Announcement

Collapse
No announcement yet.

Webboot Is Becoming Quite Useful For Quickly/Easily Booting ISOs From The Web

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Markore
    replied
    Opensolaris and later illumos and it's distros, had WanBoot almost 15 years ago (don't quote me on timetable ).
    And it were removed form illumos in order to maintain less code etc. (alo don't quote me for reasons), yet times come when that forward-thinking function comes handy for the wider audience.
    Just saying how much time it took.

    Leave a comment:


  • oiaohm
    replied
    Originally posted by skeevy420 View Post
    That's from 10.1. Every single one, including all the 9.X and 10.X releases from the past 2 years, has that same message with the version and codename changed.
    Originally posted by skeevy420 View Post
    IIRC that was a problem with one of their 7.x or 8.x releases...
    Problems happened in the 2.x, 4.x,5.x, 7.x and 8.x where there were point releases where you had to update because there was what debian called a new version. 1.x, 3.x,6.x did not. 9.x and 10.x are so far looking good but we are not to final point release yet so there is still time for them to screw up. Its horrible 50/50 if you get through a complete cycle of point releases with Debian without a breaking one.

    I have been around debian long enough to see all those versions.

    Originally posted by skeevy420 View Post
    I know that bugs and security fixes occur and that "keep on using the old iso and update" isn't necessarily the best advise to give or receive...but it is the advice that they give on their release notes. Like I said, if you don't like it then take it up with Debian and their release notes because I'm just repeating them.
    Debian wording could be better. "the point release" is referring to the current point releases. You will see in case of break age something like "this point release is a new version of Debian X"

    Like I want to know if there is a new point release and if I need to read release notes/download page to make sure I not getting caught by a true new version that has done something security critical.

    Leave a comment:


  • skeevy420
    replied
    Originally posted by oiaohm View Post

    Mark did not cover the fact you from time to time get the critical point releases with debian stable isos. Thinking I have used debain since it 1995 I have been. I have been around long enough to know the idea of never having to update a Debian install disc on a point release is not in fact always true and should not be presumed as true until you have read the download page/release notes. So you do need to know if you are installing a old point release if possible so you can look at the point release notes and check is this a update with a major change to the package management that is important to security or not.
    Well it currently says that you don't need to. And while Mark didn't go into it, you did. I assumed that you'd assume that I read what you wrote and was replying to it with that reply.

    What you did not get is what on the Debian page changes from "you don't need to update the installer on this point release" to "you need to update the installer on this point release because something critical to security changed in the package management system of the installer." So you need to know about a new point release so you can go check and see if it one you need to update or if you can use the old installer disc no problem. Long term debian user I have seen this change a few times sometimes the result requires you need manually download packages so you could update old systems that had not be updated regulary.

    There is so much allowed transition time from .0 to .1 to .2.... in the stable releases. Like we are on .7 now of stable .8 could be a security fix and the change breaks support for .4 and before stable if that happened it will be in the release notes. If this is happened and you could attempting to use a .4 or before point release installer the result can be that you cannot connect the mirror servers because you are being rejected. These things don't happen often. Big thing is you were reading the download page and presuming this stuff does not happen. The trap here is that it does happen just rarely its safer to presume new point release you need to check the release notes in case something like this has happened..
    Look, all the release notes on their main page all have the same message of:

    Please note that the point release does not constitute a new version of Debian 10 but only updates some of the packages included. There is no need to throw away old buster media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.
    That's from 10.1. Every single one, including all the 9.X and 10.X releases from the past 2 years, has that same message with the version and codename changed.

    FWIW I'm not disagreeing with you or saying that doesn't happen. IIRC that was a problem with one of their 7.x or 8.x releases... I know that bugs and security fixes occur and that "keep on using the old iso and update" isn't necessarily the best advise to give or receive...but it is the advice that they give on their release notes. Like I said, if you don't like it then take it up with Debian and their release notes because I'm just repeating them.

    Leave a comment:


  • oiaohm
    replied
    Originally posted by skeevy420 View Post
    I think my reply to Mark covers the rest of this.
    Mark did not cover the fact you from time to time get the critical point releases with debian stable isos. Thinking I have used debain since it 1995 I have been. I have been around long enough to know the idea of never having to update a Debian install disc on a point release is not in fact always true and should not be presumed as true until you have read the download page/release notes. So you do need to know if you are installing a old point release if possible so you can look at the point release notes and check is this a update with a major change to the package management that is important to security or not.

