Michael Prokop [Fri, 1 Sep 2017 14:38:33 +0000 (16:38 +0200)]
SW: add btrfs-progs to GRML_SMALL
Closes grml/grml#69
Michael Prokop [Thu, 31 Aug 2017 00:54:32 +0000 (02:54 +0200)]
Secure Boot support
Thanks to the way the signed GRUB by Ubuntu works we seem to be
able to keep our common EFI GRUB configs working next to the new
Secure Boot related EFI GRUB configs. If Secure Boot is enabled
we get the same look and feel like with common EFI boot, though
with a Secure Boot specific boot menu (since e.g. the linux16
command isn't available under Secure Boot). If EFI is running
with Secure Boot *disabled* it continues to look like it used to
do so far. If this is working out as planned there's no visible
change from a user point of view on systems with Secure Boot
disabled.
With this change we also get rid of some magic with grml-live
relying on behavior of
/etc/grml/fai/config/scripts/GRMLBASE/45-grub-images, including
moving files around.
We also no longer skip the boot stage during rebuilds. This has
been a source of frustration and annoying debugging sessions when
files inside grml_cd/boot/ didn't receive changes during rebuilds
and the user in front of the system is ignoring the according
"skip" notice or forgot to remove grml_cd/boot.
While at it rewrite debian/copyright in
http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Thanks: Michael Schierl <schierlm@gmx.de> for help regarding the Secure Boot setup
Michael Prokop [Wed, 30 Aug 2017 12:23:55 +0000 (14:23 +0200)]
SW: add whois to GRML_SMALL
It adds only 346kb of additional disk space.
Debian's mkpasswd is part of the whois package.
It's the mkpassword that can generate salted hashes suitable for /etc/shadow.
Thanks: Marc Haber for the suggestion
Closes grml/grml#66
Michael Prokop [Wed, 30 Aug 2017 12:02:47 +0000 (14:02 +0200)]
Use stretch instead of jessie for current defaults in docs + grml-live config file
Michael Prokop [Wed, 30 Aug 2017 12:02:09 +0000 (14:02 +0200)]
Add support for Debian buster (AKA Debian v10 and current Detian testing)
Michael Prokop [Wed, 30 Aug 2017 11:48:57 +0000 (13:48 +0200)]
Drop support for Debian wheezy
It's oldoldstable nowadays and we no longer use it anywhere,
so let's drop related zsh completion and config files.
Michael Prokop [Wed, 30 Aug 2017 11:46:26 +0000 (13:46 +0200)]
Provide jessie support for systemd + recent kernel packages
To be able to use systemd-container we need the systemd
version from jessie-backports.
We also need recent versions of linux-base, firmware-misc-nonfree,
firmware-linux-nonfree + firmware-linux from jessie-backports
for the related kernel packages.
Michael Prokop [Wed, 30 Aug 2017 11:45:35 +0000 (13:45 +0200)]
Provide workaround for systemd's systemctl failures on jessie
For unknown reasons `systemctl preset-all` and
`systemctl set-default grml-boot.target` return with exit code 1
even though it seems to be working fine.
Michael Prokop [Wed, 30 Aug 2017 08:32:49 +0000 (10:32 +0200)]
SW: add ndisc6 + rdnssd to GRML_SMALL and GRML_FULL
It adds only 381kB of additional disk space.
Quoting from the feature request:
| rdnssd is a tool that will listen to DNS server being offered in
| an IPv6 router anouncement and configure the local system to use
| the DNS servers included in there. The daemon just needs to be
| installed and enabled. Without this, an IPv6 only grml system
| will be with network, but without DNS.
|
| While we're at it, IPv6 is much more easily debugged if ndisc6, a
| user space tool to send out IPv6 router solicitations and to
| display the contents of router advertisements received, is
| included.
Thanks: Marc Haber for the suggestion
Closes grml/grml#67
Michael Prokop [Wed, 30 Aug 2017 08:30:14 +0000 (10:30 +0200)]
SW: add fsarchiver to GRML_SMALL
It adds only 443kB of additional disk space.
Thanks: Marcos Mello for the suggestion
Closes grml/grml#69
Michael Prokop [Thu, 24 Aug 2017 22:06:35 +0000 (00:06 +0200)]
No longer ship mkdebmirror example script
License and current state (is it working at all) are unclear.
