repost: Debian Live Net ready for public eyes
Sorry to everyone on the list; Mailman's archive software gobbled my
first post of this message. You can safely disregard this if you got the
first one. Please note that the message sent at 4:57 PM CST is the one
with the most current patch.
--- snip ---
Well, it's not usable yet but I am ready to show everyone what we've
got. Hopefully another set of eyes will help us catch some bugs.
I am attaching to this message a .diff against the Debian source for the
live-package Debian package. I am also attaching a .deb which anyone can
install. It contains the modifcations. make-live now has the ability to
create network-bootable images and also to generate example config
files.
== To Create a Debian Live Net System
One can enter:
# make-live net
Which results in:
* a flat filesystem will be created in live/chroot
* an example /tftpboot/ directory is created in live/tftpboot, it
contains:
* a copy of the initrd.gz and vmlinuz
* the pxelinux.0 file from syslinux
* a default pxelinux.cfg/default file (kinda like a Grub config
file)
* an example DHCP config file in live/etc/dhcp3/dhcpd.conf
== What One Needs to Do to Test It
Install and configure xinetd and the tftpd-hpa packages. Set /tftpboot/
as your TFTP server's root directoy. Move the contents of live/tftpboot/
in to /tftpboot/. Edit /tftpboot/pxelinux.cfg/default to point to the
correct server IP address.
Install dhcp3-server package and move the live/etc/dhcp3/dhcpd.conf file
over the top of the default file in /etc/dhcp3/dhcpd.conf. WARNING: you
need to edit this file and replace any %% values with the values that
are applicable to your network.
Install the samba package and configure /etc/samba/smb.conf. You need to
add this to the global section:
secuirty = user
map to guest = Bad Password
guest account = root
WARNING WARNING WARNING: "guest account = root" can open a huge security
hole if you already have some samba shares configured. Due to a
limitation of Samba, you will need to add "guest ok = no" to be sure
that you do not allow root access to any share. "guest ok = yes" is
required for the chroot share. I need to do some more secuirty auditing
here to make sure that this is safe.
And at the end of the file add a stanza like this:
[chroot]
comment = Safedesk Chroot
path = /var/live/chroot
read only = yes
guest ok = yes
locking = no
Where /var/live/chroot is the path to the live/chroot that you have
created.
== Work Still Needed
Disable the networking stuff during the "second" init sequence.
Networking is already configure so we need to NOT kill networking and
NOT run DHCP.
== HUGE DISCLAIMER
This works on my system and I am resonably sure it does what it supposed
to do but this is EXPERIMENTAL with NO WARRANTY, etc, etc. If it eats
your files or destroys your system I cannot be held responsible.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.debian-unofficial.org/pipermail/live/attachments/20060510/8022d893/attachment.pgp
Reply to: