IRC chat logs for #ltsp on irc.freenode.net (webchat)


Channel log from 20 December 2012   (all times are UTC)

00:16vagrantc has joined IRC (vagrantc!~vagrant@75-150-46-245-Oregon.hfc.comcastbusiness.net)
00:16vagrantc has joined IRC (vagrantc!~vagrant@freegeek/vagrantc)
01:11fuzai has joined IRC (fuzai!~fuzai@71-217-108-78.tukw.qwest.net)
01:12F-GT has joined IRC (F-GT!~phantom@ppp59-167-136-109.static.internode.on.net)
01:18dgeary2 has joined IRC (dgeary2!~david@2001:388:e001:1e00:914:40fb:752:d15)
01:24andygraybeal has joined IRC (andygraybeal!~andy@h193.205.130.174.dynamic.ip.windstream.net)
01:25vagrantc has left IRC (vagrantc!~vagrant@freegeek/vagrantc, Quit: leaving)
01:28fuzai has left IRC (fuzai!~fuzai@71-217-108-78.tukw.qwest.net, Quit: Leaving)
01:29Phantomas has left IRC (Phantomas!~Phantomas@ubuntu/member/phantomas, Ping timeout: 260 seconds)
01:42fuzai has joined IRC (fuzai!~fuzai@71-217-108-78.tukw.qwest.net)
01:42andygraybeal has left IRC (andygraybeal!~andy@h193.205.130.174.dynamic.ip.windstream.net, Ping timeout: 265 seconds)
01:43adrianorg has left IRC (adrianorg!~adrianorg@177.134.63.247, Ping timeout: 246 seconds)
01:44Phantomas has joined IRC (Phantomas!~Phantomas@ubuntu/member/phantomas)
02:08F-GT has left IRC (F-GT!~phantom@ppp59-167-136-109.static.internode.on.net, Ping timeout: 246 seconds)
02:14dgeary2 has left IRC (dgeary2!~david@2001:388:e001:1e00:914:40fb:752:d15, Ping timeout: 250 seconds)
02:17PhoenixSTF has joined IRC (PhoenixSTF!~rudi@78.29.132.86)
03:19PhoenixSTF has left IRC (PhoenixSTF!~rudi@78.29.132.86, Quit: Leaving)
03:44lostfile has joined IRC (lostfile!~Thunderbi@113.161.68.105)
04:35Phantomas has left IRC (Phantomas!~Phantomas@ubuntu/member/phantomas, Ping timeout: 252 seconds)
04:53Phantomas has joined IRC (Phantomas!~Phantomas@ubuntu/member/phantomas)
04:55sha has joined IRC (sha!~sha@e177167052.adsl.alicedsl.de)
04:59sha_ has left IRC (sha_!~sha@e177160138.adsl.alicedsl.de, Ping timeout: 255 seconds)
05:02fuzai has left IRC (fuzai!~fuzai@71-217-108-78.tukw.qwest.net, Remote host closed the connection)
05:33telex has left IRC (telex!~telex@freeshell.de, Ping timeout: 265 seconds)
05:35telex has joined IRC (telex!~telex@freeshell.de)
05:36Phantomas has left IRC (Phantomas!~Phantomas@ubuntu/member/phantomas, Ping timeout: 260 seconds)
05:52Phantomas has joined IRC (Phantomas!~Phantomas@ubuntu/member/phantomas)
06:31F-GT has joined IRC (F-GT!~phantom@ppp59-167-136-109.static.internode.on.net)
06:31bauerski has joined IRC (bauerski!~witekb@frodo.psp.opole.pl)
07:18Phantomas has left IRC (Phantomas!~Phantomas@ubuntu/member/phantomas)
07:20lostfile has left IRC (lostfile!~Thunderbi@113.161.68.105, Quit: lostfile)
07:22staffencasa has left IRC (staffencasa!~staffenca@8-220.ptpg.oregonstate.edu, Ping timeout: 255 seconds)
07:25shogunx has left IRC (shogunx!~shogunx@2001:4978:106:1:2963:b01d:1c25:5499, Ping timeout: 245 seconds)
07:26staffencasa has joined IRC (staffencasa!~staffenca@8-220.ptpg.oregonstate.edu)
07:47dobber has joined IRC (dobber!~dobber@213.169.45.222)
08:04khildin has joined IRC (khildin!~khildin@ip-80-236-225-253.dsl.scarlet.be)
08:50Gremble has joined IRC (Gremble!~Ben@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com)
09:31gvy has joined IRC (gvy!~mike@altlinux/developer/mike)
09:46adrianorg has joined IRC (adrianorg!~adrianorg@187.113.251.126)
09:57bauerski1 has joined IRC (bauerski1!~witekb@frodo.psp.opole.pl)
10:02Gremble has left IRC (Gremble!~Ben@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com, *.net *.split)
10:02bauerski has left IRC (bauerski!~witekb@frodo.psp.opole.pl, *.net *.split)
10:02lotharn has left IRC (lotharn!~nick@24.154.55.32, *.net *.split)
10:10lotharn has joined IRC (lotharn!~nick@24.154.55.32)
10:11Gremble has joined IRC (Gremble!~Ben@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com)
10:23alexqwesa_ has joined IRC (alexqwesa_!~alex@alexo-veto.broker.freenet6.net)
10:23leio_ has joined IRC (leio_!~leio@gentoo/developer/leio)
10:25jerryc has joined IRC (jerryc!~pppingme@65.28.110.103)
10:29alexqwesa has left IRC (alexqwesa!~alex@alexo-veto.broker.freenet6.net, Ping timeout: 245 seconds)
10:29mgariepy has left IRC (mgariepy!mgariepy@ubuntu/member/mgariepy, Ping timeout: 245 seconds)
10:29pppingme has left IRC (pppingme!~pppingme@unaffiliated/pppingme, Ping timeout: 245 seconds)
10:29leio has left IRC (leio!~leio@gentoo/developer/leio, Ping timeout: 245 seconds)
10:29mgariepy_ has joined IRC (mgariepy_!mgariepy@nat/revolutionlinux/session)
10:29mgariepy_ has joined IRC (mgariepy_!mgariepy@nat/revolutionlinux/x-tslaouyvflqlyadu)
10:51andygraybeal has joined IRC (andygraybeal!~andy@h193.205.130.174.dynamic.ip.windstream.net)
10:55Parker955_Away has left IRC (Parker955_Away!~parker@74.112.203.151, Ping timeout: 245 seconds)
11:00Parker955_Away has joined IRC (Parker955_Away!~parker@74.112.203.151)
11:46markit has joined IRC (markit!~marco@88-149-177-66.v4.ngi.it)
11:46
<markit>
hi, any nfs4 guru here? in #nfs no one replies
11:49
<gvy>
try mounting #nfs with -o nfsvers=3? :)
11:49gvy has left IRC (gvy!~mike@altlinux/developer/mike, Quit: goto)
11:56
<markit>
ok, at the moment I'm unable to umount it sigh
11:56
let's reboot the client
11:57
hours and hours wasted in vain, so sad
11:58
wondering if is bette sync or async
11:59
<alkisg>
markit: google translate this one to see how we do it here - it works ok: http://alkisg.mysch.gr/steki/index.php?topic=4847.45
12:00
No nfs-guru here though, we just tried things until it works ok
12:00
<markit>
alkisg: thanks :) I've read that nfs4 is much better since caches accesses so I was trying it, but chown does not work from client side in the shared home
12:01
I test with nfs3 now, kde people will not complain, I hope ;P
12:02
<alkisg>
Right, the problem we found with nfs4 was uid mapping
12:13
<markit>
this post explains the difference, and seems that domain name has to be set and equal for NFSv4: https://blogs.oracle.com/tdh/entry/chown_1_and_username_spaces
12:14[GuS] has joined IRC ([GuS]!~MysT@unaffiliated/gus/x-663402)
12:17alkisg has left IRC (alkisg!~alkisg@plinet.ioa.sch.gr, Quit: Leaving.)
12:26
<markit>
mmm access denied by server while mounting. This seems not a good day
12:27
ok, found
12:31work_alkisg has joined IRC (work_alkisg!~alkisg@plinet.ioa.sch.gr)
12:33
<markit>
ok, with nfs3 creation in the shared home works
12:37Gremble has left IRC (Gremble!~Ben@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com, Quit: I Leave)
12:53Gremble has joined IRC (Gremble!~Ben@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com)
13:03Gremble has left IRC (Gremble!~Ben@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com, Quit: I Leave)
13:03khildin has left IRC (khildin!~khildin@ip-80-236-225-253.dsl.scarlet.be, Quit: I'm gone, bye bye)
13:11
<markit>
mmm is fast!