Michael Prokop [Thu, 17 Aug 2017 13:08:44 +0000 (15:08 +0200)]
Release new version 0.30.1
Michael Prokop [Thu, 17 Aug 2017 13:08:17 +0000 (15:08 +0200)]
Bump Standards-Version to 4.0.1
Antoine Beaupré [Sun, 19 Mar 2017 19:08:48 +0000 (15:08 -0400)]
SW: add stressant package to GRML_FULL
to quote from the control file:
> Stressant is a simple stress testing and burn-in tool
>
> It is designed to run on new machines to make sure they will work
> reliably by testing various parts of the system (CPU, RAM, disk,
> network) by putting them under heavy load and try to detect failures.
>
> As much as possible, stressant tries to reuse existing tools to
> perform the various tasks and aims to be run automatically.
it has just entered Debian sid and will pull at least 3 new
dependencies in (python-humanize, python-colorlog and stress-ng)
adding this is essential for the Stressant project to continue
collaborating with Grml.
Michael Prokop [Fri, 9 Jun 2017 20:52:56 +0000 (22:52 +0200)]
Release new version 0.30.0
Michael Prokop [Fri, 9 Jun 2017 20:45:21 +0000 (22:45 +0200)]
SW: add ed to GRML_FULL since it's also shipped on GRML_SMALL
Thanks: Darshaka Pathirana <dpat@syn-net.org>
for bringing this up in https://github.com/grml/grml-live/pull/43
Michael Prokop [Fri, 9 Jun 2017 20:43:53 +0000 (22:43 +0200)]
SW: drop tcpd from GRML_SMALL, not shipped on GRML_FULL
Thanks: Darshaka Pathirana <dpat@syn-net.org>
for bringing this up in https://github.com/grml/grml-live/pull/43
Michael Prokop [Fri, 9 Jun 2017 20:34:23 +0000 (22:34 +0200)]
SW: no longer ship grml2hd* packages via GRMLBASE
Usage of grml2hd is unrecommended and we don't test nor
support it anymore, so there's no reason why it should
be shipped.
Michael Prokop [Fri, 9 Jun 2017 20:32:29 +0000 (22:32 +0200)]
SW: drop packages from GRML_FULL that are already part of GRMLBASE
The following packages are part of GRMLBASE already and
shouldn't be listed in GRML_FULL therefore:
* dbus
* dmidecode
* grml-debootstrap
* grml-etc-core
* hdparm
* lvm2
* mdadm
* strace
Thanks to Darshaka Pathirana for triggering this via
https://github.com/grml/grml-live/pull/43
Michael Prokop [Fri, 9 Jun 2017 20:23:33 +0000 (22:23 +0200)]
SW: add lm-sensors to GRML_FULL
Thanks: Grégoire Sutre for suggestion
Closes grml/grml#48
Michael Prokop [Wed, 7 Jun 2017 21:25:34 +0000 (23:25 +0200)]
Support EFI on 32-bit systems, increase EFI image size + switch from isohybrid to xorriso/isohybrid combination
EFI on 32-bit systems is a requested feature for Grml-Forensic,
since cheap tablets and notebooks (e.g. Intel Atom-based tablets)
are out there with only 32-bit EFI support (and UEFI only, so no
legacy BIOS support), quoting clairelyclaire from
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1341944:
| As of now, Ubuntu and other major Linux distributions do not
| support the use of a 32-bit EFI bootloader on UEFI machines. This
| has become extremely problematic due to the popularity of Intel
| Atom-based tablets and compact laptops. Atom-based devices are
| generally limited in storage space (32GB or 64GB eMMC is common),
| and as a result these devices almost universally ship with
| Windows 8.1 32-bit installed (winsxs consumes a significant
| amount of storage space in order to support 32-bit binaries in a
| 64-bit environment). By design, UEFI must use the same
| architecture used by the bootloader.
|
| While most modern computers indeed use a 64-bit UEFI
| implementation due to the fact that new computers generally ship
| with a 64-bit operating system (be it OS X or Windows 8.1),
| Atom-based devices do *not* use a 64-bit operating system or UEFI
| implementation. This is by design.
|
| Intel released a new Atom iteration (Bay Trail) in late 2013 and
| has indicated that they will continue to develop and release Atom
| CPUs due to consumer market demand. At the time of this filing
| there are a number of Atom-based tablets and compact
| laptops/netbooks being actively sold and marketed by major OEMs
| including Dell, HP, ASUS, and Acer. None of these devices have
| 64-bit UEFI firmware. It is also important to note that these
| Atom CPUs are 64-bit, but explicitly require a 32-bit UEFI
| bootloader.
|
| The current Linux kernel in Ubuntu 14.04 does support booting the
| 64-bit signed kernel from a 32-bit Grub EFI bootloader. I can
| confirm this on at least two 32-bit UEFI devices, the ASUS
| Transformer T100TA and the Acer Aspire Switch 10.
Increase EFI image size (previously automatically
calculated on-demand, resulting in ~285KB) to 4MB,
giving us more flexibility with what we're installing
into the image (esp. useful with usage on USB drives).
The isohybrid binary doesn't support 32-bit FI systems
and fails hard when using `--uefi` on a 32-bit ISO.
But xorriso with appropriate options for EFI usage
(see $EFI_ARGS) and /usr/lib/ISOLINUX/isohdpfx.bin
from the isolinux package seems to provide everything
we need.
Useful resources for further information:
* http://www.syslinux.org/wiki/index.php?title=Isohybrid
* https://fedoraproject.org/wiki/Using_UEFI_with_QEMU
* https://wiki.archlinux.org/index.php/Remastering_the_Install_ISO
For testing the resulting 32-bit ISO with EFI the
OVMF.fd file from OVMF-IA32-r15214.zip available from
https://sourceforge.net/projects/edk2/files/OVMF/ works via e.g.:
| qemu-system-i386 -m 1024 -bios ./OVMF.fd -cdrom grml.iso
Darshaka Pathirana [Fri, 2 Jun 2017 17:29:52 +0000 (19:29 +0200)]
templates: fix isolinux boot option label for grub
A long time ago (rev#
7d0f02a63) grub2 was introduced and the boot option
label grub was changed to grub1 (aside with grub2). Later grub1 support
was removed (rev#
bfbf9fb3). So it makes sense to change the grub2 label
to grub as we do not have anything else anymore.
Darshaka Pathirana [Wed, 31 May 2017 15:30:01 +0000 (17:30 +0200)]
Update cheatcodes documentation to clarify isolinux vs GRUB situation
The listed boot options / cheatcodes only work with the isolinux bootprompt.
Updated the documentation to make that clear.
Relates to grml/grml#9
Darshaka Pathirana [Wed, 31 May 2017 14:20:24 +0000 (16:20 +0200)]
templates: remove bootoption nostats
The stats feature was removed, therefore we also do not need the nostats
option anymore.
The stats feature was removed in grml-autconfig-commit#
7138a24fb
Relates to grml/grml#9
Michael Prokop [Wed, 7 Jun 2017 21:25:09 +0000 (23:25 +0200)]
Update comment regarding checksum generation
It's no longer just md5sum + sha1sum
Michael Prokop [Mon, 29 May 2017 17:27:16 +0000 (19:27 +0200)]
Release new version 0.29.7
Michael Prokop [Mon, 29 May 2017 17:21:43 +0000 (19:21 +0200)]
Get rid of /etc/network/if-up.d/aoe-discover
Closes grml/grml#47
Michael Prokop [Fri, 26 May 2017 21:38:39 +0000 (23:38 +0200)]
Release new version 0.29.6
Michael Prokop [Fri, 26 May 2017 21:20:44 +0000 (23:20 +0200)]
Delete /usr/lib/udev/rules.d/64-md-raid-assembly.rules to avoid automatic mdadm scanning
We don't want to automatically enable any present mdadm devices.
The safest way is to just remove
/usr/lib/udev/rules.d/64-md-raid-assembly.rules, since it doesn't
seem to provide a stable and long-term working way how to adjust
its behavior.
Closes grml/grml#45
Michael Prokop [Wed, 24 May 2017 12:34:12 +0000 (14:34 +0200)]
Release new version 0.29.5
Michael Prokop [Wed, 24 May 2017 12:30:40 +0000 (14:30 +0200)]
Switch from grml-runtty to agetty also on tty11 + tty12
Closes grml/grml#14 now that grml-runtty is only used with non-systemd systems
Darshaka Pathirana [Sun, 21 May 2017 17:56:58 +0000 (19:56 +0200)]
Run zsh when starting screen
When starting GNU/screen via systemd the SHELL varible is empty whereas
SHELL=/bin/zsh when starting screen via grml-runtty.
If we can assume that zsh is installed on Grml then this solution is ok.
