IRC chat logs for #ltsp on irc.freenode.net (webchat)


Channel log from 16 April 2010   (all times are UTC)

00:10Ryan52 has joined #ltsp
00:19nubae has quit IRC
00:20nubae has joined #ltsp
00:20asmok has joined #ltsp
00:23
<asmok>
stgraber: This is for you! I hope you like it ;-P Translated from blog.ubuntu-fi.org (http://blog.ubuntu-fi.org/2010/tahan-ei-elain-pysty/) by friend of mine Anu Salminen - Comédie en trois actes: http://www.arkki.info/?p=151
00:25
alkisg: Sorry, not in greek this time ;-P or in english...
00:36asmok has left #ltsp
00:40vmlintu has quit IRC
01:01asmok has joined #ltsp
01:01asmok has left #ltsp
01:50gnunux has joined #ltsp
01:50
<gnunux>
hi
02:01alkisg has joined #ltsp
02:04vbundi has quit IRC
02:08vbundi has joined #ltsp
02:11vagrantc has quit IRC
02:13alkisg has quit IRC
02:46vbundi has quit IRC
02:59vbundi has joined #ltsp
03:04ogra has quit IRC
03:22highvoltage has joined #ltsp
03:30bobby_C has joined #ltsp
04:21ogra has joined #ltsp
04:26Selveste1 has quit IRC
04:36mikkel has joined #ltsp
04:39Faithful has quit IRC
04:46pmatulis has joined #ltsp
04:50pmatulis has quit IRC
05:12nubae_ has joined #ltsp
05:13nubae has quit IRC
05:29F-GT has quit IRC
05:30F-GT has joined #ltsp
06:01hersonls has joined #ltsp
06:06johnny has left #ltsp
06:12johnny has joined #ltsp
06:22Egyptian[Home] has quit IRC
06:32Selveste1 has joined #ltsp
06:38pmatulis has joined #ltsp
06:52scottmaccal has joined #ltsp
06:59bobby_C has quit IRC
07:05shamino has quit IRC
07:34feltrin has joined #ltsp
07:42slidesinger has joined #ltsp
07:42ogra has quit IRC
07:43ogra has joined #ltsp
08:05Gadi has joined #ltsp
08:12Egyptian[Home] has joined #ltsp
08:18ltspbot` has joined #ltsp
08:18sbalneav has quit IRC
08:18ltspbot has quit IRC
08:25alkisg has joined #ltsp
08:28highvolt1ge has joined #ltsp
08:31alkisg has quit IRC
08:31alkisg has joined #ltsp
08:31feltrin_ has joined #ltsp
08:32F-GT has quit IRC
08:32F-GT has joined #ltsp
08:32feltrin has quit IRC
08:32highvoltage has quit IRC
08:32rjune has quit IRC
08:32_UsUrPeR_ has quit IRC
08:32feltrin_ is now known as feltrin
08:38hersonls has quit IRC
08:39rjune has joined #ltsp
08:40_UsUrPeR_ has joined #ltsp
08:46Selveste1_ has joined #ltsp
08:47Selveste1 has quit IRC
09:01jcastro has joined #ltsp
09:03jcastro has quit IRC
09:03jcastro has joined #ltsp
09:05johnny has left #ltsp
09:06vmlintu has joined #ltsp
09:06johnny has joined #ltsp
09:09Selveste1_ has quit IRC
09:12epaphus has joined #ltsp
09:13F-GT has quit IRC
09:21
<vbundi>
after rebuilding my chroot, my terminals are no longer receiving any lts.conf settings
09:24F-GT has joined #ltsp
09:26brettbjorgaardu has joined #ltsp
09:26cliebow has joined #ltsp
09:29alkisg has quit IRC
09:30bobby_C has joined #ltsp
10:14staffencasa has joined #ltsp
10:18
<cliebow>
somene drop a pin?
10:24thunsucker has joined #ltsp
10:27
<Gadi>
hmm... seems we dropped "auto" as a special value for XSERVER
10:28
must have been when we rewrote the xconfiguration stuff....
10:32johnny has left #ltsp
10:39johnny has joined #ltsp
10:41alkisg has joined #ltsp
10:41gnunux has quit IRC
10:45alkisg has quit IRC
10:47alkisg has joined #ltsp
10:49alkisg has quit IRC
10:59mischko has joined #ltsp
11:02johnny has left #ltsp
11:03johnny has joined #ltsp
11:11komunista has joined #ltsp
11:17atkuepker has joined #ltsp
11:18alkisg has joined #ltsp
11:18alkisg has joined #ltsp
11:19leio has quit IRC
11:19johnny has left #ltsp
11:21johnny has joined #ltsp
11:33alkisg has quit IRC
11:35mikeshultz has joined #ltsp
11:42gmir has joined #ltsp
11:45gmir has quit IRC
11:47johnny has left #ltsp
11:48johnny has joined #ltsp
11:58gmir has joined #ltsp
12:02Barbosa has joined #ltsp
12:02scottmaccal has quit IRC
12:03
<vbundi>
in.tftpd[2032]: RRQ from 192.168.1.20 filename /ltsp/amd64//lts.conf
12:03
something is screwed up somewhere.. I'm getting an extra / added to the path of my lts.conf... so I can't get any lts.conf settings
12:05
<Gadi>
vbundi: I think alkisg fixed something to that effect upstream the other day
12:06
look in /opt/ltsp/amd64/usr/share/initramfs-tools/scripts/ltsp_nbd
12:06
find the "tftp" lines in there
12:07
<vbundi>
echo "get ${tftppath:-/ltsp/i386}/lts.conf"
12:08
this line above ittftppath="$(echo "$filename" | sed -n 's,\"*\(.*/\)[^/]*,\1,p')"
12:12
<Gadi>
well, the above line says it is stripping out /path/to/file/
12:12
er
12:12
I mean it is stripping out everything after /path/to/file/
12:12
<vbundi>
that's what the 'sed' does
12:13
?
12:13
<Gadi>
yeah
12:14
sed is finding all characters from the beginning of the line up to the last "/" and keeping those
12:14
the rest it throws away
12:14
<vbundi>
ah
12:14
<Gadi>
so, you wind up with /path/to/file/ + /lts.conf
12:14
which is no good
12:15nubae_ has quit IRC
12:15
<Gadi>
let me see if I can find alkisg's fix
12:16
<vbundi>
yeah I messed with it, but nothing changed
12:16
<Gadi>
well, you would need to update the initramfs
12:16
and then update kernels
12:16
<vbundi>
how do you update initramfs?
12:17
<Gadi>
echo "get ${tftppath:-/ltsp/i386/}lts.conf" | /bin/tftp ${NBD_ROOT_SERVER} >
12:17
/dev/null 2>&1
12:17
<vbundi>
I see there's a program called update-initramfs but
12:17
<Gadi>
that's the current one
12:17
ie: take off the "/" in front of lts.conf
12:17
to update the initramfs, do:
12:18
sudo chroot /opt/ltsp/amd64 update-initramfs -u
12:18
then:
12:18
sudo ltsp-update-kernels
12:18
<vbundi>
k
12:18
ltsp/i386}/lts.conf ahhh the slash is outside of the {}
12:20theprof has joined #ltsp
12:21
<theprof>
Hello. I hope everyone is doing well. This question isn't directly an LTSP question, but a Linux one. I have been pulling out my hair for an hour for something that i am SURE if simple but I can't do it! I'm setting up rsync to backup the server, and I can't get the permissions correct.
12:22
I'm trying to back up /home for example. There is a user "backupuser" in the group "backupgroup"
12:22
I know that I need to make the directory /home executable for the group in order for him to CD into it
12:22
but everytime I do chmod g+rwx it also makes the files executable
12:23
Is there a way to just make the directories executable but not modify all the files?
12:23
My apologies if this is a very dumb question but I know people here are great.
12:24
<thunsucker>
theprof: whats wrong with just making them 777?
12:24
lol
12:24
j/k
12:25
<theprof>
thunsucker, IF ONLY :)
12:26
<thunsucker>
just a second i'll help
12:26
working on an audio issue at the moment
12:26
<vbundi>
I just made a directory, made a file inside it that was not executable... and chmod +x on the parent directory and the permissions stayed the same on the file
12:27
<thunsucker>
theprof: whats the exact command you're using to change the permissions?
12:28
<theprof>
chmod -c -R g+rwx /home
12:29
because in /home there are other subdirectories
12:29
so I need to be able to Cd into those directories but not change the files within them in order to read to back them up
12:33
<Gadi>
theprof: find /home -type d | xargs chmod g+rwx
12:33
that oughtta do it
12:34
<theprof>
Gadi, I'll try that right now
12:34
<thunsucker>
theprof: -R does it for everything below all files and folders if I remember correctly
12:34gmir has quit IRC
12:34
<Gadi>
dont use -R in the line I gave you
12:35
<thunsucker>
theprof: from the man page, "change files and directories recursively"
12:35
<Gadi>
find will find all directories under /home
12:35
recursively
12:35
<theprof>
Gadi, right, you're using find to go recursively
12:35
<vbundi>
Gadi: RRQ from 192.168.1.21 filename /ltsp/amd64/lts.conf ok that looks good... but I'm still not getting any lts.conf... wth
12:35
<theprof>
ah - you just typed that :)
12:35
thunsucker, I thought it was somehow magically going to only do directories :)
12:35
<thunsucker>
theprof: lol
12:37
<Gadi>
theprof: btw, if it is backup, then the group really only needs read perms not write perms
12:38
you can remove the write perms with: find /home -type d | xargs chmod g-w
12:38
<theprof>
Gadi, makes sense I will do so now
12:38nubae has joined #ltsp
12:42
<theprof>
Hmm..it almost worked perfectly. rsync spit out an error when trying to change into a directory readlink "/john failed:permission denied
12:43
ls -al shows drwxr-x--- john
12:44
sorry, ls -al shows drwxr-x--- john backupgroup 4096 2010-04-01 16:35 john
12:53
<Gadi>
theprof: perhaps your rsync syntax is off?
12:54
<theprof>
Gadi, could be. I'm using this as a guide (from a howto online) rsync -avz -e ssh someuser@server1.example.com:/var/www/ /var/www/
12:55
<Gadi>
someuser = backupuser?
12:55mischko has quit IRC
12:56
<Gadi>
and backupuser is a member of backupgroup?
12:56
<theprof>
yes sorry I pasted it from the website.
12:56
yes to both users
12:56
cat /etc/group shows the user as part of the group
12:56
<Gadi>
can you paste the exact rsync line?
12:57
(you can obscure the ip/hostname if you like)
12:59vagrantc has joined #ltsp
13:00
<theprof>
OK
13:01
rsync -avz -e ssh backupuser@192.168.33.247:/var/vmail/ /home/theprof/rsync_test/
13:01
internal ip so not a problem :)
13:01
I am running it as root on 192.168.33.248 and it connects no problem and copies over the files within /vmail
13:01
but not within the subdirectories
13:03
<Gadi>
that doesnt look like /home ')
13:03
;)
13:04
<vbundi>
theprof: you may have luck if you add -r to your rsync command :)
13:04
<Gadi>
ah, and you are using "-a" for rsync, which means that on the local side, the user that you are running rsync as has to have permissions to change ownership locally
13:04
<vbundi>
ie, rsync -ravs
13:04
<vagrantc>
"-a" includes "-r", no?
13:04
or is it "-R" ?
13:05
<vbundi>
oh I think you're right
13:05
-a is archive
13:05
?
13:05
<vagrantc>
-a, --archive archive mode; equals -rlptgoD (no -H,-A,-X)
13:05
<Gadi>
I think your problem would be resolved with: sudo rsync -avz -e ssh backupuser@192.168.33.247:/var/vmail/ /home/theprof/rsync_test/
13:05
<vbundi>
ah
13:06
<theprof>
Gadi, I was basing the command on the http://www.howtoforge.com/mirroring_with_rsync tutorial.
13:06
I will try your command now
13:08
Just tried it. Same exact error as before.
13:08
If I was to change the /var/vmail permissions to 777 to test it would that tell us information that may be helpful?
13:09mikkel has quit IRC
13:09Selveste1_ has joined #ltsp
13:10
<theprof>
IE is it the rsync command or the permissions on the source machine?
13:13
<Gadi>
can you paste the error again?
13:17
<theprof>
sure
13:18
ltspbot`, pastebin?
13:18
<ltspbot`>
theprof: Error: "pastebin?" is not a valid command.
13:18
<theprof>
ltspbot`, pastebin
13:18
<ltspbot`>
theprof: "pastebin" :: try !pastebot
13:18
<theprof>
Yeah I have no idea how to use this bot :)
13:19
<Gadi>
!pastebot
13:19
<ltspbot`>
Gadi: "pastebot" :: The LTSP pastebot is at http://ltsp.pastebin.com. Please paste all text longer than a line or two to the pastebot, as it helps to reduce traffic in the channel. Don't forget to paste the URL of the text here.
13:19
<theprof>
hey look at that :)
13:20
http://ltsp.pastebin.com/LEJaRqYz
13:23
<Gadi>
theprof: ah, those are all files
13:23
<thunsucker>
i've had a setup where the clients loose sound after 10min or so
13:23
<Gadi>
on the remote side
13:23
<thunsucker>
ub 9.10, but has been out of date for a long long time
13:24
so I updated the server and chroot today, and now it's more like 1 out of 25 loose sound
13:24
<Gadi>
theprof: your user does not have perms to read those files
13:24
<thunsucker>
it doesn't get choppy or anything like that, it just completely stops
13:26
<theprof>
Gadi, ok let me check the source side permissions
13:26
<Gadi>
thunsucker: on the machines where it dies, run: ltsp-localapps xterm , and from the xterm, run ps aux|grep pulse to see if pulseaudio is still running
13:26
theprof: for homedirs, you will want to backup using root (or a user who can sudo)
13:27
theprof: you don't want to be mucking with everyone's file perms
13:28
the howto you used is good for web servers, where the files can have uniform perms
13:28
<theprof>
Gadi, I see. So the idea in the howto of creating a backup user and then adding that user to the group that has permission to those directories won't work?
13:28
<thunsucker>
Gadi: just to be proactive, if it has whats my next step?
13:28
<theprof>
Gadi, you just answered it :)
13:35
<thunsucker>
gadi: the problem i have now is that it's completely random and i've been unable to duplicate it in my test lab
13:42
Gadi: woo one just died omw to test
13:50
gadi: no pulse
13:50
<Gadi>
so, pulse is dying on you
13:51
<thunsucker>
good chance
13:51
i'm using the rdesktop script
13:51
so i jumped to the shell screen
13:51
i tried the ltsp-localapps xterm but that failed
13:51
<Gadi>
rdesktop screen script?
