6 years agoDelete /usr/lib/udev/rules.d/64-md-raid-assembly.rules to avoid automatic mdadm scanning
Michael Prokop [Fri, 26 May 2017 21:20:44 +0000 (23:20 +0200)]
Delete /usr/lib/udev/rules.d/64-md-raid-assembly.rules to avoid automatic mdadm scanning

We don't want to automatically enable any present mdadm devices.
The safest way is to just remove
/usr/lib/udev/rules.d/64-md-raid-assembly.rules, since it doesn't
seem to provide a stable and long-term working way how to adjust
its behavior.

Closes grml/grml#45

6 years agoRelease new version 0.29.5 v0.29.5
Michael Prokop [Wed, 24 May 2017 12:34:12 +0000 (14:34 +0200)]
Release new version 0.29.5

6 years agoSwitch from grml-runtty to agetty also on tty11 + tty12
Michael Prokop [Wed, 24 May 2017 12:30:40 +0000 (14:30 +0200)]
Switch from grml-runtty to agetty also on tty11 + tty12

Closes grml/grml#14 now that grml-runtty is only used with non-systemd systems

6 years agoRun zsh when starting screen
Darshaka Pathirana [Sun, 21 May 2017 17:56:58 +0000 (19:56 +0200)]
Run zsh when starting screen

When starting GNU/screen via systemd the SHELL varible is empty whereas
SHELL=/bin/zsh when starting screen via grml-runtty.

If we can assume that zsh is installed on Grml then this solution is ok.
If not, we should address that in the run-screen script with something like:

  [ -x /bin/zsh ] && SHELL=/bin/zsh

  # now run screen with config

    if [ `id -u` = 0 ] ; then
      exec screen -U -c /etc/grml/screenrc -s $SHELL

(partly) fixes grml/grml#14

6 years agoGet rid of grml-runtty
Darshaka Pathirana [Sun, 21 May 2017 17:34:32 +0000 (19:34 +0200)]
Get rid of grml-runtty

What once was done by grml-runtty can be now be accomplished by systemd.

That said, there is a weird behavior when starting GNU/screen via
"run-screen". When started via grml-runtty screen runs zsh, but
when started directly via systemd screen runs /bin/sh (= dash).

The reason for that is, that the SHELL variable is empty when called
directly via systemd whereas SHELL=/bin/zsh when started via
grml-runtty. I could not figure out why but a solution would be to set
the "Environment"-option in the systemd-unit which I will propose in a
separate commit.

(partly) fixes grml/grml#14

6 years agoSwitch from grml-runtty to agetty
Darshaka Pathirana [Fri, 19 May 2017 23:39:13 +0000 (01:39 +0200)]
Switch from grml-runtty to agetty

grml-runtty used to fix most of the pre-systemd environment problems. It
seems that it causes more troubles nowadays than it solved back then.
First and foremost grml-runtty does not provide a (systemd) login
session which prevents us from starting X reliably. Therefor replacing
grml-runtty with agetty with autologin where a grml-shell is used so far.

tty1 to tty4, where grml-runtty starts run-welcome (grml-quickconfig),
two root- and a grml-GNU-screen session, should also be replaced with a
proper systemd-unit.

Relates to grml/grml#14 and grml/grml#20

6 years agoSW: add haveged to GRMLBASE [Closes: issue1336]
Michael Prokop [Fri, 19 May 2017 14:42:58 +0000 (16:42 +0200)]
SW: add haveged to GRMLBASE [Closes: issue1336]

It's useful especially on VMs with low entropy, so provide it by default.

6 years agoSW: add rng-tools to GRMLBASE [Closes: issue1336]
Michael Prokop [Fri, 19 May 2017 14:39:36 +0000 (16:39 +0200)]
SW: add rng-tools to GRMLBASE [Closes: issue1336]

6 years agoProvide consistent header information for all /etc/systemd/ files that are deployed...
Michael Prokop [Fri, 19 May 2017 13:58:16 +0000 (15:58 +0200)]
Provide consistent header information for all /etc/systemd/ files that are deployed via grml-live

6 years agoWarn in initramfs if there is <256MM memory
Thomas Stewart [Fri, 19 May 2017 11:59:47 +0000 (12:59 +0100)]
Warn in initramfs if there is <256MM memory

Closes grml/grml#35

6 years agoTTY6/VT6 should start a shell if bootoption startx is not given
Darshaka Pathirana [Fri, 19 May 2017 13:15:24 +0000 (15:15 +0200)]
TTY6/VT6 should start a shell if bootoption startx is not given

When the bootoption "startx" is given, the helper-script
"/etc/init.d/startx" is created during the bootprocess (via

That means, that if the booptions "startx" is not given, the
helper-script is not created and tty6/vt6 should not try to start X but
should just start a grml-user-shell.