If not, we should address that in the run-screen script with something like:
SHELL=/bin/sh
[ -x /bin/zsh ] && SHELL=/bin/zsh
# now run screen with config
if [ `id -u` = 0 ] ; then
exec screen -U -c /etc/grml/screenrc -s $SHELL
[snip]
(partly) fixes grml/grml#14
Darshaka Pathirana [Sun, 21 May 2017 17:34:32 +0000 (19:34 +0200)]
Get rid of grml-runtty
What once was done by grml-runtty can be now be accomplished by systemd.
That said, there is a weird behavior when starting GNU/screen via
"run-screen". When started via grml-runtty screen runs zsh, but
when started directly via systemd screen runs /bin/sh (= dash).
The reason for that is, that the SHELL variable is empty when called
directly via systemd whereas SHELL=/bin/zsh when started via
grml-runtty. I could not figure out why but a solution would be to set
the "Environment"-option in the systemd-unit which I will propose in a
separate commit.
(partly) fixes grml/grml#14
Darshaka Pathirana [Fri, 19 May 2017 23:39:13 +0000 (01:39 +0200)]
Switch from grml-runtty to agetty
grml-runtty used to fix most of the pre-systemd environment problems. It
seems that it causes more troubles nowadays than it solved back then.
First and foremost grml-runtty does not provide a (systemd) login
session which prevents us from starting X reliably. Therefor replacing
grml-runtty with agetty with autologin where a grml-shell is used so far.
tty1 to tty4, where grml-runtty starts run-welcome (grml-quickconfig),
two root- and a grml-GNU-screen session, should also be replaced with a
proper systemd-unit.
Relates to grml/grml#14 and grml/grml#20
Michael Prokop [Fri, 19 May 2017 14:42:58 +0000 (16:42 +0200)]
SW: add haveged to GRMLBASE [Closes: issue1336]
It's useful especially on VMs with low entropy, so provide it by default.
Michael Prokop [Fri, 19 May 2017 14:39:36 +0000 (16:39 +0200)]
SW: add rng-tools to GRMLBASE [Closes: issue1336]
Michael Prokop [Fri, 19 May 2017 13:58:16 +0000 (15:58 +0200)]
Provide consistent header information for all /etc/systemd/ files that are deployed via grml-live
Thomas Stewart [Fri, 19 May 2017 11:59:47 +0000 (12:59 +0100)]
Warn in initramfs if there is <256MM memory
Closes grml/grml#35
Darshaka Pathirana [Fri, 19 May 2017 13:15:24 +0000 (15:15 +0200)]
TTY6/VT6 should start a shell if bootoption startx is not given
When the bootoption "startx" is given, the helper-script
"/etc/init.d/startx" is created during the bootprocess (via
grml-autoconfig).
That means, that if the booptions "startx" is not given, the
helper-script is not created and tty6/vt6 should not try to start X but
should just start a grml-user-shell.
Related to grml/grml#20
Michael Prokop [Thu, 18 May 2017 15:41:13 +0000 (17:41 +0200)]
Enable systemd specific debug boot options in debugging mode
See grml/grml#3
Michael Prokop [Thu, 18 May 2017 15:00:41 +0000 (17:00 +0200)]
Disable automatic 'ATA over Ethernet discovery'
/usr/lib/modules-load.d/aoetools.conf by default contains:
| ## If you need to restrict the interfaces aoe will use, copy this
| ## file to /etc/modules-load.d/ and use this example:
| # aoe aoe_iflist="eth0,eth1"
|
| ## Load aoe driver with no interface restriction:
| aoe
and /lib/systemd/system/aoe-discover.service contains:
| [Unit]
| Description=ATA over Ethernet discovery
| BindsTo=sys-devices-virtual-aoe-discover.device
| DefaultDependencies=no
| Conflicts=shutdown.target
| After=network-online.target
|
| [Service]
| Type=oneshot
| ExecStart=/sbin/aoe-discover
Since the aeotools.conf file tells systemd to load the aoe module
which then triggers the udev rule we end up with automatic
aoe-discover execution on default Grml boot, even though we
disable the aoe-discover service (since enabling/disabling only
affects starting via transitive dependencies, but the udev rule
is doing the equivalent of `systemctl start $unit`). By removing
/usr/lib/modules-load.d/aoetools.conf we ensure that automatic
'ATA over Ethernet discovery' is NOT executed, though if a user
runs 'modprobe aoe' it executes aoe-discover as intended.
Thanks: Felipe Sateler + Darshaka Pathirana for help in coming up with a solution
Closes grml/grml#32
Michael Prokop [Tue, 16 May 2017 22:29:17 +0000 (00:29 +0200)]
SW: add cpufrequtils to GRML_SMALL
It adds only ~250kb of additional disk space and provides
/etc/init.d/loadcpufreq which we use in grml-autoconfig.
