1 <!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
5 <title>Petter Reinholdtsen: Entries Tagged debian
</title>
6 <link rel=
"stylesheet" type=
"text/css" media=
"screen" href=
"http://people.skolelinux.org/pere/blog/style.css">
7 <link rel=
"alternate" title=
"RSS Feed" href=
"debian.rss" type=
"application/rss+xml">
13 <a href=
"http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen
</a>
19 <p>Entries tagged "debian".
</p>
26 <a href=
"http://people.skolelinux.org/pere/blog/The_sorry_state_of_multimedia_browser_plugins_in_Debian.html">The sorry state of multimedia browser plugins in Debian
</a>
34 <p>Recently I have spent some time evaluating the multimedia browser
35 plugins available in Debian Lenny, to see which one we should use by
36 default in Debian Edu. We need an embedded video playing plugin with
37 control buttons to pause or stop the video, and capable of streaming
38 all the multimedia content available on the web. The test results and
39 notes are available on
40 <a href=
"http://wiki.debian.org/DebianEdu/BrowserMultimedia">the
41 Debian wiki
</a>. I was surprised how few of the plugins are able to
42 fill this need. My personal video player favorite, VLC, has a really
43 bad plugin which fail on a lot of the test pages. A lot of the MIME
44 types I would expect to work with any free software player (like
45 video/ogg), just do not work. And simple formats like the
46 audio/x-mplegurl format (m3u playlists), just isn't supported by the
47 totem and vlc plugins. I hope the situation will improve soon. No
48 wonder sites use the proprietary Adobe flash to play video.
</p>
50 <p>For Lenny, we seem to end up with the mplayer plugin. It seem to
51 be the only one fitting our needs. :/
</p>
58 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/web">web
</a>.
62 <div class=
"padding"></div>
66 <a href=
"http://people.skolelinux.org/pere/blog/Devcamp_brought_us_closer_to_the_Lenny_based_Debian_Edu_release.html">Devcamp brought us closer to the Lenny based Debian Edu release
</a>
74 <p>This weekend we had a small developer gathering for Debian Edu in
75 Oslo. Most of Saturday was used for the general assemly for the
76 member organization, but the rest of the weekend I used to tune the
77 LTSP installation. LTSP now work out of the box on the
10-network.
78 Acer Aspire One proved to be a very nice thin client, with both
79 screen, mouse and keybard in a small box. Was working on getting the
80 diskless workstation setup configured out of the box, but did not
81 finish it before the weekend was up.
</p>
83 <p>Did not find time to look at the
4 VGA cards in one box we got from
84 the Brazilian group, so that will have to wait for the next
85 development gathering. Would love to have the Debian Edu installer
86 automatically detect and configure a multiseat setup when it find one
94 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp
</a>.
98 <div class=
"padding"></div>
102 <a href=
"http://people.skolelinux.org/pere/blog/Endelig_er_Debian_Lenny_gitt_ut.html">Endelig er Debian Lenny gitt ut
</a>
110 <p>Endelig er
<a href=
"http://www.debian.org/">Debian
</a>
111 <a href=
"http://www.debian.org/News/2009/20090214">Lenny
</a> gitt ut.
112 Et langt steg videre for Debian-prosjektet, og en rekke nye
113 programpakker blir nå tilgjengelig for de av oss som bruker den
114 stabile utgaven av Debian. Neste steg er nå å få
115 <a href=
"http://www.skolelinux.org/">Skolelinux
</a> /
116 <a href=
"http://wiki.debian.org/DebianEdu/">Debian Edu
</a> ferdig
117 oppdatert for den nye utgaven, slik at en oppdatert versjon kan
118 slippes løs på skolene. Takk til alle debian-utviklerne som har
119 gjort dette mulig. Endelig er f.eks. fungerende avhengighetsstyrt
120 bootsekvens tilgjengelig i stabil utgave, vha pakken
121 <tt>insserv
</tt>.
</p>
128 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/norsk">norsk
</a>.
132 <div class=
"padding"></div>
136 <a href=
"http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html">Time for new LDAP schemas replacing RFC
2307?
</a>
144 <p>The state of standardized LDAP schemas on Linux is far from
145 optimal. There is RFC
2307 documenting one way to store NIS maps in
146 LDAP, and a modified version of this normally called RFC
2307bis, with
147 some modifications to be compatible with Active Directory. The RFC
148 specification handle the content of a lot of system databases, but do
149 not handle DNS zones and DHCP configuration.
</p>
151 <p>In
<a href=
"http://www.skolelinux.org/">Debian Edu/Skolelinux
</a>,
152 we would like to store information about users, SMB clients/hosts,
153 filegroups, netgroups (users and hosts), DHCP and DNS configuration,
154 and LTSP configuration in LDAP. These objects have a lot in common,
155 but with the current LDAP schemas it is not possible to have one
156 object per entity. For example, one need to have at least three LDAP
157 objects for a given computer, one with the SMB related stuff, one with
158 DNS information and another with DHCP information. The schemas
159 provided for DNS and DHCP are impossible to combine into one LDAP
160 object. In addition, it is impossible to implement quick queries for
161 netgroup membership, because of the way NIS triples are implemented.
162 It just do not scale. I believe it is time for a few RFC
163 specifications to cleam up this mess.
</p>
165 <p>I would like to have one LDAP object representing each computer in
166 the network, and this object can then keep the SMB (ie host key), DHCP
167 (mac address/name) and DNS (name/IP address) settings in one place.
168 It need to be efficently stored to make sure it scale well.
</p>
170 <p>I would also like to have a quick way to map from a user or
171 computer and to the net group this user or computer is a member.
</p>
173 <p>Active Directory have done a better job than unix heads like myself
174 in this regard, and the unix side need to catch up. Time to start a
175 new IETF work group?
</p>
182 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/ldap">ldap
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
186 <div class=
"padding"></div>
190 <a href=
"http://people.skolelinux.org/pere/blog/Returning_from_Skolelinux_developer_gathering.html">Returning from Skolelinux developer gathering
</a>
198 <p>I'm sitting on the train going home from this weekends Debian
199 Edu/Skolelinux development gathering. I got a bit done tuning the
200 desktop, and looked into the dynamic service location protocol
201 implementation avahi. It look like it could be useful for us. Almost
202 30 people participated, and I believe it was a great environment to
203 get to know the Skolelinux system. Walter Bender, involved in the
204 development of the Sugar educational platform, presented his stuff and
205 also helped me improve my OLPC installation. He also showed me that
206 his Turtle Art application can be used in standalone mode, and we
207 agreed that I would help getting it packaged for Debian. As a
208 standalone application it would be great for Debian Edu. We also
209 tried to get the video conferencing working with two OLPCs, but that
210 proved to be too hard for us. The application seem to need more work
211 before it is ready for me. I look forward to getting home and relax
219 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
223 <div class=
"padding"></div>
227 <a href=
"http://people.skolelinux.org/pere/blog/Standardize_on_protocols_and_formats__not_vendors_and_applications.html">Standardize on protocols and formats, not vendors and applications
</a>
235 <p>Where I work at the University of Oslo, one decision stand out as a
236 very good one to form a long lived computer infrastructure. It is the
237 simple one, lost by many in todays computer industry: Standardize on
238 open network protocols and open exchange/storage formats, not applications.
239 Applications come and go, while protocols and files tend to stay, and
240 thus one want to make it easy to change application and vendor, while
241 avoiding conversion costs and locking users to a specific platform or
244 <p>This approach make it possible to replace the client applications
245 independently of the server applications. One can even allow users to
246 use several different applications as long as they handle the selected
247 protocol and format. In the normal case, only one client application
248 is recommended and users only get help if they choose to use this
249 application, but those that want to deviate from the easy path are not
250 blocked from doing so.
</p>
252 <p>It also allow us to replace the server side without forcing the
253 users to replace their applications, and thus allow us to select the
254 best server implementation at any moment, when scale and resouce
255 requirements change.
</p>
257 <p>I strongly recommend standardizing - on open network protocols and
258 open formats, but I would never recommend standardizing on a single
259 application that do not use open network protocol or open formats.
</p>
266 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/standard">standard
</a>.
270 <div class=
"padding"></div>
274 <a href=
"http://people.skolelinux.org/pere/blog/No_patch_is_not_better_than_a_useless_patch.html">No patch is not better than a useless patch
</a>
283 <a href=
"http://blog.technologeek.org/2009/04/12/214">claim that no
284 patch is better than a useless patch
</a>. I completely disagree, as a
285 patch allow one to discuss a concrete and proposed solution, and also
286 prove that the issue at hand is important enough for someone to spent
287 time on fixing it. No patch do not provide any of these positive
295 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
299 <div class=
"padding"></div>
303 <a href=
"http://people.skolelinux.org/pere/blog/Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html">Two projects that have improved the quality of free software a lot
</a>
311 <p>There are two software projects that have had huge influence on the
312 quality of free software, and I wanted to mention both in case someone
313 do not yet know them.
</p>
315 <p>The first one is
<a href=
"http://valgrind.org/">valgrind
</a>, a
316 tool to detect and expose errors in the memory handling of programs.
317 It is easy to use, all one need to do is to run 'valgrind program',
318 and it will report any problems on stdout. It is even better if the
319 program include debug information. With debug information, it is able
320 to report the source file name and line number where the problem
321 occurs. It can report things like 'reading past memory block in file
322 X line N, the memory block was allocated in file Y, line M', and
323 'using uninitialised value in control logic'. This tool has made it
324 trivial to investigate reproducible crash bugs in programs, and have
325 reduced the number of this kind of bugs in free software a lot.
328 <a href=
"http://en.wikipedia.org/wiki/Coverity">Coverity
</a> which is
329 a source code checker. It is able to process the source of a program
330 and find problems in the logic without running the program. It
331 started out as the Stanford Checker and became well known when it was
332 used to find bugs in the Linux kernel. It is now a commercial tool
333 and the company behind it is running
334 <a href=
"http://www.scan.coverity.com/">a community service
</a> for the
335 free software community, where a lot of free software projects get
336 their source checked for free. Several thousand defects have been
337 found and fixed so far. It can find errors like 'lock L taken in file
338 X line N is never released if exiting in line M', or 'the code in file
339 Y lines O to P can never be executed'. The projects included in the
340 community service project have managed to get rid of a lot of
341 reliability problems thanks to Coverity.
</p>
343 <p>I believe tools like this, that are able to automatically find
344 errors in the source, are vital to improve the quality of software and
345 make sure we can get rid of the crashing and failing software we are
346 surrounded by today.
</p>
353 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
357 <div class=
"padding"></div>
361 <a href=
"http://people.skolelinux.org/pere/blog/Kryptert_harddisk___naturligvis.html">Kryptert harddisk - naturligvis
</a>
369 <p><a href=
"http://www.dagensit.no/trender/article1658676.ece">Dagens
370 IT melder
</a> at Intel hevder at det er dyrt å miste en datamaskin,
371 når en tar tap av arbeidstid, fortrolige dokumenter,
372 personopplysninger og alt annet det innebærer. Det er ingen tvil om
373 at det er en kostbar affære å miste sin datamaskin, og det er årsaken
374 til at jeg har kryptert harddisken på både kontormaskinen og min
375 bærbare. Begge inneholder personopplysninger jeg ikke ønsker skal
376 komme på avveie, den første informasjon relatert til jobben min ved
377 Universitetet i Oslo, og den andre relatert til blant annet
378 foreningsarbeide. Kryptering av diskene gjør at det er lite
379 sannsynlig at dophoder som kan finne på å rappe maskinene får noe ut
380 av dem. Maskinene låses automatisk etter noen minutter uten bruk,
381 og en reboot vil gjøre at de ber om passord før de vil starte opp.
