-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Honor (don't ignore) /etc/kolibri/username when installing Kolibri — putting an end to 2 contradictory KOLIBRI_USER settings #117
Conversation
BACKGROUND / CONTEXT: /etc/kolibri/README puts repeated and very strong emphasis on file While @benjaoming did most of that writing more than 4 years ago of course, I can only assume it's still largely on target. To that end, let's all hope that this still-very-useful (though at this point error-prone and stale!) top-level e.g. Another small error in /etc/kolibri/README is the command it spells out to determine KOLIBRI_HOME ("this command will print it") doesn't work in most cases — with installs like Internet-in-a-Box that take security seriously — as KOLIBRI_USER has no real / runnable shell in /etc/passwd : |
@@ -346,15 +346,21 @@ kolibri_debconf_set_defaults() | |||
db_fset kolibri/pre-010-upgrade-system-user seen true | |||
fi | |||
|
|||
if [ "$USER_SEEN" == "false" ] | |||
if [ -s /etc/kolibri/username ] # Test that file exists with non-zero size |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can simplify this change quite a lot by adding the test to the list of tests in line 341 AFAICT
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I saw that earlier, yes.
But I chose to keep the change more localized & more legible.
i.e. to make clear this PR is basically a 2-line change wrapped in an if statement.
(@jredrejo is of course free to move things around as he sees fit!)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Despite I agree with @benjaoming comment, I'm approving this because the functionality is correct and I prefer not to delay it anymore
I too agree with @benjaoming ✅ (PR change was kept distinct/localized to illustrate the core idea...) |
Thanks for all the lovely mentions ❤️ I want to mention back that I do miss having time to work on this ❤️ |
This PR fixes the worst of several problems described on Sept 9, 2022 here:
Thanks @jredrejo @benjaoming @radinamatic for reviewing when you have time.
Recap: This fixes the serious problem of Kolibri's Debian/Ubuntu (apt / .deb) installer ignoring
/etc/kolibri/username
Which results in Kolibri's 2 permanently contradictory settings (i.e. 2 contradictory values) for KOLIBRI_USER — i.e. in these 2 places:
Not pretty! So a month or so later, typically the first time a school apt upgrades, Kolibri's new Debian package erroneously tries to force the school (and all https://internet-in-a-box.org schools, if they are online and run
apt update
etc) to try to change KOLIBRI_USER:Why does this happen every single time a school first upgrades Kolibri? One can only assume that Ansible (Linux automation, that arranges all Internet-in-a-Box installs) runs something like:
So what happens is that Kolibri's Ubuntu/Debian package (1) Encodes the very misleading (erroneous, desktop-like) KOLIBRI_USER into /var/cache/debconf/config.dat (2) Effectively deferring its 3-to-5 debconf screens asking for things like KOLIBRI_USER until 1 or 2 months later, into the hands of the wrong person, after everything's installed in a school (3) Leading to serious confusion + conflicting KOLIBRI_USER settings down the road, that nobody wants 😖
CONCLUSION: This simple PR eliminates the conflicting settings, and at least brings us a lot closer to what the doc portrays at https://kolibri.readthedocs.io/en/latest/install/ubuntu-debian.html#id2 — pasted in here:
STRETCH GOAL FOR LATER: Eliminating all screens during
apt upgrade
would be far-and-away better for most schools, who are simply trying to upgrade Kolibri, and do not want to change any settings, or read long-winded technical screens 🥲 (as we all strive to help schools focus on learning, not unnecessary low-level administration!)IN SHORT, Internet-in-a-Box can easily force far cleaner behavior during Kolibri upgrades (i.e. what schools prefer) with a hacky script like the following: (but we'd rather work with Kolibri to solve the problem properly, thoughtfully and in due course, helping everyone)