|00:08||Freejack has joined IRC (Freejack!~Freejack@unaffiliated/freejack)|
|01:28||AlexPortable has left IRC (AlexPortable!uid7568@gateway/web/irccloud.com/x-xuztxchcqskbmcsh, Quit: Connection closed for inactivity)|
|01:58||dgroos has joined IRC (firstname.lastname@example.org)|
|02:02||dgroos_ has joined IRC (email@example.com)|
|02:03||dgroos has left IRC (firstname.lastname@example.org, Ping timeout: 255 seconds)|
|02:03||dgroos_ is now known as dgroos|
|04:04||dgroos has left IRC (email@example.com, Quit: dgroos)|
|04:08||telex has left IRC (firstname.lastname@example.org, Remote host closed the connection)|
|04:10||telex has joined IRC (email@example.com)|
|05:00||ricotz has joined IRC (ricotz!~rico@ubuntu/member/ricotz)|
|05:08||work_alkisg is now known as alkisg|
|05:20||cyberorg has left IRC (cyberorg!~cyberorg@opensuse/member/Cyberorg, Ping timeout: 246 seconds)|
Hyperbyte: I still haven't been able to make systemd unmount nbd before poweroff. So much for systemd being easy. :)
No help from their IRC/ML either
|06:05||vmlintu has joined IRC (firstname.lastname@example.org)|
|06:09||mikkel has joined IRC (email@example.com)|
|06:35||pppingme has left IRC (pppingme!~pppingme@unaffiliated/pppingme, Ping timeout: 264 seconds)|
|06:40||pppingme has joined IRC (pppingme!~pppingme@unaffiliated/pppingme)|
nbd-client: To try mounting the NBD image from the client initramfs: nbd-client 192.168.67.1 -N /opt/ltsp/i386 /dev/nbd0
|08:04||cyberorg has joined IRC (cyberorg!~cyberorg@opensuse/member/Cyberorg)|
alkisg, systemd doesn't unmount nbd at all?
Hyperbyte: nope, it does swapoff but not nbd-client -d, thus leaving the temporary swap files on the server
I'd have look into your configuration.
Do you have an ltsp service in systemd?
Hyperbyte, currently we don't have anything at all systemd-related in ltsp
If there's an upstream method to mount/unmount nbd, then we could use that one
But I didn't see any...
I'm trying to create an override .conf file for dev-nbd1.swap.d/ltsp.conf, but it's not called... maybe it needs to be called dev-nbd1.device.d/ltsp.conf instead...
systemd does take care of unmounting network filesystems before shutting down network, but there's a bug presently where it only works over lan and not wireless.
It wouldn't surprise me if there was a bug as well that it only works with nfs currently and not nbd, but you'd have to check that. If it does have that bug, then you should file a report.
In the meantime, you can create a workaround easily - there's some suggestions in that bug report I linked.
But what I would do, is create an ltsp-client.service for systemd, which is dependant on network.target, and do all your stuff in there.
Basically it's what you do right now as well with init. Just have a single script handle everything on startup and shutdown.
If you want I can log in and take a look at your configuration, help you set up service files, etc...
It just sounds silly to have a "service" in order to put some workarounds for shutdown... but I've tried Before=halt.target etc and they don't work properly, so I'm guessing it's worth a shot
I see a post from you earlier on Gmane where you have problems with your .service files.
Ideally I shouldn't need any .service files at all, those were my attempts to work around the issue
|08:26||NeonLicht has joined IRC (NeonLicht!~NeonLicht@darwin.ugr.es)|
alkisg, how long does this swap file stay active on the server anyways?
I don't remember, either 2h 11m or until server reboot
Hyperbyte: the swap is only 1/2 of the problem, the other half is that systemd brings down the network so /sbin/poweroff cannot be accessed and the clients don't shut down
I'll check the bug report in case I can find any workarounds
As for a test environment, just install ubuntu 15.10 with ltsp and try to shut down a client...
systemd has been made so it cleanly unmounts nfs as well, so it should also be able to work with nbd. What we're doing with LTSP isn't of course common usage, so it's not surprising we run into bugs.
But I think if you file clean reports for those in RedHat's bugzilla they might just be fixed quicker than you think.
One problem is that we're using nbd as the root device. I don't think nfs as the root device is supported by systemd, is it?
And a second problem is that I cannot file bugs against fedora without porting ltsp there... what would I mention, that I'm using ubuntu?
bb in 30'...
|08:42||alkisg is now known as work_alkisg|
You don't need to file bugs against Fedora?
Against redhat's bugzilla?
I meant Freedesktop: https://bugs.freedesktop.org/buglist.cgi?component=general&product=systemd&resolution=---
That's systemd bugtracker.
And can't just file bugs against Ubuntu 15.10 systemd as well?
