UEFI boot dropping to startup.nsh prompt
Diese Nachricht wurde eingewickelt um DMARC-kompatibel zu sein. Die eigentliche Nachricht steht dadurch in einem Anhang. This message was wrapped to be DMARC compliant. The actual message text is therefore in an attachment.--- Begin Message --- I'm building a UEFI image for Debian Bookworkm, but when I load the qcow2 and attempt to boot it, it drops into a startup.nsh prompt as below. I have tried building with grub-efi-amd64-signed instead of grub-efi-amd64, but that does not make any difference. Any ideas how I can troubleshoot ? Thanks ! UEFI Interactive Shell v2.2 EDK II UEFI 2.70 (EDK II, 0x0001) Mapping table FSO: Alias (s) :HDOb: : BLK1: PciRoot (0x0) /Pci (0x4,0x0) /HD (1,GPT,41F5FCD7-6BFF-49A0-B726-E168F937E46D,0x800,0x10) BLKO: Alias (s) : PciRoot (0x0) /Pci (0x4,0×0) BLK2: Alias (s) : PciRoot (0x0) /Pci (0x4,0x0) /HD (2,GPT ,F6E9D048-1C74-4A2E-A196-6BFE311BEE82,0×100800,0x1C3800) BLK3: Alias (s) : PciRoot (0x0) /Pci (0x4,0x0) /HD (3,GPT ,9F400A0A-EE84-4F72-BA36-431EEB828209,0x2C4000,0x113B800) Press ESC in 1 seconds to skip startup.nsh or any other key to continue.Shell>--- End Message ---
Re: Adding options for qcow2 output ?
Diese Nachricht wurde eingewickelt um DMARC-kompatibel zu sein. Die eigentliche Nachricht steht dadurch in einem Anhang. This message was wrapped to be DMARC compliant. The actual message text is therefore in an attachment.--- Begin Message --- Hi Thoma I see. Thank you, I'll try that. Laura On Tuesday, 9 April 2024 at 16:46, Thomas Lange wrote: > Hi Laura, > > with fai-diskimage you can't add options for qcow2. But you can create > a raw image and then manually convert it to qcow2 using any options > you like. In the end fai-diskimage is also just creating a raw image > and converts this to qcow2 using > > qemu-img convert -f raw $rawname -O -c -o compression_type=zstd qcow2 > $qcowname > > > > > > > On Tue, 09 Apr 2024 15:14:07 +, Laura Smith via linux-fai > > > > > > linux-fai@uni-koeln.de said: > > > > > Hi > > > How do I set the "preallocation=off" qcow2 option on the output for > > fai-diskimage ? > > > -- > viele Grüße Thomas --- End Message ---
Adding options for qcow2 output ?
Diese Nachricht wurde eingewickelt um DMARC-kompatibel zu sein. Die eigentliche Nachricht steht dadurch in einem Anhang. This message was wrapped to be DMARC compliant. The actual message text is therefore in an attachment.--- Begin Message --- Hi How do I set the "preallocation=off" qcow2 option on the output for fai-diskimage ? Thanks Laura --- End Message ---
Re: FAI + SaltStack anybody?
