Univention Bugzilla – Bug 41919
Add interface to sync and execute scripts to UCC clients
Last modified: 2016-11-09 10:43:06 CET
We need a way to sync and execute files to UCC clients, that the administrator can define and modify at will. This will be a generic interface to modify UCC clients at boot time.
r71431 Package: univention-ucc-initramfs Version: 5.0.0-22.160.201608051406 r71434 Package: ucc-pxe-boot Version: 8.0.0-6.50.201608051526 r71435 changelog Added the directory /var/lib/univention-client-boot/custom_start_scripts on UCS-UCC servers. Everything in there will be synced by the UCC initramfs to /usr/lib/univention-initramfs-post-boot-option-check. There already is a run-parts in the initramfs which will execute the content of the directory in a chroot. An example script + config file for mounting the user home directory at ~/NetworkStorage upon user login is available at /usr/share/doc/ucc-pxe-boot/custom_start_scripts_example/ Documentation -> bug 41922
custom_start_scripts_example - works, but * i would suggest to run copy_custom_start_scripts only if ucc/custom_start_scripts is set (-n ), the default should be not mounting the nfs root and checking for custom scripts * copy_custom_start_scripts syncs the server dir with the local /usr/lib/univention-initramfs-post-boot-option-check, with --delete so everything in usr/lib/univention-initramfs-post-boot-option-check is removed if not present on the server, but is univention-initramfs-post-boot-option-check not supposed to be a custom hook directory for the initramfs, how does this work with the sync --delete maybe copy_custom_start_scripts should use a different run-parts directory? 0010_mount_network_storage * the script is installed with rw-r--r--, just copying the script to /var/lib/univention-client-boot/custom_start_scripts is not enough, one has to adjust the permissions as well, maybe install the script with the executable flag? * that is just the pure pam_mount config, to make that work, one has to install libpam-mount and cifs-utils and configure pam to use pam_mount (at least /etc/pam.d/lightdm)
As discussed and suggested, i improved the feature: - change semantics: UCRV is now ucc/custom_start_scripts/enabled, there is an implicit check that it evaluates to true to enable the custom start script feature - change sync directory to /usr/lib/univention-custom-start-scripts r71474 univention-ucc-initramfs 5.0.0-23
(In reply to Felix Botner from comment #2) > 0010_mount_network_storage > * the script is installed with rw-r--r--, just copying the script > to /var/lib/univention-client-boot/custom_start_scripts is not enough, one > has to adjust the permissions as well, maybe install the script with > the executable flag? Installation path changed to /usr/share/ucc-pxe-boot (installing in doc removed +x flag) > * that is just the pure pam_mount config, to make that work, one has to > install libpam-mount and cifs-utils and configure pam to use pam_mount > (at least /etc/pam.d/lightdm) I added dependencies to both packages to u-ucc-pam and provided the pam-mount template for lightdm. libpam-mount provides an empty template which is ignored. The admin can then choose to use the custom-start-script interface to implement a mount on login. The example shows how to mount something in ~/NetworkStorage r71550 ucc-pxe-boot 8.0.0-7.51.201608111908 r71552 univention-ucc-pam 4.0.0-3.52.201608111909
OK
UCC 3.0 has been released. If this bug occurs again, please clone this bug.