Related to grml/grml#20

6 years agoEnable systemd specific debug boot options in debugging mode
Michael Prokop [Thu, 18 May 2017 15:41:13 +0000 (17:41 +0200)]
Enable systemd specific debug boot options in debugging mode

See grml/grml#3

6 years agoDisable automatic 'ATA over Ethernet discovery'
Michael Prokop [Thu, 18 May 2017 15:00:41 +0000 (17:00 +0200)]
Disable automatic 'ATA over Ethernet discovery'

/usr/lib/modules-load.d/aoetools.conf by default contains:

| ## If you need to restrict the interfaces aoe will use, copy this
| ## file to /etc/modules-load.d/ and use this example:
| # aoe aoe_iflist="eth0,eth1"
| ## Load aoe driver with no interface restriction:
| aoe

and /lib/systemd/system/aoe-discover.service contains:

| [Unit]
| Description=ATA over Ethernet discovery
| BindsTo=sys-devices-virtual-aoe-discover.device
| DefaultDependencies=no
| [Service]
| Type=oneshot
| ExecStart=/sbin/aoe-discover

Since the aeotools.conf file tells systemd to load the aoe module
which then triggers the udev rule we end up with automatic
aoe-discover execution on default Grml boot, even though we
disable the aoe-discover service (since enabling/disabling only
affects starting via transitive dependencies, but the udev rule
is doing the equivalent of `systemctl start $unit`). By removing
/usr/lib/modules-load.d/aoetools.conf we ensure that automatic
'ATA over Ethernet discovery' is NOT executed, though if a user
runs 'modprobe aoe' it executes aoe-discover as intended.

Thanks: Felipe Sateler + Darshaka Pathirana for help in coming up with a solution
Closes grml/grml#32

6 years agoSW: add cpufrequtils to GRML_SMALL
Michael Prokop [Tue, 16 May 2017 22:29:17 +0000 (00:29 +0200)]
SW: add cpufrequtils to GRML_SMALL

It adds only ~250kb of additional disk space and provides
/etc/init.d/loadcpufreq which we use in grml-autoconfig.

Closes grml/grml#24

6 years agoEnable autologin for user root on serial console ttyS0
Michael Prokop [Tue, 16 May 2017 22:02:12 +0000 (00:02 +0200)]
Enable autologin for user root on serial console ttyS0

Closes grml/grml#21

6 years agoGRUB theme: replace desktop-color with desktop-image
Michael Prokop [Tue, 16 May 2017 21:13:12 +0000 (23:13 +0200)]
GRUB theme: replace desktop-color with desktop-image

With the desktop-color option we run into:

| error: null src bitmap in grub_video_bitmap_create_scaled.
| Loading kernel...
| Loading initrd...
| Press any key to continue...

By replacing it with this small black.png as desktop-image (which
is automatically stretched to the whole screen) the error message

Closes grml/grml#16
Thanks: Michael Schierl <>

6 years agoRelease new version 0.29.4 v0.29.4
Michael Prokop [Tue, 16 May 2017 12:49:16 +0000 (14:49 +0200)]
Release new version 0.29.4

6 years agoRevert "SW: provide xserver-xorg-video-intel on GRML_FULL"
Michael Prokop [Tue, 16 May 2017 12:47:46 +0000 (14:47 +0200)]
Revert "SW: provide xserver-xorg-video-intel on GRML_FULL"

This reverts commit 487e689322d6ec9c4336f0b337fd5ed54267358e.

Quoting from the package description:

| The use of this driver is discouraged if your hw is new enough (ca.
| 2007 and newer). You can try uninstalling this driver and let the
| server use it's builtin modesetting driver instead.

Thanks: Axel Beckert for the hint

6 years agoEnsure that tty1 console is starting *after* grml-autoconfig execution
Michael Prokop [Fri, 12 May 2017 18:50:07 +0000 (20:50 +0200)]
Ensure that tty1 console is starting *after* grml-autoconfig execution

Thanks: Darshaka Pathirana <>
Closes grml/grml#19

6 years agoDelete /lib/udev/rules.d/69-lvm-metad.rules to avoid automatic LVM scanning
Michael Prokop [Fri, 12 May 2017 14:39:00 +0000 (16:39 +0200)]
Delete /lib/udev/rules.d/69-lvm-metad.rules to avoid automatic LVM scanning

This might not be enough yet according to initial tests, but
it's something we want to disable for sure.

See grml/grml#31

6 years agoNo longer mask systemd-machine-id-commit.service
Michael Prokop [Fri, 12 May 2017 14:35:23 +0000 (16:35 +0200)]
No longer mask systemd-machine-id-commit.service

Masking the systemd-machine-id-commit.service causes
all kinds of problems with logins (local as well as via
ssh, causing sloooooow logins). Nowadays the overlayfs
bug also doesn't seem to be present anymore.

Closes grml/grml#27

6 years agoGRMLBASE/49-sshd: ensure that login as root via password works again
Michael Prokop [Fri, 12 May 2017 14:11:41 +0000 (16:11 +0200)]
GRMLBASE/49-sshd: ensure that login as root via password works again

openssh defaults to "prohibit-password" since openssh-server v1:7.1p1-1,
breaking our existing change regarding without-password.

While at it also improve the script to not readd the PermitRootLogin
and UseDNS configs with every single run, instead check for our
own modifications and skip them in further runs.

Closes grml/grml#12

6 years agoSW: provide xserver-xorg-video-intel on GRML_FULL
Michael Prokop [Fri, 12 May 2017 14:05:55 +0000 (16:05 +0200)]
SW: provide xserver-xorg-video-intel on GRML_FULL

For unknown reasons xserver-xorg-video-intel suddenly became
only a Recommends instead of a dependency of xserver-xorg-video-all:

| .../xorg (git)-[debian-unstable] % git show af937437
| commit af937437e6e6a6f34ee247ad2f3aefbd91d7444e
| Author: Timo Aaltonen <>
| Date:   Tue Mar 8 15:07:25 2016 +0200
|     Instead of dropping -intel from -video-all demote it to Recommends.

