IRC chat logs for #ltsp on irc.freenode.net (webchat)


Channel log from 30 April 2016   (all times are UTC)

01:03vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
01:13gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Remote host closed the connection)
01:24gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
01:28gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 240 seconds)
01:39Phantomas has left IRC (Phantomas!~ftsamis@ubuntu/member/phantomas, Quit: Leaving.)
03:50
<vagrantc>
sbalneav: https://code.launchpad.net/~vagrantc/+git/libpam-sshauth
03:51
https://help.launchpad.net/Code/Git
03:51
<sbalneav>
vagrantc: Did you get it working?
03:53
<vagrantc>
sbalneav: i pushed a repository
03:53
<sbalneav>
And you won't be able to log in text unless you make the pam changes to the common-* files, which is what I'd recommend.
03:53
Oh, I see it's git.
03:53
Cool
03:53
<vagrantc>
sbalneav: i made the changes to the login
03:53
er, /etc/pam.d/login
03:54
sbalneav: but the newest stuff doesn't work with lightdm or getty.
03:54
at least, not for me.
03:54
<sbalneav>
ok, let's see your pam for login, if you've got time.
03:54* vagrantc boots up the VM
03:59
<vagrantc>
sbalneav: this is the one that ltsp-pam creates: http://paste.debian.net/447615/
03:59
sbalneav: for lightdm ...
04:00
<sbalneav>
k, so lets change the auth required pam_sshauth.so host=server try_first_pass line to:
04:00
auth required pam_sshauth.so debug host=server try_first_pass
04:01
then, try logging in, and paste what gets in /var/log/auth.log
04:02
<vagrantc>
yeah.
04:02
i should really have an editor installed in the thin client...
04:03* vagrantc plays scp games
04:03
<sbalneav>
lol
04:08
<vagrantc>
sbalneav: http://paste.debian.net/447626/
04:11
<sbalneav>
ok, beautiful, so the sshauth part worked.
04:11
It's failing somewhere in the scripts.
04:11
<vagrantc>
sbalneav: what os/version did you test on?
04:11
<sbalneav>
sid
04:11
<vagrantc>
huh
04:12
wonder why it fails for me.
04:12
<sbalneav>
Well, that's what we're gonna find out :D
04:12
k, gimme 2 seconds...
04:13
<vagrantc>
sbalneav: i did reapply some of your missed patches from the other branch
04:13
sbalneav: like not hard-coding twm :)
04:13
<sbalneav>
from the ltsp-pam
04:13
<vagrantc>
yeah
04:13
<sbalneav>
is the "ssh-connect" python script there?
04:15
should be in /usr/share/ltsp-pam/
04:15
<vagrantc>
tries to import daemon, which isn't installed
04:15
<sbalneav>
ok
04:15
install python-daemon
04:16
<vagrantc>
and this is where ltsp-update-image drives me crazy
04:16* vagrantc pouts for lack of working NFS+overlay FS
04:17
<vagrantc>
at least i can install an editor this time around ...
04:18
hopefully it's just python-daemon, then.
04:19
<sbalneav>
Have you got libnss-extrausers installed as well?
04:19
<vagrantc>
can probably remove the dependency on daemon, too ?
04:19
sbalneav: yup, that's in the package dependencies
04:20
<sbalneav>
daemon isn't used anymore.
04:20
that python script handles it all.
04:20
<vagrantc>
when i diffed the two dirs, it looked like much less code :)
04:20
<sbalneav>
Yup.
04:21
Simplicity is the ultimate sophistication :D
04:22
<vagrantc>
libnss-extrausers, libpam-sshauth (>= 0.3), lightdm | gdm3 | x-display-manager, ltsp-client-core (>= 5.4.6~), net-tools, python, python-daemon
04:22
anything extra or obviously missing there?
04:22
<sbalneav>
That should be ok, I think
04:23
Later I'll re-write the ssh-connect, with a bit of work I could remove the dependency on python-daemon.
04:23
<vagrantc>
ok, now it fails faster
04:24
<sbalneav>
haha
04:24
<vagrantc>
it used to stall out for a while
04:24
<sbalneav>
any change in the logs?
04:25
take a look in /var/lib/extrausers, anything in there?
04:26
<vagrantc>
sbalneav: https://paste.debian.net/447637/
04:27
<sbalneav>
ok, that looked like it succeeded.
04:27
Other than the pam_ck failure.
04:27
is there an ssh tunnel running?
04:27
<vagrantc>
sbalneav: /var/lib/extrausers contains mostly empty files, except for shadow
04:28
and /var/lib/extrausers/user* with an entry in user.shadow
04:28
<sbalneav>
so no /var/lib/extrausers/files/user.passwd and user.group ?
