Let me start by saying what I want to do. I'd like to fully automate, in an unattended way, the building of QEMU/KVM VM images using virt-install. I know that some folks use the GUI tool to do this, or they edit a pre-existing image's XML description, but I want to start from scratch.
I've Googled around and examples of doing this are hard to find. What I have found is that virt-install is the command to use, and that it can be used interactively with a TTY console attached (you manually answer configuration questions during the install). For a fully automated solution, you can specify a kickstart file (typically preseed.cfg) to provide answers to questions that you'd normally enter manually. The kickstart file can also specify additional software to install, disk and network configuration, etc.).
I think I've got this mostly working except that the installation hangs shortly after install begins. I think it has something to do with the need (or not) to have a console attached to the install. Here is the virt-install command I am using:
virt-install --connect qemu:///system \
--name vm --ram 128 \
--disk path=./vm.qcow2,size=8,format=qcow2 \
--location 'http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/' \
--network user,model=virtio \
--initrd-inject preseed.cfg \
--extra-args="console=tty0 console=ttyS0,115200"
This is the preseed.cfg file (which I cribbed from many examples on the web and in the Ubuntu documentation):
### Localization
# Locale sets language and country.
d-i debian-installer/locale string en_US
# Keyboard selection.
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/modelcode string pc105
d-i keyboard-configuration/variantcode string
### Network configuration
# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto
# Any hostname and domain names assigned from dhcp take precedence over
# values set here. However, setting the values still prevents the questions
# from being shown, even if values come from dhcp.
d-i netcfg/get_hostname string vm
d-i netcfg/get_domain string foobar.net
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
### Mirror settings
d-i mirror/country string manual
d-i mirror/http/hostname string us.archive.ubuntu.com
d-i mirror/http/directory string /ubuntu
d-i mirror/http/proxy string
### Partitioning
# Encrypt your home directory?
d-i user-setup/encrypt-home boolean false
# Alternatively, you can specify a disk to partition. The device name
# can be given in either devfs or traditional non-devfs format.
d-i partman-auto/disk string /dev/vda
# In addition, you'll need to specify the method to use.
# The presently available methods are: "regular", "lvm" and "crypto"
d-i partman-auto/method string regular
# You can choose from any of the predefined partitioning recipes.
d-i partman-auto/choose_recipe select atomic
# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods above.
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
### Clock and time zone setup
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
# You may set this to any valid setting for $TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string UTC
### Account setup
# Skip creation of a root account (normal user account will be able to
# use sudo).
d-i passwd/root-login boolean false
# To create a normal user account.
d-i passwd/user-fullname string VMuser
d-i passwd/username string vmuser
# Normal user's password, either in clear text
# or encrypted using an MD5 hash.
d-i passwd/user-password-crypted password CRACKMECRACKM
# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true
### Package selection
d-i tasksel/first multiselect standard
# Individual additional packages to install
d-i pkgsel/include string openssh-server
### Finishing up the first stage install
# Avoid that last message about the install being complete.
d-i finish-install/reboot_in_progress note
# How do you want to manage upgrades on this system?
d-i pkgsel/update-policy select none
After all that, when I execute the virt-install command I see:
WARNING Unable to connect to graphical console: virt-viewer not installed. Please install the 'virt-viewer' package.
WARNING No console to launch for the guest, defaulting to --wait -1
Starting install...
Retrieving file linux...
Retrieving file initrd.gz...
Allocating 'virtinst-linux.rCdX0h'
Transferring virtinst-linux.rCdX0h
Allocating 'virtinst-initrd.gz.BbRBMv'
Transferring virtinst-initrd.gz.BbRBMv
Creating domain...
Domain installation still in progress. Waiting for installation to complete.
and it just hangs. If I ^Z into the background and start virsh I see the vm in a running state.
I think I'm close, but need to fix it so that:
Install shows complete and virt-install returns to shell.
The new VM is shutdown and I'm left with the image file ready to go.
I think #2 can be accomplished in the preseed.cfg file with some kind of cleanup instructions (still researching this), but any help of fixing #1 would be greatly appreciated.
To have virt-install use a Kickstart file to initialize an operating system, you need to pass the ks= argument to the kernel by specifying it via the --extra-args parameter:
--initrd-inject preseed.cfg \
--extra-args="ks=file:/preseed.cfg console=tty0 console=ttyS0,115200"
The above example injects a local Kickstart file onto the guest operating system, to be used for automated installation.
You can also specify ks via HTTP:
--extra-args="ks=http://192.168.1.1/preseed.cfg"
or FTP:
--extra-args="ks=ftp://192.168.1.1/preseed.cfg"
or NFS:
--extra-args="ks=nfs:192.168.1.1:/preseed.cfg"
Related
My company has tasked me with installing clamAV on a large amount of machines running RHEL6, none of which have internet access. I know freshclam.conf can be edited to point to a local mirror of the virus database, in this section of the file:
# This option allows you to easily point freshclam to private mirrors.
# If PrivateMirror is set, freshclam does not attempt to use DNS
# to determine whether its databases are out-of-date, instead it will
# use the If-Modified-Since request or directly check the headers of the
# remote database files. For each database, freshclam first attempts
# to download the CLD file. If that fails, it tries to download the
# CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo
# and ScriptedUpdates. It can be used multiple times to provide
# fall-back mirrors.
# Default: disabled
#PrivateMirror mirror1.mynetwork.com
#PrivateMirror mirror2.mynetwork.com
The company has sonatype-nexus repositories available, with which we can push the database files to at an interval of our choosing once I have access. I know I can get a link to said repository once it has been created. Do I just paste that link where mirror1.mynetwork.com currently is in its entirety, or are there additions I have to make? I'm losing my mind trying to find this simple answer and not being able to find any examples, as I have zero experience with any of this.
I'm trying to install Jboss Operations Network server and have issues during the step where installer tries to connect to local Jboss server. Hence, I'm constantly getting this info message:
INFO [org.rhq.server.control.command.Install] Still waiting for server to start...
Exact defect in redhat hub is described here
Thing is, I believe my properties file is correctly set up and certainly both jboss.bind.address and jboss.bind.address.management are set. Tried 0.0.0.0 and 127.0.0.1 bindings, also tried to not set it at all, however then the installation wouldn't start at all - rhs-server.properties validation error with reason null.
According to server.log the server itself did start correctly. Although strangely enough password doesn't work when logging in to management console, but that's other issue.
#################### RHQ Server Configuration Properties ####################
#############################################################################
# Database Settings
# -----------------
# INSTALLATION ACTION REQUIRED!
# All properties must be explicitly set for the desired database vendor.
#
# These should point to the database that your RHQ Server will use as
# its backend RDBMS storage.
# If you are using Oracle:
# - comment out the Postgres settings
# - uncomment the Oracle settings below
# - adjust the values to match your environment
#
# NOTE: rhq.server.database.password is not to be set to the actual password
# but instead should be the encoded password value as generated by:
# rhq-encode-value.sh(.bat)
#############################################################################
# PostgreSQL database
# rhq.server.database.connection-url=jdbc:postgresql://127.0.0.1:5432/rhq
# rhq.server.database.user-name=rhqadmin
# rhq.server.database.password=1eeb2f255e832171df8592078de921bc
# rhq.server.database.type-mapping=PostgreSQL
# rhq.server.database.server-name=127.0.0.1
# rhq.server.database.port=5432
# rhq.server.database.db-name=rhq
# hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
# rhq.server.quartz.driverDelegateClass=org.quartz.impl.jdbcjobstore.PostgreSQLDelegate
# Oracle database
rhq.server.database.connection-url=jdbc:oracle:thin:#localhost:1521:jon
rhq.server.database.user-name=rhqadmin
rhq.server.database.password=1eeb2f255e832171df8592078de921bc
rhq.server.database.type-mapping=Oracle10g
hibernate.dialect=org.hibernate.dialect.Oracle10gDialect
rhq.server.quartz.driverDelegateClass=org.quartz.impl.jdbcjobstore.oracle.OracleDelegate
#############################################################################
# Server Settings
# ---------------
# UPGRADE ACTION REQUIRED! The following property must be explicitly set:
# rhq.server.high-availability.name
#
# These are miscellaneous settings that the server will use to customize itself
# to the environment in which it is running. These are settings you usually
# want to change or at least be aware of.
#############################################################################
# Defines what this server's name is to be known as to the RHQ system.
# It doesn't necessarily have to be an IP address or hostname, but it can be.
# If left blank, the RHQ Server will pick a name for itself based on the
# hostname it is running on.
# NOTE! If you are upgrading an existing server, this must be the same name
# as the server being upgraded.
rhq.server.high-availability.name=localhost
# Email settings used to connect to an SMTP server to send alert emails.
rhq.server.email.smtp-host=localhost
rhq.server.email.smtp-port=25
rhq.server.email.from-address=xxxxx#yyyyy.no
#############################################################################
# Host and Port Bindings
# ----------------------
# INSTALLATION ACTION REQUIRED! The following property must be explicitly set:
# jboss.bind.address
#
# These define the ports the RHQ Server will bind to. Most of the time
# you can leave these alone. You can change these default values to
# conform to your own environment's requirements, such as the IP address
# the RHQ Server will bind to (jboss.bind.address) and the ports
# browsers will use to access the RHQ web application
# (rhq.server.socket.binding.port.http, rhq.server.socket.binding.port.https)
# If you change the binding address, you might also want to change
# "rhq.autoinstall.public-endpoint-address" as well.
#############################################################################
# The bind address for the RHQ server (jboss server). To bind the server on
# all network interfaces set to 0.0.0.0, otherwise a specific IP address.
# jboss.bind.address=0.0.0.0
jboss.bind.address=0.0.0.0
# By default only local management connections
jboss.bind.address.management=0.0.0.0
jboss.socket.binding.port-offset=0
jboss.management.native.port=6999
jboss.management.http.port=6990
jboss.management.https.port=6443
rhq.server.socket.binding.port.ajp=7009
rhq.server.socket.binding.port.http=7080
rhq.server.socket.binding.port.https=7443
rhq.server.socket.binding.port.jacorb=2528
rhq.server.socket.binding.port.jacorb-ssl=2529
rhq.server.socket.binding.port.messaging=4449
rhq.server.socket.binding.port.messaging-throughput=4455
rhq.server.socket.binding.port.osgi-http=7090
rhq.server.socket.binding.port.remoting=3447
rhq.server.socket.binding.port.txn-recovery-environment=3712
rhq.server.socket.binding.port.txn-status-manager=3713
#############################################################################
# Installer Settings
# ------------------
# INSTALLATION ACTION REQUIRED! Review the default settings:
#
# These enable the installer when starting for the first time. To do so,
# first ensure all values in this properties file are appropriately set
# for your environment. Once you are sure all values are as you want them,
# set rhq.autoinstall.enabled=true and run the server then run the installer.
#
# rhq.autoinstall.enabled
# This must be true to trigger the automatic install.
# rhq.autoinstall.database
# Allowed values: auto, overwrite, skip:
# auto : create a new schema if one does not exist, otherwise
# upgrade the existing schema as needed (keep existing data).
# overwrite: create a new schema even if one exists (lose existing data).
# skip : leave existing database as is. WARNING! You must ensure your
# database schema already exists and is up to date.
# rhq.autoinstall.public-endpoint-address
# The public IP/hostname that all agents will use to talk to this server.
# If not set, a value to use is determined at auto-install time.
# rhq.autoinstall.public-endpoint-port
# rhq.autoinstall.public-endpoint-secure-port
# The public ports that all agents will use to talk to this server.
# If not set, values to use will be determined at auto-install time.
# You can normally leave these empty unless you have a special setup
# where the server's bind ports are exposed differently to remote
# clients (e.g. within a Docker container).
# rhq.autoinstall.server.admin.password
# The password for the built-in "rhqadmin" superuser. If not set the
# password will be prompted for by the "rhqctl install" command.
#
# NOTE: rhq.autoinstall.server.admin.password is not to be set to the
# actual password but instead should be the encoded password value
# as generated by: rhq-encode-value.sh(.bat)
#############################################################################
rhq.autoinstall.enabled=true
rhq.autoinstall.database=auto
#rhq.autoinstall.public-endpoint-address=
#rhq.autoinstall.public-endpoint-port=
#rhq.autoinstall.public-endpoint-secure-port=
rhq.autoinstall.server.admin.password=1eeb2f255e832171df8592078de921bc
#############################################################################
# Advanced Settings
# -----------------
# The settings below can usually be left as-is. These are advanced settings
# and should only be changed if you know what you are doing.
#############################################################################
# Enable debug messages from RHQ code
rhq.server.log-level=INFO
# Set this to true to have the server reject agent requests upon startup.
rhq.server.maintenance-mode-at-startup=false
# RHQ Server's remote endpoint for agents to talk to
# bind-address and bind-port are derived from the HA server definition,
# if you set the address/port here, they will override the HA server
# definition found in the database
rhq.communications.connector.transport=servlet
rhq.communications.connector.bind-address=
rhq.communications.connector.bind-port=
rhq.communications.connector.transport-params=/jboss-remoting-servlet-invoker/ServerInvokerServlet
# Multicast detector configuration for auto-discovery
rhq.communications.multicast-detector.enabled=false
rhq.communications.multicast-detector.bind-address=
rhq.communications.multicast-detector.multicast-address=224.16.16.16
rhq.communications.multicast-detector.port=16162
# Server-side SSL Security Configuration for HTTPS thru Tomcat
# These are used for browser https access and
# for incoming messages from agents over sslservlet transport.
# [Due to issue https://issues.jboss.org/browse/WFLY-1177, you cannot change
# rhq.server.tomcat.security.keystore.file or rhq.server.tomcat.security.truststore.file
# after you install RHQ. If you need to change those again, you must manually do so in standalone-full.xml.]
# Note that security algorithm settings are commented out - the defaults will be determined at runtime
# based on the JVM the server is running in (for IBM JVMs, the algorithm will default to "IbmX509",
# for all other JVMs, the algorithm will default to "SunX509"). If you need a specific algorithm value,
# you may hardcode it here in this file by uncommenting the lines and setting the values explicitly.
rhq.server.tomcat.security.client-auth-mode=false
rhq.server.tomcat.security.secure-socket-protocol=TLS
#rhq.server.tomcat.security.algorithm=SunX509
rhq.server.tomcat.security.keystore.alias=RHQ
rhq.server.tomcat.security.keystore.file=${jboss.server.config.dir}/rhq.keystore
rhq.server.tomcat.security.keystore.password=RESTRICTED::5fb458952ebdaa86aa0b4e8d3eac5d13
rhq.server.tomcat.security.keystore.type=JKS
rhq.server.tomcat.security.truststore.file=${jboss.server.config.dir}/rhq.truststore
rhq.server.tomcat.security.truststore.password=RESTRICTED::5fb458952ebdaa86aa0b4e8d3eac5d13
rhq.server.tomcat.security.truststore.type=JKS
# Server-side SSL Security Configuration (for incoming messages from agents)
# These are used when secure transports other than sslservlet are used
rhq.communications.connector.security.secure-socket-protocol=TLS
rhq.communications.connector.security.keystore.file=${jboss.server.config.dir}/rhq.keystore
#rhq.communications.connector.security.keystore.algorithm=SunX509
rhq.communications.connector.security.keystore.type=JKS
rhq.communications.connector.security.keystore.password=RESTRICTED::5fb458952ebdaa86aa0b4e8d3eac5d13
rhq.communications.connector.security.keystore.key-password=RESTRICTED::5fb458952ebdaa86aa0b4e8d3eac5d13
rhq.communications.connector.security.keystore.alias=RHQ
rhq.communications.connector.security.truststore.file=${jboss.server.config.dir}/rhq.truststore
#rhq.communications.connector.security.truststore.algorithm=SunX509
rhq.communications.connector.security.truststore.type=JKS
rhq.communications.connector.security.truststore.password=RESTRICTED::5fb458952ebdaa86aa0b4e8d3eac5d13
rhq.communications.connector.security.client-auth-mode=none
# Client-side SSL Security Configuration (for outgoing messages to agents)
rhq.server.client.security.secure-socket-protocol=TLS
rhq.server.client.security.keystore.file=${jboss.server.config.dir}/rhq.keystore
#rhq.server.client.security.keystore.algorithm=SunX509
rhq.server.client.security.keystore.type=JKS
rhq.server.client.security.keystore.password=RESTRICTED::5fb458952ebdaa86aa0b4e8d3eac5d13
rhq.server.client.security.keystore.key-password=RESTRICTED::5fb458952ebdaa86aa0b4e8d3eac5d13
rhq.server.client.security.keystore.alias=RHQ
rhq.server.client.security.truststore.file=${jboss.server.config.dir}/rhq.truststore
#rhq.server.client.security.truststore.algorithm=SunX509
rhq.server.client.security.truststore.type=JKS
rhq.server.client.security.truststore.password=RESTRICTED::5fb458952ebdaa86aa0b4e8d3eac5d13
rhq.server.client.security.server-auth-mode-enabled=false
# Operations/controls timeout
# Defines the default timeout for all operations (specified in seconds)
rhq.server.operation-timeout=600
# Additional Quartz settings
rhq.server.quartz.selectWithLockSQL=SELECT * FROM {0}LOCKS ROWLOCK WHERE LOCK_NAME = ? FOR UPDATE
rhq.server.quartz.lockHandlerClass=org.quartz.impl.jdbcjobstore.StdRowLockSemaphore