13:51
<thunsucker>
so i just did ps aux|grep pulse
13:51
yes the screen script
13:51
<Gadi>
ah, thats ok then
13:51
better even
13:51
:)
13:51
<thunsucker>
:)
13:51
thats good then
13:52
<Gadi>
rdesktop prefers not going through pulse more often than not
13:52
are you near that machine?
13:52
<thunsucker>
Gadi: no and that room just got locked, that teacher is going home for the day
13:53
<Gadi>
ah
13:53
<thunsucker>
but i have a station here to try stuff
13:53
i could "kill pulse" lol
13:53
<Gadi>
so, it is windows sound that is dying?
13:53
<thunsucker>
Gadi: yes
13:53
<Gadi>
and you are using: -r sound:local
13:54
<thunsucker>
Gadi: yes i believe -r sound:local:oss to be exact
13:54
let me double check
13:54
<Gadi>
ah, oss?
13:54
<thunsucker>
originally it was alsa
13:54
but it was doing the same thing
13:54
so we switched to oss
13:54
to try it out
13:54
<Gadi>
do you run rdesktop through padsp?
13:54
or is this the normal undoctored script?
13:54
<thunsucker>
it's doctored
13:55
<Gadi>
ah
13:55
<thunsucker>
well meaning that i customized it
13:55
<Gadi>
can you paste your rdesktop script?
13:55
<thunsucker>
it randomly selects a server
13:55
sure
13:55
!pastebot
13:55
<ltspbot`>
thunsucker: "pastebot" :: The LTSP pastebot is at http://ltsp.pastebin.com. Please paste all text longer than a line or two to the pastebot, as it helps to reduce traffic in the channel. Don't forget to paste the URL of the text here.
13:56
<thunsucker>
http://ltsp.pastebin.com/Tthr1w2y
13:58
<Gadi>
cute
13:58
<thunsucker>
l,ol
13:58
<Gadi>
well, using alsa is better than oss
13:58
<thunsucker>
ok i can swithc it back
13:58
maybe that will be enough
13:58
<Gadi>
(unless you need to run through padsp)
13:58
<thunsucker>
i have no idea what that is
13:58
upgrading it helped a ton
13:58
<Gadi>
ah, so let me 'splain
13:58
:)
13:58
<thunsucker>
so maybe oss is the last broken part
13:59Ryan52 has quit IRC
13:59
<Gadi>
oss = the old sound architecture that *nix systems used
13:59
it is mainly kernel level drivers
14:00
when the Linux kernel moved to 2.6, it adopted ALSA as a replacement
14:00
alsa worked a lot better in many ways, but was Linux specific
14:00
<thunsucker>
gotcha
14:00
definitely want to use alsa then
14:00
<Gadi>
alsa maintained backwards compatibility through an oss emulation driver
14:01Ryan52 has joined #ltsp
14:01
<Gadi>
so that oss still works (when that driver is loaded)
14:02
<thunsucker>
Gadi: again ty for the info
14:02
i've swapped it to ala
14:02
*alsa
14:02
<Gadi>
the only time you would use it in the context of rdesktop is to run: padsp rdesktop -r sound:local:oss ...
14:02
<thunsucker>
maybe that will squasah it
14:02
ahh ok
14:02
<Gadi>
where padsp is a pulseaudio application that emulates an oss driver to the application and feed s the sound to pulseaudio
14:04
<thunsucker>
i can't wait until lucid is officially resleased
14:05
I'm going to be running thick clients this summer
14:05
most of my clients have 512mb of ram and fast cpu's
14:07
Gadi: is there a way I can ssh and vnc into each ltsp client?
14:08
<Gadi>
thunsucker: as in italc?
14:08
<thunsucker>
Gadi: maybe thats it, i'll read up on it
14:09
<vbundi>
Gadi: any suggestions on what to do next... I can see in my daemon.log that TFTP is pointing to the right file now in.tftpd[12843]: RRQ from 192.168.1.23 filename /ltsp/amd64/lts.conf
14:10
<Gadi>
vbundi: it isnt getting the file?
14:11
did you try dropping into initramfs and tftp'ing manually?
14:11
<vagrantc>
wow. 64-bit clients.
14:12
more-powerful-than-the-server clients
14:12
<vbundi>
Gada: a-la break=init ?
14:12gmir has joined #ltsp
14:12
<Gadi>
vbundi: try break=bottom
14:13
<vbundi>
vagrantc: I will most likely switch to x86 when it goes live... just testing stuff
14:13
<Gadi>
(that way ur all mounted and junk) ;)
14:14
<vbundi>
vagrantc: also... my previous terminals which were 800mhz VIA w/256MB ram were no good for LTSP5 so I figured I'd get good enoough clients so I'll be good for when 6 comes out ;)
14:15Lns has joined #ltsp
14:15
<vbundi>
Gadi: ok so @ the initramfs prompt I can see that lts.conf is in /
14:16
dunno if that's right, I thought it would be in /etc
14:16
<vagrantc>
vbundi: heh. a shame to hear that 800MHz 256MB ram isn't enough...