Closes grml/grml#24
Michael Prokop [Tue, 16 May 2017 22:02:12 +0000 (00:02 +0200)]
Enable autologin for user root on serial console ttyS0
Closes grml/grml#21
Michael Prokop [Tue, 16 May 2017 21:13:12 +0000 (23:13 +0200)]
GRUB theme: replace desktop-color with desktop-image
With the desktop-color option we run into:
| error: null src bitmap in grub_video_bitmap_create_scaled.
| Loading kernel...
| Loading initrd...
|
| Press any key to continue...
By replacing it with this small black.png as desktop-image (which
is automatically stretched to the whole screen) the error message
disappears.
Closes grml/grml#16
Thanks: Michael Schierl <schierlm@gmx.de>
Michael Prokop [Tue, 16 May 2017 12:49:16 +0000 (14:49 +0200)]
Release new version 0.29.4
Michael Prokop [Tue, 16 May 2017 12:47:46 +0000 (14:47 +0200)]
Revert "SW: provide xserver-xorg-video-intel on GRML_FULL"
This reverts commit
487e689322d6ec9c4336f0b337fd5ed54267358e.
Quoting from the package description:
| The use of this driver is discouraged if your hw is new enough (ca.
| 2007 and newer). You can try uninstalling this driver and let the
| server use it's builtin modesetting driver instead.
Thanks: Axel Beckert for the hint
Michael Prokop [Fri, 12 May 2017 18:50:07 +0000 (20:50 +0200)]
Ensure that tty1 console is starting *after* grml-autoconfig execution
Thanks: Darshaka Pathirana <dpat@syn-net.org>
Closes grml/grml#19
Michael Prokop [Fri, 12 May 2017 14:39:00 +0000 (16:39 +0200)]
Delete /lib/udev/rules.d/69-lvm-metad.rules to avoid automatic LVM scanning
This might not be enough yet according to initial tests, but
it's something we want to disable for sure.
See grml/grml#31
Michael Prokop [Fri, 12 May 2017 14:35:23 +0000 (16:35 +0200)]
No longer mask systemd-machine-id-commit.service
Masking the systemd-machine-id-commit.service causes
all kinds of problems with logins (local as well as via
ssh, causing sloooooow logins). Nowadays the overlayfs
bug also doesn't seem to be present anymore.
Closes grml/grml#27
Michael Prokop [Fri, 12 May 2017 14:11:41 +0000 (16:11 +0200)]
GRMLBASE/49-sshd: ensure that login as root via password works again
openssh defaults to "prohibit-password" since openssh-server v1:7.1p1-1,
breaking our existing change regarding without-password.
While at it also improve the script to not readd the PermitRootLogin
and UseDNS configs with every single run, instead check for our
own modifications and skip them in further runs.
Closes grml/grml#12
Michael Prokop [Fri, 12 May 2017 14:05:55 +0000 (16:05 +0200)]
SW: provide xserver-xorg-video-intel on GRML_FULL
For unknown reasons xserver-xorg-video-intel suddenly became
only a Recommends instead of a dependency of xserver-xorg-video-all:
| .../xorg (git)-[debian-unstable] % git show
af937437
| commit
af937437e6e6a6f34ee247ad2f3aefbd91d7444e
| Author: Timo Aaltonen <tjaalton@debian.org>
| Date: Tue Mar 8 15:07:25 2016 +0200
|
| Instead of dropping -intel from -video-all demote it to Recommends.
As a result this package was missing on our Grml ISOs.
Closes grml/grml#20
Michael Prokop [Tue, 9 May 2017 14:29:46 +0000 (16:29 +0200)]
SW: add lsscsi to GRML_SMALL
Thanks: András Korn
Michael Prokop [Fri, 5 May 2017 15:56:19 +0000 (17:56 +0200)]
Release new version 0.29.3
Michael Prokop [Fri, 5 May 2017 14:45:39 +0000 (16:45 +0200)]
Set grml-docs/startpage.html + grml.org as start pages in Firefox
Closes grml/grml#18
Darshaka Pathirana [Fri, 5 May 2017 13:33:27 +0000 (15:33 +0200)]
Use Firefox as default browser if present and drop iceweasel config
The "Iceweasel Age"[1] has ended and we can use Firefox again and
therefore use firefox as x-www-browser.
