Bug#778195: updated patch
Here's a version rebased onto current d-i. With jessie two months out, you lost the excuse. -- // If you believe in so-called "intellectual property", please immediately // cease using counterfeit alphabets. Instead, contact the nearest temple // of Amon, whose priests will provide you with scribal services for all // your writing needs, for Reasonable and Non-Discriminatory prices. >From 00f9fdf27e3407940e1e1130fc9a2dbd191c498a Mon Sep 17 00:00:00 2001 From: Adam Borowski Date: Mon, 22 Jun 2015 11:54:10 +0200 Subject: [PATCH] Add x32 support. --- build/config/x32.cfg | 25 ++ build/config/x32/cdrom-xen.cfg | 14 ++ build/config/x32/cdrom.cfg | 7 + build/config/x32/cdrom/el-torito.cfg | 7 + build/config/x32/cdrom/gtk.cfg | 17 build/config/x32/cdrom/isolinux.cfg| 14 ++ build/config/x32/hd-media.cfg | 22 build/config/x32/hd-media/gtk.cfg | 16 build/config/x32/monolithic.cfg| 9 +++ build/config/x32/netboot-gtk.cfg | 23 build/config/x32/netboot-xen.cfg | 16 build/config/x32/netboot.cfg | 12 + build/config/x86.cfg | 2 +- build/pkg-lists/cdrom/isolinux/gtk/x32.cfg | 8 ++ build/pkg-lists/cdrom/isolinux/x32.cfg | 12 + build/pkg-lists/cdrom/x32.cfg | 25 ++ build/pkg-lists/hd-media/gtk/x32.cfg | 10 +++ build/pkg-lists/hd-media/x32.cfg | 32 +++ build/pkg-lists/netboot/gtk/x32.cfg| 10 +++ build/pkg-lists/netboot/x32.cfg| 42 ++ debian/control | 30 ++--- 21 files changed, 337 insertions(+), 16 deletions(-) create mode 100644 build/config/x32.cfg create mode 100644 build/config/x32/cdrom-xen.cfg create mode 100644 build/config/x32/cdrom.cfg create mode 100644 build/config/x32/cdrom/el-torito.cfg create mode 100644 build/config/x32/cdrom/gtk.cfg create mode 100644 build/config/x32/cdrom/isolinux.cfg create mode 100644 build/config/x32/hd-media.cfg create mode 100644 build/config/x32/hd-media/gtk.cfg create mode 100644 build/config/x32/monolithic.cfg create mode 100644 build/config/x32/netboot-gtk.cfg create mode 100644 build/config/x32/netboot-xen.cfg create mode 100644 build/config/x32/netboot.cfg create mode 100644 build/pkg-lists/cdrom/isolinux/gtk/x32.cfg create mode 100644 build/pkg-lists/cdrom/isolinux/x32.cfg create mode 100644 build/pkg-lists/cdrom/x32.cfg create mode 100644 build/pkg-lists/hd-media/gtk/x32.cfg create mode 100644 build/pkg-lists/hd-media/x32.cfg create mode 100644 build/pkg-lists/netboot/gtk/x32.cfg create mode 100644 build/pkg-lists/netboot/x32.cfg diff --git a/build/config/x32.cfg b/build/config/x32.cfg new file mode 100644 index 000..62df865 --- /dev/null +++ b/build/config/x32.cfg @@ -0,0 +1,25 @@ +MEDIUM_SUPPORTED = cdrom cdrom-xen netboot netboot-gtk netboot-xen hd-media +MEDIUM_SUPPORTED_EXTRA = monolithic + +# The version of the kernel to use. +KERNELVERSION = $(LINUX_KERNEL_ABI)-amd64 +KERNELMAJOR = 2.6 +KERNELNAME = vmlinuz + +# Not used for amd64. +#UPX=upx-ucl-beta + +# Default syslinux configuration +SYSLINUX_CFG=standard + +# The default video modes +# These should be kept in sync with win32-loader's preseed line as +# defined in graphics.nsi around line 58 +VIDEO_MODE="vga=788" +VIDEO_MODE_GTK="vga=788" + +GRUB_EFI=y +GRUB_PLATFORM=x86_64-efi +GRUB_EFI_NAME=x64 + +include config/x86.cfg diff --git a/build/config/x32/cdrom-xen.cfg b/build/config/x32/cdrom-xen.cfg new file mode 100644 index 000..2b4fd1b --- /dev/null +++ b/build/config/x32/cdrom-xen.cfg @@ -0,0 +1,14 @@ +TYPE=cdrom/gtk + +EXTRANAME=cdrom/xen/ + +MANIFEST-KERNEL = "kernel image for installing under Xen" +MANIFEST-INITRD = "initrd for installing under Xen" +MANIFEST-XENCFG = "example Xen configuration" + +XEN_INSTALL_METHOD = cdrom +TARGET = $(KERNEL) $(INITRD) xen_config +SYMLINK_KERNEL = ../vmlinuz +SYMLINK_INITRD = ../gtk/initrd.gz + +EXTRATARGETS = build_cdrom_gtk diff --git a/build/config/x32/cdrom.cfg b/build/config/x32/cdrom.cfg new file mode 100644 index 000..5678ba5 --- /dev/null +++ b/build/config/x32/cdrom.cfg @@ -0,0 +1,7 @@ +# el-torito is too large at the moment, so is disabled. +FLAVOUR_SUPPORTED = isolinux gtk #el-torito + +MEDIA_TYPE = CD-ROM + +# Syslinux configuration +SYSLINUX_CFG=template diff --git a/build/config/x32/cdrom/el-torito.cfg b/build/config/x32/cdrom/el-torito.cfg new file mode 100644 index 000..96cf55b --- /dev/null +++ b/build/config/x32/cdrom/el-torito.cfg @@ -0,0 +1,7 @@ +# A bootable image suitable for El Torito CD images. + +FLOPPY_SIZE = 2880 + +TARGET = $(BOOT) + +MANIFEST-BOOT = "El Torito boot image for CD" diff --git a/build/config/x32/cdrom/gtk.cf
Bug#788634: debian-installer: Accepting a preseed URL from DHCP allows attacker to hijack installation
On 18 June 2015 at 14:11, Christian PERRIER wrote:
> (no need to CC me or debian-boot to answers as bug report answers
> already go to debian-boot)
Ah, sorry. Thanks for letting me know.
> Quoting Aliz 'Randomdude' (randomd...@gmail.com):
>
>> +Template: preseed/accept_preseed_from_DHCP
>> +Type: boolean
>> +Default: false
>> +Description: Should we accept a preseed URL from a DHCP server?
>> + Your DHCP server has provided extra commands or customisations to
>> + debian-installer. It is possible that these commands were sent by
>> + your network administrator; however, it is impossible to verify
>> + this, or to ensure they have not been altered by an attacker who
>> + already has access to your local network.
>
>
> This patch shouldn't be committed as is to the git repository. It
> needs rewording in the debconf template, to avoid a few style
> inconsistencies with the writing style of other D-I templates:
>
> - drop the use of first person ("we")
> - drop the use of "your"
>
> The template is also not marked for translation ("_Description"
> instead of "Description") even though it's clearly worded to be
> interactive...
>
>
Okay - my apologies for not reading the relevant "best packaging
practices" document first. Here's a revised patch:
diff -ur old/DEBIAN/postinst new/DEBIAN/postinst
--- old/DEBIAN/postinst 2014-09-24 06:16:34.0 +0100
+++ new/DEBIAN/postinst 2015-06-15 01:31:43.88400 +0100
@@ -11,7 +11,13 @@
dhcp_url=$(dhcp_preseed_url)
if [ -n "$dhcp_url" ]; then
- preseed_location "$dhcp_url"
+ db_input critical preseed/accept_preseed_from_DHCP || true
+ db_go
+ db_get preseed/accept_preseed_from_DHCP
+ use_dhcp_url=$RET
+ if [ "$use_dhcp_url" == "true" ]; then
+ preseed_location "$dhcp_url"
+ fi
fi
preseed preseed/url
preseed_command preseed/early_command
diff -ur old/DEBIAN/templates new/DEBIAN/templates
--- old/DEBIAN/templates 2014-09-24 06:16:33.0 +0100
+++ new/DEBIAN/templates 2015-06-15 01:24:27.39600 +0100
@@ -1048,3 +1048,13 @@
Default: d-i/jessie/./preseed.cfg
Description: for internal use; can be preseeded
Path added to local server to give the preseed root
+
+Template: preseed/accept_preseed_from_DHCP
+Type: boolean
+Default: false
+_Description: Accept a preseed URL from the DHCP server?
+ The DHCP server has provided extra commands or customisations to
+ debian-installer via a preseed file. It is possible that these
+ commands were set by the network administrator; however, it is
+ impossible to verify this, or to ensure they have not been altered
+ by an attacker who already has access to your local network. For
+ this reason, you should only accept these customisations if you
+ accept the risk they entail.
Template: debian-installer/network-preseed/title
I've made it slightly more verbose as well. Is this acceptable, or
should I solicit comments on debian-l10n-engl...@lists.debian.org?
Thanks for your guidance here.