# Concurrency limits for incoming UI and agent messages
rhq.server.startup.web.max-connections=200
rhq.server.agent-downloads-limit=45
rhq.server.client-downloads-limit=5
rhq.communications.global-concurrency-limit=30
rhq.server.concurrency-limit.inventory-report=5
rhq.server.concurrency-limit.availability-report=25
rhq.server.concurrency-limit.inventory-sync=10
rhq.server.concurrency-limit.content-report=5
rhq.server.concurrency-limit.content-download=5
rhq.server.concurrency-limit.measurement-report=10
rhq.server.concurrency-limit.measurement-schedule-request=10
rhq.server.concurrency-limit.configuration-update=10
# Content Local Filesystem Repository
rhq.server.content.filesystem=${jboss.server.data.dir}/packagebits
# The frequency (in millis) the server checks for updated plugins
rhq.server.plugin-scan-period-ms=300000
# When this is enabled, the server at start up will compare its endpoint
# address to the host name/address found on the host machine. If they differ,
# the server endpoint address will be updated to the value found on the host
# machine. This is targeted for use in cloud deployments where IP addresses
# change frequently, but it can be of use in other deployment settings where
# you have to deal with IP address changes.
rhq.sync.endpoint-address=false
# When this is enabled, the server will request that agents send content for
# for binary files that are being monitored for drift. The content for those
# files will then be persisted on the server. By default, the server does not
# persist content for well known binary file types like .ear, .war, .zip, .so,
# etc. The server does however persist content for text files or any other
# files that are not known binary types.
#rhq.server.drift.store-binary-content=false
# The installer will create a default EAP management user named 'rhqadmin'.
# The password is generated and obfuscated and specified here. This should
# not be edited.
rhq.server.management.password=-7f3686bb1fda3ac207a6df87216de44
#############################################################################
# Storage cluster configuration settings
#
# IMPORTANT NOTE:
# - Storage Node properties will be stored in the database
# after the initial install. The server will use database stored
# properties during operation and after restarts.
# - Additional servers in an HA topology will use database stored Storage
# Node properties. So properties set in this configuration file will be
# overriden on install with the database values.
#############################################################################
# The username RHQ will use to authenticate against the Storage Cluster.
# The value is generated and should not be edited.
rhq.storage.username=qfwrfyor
# The password RHQ will use to authenticate against the Storage Cluster.
# The value is generated and obfuscated and should not be edited.
rhq.storage.password=6565d48c5be26f74df8592078de921bc
# A comma-delimited list of storage nodes. Each Storage node uses this list as
# contact points to find other nodes in the cluster and learn the ring
# topology. The RHQ server(s) use this list to connect to the cluster;
# therefore, this property MUST BE SET in order for RHQ to talk to the Storage.
# Cluster. The of an entry is as follows:
#
# hostname1,hostname2
#
# Note that this is actually an installer setting. Changing the value after
# installation will have no effect.
rhq.storage.nodes=MT3JZ0D5J
# The ports used by storage nodes to communicate with each other
# and used by the RHQ server(s) to communicate with the cluster.
# Both properties are required.
#
rhq.storage.cql-port=9142
rhq.storage.gossip-port=7100
#############################################################################
# Storage client settings
#
# The following are advanced settings the client (i.e., driver) that
# communicates with the storage cluster
#############################################################################
# The request limit will automatically change by this amount when there is a
# topology change event. The change will be persisted to this file. Topology
# change events include nodes being added/removed and nodes going up/down.
# Defaults 30,000 if undefined.. If specified the value is parsed as a double.
rhq.storage.request.limit.topology-delta=30000
# When a request times out, the request limit as specified by
# rhq.storage.request.limit will be decreased. The change will be persisted to
# this file. The value is parsed as a double and should be expressed as a
# percentage (i.e., a value between 0 and 1). For example, a value of 0.3 means
# that on a request timeout, the the request limit will decrease by 30%.
# Defaults to 0.2 if undefined.
rhq.storage.request.limit.timeout-delta=0.2
# If a request timeout occurs, there is a good possibility that it could be
# followed by successive timeouts due to read/write patterns. This property
# specifies a dampening period such that the request throughput will only be
# decreased once for all timeouts that occur during said period. Defaults to
# 30 seconds if undefined. The value is specified in milliseconds and is parsed
# as a long.
rhq.storage.request.limit.timeout-dampening=30000
# Sets the maximum throttling. In other words, the request limit will not
# decrease lower than this value. Defaults to 5,000 if undefined. The value is
# parsed as a double.
rhq.storage.request.limit.min=5000
##############################################################################
# Metrics aggregation settings
#
# Note that if you commit the RHQ Server into inventory, these settings can be
# managed through the resource configuration of the Measurement Subsystem.
# Changes made through the Measurement Subsystem resource are applied
# dynamically at runtime whereas directly editing these properties requires a
# a server restart for changes to take effect.
##############################################################################
# Specifies the number of schedules for which data will be fetched per thread.
# A higher value can improve aggregation performance at the cost of greater
# memory utilization.
rhq.metrics.aggregation.batch-size=5
# Specifies the number of batches that can be processed in parallel. A higher
# value can improve aggregation performance at the cost of greater memory
# utilization.
rhq.metrics.aggregation.parallelism=3
# The number of threads to use during aggregation. It defaults to
# ceiling(5, num_cores).
rhq.metrics.aggregation.workers=4
# A limit, specified in days, on the age of raw data that is ingested. If raw
# data has a timestamp that is more than limit days old, then it is not stored.
# This prevents raw data that is for example a year old from being stored.
rhq.metrics.data.age-limit=3
This defect was solved in v3.3 update 9. Installing most recent update from here should solve the problem.
