|00:25||ben_roose has left IRC (firstname.lastname@example.org, Remote host closed the connection)|
|02:05||dgroos has joined IRC (email@example.com)|
Systems are working well :) Used clonezilla to clone the ‘golden image’ of my ltsp-pnp server and burn it to a new HD/PC and it worked great; not too much work to make that system work.
|02:10||vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)|
Tomorrow is a ‘test’ for my students on astronomy unit and I’d like them to be able to use a discussion web page where students have been building their own knowledge. Yet, I don’t want them to be able to use anything else on the internet.
Sooo… is there a way to make it so that they can’t access the web? That is, an easy way to Un-NAT the server w/out messing up other stuff?
I figure I can put the file in a shared location on the server and people can access the file via a browser. Should be slick…
dgroos: so to be sure, you have a static page that requires no outside resources, and you want to host it locally and not nat for a while?
exactly. Hosting would be just having the file on a shared location on the server.
It would still be best if the server itself had internet access…
Also, I’m assuming that a person could sit at their client, type in the ip of the server and the absolute path to the “whole web page” html file downloaded on to the server like this: file://192.168.67.1/home/me/Desktop/ I guess that’s untested, too…
oops, I mean file://192.168.67.1/home/me/Desktop/webpage.html
yeah, that could work
you'd basically want to shut off ip forwarding
that would be the cheap way to kick clients offline
very cool. How do I do that?
—shut off ip forwarding?
sysctl -w net.ipv4.ip_forward=0
that would disable forwarding until the next reboot, and then the server would have internet, but wouldn't forwards client connections out
Is that something that would interfere with Network Manager settings?
or, is that like you were talking about the last time, a setting that is stored in the RAM but not on the file system (thus the current conf setting would be returned upon reboot)?
BTW, I’ve got SmartBoard software working on 14.04 so my teacher computer can now use the attached smartboard.
cool, smartboards were super buggy the last time I played with them, glad to hear they've improved
Working great so far.
that toggles a setting in the kernel, and is only toggled for the current running kernel. A reboot will reload the normal config from disk
OK, thanks! I’ll test it tomorrow.
you can replace the 0 with a 1 to restore normal operation
Oh cool. Thanks.
Yeah, it was tough to install with its use of certificates but got it after *awhile*
maldridge Have a good eve and thanks again.
|03:28||dgroos has left IRC (firstname.lastname@example.org, Quit: dgroos)|
|04:54||work_alkisg is now known as alkisg|
|04:59||fnurl has joined IRC (fnurl!650e831e@gateway/web/freenode/ip.220.127.116.11)|
|05:35||ricotz has joined IRC (ricotz!~rico@ubuntu/member/ricotz)|
|07:21||mikkel has joined IRC (email@example.com)|
|07:42||gvy has joined IRC (gvy!~mike@altlinux/developer/mike)|
|08:05||cyberorg has joined IRC (cyberorg!~cyberorg@opensuse/member/Cyberorg)|
|08:22||NeonLicht has left IRC (NeonLicht!~NeonLicht@darwin.ugr.es, Read error: Connection reset by peer)|
|08:24||NeonLicht has joined IRC (NeonLicht!~NeonLicht@darwin.ugr.es)|
|09:54||uXus has left IRC (uXus!~uXus@18.104.22.168, Remote host closed the connection)|
|10:01||uXus has joined IRC (uXus!~uXus@22.214.171.124)|
|10:06||Grembler has joined IRC (Grembler!~Ben@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net)|
|10:57||alkisg is now known as work_alkisg|
|11:00||fnurl has left IRC (fnurl!650e831e@gateway/web/freenode/ip.126.96.36.199, Ping timeout: 246 seconds)|
|11:46||Faith has joined IRC (Faith!~paty_@unaffiliated/faith)|
|12:39||khildin has joined IRC (firstname.lastname@example.org)|
|12:48||mgariepy has joined IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy)|
|13:54||ben_roose has joined IRC (email@example.com)|
|14:14||danau11 has joined IRC (firstname.lastname@example.org)|
|14:14||Grembler has left IRC (Grembler!~Ben@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net, Quit: I Leave)|
|14:17||danau111 has joined IRC (email@example.com)|
|14:18||danau11 has left IRC (firstname.lastname@example.org, Ping timeout: 240 seconds)|
|14:20||danau111 has left IRC (email@example.com)|
|14:25||danau11 has joined IRC (firstname.lastname@example.org)|
|14:46||work_alkisg is now known as alkisg|
|14:57||danau11 has left IRC (email@example.com)|
|14:59||mikkel has left IRC (firstname.lastname@example.org, Quit: Leaving)|
|15:03||vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)|
|15:47||Donkey_ has joined IRC (Donkey_!4428f8f1@gateway/web/freenode/ip.188.8.131.52)|
i'm looking for a way to move a client entirely to virtual workstations