Ubuntu rarely fixes upstream bugs
|09:03||work_alkisg is now known as alkisg|
OK let me try with a startup service instead of a shutdown service...
Hyperbyte: ah, another issue with the startup service is that then I cannot see if the system reboots or shuts down
`runlevel` at that point doesn't return 0/6
So I was trying to have 2 services, one for reboot and one for shutdown, which isn't possible with one startup ltsp service
With that, it _sometimes_ works properly
I.e. there's still a race condition involved
If I use RCFILE_01="sleep 10; RUNLEVEL=6 nbd-disconnect", then I can verify that nbd-disconnects works properly, e.g. after 100 client reboots I don't have any extra nbd-server processes,
but if I use RCFILE_01="reboot", and use that ^ unit which then calls nbd-disconnect, it does have a few extra nbd-server processes, e.g. 10%
So one out of ten times, systemd reboots without letting nbd-disconnect finish its job
Do you think that I also need a "wants" directive?
|10:00||* alkisg will also check if having /dev/nbd0 with _netdev in /etc/fstab, helps...|
|10:01||alkisg is now known as work_alkisg|
|10:01||maldridge has left IRC (firstname.lastname@example.org, Remote host closed the connection)|
|10:07||maldridge has joined IRC (email@example.com)|
|10:25||maldridge has left IRC (firstname.lastname@example.org, Ping timeout: 250 seconds)|
|10:31||maldridge has joined IRC (email@example.com)|
hmm, after my update, despite still having X_COLOR_DEPTH=24, my X is started with -depth 16 -- any hints?
|10:54||Grembler has joined IRC (Grembler!~Ben@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net)|
work_alkisg, sure you can see if it's shutting down or starting up
For starters, you can have a service execute different commands on startup/shutdown
Just pass it as a parameter, or better yet, have one script for startup and one script for shutdown
Like I said, you could have me ssh in so we can take a look together. I don't have a 15.10 machine handy and I haven't seen systemd on Ubuntu before.
cyberorg posted his ltsp .service file here a while back
It was clean and simple, just ltsp service that executes one command on startup to init the client and one on shutdown to cleanup all the client stuff
If you just do the swap unmount/nbd disconnect from the ltsp cleanup script (which kinda makes sense, because you're doing the connect & mounting of the swap from the init script, everything should work fine methinks.
|11:01||khildin has joined IRC (firstname.lastname@example.org)|
|11:09||Grembler has left IRC (Grembler!~Ben@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net, Quit: I Leave)|
hmm, if I change /usr/share/ltsp/screen-session.d/XS95-colordepth by hand, it's all fine...
hmm I think my lts.conf is not found any more when I change the root mount point? how is the path of lts.conf determined?
|12:18||vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)|
|12:31||ben_roose has joined IRC (email@example.com)|
|12:50||vmlintu has left IRC (firstname.lastname@example.org, Read error: Connection reset by peer)|
|13:56||telex has left IRC (email@example.com, Remote host closed the connection)|
|13:58||telex has joined IRC (firstname.lastname@example.org)|
|14:10||mikkel has left IRC (email@example.com, Quit: Leaving)|
|14:18||work_alkisg is now known as alkisg|
Hyperbyte: the problem is not about running different commands on startup/shutdown, but on shutdown/reboot
We essentially need to run `poweroff -fp` or `reboot -fp` depending on the runlevel
And with a plain ltsp.service file, I can't get separate "events" for poweroff vs reboot
And `runlevel` doesn't produce the correct results
So I was trying to create an ltsp-reboot.service and an ltsp-shutdown.service files, but that doesn't work correctly either
About the swap, I just checked and if a client constantly reboots, it causes about 100-200 nbd-server processes on the server before they automatically time out after 2 hours
So if one has plenty of space on the server, unmounting the swap isn't of paramount importance,
but, being able to reboot and shutdown surely is...
So to sum up I think we'll need 4 different systemd units, one for ltsp startup/shutdown, one for swap, one for reboot, and one for shutdown... and I'm worried that the last 3 won't work properly...
fiesh: it's deduced from the tftp boot file name
E.g. /ltsp/i386/pxelinux.0 ==> /ltsp/i386/lts.conf
hmm ok, so then it shouldn't depend on the root mount point, thanks
|14:33||AlexPortable has joined IRC (AlexPortable!uid7568@gateway/web/irccloud.com/x-eupbxwjlkjxrmxiw)|
|16:08||dgroos has joined IRC (dgroos!~dgroos@2607:ea00:103:4802::28)|
maldridge: clients now booting AND clients can login to their session!
The problem with the login was that the tool that connected me to our AD servers used /etc/skel/ as its template for creating home folders for new users.
And that template folder was too sparse so a sessions couldn't be started for people who didn't already have a complete home folder. So, I just copied in a freshly created home folder into /etc/skel/ and first time logins now work!
I do have a problem with browser on client--they can't access the internet yet.
I think the problem might be that to get PowerBroker (the tool to connect to AD) to work, I need to include a dns entry in: /etc/resolvconf/resolv.conf.d/head. I use the school districts dns address, but the ltsp-pnp fix uses 220.127.116.11
Might that be a problem, anyone? Any other ideas?
(fyi this is my lunch break so I have to leave in 13 minutes but will be back an hour later.)
dgroos, just put your DNS_SERVER in lts.conf...
Replace 18.104.22.168 with the one you want
alkisg: Cool, will try!
(booting client... do I need to restart networking? computer? dns?)
|16:24||_UsUrPeR_ has joined IRC (_UsUrPeR_firstname.lastname@example.org)|
hmmm... I'll try rebooting later, clients can't yet access internet via browser.
|16:26||_UsUrPeR_ has left IRC (_UsUrPeR_email@example.com, Client Quit)|
dgroos: You only need to restart the client
|16:45||NeonLicht has left IRC (NeonLicht!~NeonLicht@darwin.ugr.es, Ping timeout: 260 seconds)|
hmmm... no access to internet on client yet--that must not have been the problem.
Also, am finding there still are issues with the AD binding. Be back in 2 hours...
|17:44||gothaggis has left IRC (firstname.lastname@example.org, Remote host closed the connection)|
dgroos: single NIC setup, and the client can't ping 22.214.171.124?
On a fat client, try: (1) ping 126.96.36.199, and (2) host www.google.com
If (1) works and (2) doesn't, it's a dns issue, maybe your lts.conf isn't correct
|18:39||alkisg is now known as work_alkisg|
|18:40||Grembler has joined IRC (Grembler!~Ben@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net)|
|18:54||lavarenne has joined IRC (lavarenne!51f9da54@gateway/web/freenode/ip.188.8.131.52)|
Hi i try to configure epoptes following the documentation http://www.epoptes.org/installation but i get the error epoptes-client ERROR: Failed to fetch certificate from 192.168.1.13:789 when i run epoptes-client -c thx :-)
|19:07||Grembler has left IRC (Grembler!~Ben@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net, Quit: I Leave)|
|20:09||Junior has joined IRC (Junior!bd4b5d2c@gateway/web/freenode/ip.184.108.40.206)|
hi, im using epoptes fat clients, all working normally until 3 days ago when 2 of the clients now appear as red on the server, already reinstalled and reconfigured epoptes-client on both machines. epoptes v. 0.5.7
|20:21||lavarenne has left IRC (lavarenne!51f9da54@gateway/web/freenode/ip.220.127.116.11, Ping timeout: 246 seconds)|
work_alkisg: I can't use the single NIC setup as the IT people want me on a completely isolated (bridged?) LAN.
dgroos: do you have rules then that implement NAT on your segment?
Neither pinging IP nor domain name gets a response.
Hi maldridge! Ummm... don't think so.
so your ltsp server has 2 nics and can talk to the outside world, but clients can't?
nic confs ?
so, assuming that you have eth0 on the outside and eth1 on the inside, this guide will give you the 4 commands you need: http://www.revsys.com/writings/quicktips/nat.html
I'll check it out!
maldrige can you help me
Junior: what is your issue?
ah, just read scrollback; I'm afraid I don't use epoptes
|20:42||dgroos has left IRC (dgroos!~dgroos@2607:ea00:103:4802::28, Quit: Leaving.)|
|20:42||dgroos has joined IRC (dgroos!~dgroos@2607:ea00:103:4802::28)|
Junior: only thing I can think of is that they either didn't, or couldn't, pull down the server's cert
|20:56||telex has left IRC (email@example.com, Remote host closed the connection)|
|20:58||telex has joined IRC (firstname.lastname@example.org)|
Junior: A person who knows the ins and outs of epoptes lives in Greece and right now it's probably around midnight there. But if you get in this room sometime in their daytime he would most likely help you out on this issue.
maldridge: I followed the directions with the 4 commands but it doesn't seem to work yet... Should I restart networking or reboot client?
ty dgroos will try again
good luck! h
how i got a private chat ?
... His name is alkisg
Junior: right click on a person's name and choose it?
i dont know how to use this client :p
answer me on private
|21:15||ricotz has left IRC (ricotz!~rico@ubuntu/member/ricotz, Quit: Ex-Chat)|
Whenever I use this irc I have to tunnel out via a vpn connection since our district blocks this port (don't ask me why). Might that be making the commands I executed on that page behave strangely?
maybe they're trying to contain an irc botnet
we are blocked from youtube as well...
I remember when I had to NAT the server, but since using network manager and checking the box "available to all users" I've not had to worry about NATting.
But I see the 14.04 NM doesn't have that check box? How do I indicate on the 14.04 to forward packets?
(as shown in the screen shot/instructions on this page: UbuntuLTSP/StaticIP - Community Help Wiki <https://help.ubuntu.com/community/UbuntuLTSP/StaticIP>
|21:36||vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)|
|21:39||Junior has left IRC (Junior!bd4b5d2c@gateway/web/freenode/ip.18.104.22.168, Quit: Page closed)|
|21:49||khildin has left IRC (email@example.com, Quit: I'm gone, bye bye)|
|21:52||dgroos has left IRC (dgroos!~dgroos@2607:ea00:103:4802::28, Read error: Connection reset by peer)|
ah, missed him by a small margin
|22:09||dgroos has joined IRC (dgroos!~dgroos@2607:ea00:103:4803::e)|
Has anyone had to NAT an ltsp-pnp 14.04 server when using network-manager and 2 nics?
dgroos: while I think its possible to do that with network-manager, its probably not worth it
did you get any errors running the iptables commands?
can you pastebin an iptables -nvL
ah, you have cisco vpn stuff
I've never worked with the automated rules that cisco puts in, afraid I can't be of much help without risking breaking the VPN connection
Well, only so that I can use this irc pidgin.
|22:28||AlexPortable has left IRC (AlexPortable!uid7568@gateway/web/irccloud.com/x-eupbxwjlkjxrmxiw, Quit: Connection closed for inactivity)|
That is complicating things, let me get off, see if I stay connected, if not I can do a work-around, just a sec.
|22:32||dgroos has left IRC (dgroos!~dgroos@2607:ea00:103:4803::e, Read error: Connection reset by peer)|
|22:51||dgroos has joined IRC (firstname.lastname@example.org)|
people still use pidgin?
gehidore: It helps me fly to other parts of the world, quickly :-)
|22:54||ben_roose has left IRC (email@example.com, Remote host closed the connection)|
maldridge: wish I had an ethernet adapter for laptop to connect to internal network and see if I could get out on that, no luck though…
gehidore: what do you use?
I stopped using them all :|
I use weechat for irc and GV/Hangouts for everything from voice to sms to messaging
finally became skype free at the beginning of last month, felt liberating
Can hangouts call a phone in another country?
not without charging you for it :(
but my setup isn't for everyone, just hadn't heard someone talk about pidgin in a long time
now if that person also has hangouts... you can voice or video call regardless of location
dgroos: any one of the clients should be able to do it
My wife needs to call to rural guatemala—computers with internet are rare but cell phones abundant.
maldridge: I went to the old https://help.ubuntu.com/community/UbuntuLTSP/ThinClientHowtoNAT and it reminded me that a valuable test is to see if the problem is just on the clients or on their internal LAN.
ah, yeah that article has some good tips
so its working on your setup now?
no, not yet…
not sure where to go now to trouble shoot w/out being able to connect a full computer (non-pxe-booting) computer to the LAN
try to ping 22.214.171.124 at a client and it goes nowhere
does it at least make it to the server
and to be sure, you are in fact running a dual nic setup, right?
at client: ping 192.168.67.1 And yes, it does make it to the server.
Yes, Dual NIC setup. eth0 to external eth1 to internal just like in the page you linked above.
work_alkisg could explain it better, but I'm pretty sure that for the dual nic setup, ltsp has a nice autoconf script that sets up the network parameters as well as the tftp business
maldridge: OK, I’ll get here early in the AM and try and connect w/him. I’m a little concerned about the commands from that page: http://www.revsys.com/writings/quicktips/nat.html would you double check that I don’t have to un-do something I did there? Looking at those 4 commands…
well iptables isn't persistent across reboots, so as long as you didn't write those rules to a file anywhere, you can just reboot
:-( but I did… (commands 3 and 4)
ah, then just go edit those files, and remove the rules from them
or if those are the only things in the files, remove the files themselves
I’ll check, what exactly do I look for from one of those commands?
and, I’m looking for the files at /sbin/iptables ?
probably in /etc/iptables-restore I think
you don't need to back out your edits to syctl.conf
those need to be there either way
don’t have /etc/iptables-anything
alternatively if you edited /etc/sysconfig/iptables-config that file doesn't do anything on ubuntu
don’t have /etc/sysconfig… either
looking at that guide, I don't see any other file paths you could have edited
this command alters which file: /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|23:44||vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)|
it alters no files
it only alters the state of the firewall as it sits in memory
(this is the reason that iptables can be confusing as it can be working, then you reboot and it doesn't since the rules don't get saved anywhere)
Cool to know, thanks.
I now understand what they are saying on the page—the instructions to make these rules permanent are the editing of the following files, not the previous commands — I’m relaxing now :-)
yeah, and iptables is pretty hard to brick, as you can always flip the chains to a default policy of accept and only things in the mangle chain won't work