDAP directory -populated by default in Skolelinux. Thanks to it, I have been able to -find empty and obsolete subtrees, misplaced objects and duplicate -objects. It will be installed by default in Debian/Squeeze. If you -are working with LDAP, give it a go. :)

- -

I did notice one problem with it I have not had time to report to -the BTS yet. There is no .desktop file in the package, so the tool do -not show up in the Gnome and KDE menus, but only deep down in in the -Debian submenu in KDE. I hope that can be fixed before Squeeze is -released.

- -

I have not yet been able to get it to modify the tree yet. I would -like to move objects and remove subtrees directly in the GUI, but have -not found a way to do that with LUMA yet. So in the mean time, I use -ldapvi for that.

- -

If you have tips on other GUI tools for LDAP that might be useful -in Debian Edu, please contact us on debian-edu@lists.debian.org.

- -

Update 2010-06-29: Ross Reedstrom tipped us about the -gq package as a -useful GUI alternative. It seem like a good tool, but is unmaintained -in Debian and got a RC bug keeping it out of Squeeze. Unless that -changes, it will not be an option for Debian Edu based on Squeeze.

+

Michael Biebl suggested to me on IRC, that I changed my automated +upgrade testing of the +Lenny +Gnome and KDE Desktop to do apt-get autoremove when using apt-get. +This seem like a very good idea, so I adjusted by test scripts and +can now present the updated result from today:

+ +

This is for Gnome:

+ +

Installed using apt-get, missing with aptitude

+ +

+ apache2.2-bin + aptdaemon + baobab + binfmt-support + browser-plugin-gnash + cheese-common + cli-common + cups-pk-helper + dmz-cursor-theme + empathy + empathy-common + freedesktop-sound-theme + freeglut3 + gconf-defaults-service + gdm-themes + gedit-plugins + geoclue + geoclue-hostip + geoclue-localnet + geoclue-manual + geoclue-yahoo + gnash + gnash-common + gnome + gnome-backgrounds + gnome-cards-data + gnome-codec-install + gnome-core + gnome-desktop-environment + gnome-disk-utility + gnome-screenshot + gnome-search-tool + gnome-session-canberra + gnome-system-log + gnome-themes-extras + gnome-themes-more + gnome-user-share + gstreamer0.10-fluendo-mp3 + gstreamer0.10-tools + gtk2-engines + gtk2-engines-pixbuf + gtk2-engines-smooth + hamster-applet + libapache2-mod-dnssd + libapr1 + libaprutil1 + libaprutil1-dbd-sqlite3 + libaprutil1-ldap + libart2.0-cil + libboost-date-time1.42.0 + libboost-python1.42.0 + libboost-thread1.42.0 + libchamplain-0.4-0 + libchamplain-gtk-0.4-0 + libcheese-gtk18 + libclutter-gtk-0.10-0 + libcryptui0 + libdiscid0 + libelf1 + libepc-1.0-2 + libepc-common + libepc-ui-1.0-2 + libfreerdp-plugins-standard + libfreerdp0 + libgconf2.0-cil + libgdata-common + libgdata7 + libgdu-gtk0 + libgee2 + libgeoclue0 + libgexiv2-0 + libgif4 + libglade2.0-cil + libglib2.0-cil + libgmime2.4-cil + libgnome-vfs2.0-cil + libgnome2.24-cil + libgnomepanel2.24-cil + libgpod-common + libgpod4 + libgtk2.0-cil + libgtkglext1 + libgtksourceview2.0-common + libmono-addins-gui0.2-cil + libmono-addins0.2-cil + libmono-cairo2.0-cil + libmono-corlib2.0-cil + libmono-i18n-west2.0-cil + libmono-posix2.0-cil + libmono-security2.0-cil + libmono-sharpzip2.84-cil + libmono-system2.0-cil + libmtp8 + libmusicbrainz3-6 + libndesk-dbus-glib1.0-cil + libndesk-dbus1.0-cil + libopal3.6.8 + libpolkit-gtk-1-0 + libpt2.6.7 + libpython2.6 + librpm1 + librpmio1 + libsdl1.2debian + libsrtp0 + libssh-4 + libtelepathy-farsight0 + libtelepathy-glib0 + libtidy-0.99-0 + media-player-info + mesa-utils + mono-2.0-gac + mono-gac + mono-runtime + nautilus-sendto + nautilus-sendto-empathy + p7zip-full + pkg-config + python-aptdaemon + python-aptdaemon-gtk + python-axiom + python-beautifulsoup + python-bugbuddy + python-clientform + python-coherence + python-configobj + python-crypto + python-cupshelpers + python-elementtree + python-epsilon + python-evolution + python-feedparser + python-gdata + python-gdbm + python-gst0.10 + python-gtkglext1 + python-gtksourceview2 + python-httplib2 + python-louie + python-mako + python-markupsafe + python-mechanize + python-nevow + python-notify + python-opengl + python-openssl + python-pam + python-pkg-resources + python-pyasn1 + python-pysqlite2 + python-rdflib + python-serial + python-tagpy + python-twisted-bin + python-twisted-conch + python-twisted-core + python-twisted-web + python-utidylib + python-webkit + python-xdg + python-zope.interface + remmina + remmina-plugin-data + remmina-plugin-rdp + remmina-plugin-vnc + rhythmbox-plugin-cdrecorder + rhythmbox-plugins + rpm-common + rpm2cpio + seahorse-plugins + shotwell + software-center + system-config-printer-udev + telepathy-gabble + telepathy-mission-control-5 + telepathy-salut + tomboy + totem + totem-coherence + totem-mozilla + totem-plugins + transmission-common + xdg-user-dirs + xdg-user-dirs-gtk + xserver-xephyr +

+ +

Installed using apt-get, removed with aptitude

+ +

+ cheese + ekiga + eog + epiphany-extensions + evolution-exchange + fast-user-switch-applet + file-roller + gcalctool + gconf-editor + gdm + gedit + gedit-common + gnome-games + gnome-games-data + gnome-nettool + gnome-system-tools + gnome-themes + gnuchess + gucharmap + guile-1.8-libs + libavahi-ui0 + libdmx1 + libgalago3 + libgtk-vnc-1.0-0 + libgtksourceview2.0-0 + liblircclient0 + libsdl1.2debian-alsa + libspeexdsp1 + libsvga1 + rhythmbox + seahorse + sound-juicer + system-config-printer + totem-common + transmission-gtk + vinagre + vino +

+ +

Installed using aptitude, missing with apt-get

+ +

+ gstreamer0.10-gnomevfs +

+ +

Installed using aptitude, removed with apt-get

+ +

+[nothing] +

+ +

This is for KDE:

+ +

Installed using apt-get, missing with aptitude

+ +

+ ksmserver +

+ +

Installed using apt-get, removed with aptitude

+ +

+ kwin + network-manager-kde +

+ +

Installed using aptitude, missing with apt-get

+ +

+ arts + dolphin + freespacenotifier + google-gadgets-gst + google-gadgets-xul + kappfinder + kcalc + kcharselect + kde-core + kde-plasma-desktop + kde-standard + kde-window-manager + kdeartwork + kdeartwork-emoticons + kdeartwork-style + kdeartwork-theme-icon + kdebase + kdebase-apps + kdebase-workspace + kdebase-workspace-bin + kdebase-workspace-data + kdeeject + kdelibs + kdeplasma-addons + kdeutils + kdewallpapers + kdf + kfloppy + kgpg + khelpcenter4 + kinfocenter + konq-plugins-l10n + konqueror-nsplugins + kscreensaver + kscreensaver-xsavers + ktimer + kwrite + libgle3 + libkde4-ruby1.8 + libkonq5 + libkonq5-templates + libnetpbm10 + libplasma-ruby + libplasma-ruby1.8 + libqt4-ruby1.8 + marble-data + marble-plugins + netpbm + nuvola-icon-theme + plasma-dataengines-workspace + plasma-desktop + plasma-desktopthemes-artwork + plasma-runners-addons + plasma-scriptengine-googlegadgets + plasma-scriptengine-python + plasma-scriptengine-qedje + plasma-scriptengine-ruby + plasma-scriptengine-webkit + plasma-scriptengines + plasma-wallpapers-addons + plasma-widget-folderview + plasma-widget-networkmanagement + ruby + sweeper + update-notifier-kde + xscreensaver-data-extra + xscreensaver-gl + xscreensaver-gl-extra + xscreensaver-screensaver-bsod +

+ +

Installed using aptitude, removed with apt-get

+ +

+ ark + google-gadgets-common + google-gadgets-qt + htdig + kate + kdebase-bin + kdebase-data + kdepasswd + kfind + klipper + konq-plugins + konqueror + ksysguard + ksysguardd + libarchive1 + libcln6 + libeet1 + libeina-svn-06 + libggadget-1.0-0b + libggadget-qt-1.0-0b + libgps19 + libkdecorations4 + libkephal4 + libkonq4 + libkonqsidebarplugin4a + libkscreensaver5 + libksgrd4 + libksignalplotter4 + libkunitconversion4 + libkwineffects1a + libmarblewidget4 + libntrack-qt4-1 + libntrack0 + libplasma-geolocation-interface4 + libplasmaclock4a + libplasmagenericshell4 + libprocesscore4a + libprocessui4a + libqalculate5 + libqedje0a + libqtruby4shared2 + libqzion0a + libruby1.8 + libscim8c2a + libsmokekdecore4-3 + libsmokekdeui4-3 + libsmokekfile3 + libsmokekhtml3 + libsmokekio3 + libsmokeknewstuff2-3 + libsmokeknewstuff3-3 + libsmokekparts3 + libsmokektexteditor3 + libsmokekutils3 + libsmokenepomuk3 + libsmokephonon3 + libsmokeplasma3 + libsmokeqtcore4-3 + libsmokeqtdbus4-3 + libsmokeqtgui4-3 + libsmokeqtnetwork4-3 + libsmokeqtopengl4-3 + libsmokeqtscript4-3 + libsmokeqtsql4-3 + libsmokeqtsvg4-3 + libsmokeqttest4-3 + libsmokeqtuitools4-3 + libsmokeqtwebkit4-3 + libsmokeqtxml4-3 + libsmokesolid3 + libsmokesoprano3 + libtaskmanager4a + libtidy-0.99-0 + libweather-ion4a + libxklavier16 + libxxf86misc1 + okteta + oxygencursors + plasma-dataengines-addons + plasma-scriptengine-superkaramba + plasma-widget-lancelot + plasma-widgets-addons + plasma-widgets-workspace + polkit-kde-1 + ruby1.8 + systemsettings + update-notifier-common +

+ +

Running apt-get autoremove made the results using apt-get and +aptitude a bit more similar, but there are still quite a lott of +differences. I have no idea what packages should be installed after +the upgrade, but hope those that do can have a look.

- Tags: debian, debian edu, english, ldap, nuug. + Tags: debian, debian edu, english.
-
Idea for a change to LDAP schemas allowing DNS and DHCP info to be combined into one object
-
2010-06-24 00:35
+
Migrating Xen virtual machines using LVM to KVM using disk images
+
2010-11-22 11:20
-

A while back, I -complained -about the fact that it is not possible with the provided schemas -for storing DNS and DHCP information in LDAP to combine the two sets -of information into one LDAP object representing a computer.

- -

In the mean time, I discovered that a simple fix would be to make -the dhcpHost object class auxiliary, to allow it to be combined with -the dNSDomain object class, and thus forming one object for one -computer when storing both DHCP and DNS information in LDAP.

- -

If I understand this correctly, it is not safe to do this change -without also changing the assigned number for the object class, and I -do not know enough about LDAP schema design to do that properly for -Debian Edu.

- -

Anyway, for future reference, this is how I believe we could change -the -DHCP -schema to solve at least part of the problem with the LDAP schemas -available today from IETF.

+

Most of the computers in use by the +Debian Edu/Skolelinux project +are virtual machines. And they have been Xen machines running on a +fairly old IBM eserver xseries 345 machine, and we wanted to migrate +them to KVM on a newer Dell PowerEdge 2950 host machine. This was a +bit harder that it could have been, because we set up the Xen virtual +machines to get the virtual partitions from LVM, which as far as I +know is not supported by KVM. So to migrate, we had to convert +several LVM logical volumes to partitions on a virtual disk file.

+ +

I found +a +nice recipe to do this, and wrote the following script to do the +migration. It uses qemu-img from the qemu package to make the disk +image, parted to partition it, losetup and kpartx to present the disk +image partions as devices, and dd to copy the data. I NFS mounted the +new servers storage area on the old server to do the migration.

---- dhcp.schema    (revision 65192)
-+++ dhcp.schema    (working copy)
-@@ -376,7 +376,7 @@
- objectclass ( 2.16.840.1.113719.1.203.6.6
-        NAME 'dhcpHost'
-        DESC 'This represents information about a particular client'
--       SUP top
-+       SUP top AUXILIARY
-        MUST cn
-        MAY  (dhcpLeaseDN $ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption)
-        X-NDS_CONTAINMENT ('dhcpService' 'dhcpSubnet' 'dhcpGroup') )
+#!/bin/sh
+
+# Based on
+# http://searchnetworking.techtarget.com.au/articles/35011-Six-steps-for-migrating-Xen-virtual-machines-to-KVM
+
+set -e
+set -x
+
+if [ -z "$1" ] ; then
+    echo "Usage: $0 <hostname>"
+    exit 1
+else
+    host="$1"
+fi
+
+if [ ! -e /dev/vg_data/$host-disk ] ; then
+    echo "error: unable to find LVM volume for $host"
+    exit 1
+fi
+
+# Partitions need to be a bit bigger than the LVM LVs.  not sure why.
+disksize=$( lvs --units m | grep $host-disk | awk '{sum = sum + $4} END { print int(sum * 1.05) }')
+swapsize=$( lvs --units m | grep $host-swap | awk '{sum = sum + $4} END { print int(sum * 1.05) }')
+totalsize=$(( ( $disksize + $swapsize ) ))
+
+img=$host.img
+#dd if=/dev/zero of=$img bs=1M count=$(( $disksize + $swapsize ))
+qemu-img create $img ${totalsize}MMaking room on the Debian Edu/Sqeeze DVD
+
+parted $img mklabel msdos
+parted $img mkpart primary linux-swap 0 $disksize
+parted $img mkpart primary ext2 $disksize $totalsize
+parted $img set 1 boot on
+
+modprobe dm-mod
+losetup /dev/loop0 $img
+kpartx -a /dev/loop0
+
+dd if=/dev/vg_data/$host-disk of=/dev/mapper/loop0p1 bs=1M
+fsck.ext3 -f /dev/mapper/loop0p1 || true
+mkswap /dev/mapper/loop0p2
+
+kpartx -d /dev/loop0
+losetup -d /dev/loop0
-

I very much welcome clues on how to do this properly for Debian -Edu/Squeeze. We provide the DHCP schema in our debian-edu-config -package, and should thus be free to rewrite it as we see fit.

+

The script is perhaps so simple that it is not copyrightable, but +if it is, it is licenced using GPL v2 or later at your discretion.

-

If you want to help out with implementing this for Debian Edu, -please contact us on debian-edu@lists.debian.org.

+

After doing this, I booted a Debian CD in rescue mode in KVM with +the new disk image attached, installed grub-pc and linux-image-686 and +set up grub to boot from the disk image. After this, the KVM machines +seem to work just fine.

- Tags: debian, debian edu, english, ldap, nuug. + Tags: debian, debian edu, english.
-
Calling tasksel like the installer, while still getting useful output
-
2010-06-16 14:55
+
Lenny->Squeeze upgrades, apt vs aptitude with the Gnome and KDE desktop
+
2010-11-20 22:50
-

A few times I have had the need to simulate the way tasksel -installs packages during the normal debian-installer run. Until now, -I have ended up letting tasksel do the work, with the annoying problem -of not getting any feedback at all when something fails (like a -conffile question from dpkg or a download that fails), using code like -this: - -

-export DEBIAN_FRONTEND=noninteractive
-tasksel --new-install
-
- -This would invoke tasksel, let its automatic task selection pick the -tasks to install, and continue to install the requested tasks without -any output what so ever. - -Recently I revisited this problem while working on the automatic -package upgrade testing, because tasksel would some times hang without -any useful feedback, and I want to see what is going on when it -happen. Then it occured to me, I can parse the output from tasksel -when asked to run in test mode, and use that aptitude command line -printed by tasksel then to simulate the tasksel run. I ended up using -code like this: - -
-export DEBIAN_FRONTEND=noninteractive
-cmd="$(in_target tasksel -t --new-install | sed 's/debconf-apt-progress -- //')"
-$cmd
-
- -

The content of $cmd is typically something like "aptitude -q ---without-recommends -o APT::Install-Recommends=no -y install -~t^desktop$ ~t^gnome-desktop$ ~t^laptop$ ~pstandard ~prequired -~pimportant", which will install the gnome desktop task, the -laptop task and all packages with priority standard , required and -important, just like tasksel would have done it during -installation.