Diese Nachricht wurde eingewickelt um DMARC-kompatibel zu sein. Die eigentliche Nachricht steht dadurch in einem Anhang. This message was wrapped to be DMARC compliant. The actual message text is therefore in an attachment.--- Begin Message --- Hi Diego Its been a while since I worked with Salt, but IIRC it sounds like what is not "clicking" is that you need to fix the TOFU problem. Looking back through my notes, it seems https://docs.saltproject.io/en/latest/topics/tutorials/multimaster_pki.html might be worth a read. In particular, maybe "master_sign_pubkey: True" on the Salt master, "verify_master_pubkey_sign: True" on the minion, and the master pubkeys put in "/etc/salt/pki/minion/" on the minions. Then on Salt master all you have to do is approve the new connections as they come online. --- Original Message --- On Thursday, October 5th, 2023 at 13:59, Diego Zuccato wrote: > Hello all. > > Does someone use FAI to install the base system that will be managed by > Salt? > I'm trying to integrate 'em but there's still something that doesn't > "click"... > > My current idea is to use Salt to orchestrate the install, but maybe > it's better left to FAI? How can I "pass around" minion key so I don't > have to manually re-approve the new key every time? > The ideal scenario would be: target generates its keypair, sends the > pubkey to FAI that "certifies" it's from the system being installed and > passes it to Salt. Should I write a custom fai-monitor (that would be > needed anyway to disable netboot once system is reinstalled)? > > TIA. > > -- > Diego Zuccato > DIFA - Dip. di Fisica e Astronomia > Servizi Informatici > Alma Mater Studiorum - Università di Bologna > V.le Berti-Pichat 6/2 - 40127 Bologna - Italy > tel.: +39 051 20 95786 --- End Message ---
usermod: group 'systemd-journal' does not exist (only with FAI script)
Diese Nachricht wurde eingewickelt um DMARC-kompatibel zu sein. Die eigentliche Nachricht steht dadurch in einem Anhang. This message was wrapped to be DMARC compliant. The actual message text is therefore in an attachment.--- Begin Message --- I am getting this completely nonsensical error message when attempting to build a Debian Bookworm disk image. My FAI build script (/srv/fai/config/scripts/...) has the following: if [ $CREATE_USER -eq 1 ]; then $ROOTCMD adduser --comment "${USERN} - added with FAI" --shell /bin/bash --disabled-password $USERN $ROOTCMD usermod -a -G sudo,adm,systemd-journal $USERN $ROOTCMD chpasswd --encrypted <<< "${USERN}:${USERP}" fi This fails with error "usermod: group 'systemd-journal' does not exist". But this makes zero sense. 1) The group clearly exists in Bookworm cat /etc/group | fgrep system systemd-journal:x:999: systemd-network:x:998: systemd-timesync:x:997: 2) If I run the same commands manually on a Bookworm system they run fine: adduser --comment "test123" --shell /bin/false --disabled-password test123 Adding user `test123' ... Adding new group `test123' (1001) ... Adding new user `test123' (1001) with group `test123 (1001)' ... Creating home directory `/home/test123' ... Copying files from `/etc/skel' ... Adding new user `test123' to supplemental / extra groups `users' ... Adding user `test123' to group `users' ... usermod -a -G sudo,adm,systemd-journal test123 echo $? --- End Message ---
fai-mirror failing due to dependencies
Diese Nachricht wurde eingewickelt um DMARC-kompatibel zu sein. Die eigentliche Nachricht steht dadurch in einem Anhang. This message was wrapped to be DMARC compliant. The actual message text is therefore in an attachment.--- Begin Message --- For example: fai-mirror /srv/fai/mirror Fails on grub-pc: Package grub-pc is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source However the following packages replace it: grub2-common grub-common E: Package 'grub-pc' has no installation candidate ERROR: 25600 25600 ERROR: apt-get -d-o Aptitude::Log=/dev/null -o Aptitude::CmdLine::Ignore-Trust-Violations=yes -o APT::Get::AllowUnauthenticated=true -o Acquire::AllowInsecureRepositories=true -o DPkg::force-conflicts::=yes -o Dir::State=/srv/fai/mirror/aptcache/var/lib/apt -o Dir::Log=/srv/fai/mirror/aptcache/var/log/apt -o Dir::State::extended_states=/srv/fai/mirror/aptcache/var/lib/apt/lists/extended_states -o Dir::State::status=/srv/fai/mirror/aptcache/statefile -o Dir::Cache=/srv/fai/mirror/aptcache/var/cache/apt -o Dir::State=/srv/fai/mirror/aptcache/var/cache/apt -o Dir::Cache::Archives=/srv/fai/mirror/aptcache/var/cache/apt/archives -o Dir::Etc=/srv/fai/mirror/aptcache/etc/apt/ -o Dir::State::Lists=/srv/fai/mirror/aptcache/var/lib/apt/lists/ -y --fix-missing install --no-install-recommends grub-pc return code 100 8 errors during executing of install_packages ERROR when downloading packages. Your mirror is broken. Use fai-mirror -v for details. --- End Message ---