382 Jeg bruker Debian på begge maskinene, og installasjonssystemet der
383 gjør det trivielt å sette opp krypterte disker. Jeg har LVM på toppen
384 av krypterte partisjoner, slik at alt av datapartisjoner er kryptert.
385 Jeg anbefaler alle å kryptere diskene på sine bærbare. Kostnaden når
386 det er gjort slik jeg gjør det er minimale, og gevinstene er
387 betydelige. En bør dog passe på passordet. Hvis det går tapt, må
388 maskinen reinstalleres og alt er tapt.
</p>
390 <p>Krypteringen vil ikke stoppe kompetente angripere som f.eks. kjøler
391 ned minnebrikkene før maskinen rebootes med programvare for å hente ut
392 krypteringsnøklene. Kostnaden med å forsvare seg mot slike angripere
393 er for min del høyere enn gevinsten. Jeg tror oddsene for at
394 f.eks. etteretningsorganisasjoner har glede av å titte på mine
395 maskiner er minimale, og ulempene jeg ville oppnå ved å forsøke å
396 gjøre det vanskeligere for angripere med kompetanse og ressurser er
404 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/norsk">norsk
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet
</a>.
408 <div class=
"padding"></div>
412 <a href=
"http://people.skolelinux.org/pere/blog/IDG_mener_linux_i_servermarkedet_vil_vokse_med_21__i_2009.html">IDG mener linux i servermarkedet vil vokse med
21% i
2009</a>
421 <a href=
"http://news.cnet.com/8301-13505_3-10216873-16.html">interessante
422 tall
</a> fra IDG om utviklingen av linuxservermarkedet. Fikk meg til
423 å tenke på antall tjenermaskiner ved Universitetet i Oslo der jeg
424 jobber til daglig. En rask opptelling forteller meg at vi har
490
425 (
61%) fysiske unix-tjener (mest linux men også noen solaris) og
196
426 (
25%) windowstjenere, samt
112 (
14%) virtuelle unix-tjenere. Med den
427 bakgrunnskunnskapen kan jeg godt tro at IDG er inne på noe.
</p>
434 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/norsk">norsk
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
438 <div class=
"padding"></div>
442 <a href=
"http://people.skolelinux.org/pere/blog/BSAs_p__stander_om_piratkopiering_m__ter_motstand.html">BSAs påstander om piratkopiering møter motstand
</a>
450 <p>Hvert år de siste årene har BSA, lobbyfronten til de store
451 programvareselskapene som Microsoft og Apple, publisert en rapport der
452 de gjetter på hvor mye piratkopiering påfører i tapte inntekter i
453 ulike land rundt om i verden. Resultatene er tendensiøse. For noen
455 <a href=
"http://global.bsa.org/globalpiracy2008/studies/globalpiracy2008.pdf">siste
456 rapport
</a>, og det er flere kritiske kommentarer publisert de siste
457 dagene. Et spesielt interessant kommentar fra Sverige,
458 <a href=
"http://www.idg.se/2.1085/1.229795/bsa-hoftade-sverigesiffror">BSA
459 höftade Sverigesiffror
</a>, oppsummeres slik:
</p>
462 I sin senaste rapport slår BSA fast att
25 procent av all mjukvara i
463 Sverige är piratkopierad. Det utan att ha pratat med ett enda svenskt
464 företag. "Man bör nog kanske inte se de här siffrorna som helt
465 exakta", säger BSAs Sverigechef John Hugosson.
468 <p>Mon tro om de er like metodiske når de gjetter på andelen piratkopiering i Norge? To andre kommentarer er
<a
469 href=
"http://www.vnunet.com/vnunet/comment/2242134/bsa-piracy-figures-shot-reality">BSA
470 piracy figures need a shot of reality
</a> og
<a
471 href=
"http://www.michaelgeist.ca/content/view/3958/125/">Does The WIPO
472 Copyright Treaty Work?
</a></p>
474 <p>Fant lenkene via
<a
475 href=
"http://tech.slashdot.org/article.pl?sid=09/05/17/1632242">oppslag
483 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/norsk">norsk
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/personvern">personvern
</a>.
487 <div class=
"padding"></div>
491 <a href=
"http://people.skolelinux.org/pere/blog/Debian_boots_quicker_and_quicker.html">Debian boots quicker and quicker
</a>
499 <p>I spent Monday and tuesday this week in London with a lot of the
500 people involved in the boot system on Debian and Ubuntu, to see if we
501 could find more ways to speed up the boot system. This was an Ubuntu
503 <a href=
"https://wiki.ubuntu.com/FoundationsTeam/BootPerformance/DebianUbuntuSprint">developer
504 gathering
</a>. It was quite productive. We also discussed the future
505 of boot systems, and ways to handle the increasing number of boot
506 issues introduced by the Linux kernel becoming more and more
507 asynchronous and event base. The Ubuntu approach using udev and
508 upstart might be a good way forward. Time will show.
</p>
510 <p>Anyway, there are a few ways at the moment to speed up the boot
511 process in Debian. All of these should be applied to get a quick
516 <li>Use dash as /bin/sh.
</li>
518 <li>Disable the init.d/hwclock*.sh scripts and make sure the hardware
519 clock is in UTC.
</li>
521 <li>Install and activate the insserv package to enable
522 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot">dependency
523 based boot sequencing
</a>, and enable concurrent booting.
</li>
527 These points are based on the Google summer of code work done by
528 <a href=
"http://initscripts-ng.alioth.debian.org/soc2006-bootsystem/">Carlos
531 <p>Support for makefile-style concurrency during boot was uploaded to
532 unstable yesterday. When we tested it, we were able to cut
6 seconds
533 from the boot sequence. It depend on very correct dependency
534 declaration in all init.d scripts, so I expect us to find edge cases
535 where the dependences in some scripts are slightly wrong when we start
538 <p>On our IRC channel for this effort, #pkg-sysvinit, a new idea was
539 introduced by Raphael Geissert today, one that could affect the
540 startup speed as well. Instead of starting some scripts concurrently
541 from rcS.d/ and another set of scripts from rc2.d/, it would be
542 possible to run a of them in the same process. A quick way to test
543 this would be to enable insserv and run 'mv /etc/rc2.d/S* /etc/rcS.d/;
544 insserv'. Will need to test if that work. :)
</p>
551 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
555 <div class=
"padding"></div>
559 <a href=
"http://people.skolelinux.org/pere/blog/Taking_over_sysvinit_development.html">Taking over sysvinit development
</a>
567 <p>After several years of frustration with the lack of activity from
568 the existing sysvinit upstream developer, I decided a few weeks ago to
569 take over the package and become the new upstream. The number of
570 patches to track for the Debian package was becoming a burden, and the
571 lack of synchronization between the distribution made it hard to keep
572 the package up to date.
</p>
574 <p>On the new sysvinit team is the SuSe maintainer Dr. Werner Fink,
575 and my Debian co-maintainer Kel Modderman. About
10 days ago, I made
576 a new upstream tarball with version number
2.87dsf (for Debian, SuSe
577 and Fedora), based on the patches currently in use in these
578 distributions. We Debian maintainers plan to move to this tarball as
579 the new upstream as soon as we find time to do the merge. Since the
580 new tarball was created, we agreed with Werner at SuSe to make a new
581 upstream project at
<a href=
"http://savannah.nongnu.org/">Savannah
</a>, and continue
582 development there. The project is registered and currently waiting
583 for approval by the Savannah administrators, and as soon as it is
584 approved, we will import the old versions from svn and continue
585 working on the future release.
</p>
587 <p>It is a bit ironic that this is done now, when some of the involved
588 distributions are moving to upstart as a syvinit replacement.
</p>
595 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
599 <div class=
"padding"></div>
603 <a href=
"http://people.skolelinux.org/pere/blog/Debian_has_switched_to_dependency_based_boot_sequencing.html">Debian has switched to dependency based boot sequencing
</a>
611 <p>Since this evening, with the upload of sysvinit version
2.87dsf-
2,
612 and the upload of insserv version
1.12.0-
10 yesterday, Debian unstable
613 have been migrated to using dependency based boot sequencing. This
614 conclude work me and others have been doing for the last three days.
615 It feels great to see this finally part of the default Debian
616 installation. Now we just need to weed out the last few problems that
617 are bound to show up, to get everything ready for Squeeze.
</p>
619 <p>The next step is migrating /sbin/init from sysvinit to upstart, and
620 fixing the more fundamental problem of handing the event based
621 non-predictable kernel in the early boot.
</p>
628 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
632 <div class=
"padding"></div>
636 <a href=
"http://people.skolelinux.org/pere/blog/Parallellizing_the_boot_in_Debian_Squeeze___ready_for_wider_testing.html">Parallellizing the boot in Debian Squeeze - ready for wider testing
</a>
644 <p>These days, the init.d script dependencies in Squeeze are quite
645 complete, so complete that it is actually possible to run all the
646 init.d scripts in parallell based on these dependencies. If you want
647 to test your Squeeze system, make sure
648 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot">dependency
649 based boot sequencing
</a> is enabled, and add this line to
650 /etc/default/rcS:
</p>
656 <p>That is it. It will cause sysv-rc to use the startpar tool to run
657 scripts in parallel using the dependency information stored in
658 /etc/init.d/.depend.boot, /etc/init.d/.depend.start and
659 /etc/init.d/.depend.stop to order the scripts. Startpar is configured
660 to try to start the kdm and gdm scripts as early as possible, and will
661 start the facilities required by kdm or gdm as early as possible to
662 make this happen.
</p>
664 <p>Give it a try, and see if you like the result. If some services
665 fail to start properly, it is most likely because they have incomplete
666 init.d script dependencies in their startup script (or some of their
667 dependent scripts have incomplete dependencies). Report bugs and get
668 the package maintainers to fix it. :)
</p>
670 <p>Running scripts in parallel could be the default in Debian when we
671 manage to get the init.d script dependencies complete and correct. I
672 expect we will get there in Squeeze+
1, if we get manage to test and
673 fix the remaining issues.
</p>
675 <p>If you report any problems with dependencies in init.d scripts to
676 the BTS, please usertag the report to get it to show up at
677 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org">the
678 list of usertagged bugs related to this
</a>.
</p>
685 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
689 <div class=
"padding"></div>
693 <a href=
"http://people.skolelinux.org/pere/blog/systemd__an_interesting_alternative_to_upstart.html">systemd, an interesting alternative to upstart
</a>
701 <p>The last few days a new boot system called
702 <a href=
"http://www.freedesktop.org/wiki/Software/systemd">systemd
</a>
704 <a href=
"http://0pointer.de/blog/projects/systemd.html">introduced
</a>
706 to the free software world. I have not yet had time to play around
707 with it, but it seem to be a very interesting alternative to
708 <a href=
"http://upstart.ubuntu.com/">upstart
</a>, and might prove to be
709 a good alternative for Debian when we are able to switch to an event
710 based boot system. Tollef is
711 <a href=
"http://bugs.debian.org/580814">in the process
</a> of getting
712 systemd into Debian, and I look forward to seeing how well it work. I
713 like the fact that systemd handles init.d scripts with dependency
714 information natively, allowing them to run in parallel where upstart
715 at the moment do not.
</p>
717 <p>Unfortunately do systemd have the same problem as upstart regarding
718 platform support. It only work on recent Linux kernels, and also need
719 some new kernel features enabled to function properly. This means
720 kFreeBSD and Hurd ports of Debian will need a port or a different boot
721 system. Not sure how that will be handled if systemd proves to be the
724 <p>In the mean time, based on the
725 <a href=
"http://lists.debian.org/debian-devel/2010/05/msg00122.html">input
726 on debian-devel@
</a> regarding parallel booting in Debian, I have
727 decided to enable full parallel booting as the default in Debian as
728 soon as possible (probably this weekend or early next week), to see if
729 there are any remaining serious bugs in the init.d dependencies. A
730 new version of the sysvinit package implementing this change is
731 already in experimental. If all go well, Squeeze will be released
732 with parallel booting enabled by default.
