Wenn Du auch in Zukunft in einem Staat leben möchtest, der nicht dem Überwachungsstaat aus "1984" gleicht, und/oder Du möchtest, dass weiterhin jede(r) Software entwickeln und vertreiben kann, gibt es verschiedene Möglichkeiten, sich zu engagieren. wir möchten Dir diese fünf Organisationen empfehlen:
If you don't want to live in a state à la "1984" and you want that development and distribution of software should remain legal for everyone, then you have different possibilities to get into the act. We would like to recommend these five organisations:
m23 is a free software distribution system licensed under the GPL, which installs and administers clients with
m23 is controlled via webbrowser. The installation of a new m23 client is done in only three steps and the integration of existing clients is possible, too. Group functions and mass installation tools make managing a vast number of clients comfortable. Client backup and server backup are included to avoid data loss. With the integrated virtualisation software, m23 can create and manage virtual m23 clients, that run on real m23 clients or the m23 server. Scripts and software packages (for installation on the clients) can be created directly from the m23 web interface.
The entire administration is done via webbrowser and is possible from all computers having access to the m23 server via network. The installation of additional administration software is not necessary. A remote access to the m23 server via PDA or laptop is easily possible. Authentification and SSL encryption secure the communication and prevent undesirable access.
Installing a client with m23 is rather simple. Only three steps are required for a completely installed client.
First, you need to enter some values for the client. These are, for example, the network settings (IP, networkmask, etc.), user name and password or the name of an LDAP server that manages your user accounts.
All clients can be partitioned and formatted individually. The resulting partitions can be used for the installation of the operating system, the creation of software RAIDs, for data storage or as swap space. The installation will start after the selection of the operating system.
You can install additional software packages in the last (optional) step.
Existing Debian-based systems (Debian, Ubuntu, Kubuntu, Xubuntu) can be assimilated into the m23 system easily and are then administered like a normal client that was installed with m23. Only the specification of the client's name, its IP or hostname and the root password are required. The client, which is to be integrated, is then scanned and its hardware information and the status of installed packages are transmitted to the m23 server.
You will like the convenient group functions if you have a big amount of clients that need to install new software or if other routine jobs need to be done. E.g. a new software package can be installed on all clients or be removed from all clients of a group. In addition, an update or a client recovery can be accomplished on all group members.
The mass installation tools are handy, if you need to install a big amount of clients with similar requirements (and maybe different hardware). The mass installation is done in three steps.
A model client, that holds the basic settings (such as the default gateway or the group name), is defined (but not installed). The real clients are to be derived from this defined client. The defined client gets a partitioning and formatting for its virtual harddrive (as well as rules what to do if the real harddrives are differing in size or type), the operation system and appropriate software packages.
Now you have to choose which of the settings, that can or have to be different on each client, shall be kept (e.g. user name), generated automatically (e.g. client name) or read from a file or entered by hand (e.g. MAC address). The partitioning of the virtual harddisk will be adjusted on client deployment.
In this last step you see all the parameters and values of all clients in a table and you can change the values by hand. It is possible to change the number of clients, too. Automatically generated client parameters will be calculated in the required amount or existing clients will be removed.
m23 supports Debian, Ubuntu, Kubuntu, Xubuntu, Fedora, Linux Mint, elementary OS, CentOS and openSUSE. The choice of the Linux distribution is a matter of taste and a question of the functional range. m23 gives the administrator the chance to choose the right distribution for each client individually which can be installed automatically. m23 allows to manages all clients via the same m23 administration interface, no matter which distribution is installed.
In addition to the automatic partitioning and formatting, m23 supports individual harddrive setups. The resulting partitions can be used for the operating system, to store data and for swapping. The m23 interface includes all necessary functions for deleting, adding and formatting of partitions and for assigning them to mountpoints, installation or swap usage. In addition, it is possible to reuse the existing partition layout for the installation.
Partitions or entire harddrives can be combined into software RAIDs. m23 supports the RAID levels 0, 1, 4, 5, 6 and 10. These RAID levels have advantages and disadvantages in relation to speed increase and data reliability. RAIDs can be used like normal partitions to install operating systems to or to use them as swap or storage space. You can install the Linux kernel and its modules on a separate (non-RAID) partition to be able to install an operating system on all possible RAID levels.
User accounts can be managed with a central LDAP server. This increases the ease of use in environments with many clients and a lot of users. The OpenLDAP server is shipped with the m23 server and can be administered via the highly integrated phpLDAPadmin. m23 can use existing LDAP entries for new m23 clients or add extra entries on adding an m23 client.
An NFS server for storing the user's home directories is a good supplement to an existing LDAP server. Using an NFS server simplifies the making of backups dramatically in contrast to a lot of clients storing the home directories on local harddrives. As a benefit of this combination the user has the alternative to log in into any client and find her or his own desktop and files.
Thousands of software packages like office packages, graphic tools, server applications or games can be installed via the webinterface. Software installation or removal jobs are carried out at boot time or while the client is in normal use.
The Linux distributions that are installable with m23 offer a large variety of free software, which can be installed easily. In addition to the package sources recommended by m23 other package sources can be added to install software from other suppliers.
You can check if the removal or installation of software will be sucessful before the actual process. The administration interface gives a warning message, e.g. if a package can not be installed due to unsolved dependencies.
Software packages are downloaded from the internet to keep them up-to-date. The packages are then cached to ensure that every package is downloaded only once. If a certain package is installed a second time, the package will be installed from the cache. In case that a new version of the package exists, the latest package will first be downloaded and stored in the cache. On your m23 server this job is done by the proxy cache Squid.
The pool builder makes it possible to combine software packages from different media (CD, DVD, internet) on the m23 server and convert them to a package source. These package sources can be used to install clients. This can be done without an internet connection or if the internet connection is rather slow. It is possible, too, to add selfmade packages to the pool.
The m23 clients can be installed as workstation with the graphical user interfaces KDE, Gnome, XFce, LXDE and pure X11 or as a server without graphical subsystem. In most server setups, the server doesn't need a user interface because most of the server software runs in text mode. If you choose the Ubuntu distribution you can also install Unity, for Linux Mint Mate or Cinnamon and for Kubuntu "Kubuntu desktop" (KDE based), and for elementary OS, there is the Pantheon desktop.
An image file of a partition or entire harddisk can be used to install other clients. These image files are taken from installed clients with all their software packages and settings. The creation of these image files is included in the m23 administration interface for your comfort. Image files can be compressed to save storage space and bandwidth on rollout. An image file can be used to install any number of clients. After the end of the transfer, the client will be adjusted like a client that was installed from software packages. This is done on Debian, Ubuntu, Kubuntu and Xubuntu clients. These "image clients" can be managed like "normal clients" with m23, this includes software installation and other administrative tasks.
Personal data and additional settings can be backupped and restored with the integrated software BackupPC. This is necessary for all personal data which is not handled by m23.
A client can be reinstalled with excactly the same software selection and configuration as it was installed with m23 before. This is done with the recovery feature directly from the m23 interface. The recovery includes the complete installation with partitioning and formatting. All settings done with m23 will be restored. Manual changes need a recovery from a backup medium.
The m23 rescue system is a minimal Linux environment that can be booted on the clients via the network. You can use it for on-location maintenance or via an SSH console. The administrator has full access to the client and can do all administrative work. Additional tools (e.g. the client log) support the administrator with his/her fault analysis.
The free virtualisation solution VirtualBox OSE is now (optional) part of m23 and can be installed directly on the m23 server as well as on the managed m23 clients. Required for virtualisation is a current Debian system (Debian Lenny or Squeeze). Virtual m23 clients which act on the network just like normal m23 clients are managed via the m23 server as usual. These virtual clients can be partitioned and formatted like a normal PC and of course the operating system and additional software can be installed as well.
VirtualBox OSE packages are available for 32 and 64 bit machines, that can be installed directly via the m23 web interface on the m23 clients. These m23 clients are virtualisation hosts for virtual m23 clients after the installation. Virtualisation may be useful to use the existing ressources of your computers better (e.g. office PCs that usually wait for user input most of the time or on a web server).
You can check the usage of harddisk and memory on the virtualisation host in the "VM creation dialog" before you create a new virtual m23 client. So you can take care not to assign too much harddisk space or memory to the VM. The newly created VM runs through the usual 3-step-setup after the creation is done.
Virtual m23 clients can run in graphical mode or without visible output. A modified VNC server was integrated for the graphical output to replace the VRDP feature of the non-free VirtualBox edition. It can be used to access the virtual clients from the boot on and allows to engage if problems occur. The VNC session contains the VirtualBox window with the running virtual m23 client and is based on the lightweight window manager flwm. An analog clock, a terminal and a button to shut down the session together with the VirtualBox machine are visible too.
The m23 interface and the entire m23 system can be improved with extra functions.
The MDK (m23 Development Kit) is a powerful environment to adjust m23 to your needs. E.g. you can create your own m23 server installation CD or build new network boot images with new modules.
Using the m23 extension halfSister, the ambitious administrator can easily make his or her favourite Linux distribution installable with m23, like it was already done with CentOS, openSUSE and Fedora.
m23 differentiates between servers and clients. An m23 server is used for software deployment and the management of the clients. Computers which are administered by the m23 server are the clients.
The client is booted over the network during the installation of the operating system. It is possible to start the client with a bootrom on its network card, with a boot disk or with a boot CD. The client's hardware is detected and set up. The gathered hardware and partition information is sent to the m23 server. Afterwards, this information is shown in the m23 administration interface. Now the administrator has to choose how to partition and format the client. Other settings include e.g. the distribution to be installed on the client.
The server backup function stores the m23 server with all its data at given points in time. The backups contain all information necessary to restore the whole m23 server functionality. Multiple points in time can be selected for this purpose. GPG encrypted backup files can be transferred to external servers automatically.
A GPG key management was integrated into the m23 webinterface, too. After a data fault the restore script will first install an "empty" m23 server and use the backup to bring it into a previously saved state. A short guide showing the restoring steps can be printed out directly from the m23 web interface (and should be before an emergency occurs!).
A variable firewall makes sure that only safe values will be handed to the database. This should prevent SQL injection attacs.
The IP management allows you to connect network settings to a MAC address, so that the necessary values are sent to the respective device via DHCP. Aside from this direct assignment, IP ranges can be defined, within which the IPs can be assigned dynamically (e.g. to notebooks). Specific settings (e.g. client name, MAC address) or specific IP ranges can now be blocked, so m23 cannot wrongly use these for m23 clients.
You are allowed to use this text entirely, partly or in a modified form (e.g. for a press article or for product description in CD shops).
This text is licensed under the Creative Commons Attribution 2.0 License.
And of course we would be very happy, if we got a copy of your article or a URL where to find it ;-)
From this version on, m23 supports the installation of clients with Linux Mint 18 Sarah. As usual, there are a couple of desktop environments included. The new functionality for comparing the package status allows for a quick overview of packages installed on clients. Of course, this release also includes a couple of changes and other improvements.
For your m23 clients with Linux Mint 18, you will have the choice among these four preconfigured graphical desktop environments: KDE, Mate, Cinnamon and Xfce. The new release contains a set of new or updated programs. The full range of functionality of m23 is now available for Linux Mint 18, too.
Fortunately, the adaptations needed for adding the new Linux Mint release were rather small, which is why this m23 version is available rather shortly after the release of the previous version. Contrary to Linux Mint 17.x (where there were issues with the configuration), the VirtualBox guest additions are now installed and configured automatically, when a client with Linux Mint 18 is running inside VirtualBox. The KDE version of Linux Mint now uses the login dialog provided by SDDM.
In the new dialog "compare package status", which was requested by a client, you can now compare the packages of two client systems.
The comparison takes package names, version numbers and the packages' installation status into account. This allows you to see if packages have a history on both clients, and if their version number and installation status match. Differences are highlighted by color in the resulting table. The functionality can not only compare two clients directly, but can also make use of files that contain the package status of a client. Thus, it's possible to compare between two clients, two package status files, or a client and a package status file. The package status file can be created in the client control center.
The Editing functions of the m23 API have been extended by a function to comment out all lines that contain a specific key word. From this version on, the m23 package, when installed or updated, will execute the script
/m23/bin/postinstHook.sh, if the file is available. This feature is especially useful when used together with m23customPatch, to make sure that your changes will be available after an update of your m23 server.
Upon installing a new client, two new tests now check if the base system archive was downloaded and unpacked to the client successfully. If this isn't the case, the client will not proceed with the installation and instead will commuicate a critical status to the m23 server.
