[Fai-commit] r5259 - people/michael/experimental/patches
mt at alioth.debian.org
mt at alioth.debian.org
Fri Feb 13 21:24:01 UTC 2009
Author: mt
Date: 2009-02-13 21:24:01 +0000 (Fri, 13 Feb 2009)
New Revision: 5259
Added:
people/michael/experimental/patches/bugfix-313397
people/michael/experimental/patches/bugfix-412889
people/michael/experimental/patches/bugfix-444210
people/michael/experimental/patches/bugfix-481871
people/michael/experimental/patches/bugfix-495535
people/michael/experimental/patches/bugfix-515057
people/michael/experimental/patches/setup-storage_crypto-with-random-init-configurable
Modified:
people/michael/experimental/patches/series
Log:
Added further patches for bugs known to the BTS and slightly improved
setup-storage crypto code
Added: people/michael/experimental/patches/bugfix-313397
===================================================================
--- people/michael/experimental/patches/bugfix-313397 (rev 0)
+++ people/michael/experimental/patches/bugfix-313397 2009-02-13 21:24:01 UTC (rev 5259)
@@ -0,0 +1,76 @@
+2009-02-13 Michael Tautschnig <mt at debian.org>
+
+ * examples/simple/files/etc/ucf.conf/FAIBASE: Added example ucf configuration
+ that enforces choosing the default option non-interactively (closes #313397)
+ * examples/simple/files/etc/apt/apt.conf.d/force_confdef/FAIBASE: Added dpkg
+ option --force-confdef for apt/aptitude to make it non-interactive when
+ config files have been changed (closes: #502394)
+ * examples/simple/hooks/instsoft.FAIBASE: Copy those files before installing
+ any packages
+Index: trunk/examples/simple/files/etc/ucf.conf/FAIBASE
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ trunk/examples/simple/files/etc/ucf.conf/FAIBASE
+@@ -0,0 +1,39 @@
++#
++# This file is a bourne shell snippet, and is sourced by the
++# ucf script for configuration.
++#
++
++# Debugging information: The default value is 0 (no debugging
++# information is printed). To change the default behavior, uncomment
++# the following line and set the value to 1.
++#
++# DEBUG=0
++
++# Verbosity: The default value is 0 (quiet). To change the default
++# behavior, uncomment the following line and set the value to 1.
++#
++# VERBOSE=0
++
++
++# The src directory. This is the directory where the historical
++# md5sums for a file are looked for. Specifically, the historical
++# md5sums are looked for in the subdirectory ${filename}.md5sum.d/
++#
++# conf_source_dir=/some/path/
++
++# Force the installed file to be retained. The default is have this
++# variable unset, which makes the script ask in case of doubt. To
++# change the default behavior, uncomment the following line and set
++# the value to YES
++#
++conf_force_conffold=YES
++
++# Force the installed file to be overridden. The default is have this
++# variable unset, which makes the script ask in case of doubt. To
++# change the default behavior, uncomment the following line and set
++# the value to YES
++#
++# conf_force_conffnew=YES
++
++# Please note that only one of conf_force_conffold and
++# conf_force_conffnew should be set.
+Index: trunk/examples/simple/files/etc/apt/apt.conf.d/force_confdef/FAIBASE
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ trunk/examples/simple/files/etc/apt/apt.conf.d/force_confdef/FAIBASE
+@@ -0,0 +1,7 @@
++DPkg
++{
++ Options {
++ "--force-confdef";
++ }
++};
++
+Index: trunk/examples/simple/hooks/instsoft.FAIBASE
+===================================================================
+--- trunk.orig/examples/simple/hooks/instsoft.FAIBASE
++++ trunk/examples/simple/hooks/instsoft.FAIBASE
+@@ -1,3 +1,6 @@
+ #! /bin/bash
+
+ [ -s $target/etc/kernel-img.conf ] || fcopy -Bi /etc/kernel-img.conf
++fcopy -Bi /etc/ucf.conf
++fcopy -Bi /etc/apt/apt.conf.d/force_confdef
++
Added: people/michael/experimental/patches/bugfix-412889
===================================================================
--- people/michael/experimental/patches/bugfix-412889 (rev 0)
+++ people/michael/experimental/patches/bugfix-412889 2009-02-13 21:24:01 UTC (rev 5259)
@@ -0,0 +1,182 @@
+2009-02-13 Michael Tautschnig <mt at debian.org>
+
+ * bin/fai-mirror: Added -a command line option to support use with multiple
+ architectures (thanks Sebastian Harl) (closes: #412889, #343344)
+ * man/fai-mirror.1: Documentation of new -a option (thanks Sebastian Harl)
+Index: trunk/bin/fai-mirror
+===================================================================
+--- trunk.orig/bin/fai-mirror
++++ trunk/bin/fai-mirror
+@@ -151,6 +151,8 @@
+ }
+ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ delete_base_packages() {
++ local arch=$1
++ shift
+
+ # now delete all packages that are already included in base.tgz
+ local p
+@@ -162,14 +164,18 @@
+ fi
+ echo "Removing packages that are already included in base.tgz"
+ for p in $(cat $NFSROOT/var/tmp/base-pkgs.lis); do
+- if [ -f $archivedir/${p}_*.deb ]; then
+- [ $verbose -eq 1 ] && echo "deleting package $p"
+- rm $archivedir/${p}_*.deb
++ # There might be more than one file - even for this architecture.