13:11* markit perplexed
13:15gvy has joined IRC (gvy!~mike@altlinux/developer/mike)
13:26Gremble has joined IRC (Gremble!~Ben@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com)
13:31mgariepy_ has left IRC (mgariepy_!mgariepy@nat/revolutionlinux/x-tslaouyvflqlyadu, Quit: Leaving)
13:31mgariepy has joined IRC (mgariepy!mgariepy@ubuntu/member/mgariepy)
13:40hachque has joined IRC (hachque!quassel@2600:3c01::f03c:91ff:fe96:5060)
14:10garymc has joined IRC (garymc!~chatzilla@host81-148-33-213.in-addr.btopenworld.com)
14:23Phantomas has joined IRC (Phantomas!~Phantomas@ubuntu/member/phantomas)
14:24dgeary2 has joined IRC (dgeary2!~david@2001:388:e001:1e00:914:40fb:752:d15)
14:31bauerski1 has left IRC (bauerski1!~witekb@frodo.psp.opole.pl, Quit: Leaving.)
14:33adrianorg has left IRC (adrianorg!~adrianorg@187.113.251.126, Ping timeout: 250 seconds)
15:03Gremble has left IRC (Gremble!~Ben@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com, Quit: I Leave)
15:04daya has joined IRC (daya!~daya@unaffiliated/daya)
15:05daya has joined IRC (daya!~daya@unaffiliated/daya)
15:06shogunx has joined IRC (shogunx!~shogunx@2001:4978:106:1:84f:77f0:2dc:563c)
15:06alkisg has joined IRC (alkisg!~alkisg@ubuntu/member/alkisg)
15:11bobby_C has joined IRC (bobby_C!~bobby@85-124-22-227.teleworker.xdsl-line.inode.at)
15:24staffencasa has left IRC (staffencasa!~staffenca@8-220.ptpg.oregonstate.edu, Read error: Connection reset by peer)
15:27
<markit>
alkisg: btw, talking with someone in #kubuntu, I got the suggestion of use zram-config, have you evaluated it?
15:28
<alkisg>
markit: I think zram is completely useless for ltsp, where we can use nbd swapping
15:28
<markit>
is nbd swapping enabled by default? and isn't /tmp in ram currently?
15:28
<alkisg>
It's even harmful as it takes some significant ram percentage. It's only useful if someone doesn't want nbd swapping for some reason
15:29
NBD swapping is on only for low-ram clients
15:29
cat /proc/mounts tells you about the mounted file systems, you can check for /tmp there
15:29
<markit>
I see. Current local tests with "async" in fstab instead of my previous "sync" show that kde works fine with /home and /var/tmp on nfs... or I'm doing something wrong. Now I try with ltsp let's see
15:33
<Hyperbyte>
Hi alkisg! http://www.set-reizen.nl/kerstkaart/ :-)
15:34
<alkisg>
Hi Hyperbyte! Merry xmas + new year for you too :)
15:34
And, nice snow!
15:34
<Hyperbyte>
:-D
15:38
<||cw>
linux kernel nfs sync code is pretty inefficient
15:41mdsa has left IRC (mdsa!4454054a@gateway/web/freenode/ip.68.84.5.74, Ping timeout: 245 seconds)
15:45
<markit>
||cw: with async is there any risk?
15:45
alkisg: probably the main problem was "sync"
15:45
<||cw>
sure there is. make sure you trust your UPS
15:45
<markit>
now first login is 140MB (from LDM to responsive desktop)
15:45
and second login is 96MB
15:45
that is much better than older 400MB...
15:46
or maybe kde 4.9.4 has improved something in the meantime
15:46
||cw: server UPS? otherwyse will I have /home damaged, or just loose last modifications?
15:47
<||cw>
just open files with pending writes
15:48
similar situation is enabling write cache on a raid card with no backup battery on it
15:48
<markit>
||cw: mmm with raid card you loose the ENTIRE FS
15:48
with async only last modifications on open files, right?
15:48
<||cw>
not always, but it's possible
15:49* markit now tries sshfs again, who can tell...
