Hi Martin, As discussed we're planning on putting a central internet-accessible OATS server in La Rioja, in addition to the ones in the schools. The purpose is to be able to deactivate stolen laptops before their lease expiry (assuming the thief doesn't take the laptop to the school, but does put it online somewhere else).
We're not yet in the stages of implementing this part of the system (still working on the in-school OATS server and delegation technicalities, obviously more important) but our discussions have brought up some things which you'd probably be interested in commenting on: 1. Our central internet-accessible server for this task runs Fedora 12 and will need to be kept up to date with any security fixes, distro EOLs, etc. Your olpc-bios-crypto package does not install on F12 (dependency hell). While me doing a F12 rebuild is any easy option for me, I don't feel comfortable leaving that process with the deployment team. So we've showed them how to install it from git in a home directory, which is easy, documented, and sufficient for these tasks. Problem solved, for now, but OLPC really needs to get olpc-bios-crypto into Fedora... 2. Installing an OATS server We need to actually install an OATS server on this F12 system and...well...how? I assume installing the xs-activation RPM would pull in a lot of XS packages, and perhaps has implicit dependencies on certain XS elements (moodle?). Another option is oatslite, but that doesn't support stolen notifications and doesn't support delegations -- Guillermo decided that we can't put the OATS master key on this server so we have to produce keys for it, and give it delegations for all 60k laptops. (trivial to add this code to oatslite, but this point remains as something undecided and uninvestigated for now) Daniel _______________________________________________ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel