This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
doc:howto:tce [2019/01/06 13:15] stefanbaur [List of open ToDos/FIXMEs for this page] - merged two items regarding minidesktop and, from the remainder, created a new one that affects both TCE and MMD |
doc:howto:tce [2019/08/27 19:53] stefanbaur [History, Rationale, Outlook] - removed obsolete paragraph, updated list of Debian releases X2Go-TCE works with |
||
---|---|---|---|
Line 12: | Line 12: | ||
During the time of Debian Wheezy being Debian' | During the time of Debian Wheezy being Debian' | ||
- | The disadvantage is that your ThinClient now needs at least 1 GB of RAM (see below). | + | The disadvantage is that your ThinClient now needs at least 512 MB to 1 GB of RAM (see below). |
However, the huge advantage is that there no longer is a need for any high-availibility setup concerning NFS (nor HTTP/ | However, the huge advantage is that there no longer is a need for any high-availibility setup concerning NFS (nor HTTP/ | ||
Line 19: | Line 19: | ||
We've also received reports that TCE-Classic wouldn' | We've also received reports that TCE-Classic wouldn' | ||
- | Our TCE-Live works just fine with Jessie, | + | Our TCE-Live works just fine with Jessie, Stretch, and Buster as well. |
- | The one catch is that the live-build package in Debian/the Debian-Live project is currently looking for a new maintainer - so there is a slim chance that live-build might be removed from Debian Buster, especially if no new maintainer steps up and the live-build replacement that is currently in the works (called live-wrapper) contains all the required functionality of live-build by then. | + | |
===== ThinClient prerequisites for all TCE-Live variants ===== | ===== ThinClient prerequisites for all TCE-Live variants ===== | ||
* At least 1 GB of RAM //unless// you use non-NTFS local storage, in that case, 512MB or even 256MB might work - but would you really want to use a Client that has 4 Megabytes of free RAM (our test result with 256 MB RAM total) and no swapspace? | * At least 1 GB of RAM //unless// you use non-NTFS local storage, in that case, 512MB or even 256MB might work - but would you really want to use a Client that has 4 Megabytes of free RAM (our test result with 256 MB RAM total) and no swapspace? | ||
Line 29: | Line 28: | ||
* A graphics card and input devices (Keyboard, Mouse/ | * A graphics card and input devices (Keyboard, Mouse/ | ||
===== Build system prerequisites for all variants ===== | ===== Build system prerequisites for all variants ===== | ||
- | * You need a Debian | + | * You need a Debian |
* We suggest using a 64-Bit system, however, it is possible to use a 32-Bit system if you don't want to build a 64-Bit ThinClient image. | * We suggest using a 64-Bit system, however, it is possible to use a 32-Bit system if you don't want to build a 64-Bit ThinClient image. | ||
* We suggest leaving at least 4 GB of free disk space so the build won't abort due to insufficient disk space while packages are downloaded, unpacked and copied around. | * We suggest leaving at least 4 GB of free disk space so the build won't abort due to insufficient disk space while packages are downloaded, unpacked and copied around. | ||
Line 37: | Line 36: | ||
===== Building your own X2Go-TCE Image ===== | ===== Building your own X2Go-TCE Image ===== | ||
==== Configuring the Build ==== | ==== Configuring the Build ==== | ||
+ | Change to a directory where you want to save your builds, and save the following file as x2go-tce-config: | ||
< | < | ||
+ | # NOTE: This file gets sourced by the actual buildscript - so place it in the same directory as the buildscript or adjust the path in the buildscript. | ||
+ | |||
