IRC chat logs for #ltsp on irc.freenode.net (webchat)


Channel log from 29 April 2016   (all times are UTC)

02:07borogoves has joined IRC (borogoves!48e646b0@gateway/web/freenode/ip.72.230.70.176)
02:07
<borogoves>
lo room
02:08
Just installed on a VM and trying to PXE from another VM. However I've never setup a PXE and am inclined to think I set it up wrong
02:09
also, super helpful. There was an error during install related to DHCP server which I chose to ignore.
02:09
I'm inclined to reinstall just to get the error again.
02:44gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Remote host closed the connection)
02:45gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
02:53gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 244 seconds)
03:18borogoves has left IRC (borogoves!48e646b0@gateway/web/freenode/ip.72.230.70.176, Ping timeout: 250 seconds)
03:51gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
03:59gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 276 seconds)
04:04vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
04:34talntid has joined IRC (talntid!~talntid@173-160-189-58-Washington.hfc.comcastbusiness.net)
04:35
<talntid>
so, I am all booted into LDM... and when I login, it just returns me to the login screen...
04:35
nothing obvious in the logs that I can see... advice on how to troubleshoot this?
04:35
<maldridge>
talntid: do you have an X session installed?
04:35
<talntid>
what does that mean, and how do i check?
04:35
<vagrantc>
!sshkeys
04:35
<ltsp`>
sshkeys: If you changed your LTSP server IP on Ubuntu, your clients will be unable to login. To fix this, you need to run: sudo ltsp-update-sshkeys && sudo ltsp-update-image
04:36
<talntid>
this is all new... fresh install
04:36
<vagrantc>
ls -l /usr/share/xsessions/
04:36
<talntid>
from server or client?
04:36
<maldridge>
server
04:36
<vagrantc>
on the server
04:36
<talntid>
root@www:/var/log# ls -l /usr/share/xsessions/
04:36
total 4
04:36
-rw-r--r-- 1 root root 216 Mar 26 2015 gnome.desktop
04:37
says ltsp-update-keys doesn't exist, just FYI
04:37
nevermind
04:37
but it does say..
04:37
root@www:/var/log# ltsp-update-sshkeys
04:37
No LTSP chroots found, please run ltsp-build-client
04:37
<vagrantc>
is this a fat or thin client?
04:37
<talntid>
thin client
04:37
i did the ltsp-pnp install method
04:37
https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp
04:37
<vagrantc>
that will install a fat client by default
04:38
<talntid>
fat clients run faster/slower?
04:38
my clients will be using web browser (chrome) with flash
04:38
<vagrantc>
depends on the hardware
04:38
<talntid>
3.0ghz celeron d, 2gb ram
04:38
<vagrantc>
you definitely want to run as fat clients then
04:39
<talntid>
ok
04:39
<vagrantc>
talntid: your LTSP server is named "www" ?
04:39
<talntid>
yes
04:39
i installed 2 VM's... one www, one ltsp
04:40
for some reason, i got "lost" in the shells, and installed ltsp onto www, but they were both fresh installs
04:40
<vagrantc>
talntid: please pastebin the output of ltsp-info:
04:40
<talntid>
so i'll just rename it
04:40
<vagrantc>
!pastebin | echo talntid
04:40
<ltsp`>
talntid pastebin: the LTSP pastebin is at http://ltsp.pastebin.com. Please paste all text longer than a line or two to the pastebin, as it helps to reduce traffic in the channel. Don't forget to paste the URL of the text here.
04:40
<talntid>
http://pastebin.com/kpbsjFG9
04:41
<vagrantc>
huh. you've got newish versions of ltsp packages...
04:42
!shell
04:42
<ltsp`>
I do not know about 'shell', but I do know about these similar topics: 'shell-screen', 'gnome-shell'
04:42
<vagrantc>
!shell-screen | echo talntid
04:42
<ltsp`>
talntid shell-screen: One way to get local root access to troubleshoot a thin client is to use a shell SCREEN: https://help.ubuntu.com/community/UbuntuLTSP/ClientTroubleshooting#Using%20a%20shell%20SCREEN
04:42
<vagrantc>
you might want a debugging shell and see if you can ssh to the server from the client
04:43
<talntid>
i can login to a shell, just by doing ctrl+alt+f1, and logging in using root creds, is that the same?
04:43
root@ltsp2581 is the shell
04:44
<vagrantc>
there shouldn't be any root credentials
04:44
unless you configured them manually somehow ...
04:44
<talntid>
https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp
04:44
<vagrantc>
but other than that, it should work.
04:44
<talntid>
this is all I did ^
04:44
<vagrantc>
root password should be empty.
04:44
<talntid>
i set a root password before creating ltsp image
04:45
ltsp-update-image --cleanup /
04:45
thats how I did the image, so it's not using chroot
04:46
<vagrantc>
yes, i get that.
04:46* vagrantc thought the process purged passwords
04:46
<talntid>
oh, doesn't seem to :)
04:46
<vagrantc>
but maybe it just purges users, and most installs these days don't have a root password set ...
04:46
in any case, if you can get a shell on the client, try "ssh SOMEUSER@server"
04:47
literally "serveR"
04:47
er, "server"
04:47
<talntid>
http://puu.sh/ozGro/00861298ef.png
04:48
<vagrantc>
ok, so it doesn't complain about invalid ssh keys or anything, good.
04:48
logging in as the same user with the same credentials from LDM fails to log in, though?
04:48
<talntid>
it just returns to the login screen - with no real reason why
04:49
<vagrantc>
yeah, LDM isn't exactly very communicative about what's wrong
04:49
<talntid>
yeah, seems that way
04:49
<vagrantc>
we're hoping to be rid of it for LTSP6 ...
04:49
but, we've been putting off the future for a long time ... in the present...
04:50
<talntid>
in select session, i have "Default" and "failsafe Xterm"
04:50
authentication backend is set to default, but others are ssh, and rdesktop
04:51
<vagrantc>
and you have ldm-server installed... so that should ensure appropriate dependencies for all the necessary software
04:52
<talntid>
just for giggles, i am trying to login as root, and it didn't kick me right back... just has the spinning mouse thing still
04:53
but, doesn't seem to be doing anything much
04:53
<vagrantc>
do you have X11 forwarding disabled in the server's /etc/ssh/sshd_config ?
04:53
<talntid>
X11Forwarding yes
04:53
is what it has in there
04:53
<vagrantc>
that's what i'd expect...
04:55
<talntid>
should i get a different session manager?
04:55
like gnome or something?
04:55
or is failsafe xterm good?
04:55
if i select failsafe xterm and login, i get a shell
04:55
if i select default, it just returns to the login screen -- i suspect i just don't have a proper session manager
04:57gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
05:01
<vagrantc>
talntid: well, you've got /usr/share/xsessions/gnome.desktop ?
05:02
<talntid>
i do, yes
05:02
<vagrantc>
in both the server and the client?
05:02
<talntid>
yes
05:03
is there a way to manually test it?
05:04gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 276 seconds)
05:35schlady has joined IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de)
05:45ricotz has joined IRC (ricotz!~ricotz@p5B2A88CC.dip0.t-ipconnect.de)
05:45ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
05:58
<alkisg>
talntid: do you have epoptes installed?
06:01gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
06:04
<talntid>
i fixed it, sorta
06:04
on the server, i installed gnome, then did ltsp-update-image
06:04
now things work, but man, it's super bloated
06:05
<vagrantc>
gnome is a bit overkill if they're really just going to be using a web browser.
06:05
<talntid>
yeah, for sure
06:05
xfce maybe?
06:06
<alkisg>
mate 16.04
06:06
Wait, just a web browser? Is that for a kiosk?
06:07
<talntid>
its for a call center
06:07
i built webapp for them to do their job
06:07
they also do need to open spreadsheets sometimes.... wish i could LTSP chrome OS.. .haha :)
06:07
<alkisg>
Do your users actually need a /home/username?
06:08
<talntid>
what would be the alternative?
06:08
i suspect they don't really need it very much, but they do use it sometimes...
06:08
<alkisg>
Well if they open spreadsheets, I guess so
06:08
The alternative is just a browser where they login with apache-side credentials
06:09
In this case you don't even need a desktop environment, just SCREEN_07=kiosk
06:09gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 260 seconds)
06:09
<alkisg>
But with spreadsheets etc, you do need a desktop environment, so go for mate or lubuntu
06:10
<talntid>
ok
06:10
so install the base OS as mate 16.04
06:10
then go through the ltsp-pnp
06:10
?
06:11
<alkisg>
Right, and use the desktop.iso, not the server iso
06:11
<talntid>
http://cdimage.ubuntu.com/ubuntu-mate/releases/16.04/release/ubuntu-mate-16.04-desktop-amd64.iso.torrent
06:11
so this, then install ltsp on there, then point dhcp to it, and enjoy?
06:11
<alkisg>
Are all your clients amd64 capable?
06:11
<talntid>
yeah
06:12
<alkisg>
Then yes, sounds good
06:12
<talntid>
cool, thanks for your help. i shall try right now :)
06:12
<alkisg>
"point dhcp" shouldn't be needed with the default proxydhcp mode of ltsp-pnp
06:12
But since you already done it to boot the VM, do it however you managed it
06:20vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
06:27mikkel has joined IRC (mikkel!~mikkel@mail.dlvs.dk)
07:06gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
07:11schlady has joined IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de)
07:14gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 276 seconds)
07:18fenix has left IRC (fenix!~fenix@mail.lbathivel.com, Quit: Quitte)
07:23
<talntid>
well that worked super easily. heh
07:24schlady has left IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de, Remote host closed the connection)
07:26
<alkisg>
:)
07:26
<talntid>
hmm, not convinced it is correct though
07:28
screenshot from the thient... memory and CPU is from the client
07:28
http://puu.sh/ozNjI/2216f8c29e.jpg
07:28
not from the ltsp server
07:28
<alkisg>
That's what a fat client is
07:28
<talntid>
ahh i see
07:28
<alkisg>
You can force it to be thin with LTSP_FATCLIENT=False in lts.conf
07:29
But if your clients are good enough, they're better off running as fat
07:29
<talntid>
gotcha
07:29
<alkisg>
Download speed 167 mbps? omg... :)
07:29
<talntid>
that's slow actually, usually i am around 550
07:30
<alkisg>
*You* should be hosting ltsp.org :)
07:30
<talntid>
i can, if someone needs me to :)
07:30
<alkisg>
We can have a free vm there, with a backup plan?
07:30
just php/mysql, nothing fancy...
07:31
<talntid>
I could give you a VM, and a USB drive plugged into the VM
07:31
you'd have to write your own backup scenario to the USB drive
07:31
<alkisg>
Excellent!
07:31
I'll bring it up to the ltsp-developers list... How do we contact you?
07:32
<talntid>
talntidtsi@gmail.com
07:32
<alkisg>
Thanks!
07:32
<talntid>
no problemo :)
07:33
here, i'll show you a more "normal" speedtest
07:33
http://puu.sh/ozNwe/2de57d93b4.jpg
07:33
<maldridge>
nice
07:34
<alkisg>
I think we have around 3kbps now, so it's like 20 years ahead :)
07:34
<maldridge>
oh wow that's slow
07:34
<talntid>
yeah wow
07:34
why not host on amazon or something? the cost?
07:35
<alkisg>
It was offered by some friend of a developer
07:35
We didn't know it would be that slow
07:36
<talntid>
ahh gotcha
07:37
well, i'd even be willing to sponsor a digitalocean/linode account if that would help you guys
07:37
or aws
07:37
i have been using LTSP in my call center for like 7 years, heh
07:37
<alkisg>
Nice
07:37
<talntid>
finally getting around to upgrading it. it's on 8.04
07:38
<alkisg>
Hahaha, ltsp.org in on 10.04 :)
07:39
<talntid>
i like this mate thing so far
07:39
just, too bloated for the call center so far. i need to strip it down a lot, haha
07:40schlady has joined IRC (schlady!~schlady@2a01:a380:8408:2000:483b:334b:34a2:9deb)
07:42
<maldridge>
wow, you have a prod system still on 8.04?
07:43
<talntid>
worse than that
07:43
75 people on thin clients every day using it :P
07:43
<maldridge>
wow
07:44
very impressive to have kept it running that long, I've had great difficulties keeping ubuntu running beyond a few years without something breaking
07:44
<talntid>
just keeps clicking along...
07:45schlady has left IRC (schlady!~schlady@2a01:a380:8408:2000:483b:334b:34a2:9deb, Remote host closed the connection)
07:46dtcrshr has left IRC (dtcrshr!~datacrush@unaffiliated/datacrusher, Ping timeout: 250 seconds)
07:48dtcrshr has joined IRC (dtcrshr!~datacrush@unaffiliated/datacrusher)
07:49
<talntid>
so, I have epoptes installed on the server, and running... but I don't see any of the logged in clients... is there something more I need to do?