As a result this package was missing on our Grml ISOs.

Closes grml/grml#20

6 years agoSW: add lsscsi to GRML_SMALL
Michael Prokop [Tue, 9 May 2017 14:29:46 +0000 (16:29 +0200)]
SW: add lsscsi to GRML_SMALL

Thanks: András Korn

6 years agoRelease new version 0.29.3 v0.29.3
Michael Prokop [Fri, 5 May 2017 15:56:19 +0000 (17:56 +0200)]
Release new version 0.29.3

6 years agoSet grml-docs/startpage.html + as start pages in Firefox
Michael Prokop [Fri, 5 May 2017 14:45:39 +0000 (16:45 +0200)]
Set grml-docs/startpage.html + as start pages in Firefox

Closes grml/grml#18

6 years agoUse Firefox as default browser if present and drop iceweasel config
Darshaka Pathirana [Fri, 5 May 2017 13:33:27 +0000 (15:33 +0200)]
Use Firefox as default browser if present and drop iceweasel config

The "Iceweasel Age"[1] has ended and we can use Firefox again and
therefore use firefox as x-www-browser.

Unfortunately overriding the default homepage via
/etc/iceweasel/profile/prefs.js does not work anymore therefor dropping
the iceweasel configuration. (See: grml/grml#18)


Closes grml/grml#15

6 years agoRelease new version 0.29.2 v0.29.2
Michael Prokop [Fri, 5 May 2017 08:55:10 +0000 (10:55 +0200)]
Release new version 0.29.2

6 years agoSW: add linux-cpupower to GRML_FULL
Michael Prokop [Wed, 3 May 2017 09:53:08 +0000 (11:53 +0200)]
SW: add linux-cpupower to GRML_FULL

6 years agoMake startx boot option work with systemd
Darshaka Pathirana [Sun, 23 Apr 2017 23:52:38 +0000 (01:52 +0200)]
Make startx boot option work with systemd

The desired behavior (with systemd and the boot option "startx") is to start
the X window system automatically.

This is achieved by getty@tty6.service which starts grml-x as user "grml" on
vt6/tty6 and switches back to vt1/tty1 after exit. (This alone could be
achieved with systemd-unit option Type=oneshot and Restart=no). But when
switiching back to vt6/tty6 (again) we would like to start a zsh (for user
"grml") and restart the zsh if exited. That means that grml-x should only be
started on the very first run and the zsh on every other.

We could not figure out how to change the systemd-unit option "Type"
dynamically, so we kept it on "idle" which means that the "actual execution of
the service binary is delayed until all active jobs are dispatched". That's why
we need to switch to vt6/tty6 (via grml-autoconfig) iff the boot option
"startx" is given.

We also do not know yet how to dynamically change the behavior of the
systemd-unit in a safe way. Rewriting the unit-file (override.conf) after
grml-x exits (i.e. with ExecStopPost) doesn't seem to work reliably (especially
when calling "systemctl daemon-reload" in it). That's why we use a state-file
(/var/run/grml_startx.started) to start up grml-x on the first call and the zsh

This also means that grml-x is started automatically when switching to vt6/tty6
manually (when no "startx" boot option was given) once and the zsh on the
following calls.

Closes grml/grml#1

6 years agodeborphan: add qemu-kvm to list of packages which are never to be reported
Michael Prokop [Fri, 21 Apr 2017 12:31:09 +0000 (14:31 +0200)]
deborphan: add qemu-kvm to list of packages which are never to be reported

In commit ec12218051e8c1 we added qemu-system-x86 as underlying
dependency for qemu-kvm, now qemu-kvm is considered for removal.
This seems to be the case because qemu-kvm depends on
qemu-system-x86 and and even though we explicitely ask for both
packages to be installed, then qemu-kvm is considered for
removal. Let's avoid this by adding qemu-kvm to the list of
packages which are never to be reported by deborphan, then it's
not automatically removed via DEBORPHAN/98-clean-chroot.

Noticed via "grml-live-missing-packages.test_missing_packages_qemu-kvm"
in Jenkins daily builds.

6 years agoSW: replace transitional package iptraf with iptraf-ng
Michael Prokop [Fri, 21 Apr 2017 12:17:29 +0000 (14:17 +0200)]
SW: replace transitional package iptraf with iptraf-ng

Noticed by grml-live's test-suite inside Jenkins

6 years agoGRMLBASE/21-usersetup: add grml user to 'input' group
Michael Prokop [Fri, 7 Apr 2017 13:41:03 +0000 (15:41 +0200)]
GRMLBASE/21-usersetup: add grml user to 'input' group

Otherwise when invoking "grml-x" on tty5 as user grml we don't
have control over mouse and keyboard.

