From owner-freebsd-hackers@FreeBSD.ORG Sat Nov 6 04:48:29 2010 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B13ED10656AC for ; Sat, 6 Nov 2010 04:48:29 +0000 (UTC) (envelope-from yanegomi@gmail.com) Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id 1D5D48FC13 for ; Sat, 6 Nov 2010 04:48:28 +0000 (UTC) Received: by wyb34 with SMTP id 34so1756650wyb.13 for ; Fri, 05 Nov 2010 21:48:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=6Eu/65+zmssLCNVyJ7swMsZzxitFakMItcYizzb3j1o=; b=uz0Qt0nGNOELAmgTv3CEdAAPrLFBfCL2qMRvkbEgcz9UWnCOieVD26NrE8sl5sw6hl w8zU5jq65OJCmi5bkL+n5sRqX4itoPnWylCJs/JJ5OG6DjsaQMFsZYK8RyS3BrQrux9Y 6st+bWNRoNBOq8lzi7J1ytMgU78LwatP2FtZU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=pMa9+MhhBtr3b2b3+sdbdWcKHgR1B+pDcEurpGnE5qrETDFiD79SB598h94pVOrWhe tGv1Yz4G5QL4GRirLXMr0ZPl0Kf8ITWP8Op3XkCL8FPSw6U/9+rfj+6PvfwiLV4VGpUy 8XFqOSI1m0FzJKZfkCKLWbZl/yx+SzovimM+M= MIME-Version: 1.0 Received: by 10.216.82.197 with SMTP id o47mr2944863wee.45.1289018907792; Fri, 05 Nov 2010 21:48:27 -0700 (PDT) Sender: yanegomi@gmail.com Received: by 10.216.198.27 with HTTP; Fri, 5 Nov 2010 21:48:27 -0700 (PDT) In-Reply-To: References: <201011052316.27839.jpaetzel@freebsd.org> Date: Fri, 5 Nov 2010 21:48:27 -0700 X-Google-Sender-Auth: ULlVDJavEqMEOHkWssOVXvJFDaI Message-ID: From: Garrett Cooper To: Josh Paetzel Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org Subject: Re: txt-sysinstall scrapped X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Nov 2010 04:48:29 -0000 On Fri, Nov 5, 2010 at 9:47 PM, Garrett Cooper wrote: > On Fri, Nov 5, 2010 at 9:16 PM, Josh Paetzel wrote= : >> It's been incredibly busy for us in iXsystems land, with a lot of irons = in the >> fire. >> >> One of the many things we've been working on is a new installer. =A0Seve= ral >> months ago pc-sysinstall was imported into HEAD from the PC-BSD project. >> >> pc-sysinstall is a fine tool, and very useful as the backend for doing >> scripted installs. =A0If you're using scripted sysinstall I recommend yo= u check >> it out, it's a lot easier to use and configure than sysinstall, the >> documentation is much better, and reasonable requests for functionality = can >> and will be brought in. >> >> This is all fine and good, but without a front end to generate the confi= g >> files pc-sysinstall needs it's not much use to an end user for doing ins= talls. >> We (and by we I mean the forces at iXsystems) have been working on txt- >> sysinstall, which is a front end for pc-sysinstall using curses and dial= og to >> generate a pc-sysinstall config file from user input. =A0What we've enco= untered >> is that doing disk configuration in dialog isn't possible, and we starte= d down >> the road of using curses....but we already have a curses and dialog base= d >> installer, and wouldn't it be neat if we could use the disk configuratio= n tool >> we are writing for FreeNAS, too bad it's a web app..... >> >> But if the installer just launched a web server..... >> >> Ok, wait a minute, that couldn't work...how would you configure networki= ng? >> Oh wait, that's already solved in FreeNAS, before you access the system = you >> use a console/CLI app to configure the network. =A0Ok, but people do ins= talls >> over serial ports....oh wait, you could run lynx from the console too... >> >> We quickly realized that the objections we could come up with were easil= y >> overcome, and the more we talked to people here at MeetBSD the more we >> realized it was a viable (and good) idea. =A0People quickly came up with >> improvements. >> >> This gets us the best of both worlds. =A0Want a super fancy GUI installe= r, just >> hit the box with firefox or whatever from a full desktop, want a text >> interface that's simple, need low bandwidth, running over a serial port,= use >> the embedded lynx browser. =A0Installing in a remote vm/cloud, just conf= igure >> the ip and hit it with a browser (yes, we're dreaming up ways to do it o= ver >> ssl and such) >> >> I'll do a better write-up very soon, I'm pretty tired now and have a lon= g >> weekend looming, but just wanted to get the word out. >> >> Just to give credit where credit is due, this all started with Warner Lo= sh >> saying, "Can you listen to a crazy idea I had?" =A0 It didn't take long = to >> realize that it wasn't crazy, it was a stroke of genius. >> >> Secondary props go to Philip Paeps and Kris Moore for implementation det= ails, >> Matt Olander for recognizing the benefits and approving the change in fo= cus, >> John Hixson for the priceless look on his face when he realized we were >> serious about changing (He's done the bulk of the work on txt-sysinstall= ) the >> random NetBSD user here at MeetBSD (sorry I don't know his name) who sai= d it >> was a horrible idea because it would "bloat the installer way too much" = (I'm >> still laughing at that, he was saying something about floppies too, I gu= ess >> we're locking out people using 386's or something.) and quite a few othe= r >> people who are too countless to mention but offered random advice or >> encouragement. > > =A0 =A0Just to add to that (because I do find it a novel idea), 1) how > are you going to properly prevent man in the middle attacks (SSL, TLS, > etc?), and 2) what webserver would you use? > =A0 =A0I bring up the former item because I wouldn't want my data going > unencrypted across any wire, and what BSD compatible web servers did > you guys have in store and who would maintain the server, and what > kinds of vulnerabilities would you be introducing by adding a service > which would be enabled by default at runtime? Sorry -- missed the SSL note. Other questions still outstanding :). Thanks! -Garrett