- -

A better approach is probably to extend tasksel to be able to -install packages without using debconf-apt-progress, for use cases -like this.

+

I'm still running upgrade testing of the +Lenny +Gnome and KDE Desktop, but have not had time to spend on reporting the +status. Here is a short update based on a test I ran 20101118.

+ +

I still do not know what a correct migration should look like, so I +report any differences between apt and aptitude and hope someone else +can see if anything should be changed.

+ +

This is for Gnome:

+ +

Installed using apt-get, missing with aptitude

+ +

+ apache2.2-bin aptdaemon at-spi baobab binfmt-support + browser-plugin-gnash cheese-common cli-common cpp-4.3 cups-pk-helper + dmz-cursor-theme empathy empathy-common finger + freedesktop-sound-theme freeglut3 gconf-defaults-service gdm-themes + gedit-plugins geoclue geoclue-hostip geoclue-localnet geoclue-manual + geoclue-yahoo gnash gnash-common gnome gnome-backgrounds + gnome-cards-data gnome-codec-install gnome-core + gnome-desktop-environment gnome-disk-utility gnome-screenshot + gnome-search-tool gnome-session-canberra gnome-spell + gnome-system-log gnome-themes-extras gnome-themes-more + gnome-user-share gs-common gstreamer0.10-fluendo-mp3 + gstreamer0.10-tools gtk2-engines gtk2-engines-pixbuf + gtk2-engines-smooth hal-info hamster-applet libapache2-mod-dnssd + libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap + libart2.0-cil libatspi1.0-0 libboost-date-time1.42.0 + libboost-python1.42.0 libboost-thread1.42.0 libchamplain-0.4-0 + libchamplain-gtk-0.4-0 libcheese-gtk18 libclutter-gtk-0.10-0 + libcryptui0 libcupsys2 libdiscid0 libeel2-data libelf1 libepc-1.0-2 + libepc-common libepc-ui-1.0-2 libfreerdp-plugins-standard + libfreerdp0 libgail-common libgconf2.0-cil libgdata-common libgdata7 + libgdl-1-common libgdu-gtk0 libgee2 libgeoclue0 libgexiv2-0 libgif4 + libglade2.0-cil libglib2.0-cil libgmime2.4-cil libgnome-vfs2.0-cil + libgnome2.24-cil libgnomepanel2.24-cil libgnomeprint2.2-data + libgnomeprintui2.2-common libgnomevfs2-bin libgpod-common libgpod4 + libgtk2.0-cil libgtkglext1 libgtksourceview-common + libgtksourceview2.0-common libmono-addins-gui0.2-cil + libmono-addins0.2-cil libmono-cairo2.0-cil libmono-corlib2.0-cil + libmono-i18n-west2.0-cil libmono-posix2.0-cil + libmono-security2.0-cil libmono-sharpzip2.84-cil + libmono-system2.0-cil libmtp8 libmusicbrainz3-6 + libndesk-dbus-glib1.0-cil libndesk-dbus1.0-cil libopal3.6.8 + libpolkit-gtk-1-0 libpt-1.10.10-plugins-alsa + libpt-1.10.10-plugins-v4l libpt2.6.7 libpython2.6 librpm1 librpmio1 + libsdl1.2debian libservlet2.4-java libsrtp0 libssh-4 + libtelepathy-farsight0 libtelepathy-glib0 libtidy-0.99-0 + libxalan2-java libxerces2-java media-player-info mesa-utils + mono-2.0-gac mono-gac mono-runtime nautilus-sendto + nautilus-sendto-empathy openoffice.org-writer2latex + openssl-blacklist p7zip p7zip-full pkg-config python-4suite-xml + python-aptdaemon python-aptdaemon-gtk python-axiom + python-beautifulsoup python-bugbuddy python-clientform + python-coherence python-configobj python-crypto python-cupshelpers + python-cupsutils python-eggtrayicon python-elementtree + python-epsilon python-evolution python-feedparser python-gdata + python-gdbm python-gst0.10 python-gtkglext1 python-gtkmozembed + python-gtksourceview2 python-httplib2 python-louie python-mako + python-markupsafe python-mechanize python-nevow python-notify + python-opengl python-openssl python-pam python-pkg-resources + python-pyasn1 python-pysqlite2 python-rdflib python-serial + python-tagpy python-twisted-bin python-twisted-conch + python-twisted-core python-twisted-web python-utidylib python-webkit + python-xdg python-zope.interface remmina remmina-plugin-data + remmina-plugin-rdp remmina-plugin-vnc rhythmbox-plugin-cdrecorder + rhythmbox-plugins rpm-common rpm2cpio seahorse-plugins shotwell + software-center svgalibg1 system-config-printer-udev + telepathy-gabble telepathy-mission-control-5 telepathy-salut tomboy + totem totem-coherence totem-mozilla totem-plugins + transmission-common xdg-user-dirs xdg-user-dirs-gtk xserver-xephyr + zip +

+ +Installed using apt-get, removed with aptitude + +

+ arj bluez-utils cheese dhcdbd djvulibre-desktop ekiga eog + epiphany-extensions epiphany-gecko evolution-exchange + fast-user-switch-applet file-roller gcalctool gconf-editor gdm gedit + gedit-common gnome-app-install gnome-games gnome-games-data + gnome-nettool gnome-system-tools gnome-themes gnome-utils + gnome-vfs-obexftp gnome-volume-manager gnuchess gucharmap + guile-1.8-libs hal libavahi-compat-libdnssd1 libavahi-core5 + libavahi-ui0 libbind9-50 libbluetooth2 libcamel1.2-11 libcdio7 + libcucul0 libcurl3 libdirectfb-1.0-0 libdmx1 libdvdread3 + libedata-cal1.2-6 libedataserver1.2-9 libeel2-2.20 libepc-1.0-1 + libepc-ui-1.0-1 libexchange-storage1.2-3 libfaad0 libgadu3 + libgalago3 libgd2-noxpm libgda3-3 libgda3-common libggz2 libggzcore9 + libggzmod4 libgksu1.2-0 libgksuui1.0-1 libgmyth0 libgnome-desktop-2 + libgnome-pilot2 libgnomecups1.0-1 libgnomeprint2.2-0 + libgnomeprintui2.2-0 libgpod3 libgraphviz4 libgtk-vnc-1.0-0 + libgtkhtml2-0 libgtksourceview1.0-0 libgtksourceview2.0-0 + libgucharmap6 libhesiod0 libicu38 libisccc50 libisccfg50 libiw29 + libjaxp1.3-java-gcj libkpathsea4 liblircclient0 libltdl3 liblwres50 + libmagick++10 libmagick10 libmalaga7 libmozjs1d libmpfr1ldbl libmtp7 + libmysqlclient15off libnautilus-burn4 libneon27 libnm-glib0 + libnm-util0 libopal-2.2 libosp5 libparted1.8-10 libpisock9 + libpisync1 libpoppler-glib3 libpoppler3 libpt-1.10.10 libraw1394-8 + libsdl1.2debian-alsa libsensors3 libsexy2 libsmbios2 libsoup2.2-8 + libspeexdsp1 libssh2-1 libsuitesparse-3.1.0 libsvga1 + libswfdec-0.6-90 libtalloc1 libtotem-plparser10 libtrackerclient0 + libvoikko1 libxalan2-java-gcj libxerces2-java-gcj libxklavier12 + libxtrap6 libxxf86misc1 libzephyr3 mysql-common rhythmbox seahorse + sound-juicer swfdec-gnome system-config-printer totem-common + totem-gstreamer transmission-gtk vinagre vino w3c-dtd-xhtml wodim +

+ +

Installed using aptitude, missing with apt-get

+ +

+ gstreamer0.10-gnomevfs +

+ +

Installed using aptitude, removed with apt-get

+ +

+[nothing] +

+ +

This is for KDE:

+ +

Installed using apt-get, missing with aptitude

+ +

+ autopoint bomber bovo cantor cantor-backend-kalgebra cpp-4.3 dcoprss + edict espeak espeak-data eyesapplet fifteenapplet finger gettext + ghostscript-x git gnome-audio gnugo granatier gs-common + gstreamer0.10-pulseaudio indi kaddressbook-plugins kalgebra + kalzium-data kanjidic kapman kate-plugins kblocks kbreakout kbstate + kde-icons-mono kdeaccessibility kdeaddons-kfile-plugins + kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window + kdeedu kdeedu-data kdeedu-kvtml-data kdegames kdegames-card-data + kdegames-mahjongg-data kdegraphics-kfile-plugins kdelirc + kdemultimedia-kfile-plugins kdenetwork-kfile-plugins + kdepim-kfile-plugins kdepim-kio-plugins kdessh kdetoys kdewebdev + kdiamond kdnssd kfilereplace kfourinline kgeography-data kigo + killbots kiriki klettres-data kmoon kmrml knewsticker-scripts + kollision kpf krosspython ksirk ksmserver ksquares kstars-data + ksudoku kubrick kweather libasound2-plugins libboost-python1.42.0 + libcfitsio3 libconvert-binhex-perl libcrypt-ssleay-perl libdb4.6++ + libdjvulibre-text libdotconf1.0 liberror-perl libespeak1 + libfinance-quote-perl libgail-common libgsl0ldbl libhtml-parser-perl + libhtml-tableextract-perl libhtml-tagset-perl libhtml-tree-perl + libio-stringy-perl libkdeedu4 libkdegames5 libkiten4 libkpathsea5 + libkrossui4 libmailtools-perl libmime-tools-perl + libnews-nntpclient-perl libopenbabel3 libportaudio2 libpulse-browse0 + libservlet2.4-java libspeechd2 libtiff-tools libtimedate-perl + libunistring0 liburi-perl libwww-perl libxalan2-java libxerces2-java + lirc luatex marble networkstatus noatun-plugins + openoffice.org-writer2latex palapeli palapeli-data parley + parley-data poster psutils pulseaudio pulseaudio-esound-compat + pulseaudio-module-x11 pulseaudio-utils quanta-data rocs rsync + speech-dispatcher step svgalibg1 texlive-binaries texlive-luatex + ttf-sazanami-gothic +

+ +

Installed using apt-get, removed with aptitude

+ +

+ amor artsbuilder atlantik atlantikdesigner blinken bluez-utils cvs + dhcdbd djvulibre-desktop imlib-base imlib11 kalzium kanagram kandy + kasteroids katomic kbackgammon kbattleship kblackbox kbounce kbruch + kcron kdat kdemultimedia-kappfinder-data kdeprint kdict kdvi kedit + keduca kenolaba kfax kfaxview kfouleggs kgeography kghostview + kgoldrunner khangman khexedit kiconedit kig kimagemapeditor + kitchensync kiten kjumpingcube klatin klettres klickety klines + klinkstatus kmag kmahjongg kmailcvt kmenuedit kmid kmilo kmines + kmousetool kmouth kmplot knetwalk kodo kolf kommander konquest kooka + kpager kpat kpdf kpercentage kpilot kpoker kpovmodeler krec + kregexpeditor kreversi ksame ksayit kshisen ksig ksim ksirc ksirtet + ksmiletris ksnake ksokoban kspaceduel kstars ksvg ksysv kteatime + ktip ktnef ktouch ktron kttsd ktuberling kturtle ktux kuickshow + kverbos kview kviewshell kvoctrain kwifimanager kwin kwin4 kwordquiz + kworldclock kxsldbg libakode2 libarts1-akode libarts1-audiofile + libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1 + libavahi-core5 libavc1394-0 libbind9-50 libbluetooth2 + libboost-python1.34.1 libcucul0 libcurl3 libcvsservice0 + libdirectfb-1.0-0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0 + libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-0 libicu38 + libiec61883-0 libindex0 libisccc50 libisccfg50 libiw29 + libjaxp1.3-java-gcj libk3b3 libkcal2b libkcddb1 libkdeedu3 + libkdegames1 libkdepim1a libkgantt0 libkleopatra1 libkmime2 + libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1 + libksieve0 libktnef1 liblockdev1 libltdl3 liblwres50 libmagick10 + libmimelib1c2a libmodplug0c2 libmozjs1d libmpcdec3 libmpfr1ldbl + libneon27 libnm-util0 libopensync0 libpisock9 libpoppler-glib3 + libpoppler-qt2 libpoppler3 libraw1394-8 librss1 libsensors3 + libsmbios2 libssh2-1 libsuitesparse-3.1.0 libswfdec-0.6-90 + libtalloc1 libxalan2-java-gcj libxerces2-java-gcj libxtrap6 lskat + mpeglib network-manager-kde noatun pmount tex-common texlive-base + texlive-common texlive-doc-base texlive-fonts-recommended tidy + ttf-dustin ttf-kochi-gothic ttf-sjfonts +

+ +

Installed using aptitude, missing with apt-get

+ +

+ dolphin kde-core kde-plasma-desktop kde-standard kde-window-manager + kdeartwork kdebase kdebase-apps kdebase-workspace + kdebase-workspace-bin kdebase-workspace-data kdeutils kscreensaver + kscreensaver-xsavers libgle3 libkonq5 libkonq5-templates libnetpbm10 + netpbm plasma-widget-folderview plasma-widget-networkmanagement + xscreensaver-data-extra xscreensaver-gl xscreensaver-gl-extra + xscreensaver-screensaver-bsod +

+ +

Installed using aptitude, removed with apt-get

+ +

+ kdebase-bin konq-plugins konqueror +

- Tags: debian, english, nuug. + Tags: debian, debian edu, english.
-
Vinmonopolet bryter loven åpenlyst - og flere planlegger å gjøre det samme
-
2010-06-16 11:00
+
Gnash buildbot slave and Debian kfreebsd
+
2010-11-20 07:20
-

Dagbladet -melder at Vinmonopolet med bakgrunn i vekterstreiken som pågår i -Norge for tiden, har bestemt seg for med vitende og vilje å bryte -sentralbanklovens paragraf 14 ved å nekte folk å betale med -kontanter, og at flere butikker planlegger å følge deres eksempel. -Jeg synes det er hårreisende hvis de slipper unna med et slikt -soleklart lovbrudd, og lurer på hva slags muligheter jeg vil ha hvis -jeg blir nektet å handle med kontanter. Jeg handler i hovedsak med -kontanter selv, da jeg anser det som en borgerrett å kunne handle -anonymt uten at det blir registrert. For meg er det et angrep på mitt -personvern å nekte å ta imot kontant betaling.

- -

Paragrafen -i sentralbankloven lyder:

- -
-

§ 14. Tvungent betalingsmiddel

- -

Bankens sedler og mynter er tvungent betalingsmiddel i Norge. Ingen -er pliktig til i én betaling å ta imot mer enn femogtyve mynter av -hver enhet.

- -

Sterkt skadde sedler og mynter er ikke tvungent -betalingsmiddel. Banken gir nærmere forskrifter om erstatning for -bortkomne, brente eller skadde sedler og mynter.

- -

Selv om en avtale inneholder klausul om betaling av en -pengeforpliktelse i gullverdi, kan skyldneren frigjøre seg med tvungne -betalingsmidler uten hensyn til denne klausul.

-
- -

Det er med bakgrunn i denne lovet ikke tillatt å nekte å ta imot -kontakt betaling. Det er en lov jeg har sans for, og som jeg mener må -håndheves strengt.

+

Answering +the +call from the Gnash project for +buildbot slaves to test the +current source, I have set up a virtual KVM machine on the Debian +Edu/Skolelinux virtualization host to test the git source on +Debian/Squeeze. I hope this can help the developers in getting new +releases out more often.

+ +

As the developers want less main-stream build platforms tested to, +I have considered setting up a Debian/kfreebsd +machine as well. I have also considered using the kfreebsd +architecture in Debian as a file server in NUUG to get access to the 5 +TB zfs volume we currently use to store DV video. Because of this, I +finally got around to do a test installation of Debian/Squeeze with +kfreebsd. Installation went fairly smooth, thought I noticed some +visual glitches in the cdebconf dialogs (black cursor left on the +screen at random locations). Have not gotten very far with the +testing. Noticed cfdisk did not work, but fdisk did so it was not a +fatal problem. Have to spend some more time on it to see if it is +useful as a file server for NUUG. Will try to find time to set up a +gnash buildbot slave on the Debian Edu/Skolelinux this weekend.