Unfortunately overriding the default homepage via
/etc/iceweasel/profile/prefs.js does not work anymore therefor dropping
the iceweasel configuration. (See: grml/grml#18)
[1] https://lwn.net/Articles/676799/
Closes grml/grml#15
Michael Prokop [Fri, 5 May 2017 08:55:10 +0000 (10:55 +0200)]
Release new version 0.29.2
Michael Prokop [Wed, 3 May 2017 09:53:08 +0000 (11:53 +0200)]
SW: add linux-cpupower to GRML_FULL
Darshaka Pathirana [Sun, 23 Apr 2017 23:52:38 +0000 (01:52 +0200)]
Make startx boot option work with systemd
The desired behavior (with systemd and the boot option "startx") is to start
the X window system automatically.
This is achieved by getty@tty6.service which starts grml-x as user "grml" on
vt6/tty6 and switches back to vt1/tty1 after exit. (This alone could be
achieved with systemd-unit option Type=oneshot and Restart=no). But when
switiching back to vt6/tty6 (again) we would like to start a zsh (for user
"grml") and restart the zsh if exited. That means that grml-x should only be
started on the very first run and the zsh on every other.
We could not figure out how to change the systemd-unit option "Type"
dynamically, so we kept it on "idle" which means that the "actual execution of
the service binary is delayed until all active jobs are dispatched". That's why
we need to switch to vt6/tty6 (via grml-autoconfig) iff the boot option
"startx" is given.
We also do not know yet how to dynamically change the behavior of the
systemd-unit in a safe way. Rewriting the unit-file (override.conf) after
grml-x exits (i.e. with ExecStopPost) doesn't seem to work reliably (especially
when calling "systemctl daemon-reload" in it). That's why we use a state-file
(/var/run/grml_startx.started) to start up grml-x on the first call and the zsh
else.
This also means that grml-x is started automatically when switching to vt6/tty6
manually (when no "startx" boot option was given) once and the zsh on the
following calls.
Closes grml/grml#1
Michael Prokop [Fri, 21 Apr 2017 12:31:09 +0000 (14:31 +0200)]
deborphan: add qemu-kvm to list of packages which are never to be reported
In commit
ec12218051e8c1 we added qemu-system-x86 as underlying
dependency for qemu-kvm, now qemu-kvm is considered for removal.
This seems to be the case because qemu-kvm depends on
qemu-system-x86 and and even though we explicitely ask for both
packages to be installed, then qemu-kvm is considered for
removal. Let's avoid this by adding qemu-kvm to the list of
packages which are never to be reported by deborphan, then it's
not automatically removed via DEBORPHAN/98-clean-chroot.
Noticed via "grml-live-missing-packages.test_missing_packages_qemu-kvm"
in Jenkins daily builds.
Michael Prokop [Fri, 21 Apr 2017 12:17:29 +0000 (14:17 +0200)]
SW: replace transitional package iptraf with iptraf-ng
Noticed by grml-live's test-suite inside Jenkins
Michael Prokop [Fri, 7 Apr 2017 13:41:03 +0000 (15:41 +0200)]
GRMLBASE/21-usersetup: add grml user to 'input' group
Otherwise when invoking "grml-x" on tty5 as user grml we don't
have control over mouse and keyboard.
Thanks: Laurent Bigonville for the hint
Michael Prokop [Fri, 7 Apr 2017 13:15:56 +0000 (15:15 +0200)]
SW: include systemd-container in GRMLBASE
Antoine Beaupré [Wed, 15 Mar 2017 17:16:40 +0000 (13:16 -0400)]
fixup build broken by 7beda7d
Antoine Beaupré [Wed, 15 Mar 2017 12:53:24 +0000 (08:53 -0400)]
Output to "./grml" in current working directory instead of /grml/grml-live
this would create problems as / is often space restricted
Closes #31 @ GH
Michael Prokop [Tue, 7 Mar 2017 16:18:26 +0000 (17:18 +0100)]
Release new version 0.29.1
Michael Prokop [Tue, 7 Mar 2017 16:17:37 +0000 (17:17 +0100)]
debian/rules: replace deprecated dh_clean -k with dh_prep
Michael Prokop [Tue, 7 Mar 2017 16:16:42 +0000 (17:16 +0100)]
docs: fix typo (ot->to)
Michael Prokop [Tue, 7 Mar 2017 16:08:38 +0000 (17:08 +0100)]
If locales-all package is installed skip locales generation
Otherwise the wrong (+ missing) locales might end up on the system
if locales-all is installed. If the ISO size doesn't matter then
this also speeds up the ISO generation process since locale-gen
doesn't need to be executed.