</p>
739 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
743 <div class=
"padding"></div>
747 <a href=
"http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_MAC_address_of_all_clients.html">Sitesummary tip: Listing MAC address of all clients
</a>
755 <p>In the recent Debian Edu versions, the
756 <a href=
"http://wiki.debian.org/DebianEdu/HowTo/SiteSummary">sitesummary
757 system
</a> is used to keep track of the machines in the school
758 network. Each machine will automatically report its status to the
759 central server after boot and once per night. The network setup is
760 also reported, and using this information it is possible to get the
761 MAC address of all network interfaces in the machines. This is useful
762 to update the DHCP configuration.
</p>
764 <p>To give some idea how to use sitesummary, here is a one-liner to
765 ist all MAC addresses of all machines reporting to sitesummary. Run
766 this on the collector host:
</p>
769 perl -MSiteSummary -e 'for_all_hosts(sub { print join(" ", get_macaddresses(shift)), "\n"; });'
772 <p>This will list all MAC addresses assosiated with all machine, one
773 line per machine and with space between the MAC addresses.
</p>
775 <p>To allow system administrators easier job at adding static DHCP
776 addresses for hosts, it would be possible to extend this to fetch
777 machine information from sitesummary and update the DHCP and DNS
778 tables in LDAP using this information. Such tool is unfortunately not
786 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary
</a>.
790 <div class=
"padding"></div>
794 <a href=
"http://people.skolelinux.org/pere/blog/Parallellized_boot_is_now_the_default_in_Debian_unstable.html">Parallellized boot is now the default in Debian/unstable
</a>
802 <p>Since this evening, parallel booting is the default in
803 Debian/unstable for machines using dependency based boot sequencing.
804 Apparently the testing of concurrent booting has been wider than
805 expected, if I am to believe the
806 <a href=
"http://lists.debian.org/debian-devel/2010/05/msg00122.html">input
807 on debian-devel@
</a>, and I concluded a few days ago to move forward
808 with the feature this weekend, to give us some time to detect any
809 remaining problems before Squeeze is frozen. If serious problems are
810 detected, it is simple to change the default back to sequential boot.
811 The upload of the new sysvinit package also activate a new upstream
814 More information about
815 <a href=
"http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot">dependency
816 based boot sequencing
</a> is available from the Debian wiki. It is
817 currently possible to disable parallel booting when one run into
818 problems caused by it, by adding this line to /etc/default/rcS:
</p>
824 <p>If you report any problems with dependencies in init.d scripts to
825 the BTS, please usertag the report to get it to show up at
826 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org">the
827 list of usertagged bugs related to this
</a>.
</p>
834 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
838 <div class=
"padding"></div>
842 <a href=
"http://people.skolelinux.org/pere/blog/More_flexible_firmware_handling_in_debian_installer.html">More flexible firmware handling in debian-installer
</a>
850 <p>After a long break from debian-installer development, I finally
851 found time today to return to the project. Having to spend less time
852 working dependency based boot in debian, as it is almost complete now,
853 definitely helped freeing some time.
</p>
855 <p>A while back, I ran into a problem while working on Debian Edu. We
856 include some firmware packages on the Debian Edu CDs, those needed to
857 get disk and network controllers working. Without having these
858 firmware packages available during installation, it is impossible to
859 install Debian Edu on the given machine, and because our target group
860 are non-technical people, asking them to provide firmware packages on
861 an external medium is a support pain. Initially, I expected it to be
862 enough to include the firmware packages on the CD to get
863 debian-installer to find and use them. This proved to be wrong.
864 Next, I hoped it was enough to symlink the relevant firmware packages
865 to some useful location on the CD (tried /cdrom/ and
866 /cdrom/firmware/). This also proved to not work, and at this point I
867 found time to look at the debian-installer code to figure out what was
870 <p>The firmware loading code is in the hw-detect package, and a closer
871 look revealed that it would only look for firmware packages outside
872 the installation media, so the CD was never checked for firmware
873 packages. It would only check USB sticks, floppies and other
874 "external" media devices. Today I changed it to also look in the
875 /cdrom/firmware/ directory on the mounted CD or DVD, which should
876 solve the problem I ran into with Debian edu. I also changed it to
877 look in /firmware/, to make sure the installer also find firmware
878 provided in the initrd when booting the installer via PXE, to allow us
879 to provide the same feature in the PXE setup included in Debian
882 <p>To make sure firmware deb packages with a license questions are not
883 activated without asking if the license is accepted, I extended
884 hw-detect to look for preinst scripts in the firmware packages, and
885 run these before activating the firmware during installation. The
886 license question is asked using debconf in the preinst, so this should
887 solve the issue for the firmware packages I have looked at so far.
</p>
889 <p>If you want to discuss the details of these features, please
890 contact us on debian-boot@lists.debian.org.
</p>
897 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
901 <div class=
"padding"></div>
905 <a href=
"http://people.skolelinux.org/pere/blog/Parallellized_boot_seem_to_hold_up_well_in_Debian_testing.html">Parallellized boot seem to hold up well in Debian/testing
</a>
913 <p>A few days ago, parallel booting was enabled in Debian/testing.
914 The feature seem to hold up pretty well, but three fairly serious
915 issues are known and should be solved:
919 <li>The wicd package seen to
920 <a href=
"http://bugs.debian.org/508289">break NFS mounting
</a> and
921 <a href=
"http://bugs.debian.org/581586">network setup
</a> when
922 parallel booting is enabled. No idea why, but the wicd maintainer
923 seem to be on the case.
</li>
925 <li>The nvidia X driver seem to
926 <a href=
"http://bugs.debian.org/583312">have a race condition
</a>
927 triggered more easily when parallel booting is in effect. The
928 maintainer is on the case.
</li>
930 <li>The sysv-rc package fail to properly enable dependency based boot
931 sequencing (the shutdown is broken) when old file-rc users
932 <a href=
"http://bugs.debian.org/575080">try to switch back
</a> to
933 sysv-rc. One way to solve it would be for file-rc to create
934 /etc/init.d/.legacy-bootordering, and another is to try to make
935 sysv-rc more robust. Will investigate some more and probably upload a
936 workaround in sysv-rc to help those trying to move from file-rc to
937 sysv-rc get a working shutdown.
</li>
941 <p>All in all not many surprising issues, and all of them seem
942 solvable before Squeeze is released. In addition to these there are
943 some packages with bugs in their dependencies and run level settings,
944 which I expect will be fixed in a reasonable time span.
</p>
946 <p>If you report any problems with dependencies in init.d scripts to
947 the BTS, please usertag the report to get it to show up at
948 <a href=
"http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=initscripts-ng-devel@lists.alioth.debian.org">the
949 list of usertagged bugs related to this
</a>.
</p>
951 <p>Update: Correct bug number to file-rc issue.
</p>
958 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
962 <div class=
"padding"></div>
966 <a href=
"http://people.skolelinux.org/pere/blog/KDM_fail_at_boot_with_NVidia_cards___and_no_one_try_to_fix_it_.html">KDM fail at boot with NVidia cards - and no one try to fix it?
</a>
974 <p>It is strange to watch how a bug in Debian causing KDM to fail to
975 start at boot when an NVidia video card is used is handled. The
976 problem seem to be that the nvidia X.org driver uses a long time to
977 initialize, and this duration is longer than kdm is configured to
980 <p>I came across two bugs related to this issue,
981 <a href=
"http://bugs.debian.org/583312">#
583312</a> initially filed
982 against initscripts and passed on to nvidia-glx when it became obvious
983 that the nvidia drivers were involved, and
984 <a href=
"http://bugs.debian.org/524751">#
524751</a> initially filed against
985 kdm and passed on to src:nvidia-graphics-drivers for unknown reasons.
</p>
987 <p>To me, it seem that no-one is interested in actually solving the
988 problem nvidia video card owners experience and make sure the Debian
989 distribution work out of the box for these users. The nvidia driver
990 maintainers expect kdm to be set up to wait longer, while kdm expect
991 the nvidia driver maintainers to fix the driver to start faster, and
992 while they wait for each other I guess the users end up switching to a
993 distribution that work for them. I have no idea what the solution is,
994 but I am pretty sure that waiting for each other is not it.
</p>
996 <p>I wonder why we end up handling bugs this way.
</p>
1003 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
1007 <div class=
"padding"></div>
1011 <a href=
"http://people.skolelinux.org/pere/blog/Sitesummary_tip__Listing_computer_hardware_models_used_at_site.html">Sitesummary tip: Listing computer hardware models used at site
</a>
1019 <p>When using sitesummary at a site to track machines, it is possible
1020 to get a list of the machine types in use thanks to the DMI
1021 information extracted from each machine. The script to do so is
1022 included in the sitesummary package, and here is example output from
1023 the Skolelinux build servers:
</p>
1026 maintainer:~# /usr/lib/sitesummary/hardware-model-summary
1028 Dell Computer Corporation
1
1031 eserver xSeries
345 -[
8670M1X]-
1
1037 <p>The quality of the report depend on the quality of the DMI tables
1038 provided in each machine. Here there are Intel machines without model
1039 information listed with Intel as vendor and mo model, and virtual Xen
1040 machines listed as [no-dmi-info]. One can add -l as a command line
1041 option to list the individual machines.
</p>
1044 <a href=
"http://narvikskolen.no/sitesummary/">available from the the
1045 city of Narvik
</a>, which uses Skolelinux on all their shools and also
1046 provide the basic sitesummary report publicly. In their report there
1047 are ~
1400 machines. I know they use both Ubuntu and Skolelinux on
1048 their machines, and as sitesummary is available in both distributions,
1049 it is trivial to get all of them to report to the same central
1057 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary
</a>.
1061 <div class=
"padding"></div>
1065 <a href=
"http://people.skolelinux.org/pere/blog/A_manual_for_standards_wars___.html">A manual for standards wars...
</a>
1074 <a href=
"http://feedproxy.google.com/~r/robweir/antic-atom/~3/QzU4RgoAGMg/weekly-links-10.html">blog
1075 of Rob Weir
</a> I came across the very interesting essay named
1076 <a href=
"http://faculty.haas.berkeley.edu/shapiro/wars.pdf">The Art of
1077 Standards Wars
</a> (PDF
25 pages). I recommend it for everyone
1078 following the standards wars of today.
</p>
1085 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/standard">standard
</a>.
1089 <div class=
"padding"></div>
1093 <a href=
"http://people.skolelinux.org/pere/blog/Upstart_or_sysvinit___as_init_d_scripts_see_it.html">Upstart or sysvinit - as init.d scripts see it
</a>
1101 <p>If Debian is to migrate to upstart on Linux, I expect some init.d
1102 scripts to migrate (some of) their operations to upstart job while
1103 keeping the init.d for hurd and kfreebsd. The packages with such
1104 needs will need a way to get their init.d scripts to behave
1105 differently when used with sysvinit and with upstart. Because of
1106 this, I had a look at the environment variables set when a init.d
1107 script is running under upstart, and when it is not.
</p>
1109 <p>With upstart, I notice these environment variables are set when a
1110 script is started from rcS.d/ (ignoring some irrelevant ones like
1119 UPSTART_EVENTS=startup
1121 UPSTART_JOB=rc-sysinit
1124 <p>With sysvinit, these environment variables are set for the same
1128 INIT_VERSION=sysvinit-
2.88
1135 <p>The RUNLEVEL and PREVLEVEL environment variables passed on from
1136 sysvinit are not set by upstart. Not sure if it is intentional or not
1137 to not be compatible with sysvinit in this regard.