- Tags: norsk, personvern. + Tags: debian, debian edu, english, nuug.
-
Officeshots taking shape
-
2010-06-13 11:40
+
Nå er 74 norske overvåkningskamera registert i OpenStreetmap.org
+
2010-11-18 11:25
-

For those of us caring about document exchange and -interoperability, OfficeShots -is a great service. It is to ODF documents what -BrowserShots is for web -pages.

- -

A while back, I was contacted by Knut Yrvin at the part of Nokia -that used to be Trolltech, who wanted to help the OfficeShots project -and wondered if the University of Oslo where I work would be -interested in supporting the project. I helped him to navigate his -request to the right people at work, and his request was answered with -a spot in the machine room with power and network connected, and Knut -arranged funding for a machine to fill the spot. The machine is -administrated by the OfficeShots people, so I do not have daily -contact with its progress, and thus from time to time check back to -see how the project is doing.

- -

Today I had a look, and was happy to see that the Dell box in our -machine room now is the host for several virtual machines running as -OfficeShots factories, and the project is able to render ODF documents -in 17 different document processing implementation on Linux and -Windows. This is great.

+

Jeg oppdaterte nettopp kartet med overvåkningskamera som +jeg +startet for ca. et og et halvt år siden, og nå er det 74 kamera på +plass. I prosessen med å oppdatere kartet oppdaget jeg ved en +tilfeldighet at webreferansen til registermeldingen hos Datatilsynet +nå ikke lenger er gyldig (se +tidligere +melding). Antar Datatilsynet fjerner utdaterte meldinger fra +databasen. Konsekvensen blir at kameraoversikten i OSM må ha med +søkekriteriene som ble brukt for å finne registermeldingen +(dvs. virksomhetsnavn og organisasjonsnummer), slik at eventuelt nye +meldinger for samme kamera kan finnes igjen.

+ +

Det er dukket opp kamera på +kartet +i Bergensområdet, Stavangerområdet, Osloområdet, Gjøvikområdet og i +Troms. Mange områder og kamera mangler, og jeg er overbevist om at +bare en brøkdel av den enorme mengden kamera som nå finnes i det +offentlige rom er registrert så langt. Instrukser for å legge inn +kamera finnes på websiden for kartet hos +personvernforeningen.

- Tags: english, standard. + Tags: norsk, personvern.
-
Lenny->Squeeze upgrades, removals by apt and aptitude
-
2010-06-13 09:05
+
Gjendikte sangen "Copying Is Not Theft" på Norsk?
+
2010-11-10 14:40
-

My -testing -of Debian upgrades from Lenny to Squeeze continues, and I've -finally made the upgrade logs available from -http://people.skolelinux.org/pere/debian-upgrade-testing/. -I am now testing dist-upgrade of Gnome and KDE in a chroot using both -apt and aptitude, and found their differences interesting. This time -I will only focus on their removal plans.

- -

After installing a Gnome desktop and the laptop task, apt-get wants -to remove 72 packages when dist-upgrading from Lenny to Squeeze. The -surprising part is that it want to remove xorg and all -xserver-xorg-video* drivers. Clearly not a good choice, but I am not -sure why. When asking aptitude to do the same, it want to remove 129 -packages, but most of them are library packages I suspect are no -longer needed. Both of them want to remove bluetooth packages, which -I do not know. Perhaps these bluetooth packages are obsolete?

- -

For KDE, apt-get want to remove 82 packages, among them kdebase -which seem like a bad idea and xorg the same way as with Gnome. Asking -aptitude for the same, it wants to remove 192 packages, none which are -too surprising.

- -

I guess the removal of xorg during upgrades should be investigated -and avoided, and perhaps others as well. Here are the complete list -of planned removals. The complete logs is available from the URL -above. Note if you want to repeat these tests, that the upgrade test -for kde+apt-get hung in the tasksel setup because of dpkg asking -conffile questions. No idea why. I worked around it by using -'echo >> /proc/pidofdpkg/fd/0' to tell dpkg to -continue.

- -

apt-get gnome 72 -
bluez-gnome cupsddk-drivers deskbar-applet gnome - gnome-desktop-environment gnome-network-admin gtkhtml3.14 - iceweasel-gnome-support libavcodec51 libdatrie0 libgdl-1-0 - libgnomekbd2 libgnomekbdui2 libmetacity0 libslab0 libxcb-xlib0 - nautilus-cd-burner python-gnome2-desktop python-gnome2-extras - serpentine swfdec-mozilla update-manager xorg xserver-xorg - xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev - xserver-xorg-input-kbd xserver-xorg-input-mouse - xserver-xorg-input-synaptics xserver-xorg-input-wacom - xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark - xserver-xorg-video-ati xserver-xorg-video-chips - xserver-xorg-video-cirrus xserver-xorg-video-cyrix - xserver-xorg-video-dummy xserver-xorg-video-fbdev - xserver-xorg-video-glint xserver-xorg-video-i128 - xserver-xorg-video-i740 xserver-xorg-video-imstt - xserver-xorg-video-intel xserver-xorg-video-mach64 - xserver-xorg-video-mga xserver-xorg-video-neomagic - xserver-xorg-video-nsc xserver-xorg-video-nv - xserver-xorg-video-openchrome xserver-xorg-video-r128 - xserver-xorg-video-radeon xserver-xorg-video-radeonhd - xserver-xorg-video-rendition xserver-xorg-video-s3 - xserver-xorg-video-s3virge xserver-xorg-video-savage - xserver-xorg-video-siliconmotion xserver-xorg-video-sis - xserver-xorg-video-sisusb xserver-xorg-video-tdfx - xserver-xorg-video-tga xserver-xorg-video-trident - xserver-xorg-video-tseng xserver-xorg-video-v4l - xserver-xorg-video-vesa xserver-xorg-video-vga - xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-1.9 - xulrunner-1.9-gnome-support

- -

aptitude gnome 129 - -
bluez-gnome bluez-utils cpp-4.3 cupsddk-drivers dhcdbd - djvulibre-desktop finger gnome-app-install gnome-mount - gnome-network-admin gnome-spell gnome-vfs-obexftp - gnome-volume-manager gstreamer0.10-gnomevfs gtkhtml3.14 libao2 - libavahi-compat-libdnssd1 libavahi-core5 libavcodec51 libbluetooth2 - libcamel1.2-11 libcdio7 libcucul0 libcupsys2 libcurl3 libdatrie0 - libdirectfb-1.0-0 libdvdread3 libedataserver1.2-9 libeel2-2.20 - libeel2-data libepc-1.0-1 libepc-ui-1.0-1 libfaad0 libgail-common - libgd2-noxpm libgda3-3 libgda3-common libgdl-1-0 libgdl-1-common - libggz2 libggzcore9 libggzmod4 libgksu1.2-0 libgksuui1.0-1 libgmyth0 - libgnomecups1.0-1 libgnomekbd2 libgnomekbdui2 libgnomeprint2.2-0 - libgnomeprint2.2-data libgnomeprintui2.2-0 libgnomeprintui2.2-common - libgnomevfs2-bin libgpod3 libgraphviz4 libgtkhtml2-0 - libgtksourceview-common libgtksourceview1.0-0 libgucharmap6 - libhesiod0 libicu38 libiw29 libkpathsea4 libltdl3 libmagick++10 - libmagick10 libmalaga7 libmetacity0 libmtp7 libmysqlclient15off - libnautilus-burn4 libneon27 libnm-glib0 libnm-util0 libopal-2.2 - libosp5 libparted1.8-10 libpoppler-glib3 libpoppler3 libpt-1.10.10 - libpt-1.10.10-plugins-alsa libpt-1.10.10-plugins-v4l libraw1394-8 - libsensors3 libslab0 libsmbios2 libsoup2.2-8 libssh2-1 - libsuitesparse-3.1.0 libswfdec-0.6-90 libtalloc1 libtotem-plparser10 - libtrackerclient0 libxalan2-java libxalan2-java-gcj libxcb-xlib0 - libxerces2-java libxerces2-java-gcj libxklavier12 libxtrap6 - libxxf86misc1 libzephyr3 mysql-common nautilus-cd-burner - openoffice.org-writer2latex openssl-blacklist p7zip - python-4suite-xml python-eggtrayicon python-gnome2-desktop - python-gnome2-extras python-gtkhtml2 python-gtkmozembed - python-numeric python-sexy serpentine svgalibg1 swfdec-gnome - swfdec-mozilla totem-gstreamer update-manager wodim - xserver-xorg-video-cyrix xserver-xorg-video-imstt - xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga - zip