- Aliz Hammond
--
To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/CAEMXWCBWfpU7LHrHt0NeU057fySN5qeP9Y2sQvGs=5y3uak...@mail.gmail.com
Re: U-Boot, d-i and selecting the console device
On Sun, Jun 21, 2015 at 10:07:17PM +0200, Geert Stappers wrote: > On Sun, Jun 21, 2015 at 05:52:20PM +0200, Karsten Merker wrote: > > Hello everybody, > > Hi, > > > > > AFAICS there is no way to determine the "active" console in > > u-boot and set either the u-boot console variable or the > > stdout-path property accordingly. Even if there was such a > > mechanism, the question remains: what is the "active" console? > > SUN servers check the presence of a keyboard. > If a keyboard is found, console is at the video hardware. > Otherwise console at serial port. > > d-i could check for USB keyboard > in the absence of 'console=ttyS0' kernelparameter. That seems rather arbetrary. It seems if you can do ssh d-i operations after a slight bit of setup, then it ought to be possible to have d-i running on two interfaces at once, even if only one is being used at a time. I could be wrong though. Could even have a prompt saying 'press enter to start d-i on this interface' and present that on every possible console. -- Len Sorensen -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150622154942.gj17...@csclub.uwaterloo.ca
Bug#788634: debian-installer: Accepting a preseed URL from DHCP allows attacker to hijack installation
Quoting Aliz 'Randomdude' (randomd...@gmail.com): > +Template: preseed/accept_preseed_from_DHCP > +Type: boolean > +Default: false > +_Description: Accept a preseed URL from the DHCP server? > + The DHCP server has provided extra commands or customisations to s/has provided/provided Better English, imho > + debian-installer via a preseed file. It is possible that these > + commands were set by the network administrator; however, it is > + impossible to verify this, or to ensure they have not been altered > + by an attacker who already has access to your local network. For > + this reason, you should only accept these customisations if you > + accept the risk they entail. s/your local network/the local network > Template: debian-installer/network-preseed/title > > I've made it slightly more verbose as well. Is this acceptable, or > should I solicit comments on debian-l10n-engl...@lists.debian.org? It is always a good idea to ask for a review in debian-l10n-english..:-) signature.asc Description: Digital signature
debian lenny installation via PXE
Hello, I'm trying to install a debian lenny 5.10 from PXE using preseed.cfg but it stops on "Chose Language" Panel. Pleaxse could you help? Thanks, Giuseppe
Re: debian lenny installation via PXE
On Mon, Jun 22, 2015 at 06:04:13PM +, Giuseppe Iannone wrote: > Hello, > > I'm trying to install a debian lenny 5.10 from PXE using preseed.cfg > but it stops on "Chose Language" Panel. > > Pleaxse could you help? "Choose Language" dialog is execute before the preseed file is read. Add in your pxelinux.cfg kernel parameter. It is 'locale' if I recall correct. See also https://www.debian.org/releases/lenny/mips/apbs02.html.en#preseed-bootparms > Thanks, > Giuseppe Groeten Geert Stappers -- Leven en laten leven -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150622194554.gp27...@gpm.stappers.nl
Bug#788634: debian-installer: Accepting a preseed URL from DHCP allows attacker to hijack installation
> +Template: preseed/accept_preseed_from_DHCP > +Default: false > +_Description: Accept a preseed URL from the DHCP server? :-( We have allready 'auto-install/enable' ( 'auto' for short ) See also https://www.debian.org/releases/jessie/mips/apbs02.html.en#preseed-auto Geert Stappers signature.asc Description: Digital signature
Bug#789652: installation-guide: improve explanations about rebooting, etc
Package: installation-guide Tags: patch thanks see also #760923. Not sure this is quite correct for powerpc. Index: manual/en/post-install/shutdown.xml === --- manual/en/post-install/shutdown.xml (revision 69984) +++ manual/en/post-install/shutdown.xml (working copy) @@ -21,11 +21,23 @@ Ctrl Alt Del or Control Shift Power on Macintosh -systems. A last option is to log in as root and type one of the -commands poweroff, halt or -shutdown -h now if either of the key combinations do not -work or you prefer to type commands; use reboot to reboot -the system. +systems to reboot the system. +If the key combinations do not work, a last option is to log in as root +and type the necessary commands. +Use reboot to reboot the system. +Use halt to halt the system without powering it off +footnote> + +This behaviour was introduced in the jessie release, by the systemd init system. + +. +To power off the machine, use poweroff or +shutdown -h now. +Note that the systemd-sysv package replaces these +commands with calls to the systemctl command; for example +systemctl reboot for rebooting. + + -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150623050414.gj18...@mayhem.atnf.csiro.au
