Hi Dominik, thanks for testing the bullseye release. [ Dominik George, 2021-09-07 ] > I am having very difficult times migrating a Debian Edu 10 > installation to Debian Edu 11. Until now, I could not get the LTSP > netboot image to work (running into issues with mounting the homes, or > with missing binaries, all of which I am sorting out one after the > other). Yes, much has changed. Please take a look at the /sbin/debian-edu-ltsp-install script: https://salsa.debian.org/debian-edu/debian-edu-config/-/blob/master/sbin/debian-edu-ltsp-install All Debian Edu specific LTSP configuration is kept in this script by intention to be able to modify it to match site specific needs. > But one major problem I found is that the new system of building the > image from the main server's root filesystem is prone to building > images that contain far too much – reaching from dhcpd to freeradius > and other services that should not be in the image, to a full copy of > the LDAP data directory, Kerberos database keys, the GOSa secret, and > everything else that should by all means not be shipped to random > netboot clients over the network. Most probably forgotten to exclude. There's a list of excludes (/etc/ltsp/image-local.excludes) prepended by a FIXME. > I installed a fresh Debian Edu 11 combined server in a test > environment and can reproduce that issue, meaning that in my opinion, > Debian Edu 11 **must not be used with LTSP in a production > environment** without taking very much care to mitigate this issue. ATM I don't have a test environment. Feel free to fix the script after testing with an extended exclude list for the main server. That said, it would be best (for setups managed by professionals) to use separate LTSP servers anyway - like recommended in the manual: https://wiki.debian.org/DebianEdu/Documentation/Bullseye/Architecture#Services_running_on_the_main_server Wolfgang
Attachment:
signature.asc
Description: PGP signature