15:49
<||cw>
well, I've not seen any issues, even with a kernel panic, but I wasn't using nfs heavily either
15:49
<markit>
mmm so bad, /var/tmp is not populated
15:50
oh, is not because I set it that way, ok, let's revert my settings
15:55dead_inside has joined IRC (dead_inside!~dead_insi@76.75.3.174)
16:06dobber has left IRC (dobber!~dobber@213.169.45.222, Remote host closed the connection)
16:15bob has joined IRC (bob!6df2e8ec@gateway/web/freenode/ip.109.242.232.236)
16:15
<bob>
bob
16:16bob is now known as Guest43983
16:16
<alkisg>
Guest43983: hello
16:16
Guest43983: γράψε: /j #ts.sch.gr
16:21
<Guest43983>
ela alki
16:21
me to ALT vrika to koubi
16:21
REMOVE sta agglika
16:21
alla pali zitaei password kai ego malon to exo xasei
16:21
<alkisg>
Guest43983: επειδή εδώ είναι μόνο αγγλικό κανάλι, γράψε /j #ts.sch.gr
16:22risca has joined IRC (risca!~risca@c-135-63.eduroam.liu.se)
16:23Guest43983 is now known as bobptz
16:26
<markit>
alkisg: probably async is the solution to my problems, making kde able to work good enough, see also http://www.immv.es/articulos-web/tips/kde-slow-startup-when-home-is-mounted-over-nfs.html
16:26
I'm setting all the rest as default, rebuilding the image and test again
16:26
<alkisg>
markit: async shouldn't make any difference wrt size
16:27
600 mb vs 100? how can async do that?
16:27
<markit>
(last settings were to have the cache under home, now let's try with default /var/tmp and a symlink)
16:27
alkisg: probably caches a lot? I've no idea
16:27
<alkisg>
Yes, but sync/async can't tell KDE how much to cache or not
16:27
<markit>
"This has been a problem which I hadn't solved through years (since sync behaviour was default) and never had the time to look at it thoroughfully, because I configured GNOME as a default for users. "
16:28
alkisg: I mean, kde DOES a lot of more I/O, but instead of going through lan, nfs client caches locally?
16:28
<alkisg>
My problem with KDE wasn't slowness, it was 600 mb on login
16:28
Hmmm yeah that could be right, I don't remember the actual disk size that KDE uses on /var etc
16:28mikkel has joined IRC (mikkel!~mikkel@80-71-132-15.u.parknet.dk)
16:28
<markit>
alkisg: I'm so happy that I told you now, but better do last test
16:30risca has left IRC (risca!~risca@c-135-63.eduroam.liu.se, Quit: Lämnar)
16:37bobptz has left IRC (bobptz!6df2e8ec@gateway/web/freenode/ip.109.242.232.236, Quit: Page closed)
16:50Phantomas has left IRC (Phantomas!~Phantomas@ubuntu/member/phantomas, Read error: Operation timed out)
16:54
<markit>
wow, really seem to work now
16:55
alkisg: have you played with other nfs parameter about packet size or something like that?
16:55
ehm, not packet
16:55
nfs4 has things like rsize=8192,wsize=8192
16:56
<alkisg>
markit: yes, on atheros NICs we had to specify those... to something like 15xx
16:56
<markit>
also use nfs4 should improve performances even more
16:56
<alkisg>
On non-atheros NICs, we didn't modify anything
16:56
<markit>
alkisg: you are telling about MTU (my mistake)
16:56
what about nfs fine tunings?
16:56
ok, maybe for gnome is "good enough" though
16:57
<alkisg>
It's just /home... usually you don't need to pull a lot of MB from there
16:57
E.g. launching an open office document:
16:57
120 mb read from NBD,
16:57
1 mb read from /home
16:57
<markit>
as far as I remember, with gnome you have 30 MB, I have 96, so 3x worse, there is room for improvement on KDE side, but at least is usable
16:57
<alkisg>
...so it doesn't make much different if it's nfs, sshfs or any other file system
16:58
<markit>
mmm yes, you are right, here also probably most of the traffic is in read (apart first login)
16:58
<alkisg>
If your students want to encode video from DV cameras, then OK it'll be different
16:58
<markit>
lol :)
16:59
are you on holidays soon? just curious, can we expect further ltsp development?
16:59
are you (you ltsp team) evaluating lxde further?
16:59
<alkisg>
The "ltsp team" is a loose team of individuals interested in ltsp :)
17:00
And especially these days we lack cooperation
17:00
So every dev that does have free time and the need to do something wrt ltsp, takes the time and does it
17:00
Personally I think I want to take a look at samba 4, for authentication, shared data etc
17:01
<markit>
ok, but are you focused in something specific? i.e. implement XYZ to increase ZXY?
