:: Re: [DNG] Air-gapped Beowulf instal…
トップ ページ
このメッセージを削除
このメッセージに返信
著者: Olaf Meeuwissen
日付:  
To: Olaf Meeuwissen
CC: dng
題目: Re: [DNG] Air-gapped Beowulf install w/ runit as init
Hi again,

Olaf Meeuwissen via Dng writes:

> Hi all,
>
> I previously mentioned here[1,2] that the netinst ISO images are no use
> for air-gapped installs. That was for Beowulf beta images and has been
> addressed (at least partially, IIRC). Besides, it *is* documented[3].
>
> So I have been using the server image. That claims to allow
>
> for a *complete* off-line server/minimal installation
>
> where the emphasis is mine.
>
> Now the Beowulf 3.1.0 point release announcement[4] says that
>
> [t]he installer now offers a choice of three init systems. `runit` has
> been added, along with `sysvinit` and `openrc`.
>
> Cool! Downloaded the 3.1.1 server image and installed, selecting runit
> as my init. No warnings, everything installs fine, system reboots okay,
> but ... no runit :-o
>
> What gives?
>
> The installer logs mention that some `runit*` package is not available
> (sorry, forgot which one and the logs are gone :-(). Poking around in
> the Packages file and pool/ directory on the image, I *think* that may
> have been `runit-init`. A regular, non-air-gapped install has that
> package installed and the installer logs show it getting installed in
> the `choose-init` "stage" and downloaded from deb.devuan.org.
>
> Considering that `runit-init` is about 40KB and the ISO images are
>
> netinst 309MB
> server 590MB
> desktop 3658MB
>
> (for amd64) I would prefer to see `runit-init` added to the server image
> over downloading the desktop image for air-gapped installs.
>
> It makes a 3GB difference :-o
> # But I'll be working around with the desktop image for the time being.


Eh, that didn't work either :-((
Despite the ISO Guide[5] claiming

*desktop* (4 GB): Use this DVD if there is no network available [...]

So much for air-gapped runit installs :-/
The runit-init package is *not* included in any of the ISO images. Sure
hope that gets fixed for chimaera.

I ended up (re?)installing it after an initial air-gapped install and
setting up a packet filter and bringing up the network. Like so, for
those who like to know, as root

  for prog in iptables ip6tables; do
    $prog -P FORWARD DROP
    $prog -P INPUT DROP
    $prog -A INPUT --match state --state ESTABLISHED,RELATED --jump
    ACCEPT
  done
  # plug in your network cable here
  echo "iface eth0 inet dhcp" >> /etc/network/interfaces
  ifup eth0


Of course, you might still need to massage your APT sources.list into
shape and `export` an `http_proxy` variable if needed to get things to
really work.

> [1]: https://lists.dyne.org/lurker/message/20200320.010518.98571ef6.en.html
> [2]: https://lists.dyne.org/lurker/message/20200322.113542.8f9ac3d5.en.html
> [3]: https://devuan.org/get-devuan
> [4]: https://devuan.org/os/announce/beowulf-point-release-announce-021421


[5]: https://www.devuan.org/get-devuan

Hope this helps,
--
Olaf Meeuwissen, LPIC-2            FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Software                        https://my.fsf.org/donate
 Join the Free Software Foundation              https://my.fsf.org/join