Status of Debian Edu "Buster"

(development started in July 2017)


Please note: An installation including the Main-Server profile will now fail due to broken gosa installation; see 911632. This is a temporary issue caused by the ongoing PHP transition (7.2 -> 7.3).

A Debian Edu ISO for 64-bit PCs (both AMD and Intel processors) is available from the usual Debian places:

Instead of the default xfce, mate, gnome or kde could be used as value of the related kernel param desktop=xfce. See the Buster manual installation chapter how to set kernel command line parameters.

Please note:
Squid needs to be started manually after reboots due to 911325

Known problems we want to fix



# Kerberized NFS.
pxeinstall workstation (s).
 - in case installed from cdrom/usb: login as root after first boot
 - run  'sitesummary-client' (needed to be able to use sitesummary2ldapdhcp on the main server). 
Main server:
 - login as root
 - run "ldapvi -ZD '(cn=admin)'" and replace 'sec=sys' with 'sec=krb5i'; the most
  secure setting 'sec=krb5p' works too, but the performance might suffer.
 - run 'sitesummary2ldapdhcp -a'. (default type workstations)
 - as first user edit *new* workstation(s) using GOsa² .
 - don't edit, remove duplicate gateway entry (IP indicates it).

 - login as root.
 - run 'kinit' to get a TGT.
 - run 'scp tjener:/etc/debian-edu/host-keytabs/<hostname set via GOsa>.intern.keytab /etc/krb5.keytab'
 - reboot
 - login as first user and run 'mount|grep krb5' to see kerberized mount is used.

For systems already configured with GOsa², login on the main server as root and
run /usr/share/debian-edu-config/tools/gosa-modify-host <hostname> <IP>.
Please note: host keytab creation is possible for systems of type workstations, servers and terminals but not for those of type netdevices.

# Switch from NFS --> NBD:
sed -i 's/default ltsp-NFS/default ltsp-NBD' /opt/ltsp/$(dpkg --print-architecture)/boot/pxelinux.cfg/ltsp
sed -i 's/ontimeout ltsp-NFS/ontimeout ltsp-NBD/' /opt/ltsp/$(dpkg --print-architecture)/boot/pxelinux.cfg/ltsp

# Switch from NBD --> NFS:
sed -i 's/default ltsp-NBD/default ltsp-NFS' /opt/ltsp/$(dpkg --print-architecture)/boot/pxelinux.cfg/ltsp
sed -i 's/ontimeout ltsp-NBD/ontimeout ltsp-NFS/' /opt/ltsp/$(dpkg --print-architecture)/boot/pxelinux.cfg/ltsp
# optional: remove image file(s).
rm -f /opt/ltsp/images/$(dpkg --print-architecture).im*

Fixed in Git

Fixed + done (related packages migrated to buster or unstable)

cp /etc/gosa/gosa.conf.orig /etc/gosa/gosa.conf
cat /dev/null > /etc/gosa/gosa.secrets
service apache2 reload

Please note that this change disables gosa-admin password encryption (GOsa² -> LDAP connection); the generated (random) password is used in this case.

rm /etc/apache2/mods-available/userdir.load 
cp /etc/apache2/mods-available/status.load /etc/apache2/mods-available/userdir.load 
sed -i 's/status/userdir/g' /etc/apache2/mods-available/userdir.load 
ln -s /etc/apache2/mods-available/userdir.load /etc/apache2/mods-available/debian-edu-userdir.load 
a2enmod debian-edu-userdir