14:17
<Lns>
wha..?
14:17
<Gadi>
vbundi: you should see it in /root/etc/lts.conf
14:17cliebow has quit IRC
14:17
<Gadi>
(as well)
14:17
<vbundi>
vagrantc: yeah they were not a mainstream chip (ie intel), I think we settled on the fact that it was a kernel issue more than an LTSP issue
14:17
<Gadi>
vbundi: so, it appears it tftp'd fine
14:18
you could even: diff lts.conf /root/etc/lts.conf
14:18
and see if they are the same
14:18
<vagrantc>
at freegeek we've got a few 400MHz with 256MB-370ish, a few 800-1GHz with 256-512MB ... though i think people feel that they are too slow. though it's just as likely the server is underpowered as the thin-clients
14:19gmir has quit IRC
14:20
<vagrantc>
for the most part, people are using icewm or lxde... but there are a few gnome or kde users, too.
14:21
<atkuepker>
we're upgrading to Dell GX260 terminals with 512MB on Ubuntu 9.10 w/ Gnome. The Dell GX1 systems were too laggy according to the users.
14:22
ATI AGP video cards on those, though. The onboard Intel ones have been quite crashy regardless of what settings we use.
14:24
<thunsucker>
gadi: italc can't find any clients
14:25
who's the italc master?
14:25
sbalneav?
14:25
<Lns>
thunsucker: i believe stgraber does some maintenance on italc
14:26
<thunsucker>
ahh cool
14:26
lns: ty
14:26
stgraber: ping
14:30
does anyone know if italc works with the rdesktop screen script?
14:31
<Lns>
thunsucker: i would assume *some* functionality would work, at least starting/shutting down, etc.
14:31
not sure about anything else, dont' really use it much myself
14:32
<thunsucker>
lns: thats what I was thinking
14:38shamino has joined #ltsp
14:39Lns has quit IRC
14:41
<thunsucker>
gadi: i just rebooted the client next to me
14:42
did the ps aux|grep pulse
14:42
it's not running and the sound is working
14:43
my lts.conf has SOUND=False for default
14:45
<atkuepker>
is lts.conf readable? Happens to me sometimes when I edit as root and leave it set to 0400
14:46
<thunsucker>
atkuepker: yes -rw-r--r--
14:46
<Gadi>
thunsucker: excellent
14:47
<thunsucker>
Gadi: but the problem is still popping up
14:47
<Gadi>
I thought you said sound is working?
14:47
<theprof>
Gadi, I solved it :) The issue was the find command that changed the directory's permissions wasn't drilling down into the sub directories.
14:47
when I typed that same command at each level of the tree, it then worked
14:47
<thunsucker>
Gadi: sound is working but i'm still getting reports of it randomly dying
14:48
<Gadi>
thunsucker: between when they locked the doors to the classroom and now?
14:48* Gadi is confused
14:49
<thunsucker>
gadi: ok since i changed it back to alsa
14:49
and had everyone restart their clients
14:49
i had a teacher call and report that a client lost audio again
14:49
<Gadi>
meaning it has been ok since you changed back to alsa (and rebooted the clients)
14:50
<thunsucker>
Gadi: yes so far after cahnging to alsa no one reported until about 3 minutes ago
14:50
and it's just 1
14:50
<Gadi>
ah
14:50
ok
14:50
<thunsucker>
but school is about to be out here too
14:50
so not 100% sure how many are being used
14:50
<Gadi>
and you are sure that person rebooted?
14:50gentgeen__ has quit IRC
14:50
<thunsucker>
Gadi: yes, she's good looking I rebooted hers myself :)
14:51
<Gadi>
ah
14:51nubae has joined #ltsp
14:51
<Gadi>
touche (not to be dirty)
14:51
<thunsucker>
gadi: lol
14:51
<Gadi>
but it works for a while and then cuts out?
14:52
<thunsucker>
Gadi: yes
14:52
<Gadi>
are all these clients the same hardware?
14:52feltrin has quit IRC
14:52
<thunsucker>
Gadi: no, they are mostly however dell optiplex sx280's, and gateway profile 5's
14:53
<Gadi>
are all the ones with sound problems the same hardware?
14:53
<thunsucker>
Gadi: in the last week have had 4 different models loose sound
14:53
today afer updating my chroot/server, 2 different models (only 4 reports)
14:53
and of course now only 1 report since alsa
14:53
<vbundi>
Gadi: you mentioned doing a diff on lts.conf and /root/etc/lts.conf, how would I do that.. I have no diff in this initramfs
14:54
<Gadi>
vbundi: ah, sorry - I thought there was diff
14:54
vbundi: you may have to simply cat the file and inspect it manually
14:54
or compare the line count
14:55
cat /root/etc/lts.conf|wc -l
14:55
cat lts.conf|wc -l
14:55
<vbundi>
ok yeah I tried that... the /root/etc/lts.conf is the one that says ' THIS FILE SHOULD NO LONGER BE USED FROM HERE '
14:55
<Gadi>
thunsucker: very strange - I have not heard of such an issue before - especially with rdesktop
14:55
<vbundi>
and /lts.conf is empty
14:56
<Gadi>
aha!