17:01
<alkisg>
Maybe we can use much of it on schools...
17:01
<markit>
good shot, yes
17:01
<alkisg>
Then we'll be able to have ltsp servers/ltsp clients/standalone clients have the same central authentication + homes
17:01
And maybe even windows clients too
17:02
Maybe with that, we can retire all our windows servers, even on schools that don't use linux
17:03
For LTSP, I was waiting for the libpam_sshauth implementation and the LDM removal, but it looks like those things are not currently developed so we'll have to wait for a while...
17:08Phantomas has joined IRC (Phantomas!~Phantomas@ubuntu/member/phantomas)
17:17dgeary2 has left IRC (dgeary2!~david@2001:388:e001:1e00:914:40fb:752:d15, Ping timeout: 245 seconds)
17:33bobby_C has left IRC (bobby_C!~bobby@85-124-22-227.teleworker.xdsl-line.inode.at, Read error: Operation timed out)
17:40jerryc has left IRC (jerryc!~pppingme@65.28.110.103, Quit: Leaving)
17:40jerryc has joined IRC (jerryc!~pppingme@2001:470:1f11:160:223:8bff:fe6d:bad4)
17:43jerryc has left IRC (jerryc!~pppingme@2001:470:1f11:160:223:8bff:fe6d:bad4, Client Quit)
18:03dead_inside has left IRC (dead_inside!~dead_insi@76.75.3.174, Quit: Computer has gone to sleep.)
18:06vagrantc has joined IRC (vagrantc!~vagrant@75-150-46-245-Oregon.hfc.comcastbusiness.net)
18:06vagrantc has joined IRC (vagrantc!~vagrant@freegeek/vagrantc)
18:10dead_inside has joined IRC (dead_inside!~dead_insi@76.75.3.174)
18:15
<Hyperbyte>
alkisg?
18:15
You around?
18:18
<alkisg>
Hyperbyte: pong
18:23
<Hyperbyte>
I'm still having the issues with home dirs sticking around after logout
18:24
I'm going to remedy it by moving /home/ to the fileserver, and mount it via NFS
18:24
<alkisg>
Hyperbyte: what are you using? thin clients with localapps?
18:24
<Hyperbyte>
Is there some debug information you'd like me to gather before I do this?
18:24
No, ltsp-pnp, fat clients.
18:24
This is at Radio Capelle. :)
18:25
<alkisg>
Contents of the home dirs, and result of `cat /proc/mounts` could be useful...
18:25
And maybe ps aux | grep $user, after logout
18:28
<Hyperbyte>
Okay, well, I can't 100% reproduce this error
18:28
And the home dirs that have stuck around, have been there for quite a while, so they've all been filled by gnome configs, etc.
18:29
I could provide you with output of find . if that's useful, but it'll be a whole lot of stuff
18:29
As for ps aux, no processes are running from the two users in question still
18:30
And cat /proc/mounts still shows a whole bunch of fusefs mounts from both users.
18:30
fuse gvfs, not fuse fs.
18:30
<alkisg>
Yup, the output of find would be fine, along with the output of /proc/mounts
18:31
gvfs... any weird file systems in use, like ftp, cameras...?
18:32
I think we should at least force-unmount the home dir after logout, and also tell sshfs to mount the home dir over the existing one even if it's not empty
18:32
That should cause a lot less headaches, until the actual problems are solved
18:33gvy has left IRC (gvy!~mike@altlinux/developer/mike, Quit: Leaving)
18:36
<Hyperbyte>
mmm
18:36
Oh wow
18:36
Even better
18:36
I just reproduced it
18:37
So I have a home dir with the exact files that are left after logout
18:37
It's .pulse stuff
18:37
<alkisg>
And that's all?
18:39
<Hyperbyte>
http://studio.radiocapelle.nl/procmounts.txt
18:39
http://studio.radiocapelle.nl/homedirs.txt
18:40
Notes: janmiddelkoop and sonnyvalies have since the bug appeared logged out and logged back in several times.. Sonny once I believe, me multiple times
18:40
fransvandersman just logged out and the bug has appeared
18:40
Notable things:
18:40
- fransvandersman has .pulse stuff leftover, but nothing stuck in /proc/mounts
18:41
<alkisg>
Let's ignore the ones that have logged in since then
18:41
I think in that case, they're using a "local" /home, i.e. a tmpfs one
18:41
<Hyperbyte>
More notable info!
18:42
<alkisg>
So all their data will be lost on reboot
18:42
<Hyperbyte>
They -do- have processes running still
18:42
But - since the users don't exist anymore (duh)00, I didn't notice them.
18:42
<alkisg>
What I noticed from KDE as well, was, that sshfs looks like it's starting a bit late
18:42
<Hyperbyte>
There's a gnome-keyring thing still running for someone, and pulseaudio stuff for someone else.
18:43
<alkisg>
So some daemons get to run and access /home/username before sshfs mounts /home/username from the server
18:43
<Hyperbyte>
I could find out which users exactly, but that'll take some finding out
18:43
<alkisg>
It's like it's doing a lazy mount or something...
18:43* markit wakes up
18:43
<Hyperbyte>
Welcome back markit. ;-)
18:43
alkisg, should I dig into the ps aux to find out what's running exactly and for who?
18:44
<alkisg>
Hyperbyte: it would help a bit, if you have time for it
18:44
<markit>
was on phone for a lot of time, I've to setup remotely a web server and a ftp server... never setup a ftp server so far
18:44
<Hyperbyte>
I can make time for it.
18:44
<alkisg>
Also writing all that down in a bug report would help as well
18:44
<Hyperbyte>
Can we make the deal that I do figuring out and you do bug report? :)
18:44
<alkisg>
Because it's possible that sshfs is to blame, and not ltsp...
18:45
Nope, not at this time... I won't have much time for ltsp for a few days or maybe even weeks more :-/
18:45
<Hyperbyte>
Well if you want my opinion, I think LTSP tries to delete user and remove /home/ while some processes are still running for the user
18:45
<alkisg>
But that bug is one of the most annoying ltsp bugs currently
18:45
<Hyperbyte>
Removing user works, but /home/ stays put with the files that were or are in-use and can't be removed
18:46
<alkisg>
Hyperbyte: /home/fransvandersman/.pulse ==> that was created before the sshfs mount, right?
18:46
<Hyperbyte>
Does LTSP do a killall -9 for processes that are still running?
18:46
<alkisg>
No
18:46
<Hyperbyte>
alkisg, no idea.
18:46
<alkisg>
I think the problem is that sshfs does a lazy mount
18:46
So some daemons get to write in the tmpfs before the sshfs mount appears
18:46
<Hyperbyte>
Maybe LTSP should just do killall -9 <user> and then fork until all processes are gone, before it goes to nuke the user and home dir
18:46
<alkisg>
And then, on the next login, the code refuses to do the sshfs mount completely, because files exist there
18:47
No just a forced unmount would be enough
18:47
<Hyperbyte>
mhm
18:47
<alkisg>
i.e. umount || umount -l
18:48
There are 3-4 bugs left that are very annoying... this is one of them
18:48
Another is the gnome-panel disappearing...
18:49
<Hyperbyte>
http://studio.radiocapelle.nl/psaux.txt
18:50
Now you know which files are left after bug appears, and which processes are still running. :)
18:50
I'll see then if I can find some time to file report, if you're too busy
18:50
Meanwhile, I am switching to NFS for /home/
18:53
<dead_inside>
v3 or v4?
18:54
<Hyperbyte>
No idea.
18:54
Any recommendations?
18:54
<dead_inside>
4
18:54
it supports file locks
18:54
and some programs like chrome/firefox like to lock
18:55
<Hyperbyte>
I don't know what default is
18:56
<markit>
dead_inside: are you really able to make it work with ltsp?
18:56
<Hyperbyte>
Ah. 4 is default.
18:56
<dead_inside>
we have been using 4 for about two years now
18:56
<markit>
I tried v4 but I had problems when tried to change ownership of files
18:56
<dead_inside>
its an ltsp clust
18:56
<Hyperbyte>
markit, root squash!
18:56
<dead_inside>
cluster*
18:56
<markit>
dead_inside: could you suggest me how to setup?
18:56
Hyperbyte: same config for V3 works flasless
18:57
<Hyperbyte>
markit, read up on root squashing on NFS. :-)
18:57
<dead_inside>
let me see if i can find a good doc markit
18:57
<markit>
Hyperbyte: I use no_root_squash
18:57
<Hyperbyte>
I believe there have been lots of squashing adjustments/tweaks between v3 and v4.