++ local files=$(ls $archivedir/${p}_{$arch,all}.deb 2> /dev/null)
++ for file in $files; do
++ if [ -f $file ]; then
++ [ $verbose -eq 1 ] && echo "deleting package $p"
++ rm $file
+ # else commands only for debugging
+ # else
+ # echo "package $p not found"
+ # ls $archivedir/${p}_*.deb
+- fi
++ fi
++ done
+ done
+ }
+ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+@@ -225,7 +231,8 @@
+ verbose=0
+ add=1
+ qflag=-qq
+-while getopts "Bvhx:pc:C:" opt ; do
++archs="`dpkg-architecture -qDEB_HOST_ARCH`"
++while getopts "Bvhx:pc:C:a:" opt ; do
+ case "$opt" in
+ B) add=0 ;;
+ C) cfdir=$OPTARG ;;
+@@ -234,6 +241,7 @@
+ c) cclasses="$OPTARG";;
+ p) preserve=1;;
+ v) verbose=1; vflag=-v; qflag='';;
++ a) archs="$OPTARG";;
+ ?) die 1 "Unknown option";;
+ esac
+ done
+@@ -288,17 +296,26 @@
+ # TODO: use -p to preserve sources.list
+ perl -p -e 's/file:/copy:/' $cfdir/apt/sources.list > $aptcache/etc/apt/sources.list
+
+-echo "Getting package information"
+-apt-get $qflag $aptoptions update >/dev/null
++archs=${archs//,/ }
++for arch in $archs; do
++ arch=$(echo $arch | tr '[[:upper:]]' '[[:lower:]]')
++ aptoptions_noarch="$aptoptions"
++ aptoptions=" -o APT::Architecture=$arch $aptoptions_noarch"
++
++ echo "Getting package information for architecture $arch"
++ apt-get $qflag $aptoptions update >/dev/null
++
++ set-classes
++ echo "Downloading packages for classes:" $classes
++ FAI=$FAI_CONFIGDIR install_packages -d $vflag
++ [ $add -eq 1 ] && add_base_packages
++ get_addpackages
++ umount_dirs
++ trap "" EXIT ERR
++ [ $add -eq 0 ] && delete_base_packages $arch
+
+-set-classes
+-echo "Downloading packages for classes:" $classes
+-FAI=$FAI_CONFIGDIR install_packages -d $vflag
+-[ $add -eq 1 ] && add_base_packages
+-get_addpackages
+-umount_dirs
+-trap "" EXIT ERR
+-[ $add -eq 0 ] && delete_base_packages
++ aptoptions="$aptoptions_noarch"
++done
+
+ # create mirror directory structure
+ echo "Calling apt-move"
+@@ -313,21 +330,55 @@
+ PKGCOMP='none gzip'
+ EOF
+ apt-move $qflag -c $aptmovefile update
+-# since Packages.gz from apt-move does not include packages from my
+-# repository, let's use apt-ftparchive for generiating correct index
+-# files
+-pfilegz=$(find $mirrordir/dists -name Packages.gz)
+-pfile=$(find $mirrordir/dists -name Packages)
+-pdist=$(cd $mirrordir/dists ; ls)
++
++# apt-move does not handle Packages files for multiple architectures,
++# so we're creating those ourselves. Also, we're creating our own
++# Release files.