Michael Prokop [Tue, 7 Mar 2017 15:09:05 +0000 (16:09 +0100)]
Add default user (grml) to "disk" group
Noticed that this might be useful while working on Grml-Forensic.
Michael Prokop [Fri, 24 Feb 2017 14:13:48 +0000 (15:13 +0100)]
Release new version 0.29.0
Michael Prokop [Fri, 24 Feb 2017 12:49:36 +0000 (13:49 +0100)]
Fix generation of SHA-256 and SHA-512 hashes
Fixes missing output generation of commit
fd166a511adc0f222f365d61252c0a32a78ebcdf
Darshaka Pathirana [Fri, 24 Feb 2017 12:51:41 +0000 (13:51 +0100)]
Provide new grml-boot.target
With this new target we can now define which services are started on
boot.
Prior this target some services (without a systemd-service file) were
automatically started because of the systemd-sysv-generator (i.e.
ser2net).
Thanks: Felipe Sateler
Closes grml/release-planning#2 @ GH
Michael Prokop [Fri, 24 Feb 2017 12:10:18 +0000 (13:10 +0100)]
Create /home/$USERNAME in RELEASE class with up2date files from /etc/skel
Until now we removed everything from /home/grml in the RELEASE
class. The grml-home init script from grml-etc then used to copy
files from /etc/skel to /home/grml during bootup. Instead lets do
this during ISO build time to speed up the boot process. To
ensure that no unwanted files are in /home/grml (actually:
/home/$USERNAME) we remove the directory, recreate it and then
copy all files from /etc/skel.
This fixes the problem that /home/grml is empty and has wrong
permissions if grml-home isn't executed (which is happening
with systemd nowadays where we don't execute grml-home during
bootup).
Closes grml/release-planning#7 @ GH
Michael Prokop [Fri, 24 Feb 2017 11:13:03 +0000 (12:13 +0100)]
SW: replace transitional package iceweasel with firefox-esr
firefox-esr is available on stable (jessie), testing (stretch)
and unstable (sid), let's get rid of the transitional package
iceweasel therefore.
Michael Prokop [Fri, 24 Feb 2017 11:11:44 +0000 (12:11 +0100)]
SW: add qemu-system-x86 as underlying dependency for qemu-kvm
Otherwise deborphan tries to remove qemu-system-x86 package as it
wasn't installed explicitely, then resulting in:
| The following packages were automatically installed and are no longer required:
| ipxe-qemu libcaca0 libcacard0 libfdt1 libsdl1.2debian libspice-server1
| libusbredirparser1 libvdeplug2 libxen-4.8 libxenstore3.0 libyajl2
| qemu-system-common qemu-system-x86 seabios
| Use 'sudo apt autoremove' to remove them.
| The following packages will be REMOVED:
| qemu-kvm*
which is clearly unwanted behavior if we want to have qemu/kvm
available.
Michael Prokop [Fri, 24 Feb 2017 10:41:50 +0000 (11:41 +0100)]
Generate /etc/issue with Grml release information
This file is displayed by default on systemd systems, so
we want to have according Grml release information inside
it (instead of e.g. "Debian GNU/Linux 9 \n \l").
Closes grml/release-planning#5 @ GH
Michael Prokop [Fri, 24 Feb 2017 09:49:29 +0000 (10:49 +0100)]
Provide sources.list file for DEBIAN_STRETCH class to be able to use "-s stretch"
Otherwise the suite (-s) option is rewritten to a non-existing
DEBIAN_STRETCH class which lacks the corresponding apt sources.list
file, resulting in no Debian mirror available in the chroot.
Michael Prokop [Fri, 24 Feb 2017 09:29:16 +0000 (10:29 +0100)]
SW: ship acpid on file-rc systems only, systemd provides logind
While at it move it from GRML_FULL to GRMLBASE, since
grml-autoconfig will no longer depend on acpid now.
