Outils pour utilisateurs
doc:dak:installation_de_dak_sur_ondine
Différences
Ci-dessous, les différences entre deux révisions de la page.
| Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
|
doc:dak:installation_de_dak_sur_ondine [2005/08/03 15:17] lehobey |
doc:dak:installation_de_dak_sur_ondine [2005/08/03 18:06] (Version actuelle) lehobey |
||
|---|---|---|---|
| Ligne 43: | Ligne 43: | ||
| **NB** : Il ne demande rien sur le groupe //debuser//. | **NB** : Il ne demande rien sur le groupe //debuser//. | ||
| - | === Résultat === | + | [[sortie aptitude dak|Résultat]]. |
| - | <code> | + | |
| - | Paramétrage de dak (1.0-8) ... | + | |
| - | Domain: localhost.localdomain | + | |
| - | Creating/updating dak user account and group... | + | |
| - | Adding group `debadmin' (105)... | + | |
| - | Fait. | + | |
| - | Ajout de l'utilisateur système deb-dak... | + | |
| - | Adding new user `deb-dak' (104) with group `debadmin'. | + | |
| - | Création du répertoire personnel /var/lib/dak. | + | |
| - | Creating config file /opt/dak/katie/apt.conf with new version | + | |
| - | Creating config file /opt/dak/katie/cron.unchecked with new version | + | |
| - | Creating config file /opt/dak/katie/katie.conf with new version | + | |
| - | Creating config file /etc/katie/katie.conf with new version | + | |
| - | Creating config file /opt/dak/katie/vars with new version | + | |
| - | Creating config file /opt/dak/katie/Contents.top with new version | + | |
| - | Creating config file /opt/dak/katie/templates/alicia.bug-close with new version | + | |
| - | Creating config file /opt/dak/katie/templates/amber.advisory with new version | + | |
| - | Creating config file /opt/dak/katie/templates/jennifer.accepted with new version | + | |
| - | Creating config file /opt/dak/katie/templates/jennifer.announce with new version | + | |
| - | Creating config file /opt/dak/katie/templates/jennifer.bug-close with new version | + | |
| - | Creating config file /opt/dak/katie/templates/jennifer.bug-experimental-fixed with new version | + | |
| - | Creating config file /opt/dak/katie/templates/jennifer.bug-nmu-fixed with new version | + | |
| - | Creating config file /opt/dak/katie/templates/jennifer.new with new version | + | |
| - | Creating config file /opt/dak/katie/templates/jennifer.override-disparity with new version | + | |
| - | Creating config file /opt/dak/katie/templates/katie.rejected with new version | + | |
| - | Creating config file /opt/dak/katie/templates/kelly.installed with new version | + | |
| - | Creating config file /opt/dak/katie/templates/kelly.unaccept with new version | + | |
| - | Creating config file /opt/dak/katie/templates/lauren.stable-rejected with new version | + | |
| - | Creating config file /opt/dak/katie/templates/lisa.bxa_notification with new version | + | |
| - | Creating config file /opt/dak/katie/templates/lisa.prod with new version | + | |
| - | Creating config file /opt/dak/katie/templates/melanie.bug-close with new version | + | |
| - | Creating config file /opt/dak/katie/templates/uma.added with new version | + | |
| - | </code> | + | |
| ==== Installation de postgresql ==== | ==== Installation de postgresql ==== | ||
| Ligne 110: | Ligne 77: | ||
| Européen | Européen | ||
| - | === Résultat === | + | [[sortie aptitude postgresql|Résultat]]. |
| - | <code> | + | |
| - | Paramétrage de postgresql (7.4.7-6sarge1) ... | + | |
| - | + | ||
| - | Creating config file /etc/postgresql/postmaster.conf with new version | + | |
| - | The files belonging to this database system will be owned by user "postgres". | + | |
| - | This user must also own the server process. | + | |
| - | + | ||
| - | The database cluster will be initialized with locale fr_FR@euro. | + | |
| - | + | ||
| - | fixing permissions on existing directory /var/lib/postgres/data... ok | + | |
| - | creating directory /var/lib/postgres/data/base... ok | + | |
| - | creating directory /var/lib/postgres/data/global... ok | + | |
| - | creating directory /var/lib/postgres/data/pg_xlog... ok | + | |
| - | creating directory /var/lib/postgres/data/pg_clog... ok | + | |
| - | selecting default max_connections... 100 | + | |
| - | selecting default shared_buffers... 1000 | + | |
| - | creating configuration files... ok | + | |
| - | creating template1 database in /var/lib/postgres/data/base/1... ok | + | |
| - | initializing pg_shadow... ok | + | |
| - | enabling unlimited row size for system tables... ok | + | |
| - | initializing pg_depend... ok | + | |
| - | creating system views... ok | + | |
| - | loading pg_description... ok | + | |
| - | creating conversions... ok | + | |
| - | setting privileges on built-in objects... ok | + | |
| - | creating information schema... ok | + | |
| - | vacuuming database template1... ok | + | |
| - | copying template1 to template0... ok | + | |
| - | + | ||
| - | Success. The database server should be started automatically. | + | |
| - | If not, you can start the database server using: | + | |
| - | + | ||
| - | /etc/init.d/postgresql start | + | |
| - | + | ||
| - | Creating config file /etc/postgresql/postgresql.conf with new version | + | |
| - | + | ||
| - | </code> | + | |
| Et le paquet nous informe : | Et le paquet nous informe : | ||
| Ligne 188: | Ligne 118: | ||
| $ rose | $ rose | ||
| - | <code> | + | [[sortie rose|Résultat]]. |
| - | Creating /opt/dak/ftp/ ... | + | |
| - | Creating /opt/dak/ftp/pool/ ... | + | |
| - | Creating /opt/dak/database/dists/ ... | + | |
| - | Creating /opt/dak/log/ ... | + | |
| - | Creating /opt/dak/morgue/ ... | + | |
| - | Creating /opt/dak/scripts/override/ ... | + | |
| - | Creating /opt/dak/testing/urgencies/ ... | + | |
| - | Creating /opt/dak/queue/accepted/ ... | + | |
| - | Creating /opt/dak/queue/byhand/ ... | + | |
| - | Creating /opt/dak/queue/done/ ... | + | |
| - | Creating /opt/dak/queue/holding/ ... | + | |
| - | Creating /opt/dak/queue/new/ ... | + | |
| - | Creating /opt/dak/queue/reject/ ... | + | |
| - | Creating /opt/dak/queue/unchecked/ ... | + | |
| - | Creating /opt/dak/queue/bts_version_track/ ... | + | |
| - | Creating /opt/dak/web ... | + | |
| - | Creating /opt/dak/katie/neve-files ... | + | |
| - | Creating /opt/dak/morgue/shania ... | + | |
| - | Creating /opt/dak/morgue/rhona ... | + | |
| - | Creating /opt/dak/katie-database/ ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-alpha ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-amd64 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-arm ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-hppa ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-hurd-i386 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-i386 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-ia64 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-mips ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-mipsel ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-m68k ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-powerpc ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-s390 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-sh ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/binary-sparc ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/main/source ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-alpha ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-amd64 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-arm ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-hppa ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-hurd-i386 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-i386 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-ia64 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-mips ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-mipsel ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-m68k ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-powerpc ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-s390 ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-sh ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/binary-sparc ... | + | |
| - | Creating /opt/dak/ftp/dists/unstable/contrib/source ... | + | |
| - | Creating /opt/dak/ftp/project/experimental ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-alpha ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-amd64 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-arm ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-hppa ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-hurd-i386 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-i386 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-ia64 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-mips ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-mipsel ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-m68k ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-powerpc ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-s390 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-sh ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/binary-sparc ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/main/source ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-alpha ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-amd64 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-arm ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-hppa ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-hurd-i386 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-i386 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-ia64 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-mips ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-mipsel ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-m68k ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-powerpc ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-s390 ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-sh ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/binary-sparc ... | + | |
| - | Creating /opt/dak/ftp/project/experimental/contrib/source ... | + | |
| - | </code> | + | |
| ==== Création de la base de données de dak ==== | ==== Création de la base de données de dak ==== | ||
| Ligne 297: | Ligne 144: | ||
| Add your YOURDAKUSERNAME to this group. | Add your YOURDAKUSERNAME to this group. | ||
| </file> | </file> | ||
| + | |||
| + | # su - deb-dak | ||
| + | $ psql projectb | ||
| + | |||
| + | <code> | ||
| + | Welcome to psql 7.4.7, the PostgreSQL interactive terminal. | ||
| + | |||
| + | Type: \copyright for distribution terms | ||
| + | \h for help with SQL commands | ||
| + | \? for help on internal slash commands | ||
| + | \g or terminate with semicolon to execute query | ||
| + | \q to quit | ||
| + | |||
| + | </code> | ||
| + | |||
| + | projectb=# CREATE GROUP ftpmaster ; | ||
| + | |||
| + | CREATE GROUP | ||
| + | |||
| + | projectb=# ALTER GROUP ftpmaster ADD USER "deb-dak" ; | ||
| + | **NB** la présence des guillemets est expliquée dans l'anomalie [[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=23945]]. | ||
| + | |||
| + | ALTER GROUP | ||
| + | |||
| + | projectb=# \q | ||
| + | |||
| + | ==== Initialisation de la base de données ==== | ||
| + | <file> | ||
| + | g. Change to your DAKDIR/katie and run /usr/share/dak/neve -a and watch | ||
| + | her creating the database. If it ends with some VACUUM and two GRANTs | ||
| + | it worked. | ||
| + | Be careful, neve DROPS your database, so don't run it if you like the | ||
| + | data that is in that database! | ||
| + | </file> | ||
| + | |||
| + | # su - deb-dak | ||
| + | $ cd /usr/share/dak ; neve -a | ||
| + | **NB :** Le //cd// est important ! | ||
| + | |||
| + | [[sortie neve -a|Résultat]]. | ||
| + | |||
| + | ==== Création des utilisateurs ==== | ||
| + | <file> | ||
| + | h. You need to get your maintainers in the database. The Debian Archive | ||
| + | uses a script (emilie) that syncs with its LDAP Server, but you | ||
| + | probably don't want to sync with Debian's LDAP. :) | ||
| + | If you have a setup with an LDAP Server, look at emilie and their | ||
| + | config options. If not, there is a script called uma which helps you | ||
| + | to do this. You basically give it a keyid with the -k parameter and | ||
| + | it will do the rest, after asking you if you like the action. | ||
| + | If you told it to create a system user for the new account it will | ||
| + | run useradd to do the stuff, for that YOURDAKUSERNAME needs sudo | ||
| + | access to useradd, with NOPASSWD set. It will also add new users to | ||
| + | the mail whitelist file, if you have that option enabled (it is per | ||
| + | default). | ||
| + | </file> | ||
| + | |||
| + | === uma et exim4 === | ||
| + | Il est nécessaire, pour que les courriels d'[[uma]] partent, d'avoir ajouté à ///etc/email-addresses// quelque chose qui ressemble à : | ||
| + | <file> | ||
| + | nobody: LEHOBEY@free.fr | ||
| + | </file> | ||
| + | |||
| + | === uma et sudo === | ||
| + | J'ajoute la ligne suivante à la configuration de sudo (///etc/sudoers//), avec //visudo// : | ||
| + | <file> | ||
| + | deb-dak ALL = NOPASSWD: /usr/sbin/useradd | ||
| + | </file> | ||
| + | |||
| + | === Initialisation du trousseau de deb-dak === | ||
| + | <file> | ||
| + | k. You should setup the keyring for katie now. Do a command similar to | ||
| + | the following, but adjust your path: | ||
| + | gpg --no-default-keyring --keyring /opt/dak/keyrings/keyring.gpg | ||
| + | </file> | ||
| + | |||
| + | Que je comprends comme s'appliquant à l'utilisateur //deb-dak//. | ||
| + | |||
| + | # su - deb-dak | ||
| + | $ gpg --no-default-keyring --keyring /opt/dak/keyrings/keyring.gpg --keyserver pgp.mit.edu --recv-keys 2B022951 | ||
| + | <code> | ||
| + | gpg: directory `/var/lib/dak/.gnupg' created | ||
| + | gpg: new configuration file `/var/lib/dak/.gnupg/gpg.conf' created | ||
| + | gpg: WARNING: options in `/var/lib/dak/.gnupg/gpg.conf' are not yet active during this run | ||
| + | gpg: keyring `/var/lib/dak/.gnupg/secring.gpg' created | ||
| + | gpg: keyring `/opt/dak/keyrings/keyring.gpg' created | ||
| + | gpg: requesting key 2B022951 from hkp server pgp.mit.edu | ||
| + | gpg: key 2B022951: duplicated user ID detected - merged | ||
| + | gpg: /var/lib/dak/.gnupg/trustdb.gpg: trustdb created | ||
| + | gpg: key 2B022951: public key "Frederic LEHOBEY <Frederic.Lehobey@free.fr>" imported | ||
| + | gpg: no ultimately trusted keys found | ||
| + | gpg: Total number processed: 1 | ||
| + | gpg: imported: 1 | ||
| + | </code> | ||
| + | |||
| + | === Création du groupe debuser === | ||
| + | Ce groupe est nécessaire au fonctionnement d'[[uma]]. | ||
| + | |||
| + | # addgroup debuser | ||
| + | <code> | ||
| + | Adding group `debuser' (1001)... | ||
| + | Fait. | ||
| + | </code> | ||
| + | |||
| + | === Un exemple de création d'utilisateur === | ||
| + | <file> | ||
| + | i. Repeat step h for every user you have. | ||
| + | </file> | ||
| + | |||
| + | # su - deb-dak | ||
| + | $ uma -k 2B022951 -u lehobey | ||
| + | Option //-u// pour choisir l'identifiant de connexion. | ||
| + | <code> | ||
| + | 0x2B022951 -> Frederic LEHOBEY <Frederic.Lehobey@free.fr> -> lehobey -> 6750B3F2BF04A269B5D7D677289EB5222B022951 | ||
| + | Add user lehobey with above data (y/N) ? y | ||
| + | Added: | ||
| + | Uid: lehobey (ID: 1) | ||
| + | Maint: Frederic LEHOBEY | ||
| + | FP: 6750B3F2BF04A269B5D7D677289EB5222B022951 | ||
| + | </code> | ||
| + | |||
| + | ==== Installation des tâches récurrentes ==== | ||
| + | <file> | ||
| + | j. Install the cronjobs you need. Start with cron.unchecked which is | ||
| + | already copied in /YOURDAKPATH/katie/cron.unchecked and asks | ||
| + | jennifer to process new uploads. The Crontab Debian uses can be found | ||
| + | in /usr/share/doc/dak/crontabs as an example. | ||
| + | </file> | ||
| + | |||
| + | Donc à partir de l'exemple dans [[/usr/share/doc/dak/crontabs/katie.crontab]] j'installe dans les tâches récurrentes de //dak-deb// par | ||
| + | $ crontab -e | ||
| + | le fichier suivant : | ||
| + | <file> | ||
| + | SHELL=/bin/sh | ||
| + | |||
| + | ## Archive maintenance | ||
| + | MAILTO=fdl | ||
| + | 2,17,32,47 * * * * sh /opt/dak/katie/cron.unchecked | ||
| + | </file> | ||
| + | |||
| + | Résumé des changements : | ||
| + | * Remplacement de %%/org/ftp.debian.org/%% par /opt/dak/. | ||
| + | * Suppression de toutes les lignes sauf [[/opt/dak/katie/cron.unchecked]]. | ||
| + | * MAILTO changé de cron@yourhost.yourdomain à fdl (qui existe sur ondine). | ||
| + | |||
| + | === Test de cron.unchecked === | ||
| + | C'est essentiellement [[jennifer]] qui est à l'oeuvre. | ||
| + | $ sh -x /opt/dak/katie/cron.unchecked | ||
| + | [[sortie cron.unchecked|Résultat]]. | ||
| + | |||
| + | ==== Une clef pour ziyi ==== | ||
| + | <file> | ||
| + | l. To let ziyi sign the Release files you need a s3kr1t key. | ||
| + | gpg --gen-key and follow the prompts. Then move it from the home of | ||
| + | YOURDAKUSERNAME to the path of "SigningKeyring" from the | ||
| + | config. Both, public and private key. Write your Keyid in the config | ||
| + | value "SigningKeyIds". Remember that the signing works automagically, | ||
| + | so a passphrase on the key doesnt help... | ||
| + | </file> | ||
| + | |||
| + | # su - deb-dak | ||
| + | $ gpg --gen-key | ||
| + | |||
| + | [[sortie gpg --gen-key|Session]]. | ||
| + | |||
| + | $ cp .gnupg/???ring.gpg /opt/dak/s3kr1t/dot-gnupg/ | ||
| + | |||
| + | Puis modification dans /opt/dak/katie/katie.conf de la ligne | ||
| + | <file> | ||
| + | SigningKeyIds "CHANGETHISONEFORziyi"; | ||
| + | </file> | ||
| + | en | ||
| + | <file> | ||
| + | SigningKeyIds "401FAEF5"; | ||
| + | </file> | ||
| + | Avec au passage un ajout : | ||
| + | <file> | ||
| + | // If defined this address gets a bcc of all mails. | ||
| + | // Bcc "archive@localhost.localdomain"; | ||
| + | Bcc "fdl@ondine"; | ||
| + | </file> | ||
| + | pour surveiller ce qui se passe. | ||
| ===== Désinstallations ===== | ===== Désinstallations ===== | ||
doc/dak/installation_de_dak_sur_ondine.1123075063.txt.gz · Dernière modification: 2005/08/03 15:24 (modification externe)
Outils de la page
