fai 5.1 - get-config-dir support for sftp, scp, https

andrew bezella abezella at archive.org
Tue Jun 28 22:52:56 CEST 2016


hi -

played around a bit with these new options and i've hit a few stumbling
blocks: 
      * https support - i believe curl requires the ca-certificates
        package installed in the NFSROOT to avoid errors.  i haven't
        tested this fully, but when run from an ssh login w/o
        ca-certificates curl fails and throws "SSL certificate problem"
        errs, runs fine after installed. 
      * sftp (and scp?) support - only tested with sftp, but it appears
        that HOME=/ when `curl -f -O --retry 3 $FAI_CONFIG_SRC` is run
        in /usr/lib/fai/get-config-dir-sftp.  this means that any
        known_hosts/privkeys in /root/.ssh are unavailable (which causes
        curl to fail).  perhaps the easiest fix might be to prefix `env
        HOME=/root` in both the sftp/scp methods?

--- /srv/fai/nfsroot/jessie-amd64/usr/lib/fai/get-config-dir-sftp.orig 2016-06-28 13:06:32.784026267 -0700
+++ /srv/fai/nfsroot/jessie-amd64/usr/lib/fai/get-config-dir-sftp      2016-06-28 13:06:34.956025321 -0700
@@ -33,7 +33,7 @@
 
 # now download tarball of config space
 echo -n "Getting configuration space tarball from $FAI_CONFIG_SRC ..."
-curl -f -O --retry 3 $FAI_CONFIG_SRC
+env HOME=/root curl -f -O --retry 3 $FAI_CONFIG_SRC
 ret=$?
 if [ $? -eq 0 ]; then
     echo "done"


thoughts/feedback?  tia...

andy

-- 
andrew bezella <abezella at archive.org>
Internet Archive


More information about the linux-fai mailing list