# Select ONE of the following git reposities | # Select ONE of the following git reposities | ||
# this one loosely corresponds to " | # this one loosely corresponds to " | ||
- | export LBX2GO_CONFIG=' | + | #export LBX2GO_CONFIG=' |
# this one loosely corresponds to " | # this one loosely corresponds to " | ||
- | #export LBX2GO_CONFIG=' | + | export LBX2GO_CONFIG=' |
- | # NOTE: Add " | + | # NOTE: Add " |
+ | # NOTE: As of 2019-08-27, buster builds are only available via the github repo and for the feature/ | ||
# Select ONE of the following LBX2GO_ARCH lines and comment out the others | # Select ONE of the following LBX2GO_ARCH lines and comment out the others | ||
Line 50: | Line 53: | ||
export LBX2GO_ARCH=' | export LBX2GO_ARCH=' | ||
# 32-Bit, larger memory footprint, but faster performance on i686 and newer | # 32-Bit, larger memory footprint, but faster performance on i686 and newer | ||
- | # export LBX2GO_ARCH=' | + | #export LBX2GO_ARCH=' |
- | # 32-Bit, smallest memory footprint | + | # 32-Bit, smallest memory footprint |
# export LBX2GO_ARCH=' | # export LBX2GO_ARCH=' | ||
- | # detect if the selected git repo is meant to build a stretch or jessie image | + | # If you want to use the stock ISO image as created by this script, add your boot parameters here |
+ | #export LBX2GO_BOOTAPPEND_LIVE=" | ||
+ | |||
+ | # detect if the selected git repo is meant to build a buster, | ||
if [ -z " | if [ -z " | ||
export LBX2GO_DEBVERSION=" | export LBX2GO_DEBVERSION=" | ||
+ | export LBX2GO_BOOTAPPEND_LIVE+=" | ||
+ | elif [ -z " | ||
+ | export LBX2GO_DEBVERSION=" | ||
+ | export LBX2GO_BOOTAPPEND_LIVE+=" | ||
else | else | ||
export LBX2GO_DEBVERSION=" | export LBX2GO_DEBVERSION=" | ||
Line 120: | Line 130: | ||
# This patches the squashfs file into the initrd. Only parsed when image type " | # This patches the squashfs file into the initrd. Only parsed when image type " | ||
# Will require boot parameter live-media=/ | # Will require boot parameter live-media=/ | ||
- | # Both TFTP client and TFTP server must support file transfers >32MB for this to work, if you want to deploy this initrd via TFTP. | + | # Both TFTP client and TFTP server must support file transfers >32MB for this to work, if you want to deploy this initrd via TFTP, |
+ | # so e.g. atftpd will not work - tftpd-hpa, however, seems to have no problem with larger files. | ||
# When using iPXE, you can use http instead of TFTP. | # When using iPXE, you can use http instead of TFTP. | ||
# This is especially helpful if you want to netboot via http and cannot use the server' | # This is especially helpful if you want to netboot via http and cannot use the server' | ||
- | export LBX2GO_NOSQUASHFS=" | + | export LBX2GO_NOSQUASHFS=" |
# Select ONE of the following LBX2GO_IMAGETYPE lines and comment out the others | # Select ONE of the following LBX2GO_IMAGETYPE lines and comment out the others | ||
Line 129: | Line 140: | ||
# export LBX2GO_IMAGETYPE=' | # export LBX2GO_IMAGETYPE=' | ||
# to create an iso image that can also be dd'ed to USB media: | # to create an iso image that can also be dd'ed to USB media: | ||
- | # export LBX2GO_IMAGETYPE=' | + | #export LBX2GO_IMAGETYPE=' |
# to create a netboot-image: | # to create a netboot-image: | ||
export LBX2GO_IMAGETYPE=' | export LBX2GO_IMAGETYPE=' | ||
Line 138: | Line 149: | ||
# to create a tar file only (seems to be broken in live-build): | # to create a tar file only (seems to be broken in live-build): | ||
# export LBX2GO_IMAGETYPE=' | # export LBX2GO_IMAGETYPE=' | ||
+ | |||
+ | if [ " | ||
+ | LBX2GO_DEFAULTS+=" | ||
+ | fi | ||
</ | </ | ||
==== Live-Patching the Build ==== | ==== Live-Patching the Build ==== | ||