New help texts now mention a script that will remove the m23-specific configurations (e.g. package proxy in APT) from a former client system after removal of the client. The source code that generates an error message about another DHCP server in the network, which is displayed in the m23 web interface, is now enclosed in a deletable m23customPatch region, so you can remove the message in your m23 environment, if needed.
During Integration of existant, Debian-based systems, the release name of the distro will now be detected more reliably and will be sent to the m23 server. If no GPG key is selected, a warning will be shown on pages that (optionally) use the key, telling you that, without a key, signature and encryption functionalities will not not available.
The latest version is available as an update via the m23 interface, via APT (Note: package source server for packages specific to m23 is now "deb http://m23inst.goos-habermann.de ./", configure as is described in the installation guide.), as ISO file to create an m23 server installation medium, as preinstalled virtual machine or as image file for RaspberryPi (the latter three are available in the download section).
Some m23 servers seem to be unable to install or update m23 from the package repository on the SourceForge mirrors currently. The error is shows as "Hash Sum mismatch" during
apt-get update. A new repository was created to solve the problem.
Edit the /etc/apt/sources.list on your m23 server, if you get this error too. Delete all lines containing
sourceforge.net. Add a new line with
deb http://m23inst.goos-habermann.de ./ at the end of the file.
Update the package index via
apt-get update. For an update use the command
apt-get dist-upgrade. For installation of m23 use
apt-get install m23.
The latest version of m23 comes with a new option to sign local package sources (including GPG key management), new configuration settings for an m23 server that is using a proxy and a new command line tool that allows users to modify the m23 source code in predefined locations. This release also includes a bunch of smaller changes and fixes.
To enable the installation of m23 clients using a fixed set of packages, or to allow for a setup without internet connection, it has already been possible to set up local package sources on the m23 server for a long time. What's new is that these can now be signed, to protect them from being tampered with. The m23 interface now provides a dialog for managing your GPG keys and an option to add a signature in the package source architect and the package architect dialogs. The public key of the GPG key that was used for the signature will be imported to the m23 clients to allow them to verify the package authenticity.
In the case of running an m23 server behind a proxy server, it was previously necessary to change the settings in different places in order to allow the m23 server to work as usual. Now there is a quick an easy option to configure a proxy server system-wide, and to activate / deactivate using it, available in the m23 interface. The proxy settings from this dialog will be used for all apt and wget calls, for accessing the internet from the m23 api and for the squid proxy that caches client packages.
With the m23customPatch tool, users can modify the m23 source code in predefined places. The modifiable code regions are marked as being deletable / modifiable. With the help of a corresponding m23customPatch file, it is, for example, now possible to exchange the logo in the m23 web interface.
During the installation of the client base system, the package apt-transport-https will now be included, to enable access to package sources using HTTPS. A new option for client recovery allows to merge multiple identical client jobs into one. Client groups can now have a description associated with them. The m23 api was extended by functions for writing and reading the key-value database for client parameters. The modular m23 command line tool can now also be used to create, delete or list admin accounts for the m23 web interface. Instead of a (possibly insecure) DSA SSH key, the m23 server will now create an 8k RSA SSH key when it is being installed.
Upon integration of an existing client, m23 no longer waits for the download of a non-existant base system archive to finish. The function HELPER_xargsRecursive, which is, for example, used to split package lists, now takes all elements into account. For packages that are being downloaded into a local package source, the file names will now be adapted, so they only contain valid characters. The bash code that writes m23fetchjob works correctly now and ASSI_prepareClient no longer calls a non-existant function.
The latest version is available as an update via the m23 interface, via APT (Note: the package sources server for packages specific to m23 is now"heanet.dl.sourceforge.net", setup as described in the installation guide), as ISO file for the creation of a bootable medium, as preinstalled virtual machine or as image file for RaspberryPi (the latter three can be found in the download section).
The SourceForge mirrors, that store the Debian packages for the m23 server and the m23 clients, seem to use transparent HTTPs redirects since a few day. APT struggles on this behaviour as long as the package "apt-transport-https" is not installed.
The m23 update (patch level 100899) adjusts the scripts for the client installation. Please install the update via APT (
apt-get update; apt-get dist-upgrade). Install the package "apt-transport-https" via
apt-get install apt-transport-https before the update, if you run into an error.