Javed -
The best way to get support for your efforts is to work through OLPC's country
support team, since we have a working relationship with the Afghan MOE. I will
follow up with contact information so you can get the support you need. Thanks!
- Ed
Ed McNierney
CTO
One Laptop per Child
e...@laptop.org
+1 (978) 761-0049
On Jun 14, 2010, at 8:11 AM, Bernie Innocenti wrote:
[cc += de...@lists.laptop.org]
El Mon, 14-06-2010 a las 15:07 +0430, javed khan escribió:
i am working in Ministry of Education Kabul Afghanistan OLPC team as
software developer and technical support officer.
Say hello to Mike Dawson from me!
which linux os is best for developing olpc custom images?
I'm using Fedora 13 (x86_64) to create my images. Older versions of
Fedora also work.
If you also need to rebuild system RPM packages, you may also need to
keep an old Fedora 11 box around. I use one of our servers for this
purpose.
how to sign a custom image for xo's in my country ?
I thought that laptops in Afghanistan were being deployed unlocked.
In which case, you don't need to sign your builds.
If you need to implement the theft-deterrence system, you should
generate a set of key-pairs for your deployment using the bios-crypto
package, and load the public firmware key into the manufacturing data of
all your laptops.
Some info:
http://wiki.laptop.org/go/Firmware_security#Multiple-Key_Support
http://wiki.laptop.org/go/OLPC_Bitfrost
You will also have to setup a central activation server, or use the new
delegation scheme developed for Peru, which enables schoolservers to
generate activations autonomously. Martin Langhoff and Daniel Drake are
the most up-to-date people on this topic.
Some information here:
http://wiki.laptop.org/go/Theft_deterrence_protocol
Then, you can configure olpc-os-builder to create signed builds. This is
the easiest part. All you have to do is add something like this to your
configuration:
[signing]
bios_crypto_path=/home/bernie/src/olpc/bios-crypto
skey=/home/bernie/src/olpc/keys/pys1
okey=/home/bernie/src/olpc/keys/pyo1
wkey=/home/bernie/src/olpc/keys/pyw1
The entire anti-theft scheme is very complicated and requires a lot of
expertise to implement. In Paraguay, we have to deal with it almost
every day even after one year.
In my opinion, the engineering effort to implement the anti-theft system
is justified only if large quantities of laptops are being stolen every
year.
how to put custom image into school server so the xo's can update
from ?
This requires olpc-update. The server side is a python program which
wraps rsync. Depending what version of the OS your laptops are running,
they may or may not ask the schoolserver for updates. Try running
olpc-update from the command line and spy what it is doing on the
network.
Another effective way to update many laptops consists in setting up a
NANDblaster server in the school:
http://wiki.laptop.org/go/Multicast_NAND_FLASH_Update
This will wipe the flash, so children and teachers need to be warned
ahead of time so they have time to backup important activities to a USB
stick.
PS: I suggest you change your subscription to non-digest mode, as it
makes very hard to follow threads and reply to others. Usually email
clients can filter incoming mailing-list mail into separate folders.
--
// Bernie Innocenti - http://codewiz.org/
\X/ Sugar Labs - http://sugarlabs.org/
___
Devel mailing list
Devel@lists.laptop.org
http://lists.laptop.org/listinfo/devel
___
Devel mailing list
Devel@lists.laptop.org
http://lists.laptop.org/listinfo/devel