07:50
ahh, i see
07:51
epoptes-client, guess i just have to find a way to get it to connect
07:56
seems to be a well done piece of software, just gotta figure out how to run the client as root on login, i think.
08:11gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
08:19gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 260 seconds)
08:22Softeisbieger has joined IRC (Softeisbieger!~Softeisbi@ip-62-143-13-166.hsi01.unitymediagroup.de)
08:27
<alkisg>
talntid: are you using ltsp-pnp?
08:27
!ltsp-pnp
08:27
<ltsp`>
ltsp-pnp: ltsp-pnp is an alternative (upstream) method to maintain LTSP installations for thin and fat clients that doesn't involve chroots: https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp
08:27
<alkisg>
If so, you'd just need to run ltsp-update-image -c /, to get epoptes up and running on the clients
08:28
I wrote a section about installing epoptes in that page, and I also wrote epoptes.org/installation...
08:44Softeisbieger has left IRC (Softeisbieger!~Softeisbi@ip-62-143-13-166.hsi01.unitymediagroup.de, Ping timeout: 250 seconds)
09:05Softeisbieger has joined IRC (Softeisbieger!~Softeisbi@ip-62-143-13-166.hsi01.unitymediagroup.de)
09:16gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
09:23gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 244 seconds)
10:21gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
10:28gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 244 seconds)
10:46gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
10:51gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 276 seconds)
10:59GodFather has joined IRC (GodFather!~rcc@96-35-101-212.dhcp.bycy.mi.charter.com)
11:24robb_nl has joined IRC (robb_nl!~robb_nl@62.235.102.194)
11:42schlady has joined IRC (schlady!~schlady@141-53-223-147.ip.uni-greifswald.de)
11:48Faith has joined IRC (Faith!~paty_@unaffiliated/faith)
12:42Phantomas has joined IRC (Phantomas!~ftsamis@ubuntu/member/phantomas)
12:45robb_nl has left IRC (robb_nl!~robb_nl@62.235.102.194, Ping timeout: 244 seconds)
13:15lbssousa has joined IRC (lbssousa!~lbssousa@177.34.193.54)
13:16cliebow has joined IRC (cliebow!~Adium@Ubiquiti.sumner.k12.me.us)
13:30gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
13:36
<sbalneav>
Morning all
13:37
<alkisg>
Hi Scotty
13:37
<sbalneav>
Morning alkisg
13:54servidor^servido has joined IRC (servidor^servido!c8720c39@gateway/web/freenode/ip.200.114.12.57)
13:59lifeboy has joined IRC (lifeboy!~roland@196.32.235.233)
14:14tharkun has left IRC (tharkun!~0@unaffiliated/tharkun, Ping timeout: 260 seconds)
14:16tharkun has joined IRC (tharkun!~0@201.157.71.45)
14:19mikkel has left IRC (mikkel!~mikkel@mail.dlvs.dk, Quit: Leaving)
14:28tharkun_ has joined IRC (tharkun_!~0@201.157.71.45)
14:33tharkun has left IRC (tharkun!~0@201.157.71.45, *.net *.split)
14:33Phantomas has left IRC (Phantomas!~ftsamis@ubuntu/member/phantomas, *.net *.split)
14:37Phantomas has joined IRC (Phantomas!~ftsamis@ubuntu/member/phantomas)
14:50* sbalneav prepares to drop the needle
14:50
<sbalneav>
Soon, baby. Reaaaaaaal soon.
15:09cliebow has left IRC (cliebow!~Adium@Ubiquiti.sumner.k12.me.us, Quit: Leaving.)
15:43
<sbalneav>
Look upon my works, ye mighty, and despair!
15:43
https://code.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth
15:43
https://code.launchpad.net/~ltsp-upstream/ltsp/ltsp6-pam
15:44
alkisg: 1.0 testing for libpam-sshauth, and a new and reworked (and newly dubbed) ltsp6-pam
15:44
<alkisg>
sbalneav: nice!!!
15:44
vagrantc said he wanted that in .git format? :)
15:45
I'll definately check it next week, after our easter holidays here..
15:45
<sbalneav>
Well, we can fix that up later
15:45
I wanted to get something up there for you guys to look at.
15:46
<alkisg>
Is there a how-to in there?
15:46
<sbalneav>
Pam module seems rock solid, now plays well with other modules (i.e. I have it that you can either login as remote-ssh authed users *OR* local users)
15:46
bit of one. The manpage for libpam_sshauth is up-to-date
15:47
We'll need some playing around, but this is pretty solid.
15:48
What with the work I've done with lightdm-webkit-greeter, we should be able to produce *nice* looking, themable logins, get all the stuff working that you guys want, and unless I'm missing something, the only C code we're now going to have to maintain shold be the pam module, everything we should be able to do in shell or other scriptables.
15:48* sbalneav so happy
15:49
<alkisg>
Very very nice!
15:50
<sbalneav>
http://bazaar.launchpad.net/~ltsp-upstream/ltsp/ltsp6-pam/view/head:/ltsp-pam/ssh-connect
15:50
That's the bit that now plumbs the ssh connection.
15:50
We don't have to save the password anymore, it's passed once to pam_exec, and read from stdin
15:52
<alkisg>
So we expect everything to work with that? screen unlocking, even user switching?
15:53
<sbalneav>
I've tested screen unlocking. I haven't tested user switching yet.
15:53
Lemme try....
15:53
<alkisg>
password changing too, via gui or console...
15:57
<sbalneav>
It won't change passwords; you'll have to ssh into the auth server to do that.
15:57
i.e "ssh -S /socket/to/server server passwd"
15:59
Ah, switching works, but buggers up the secondary auth files
15:59
that's fixable.
16:03
The problem is, we need to add some goo for nss-extrausers
16:03
I can fix that in the shell scripts.
16:03
But yeah, can switch users.
16:24lifeboy has left IRC (lifeboy!~roland@196.32.235.233, Quit: Ex-Chat)
16:44
<sbalneav>
Fixed it. rev 2 in ltsp6-pam
16:47robb_nl has joined IRC (robb_nl!~robb_nl@62.235.102.194)
17:07schlady has left IRC (schlady!~schlady@141-53-223-147.ip.uni-greifswald.de, Remote host closed the connection)
17:07schlady has joined IRC (schlady!~schlady@141-53-223-147.ip.uni-greifswald.de)
17:08cliebow has joined IRC (cliebow!~Adium@Ubiquiti.sumner.k12.me.us)
17:12geekgirl has joined IRC (geekgirl!ce4a3d81@gateway/web/freenode/ip.206.74.61.129)
17:13cliebow has left IRC (cliebow!~Adium@Ubiquiti.sumner.k12.me.us)
17:14
<geekgirl>
Using edubuntu 14.04. Usually use an external DHCP server with one network card and FAT cleints. Now I am trying 2 network cards with built in dhcp and FAT clients.
17:15Faith has left IRC (Faith!~paty_@unaffiliated/faith, Quit: Leaving)
17:17
<geekgirl>
Server has internet but clients wont boot. They seem to get an IP but then I get "No network interfaces are up" and it drops to busybox. If I type EXIT it hangs a few seconds and goes right back to busybox
17:18
syslog on server tells me "tftp: client does not accept boot options"
17:19
I found someone posted to check permissions on vmlinuz generic file but they are already 644 so now I dont know where to go from here!
17:24vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
17:25
<sbalneav>
vagrantc:
17:25
10:43:09 sbalneav Look upon my works, ye mighty, and despair!
17:25
10:43:17 sbalneav https://code.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth
17:25
10:43:27 sbalneav https://code.launchpad.net/~ltsp-upstream/ltsp/ltsp6-pam
17:25
bbiab, got an errand to run...
17:28
<vagrantc>
not sure about mighty, does that mean i can skip the despair?
17:28* vagrantc hasn't even tested that it works yet
17:28
<vagrantc>
but if it works, i probably won't need the despair
17:29
such a quandry.
17:29Softeisbieger has left IRC (Softeisbieger!~Softeisbi@ip-62-143-13-166.hsi01.unitymediagroup.de, Ping timeout: 244 seconds)
17:40
<sbalneav>
Back
17:40
So far, I've tested:
17:40
Logging in, graphically and text
17:40
handles local and remote ssh logins
17:40
handles screen locking
17:40
handles user switching
17:41
<vagrantc>
now we need to see if i can figure out how to get it working, that's a real test :)
17:41
<sbalneav>
Now, in order to get it to do text stuff, it might be worthwhile making the changes to /etc/pam.d/common-* on the client, and not to just the lightdm pam config file
17:41
<vagrantc>
that sounds great, though!
17:41
<sbalneav>
Yeah, play around.
17:42
Oh, and by the way, it's now GUARENTEED to make the PAM_SSHAUTH_PORT variable, so no need for the :-22 in the scripts.
17:42
<vagrantc>
sbalneav: i guess you just committed the ltsp-pam branch as ltsp6-pam rahter than keeping the history?
17:43* vagrantc thought we'd throw out ltsp-trunk history, didn't expect to see ltsp-pam histroy tossed out
17:43
<sbalneav>
yeah, is that ok?
17:43* vagrantc has mixed feelings
17:43
<vagrantc>
the main thing was i couldn't see what changed since the last time i worked on it :)
17:43
which was... late 2014?
17:44
<sbalneav>
yeah
17:44
I touched just about everything in one way or another.
17:44
<vagrantc>
it's no big deal in the long-term
17:44
<sbalneav>
You'll notice that critical piece of python goo
17:45
I don't know if we want to keep that in /usr/share/ltsp-pam, or give it a better name and put it in /usr/bin somewhere.
17:45
Feel free to change that as you like.
17:45
or whatever debian needs :D
17:45
<vagrantc>
ok
17:45
<sbalneav>
But I'm *very* stoked.
17:46
I never liked that shm_askpass stuff; writing the password to a file in plaintext is just.... icky
17:46
even if it was only around for a second or two.
17:46
<vagrantc>
sbalneav: is it all thin client, or is there support for oth fat and thin?
17:47
<sbalneav>
I did all of my testing on an actual vm with a disk, so I'm thinking it should be both.
17:47
<vagrantc>
"local and remote ssh logins" ... that sounds promising :)
17:48
<sbalneav>
The vm had one local user, and I was able to seamlessly log in as any user off a remote machine.
17:48
<vagrantc>
uh-oh.
17:48
<sbalneav>
very sweet. sshfs mounts and everything
17:48
<vagrantc>
it seems ltsp6-pam doesn't include my changes to ltsp-pam.
17:48
or at least, not my last packaging changes
17:48
<sbalneav>
I just grabbed over the one in ltsp-pam-examples
17:49
and added one line for the ssh-connect script
17:49
The "debian" tree I leave to your tender ministrations :D
17:49
SInce you know way more about packaging than I do
17:50
<vagrantc>
pretty minor changes
17:52
<sbalneav>
Anyway, poke around with it, see what you think.
17:52
As time permits, of course.
17:52
<vagrantc>
yeah, thanks for whipping it into shape!
17:52
<sbalneav>
Should have happened a long time ago. But life has been difficult for the last couple of years.
17:53
So I beg everyone's patience.
17:55* vagrantc hugs sbalneav
18:12schlady has left IRC (schlady!~schlady@141-53-223-147.ip.uni-greifswald.de, Remote host closed the connection)
18:19
<geekgirl>
Using edubuntu 14.04. Usually use an external DHCP server with one network card and FAT clients. Now I am trying 2 network cards with built in dhcp and FAT clients. Server has internet but clients wont boot. They seem to get an IP but then I get "No network interfaces are up" and it drops to busybox. If I type EXIT it hangs a few seconds and goes right back to busybox Syslog on server shows "tftp: client does not accept boot options"
18:21
<vagrantc>
geekgirl: what do you mean by "built in dhcp" ?
18:22
<geekgirl>
isc-dhcp-server on the same box as ltsp server
18:22
instead of an external windows DHCP server
18:23
<vagrantc>
got it
18:24
so, they download the kernel and initramfs, but aren't able to get networking from the initramfs?
18:25
<geekgirl>
it gets an Ip address, tries to load pxelinux.cfg/default and then says "no network interfaces are up" before crashing to busybox
18:26
<vagrantc>
if it fails to load pxelinux.cfg/default, you wouldn't be able to get a busybox shell
18:27
<geekgirl>
Ok so i must be further than I thought... I make it to busybox and can't get any further
18:28
<vagrantc>
haven't seen that behavior before... though i also don't use ubuntu
18:29
geekgirl: is this a server you have working with your "usual" setup, and you're trying to add an ethernet card to it? or is this a new server that's never worked?