18:57
markit, you shouldn't use no_root_squash.
18:57
You should let NFS do it's thing.
18:58
<markit>
mmm was root_squash and I've found a suggestion to set to no_
18:58
I could do some experiment again then
18:58
<Hyperbyte>
It wouldn't surprise me if they removed the no_root_squash option.
18:59
<alkisg>
I don't think NFS booting would work then
18:59
For /home, ok, but not for /...
19:01
<Hyperbyte>
alkisg, which part of / exactly?
19:01
<alkisg>
Hyperbyte: for instance, no suid root programs would work, since they'd be suid ...nobody
19:01
And I think many daemons refuse to access sockets/files/dirs if they're not owned by root
19:02
<markit>
dead_inside: what is your export configs, please?
19:02
<Hyperbyte>
alkisg, nfs v4 shows file ownership correctly even if user doesn't have access.
19:03
<dead_inside>
markit http://pastebin.com/zA2mUkNf
19:03
<alkisg>
Hyperbyte: with root_squash, who would be the owner of /etc/shadow?
19:04
<Hyperbyte>
alkisg, depends on who the owner of /etc/shadow is?
19:05
With nfsv4, file permissions don't change with root squash enabled/disabled
19:05
<alkisg>
-rw-r----- 1 root shadow 2048 Νοέ 21 21:46 /etc/shadow
19:05
<Hyperbyte>
Just the access rights.
19:05
<alkisg>
Hyperbyte: the access rights? not the owner?
19:05
Wouldn't that file then be owned by nobody:shadow?
19:05
...and so it would be a security problem, as anyone would be able to read it?
19:06
<Hyperbyte>
No
19:06
I am root@nfs client
19:06
I do an ls -al on /data
19:06
There's a folder drwxrwx--- root:root
19:06
I do cd data... permission denied.
19:07
<alkisg>
Can you run a suid root program from nfs?
19:07
<Hyperbyte>
I didn't boot from NFS
19:07
<alkisg>
It doesn't matter... can you?
19:07
<Hyperbyte>
I have no idea?
19:07
<alkisg>
I mean, try it... cp one to your /data
19:08
<Hyperbyte>
Ah
19:08
That's chmod +u right?
19:09
<alkisg>
You can copy an existing program from the path... /bin, /sbin, /usr/sbin...
19:10
<Hyperbyte>
Can't you just chmod it?
19:10
<alkisg>
Sure but suid won't work with scripts
19:10
So you can't try with e.g. a shell script
19:10
<Hyperbyte>
Ah
19:11
Well I copied /bin/cp - but I'm not sure if this has suid bit set?
19:11
How can I check this?
19:11
<alkisg>
ls -l /usr/bin | grep sr-
19:12
Anyway /me needs to finish some work, so unfortunately will have to check all these nice things later... bb for now!
19:12
<Hyperbyte>
I think the suid bit is lost while copying the file
19:12
<alkisg>
cp -a
19:12
<Hyperbyte>
cp -a ..yeah
19:13
I don't think this works... or it does and SELinux is preventing it
19:13
Or it's disabled... not entirely sure
19:13
Anyway
19:16dead_inside has left IRC (dead_inside!~dead_insi@76.75.3.174, Quit: Computer has gone to sleep.)
19:30dead_inside has joined IRC (dead_inside!~dead_insi@76.75.3.174)
19:33[GuS] has left IRC ([GuS]!~MysT@unaffiliated/gus/x-663402, Quit: Konversation terminated!)
19:35daya has left IRC (daya!~daya@unaffiliated/daya, Quit: Leaving)
19:36komunista has joined IRC (komunista!~slavko@adsl-195-168-234-074.dynamic.nextra.sk)
19:42
<markit>
dead_inside: thanks a lot
19:43
ehm, at the end of the discussion that I have not understood, is nfs4 ok and is no_root_squash or root_squash ok?
19:44
Hyperbyte: dead_inside uses no_root_squash also
19:46alkisg has left IRC (alkisg!~alkisg@ubuntu/member/alkisg, Remote host closed the connection)
19:47gvy has joined IRC (gvy!~mike@altlinux/developer/mike)
19:54
<Hyperbyte>
markit, that doesn't make it less bad practice.
19:54
According to alkisg, it might be required using it to boot clients via NFS instead of NBD
19:54
<markit>
Hyperbyte: I've tried with nfs4 and two stand alone pc
19:54
client was able to create files and change attributes
19:54
but not to change ownership
19:55
(I was root on the client side)
19:55
with nfs3 it worked fine
19:55
<Hyperbyte>
But then you only need to set it on the chroot export, which is read-only anyways... you should never do no_root_squash on rw filesystems
19:55
<markit>
probably here is explained: https://blogs.oracle.com/tdh/entry/chown_1_and_username_spaces
19:56
<Hyperbyte>
That's only when you're not using NIS or LDAP
19:56
<markit>
I'm not, in fact
19:56
<Hyperbyte>
Well then that makes user mapping very difficult yes.
19:57
<markit>
I had the same user with the same id on both parts
19:57
in any case, was just to build a test case for KDE devs to troubleshoot KDE slowliness
19:58
so you think that no_root_squash can be removed for /home sharing and I can try nfs4 instead of 3 for nfs?
19:58
<Hyperbyte>
I generally always deploy LDAP, for every setup I have where I need to maintain user accounts.
19:58
<markit>
I'll do a test later
19:58
<Hyperbyte>
markit, do you know what no_root_squash does exactly?
19:58
<markit>
Hyperbyte: I never used it and I tend to avoid layers of complexity
19:59
Hyperbyte: I think uses user "root" instead of "nobody" to access on the server side the share
19:59
or something like that
19:59
<Hyperbyte>
So far, LDAP has only made things easier for me. :-)
19:59
<markit>
Hyperbyte: in ltsp also?
19:59
<Hyperbyte>
Yes.
19:59
<markit>
I mean, I'm sure ldap is good for solving problems, just wondering if I have such problems to solve
19:59
I've a standalone ltsp server
20:00
<Hyperbyte>
markit, with NFS, user permissions on filesystems are the same on client and server. So if I as a user have access to a dir on the server, I also have access to it on the client.
20:00
So, working from that logic, if I'm root on the client with access to everything, I also have access to everything on the server.
20:00
root squashing is an NFS feature that disables that.
20:01
The "nobody" thing you're seeing instead of root is an NFSv3 feature, NFSv4 doesn't do that, it just shows root, but denies permission regardless.
20:11
My LTSP setup is now using NFSv4 for /home :-)
20:15mnevans has joined IRC (mnevans!81028195@gateway/web/freenode/ip.129.2.129.149)
20:19sep has left IRC (sep!~sep@40.211.jostedal.no, Ping timeout: 276 seconds)
20:22garymc has left IRC (garymc!~chatzilla@host81-148-33-213.in-addr.btopenworld.com, Quit: ChatZilla 0.9.89 [Firefox 17.0.1/20121128204232])
20:35
<dead_inside>
sorry markit i just got back from lunch
20:40
<markit>
Hyperbyte: KDE needs /var/tmp access too, so better try, but thanks a lot for tips and clarifications
20:50vagrantc has left IRC (vagrantc!~vagrant@freegeek/vagrantc, Quit: leaving)
20:55adrianorg has joined IRC (adrianorg!~adrianorg@177.156.56.57)
21:15gvy has left IRC (gvy!~mike@altlinux/developer/mike, Quit: sleep then)
21:18mikkel has left IRC (mikkel!~mikkel@80-71-132-15.u.parknet.dk, Quit: Leaving)
21:57_al_ has left IRC (_al_!~antti@188-67-146-28.bb.dnainternet.fi, Ping timeout: 244 seconds)
21:59_al_ has joined IRC (_al_!~antti@87-93-30-181.bb.dnainternet.fi)
22:09NeonLicht has left IRC (NeonLicht!~NeonLicht@darwin.ugr.es, Ping timeout: 244 seconds)
22:25PhoenixSTF has joined IRC (PhoenixSTF!~rudi@78.29.132.86)
22:35staffencasa has joined IRC (staffencasa!~staffenca@8-220.ptpg.oregonstate.edu)
22:38dead_inside has left IRC (dead_inside!~dead_insi@76.75.3.174, Quit: Leaving...)
23:02komunista has left IRC (komunista!~slavko@adsl-195-168-234-074.dynamic.nextra.sk, Quit: Leaving.)
23:13Phantomas has left IRC (Phantomas!~Phantomas@ubuntu/member/phantomas, Ping timeout: 255 seconds)
23:29Phantomas has joined IRC (Phantomas!~Phantomas@ubuntu/member/phantomas)