According to the subject, I only found out the right .c file to set persist flag in "adb shell reboot"( system/core/reboot/reboot.c), but I can't find it in "adb reboot". What the difference between the two reboot commands??
The flags governing the initial behavior of adbd are "ro" and therefore cannot be altered on a running system, but rather only by re-generating the boot image.
The relevant section of the source code for should_drop_privileges() has an explanatory comment.
// The properties that affect `adb root` and `adb unroot` are ro.secure and
// ro.debuggable. In this context the names don't make the expected behavior
// particularly obvious.
//
// ro.debuggable:
// Allowed to become root, but not necessarily the default. Set to 1 on
// eng and userdebug builds.
//
// ro.secure:
// Drop privileges by default. Set to 1 on userdebug and user builds.
Typically your goal would be accomplished by using an eng rather than userdebug build or else by customizing these settings to different values than the default for your chosen build flavor.
eng
defaults to root
adbd runs by default
does not require adb keys
ro.debuggable=1, ro.secure=0
userdebug
allows adb-root
adbd runs by default
does not require adb keys
ro.debuggable=1, ro.secure=1
user
does not allow adb-root
adbd off by default until enabled in Settings
requires adb keys
ro.debuggable=0, ro.secure=1
Realistically it may be easiest to just execute the adb root each time you need to use it. In a script you might follow it by a sleep of a second or two or better yet poll for the device to start responding again. Ultimately try to work the things you need to do as root into the original configuration of the built system such that you can end up with a user flavor build (adb root unsupported) in production, unless your goal is to make a device for experimentors rather than turnkey users.
It seems like a very easy question but I couldn't find, what the default for services in SystemD for LimitNOFILE is.
Is there a file with global defaults?
#/etc/security/limits.conf
#This file sets the resource limits for the users logged in via PAM.
#It does not affect resource limits of the system services.
#if your program startup via systemctl
#config /etc/systemd/system.conf
DefaultLimitNOFILE=
systemd imposes no such limit by default. however pam_limits generally does, configuration file is /etc/security/limits.conf
The default config is in /etc/systemd/system.conf, and the default value is DefaultLimitNOFILE=1024:524288.
how to get the latest version of code from the MKS repository ??
using MKS commands
To get last version of a project from mks repository, first you should create a sandbox and then you can resync the sandbox with server.
To create a sandbox use the command si createsandbox
si createsandbox --project=%mks_Project% -R -Y %sandboxLocation%
this command will create a sandbox of project from normal line. If you work on devpath then you should add --devpath=%projectDevpath% on the command
To resync a sandbox use the command si resync --sandbox=%sandboxName%. e.g. si resync --sandbox="D:/sandbox/project1/project.pj"
Please be sure you replace all fields between % this the proper value. Depending of your server configuration, the command cand be diferent.
sI createsanbox help
Usage: si createsandbox options... directory; options are:
--lineTerminator=[lf|crlf|native|cr] Line terminator to use in this sandbox
--[no]populate Populate sandbox with members
-R Recurse into subsandboxes creation
--[no|confirm]recurse Recurse into subsandboxes creation
--scope=attribute:name[=value]
memberrevlabellike:<expression>
anyrevlabellike:<expression>
name:<expression>
path:<expression>
type:text|binary
any
--[no]shared Allow sandbox to be shared
--[no]sparse Create sparse sandbox
--[no]openView Activate sandbox view after completing the command
--devpath=value The development path (to refer variant projects)
--[no]failOnAmbiguousProject Whether to abort when multiple projects correspond to a flat project string.