++#
++# We trust in dists and components being created by apt-move.
++echo "Creating Packages and Release files"
+ cd $mirrordir
+-# md5sums of apt-move are not valid, when we recreate Packages.gz using
+-# apt-ftparchive, but we can use the header of the Release file
+-grep -B99 MD5Sum: $mirrordir/dists/$pdist/Release | grep -v MD5Sum: > $mirrordir/tmpfile
+-rm $mirrordir/dists/$pdist/Release
+-apt-ftparchive packages pool > $pfile
+-gzip -c $pfile > $pfilegz
+-apt-ftparchive release dists/$pdist >> tmpfile
+-mv tmpfile dists/$pdist/Release
++dists=$(cd $mirrordir/dists ; find * -maxdepth 0 -type d | xargs echo -n)
++for dist in $dists; do
++ distdir="$mirrordir/dists/$dist"
++
++ components=$(cd $distdir ; find * -maxdepth 0 -type d | xargs echo -n)
++ for component in $components; do
++ componentdir="$distdir/$component"
++
++ for arch in $archs; do
++ archdir="$componentdir/binary-$arch"
++ mkdir -p "$archdir"
++ rm -rf $archdir/Packages{,gz}
++
++ dpkg-scanpackages --arch $arch . > $archdir/Packages
++ gzip -c $archdir/Packages > $archdir/Packages.gz
++
++ cat > $archdir/Release <<EOF
++Archive: $dist
++Component: $component
++Origin: fai-mirror
++Label: fai-mirror
++Architecture: $arch
++EOF
++ done
++ done
++
++ mirror_archs=$(cd $distdir ; \
++ ls */ | grep '^binary-' | cut -d'-' -f2- | xargs echo -n)
++ cat > $distdir/Release <<EOF
++Origin: fai-mirror
++Label: fai-mirror
++Suite: $dist
++Codename: unknown
++Date: `date -Ru`
++Architectures: $mirror_archs
++Components: $components
++Description: unknown
++EOF
++
++ apt-ftparchive release dists/$dist >> $distdir/Release
++done
+
+ echo "$0 finished."
+ echo -n "Mirror size and location: ";du -sh $mirrordir
+Index: trunk/man/fai-mirror.1
+===================================================================
+--- trunk.orig/man/fai-mirror.1
++++ trunk/man/fai-mirror.1
+@@ -71,6 +71,11 @@
+ Exclude these classes. Do not add the packages of these classes to
+ the mirror.
+ .TP
++.B "\-a " ARCH[,ARCH]
++Create the mirror for the given architectures. Default is the host
++architecture. This has no influence on the list of classes. This might have to
++be combined with -B to prevent architecture specific packages to be pulled in.
++.TP
+ .B \-p
+ Preserve existing sources.list. NOT YET IMPLEMENTED.
+ .TP
Added: people/michael/experimental/patches/bugfix-444210
===================================================================
--- people/michael/experimental/patches/bugfix-444210 (rev 0)
+++ people/michael/experimental/patches/bugfix-444210 2009-02-13 21:24:01 UTC (rev 5259)
@@ -0,0 +1,83 @@
+2009-02-13 Michael Tautschnig <mt at debian.org>
+
+ * lib/get-config-dir-*: task_error requires the exit code of the preceeding
+ command as the second argument
+ * lib/subroutines-linux: The exit code of a command earlier in a pipe must be
+ read using $PIPESTATUS, not $? (closes: #444210)
+Index: trunk/lib/get-config-dir-cvs
+===================================================================
+--- trunk.orig/lib/get-config-dir-cvs
++++ trunk/lib/get-config-dir-cvs
+@@ -36,11 +36,11 @@
+ echo "Updating CVS in $FAI"
+ cd $FAI
+ cvs -q up -P $tag -d -C > $LOGDIR/getconf.log
+- task_error 701
++ task_error 701 $?
+ else
+ echo "Checking out CVS"
+ cd $(dirname "$FAI")
+ cvs -q co -P -d $(basename "$FAI") \
+ $tag $module > $LOGDIR/getconf.log
+- task_error 702
++ task_error 702 $?
+ fi
+Index: trunk/lib/get-config-dir-git
+===================================================================
+--- trunk.orig/lib/get-config-dir-git
++++ trunk/lib/get-config-dir-git
+@@ -32,9 +32,9 @@
+ echo "Updating git copy in $FAI"
+ cd $FAI
+ git pull
+- task_error 701
++ task_error 701 $?