Closes grml/release-planning#4 @ GH
Michael Prokop [Fri, 27 Jan 2017 15:26:50 +0000 (16:26 +0100)]
Release new version 0.28.1
Darshaka Pathirana [Fri, 27 Jan 2017 13:52:15 +0000 (14:52 +0100)]
Enable General Purpose Mouse interface (gpm) with systemd
Michael Prokop [Fri, 27 Jan 2017 13:55:18 +0000 (14:55 +0100)]
SW: add vim-gtk to GRML_FULL [Closes: issue1325]
Michael Prokop [Fri, 27 Jan 2017 13:43:59 +0000 (14:43 +0100)]
SW: add man-db to GRML_FULL
Otherwise reading manpages doesn't work
Michael Prokop [Fri, 27 Jan 2017 13:24:21 +0000 (14:24 +0100)]
docs: update ISO sizes + disk space requirements
Michael Prokop [Fri, 27 Jan 2017 13:24:11 +0000 (14:24 +0100)]
docs: clarify usage of GRMLBASE regarding kernel package selection
Closes #17 @ GH
Michael Prokop [Fri, 27 Jan 2017 13:09:13 +0000 (14:09 +0100)]
Drop grml-live-compat from Suggests, update code + comments accordingly
grml-live-compat is no longer relevant, so let's get rid of it.
Michael Prokop [Fri, 27 Jan 2017 11:53:03 +0000 (12:53 +0100)]
Drop deprecated ia32-libs package from Recommends
Michael Prokop [Fri, 27 Jan 2017 11:45:54 +0000 (12:45 +0100)]
SW: add libpam-systemd to GRMLBASE, except for FILE_RC installs
Michael Prokop [Fri, 27 Jan 2017 11:41:14 +0000 (12:41 +0100)]
README: document LIVE_CONF usage
Closes #26 @ GH
Thanks: Eric Keller for the bug report
Darshaka Pathirana [Fri, 13 Jan 2017 11:32:21 +0000 (12:32 +0100)]
Use ssh-keygen -A to generate host keys
ssh-keygen -A (from manpage):
For each of the key types (rsa1, rsa, dsa, ecdsa and
ed25519) for which host keys do not exist, generate the host keys
with the default key file path, an empty passphrase, default bits for
the key type, and default comment. This is used by system
administration scripts to generate new host keys.
Darshaka Pathirana [Fri, 27 Jan 2017 11:03:18 +0000 (12:03 +0100)]
Change systemd default target to multi-user.target
The default target used to be graphical.target which is not appropriate
for Grml
brian m. carlson [Sun, 15 Jan 2017 21:36:33 +0000 (21:36 +0000)]
Add SHA-256 and SHA-512 hashes
Most security-conscious users expect to find SHA-256 hashes of files,
since both MD5 and SHA-1 are considered weak. SHA-512 additionally has
the benefit that it is significantly faster than SHA-256 on 64-bit
systems, processing twice as much data per chunk with only 125% of the
operations. Generate both SHA-256 and SHA-512 hashes anywhere we
provide SHA-1 hashes.
Michael Prokop [Fri, 13 Jan 2017 14:07:21 +0000 (15:07 +0100)]
Release new version 0.28.0
Michael Prokop [Fri, 13 Jan 2017 14:06:38 +0000 (15:06 +0100)]
Bump Build-Depends to debhelper v9 or newer
Michael Prokop [Fri, 13 Jan 2017 14:06:31 +0000 (15:06 +0100)]
Bump debian/compat to 9
Michael Prokop [Fri, 13 Jan 2017 14:06:15 +0000 (15:06 +0100)]
Bump Standards-Version to 3.9.8
Michael Prokop [Fri, 13 Jan 2017 12:35:16 +0000 (13:35 +0100)]
grml-cheatcodes.txt: document SYSTEMD_COLORS=0 usage
Michael Prokop [Fri, 30 Dec 2016 23:35:01 +0000 (00:35 +0100)]
Enable rsyslog socket + service via systemd preset
Michael Prokop [Fri, 13 Jan 2017 14:00:07 +0000 (15:00 +0100)]
Skip resolvconf magic when using systemd
Enable resolvconf.service instead of running all the magic inside
the 98-clean-chroot script.
Darshaka Pathirana [Sun, 25 Dec 2016 13:03:24 +0000 (14:03 +0100)]
Use systemd.preset to disable all unneeded services
We decided to disable all services by default and only enable the ones
we really need. Currently only getty, grml-autoconfig and the
debug-shell are enabled.
Michael Prokop [Mon, 28 Nov 2016 23:11:27 +0000 (00:11 +0100)]
SW: drop sysvinit from GRML_SMALL + GRML_FULL
sysvinit is a transitional package since jeessie and starting
with stretch this package no longer exists, if we should need it
for whatever reason we need to depend on sysvinit-core instead.