-P value The name of the target project
--project=value The name of the target project
--projectRevision=value The project revision (to refer build projects)
--[no]awaitServer If server does not respond, keep trying
-? Shows the usage for a command
--[no]batch Control batch mode (no user interaction in batch mode)
--cwd=value Act as if command executed in specified directory
-F value Read the selection from a specified file
--forceConfirm=[yes|no] Specify an answer to all confirmation questions
-g User interaction should happen via the GUI
--gui User interaction should happen via the GUI
--hostname=value Hostname of server
-N Responds to all confirmations with "no"
--no Responds to all confirmations with "no"
--password=value Credentials (e.g., password) to login with
--port=value TCP/IP port number of server
--quiet Control status display
--selectionFile=value Read the selection from a specified file
--settingsUI=[gui|default] Control UI for command options
--status=[none|gui|default] Control status display
--usage Shows the usage for a command
--user=value Username to login to server with
-Y Responds to all confirmations with "yes"
--yes Responds to all confirmations with "yes"
si resync help
Usage: si resync options... current or former member/subproject...; options are:
--[no]byCP Operate in change package mode
--[no]confirm In change package mode, proceed without a question
--[no]confirmPopulateSparse Confirm populate of a sparse sandbox
--[no|confirm]downgradeOnLockConflict Whether to downgrade my existing exclusive lock to a non exclusive lock if an exclusive lock already exists on the member revision
--[no]includeDropped Include former members
--[no|confirm]merge Perform merges if required
--mergeType=[confirm|cancel|automatic|manual] Try to automatically perform the merge or launch the conflict resolution tool
--onMergeConflict=[confirm|cancel|mark|launchtool|highlight|error] What to do when conflicts occurred during the merge
--[no|confirm]overwriteIfPending Force overwrite of working files which correspond to pending revisions or pending members.
--[no]populate Populate the sandbox with working files
--[no|un]expand Whether keywords should be expanded in working files
-f Force overwrite of changed working files
--[no|confirm]overwriteChanged Force overwrite of changed working files
--[no|confirm]overwriteDeferred Force overwrite of working files with deferred operations pending
--[no]overwriteUnchanged Force overwrite of unchanged working files
--[no|confirm]removeOutOfScope Force removal of out of scope working files
--[no]restoreTimestamp Set the timestamp on the working file to the revision's timestamp
--filter=attribute:name[=value]
changed[:working|:sync|:newer|:size|:missing|:newmem|:all]
file:<expression>
frozen
label[:name]
locked[:name]
locktype[:exclusive|:nonexclusive|:any]
state[:name]
format[:text|:binary]
workingbranch
anylabel[:name]
deferred[:add|:addfromarchive|:checkin|:drop|:import|:move|:rename|:updaterevision|:all]
unresolvedmerges
memberonbranch
pending[:add|:addfromarchive|:drop|:import|:movememberfrom|:movememberto|:renamefrom|:renameto|:update|:updaterevision|:all]
workinprogress
sparsecontents
rule[:defined|:invalid|:memberrevdiffers]
archiveshared
caseinsensitivefile:<expression>
outofscope
-R Select recursively
--[no|confirm]recurse Select recursively
--[no]failOnAmbiguousProject Whether to abort when multiple projects correspond to a flat project string.
-S value The name of the sandbox
--sandbox=value The name of the sandbox
--[no]awaitServer If server does not respond, keep trying
-? Shows the usage for a command
--[no]batch Control batch mode (no user interaction in batch mode)
--cwd=value Act as if command executed in specified directory
-F value Read the selection from a specified file
--forceConfirm=[yes|no] Specify an answer to all confirmation questions
-g User interaction should happen via the GUI
--gui User interaction should happen via the GUI
--hostname=value Hostname of server
-N Responds to all confirmations with "no"
--no Responds to all confirmations with "no"
--password=value Credentials (e.g., password) to login with
--port=value TCP/IP port number of server
--quiet Control status display
--selectionFile=value Read the selection from a specified file
--settingsUI=[gui|default] Control UI for command options
--status=[none|gui|default] Control status display
--usage Shows the usage for a command
--user=value Username to login to server with
-Y Responds to all confirmations with "yes"
--yes Responds to all confirmations with "yes"
The best way shall be to check-out the head revision with/out lock.