commit 4406155089f18d1f3653790766cff07f147e7f63 Author: Tobias Stein Date: Tue Dec 6 15:26:21 2022 +0100 Initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9e1a885 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.sw[a-z] diff --git a/basefiles/mk-basefile b/basefiles/mk-basefile new file mode 100755 index 0000000..80a1f98 --- /dev/null +++ b/basefiles/mk-basefile @@ -0,0 +1,336 @@ +#! /bin/bash + +# mk-basefile, create basefiles for some distributions +# +# Thomas Lange, Uni Koeln, 2011-2022 +# based on the Makefile implementation of Michael Goetze +# +# Usage example: mk-basefile -J STRETCH64 +# This will create a STRETCH64.tar.xz basefile. + +# Supported distributions (each i386/amd64): +# Debian GNU/Linux +# Ubuntu 14.04/16.04/20.04/22.04 +# Rocky Linux 8 +# CentOS 5/6/7/8 +# Scientific Linux Cern 5/6 +# +# Packages you might want to install to use this command: +# debootstrap, rinse, xz-utils + + +# Define your local mirros here +# For the first stage, set the CentOS/SLC mirror in /etc/rinse/rinse.conf +MIRROR_DEBIAN=http://deb.debian.org/debian/ +MIRROR_UBUNTU=http://mirror.netcologne.de/ubuntu/ +MIRROR_CENTOS=http://mirror.netcologne.de/ + +EXCLUDE_SQUEEZE=isc-dhcp-client,isc-dhcp-common,info +EXCLUDE_WHEEZY=info +EXCLUDE_JESSIE=info +EXCLUDE_STRETCH=info +EXCLUDE_BUSTER= +EXCLUDE_BULLSEYE= +EXCLUDE_BOOKWORM= +EXCLUDE_TRIXIE= +EXCLUDE_FORKY= +EXCLUDE_SID= + +EXCLUDE_TRUSTY=dhcp3-client,dhcp3-common,info +EXCLUDE_XENIAL=udhcpc,dibbler-client,info +EXCLUDE_BIONIC=udhcpc,dibbler-client,info +EXCLUDE_FOCAL=udhcpc,dibbler-client,info +EXCLUDE_JAMMY=udhcpc,dibbler-client,info + +# here you can add packages, that are needed very early +INCLUDE_DEBIAN= + + +setarch() { + + l32= + if [ X$1 = Xi386 ]; then + l32=linux32 + fi +} + +check() { + + if [ $(id -u) != 0 ]; then + echo "You must be root to create chroots." + exit 1 + fi + mknod $xtmp/test-dev-null c 1 3 + if [ $? -eq 1 ]; then + echo "Cannot create device files on $xtmp, aborting." + echo "Perhaps this directory is mounted with option nodev." + rm -rf $xtmp + exit 1 + fi + echo test > $xtmp/test-dev-null + if [ $? -eq 1 ]; then + echo "Cannot create device files on $xtmp, aborting." + echo "Perhaps this directory is mounted with option nodev." + rm -rf $xtmp + exit 1 + fi + rm -f $xtmp/test-dev-null +} + + +mkpost-centos() { + + # set local mirror for rinse post script + [ -z "$MIRROR_CENTOS" ] && return + cat < $xtmp/post +#! /bin/sh +mkdir -p $xtmp/etc/yum.repos.d/orig +cp -p $xtmp/etc/yum.repos.d/*.repo $xtmp/etc/yum.repos.d/orig +perl -pi -e 's,mirrorlist=,#mirrorlist=,; s,#baseurl=http://mirror.centos.org,baseurl=$MIRROR_CENTOS,;' $xtmp/etc/yum.repos.d/CentOS-Base.repo +EOM + chmod 555 $xtmp/post +} + + +mkpost-slc() { + + # set local mirror for rinse post script + ver=$1 + [ -z "$MIRROR_SLC" ] && return + cat < $xtmp/post +#! /bin/sh +mkdir -p $xtmp/etc/yum.repos.d/orig +cp -p $xtmp/etc/yum.repos.d/*.repo $xtmp/etc/yum.repos.d/orig +perl -pi -e 's,baseurl=http://linuxsoft.cern.ch,baseurl=$MIRROR_SLC,;' $xtmp/etc/yum.repos.d/slc$ver-os.repo +perl -pi -e 's,baseurl=http://linuxsoft.cern.ch,baseurl=$MIRROR_SLC,;' $xtmp/etc/yum.repos.d/slc$ver-updates.repo + +EOM + chmod 555 $xtmp/post +} + + +cleanup-deb() { + + chroot $xtmp apt-get clean + rm -f $xtmp/etc/hostname $xtmp/etc/resolv.conf \ + $xtmp/var/lib/apt/lists/*_* $xtmp/usr/bin/qemu-*-static \ + $xtmp/etc/udev/rules.d/70-persistent-net.rules \ + $xtmp/var/lib/dbus/machine-id + > $xtmp/etc/machine-id +} + + +cleanup-rinse() { + + # check if chroot works + echo "Installed packages in chroot:" + chroot $xtmp rpm -qa|sort + echo -n "CHROOT rpm -qa: " + chroot $xtmp rpm -qa|wc -l + + rm -f $xtmp/etc/resolv.conf $xtmp/post + if [ -d $xtmp/etc/yum.repos.d/orig ]; then + mv $xtmp/etc/yum.repos.d/orig/* $xtmp/etc/yum.repos.d/ + rm -rf $xtmp/etc/yum.repos.d/orig + fi +} + + +tarit() { + + tar $attributes --numeric-owner --one-file-system -C $xtmp -cf - . | $zip > $target.$ext +} + + +rocky() { + + local arch=$1 + local vers=$2 + local domain=$(domainname) + + check + setarch $arch +# mkpost-centos + $l32 rinse --directory $xtmp --distribution rocky-$vers --arch $arch --before-post-install $xtmp/post + domainname $domain # workaround for #613377 + cleanup-rinse + tarit +} + +centos() { + + local arch=$1 + local vers=$2 + local domain=$(domainname) + + check + setarch $arch + mkpost-centos + $l32 rinse --directory $xtmp --distribution centos-$vers --arch $arch --before-post-install $xtmp/post + domainname $domain # workaround for #613377 + cleanup-rinse + tarit +} + + +slc() { + + local arch=$1 + local vers=$2 + + check + setarch $arch + mkpost-slc $vers + $l32 rinse --directory $xtmp --distribution slc-$vers --arch $arch --before-post-install $xtmp/post + cleanup-rinse + tarit +} + + +debgeneric() { + + local DIST=$1 + shift + local mirror=$1 + shift + local arch=$1 + + dist=${DIST%%[0-9][0-9]} + local exc="EXCLUDE_$dist" + [ -n "${!exc}" ] && exc="--exclude=${!exc}" || unset exc + dist=${dist,,} + + check + if [ -n "$INCLUDE_DEBIAN" ]; then + local inc="--include=$INCLUDE_DEBIAN" + fi + + if [ -n "$arch" ]; then + qemu-debootstrap --arch $arch ${exc} $inc $dist $xtmp $mirror + target="${target}_${arch^^}" + else + if [[ $DIST =~ 64 ]]; then + arch=amd64 + else + arch=i386 + fi + debootstrap --arch $arch ${exc} $inc $dist $xtmp $mirror + fi + cleanup-deb + tarit +} + +prtdists() { + + echo "Available: + + ROCKY8_64 + CENTOS5_32 CENTOS5_64 + CENTOS6_32 CENTOS6_64 + CENTOS7_32 CENTOS7_64 + CENTOS8_64 + SLC5_32 SLC5_64 + SLC6_32 SLC6_64 + SLC7_64 + TRUSTY32 TRUSTY64 + XENIAL32 XENIAL64 + BIONIC64 + FOCAL64 + JAMMY64 + SQUEEZE32 SQUEEZE64 + WHEEZY32 WHEEZY64 + JESSIE32 JESSIE64 + STRETCH32 STRETCH64 + BUSTER32 BUSTER64 + BULLSEYE32 BULLSEYE64 + BOOKWORM32 BOOKWORM64 + TRIXIE32 TRIXIE64 + FORKY32 FORKY64 + SID32 SID64 +" +} + +usage() { + + cat <&/dev/null && dpkg --print-architecture | tr a-z A-Z + +# determin if we are a DHCP client or not +# count the : chars in the argument of ip= +n="${ip//[^:]}" +if [[ $ip =~ ^(on|any|dhcp)$ ]]; then + echo DHCPC +elif [ ${#n} -lt 6 ]; then + echo DHCPC +fi + +exit 0 diff --git a/class/20-hwdetect.sh b/class/20-hwdetect.sh new file mode 100755 index 0000000..60b52bc --- /dev/null +++ b/class/20-hwdetect.sh @@ -0,0 +1,35 @@ +#! /bin/bash + +# (c) Thomas Lange, 2002-2013, lange@cs.uni-koeln.de + +# NOTE: Files named *.sh will be evaluated, but their output ignored. + +[ $do_init_tasks -eq 1 ] || return 0 # Do only execute when doing install + +echo 0 > /proc/sys/kernel/printk + +# example how to load modules depending on the kernel version +#case $(uname -r) in +# 2.6*) kernelmodules="$kernelmodules mptspi dm-mod md-mod aes dm-crypt" ;; +# [3456]*) kernelmodules="$kernelmodules mptspi dm-mod md-mod aes dm-crypt" ;; +#esac + +for mod in $kernelmodules; do + [ X$verbose = X1 ] && echo Loading kernel module $mod + modprobe -a $mod 1>/dev/null 2>&1 +done + +# show the basic information about the network interface +ip -br li show up|egrep -v ^lo; ip -br a show up|egrep -v ^lo + +echo $printk > /proc/sys/kernel/printk + +odisklist=$disklist +set_disk_info # recalculate list of available disks +if [ "$disklist" != "$odisklist" ]; then + echo New disklist: $disklist + echo disklist=\"$disklist\" >> $LOGDIR/additional.var +fi + +save_dmesg # save new boot messages (from loading modules) + diff --git a/class/40-parse-profiles.sh b/class/40-parse-profiles.sh new file mode 100755 index 0000000..699afd2 --- /dev/null +++ b/class/40-parse-profiles.sh @@ -0,0 +1,165 @@ +#! /bin/bash + +# parse *.profile and build a curses menu, so the user can select a profile +# +# (c) 2015 by Thomas Lange, lange@cs.uni-koeln.de +# Universitaet zu Koeln + +if [ X$FAI_ACTION = Xinstall -o X$FAI_ACTION = Xdirinstall -o X$FAI_ACTION = X ]; then + : +else + return 0 +fi + +[ "$flag_menu" ] || return 0 + +out=$(tty) +tempfile=$(mktemp) +tempfile2=$(mktemp) +trap "rm -f $tempfile $tempfile2" EXIT INT QUIT + +# declare the data structure, use associative arrays +declare -A arshort +declare -A ardesc +declare -A arlong +declare -A arclasses +declare -a list + + +parse_profile() { + + # read a profile and add all info to the data structure + + local short + local long + local desc + local name + local classes + local lflag=0 + + # disable word splitting when reading a line, this helps reading a keyword without a value + local OIF=$IFS + IFS= + + while read -r line || [[ -n $line ]]; do + + if [[ $line =~ "Name: " ]]; then + if [ -n "$long" ]; then + arlong[$name]="$long" + fi + short= + desc= + long= + classes= + lflag=0 + name=${line##Name: } + [ $debug ] && echo "XX NAME $name found" + list+=("$name") # add new item to list + continue + fi + + if [[ $line =~ "Description: " ]]; then + lflag=0 + desc=${line##Description: } + [ $debug ] && echo "XX $desc found" + ardesc[$name]="$desc" + continue + fi + + if [[ $line =~ "Short: " ]]; then + lflag=0 + short=${line##Short: } + [ $debug ] && echo "XX $short found" + arshort[$name]="$short" + continue + fi + + if [[ $line =~ "Classes: " ]]; then + lflag=0 + classes=${line##Classes: } + [ $debug ] && echo "XX classes found" + arclasses[$name]="$classes" + continue + fi + + if [[ $line =~ "Long: " ]]; then + lflag=1 + long=${line##Long: } + [ $debug ] && echo "XX long found" + + # else it's another long line + elif [ $lflag -eq 1 ]; then + long+="\n$line" + fi + + if [[ $line =~ "Default: " ]]; then + lflag=0 + default=${line##Default: } + continue + fi + + done < $1 + + if [ -n "$long" ]; then + arlong[$name]="$long" + fi + IFS=$OIF +} + +prtresult() { + + # set newclasses which is used by fai-class(1) + local res=$(<$tempfile) + echo "$BASH_SOURCE defined new classes: ${arclasses[$res]}" + newclasses="${arclasses[$res]}" +} + + +# read all files with name matching *.profile +_parsed=0 +shopt -s nullglob +for _f in *.profile; do + parse_profile $_f + _parsed=1 +done +unset _f + +# do nothing if no profile was read +if [ $_parsed -eq 0 ]; then + unset _parsed + return 0 +fi + +# create the argument list containing the menu entries +# and the help text file +for i in "${list[@]}"; do + par+=("$i") + par+=("${ardesc[${i}]}") + par+=("${arshort[${i}]}") + echo "Name: ${i}" >> $tempfile2 + echo -e ${arlong[${i}]} >> $tempfile2 + echo -e "Classes: " ${arclasses[${i}]} "\n" >> $tempfile2 +done +unset i + +while true; do + + dialog --clear --item-help --title "FAI - Fully Automatic Installation" --help-button \ + --default-item "$default" \ + --menu "\nSelect your FAI profile\n\nThe profile will define a list of classes,\nwhich are used by FAI.\n\n\n"\ + 15 70 0 "${par[@]}" 2> $tempfile 1> $out + + _retval=$? + case $_retval in + 0) + prtresult + break ;; + 1) + echo "No profile selected." + break ;; + 2) + dialog --title "Description of all profiles" --textbox $tempfile2 0 0 1> $out;; + esac + +done +unset par ardesc arshort arlong arclasses list tempfile tempfile2 _parsed _retval line diff --git a/class/41-warning.sh b/class/41-warning.sh new file mode 100755 index 0000000..e9f9ec5 --- /dev/null +++ b/class/41-warning.sh @@ -0,0 +1,28 @@ +#! /bin/bash + +if [ X$FAI_ACTION = Xinstall -o X$FAI_ACTION = X ]; then + : +else + return 0 +fi +if [ X$action = Xdirinstall ]; then + return 0 +fi + +grep -q INSTALL $LOGDIR/FAI_CLASSES || return 0 +[ "$flag_menu" ] || return 0 + +out=$(tty) +red=$(mktemp) +echo 'screen_color = (CYAN,RED,ON)' > $red + +DIALOGRC=$red dialog --colors --clear --aspect 6 --title "FAI - Fully Automatic Installation" --trim \ + --msgbox "\n\n If you continue, \n all your data on the disk \n \n|\Zr\Z1 WILL BE DESTROYED \Z0\Zn|\n\n" 0 0 1>$out + +# stop on any error, or if ESC was hit +if [ $? -ne 0 ]; then + task_error 999 +fi + +rm $red +unset red diff --git a/class/50-host-classes b/class/50-host-classes new file mode 100755 index 0000000..fc0d874 --- /dev/null +++ b/class/50-host-classes @@ -0,0 +1,26 @@ +#! /bin/bash + +# assign classes to hosts based on their hostname + +# do not use this if a menu will be presented +[ "$flag_menu" ] && exit 0 + +# use a list of classes for our demo machine +case $HOSTNAME in + faiserver) + echo "FAIBASE DEBIAN DEMO FAISERVER" ;; + demohost|client*) + echo "FAIBASE DEBIAN DEMO" ;; + xfcehost) + echo "FAIBASE DEBIAN DEMO XORG XFCE LVM";; + gnomehost) + echo "FAIBASE DEBIAN DEMO XORG GNOME";; + ubuntuhost) + echo "FAIBASE DEBIAN DEMO UBUNTU JAMMY JAMMY64 XORG";; + rocky) + echo "FAIBASE ROCKY" # you may want to add class XORG here + ifclass AMD64 && echo ROCKY8_64 + ;; + *) + echo "FAIBASE DEBIAN DEMO" ;; +esac diff --git a/class/60-misc b/class/60-misc new file mode 100755 index 0000000..b6592b8 --- /dev/null +++ b/class/60-misc @@ -0,0 +1,11 @@ +#! /bin/bash + +ifclass -o CENTOS ROCKY && exit 0 + +ifclass -o GRUB_PC GRUB_EFI && exit 0 + +if [ -d /sys/firmware/efi ]; then + echo GRUB_EFI +elif ifclass -o I386 AMD64 ; then + echo GRUB_PC +fi diff --git a/class/85-efi-classes b/class/85-efi-classes new file mode 100755 index 0000000..d1123b1 --- /dev/null +++ b/class/85-efi-classes @@ -0,0 +1,14 @@ +#! /bin/bash + +# define classes for disk_config in an EFI environment + +if [ ! -d /sys/firmware/efi ] || ifclass GRUB_PC; then + exit 0 +fi + +for c in CLOUD LVM FAISERVER FAIBASE HW4F_DESKTOP; do + if ifclass $c; then + echo ${c}_EFI + break + fi +done diff --git a/class/CLOUD.var b/class/CLOUD.var new file mode 100644 index 0000000..f4cb485 --- /dev/null +++ b/class/CLOUD.var @@ -0,0 +1 @@ +NIC1=eth0 diff --git a/class/DEBIAN.var b/class/DEBIAN.var new file mode 100644 index 0000000..1d9ba8b --- /dev/null +++ b/class/DEBIAN.var @@ -0,0 +1,26 @@ +release=bullseye +apt_cdn=http://deb.debian.org +security_cdn=http://security.debian.org + +# since bullseye Debian changed the suite name for security +if [ $release = buster ]; then + secsuite=buster/updates +else + secsuite=$release-security +fi + +CONSOLEFONT= +KEYMAP=de-latin1 + +# MODULESLIST contains modules that will be loaded by the new system, +# not during installation these modules will be written to /etc/modules +# If you need a module during installation, add it to $kernelmodules +# in 20-hwdetect.sh. +MODULESLIST="usbhid psmouse" + +# if you have enough RAM (>2GB) you may want to enable this line. It +# also puts /var/cache into a ramdisk. +#FAI_RAMDISKS="$target/var/lib/dpkg $target/var/cache" + +# if you want to use the faiserver as APT proxy +APTPROXY=http://faiserver:3142 diff --git a/class/FAIBASE.var b/class/FAIBASE.var new file mode 100644 index 0000000..fffc220 --- /dev/null +++ b/class/FAIBASE.var @@ -0,0 +1,29 @@ +# default values for installation. You can override them in your *.var files + +# allow installation of packages from unsigned repositories +FAI_ALLOW_UNSIGNED=1 + +# Set UTC=yes if your system clock is set to UTC (GMT), and UTC=no if not. +UTC=yes +TIMEZONE=Europe/Berlin + +# the hash of the root password for the new installed linux system +# pw is "fai" +ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1' + +# errors in tasks greater than this value will cause the installation to stop +STOP_ON_ERROR=700 + +# set parameter for install_packages(8) +MAXPACKAGES=800 + +# Account on the FAI server for saving log files and calling fai-chboot. +# Remove the hash character in the next line to activate this feature +#LOGUSER=fai + +# a user account will be created +username=demo +USERPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1' + +# set a default +FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian" diff --git a/class/GERMAN.var b/class/GERMAN.var new file mode 100644 index 0000000..8638a75 --- /dev/null +++ b/class/GERMAN.var @@ -0,0 +1,3 @@ +# german environment (for Debian) +KEYMAP=de-latin1-nodeadkeys + diff --git a/class/HW4F_DESKTOP.var b/class/HW4F_DESKTOP.var new file mode 100644 index 0000000..d5b0364 --- /dev/null +++ b/class/HW4F_DESKTOP.var @@ -0,0 +1,15 @@ +# set time +UTC=yes +TIMEZONE=Europe/Berlin + +# some install parameters +STOP_ON_ERROR=700 +MAXPACKAGES=800 + +KEYMAP=de-latin1-nodeadkeys + +# start user and password +username=user +USERPW='$5$n4TiokMaqws2PC/i$eqDh77it8N/haBU6OeE6WqbBjI0E1IUczp2EJ7Tr4J/' + +SUPRESS_GNOME_INITIAL_SCREEN=1 diff --git a/class/INSTALL.var b/class/INSTALL.var new file mode 100644 index 0000000..f0c4cbd --- /dev/null +++ b/class/INSTALL.var @@ -0,0 +1 @@ +FAI_ACTION=install diff --git a/class/INVENTORY.var b/class/INVENTORY.var new file mode 100644 index 0000000..6afe995 --- /dev/null +++ b/class/INVENTORY.var @@ -0,0 +1 @@ +FAI_ACTION=inventory diff --git a/class/ROCKY.var b/class/ROCKY.var new file mode 100644 index 0000000..1ec7250 --- /dev/null +++ b/class/ROCKY.var @@ -0,0 +1,9 @@ +CONSOLEFONT=lat9v-16 +KEYMAP=us +DEFAULTLOCALE=en_US.UTF-8 +SUPPORTEDLOCALE=en_US.UTF-8:en_US:en + +# if you install much software and have only few RAM, use the RAM disk +# not for var/cache/yum +#FAI_RAMDISKS="$target/var/lib/rpm $target/var/cache/yum" +FAI_RAMDISKS="$target/var/lib/rpm" diff --git a/class/SYSINFO.var b/class/SYSINFO.var new file mode 100644 index 0000000..617b88d --- /dev/null +++ b/class/SYSINFO.var @@ -0,0 +1 @@ +FAI_ACTION=sysinfo diff --git a/class/UBUNTU.var b/class/UBUNTU.var new file mode 100644 index 0000000..0f99b95 --- /dev/null +++ b/class/UBUNTU.var @@ -0,0 +1,2 @@ +ubuntumirror=http://archive.ubuntu.com +ubuntudist=jammy diff --git a/class/example.profile b/class/example.profile new file mode 100644 index 0000000..e53b13a --- /dev/null +++ b/class/example.profile @@ -0,0 +1,54 @@ +Default: Xfce + +Name: Simple +Description: My first FAI installation +Short: just a very simple example, no xorg, an account called demo +Long: This is the demohost example of FAI. +Additional account called demo with password: fai, root password: fai +All needed packages are already on the CD or USB stick. +Classes: INSTALL FAIBASE DEBIAN DEMO + +Name: Xfce +Description: Xfce desktop, LVM