enterprise-ubuntu team mailing list archive

[Philipp Gassmann <phiphi@xxxxxxxxx>]

Ballock asked me for some explanation on our Desktop Setup. See below
for the questions.

The Setup is designed as a one-time setup. Without configuration management.
There are two scripts. one is executed directly after installation,
before shutdown. There I add some additional software and sources.
If an nvidia-graphics card is detected, I install the proprietary driver
(nvidia-current-updates), by default Ubuntu installs the open source
nouveau driver and on first login asks for installation of additional
drivers.
The RESOURCES Variable is just the first part of the http URL where I
download some files. e.g. the script 2 or templates, so I can use wget
$RESORURCE/script2.sh. It is nowhere used in the published script
because I replaced the URL and removed things like the templates. I'll
remove that.

Skript 2: User-setup:
Script 2 is a interactive script which runs in a X screen where I use
zenity for user Input.
It is started by a custom upstart job which hooks in on "starting-dm"
i.e. before lightdm (login-screen) is started.
The script then launches the X Server, and a gnome-terminal on the X
screen, which launches the same script again with "stage2" as parameter,
that's the part with the graphical queries.

Disk Encryption:
The Preseed file sets a temporary password. And in the User Setup
script, a Sys-Admin has to enter the default password, which is veryfied
by the hash. Then the temporary password is replaced with the default
admin password and the users password is added as an additional passphrase.
Like that we have the same admin password on every machine (for
emergency access or whatever). I like the Idea of ballock to generate a
passphrase and upload that to a central server, where it can be looked
up if needed. How exactly do you do that?

Cheers,
Philipp



Am 15.02.2013 08:58, schrieb Bolesław Tokarski:
> Hi Philipp,
>
> Ok, I can elaborate a bit on this.
>
> The seed file and the scripts are working in your company and this is 
> good, as the reader (myself) knows that these actually work fine there.
>
> However, what suited your company may not be the best fit for somebody 
> else, so what he (me) does is he tries to read what you achieved and use 
> the parts that apply. I can read shell code, so I am in a good position 
> to find out, but it's not always obvious.
>
> For example, as I read Skript 1: ubuntu-desktop-bootstrap.sh I can see a 
> RESOURCES variable definition and this suggests that I should have a 
> webserver running that provides some variables. Later on I see that you 
> install additional gpu and wlan drivers, but I do not know the reason 
> for it. I thought Ubuntu installs the drivers on its own.
>
> In Skript 2: ubuntu-desktop-bootstrap-user.sh I come to a halt, as I 
> believe you set up your environment in a X-server window and I can't 
> find a reason for it. I guess that either you are not using central 
> authentication server but set up users manually, manage crypted LVM 
> and/or do some other magic.
>
> The environment you describe looks pretty refined, so I would love to 
> read some background/introduction before getting into the actual 
> scripts. The good thing about the scripts is that you put in a lot of 
> comments, so each action is described at least with a minimal comment. I 
> am particularly interested in the HDD password management part, as I 
> know we needed to do a similar tool and upload a backup password to a 
> central server.
>
> That put aside, during our phonecall I believe you mentioned someting 
> about you using Puppet for Configuration Management? I found that some 
> of your tweaks we did with CFEngine and I can tell you there is a number 
> of benefits from doing it from a CM instead of from a post-install script.
>
> Cheers,
> Ballock
>
>
> On 02/14/2013 03:42 PM, Philipp Gassmann wrote:
>> Hi Ballock
>>
>> What do you mean by "and I would use some comment on what you achieved
>> with them. " ?
>>
>>
>> Am 14.02.2013 14:39, schrieb Bolesław Tokarski:
>>> Hello, Philipp,
>>>
>>> It's great to see you made it and it works for you :)
>>>
>>> I had a glimpse at both the preseed site and the scripts and I see the
>>> seed file resembling the one we use. However, the additional scripts
>>> are interesting and I would use some comment on what you achieved with
>>> them.
>>>
>>> Cheers,
>>> Ballock
>>>
>>> On 02/14/2013 02:15 PM, Philipp Gassmann wrote:
>>>> Hello Everyone
>>>>
>>>> Some time ago I asked for help about automating Ubuntu Desktop
>>>> Installation.
>>>> In the meantime I finished the Setup and it works great.
>>>>
>>>> Now i published the full preseed file including the scripts I use to
>>>> configure the system for the User.
>>>>
>>>> https://wiki.ubuntu.com/Enterprise/WorkstationAutoinstallPreseed
>>>> I removed some specifics, but I kept much possibly useful information
>>>> and details.
>>>>
>>>> Greetings from Switzerland,
>>>> Philipp Gassmann
>>>>
>>>> Am 04.01.2013 09:40, schrieb Philipp Gassmann:
>>>>> Hello everyone
>>>>>
>>>>> I'm looking for a nice way to set up Ubuntu Desktop on Notebooks for
>>>>> our
>>>>> Company.
>>>>>
>>>>> Till now we've been using Fedora and automated installation over PXE
>>>>> with Cobbler and Kickstart.
>>>>>
>>>>> We want encryption for /home /tmp /swap. We used full disk encryption
>>>>> with LVM an luks/cryptsetup.
>>>>>
>>>>> Fedora uses Anaconda and Kickstart files that make it easy to automate
>>>>> the full installation process, including disk encryption, package
>>>>> installation and post-scripts.
>>>>> We're using a custom firstboot script to set up the user and add his
>>>>> password to cryptsetup.
>>>>>
>>>>> I was looking for ways to integrate Ubuntu Desktop Staging into our
>>>>> existing Cobbler PXE Setup (on CentOS) but I could only find fragments
>>>>> and not much on 12.04. A lot of the information is incomplete or
>>>>> outdated (11.10 or earlier)
>>>>> https://help.ubuntu.com/community/Installation/Netboot
>>>>> http://michaeldehaan.net/post/39496835943/experiences-with-cobbler-deploying-ubuntu-precise
>>>>>
>>>>>
>>>>> Does Ubuntu save the answers / preseed file when installing manually?
>>>>> Couldn't find the information on the installed system or during
>>>>> installation. Fedora generates a kickstart file you can then reuse to
>>>>> set up other systems.
>>>>>
>>>>> What do you use/recommend for desktop installation?
>>>>>
>>>>> It would be great if some more detailed information could be found on
>>>>> the Enterprise Ubuntu Wiki.
>>>>> https://wiki.ubuntu.com/Enterprise/Needs
>>>>>
>>>>> Our needs:
>>>>>
>>>>>    - Fully automated
>>>>>    - Network Boot (PXE)
>>>>>    - Integration in current Cobbler Setup
>>>>>    - Encrypted Disk
>>>>>    - Custom package selection
>>>>>    - Script to set up printers etc.
>>>>>    - Firstboot User setup (OEM-Install option?)
>>>>>
>>>>> Thank you
>>>>>
>>>>> Philipp Gassmann
>>>>>
>>>>> Puzzle ITC GmbH
>>>>> http://www.puzzle.ch
>>>>>
>>>>> Telefon +41 31 370 22 00
>>>>> Direkt  +41 31 370 22 13
>>>>> Fax     +41 31 370 22 01
>>>>>
>>>>> Werfen Sie einen Blick in unseren Blog:
>>>>> http://www.puzzle.ch/blog
>>>>>
>>>>>