+ else
+ echo "Checking out from git"
+ git clone $giturl $FAI
+- task_error 702
++ task_error 702 $?
+ fi
+Index: trunk/lib/get-config-dir-nfs
+===================================================================
+--- trunk.orig/lib/get-config-dir-nfs
++++ trunk/lib/get-config-dir-nfs
+@@ -12,4 +12,4 @@
+
+ mount -n $romountopt $server:$nfspath $FAI &&
+ echo "Configuration space $server:$nfspath mounted to $FAI"
+-task_error 701
++task_error 701 $?
+Index: trunk/lib/get-config-dir-svn
+===================================================================
+--- trunk.orig/lib/get-config-dir-svn
++++ trunk/lib/get-config-dir-svn
+@@ -50,9 +50,9 @@
+ echo "Updating SVN in $FAI"
+ cd $FAI
+ svn up $user | grep -v 'Updated to revision' > $LOGDIR/getconf.log
+- task_error 701
++ task_error 701 $?
+ else
+ echo "Checking out SVN"
+ svn co $user $svnurl $FAI | grep -v 'Checked out revision' > $LOGDIR/getconf.log
+- task_error 702
++ task_error 702 $?
+ fi
+Index: trunk/lib/subroutines-linux
+===================================================================
+--- trunk.orig/lib/subroutines-linux
++++ trunk/lib/subroutines-linux
+@@ -250,10 +250,10 @@
+ echo "Installing software may take a while"
+ if [ "$debug" ]; then
+ install_packages | tee -a $LOGDIR/software.log
+- task_error 471 $?
++ task_error 471 ${PIPESTATUS[0]}
+ elif [ "$verbose" ]; then
+ install_packages </dev/null 2>&1 | tee -a $LOGDIR/software.log
+- task_error 471 $?
++ task_error 471 ${PIPESTATUS[0]}
+ else
+ install_packages </dev/null >> $LOGDIR/software.log 2>&1
+ task_error 471 $?
Added: people/michael/experimental/patches/bugfix-481871
===================================================================
--- people/michael/experimental/patches/bugfix-481871 (rev 0)
+++ people/michael/experimental/patches/bugfix-481871 2009-02-13 21:24:01 UTC (rev 5259)
@@ -0,0 +1,132 @@
+2009-02-13 Michael Tautschnig <mt at debian.org>
+
+ * examples/simple: Made all scripts idempotent and softupdate-capable
+ (closes: #481871)
+Index: trunk/examples/simple/files/boot/grub/menu.lst/postinst
+===================================================================
+--- trunk.orig/examples/simple/files/boot/grub/menu.lst/postinst
++++ trunk/examples/simple/files/boot/grub/menu.lst/postinst
+@@ -4,8 +4,12 @@
+
+ set -a
+
+-# during softupdate use this file
+-[ -r $target/var/log/fai/disk_var.sh ] && . $target/var/log/fai/disk_var.sh
++if [ -r $LOGDIR/disk_var.sh ] ; then
++ . $LOGDIR/disk_var.sh
++else
++ echo "disk_var.sh not found!"
++ exit 0
++fi
+
+ # if class NOMBR is defined, write boot loader into root partition, not into mbr
+ ifclass NOMBR && BOOT_DEVICE=$BOOT_PARTITION
+Index: trunk/examples/simple/class/20-hwdetect.source
+===================================================================
+--- trunk.orig/examples/simple/class/20-hwdetect.source
++++ trunk/examples/simple/class/20-hwdetect.source
+@@ -5,7 +5,8 @@
+ # NOTE: Files named *.source will be evaluated, but their output ignored. Instead
+ # the contents of $newclasses will be added to the list of defined classes.
