Status of Debian Edu "Buster"

(development started in July 2017)


A Debian Edu ISO for 64-bit PCs (both AMD and Intel processors) is available from the usual Debian places:

Instead of the default xfce, mate, gnome or kde could be used as value of the related kernel param desktop=xfce. See the Buster manual installation chapter how to set kernel command line parameters.

Known problems we want to fix

Known problems that need to be fixed elsewhere

Known problems we fixed via workarounds, real fix needed elsewhere



# Kerberized NFS.
pxeinstall workstation (s).
 - in case installed from cdrom/usb: login as root after first boot
 - run  'sitesummary-client' (needed to be able to use sitesummary2ldapdhcp on the main server). 
Main server:
 - login as root
 - run "ldapvi -ZD '(cn=admin)'" and replace 'sec=sys' with 'sec=krb5i'; the most
  secure setting 'sec=krb5p' works too, but the performance might suffer.
 - run 'sitesummary2ldapdhcp -a'. (default type workstations)
 - as first user edit *new* workstation(s) using GOsa² .
 - don't edit, remove duplicate gateway entry (IP indicates it).

 - login as root.
 - run '/usr/share/debian-edu-config/tools/copy-host-keytab'
 - reboot

For systems already configured with GOsa², login on the main server as root and
run /usr/share/debian-edu-config/tools/gosa-modify-host <hostname> <IP>.
Please note: host keytab creation is possible for systems of type workstations, servers and terminals but not for those of type netdevices.

# Switch from NFS --> NBD:
sed -i 's/default ltsp-NFS/default ltsp-NBD' /opt/ltsp/$(dpkg --print-architecture)/boot/pxelinux.cfg/ltsp
sed -i 's/ontimeout ltsp-NFS/ontimeout ltsp-NBD/' /opt/ltsp/$(dpkg --print-architecture)/boot/pxelinux.cfg/ltsp

# Switch from NBD --> NFS:
sed -i 's/default ltsp-NBD/default ltsp-NFS' /opt/ltsp/$(dpkg --print-architecture)/boot/pxelinux.cfg/ltsp
sed -i 's/ontimeout ltsp-NBD/ontimeout ltsp-NFS/' /opt/ltsp/$(dpkg --print-architecture)/boot/pxelinux.cfg/ltsp
# optional: remove image file(s).
rm -f /opt/ltsp/images/$(dpkg --print-architecture).im*

Fixed in Git

Fixed + done (related packages migrated to buster or unstable)

cp /etc/gosa/gosa.conf.orig /etc/gosa/gosa.conf
cat /dev/null > /etc/gosa/gosa.secrets
service apache2 reload

Please note that this change disables gosa-admin password encryption (GOsa² -> LDAP connection); the generated (random) password is used in this case.

rm /etc/apache2/mods-available/userdir.load 
cp /etc/apache2/mods-available/status.load /etc/apache2/mods-available/userdir.load 
sed -i 's/status/userdir/g' /etc/apache2/mods-available/userdir.load 
ln -s /etc/apache2/mods-available/userdir.load /etc/apache2/mods-available/debian-edu-userdir.load 
a2enmod debian-edu-userdir