partitioning +Short: A fancy Xfce desktop will be installed, the user account is demo +Long: This is the Xfce desktop example. Additional account called +demo with password: fai, root password: fai +All needed packages are already on the CD or USB stick. +Classes: INSTALL FAIBASE DEBIAN DEMO XORG XFCE LVM + +Name: Gnome +Description: Gnome desktop installation +Short: A Gnome desktop, no LVM, You will get an account called demo +Long: This is the Gnome desktop example. Additional account called +demo with password: fai, root password: fai +You should have a fast network connection, because most packages are +downloaded from the internet. +Classes: INSTALL FAIBASE DEBIAN DEMO XORG GNOME + +Name: Rocky Linux 8 +Description: Rocky Linux 8 with Xfce desktop +Short: A normal Xfce desktop, running Rocky Linux 8 +Long: We use the Debian nfsroot for installing the Rocky Linux 8 OS. +You should have a fast network connection, because most packages are +downloaded from the internet. +Classes: INSTALL FAIBASE ROCKY ROCKY8_64 XORG + +Name: Ubuntu +Description: Ubuntu 22.04 LTS desktop installation +Short: Unity desktop +Long: We use the Debian nfsroot for installing the Ubuntu OS. +You should have a fast network connection, because most packages are +downloaded from the internet. +Classes: INSTALL FAIBASE DEMO DEBIAN UBUNTU JAMMY JAMMY64 XORG + +Name: Inventory +Description: Show hardware info +Short: Show some basic hardware infos +Long: Execute commands for showing hardware info +Classes: INVENTORY + +Name: Sysinfo +Description: Show defailed system information +Short: Show detailed hardware and system information +Long: Execute a lot of commands for collecting system information +Classes: SYSINFO diff --git a/debconf/CLOUD b/debconf/CLOUD new file mode 100644 index 0000000..e3614d6 --- /dev/null +++ b/debconf/CLOUD @@ -0,0 +1,2 @@ +# Linux command line: +grub-pc grub2/linux_cmdline_default string elevator=noop quiet diff --git a/debconf/DEBIAN b/debconf/DEBIAN new file mode 100644 index 0000000..9b23c87 --- /dev/null +++ b/debconf/DEBIAN @@ -0,0 +1,9 @@ +exim4-config exim4/dc_eximconfig_configtype select local delivery only; not on a network +locales locales/default_environment_locale select de_DE.UTF-8 +locales locales/locales_to_be_generated multiselect de_DE.UTF-8 UTF-8 +keyboard-configuration keyboard-configuration/modelcode string pc105 +keyboard-configuration keyboard-configuration/xkb-keymap select us +keyboard-configuration keyboard-configuration/variant select Deutsch +keyboard-configuration keyboard-configuration/model select Generic 105-key (Intl) PC +keyboard-configuration keyboard-configuration/layoutcode string de +keyboard-configuration keyboard-configuration/optionscode string ctrl:nocaps,terminate:ctrl_alt_bksp diff --git a/debconf/GERMAN b/debconf/GERMAN new file mode 100644 index 0000000..cca0416 --- /dev/null +++ b/debconf/GERMAN @@ -0,0 +1,8 @@ +locales locales/default_environment_locale select de_DE.UTF-8 +locales locales/locales_to_be_generated multiselect de_DE.UTF-8 UTF-8 +keyboard-configuration keyboard-configuration/modelcode string pc105 +keyboard-configuration keyboard-configuration/xkb-keymap select de +keyboard-configuration keyboard-configuration/variant select Germany +keyboard-configuration keyboard-configuration/model select Generic 105-key (Intl) PC +keyboard-configuration keyboard-configuration/layoutcode string de +keyboard-configuration keyboard-configuration/optionscode string ctrl:nocaps,terminate:ctrl_alt_bksp diff --git a/debconf/HW4F_DESKTOP b/debconf/HW4F_DESKTOP new file mode 100644 index 0000000..0fec074 --- /dev/null +++ b/debconf/HW4F_DESKTOP @@ -0,0 +1,36 @@ +locales locales/default_environment_locale select de_DE.UTF-8 +locales locales/locales_to_be_generated multiselect de_DE.UTF-8 UTF-8 + +xserver-xorg xserver-xorg/config/inputdevice/keyboard/layout string de +xserver-xorg xserver-xorg/config/inputdevice/keyboard/model string pc105 +xserver-xorg xserver-xorg/config/inputdevice/keyboard/options string lv3:ralt_switch +xserver-xorg xserver-xorg/autodetect_monitor boolean false +xserver-xorg xserver-xorg/autodetect_keyboard boolean true +xserver-xorg xserver-xorg/autodetect_mouse boolean true +xserver-xorg xserver-xorg/autodetect_video_card boolean true + +console-setup console-setup/variant select Germany +console-setup console-setup/charmap select UTF-8 +console-setup console-setup/layoutcode string de +console-setup console-setup/compose select No compose key +console-setup console-setup/fontsize-text select 16 +console-setup console-setup/optionscode string lv3:ralt_switch +console-setup console-setup/layout select Germany +console-setup console-setup/detected note +console-setup console-setup/variantcode string +console-setup console-setup/codesetcode string Lat15 +console-setup console-setup/modelcode string pc105 +console-setup console-setup/ask_detect boolean false +console-setup console-setup/altgr select Right Alt +console-setup console-setup/ttys string /dev/tty[1-6] +console-setup console-setup/model select Generic 105-key (Intl) PC +console-setup console-setup/fontsize-fb select 16 +console-setup console-setup/switch select No temporary switch +console-setup console-setup/codeset select # Latin1 and Latin5 - western Europe and Turkic languages +console-setup console-setup/toggle select No toggling +console-setup console-setup/fontface select VGA +console-setup console-setup/fontsize string 16 + +tzdata tzdata/Zones/Etc select UTC +tzdata tzdata/Zones/Europe select Berlin +tzdata tzdata/Areas select Europe diff --git a/debconf/HW4F_DESKTOP2 b/debconf/HW4F_DESKTOP2 new file mode 100644 index 0000000..85c0d49 --- /dev/null +++ b/debconf/HW4F_DESKTOP2 @@ -0,0 +1,132 @@ +base-passwd base-passwd/group-add boolean true +base-passwd base-passwd/group-change-gid boolean true +base-passwd base-passwd/group-move boolean true +base-passwd base-passwd/group-remove boolean true +base-passwd base-passwd/user-add boolean true +base-passwd base-passwd/user-change-gecos boolean true +base-passwd base-passwd/user-change-gid boolean true +base-passwd base-passwd/user-change-home boolean true +base-passwd base-passwd/user-change-shell boolean true +base-passwd base-passwd/user-change-uid boolean true +base-passwd base-passwd/user-move boolean true +base-passwd base-passwd/user-remove boolean true + +ca-certificates ca-certificates/enable_crts multiselect mozilla/ACCVRAIZ1.crt, mozilla/AC_RAIZ_FNMT-RCM.crt, mozilla/Actalis_Authentication_Root_CA.crt, mozilla/AffirmTrust_Commercial.crt, mozilla/AffirmTrust_Networking.crt, mozilla/AffirmTrust_Premium.crt, mozilla/AffirmTrust_Premium_ECC.crt, mozilla/Amazon_Root_CA_1.crt, mozilla/Amazon_Root_CA_2.crt, mozilla/Amazon_Root_CA_3.crt, mozilla/Amazon_Root_CA_4.crt, mozilla/Atos_TrustedRoot_2011.crt, mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt, mozilla/Baltimore_CyberTrust_Root.crt, mozilla/Buypass_Class_2_Root_CA.crt, mozilla/Buypass_Class_3_Root_CA.crt, mozilla/CA_Disig_Root_R2.crt, mozilla/CFCA_EV_ROOT.crt, mozilla/COMODO_Certification_Authority.crt, mozilla/COMODO_ECC_Certification_Authority.crt, mozilla/COMODO_RSA_Certification_Authority.crt, mozilla/Certigna.crt, mozilla/Certinomis_-_Root_CA.crt, mozilla/Certplus_Class_2_Primary_CA.crt, mozilla/Certum_Trusted_Network_CA.crt, mozilla/Certum_Trusted_Network_CA_2.crt, mozilla/Chambers_of_Commerce_Root_-_2008.crt, mozilla/Comodo_AAA_Services_root.crt, mozilla/Cybertrust_Global_Root.crt, mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt, mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt, mozilla/DST_Root_CA_X3.crt, mozilla/Deutsche_Telekom_Root_CA_2.crt, mozilla/DigiCert_Assured_ID_Root_CA.crt, mozilla/DigiCert_Assured_ID_Root_G2.crt, mozilla/DigiCert_Assured_ID_Root_G3.crt, mozilla/DigiCert_Global_Root_CA.crt, mozilla/DigiCert_Global_Root_G2.crt, mozilla/DigiCert_Global_Root_G3.crt, mozilla/DigiCert_High_Assurance_EV_Root_CA.crt, mozilla/DigiCert_Trusted_Root_G4.crt, mozilla/E-Tugra_Certification_Authority.crt, mozilla/EC-ACC.crt, mozilla/EE_Certification_Centre_Root_CA.crt, mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt, mozilla/Entrust_Root_Certification_Authority.crt, mozilla/Entrust_Root_Certification_Authority_-_EC1.crt, mozilla/Entrust_Root_Certification_Authority_-_G2.crt, mozilla/GDCA_TrustAUTH_R5_ROOT.crt, mozilla/GeoTrust_Global_CA.crt, mozilla/GeoTrust_Primary_Certification_Authority.crt, mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt, mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt, mozilla/GeoTrust_Universal_CA.crt, mozilla/GeoTrust_Universal_CA_2.crt, mozilla/GlobalSign_ECC_Root_CA_-_R4.crt, mozilla/GlobalSign_ECC_Root_CA_-_R5.crt, mozilla/GlobalSign_Root_CA.crt, mozilla/GlobalSign_Root_CA_-_R2.crt, mozilla/GlobalSign_Root_CA_-_R3.crt, mozilla/GlobalSign_Root_CA_-_R6.crt, mozilla/Global_Chambersign_Root_-_2008.crt, mozilla/Go_Daddy_Class_2_CA.crt, mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt, mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt, mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt, mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt, mozilla/Hongkong_Post_Root_CA_1.crt, mozilla/ISRG_Root_X1.crt, mozilla/IdenTrust_Commercial_Root_CA_1.crt, mozilla/IdenTrust_Public_Sector_Root_CA_1.crt, mozilla/Izenpe.com.crt, mozilla/LuxTrust_Global_Root_2.crt, mozilla/Microsec_e-Szigno_Root_CA_2009.crt, mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt, mozilla/Network_Solutions_Certificate_Authority.crt, mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt, mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt, mozilla/OISTE_WISeKey_Global_Root_GC_CA.crt, mozilla/QuoVadis_Root_CA.crt, mozilla/QuoVadis_Root_CA_1_G3.crt, mozilla/QuoVadis_Root_CA_2.crt, mozilla/QuoVadis_Root_CA_2_G3.crt, mozilla/QuoVadis_Root_CA_3.crt, mozilla/QuoVadis_Root_CA_3_G3.crt, mozilla/SSL.com_EV_Root_Certification_Authority_ECC.crt, mozilla/SSL.com_EV_Root_Certification_Authority_RSA_R2.crt, mozilla/SSL.com_Root_Certification_Authority_ECC.crt, mozilla/SSL.com_Root_Certification_Authority_RSA.crt, mozilla/SZAFIR_ROOT_CA2.crt, mozilla/SecureSign_RootCA11.crt, mozilla/SecureTrust_CA.crt, mozilla/Secure_Global_CA.crt, mozilla/Security_Communication_RootCA2.crt, mozilla/Security_Communication_Root_CA.crt, mozilla/Sonera_Class_2_Root_CA.crt, mozilla/Staat_der_Nederlanden_EV_Root_CA.crt, mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt, mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt, mozilla/Starfield_Class_2_CA.crt, mozilla/Starfield_Root_Certificate_Authority_-_G2.crt, mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt, mozilla/SwissSign_Gold_CA_-_G2.crt, mozilla/SwissSign_Silver_CA_-_G2.crt, mozilla/T-TeleSec_GlobalRoot_Class_2.crt, mozilla/T-TeleSec_GlobalRoot_Class_3.crt, mozilla/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt, mozilla/TWCA_Global_Root_CA.crt, mozilla/TWCA_Root_Certification_Authority.crt, mozilla/Taiwan_GRCA.crt, mozilla/TeliaSonera_Root_CA_v1.crt, mozilla/TrustCor_ECA-1.crt, mozilla/TrustCor_RootCert_CA-1.crt, mozilla/TrustCor_RootCert_CA-2.crt, mozilla/Trustis_FPS_Root_CA.crt, mozilla/USERTrust_ECC_Certification_Authority.crt, mozilla/USERTrust_RSA_Certification_Authority.crt, mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt, mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt, mozilla/VeriSign_Universal_Root_Certification_Authority.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt, mozilla/XRamp_Global_CA_Root.crt, mozilla/certSIGN_ROOT_CA.crt, mozilla/ePKI_Root_Certification_Authority.crt, mozilla/thawte_Primary_Root_CA.crt, mozilla/thawte_Primary_Root_CA_-_G2.crt, mozilla/thawte_Primary_Root_CA_-_G3.crt +ca-certificates ca-certificates/new_crts multiselect +ca-certificates ca-certificates/trust_new_crts select yes + +console-setup console-setup/charmap47 select UTF-8 +console-setup console-setup/codeset47 select Guess optimal character set +console-setup console-setup/codesetcode string +console-setup console-setup/fontface47 select Fixed +console-setup console-setup/fontsize-fb47 select 8x16 +console-setup console-setup/fontsize string 8x16 +console-setup console-setup/fontsize-text47 select 8x16 +console-setup console-setup/store_defaults_in_debconf_db boolean true + +cups-bsd cups-bsd/setuplpd boolean false +cups cupsys/backend multiselect lpd, socket, usb, snmp, dnssd +cups cupsys/raw-print boolean true +dash dash/sh boolean true + +debconf debconf/frontend select Dialog +debconf debconf/priority select high + +dictionaries-common dictionaries-common/debconf_database_corruption error +dictionaries-common dictionaries-common/default-ispell select +dictionaries-common dictionaries-common/default-wordlist select deutsch (New German) +dictionaries-common dictionaries-common/invalid_debconf_value error +dictionaries-common dictionaries-common/ispell-autobuildhash-message note +dictionaries-common dictionaries-common/old_wordlist_link boolean true +dictionaries-common dictionaries-common/selecting_ispell_wordlist_default note + +gdm3 gdm3/daemon_name string /usr/sbin/gdm3 +gdm3 shared/default-x-display-manager select gdm3 + +grub-pc grub2/kfreebsd_cmdline_default string quiet splash +grub-pc grub2/linux_cmdline_default string quiet splash +grub-pc grub2/no_efi_extra_removable boolean false +grub-pc grub2/update_nvram boolean true +grub-pc grub-efi/install_devices_disks_changed multiselect +grub-pc grub-efi/install_devices_empty boolean false +grub-pc grub-efi/install_devices_failed boolean false +grub-pc grub-pc/chainload_from_menu.lst boolean true +grub-pc grub-pc/hidden_timeout boolean true +grub-pc grub-pc/install_devices_disks_changed multiselect +grub-pc grub-pc/install_devices_empty boolean false +grub-pc grub-pc/install_devices_failed boolean false +grub-pc grub-pc/install_devices_failed_upgrade boolean true +grub-pc grub-pc/install_devices multiselect /dev/disk/by-id/ata-VBOX_HARDDISK_VB71f9e682-3531daf0 +grub-pc grub-pc/kopt_extracted boolean false +grub-pc grub-pc/mixed_legacy_and_grub2 boolean true +grub-pc grub-pc/postrm_purge_boot_grub boolean false +grub-pc grub-pc/timeout string 0 + +keyboard-configuration console-setup/ask_detect boolean false +keyboard-configuration keyboard-configuration/altgr select The default for the keyboard layout +keyboard-configuration keyboard-configuration/compose select No compose key +keyboard-configuration keyboard-configuration/ctrl_alt_bksp boolean false +keyboard-configuration keyboard-configuration/layoutcode string de +keyboard-configuration keyboard-configuration/layout select German +keyboard-configuration keyboard-configuration/modelcode string pc105 +keyboard-configuration keyboard-configuration/model select Generic 105-key PC (intl.) +keyboard-configuration keyboard-configuration/store_defaults_in_debconf_db boolean true +keyboard-configuration keyboard-configuration/switch select No temporary switch +keyboard-configuration keyboard-configuration/toggle select No toggling +keyboard-configuration keyboard-configuration/unsupported_config_layout boolean true +keyboard-configuration keyboard-configuration/unsupported_config_options boolean true +keyboard-configuration keyboard-configuration/unsupported_layout boolean true +keyboard-configuration keyboard-configuration/unsupported_options boolean true +keyboard-configuration keyboard-configuration/variantcode string +keyboard-configuration keyboard-configuration/variant select German +keyboard-configuration keyboard-configuration/xkb-keymap select + +libc6:amd64 libraries/restart-without-asking boolean false +libc6 glibc/upgrade boolean true +libc6 libraries/restart-without-asking boolean false +libpam0g:amd64 libraries/restart-without-asking boolean false +libpam-runtime libpam-runtime/profiles multiselect unix, systemd, gnome-keyring, capability +libssl1.1:amd64 libraries/restart-without-asking boolean false +linux-base linux-base/removing-running-kernel boolean true + +linux-sound-base linux-sound-base/sound_system select ALSA + +locales locales/default_environment_locale select None + +man-db man-db/auto-update boolean true +man-db man-db/install-setuid boolean false + +memtest86+ shared/memtest86-run-lilo boolean false + +openvpn openvpn/create_tun boolean false + +popularity-contest popularity-contest/participate boolean false + +printer-driver-pnm2ppa pnm2ppa/create_magicfilter boolean false +printer-driver-pnm2ppa pnm2ppa/printer_model select 710 +printer-driver-pnm2ppa pnm2ppa/use_debconf boolean true + +sane-utils sane-utils/saned_run boolean false +sane-utils sane-utils/saned_scanner_group boolean true + +ssl-cert make-ssl-cert/hostname string localhost + +tzdata tzdata/Areas select Etc +tzdata tzdata/Zones/Etc select UTC + +ucf ucf/changeprompt select keep_current +ucf ucf/changeprompt_threeway select keep_current + +ufw ufw/enable boolean false +ufw ufw/existing_configuration error + +unattended-upgrades unattended-upgrades/enable_auto_updates boolean true + +update-inetd update-inetd/ask-disable-entries boolean false +update-inetd update-inetd/ask-entry-present boolean true +update-inetd update-inetd/ask-remove-entries boolean false +update-inetd update-inetd/ask-several-entries boolean true + +xserver-xorg-legacy xserver-xorg-legacy/xwrapper/actual_allowed_users string console +xserver-xorg-legacy xserver-xorg-legacy/xwrapper/allowed_users select Console Users Only + diff --git a/debconf/UBUNTU_DESKTOP b/debconf/UBUNTU_DESKTOP new file mode 100644 index 0000000..aea3fdf --- /dev/null +++ b/debconf/UBUNTU_DESKTOP @@ -0,0 +1,261 @@ +dictionaries-common dictionaries-common/selecting_ispell_wordlist_default note +# Choices: Alle Locales, aa_DJ ISO-8859-1, aa_DJ.UTF-8 UTF-8, aa_ER UTF-8, aa_ER@saaho UTF-8, aa_ET UTF-8, af_ZA ISO-8859-1, af_ZA.UTF-8 UTF-8, agr_PE UTF-8, ak_GH UTF-8, am_ET UTF-8, an_ES ISO-8859-15, an_ES.UTF-8 UTF-8, anp_IN UTF-8, ar_AE