1. 22 Dec, 2015 4 commits
  2. 07 Dec, 2015 1 commit
  3. 02 Dec, 2015 2 commits
    • Nikos Skalkotos's avatar
      Use check_yes_no on all boolean img properties · 718828a0
      Nikos Skalkotos authored
      image properties.
    • Nikos Skalkotos's avatar
      Merge branch 'feature-windows-legacy' into develop · 3be9e215
      Nikos Skalkotos authored
      The main goal of this patch set is to add support for Windows XP/Server
      2003 Images.  In the process, it also adds:
       * The ability for a simple debug shell under KVM, so a developer or the
         administrator can access the helper VM directly for simpler debugging,
       * Robust helper shutdown and mounting/un-mounting of NTFS, fixing the
         remote possibility of data loss.
  4. 01 Dec, 2015 1 commit
  5. 30 Nov, 2015 1 commit
  6. 27 Nov, 2015 1 commit
  7. 26 Nov, 2015 3 commits
  8. 19 Nov, 2015 2 commits
  9. 18 Nov, 2015 2 commits
  10. 17 Nov, 2015 1 commit
  11. 16 Nov, 2015 3 commits
  12. 12 Nov, 2015 1 commit
  13. 06 Oct, 2015 1 commit
  14. 29 Sep, 2015 1 commit
  15. 28 Sep, 2015 1 commit
    • Nikos Skalkotos's avatar
      Add check_yes_no() to test boolean img properties · 52572781
      Nikos Skalkotos authored
      Use check_yes_no() to test if a boolean property is set.
      Although the documentation states that to set a boolean image property
      you need to assign the "yes" value to it, this function will accept
      "yes", "true", 1, "on" and "set" in a case-insensitive way and reject
      "no", "false", 0, "off" and "unset".
      An empty or not-set variable is treated as false.
      An unknown value will raise a warning but will be accepted. This is done
      to protect the users because prior to this commit, in some cases we only
      tested if an image property had a non-empty value.
      This resolves #80
  16. 24 Jun, 2015 7 commits
    • Vangelis Koukis's avatar
      Make disabling and enabling RDP more robust · 37773398
      Vangelis Koukis authored
      Enhance the DisableRemoteDesktopConnections task,
      so disabling and re-enabling RDP is more robust,
      and respects Image-specific policy.
      Previously, snf-image would disable RDP unconditionally
      inside DisableRemoteDesktopConnections and assume there would be
      an appropriate <RunSynchronousCommand> entry in unattend.xml
      so SYSPREP would enable RDP unconditionally during the specialize
      pass of the Windows Setup.
      This has two main problems:
         * It assumes a specific answer file, with snf-image specific content.
           However, the answer file is Image-specific policy, and ideally
           snf-image should not make any assumption on its contents.
         * It enables RDP unconditionally, even though it may have been
           disabled inside a specific Image by the Administrator, on purpose,
           thus introducing a potential security risk.
      To solve this problem, make DisableRemoteDesktopConnections
         * Note whether RDP was initially disabled or not,
         * Disable it unconditionally via a direct edit of the Registry,
           so no incoming RDP connections are allowed while SYSPREP is running,
         * Insert a command to set it to its original state when Setup is
           complete, without depending on the contents of unattend.xml
           or other answer file.
    • Vangelis Koukis's avatar
      Add support for Windows XP / Server 2003 Images · 3bcb05ab
      Vangelis Koukis authored
      Introduce support for Windows XP / Server 2003 Images.
      To do this:
          * Extend common.sh and 40InstallUnattend so they can also detect
            Windows XP / Server 2003 SYSPREP.INF answer files.
          * Extend 50AssignHostname so it can set the hostname inside
            SYSPREP.INF, based on a small handle-ini-file.py utility.
          * Remove the seemingly unnecessary addition of /LOGONPASSWORDCHG:NO,
            which is unsupported under XP / Server 2003. More on this below.
          * Warn the user about Windows XP / Server 2003 not supporting
            online NTFS resize, and the need to use OFFLINE_NTFSRESIZE
      Regarding the use of /LOGONPASSWORDCHG:NO while using NET USER
      to change a user password:
          * This argument is unsupported under Windows XP / Server 2003,
            see http://blog.johnmuellerbooks.com/2011/04/12/working-with-net-user/
          * Its default value is "NO" anyway, so it shouldn't make a
            difference whether it is explicitly specified in the command line
            or not:
          * Even if the security policies of a specific Image were set up
            in such way that users *were* required to change their passwords
            immediately upon their first logon, it is not snf-image's job
            to modify this behavior by specifying /LOGONPASSWORDCHG:NO.
            The password policy is Image-specific, and snf-image shouldn't
            mess with it.