Thanks: Laurent Bigonville for the hint

6 years agoSW: include systemd-container in GRMLBASE
Michael Prokop [Fri, 7 Apr 2017 13:15:56 +0000 (15:15 +0200)]
SW: include systemd-container in GRMLBASE

6 years agofixup build broken by 7beda7d
Antoine Beaupré [Wed, 15 Mar 2017 17:16:40 +0000 (13:16 -0400)]
fixup build broken by 7beda7d

6 years agoOutput to "./grml" in current working directory instead of /grml/grml-live
Antoine Beaupré [Wed, 15 Mar 2017 12:53:24 +0000 (08:53 -0400)]
Output to "./grml" in current working directory instead of /grml/grml-live

this would create problems as / is often space restricted

Closes #31 @ GH

6 years agoRelease new version 0.29.1 v0.29.1
Michael Prokop [Tue, 7 Mar 2017 16:18:26 +0000 (17:18 +0100)]
Release new version 0.29.1

6 years agodebian/rules: replace deprecated dh_clean -k with dh_prep
Michael Prokop [Tue, 7 Mar 2017 16:17:37 +0000 (17:17 +0100)]
debian/rules: replace deprecated dh_clean -k with dh_prep

6 years agodocs: fix typo (ot->to)
Michael Prokop [Tue, 7 Mar 2017 16:16:42 +0000 (17:16 +0100)]
docs: fix typo (ot->to)

6 years agoIf locales-all package is installed skip locales generation
Michael Prokop [Tue, 7 Mar 2017 16:08:38 +0000 (17:08 +0100)]
If locales-all package is installed skip locales generation

Otherwise the wrong (+ missing) locales might end up on the system
if locales-all is installed. If the ISO size doesn't matter then
this also speeds up the ISO generation process since locale-gen
doesn't need to be executed.

6 years agoAdd default user (grml) to "disk" group
Michael Prokop [Tue, 7 Mar 2017 15:09:05 +0000 (16:09 +0100)]
Add default user (grml) to "disk" group

Noticed that this might be useful while working on Grml-Forensic.

6 years agoRelease new version 0.29.0 v0.29.0
Michael Prokop [Fri, 24 Feb 2017 14:13:48 +0000 (15:13 +0100)]
Release new version 0.29.0

6 years agoFix generation of SHA-256 and SHA-512 hashes
Michael Prokop [Fri, 24 Feb 2017 12:49:36 +0000 (13:49 +0100)]
Fix generation of SHA-256 and SHA-512 hashes

Fixes missing output generation of commit fd166a511adc0f222f365d61252c0a32a78ebcdf

6 years agoProvide new
Darshaka Pathirana [Fri, 24 Feb 2017 12:51:41 +0000 (13:51 +0100)]
Provide new

With this new target we can now define which services are started on

Prior this target some services (without a systemd-service file) were
automatically started because of the systemd-sysv-generator (i.e.

Thanks: Felipe Sateler
Closes grml/release-planning#2 @ GH

6 years agoCreate /home/$USERNAME in RELEASE class with up2date files from /etc/skel
Michael Prokop [Fri, 24 Feb 2017 12:10:18 +0000 (13:10 +0100)]
Create /home/$USERNAME in RELEASE class with up2date files from /etc/skel

Until now we removed everything from /home/grml in the RELEASE
class. The grml-home init script from grml-etc then used to copy
files from /etc/skel to /home/grml during bootup. Instead lets do
this during ISO build time to speed up the boot process. To
ensure that no unwanted files are in /home/grml (actually:
/home/$USERNAME) we remove the directory, recreate it and then
copy all files from /etc/skel.

This fixes the problem that /home/grml is empty and has wrong
permissions if grml-home isn't executed (which is happening
with systemd nowadays where we don't execute grml-home during

Closes grml/release-planning#7 @ GH

6 years agoSW: replace transitional package iceweasel with firefox-esr
Michael Prokop [Fri, 24 Feb 2017 11:13:03 +0000 (12:13 +0100)]
SW: replace transitional package iceweasel with firefox-esr

firefox-esr is available on stable (jessie), testing (stretch)
and unstable (sid), let's get rid of the transitional package
iceweasel therefore.

6 years agoSW: add qemu-system-x86 as underlying dependency for qemu-kvm
Michael Prokop [Fri, 24 Feb 2017 11:11:44 +0000 (12:11 +0100)]
SW: add qemu-system-x86 as underlying dependency for qemu-kvm

Otherwise deborphan tries to remove qemu-system-x86 package as it
wasn't installed explicitely, then resulting in:

| The following packages were automatically installed and are no longer required:
|   ipxe-qemu libcaca0 libcacard0 libfdt1 libsdl1.2debian libspice-server1
|   libusbredirparser1 libvdeplug2 libxen-4.8 libxenstore3.0 libyajl2
|   qemu-system-common qemu-system-x86 seabios
| Use 'sudo apt autoremove' to remove them.
| The following packages will be REMOVED:
|   qemu-kvm*

which is clearly unwanted behavior if we want to have qemu/kvm

6 years agoGenerate /etc/issue with Grml release information
Michael Prokop [Fri, 24 Feb 2017 10:41:50 +0000 (11:41 +0100)]
Generate /etc/issue with Grml release information

This file is displayed by default on systemd systems, so
we want to have according Grml release information inside
it (instead of e.g. "Debian GNU/Linux 9 \n \l").

Closes grml/release-planning#5 @ GH

6 years agoProvide sources.list file for DEBIAN_STRETCH class to be able to use "-s stretch"
Michael Prokop [Fri, 24 Feb 2017 09:49:29 +0000 (10:49 +0100)]
Provide sources.list file for DEBIAN_STRETCH class to be able to use "-s stretch"

Otherwise the suite (-s) option is rewritten to a non-existing
DEBIAN_STRETCH class which lacks the corresponding apt sources.list
file, resulting in no Debian mirror available in the chroot.

6 years agoSW: ship acpid on file-rc systems only, systemd provides logind
Michael Prokop [Fri, 24 Feb 2017 09:29:16 +0000 (10:29 +0100)]
SW: ship acpid on file-rc systems only, systemd provides logind

While at it move it from GRML_FULL to GRMLBASE, since
grml-autoconfig will no longer depend on acpid now.

Closes grml/release-planning#4 @ GH

6 years agoRelease new version 0.28.1 v0.28.1
Michael Prokop [Fri, 27 Jan 2017 15:26:50 +0000 (16:26 +0100)]
Release new version 0.28.1

6 years agoEnable General Purpose Mouse interface (gpm) with systemd
Darshaka Pathirana [Fri, 27 Jan 2017 13:52:15 +0000 (14:52 +0100)]
Enable General Purpose Mouse interface (gpm) with systemd

6 years agoSW: add vim-gtk to GRML_FULL [Closes: issue1325]
Michael Prokop [Fri, 27 Jan 2017 13:55:18 +0000 (14:55 +0100)]
SW: add vim-gtk to GRML_FULL [Closes: issue1325]

6 years agoSW: add man-db to GRML_FULL
Michael Prokop [Fri, 27 Jan 2017 13:43:59 +0000 (14:43 +0100)]
SW: add man-db to GRML_FULL

Otherwise reading manpages doesn't work

6 years agodocs: update ISO sizes + disk space requirements
Michael Prokop [Fri, 27 Jan 2017 13:24:21 +0000 (14:24 +0100)]
docs: update ISO sizes + disk space requirements

6 years agodocs: clarify usage of GRMLBASE regarding kernel package selection
Michael Prokop [Fri, 27 Jan 2017 13:24:11 +0000 (14:24 +0100)]
docs: clarify usage of GRMLBASE regarding kernel package selection

Closes #17 @ GH

6 years agoDrop grml-live-compat from Suggests, update code + comments accordingly
Michael Prokop [Fri, 27 Jan 2017 13:09:13 +0000 (14:09 +0100)]
Drop grml-live-compat from Suggests, update code + comments accordingly

grml-live-compat is no longer relevant, so let's get rid of it.

6 years agoDrop deprecated ia32-libs package from Recommends
Michael Prokop [Fri, 27 Jan 2017 11:53:03 +0000 (12:53 +0100)]
Drop deprecated ia32-libs package from Recommends

6 years agoSW: add libpam-systemd to GRMLBASE, except for FILE_RC installs
Michael Prokop [Fri, 27 Jan 2017 11:45:54 +0000 (12:45 +0100)]
SW: add libpam-systemd to GRMLBASE, except for FILE_RC installs

6 years agoREADME: document LIVE_CONF usage
Michael Prokop [Fri, 27 Jan 2017 11:41:14 +0000 (12:41 +0100)]
README: document LIVE_CONF usage

Closes #26 @ GH
Thanks: Eric Keller for the bug report

6 years agoUse ssh-keygen -A to generate host keys
Darshaka Pathirana [Fri, 13 Jan 2017 11:32:21 +0000 (12:32 +0100)]
Use ssh-keygen -A to generate host keys

ssh-keygen -A (from manpage):
  For each of the key types (rsa1, rsa, dsa, ecdsa and
  ed25519) for which host keys do not exist, generate the host keys
  with the default key file path, an empty passphrase, default bits for
  the key type, and default comment.  This is used by system
  administration scripts to generate new host keys.

6 years agoChange systemd default target to
Darshaka Pathirana [Fri, 27 Jan 2017 11:03:18 +0000 (12:03 +0100)]
Change systemd default target to

The default target used to be which is not appropriate
for Grml

6 years agoAdd SHA-256 and SHA-512 hashes
brian m. carlson [Sun, 15 Jan 2017 21:36:33 +0000 (21:36 +0000)]
Add SHA-256 and SHA-512 hashes

Most security-conscious users expect to find SHA-256 hashes of files,
since both MD5 and SHA-1 are considered weak.  SHA-512 additionally has
the benefit that it is significantly faster than SHA-256 on 64-bit
systems, processing twice as much data per chunk with only 125% of the
operations.  Generate both SHA-256 and SHA-512 hashes anywhere we
provide SHA-1 hashes.

6 years agoRelease new version 0.28.0 v0.28.0
Michael Prokop [Fri, 13 Jan 2017 14:07:21 +0000 (15:07 +0100)]
Release new version 0.28.0

6 years agoBump Build-Depends to debhelper v9 or newer
Michael Prokop [Fri, 13 Jan 2017 14:06:38 +0000 (15:06 +0100)]
Bump Build-Depends to debhelper v9 or newer

6 years agoBump debian/compat to 9
Michael Prokop [Fri, 13 Jan 2017 14:06:31 +0000 (15:06 +0100)]
Bump debian/compat to 9

6 years agoBump Standards-Version to 3.9.8
Michael Prokop [Fri, 13 Jan 2017 14:06:15 +0000 (15:06 +0100)]
Bump Standards-Version to 3.9.8

6 years agogrml-cheatcodes.txt: document SYSTEMD_COLORS=0 usage
Michael Prokop [Fri, 13 Jan 2017 12:35:16 +0000 (13:35 +0100)]
grml-cheatcodes.txt: document SYSTEMD_COLORS=0 usage

6 years agoEnable rsyslog socket + service via systemd preset
Michael Prokop [Fri, 30 Dec 2016 23:35:01 +0000 (00:35 +0100)]
Enable rsyslog socket + service via systemd preset

6 years agoSkip resolvconf magic when using systemd
Michael Prokop [Fri, 13 Jan 2017 14:00:07 +0000 (15:00 +0100)]
Skip resolvconf magic when using systemd

Enable resolvconf.service instead of running all the magic inside
the 98-clean-chroot script.