+
+-[ "$action" = "dirinstall" ] && return 0 # Do not execute when doing dirinstall
++# Do not execute when doing dirinstall or softupdate
++[ "$action" = "dirinstall" -o "$action" = "softupdate" ] && return 0
+
+ echo 0 > /proc/sys/kernel/printk
+
+Index: trunk/examples/simple/scripts/DEMO/10-misc
+===================================================================
+--- trunk.orig/examples/simple/scripts/DEMO/10-misc
++++ trunk/examples/simple/scripts/DEMO/10-misc
+@@ -9,6 +9,9 @@
+ # perl -pi.orig -pe "s/%%VIDEODRIVER%%/$VIDEODRIVER/" $target/etc/X11/xorg.conf
+ }
+
+-# add a demo user account
+-$ROOTCMD adduser --disabled-login --gecos "fai demo user" demo
+-echo "demo:$ROOTPW" | $ROOTCMD chpasswd --encrypted
++if ! $ROOTCMD getent passwd demo ; then
++ # add a demo user account
++ $ROOTCMD adduser --disabled-login --gecos "fai demo user" demo
++ echo "demo:$ROOTPW" | $ROOTCMD chpasswd --encrypted
++fi
++
+Index: trunk/examples/simple/scripts/FAIBASE/30-interface
+===================================================================
+--- trunk.orig/examples/simple/scripts/FAIBASE/30-interface
++++ trunk/examples/simple/scripts/FAIBASE/30-interface
+@@ -2,7 +2,7 @@
+
+ error=0 ; trap "error=$((error|1))" ERR
+
+-if ifclass DHCPC
++if ifclass DHCPC && [ $FAI_ACTION != "softupdate" ]
+ then
+ cat > $target/etc/network/interfaces <<-EOF
+ # generated by FAI
+@@ -23,11 +23,11 @@
+ EOF
+ [ -n "$NETWORK" ] && echo "localnet $NETWORK" > $target/etc/networks
+ [ -s /etc/resolv.conf ] && cp -p /etc/resolv.conf $target/etc
+- fcopy -i /etc/resolv.conf
+ fi
+
+ # here fcopy is mostly used, when installing a client for running in a
+ # different subnet than during the installation
++fcopy -i /etc/resolv.conf
+ fcopy -iM /etc/network/interfaces /etc/networks
+
+ exit $error
+Index: trunk/examples/simple/scripts/FAISERVER/10-conffiles
+===================================================================
+--- trunk.orig/examples/simple/scripts/FAISERVER/10-conffiles
++++ trunk/examples/simple/scripts/FAISERVER/10-conffiles
+@@ -5,10 +5,16 @@
+
+ #/etc/fai/fai.conf /etc/fai/make-fai-nfsroot.conf
+ fcopy /etc/apt-proxy/apt-proxy-v2.conf /etc/fai/apt/sources.list
+-# use the same sources.list for the server itself and the clients
+-cp -a $target/etc/fai/apt $target/etc/
+
+-rm -f $target/etc/resolv.conf
++# Michael T: actually I absolutely don't understand the following, but I guess
++# it must not happen on softupdates
++if [ $FAI_ACTION != "softupdate" ] ; then
++ # use the same sources.list for the server itself and the clients
++ cp -a $target/etc/fai/apt $target/etc/
++
++ rm -f $target/etc/resolv.conf
++
++ # create some host entries
++ perl -e 'for (1..25) {printf "192.168.1.%s atom%02s\n",$_,$_;}' >> $target/etc/hosts
++fi
+
+-# create some host entries
+-perl -e 'for (1..25) {printf "192.168.1.%s atom%02s\n",$_,$_;}' >> $target/etc/hosts
+Index: trunk/examples/simple/scripts/GRUB/10-setup
+===================================================================
+--- trunk.orig/examples/simple/scripts/GRUB/10-setup
++++ trunk/examples/simple/scripts/GRUB/10-setup
+@@ -2,7 +2,7 @@
+
+ error=0 ; trap "error=$((error|1))" ERR
+
+-fcopy -Uv /boot/grub/menu.lst
++fcopy -v /boot/grub/menu.lst
+
+ exit $error
+
+Index: trunk/examples/simple/scripts/LAST/50-misc
+===================================================================
+--- trunk.orig/examples/simple/scripts/LAST/50-misc
++++ trunk/examples/simple/scripts/LAST/50-misc
+@@ -11,7 +11,7 @@
+ done
+
+ [ "$FAI_DEBMIRROR" ] &&
+-echo "#$FAI_DEBMIRROR $MNTPOINT nfs ro 0 0" >> $target/etc/fstab
++ainsl $target/etc/fstab "#$FAI_DEBMIRROR $MNTPOINT nfs ro 0 0"
+
+ # set bios clock
+ if [ $do_init_tasks -eq 1 ] ; then
Added: people/michael/experimental/patches/bugfix-495535
===================================================================
--- people/michael/experimental/patches/bugfix-495535 (rev 0)
+++ people/michael/experimental/patches/bugfix-495535 2009-02-13 21:24:01 UTC (rev 5259)
@@ -0,0 +1,35 @@
+2009-02-13 Michael Tautschnig <mt at debian.org>
+
+ * bin/fai-chboot: Make -k work again, even if -i or -o is not used
+ (closes: #495535)
+ * man/fai-chboot.8: Don't claim -i does the same as -k ..., just give a few
+ hints about the options set by default
+Index: trunk/bin/fai-chboot
+===================================================================
+--- trunk.orig/bin/fai-chboot
++++ trunk/bin/fai-chboot
+@@ -443,7 +443,10 @@
+ } else {
+ $kernelname = shift;
+ $kernelname = "kernel $kernelname";
+-# $rootfs = shift or die "No rootfs specified.\n";
++ $initrd = '';
++ $rootfs = '';
++ $bootprot = '';
++ $flags = '';
+ }
+
+ $opt_F and $opt_f="verbose,sshd,createvt";
+Index: trunk/man/fai-chboot.8
+===================================================================
+--- trunk.orig/man/fai-chboot.8
++++ trunk/man/fai-chboot.8
+@@ -79,7 +79,7 @@
+ Show simple help and version.