    • Vangelis Koukis's avatar
      Move DisableRemoteDesktopConnections to prio 41 · 83cd6ea0
      Vangelis Koukis authored
      Move DisableRemoteDesktopConnections from priority 40
      to priority 41, ensuring it runs after 40InstalUnattend.in.
      This makes the dependency between the installed answer file and
      the DisableRemoteDesktopConnections task explicit:
      The task assumes that RDP connections will be re-enabled via
      an appropriate <RunSynchronousCommand> entry in the answer file,
      which must already exist.
      Making the dependency explicit, allows making the process more robust
      in the future: The DisableRemoteDesktopConnections task should not
      blindly assume that a potentially Image-specific unattend.xml file
      contains the specific <RunSynchronousCommand> entry it requires,
      but may insert it explicitly, since the answer file is bound to have
      been detected or installed via the the previously executed
      40InstallUnattend task.
    • Vangelis Koukis's avatar
      Introduce support for offline NTFS resize · 88406207
      Vangelis Koukis authored
      snf-image already supports online resizing of NTFS; it creates
      an appopriate DISKPART script inside the target NTFS and assumes
      it will be called by SYSPREP via a pre-existing <RunSynchronousCommand>
      entry in the unattend.xml answer file. This is generally the safest
      option, since it uses native Windows code, but has two drawbacks:
      a) It is only supported by Windows Vista and later,
      b) It is possible the Image will fail before SYSPREP has a chance
      to run the DISKPART script, because it does not have enough free space.
      Extend snf-image to also support offline resize of NTFS via ntfsresize,
      before the Image is booted. This works with all Windows versions and
      ensures the Image is resized to the right size even before booting.
      To be on the safe side, offline NTFS resize is not the default:
      The user must set the OFFLINE_NTFSRESIZE property explicitly.
      Running ntfsresize leaves the filesystem dirty, i.e., a CHKDSK is
      performed during the next boot. The user may set the
      OFFLINE_NTFSRESIZE_NOCHECK property to skip this.
    • Vangelis Koukis's avatar
      Make mounting NTFS more robust · 8a9f78eb
      Vangelis Koukis authored
      Use lowntfs-3g with appropriate options when mounting NTFS-based Images:
          * ensure path lookup is case-insensitive,
          * prevent the creation of files with names which are not allowed
            under Windows,
          * complain loudly if the filesystem is dirty or needs recovery.
      Mounting the filesystem in a case-insensitive way can simplify task code
      significantly; there is no reason to perform case-insensitive lookups
      explicitly ("Unattend.xml" vs. "unattend.xml"). It also ensures
      attempting to inject "filea" in the image will overwrite "fileA", if it
      already exists, as it would under Windows, instead of leading to a
      situation where both "fileA" and "filea" exist, causing all sorts of
      problems later on.
      Finally, complain loudly when attempting to mount an NTFS marked dirty
      (requiring a disk check on next boot), or with an unclean journal.
      NTFS-3G code seems to wipe the NTFS journal instead of replaying it, and
      may lead to data corruption. Images should not contain dirty
      "Actually the journal is simply wiped out. This is to prevent the
      journal to be applied at next mounting on Windows to data which may have
      been changed in the meantime.", and
      "So far, nobody has been able to understand how the journal is
      organized, so there is no real recovery in ntfs-3g, just wiping the
      "recover: Recover and try to mount a partition which was not unmounted
      properly by Windows. The Windows logfile is cleared, which may cause
      inconsistencies. Currently this is the default option."
      In the future, it would be best to reject the Image outright,
      instead of continuing.
    • Vangelis Koukis's avatar
      Make umounting NTFS and shutting down more robust · 66bb79c4
      Vangelis Koukis authored
      Umounting filesystems mounted via NTFS-3G is not synchronous.
      It is possible that NTFS-3g mount processes remain, and continue
      writing to the underlying block device, even after umount has completed
      successfully. To solve this, wait explicitly for all NTFS-3G mount
      processes to terminate, before continuing.
      Similarly, there is no guarantee that all of the cached data have
      been flushed to disk when shutting down the system abruptly using
      the 'o' sysrq key to shut off the system immediately.
      To solve this, run "sync" explicitly before shutting system off,
      assuming no other process is currently writing to the disk (see above).
      The combination of these two issues could lead to data loss.
    • Vangelis Koukis's avatar
      Implement HELPER_DEBUG mode for KVM · ac60d8f8
      Vangelis Koukis authored
      Implement HELPER_DEBUG mode. When enabled, the helper VM will drop to a
      root shell whenever a task fails. This allows the administrator or a
      developer to examine its internal state for debugging purposes.
      Also add missing CONTRIBUTORS files.
  17. 29 Apr, 2015 2 commits
  18. 13 Mar, 2015 5 commits
  19. 04 Mar, 2015 1 commit