04:29
<vagrantc>
sbalneav: there are two ssh processes, and /var/tmp/ltsp-server
04:29* vagrantc needs to check on something
04:29
<sbalneav>
can you pastebin a ps -ef | grep ssh ?
04:39* vagrantc is back...
04:42
<vagrantc>
sbalneav: https://paste.debian.net/447668/
04:43
<sbalneav>
ok
04:44
lets do a ssh -S /var/tmp/ltsp-server -O exit server
04:44
one of the ssh's should exit
04:44
kill the other one off manually
04:47
<vagrantc>
sbalneav: Control socket connect(/var/tmp/ltsp-server): Connection refused
04:47
well, that might explain some things...
04:49
sbalneav: should i kill them all off, and/or reboot and start over?
04:51
<sbalneav>
Yeah, kill them all off
04:51
Then try logging once again
04:51
We should have one ssh socket running
04:52
We've obviously got the socket starting, we just need to find why it's not pulling over the passwd and group info.
04:54
The /usr/share/ltsp-pam/auth/10-extrausers is what we're having problems with, somehow.
04:55
<vagrantc>
ok, so if i enter in an invalid password, it errors out with invalid username/password ... but if i enter in a valid password, it says "incorrect password, please try again"
04:56
sbalneav: ah, i'm using lightdm's default greeter ... not the webkit greeter ...
04:57
<sbalneav>
what's in /var/log/lightdm/lightdm.log?
04:57
<vagrantc>
but it has the same sorts of problem with getty/login
04:59
<sbalneav>
So, from the logs, libpam-sshauth is authenticating, which is good. That bit works.
04:59
It's passing the password to the pam_exec, and the ssh-connect python script is working, since the ssh-socket's starting.
05:00
Clearly, I need to modify the socket name to include a process id, but I can fix that later.
05:00
<vagrantc>
but the socket isn't accessible
05:00
<sbalneav>
right.
05:00
And we need to find out why.
05:00
What's the perms look like on the /var/lib/ltsp-socket
05:01
<vagrantc>
srw 1001 1001
05:01
no group/other permissions
05:02
1001 is the uid/gid of the user i'm trying to log in as
05:02
<sbalneav>
ok, so that sounds ok
05:02
so you've got a shell on one of the vt's right?
05:03
and it's a root shell?
05:03
<vagrantc>
yes, root on a vt
05:04
<sbalneav>
ok, so you *should* be able to do a "ssh -S /var/tmp/ltsp-socket -l ltsp server date
05:04
and get a date back
05:05
<vagrantc>
connection refused
05:06
then it prompts for a password
05:06
<sbalneav>
Well, that's a problem.
05:07
ok, it's past midnight here, I'm gonna head off. Here's something to test, on a full fledged debian server.
05:07
You SHOULD be able to, as a regular (unpriviledged user) do:
05:07
ssh -M -S /tmp/socket -N -n -l sbalneav server
05:08
You'll get an ssh socket master that just sits there quietly
05:08
<vagrantc>
that's pretty much how LDM's socket worked since forever, no?
05:08
<sbalneav>
right.
05:08
But, as ROOT, you should be able to do:
05:08
ssh -S /tmp/socket server date
05:09
and it should let you.
05:10
<vagrantc>
yup, that works.
05:10
<sbalneav>
ok.
05:10
<alkisg>
Morning guys
05:10
<sbalneav>
So we just need to find out why you're getting the connection refused.
05:11
maybe somthing about /var/tmp?
05:11
anyway
05:11
We can try again tomorrow.
05:11
But we're close.
05:11
<vagrantc>
yay!
05:11* vagrantc will try to get the security fixes uploaded, too
05:11
<sbalneav>
the libpam_sshauth is working perfectly and the socket's being plumbed, so that's awesome.
05:12
anyway, see you tomorrow (or later today) :D
05:12
<alkisg>
vagrantc: you can have /opt/ltsp/i386 in /dev/sda5 (or some loop device) and put nbd in the disk group and export it even if it's already mount rw on the server with the "noload" kernel flash... it works fine here for tests, no ltsp-update-image involved :)
05:12
<sbalneav>
night alkisg vagrantc
05:12
<alkisg>
night sbalneav :)
05:13
Err it's too early in the morning, "using the noload kernel parameter to make it past the ext startup fsck"
05:14
<vagrantc>
alkisg: even with a writeable FS?
05:14
<alkisg>
On the server yes, on the client it'll be read only,
05:15
and you might get issues on the client if you apt-get install/purge too much without rebooting the client
05:15* vagrantc waves to sbalneav
05:15
<alkisg>
But I've been using it for 3 months now, it's very nice
05:15
<vagrantc>
alkisg: i guess i'll start trying that
05:16
can save a lot of time...
