Hi Erich;
Am Montag, 26. Januar 2015, 18:17:29 schrieb Erich Titl: > Am 26.01.2015 um 17:43 schrieb kp kirchdoerfer: > > Hi Erich; > > > > Am Montag, 26. Januar 2015, 00:26:51 schrieb Erich Titl: > >> Hi KP > >> > >> Am 25.01.2015 um 15:36 schrieb kp kirchdoerfer: > >> ... > > ... > > > Yes I use the ethx.y scheme; at least they are shown and don't lead to a > > cluttered page. > > > >> I just saw that the link to build VLANs from the web page is missing, > >> boooh, another lost straw. > > > > You will add it? :) > > Done, be warned, it creates vlann instances, no periods in the name. And > it creates the respective entries in /etc/network/interfaces to launch > automagically at boot. > > I will probably remove the automatic startup of wpasupplicant from > /etc/network/interfaces, It is much better to start it before networking > picks up and it removes some lint from webconf and /etc/network/.... > > SALT# cd rc2.d > SALT# ls > S00syslog-ng S18ulogd S21ntp S45dnscache > S99rmnologin > S04ifupdown S19shorewall S30ip6tables S85mini_httpds > S05networking S20hostapd S30iptables S85webconf > S10watchdog S20inetd S31procps.sh S89cron > S15wpasupplicant S20sshd S40iscdhcp-server S90local > > As you can see, wpasupplicant is at S15 where networking is at S05. For > a automatic WiFi Client it needs to be _before_ S05networking. > > >>> A problem has been introduced - when building the lwp package it > >>> rewuires > >>> root permission - caused by > >>> > >>> cd $* ; tar --owner=0 --group=0 --mode=755 -czf $(CURDIR)/$@ * > >> > >> Right, we should run tar under sudo. > > > > I'm afraid this will not help, it requires also a password.... > > No, you need to allow this in the sudoers file or the /etc/sudoers.d > directory. Very neat to run unattended scripts with. > > >>> in buildtool.mk. > >>> We should avoid root permissions when building packages. > >> > >> Yes, that's what sudo is for. I personally prefer to build the .lwp > >> files in the makefile. Look at the simple construct you cited above. In > >> my opinion this is safer and more comprehensive than having a separate > >> script, as one doesn't have to repeatedly define files and paths in > >> different locations. But as always, opinions may differ. > >> > >> If you want to continue doing this in buildlwp.sh, be my guest. I did > >> not really want to touch that, in my eyes it is redundant. I would > >> rather prefer to move all .lwp builds into lwp's buildtool.mk. They are > >> not packages like the other ones anyway, unfortunately. > > > > I have no preferences - it could be done with the current sh scripts > > (based on a your work years ago) , it could be done in buildtool.cfg - > > where it really should reside to keep the logic of packaging, but we > > should avoid requiring a password. > > In my setup I have > > mega@leafbuilder:~$ cat /etc/sudoers.d/mega > mega ALL=(ALL:ALL) NOPASSWD: ALL > > This allows me to run everything under sudo (not very secure) but it > needs to be run _under_ sudo control. > > See > > http://jeromejaglale.com/doc/unix/ubuntu_sudo_without_password Thx for the tip. I don't think changing /etc/sudoers* is what is a self-contained build env should require. Looking into tools/buildall.sh fakeroot does the job; so a quick woraround would be to use fakeroot instead sudo? Anyway - packaging with buildlwp.sh is as wrong as within buildtool.mk - packaging is done within buildtool.cfg. This may be extra work today, and sounds needless, but what if we change package definition in the future from tar.gz to xz?? We should IMHO move the packaging to a common place, and the place is buildtool.cfg. > >>> Most important reason - if something goes wrong, one can harm the build > >>> host. Second important reason, it's not possible to create images > >>> automatically with buildtool.sh > >> > >> Do you refer to buildtool.pl? I know that. For some reason in the past > >> it was decided to use a perl construct to control the build. It could > >> have been done though. > > > > I was unclear - I refer to tools/buildall.sh. > > This is the one to build all and to build the images later. It tooks more > > than two hrs on my build machine - for each architecture (i386/x86_64...) > > so it has to run unattended. > > Absolutely that must be the goal. > > > ... > > >> If it is just an optical remake I can have a look, but possibly they > >> should be extended with tooltips, interactivity e.t.c and the structure > >> probably needs an overhaul, as unfortunately they stem from different > >> aproaches to web interfaces. It would really be nice to have a web > >> developer to give them a touch up, maybe even think about the redesign > >> of the web interface. > > > > Yeah would be great. But all I'm asking now is to review the "optical > > remake" if possible. > > You will need to test it yourself, I have no environment ready, just my > own box. For shure I'll test... > > And what I'm missing, that I do not see the tooltips etc working? > > Mhhh... interesting, > please check for > /var/webconf/www/wz_tooltip.js > /var/webconf/lib/tooltip.func > both are in place with 755 and root:root > ... > > >> - dropbear never used it, I am old fashioned and use sshd... so I don't > >> really know what is required. > >> > >> - DNS/DHCP never used dnsmasq I am using dnscache and dhcpd, so again > >> need to understand that first. > >> > >> - keyboard maps, IMHO not applicable, this is the WEB interface and > >> changing the keyboard layout here does not make any difference to the > >> user. This I would consider rather puzzling. > > > > Pls have look into the cgi scripts - if it's only adapting a common CSS > > it > > would be fine for me for the time being. If you find it's to hard to > > improve, let' stay as-is. > > We will probably have to change a few tags, but looking at the slim > design of wpasupplicant.cgi just optics should not present too much > problems. > > >> - IPv6, can you give me an intro? It is so vast and documentation sucks. > >> (should it integrate IPSEC, prioritizing e.t.c.) Shoud address > >> assignment not be integrated in the interface page alongside IPv4? We > >> probably should include address plausibility tests in JS, as it may be > >> too complex to do it in shell scripts. > > > > It's just the IPv6 Active connections page - my intro wouldn't be enough > > yet to add a page for adding and editing IPv6 adresses. > > And I already hoped to get some insight into IPv6 :-( > > > On my curent agenda are to include your changes without any regrerssion > > for > > 5.1.3 and to get a 5.2 beta done in a foreseeable future... > > Oh sure, please to a stable 5.1.3 first :-) I'm just waiting to get your changes fixed/improved and will create the stable version ASAP :) (with the exception saturday to tuesday, where I'll be offroad). kp ------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ leaf-devel mailing list leaf-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-devel