18:31
<geekgirl>
New one- never has worked.
18:32
<vagrantc>
geekgirl: could you pastebin the output of: ltsp-info
18:32
!pastebin | echo geekgirl
18:32
<ltsp`>
geekgirl pastebin: the LTSP pastebin is at http://ltsp.pastebin.com. Please paste all text longer than a line or two to the pastebin, as it helps to reduce traffic in the channel. Don't forget to paste the URL of the text here.
18:34geekgirl-onltsp has joined IRC (geekgirl-onltsp!ce4a3d81@gateway/web/freenode/ip.206.74.61.129)
18:36
<geekgirl-onltsp>
cool! http://pastebin.com/LMTY6nBu
18:38
<vagrantc>
geekgirl-onltsp, geekgirl: if this is a new server, you might want to try Ubuntu 16.04
18:38
there are a number of bugs in the older LTSP versions
18:38
!ppa
18:38
<ltsp`>
I do not know about 'ppa', but I do know about these similar topics: 'sbalneav-ppa', 'greek-schools-ppa'
18:38
<vagrantc>
!greek-schools-ppa | echo geekgirl
18:38
<ltsp`>
geekgirl greek-schools-ppa: https://launchpad.net/~ts.sch.gr/+archive/ppa/ supports LTS Ubuntu releases with newer LTSP versions, bug fixes etc
18:39
<vagrantc>
the greek-schools-ppa also has newer versions of LTSP for older LTSP installs ...
18:39
er, older ubuntu versions
18:40
<geekgirl-onltsp>
Ok I will upgrade and see what happens.
18:40
thank you!
18:41
<vagrantc>
probably better to reinstall from scratch than upgrade...
18:43
sorry i couldn't be more helpful with your actual issue ... but maybe it's fixed in a newer version
18:47
<geekgirl-onltsp>
ouch ok. Worth a shot. Im was using the same CD for install that I used with servers in production. What do you recommend with LTSP besides Ubuntu?
18:49
<vagrantc>
ubuntu 16.04 *should* be fine ... alkisg put a huge amount of work into getting it working out of the box.
18:49
it was released just a few days ago
18:55
<geekgirl-onltsp>
awesome. Im going to check that out. THANKS!
18:55lbssousa has left IRC (lbssousa!~lbssousa@177.34.193.54, Quit: Leaving)
18:55geekgirl-onltsp has left IRC (geekgirl-onltsp!ce4a3d81@gateway/web/freenode/ip.206.74.61.129, Quit: Page closed)
19:51
<vagrantc>
sbalneav: do you know if the added python script works with python3?
19:51
sbalneav: ssh-connect
19:59
<sbalneav>
vagrantc: Should.
19:59
I can check, if you'd like, but it relies upon nothing but base library stuff.
20:01
<vagrantc>
sbalneav: i think python2 will be deprecated soon, so best to make sure stuff works with python3 :)
20:02* vagrantc is struggling to figure out if it's better to test the new packages, or the security fixes.
20:02
<vagrantc>
i could easily get distracted with the security fixes issues
20:06
sbalneav: would you be ok with me merging ltsp6-pam into ltsp-pam ?
20:07
<talntid>
alkisg, yes, I used ltsp-pnp, but epoptes shows no connected clients
20:07geekgirl has left IRC (geekgirl!ce4a3d81@gateway/web/freenode/ip.206.74.61.129, Quit: Page closed)
20:10
<vagrantc>
sbalneav: auth_methods.c: In function 'kbd_callback':
20:10
auth_methods.c:94:11: error: format not a string literal and no format arguments [-Werror=format-security] pam_retval = pam_prompt (pamh, style, &response, buf);
20:10
guess that means i'll focus on testing the security patches first :)
20:14robb_nl has left IRC (robb_nl!~robb_nl@62.235.102.194, Quit: I'm gone, bye bye)
20:20
<sbalneav>
Hmmm
20:20
ok, one sec.
20:22
vagrantc: push 117
20:25
<vagrantc>
sbalneav: it compiles!
20:28
<sbalneav>
The debian build stuff must have SOOOOOPER picky compiler warning defaults.