    Originally posted by skeevy420 View Post
    I'm just repeating what they have on their download page.
    What you did not get is what on the Debian page changes from "you don't need to update the installer on this point release" to "you need to update the installer on this point release because something critical to security changed in the package management system of the installer." So you need to know about a new point release so you can go check and see if it one you need to update or if you can use the old installer disc no problem. Long term debian user I have seen this change a few times sometimes the result requires you need manually download packages so you could update old systems that had not be updated regulary.

    There is so much allowed transition time from .0 to .1 to .2.... in the stable releases. Like we are on .7 now of stable .8 could be a security fix and the change breaks support for .4 and before stable if that happened it will be in the release notes. If this is happened and you could attempting to use a .4 or before point release installer the result can be that you cannot connect the mirror servers because you are being rejected. These things don't happen often. Big thing is you were reading the download page and presuming this stuff does not happen. The trap here is that it does happen just rarely its safer to presume new point release you need to check the release notes in case something like this has happened..

    Leave a comment:


  • skeevy420
    replied
    Originally posted by Mark Rose View Post

    That doesn't work if you need hardware enablement updates.
    Agreed...but if you're talking about the Debian ISOs then you should bring that up with them. I'm just repeating what they have on their download page.

    Originally posted by oiaohm View Post

    Does not work out that way that you can use replication. There are times you need clean installs. Replicate it to the host machine does have fragments of old hardware configurations to clean up.
    Sarcastically -- Sounds like your install script needs a few more cleanup commands added. But I get where you're coming from. Sometimes I forget that installs aren't always as straightforward or as scriptable as pacstrap /mnt list_of_packages_needed with a few cp's afterward for configs.

    I think my reply to Mark covers the rest of this.

    There are CVE fixeds in debian installers from time to time. If you have used debian for long enough you have seen point releases where its new install media. Yes other times they will be telling you its not required. Its been awhile one of the past ones was the broken openssl that could have resulted in debian installer downloading and installing invalid packages. So it is important to know if there is a new point release to what you have so you can check the point release notes if you should update.

    Also newer hardware does need newer versions due to needing more updated kernels as well.

    Leave a comment:


  • geearf
    replied
    Isn't that some form of security issue to boot an os from a random webpage, or do they somehow limit what sites can serve those?

    Leave a comment:


  • Zgembo
    replied
    Debian net-boot

    Leave a comment:


  • polarathene
    replied
    Originally posted by Paradigm Shifter View Post
    PXE boot and/or TFTP was what I was thinking when I read about this. Seems a bit like IPMI as well (but without the extra hardware)?
    Yeah, so this just adds fetching of recent versions of the OS instead of manually updating the URLs yourself (or files if you manage your own TFTP server I guess), and extends support for wifi devices. Some devices only support PXE without iPXE by default, so you need to boot an image that can do iPXE and chain boot. I did this for an embedded x86 system that had no display output or input to install the OS (there was serial output IIRC), it needed wifi drivers compiled into the debian ISO though (something Ventoy has a plugin to simplify by modifying the ISO mounted contents instead without any overwriting on the actual ISO).

    Leave a comment:


  • Paradigm Shifter
    replied
    Originally posted by polarathene View Post
    You kind of get that with TFTP and iPXE, minus the browser in already running environment. You can type the URI and boot from that, or with something like Ventoy, you just download the ISO and add it to the partition it uses for data and it gets listed as a boot option instead of having to use dd, etcher or whatever to flash the ISO to the external media.
    PXE boot and/or TFTP was what I was thinking when I read about this. Seems a bit like IPMI as well (but without the extra hardware)?

    Leave a comment:


  • polarathene
    replied
    So the main difference from https://netboot.xyz/ is that this one opts for a temporary bootable OS that uses that kernel feature to chain boot the ISO? As opposed to netboot using iPXE (Which I don't think supports wifi as well as Webboot might?).

    I assume like netboot, you can use iPXE if natively supported by the system instead of creating external media to boot from (although it seems webboot needs local storage to download/load the retrieved ISO from?)

    The load ISO from local storage is pretty much covered by Ventoy, but as someone mentioned one perk might be the retrieving the latest ISO from the web. So I guess it's a bit of a mix between Ventoy and netboot (but with better with wifi support)? Possibly not as nice to configure though.

    Originally posted by uid313 View Post
    if you visited a website in your web browser and clicked on a special hyperlink with a webboot URI scheme. Like webboot://iso.example.com/ubuntu-20.10-desktop-amd64.iso and the webboot URI handler runs the webboot executable with the ISO as the parameter.
    You kind of get that with TFTP and iPXE, minus the browser in already running environment. You can type the URI and boot from that, or with something like Ventoy, you just download the ISO and add it to the partition it uses for data and it gets listed as a boot option instead of having to use dd, etcher or whatever to flash the ISO to the external media.

    Leave a comment:

Working...
X