ISO-8859-6, ar_AE.UTF-8 UTF-8, ar_BH ISO-8859-6, ar_BH.UTF-8 UTF-8, ar_DZ ISO-8859-6, ar_DZ.UTF-8 UTF-8, ar_EG ISO-8859-6, ar_EG.UTF-8 UTF-8, ar_IN UTF-8, ar_IQ ISO-8859-6, ar_IQ.UTF-8 UTF-8, ar_JO ISO-8859-6, ar_JO.UTF-8 UTF-8, ar_KW ISO-8859-6, ar_KW.UTF-8 UTF-8, ar_LB ISO-8859-6, ar_LB.UTF-8 UTF-8, ar_LY ISO-8859-6, ar_LY.UTF-8 UTF-8, ar_MA ISO-8859-6, ar_MA.UTF-8 UTF-8, ar_OM ISO-8859-6, ar_OM.UTF-8 UTF-8, ar_QA ISO-8859-6, ar_QA.UTF-8 UTF-8, ar_SA ISO-8859-6, ar_SA.UTF-8 UTF-8, ar_SD ISO-8859-6, ar_SD.UTF-8 UTF-8, ar_SS UTF-8, ar_SY ISO-8859-6, ar_SY.UTF-8 UTF-8, ar_TN ISO-8859-6, ar_TN.UTF-8 UTF-8, ar_YE ISO-8859-6, ar_YE.UTF-8 UTF-8, as_IN UTF-8, ast_ES ISO-8859-15, ast_ES.UTF-8 UTF-8, ayc_PE UTF-8, az_AZ UTF-8, az_IR UTF-8, be_BY CP1251, be_BY.UTF-8 UTF-8, be_BY@latin UTF-8, bem_ZM UTF-8, ber_DZ UTF-8, ber_MA UTF-8, bg_BG CP1251, bg_BG.UTF-8 UTF-8, bhb_IN.UTF-8 UTF-8, bho_IN UTF-8, bho_NP UTF-8, bi_VU UTF-8, bn_BD UTF-8, bn_IN UTF-8, bo_CN UTF-8, bo_IN UTF-8, br_FR ISO-8859-1, br_FR.UTF-8 UTF-8, br_FR@euro ISO-8859-15, brx_IN UTF-8, bs_BA ISO-8859-2, bs_BA.UTF-8 UTF-8, byn_ER UTF-8, ca_AD ISO-8859-15, ca_AD.UTF-8 UTF-8, ca_ES ISO-8859-1, ca_ES.UTF-8 UTF-8, ca_ES@euro ISO-8859-15, ca_ES@valencia UTF-8, ca_FR ISO-8859-15, ca_FR.UTF-8 UTF-8, ca_IT ISO-8859-15, ca_IT.UTF-8 UTF-8, ce_RU UTF-8, chr_US UTF-8, ckb_IQ UTF-8, cmn_TW UTF-8, crh_UA UTF-8, cs_CZ ISO-8859-2, cs_CZ.UTF-8 UTF-8, csb_PL UTF-8, cv_RU UTF-8, cy_GB ISO-8859-14, cy_GB.UTF-8 UTF-8, da_DK ISO-8859-1, da_DK.UTF-8 UTF-8, de_AT ISO-8859-1, de_AT.UTF-8 UTF-8, de_AT@euro ISO-8859-15, de_BE ISO-8859-1, de_BE.UTF-8 UTF-8, de_BE@euro ISO-8859-15, de_CH ISO-8859-1, de_CH.UTF-8 UTF-8, de_DE ISO-8859-1, de_DE.UTF-8 UTF-8, de_DE@euro ISO-8859-15, de_IT ISO-8859-1, de_IT.UTF-8 UTF-8, de_LI.UTF-8 UTF-8, de_LU ISO-8859-1, de_LU.UTF-8 UTF-8, de_LU@euro ISO-8859-15, doi_IN UTF-8, dsb_DE UTF-8, dv_MV UTF-8, dz_BT UTF-8, el_CY ISO-8859-7, el_CY.UTF-8 UTF-8, el_GR ISO-8859-7, el_GR.UTF-8 UTF-8, el_GR@euro ISO-8859-7, en_AG UTF-8, en_AU ISO-8859-1, en_AU.UTF-8 UTF-8, en_BW ISO-8859-1, en_BW.UTF-8 UTF-8, en_CA ISO-8859-1, en_CA.UTF-8 UTF-8, en_DK ISO-8859-1, en_DK.ISO-8859-15 ISO-8859-15, en_DK.UTF-8 UTF-8, en_GB ISO-8859-1, en_GB.ISO-8859-15 ISO-8859-15, en_GB.UTF-8 UTF-8, en_HK ISO-8859-1, en_HK.UTF-8 UTF-8, en_IE ISO-8859-1, en_IE.UTF-8 UTF-8, en_IE@euro ISO-8859-15, en_IL UTF-8, en_IN UTF-8, en_NG UTF-8, en_NZ ISO-8859-1, en_NZ.UTF-8 UTF-8, en_PH ISO-8859-1, en_PH.UTF-8 UTF-8, en_SC.UTF-8 UTF-8, en_SG ISO-8859-1, en_SG.UTF-8 UTF-8, en_US ISO-8859-1, en_US.ISO-8859-15 ISO-8859-15, en_US.UTF-8 UTF-8, en_ZA ISO-8859-1, en_ZA.UTF-8 UTF-8, en_ZM UTF-8, en_ZW ISO-8859-1, en_ZW.UTF-8 UTF-8, eo UTF-8, eo_US.UTF-8 UTF-8, es_AR ISO-8859-1, es_AR.UTF-8 UTF-8, es_BO ISO-8859-1, es_BO.UTF-8 UTF-8, es_CL ISO-8859-1, es_CL.UTF-8 UTF-8, es_CO ISO-8859-1, es_CO.UTF-8 UTF-8, es_CR ISO-8859-1, es_CR.UTF-8 UTF-8, es_CU UTF-8, es_DO ISO-8859-1, es_DO.UTF-8 UTF-8, es_EC ISO-8859-1, es_EC.UTF-8 UTF-8, es_ES ISO-8859-1, es_ES.UTF-8 UTF-8, es_ES@euro ISO-8859-15, es_GT ISO-8859-1, es_GT.UTF-8 UTF-8, es_HN ISO-8859-1, es_HN.UTF-8 UTF-8, es_MX ISO-8859-1, es_MX.UTF-8 UTF-8, es_NI ISO-8859-1, es_NI.UTF-8 UTF-8, es_PA ISO-8859-1, es_PA.UTF-8 UTF-8, es_PE ISO-8859-1, es_PE.UTF-8 UTF-8, es_PR ISO-8859-1, es_PR.UTF-8 UTF-8, es_PY ISO-8859-1, es_PY.UTF-8 UTF-8, es_SV ISO-8859-1, es_SV.UTF-8 UTF-8, es_US ISO-8859-1, es_US.UTF-8 UTF-8, es_UY ISO-8859-1, es_UY.UTF-8 UTF-8, es_VE ISO-8859-1, es_VE.UTF-8 UTF-8, et_EE ISO-8859-1, et_EE.ISO-8859-15 ISO-8859-15, et_EE.UTF-8 UTF-8, eu_ES ISO-8859-1, eu_ES.UTF-8 UTF-8, eu_ES@euro ISO-8859-15, eu_FR ISO-8859-1, eu_FR.UTF-8 UTF-8, eu_FR@euro ISO-8859-15, fa_IR UTF-8, ff_SN UTF-8, fi_FI ISO-8859-1, fi_FI.UTF-8 UTF-8, fi_FI@euro ISO-8859-15, fil_PH UTF-8, fo_FO ISO-8859-1, fo_FO.UTF-8 UTF-8, fr_BE ISO-8859-1, fr_BE.UTF-8 UTF-8, fr_BE@euro ISO-8859-15, fr_CA ISO-8859-1, fr_CA.UTF-8 UTF-8, fr_CH ISO-8859-1, fr_CH.UTF-8 UTF-8, fr_FR ISO-8859-1, fr_FR.UTF-8 UTF-8, fr_FR@euro ISO-8859-15, fr_LU ISO-8859-1, fr_LU.UTF-8 UTF-8, fr_LU@euro ISO-8859-15, fur_IT UTF-8, fy_DE UTF-8, fy_NL UTF-8, ga_IE ISO-8859-1, ga_IE.UTF-8 UTF-8, ga_IE@euro ISO-8859-15, gd_GB ISO-8859-15, gd_GB.UTF-8 UTF-8, gez_ER UTF-8, gez_ER@abegede UTF-8, gez_ET UTF-8, gez_ET@abegede UTF-8, gl_ES ISO-8859-1, gl_ES.UTF-8 UTF-8, gl_ES@euro ISO-8859-15, gu_IN UTF-8, gv_GB ISO-8859-1, gv_GB.UTF-8 UTF-8, ha_NG UTF-8, hak_TW UTF-8, he_IL ISO-8859-8, he_IL.UTF-8 UTF-8, hi_IN UTF-8, hif_FJ UTF-8, hne_IN UTF-8, hr_HR ISO-8859-2, hr_HR.UTF-8 UTF-8, hsb_DE ISO-8859-2, hsb_DE.UTF-8 UTF-8, ht_HT UTF-8, hu_HU ISO-8859-2, hu_HU.UTF-8 UTF-8, hy_AM UTF-8, hy_AM.ARMSCII-8 ARMSCII-8, ia_FR UTF-8, id_ID ISO-8859-1, id_ID.UTF-8 UTF-8, ig_NG UTF-8, ik_CA UTF-8, is_IS ISO-8859-1, is_IS.UTF-8 UTF-8, it_CH ISO-8859-1, it_CH.UTF-8 UTF-8, it_IT ISO-8859-1, it_IT.UTF-8 UTF-8, it_IT@euro ISO-8859-15, iu_CA UTF-8, ja_JP.EUC-JP EUC-JP, ja_JP.UTF-8 UTF-8, ka_GE GEORGIAN-PS, ka_GE.UTF-8 UTF-8, kab_DZ UTF-8, kk_KZ PT154, kk_KZ.RK1048 RK1048, kk_KZ.UTF-8 UTF-8, kl_GL ISO-8859-1, kl_GL.UTF-8 UTF-8, km_KH UTF-8, kn_IN UTF-8, ko_KR.EUC-KR EUC-KR, ko_KR.UTF-8 UTF-8, kok_IN UTF-8, ks_IN UTF-8, ks_IN@devanagari UTF-8, ku_TR ISO-8859-9, ku_TR.UTF-8 UTF-8, kw_GB ISO-8859-1, kw_GB.UTF-8 UTF-8, ky_KG UTF-8, lb_LU UTF-8, lg_UG ISO-8859-10, lg_UG.UTF-8 UTF-8, li_BE UTF-8, li_NL UTF-8, lij_IT UTF-8, ln_CD UTF-8, lo_LA UTF-8, lt_LT ISO-8859-13, lt_LT.UTF-8 UTF-8, lv_LV ISO-8859-13, lv_LV.UTF-8 UTF-8, lzh_TW UTF-8, mag_IN UTF-8, mai_IN UTF-8, mai_NP UTF-8, mfe_MU UTF-8, mg_MG ISO-8859-15, mg_MG.UTF-8 UTF-8, mhr_RU UTF-8, mi_NZ ISO-8859-13, mi_NZ.UTF-8 UTF-8, miq_NI UTF-8, mjw_IN UTF-8, mk_MK ISO-8859-5, mk_MK.UTF-8 UTF-8, ml_IN UTF-8, mn_MN UTF-8, mni_IN UTF-8, mnw_MM UTF-8, mr_IN UTF-8, ms_MY ISO-8859-1, ms_MY.UTF-8 UTF-8, mt_MT ISO-8859-3, mt_MT.UTF-8 UTF-8, my_MM UTF-8, nan_TW UTF-8, nan_TW@latin UTF-8, nb_NO ISO-8859-1, nb_NO.UTF-8 UTF-8, nds_DE UTF-8, nds_NL UTF-8, ne_NP UTF-8, nhn_MX UTF-8, niu_NU UTF-8, niu_NZ UTF-8, nl_AW UTF-8, nl_BE ISO-8859-1, nl_BE.UTF-8 UTF-8, nl_BE@euro ISO-8859-15, nl_NL ISO-8859-1, nl_NL.UTF-8 UTF-8, nl_NL@euro ISO-8859-15, nn_NO ISO-8859-1, nn_NO.UTF-8 UTF-8, nr_ZA UTF-8, nso_ZA UTF-8, oc_FR ISO-8859-1, oc_FR.UTF-8 UTF-8, om_ET UTF-8, om_KE ISO-8859-1, om_KE.UTF-8 UTF-8, or_IN UTF-8, os_RU UTF-8, pa_IN UTF-8, pa_PK UTF-8, pap_AW UTF-8, pap_CW UTF-8, pl_PL ISO-8859-2, pl_PL.UTF-8 UTF-8, ps_AF UTF-8, pt_BR ISO-8859-1, pt_BR.UTF-8 UTF-8, pt_PT ISO-8859-1, pt_PT.UTF-8 UTF-8, pt_PT@euro ISO-8859-15, quz_PE UTF-8, raj_IN UTF-8, ro_RO ISO-8859-2, ro_RO.UTF-8 UTF-8, ru_RU ISO-8859-5, ru_RU.CP1251 CP1251, ru_RU.KOI8-R KOI8-R, ru_RU.UTF-8 UTF-8, ru_UA KOI8-U, ru_UA.UTF-8 UTF-8, rw_RW UTF-8, sa_IN UTF-8, sah_RU UTF-8, sat_IN UTF-8, sc_IT UTF-8, sd_IN UTF-8, sd_IN@devanagari UTF-8, sd_PK UTF-8, se_NO UTF-8, sgs_LT UTF-8, shn_MM UTF-8, shs_CA UTF-8, si_LK UTF-8, sid_ET UTF-8, sk_SK ISO-8859-2, sk_SK.UTF-8 UTF-8, sl_SI ISO-8859-2, sl_SI.UTF-8 UTF-8, sm_WS UTF-8, so_DJ ISO-8859-1, so_DJ.UTF-8 UTF-8, so_ET UTF-8, so_KE ISO-8859-1, so_KE.UTF-8 UTF-8, so_SO ISO-8859-1, so_SO.UTF-8 UTF-8, sq_AL ISO-8859-1, sq_AL.UTF-8 UTF-8, sq_MK UTF-8, sr_ME UTF-8, sr_RS UTF-8, sr_RS@latin UTF-8, ss_ZA UTF-8, st_ZA ISO-8859-1, st_ZA.UTF-8 UTF-8, sv_FI ISO-8859-1, sv_FI.UTF-8 UTF-8, sv_FI@euro ISO-8859-15, sv_SE ISO-8859-1, sv_SE.ISO-8859-15 ISO-8859-15, sv_SE.UTF-8 UTF-8, sw_KE UTF-8, sw_TZ UTF-8, szl_PL UTF-8, ta_IN UTF-8, ta_LK UTF-8, tcy_IN.UTF-8 UTF-8, te_IN UTF-8, tg_TJ KOI8-T, tg_TJ.UTF-8 UTF-8, th_TH TIS-620, th_TH.UTF-8 UTF-8, the_NP UTF-8, ti_ER UTF-8, ti_ET UTF-8, tig_ER UTF-8, tk_TM UTF-8, tl_PH ISO-8859-1, tl_PH.UTF-8 UTF-8, tn_ZA UTF-8, to_TO UTF-8, tpi_PG UTF-8, tr_CY ISO-8859-9, tr_CY.UTF-8 UTF-8, tr_TR ISO-8859-9, tr_TR.UTF-8 UTF-8, ts_ZA UTF-8, tt_RU UTF-8, tt_RU@iqtelif UTF-8, ug_CN UTF-8, ug_CN@latin UTF-8, uk_UA KOI8-U, uk_UA.UTF-8 UTF-8, unm_US UTF-8, ur_IN UTF-8, ur_PK UTF-8, uz_UZ ISO-8859-1, uz_UZ.UTF-8 UTF-8, uz_UZ@cyrillic UTF-8, ve_ZA UTF-8, vi_VN UTF-8, wa_BE ISO-8859-1, wa_BE.UTF-8 UTF-8, wa_BE@euro ISO-8859-15, wae_CH UTF-8, wal_ET UTF-8, wo_SN UTF-8, xh_ZA ISO-8859-1, xh_ZA.UTF-8 UTF-8, yi_US CP1255, yi_US.UTF-8 UTF-8, yo_NG UTF-8, yue_HK UTF-8, yuw_PG UTF-8, zh_CN GB2312, zh_CN.GB18030 GB18030, zh_CN.GBK GBK, zh_CN.UTF-8 UTF-8, zh_HK BIG5-HKSCS, zh_HK.UTF-8 UTF-8, zh_SG GB2312, zh_SG.GBK GBK, zh_SG.UTF-8 UTF-8, zh_TW BIG5, zh_TW.EUC-TW EUC-TW, zh_TW.UTF-8 UTF-8, zu_ZA ISO-8859-1, zu_ZA.UTF-8 UTF-8 +locales locales/locales_to_be_generated multiselect +# Zeitzone: +# Choices: Abidjan, Accra, Addis Abeba, Algier, Asmara, Bamako, Bangui, Banjul, Bissau, Blantyre, Brazzaville, Bujumbura, Kairo, Casablanca, Ceuta, Conakry, Dakar, Dar es Salam, Dschibuti, Duala, El Ajun, Freetown, Gaborone, Harare, Johannesburg, Juba, Kampala, Khartum, Kigali, Kinshasa, Lagos, Libreville, Lomé, Luanda, Lubumbashi, Lusaka, Malabo, Maputo, Maseru, Mbabane, Mogadischu, Monrovia, Nairobi, Ndjamena, Niamey, Nouakchott, Ouagadougou, Porto-Novo, São Tomé, Timbuktu, Tripolis, Tunis, Windhoek +tzdata tzdata/Zones/Africa select +# Zusätzliche autorisierte Dienste: +ufw ufw/allow_custom_ports string +# Inkompatible PAM-Profile ausgewählt. +libpam-runtime libpam-runtime/conflicts error +# Dienste bei Paket-Upgrades ohne Rückfrage neu starten? +libc6 libraries/restart-without-asking boolean false +libc6:amd64 libraries/restart-without-asking boolean false +libpam0g:amd64 libraries/restart-without-asking boolean false +libssl1.1:amd64 libraries/restart-without-asking boolean false +# Standard-Befehlszeile für Linux: +grub-pc grub2/linux_cmdline_default string quiet splash +# Participate in the package usage survey? +popularity-contest popularity-contest/participate boolean false +# Methode zur Umschaltung zwischen nationalem und lateinischem Modus: +# Choices: Feststelltaste, Alt rechts (AltGr), Strg rechts, Umschalttaste rechts, Windows-Taste rechts, Menütaste, Alt+Umschalttaste, Strg+Umschalttaste, Strg+Alt, Alt+Feststelltaste, Strg links+Umschalttaste links, Alt links, Strg links, Umschalttaste links, Windows-Taste links, Rollen-Taste, Keine Umschaltung +keyboard-configuration keyboard-configuration/toggle select No toggling +# Möchten Sie man und mandb »setuid man« installieren? +man-db man-db/install-setuid boolean false +# Kernelversion wird nicht unterstützt +libc6 glibc/kernel-not-supported note +libc6:amd64 glibc/kernel-not-supported note +# Rechnername: +ssl-cert make-ssl-cert/hostname string localhost +console-setup console-setup/charmap47 select UTF-8 + +# TODO: set later +grub-pc grub-pc/install_devices multiselect /dev/disk/by-id/ata-VBOX_HARDDISK_VB71f9e682-3531daf0 + +console-setup console-setup/fontface47 select Fixed +# Zeitzone: +# Choices: Casey, Davis, DumontDUrville, Macquarieinsel, Mawson, McMurdo, Palmer, Rothera, Syowa, Troll, Vostok +tzdata tzdata/Zones/Antarctica select +console-setup console-setup/codesetcode string +# Aktuelle Optionen der Tastaturbelegung in der Konfigurationsdatei behalten? +keyboard-configuration keyboard-configuration/unsupported_config_options boolean true +# Standard-Standorteinstellung für die Systemumgebung: +# Choices: Keine, C.UTF-8, +locales locales/default_environment_locale select None +# Zeitzone: +# Choices: Adak, Anchorage, Anguilla, Antigua, Aracaju, Argentinien/Buenos Aires, Argentinien/Catamarca, Argentinien/Córdoba, Argentinien/Jujuy, Argentinien/La Rioja, Argentinien/Mendoza, Argentinien/Río Gallegos, Argentinien/Salta, Argentinien/San Juan, Argentinien/San Luis, Argentinien/Tucumán, Argentinien/Ushuaia, Aruba, Asunción, Atikokan, Atka, Bahia, Bahia Banderas, Barbados, Belém, Belize, Blanc-Sablon, Boa Vista, Bogotá, Boise, Cambridge Bay, Campo Grande, Cancún, Caracas, Cayenne, Kaiman, Chicago, Chihuahua, Coral Harbour, Costa Rica, Creston, Cuiabá, Curaçao, Danmarkshavn, Dawson, Dawson Creek, Denver, Detroit, Dominica, Edmonton, Eirunepe, El Salvador, Ensenada, Fort Nelson, Fortaleza, Glace Bay, Godthåb, Goose Bay, Grand Turk, Grenada, Guadeloupe, Guatemala, Guayaquil, Guyana, Halifax, Havana, Hermosillo, Indiana/Indianapolis, Indiana/Knox, Indiana/Marengo, Indiana/Petersburg, Indiana/Tell City, Indiana/Vevay, Indiana/Vincennes, Indiana/Winamac, Inuvik, Iqaluit, Jamaika, Juneau, Kentucky/Louisville, Kentucky/Monticello, Kralendijk, La Paz, Lima, Los Angeles, Lower Princes, Maceió, Managua, Manaus, Marigot, Martinique, Matamoros, Mazatlán, Menominee, Mérida, Metlakatla, Mexiko-Stadt, Miquelon, Moncton, Monterrey, Montevideo, Montreal, Montserrat, Nassau, New York, Nipigon, Nome, Noronha, North Dakota/Beulah, North Dakota/Zentral, North Dakota/New Salem, Nuuk, Ojinaga, Panama, Pangnirtung, Paramaribo, Phoenix, Port-au-Prince, Port of Spain, Porto Acre, Pôrto Velho, Puerto Rico, Punta Arenas, Rainy River, Rankin Inlet, Recife, Regina, Resolute, Rio Branco, Santa Isabel, Santarém, Santiago, Santo Domingo, São Paulo, Scoresbysund, Shiprock, Sitka, Saint-Barthélemy, St Johns, St Kitts, St Lucia, St Thomas, St Vincent, Swift Current, Tegucigalpa, Thule, Thunder Bay, Tijuana, Toronto, Tortola, Vancouver, Virgin, Whitehorse, Winnipeg, Yakutat, Yellowknife +tzdata tzdata/Zones/America select +grub-pc grub2/update_nvram boolean true +dictionaries-common dictionaries-common/invalid_debconf_value error +libpam0g:amd64 libpam0g/restart-services string +popularity-contest popularity-contest/submiturls string +console-setup console-setup/fontsize-text47 select 8x16 +iproute2 iproute2/setcaps boolean false +ucf ucf/conflicts_found error +keyboard-configuration keyboard-configuration/store_defaults_in_debconf_db boolean true +# Möchten Sie, dass CUPS unbekannte Druckaufträge unbearbeitet (raw) druckt? +cups cupsys/raw-print boolean true +grub-pc grub2/kfreebsd_cmdline string +grub-pc grub-pc/timeout string 0 +tzdata tzdata/Zones/Etc select UTC +tzdata tzdata/Zones/Australia select +base-passwd base-passwd/group-add boolean true +keyboard-configuration keyboard-configuration/layoutcode string de +gdm3 shared/default-x-display-manager select gdm3 +keyboard-configuration keyboard-configuration/xkb-keymap select +keyboard-configuration keyboard-configuration/modelcode string pc105 +tzdata tzdata/Zones/Arctic select +linux-base linux-base/removing-running-kernel boolean true +# Saned-Benutzer zu der Scanner-Gruppe hinzufügen? +sane-utils sane-utils/saned_scanner_group boolean true +# Möchten Sie das Upgrade von Glibc jetzt durchführen? +libc6 glibc/upgrade boolean true +libc6:amd64 glibc/upgrade boolean true +# Hide the GRUB timeout; for internal use +grub-pc grub-pc/hidden_timeout boolean true +# Choices: american (American English), british (British English), deutsch (New German), deutsch (Old German), deutsch (Swiss German), Manuelle Einrichtung von symbolischen Verweisen +dictionaries-common dictionaries-common/default-wordlist select deutsch (New German) +console-setup console-setup/codeset47 select Guess optimal character set +keyboard-configuration keyboard-configuration/ctrl_alt_bksp boolean false +grub-pc grub-pc/install_devices_disks_changed multiselect +libpam0g:amd64 libpam0g/restart-failed error +xserver-xorg-legacy xserver-xorg-legacy/xwrapper/allowed_users select Console Users Only +libpam-modules libpam-modules/disable-screensaver error +dash dash/sh boolean true +apparmor apparmor/homedirs string +libc6 glibc/restart-failed error +libc6:amd64 glibc/restart-failed error +grub-pc grub-pc/kopt_extracted boolean false +libpam-runtime libpam-runtime/profiles multiselect unix, systemd, gnome-keyring, capability +grub-pc grub-pc/chainload_from_menu.lst boolean true +grub-pc grub-pc/install_devices_failed_upgrade boolean true +keyboard-configuration keyboard-configuration/altgr select The default for the keyboard layout +printer-driver-pnm2ppa pnm2ppa/use_debconf boolean true +# for internal use +console-setup console-setup/store_defaults_in_debconf_db boolean true +# for internal use +console-setup console-setup/fontsize string 8x16 +# Methode zum vorübergehenden Wechseln zwischen nationaler und lateinischer Eingabe: +# Choices: Kein vorübergehender Wechsel, Beide Windows-Tasten, Alt rechts (AltGr), Windows-Taste rechts, Alt links, Windows-Taste links +keyboard-configuration keyboard-configuration/switch select No temporary switch +grub-pc grub-efi/install_devices multiselect +ubuntu-drivers-common ubuntu-drivers-common/obsolete-driver error +base-passwd base-passwd/group-change-gid boolean true +man-db man-db/auto-update boolean true +console-setup console-setup/fontsize-fb47 select 8x16 +ca-certificates ca-certificates/enable_crts multiselect