IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Thanks Maxim Suhanov (suhanov <AT> group-ib.ru,
http://www.forensicswiki.org/wiki/User:.FUF)
for taking the time to review regular-rescue image.
Note that there are more than just filesystems:
arrays, logical volumes and swaps aren't activated either;
startup-rescue >= 0.18 should make that clear enough.
syslinux shortcut handling is case-insensitive,
let's find yet another letter...
A variant of rescue that marks the need to be careful
towards block devices and filesystems thus reducing
the amount of auto-activation done by startup-rescue
(0.17 or newer).
This is a refactored result of Zabbix-related experiments;
we can do a rough zabbix server sketch that still requires
its own setup to go.
NB: both the pkglist and the target are describing several
distinct things actually: zabbix server, zabbix agent,
and the underlying SQL/HTTP/SMTP servers which might get
their own smaller targets some day.
It appears that live feature has been buggy regarding user
groups: its 30-users script would create a predefined account
with fixed supplementry groups list, and even if deflogin feature
got used too it would fail to add any groups to already existing
account since its useradd(8) call would fail.
Let's drop this duplication which has been long overdue anyways.
Thanks dd@ for both reporting the problem and carrying out
initial investigation.
There have been several problems with this feature:
- a typo;
- non-existant GROUPS (even a single one) would block setting
all of the supplementary groups but separately-set 'wheel';
- this feature isn't used much actually so sees no battle testing.
The typo has been just fixed; GROUPS are now applied by iteration
which is less effective but more reliable; an additional script
hook to write down login invitation for the first passwordless
account (if any) has been implemented; and several more group
managing targets have been added (based on live feature's script).
This relates to commit f2892ad3e4
as there's an obvious need to be able to set empty root password
for LiveCDs but previous implementation was very fragile (and is
going to stay that way) -- so clear and separate knob for making
an image defenseless looks better.
Whoops, the very first build of a real distro with gfxboot
has shown that the label isn't picked up there... and things
are actually worse: iso.needscheck gfxboot test seems to look
up "check=1" in sectors where it might have been landing back
then but it's just not there by now; some kludgery is due in
branding-altlinux-sisyphus unfortunately.
No use to hunt make or diff file-by-file.
Well this chroot should have been more lean
in the first place (or a few files in initrd)
but life is short so better use/baby/steps.
This one is quite different already and utility-based name
was pretty clumsy; meet the new feature and retire the old
experimental one.
Please note that quite aggressive cleanups are implemented
within this stage2-based subprofile for the simple reason
that it has a single task to do; nothing else is expected
to be configured into it for that matter.
This functionality asks to be further moved into initrd of course;
adding it there will take a few more decisions to be made, mostly
regarding user interaction in failure scenarios, and it looks like
mkimage will have to be patched in case this doesn't just go into
full.cz under some sort of conditional check.
It's not exactly obvious how install2_size, live_size or rescue_size
get defined since the variable names themselves get constructed;
help git grep these down.
acpid is not enough since power button handling configuration
has been split apart; and tracking this in zillion places is
utterly useless in face of a specially trained power feature.
Just use it.
This one has been missing for quite some time (infiniband modules
should have triggered a commit like this back then), finally there
in very crude and draft form for the starters.
By the time these hooks run the font packages' %post scriptlets
should have fired already; no need to carry the utilities on.
Yes these are bit-by-bit savings. No it's too expensive still.
My gut feeling is that we're not going to see glib2's
messages a lot within installer environment anyways.
And there's a forgotten /usr/share/X11/locale/ too.
An installer needs video playback acceleration
when it has some content to show and some means to;
as long as these are not supported just drop this
unconditionally.
These are only needed for alterator-vm when making
LUKS encrypted partitions; ideally the extra libraries
would be omitted automatically when luks isn't included.
Looks like today's xorg won't autoload radeon_drv but
insists on ati_drv falling back to fbdev if it's not there;
FlightGear runs definitely slow on C-60 APU with that.
