Am 26.01.2015 um 17:43 schrieb kp kirchdoerfer:
> Hi Erich;
> 
> Am Montag, 26. Januar 2015, 00:26:51 schrieb Erich Titl:
>> Hi KP
>>
>> Am 25.01.2015 um 15:36 schrieb kp kirchdoerfer:
>> ...
>>
...
> 
> Yes I use the ethx.y scheme; at least they are shown and don't lead to a 
> cluttered page.
> 
>> I just saw that the link to build VLANs from the web page is missing,
>> boooh, another lost straw.
> 
> You will add it? :)

Done, be warned, it creates vlann instances, no periods in the name. And
it creates the respective entries in /etc/network/interfaces to launch
automagically at boot.

I will probably remove the automatic startup of wpasupplicant from
/etc/network/interfaces, It is much better to start it before networking
picks up and it removes some lint from webconf and /etc/network/....

SALT# cd rc2.d
SALT# ls
S00syslog-ng       S18ulogd           S21ntp             S45dnscache
    S99rmnologin
S04ifupdown        S19shorewall       S30ip6tables       S85mini_httpds
S05networking      S20hostapd         S30iptables        S85webconf
S10watchdog        S20inetd           S31procps.sh       S89cron
S15wpasupplicant   S20sshd            S40iscdhcp-server  S90local

As you can see, wpasupplicant is at S15 where networking is at S05. For
a automatic WiFi Client it needs to be _before_ S05networking.

> 
>>> A problem has been introduced - when building the lwp package it rewuires
>>> root permission - caused by
>>>
>>>  cd $* ; tar --owner=0 --group=0 --mode=755 -czf $(CURDIR)/$@ *
>>
>> Right, we should run tar under sudo.
> 
> I'm afraid this will not help, it requires also a password....

No, you need to allow this in the sudoers file or the /etc/sudoers.d
directory. Very neat to run unattended scripts with.

> 
>>> in buildtool.mk.
>>> We should avoid root permissions when building packages.
>>
>> Yes, that's what sudo is for. I personally prefer to build the .lwp
>> files in the makefile. Look at the simple construct you cited above. In
>> my opinion this is safer and more comprehensive than having a separate
>> script, as one doesn't have to repeatedly define files and paths in
>> different locations. But as always, opinions may differ.
>>
>> If you want to continue doing this in buildlwp.sh, be my guest. I did
>> not really want to touch that, in my eyes it is redundant. I would
>> rather prefer to move all .lwp builds into lwp's buildtool.mk. They are
>> not packages like the other ones anyway, unfortunately.
> 
> I have no preferences - it could be done with the current sh scripts (based 
> on 
> a your work years ago) , it could be done in buildtool.cfg - where it really 
> should reside to keep the logic of packaging, but we should avoid requiring a 
> password.

In my setup I have

mega@leafbuilder:~$ cat /etc/sudoers.d/mega
mega    ALL=(ALL:ALL) NOPASSWD: ALL

This allows me to run everything under sudo (not very secure) but it
needs to be run _under_ sudo control.

See

http://jeromejaglale.com/doc/unix/ubuntu_sudo_without_password

> 
>>> Most important reason - if something goes wrong, one can harm the  build
>>> host. Second important reason, it's not possible to create images
>>> automatically with buildtool.sh
>>
>> Do you refer to buildtool.pl? I know that. For some reason in the past
>> it was decided to use a perl construct to control the build. It could
>> have been done though.
> 
> I was unclear - I refer to tools/buildall.sh.
> This is the one to build all and to build the images later. It tooks more 
> than 
> two hrs on my build machine - for each architecture (i386/x86_64...) so it 
> has 
> to run unattended. 

Absolutely that must be the goal.

> 
...

>>
>> If it is just an optical remake I can have a look, but possibly they
>> should be extended with tooltips, interactivity e.t.c and the structure
>> probably needs an overhaul, as unfortunately they stem from different
>> aproaches to web interfaces. It would really be nice to have a web
>> developer to give them a touch up, maybe even think about the redesign
>> of the web interface. 
> 
> Yeah would be great. But all I'm asking now is to review the "optical remake" 
> if possible.

You will need to test it yourself, I have no environment ready, just my
own box.

> 
> And what I'm missing, that I do not see the tooltips etc working? 

Mhhh... interesting,
please check for
/var/webconf/www/wz_tooltip.js
/var/webconf/lib/tooltip.func

> 
...

>>
>> - dropbear never used it, I am old fashioned and use sshd... so I don't
>> really know what is required.
>>
>> - DNS/DHCP never used dnsmasq I am using dnscache and dhcpd, so again
>> need to understand that first.
>>
>> - keyboard maps, IMHO not applicable, this is the WEB interface and
>> changing the keyboard layout here does not make any difference to the
>> user. This I would consider rather puzzling.
> 
> Pls have look into  the cgi scripts - if it's only adapting a common CSS it 
> would be fine for me for the time being. If you find it's to hard to improve, 
> let' stay as-is.

We will probably have to change a few tags, but looking at the slim
design of wpasupplicant.cgi just optics should not present too much
problems.

> 
>> - IPv6, can you give me an intro? It is so vast and documentation sucks.
>> (should it integrate IPSEC, prioritizing e.t.c.) Shoud address
>> assignment not be integrated in the interface page alongside IPv4? We
>> probably should include address plausibility tests in JS, as it may be
>> too complex to do it in shell scripts.
> 
> It's just the IPv6 Active connections page - my intro wouldn't be enough yet 
> to add a page for adding and editing IPv6 adresses.

And I already hoped to get some insight into IPv6 :-(

> 
> On my curent agenda are to include your changes without any regrerssion for 
> 5.1.3 and to get a 5.2 beta done in a foreseeable future...

Oh sure, please to a stable 5.1.3 first :-)

cheers

Erich

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Reply via email to