20:29
gcc -anal-retentitve
20:29
;)
20:29
<vagrantc>
yes, it does error on some warnings.
20:30* vagrantc also gives a whirl at enabling hardening flags.
20:30
<sbalneav>
sure.
20:30
If it barks on anything else, lemme know.
20:30
<vagrantc>
failed to build with some extra hardening flags ... hrm.
20:30* vagrantc will save that for another day
20:31
<sbalneav>
what's the error?
20:32
<vagrantc>
gcc -fpic -Wall -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -shared -fPIE -pie -Wl,-z,relro -Wl,-z,now -o pam_sshauth.so pam_sshauth_so-pam_sshauth.o pam_sshauth_so-pam_util.o pam_sshauth_so-auth_funcs.o pam_sshauth_so-auth_methods.o -lpam -lssh2
20:32
/usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-gnu/Scrt1.o: In function `_start':
20:32
(.text+0x20): undefined reference to `main'
20:32
oops, should've pastebinned that
20:32
collect2: error: ld returned 1 exit status
20:33
<sbalneav>
Oh, well, yeah, there's no main, it's a library :D
20:34
<vagrantc>
there are two hardening flags that aren't enabled by default that lintian's is mumbling quietly about ... so i could try them each individually to see which it is
20:35
+pie and +bindnow are the candidates
20:37
<sbalneav>
you don't want the PIE for a library. That's for "Position independent executables"
20:38
Since it's a .so and not an executable, yeah, that one will fail for sure.
20:38lurky has joined IRC (lurky!~paul@36-225-16-129.dynamic-ip.hinet.net)
20:38
<vagrantc>
and, hardening=+all,-pie seems to compile...
20:39
and lintian complains less.
20:39fnurl has left IRC (fnurl!~paul@36-225-16-129.dynamic-ip.hinet.net, Ping timeout: 246 seconds)
20:40
<sbalneav>
sbalneav's code: hard as diamonds.
20:41
Hardest substance known to man.
20:41
Tungsten Carbide cowers in terror at my code.
20:47
<alkisg>
talntid: after you installed epoptes (and epoptes-client as a dependency), did you run ltsp-update-image -c / ?
21:13
<sbalneav>
vagrantc: Still workin'?
21:21
<vagrantc>
sbalneav: i've been testing the security fixes
21:22
sbalneav: haven't actually tried the new version yet
21:26lurky has left IRC (lurky!~paul@36-225-16-129.dynamic-ip.hinet.net, Read error: Connection reset by peer)
21:27fnurl has joined IRC (fnurl!~paul@111.251.136.210)
21:47gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Remote host closed the connection)
21:48
<vagrantc>
sbalneav: hrm. new libpam-sshauth and ltsp-pam isn't working on debian stretch
21:49
sbalneav: with lightdm
21:49* vagrantc tries the login on a getty
21:51
<vagrantc>
sbalneav: it looks like it isn't even trying to use pam_sshauth.so
21:51* vagrantc tries without hardening flags...
21:56
<vagrantc>
no dice
21:57gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
21:59
<vagrantc>
sbalneav: notably, pam_ck_connector isn't installed/doesn't exist
22:02gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 250 seconds)
22:04
<vagrantc>
sbalneav: well, gotta head out, talk to you later!
22:09Freejack has left IRC (Freejack!~Freejack@unaffiliated/freejack, Ping timeout: 244 seconds)
22:11vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
22:17ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)
22:41
<talntid>
alkisg, yes, i just even tried re-running it now
22:41
and i had ran it after installing chrome
22:47ogra_ has left IRC (ogra_!~ogra_@p5098ed03.dip0.t-ipconnect.de, Ping timeout: 260 seconds)
22:47ogra_ has joined IRC (ogra_!~ogra_@p5098ed03.dip0.t-ipconnect.de)
22:48
<talntid>
maybe i'm not installing it as a dependency properly
22:48
on the server: epoptes-client is already the newest version (0.5.10-1).
22:53
seems to work now
23:15Freejack has joined IRC (Freejack!~Freejack@unaffiliated/freejack)
23:15
<talntid>
aanddd now, tftp doesn't seem to be listening. LOL. didn't change anything that I know of...
23:21
and now it works again. dumb. probably not ltsp related. lol
23:22
everything seems to work now.
23:47gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)