</p>
1139 <p>For scripts needing to behave differently when upstart is used,
1140 looking for the UPSTART_JOB environment variable seem to be a good
1148 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
1152 <div class=
"padding"></div>
1156 <a href=
"http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html">Automatic upgrade testing from Lenny to Squeeze
</a>
1164 <p>The last few days I have done some upgrade testing in Debian, to
1165 see if the upgrade from Lenny to Squeeze will go smoothly. A few bugs
1166 have been discovered and reported in the process
1167 (
<a href=
"http://bugs.debian.org/585410">#
585410</a> in nagios3-cgi,
1168 <a href=
"http://bugs.debian.org/584879">#
584879</a> already fixed in
1169 enscript and
<a href=
"http://bugs.debian.org/584861">#
584861</a> in
1170 kdebase-workspace-data), and to get a more regular testing going on, I
1171 am working on a script to automate the test.
</p>
1173 <p>The idea is to create a Lenny chroot and use tasksel to install a
1174 Gnome or KDE desktop installation inside the chroot before upgrading
1175 it. To ensure no services are started in the chroot, a policy-rc.d
1176 script is inserted. To make sure tasksel believe it is to install a
1177 desktop on a laptop, the tasksel tests are replaced in the chroot
1178 (only acceptable because this is a throw-away chroot).
</p>
1180 <p>A naive upgrade from Lenny to Squeeze using aptitude dist-upgrade
1181 currently always fail because udev refuses to upgrade with the kernel
1182 in Lenny, so to avoid that problem the file /etc/udev/kernel-upgrade
1183 is created. The bug report
1184 <a href=
"http://bugs.debian.org/566000">#
566000</a> make me suspect
1185 this problem do not trigger in a chroot, but I touch the file anyway
1186 to make sure the upgrade go well. Testing on virtual and real
1187 hardware have failed me because of udev so far, and creating this file
1188 do the trick in such settings anyway. This is a
1189 <a href=
"http://www.linuxquestions.org/questions/debian-26/failed-dist-upgrade-due-to-udev-config_sysfs_deprecated-nonsense-804130/">known
1190 issue
</a> and the current udev behaviour is intended by the udev
1191 maintainer because he lack the resources to rewrite udev to keep
1192 working with old kernels or something like that. I really wish the
1193 udev upstream would keep udev backwards compatible, to avoid such
1194 upgrade problem, but given that they fail to do so, I guess
1195 documenting the way out of this mess is the best option we got for
1198 <p>Anyway, back to the task at hand, testing upgrades. This test
1199 script, which I call
<tt>upgrade-test
</tt> for now, is doing the
1217 mirror=http://ftp.skolelinux.org/debian
1218 tmpdir=chroot-$from-upgrade-$to-$desktop
1220 debootstrap $from $tmpdir $mirror
1221 chroot $tmpdir aptitude update
1222 cat
> $tmpdir/usr/sbin/policy-rc.d
<<EOF
1226 chmod a+rx $tmpdir/usr/sbin/policy-rc.d
1230 mount -t proc proc $tmpdir/proc
1231 # Make sure proc is unmounted also on failure
1232 trap exit_cleanup EXIT INT
1234 chroot $tmpdir aptitude -y install debconf-utils
1236 # Make sure tasksel autoselection trigger. It need the test scripts
1237 # to return the correct answers.
1238 echo tasksel tasksel/desktop multiselect $desktop | \
1239 chroot $tmpdir debconf-set-selections
1241 # Include the desktop and laptop task
1242 for test in desktop laptop ; do
1243 echo
> $tmpdir/usr/lib/tasksel/tests/$test
<<EOF
1247 chmod a+rx $tmpdir/usr/lib/tasksel/tests/$test
1250 DEBIAN_FRONTEND=noninteractive
1251 DEBIAN_PRIORITY=critical
1252 export DEBIAN_FRONTEND DEBIAN_PRIORITY
1253 chroot $tmpdir tasksel --new-install
1255 echo deb $mirror $to main
> $tmpdir/etc/apt/sources.list
1256 chroot $tmpdir aptitude update
1257 touch $tmpdir/etc/udev/kernel-upgrade
1258 chroot $tmpdir aptitude -y dist-upgrade
1262 <p>I suspect it would be useful to test upgrades with both apt-get and
1263 with aptitude, but I have not had time to look at how they behave
1264 differently so far. I hope to get a cron job running to do the test
1265 regularly and post the result on the web. The Gnome upgrade currently
1266 work, while the KDE upgrade fail because of the bug in
1267 kdebase-workspace-data
</p>
1269 <p>I am not quite sure what kind of extract from the huge upgrade logs
1270 (KDE
167 KiB, Gnome
516 KiB) it make sense to include in this blog
1271 post, so I will refrain from trying. I can report that for Gnome,
1272 aptitude report
760 packages upgraded,
448 newly installed,
129 to
1273 remove and
1 not upgraded and
1024MB need to be downloaded while for
1274 KDE the same numbers are
702 packages upgraded,
507 newly installed,
1275 193 to remove and
0 not upgraded and
1117MB need to be downloaded
</p>
1277 <p>I am very happy to notice that the Gnome desktop + laptop upgrade
1278 is able to migrate to dependency based boot sequencing and parallel
1279 booting without a hitch. Was unsure if there were still bugs with
1280 packages failing to clean up their obsolete init.d script during
1281 upgrades, and no such problem seem to affect the Gnome desktop+laptop
1289 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
1293 <div class=
"padding"></div>
1297 <a href=
"http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__removals_by_apt_and_aptitude.html">Lenny-
>Squeeze upgrades, removals by apt and aptitude
</a>
1306 <a href=
"http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html">testing
1307 of Debian upgrades
</a> from Lenny to Squeeze continues, and I've
1308 finally made the upgrade logs available from
1309 <a href=
"http://people.skolelinux.org/pere/debian-upgrade-testing/">http://people.skolelinux.org/pere/debian-upgrade-testing/
</a>.
1310 I am now testing dist-upgrade of Gnome and KDE in a chroot using both
1311 apt and aptitude, and found their differences interesting. This time
1312 I will only focus on their removal plans.
</p>
1314 <p>After installing a Gnome desktop and the laptop task, apt-get wants
1315 to remove
72 packages when dist-upgrading from Lenny to Squeeze. The
1316 surprising part is that it want to remove xorg and all
1317 xserver-xorg-video* drivers. Clearly not a good choice, but I am not
1318 sure why. When asking aptitude to do the same, it want to remove
129
1319 packages, but most of them are library packages I suspect are no
1320 longer needed. Both of them want to remove bluetooth packages, which
1321 I do not know. Perhaps these bluetooth packages are obsolete?
</p>
1323 <p>For KDE, apt-get want to remove
82 packages, among them kdebase
1324 which seem like a bad idea and xorg the same way as with Gnome. Asking
1325 aptitude for the same, it wants to remove
192 packages, none which are
1328 <p>I guess the removal of xorg during upgrades should be investigated
1329 and avoided, and perhaps others as well. Here are the complete list
1330 of planned removals. The complete logs is available from the URL
1331 above. Note if you want to repeat these tests, that the upgrade test
1332 for kde+apt-get hung in the tasksel setup because of dpkg asking
1333 conffile questions. No idea why. I worked around it by using
1334 '
<tt>echo
>> /proc/
<em>pidofdpkg
</em>/fd/
0</tt>' to tell dpkg to
1337 <p><b>apt-get gnome
72</b>
1338 <br>bluez-gnome cupsddk-drivers deskbar-applet gnome
1339 gnome-desktop-environment gnome-network-admin gtkhtml3.14
1340 iceweasel-gnome-support libavcodec51 libdatrie0 libgdl-
1-
0
1341 libgnomekbd2 libgnomekbdui2 libmetacity0 libslab0 libxcb-xlib0
1342 nautilus-cd-burner python-gnome2-desktop python-gnome2-extras
1343 serpentine swfdec-mozilla update-manager xorg xserver-xorg
1344 xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
1345 xserver-xorg-input-kbd xserver-xorg-input-mouse
1346 xserver-xorg-input-synaptics xserver-xorg-input-wacom
1347 xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
1348 xserver-xorg-video-ati xserver-xorg-video-chips
1349 xserver-xorg-video-cirrus xserver-xorg-video-cyrix
1350 xserver-xorg-video-dummy xserver-xorg-video-fbdev
1351 xserver-xorg-video-glint xserver-xorg-video-i128
1352 xserver-xorg-video-i740 xserver-xorg-video-imstt
1353 xserver-xorg-video-intel xserver-xorg-video-mach64
1354 xserver-xorg-video-mga xserver-xorg-video-neomagic
1355 xserver-xorg-video-nsc xserver-xorg-video-nv
1356 xserver-xorg-video-openchrome xserver-xorg-video-r128
1357 xserver-xorg-video-radeon xserver-xorg-video-radeonhd
1358 xserver-xorg-video-rendition xserver-xorg-video-s3
1359 xserver-xorg-video-s3virge xserver-xorg-video-savage
1360 xserver-xorg-video-siliconmotion xserver-xorg-video-sis
1361 xserver-xorg-video-sisusb xserver-xorg-video-tdfx
1362 xserver-xorg-video-tga xserver-xorg-video-trident
1363 xserver-xorg-video-tseng xserver-xorg-video-v4l
1364 xserver-xorg-video-vesa xserver-xorg-video-vga
1365 xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-
1.9
1366 xulrunner-
1.9-gnome-support
</p>
1368 <p><b>aptitude gnome
129</b>
1370 <br>bluez-gnome bluez-utils cpp-
4.3 cupsddk-drivers dhcdbd
1371 djvulibre-desktop finger gnome-app-install gnome-mount
1372 gnome-network-admin gnome-spell gnome-vfs-obexftp
1373 gnome-volume-manager gstreamer0.10-gnomevfs gtkhtml3.14 libao2
1374 libavahi-compat-libdnssd1 libavahi-core5 libavcodec51 libbluetooth2
1375 libcamel1.2-
11 libcdio7 libcucul0 libcupsys2 libcurl3 libdatrie0
1376 libdirectfb-
1.0-
0 libdvdread3 libedataserver1.2-
9 libeel2-
2.20
1377 libeel2-data libepc-
1.0-
1 libepc-ui-
1.0-
1 libfaad0 libgail-common
1378 libgd2-noxpm libgda3-
3 libgda3-common libgdl-
1-
0 libgdl-
1-common
1379 libggz2 libggzcore9 libggzmod4 libgksu1.2-
0 libgksuui1.0-
1 libgmyth0
1380 libgnomecups1.0-
1 libgnomekbd2 libgnomekbdui2 libgnomeprint2.2-
0
1381 libgnomeprint2.2-data libgnomeprintui2.2-
0 libgnomeprintui2.2-common
1382 libgnomevfs2-bin libgpod3 libgraphviz4 libgtkhtml2-
0
1383 libgtksourceview-common libgtksourceview1.0-
0 libgucharmap6
1384 libhesiod0 libicu38 libiw29 libkpathsea4 libltdl3 libmagick++
10
1385 libmagick10 libmalaga7 libmetacity0 libmtp7 libmysqlclient15off
1386 libnautilus-burn4 libneon27 libnm-glib0 libnm-util0 libopal-
2.2
1387 libosp5 libparted1.8-
10 libpoppler-glib3 libpoppler3 libpt-
1.10.10
1388 libpt-
1.10.10-plugins-alsa libpt-
1.10.10-plugins-v4l libraw1394-
8
1389 libsensors3 libslab0 libsmbios2 libsoup2.2-
8 libssh2-
1
1390 libsuitesparse-
3.1.0 libswfdec-
0.6-
90 libtalloc1 libtotem-plparser10
1391 libtrackerclient0 libxalan2-java libxalan2-java-gcj libxcb-xlib0
1392 libxerces2-java libxerces2-java-gcj libxklavier12 libxtrap6
1393 libxxf86misc1 libzephyr3 mysql-common nautilus-cd-burner
1394 openoffice.org-writer2latex openssl-blacklist p7zip
1395 python-
4suite-xml python-eggtrayicon python-gnome2-desktop
1396 python-gnome2-extras python-gtkhtml2 python-gtkmozembed
1397 python-numeric python-sexy serpentine svgalibg1 swfdec-gnome
1398 swfdec-mozilla totem-gstreamer update-manager wodim
1399 xserver-xorg-video-cyrix xserver-xorg-video-imstt