mozilla/ACCVRAIZ1.crt, mozilla/AC_RAIZ_FNMT-RCM.crt, mozilla/Actalis_Authentication_Root_CA.crt, mozilla/AffirmTrust_Commercial.crt, mozilla/AffirmTrust_Networking.crt, mozilla/AffirmTrust_Premium.crt, mozilla/AffirmTrust_Premium_ECC.crt, mozilla/Amazon_Root_CA_1.crt, mozilla/Amazon_Root_CA_2.crt, mozilla/Amazon_Root_CA_3.crt, mozilla/Amazon_Root_CA_4.crt, mozilla/Atos_TrustedRoot_2011.crt, mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt, mozilla/Baltimore_CyberTrust_Root.crt, mozilla/Buypass_Class_2_Root_CA.crt, mozilla/Buypass_Class_3_Root_CA.crt, mozilla/CA_Disig_Root_R2.crt, mozilla/CFCA_EV_ROOT.crt, mozilla/COMODO_Certification_Authority.crt, mozilla/COMODO_ECC_Certification_Authority.crt, mozilla/COMODO_RSA_Certification_Authority.crt, mozilla/Certigna.crt, mozilla/Certinomis_-_Root_CA.crt, mozilla/Certplus_Class_2_Primary_CA.crt, mozilla/Certum_Trusted_Network_CA.crt, mozilla/Certum_Trusted_Network_CA_2.crt, mozilla/Chambers_of_Commerce_Root_-_2008.crt, mozilla/Comodo_AAA_Services_root.crt, mozilla/Cybertrust_Global_Root.crt, mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt, mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt, mozilla/DST_Root_CA_X3.crt, mozilla/Deutsche_Telekom_Root_CA_2.crt, mozilla/DigiCert_Assured_ID_Root_CA.crt, mozilla/DigiCert_Assured_ID_Root_G2.crt, mozilla/DigiCert_Assured_ID_Root_G3.crt, mozilla/DigiCert_Global_Root_CA.crt, mozilla/DigiCert_Global_Root_G2.crt, mozilla/DigiCert_Global_Root_G3.crt, mozilla/DigiCert_High_Assurance_EV_Root_CA.crt, mozilla/DigiCert_Trusted_Root_G4.crt, mozilla/E-Tugra_Certification_Authority.crt, mozilla/EC-ACC.crt, mozilla/EE_Certification_Centre_Root_CA.crt, mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt, mozilla/Entrust_Root_Certification_Authority.crt, mozilla/Entrust_Root_Certification_Authority_-_EC1.crt, mozilla/Entrust_Root_Certification_Authority_-_G2.crt, mozilla/GDCA_TrustAUTH_R5_ROOT.crt, mozilla/GeoTrust_Global_CA.crt, mozilla/GeoTrust_Primary_Certification_Authority.crt, mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt, mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt, mozilla/GeoTrust_Universal_CA.crt, mozilla/GeoTrust_Universal_CA_2.crt, mozilla/GlobalSign_ECC_Root_CA_-_R4.crt, mozilla/GlobalSign_ECC_Root_CA_-_R5.crt, mozilla/GlobalSign_Root_CA.crt, mozilla/GlobalSign_Root_CA_-_R2.crt, mozilla/GlobalSign_Root_CA_-_R3.crt, mozilla/GlobalSign_Root_CA_-_R6.crt, mozilla/Global_Chambersign_Root_-_2008.crt, mozilla/Go_Daddy_Class_2_CA.crt, mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt, mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt, mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt, mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt, mozilla/Hongkong_Post_Root_CA_1.crt, mozilla/ISRG_Root_X1.crt, mozilla/IdenTrust_Commercial_Root_CA_1.crt, mozilla/IdenTrust_Public_Sector_Root_CA_1.crt, mozilla/Izenpe.com.crt, mozilla/LuxTrust_Global_Root_2.crt, mozilla/Microsec_e-Szigno_Root_CA_2009.crt, mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt, mozilla/Network_Solutions_Certificate_Authority.crt, mozilla/OISTE_WISeKey_Global_Root_GA_CA.crt, mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt, mozilla/OISTE_WISeKey_Global_Root_GC_CA.crt, mozilla/QuoVadis_Root_CA.crt, mozilla/QuoVadis_Root_CA_1_G3.crt, mozilla/QuoVadis_Root_CA_2.crt, mozilla/QuoVadis_Root_CA_2_G3.crt, mozilla/QuoVadis_Root_CA_3.crt, mozilla/QuoVadis_Root_CA_3_G3.crt, mozilla/SSL.com_EV_Root_Certification_Authority_ECC.crt, mozilla/SSL.com_EV_Root_Certification_Authority_RSA_R2.crt, mozilla/SSL.com_Root_Certification_Authority_ECC.crt, mozilla/SSL.com_Root_Certification_Authority_RSA.crt, mozilla/SZAFIR_ROOT_CA2.crt, mozilla/SecureSign_RootCA11.crt, mozilla/SecureTrust_CA.crt, mozilla/Secure_Global_CA.crt, mozilla/Security_Communication_RootCA2.crt, mozilla/Security_Communication_Root_CA.crt, mozilla/Sonera_Class_2_Root_CA.crt, mozilla/Staat_der_Nederlanden_EV_Root_CA.crt, mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt, mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt, mozilla/Starfield_Class_2_CA.crt, mozilla/Starfield_Root_Certificate_Authority_-_G2.crt, mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt, mozilla/SwissSign_Gold_CA_-_G2.crt, mozilla/SwissSign_Silver_CA_-_G2.crt, mozilla/T-TeleSec_GlobalRoot_Class_2.crt, mozilla/T-TeleSec_GlobalRoot_Class_3.crt, mozilla/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt, mozilla/TWCA_Global_Root_CA.crt, mozilla/TWCA_Root_Certification_Authority.crt, mozilla/Taiwan_GRCA.crt, mozilla/TeliaSonera_Root_CA_v1.crt, mozilla/TrustCor_ECA-1.crt, mozilla/TrustCor_RootCert_CA-1.crt, mozilla/TrustCor_RootCert_CA-2.crt, mozilla/Trustis_FPS_Root_CA.crt, mozilla/USERTrust_ECC_Certification_Authority.crt, mozilla/USERTrust_RSA_Certification_Authority.crt, mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt, mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt, mozilla/VeriSign_Universal_Root_Certification_Authority.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt, mozilla/XRamp_Global_CA_Root.crt, mozilla/certSIGN_ROOT_CA.crt, mozilla/ePKI_Root_Certification_Authority.crt, mozilla/thawte_Primary_Root_CA.crt, mozilla/thawte_Primary_Root_CA_-_G2.crt, mozilla/thawte_Primary_Root_CA_-_G3.crt +ucf ucf/changeprompt_threeway select keep_current +libpam-runtime libpam-runtime/override boolean false +dictionaries-common dictionaries-common/debconf_database_corruption error +tzdata tzdata/Areas select Etc +grub-pc grub-pc/install_devices_empty boolean false +tzdata tzdata/Zones/Indian select +# Zeitzone: +# Choices: AST4, AST4ADT, CST6, CST6CDT, EST5, EST5EDT, HST10, MST7, MST7MDT, PST8, PST8PDT, YST9, YST9YDT +tzdata tzdata/Zones/SystemV select +# Tastaturbelegung: +# Choices: German, German - German (dead acute), German - German (dead grave acute), German - German (dead tilde), German - German (Dvorak), German - German (Macintosh), German - German (Macintosh\, no dead keys), German - German (Neo 2), German - German (no dead keys), German - German (QWERTY), German - German (T3), German - German (with Sun dead keys), German - Lower Sorbian, German - Lower Sorbian (QWERTZ), German - Romanian (Germany), German - Romanian (Germany\, no dead keys), German - Russian (Germany\, phonetic), German - Turkish (Germany) +keyboard-configuration keyboard-configuration/variant select German +# for internal use +keyboard-configuration keyboard-configuration/variantcode string +# Compose-Taste: +# Choices: Keine Compose-Taste, Alt rechts (AltGr), Strg rechts, Windows-Taste rechts, Menütaste, Windows-Taste links, Feststelltaste +keyboard-configuration keyboard-configuration/compose select No compose key +# Xscreensaver und Xlockmore müssen vor dem Upgrade neu gestartet werden +libc6 glibc/disable-screensaver error +libc6:amd64 glibc/disable-screensaver error +# Zeitzone: +# Choices: Apia, Auckland, Bougainville, Chatham, Chuuk, Easter, Éfaté, Enderbury, Fakaofo, Fidschi, Funafuti, Galapagos, Gambier, Guadalcanal, Guam, Honolulu, Johnston, Kiritimati, Kosrae, Kwajalein, Majuro, Marquesas, Midway, Nauru, Niue, Norfolk, Nouméa, Pago Pago, Palau, Pitcairn, Pohnpei, Ponape, Port Moresby, Rarotonga, Saipan, Samoa, Tahiti, Tarawa, Tongatapu, Truk, Wake, Wallis, Yap +tzdata tzdata/Zones/Pacific select +# Jetzt die Umstellung auf GRUB 2 abschließen? +grub-pc grub-pc/mixed_legacy_and_grub2 boolean true +# Möchten Sie die Gruppe verschieben? +base-passwd base-passwd/group-move boolean true +# Soll der veraltete Verweis /etc/dictionary gelöscht werden? +dictionaries-common dictionaries-common/old_wordlist_link boolean true +# Ufw automatisch starten? +ufw ufw/enable boolean false +# Wollen Sie das GECOS des Benutzers ändern? +base-passwd base-passwd/user-change-gecos boolean true +# Standard-Papierformat für Ihr System: +# Choices: letter, A4, note, legal, executive, halfletter, halfexecutive, 11x17, statement, folio, quarto, 10x14, ledger, tabloid, A0, A1, A2, A3, A5, A6, A7, A8, A9, A10, B0, B1, B2, B3, B4, B5, C5, DL, Comm10, Monarch, archE, archD, archC, archB, archA, flsa, flse, csheet, dsheet, esheet +libpaper1 libpaper/defaultpaper select a4 +libpaper1:amd64 libpaper/defaultpaper select a4 +# Herkunftsland für die Tastatur: +# Choices: Afghani, Albanian, Amharic, Arabic, Arabic (Morocco), Arabic (Syria), Armenian, Azerbaijani, Bambara, Bangla, Belarusian, Belgian, Berber (Algeria\, Latin), Bosnian, Braille, Bulgarian, Burmese, Chinese, Croatian, Czech, Danish, Dhivehi, Dutch, Dzongkha, English (Australian), English (Cameroon), English (Ghana), English (Nigeria), English (South Africa), English (UK), English (US), Esperanto, Estonian, Faroese, Filipino, Finnish, French, French (Canada), French (Democratic Republic of the Congo), French (Guinea), French (Togo), Georgian, German, German (Austria), Greek, Hebrew, Hungarian, Icelandic, Indian, Indonesian (Arab Melayu\, phonetic), Indonesian (Javanese), Iraqi, Irish, Italian, Japanese, Japanese (PC-98), Kazakh, Khmer (Cambodia), Korean, Kyrgyz, Lao, Latvian, Lithuanian, Macedonian, Malay (Jawi\, Arabic Keyboard), Maltese, Maori, Moldavian, Mongolian, Montenegrin, Nepali, Norwegian, Persian, Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian, Sinhala (phonetic), Slovak, Slovenian, Spanish, Spanish (Latin American), Swahili (Kenya), Swahili (Tanzania), Swedish, Switzerland, Taiwanese, Tajik, Thai, Tswana, Turkish, Turkmen, Ukrainian, Urdu (Pakistan), Uzbek, Vietnamese, Wolof +keyboard-configuration keyboard-configuration/layout select German +# Wünschen Sie systemweit lesbare Home-Verzeichnisse? +adduser adduser/homedir-permission boolean true +# Möchten Sie die GID des Benutzers ändern? +base-passwd base-passwd/user-change-gid boolean true +# Zu nutzende Schnittstellenoberfläche: +# Choices: Dialog, Readline, Gnome, Kde, Editor, Nicht-interaktiv +debconf debconf/frontend select Dialog +# for internal use +keyboard-configuration keyboard-configuration/optionscode string +# Inetd-Einträge deaktivieren? +update-inetd update-inetd/ask-disable-entries boolean false +# Wie wollen Sie mit der geänderten Konfigurationsdatei verfahren? +# Choices: Version des Paketbetreuers installieren, aktuell lokal installierte Version beibehalten, Unterschiede zwischen den Versionen anzeigen, Unterschiede zwischen den Versionen nebeneinander anzeigen, die Angelegenheit in einer neu gestarteten Shell untersuchen +ucf ucf/changeprompt select keep_current +# Detect keyboard layout? +keyboard-configuration console-setup/ask_detect boolean false +# Neuen Zertifikaten von Zertifizierungsstellen vertrauen? +# Choices: Ja, Nein, Fragen +ca-certificates ca-certificates/trust_new_crts select yes +# for internal use only +gdm3 gdm3/daemon_name string /usr/sbin/gdm3 +# Alternativ-Name(n): +ssl-cert make-ssl-cert/altname string +# Möchten Sie den Kompatibilitäts-Server für BSD lpd einrichten? +cups-bsd cups-bsd/setuplpd boolean false +# GRUB konnte nicht auf das Boot-Gerät geschrieben werden - fortfahren? +grub-pc grub-pc/install_devices_failed boolean false +# Zu aktivierende neue Zertifikate: +# Choices: +ca-certificates ca-certificates/new_crts multiselect +# Neustarten einiger Dienste beim OpenSSL-Upgrade fehlgeschlagen +libssl1.1:amd64 libssl1.1/restart-failed error +# GRUB konnte nicht auf das Boot-Gerät geschrieben werden - fortfahren? +grub-pc grub-efi/install_devices_failed boolean false +# Unterschiede zwischen den Versionen zeilenweise anzeigen +ucf ucf/show_diff note +# Inetd-Einträge entfernen? +update-inetd update-inetd/ask-remove-entries boolean false +# Soll lilo nach dem Upgrade automatisch ausgeführt werden (falls vorhanden)? +memtest86+ shared/memtest86-run-lilo boolean false +# TUN/TAP-Gerät anlegen? +openvpn openvpn/create_tun boolean false +# Bestehende Konfiguration gefunden +ufw ufw/existing_configuration error +# Probleme bei der Neuerstellung einer -Hash-Datei () +dictionaries-common dictionaries-common/ispell-autobuildhash-message note +# Zeitzone: +# Choices: Azoren, Bermuda, Kanaren, Kap Verde, Farör, Jan Mayen, Madeira, Reykjavík, South Georgia, St Helena, Stanley +tzdata tzdata/Zones/Atlantic select +# Möchten Sie das Home-Verzeichnis des Benutzers ändern? +base-passwd base-passwd/user-change-home boolean true +# Zeitzone: +# Choices: Amsterdam, Andorra, Astrachan, Athen, Belfast, Belgrad, Berlin, Bratislava, Brüssel, Bukarest, Budapest, Büsingen, Chisinau, Kopenhagen, Dublin, Gibraltar, Guernsey, Helsinki, Isle of Man, Istanbul, Jersey, Kaliningrad, Kiew, Kirow, Lissabon, Ljubljana, London, Luxemburg, Madrid, Malta, Mariehamn, Minsk, Monaco, Moskau, Nicosia, Oslo, Paris, Podgorica, Prag, Riga, Rom, Samara, San Marino, Sarajevo, Saratov, Simferopol, Skopje, Sofia, Stockholm, Tallinn, Tirana, Tiraspol, Uljanowsk, Uschhorod, Vaduz, Vatikan, Wien, Vilnius, Wolgograd, Warschau, Zagreb, Saporischschja, Zürich +tzdata tzdata/Zones/Europe select +# Möchten Sie den Benutzer entfernen? +base-passwd base-passwd/user-remove boolean true +# Aktiviere Saned als Einzel-Server? +sane-utils sane-utils/saned_run boolean false +# Mehrfache Einträge ignorieren und ohne Änderungen fortfahren? +update-inetd update-inetd/ask-several-entries boolean true +# Zeitzone: +# Choices: Aden, Almaty, Amman, Anadyr, Aqtau, Aqtöbe, Asgabat, Atyrau, Bagdad, Bahrain, Baku, Bangkok, Barnaul, Beirut, Bischkek, Brunei, Chita, Tschoibalsan, Chongqing, Colombo, Damaskus, Dhaka, Dili, Dubai, Duschanbe, Famagusta, Gasa, Harbin, Hebron, Ho-Chi-Minh-Stadt, Hong Kong, Chovd, Irkutsk, Istanbul, Jakarta, Jayapura, Jerusalem, Kabul, Kamtschatka, Karatschi, Kaschgar, Katmandu, Khandyga, Kolkata, Krasnojarsk, Kuala Lumpur, Kuching, Kuwait, Macao, Magadan, Ujung Pandang (Makassar), Manila, Maskat, Nicosia, Nowokusnezk, Novosibirsk, Omsk, Oral, Phnom Penh, Pontianak, Pjöngjang, Katar, Qostanay, Ksyl-Orda, Rangun, Riad, Sachalin, Samarkand, Seoul, Shanghai, Singapur, Srednekolymsk, Taipeh, Taschkent, Tiflis, Teheran, Tel Aviv, Thimphu, Tokio, Tomsk, Makassar, Ulan-Bator (Ulaanbaatar), Ürümqi, Ust-Nera, Vientiane, Wladiwostok, Jakutsk, Rangun, Jekaterinburg, Eriwan +tzdata tzdata/Zones/Asia select +# Aktualisierungen für Stable automatisch herunterladen und installieren? +unattended-upgrades unattended-upgrades/enable_auto_updates boolean true +# Voreingestellte Tastaturbelegung () beibehalten? +keyboard-configuration keyboard-configuration/unsupported_layout boolean true +# Möchten Sie die Gruppe entfernen? +base-passwd base-passwd/group-remove boolean true +# Backends für die Kommunikation mit dem Drucker: +# Choices: lpd, Socket, USB, SNMP, dnssd +cups cupsys/backend multiselect lpd, socket, usb, snmp, dnssd +# Möchten Sie den Benutzer hinzufügen? +base-passwd base-passwd/user-add boolean true +# Keyboard layout detection complete +keyboard-configuration console-setup/detected note +# Existierenden Eintrag belassen und ohne Änderungen fortfahren? +update-inetd update-inetd/ask-entry-present boolean true +# Wollen Sie die Shell des Benutzers ändern? +# Standard-Befehlszeile für kFreeBSD: + +printer-driver-pnm2ppa pnm2ppa/printer_model select 710 + +linux-sound-base linux-sound-base/sound_system select ALSA + +debconf debconf/priority select high + +base-passwd base-passwd/user-move boolean true +base-passwd base-passwd/user-change-shell boolean true + +libssl1.1:amd64 libssl1.1/restart-services string + +base-passwd base-passwd/user-change-uid boolean true + +grub-pc grub2/kfreebsd_cmdline_default string quiet splash +grub-pc grub2/no_efi_extra_removable boolean false +grub-pc grub-efi/install_devices_disks_changed multiselect + +keyboard-configuration keyboard-configuration/unsupported_config_layout boolean true +keyboard-configuration keyboard-configuration/unsupported_options boolean true +keyboard-configuration keyboard-configuration/model select Generic 105-key PC (intl.) + +xserver-xorg-legacy xserver-xorg-legacy/xwrapper/actual_allowed_users string console + +printer-driver-pnm2ppa pnm2ppa/create_magicfilter boolean false +grub-pc grub2/linux_cmdline string +libc6 glibc/restart-services string +libc6:amd64 glibc/restart-services string +tzdata tzdata/Zones/US select +dictionaries-common dictionaries-common/default-ispell select +keyboard-configuration console-setup/detect detect-keyboard +libpam-runtime libpam-runtime/no_profiles_chosen error +grub-pc grub-pc/postrm_purge_boot_grub boolean false +ssl-cert make-ssl-cert/vulnerable_prng note +grub-pc grub-efi/install_devices_empty boolean false diff --git a/disk_config/CLOUD b/disk_config/CLOUD new file mode 100644 index 0000000..0b76001 --- /dev/null +++ b/disk_config/CLOUD @@ -0,0 +1,7 @@ +# config for a disk image for a VM +# +# + +disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid align-at:1M + +primary / 300- ext4 rw,discard,barrier=0,noatime,errors=remount-ro tuneopts="-c 0 -i 0" diff --git a/disk_config/CLOUD_EFI b/disk_config/CLOUD_EFI new file mode 100644 index 0000000..0e15072 --- /dev/null +++ b/disk_config/CLOUD_EFI @@ -0,0 +1,8 @@ +# config for a disk image for a VM +# +# p= + +disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid align-at:1M + +p=efi /boot/efi 64M vfat defaults createopts="-F 32" +p=root / 300- ext4 rw,discard,barrier=0,noatime,errors=remount-ro tuneopts="-c 0 -i 0" diff --git a/disk_config/FAIBASE b/disk_config/FAIBASE new file mode 100644 index 0000000..0c66cbc --- /dev/null +++ b/disk_config/FAIBASE @@ -0,0 +1,9 @@ +# example of new config file for setup-storage +# +# + +disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid + +primary / 2G-50G ext4 rw,noatime,errors=remount-ro +logical swap 200-10G swap sw +logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0" diff --git a/disk_config/FAIBASE_EFI b/disk_config/FAIBASE_EFI new file mode 100644 index 0000000..121aa21 --- /dev/null +++ b/disk_config/FAIBASE_EFI @@ -0,0 +1,10 @@ +# example of new config file for setup-storage +# +# p= + +disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid + +p=efi /boot/efi 512M vfat rw +p=root / 2G-50G ext4 rw,noatime,errors=remount-ro +p= swap 200-10G swap sw +p=home /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0" diff --git a/disk_config/FAISERVER b/disk_config/FAISERVER new file mode 100644 index 0000000..29bf219 --- /dev/null +++ b/disk_config/FAISERVER @@ -0,0 +1,11 @@ +# config file for an FAI install server +# +# + +disk_config disk1 disklabel:msdos fstabkey:uuid + +primary / 2G-15G ext4 rw,noatime,errors=remount-ro +logical swap 200-1000 swap sw +logical /tmp 100-1000 ext4 rw,noatime,nosuid,nodev createopts="-m 0" tuneopts="-c 0 -i 0" +logical /home 100-40% ext4 rw,noatime,nosuid,nodev createopts="-m 1" tuneopts="-c 0 -i 0" +logical /srv 1G-50% ext4 rw,noatime createopts="-m 1" tuneopts="-c 0 -i 0" diff --git a/disk_config/FAISERVER_EFI b/disk_config/FAISERVER_EFI new file mode 100644 index 0000000..e11020c --- /dev/null +++ b/disk_config/FAISERVER_EFI @@ -0,0 +1,12 @@ +# config file for an FAI install server +# +# p= + +disk_config disk1 disklabel:gpt fstabkey:uuid + +p=efi /boot/efi 512M vfat rw +p=system / 2G-15G ext4 rw,noatime,errors=remount-ro +p=swap swap 200-1000 swap sw +p= /tmp 100-1000 ext4 