This patch is required if you need USB mount capability on the ThinClient while [[http:// | This patch is required if you need USB mount capability on the ThinClient while [[http:// | ||
+ | Save this script in the directory where you want to save your builds and run it before calling the buildscript. | ||
< | < | ||
+ | #!/bin/bash | ||
mkdir -p ./ | mkdir -p ./ | ||
- | + | wget -O ./ | |
- | cat >./ | + | |
- | + | ||
- | # | + | |
- | # Copyright (C) 2007-2017 by X2Go project, http://wiki.x2go.org | + | |
- | # | + | |
- | + | ||
- | # X2Go is free software; you can redistribute it and/or modify | + | |
- | # it under the terms of the GNU General Public License as published by | + | |
- | # the Free Software Foundation; either version 2 of the License, or | + | |
- | # (at your option) any later version. | + | |
- | # | + | |
- | # X2Go is distributed in the hope that it will be useful, | + | |
- | # but WITHOUT ANY WARRANTY; without even the implied warranty of | + | |
- | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | + | |
- | # GNU General Public License for more details. | + | |
- | # | + | |
- | # You should have received a copy of the GNU General Public License | + | |
- | # along with this program; if not, write to the | + | |
- | # Free Software Foundation, Inc., | + | |
- | # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. | + | |
- | + | ||
- | use strict; | + | |
- | use File:: | + | |
- | # comment out this " | + | |
- | # uncomment the block below if you need to do early boot stage | + | |
- | # debugging of the automounter, | + | |
- | use Sys::Syslog qw( :standard :macros ); | + | |
- | openlog($0,' | + | |
- | setlogmask( LOG_UPTO(LOG_NOTICE) ); | + | |
- | #open (B,">>/ | + | |
- | #sub syslog { | + | |
- | # print B $_[0].': | + | |
- | #} | + | |
- | + | ||
- | my $user; | + | |
- | if ( -f "/ | + | |
- | # this is a minidesktop environment, | + | |
- | # username " | + | |
- | # it runs on X2Go-TCE-Live or X2Go-TCE-NFS | + | |
- | $user='x2gothinclient'; | + | |
- | } | + | |
- | elsif ( -d "/ | + | |
- | # this is X2Go-TCE-Live, | + | |
- | # (if it were, the first condition would have matched), | + | |
- | # so we use Debian-Live' | + | |
- | $user=' | + | |
- | } | + | |
- | else { | + | |
- | # this is X2Go-TCE-NFS or something completely different, | + | |
- | # so we'll play it safe and pick the username " | + | |
- | # just like previous versions of this script did | + | |
- | $user=' | + | |
- | } | + | |
- | + | ||
- | # We need this as chown requires numeric uid/gid | + | |
- | my ($login, | + | |
- | + | ||
- | # Some last-ditch efforts to fulfill the prerequisites for File Sharing: | + | |
- | # - This is stuff that should already have happened earlier in the boot process. | + | |
- | # - Also, if a directory already exists, we silently assume that ownership and | + | |
- | # | + | |
- | # | + | |
- | # | + | |
- | + | ||
- | unless ( -d expand_filename(" | + | |
- | mkdir expand_filename(" | + | |
- | chmod 0700, expand_filename(" | + | |
- | chown $uid, $gid, expand_filename(" | + | |
- | } | + | |
- | + | ||
- | unless ( -d expand_filename(" | + | |
- | mkdir expand_filename(" | + | |
- | chmod 0700, expand_filename(" | + | |
- | chown $uid, $gid, expand_filename(" | + | |
- | } | + | |
- | + | ||
- | unless ( -d expand_filename(" | + | |
- | mkdir expand_filename(" | + | |
- | chmod 0700, expand_filename(" | + | |
- | chown $uid, $gid, expand_filename(" | + | |
- | } | + | |
- | + | ||
- | sub check_x2gothinclientmode { | + | |
- | my $ret = 0; | + | |
- | + | ||
- | # Check for x2gothinclientd first... | + | |
- | my $x=`ps ax | grep x2gothinclient`; | + | |
- | if ( $x=~m/ | + | |
- | $ret = 1; | + | |
- | } | + | |
- | + | ||
- | return $ret; | + | |
- | } | + | |
- | + | ||
- | # TCE-NFS | + | |
- | if ( check_x2gothinclientmode() || ( -x "/ | + | |
- | { | + | |
- | syslog('notice', | + | |
- | + | ||
- | open (F,">>/ | + | |
- | + | ||
- | my $dev=$ENV{' | + | |
- | my $model=$ENV{' | + | |
- | my $vendor=$ENV{' | + | |
- | my $action=$ENV{' | + | |
- | my @ldev=split("/"," | + | |
- | my $ldev=@ldev[@ldev-1]; | + | |
- | # mntdir is not the directory where the mountpoint will be rooted, | + | |
- | # but where tracking of mount states takes place | + | |
- | my $mntdir; | + | |
- | if ( -d expand_filename(" | + | |
- | $mntdir=expand_filename(" | + | |
- | } | + | |
- | elsif ( -d "/ | + | |
- | $mntdir="/ | + | |
- | } | + | |
- | elsif ( -d "/ | + | |
- | $mntdir="/ | + | |
- | } | + | |
- | else { | + | |
- | die "No directory found that we could use as \$mntdir..." | + | |
- | } | + | |
- | + | ||
- | my $name=" | + | |
- | $name=~s/ //g; | + | |
- | $name=~s/ | + | |
- | $name=~s/ | + | |
- | print F " | + | |
- | mkdir("/ | + | |
- | mkdir("/ | + | |
- | print F " | + | |
- | + | ||
- | if (`lsblk -ln -oRM $dev`=~/ | + | |
- | syslog(' | + | |
- | exit 0; | + | |
- | } | + | |
- | + | ||
- | if ( $action eq " | + | |
- | + | ||
- | ### | + | |
- | ### ACTION: mount device after it has been added to USB subsystem | + | |
- | ### | + | |
- | + | ||
- | syslog(' | + | |
- | + | ||
- | # prepare mount points | + | |
- | mkdir("/ | + | |
- | mkdir("/ | + | |
- | mkdir("/ | + | |
- | + | ||
- | # mount the USB device | + | |
- | # sync is supported by all file systems | + | |
- | # uid is supported by vfat (via fat), | + | |
- | # uni_xlate is supported by vfat,ntfs | + | |
- | # we must not trigger on iso9660 and udf, or else hybrid USB media | + | |
- | # would only cause a mount of the iso9660 raw device, | + | |
- | # blocking the mount of individual partitions | + | |
- | # real optical media -> | + | |
- | + | ||
- | if ( system(" | + | |
- | syslog(' | + | |
- | # if mounted, inform x2goclient about it... | + | |
- | system(" | + | |
- | open (D,">", | + | |
- | print D " | + | |
- | close (D); | + | |
- | } | + | |
- | elsif ( system(" | + | |
- | syslog(' | + | |
- | # if mounted, inform x2goclient about it... | + | |
- | system(" | + | |
- | open (D,">", | + | |
- | print D " | + | |
- | close (D); | + | |
- | } | + | |
- | elsif ( system(" | + | |
- | syslog(' | + | |
- | # if mounted, inform x2goclient about it... | + | |
- | system(" | + | |
- | open (D,">", | + | |
- | print D " | + | |
- | close (D); | + | |
- | } | + | |
- | elsif ( system(" | + | |
- | syslog(' | + | |
- | # if mounted, inform x2goclient about it... | + | |
- | system(" | + | |
- | open (D,">", | + | |
- | print D " | + | |
- | close (D); | + | |
- | } | + | |
- | elsif ( system(" | + | |
- | syslog(' | + | |
- | # if mounted, inform x2goclient about it... | + | |
- | system(" | + | |
- | open (D,">", | + | |
- | print D " | + | |
- | close (D); | + | |
- | } | + | |
- | else { | + | |
- | # the mount failed, let's assume that the device is encrypted... | + | |
- | my $enc=`ls -1 $mntdir | grep .encrypted`; | + | |
- | if ( $enc eq "" | + | |
- | # use cryptsetup to decrypt the device... | + | |
- | system("/ | + | |
- | + | ||
- | # mount the ,, | + | |
- | if ( system(" | + | |
- | # inform x2goclient about this... | + | |
- | system(" | + | |
- | system(" | + | |
- | open (D,">", | + | |
- | print D " | + | |
- | close (D); | + | |
- | print F " | + | |
- | } | + | |
- | else { | + | |
- | # on mount failures release the decrypted device again | + | |
- | system("/ | + | |
- | print F "mount failed ($ldev)\n"; | + | |
- | } | + | |
- | } | + | |
- | else { | + | |
- | print F " | + | |
- | } | + | |
- | } | + | |
- | if ( -e "/ | + | |
- | print F " | + | |
- | print F " | + | |
- | my $label=`/ | + | |
- | chomp($label); | + | |
- | if ($label) { | + | |
- | print F " | + | |
- | unlink "/ | + | |
- | symlink("/ | + | |
- | open (D,">>", | + | |
- | print D " | + | |
- | close (D); | + | |
- | } | + | |
- | } | + | |
- | + | ||
- | } | + | |
- | elsif ( $action eq " | + | |
- | + | ||
- | ### | + | |
- | ### ACTION: unmount device after it has been removed from the USB subsystem | + | |
- | ### | + | |
- | + | ||
- | syslog(' | + | |
- | + | ||
- | # we rely on our own mount logistics here... | + | |
- | if ( -e " | + | |
- | # inform x2goclient that the device has been removed | + | |
- | system (" | + | |
- | unlink (" | + | |
- | open ( D,">", | + | |
- | open (I,"<", | + | |
- | while (<I>) { | + | |
- | $_=~s/ | + | |
- | print D $_; | + | |
- | } | + | |
- | close (I); | + | |
- | close (D); | + | |
- | syslog(' | + | |
- | } | + | |
- | elsif ( -e " | + | |
- | # inform x2goclient that the device has been removed | + | |
- | # release the encrypted device mapping | + | |
- | unlink (" | + | |
- | open ( D,">", | + | |
- | print D " | + | |
- | system(" | + | |
- | system("/ | + | |
- | close (D); | + | |
- | } | + | |
- | } | + | |
- | + | ||
- | close (F); | + | |
- | } else { | + | |
- | + | ||
- | syslog(' | + | |
- | } | + | |
- | USBMOUNTPATCH | + | |
chmod 755 ./ | chmod 755 ./ | ||
</ | </ | ||
==== Starting the Build ==== | ==== Starting the Build ==== | ||
- | Change to a directory where you want to save your builds, | + | In the directory where you want to save your builds, |
+ | < | ||
+ | # | ||
+ | |||
+ | # read (source) the config file | ||
+ | . ./ | ||
# Create Timestamp | # Create Timestamp | ||
LBX2GO_TIMESTAMP=$(date +" | LBX2GO_TIMESTAMP=$(date +" | ||
# Set Directory name | # Set Directory name | ||
- | LBX2GO_TCEDIR=./ | + | LBX2GO_TCEDIR="./ |
if [ -z " | if [ -z " | ||
Line 470: | Line 210: | ||
lb config $LBX2GO_ARCH $LBX2GO_SPACE $LBX2GO_DEFAULTS \ | lb config $LBX2GO_ARCH $LBX2GO_SPACE $LBX2GO_DEFAULTS \ | ||
| | ||
- | | + | |
+ | | ||
# This will copy any patches we have prepared | # This will copy any patches we have prepared | ||
if [ -d " | if [ -d " | ||
cp -a ../patch/* config/ | cp -a ../patch/* config/ | ||
+ | fi | ||
+ | # This will copy any patches we have prepared for minidesktop | ||
+ | if [ -d " | ||
+ | cp -a ../ | ||
fi | fi | ||
# This enables an i386-only package in the sources.list file when an i386 build is requested | # This enables an i386-only package in the sources.list file when an i386 build is requested | ||
Line 479: | Line 224: | ||
sed -i -e 's/# for i386 only #//' config/ | sed -i -e 's/# for i386 only #//' config/ | ||
fi | fi | ||
- | | + | |
- | if [ -f config/ | + | if [ -f config/ |
- | for LBX2GO_SINGLE_LANG in $(echo $LBX2GO_LANG | tr ';' | + | if [ -n " |
- | echo "LANG: ' | + | for LBX2GO_SINGLE_LANG in $(echo $LBX2GO_LANG | tr ';' |
- | sed -i -e ' | + | echo "LANG: ' |
- | done | + | sed -i -e ' |
- | fi | + | done |
+ | | ||
+ | rm config/ | ||
+ | fi | ||
+ | | ||
if [ " | if [ " | ||
echo '# | echo '# | ||
Line 504: | Line 253: | ||
if [ " | if [ " | ||
(cd binary; echo live$' | (cd binary; echo live$' | ||
- | cat ./ | + | cat ./ |
- | rm ./ | + | rm ./ |
+ | # keeping these doesn' | ||
+ | # rm ./ | ||
fi | fi | ||
fi | fi | ||
Line 521: | Line 272: | ||
stat -c %Y ./ | stat -c %Y ./ | ||
touch -m -d @$(cat x2go-tce-timestamp) x2go-tce-timestamp | touch -m -d @$(cat x2go-tce-timestamp) x2go-tce-timestamp | ||
- | lb clean | + | |
- | rm -rf ./cache | + | if lb source debian ; |
+ | then | ||
+ | echo -e " | ||
+ | else | ||
+ | echo -e " | ||
+ | fi | ||
+ | | ||
+ | lb clean | ||
+ | | ||
+ | fi | ||
else | else | ||
# note that imagetype hdd always ends here, | # note that imagetype hdd always ends here, | ||
Line 539: | Line 299: | ||
* It **might** be possible to already use HTTPS in this early stage when using iPXE. This is untested and requires building your own iPXE image. see http:// | * It **might** be possible to already use HTTPS in this early stage when using iPXE. This is untested and requires building your own iPXE image. see http:// | ||
* You will also need an HTTP/ | * You will also need an HTTP/ | ||
- | * This image cannot be deployed via TFTP as it is too large - some TFTP servers refuse to serve files lager than 32MB, and some TFTP clients have problems with that as well. | + | * This image cannot be deployed via TFTP as it is too large - some TFTP servers |
* Also, even if you have a TFTP server/ | * Also, even if you have a TFTP server/ | ||
* Note that whoever manages to spoof this server name can deploy rogue images to your ThinClients. | * Note that whoever manages to spoof this server name can deploy rogue images to your ThinClients. | ||
Line 883: | Line 643: | ||
* '' | * '' | ||
* '' | * '' | ||
- | * '' | + | * '' |
* '' | * '' | ||
+ | * '' | ||
* '' | * '' | ||
* '' | * '' | ||
Line 891: | Line 652: | ||
* '' | * '' | ||
* '' | * '' | ||
+ | * '' | ||
* '' | * '' | ||
* '' | * '' | ||
Line 897: | Line 659: | ||
* '' | * '' | ||
* '' | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
* '' | * '' | ||
- | * '' | + | |
+ | | ||
* '' | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
=== These are only intended to be used with TCE images stored on local media === | === These are only intended to be used with TCE images stored on local media === | ||
* '' | * '' | ||
Line 963: | Line 733: | ||
* create a symlink matching " | * create a symlink matching " | ||
* In your boot configuration file (either " | * In your boot configuration file (either " | ||
+ | |||
+ | ==== The session itself works fine, but Audio is not working ==== | ||
+ | |||
+ | First, check that the audio isn't simply muted (some cards/ | ||
+ | |||
+ | If that doesn' | ||
+ | |||
+ | You might have to pick a different one from the list, by using boot parameter '' | ||
+ | |||
+ | If you need different settings for different manufacturers, | ||
===== Support Tools available in X2Go-TCE ===== | ===== Support Tools available in X2Go-TCE ===== | ||
Line 1114: | Line 894: | ||
</ | </ | ||
* after you have prepared all this, execute '' | * after you have prepared all this, execute '' | ||
- | * Note that whoever manages to spoof the server name can deploy rogue images to your ThinClients. | + | * Note that whoever manages to spoof the server name can deploy rogue images to your ThinClients. |
FIXME Some of the optional steps above could be moved to a separate subpage to reduce clutter. | FIXME Some of the optional steps above could be moved to a separate subpage to reduce clutter. | ||
Line 1133: | Line 913: | ||
FIXME autodetection for SSH Private Keys might need some more bells and whistles. | FIXME autodetection for SSH Private Keys might need some more bells and whistles. | ||
- | < | ||
* how about a script that patches the sessions file to enable autologin for all sessions when keys have been found? | * how about a script that patches the sessions file to enable autologin for all sessions when keys have been found? | ||
* 2800-x2go-thinclientconfig needs to be changed so it uses the keyfile(s) when in broker mode ('' | * 2800-x2go-thinclientconfig needs to be changed so it uses the keyfile(s) when in broker mode ('' | ||
- | * < | ||
- | * < | ||
- | * < | ||
- | * < | ||
- | * < | ||
- | * < | ||
- | * < | ||
- | * < | ||
- | * < | ||
- | * < | ||
* Situation: We have a working automounter, | * Situation: We have a working automounter, | ||
* If a session is set to "Try auto login (via SSH Agent or default SSH key)" and NO keyfile is set, then X2GoClient will try **all** secret keys in .ssh. Showing a password prompt if a key is password-protected is handled by X2GoClient, so needs no extra work. | * If a session is set to "Try auto login (via SSH Agent or default SSH key)" and NO keyfile is set, then X2GoClient will try **all** secret keys in .ssh. Showing a password prompt if a key is password-protected is handled by X2GoClient, so needs no extra work. | ||
Line 1151: | Line 920: | ||
* use '' | * use '' | ||
* do not use '' | * do not use '' | ||
- | |||
- | |||
- | FIXME '' | ||
FIXME Parsing the output of e.g. < | FIXME Parsing the output of e.g. < | ||
Line 1160: | Line 926: | ||
Authentification and " | Authentification and " | ||
- | FIXME < | + | FIXME Automount script currently expects a LUKS password in ''/ |
- | + | ||
- | FIXME Automount script currently expects a LUKS password in ''/ | + | |
FIXME '' | FIXME '' | ||
Line 1170: | Line 934: | ||
FIXME Even though we set the hostname to '' | FIXME Even though we set the hostname to '' | ||
- | FIXME < | + | FIXME When building a stretch TCE you need to add kernel parameters '' |
- | FIXME '' | + | FIXME '' |
- | FIXME '' | + | FIXME <del>'' |
- | FIXME It would be nice to have a bootparameter for the desktop background/color - this is being worked on. | + | FIXME it would be cool if most of the TCE-specific boot parameters could be placed into a file that in turn can be specified as a boot parameter, |
- | FIXME '' | + | FIXME A smaller image size can be achieved by removing the following packages from the squashfs: |
+ | - check if this could be turned into a build parameter. Note that this makes only sense for a netboot image that uses X2Go sessions only, and no NTFS media (neither fixed disk nor USB). Also, this causes an X startup failure during boot that needs to be worked around (by touching / | ||
+ | Here's a script to do all of this automatically (needs to be run as root in the builddir: | ||
+ | <file - stripimage.sh> | ||
+ | #!/bin/bash -e | ||
+ | if [ $UID -ne 0 ] ; then | ||
+ | echo "Must be root." | ||
+ | exit 1 | ||
+ | fi | ||
+ | unsquashfs x2go-tce-filesystem.squashfs | ||
+ | mount --bind /proc squashfs-root/ | ||
+ | chroot squashfs-root apt purge -y acpi-support-base acpid acpi-support pm-utils powermgmt-base gnupg gnupg-agent whiptail vim vim-common vim-tiny xxd xinetd \ | ||
+ | libcroco3 libcurl3 libexif12 libgdk-pixbuf2.0-0 libgdk-pixbuf2.0-common libgif7 libid3tag0 libimlib2 libnghttp2-14 \ | ||
+ | libobrender32v5 libobt2v5 libpango-1.0-0 libpangocairo-1.0-0 libpangoft2-1.0-0 libpangoxft-1.0-0 librsvg2-2 librtmp1 \ | ||
+ | libssh2-1 libstartup-notification0 libxft2 libxss1 vim-runtime rsync xserver-xorg-input-wacom xserver-xorg-video-all \ | ||
+ | xserver-xorg-video-amdgpu xserver-xorg-video-ati xserver-xorg-video-nouveau xserver-xorg-video-qxl \ | ||
+ | xserver-xorg-video-radeon xserver-xorg-video-vmware libdrm-amdgpu1 libdrm-nouveau2 libdrm-radeon1 libllvm3.9 libsensors4 \ | ||
+ | libxatracker2 xprintidle feh xdotool openbox libxapian30 libpipeline1 libnpth0 libksba8 libseccomp2 libsqlite3-0 libxdo3 \ | ||
+ | libnewt0.52 libslang2 keyutils libassuan0 libdatrie1 libevent-2.0-5 libthai-data libthai0 \ | ||
+ | pinentry-curses trickle libxapian30 libpcsclite1 libdbus-glib-1-2 libfuse2 libpipeline1 libusb-1.0-0 libxv1 xnest \ | ||
+ | xserver-xephyr rdesktop freerdp-x11 traceroute screen net-tools less ntfs-3g fuse locales cifs-utils xterm libgssglue1 \ | ||
+ | libntfs-3g871 libtalloc2 libtcl8.6 libtk8.6 libutempter0 libvncclient1 libvncserver1 libwbclient0 libxcb-xf86dri0 \ | ||
+ | libxcb-xv0 samba-common tcl tcl8.6 tk tk8.6 xbitmaps nfs-common rpcbind atmel-firmware bluez-firmware \ | ||
+ | dahdi-firmware-nonfree hdmi2usb-fx2-firmware iso-codes ixo-usb-jtag libc-l10n libnfsidmap2 libtirpc1 x11vnc x11vnc-data \ | ||
+ | libapparmor1 systemd apt-utils libapt-inst2.0 libfreerdp-cache1.1 libfreerdp-client1.1 libfreerdp-codec1.1 \ | ||
+ | libfreerdp-common1.1.0 libfreerdp-core1.1 libfreerdp-crypto1.1 libfreerdp-gdi1.1 libfreerdp-locale1.1 \ | ||
+ | libfreerdp-primitives1.1 libfreerdp-rail1.1 libfreerdp-utils1.1 libwinpr-crt0.1 libwinpr-crypto0.1 libwinpr-dsparse0.1 \ | ||
+ | libwinpr-environment0.1 libwinpr-file0.1 libwinpr-handle0.1 libwinpr-heap0.1 libwinpr-input0.1 libwinpr-interlocked0.1 \ | ||
+ | libwinpr-library0.1 libwinpr-path0.1 libwinpr-pool0.1 libwinpr-registry0.1 libwinpr-rpc0.1 libwinpr-sspi0.1 \ | ||
+ | libwinpr-synch0.1 libwinpr-sysinfo0.1 libwinpr-thread0.1 libwinpr-utils0.1 firmware-amd-graphics firmware-atheros \ | ||
+ | firmware-bnx2 firmware-bnx2x firmware-brcm80211 firmware-cavium firmware-crystalhd firmware-intel-sound \ | ||
+ | firmware-intelwimax firmware-ipw2x00 firmware-ivtv firmware-iwlwifi firmware-libertas firmware-linux firmware-linux-free \ | ||
+ | firmware-linux-nonfree firmware-misc-nonfree firmware-myricom firmware-netxen firmware-qlogic firmware-realtek \ | ||
+ | firmware-samsung firmware-siano firmware-ti-connectivity firmware-zd1211 | ||
+ | chroot squashfs-root dpkg -P apt tasksel tasksel-data | ||
+ | rm squashfs-root/ | ||
+ | (cd squashfs-root/ | ||
+ | mkdir -p squashfs-root/ | ||
+ | touch squashfs-root/ | ||
+ | umount squashfs-root/ | ||
+ | if ! grep '^eval $THROTTLINGCOMMAND' | ||
+ | sed -i -e ' | ||
+ | squashfs-root/ | ||
+ | fi | ||
+ | if [ -f binary/ | ||
+ | mv binary/ | ||
+ | fi | ||
+ | mkdir -p binary/ | ||
+ | mksquashfs squashfs-root binary/ | ||
+ | rm -rf squashfs-root | ||
+ | ln -f binary/ | ||
+ | (cd binary; echo live$' | ||
+ | cat ./ | ||
+ | rm ./ | ||
+ | </ | ||
+ | FIXME for MATE-MiniDesktop, | ||
- | ===== List of closed ToDos/ | + | FIXME Scripts triggered by if-up should check if a new download is really necessary. |
+ | FIXME Feature request: In TCE (not MMD), use < | ||
+ | while ! (grep " | ||
+ | echo s >/ | ||
+ | echo u >/ | ||
+ | done | ||
+ | echo o >/ | ||
+ | </ | ||
+ | ===== List of closed ToDos/ | ||
+ | * '' | ||
+ | * It would be nice to have a boot parameter '' | ||
+ | * It would also be nice to have boot parameters '' | ||
+ | * Boot parameters '' | ||
* There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/ | * There might be a race condition between the scripts handling the sshd keyfile and the ssh private key file copy task (/config ...), causing one to umount the fixed disk before the other is done reading/ | ||
* Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. - fixed in github repo, soon in x2go repo | * Setting the time via NTP will fail if the TC can't establish a connection to an NTP server via the internet. It would make sense to allow specifying an internal NTP server via a boot parameter. - fixed in github repo, soon in x2go repo | ||
Line 1189: | Line 1020: | ||
* Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/ | * Automount script expansion is in the works. Will fully support VFAT, NTFS, hfs, hpfs, will offer read-only support for ext* via fuseext2 (that way, file ownership/ | ||
* '' | * '' | ||
+ | * Maybe we should add symlinks to the mount points created by the automounter: | ||
+ | * '' | ||
+ | * volume control applet for MiniDesktop mode has been added - fixed in github repo, soon in x2go repo (to save/ | ||
< | < | ||
</ | </ | ||