- -

apt-get kde 82 - -
cupsddk-drivers karm kaudiocreator kcoloredit kcontrol kde kde-core - kdeaddons kdeartwork kdebase kdebase-bin kdebase-bin-kde3 - kdebase-kio-plugins kdesktop kdeutils khelpcenter kicker - kicker-applets knewsticker kolourpaint konq-plugins konqueror korn - kpersonalizer kscreensaver ksplash libavcodec51 libdatrie0 libkiten1 - libxcb-xlib0 quanta superkaramba texlive-base-bin xorg xserver-xorg - xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev - xserver-xorg-input-kbd xserver-xorg-input-mouse - xserver-xorg-input-synaptics xserver-xorg-input-wacom - xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark - xserver-xorg-video-ati xserver-xorg-video-chips - xserver-xorg-video-cirrus xserver-xorg-video-cyrix - xserver-xorg-video-dummy xserver-xorg-video-fbdev - xserver-xorg-video-glint xserver-xorg-video-i128 - xserver-xorg-video-i740 xserver-xorg-video-imstt - xserver-xorg-video-intel xserver-xorg-video-mach64 - xserver-xorg-video-mga xserver-xorg-video-neomagic - xserver-xorg-video-nsc xserver-xorg-video-nv - xserver-xorg-video-openchrome xserver-xorg-video-r128 - xserver-xorg-video-radeon xserver-xorg-video-radeonhd - xserver-xorg-video-rendition xserver-xorg-video-s3 - xserver-xorg-video-s3virge xserver-xorg-video-savage - xserver-xorg-video-siliconmotion xserver-xorg-video-sis - xserver-xorg-video-sisusb xserver-xorg-video-tdfx - xserver-xorg-video-tga xserver-xorg-video-trident - xserver-xorg-video-tseng xserver-xorg-video-v4l - xserver-xorg-video-vesa xserver-xorg-video-vga - xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-1.9

- -

aptitude kde 192 -
bluez-utils cpp-4.3 cupsddk-drivers cvs dcoprss dhcdbd - djvulibre-desktop dosfstools eyesapplet fifteenapplet finger gettext - ghostscript-x imlib-base imlib11 indi kandy karm kasteroids - kaudiocreator kbackgammon kbstate kcoloredit kcontrol kcron kdat - kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window - kdebase-bin-kde3 kdebase-kio-plugins kdeedu-data - kdegraphics-kfile-plugins kdelirc kdemultimedia-kappfinder-data - kdemultimedia-kfile-plugins kdenetwork-kfile-plugins - kdepim-kfile-plugins kdepim-kio-plugins kdeprint kdesktop kdessh - kdict kdnssd kdvi kedit keduca kenolaba kfax kfaxview kfouleggs - kghostview khelpcenter khexedit kiconedit kitchensync klatin - klickety kmailcvt kmenuedit kmid kmilo kmoon kmrml kodo kolourpaint - kooka korn kpager kpdf kpercentage kpf kpilot kpoker kpovmodeler - krec kregexpeditor ksayit ksim ksirc ksirtet ksmiletris ksmserver - ksnake ksokoban ksplash ksvg ksysv ktip ktnef kuickshow kverbos - kview kviewshell kvoctrain kwifimanager kwin kwin4 kworldclock - kxsldbg libakode2 libao2 libarts1-akode libarts1-audiofile - libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1 - libavahi-core5 libavc1394-0 libavcodec51 libbluetooth2 - libboost-python1.34.1 libcucul0 libcurl3 libcvsservice0 libdatrie0 - libdirectfb-1.0-0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0 - libgail-common libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-0 - libicu38 libiec61883-0 libindex0 libiw29 libk3b3 libkcal2b libkcddb1 - libkdeedu3 libkdepim1a libkgantt0 libkiten1 libkleopatra1 libkmime2 - libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1 - libksieve0 libktnef1 liblockdev1 libltdl3 libmagick10 libmimelib1c2a - libmozjs1d libmpcdec3 libneon27 libnm-util0 libopensync0 libpisock9 - libpoppler-glib3 libpoppler-qt2 libpoppler3 libraw1394-8 libsmbios2 - libssh2-1 libsuitesparse-3.1.0 libtalloc1 libtiff-tools - libxalan2-java libxalan2-java-gcj libxcb-xlib0 libxerces2-java - libxerces2-java-gcj libxtrap6 mpeglib networkstatus - openoffice.org-writer2latex pmount poster psutils quanta quanta-data - superkaramba svgalibg1 tex-common texlive-base texlive-base-bin - texlive-common texlive-doc-base texlive-fonts-recommended - xserver-xorg-video-cyrix xserver-xorg-video-imstt - xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga - xulrunner-1.9

- +

En genial liten sang om kopiering og tyveri er +Copying Is +Not Theft av Nina Paley. Den vil jeg at +NUUG skal sende på +Frikanalen, men først må vi +fikse norske undertekster eller dubbing. Og i og med at det er en +sang, tror jeg den kanskje bør gjendiktes. + +Selve teksten finner en på bloggen til +tekstforfatteren og den ser slik ut: + +

+

Copying is not theft. +
Stealing a thing leaves one less left +
Copying it makes one thing more; +
that's what copying's for.

+ +

Copying is not theft. +
If I copy yours you have it too +
One for me and one for you +
That's what copies can do

+ +

If I steal your bicycle +
you have to take the bus, +
but if I just copy it +
there's one for each of us!

+ +

Making more of a thing, +
that is what we call "copying" +
Sharing ideas with everyone +
That's why copying +
is +
FUN!

+

+ +

Her er et naivt forsøk på oversettelse, uten noe forsøk på +gjendiktning eller få det til å flyte sammen med melodien.

+ +

+

Kopiering er ikke tyveri. +
Stjeler du en ting er det en mindre igjen +
Kopier den og det er ting til. +
det er derfor vi har kopiering.

+ +

Kopiering er ikke tyveri. +
Hvis jeg kopierer din så har du den fortsatt +
En for meg og en for deg. +
Det er det kopier gir oss

+ +

Hvis jeg stjeler sykkelen din +
så må du ta bussen, +
men hvis jeg bare kopierer den, +
så får vi hver vår!

+ +

Lage mer av en ting, +
det er det vi kaller "kopiering". +
Deler ideer med enhver +
Det er derfor kopiering +
er +
MORSOMT!

+

+ +

Hvis du har forslag til bedre oversettelse eller lyst til å bidra +til å få denne sangen over i norsk språkdrakt, ta kontakt med video +(at) nuug.no.

- Tags: debian, debian edu, english. + Tags: fildeling, norsk, nuug, opphavsrett, personvern.
-
Åpne trådløsnett er et samfunnsgode
-
2010-06-12 12:45
+
Debian in 3D
+
2010-11-09 16:10
-

Veldig glad for å oppdage via -Slashdot -at folk i Finland har forstått at åpne trådløsnett er et samfunnsgode. -Jeg ser på åpne trådløsnett som et fellesgode på linje med retten til -ferdsel i utmark og retten til å bevege seg i strandsonen. Jeg har -glede av åpne trådløsnett når jeg finner dem, og deler gladelig nett -med andre så lenge de ikke forstyrrer min bruk av eget nett. -Nettkapasiteten er sjelden en begrensning ved normal browsing og enkel -SSH-innlogging (som er min vanligste nettbruk), og nett kan brukes til -så mye positivt og nyttig (som nyhetslesing, sjekke været, kontakte -slekt og venner, holde seg oppdatert om politiske saker, kontakte -organisasjoner og politikere, etc), at det for meg er helt urimelig å -blokkere dette for alle som ikke gjør en flue fortred. De som mener -at potensialet for misbruk er grunn nok til å hindre all den positive -og lovlydige bruken av et åpent trådløsnett har jeg dermed ingen -forståelse for. En kan ikke eksistensen av forbrytere styre hvordan -samfunnet skal organiseres. Da får en et kontrollsamfunn de færreste -ønsker å leve i, og det at vi har et samfunn i Norge der tilliten til -hverandre er høy gjør at samfunnet fungerer ganske godt. Det bør vi -anstrenge oss for å beholde.

+

+ +

3D printing is just great. I just came across this Debian logo in +3D linked in from +the +thingiverse blog.