6 years agoUse systemd.preset to disable all unneeded services
Darshaka Pathirana [Sun, 25 Dec 2016 13:03:24 +0000 (14:03 +0100)]
Use systemd.preset to disable all unneeded services

We decided to disable all services by default and only enable the ones
we really need. Currently only getty, grml-autoconfig and the
debug-shell are enabled.

6 years agoSW: drop sysvinit from GRML_SMALL + GRML_FULL
Michael Prokop [Mon, 28 Nov 2016 23:11:27 +0000 (00:11 +0100)]
SW: drop sysvinit from GRML_SMALL + GRML_FULL

sysvinit is a transitional package since jeessie and starting
with stretch this package no longer exists, if we should need it
for whatever reason we need to depend on sysvinit-core instead.

6 years agoUpdate FILE_RC + systemd classes for aptitude->apt switch
Michael Prokop [Fri, 25 Nov 2016 23:12:08 +0000 (00:12 +0100)]
Update FILE_RC + systemd classes for aptitude->apt switch

6 years agoSet user, group and mode for /etc/systemd
Darshaka Pathirana [Sat, 19 Nov 2016 01:10:59 +0000 (02:10 +0100)]
Set user, group and mode for /etc/systemd

Set ownership and permission of all files copied to /etc/systemd to
root:root and 0644. Previously the files did belong to grml:grml.

6 years agoEnable and disable services by using systemd.presets
Darshaka Pathirana [Sat, 19 Nov 2016 00:51:54 +0000 (01:51 +0100)]
Enable and disable services by using systemd.presets

By using systemd.presets we can implement our own policy
which services needs to be enabled or disabled on boot-time.

This issue was initially triggered by a problem with the
wpa_supplicant@*.service which failed on boot with an
"Dependency failed for WPA supplicant daemon
(interface-specific version)" error.


6 years agoFix failing systemd ssh.service
Darshaka Pathirana [Sat, 5 Nov 2016 19:27:17 +0000 (20:27 +0100)]
Fix failing systemd ssh.service

SSH needs host keys which previously were generated by
ssh-keygen.service. But the generation of the host keys is not a
"service" and must only be done when no host keys exist.

Also ssh-bootoption.service was aliased with sshd.service which itself
depends on the kernel option "ssh" which prevents starting of ssh. So I
removed the alias entry.

6 years agoREADME: explicitly mention the templates option as well
Michael Prokop [Fri, 21 Oct 2016 12:33:01 +0000 (14:33 +0200)]
README: explicitly mention the templates option as well

Otherwise the templates from /usr/share/grml-live/templates
are used (and might not be present).

6 years agoDrop deprecated GRMLBASE/48-tmpfs file, use default /tmp handling
Michael Prokop [Fri, 21 Oct 2016 11:53:51 +0000 (13:53 +0200)]
Drop deprecated GRMLBASE/48-tmpfs file, use default /tmp handling

The configuration needs to take place in /etc/default/tmpfs
anyway (not /etc/default/rcS) and defaulted to "no". systemd
has a separate tmp.mount unit and quoting systemd changelog:

| systemd (220-6) unstable; urgency=medium
|    * Stop installing tmp.mount by default; there are still situations where it
|      becomes active through dependencies from other units, which is surprising,
|      hides existing data in /tmp during runtime, and it isn't safe to have a
|      tmpfs /tmp on every install scenario. (Closes: #783509)
|      - d/rules: Ship tmp.mount in /usr/share/systemd/ instead of
|        /lib/systemd/systemd.
|      - systemd.postinst: When tmp.mount already was enabled, install tmp.mount
|        into /etc and keep it enabled.
|      - systemd.postinst: When enabling tmp.mount because of RAMTMP=yes, copy it
|        from /usr/share.
|      - Drop Don-t-mount-tmp-as-tmpfs-by-default.patch and
|        PrivateTmp-shouldn-t-require-tmpfs.patch, not necessary any more.

6 years agoSwitch UTC setting from /etc/default/rcS to /etc/adjtime
Michael Prokop [Fri, 21 Oct 2016 11:39:31 +0000 (13:39 +0200)]
Switch UTC setting from /etc/default/rcS to /etc/adjtime

/etc/default/rcS doesn't necessarily exist anymore in Debian
stretch or newer, So use the UTC/LOCAL setting in /etc/adjtime
rather than the UTC setting in /etc/default/rcS.

Thanks: Darshaka Pathirana

6 years agoSystemd support, providing backwards compatibility via FILE_RC class [Closes: issue1015]
Michael Prokop [Tue, 5 Jan 2016 13:45:30 +0000 (14:45 +0100)]
Systemd support, providing backwards compatibility via FILE_RC class [Closes: issue1015]

Support for file-rc is still available and can be enabled
via FILE_RC class.