+ .TP
+ .B \-i
+-Set parameters for booting the FAI install kernel. Same as -k "ip=dhcp" vmlinuz-install /dev/nfs. This does not set FAI_ACTION.
++Set parameters for booting the FAI install kernel (proper initrd, boot from nfs). This does not set FAI_ACTION.
+ .TP
+ .B \-I
+ Same as -i but also sets FAI_ACTION=install. So a fully automatic
Added: people/michael/experimental/patches/bugfix-515057
===================================================================
--- people/michael/experimental/patches/bugfix-515057 (rev 0)
+++ people/michael/experimental/patches/bugfix-515057 2009-02-13 21:24:01 UTC (rev 5259)
@@ -0,0 +1,36 @@
+2009-02-13 Michael Tautschnig <mt at debian.org>
+
+ * lib/get-config-dir-svn: Added support for password in SVN URL (thanks Robin
+ Powell) (closes: #515057)
+Index: trunk/lib/get-config-dir-svn
+===================================================================
+--- trunk.orig/lib/get-config-dir-svn
++++ trunk/lib/get-config-dir-svn
+@@ -11,9 +11,13 @@
+
+ # matched string: "svn://user@host/svnpath"
+ protocol=$(expr match "$FAI_CONFIG_SRC" '\([^:]*\)://')
+-username=$(expr match "$FAI_CONFIG_SRC" '[^:]*://\([^@]*\)@')
++# username may or may not be followed by a password
++username=$(expr match "$FAI_CONFIG_SRC" '[^:]*://\([^@:]*\)[^@]*@')
+ if [ -n "$username" ] ; then
+ svnpath=$(expr match "$FAI_CONFIG_SRC" '[^:]*://[^@]\+@\([^[:space:]]\+\)')
++ # password definitely is preceded by a username
++ password=$(expr match "$FAI_CONFIG_SRC" '[^:]*://[^@:]*:\([^@]*\)@')
++ [ -n "$password" ] && pass="--password $password"
+ else
+ svnpath=$(expr match "$FAI_CONFIG_SRC" '[^:]*://\([^[:space:]]\+\)')
+ fi
+@@ -49,10 +53,10 @@
+ if [ -d "$FAI/.svn" ] ; then
+ echo "Updating SVN in $FAI"
+ cd $FAI
+- svn up $user | grep -v 'Updated to revision' > $LOGDIR/getconf.log
++ svn up $user $pass | grep -v 'Updated to revision' > $LOGDIR/getconf.log
+ task_error 701 $?
+ else
+ echo "Checking out SVN"
+- svn co $user $svnurl $FAI | grep -v 'Checked out revision' > $LOGDIR/getconf.log
++ svn co $user $pass $svnurl $FAI | grep -v 'Checked out revision' > $LOGDIR/getconf.log
+ task_error 702 $?