1400 xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
1403 <p><b>apt-get kde
82</b>
1405 <br>cupsddk-drivers karm kaudiocreator kcoloredit kcontrol kde kde-core
1406 kdeaddons kdeartwork kdebase kdebase-bin kdebase-bin-kde3
1407 kdebase-kio-plugins kdesktop kdeutils khelpcenter kicker
1408 kicker-applets knewsticker kolourpaint konq-plugins konqueror korn
1409 kpersonalizer kscreensaver ksplash libavcodec51 libdatrie0 libkiten1
1410 libxcb-xlib0 quanta superkaramba texlive-base-bin xorg xserver-xorg
1411 xserver-xorg-core xserver-xorg-input-all xserver-xorg-input-evdev
1412 xserver-xorg-input-kbd xserver-xorg-input-mouse
1413 xserver-xorg-input-synaptics xserver-xorg-input-wacom
1414 xserver-xorg-video-all xserver-xorg-video-apm xserver-xorg-video-ark
1415 xserver-xorg-video-ati xserver-xorg-video-chips
1416 xserver-xorg-video-cirrus xserver-xorg-video-cyrix
1417 xserver-xorg-video-dummy xserver-xorg-video-fbdev
1418 xserver-xorg-video-glint xserver-xorg-video-i128
1419 xserver-xorg-video-i740 xserver-xorg-video-imstt
1420 xserver-xorg-video-intel xserver-xorg-video-mach64
1421 xserver-xorg-video-mga xserver-xorg-video-neomagic
1422 xserver-xorg-video-nsc xserver-xorg-video-nv
1423 xserver-xorg-video-openchrome xserver-xorg-video-r128
1424 xserver-xorg-video-radeon xserver-xorg-video-radeonhd
1425 xserver-xorg-video-rendition xserver-xorg-video-s3
1426 xserver-xorg-video-s3virge xserver-xorg-video-savage
1427 xserver-xorg-video-siliconmotion xserver-xorg-video-sis
1428 xserver-xorg-video-sisusb xserver-xorg-video-tdfx
1429 xserver-xorg-video-tga xserver-xorg-video-trident
1430 xserver-xorg-video-tseng xserver-xorg-video-v4l
1431 xserver-xorg-video-vesa xserver-xorg-video-vga
1432 xserver-xorg-video-vmware xserver-xorg-video-voodoo xulrunner-
1.9</p>
1434 <p><b>aptitude kde
192</b>
1435 <br>bluez-utils cpp-
4.3 cupsddk-drivers cvs dcoprss dhcdbd
1436 djvulibre-desktop dosfstools eyesapplet fifteenapplet finger gettext
1437 ghostscript-x imlib-base imlib11 indi kandy karm kasteroids
1438 kaudiocreator kbackgammon kbstate kcoloredit kcontrol kcron kdat
1439 kdeadmin-kfile-plugins kdeartwork-misc kdeartwork-theme-window
1440 kdebase-bin-kde3 kdebase-kio-plugins kdeedu-data
1441 kdegraphics-kfile-plugins kdelirc kdemultimedia-kappfinder-data
1442 kdemultimedia-kfile-plugins kdenetwork-kfile-plugins
1443 kdepim-kfile-plugins kdepim-kio-plugins kdeprint kdesktop kdessh
1444 kdict kdnssd kdvi kedit keduca kenolaba kfax kfaxview kfouleggs
1445 kghostview khelpcenter khexedit kiconedit kitchensync klatin
1446 klickety kmailcvt kmenuedit kmid kmilo kmoon kmrml kodo kolourpaint
1447 kooka korn kpager kpdf kpercentage kpf kpilot kpoker kpovmodeler
1448 krec kregexpeditor ksayit ksim ksirc ksirtet ksmiletris ksmserver
1449 ksnake ksokoban ksplash ksvg ksysv ktip ktnef kuickshow kverbos
1450 kview kviewshell kvoctrain kwifimanager kwin kwin4 kworldclock
1451 kxsldbg libakode2 libao2 libarts1-akode libarts1-audiofile
1452 libarts1-mpeglib libarts1-xine libavahi-compat-libdnssd1
1453 libavahi-core5 libavc1394-
0 libavcodec51 libbluetooth2
1454 libboost-python1.34
.1 libcucul0 libcurl3 libcvsservice0 libdatrie0
1455 libdirectfb-
1.0-
0 libdjvulibre21 libdvdread3 libfaad0 libfreebob0
1456 libgail-common libgd2-noxpm libgraphviz4 libgsmme1c2a libgtkhtml2-
0
1457 libicu38 libiec61883-
0 libindex0 libiw29 libk3b3 libkcal2b libkcddb1
1458 libkdeedu3 libkdepim1a libkgantt0 libkiten1 libkleopatra1 libkmime2
1459 libkpathsea4 libkpimexchange1 libkpimidentities1 libkscan1
1460 libksieve0 libktnef1 liblockdev1 libltdl3 libmagick10 libmimelib1c2a
1461 libmozjs1d libmpcdec3 libneon27 libnm-util0 libopensync0 libpisock9
1462 libpoppler-glib3 libpoppler-qt2 libpoppler3 libraw1394-
8 libsmbios2
1463 libssh2-
1 libsuitesparse-
3.1.0 libtalloc1 libtiff-tools
1464 libxalan2-java libxalan2-java-gcj libxcb-xlib0 libxerces2-java
1465 libxerces2-java-gcj libxtrap6 mpeglib networkstatus
1466 openoffice.org-writer2latex pmount poster psutils quanta quanta-data
1467 superkaramba svgalibg1 tex-common texlive-base texlive-base-bin
1468 texlive-common texlive-doc-base texlive-fonts-recommended
1469 xserver-xorg-video-cyrix xserver-xorg-video-imstt
1470 xserver-xorg-video-nsc xserver-xorg-video-v4l xserver-xorg-video-vga
1479 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>.
1483 <div class=
"padding"></div>
1487 <a href=
"http://people.skolelinux.org/pere/blog/Calling_tasksel_like_the_installer__while_still_getting_useful_output.html">Calling tasksel like the installer, while still getting useful output
</a>
1495 <p>A few times I have had the need to simulate the way tasksel
1496 installs packages during the normal debian-installer run. Until now,
1497 I have ended up letting tasksel do the work, with the annoying problem
1498 of not getting any feedback at all when something fails (like a
1499 conffile question from dpkg or a download that fails), using code like
1503 export DEBIAN_FRONTEND=noninteractive
1504 tasksel --new-install
1507 This would invoke tasksel, let its automatic task selection pick the
1508 tasks to install, and continue to install the requested tasks without
1509 any output what so ever.
1511 Recently I revisited this problem while working on the automatic
1512 package upgrade testing, because tasksel would some times hang without
1513 any useful feedback, and I want to see what is going on when it
1514 happen. Then it occured to me, I can parse the output from tasksel
1515 when asked to run in test mode, and use that aptitude command line
1516 printed by tasksel then to simulate the tasksel run. I ended up using
1520 export DEBIAN_FRONTEND=noninteractive
1521 cmd="$(in_target tasksel -t --new-install | sed 's/debconf-apt-progress -- //')"
1525 <p>The content of $cmd is typically something like "
<tt>aptitude -q
1526 --without-recommends -o APT::Install-Recommends=no -y install
1527 ~t^desktop$ ~t^gnome-desktop$ ~t^laptop$ ~pstandard ~prequired
1528 ~pimportant
</tt>", which will install the gnome desktop task, the
1529 laptop task and all packages with priority standard , required and
1530 important, just like tasksel would have done it during
1533 <p>A better approach is probably to extend tasksel to be able to
1534 install packages without using debconf-apt-progress, for use cases
1542 Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian
">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english
">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug
">nuug</a>.
1546 <div class="padding
"></div>
1550 <a href="http://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html
">Idea for a change to LDAP schemas allowing DNS and DHCP info to be combined into one object</a>
1559 <a href="http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
">complained
1560 about the fact</a> that it is not possible with the provided schemas
1561 for storing DNS and DHCP information in LDAP to combine the two sets
1562 of information into one LDAP object representing a computer.</p>
1564 <p>In the mean time, I discovered that a simple fix would be to make
1565 the dhcpHost object class auxiliary, to allow it to be combined with
1566 the dNSDomain object class, and thus forming one object for one
1567 computer when storing both DHCP and DNS information in LDAP.</p>
1569 <p>If I understand this correctly, it is not safe to do this change
1570 without also changing the assigned number for the object class, and I
1571 do not know enough about LDAP schema design to do that properly for
1574 <p>Anyway, for future reference, this is how I believe we could change
1576 <a href="http://tools.ietf.org/html/draft-ietf-dhc-ldap-schema-
00">DHCP
1577 schema</a> to solve at least part of the problem with the LDAP schemas
1578 available today from IETF.</p>
1581 --- dhcp.schema (revision 65192)
1582 +++ dhcp.schema (working copy)
1584 objectclass ( 2.16.840.1.113719.1.203.6.6
1586 DESC 'This represents information about a particular client'
1590 MAY (dhcpLeaseDN $ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption)
1591 X-NDS_CONTAINMENT ('dhcpService' 'dhcpSubnet' 'dhcpGroup') )
1594 <p>I very much welcome clues on how to do this properly for Debian
1595 Edu/Squeeze. We provide the DHCP schema in our debian-edu-config
1596 package, and should thus be free to rewrite it as we see fit.</p>
1598 <p>If you want to help out with implementing this for Debian Edu,
1599 please contact us on debian-edu@lists.debian.org.</p>
1606 Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian
">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian edu
">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english
">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap
">ldap</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug
">nuug</a>.
1610 <div class="padding
"></div>
1614 <a href="http://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
">LUMA, a very nice LDAP GUI</a>
1622 <p>The last few days I have been looking into the status of the LDAP
1623 directory in Debian Edu, and in the process I started to miss a GUI
1624 tool to browse the LDAP tree. The only one I was able to find in
1625 Debian/Squeeze and Lenny is
1626 <a href="http://luma.sourceforge.net/
">LUMA</a>, which has proved to
1627 be a great tool to get a overview of the current LDAP directory
1628 populated by default in Skolelinux. Thanks to it, I have been able to
1629 find empty and obsolete subtrees, misplaced objects and duplicate
1630 objects. It will be installed by default in Debian/Squeeze. If you
1631 are working with LDAP, give it a go. :)</p>
1633 <p>I did notice one problem with it I have not had time to report to
1634 the BTS yet. There is no .desktop file in the package, so the tool do
1635 not show up in the Gnome and KDE menus, but only deep down in in the
1636 Debian submenu in KDE. I hope that can be fixed before Squeeze is
1639 <p>I have not yet been able to get it to modify the tree yet. I would
1640 like to move objects and remove subtrees directly in the GUI, but have
1641 not found a way to do that with LUMA yet. So in the mean time, I use
1642 <a href="http://www.lichteblau.com/ldapvi/
">ldapvi</a> for that.</p>
1644 <p>If you have tips on other GUI tools for LDAP that might be useful
1645 in Debian Edu, please contact us on debian-edu@lists.debian.org.</p>
1647 <p>Update 2010-06-29: Ross Reedstrom tipped us about the
1648 <a href="http://packages.qa.debian.org/g/gq.html
">gq</a> package as a
1649 useful GUI alternative. It seem like a good tool, but is unmaintained
1650 in Debian and got a RC bug keeping it out of Squeeze. Unless that
1651 changes, it will not be an option for Debian Edu based on Squeeze.</p>
1658 Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian
">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian edu
">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english
">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap
">ldap</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug
">nuug</a>.
