Re: [Grml] Is nss-ldap missing from grml 2010.04 ?
Hi, Ulrich Dangel wrote: * jonty wrote [02.01.11 16:01]: [...] Are you sure grml is the right distribution? It is not meant to be used as a normal desktop system. If you want to run normal Linux Desktops just use a normal Distribution like Debian, Ubuntu, RHEL or Opensuse. While generally true, I chose grml as my desktop system of choice. I just remaster to add a few extra packages. It has all it needs, quickly accepts patches ;) and just works. Especially if the Desktop has the tendency to live on a USB disk and walk to the hardware where I need it. :-) Ciao, Thomas -- Thomas Köhler Email: jean-...@picard.franken.de WWW: http://gott-gehabt.de IRC: tkoehler PGP public key available from Homepage! signature.asc Description: Digital signature ___ Grml mailing list - Grml@mur.at http://lists.mur.at/mailman/listinfo/grml join #grml on irc.freenode.org grml-devel-blog: http://grml.supersized.org/
Re: [Grml] Is nss-ldap missing from grml 2010.04 ?
Thomas Köhler jean-...@picard.franken.de wrote: While generally true, I chose grml as my desktop system of choice. I just remaster to add a few extra packages. It has all it needs, quickly accepts patches ;) and just works. It wouldn't be difficult to install it and then just add whatever is desired from the Debian repositories. On my own machines, I don't draw a desktop/server distinction. My primary workstation is physically a desktop system, but it's running Postfix, FreeSWITCH, Bind (as hidden master for my domain), sshd, etc., in addition to running the ADSL modem card. My laptop has most of the same software installed, too. These are both Debian systems, but they could just as easily have been built from GRML. Thanks for the work on GRML 2010.12. I downloaded it today, and plan to use it as a rescue environment in the event of problems. I needed GRML several months ago after I accidentally removed the ppp package from the aforementioned desktop machine, which shut down the ADSL connection and hence my link to the Internet. The solution was to boot GRML under kvm, then copy pppd and pppoatm.so from the guest to the host, then run it on the host to bring the ADSL line back up, and finally re-install the ppp package properly. Mounting the GRML ISO image directly didn't help, since the Debian kernel couldn't mount the LZMA-compressed squashfs file system. I think that's fixed as of 2.6.36 or 2.6.37 in the mainline kernel. ___ Grml mailing list - Grml@mur.at http://lists.mur.at/mailman/listinfo/grml join #grml on irc.freenode.org grml-devel-blog: http://grml.supersized.org/
Re: [Grml] Is nss-ldap missing from grml 2010.04 ?
Thomas Köhler jean-...@picard.franken.de wrote: Jason White wrote: Thomas Köhler jean-...@picard.franken.de wrote: While generally true, I chose grml as my desktop system of choice. I just remaster to add a few extra packages. It has all it needs, quickly accepts patches ;) and just works. It wouldn't be difficult to install it and then just add whatever is desired from the Debian repositories. Sure, but loosing the possibility to easily roll back after a broken update by just switching to the last known good version would be sad. I have yet to see a more elegant solution to that problem. LVM or Btrfs snapshots are one possibility, which will become more common as Btrfs stabilizes. There was an article about this on LWN some time ago. My usual solution to this is to include testing in /etc/apt/sources.list (even if I am upgrading to Unstable). If a package upgrade fails, I can just run sudo aptitude install package/testing and get the version which is in testing, and that generally fixes the problem. The maintainer then corrects the package, uploads a new version, and the issue goes away. That covers the great majority of cases in my experience (having run Debian Sid since 1999 or so, on various machines.) If the system becomes unbootable (which is rare), there's always Grml to the rescue. ___ Grml mailing list - Grml@mur.at http://lists.mur.at/mailman/listinfo/grml join #grml on irc.freenode.org grml-devel-blog: http://grml.supersized.org/
Re: [Grml] Is nss-ldap missing from grml 2010.04 ?
* jonty g...@jonmail.co.uk [Sun Jan 02, 2011 at 03:01:23PM +]: I have been using grml for the last couple of months. I am building a network of about 20 machines, all running grml, and I want them to share a single set of login names and passwords. Nice! :) So I decided to configure OpenLDAP as a service on one machine and configure the other machines to find login+password from this service. I am following the instructions set out at: http://wiki.debian.org/LDAP/NSS http://www.debian-administration.org/article/585/OpenLDAP_installation_on_Debian They suggest I use libnss-ldap. But this package seems to be missing from my copy of grml 2010.04. I have also checked the package list for 2010.12 and that does not contain libnss-ldap. This seems a strange omission from grml. It contains slapd to run the service and several clients such as freeradius-ldap, libnet-ldap-perl, postfix-ldap, and smbldap-tools. So why not libnss-ldap? libnss-ldap requires pre-configuration to be useful and no shipped package has a hard dependency on it, that's why it's not shipped by default. I could install libnss-ldap on each client machine. But then I have to repeat those same steps on 20 machines, which makes it 20 times more likely I will make a mistake somewhere. I tried apt-get install libnss-ldap on a test machine. This started updating libc-bin and installing locales, which seemed a good way of breaking the distro. Can anyone suggest a better approach? Should I remaster the CD? Is there some gmrl magic I am missing? Is there a different tool for login+password that is not ldap? Just grab Grml 2010.12 (current stable release) and run apt-get install libnss-ldap there, no major updates (like libc) should be necessary then. If you want to have libnss-ldap persistent you can either use http://wiki.grml.org/doku.php?id=persistency (not that great for 20 machines probably though), the debs=... bootoption to install it during bootup (see http://grml.org/cheatcodes/), remaster it using grml-live (see http://grml.org/grml-live/) or if PXE booting is an option provide the adjusted grml_chroot (either from grml-live or based on the official ones from http://debian.netcologne.de/www.grml.org/release-chroots/) through PXE. regards, -mika- signature.asc Description: Digital signature ___ Grml mailing list - Grml@mur.at http://lists.mur.at/mailman/listinfo/grml join #grml on irc.freenode.org grml-devel-blog: http://grml.supersized.org/
Re: [Grml] Is nss-ldap missing from grml 2010.04 ?
Michael Prokop wrote: Just grab Grml 2010.12 (current stable release) and run apt-get install libnss-ldap there, no major updates (like libc) should be necessary then. I did as you suggested with 2010.12. apt-get install libnss-ldap worked without any fuss, so I am up and running. Now I can configure it to talk to my LDAP server. I have also started grml-live in another machine to rebuild the ISO. I will have to wait a while for the results. Thanks very much for your help. jonty ___ Grml mailing list - Grml@mur.at http://lists.mur.at/mailman/listinfo/grml join #grml on irc.freenode.org grml-devel-blog: http://grml.supersized.org/