rw,noatime,nosuid,nodev createopts="-m 0" tuneopts="-c 0 -i 0" +p=home /home 100-40% ext4 rw,noatime,nosuid,nodev createopts="-m 1" tuneopts="-c 0 -i 0" +p=data /srv 1G-50% ext4 rw,noatime createopts="-m 1" tuneopts="-c 0 -i 0" diff --git a/disk_config/HW4F_DESKTOP b/disk_config/HW4F_DESKTOP new file mode 100644 index 0000000..66fe5a3 --- /dev/null +++ b/disk_config/HW4F_DESKTOP @@ -0,0 +1,5 @@ +disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid + +logical swap 200-10G swap sw +primary / 4G-50G ext4 rw,noatime,errors=remount-ro +logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0" diff --git a/disk_config/HW4F_DESKTOP_EFI b/disk_config/HW4F_DESKTOP_EFI new file mode 100644 index 0000000..031c723 --- /dev/null +++ b/disk_config/HW4F_DESKTOP_EFI @@ -0,0 +1,6 @@ +disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid + +primary /boot/efi 512M vfat rw +primary / 4G-50G ext4 rw,noatime,errors=remount-ro +primary swap 200-10G swap sw +primary /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0" diff --git a/disk_config/LVM b/disk_config/LVM new file mode 100644 index 0000000..e300358 --- /dev/null +++ b/disk_config/LVM @@ -0,0 +1,15 @@ +# + +# entire disk with LVM, separate /home + +disk_config disk1 fstabkey:uuid align-at:1M + +primary /boot 200 ext4 rw,noatime +primary - 4G- - - + +disk_config lvm + +vg vg1 disk1.2 +vg1-root / 3G-50G ext4 noatime,rw +vg1-swap swap 200-4G swap sw +vg1-home /home 600- ext4 noatime,nosuid,nodev,rw diff --git a/disk_config/LVM_EFI b/disk_config/LVM_EFI new file mode 100644 index 0000000..11df151 --- /dev/null +++ b/disk_config/LVM_EFI @@ -0,0 +1,16 @@ +# p= + +# entire disk with LVM, separate /home + +disk_config disk1 disklabel:gpt fstabkey:uuid align-at:1M + +p=efi /boot/efi 512M vfat rw +p=boot /boot 200 ext4 rw,noatime +p=system - 4G- - - + +disk_config lvm + +vg vg1 disk1.3 +vg1-root / 3G-50G ext4 noatime,rw +vg1-swap swap 200-4G swap sw +vg1-home /home 600- ext4 noatime,nosuid,nodev,rw diff --git a/disk_config/ROCKY b/disk_config/ROCKY new file mode 100644 index 0000000..cfd4a9f --- /dev/null +++ b/disk_config/ROCKY @@ -0,0 +1,10 @@ +# example of new config file for setup-storage +# +# + +disk_config disk1 disklabel:msdos bootable:1 fstabkey:label + +primary / 4G-50G ext4 rw,noatime,errors=remount-ro createopts="-L ROOT" + +logical swap 200-10G swap sw createopts="-L SWAP" +logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L HOME -m 1" tuneopts="-c 0 -i 0" diff --git a/disk_config/XENIAL b/disk_config/XENIAL new file mode 100644 index 0000000..22ab65c --- /dev/null +++ b/disk_config/XENIAL @@ -0,0 +1,12 @@ +# example of new config file for setup-storage +# +# + +# this is a copy of FAIBASE, but with metadata_csum disabled. +# Ubuntu XENIAL does not yet suport this option + +disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid + +primary / 2G-50G ext4 rw,noatime,errors=remount-ro createopts="-O ^metadata_csum" +logical swap 200-1G swap sw +logical /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1 -O ^metadata_csum" tuneopts="-c 0 -i 0" diff --git a/disk_config/XENIAL_EFI b/disk_config/XENIAL_EFI new file mode 100644 index 0000000..d72f130 --- /dev/null +++ b/disk_config/XENIAL_EFI @@ -0,0 +1,13 @@ +# example of new config file for setup-storage +# +# + +# this is a copy of FAIBASE, but with metadata_csum disabled. +# Ubuntu XENIAL does not yet suport this option + +disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid + +primary /boot/efi 512M vfat rw +primary / 2G-50G ext4 rw,noatime,errors=remount-ro createopts="-O ^metadata_csum" +primary swap 200-1G swap sw +primary /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1 -O ^metadata_csum" tuneopts="-c 0 -i 0" diff --git a/files/etc/apt/apt.conf.d/00-proxy/.keep b/files/etc/apt/apt.conf.d/00-proxy/.keep new file mode 100755 index 0000000..e69de29 diff --git a/files/etc/apt/apt.conf.d/00-proxy/HW4F_DESKTOP b/files/etc/apt/apt.conf.d/00-proxy/HW4F_DESKTOP new file mode 100644 index 0000000..2089f59 --- /dev/null +++ b/files/etc/apt/apt.conf.d/00-proxy/HW4F_DESKTOP @@ -0,0 +1 @@ +Acquire::http::Proxy "http://hw4f-fai-vagrant:3142"; diff --git a/files/etc/apt/apt.conf.d/force_confdef/DEBIAN b/files/etc/apt/apt.conf.d/force_confdef/DEBIAN new file mode 100755 index 0000000..deb7948 --- /dev/null +++ b/files/etc/apt/apt.conf.d/force_confdef/DEBIAN @@ -0,0 +1,5 @@ +DPkg { + Options { + "--force-confdef"; + } +}; diff --git a/files/etc/apt/preferences.d/mint.pref/MINT b/files/etc/apt/preferences.d/mint.pref/MINT new file mode 100755 index 0000000..e953293 --- /dev/null +++ b/files/etc/apt/preferences.d/mint.pref/MINT @@ -0,0 +1,11 @@ +Package: * +Pin: origin live.linuxmint.com +Pin-Priority: 750 + +Package: * +Pin: release o=linuxmint,c=upstream +Pin-Priority: 700 + +Package: * +Pin: release o=Ubuntu +Pin-Priority: 500 diff --git a/files/etc/apt/sources.list.d/mint.list/MINTDESKTOP b/files/etc/apt/sources.list.d/mint.list/MINTDESKTOP new file mode 100755 index 0000000..e69de29 diff --git a/files/etc/apt/sources.list/GNOME b/files/etc/apt/sources.list/GNOME new file mode 100755 index 0000000..20861df --- /dev/null +++ b/files/etc/apt/sources.list/GNOME @@ -0,0 +1,3 @@ +deb {%apt_cdn%}/debian {%release%} main +deb {%security_cdn%}/debian-security {%secsuite%} main +deb {%apt_cdn%}/debian {%release%}-updates main diff --git a/files/etc/apt/trusted.gpg/DEBIAN b/files/etc/apt/trusted.gpg/DEBIAN new file mode 100755 index 0000000..d720a78 Binary files /dev/null and b/files/etc/apt/trusted.gpg/DEBIAN differ diff --git a/files/etc/apt/trusted.gpg/DEBIAN_MULTIMEDIA b/files/etc/apt/trusted.gpg/DEBIAN_MULTIMEDIA new file mode 100755 index 0000000..1327be6 Binary files /dev/null and b/files/etc/apt/trusted.gpg/DEBIAN_MULTIMEDIA differ diff --git a/files/etc/apt/trusted.gpg/MINTDESKTOP b/files/etc/apt/trusted.gpg/MINTDESKTOP new file mode 100755 index 0000000..184362a Binary files /dev/null and b/files/etc/apt/trusted.gpg/MINTDESKTOP differ diff --git a/files/etc/apt/trusted.gpg/UBUNTU b/files/etc/apt/trusted.gpg/UBUNTU new file mode 100755 index 0000000..5efee28 Binary files /dev/null and b/files/etc/apt/trusted.gpg/UBUNTU differ diff --git a/files/etc/default/console-setup/HW4F_DESKTOP b/files/etc/default/console-setup/HW4F_DESKTOP new file mode 100755 index 0000000..82cb299 --- /dev/null +++ b/files/etc/default/console-setup/HW4F_DESKTOP @@ -0,0 +1,49 @@ +# A configuration file for setupcon + +# Change to "yes" and setupcon will explain what is being doing +VERBOSE_OUTPUT=no + +# Setup these consoles. Most people do not need to change this. +ACTIVE_CONSOLES="/dev/tty[1-6]" + +# Put here your encoding. Valid charmaps are: UTF-8 ARMSCII-8 CP1251 +# CP1255 CP1256 GEORGIAN-ACADEMY GEORGIAN-PS IBM1133 ISIRI-3342 +# ISO-8859-1 ISO-8859-2 ISO-8859-3 ISO-8859-4 ISO-8859-5 ISO-8859-6 +# ISO-8859-7 ISO-8859-8 ISO-8859-9 ISO-8859-10 ISO-8859-11 ISO-8859-13 +# ISO-8859-14 ISO-8859-15 ISO-8859-16 KOI8-R KOI8-U TIS-620 VISCII +CHARMAP="UTF-8" + +# The codeset determines which symbols are supported by the font. +# Valid codesets are: Arabic Armenian CyrAsia CyrKoi CyrSlav Ethiopian +# Georgian Greek Hebrew Lao Lat15 Lat2 Lat38 Lat7 Thai Uni1 Uni2 Uni3 +# Vietnamese. Read README.fonts for explanation. +CODESET="Lat15" + +# Valid font faces are: VGA (sizes 8, 14 and 16), Terminus (sizes +# 12x6, 14, 16, 20x10, 24x12, 28x14 and 32x16), TerminusBold (sizes +# 14, 16, 20x10, 24x12, 28x14 and 32x16), TerminusBoldVGA (sizes 14 +# and 16), Fixed (sizes 13, 14, 15, 16 and 18), Goha (sizes 12, 14 and +# 16), GohaClassic (sizes 12, 14 and 16). +FONTFACE="VGA" +FONTSIZE="16" + +# You can also directly specify nonstandard font and ACM to load: +# FONT=/usr/local/share/funnyfonts/sarge16.psf +# ACM=/usr/local/share/consoletrans/my_special_encoding.acm + +# The following variables describe your keyboard and can have the same +# values as the XkbModel, XkbLayout, XkbVariant and XkbOptions options +# in /etc/X11/xorg.conf. +XKBMODEL="pc105" +XKBLAYOUT="de" +XKBVARIANT="" +XKBOPTIONS="" + + +# Do not update the following md5 sum if you change +# /etc/console-setup/boottime.kmap.gz and Debconf will not overwrite +# your custom keymap. Do not update it even if you want to make +# Debconf overwrite it. Instead simply specify the empty string as +# a md5 sum. + +BOOTTIME_KMAP_MD5="" diff --git a/files/etc/default/grub.d/10_cloud_disable_net.ifnames.cfg/CLOUD b/files/etc/default/grub.d/10_cloud_disable_net.ifnames.cfg/CLOUD new file mode 100755 index 0000000..ad11d23 --- /dev/null +++ b/files/etc/default/grub.d/10_cloud_disable_net.ifnames.cfg/CLOUD @@ -0,0 +1,6 @@ +# Disable systemd's network interface name management. +# References: +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863385 +# https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ + +GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT net.ifnames=0" diff --git a/files/etc/default/locale/HW4F_DESKTOP b/files/etc/default/locale/HW4F_DESKTOP new file mode 100755 index 0000000..b20033b --- /dev/null +++ b/files/etc/default/locale/HW4F_DESKTOP @@ -0,0 +1 @@ +LANG="de_DE.UTF-8" diff --git a/files/etc/dhcp/dhcpd.conf/FAISERVER b/files/etc/dhcp/dhcpd.conf/FAISERVER new file mode 100755 index 0000000..b0343cc --- /dev/null +++ b/files/etc/dhcp/dhcpd.conf/FAISERVER @@ -0,0 +1,32 @@ +# dhcpd.conf for a fai installation server +# replace faiserver with the name of your install server + +ignore-client-uids on; +deny unknown-clients; +option dhcp-max-message-size 2048; +use-host-decl-names on; +#always-reply-rfc1048 on; + +subnet 192.168.33.0 netmask 255.255.255.0 { + option routers 192.168.33.1; + option domain-name "fai.example"; + option domain-name-servers 192.168.33.250; + option time-servers faiserver; +# option ntp-servers faiserver; + server-name faiserver; + next-server faiserver; + if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000" { + filename "fai/pxelinux.0"; + } + if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007" { + filename "fai/syslinux.efi"; + } + allow unknown-clients; + pool { + range 192.168.33.100 192.168.33.150; + } +} + +# generate a lot of entries with: +# perl -e 'for (1..10) {printf "host client%02s {hardware ethernet XXX:$_;fixed-address client%02s;}\n",$_,$_;}' +# then replace XXX with the hardware addresses of your clients diff --git a/files/etc/fai/fai.conf/FAISERVER b/files/etc/fai/fai.conf/FAISERVER new file mode 100755 index 0000000..4711cd1 --- /dev/null +++ b/files/etc/fai/fai.conf/FAISERVER @@ -0,0 +1,8 @@ +# See fai.conf(5) for detailed information. + +# Account for saving log files and calling fai-chboot. +LOGUSER=fai + +# URL to access the fai config space +# If undefined, use default nfs:///$FAI_CONFIGDIR +FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config diff --git a/files/etc/fai/nfsroot.conf/FAISERVER b/files/etc/fai/nfsroot.conf/FAISERVER new file mode 100755 index 0000000..72491fd --- /dev/null +++ b/files/etc/fai/nfsroot.conf/FAISERVER @@ -0,0 +1,15 @@ +# For a detailed description see nfsroot.conf(5) + +# " " for debootstrap +FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian" +FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1' + +NFSROOT=/srv/fai/nfsroot +TFTPROOT=/srv/tftp/fai +NFSROOT_HOOKS=/etc/fai/nfsroot-hooks/ +FAI_DEBOOTSTRAP_OPTS="--exclude=info" + +# Configuration space +FAI_CONFIGDIR=/srv/fai/config + +NFSROOT_ETC_HOSTS="192.168.33.250 faiserver" diff --git a/files/etc/motd/FAIBASE b/files/etc/motd/FAIBASE new file mode 100755 index 0000000..9f8fed3 --- /dev/null +++ b/files/etc/motd/FAIBASE @@ -0,0 +1,4 @@ + + +Plan your installation, and FAI installs your plan. + diff --git a/files/etc/rc.local/CLOUD b/files/etc/rc.local/CLOUD new file mode 100755 index 0000000..6c2a800 --- /dev/null +++ b/files/etc/rc.local/CLOUD @@ -0,0 +1,8 @@ +#! /bin/bash + +# regenerate ssh_host keys +ls /etc/ssh/ssh_host_* >/dev/null 2>&1 +if [ $? -ne 0 ]; then + dpkg-reconfigure -fnoninteractive openssh-server +fi +rm $0 diff --git a/files/etc/rc.local/FAISERVER b/files/etc/rc.local/FAISERVER new file mode 100755 index 0000000..2c255cc --- /dev/null +++ b/files/etc/rc.local/FAISERVER @@ -0,0 +1,106 @@ +#! /bin/bash + +# setup script that is only run once at boot time +# set up an FAI install server + +NORMAL='\E(B\E[m' +RED='\E[31m' +GREEN='\E[32m' + +set -o pipefail + +# setup network +nic=$(cat /etc/network/interfaces /etc/network/interfaces.d/* 2>/dev/null | awk '$1 == "iface" && $2 != "lo" {print $2; exit}') +if [ -n "$nic" ]; then + ifup $nic +fi +# regenerate ssh_host keys +ls /etc/ssh/ssh_host_* > /dev/null +if [ $? -ne 0 ]; then + dpkg-reconfigure -fnoninteractive openssh-server +fi +sleep 8 +[ -x /etc/init.d/nscd ] && invoke-rc.d nscd restart + +echo "=================================" +echo "Setting up the FAI install server" +echo "This will take a few minutes" +echo "=================================" + +. /etc/fai/fai.conf +. /etc/fai/nfsroot.conf + +# copy the simple examples and pimp my config space +if [ ! -d "$FAI_CONFIGDIR/class" ]; then + mkdir -p $FAI_CONFIGDIR + cp -a /usr/share/doc/fai-doc/examples/simple/* $FAI_CONFIGDIR + ainsl /srv/fai/config/class/FAIBASE.var "^LOGUSER=fai" + _nic=$(ip route | awk '/^default/ {print $5}'|head -1) + myip=$(ip -br ad sh $_nic | awk '{print $3}') + myip=${myip%/*} + echo "APTPROXY=http://$myip:3142" >> /srv/fai/config/class/DEBIAN.var +fi +# set the LOGUSER, wo we get all the logs from our install clients +ainsl /etc/fai/fai.conf "^LOGUSER=fai" + +# make index, then import the packages from the CD mirror +apt-get update >/dev/null +curl -fs 'http://127.0.0.1:3142/acng-report.html?doImport=Start+Import&calcSize=cs&asNeeded=an#bottom' >/dev/null + +# setup the FAI server, including creating the nfsroot, use my own proxy +export APTPROXY="http://127.0.0.1:3142" +if [ -f /var/tmp/base.tar.xz ]; then + fai-setup -fvB /var/tmp/base.tar.xz > /var/log/fai/fai-setup.log 2>&1 +else + fai-setup -fv > /var/log/fai/fai-setup.log 2>&1 +fi +if [ $? -eq 0 ]; then + rm /var/tmp/base.tar.xz + echo "" + echo "================================================" + echo -e "Setting up the FAI server was ${GREEN}successful${NORMAL}" + echo "================================================" + echo "" + sleep 10 +else + echo "" + echo "==================================================" + echo -e "${RED}ERROR${NORMAL}: Setting up the FAI install server ${RED}FAILED${NORMAL}!" + echo "Read /var/log/fai/fai-setup.log for more debugging" + echo "==================================================" + echo "" + sleep 10 + exit 99 +fi + +cat <> /srv/fai/nfsroot/etc/fai/fai.conf +# use short hostname instead of FQDN +export HOSTNAME=\${HOSTNAME%%.*} +echo \$HOSTNAME > /proc/sys/kernel/hostname +EOF + +# create default pxelinux boot configuration +fai-chboot -o default + +# create a template for booting the installation +fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config bullseye.tmpl + +# Since we do not know the MAC address, our DHCP cannot provide the hostname. +# Therefore we do explicitly set the hostname +fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config -k hostname=xfcehost xfcehost +fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config -k hostname=demohost demohost +for c in {01..10}; do + fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config -k hostname=client$c client$c +done + +fai-monitor > /var/log/fai/fai-monitor.log & + +# move me away +mv $0 /var/tmp + +# create new rc.local for next reboot +echo '#! /bin/bash' > /etc/rc.local +echo 'fai-monitor > /var/log/fai/fai-monitor.log &' >> /etc/rc.local +chmod a+rx /etc/rc.local + +exit 0 diff --git a/files/etc/selinux/config/ROCKY b/files/etc/selinux/config/ROCKY new file mode 100755 index 0000000..9878acb --- /dev/null +++ b/files/etc/selinux/config/ROCKY @@ -0,0 +1,12 @@ +# This file controls the state of SELinux on the system. +# SELINUX= can take one of these three values: +# enforcing - SELinux security policy is enforced. +# permissive - SELinux prints warnings instead of enforcing. +# disabled - No SELinux policy is loaded. +SELINUX=disabled +# SELINUXTYPE= can take one of these two values: +# targeted - Only targeted network daemons are protected. +# strict - Full SELinux protection. +# mls - Multi Level Security protection. +SELINUXTYPE=targeted +# SETLOCALDEFS= Check local definition changes diff --git a/hooks/debconf.IMAGE b/hooks/debconf.IMAGE new file mode 100755 index 0000000..f91ae3f --- /dev/null +++ b/hooks/debconf.IMAGE @@ -0,0 +1,45 @@ +#! /bin/bash + +# hook for installing a file system image (tar file) +# this works for Ubuntu 14.04 +# +# Copyright (C) 2015 Thomas Lange, lange@cs.uni-koeln.de + + +# I use this tar command to create the image of an already running and configured machine +# tar -cf /tmp/IMAGE.tar --exclude /tmp/\* --exclude /run/\* --exclude /proc/\* --exclude /sys/\* --exclude /dev/\* / +# add --xattrs --selinux --acls if needed (for CentOS 7) +# Then copy this image to /srv/fai/config/basefiles/IMAGE.tar and make sure your client belongs to the class IMAGE + +skiptask extrbase debconf repository updatebase instsoft +skiptask configure # do not run the usual configure scripts + +# we assume, that the new host will get its hostname and IP via DHCP +# remove old hostname +fgrep -v 127.0.1.1 $target/etc/hosts >> /tmp/fai/hosts +mv /tmp/fai/hosts $target/etc/hosts +rm $target/etc/hostname + +#install grub +mount -t proc proc $FAI_ROOT/proc +mount -t sysfs sysfs $FAI_ROOT/sys +mount --bind /dev $FAI_ROOT/dev + +if [ -f $target/etc/debian_version ]; then + $ROOTCMD grub-install $BOOT_DEVICE + $ROOTCMD update-grub +fi +if [ -f $target/etc/centos-release ]; then + rm $target/etc/grub2/device.map + $FAI/scripts/ROCKY/40-install-grub + $FAI/scripts/ROCKY/30-mkinitrd + $ROOTCMD fixfiles onboot # this fixes the SELinux security contexts during the first boot +fi + + +# things that may be adjusted: +# +# MAC address ?? (not needed for Ubuntu, it uses iftab(5) +# /etc/hosts may contain the IP and name of the original host +# /etc/hostname (for Ubuntu just remove it) +# /var/lib/NetworkManager/dhclient-eth0.conf? diff --git a/hooks/debconf.ROCKY b/hooks/debconf.ROCKY new file mode 100755 index 0000000..f98becd --- /dev/null +++ b/hooks/debconf.ROCKY @@ -0,0 +1,3 @@ +#! /bin/bash + +skiptask debconf diff --git a/hooks/instsoft.DEBIAN b/hooks/instsoft.DEBIAN new file mode 100755 index 0000000..35ac306 --- /dev/null +++ b/hooks/instsoft.DEBIAN @@ -0,0 +1,25 @@ +#! /bin/bash + +# if package locales will be installed, then install it early, before +# other packages +if [ $FAI_ACTION != "install" -a $FAI_ACTION != "dirinstall" ]; then + exit 0 +fi + +fcopy -Bi /etc/apt/apt.conf.d/force_confdef +ainsl -a /etc/ucf.conf "^conf_force_conffold=YES" + +# in case the locales are already included inside the base file (Ubuntu) +if [ -f $target/usr/sbin/locale-gen ]; then + exit +fi + +# if we want to install locales, install them now +install_packages -l 2>/dev/null | egrep -q ' locales|locales ' +if [ $? -eq 0 ]; then + if [ X$verbose = X1 ]; then + $ROOTCMD apt-get -y install locales + else + $ROOTCMD apt-get -y install locales > /dev/null + fi +fi diff --git a/hooks/repository.ROCKY b/hooks/repository.ROCKY new file mode 100755 index 0000000..8a5f472 --- /dev/null +++ b/hooks/repository.ROCKY @@ -0,0 +1,31 @@ +#! /bin/bash + +# (c) Michael Goetze, 2010-2011, mgoetze@mgoetze.net + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +if [ $FAI_ACTION = "install" ]; then + mount -t proc proc $target/proc + mount -t sysfs sysfs $target/sys + [ -L $target/etc/mtab ] || cp /etc/mtab $target/etc/mtab + + cat > $target/etc/sysconfig/network <<-EOF + NETWORKING=yes + HOSTNAME=$HOSTNAME.$DOMAIN + EOF + echo "127.0.0.1 localhost" > $target/etc/hosts + ifclass DHCPC || ainsl -s /etc/hosts "$IPADDR $HOSTNAME.$DOMAIN $HOSTNAME" + cp /etc/resolv.conf $target/etc +fi + +mkdir $target/dev/pts +mknod -m 000 $target/dev/pts/ptmx c 5 2 + +fcopy -riv /etc/yum.repos.d/ + +# disable the fastestmirror plugin +#fai-sed 's/enabled=1/enabled=0/' /etc/yum/pluginconf.d/fastestmirror.conf + +skiptask repository + +exit $error diff --git a/hooks/savelog.LAST.sh b/hooks/savelog.LAST.sh new file mode 100755 index 0000000..162f17a --- /dev/null +++ b/hooks/savelog.LAST.sh @@ -0,0 +1,223 @@ +#! /bin/bash + +# parse all log files for error messages +# print errors and warnings found to error.log +# WARNING: This will only work with english error messages! + +errfile=$LOGDIR/error.log + +# Define grep patterns. Do not start or end with an empty line! +globalerrorpatterns="error +fail +warn + bad +bad +no space +Couldn't stat +Cannot access + conflict +is bigger than the limit +did not exist +non existent +not found +couldn't +can't +E: Sorry, broken packages +^E: +operator expected +ambiguous redirect +No previous regular expression +No such +Device or resource busy +unknown option +[a-z]\+\.log:E: +No candidate version found +segfault +Couldn't find any package whose name or description matched +cannot create +The following packages have unmet dependencies" + +globalignorepatterns="[a-z]\+\.log:# +Error: Driver 'pcspkr' is already registered, aborting +: bytes packets errors dropped +:+ error=0 +:+ trap error= +task_error_func= +STOP_ON_ERROR= +courier-webadmin +plugins-bad +Enabling conf localized-error-pages +ibwebadmin +kernel-patch-badram +kolab-webadmin +kolabadmin +gstreamer.\+-plugins-really-bad +liberrors.so +liberrors-samba +libsamba-errors +gsambad +libad +libtest-nowarnings-perl +libtest-warn-perl +libclass-errorhandler-perl +zope-ploneerrorreporting +libroxen-errormessage +liberror-perl +perl-Error +libgpg-error-dev +libgpg-error0 +Opts:.\+errors=remount +[RT]X packets: +WARNING: unexpected IO-APIC +warned about = ( ) +daemon.warn +kern.warn +rw,errors= +Expect some cache +no error +failmsg +RPC call returned error 101 +deverror.out +(floppy), sector 0 +mount version older than kernel +Can't locate module +Warning only .\+MB will be used. +hostname: Host name lookup failure +I can't tell the difference. +warning, not much extra random data, consider using the -rand option +confC._FILE +Warning: 3 database(s) sources +were not found, (but were created) +removing exim +The home dir you specified already exists. +No Rule for /usr/lib/ispell/default.hash. +/usr/sbin/update-fonts-.\+: warning: absolute path +hostname: Unknown server error +EXT2-fs warning: checktime reached +RPC: sendmsg returned error 101 +can't print them to stdout. Define these classes +warning: downgrading +suppress emacs errors +echo Error: +Can't open dependencies file +documents in /usr/doc are no longer supported +if you have both a SCSI and an IDE CD-ROM +Warning: /proc/ide/hd?/settings interface is obsolete, and will be removed soon +Monitoring disabled +Error: only one processor found. +Error Recovery Strategy: +sector 0 does not have an +syslogin_perform_logout: logout() returned an error +grub is not in an XFS filesystem. +grub-install: line 374: +grub-probe: error: Cannot open \`/boot/grub/device.map' +is harmless +not updating .\+ font directory data. +register_serial(): autoconfig failed +Fontconfig error: Cannot load default config file +asking for cache data failed +However, I can not read the target: +Warning: The partition table looks like it was made +task_error=0 +task_local_error=0 +^info: Trying to set +warning: /usr/lib/X11/fonts +can't read /etc/udev/rules.d/z25_persistent-net.rules +/cow': No such file or directory +Dummy start-stop-daemon called +X: bytes packets errors +ACPI Error +ACPI Warning +AE_NOT_FOUND +conflicts with ACPI region +cannot stat \`/etc/modprobe.d/\*.conf' +cdrom: open failed. +libgpg-error +process \`kudzu' used the deprecated sysctl system call +PM: Resume from disk failed +JBD: barrier-based sync failed +aufs: module is from the staging directory, the quality is unknown +warning: linuxlogo stop runlevel arguments (none) do not match +insserv: warning: script .\+ missing LSB tags and overrides +live-premount.\+ If this fails +cannot read table of mounted file systems +error: no alternatives for +ERST: Error Record Serialization Table (ERST) support is initialized +ERST: Table is not found +HEST: Table not found +failed to stat /dev/pts +Failed to connect to socket /var/run/dbus/system_bus_socket +fail to add MMCONFIG information +can't initialize iptables table +can't initialize ip6tables table +Authentication warning overridden +41-warning.sh +PCCT header not found +Download is performed unsandboxed as root as file +update-alternatives: warning: skip creation of +loop: module verification failed: signature +Warning: apt-key output should not be parsed +WARNING: Failed to connect to lvmetad. Falling back to device scanning +Warning: The home dir /var/lib/usbmux you specified +diff: /var/lib/apparmor/profiles/.apparmor.md5sums: No such file or directory +error reporting disabled +Enabling Firmware First mode for corrected errors +errors: 0 + 0 errors +Memory Error Correction: +Memory Controller 0 - Channel . Error +IIO RAS/Control Status/Global Errors +RAS: Correctable Errors collector initialized +__stack_chk_fail +grub.cfg.new: Directory nonexistent +can't derive routing for PCI INT A +failed to load isci/isci_firmware.bin +Direct firmware load for isci/isci_firmware.bin failed with error +Loading user firmware failed, using default values +stunnel4 you specified can't be accessed: No such file or directory +install-docs --verbose --check file_name' may give more details about the above errors +cannot open '/etc/ssl/certs/java/cacerts' for reading: No such file or directory +can't claim BAR +disabling ASPM +data block query control method not found +subprocess.py.\+RuntimeWarning: line buffering +Resource conflict.\+ found +update-rc.d: warning: start and stop actions are no longer supported" + +# add pattern on some conditions +if [ -n $FAI_ALLOW_UNSIGNED ] ; then + globalignorepatterns="$globalignorepatterns +WARNING: untrusted versions +WARNING: The following packages cannot be authenticated +Ignoring these trust violations" +fi +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Here you can define your own patterns. Put one pattern in a line, +# do not create empty lines. +myerrorpatterns="X_X-X_XX" +myignorepatterns="X_X-X_XX" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# The main routine +errorpatterns="$globalerrorpatterns +$myerrorpatterns" +ignorepatterns="$globalignorepatterns +$myignorepatterns" + +cd $LOGDIR || exit 3 +if [ -s $errfile ]; then + echo "Errorfile already exists. Aborting." >&2 + exit +fi + +grep -i "$errorpatterns" *.log | grep -vi "$ignorepatterns" > $errfile +if [ X$verbose = X1 ]; then + egrep -v '^software.log:' $errfile > $LOGDIR/tempfile + mv $LOGDIR/tempfile $errfile +fi + +if [ -s $errfile ]; then + echo "ERRORS found in log files. See $errfile" >&2 +else + echo "Congratulations! No errors found in log files." +# export flag_reboot=1 # if you want to reboot if no errors are found +fi diff --git a/hooks/setup.DEFAULT.sh b/hooks/setup.DEFAULT.sh new file mode 100755 index 0000000..00a1df2 --- /dev/null +++ b/hooks/setup.DEFAULT.sh @@ -0,0 +1,7 @@ +#! /bin/bash + +# use short hostname instead of FQDN +export HOSTNAME=${HOSTNAME%%.*} +if [ $do_init_tasks -eq 1 ]; then + echo $HOSTNAME > /proc/sys/kernel/hostname +fi diff --git a/hooks/updatebase.DEBIAN b/hooks/updatebase.DEBIAN new file mode 100755 index 0000000..e828eef --- /dev/null +++ b/hooks/updatebase.DEBIAN @@ -0,0 +1,14 @@ +#! /bin/bash + +if [ -n "$APTPROXY" ]; then + echo "Acquire::http::Proxy \"$APTPROXY\";" > $target/etc/apt/apt.conf.d/02proxy +else + rm -f $target/etc/apt/apt.conf.d/02proxy +fi + +echo force-unsafe-io > $target/etc/dpkg/dpkg.cfg.d/unsafe-io + +# you may want to add i386 arch to amd64 hosts +# if ifclass AMD64; then +# $ROOTCMD dpkg --add-architecture i386 +# fi diff --git a/hooks/updatebase.ROCKY b/hooks/updatebase.ROCKY new file mode 100755 index 0000000..dd418d8 --- /dev/null +++ b/hooks/updatebase.ROCKY @@ -0,0 +1,25 @@ +#! /bin/bash + +if [ ! -f $target/etc/resolv.conf ]; then + cp /etc/resolv.conf $target/etc +fi + +if [ X$verbose = X1 ]; then + echo "Updating base" + $ROOTCMD yum -y update |& tee -a $LOGDIR/software.log +else + $ROOTCMD yum -y update >> $LOGDIR/software.log +fi + +$ROOTCMD systemd-machine-id-setup + +cat > $target/etc/sysconfig/kernel < $target/etc/apt/sources.list +# external mirror +deb $ubuntumirror/ubuntu $ubuntudist main restricted universe multiverse +deb $ubuntumirror/ubuntu $ubuntudist-updates main restricted universe multiverse +deb $ubuntumirror/ubuntu $ubuntudist-security main restricted universe multiverse +EOM + + +# https://lists.uni-koeln.de/pipermail/linux-fai/2016-July/011398.html +# In Ubuntu 16.04 (but not 14.04), the locales configuration mechanism has +# changed. There is a /var/lib/dpkg/info/locales.config file, which +# overrides /var/lib/dpkg/info/locales.postinst and consults +# /var/lib/locales/supported.d/local instead of the debconf system. (See +# the code in /usr/share/debconf/frontend that prefers locales.config.) This +# hook applies the debconf setting. It must run after FAI's debconf task +# but before dpkg gets a chance to clobber debconf with an empty setting. + +if [ ! -f "$target/var/lib/locales/supported.d/local" ]; then + $ROOTCMD debconf --owner=locales sh -c ' + . /usr/share/debconf/confmodule + db_version 2.0 + db_get locales/locales_to_be_generated && + mkdir -p /var/lib/locales/supported.d && + echo "$RET" > /var/lib/locales/supported.d/local' && + $ROOTCMD dpkg-reconfigure locales +fi diff --git a/package_config/CINNAMON b/package_config/CINNAMON new file mode 100644 index 0000000..d074217 --- /dev/null +++ b/package_config/CINNAMON @@ -0,0 +1,10 @@ +PACKAGES install DEBIAN +task-cinnamon-desktop +network-manager +network-manager-applet +network-manager-config-connectivity-debian +network-manager-gnome + +PACKAGES install UBUNTU +cinnamon-desktop-environment +network-manager diff --git a/package_config/DEBIAN b/package_config/DEBIAN new file mode 100644 index 0000000..1e197ad --- /dev/null +++ b/package_config/DEBIAN @@ -0,0 +1,65 @@ +PACKAGES install-norec +#cryptsetup-initramfs # needed if you use an encrypted partition +apt-transport-https # is only needed for stretch +debconf-utils +file +zstd +less +linuxlogo +rsync +openssh-client openssh-server +time +procinfo +nullmailer +eject +locales +console-setup kbd +pciutils usbutils +unattended-upgrades + +PACKAGES install NONFREE +# you may want these non-free kernel drivers +firmware-bnx2 firmware-bnx2x firmware-realtek +firmware-linux-nonfree +# a list of firmware for wifi/wireless +atmel-firmware firmware-atheros firmware-brcm80211 +firmware-iwlwifi firmware-libertas firmware-ralink firmware-zd1211 +firmware-brcm80211 firmware-ti-connectivity +firmware-netronome firmware-netxen firmware-realtek +firmware-cavium +# firmware-ipw2x00 # needs a debconf question + +PACKAGES install-norec I386 +linux-image-686-pae +memtest86+ + +PACKAGES install-norec CHROOT +linux-image-686-pae- +linux-image-amd64- + +PACKAGES install-norec AMD64 +linux-image-amd64 +memtest86+ + +PACKAGES install-norec ARM64 +grub-efi-arm64 +linux-image-arm64 + +PACKAGES install GRUB_PC +grub-pc + +PACKAGES install GRUB_EFI +grub-efi dosfstools + +PACKAGES install LVM +lvm2 + +PACKAGES install CLOUD +unattended-upgrades + +PACKAGE install-norec CINNAMON +task-cinnamon-desktop +task-desktop + +PACKAGE install-norec GERMAN +task-german diff --git a/package_config/DEBIAN.gpg b/package_config/DEBIAN.gpg new file mode 100644 index 0000000..0d5b7a9 Binary files /dev/null and b/package_config/DEBIAN.gpg differ diff --git a/package_config/DEMO b/package_config/DEMO new file mode 100644 index 0000000..8f76162 --- /dev/null +++ b/package_config/DEMO @@ -0,0 +1,9 @@ +# some packages we need on a demo machine + +PACKAGES install-norec +htop iotop nmon + +# only when also class XORG is defined +PACKAGES install-norec XORG +bb xpenguins +#frozen-bubble diff --git a/package_config/FAISERVER b/package_config/FAISERVER new file mode 100644 index 0000000..25672c8 --- /dev/null +++ b/package_config/FAISERVER @@ -0,0 +1,13 @@ +PACKAGES install-norec +fai-quickstart + +debmirror tcpdump +xorriso grub-pc +lftp curl +netselect +syslinux-common pxelinux +apt-cacher-ng +nscd psmisc +bind9 dnsutils +iptables-persistent +zile diff --git a/package_config/GERMAN b/package_config/GERMAN new file mode 100644 index 0000000..a9731eb --- /dev/null +++ b/package_config/GERMAN @@ -0,0 +1,5 @@ +PACKAGES install +task-german + +PACKAGES install GNOME +firefox-esr-l10n-de thunderbird-l10n-de diff --git a/package_config/GNOME b/package_config/GNOME new file mode 100644 index 0000000..4ddd3a8 --- /dev/null +++ b/package_config/GNOME @@ -0,0 +1,9 @@ +PACKAGES install-norec + +firefox-esr +#thunderbird +menu gdm3 +gnome-core +gconf-editor +gnome-screensaver gnome-system-monitor gnome-system-tools +network-manager-gnome diff --git a/package_config/HW4F_DESKTOP b/package_config/HW4F_DESKTOP new file mode 100644 index 0000000..2b2f080 --- /dev/null +++ b/package_config/HW4F_DESKTOP @@ -0,0 +1,16 @@ +PACKAGES install +ubuntu-desktop +language-pack-de +language-pack-gnome-de +thunderbird +thunderbird-locale-de +firefox +firefox-locale-de +libreoffice +libreoffice-l10n-de +libreoffice-help-de +ubuntu-software +ubuntu-snappy +snapd + +APTPROXY=http://hw4f-fai:3142 diff --git a/package_config/MINT b/package_config/MINT new file mode 100644 index 0000000..dcf41e8 --- /dev/null +++ b/package_config/MINT @@ -0,0 +1,7 @@ +PACKAGES install-norec DESKTOP +linuxmint-keyring +mint-info-cinnamon +mint-info +mint-meta-cinnamon +mint-meta-core +mint-meta-codecs diff --git a/package_config/ROCKY b/package_config/ROCKY new file mode 100644 index 0000000..68fe45d --- /dev/null +++ b/package_config/ROCKY @@ -0,0 +1,35 @@ +PACKAGES dnfgroup +core +minimal-environment +#server-product-environment +#headless-management + +PACKAGES dnfgroup XORG +graphical-server-environment +workstation-product-environment + +PACKAGES dnfi +NetworkManager +chrony +kernel +dracut +less +openssh +openssh-clients +openssh-server +vim-enhanced +man +curl +unzip +which +ncurses ncurses-base + +PACKAGES dnfi GRUB_PC +grub2-pc + +PACKAGES dnfi GRUB_EFI +grub2-efi + + +PACKAGES dnfi LVM +lvm2 diff --git a/package_config/STANDARD b/package_config/STANDARD new file mode 100644 index 0000000..16c6a85 --- /dev/null +++ b/package_config/STANDARD @@ -0,0 +1,38 @@ +PACKAGES install-norec + +# the list of standard packages, without any libs and a few packages removed +apt-listchanges +bash-completion +bind9-host +dbus +dnsutils +doc-debian +file +gettext-base +groff-base +hdparm +less +locales +lsof +man-db +manpages +mime-support +ncurses-term +netcat-traditional +openssh-client +pciutils +perl +reportbug +telnet +traceroute +ucf +xz-utils +vim + +PACKAGES install-norec STRETCH BUSTER +python +python-minimal + +PACKAGES install-norec BULLSEYE +python3 +python3-minimal diff --git a/package_config/UBUNTU b/package_config/UBUNTU new file mode 100644 index 0000000..d872eb4 --- /dev/null +++ b/package_config/UBUNTU @@ -0,0 +1,23 @@ +PACKAGES install I386 +linux-image-generic +memtest86+ + +PACKAGES install CHROOT +linux-image-generic- + +PACKAGES install AMD64 +linux-image-generic +memtest86+ + +PACKAGES install GRUB_PC +grub-pc + +PACKAGES install GRUB_EFI +grub-efi dosfstools + +PACKAGES install +ubuntu-minimal +ubuntu-server + +PACKAGES install GERMAN +language-pack-gnome-de diff --git a/package_config/XFCE b/package_config/XFCE new file mode 100644 index 0000000..2e878d3 --- /dev/null +++ b/package_config/XFCE @@ -0,0 +1,6 @@ +PACKAGES install-norec +xfce4 # base system +xfce4-goodies # additional tools +lightdm +firefox-esr +network-manager-gnome diff --git a/package_config/XORG b/package_config/XORG new file mode 100644 index 0000000..2dd9d0b --- /dev/null +++ b/package_config/XORG @@ -0,0 +1,12 @@ +PACKAGES install-norec DEBIAN +xorg xserver-xorg-video-all xserver-xorg-input-all +fonts-freefont-ttf +xscreensaver +xscreensaver-gl +xterm +desktop-base + +PACKAGES install UBUNTU +ubuntu-server- +ubuntu-standard +ubuntu-desktop diff --git a/scripts/CLOUD/10-network b/scripts/CLOUD/10-network new file mode 100755 index 0000000..3406ccc --- /dev/null +++ b/scripts/CLOUD/10-network @@ -0,0 +1,11 @@ +#!/bin/bash + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +# Disable systemd's network interface name management. +# References: +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863385 +# https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ + +fcopy -M /etc/default/grub.d/10_cloud_disable_net.ifnames.cfg +$ROOTCMD update-grub diff --git a/scripts/CLOUD/99-cleanup b/scripts/CLOUD/99-cleanup new file mode 100755 index 0000000..9f42bdd --- /dev/null +++ b/scripts/CLOUD/99-cleanup @@ -0,0 +1,27 @@ +#! /bin/bash + +#fcopy /etc/init.d/expand-root +#if [ -f $target/files/etc/init.d/expand-root ]; then +# $ROOTCMD insserv --default expand-root +#fi + +fai-sed "s/PermitRootLogin yes/PermitRootLogin without-password/" /etc/ssh/sshd_config +ainsl /etc/ssh/sshd_config 'ClientAliveInterval 120' + +ainsl -a /etc/modprobe.d/blacklist.conf 'blacklist pcspkr' +ainsl -a /etc/modprobe.d/blacklist.conf 'blacklist floppy' + +rm -f $target/etc/resolv.conf \ + $target/etc/udev/rules.d/70-persistent-net.rules \ + $target/lib/udev/write_net_rules \ + $target/etc/mailname \ + $target/var/lib/dbus/machine-id + +> $target/etc/machine-id + +shred --remove $target/etc/ssh/ssh_host_* + +# FIXME: DHCP RFC3442 is used incorrect in Azure +if [ -f $target/etc/dhcp/dhclient.conf ]; then + fai-sed 's,rfc3442-classless-static-routes,disabled-\0,' /etc/dhcp/dhclient.conf +fi diff --git a/scripts/DEBIAN/10-rootpw b/scripts/DEBIAN/10-rootpw new file mode 100755 index 0000000..7f02ae0 --- /dev/null +++ b/scripts/DEBIAN/10-rootpw @@ -0,0 +1,18 @@ +#! /bin/bash + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +# set root password +if [ -n "$ROOTPW" ]; then + $ROOTCMD chpasswd --encrypted <<< "root:${ROOTPW}" +elif [ -n "$username" ]; then + $ROOTCMD usermod -L root + # enable sudo for user + ainsl /etc/sudoers "$username ALL = ALL" + if [ ! -f $target/usr/bin/sudo ]; then + echo "WARNING. Package sudo is not installed" + fi +fi + +exit $error + diff --git a/scripts/DEBIAN/20-capabilities b/scripts/DEBIAN/20-capabilities new file mode 100755 index 0000000..ea650fa --- /dev/null +++ b/scripts/DEBIAN/20-capabilities @@ -0,0 +1,22 @@ +#!/bin/bash +# +# Capabilities get lost when creating the fai base.tar.xz image. +# Restore them here. +# + +set -e + +if [ ! -x $target/sbin/setcap ] ; then + exit 0 +fi + +for FILE in /bin/ping /bin/ping6 /usr/bin/fping /usr/bin/fping6; do + if [ -x $target/$FILE -a ! -h $target/$FILE ] ; then + if $ROOTCMD /sbin/setcap cap_net_raw+ep $FILE; then + echo "Setcap worked! $FILE is not suid!" + fi + fi +done +if [ -x $target/usr/bin/systemd-detect-virt ] ; then + $ROOTCMD /sbin/setcap cap_dac_override,cap_sys_ptrace+ep /usr/bin/systemd-detect-virt +fi diff --git a/scripts/DEBIAN/30-interface b/scripts/DEBIAN/30-interface new file mode 100755 index 0000000..e31fd20 --- /dev/null +++ b/scripts/DEBIAN/30-interface @@ -0,0 +1,117 @@ +#! /bin/bash + +netplan_yaml() { + # network configuration using ubuntu's netplan.io + local IFNAME="$1" + local METHOD="$2" + echo "Generating netplan configuration for $IFNAME ($METHOD)" >&2 + echo "# generated by FAI" + echo "network:" + echo " version: 2" + echo " renderer: $RENDERER" + case "$RENDERER" in + networkd) + echo " ethernets:" + echo " $IFNAME:" + case "$METHOD" in + dhcp) + echo " dhcp4: true" + ;; + static) + echo " addresses: [$CIDR]" + echo " gateway4: $GATEWAYS_1" + echo " nameservers:" + echo " search: [$DOMAIN]" + echo " addresses: [${DNSSRVS// /, }]" + ;; + esac + esac +} + +iface_stanza() { + # classic network configuration using /etc/network/interfaces + local IFNAME="$1" + local METHOD="$2" + echo "Generating interface configuration for $IFNAME ($METHOD)" >&2 + echo "# generated by FAI" + echo "auto $IFNAME" + echo "iface $IFNAME inet $METHOD" + case "$METHOD" in + static) + echo " address $CIDR" + echo " gateway $GATEWAYS" + ;; + esac +} + +newnicnames() { + + local name + + [ $do_init_tasks -eq 0 ] && return + [ -z "$NIC1" ] && return + + fields="ID_NET_NAME_FROM_DATABASE ID_NET_NAME_ONBOARD ID_NET_NAME_SLOT ID_NET_NAME_PATH" + for field in $fields; do + name=$(udevadm info /sys/class/net/$NIC1 | sed -rn "s/^E: $field=(.+)/\1/p") + if [[ $name ]]; then + NIC1=$name + return + fi + done + + # try to get altname net dev + name=$(ip link show $NIC1 | awk '/altname / { print $2 }') + if [[ $name ]]; then + NIC1=$name + return + else + echo "$0: error: could not find systemd predictable network name. Using $NIC1." + fi +} + +if [ -z "$NIC1" ]; then + echo "WARNING: \$NIC1 is not defined. Cannot add ethernet to /etc/network/interfaces." +fi +CIDR=$(ip --br ad sh $NIC1|awk '{print $3}') +newnicnames + +case "$FAI_ACTION" in + install|dirinstall) + ifclass DHCPC && METHOD=dhcp || METHOD=static + ifclass XORG && RENDERER=NetworkManager || RENDERER=networkd + + if [ -d $target/etc/netplan ]; then + # Ubuntu >= 17.10 with netplan.io + if [ -n "$NIC1" ]; then + netplan_yaml $NIC1 $METHOD > $target/etc/netplan/01-${NIC1}.yaml + fi + elif [ -d $target/etc/network/interfaces.d ]; then + # ifupdown >= 0.7.41 (Debian >= 8, Ubuntu >= 14.04) + iface_stanza lo loopback > $target/etc/network/interfaces.d/lo + + if [ -n "$NIC1" -a ! -f $target/etc/NetworkManager/NetworkManager.conf ]; then + iface_stanza $NIC1 $METHOD > $target/etc/network/interfaces.d/$NIC1 + fi + else + ( + iface_stanza lo loopback + iface_stanza $NIC1 $METHOD + ) > $target/etc/network/interfaces + fi + + if ! ifclass DHCPC ; then + [ -n "$NETWORK" ] && echo "localnet $NETWORK" > $target/etc/networks + if [ ! -L $target/etc/resolv.conf -a -e /etc/resolv.conf ]; then + cp -p /etc/resolv.conf $target/etc + fi + fi + ;; +esac + +# here fcopy is mostly used, when installing a client for running in a +# different subnet than during the installation +fcopy -iM /etc/resolv.conf +fcopy -iM /etc/network/interfaces /etc/networks + +exit $error diff --git a/scripts/DEBIAN/40-misc b/scripts/DEBIAN/40-misc new file mode 100755 index 0000000..3742a41 --- /dev/null +++ b/scripts/DEBIAN/40-misc @@ -0,0 +1,51 @@ +#! /bin/bash + +# (c) Thomas Lange, 2001-2016, lange@debian.org +# (c) Michael Goetze, 2010-2011, mgoetze@mgoetze.net + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +# a list of modules which are loaded at boot time +for module in $MODULESLIST; do + ainsl -a /etc/modules "^$module$" +done + +fcopy -Mv /etc/hostname || echo $HOSTNAME > $target/etc/hostname +ainsl -a /etc/mailname ${HOSTNAME} +if [ ! -e $target/etc/adjtime ]; then + printf "0.0 0 0.0\n0\nUTC\n" > $target/etc/adjtime +fi +if [ "$UTC" = "yes" ]; then + fai-sed 's:^LOCAL$:UTC:' /etc/adjtime +else + fai-sed 's:^UTC$:LOCAL:' /etc/adjtime +fi + +# enable linuxlogo +if [ -f $target/etc/inittab ]; then + fai-sed 's#/sbin/getty 38400#/sbin/getty -f /etc/issue.linuxlogo 38400#' /etc/inittab +elif [ -f $target/lib/systemd/system/getty@.service ]; then + fai-sed 's#sbin/agetty --noclear#sbin/agetty -f /etc/issue.linuxlogo --noclear#' /lib/systemd/system/getty@.service +fi + +# make sure a machine-id exists +if [ ! -f $target/etc/machine-id ]; then + > $target/etc/machine-id +fi +# recreate machine-id if the file is empty +if [ X"$(stat -c '%s' $target/etc/machine-id 2>/dev/null)" = X0 -a -f $target/bin/systemd-machine-id-setup ]; then + $ROOTCMD systemd-machine-id-setup +fi + +fai-link /etc/mtab ../proc/self/mounts + +rm -f $target/etc/dpkg/dpkg.cfg.d/unsafe-io + +if [ -d /etc/fai ]; then + if ! fcopy -Mv /etc/fai/fai.conf; then + ainsl -a /etc/fai/fai.conf "FAI_CONFIG_SRC=$FAI_CONFIG_SRC" + fi +fi +fcopy -iv /etc/rc.local + +exit $error diff --git a/scripts/DEMO/10-misc b/scripts/DEMO/10-misc new file mode 100755 index 0000000..1cba900 --- /dev/null +++ b/scripts/DEMO/10-misc @@ -0,0 +1,39 @@ +#! /bin/bash + +# (c) Thomas Lange, 2001-2017, lange@debian.org + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +ifclass XORG && { + fcopy -M /etc/X11/xorg.conf +} + +if ifclass UBUNTU; then + groups="adm cdrom sudo dip plugdev lpadmin sambashare" + $ROOTCMD addgroup --system lpadmin || true + $ROOTCMD addgroup --system sambashare || true +fi + +# add additional user account +if [ -n "$username" ]; then + if ! $ROOTCMD getent passwd $username ; then + $ROOTCMD adduser --disabled-login --gecos "$username user" $username + $ROOTCMD usermod -p "$USERPW" $username + userdir=$($ROOTCMD getent passwd "$username" | cut -d: -f6 ) + + # disable xfce question about default or empty panel + if [ -f $target/etc/xdg/xfce4/panel/default.xml ]; then + xfdir=$userdir/.config/xfce4/xfconf/xfce-perchannel-xml + if [ ! -d $target/$xfdir ]; then + $ROOTCMD mkdir -p $xfdir + $ROOTCMD cp /etc/xdg/xfce4/panel/default.xml $xfdir/xfce4-panel.xml + # group name is the same as user name + $ROOTCMD chown -R $username:$username $userdir/.config + fi + fi + + for g in $groups; do + $ROOTCMD adduser $username $g + done + fi +fi diff --git a/scripts/FAIBASE/10-misc b/scripts/FAIBASE/10-misc new file mode 100755 index 0000000..926b5f0 --- /dev/null +++ b/scripts/FAIBASE/10-misc @@ -0,0 +1,37 @@ +#! /bin/bash + +# (c) Thomas Lange, 2001-2012, lange@debian.org + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +echo $TIMEZONE > $target/etc/timezone +if [ -L $target/etc/localtime ]; then + fai-link /etc/localtime /usr/share/zoneinfo/${TIMEZONE} +else + cp -f /usr/share/zoneinfo/${TIMEZONE} $target/etc/localtime +fi + +if [ -f $target/etc/hosts.orig ]; then + mv $target/etc/hosts.orig $target/etc/hosts +fi +if [ -n "$IPADDR" ]; then + ifclass DHCPC || ainsl -s /etc/hosts "$IPADDR $HOSTNAME.$DOMAIN $HOSTNAME" +else + ifclass DHCPC && ainsl -s /etc/hosts "127.0.0.1 $HOSTNAME" +fi +fcopy -iM /etc/hosts /etc/motd + +# make /root accessible only by root +chmod -c 0700 $target/root +chown -c root:root $target/root +# copy default dotfiles for root account +fcopy -ir /root + +# use tmpfs for /tmp if not defined in disk_config +if ! grep -Pq '\s/tmp\s' $target/etc/fstab; then + ainsl /etc/fstab "tmpfs /tmp tmpfs nodev,nosuid,size=50%,mode=1777 0 0" +fi +chmod -c 1777 ${target}/tmp +chown -c 0:0 ${target}/tmp + +exit $error diff --git a/scripts/FAIBASE/15-root-ssh-key b/scripts/FAIBASE/15-root-ssh-key new file mode 100755 index 0000000..db692ad --- /dev/null +++ b/scripts/FAIBASE/15-root-ssh-key @@ -0,0 +1,35 @@ +#! /bin/bash + +# (c) Thomas Lange, 2022, lange@debian.org +# +# Add public ssh key for user root to get login access + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +SSHDIR=$target/root/.ssh +AUKEY=$SSHDIR/authorized_keys + +# reverse order of classes +for c in $classes; do + revclasses="$c $revclasses" +done + +for c in $revclasses; do + if [ -f $FAI/files/root-ssh-key/$c ]; then + if [ -f $AUKEY ]; then + cmp -s $FAI/files/root-ssh-key/$c $AUKEY + if [ $? -eq 0 ]; then + exit + fi + fi + if [ ! -d $SSHDIR ]; then + mkdir -m 700 $SSHDIR + fi + cp -v $FAI/files/root-ssh-key/$c $AUKEY + chown root:root $AUKEY + chmod 700 $AUKEY + break + fi +done + +exit $error diff --git a/scripts/FAIBASE/20-removable_media b/scripts/FAIBASE/20-removable_media new file mode 100755 index 0000000..8d07029 --- /dev/null +++ b/scripts/FAIBASE/20-removable_media @@ -0,0 +1,25 @@ +#! /bin/bash + +# (c) Thomas Lange, 2006,2009, lange@debian.org +# create entries for removable media in fstab and directories in /media + +cdromlist() { + [ -f /proc/sys/dev/cdrom/info ] || return + devs=$(grep 'drive name:' /proc/sys/dev/cdrom/info | cut -d ":" -f 2) + for d in $devs; do + echo $d + done +} + +fstabline () { + line=$(printf "%-15s %-15s %-7s %-15s %-7s %s\n" "$1" "$2" "$3" "$4" "$5" "$6") + ainsl /etc/fstab "$line" +} + +i=0 +for cdrom in $(cdromlist | tac); do + [ $i -eq 0 ] && ln -sfn cdrom0 $target/media/cdrom + mkdir -p $target/media/cdrom$i + fstabline /dev/$cdrom /media/cdrom$i udf,iso9660 ro,user,noauto 0 0 + i=$((i + 1)) +done diff --git a/scripts/FAISERVER/10-conffiles b/scripts/FAISERVER/10-conffiles new file mode 100755 index 0000000..699908a --- /dev/null +++ b/scripts/FAISERVER/10-conffiles @@ -0,0 +1,49 @@ +#! /bin/bash + +fcopy -BvrS /etc/fai +fcopy -BvS /etc/dhcp/dhcpd.conf + +if [ $FAI_ACTION = "install" -o $FAI_ACTION = "dirinstall" ] ; then + + # use the same sources.list for the server itself and the clients + cp -a $target/etc/fai/apt $target/etc/ + + if ifclass DHCPC; then + rm -f $target/etc/resolv.conf + else + echo 127.0.0.1 > $target/etc/resolv.conf + fi + + # faiserver uses its own apt cache + ainsl -av /etc/apt/apt.conf.d/02proxy 'Acquire::http::Proxy "http://127.0.0.1:3142";' + + # create some host entries + _nic=$(ip route | awk '/^default/ {print $5}'|head -1) + myip=$(ip -br ad sh $_nic | awk '{print $3}') + myip=${myip%/*} + ainsl /etc/hosts "$myip faiserver" # that's me + ainsl /etc/hosts "192.168.33.100 demohost" + ainsl /etc/hosts "192.168.33.101 xfcehost" + # add entries for 10 hosts called client 01 .. 10 + perl -e 'for (1..10) {printf "192.168.33.%s client%02s\n",101+$_,$_;}' >> $target/etc/hosts + + fai-sed '/# ReuseConnections: 1/d' /etc/apt-cacher-ng/acng.conf + ainsl -v /etc/apt-cacher-ng/acng.conf "ReuseConnections: 0" + + # copy base file for faster building of nfsroot + if [ -f /var/tmp/base.tar.xz ]; then + cp -p /var/tmp/base.tar.xz $target/var/tmp + fi + + if [ -d /media/mirror/pool ]; then + mkdir $target/var/cache/apt-cacher-ng/_import + cp -p /media/mirror/pool/*/*/*/*.deb $target/var/cache/apt-cacher-ng/_import + $ROOTCMD chown -R apt-cacher-ng:apt-cacher-ng /var/cache/apt-cacher-ng/_import + fi + + # copy basefiles from CD to config space + if [ -d $FAI/basefiles ]; then + mkdir -p $target/srv/fai/config/basefiles + cp -vp $FAI/basefiles/*.tar.* $target/srv/fai/config/basefiles 2>/dev/null || true + fi +fi diff --git a/scripts/GRUB_EFI/10-setup b/scripts/GRUB_EFI/10-setup new file mode 100755 index 0000000..7dd92d4 --- /dev/null +++ b/scripts/GRUB_EFI/10-setup @@ -0,0 +1,68 @@ +#! /bin/bash +# support for GRUB version 2 + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +# This script assumes that the disk has a GPT partition table and +# that the extended system partition (ESP) is mounted on /boot/efi. +# When building a disk image, we don't change the NVRAM to point at +# the boot image we made available, because the disk image is likely +# not installed on the current system. As a result, we force +# installation into the removable media paths as well as the standard +# debian path. + +set -a + +# do not set up grub during dirinstall +if [ "$FAI_ACTION" = "dirinstall" ] ; then + exit 0 +fi +# during softupdate use this file +[ -r $LOGDIR/disk_var.sh ] && . $LOGDIR/disk_var.sh + +if [ -z "$BOOT_DEVICE" ]; then + exit 189 +fi + +# disable os-prober because of #802717 +ainsl /etc/default/grub 'GRUB_DISABLE_OS_PROBER=true' + +# skip the rest, if not an initial installation +if [ $FAI_ACTION != "install" ]; then + $ROOTCMD update-grub + exit $error +fi + +GROOT=$($ROOTCMD grub-probe -tdrive -d $BOOT_DEVICE) + +# handle /boot in lvm-on-md +_bdev=$(readlink -f $BOOT_DEVICE) +if [ "${_bdev%%-*}" = "/dev/dm" ]; then + BOOT_DEVICE=$( lvs --noheadings -o devices $BOOT_DEVICE | sed -e 's/^*\([^(]*\)(.*$/\1/' ) +fi + +# Check if RAID is used for the boot device +if [[ $BOOT_DEVICE =~ '/dev/md' ]]; then + raiddev=${BOOT_DEVICE#/dev/} + # install grub on all members of RAID + for device in $(LC_ALL=C perl -ne 'if(/^'$raiddev'\s.+raid\d+\s(.+)/){ $_=$1; s/\d+\[\d+\]//g; print }' /proc/mdstat); do + echo Install grub on /dev/$device + $ROOTCMD grub-install --no-floppy --force-extra-removable "/dev/$device" + done + +elif [[ $BOOT_DEVICE =~ '/dev/loop' ]]; then + # do not update vmram when using a loop device + $ROOTCMD grub-install --no-floppy --force-extra-removable --modules=part_gpt --no-nvram $BOOT_DEVICE + if [ $? -eq 0 ]; then + echo "Grub installed on hostdisk $BOOT_DEVICE" + fi + +else + $ROOTCMD grub-install --no-floppy --modules=part_gpt "$GROOT" + if [ $? -eq 0 ]; then + echo "Grub installed on $BOOT_DEVICE = $GROOT" + fi +fi +$ROOTCMD update-grub + +exit $error diff --git a/scripts/GRUB_PC/10-setup b/scripts/GRUB_PC/10-setup new file mode 100755 index 0000000..270b356 --- /dev/null +++ b/scripts/GRUB_PC/10-setup @@ -0,0 +1,84 @@ +#! /bin/bash +# support for GRUB version 2 + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +set -a + +# do not set up grub during dirinstall +if [ "$FAI_ACTION" = "dirinstall" ] ; then + exit 0 +fi +# during softupdate use this file +[ -r $LOGDIR/disk_var.sh ] && . $LOGDIR/disk_var.sh + +if [ -z "$BOOT_DEVICE" ]; then + exit 189 +fi + +# disable os-prober because of #802717 +ainsl /etc/default/grub 'GRUB_DISABLE_OS_PROBER=true' + +# skip the rest, if not an initial installation +if [ $FAI_ACTION != "install" ]; then + $ROOTCMD update-grub + exit $error +fi + +get_stable_devname() { + + local _DEV="$1" + local i + declare -a _RES + + # prefer SCSI over ATA over WWN over path + # do not use by-path + + for i in $($ROOTCMD udevadm info -r --query=symlink "$_DEV"); do + if [[ "$i" =~ /by-id/scsi ]]; then + _RES[10]="$i" + elif [[ "$i" =~ /by-id/ata ]]; then + _RES[20]="$i" + elif [[ "$i" =~ /by-id/wwn ]]; then + _RES[99]="$i" + fi + done + + echo "${_RES[@]::1}" +} + +# handle /boot in lvm-on-md +_bdev=$(readlink -f $BOOT_DEVICE) +if [ "${_bdev%%-*}" = "/dev/dm" ]; then + BOOT_DEVICE=$( lvs --noheadings -o devices $BOOT_DEVICE | sed -e 's/^*\([^(]*\)(.*$/\1/' ) +fi + +# Check if RAID is used for the boot device +if [[ $BOOT_DEVICE =~ '/dev/md' ]]; then + raiddev=${BOOT_DEVICE#/dev/} + # install grub on all members of RAID + for device in $(LC_ALL=C perl -ne 'if(/^'$raiddev'\s.+raid\d+\s(.+)/){ $_=$1; s/\d+\[\d+\]//g; s/(nvme.+?)p/$1/g; print }' /proc/mdstat); do + pdevice=$(get_stable_devname /dev/$device) + if [ -z "$pdevice" ]; then + # if we cannot find a persistent name (for e.g. in a VM) use old name + pdevice="/dev/$device" + fi + mbrdevices+="$pdevice, " + echo Installing grub on /dev/$device = $pdevice + $ROOTCMD grub-install --no-floppy "/dev/$device" + done + # remove last , + mbrdevices=${mbrdevices%, } +else + mbrdevices=$(get_stable_devname $BOOT_DEVICE) + if [ -z "$mbrdevices" ]; then + # if we cannot find a persistent name (for e.g. in a VM) use old name + mbrdevices=$BOOT_DEVICE + fi + echo "Installing grub on $BOOT_DEVICE = $mbrdevices" + $ROOTCMD grub-install --no-floppy "$mbrdevices" +fi + +echo "grub-pc grub-pc/install_devices multiselect $mbrdevices" | $ROOTCMD debconf-set-selections +$ROOTCMD dpkg-reconfigure grub-pc +exit $error diff --git a/scripts/HW4F_DESKTOP_LAST/00-remove-proxy b/scripts/HW4F_DESKTOP_LAST/00-remove-proxy new file mode 100755 index 0000000..82548c7 --- /dev/null +++ b/scripts/HW4F_DESKTOP_LAST/00-remove-proxy @@ -0,0 +1,3 @@ +#!/bin/bash + +$ROOTCMD rm -f /etc/apt/apt.conf.d/00-proxy diff --git a/scripts/HW4F_DESKTOP_LAST/01-network b/scripts/HW4F_DESKTOP_LAST/01-network new file mode 100755 index 0000000..f3e7bdd --- /dev/null +++ b/scripts/HW4F_DESKTOP_LAST/01-network @@ -0,0 +1,13 @@ +#!/bin/bash + +# allow configure NICs globally over network manager +#$ROOTCMD touch /etc/NetworkManager/conf.d/10-globally-managed-devices.conf +# enable resolved +$ROOTCMD systemctl enable systemd-resolved + +$ROOTCMD tee /etc/netplan/01-network-manager-all.yaml <$error?$?:$error))' ERR # save maximum error code + +# remove crypt password from both log files +if [ -f $LOGDIR/format.log ]; then + perl -i -pane "s/Executing: yes '.+?' \| cryptsetup/Executing: yes 'XXXXXXXXXXXXX' | cryptsetup/" $LOGDIR/format.log $LOGDIR/fai.log +fi + +if [ "$FAI_ACTION" = "dirinstall" -o $do_init_tasks -eq 0 ] ; then + : +else + # check if mdadm has been forgotten + if grep -q active /proc/mdstat 2>/dev/null; then + if [ ! -d $target/etc/mdadm ]; then + echo ERROR: Found Software RAID, but the mdadm package was not installed + error=1 + fi + fi + + if [ -f $target/etc/crypttab ] && [ ! -f $target/sbin/cryptsetup ]; then + echo ERROR: Encrypted devices used, but the crypsetup package was not installed. + echo ERROR: You want to add cryptsetup-initramfs or dracut to some package_config file. + fi + + usedm=$(dmsetup ls 2>/dev/null | egrep -v '^live-rw|^live-base|^No devices found' | wc -l) + if [ $usedm -ne 0 ]; then + if [ ! -d $target/etc/lvm ]; then + echo ERROR: Found lvm devices, but the lvm2 package was not installed + error=1 + fi + fi +fi + +# remove backup files from cfengine, but only if cfengine is installed +if [ -x /usr/sbin/cfagent ] || [ -x $target/usr/sbin/cfagent ] ; then + dirs="root etc var" + for path in $dirs; do + find $target/$path -maxdepth 20 -name \*.cfedited -o -name \*.cfsaved | xargs -r rm + done +fi + +[ "$FAI_DEBMIRROR" ] && + ainsl /etc/fstab "#$FAI_DEBMIRROR $MNTPOINT nfs ro 0 0" + +# set bios clock +if [ $do_init_tasks -eq 1 ] ; then + case "$UTC" in + no|"") hwopt="--localtime" ;; + yes) hwopt="--utc" ;; + esac + hwclock $hwopt --systohc || true +fi + +# Make sure everything is configured properly +if ifclass DEBIAN ; then + $ROOTCMD apt-get -f install -y +fi + +if [ $FAI_ACTION = "install" ]; then + lskernels=$(echo $target/boot/vmlinu*) + if [ ! -f ${lskernels%% *} ]; then + echo "ERROR: No kernel was installed. Have a look at shell.log" >&2 + error=1 + fi +fi + +# copy sources.list +fcopy -iSM /etc/apt/sources.list + + +setrel() { + + # if release is not set, try to determine it + + if [ -n "$release" ]; then + return + fi + if [ ! -f $target/etc/os-release ]; then + return + fi + + dists="jessie stretch buster bullseye bookworm trixie forky jammy focal bionic xenial trusty" + for d in $dists; do + if grep -iq $d $target/etc/os-release; then + release=$d + break + fi + done +} + +# if installation was done from CD, replace useless sources.list +setrel +if [ -f $target/etc/apt/sources.list -a -n "$release" ]; then + grep -q 'file generated by fai-cd' $target/etc/apt/sources.list && cat < $target/etc/apt/sources.list +deb $apt_cdn/debian $release main contrib non-free +deb $security_cdn/debian-security ${secsuite} main contrib non-free +#deb [trusted=yes] http://fai-project.org/download $release koeln +EOF + # if the package fai-server was installed, enable the project's repository + if dpkg-query --admindir=$target/var/lib/dpkg -W fai-server >/dev/null 2>&1; then + fai-sed '/fai-project.org/s/^#//' /etc/apt/sources.list + fi +fi + +# for ARM architecture, we may need the kernel and initrd to boot or flash the device +if ifclass ARM64; then + cp -pv $target/boot/vmlinuz* $target/boot/initrd* $FAI_RUNDIR +fi + +exit $error diff --git a/scripts/ROCKY/10-security b/scripts/ROCKY/10-security new file mode 100755 index 0000000..566c3f4 --- /dev/null +++ b/scripts/ROCKY/10-security @@ -0,0 +1,14 @@ +#! /bin/bash + +# (c) Michael Goetze, 2010-11, mgoetze@mgoetze.net +# Thomas Lange, 2015-2020 + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +$ROOTCMD usermod -p $ROOTPW root + +fcopy -v /etc/selinux/config +$ROOTCMD fixfiles onboot # this fixes the SELinux security contexts during the first boot +chmod a+rx $target + +exit $error diff --git a/scripts/ROCKY/30-mkinitrd b/scripts/ROCKY/30-mkinitrd new file mode 100755 index 0000000..447de27 --- /dev/null +++ b/scripts/ROCKY/30-mkinitrd @@ -0,0 +1,25 @@ +#! /bin/bash + +# (c) Michael Goetze, 2010-2011, mgoetze@mgoetze.net +# (c) Thomas Lange, 2011, Uni Koeln + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +ainsl -v /etc/fstab "proc /proc proc defaults 0 0" +ainsl -v /etc/fstab "sysfs /sys sysfs auto 0 0" + +version=$($ROOTCMD rpm -qv kernel | cut -d- -f2-) + + +if [ -f $target/etc/lvm/lvm.conf ]; then + fai-sed 's/use_lvmetad = 1/use_lvmetad = 0/' /etc/lvm/lvm.conf + ainsl -av /etc/dracut.conf.d/fai.conf 'add_dracutmodules+=" lvm "' +fi + + +# add filesystem driver into initrd +ainsl -av /etc/dracut.conf.d/fai.conf 'filesystems+="ext4"' +$ROOTCMD dracut -v --kver $version --force + + +exit $error diff --git a/scripts/ROCKY/40-install-grub b/scripts/ROCKY/40-install-grub new file mode 100755 index 0000000..5590ded --- /dev/null +++ b/scripts/ROCKY/40-install-grub @@ -0,0 +1,87 @@ +#! /bin/bash + +# (c) Michael Goetze, 2011, mgoetze@mgoetze.net +# (c) Thomas Lange 2014 + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +if [ -r $LOGDIR/disk_var.sh ] ; then + . $LOGDIR/disk_var.sh +else + echo "disk_var.sh not found!" + exit 1 +fi + + +# CentOS 7 does not have a device.map file, so generate one +if [ -d $target/boot/grub2 -a ! -f $target/boot/grub2/device.map ]; then + echo "# Generated by FAI" >> $target/boot/grub2/device.map + centosdisks=$(awk '/[sv]d.$/ {print $4}' /proc/partitions | sort) + dcount=0 + for d in $centosdisks; do + echo "(hd$dcount) /dev/$d" >> $target/boot/grub2/device.map + dcount=$((dcount + 1)) + done +fi + +bootdev=$(device2grub $BOOT_DEVICE) +bootpart=$(device2grub $BOOT_PARTITION) +version=$($ROOTCMD rpm -qv kernel | cut -d- -f2-) + +if grep '[[:space:]]/boot[[:space:]]' $LOGDIR/fstab; then + bootdir='' +else + bootdir='/boot' +fi + +mount -o bind /dev $target/dev + +if [ -f $target/usr/sbin/grub2-install ]; then + + # CentOS 7 + $ROOTCMD grub2-install --no-floppy "$BOOT_DEVICE" + $ROOTCMD grub2-mkconfig --output=/boot/grub2/grub.cfg +else + +$ROOTCMD grub-install --just-copy + +$ROOTCMD grub --device-map=/dev/null --no-floppy --batch <<-EOF + device $bootdev $BOOT_DEVICE + root $bootpart + setup $bootdev + quit + EOF + +ln -s ./menu.lst $target/boot/grub/grub.conf + +if [ -f $target/boot/grub/splash.xpm.gz ]; then + pretty="splashimage=$bootpart$bootdir/grub/splash.xpm.gz" +else + pretty="color cyan/blue white/blue" +fi + +title=$(head -1 $target/etc/redhat-release) + +cat > $target/boot/grub/grub.conf <<-EOF + timeout 5 + default 0 + $pretty + hiddenmenu + + title $title + root $bootpart + kernel $bootdir/vmlinuz-$version root=$ROOT_PARTITION ro + initrd $bootdir/initramfs-$version.img + EOF + +fi + +umount $target/dev + +echo "" +echo "Grub installed on $BOOT_DEVICE = $bootdev" +echo "Grub boot partition is $BOOT_PARTITION = $bootpart" +echo "Root partition is $ROOT_PARTITION" +echo "Boot kernel: $version" + +exit $error diff --git a/scripts/ROCKY/50-sysconfig b/scripts/ROCKY/50-sysconfig new file mode 100755 index 0000000..e9054b6 --- /dev/null +++ b/scripts/ROCKY/50-sysconfig @@ -0,0 +1,35 @@ +#! /bin/bash + +# (c) Michael Goetze, 2011, mgoetze@mgoetze.net + +error=0 ; trap "error=$((error|1))" ERR + +cat > $target/etc/sysconfig/clock <<-EOF + UTC=$UTC + ZONE=$TIMEZONE + EOF +cat > $target/etc/sysconfig/i18n <<-EOF + LANG="$DEFAULTLOCALE" + SUPPORTED="$SUPPORTEDLOCALE" + SYSFONT="$CONSOLEFONT" + EOF +cat > $target/etc/sysconfig/keyboard <<-EOF + KEYBOARDTYPE="pc" + KEYTABLE="$KEYMAP" + EOF + +# can not be used, because we still not use systemd in FAI +# $ROOTCMD localectl set-locale LANG=$DEFAULTLOCALE + +cat > $target/etc/locale.conf <<-EOF + LANG="$DEFAULTLOCALE" + EOF +if [ -f $target/usr/lib/locale/locale-archive.tmpl \ + -a ! -s $target/usr/lib/locale/locale-archive ]; then + mv $target/usr/lib/locale/locale-archive.tmpl $target/usr/lib/locale/locale-archive +fi + +fcopy -iv /etc/sysconfig/i18n /etc/sysconfig/keyboard + +exit $error + diff --git a/scripts/ROCKY/60-network-scripts b/scripts/ROCKY/60-network-scripts new file mode 100755 index 0000000..2542b9e --- /dev/null +++ b/scripts/ROCKY/60-network-scripts @@ -0,0 +1,40 @@ +#! /bin/bash + +error=0 ; trap "error=$((error|1))" ERR + + +# determine predictable network names +fields="ID_NET_NAME_FROM_DATABASE ID_NET_NAME_ONBOARD ID_NET_NAME_SLOT ID_NET_NAME_PATH" +for field in $fields; do + name=$(udevadm info /sys/class/net/$NIC1 | sed -rn "s/^E: $field=(.+)/\1/p") + if [[ $name ]]; then + NIC1=$name + break + fi +done +if [[ ! $name ]]; then + echo "$0: error: could not find systemd predictable network name. Using $NIC1." +fi + + +if [ $FAI_ACTION != "softupdate" ] && ifclass DHCPC; then + cat > $target/etc/sysconfig/network-scripts/ifcfg-$NIC1 <<-EOF + # generated by FAI + TYPE=Ethernet + PROXY_METHOD=none + BOOTPROTO=dhcp + DEFROUTE=yes + BROWSER_ONLY=no + IP4_FAILURE_FATAL=no + IPV6INIT=no + IPV6_AUTOCONF=no + NAME=$NIC1 + DEVICE=$NIC1 + ONBOOT=yes + EOF +fi + +fcopy -iv /etc/sysconfig/network /etc/resolv.conf /etc/networks +fcopy -ivr /etc/sysconfig/network-scripts + +exit $error diff --git a/scripts/ROCKY/80-misc b/scripts/ROCKY/80-misc new file mode 100755 index 0000000..09c8d49 --- /dev/null +++ b/scripts/ROCKY/80-misc @@ -0,0 +1,21 @@ +#! /bin/bash + +error=0 ; trap "error=$((error|1))" ERR + +# add a $username user account +if [ -n "$username" ]; then + if ! $ROOTCMD getent passwd $username ; then + $ROOTCMD adduser -c "$username user" $username + $ROOTCMD usermod -p "$USERPW" $username + fi +fi + +# enable graphical login screen, make run level 5 as default +if [ -f $target/usr/sbin/gdm ]; then + fai-sed 's/id:3:initdefault:/id:5:initdefault:/' /etc/inittab + # do not run this tool + echo "RUN_FIRSTBOOT=NO" > $target/etc/sysconfig/firstboot +fi + +exit $error + diff --git a/scripts/ROCKY/90-cleanup b/scripts/ROCKY/90-cleanup new file mode 100755 index 0000000..2eadacd --- /dev/null +++ b/scripts/ROCKY/90-cleanup @@ -0,0 +1,3 @@ +#! /bin/bash + +$ROOTCMD yum clean all diff --git a/scripts/SECURE_ERASE/01-run b/scripts/SECURE_ERASE/01-run new file mode 100755 index 0000000..3260f41 --- /dev/null +++ b/scripts/SECURE_ERASE/01-run @@ -0,0 +1,14 @@ +#!/bin/bash + +IFS=$'\n' +DEVS_PATH=(`lsblk -n -S -o PATH`) +DEVS_DESC=(`lsblk -n -S -o MODEL`) + +DEVS=(0 '' 0 '') + +ITEMS="dialog --clear --title 'Secure erase disk' --menu 'Select:' 0 0 0" +for (( i=0; i<${#DEVS_PATH[@]}; i++ )) ; do + DEVS+=($i $DEVS_DESC[$i]) +done + +echo ${DEVS[@]} diff --git a/scripts/UBUNTU/10-rootpw b/scripts/UBUNTU/10-rootpw new file mode 100755 index 0000000..8fdf4c8 --- /dev/null +++ b/scripts/UBUNTU/10-rootpw @@ -0,0 +1,15 @@ +#! /bin/bash + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +# set root password +if [ -n "$ROOTPW" ]; then + $ROOTCMD usermod -p "$ROOTPW" root +else + $ROOTCMD usermod -L root + # enable sudo for user + ainsl /etc/sudoers "$username ALL = ALL" +fi + +exit $error + diff --git a/scripts/UBUNTU/11-user b/scripts/UBUNTU/11-user new file mode 100755 index 0000000..0ec01b1 --- /dev/null +++ b/scripts/UBUNTU/11-user @@ -0,0 +1,15 @@ +#! /bin/bash + +error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code + +groups="adm cdrom sudo dip plugdev lpadmin sambashare lxd" + +# add additional user account +if [ -n "$username" ]; then + $ROOTCMD adduser --disabled-login --gecos "$username" $username + $ROOTCMD usermod -p "$USERPW" $username + + for g in $groups; do + $ROOTCMD adduser $username $g + done +fi diff --git a/scripts/UBUNTU/90-apt b/scripts/UBUNTU/90-apt new file mode 100755 index 0000000..4da7029 --- /dev/null +++ b/scripts/UBUNTU/90-apt @@ -0,0 +1,11 @@ +#! /bin/bash + +# check if we already use an external mirror +grep -q "external mirror" $target/etc/apt/sources.list && exit 0 + +cat < $target/etc/apt/sources.list +# external mirror +deb $ubuntumirror/ubuntu $ubuntudist main restricted universe multiverse +deb $ubuntumirror/ubuntu $ubuntudist-updates main restricted universe multiverse +deb $ubuntumirror/ubuntu $ubuntudist-security main restricted universe multiverse +EOM diff --git a/scripts/UBUNTU/91-misc b/scripts/UBUNTU/91-misc new file mode 100755 index 0000000..0d1d6d8 --- /dev/null +++ b/scripts/UBUNTU/91-misc @@ -0,0 +1,7 @@ +#! /bin/bash + +# disable the first login screen +$ROOTCMD dpkg-divert --local --rename --add /etc/xdg/autostart/gnome-initial-setup-first-login.desktop +$ROOTCMD dpkg-divert --local --rename --add /etc/xdg/autostart/gnome-initial-setup-copy-worker.desktop +$ROOTCMD deluser --system gnome-initial-setup +$ROOTCMD dpkg-reconfigure keyboard-configuration diff --git a/tests/FAIBASE_TEST b/tests/FAIBASE_TEST new file mode 100755 index 0000000..79bfab2 --- /dev/null +++ b/tests/FAIBASE_TEST @@ -0,0 +1,44 @@ +#! /usr/bin/perl + +use strict; +use warnings; +use Faitest; +package FAITEST; + +setup_test(); +# - - - - - - - - - - - - - - - - - - - - - - - - - - +# now comes the test itself + +my $dev = &getDevByMount("/target/home"); +&checkE2fsAttribute($dev,"Filesystem volume name","home"); +&checkE2fsAttribute($dev,"Maximum mount count","-1"); +&checkE2fsAttribute($dev,"Check interval","0 ()"); + +exit printresult(); +# - - - - - - - - - - - - - - - - - - - - - - - - - - +__END__ + +=head1 NAME + +FAIBASE_TEST - regression test for setup-storage disk layout FAIBASE + +=head1 SYNOPSIS + +FAIBASE_TEST checks some important aspects of setup-storage. The +disk_config/FAIBASE tunes some filesystem parameters upon creation. We +check only the last partition since we expect prior errors to make +creation of the last partition fail. + + Options: + -help simple help + -verbose=n increase verbosity of test script + +=head1 OPTIONS + +=over 8 + +=item B<-help> +simple help + +=item B<-verbose> +increase verbosity of test script diff --git a/tests/Faitest.pm b/tests/Faitest.pm new file mode 100644 index 0000000..b806599 --- /dev/null +++ b/tests/Faitest.pm @@ -0,0 +1,96 @@ +#! /usr/bin/perl + +# Subroutines for automatic tests +# +# Copyright (C) 2009 Thomas Lange, lange@cs.uni-koeln.de +# Based on the first version by Sebastian Hetze, 08/2008 + +package FAITEST; + +my $errors = 0; + +use strict; +use Getopt::Long; +use Pod::Usage; +# - - - - - - - - - - - - - - - - - - - - - - - - - - +sub setup_test { + + my $verbose = 0; + my $help = 0; + my $man = 0; + $verbose = $ENV{'debug'} if $ENV{'debug'}; + + my $result = GetOptions ( + "verbose=i" => \$verbose, + "help" => \$help, + "man" => \$man, + + ); + + pod2usage(1) if $help; + pod2usage(-exitstatus => 0, -verbose => 2) if $man; + + open(LOGFILE,">> $ENV{LOGDIR}/test.log") || die "Can't open test.log. $!"; + print LOGFILE "------------ Test $0 starting ------------\n"; +} + +sub printresult { + + # write test result and set next test + my ($nexttest) = @_; + + if ($errors > 0) { + print STDERR "\n===> $0 FAILED with $errors errors\n"; + print LOGFILE "\n===> $0 FAILED with $errors errors\n"; + } else { + print STDERR "\n===> $0 PASSED successfully\n"; + print LOGFILE "\n===> $0 PASSED successfully\n"; + print LOGFILE "NEXTTEST=$nexttest\n" if $nexttest; + } + close (LOGFILE); + return $errors; +} + +sub getDevByMount { + + my $mount = shift; + my $dev = qx#mount|grep $mount|cut -d' ' -f1#; + chomp $dev; + return $dev +} + +sub checkMdStat { + + my ($device, $expected) = @_; + my ($value) = qx#grep -i "^$device\\b" /proc/mdstat# =~ m/$device\s*:\s*(.*)/i; + + if ($value eq $expected) { + print LOGFILE "Check raid $device success\n"; + return 0; + } else { + print LOGFILE "Check raid $device FAILED.\n Expect <$expected>\n Found <$value>\n"; + $errors++; + return 1; + } +} + +sub checkE2fsAttribute { + + my ($device, $attribute, $expected) = @_; + + # since attribute is a space separated list of attributes, IMO we must loop over + # the list. Ask Sebastian again + my ($value) = qx#tune2fs -l $device |grep -i "$attribute"# =~ m/$attribute:\s+(.*)/i; + + if ($value eq $expected) { + print LOGFILE "Check $attribute for $device success\n"; + return 0; + } else { + print LOGFILE "Check $attribute for $device FAILED.\n Expect <$expected>\n Found <$value>\n"; + + $errors++; + return 1; + } +} + +1;