I thought I sent this message on the 23rd. I'm not convinced it went out though since it doesn't appear in the archives at http://sourceforge.net/mailarchive/forum.php?forum=sisuite-users whilst more recent messages do. So I'm sending it again.
> It appears that one important file regarding SSH support is missing from the > RPM package, the file is README.ssh_support and you can read it here: > http://svn.systemimager.org/filedetails.php?repname=systemimager&path=%2Ftrunk%2FREADME.ssh_support&rev=0&sc=1 I built 3.6.3 from source and had seen that file. It confused me at the time though because nowhere had I found reference to the need to be running a web server on the systemimager server for ssh installs and I didn't see why I needed to. > These 2 files should also provide you with hints regarding how SSH support > works. Basically you need to enable the DHCP option and then the script > will realize that and grab the files via wget (I assume via https?) instead > of via rsync: > http://svn.systemimager.org/filedetails.php?repname=systemimager&path=%2Ftrunk%2Finitrd_source%2Fskel%2Fetc%2Finit.d%2Ffunctions&rev=0&sc=1 > http://svn.systemimager.org/filedetails.php?repname=systemimager&path=%2Ftrunk%2Finitrd_source%2Fskel%2Fetc%2Finit.d%2FrcS&rev=0&sc=1 Yes, reading those files was very helpful, thanks. The bit about needing to enable the DHCP option - I didn't do that because there is already a DHCP server on the network which the clients use and will need to use if I start using systemimager to deploy and manage machines where I work. (a decision which is not entirely up to me.) Anyway I now have imaging a machine over ssh working in addition to being able to retrieve the image of the golden client over ssh as previously mentioned. To get image deployment over ssh to work I had to to make an alteration to the source file initrd_source/skel/etc/init.d/rcS, recompile, install (make clean && make install_initrd) and make a new boot cd with si_mkautoinstallcd. I had to do this because by default the imaging process (or whatever you call it) tries to do an rsync operation before the call to start_ssh which opens the ssh tunnel to the systemimager server and I have the rsync port on the systemimager server firewalled off - -----begin snip of initrd_source/build_dir/etc/init.d/rcS----- get_scripts_directory autodetect_hardware_and_load_modules if [ ! -z $SSH_DOWNLOAD_URL ]; then echo echo start_ssh start_ssh fi -----end snip of initrd_source/build_dir/etc/init.d/rcS----- Whilst get_boel_binaries_tarball looks to see SSH_DOWNLOAD_URL has been specified and then uses wget instead of rsync, get_scripts_directory doesn't, it just uses rsync regardless. So if the rsync port is firewalled it fails. So I moved the call to get_scripts_directory to after the if [ ! -z $SSH_DOWNLOAD_URL ] bit. That way the rsync command in get_scripts_directory succeeds because the ssh tunnel is already open. I guess that i could also have altered get_scripts_directory to use wget if $SSH_DOWNLOAD_URL is specified but just moving the function call was easier :) Having get_scripts_directory called before start_ssh seems like a bug to me. By my logic if you are doing the image installs over ssh you will have the rsync port on the image server firewalled off. What's the point of running it all over ssh if you still leave the rsync port open for anyone who finds it to pull the image files out through? Next up is making si_updateclient work over ssh which will have to wait until next week. If it's going over ssh it'll mean having a private ssh key on the client. Currently I'm pulling the images off the server by connecting as root. Putting a private ssh key for root on the clients seems like a Bad Idea, even if they do have sensible permissions set. Maybe I'll set up another user with permission to read the image files... hmmmm. Maybe in practice doing si_updateclient over ssh isn't necessary. (Maybe doing any of it over ssh isn't necessary but it's nice to try :) ) I'll try and make my notes easier to read and put them online somewhere at some point. regards, mike Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Sisuite-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/sisuite-users
