projects
/
mirror
/
dsa-wiki.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
escaping..... I'm too foo for this bar
[mirror/dsa-wiki.git]
/
input
/
howto
/
new-machine.creole
diff --git
a/input/howto/new-machine.creole
b/input/howto/new-machine.creole
index
e03d1a2
..
3cf0178
100644
(file)
--- a/
input/howto/new-machine.creole
+++ b/
input/howto/new-machine.creole
@@
-22,7
+22,7
@@
Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup
* run generate, or wait until cron runs it for you. Update DNS.
{{{
* run generate, or wait until cron runs it for you. Update DNS.
{{{
- : :: draghi :: && sudo -u sshdist ud-generate && sudo -H ud-replicate && sudo -H puppetd -
t
+ : :: draghi :: && sudo -u sshdist ud-generate && sudo -H ud-replicate && sudo -H puppetd -
-no-daemonize --onetime
: :: denis :: && sudo -H ud-replicate
}}}
: :: denis :: && sudo -H ud-replicate
}}}
@@
-30,6
+30,8
@@
Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup
* on the host, run ud-replicate and check if it worked
{{{
* on the host, run ud-replicate and check if it worked
{{{
+ apt-get update &&
+ apt-get install -y --no-install-recommends userdir-ldap &&
ud-replicate &&
id weasel
}}}
ud-replicate &&
id weasel
}}}
@@
-41,7
+43,7
@@
Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup
* run puppet a couple times
{{{
* run puppet a couple times
{{{
- puppet agent -
t; puppet agent -t; puppet agent -t; puppet agent -t
+ puppet agent -
-no-daemonize --onetime; puppet agent --no-daemonize --onetime; puppet agent --no-daemonize --onetime; puppet agent --no-daemonize --onetime
}}}
* install security updates etc.
}}}
* install security updates etc.
@@
-53,10
+55,9
@@
Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup
* try to become root using sudo.
* try to become root using sudo.
-* make ca-certificates sane: (choose to *not* trust new certs
, and we only want the spi cert activated
)
+* make ca-certificates sane: (choose to *not* trust new certs)
{{{
echo "ca-certificates ca-certificates/trust_new_crts select no" | debconf-set-selections
{{{
echo "ca-certificates ca-certificates/trust_new_crts select no" | debconf-set-selections
- sed -i -e 's/^[^#!].*/!&/; s#^!spi-inc.org/spi-cacert-2008.crt#spi-inc.org/spi-cacert-2008.crt#' /etc/ca-certificates.conf
dpkg-reconfigure ca-certificates
}}}
dpkg-reconfigure ca-certificates
}}}
@@
-73,9
+74,9
@@
Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup
* install samhain and get puppet to configure it
{{{
apt-get install -y samhain &&
* install samhain and get puppet to configure it
{{{
apt-get install -y samhain &&
- ( puppet agent -
t
|| true ) &&
+ ( puppet agent -
-no-daemonize --onetime
|| true ) &&
service samhain stop &&
service samhain stop &&
- rm
/var/state
/samhain/samhain_file &&
+ rm
-f /var/state/samhain/samhain_file /var/lib
/samhain/samhain_file &&
samhain --foreground -t init -p none -s none -l none -m none &&
service samhain start
}}}
samhain --foreground -t init -p none -s none -l none -m none &&
service samhain start
}}}