Closed holta closed 1 year ago
BACKGROUND / CONTEXT: /etc/kolibri/README puts repeated and very strong emphasis on file /etc/kolibri/username
which seems very positive. ✅
While @benjaoming did most of that writing more than 4 years ago of course, I can only assume it's still largely on target.
To that end, let's all hope that this still-very-useful (though at this point error-prone and stale!) top-level /etc/kolibri
doc can be refined now in 2023, to fix its broken link and other small/diversionary errors 🏗️
e.g. Another small error in /etc/kolibri/README is the command it spells out to determine KOLIBRI_HOME ("this command will print it") doesn't work in most cases — with installs like Internet-in-a-Box that take security seriously — as KOLIBRI_USER has no real / runnable shell in /etc/passwd :
I too agree with @benjaoming ✅
(PR change was kept distinct/localized to illustrate the core idea...)
Thanks for all the lovely mentions :heart: I want to mention back that I do miss having time to work on this :heart:
This PR fixes the worst of several problems described on Sept 9, 2022 here:
115
Thanks @jredrejo @benjaoming @radinamatic for reviewing when you have time.
Recap: This fixes the serious problem of Kolibri's Debian/Ubuntu (apt / .deb) installer ignoring
/etc/kolibri/username
Which results in Kolibri's 2 permanently contradictory settings (i.e. 2 contradictory values) for KOLIBRI_USER — i.e. in these 2 places:
Not pretty! So a month or so later, typically the first time a school apt upgrades, Kolibri's new Debian package erroneously tries to force the school (and all https://internet-in-a-box.org schools, if they are online and run
apt update
etc) to try to change KOLIBRI_USER:Why does this happen every single time a school first upgrades Kolibri? One can only assume that Ansible (Linux automation, that arranges all Internet-in-a-Box installs) runs something like:
So what happens is that Kolibri's Ubuntu/Debian package (1) Encodes the very misleading (erroneous, desktop-like) KOLIBRI_USER into /var/cache/debconf/config.dat (2) Effectively deferring its 3-to-5 debconf screens asking for things like KOLIBRI_USER until 1 or 2 months later, into the hands of the wrong person, after everything's installed in a school (3) Leading to serious confusion + conflicting KOLIBRI_USER settings down the road, that nobody wants 😖
CONCLUSION: This simple PR eliminates the conflicting settings, and at least brings us a lot closer to what the doc portrays at https://kolibri.readthedocs.io/en/latest/install/ubuntu-debian.html#id2 — pasted in here:
STRETCH GOAL FOR LATER: Eliminating all screens during
apt upgrade
would be far-and-away better for most schools, who are simply trying to upgrade Kolibri, and do not want to change any settings, or read long-winded technical screens 🥲 (as we all strive to help schools focus on learning, not unnecessary low-level administration!)IN SHORT, Internet-in-a-Box can easily force far cleaner behavior during Kolibri upgrades (i.e. what schools prefer) with a hacky script like the following: (but we'd rather work with Kolibri to solve the problem properly, thoughtfully and in due course, helping everyone)