6 years agoAdd etc/grml/fai/make-fai-nfsroot.conf + etc/grml/fai/nfsroot.conf to .gitignore
Michael Prokop [Wed, 27 Jan 2016 02:31:40 +0000 (03:31 +0100)]
Add etc/grml/fai/make-fai-nfsroot.conf + etc/grml/fai/nfsroot.conf to .gitignore

Those files are generated during run-time and removed
after grml-live execution finished. If grml-live is used
directly from inside grml-live.git we don't want add
those files by mistake.

6 years agoGRMLBASE/21-usersetup: add grml user to vboxsf group
Michael Prokop [Wed, 11 Jan 2017 11:02:41 +0000 (12:02 +0100)]
GRMLBASE/21-usersetup: add grml user to vboxsf group

Otherwise the grml user has no access to VirtualBox
Shared Folders.

7 years agoSW: drop disabled 'nvi' package from GRML_SMALL class
Michael Prokop [Mon, 28 Nov 2016 23:14:27 +0000 (00:14 +0100)]
SW: drop disabled 'nvi' package from GRML_SMALL class

While this RC bug (#490361) was present since 2008 and fixed in
2009 we never re-enabled nvi back again, so let's fully drop it.

7 years agoSwitch from aptitude to apt-get as package manager in package list
Michael Prokop [Fri, 25 Nov 2016 21:23:38 +0000 (22:23 +0100)]
Switch from aptitude to apt-get as package manager in package list

So far we used "PACKAGES aptitude" to use aptitude as package
manager. FAI's install_packages supports different commands
(package managers) though, see `install_packages -H`:

  % install_packages -H | grep -e '^\s*aptitude ' -e '^\s*install '
         aptitude    aptitude -R -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install
          install    apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew --fix-missing install

FAI versions until 5.3** support ignoring packages via:

| PACKAGES install
| packagename-

We can use that feature in the IGNORE class to avoid e.g. the
installation of the partimage package which is currently
unavailable in Debian/testing and therefore would fail the build
(because of aptitude's #835372 behavior change).

** NOTE: FAI v5.3 is broken regarding this behavior, so we've to
use FAI 4.3.1+deb8u1 from jessie to use that feature (at least
until it's restored/fixed again).

7 years agoinstsoft.GRMLBASE: ensure that file-rc can be installed
Michael Prokop [Fri, 25 Nov 2016 15:39:20 +0000 (16:39 +0100)]
instsoft.GRMLBASE: ensure that file-rc can be installed

If we request installation of file-rc but don't add hint
to remove systemd-sysv package then aptitude fails with:

| The following NEW packages will be installed:
|   file-rc initscripts{a} insserv{a} sysvinit-core{ab}
| The following packages are RECOMMENDED but will NOT be installed:
|   psmisc
| 0 packages upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
| Need to get 316 kB of archives. After unpacking 686 kB will be used.
| The following packages have unmet dependencies:
|  systemd-sysv : Conflicts: file-rc but 0.8.18 is to be installed
|                 Conflicts: sysvinit-core but 2.88dsf-59.8 is to be installed
|  sysvinit-core : Conflicts: systemd-sysv but 232-3 is installed
| The following actions will resolve these dependencies:
|      Install the following packages:
| 1)     startpar [0.59-3.1 (testing)]
| 2)     sysv-rc [2.88dsf-59.8 (testing)]
|      Keep the following packages at their current version:
| 3)     file-rc [Not Installed]
| 4)     sysvinit-core [Not Installed]
| No packages will be installed, upgraded, or removed.
| 0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

7 years agoSW: add dbus to GRMLBASE
Michael Prokop [Fri, 18 Nov 2016 13:49:42 +0000 (14:49 +0100)]
SW: add dbus to GRMLBASE

Without dbus there seem to be lots of service/systemd related issues,
so as a starting point make sure it's at least always available.

7 years agotemplates: use net.ifnames=0 by default
Michael Prokop [Fri, 18 Nov 2016 11:11:25 +0000 (12:11 +0100)]
templates: use net.ifnames=0 by default

Grml_Networking from our live-boot doesn't support the new interface
names yet (this needs to be fixed anyway for sure), though the consensus
seems to be that we should use the old interface names by default,
so give that a try now.

7 years agoGRMLBASE/44-grub: explicitely set grub-mkimage's prefix path
Michael Prokop [Fri, 21 Oct 2016 11:47:30 +0000 (13:47 +0200)]
GRMLBASE/44-grub: explicitely set grub-mkimage's prefix path

At least with grub 2.02~beta3-1 the prefix is mandatory:

| Usage: grub-mkimage [OPTION...] [OPTION]... [MODULES]
| Try 'grub-mkimage --help' or 'grub-mkimage --usage' for more information.
| Prefix not specified (use the -p option).

Set it to what's the default e.g. in grub 2.02~beta2-36
as documented in its manpage:

|      -p, --prefix=DIR
|             set prefix directory [default=/boot/grub]

Related grub git commit message:

| commit 1440b7ebae47e1cb710e920bec9d88c4d75ff432
| Author: Andrey Borzenkov <>
| Date:   Sat Jan 25 19:54:51 2014 +0400
|     do not set default prefix in grub-mkimage
|     Default prefix is likely wrong on Unix and completely wrong on Windows.
|     Let caller set it explicitly to avoid any ambiguity.