- Tags: fildeling, norsk, nuug, opphavsrett, personvern, sikkerhet. + Tags: 3d-printer, debian, english.
-
Automatic upgrade testing from Lenny to Squeeze
-
2010-06-11 22:50
+
Datatilsynet mangler verktøyet som trengs for å kontrollere kameraovervåkning
+
2010-11-09 14:35
-

The last few days I have done some upgrade testing in Debian, to -see if the upgrade from Lenny to Squeeze will go smoothly. A few bugs -have been discovered and reported in the process -(#585410 in nagios3-cgi, -#584879 already fixed in -enscript and #584861 in -kdebase-workspace-data), and to get a more regular testing going on, I -am working on a script to automate the test.

- -

The idea is to create a Lenny chroot and use tasksel to install a -Gnome or KDE desktop installation inside the chroot before upgrading -it. To ensure no services are started in the chroot, a policy-rc.d -script is inserted. To make sure tasksel believe it is to install a -desktop on a laptop, the tasksel tests are replaced in the chroot -(only acceptable because this is a throw-away chroot).

- -

A naive upgrade from Lenny to Squeeze using aptitude dist-upgrade -currently always fail because udev refuses to upgrade with the kernel -in Lenny, so to avoid that problem the file /etc/udev/kernel-upgrade -is created. The bug report -#566000 make me suspect -this problem do not trigger in a chroot, but I touch the file anyway -to make sure the upgrade go well. Testing on virtual and real -hardware have failed me because of udev so far, and creating this file -do the trick in such settings anyway. This is a -known -issue and the current udev behaviour is intended by the udev -maintainer because he lack the resources to rewrite udev to keep -working with old kernels or something like that. I really wish the -udev upstream would keep udev backwards compatible, to avoid such -upgrade problem, but given that they fail to do so, I guess -documenting the way out of this mess is the best option we got for -Debian Squeeze.

- -

Anyway, back to the task at hand, testing upgrades. This test -script, which I call upgrade-test for now, is doing the -trick:

- -
-#!/bin/sh
-set -ex
-
-if [ "$1" ] ; then
-    desktop=$1
-else
-    desktop=gnome
-fi
-
-from=lenny
-to=squeeze
-
-exec < /dev/null
-unset LANG
-mirror=http://ftp.skolelinux.org/debian
-tmpdir=chroot-$from-upgrade-$to-$desktop
-fuser -mv .
-debootstrap $from $tmpdir $mirror
-chroot $tmpdir aptitude update
-cat > $tmpdir/usr/sbin/policy-rc.d <<EOF
-#!/bin/sh
-exit 101
-EOF
-chmod a+rx $tmpdir/usr/sbin/policy-rc.d
-exit_cleanup() {
-    umount $tmpdir/proc
-}
-mount -t proc proc $tmpdir/proc
-# Make sure proc is unmounted also on failure
-trap exit_cleanup EXIT INT
-
-chroot $tmpdir aptitude -y install debconf-utils
-
-# Make sure tasksel autoselection trigger.  It need the test scripts
-# to return the correct answers.
-echo tasksel tasksel/desktop multiselect $desktop | \
-    chroot $tmpdir debconf-set-selections
-
-# Include the desktop and laptop task
-for test in desktop laptop ; do
-    echo > $tmpdir/usr/lib/tasksel/tests/$test <<EOF
-#!/bin/sh
-exit 2
-EOF
-    chmod a+rx $tmpdir/usr/lib/tasksel/tests/$test
-done
-
-DEBIAN_FRONTEND=noninteractive
-DEBIAN_PRIORITY=critical
-export DEBIAN_FRONTEND DEBIAN_PRIORITY
-chroot $tmpdir tasksel --new-install
-
-echo deb $mirror $to main > $tmpdir/etc/apt/sources.list
-chroot $tmpdir aptitude update
-touch $tmpdir/etc/udev/kernel-upgrade
-chroot $tmpdir aptitude -y dist-upgrade
-fuser -mv
-
- -

I suspect it would be useful to test upgrades with both apt-get and -with aptitude, but I have not had time to look at how they behave -differently so far. I hope to get a cron job running to do the test -regularly and post the result on the web. The Gnome upgrade currently -work, while the KDE upgrade fail because of the bug in -kdebase-workspace-data

- -

I am not quite sure what kind of extract from the huge upgrade logs -(KDE 167 KiB, Gnome 516 KiB) it make sense to include in this blog -post, so I will refrain from trying. I can report that for Gnome, -aptitude report 760 packages upgraded, 448 newly installed, 129 to -remove and 1 not upgraded and 1024MB need to be downloaded while for -KDE the same numbers are 702 packages upgraded, 507 newly installed, -193 to remove and 0 not upgraded and 1117MB need to be downloaded

- -

I am very happy to notice that the Gnome desktop + laptop upgrade -is able to migrate to dependency based boot sequencing and parallel -booting without a hitch. Was unsure if there were still bugs with -packages failing to clean up their obsolete init.d script during -upgrades, and no such problem seem to affect the Gnome desktop+laptop -packages.

+

En stund tilbake ble jeg oppmerksom på at Datatilsynets verktøy for +å holde rede på overvåkningskamera i Norge ikke var egnet til annet +enn å lage statistikk, og ikke kunne brukes for å kontrollere om et +overvåkningskamera i det offentlige rom er lovlig satt opp og +registrert. For å teste hypotesen sendte jeg for noen dager siden +følgende spørsmål til datatilsynet. Det omtalte kameraet står litt +merkelig plassert i veigrøften ved gangstien langs Sandakerveien, og +jeg lurer oppriktig på om det er lovlig plassert og registrert.

+ +

+

Date: Tue, 2 Nov 2010 16:08:20 +0100 +
From: Petter Reinholdtsen <pere (at) hungry.com> +
To: postkasse (at) datatilsynet.no +
Subject: Er overvåkningskameraet korrekt registrert?

+ +

Hei.

+ +

I Nydalen i Oslo er det mange overvåkningskamera, og et av dem er +spesielt merkelig plassert like over et kumlokk. Jeg lurer på om +dette kameraet er korrekt registrert og i henhold til lovverket.

+ +

Finner ingen eierinformasjon på kameraet, og dermed heller ingenting å +søke på i <URL: +http://hetti.datatilsynet.no/melding/report_search.pl >. +Kartreferanse for kameraet er tilgjengelig fra +<URL: +http://people.skolelinux.no/pere/surveillance-norway/?zoom=17&lat=59.94918&lon=10.76962&layers=B0T >. + +

Kan dere fortelle meg om dette kameraet er registrert hos +Datatilsynet som det skal være i henhold til lovverket?

+ +

Det hadde forresten vært fint om rådata fra kameraregisteret var +tilgjengelig på web og regelmessig oppdatert, for å kunne søke på +andre ting enn organisasjonsnavn og -nummer ved å laste det ned og +gjøre egne søk.

+ +

Vennlig hilsen, +
-- +
Petter Reinholdtsen +

+ +

Her er svaret som kom dagen etter:

+ +

+

Date: Wed, 3 Nov 2010 14:44:09 +0100 +
From: "juridisk" <juridisk (at) Datatilsynet.no> +
To: Petter Reinholdtsen +
Subject: VS: Er overvåkningskameraet korrekt registrert? + +

Viser til e-post av 2. november. + +

Datatilsynet er det forvaltningsorganet som skal kontrollere at +personopplysningsloven blir fulgt. Formålet med loven er å verne +enkeltpersoner mot krenking av personvernet gjennom behandling av +personopplysninger.

+ +

Juridisk veiledningstjeneste hos Datatilsynet gir råd og veiledning +omkring personopplysningslovens regler på generelt grunnlag.

+ +

Datatilsynet har dessverre ikke en fullstendig oversikt over alle +kameraer, den oversikten som finner er i vår meldingsdatabase som du +finner her: +http://www.datatilsynet.no/templates/article____211.aspx

+ +

Denne databasen gir en oversikt over virksomheter som har meldt inn +kameraovervåkning. Dersom man ikek vet hvilken virksomhet som er +ansvarlig, er det heller ikke mulig for Datatilsynet å søke dette +opp.

+ +

Webkameraer som har så dårlig oppløsning at man ikke kan gjenkjenne +enkeltpersoner er ikke meldepliktige, da dette ikke anses som +kameraovervåkning i personopplysningslovens forstand. Dersom kameraet +du sikter til er et slikt webkamera, vil det kanskje ikke finnes i +meldingsdatabasen på grunn av dette. Også dersom et kamera med god +oppløsning ikke filmer mennesker, faller det utenfor loven.

+ +

Datatilsynet har laget en veileder som gjennomgår når det er lov å +overvåke med kamera, se lenke: +http://www.datatilsynet.no/templates/article____401.aspx

+ +

Dersom det ikke er klart hvem som er ansvarlig for kameraet, er det +vanskelig for Datatilsynet å ta kontakt med den ansvarlige for å få +avklart om kameraet er satt opp i tråd med tilsynets regelverk. Dersom +du mener at kameraet ikke er lovlig ut fra informasjonen ovenfor, kan +kameraet anmeldes til politiet.

+ +

Med vennlig hilsen

+ +

Maria Bakke +
Juridisk veiledningstjeneste +
Datatilsynet

+

+ +

Personlig synes jeg det bør være krav om å registrere hvert eneste +overvåkningskamera i det offentlige rom hos Datatilsynet, med +kartreferanse og begrunnelse om hvorfor det er satt opp, slik at +enhver borger enkelt kan hente ut kart over områder vi er interessert +i og sjekke om det er overvåkningskamera der som er satt opp uten å +være registert. Slike registreringer skal jo i dag fornyes +regelmessing, noe jeg mistenker ikke blir gjort. Dermed kan kamera +som en gang var korrekt registrert nå være ulovlig satt opp. Det +burde også være bøter for å ha kamera som ikke er korrekt registrert, +slik at en ikke kan ignorere registrering uten at det får +konsekvenser.

+ +

En ide fra England som jeg har sans (lite annet jeg har sans for +når det gjelder overvåkningskamera i England) for er at enhver borger +kan be om å få kopi av det som er tatt opp med et overvåkningskamera i +det offentlige rom, noe som gjør at det kan komme løpende utgifter ved +å sette overvåkningskamera. Jeg tror alt som gjør det mindre +attraktivt å ha overvåkningskamera i det offentlige rom er en god +ting, så et slikt lovverk i Norge tror jeg hadde vært nyttig.

- Tags: bootsystem, debian, debian edu, english. + Tags: norsk, personvern, sikkerhet.
-
Skolelinux er laget for sentraldrifting, naturligvis
-
2010-06-09 12:30
+
Making room on the Debian Edu/Sqeeze DVD
+
2010-11-07 11:45
-

Det er merkelig hvordan myter om Skolelinux overlever. En slik -myte er at Skolelinux ikke kan sentraldriftes og ha sentralt plasserte -tjenermaskiner. I siste Computerworld Norge er -IT-sjef -Viggo Billdal i Steinkjer intervjuet, og forteller uten -blygsel:

- -

Vi hadde Skolelinux, men det har vi sluttet med. Vi testet -om det lønte seg med Microsoft eller en åpen plattform. Vi fant ut at -Microsoft egentlig var totalt sett bedre egnet. Det var store -driftskostnader med Skolelinux, blant annet på grunn av -desentraliserte servere. Det var komplisert, så vi gikk vekk fra det -og bruker nå bare Windows.

- -

En rask -sjekk mot den norske brukerlista i Skolelinuxprosjektet forteller -at Steinkjers forsøk foregikk fram til 2004/2005, og at Røysing skole -i Steinkjer skal ha vært svært fornøyd med Skolelinux men at kommunen -overkjørte skolen og krevde at de gikk over til Windows. Et søk på -nettet sendte meg til -Dagens -IT nr. 18 2005 hvor en kan lese på side 18:

- -

Inge Tømmerås ved Røysing skole i Steinkjer kjører ennå -Microsoft, men forteller at kompetanseutfordringen med Skolelinux ikke -var så stor. ­ Jeg syntes Skolelinux var utrolig lett å drifte uten -forkunnskaper. Men man må jo selvsagt ha tilgang på ekstern kompetanse -til installasjoner og maskinvarefeil, sier Tømmerås.

- -

Som systemarkitekten bak Skolelinux, kan jeg bare riste på hodet -over påstanden om at Skolelinux krever desentraliserte tjenere. -Skolelinux-arkitekturen er laget for sentralisert drift og plassering -av tjenerne lokalt eller sentralt alt etter behov og nettkapasitet. -Den er modellert på nettverks- og tjenerløsningen som brukes på -Universitetet i Tromsø og Oslo, der jeg jobber med utvikling av -driftstjenester. Dette er det heldigvis noen som har fått med seg, og -jeg er glad for å kunne sitere fra en kommentar på den overnevnte -artikkelen. Min venn og gamle kollega Sturle Sunde forteller der: - -

-

I Flora kommune køyrer vi Skulelinux på skular med alt frå 15 til -meir enn 500 elevar. Dei store skulane har eigen tenar, for det er -mest praktisk. Eg, som er driftsansvarleg for heile nettet, ser -sjeldan dei tenarane fysisk, men at dei står der gjer skulane mindre -avhengige av eksterne linjer som er trege eller dyre. Dei minste -skulane har ikkje eigen tenar. Å bruke sentral tenar er heller ikkje -noko problem. Småskulane klarar seg fint med 1 mbit-linje til ein -sentral tenar eller tenaren på ein større skule.

- -

Det beste med Skulelinux er halvtjukke klientar. Dei treng ikkje -harddisk og brukar minimalt med ressursar på tenaren fordi dei køyrer -programma lokalt. Eit klasserom med 30 sju-åtte år gamle maskiner har -mykje meir CPU og RAM totalt enn nokon moderne tenar til under -millionen. Det trengst to kommandoar på den sentrale tenaren for å -oppdatere alle klientane, både tynne og halvtjukke. Vi har ingen -problem med diskar som ryk heller, som var eit problem før fordi -elevane sat og sparka i maskinene. Og dei krev lite bandbreidde i -nettet, so det er fullt mogleg å køyre slike på småskular med trege -linjer mot tenaren på ein større skule.

- -

Flora kommune har nesten 800 Linux-maskiner i sitt skulenett, og -ein person som tek seg av drift av heile nettet, inkludert tenarar, -klientar, operativsystem, programvare, heimekontorløysing og -administrasjon av brukarar.

- -

No skal det seiast at vi ikkje køyrer rein Skulelinux ut av -boksen. Vi har gjort ein del tilpassingar mot noko Novell-greier som -var der frå før, og som har komplisert installasjonen vår. Etter at -oppsettet var gjort har løysinga vore stabil og kravd minimalt med -arbeid.

-
- -

Jeg vet at Narvik, Harstad og Oslo er kommuner der Skolelinux -sentraldriftes med sentrale tjenere. Det forteller meg at Steinkjers -IT-sjef neppe bør skylde på Skolelinux-løsningen for sine 5 år gamle -minner.

+

Prioritising packages for the Debian Edu / +Skolelinux DVD, which is +supposed provide a school with all the services and user applications +needed on the pupils computer network has always been hard. Even +schools without Internet connections should be able to get Debian Edu +working using this DVD.

+ +

The job became a lot harder when apt and aptitude started +installing recommended packages by default. We want the same set of +packages to be installed when using the DVD and the netinst CD, and +that means all recommended packages need to be on the DVD. I created +a patch for debian-cd in BTS +report #601203 to do this, and since this change was applied to +the Debian Edu DVD build, we have been seriously short on space.

+ +

A few days ago we decided to drop blender, wxmaxima and kicad from +the default installation to save space on the DVD, believing that +those needing these applications are few and can get them from the +Debian archive.

+ +

Yesterday, I had a look what source packages to see which packages +were using most space. A few large packages are well know; +openoffice.org, openclipart and fluid-soundfont. But I also +discovered that lilypond used 106 MiB and fglrx-driver used 53 MiB. +The lilypond package is pulled in as a dependency for rosegarden, and +when looking a bit closer I discovered that 99 MiB of the 106 MiB were +the documentation package, which is recommended by the binary package. +I decided to drop this documentation package from our DVD, as most of +our users will use the GUI front-ends and do not need the lilypond +documentation. Similarly, I dropped the non-free fglrx-driver package +which might be installed by d-i when its hardware is detected, as the +free X driver should work.

+ +

With this change, we finally got space for the LXDE and Gnome +desktop packages as well as the language specific packages making the +DVD more useful again.

- Tags: debian edu, norsk, nuug. + Tags: debian edu, english, nuug.
@@ -946,7 +1217,15 @@ minner.

  • June (14)
    • -
  • July (1)
    • +
  • July (12)
    • + +
  • August (13)
    • + +
  • September (7)
    • + +
  • October (9)
    • + +
  • November (11)
    • @@ -995,7 +1274,7 @@ minner.

    Tags

    -Created by Chronicle v3.7 +Created by Chronicle v3.2