distro=$(distro-name)
case $distro in
ubuntu|debian|trisquel)
- sudo bash -c ". /a/bin/fai/fai-wrapper && /a/bin/fai/fai/config/scripts/GRUB_PC/11-iank"
+ sudo bash -c ". /a/bin/fai/fai-wrapper && /a/bin/fai/fai/config/scripts/IANK/11-iank"
;;
*)
sudo bash -c ". /a/bin/fai/fai-wrapper &&
sudo sed -i --follow-symlinks 's/^ *hosts:.*/hosts: files dns myhostname/' $f
fi
case $HOSTNAME in
- bk)
+ bk|je)
+ # je should be able to get along systemd-resolved, but ive had some odd
+ # very intermittent dns failures with spamassassin, it seems it might only
+ # be happening with systemd-resolved, so just use unbound
+ # to make it consistent with the other hosts.
sudo sed -i --follow-symlinks 's/^ *hosts:.*/hosts: files dns myhostname/' /etc/nsswitch.conf
soff systemd-resolved
sudo ln -sf 127.0.0.1-resolv/stub-resolv.conf /etc/resolv.conf
sgo unbound
- sgo named
- # cautious measure to make sure bind is up
+ # cautious measure to make sure resolution is working
sleep 1
;;
*)
;;
esac
+case $HOSTNAME in
+ bk)
+ sgo named
+ ;;
+esac
+
+
+lines=(
+ "/etc/resolved-nsswitch/nsswitch.conf r,"
+ "/etc/basic-nsswitch/nsswitch.conf r,"
+ # Aug 06 23:09:11 kd audit[3995]: AVC apparmor="DENIED" operation="connect" profile="/usr/bin/freshclam" name="/run/systemd/resolve/io.systemd.Resolve" pid=3995 comm="freshclam" requested_mask="wr" denied_mask="wr" fsuid=109 ouid=101
+ # I dont know if this is quite the right fix, but I saw other sockets
+ # in the nameservice files that were rw, so figured it was ok to add this and it worked.
+ "/run/systemd/resolve/io.systemd.Resolve rw,"
+)
f=/etc/apparmor.d/abstractions/nameservice
-if [[ -e $f ]] && ! grep -q /etc/resolved-nsswitch/nsswitch.conf $f; then
- sudo sed -i '/\/etc\/nsswitch.conf/a /etc/resolved-nsswitch/nsswitch.conf r,' $f
- sudo sed -i '/\/etc\/nsswitch.conf/a /etc/basic-nsswitch/nsswitch.conf r,' $f
- if sytemctl is-enabled apparmor; then
+apparmor_reload=false
+if [[ -e $f ]]; then
+ for l in "${lines[@]}"; do
+ if ! grep -qF "$l" $f; then
+ sudo sed -i "/\/nsswitch.conf/a $l" $f
+ apparmor_reload=true
+ if ! grep -qF "$l" $f; then
+ echo "$0: failed editing $f. investigate"
+ exit 1
+ fi
+ fi
+ done
+ if $apparmor_reload && systemctl is-enabled apparmor; then
m ser reload apparmor
fi
fi
sudo sed -ri "/^127\./n;/[[:space:]]$HOSTNAME\$/d" /etc/hosts
fi
+if isdeb && [[ $(debian-codename) == nabia ]]; then
+ sudo dd of=/etc/apt/preferences.d/aramo-jammy-missing <<'EOF'
+Package: linux-libc-dev libmysqlclient21
+Pin: release n=jammy,o=Ubuntu
+Pin-Priority: 500
+EOF
+fi
+
# libfdk just has some patent worries.
# https://www.gnu.org/licenses/license-list.en.html#fdk
if isdeb && [[ $(debian-codename) == nabia ]]; then
######## fix evbug bug ######
case $(debian-codename-compat) in
- xenial|bionic|focal)
+ xenial|bionic|focal|jammy)
# noticed in flidas. dunno if it affects any others
#https://bugs.launchpad.net/ubuntu/+source/module-init-tools/+bug/240553
#https://wiki.debian.org/KernelModuleBlacklisting
/dev/mapper/crypt_dev_ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V-part7 /d btrfs nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,compress=zstd,subvol=d 0 0
EOF
if ! mountpoint /d &>/dev/null; then
- sudo mkdir /d
+ sudo mkdir -p /d
if [[ -d /mnt/r7/d ]]; then
sudo mount /d
fi
else
if $recompile; then
/a/bin/buildscripts/emacs
+ /a/bin/buildscripts/mu4e
else
/a/bin/buildscripts/emacs --no-r
+ /a/bin/buildscripts/mu4e --no-r
fi
fi
# the first pup command can kill off our /etc/ mod, so rerun this
iankelling.org / git / distro-setup / blobdiff