Thanks: Darshaka Pathirana

7 years agoSW: add nvme-cli to GRML_FULL
Michael Prokop [Tue, 1 Nov 2016 08:02:32 +0000 (09:02 +0100)]
SW: add nvme-cli to GRML_FULL

7 years agoscripts/GRMLBASE/94-update-smart-drivedb: switch warning into note since update-smart...
Michael Prokop [Mon, 24 Oct 2016 20:45:49 +0000 (22:45 +0200)]
scripts/GRMLBASE/94-update-smart-drivedb: switch warning into note since update-smart-drivedb is deprecated

Quoting NEWS file from smartmontools (6.4+svn4214-1):

|   Previous versions of the smartmontools package included a tool
|   update-smart-drivedb which downloaded updated drive definitions
|   from the smartmontools website and stored them at
|       /var/lib/smartmontools/drivedb/drivedb.h
|   This tool did not download the definitions in a secure manner and
|   so the feature has been removed in this version.  Future drive DB
|   updates will be propagated via normal Debian package updates,
|   including backports.
|   If you already have a drivedb.h file at that location, smartctl
|   will continue to use it.

We could completely drop the package once we're certain that
update-smart-drivedb doesn't exist anymore in all the Debian
releases grml-live is building for, but for the time being
let's keep it and switch the warning into a note.

7 years agoSW: drop firmware-ipw2x00 (license issues)
Michael Prokop [Thu, 22 Sep 2016 15:07:15 +0000 (17:07 +0200)]
SW: drop firmware-ipw2x00 (license issues)

7 years agohooks/instsoft.GRMLBASE: ensure aptitude is available before invoking it
Michael Prokop [Thu, 22 Sep 2016 14:06:26 +0000 (16:06 +0200)]
hooks/instsoft.GRMLBASE: ensure aptitude is available before invoking it

7 years agoSW: update list of firmware package in GRMLBASE
Michael Prokop [Thu, 22 Sep 2016 13:13:37 +0000 (15:13 +0200)]
SW: update list of firmware package in GRMLBASE

New packages:

* firmware-cavium
* firmware-intel-sound
* firmware-ipw2x00
* firmware-misc-nonfree
* firmware-ti-connectivity

Deprecated/removed packages:

* firmware-ralink (seems to be part of firmware-misc-nonfree nowadays)

7 years agohooks/instsoft.GRMLBASE: ensure package list is up2date before trying to install...
Michael Prokop [Tue, 6 Sep 2016 20:32:56 +0000 (22:32 +0200)]
hooks/instsoft.GRMLBASE: ensure package list is up2date before trying to install file-rc/aptitude

If apt's package information is out-of-date (or even empty)
then we can't install file-rc nor aptitude, so ensure
we run `apt-get update` before.

7 years agoSW: add libteam-utils
Michael Prokop [Fri, 2 Sep 2016 22:28:59 +0000 (00:28 +0200)]
SW: add libteam-utils

Inspired by

7 years agoSW: drop aufs-tools from GRMLBASE
Michael Prokop [Tue, 30 Aug 2016 14:31:57 +0000 (16:31 +0200)]
SW: drop aufs-tools from GRMLBASE

Debian dropped aufs support from their kernel package. The way
forward is usage of overlayfs, now let's see whether we need
aufs-tools at all nowadays. Not being present in Debian/testing
currently fails the build because of aptitude's behavior change
with 0.7.6 where packages that can't be installed break
installations (see #835372). And aufs-tools probably won't appear
in Debian/testing soonish, given:

| % grep-excuses aufs-tools
| aufs-tools (- to 1:3.2+20130722-1.1)
|     Maintainer: Filesystems Group
|     976 days old (needed 5 days)
|     aufs-tools has new bugs!
|     Updating aufs-tools introduces new bugs: #788513
|     Not considered

7 years agoAdd new Grml repository signing key 4096R/21E0CA38EA2EA4AB to GRMLBASE's /etc/apt...
Michael Prokop [Wed, 24 Aug 2016 22:10:06 +0000 (00:10 +0200)]
Add new Grml repository signing key 4096R/21E0CA38EA2EA4AB to GRMLBASE's /etc/apt/grml.key

Exported via `gpg --armor --export ECDEA787 EA2EA4AB`

7 years agoSW: add binwalk to GRML_FULL
Michael Prokop [Mon, 4 Jul 2016 06:00:14 +0000 (08:00 +0200)]
SW: add binwalk to GRML_FULL

Quoting Marc Haber from the bugreport:

| binwalk is helpful when unpacking one of those nifty new initrd
| images with microcode prepended. binwalk tells you how many bytes
| to skip at the beginning of initrd.img to find the beginning of
| the actual initrd.
| Usage example see

Closes #21 @ GH

7 years agoisolinux.cfg template: fix typo in a comment
Carsten Hey [Wed, 30 Mar 2016 19:41:57 +0000 (21:41 +0200)]
isolinux.cfg template: fix typo in a comment

7 years agoAdded support for
Andreas "Jimmy" Gredler [Wed, 13 Apr 2016 09:58:14 +0000 (02:58 -0700)]
Added support for

Added configuration for isolinux and grub to add a menu entry to boot The actual needs to be part of
grml-live-addons to make this work, see PR #8: