Hi all,
I'm forced to use trusty
and rolling out my new fai instance I stumble over a bunch of "uups" and "OMGs".
just want to check if there is any similar experience and if so, if that is intended behaviour or might get fixed in a new version...
1.) <tftp-dir>/<kernel> belongs to 0600/fai:nogroup which prohibits the kernel to be loaded
I reasonably doubt that the kernel has to be writeable in this place - changing to 444 eliminiates the problem
I reasonably doubt that the kernel has to be writeable in this place - changing to 444 eliminiates the problem
2.)user fai on the fai-server has it's shell set to false, which successfuly prohibits the call of fai-chboot and the log file saving
to increase security a set of sudo rules might be appropriate... haven't come up with that though
3.) /var/log/fai belongs to 0755/root:root which prevents sucessful the saving of the log files once the above issue is fixed
chown fai/chmod 4750 might help here
4.) fai-chboot -IFv <client-host-name>
tells me
defined(@array) is deprecated at /usr/sbin/fai-chboot line 360.
(Maybe you should just omit the defined()?)
(Maybe you should just omit the defined()?)
... just fyi
5.) although "PermitRootLogin without-password" (uhoh why??) is set in nfsroot I can't log into the installing client...
auth.log tells me "Failed password" ... while the value in <nfsroot>/etc/shadow REALLY IS 100% the same
than for another user on the fai-server and there it works :-/
not crucial but strange
This is on a plain fresh trusty with
fai version 3.4.8ubuntu5
Best regards
Bernhard