14:56
<vbundi>
ho ho?
14:56
<Gadi>
so, it is not tftp'd after all
14:56
<vbundi>
aha!
14:56
<Gadi>
it's been a ruse
14:56
ok
14:56
so, try tftp'ing manually from the initramfs
14:56
<vbundi>
ahh so the curtain of deceit has been lifted.... *stares down his server*
14:57
<Gadi>
btw
14:57
<vbundi>
yeah, I have no Idea how to do that
14:57
<Gadi>
just out of curiosity
14:57pmatulis has quit IRC
14:57
<Gadi>
you are putting the lts.conf in the amd64 directory, right?
14:57
(on the server)
14:57
<vbundi>
/var/lib/tftpboot/ltsp/amd64/lts.conf
14:57
<Gadi>
ah, ok good
14:58
so, in initramfs, try:
14:58
<thunsucker>
gadi: ty for the help it's friday, i'm going to go home and drink
14:58
lol
14:58
<Gadi>
thunsucker: drink one for me!
14:58
<vbundi>
I intend on making it a case
14:58
<Gadi>
vbundi: echo "get /ltsp/amd64/lts.conf"|tftp ${NBD_ROOT_SERVER}
14:58
that's ur chroot command
14:58
I mean
14:59
ur initramfs command
14:59
<thunsucker>
Gadi: will do
14:59thunsucker has left #ltsp
14:59
<vbundi>
(to) Error: Name or service not known
14:59
get: unknown host
15:00
<Gadi>
ok, replace the variable with the ip of the ltsp server
15:00
<vbundi>
file not found
15:00leio has joined #ltsp
15:01
<Gadi>
vbundi: evidently it isn't where you think it is
15:01
:)
15:01
<vbundi>
Gadi: I'm using a symbolic link for my amd64/lts/conf that points to i386/lts.conf
15:01
<Gadi>
ah, maybe that's it
15:01
<vbundi>
and it worked fine up until the other day so I don't think it's that
15:01
<Gadi>
ah, ok
15:01
<vbundi>
unless they changed something that makes symlinks not work
15:02
<Gadi>
"they" tend to be sinister that way
15:02
are you using tftpd-hpa?
15:02
<vbundi>
the default
15:02
<Gadi>
let's check just to see if "they" didn't replace it on you
15:02
"they" can do things like that
15:03* Gadi shakes a fist at the they
15:03leio has quit IRC
15:03leio has joined #ltsp
15:03
<vbundi>
haha
15:03
<Gadi>
dpkg -l|grep tftp
15:03
(on the server, mind you)
15:03
<vbundi>
dpkg -l|grep tftp
15:03
lol wrong window
15:03
yeah tftpd-hpa
15:03
<Gadi>
well, that's good
15:03
ok, back to initramfs
15:04
try the same command, but use "i386" instead of "amd64"
15:04
<vbundi>
no error
15:04
<Gadi>
aha!
15:04
<vbundi>
and /lts.conf has data now
15:04
<Gadi>
symlinks do matter to some
15:04
<vbundi>
'THEY'!
15:04* Gadi shakes fist again!
15:04
<Gadi>
oh
15:05
how did you make the symlink?
15:05
<vbundi>
I'm sure it was the same person that put that extra / in there ;)
15:05
ln -s
15:05
<Gadi>
I hope you did: ln -s ../i386/lts.conf lts.conf
15:05
ie a *relative* symlink
15:06
because if you did: ln -s /var/lib/tftpboot/ltsp/i386/lts.conf lts.conf
15:06
<vbundi>
no I did modprobe hopesndreams
15:06
then just ln -s ;P
15:06
root root 36 2010-04-08 09:31 lts.conf -> /var/lib/tftpboot/ltsp/i386/lts.conf
15:06
<Gadi>
tie an *absolute* symlink, then its no wonder it cannot find it
15:06evilx has quit IRC
15:06
<Gadi>
gack!
15:06
you cant do that, man
15:07
tftp's root is /var/lib/tftpboot
15:07
so, it sees it as: /ltsp/i385/lts.conf
15:07
er, i386
15:07
<vbundi>
the file /var/lib/tftpboot
15:07
err
15:08
the file /var/lib/tftpboot/ltsp/amd64/lts.conf points to /var/lib/tftpboot/ltsp/i386/lts.conf
15:08
<Gadi>
yeah, that's bad
15:08
<vbundi>
oh well I guess I know whos side you're on then.
15:08
<Gadi>
because all tftp wants to grab /ltsp/i386/lts.conf
15:08
it cannot see /var/lib/tftp....
15:08
<vbundi>
ok
15:09
oh
15:09
<Gadi>
doesn't know where that is
15:09
<vbundi>
I gotcha
15:09
<Gadi>
tftp is in jail
15:09
no windowsw
15:09
no clue about the outside world
15:09
<vbundi>
I see, so whats the proper way to do it?
15:09
<Gadi>
climbs the walls looking for a crack
15:09
<vbundi>
so that I only have to edit one file that is
15:10
<Gadi>
so on the server, do: cd /var/lib/tftpboot/ltsp/amd64
15:10
rm lts.conf
15:10
ln -s ../i386/lts.conf lts.conf
15:10
now, ls -l should show a relative symlink
15:10
which works both in your server's view of the world AND in tftp jail
15:11
<vbundi>
ohh
15:11
<Gadi>
(you can check in the initramfs)
15:11
<vbundi>
sweet I get it
15:11
<Gadi>
jail aint pretty
15:11
but sometimes, you gotta look at things from the inmate's pov
15:12
<vbundi>
wait so if tftpd is in jail would xinetd be Bubba?
15:12
or the warden
15:13
<Gadi>
heh - I think its the state of California
15:13
:P
15:14
<vbundi>
so I wonder why it was working before
15:15
<Gadi>
conjugal visits?
15:16
<vbundi>
heh, my terminal hostname is judy
15:16* Gadi won't ask what the wallpaper is
15:27
<atkuepker>
anybody have links to good articles/whitepapers on setting up iptables for LTSP5?
15:35ogra_cmpc has quit IRC
15:47ogra_cmpc has joined #ltsp
15:49
<Appiah>
hmm
15:49
I dont see why that's needed?
15:50
what do you need atkuepker ?
15:51
<atkuepker>
stock UFW on Ubuntu breaks LTSP5.
15:52
UFW-specific documentation is probably asking a bit much, but iptables would allow me to extrapolate when I need.
15:52
<abeehc>
stock ufw is dsablede,no?
15:52
<Appiah>
UFW is not enabled by default ...
15:52
<abeehc>
agreed
15:52
<atkuepker>
correct, but we're not terribly happy with that either.
15:53
<Appiah>
is your LTSP server magning the whole network or what?
15:54
<atkuepker>
correct. some of our Ubuntu LTSP5 boxes are the sole servers at our smaller remote sites.
15:54Gadi has left #ltsp
15:55
<Appiah>
not even a hardware firewall or something?
15:55
well ltsp does not use anything special ,its just tftp,dhcp,ssh
15:55
<atkuepker>
of course, but that won't prevent unauthorized outbound connections
15:56
hardware firewalls are just lobotomized linux boxen
15:56
NDB?
15:56
<Appiah>
not unless you enable it...
15:56
<abeehc>
i can't see why you'd put iptables rules in between the server and clients
15:56
from that point it's just lockdown whatever you want as normal with iptables, no?
15:57
<atkuepker>
Yes, but most of those services on Ubuntu listen on all interfaces unless they're locked down.
15:57
thus I'm digging into what services are required to be allowed, and closing the rest.
15:57
<Appiah>
well to answer your questions : no
15:57
maybe search the mailinglist
15:58
<abeehc>
maybe somethin here https://help.ubuntu.com/community/UbuntuLTSP/LTSPFirewall
15:58
to be extrapolated
15:58
<Appiah>
feels so general
15:58
not really "LTSP"
15:59
some dont even use the DHCP on the ltsp server
15:59
and so on
15:59
<abeehc>
the 2 nic config might be the ticket
15:59
<atkuepker>
at our main sites we don't either. but having 2-3 servers at remote sites with 8-10 terminals is a waste of resources.
16:00
abeehc: no, we're not running 1-legged network interfaces. external and internal are separated properly.
16:01
we had all this set up quite well with good security policies under Fedora and CentOS with LTSP4.x, but LTSP5 has some different requirements since our standard configuration doesn't work.
16:02
<abeehc>
maybe focus on what doesn't work
16:02
cause your questions have mostly lost me
16:03
mine's happily insecure
16:03
<Appiah>
what's not working for you now?
16:03
<atkuepker>
we're not too happy about that. Especially since we handle healthcare information.
16:03
<abeehc>
happy about what
16:03
there's no question there
16:03
so that's cool but hard to adress
16:04
<atkuepker>
and that's why I was asking about docs/whitepapers for iptables.
16:04
<Appiah>
well the best thing you can find is the ubuntu wiki posted earlier
16:05
other then that I never seen people discuss firewalls and ltsp
16:05
<abeehc>
there's an article re: nat up there too
16:05
<atkuepker>
yeah, we're already doing the NAT thing for the handful of XP machines.
16:05
<vagrantc>
as good a reason to add a firewall as any.
16:07
<atkuepker>
especially since Ubuntu doesn't seem to be as "Secure by Default" as it used to be.
16:09
<johnny>
i doubt that has changed..
16:09
ubuntu has never been less secure by default than it is now
16:09
<abeehc>
i agree
16:10
<johnny>
there didn't used to be apparmor..