I didn't specify ati since it pulls r128 and mach64 modules in
which are rather useless in this context (accelerated 3D graphics).
Looks like nodm doesn't reset the PATH set within
/etc/rc.d/init.d/functions which results in sbin
path components hitting user's PATH; livecd-install
which uses consolehelper was what broke first for me.
And this link should illustrate some of the problems
tackled by this kind of scripts...
Servers can POST much longer so having to play hide and seek
with a boot menu isn't going to be exactly entertaining;
let's bump the delay to something comparable at least.
Thanks hiddenman@ for mentioning the obvious-but-unnoticed.
We don't really want to disable NFS portmapper completely
but having some extra root code listening to the world is
really unneccessary unless explicitly required.
Applying "control rpcbind local", thanks ldv@ for advice.
50-setup-network was a hasty hack (surprise!) that used to do
what net and net-eth features have been created to do since;
just drop the duplicated crufty code.
Unconditional resolver setup isn't done now: those with static
setup are better off doing it explicitly, and those with DHCP
should be fine already.
NB: /etc/hosts *is* fine within setup package *but* hasher will
overwrite it with a copy of host's one; let's reset contents
to initial at least until hasher gets fixed and the fix is
rather deployed in the wild.
There was an extra DISABLED=no line written to interface configurarion
that's been superceded by the subsequently added parametrized one;
just drop it.
Thanks glebfm@ for spotting the garbage.
It conflicts with r8169.ko inobviously.
The whole mess looks like this:
- r8169.ko doesn't work for all of Realtek 8111/8168/8169 mutations
- r8168.ko works with some of the chips r8169.ko doesn't
- r8168.ko also works with many chips r8169.ko works with
- r8169.ko is provided by kernel-image package (thus default)
- r8168.ko is provided by kernel-modules-r8168 package (optional)
- kernel-modules-r8168 package requires r8168-blacklist package
- r8168-blacklist package is a one-liner that blacklists r8169.ko
- STAGE1_KMODULES wouldn't include r8168 (std-def) or rtl8168 (led-ws)
- sub.in/stage1/modules would mention r8168.ko (m-p-d: r8169.ko)
So a LiveCD built with use/kernel/net might work with RTL8111/8110
just fine when booted live but fail to automatically load the module
when installed onto hard drive; manual modprobe r8169 would work though.
NB: some of the chips (those available to me) would work just fine
both ways -- this has contributed to fixing this *that* late.
Bottom line:
do not install backup/kludge drivers overriding main ones by default!
Thanks sem@ for providing the crucial hint.
use/deflogin will result in ROOTPW being exported no matter
is it set or not; xport() can't check before exporting as it
relies on lazy evaluation when the actual ROOTPW value can be
set or modified after exporting GLOBAL_ROOTPW for mkimage.
So let's not even pretent we can differ unset ROOTPW from
empty ROOTPW: both result in empty GLOBAL_ROOTPW as of today.
Fixing this would require moving the exports into a separate
makefile being included after all the configuration and checking
each variable for being defined before exporting the corresponding
GLOBAL_ prefixed one.
Yes this might be a security fix in some cases.
Added use/branding/slideshow/once as one of the uses
albeit the interface is universal; see this page for
more info: http://altlinux.org/branding/slideshow [ru]
The service and initscript have "connmand" name
while the package is called "connman" indeed.
Shame on me; this became apparent
while building regular-e18-sysv.
Defining a one-time variable is useless in this case,
and README should state the undefined ROOTPW status
explicitly (since it's now as advertized, heh).
This change is done to reduce ambiguity in some cases;
the previous intention has been to ease navigation when
staying in a particular directory, now it's been changed
in favour of convenient toplevel `git grep' in fact.
Both variants have their pros and cons, I just find myself
leaning to this one by now hence the commit. Feel free to
provide constructive criticism :)
Some path-related bitrot has also been fixed while at that.
It's required for NFS mounts but having a rescue image listening
to any non-localhost ports is too bad an idea, IMNSHO.
So let's fix this while spotted.