1662 <div class="padding
"></div>
1666 <a href="http://people.skolelinux.org/pere/blog/Lenny__Squeeze_upgrades__apt_vs_aptitude_with_the_Gnome_desktop.html
">Lenny->Squeeze upgrades, apt vs aptitude with the Gnome desktop</a>
1674 <p>Here is a short update on my <a
1675 href="http://people.skolelinux.org/~pere/debian-upgrade-testing/
">my
1676 Debian Lenny->Squeeze upgrade testing</a>. Here is a summary of the
1677 difference for Gnome when it is upgraded by apt-get and aptitude. I'm
1678 not reporting the status for KDE, because the upgrade crashes when
1679 aptitude try because of missing conflicts
1680 (<a href="http://bugs.debian.org/
584861">#584861</a> and
1681 <a href="http://bugs.debian.org/
585716">#585716</a>).</p>
1683 <p>At the end of the upgrade test script, dpkg -l is executed to get a
1684 complete list of the installed packages. Based on this I see these
1685 differences when I did a test run today. As usual, I do not really
1686 know what the correct set of packages would be, but thought it best to
1687 publish the difference.</p>
1689 <p>Installed using apt-get, missing with aptitude</p>
1692 at-spi cpp-4.3 finger gnome-spell gstreamer0.10-gnomevfs
1693 libatspi1.0-0 libcupsys2 libeel2-data libgail-common libgdl-1-common
1694 libgnomeprint2.2-data libgnomeprintui2.2-common libgnomevfs2-bin
1695 libgtksourceview-common libpt-1.10.10-plugins-alsa
1696 libpt-1.10.10-plugins-v4l libservlet2.4-java libxalan2-java
1697 libxerces2-java openoffice.org-writer2latex openssl-blacklist p7zip
1698 python-4suite-xml python-eggtrayicon python-gtkhtml2
1699 python-gtkmozembed svgalibg1 xserver-xephyr zip
1702 <p>Installed using apt-get, removed with aptitude</p>
1705 bluez-utils dhcdbd djvulibre-desktop epiphany-gecko
1706 gnome-app-install gnome-mount gnome-vfs-obexftp gnome-volume-manager
1707 libao2 libavahi-compat-libdnssd1 libavahi-core5 libbind9-50
1708 libbluetooth2 libcamel1.2-11 libcdio7 libcucul0 libcurl3
1709 libdirectfb-1.0-0 libdvdread3 libedata-cal1.2-6 libedataserver1.2-9
1710 libeel2-2.20 libepc-1.0-1 libepc-ui-1.0-1 libexchange-storage1.2-3
1711 libfaad0 libgd2-noxpm libgda3-3 libgda3-common libggz2 libggzcore9
1712 libggzmod4 libgksu1.2-0 libgksuui1.0-1 libgmyth0 libgnome-desktop-2
1713 libgnome-pilot2 libgnomecups1.0-1 libgnomeprint2.2-0
1714 libgnomeprintui2.2-0 libgpod3 libgraphviz4 libgtkhtml2-0
1715 libgtksourceview1.0-0 libgucharmap6 libhesiod0 libicu38 libisccc50
1716 libisccfg50 libiw29 libkpathsea4 libltdl3 liblwres50 libmagick++10
1717 libmagick10 libmalaga7 libmtp7 libmysqlclient15off libnautilus-burn4
1718 libneon27 libnm-glib0 libnm-util0 libopal-2.2 libosp5
1719 libparted1.8-10 libpisock9 libpisync1 libpoppler-glib3 libpoppler3
1720 libpt-1.10.10 libraw1394-8 libsensors3 libsmbios2 libsoup2.2-8
1721 libssh2-1 libsuitesparse-3.1.0 libswfdec-0.6-90 libtalloc1
1722 libtotem-plparser10 libtrackerclient0 libvoikko1 libxalan2-java-gcj
1723 libxerces2-java-gcj libxklavier12 libxtrap6 libxxf86misc1 libzephyr3
1724 mysql-common swfdec-gnome totem-gstreamer wodim
1727 <p>Installed using aptitude, missing with apt-get</p>
1730 gnome gnome-desktop-environment hamster-applet python-gnomeapplet
1731 python-gnomekeyring python-wnck rhythmbox-plugins xorg
1732 xserver-xorg-input-all xserver-xorg-input-evdev
1733 xserver-xorg-input-kbd xserver-xorg-input-mouse
1734 xserver-xorg-input-synaptics xserver-xorg-video-all
1735 xserver-xorg-video-apm xserver-xorg-video-ark xserver-xorg-video-ati
1736 xserver-xorg-video-chips xserver-xorg-video-cirrus
1737 xserver-xorg-video-dummy xserver-xorg-video-fbdev
1738 xserver-xorg-video-glint xserver-xorg-video-i128
1739 xserver-xorg-video-i740 xserver-xorg-video-mach64
1740 xserver-xorg-video-mga xserver-xorg-video-neomagic
1741 xserver-xorg-video-nouveau xserver-xorg-video-nv
1742 xserver-xorg-video-r128 xserver-xorg-video-radeon
1743 xserver-xorg-video-radeonhd xserver-xorg-video-rendition
1744 xserver-xorg-video-s3 xserver-xorg-video-s3virge
1745 xserver-xorg-video-savage xserver-xorg-video-siliconmotion
1746 xserver-xorg-video-sis xserver-xorg-video-sisusb
1747 xserver-xorg-video-tdfx xserver-xorg-video-tga
1748 xserver-xorg-video-trident xserver-xorg-video-tseng
1749 xserver-xorg-video-vesa xserver-xorg-video-vmware
1750 xserver-xorg-video-voodoo
1753 <p>Installed using aptitude, removed with apt-get</p>
1756 deskbar-applet xserver-xorg xserver-xorg-core
1757 xserver-xorg-input-wacom xserver-xorg-video-intel
1758 xserver-xorg-video-openchrome
1761 <p>I was told on IRC that the xorg-xserver package was
1762 <a href="http://git.debian.org/?p=pkg-xorg/xserver/xorg-server.git;a=commit;h=
9c8080d06c457932d3bfec021c69ac000aa60120
">changed
1763 in git</a> today to try to get apt-get to not remove xorg completely.
1764 No idea when it hits Squeeze, but when it does I hope it will reduce
1765 the difference somewhat.
1772 Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian
">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian edu
">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english
">english</a>.
1776 <div class="padding
"></div>
1780 <a href="http://people.skolelinux.org/pere/blog/jXplorer__a_very_nice_LDAP_GUI.html
">jXplorer, a very nice LDAP GUI</a>
1789 <a href="http://people.skolelinux.org/pere/blog/LUMA__a_very_nice_LDAP_GUI.html
">my
1790 last post</a> about available LDAP tools in Debian, I was told about a
1791 LDAP GUI that is even better than luma. The java application
1792 <a href="http://jxplorer.org/
">jXplorer</a> is claimed to be capable of
1793 moving LDAP objects and subtrees using drag-and-drop, and can
1794 authenticate using Kerberos. I have only tested the Kerberos
1795 authentication, but do not have a LDAP setup allowing me to rewrite
1796 LDAP with my test user yet. It is
1797 <a href="http://packages.qa.debian.org/j/jxplorer.html
">available in
1798 Debian</a> testing and unstable at the moment. The only problem I
1799 have with it is how it handle errors. If something go wrong, its
1800 non-intuitive behaviour require me to go through some query work list
1801 and remove the failing query. Nothing big, but very annoying.</p>
1808 Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian
">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian edu
">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english
">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap
">ldap</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug
">nuug</a>.
1812 <div class="padding
"></div>
1816 <a href="http://people.skolelinux.org/pere/blog/Idea_for_storing_LTSP_configuration_in_LDAP.html
">Idea for storing LTSP configuration in LDAP</a>
1824 <p>Vagrant mentioned on IRC today that ltsp_config now support
1825 sourcing files from /usr/share/ltsp/ltsp_config.d/ on the thin
1826 clients, and that this can be used to fetch configuration from LDAP if
1827 Debian Edu choose to store configuration there.</p>
1829 <p>Armed with this information, I got inspired and wrote a test module
1830 to get configuration from LDAP. The idea is to look up the MAC
1831 address of the client in LDAP, and look for attributes on the form
1832 ltspconfigsetting=value, and use this to export SETTING=value to the
1835 <p>The goal is to be able to store the LTSP configuration attributes
1836 in a "computer" LDAP object used by both DNS and DHCP, and thus
1837 allowing us to store all information about a computer in one place.
</p>
1839 <p>This is a untested draft implementation, and I welcome feedback on
1840 this approach. A real LDAP schema for the ltspClientAux objectclass
1841 need to be written. Comments, suggestions, etc?
</p>
1844 # Store in /opt/ltsp/$arch/usr/share/ltsp/ltsp_config.d/ldap-config
1846 # Fetch LTSP client settings from LDAP based on MAC address
1848 # Uses ethernet address as stored in the dhcpHost objectclass using
1849 # the dhcpHWAddress attribute or ethernet address stored in the
1850 # ieee802Device objectclass with the macAddress attribute.
1852 # This module is written to be schema agnostic, and only depend on the
1853 # existence of attribute names.
1855 # The LTSP configuration variables are saved directly using a
1856 # ltspConfig prefix and uppercasing the rest of the attribute name.
1857 # To set the SERVER variable, set the ltspConfigServer attribute.
1859 # Some LDAP schema should be created with all the relevant
1860 # configuration settings. Something like this should work:
1862 # objectclass (
1.1.2.2 NAME 'ltspClientAux'
1865 # MAY ( ltspConfigServer $ ltsConfigSound $ ... )
1867 LDAPSERVER=$(debian-edu-ldapserver)
1868 if [ "$LDAPSERVER" ] ; then
1869 LDAPBASE=$(debian-edu-ldapserver -b)
1870 for MAC in $(LANG=C ifconfig |grep -i hwaddr| awk '{print $
5}'|sort -u) ; do
1871 filter="(|(dhcpHWAddress=ethernet $MAC)(macAddress=$MAC))"
1872 ldapsearch -h "$LDAPSERVER" -b "$LDAPBASE" -v -x "$filter" | \
1873 grep '^ltspConfig' | while read attr value ; do
1874 # Remove prefix and convert to upper case
1875 attr=$(echo $attr | sed 's/^ltspConfig//i' | tr a-z A-Z)
1876 # bass value on to clients
1877 eval "$attr=$value; export $attr"
1883 <p>I'm not sure this shell construction will work, because I suspect
1884 the while block might end up in a subshell causing the variables set
1885 there to not show up in ltsp-config, but if that is the case I am sure
1886 the code can be restructured to make sure the variables are passed on.
1887 I expect that can be solved with some testing. :)
</p>
1889 <p>If you want to help out with implementing this for Debian Edu,
1890 please contact us on debian-edu@lists.debian.org.
</p>
1892 <p>Update
2010-
07-
17: I am aware of another effort to store LTSP
1893 configuration in LDAP that was created around year
2000 by
1894 <a href=
"http://www.pcxperience.com/thinclient/documentation/ldap.html">PC
1895 Xperience, Inc.,
2000</a>. I found its
1896 <a href=
"http://people.redhat.com/alikins/ltsp/ldap/">files
</a> on a
1897 personal home page over at redhat.com.