i would like to be able to host those workstations on a SAN and use pxe boot to get an ip address and access the virtual workstations
|15:54||gvy has left IRC (gvy!~mike@altlinux/developer/mike, Quit: Leaving)|
I'm not sure what you mean with virtual workstation
a virtual machine on a san that can be utilized over the network
I think LTSP does what you want - there's the FAT client setup
depending on how you look at it thin clients can also be a solution
i'm thinking so, but what i have in my head may not work in reality
at my workplace we use a fat client setup, all machines are without harddrives and boot from the network and run everything locally
the home folder comes directly from the main server, so you can sit anywhere and resume your work
when a PC dies we throw it out, buy new hardware, hook it up to the network and voilá
yeah thats basically what i want
diskless terminals that boot to linux vms on a san
thin client setup, the LTSP default, also does that
but there the clients are simply display units, the processes run server-side
you can also mix the two, have some slower hardware run in thin client setup, and more beefier machines run in fat client mode
then LTSP might be a good solution
yeah of all the research i've done this seems to be closest to what i want
so i just need a better idea of what sort of config i'm looking at
i have a Synology RS2416
which can host the workstations
but the particulars of getting the terminals to boot to the right machine are a bit complicated
LTSP is very flexible
You can start with the default installation, a linux host that runs TFTP to load the initial linux kernel + the filesystem + the home folders
you could "cheat" by mounting the Synology on that linux host
then the clients talk to the linux host, and the linux host talks to the Synology
Donkey_: what do you mean by "virtal workstations" and "vms" ?
Donkey_: do you actually need a virtualized environment for some reason? fat clients don't typically default to any sort of virtualization
If i set up a pxe server that binds particular IPs to the client MAC, would it be possible to load a particular virtual machine based on that
it's possible, but the question is why to make sure we're speaking about the same things...
the client i'm working with has very particular settings that need to be in place for each user, and they're all different
using a virtual workstation gives them that ability while minimizing points of failure
i guess you could use the kiosk plugin to run the virtual machine software fullscreen. heh. :)
you mean you literally want to run VirtualBox?
i want to load the entire linux workstation from pxe boot
|16:11||khildin has left IRC (email@example.com, Ping timeout: 255 seconds)|
let me make a diagram to make it more clear
LTSP clients all load the same OS image, effectively.
there are options to tweak settings at boot, or run different things
but if those settings are per-user, fat clients might be able to meet your requirements without having to do full virtualization
Donkey_: but it's still unclear to me if we mean the same thing when you and i say "virtualization"
this is why i will make a diagram
you can boot an abitrary number of images over the network, but that's not really the point of LTSP ... the point of LTSP is to manage a single image that supports many network booted clients.
|16:17||khildin has joined IRC (firstname.lastname@example.org)|
you could use LTSP and configure it to boot a different image for every client, but that's requires a lot more maintenance overhead
depending on what needs to be different it can also be solved by a script running at boot-time
we install everything anybody needs into the same image, it doesn't matter if there are program on it that aren't used by certain people
if you can give some specifics you might get more tuned answers instead of what's generally possible :-)
|16:21||* quinox goes AFK to catch a dinner now|
|16:24||riddle has left IRC (email@example.com, Disconnected by services)|
|16:24||zama has left IRC (zama!~zama@unaffiliated/stryx/x-3871776, Ping timeout: 244 seconds)|
|16:24||izzle121 has left IRC (firstname.lastname@example.org, Ping timeout: 244 seconds)|
|16:24||riddle has joined IRC (email@example.com)|
|16:24||zama has joined IRC (zama!~zama@unaffiliated/stryx/x-3871776)|
|16:27||khildin has left IRC (firstname.lastname@example.org, Ping timeout: 256 seconds)|
Donkey_: will user A require a completely different installation than user B? Or they both can have the same programs installed, and each one would use only the programs he wants?
vagrantc: I tried a jessie + ltsp-pnp installation, it went pretty well but it had issues with overlayfs and I had to manually download the newer ltsp-update-image and initramfs/hooks/ltsp. Are there plans to do a backport for jessie?
User A will need a completely different installation.
there are things that cannot be shared inbetween the users
Usually ltsp works by having the same root file system for all users, and of course having a different /home/username for each user
But you can have as many installations as you want. We call them "chroots" or "images" here.
If you think of them more like groups that would probably be more accurate; group a will need to load VM A environment etc
Cloning the initial chroot is as easy as cp -a /opt/ltsp/i386 /opt/ltsp/donkey
Gotcha, you can call them chroots from now on in order for us #ltsp'ers to understand you better.
And you can specify by mac which pc will load which chroot
You can maintain the chroots either with ltsp-chroot + console, which is the normal method, or with virtualbox if you don't like the console much.
the console should be fine i think. now with this configuration, it is still possible to separate everyone's home drive etc correct?
|16:43||izzle121 has joined IRC (email@example.com)|
this has been helpful
|16:48||Donkey_ has left IRC (Donkey_!4428f8f1@gateway/web/freenode/ip.184.108.40.206, Ping timeout: 246 seconds)|
alkisg: jessie doesn't have overlayfs ... ?
vagrantc: it doesn't have a newer kernel? /me wonders how fnctl installed it then...
alkisg: there are newer kernels in backports
I remember the 686-pae variant, but not the version
alkisg: overlayfs wasn't mainlined until 3.18 ... jessie has 3.16
Hmm... I definately saw the problem "module overlay not found", and the newer ltsp-update-image fixed it
and the newer hooks/ltsp as well, for the client side
it still tries to blindly load it
i think the newer code is more elegant
Also, I had problems uninstalling cryptsetup and nfs-kernel-server
i'll put some time into backports once i get a new LTSP upload in... :)
I had to uninstall ltsp-server-standalone and use ltsp-server instead
Maybe those could be recommends: and not depends: ?
(I used NBD)
the whole point of ltsp-server-standalone is to depend on all the defaults used
if you want recommends, use ltsp-server :P
Why "depend" and not "recommend"?
E.g. you did put | dnsmasq there, didn't you?
because you can end up with a broken install.
if it were just recommends, there'd be no point in having -standalone
The root file system can be provided with nfs, nbd or aoe
It would make sense to me to depend or recommend any one of them
hence, two packages.
I thought the ltsp-server package provides only a few of the requirements, not all of them
NBD is required for NBD swap, which is a required feature, which would mean that NBD always gets installed and NFS doesn't get installed.
Well, it doesn't make much sense to me, but I won't argue more, it's easy to make do as it is
Although cryptsetup makes the initramfs larger
|17:01||* alkisg used ENCRYPT_SWAP=False to disable it because he didn't want to use ltsp-client-core instead of ltsp-client|
basically, ltsp-server* predate recommends actually being viable
when recommends were essentially ignored...
It's easy to write "--install-recommends" in our how-to's now...
if you really don't want package x, y or z installed, install ltsp-server. if you don't mind having an extra dependency or two, install ltsp-server-standalone.
the big problem with recommends is upgrades ... they can result in recommends not being satisfied.
If they're not satisfied, and they're Depends:, ...the setup is screwed :)
Or am I misunderstanding this?
exactly, which means it isn't a hidden upgrade problem.
granted, unless we fix overlay FS support with NFS ... this will soon become a moot point.
Well if NFS is no longer available and it's Depends:, the user can do nothing, while if it's Recommends:, they can switch to NBD
Also ltsp-pnp is used more these days, it might make sense to have common instructions in both debian and ubuntu
but "switch to NBD" requires manual configuration
Hopefully that could easily be arranged with ltsp-config <something>
|17:06||* vagrantc would rather see bug reports that the setup is completely broken than people quietly switch to some other boot method while the default remains broken|
If NFS was broken, I'm sure it would be reported outside of the LTSP camp...
i'm also targetting a stable release, not something that's likely to change regularly.
But LTSP users would be able to continue working while they waited for the problem to be resolved
Anyway, those are small plus + minuses, not worth talking over them too much
and they still could, but not using ltsp-server-standalone
For me, the idea is "if ltsp supports nfs, nbd or aoe, it should depend on either one of them"
But np I'm ok with ltsp-server
About cryptsetup, I'd prefer it if it was Recommends:, as it makes the initramfs larger,
but ok with that as well, np
i think there may be problems with the use of cryptsetup as well
that needs some work
though i've never been confortable with remote swap being unencrypted
LDM_DIRECTX is worse :)
|17:10||* vagrantc never really liked that either|
Well, old clients are unusuable without it... so it's either insecure or nothing in some cases
|17:11||* vagrantc nods|
Another small issue I saw is systemd complaining about "setting up network devices", and waiting there for several seconds before continuing and booting successfully
which is why i didn't walk away when people introduced it :)
I checked and "eth0 manual" was correctly inserted in /etc/network/interfaces
So while network-manager respects that, something in systemd still complains and causes a lag with it
Maybe we should generate an override service for the network
Have you noticed that one?
most of the clients i've tested with boot in ~15-30 seconds, and i don't even see boot messages
maybe they would boot in 10-20 seconds if we fixed that :)
vagrantc: about this one: https://bugzilla.gnome.org/show_bug.cgi?id=730587
I'm planning to write an init-ltsp.d script to chmod -x gnome-keyring-daemon if it's a broken version
I don't have any better workarounds
And I don't see any feedback from upstream
(ah, chmod -x only if the user is using sshfs, i.e. nothing for /home in fstab...)
I do have 65000+ temp files for each one of my users here... :-/
alkisg: chmod -x fixes the issue?
Well, it completely prevents the keyring daemon from running
oh, you prevent it from starting at all ... got it
So some parts are not working at all,
e.g. seahorse, which manages the user keyrings
It wouldn't work anyway, now at least it launches and only shows a few of the things there, like available ssh keys...
My problem is that the user is not notified that ltsp has a hack for a serious bug, because it has no real workaround or solution (other than swithing to nfs)
cyberorg: do you have this file in opensuse? /lib/systemd/system/ifup@.service - if so, could you pastebin it?
Or if someone has access to a fedora installation with systemd.... ^
It seems to be debian-specific, so I'll put that in the Debian dir, not in Common
|17:50||alkisg is now known as work_alkisg|
|18:03||Iced has joined IRC (Iced!ae018962@gateway/web/freenode/ip.220.127.116.11)|
|18:05||Iced is now known as Icedmang|
Hello, I haven't been on IRC for a number of years, but here I am. I have a question about whether LTSP (currently installed on my Ubuntu 14.04 server) can build a windows client that a thin-client can boot? I've tried googling but its an ugly swamp to wade through
you can use xfreerdp or rdesktop to connect to a windows RDP server
there's also some support for RDP in LDM, though i haven't experimented with it much
I assume you are also suggesting I need to have a Windows RDP server installed as a VM on my server?
(assuming I don't want to run a separate Windows RDP Server)
Icedmang: not really understanding what you mean, then.
|19:09||gehidore has left IRC (gehidore!~username@unaffiliated/man, Quit: WeeChat 1.3)|
|19:12||izzle121 has left IRC (firstname.lastname@example.org)|
|19:18||gehidore has joined IRC (gehidore!~username@unaffiliated/man)|
|19:21||gehidore has joined IRC (gehidore!~username@unaffiliated/man)|
well that was fun
teach me to update core without updating aur packages... that I depend on ...
woops, wrong channel sorry
you've just outed yourself as an archlinux user, eh? :)
|20:04||Grembler has joined IRC (Grembler!~Ben@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net)|
Icedmang: you can run windows VMs over ltsp as well, you don't strictly need a windows server
But windows is not designed for network booting, that's why you need linux at the bottom
It can boot over iscsi, but that would require a different virtual disk for each client
plus some manual configuration...
|20:51||ricotz has left IRC (ricotz!~rico@ubuntu/member/ricotz, Quit: Ex-Chat)|
|21:18||Faith has left IRC (Faith!~paty_@unaffiliated/faith, Quit: Leaving)|
|22:25||danau111 has joined IRC (email@example.com)|
|22:35||Grembler has left IRC (Grembler!~Ben@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net, Quit: I Leave)|
|23:14||ben_roose has left IRC (firstname.lastname@example.org, Remote host closed the connection)|
|23:56||vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Ping timeout: 240 seconds)|
|23:58||vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)|