+ fi
Modified: people/michael/experimental/patches/series
===================================================================
--- people/michael/experimental/patches/series 2009-02-13 18:18:07 UTC (rev 5258)
+++ people/michael/experimental/patches/series 2009-02-13 21:24:01 UTC (rev 5259)
@@ -25,3 +25,10 @@
bugfix-513090
bugfix-494431
bugfix-456978
+bugfix-444210
+bugfix-515057
+bugfix-412889
+bugfix-313397
+bugfix-481871
+bugfix-495535
+setup-storage_crypto-with-random-init-configurable
Added: people/michael/experimental/patches/setup-storage_crypto-with-random-init-configurable
===================================================================
--- people/michael/experimental/patches/setup-storage_crypto-with-random-init-configurable (rev 0)
+++ people/michael/experimental/patches/setup-storage_crypto-with-random-init-configurable 2009-02-13 21:24:01 UTC (rev 5259)
@@ -0,0 +1,80 @@
+2009-02-13 Michael Tautschnig <mt at debian.org>
+
+ * lib/setup-storage/Parser.pm, lib/setup-storage/Commands.pm: Make random
+ initialization of encrypted partitions configurable
+ * man/setup-storage.8: Document new encryption possibilities
+Index: trunk/lib/setup-storage/Commands.pm
+===================================================================
+--- trunk.orig/lib/setup-storage/Commands.pm
++++ trunk/lib/setup-storage/Commands.pm
+@@ -125,12 +125,16 @@
+ "head -c 2048 /dev/urandom | head -n 47 | tail -n 46 | od | tee $keyfile",
+ "", "keyfile_$device" );
+ # prepare encryption
+- &FAI::push_command(
+- "dd if=/dev/urandom of=$device",
+- "exist_$device", "random_init_$device" );
++ my $prepare_deps = "keyfile_$device";
++ if ($partition->{encrypt} > 1) {
++ &FAI::push_command(
++ "dd if=/dev/urandom of=$device",
++ "exist_$device", "random_init_$device" );
++ $prepare_deps = "random_init_$device,$prepare_deps";
++ }
+ &FAI::push_command(
+ "yes YES | cryptsetup luksFormat $device $keyfile -c aes-cbc-essiv:sha256 -s 256",
+- "random_init_$device,keyfile_$device", "crypt_format_$device" );
++ $prepare_deps, "crypt_format_$device" );
+ &FAI::push_command(
+ "cryptsetup luksOpen $device $enc_dev_short_name --key-file $keyfile",
+ "crypt_format_$device", "encrypted_$enc_dev_name" );
+Index: trunk/lib/setup-storage/Parser.pm
+===================================================================
+--- trunk.orig/lib/setup-storage/Parser.pm
++++ trunk/lib/setup-storage/Parser.pm
+@@ -510,7 +510,7 @@
+ $FAI::partition_pointer = (\%FAI::configs)->{$FAI::device}->{volumes}->{$2};
+ }
+
+- mountpoint: m{^(-|swap|/[^\s\:]*)(:encrypt)?}
++ mountpoint: m{^(-|swap|/[^\s\:]*)(:encrypt(:randinit)?)?}
+ {
+ # set the mount point, may include encryption-request
+ $FAI::partition_pointer->{mountpoint} = $1;
+@@ -518,6 +518,7 @@
+ if (defined($2)) {
+ &FAI::in_path("cryptsetup") or die "cryptsetup not found in PATH\n";
+ $FAI::partition_pointer->{encrypt} = 1;
++ ++$FAI::partition_pointer->{encrypt} if (defined($3));
+ } else {
+ $FAI::partition_pointer->{encrypt} = 0;
+ }
+Index: trunk/man/setup-storage.8
+===================================================================
+--- trunk.orig/man/setup-storage.8
++++ trunk/man/setup-storage.8
+@@ -264,19 +264,15 @@
+ .br
+
+
+-mountpoint ::= -
++mountpoint ::= (-|swap|/[^\:[:space:]]*)(:encrypt(:randinit)?)?
+ .br
+- /* do not mount */
++ /* do not mount, mount as swap, or mount at fully qualified path;
+ .br
+- | swap
+-.br
+- /* swap space */
+-.br
+- | /[^[:space:]]*(:encrypt)?
++ * if :encrypt is given the partition will be encrypted, the key
+ .br
+- /* fully qualified path; if :encrypt is given the partition
++ * is generated automatically; :randinit adds random
+ .br
+- * will be encrypted, the key is generated automatically */
++ * initialization of the partition */
+ .br
+
+
More information about the Fai-commit
mailing list