</p>
1904 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/ldap">ldap
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
1908 <div class=
"padding"></div>
1912 <a href=
"http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html">Combining PowerDNS and ISC DHCP LDAP objects
</a>
1920 <p>For a while now, I have wanted to find a way to change the DNS and
1921 DHCP services in Debian Edu to use the same LDAP objects for a given
1922 computer, to avoid the possibility of having a inconsistent state for
1923 a computer in LDAP (as in DHCP but no DNS entry or the other way
1924 around) and make it easier to add computers to LDAP.
</p>
1926 <p>I've looked at how powerdns and dhcpd is using LDAP, and using this
1927 information finally found a solution that seem to work.
</p>
1929 <p>The old setup required three LDAP objects for a given computer.
1930 One forward DNS entry, one reverse DNS entry and one DHCP entry. If
1931 we switch powerdns to use its strict LDAP method (ldap-method=strict
1932 in pdns-debian-edu.conf), the forward and reverse DNS entries are
1933 merged into one while making it impossible to transfer the reverse map
1934 to a slave DNS server.
</p>
1936 <p>If we also replace the object class used to get the DNS related
1937 attributes to one allowing these attributes to be combined with the
1938 dhcphost object class, we can merge the DNS and DHCP entries into one.
1939 I've written such object class in the dnsdomainaux.schema file (need
1940 proper OIDs, but that is a minor issue), and tested the setup. It
1943 <p>With this test setup in place, we can get away with one LDAP object
1944 for both DNS and DHCP, and even the LTSP configuration I suggested in
1945 an earlier email. The combined LDAP object will look something like
1949 dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
1951 objectClass: dhcphost
1952 objectclass: domainrelatedobject
1953 objectclass: dnsdomainaux
1954 associateddomain: hostname.intern
1955 arecord:
10.11.12.13
1956 dhcphwaddress: ethernet
00:
00:
00:
00:
00:
00
1957 dhcpstatements: fixed-address hostname
1961 <p>The DNS server uses the associateddomain and arecord entries, while
1962 the DHCP server uses the dhcphwaddress and dhcpstatements entries
1963 before asking DNS to resolve the fixed-adddress. LTSP will use
1964 dhcphwaddress or associateddomain and the ldapconfig* attributes.
</p>
1966 <p>I am not yet sure if I can get the DHCP server to look for its
1967 dhcphost in a different location, to allow us to put the objects
1968 outside the "DHCP Config" subtree, but hope to figure out a way to do
1969 that. If I can't figure out a way to do that, we can still get rid of
1970 the hosts subtree and move all its content into the DHCP Config tree
1971 (which probably should be renamed to be more related to the new
1972 content. I suspect cn=dnsdhcp,ou=services or something like that
1973 might be a good place to put it.
</p>
1975 <p>If you want to help out with implementing this for Debian Edu,
1976 please contact us on debian-edu@lists.debian.org.
</p>
1983 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/ldap">ldap
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
1987 <div class=
"padding"></div>
1991 <a href=
"http://people.skolelinux.org/pere/blog/What_are_they_searching_for___PowerDNS_and_ISC_DHCP_in_LDAP.html">What are they searching for - PowerDNS and ISC DHCP in LDAP
</a>
2000 <a href=
"http://people.skolelinux.org/pere/blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html">followup
</a>
2002 <a href=
"http://people.skolelinux.org/pere/blog/Idea_for_a_change_to_LDAP_schemas_allowing_DNS_and_DHCP_info_to_be_combined_into_one_object.html">previous
2004 <a href=
"http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_DHCP_LDAP_objects.html">merging
2005 all
</a> the computer related LDAP objects in Debian Edu.
</p>
2007 <p>As a step to try to see if it possible to merge the DNS and DHCP
2008 LDAP objects, I have had a look at how the packages pdns-backend-ldap
2009 and dhcp3-server-ldap in Debian use the LDAP server. The two
2010 implementations are quite different in how they use LDAP.
</p>
2012 To get this information, I started slapd with debugging enabled and
2013 dumped the debug output to a file to get the LDAP searches performed
2014 on a Debian Edu main-server. Here is a summary.
2016 <p><strong>powerdns
</strong></p>
2018 <a href=
"http://www.linuxnetworks.de/doc/index.php/PowerDNS_LDAP_Backend">Clues
2019 on how to
</a> set up PowerDNS to use a LDAP backend is available on
2022 <p>PowerDNS have two modes of operation using LDAP as its backend.
2023 One "strict" mode where the forward and reverse DNS lookups are done
2024 using the same LDAP objects, and a "tree" mode where the forward and
2025 reverse entries are in two different subtrees in LDAP with a structure
2026 based on the DNS names, as in tjener.intern and
2027 2.2.0.10.in-addr.arpa.
</p>
2029 <p>In tree mode, the server is set up to use a LDAP subtree as its
2030 base, and uses a "base" scoped search for the DNS name by adding
2031 "dc=tjener,dc=intern," to the base with a filter for
2032 "(associateddomain=tjener.intern)" for the forward entry and
2033 "dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa," with a filter for
2034 "(associateddomain=
2.2.0.10.in-addr.arpa)" for the reverse entry. For
2035 forward entries, it is looking for attributes named dnsttl, arecord,
2036 nsrecord, cnamerecord, soarecord, ptrrecord, hinforecord, mxrecord,
2037 txtrecord, rprecord, afsdbrecord, keyrecord, aaaarecord, locrecord,
2038 srvrecord, naptrrecord, kxrecord, certrecord, dsrecord, sshfprecord,
2039 ipseckeyrecord, rrsigrecord, nsecrecord, dnskeyrecord, dhcidrecord,
2040 spfrecord and modifytimestamp. For reverse entries it is looking for
2041 the attributes dnsttl, arecord, nsrecord, cnamerecord, soarecord,
2042 ptrrecord, hinforecord, mxrecord, txtrecord, rprecord, aaaarecord,
2043 locrecord, srvrecord, naptrrecord and modifytimestamp. The equivalent
2044 ldapsearch commands could look like this:
</p>
2047 ldapsearch -h ldap \
2048 -b dc=tjener,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no \
2049 -s base -x '(associateddomain=tjener.intern)' dNSTTL aRecord nSRecord \
2050 cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord \
2051 rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord \
2052 nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord \
2053 rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
2055 ldapsearch -h ldap \
2056 -b dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no \
2057 -s base -x '(associateddomain=
2.2.0.10.in-addr.arpa)'
2058 dnsttl, arecord, nsrecord, cnamerecord soarecord ptrrecord \
2059 hinforecord mxrecord txtrecord rprecord aaaarecord locrecord \
2060 srvrecord naptrrecord modifytimestamp
2063 <p>In Debian Edu/Lenny, the PowerDNS tree mode is used with
2064 ou=hosts,dc=skole,dc=skolelinux,dc=no as the base, and these are two
2065 example LDAP objects used there. In addition to these objects, the
2066 parent objects all th way up to ou=hosts,dc=skole,dc=skolelinux,dc=no
2070 dn: dc=tjener,dc=intern,ou=hosts,dc=skole,dc=skolelinux,dc=no
2072 objectclass: dnsdomain
2073 objectclass: domainrelatedobject
2076 associateddomain: tjener.intern
2078 dn: dc=
2,dc=
2,dc=
0,dc=
10,dc=in-addr,dc=arpa,ou=hosts,dc=skole,dc=skolelinux,dc=no
2080 objectclass: dnsdomain2
2081 objectclass: domainrelatedobject
2083 ptrrecord: tjener.intern
2084 associateddomain:
2.2.0.10.in-addr.arpa
2087 <p>In strict mode, the server behaves differently. When looking for
2088 forward DNS entries, it is doing a "subtree" scoped search with the
2089 same base as in the tree mode for a object with filter
2090 "(associateddomain=tjener.intern)" and requests the attributes dnsttl,
2091 arecord, nsrecord, cnamerecord, soarecord, ptrrecord, hinforecord,
2092 mxrecord, txtrecord, rprecord, aaaarecord, locrecord, srvrecord,
2093 naptrrecord and modifytimestamp. For reverse entires it also do a
2094 subtree scoped search but this time the filter is "(arecord=
10.0.2.2)"
2095 and the requested attributes are associateddomain, dnsttl and
2096 modifytimestamp. In short, in strict mode the objects with ptrrecord
2097 go away, and the arecord attribute in the forward object is used
2100 <p>The forward and reverse searches can be simulated using ldapsearch
2104 ldapsearch -h ldap -b ou=hosts,dc=skole,dc=skolelinux,dc=no -s sub -x \
2105 '(associateddomain=tjener.intern)' dNSTTL aRecord nSRecord \
2106 cNAMERecord sOARecord pTRRecord hInfoRecord mXRecord tXTRecord \
2107 rPRecord aFSDBRecord KeyRecord aAAARecord lOCRecord sRVRecord \
2108 nAPTRRecord kXRecord certRecord dSRecord sSHFPRecord iPSecKeyRecord \
2109 rRSIGRecord nSECRecord dNSKeyRecord dHCIDRecord sPFRecord modifyTimestamp
2111 ldapsearch -h ldap -b ou=hosts,dc=skole,dc=skolelinux,dc=no -s sub -x \
2112 '(arecord=
10.0.2.2)' associateddomain dnsttl modifytimestamp
2115 <p>In addition to the forward and reverse searches , there is also a
2116 search for SOA records, which behave similar to the forward and
2117 reverse lookups.
</p>
2119 <p>A thing to note with the PowerDNS behaviour is that it do not
2120 specify any objectclass names, and instead look for the attributes it
2121 need to generate a DNS reply. This make it able to work with any
2122 objectclass that provide the needed attributes.
</p>
2124 <p>The attributes are normally provided in the cosine (RFC
1274) and
2125 dnsdomain2 schemas. The latter is used for reverse entries like
2126 ptrrecord and recent DNS additions like aaaarecord and srvrecord.
</p>
2128 <p>In Debian Edu, we have created DNS objects using the object classes
2129 dcobject (for dc), dnsdomain or dnsdomain2 (structural, for the DNS
2130 attributes) and domainrelatedobject (for associatedDomain). The use
2131 of structural object classes make it impossible to combine these
2132 classes with the object classes used by DHCP.
</p>
2134 <p>There are other schemas that could be used too, for example the
2135 dnszone structural object class used by Gosa and bind-sdb for the DNS
2136 attributes combined with the domainrelatedobject object class, but in
2137 this case some unused attributes would have to be included as well
2138 (zonename and relativedomainname).
</p>
2140 <p>My proposal for Debian Edu would be to switch PowerDNS to strict
2141 mode and not use any of the existing objectclasses (dnsdomain,
2142 dnsdomain2 and dnszone) when one want to combine the DNS information
2143 with DHCP information, and instead create a auxiliary object class
2144 defined something like this (using the attributes defined for
2145 dnsdomain and dnsdomain2 or dnszone):
</p>
2148 objectclass ( some-oid NAME 'dnsDomainAux'
2151 MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ SOARecord $ CNAMERecord $
2152 DNSTTL $ DNSClass $ PTRRecord $ HINFORecord $ MINFORecord $
2153 TXTRecord $ SIGRecord $ KEYRecord $ AAAARecord $ LOCRecord $
2154 NXTRecord $ SRVRecord $ NAPTRRecord $ KXRecord $ CERTRecord $
2155 A6Record $ DNAMERecord
2159 <p>This will allow any object to become a DNS entry when combined with
2160 the domainrelatedobject object class, and allow any entity to include
2161 all the attributes PowerDNS wants. I've sent an email to the PowerDNS
2162 developers asking for their view on this schema and if they are
2163 interested in providing such schema with PowerDNS, and I hope my
2164 message will be accepted into their mailing list soon.
</p>
2166 <p><strong>ISC dhcp
</strong></p>
2168 <p>The DHCP server searches for specific objectclass and requests all
2169 the object attributes, and then uses the attributes it want. This
2170 make it harder to figure out exactly what attributes are used, but
2171 thanks to the working example in Debian Edu I can at least get an idea
2172 what is needed without having to read the source code.
</p>
2174 <p>In the DHCP server configuration, the LDAP base to use and the
2175 search filter to use to locate the correct dhcpServer entity is
2176 stored. These are the relevant entries from
2177 /etc/dhcp3/dhcpd.conf:
</p>
2180 ldap-base-dn "dc=skole,dc=skolelinux,dc=no";
2181 ldap-dhcp-server-cn "dhcp";
2184 <p>The DHCP server uses this information to nest all the DHCP
2185 configuration it need. The cn "dhcp" is located using the given LDAP
2186 base and the filter "(&(objectClass=dhcpServer)(cn=dhcp))". The
2187 search result is this entry:
</p>
2190 dn: cn=dhcp,dc=skole,dc=skolelinux,dc=no
2193 objectClass: dhcpServer
2194 dhcpServiceDN: cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
2197 <p>The content of the dhcpServiceDN attribute is next used to locate the
2198 subtree with DHCP configuration. The DHCP configuration subtree base
2199 is located using a base scope search with base "cn=DHCP
2200 Config,dc=skole,dc=skolelinux,dc=no" and filter
2201 "(&(objectClass=dhcpService)(|(dhcpPrimaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)(dhcpSecondaryDN=cn=dhcp,dc=skole,dc=skolelinux,dc=no)))".
2202 The search result is this entry:
</p>
2205 dn: cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
2208 objectClass: dhcpService
2209 objectClass: dhcpOptions
2210 dhcpPrimaryDN: cn=dhcp, dc=skole,dc=skolelinux,dc=no
2211 dhcpStatements: ddns-update-style none
2212 dhcpStatements: authoritative
2213 dhcpOption: smtp-server code
69 = array of ip-address
2214 dhcpOption: www-server code
72 = array of ip-address
2215 dhcpOption: wpad-url code
252 = text
2218 <p>Next, the entire subtree is processed, one level at the time. When
2219 all the DHCP configuration is loaded, it is ready to receive requests.
2220 The subtree in Debian Edu contain objects with object classes
2221 top/dhcpService/dhcpOptions, top/dhcpSharedNetwork/dhcpOptions,
2222 top/dhcpSubnet, top/dhcpGroup and top/dhcpHost. These provide options
2223 and information about netmasks, dynamic range etc. Leaving out the
2224 details here because it is not relevant for the focus of my
2225 investigation, which is to see if it is possible to merge dns and dhcp
2226 related computer objects.
</p>
2228 <p>When a DHCP request come in, LDAP is searched for the MAC address
2229 of the client (
00:
00:
00:
00:
00:
00 in this example), using a subtree
2230 scoped search with "cn=DHCP Config,dc=skole,dc=skolelinux,dc=no" as
2231 the base and "(&(objectClass=dhcpHost)(dhcpHWAddress=ethernet
2232 00:
00:
00:
00:
00:
00))" as the filter. This is what a host object look
2236 dn: cn=hostname,cn=group1,cn=THINCLIENTS,cn=DHCP Config,dc=skole,dc=skolelinux,dc=no
2239 objectClass: dhcpHost
2240 dhcpHWAddress: ethernet
00:
00:
00:
00:
00:
00
2241 dhcpStatements: fixed-address hostname
2244 <p>There is less flexiblity in the way LDAP searches are done here.
2245 The object classes need to have fixed names, and the configuration
2246 need to be stored in a fairly specific LDAP structure. On the
2247 positive side, the invidiual dhcpHost entires can be anywhere without
2248 the DN pointed to by the dhcpServer entries. The latter should make
2249 it possible to group all host entries in a subtree next to the
2250 configuration entries, and this subtree can also be shared with the
2251 DNS server if the schema proposed above is combined with the dhcpHost
2252 structural object class.
2254 <p><strong>Conclusion
</strong></p>
2256 <p>The PowerDNS implementation seem to be very flexible when it come
2257 to which LDAP schemas to use. While its "tree" mode is rigid when it
2258 come to the the LDAP structure, the "strict" mode is very flexible,
2259 allowing DNS objects to be stored anywhere under the base cn specified
2260 in the configuration.
</p>
2262 <p>The DHCP implementation on the other hand is very inflexible, both
2263 regarding which LDAP schemas to use and which LDAP structure to use.
2264 I guess one could implement ones own schema, as long as the
2265 objectclasses and attributes have the names used, but this do not
2266 really help when the DHCP subtree need to have a fairly fixed
2269 <p>Based on the observed behaviour, I suspect a LDAP structure like
2270 this might work for Debian Edu:
</p>
2274 cn=machine-info (dhcpService) - dhcpServiceDN points here
2275 cn=dhcp (dhcpServer)
2276 cn=dhcp-internal (dhcpSharedNetwork/dhcpOptions)
2277 cn=
10.0.2.0 (dhcpSubnet)
2278 cn=group1 (dhcpGroup/dhcpOptions)
2279 cn=dhcp-thinclients (dhcpSharedNetwork/dhcpOptions)
2280 cn=
192.168.0.0 (dhcpSubnet)
2281 cn=group1 (dhcpGroup/dhcpOptions)
2282 ou=machines - PowerDNS base points here
2283 cn=hostname (dhcpHost/domainrelatedobject/dnsDomainAux)
2286 <P>This is not tested yet. If the DHCP server require the dhcpHost
2287 entries to be in the dhcpGroup subtrees, the entries can be stored
2288 there instead of a common machines subtree, and the PowerDNS base
2289 would have to be moved one level up to the machine-info subtree.
</p>
2291 <p>The combined object under the machines subtree would look something
2295 dn: dc=hostname,ou=machines,cn=machine-info,dc=skole,dc=skolelinux,dc=no
2298 objectClass: dhcpHost
2299 objectclass: domainrelatedobject
2300 objectclass: dnsDomainAux
2301 associateddomain: hostname.intern
2302 arecord:
10.11.12.13
2303 dhcpHWAddress: ethernet
00:
00:
00:
00:
00:
00
2304 dhcpStatements: fixed-address hostname.intern
2307 </p>One could even add the LTSP configuration associated with a given
2308 machine, as long as the required attributes are available in a
2309 auxiliary object class.
</p>
2316 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/ldap">ldap
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
2320 <div class=
"padding"></div>
2324 <a href=
"http://people.skolelinux.org/pere/blog/Circular_package_dependencies_harms_apt_recovery.html">Circular package dependencies harms apt recovery
</a>
2332 <p>I discovered this while doing
2333 <a href=
"http://people.skolelinux.org/pere/blog/Automatic_upgrade_testing_from_Lenny_to_Squeeze.html">automated
2334 testing of upgrades from Debian Lenny to Squeeze
</a>. A few packages
2335 in Debian still got circular dependencies, and it is often claimed
2336 that apt and aptitude should be able to handle this just fine, but
2337 some times these dependency loops causes apt to fail.
</p>
2339 <p>An example is from todays
2340 <a href=
"http://people.skolelinux.org/~pere/debian-upgrade-testing//test-20100727-lenny-squeeze-kde-aptitude.txt">upgrade
2341 of KDE using aptitude
</a>. In it, a bug in kdebase-workspace-data
2342 causes perl-modules to fail to upgrade. The cause is simple. If a
2343 package fail to unpack, then only part of packages with the circular
2344 dependency might end up being unpacked when unpacking aborts, and the
2345 ones already unpacked will fail to configure in the recovery phase
2346 because its dependencies are unavailable.
</p>
2348 <p>In this log, the problem manifest itself with this error:
</p>
2351 dpkg: dependency problems prevent configuration of perl-modules:
2352 perl-modules depends on perl (
>=
5.10.1-
1); however:
2353 Version of perl on system is
5.10.0-
19lenny
2.
2354 dpkg: error processing perl-modules (--configure):
2355 dependency problems - leaving unconfigured
2358 <p>The perl/perl-modules circular dependency is already
2359 <a href=
"http://bugs.debian.org/527917">reported as a bug
</a>, and will
2360 hopefully be solved as soon as possible, but it is not the only one,
2361 and each one of these loops in the dependency tree can cause similar
2362 failures. Of course, they only occur when there are bugs in other
2363 packages causing the unpacking to fail, but it is rather nasty when
2364 the failure of one package causes the problem to become worse because
2365 of dependency loops.
</p>
2368 <a href=
"http://lists.debian.org/debian-devel/2010/06/msg00116.html">the
2369 tireless effort by Bill Allombert
</a>, the number of circular
2371 <a href=
"http://debian.semistable.com/debgraph.out.html">left in Debian
2372 is dropping
</a>, and perhaps it will reach zero one day. :)
</p>
2374 <p>Todays testing also exposed a bug in
2375 <a href=
"http://bugs.debian.org/590605">update-notifier
</a> and
2376 <a href=
"http://bugs.debian.org/590604">different behaviour
</a> between
2377 apt-get and aptitude, the latter possibly caused by some circular
2378 dependency. Reported both to BTS to try to get someone to look at
2386 Tags:
<a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/english">english
</a>,
<a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug
</a>.
2390 <div class=
"padding"></div>
2392 <p style=
"text-align: right;"><a href=
"debian.rss"><img src=
"http://people.skolelinux.org/pere/blog/xml.gif" alt=
"RSS Feed" width=
"36" height=
"14"></a></p>
2405 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2010/01/">January (
2)
</a></li>
2407 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2010/02/">February (
1)
</a></li>
2409 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2010/03/">March (
3)
</a></li>
2411 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2010/04/">April (
3)
</a></li>
2413 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2010/05/">May (
9)
</a></li>
2415 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2010/06/">June (
14)
</a></li>
2417 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2010/07/">July (
12)
</a></li>
2419 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2010/08/">August (
2)
</a></li>
2426 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/01/">January (
8)
</a></li>
2428 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/02/">February (
8)
</a></li>
2430 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/03/">March (
12)
</a></li>
2432 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/04/">April (
10)
</a></li>
2434 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/05/">May (
9)
</a></li>
2436 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/06/">June (
3)
</a></li>
2438 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/07/">July (
4)
</a></li>
2440 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/08/">August (
3)
</a></li>
2442 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/09/">September (
1)
</a></li>
2444 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/10/">October (
2)
</a></li>
2446 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/11/">November (
3)
</a></li>
2448 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2009/12/">December (
3)
</a></li>
2455 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2008/11/">November (
5)
</a></li>
2457 <li><a href=
"http://people.skolelinux.org/pere/blog/archive/2008/12/">December (
7)
</a></li>
2468 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (
11)
</a></li>
2470 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/amiga">amiga (
1)
</a></li>
2472 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/aros">aros (
1)
</a></li>
2474 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (
10)
</a></li>
2476 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/debian">debian (
35)
</a></li>
2478 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (
38)
</a></li>
2480 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/english">english (
53)
</a></li>
2482 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (
1)
</a></li>
2484 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (
8)
</a></li>
2486 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/kart">kart (
3)
</a></li>
2488 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/ldap">ldap (
8)
</a></li>
2490 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/lenker">lenker (
1)
</a></li>
2492 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (
1)
</a></li>
2494 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (
5)
</a></li>
2496 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/norsk">norsk (
71)
</a></li>
2498 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/nuug">nuug (
90)
</a></li>
2500 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (
14)
</a></li>
2502 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/personvern">personvern (
14)
</a></li>
2504 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/reprap">reprap (
10)
</a></li>
2506 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/rss">rss (
1)
</a></li>
2508 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (
10)
</a></li>
2510 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (
3)
</a></li>
2512 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/standard">standard (
13)
</a></li>
2514 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (
1)
</a></li>
2516 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/video">video (
10)
</a></li>
2518 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (
1)
</a></li>
2520 <li><a href=
"http://people.skolelinux.org/pere/blog/tags/web">web (
7)
</a></li>