16:10
or ufw
16:12
<atkuepker>
odd. Can't imagine it could even be called securable less alone "secure by nature" without those two and with most services configured to listen and accept connections on all NICs from all addresses.
16:12theprof has left #ltsp
16:13
<abeehc>
you might be confusing ubuntu with something like openbsd
16:14
<vagrantc>
atkuepker: but you were comparing ubuntu to older versions of ubuntu ... what has actually gotten worse?
16:15
<atkuepker>
I remember the ubuntu 8.10 marketing going on about how it's "so secure you don't even need a firewall".
16:15
<abeehc>
i can't imagine canonical saying that
16:15
maybe i'm mistaken
16:15
one of my clients just tripped and i managed to catch it~~~
16:15
http://pastebin.com/YN21imY4
16:16
now the load's pegged
16:16
:(
16:21Lns has joined #ltsp
16:24
<Lns>
vagrantc: since debian uses nfs still, is it possible to symlink /etc/lts.conf files between chroots? For example, if you have an i386 *and* amd64 chroot, can you symlink them both together, either to a common file elsewhere or say, the amd64 lts.conf to the i386 one? I wonder because it seems that it's read before you actually mount the chroot.
16:25
<vagrantc>
Lns: you'd have to hard-link them.
16:25
<Lns>
vagrantc: cool. Thanks!
16:25
<vagrantc>
though that has issues
16:25
<Lns>
oh?
16:26
<vagrantc>
sometimes editors will wisely edit a copy of the file, and then copy a new file into place.
16:27
which will end up breaking the hardlink
16:27
and you end up with inconsistant state
16:27
<Lns>
ah
16:27
well if you do it by hand then it shouldn't be an issue right?
16:27
oh..nm
16:27
i see what you mean
16:27
<vagrantc>
there is a risk of them getting out of sync.
16:27
and it's non-obvious when that happens
16:28
<Lns>
wow that's a generic problem with hard links and those editors eh?
16:28
<vagrantc>
sure.
16:28
<Lns>
crazy. never thought of that before
16:28
<vagrantc>
i may not have the exact details right, but the general idea is a fundamental problem with hard-links.
16:29
<Lns>
yea...maybe better to do it another way then
16:29
just trying to figure out a way to make it a bit easier to manage multiple chroots
16:29
<vagrantc>
you could keep it in revision control, such as git, and push to the other repository after committing.
16:30
and have the push be automated.
16:30
<Lns>
yeah..or a simple every-minute-cron-script ;)
16:30
though that's pretty hackish
16:30
<vagrantc>
that's another way
16:30
was the first idea that sprang to mind, actually ... but revision control is so much more elegant.
16:31
<Lns>
i've never setup revision control before
16:31
<vagrantc>
since you can have post-commit hooks that put the files into place.
16:32
<Lns>
that would be nice for all sorts of stuff to sync between the chroots actually..hrm....
16:32
at least non-arch specific stuff
16:33
now that i'm back on using nfs i really prefer it...love not having to reboot after a change!
16:33
specially when testing
16:34
<vagrantc>
i've stuck with it through all the NBD hype (while experimenting with NBD) not just to be curmudgeonly.
16:35
<Lns>
hehe
16:35
well i'm happy for that
16:50
<atkuepker>
have a good weekend folks
16:51
<Lns>
you too atkuepker
17:02nubae has quit IRC
17:02mikeshultz has quit IRC
17:03nubae has joined #ltsp
17:07jcastro has quit IRC
17:08jcastro has joined #ltsp
17:11
<johnny>
etckeeper
17:11
the only proble with git.. is that it doesn't really store metadata
17:11
nor empty directories
17:11
etckeeper does some hackiness around it tho
17:11
i like rdiff-backup too
17:11jcastro has quit IRC
17:18vmlintu has quit IRC
17:19highvolt1ge is now known as highvoltage
17:23gentgeen__ has joined #ltsp
17:28
<vbundi>
how well does italc work with lucid?
17:34atkuepker has quit IRC
17:45Selveste1_ has quit IRC
17:53Selveste1 has joined #ltsp
18:00bobby_C has quit IRC
18:05gentgeen__ has quit IRC
18:08gentgeen__ has joined #ltsp
18:24komunista has quit IRC
18:24johnny has left #ltsp
18:24Lns has quit IRC
18:25johnny has joined #ltsp
18:52epaphus has quit IRC
19:03staffencasa has quit IRC
19:11fhoahf38771 has joined #ltsp
19:11fhoahf38771 has left #ltsp
19:24Selveste1 has quit IRC
19:27GodFather has joined #ltsp
19:27GodFather_ has joined #ltsp
19:52F-GT has quit IRC
19:57vagrantc has quit IRC
20:08map7 has quit IRC
20:08F-GT has joined #ltsp
20:09map7 has joined #ltsp
20:31try2free has joined #ltsp
20:32try2free has left #ltsp
21:19nubae has quit IRC
21:22GodFather has quit IRC