05:16* vagrantc has never liked ltsp-update-image
05:17
<alkisg>
It does have a lot of benefits, e.g. squashfs => much smaller and faster, cleanup.d ==> can do ltsp-pnp, removing secrets etc, and it can even support exporting from .vdi files...
05:17
<vagrantc>
sure
05:18
<alkisg>
It would be much faster it if also supported a nice .diff file
05:18
<vagrantc>
so it only had to recompress the changes?
05:18
<alkisg>
Like, ltsp-update-image /opt/ltsp/i386 squashfs=/opt/ltsp/images/i386.img diff=/opt/ltsp/images/i386.diff ==> where it would only update the .diff
05:18
Yup
05:19
<vagrantc>
i'm pretty sure squashfs has some support for that
05:19
<alkisg>
I don't think it works like that
05:19
It's not 3-way
05:19
It only supports adding a few files to an existing image, not using a separate .diff
05:19
<vagrantc>
it can add/replace files, but doesn't really do deletion
05:21
<alkisg>
So how did pam-ssh go?
05:21
Did you get it to work?
05:23
<vagrantc>
libpam-sshauth is working, but there's something amiss with the ssh socket
05:28
so, the pam part is working, but we're not getting the ssh connection to the server
05:28zama has left IRC (zama!~zama@unaffiliated/stryx/x-3871776, Ping timeout: 244 seconds)
05:29gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
05:30* alkisg also saw some git branch emerge... ;)
05:32
<vagrantc>
i should make a ppa out of libpam-sshauth :)
05:34gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Ping timeout: 260 seconds)
05:35zama has joined IRC (zama!~zama@unaffiliated/stryx/x-3871776)
05:39zama has left IRC (zama!~zama@unaffiliated/stryx/x-3871776, Ping timeout: 244 seconds)
05:43zama has joined IRC (zama!~zama@unaffiliated/stryx/x-3871776)
05:43
<vagrantc>
well: https://code.launchpad.net/~vagrantc/+archive/ubuntu/libpam-sshauth-daily
05:43
<alkisg>
Awesome!
05:48
vagrantc: re: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701916, since the fix has been upstream for years now, should I just close that bug report and how?
05:50
<vagrantc>
alkisg: email 701916-done@bugs.debian.org ... if you know when it was fixed, include Version: x.y.z in the body.
05:50
<alkisg>
ty
05:51
<vagrantc>
i thought we reverted those changes, though
05:52
and came up with a better fix?
05:55
<alkisg>
vagrantc: no, they're still there, I haven't found any better workarounds though
05:55
It's been working fine ever since, I think I only saw that issue once or twice in the last 3 years
06:08vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
06:37ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
07:21Softeisbieger has joined IRC (Softeisbieger!~Softeisbi@ip-62-143-13-166.hsi01.unitymediagroup.de)
07:28johannes__ has joined IRC (johannes__!~Softeisbi@ip-62-143-13-166.hsi01.unitymediagroup.de)
07:44Softeisbieger has left IRC (Softeisbieger!~Softeisbi@ip-62-143-13-166.hsi01.unitymediagroup.de, Quit: Leaving)
10:06johannes__ has left IRC (johannes__!~Softeisbi@ip-62-143-13-166.hsi01.unitymediagroup.de, Ping timeout: 244 seconds)
11:05Phantomas has joined IRC (Phantomas!~ftsamis@ubuntu/member/phantomas)
11:15David______ has joined IRC (David______!42f95dce@gateway/web/freenode/ip.66.249.93.206)
11:15
<David______>
Hello guys, anyone here?
11:15
I have a problem
11:15
Steam won't launch on Fedora 23
11:15
I googled for 2 hours
11:16
Any solution
11:23David______ has left IRC (David______!42f95dce@gateway/web/freenode/ip.66.249.93.206, Ping timeout: 250 seconds)
11:47
<alkisg>
Haha, nice one
11:47
I also have a problem with my car, #ltsp is the correct channel to ask about it, right? :)
11:50schlady has joined IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de)
11:53schlady has left IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de, Remote host closed the connection)
11:54schlady has joined IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de)
11:58schlady has left IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de, Ping timeout: 252 seconds)
13:09gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
13:39GodFather has left IRC (GodFather!~rcc@96-35-101-212.dhcp.bycy.mi.charter.com, Ping timeout: 260 seconds)
13:45GodFather has joined IRC (GodFather!~rcc@96-35-101-212.dhcp.bycy.mi.charter.com)
13:47Phantomas has left IRC (Phantomas!~ftsamis@ubuntu/member/phantomas)
14:00GodFather has left IRC (GodFather!~rcc@96-35-101-212.dhcp.bycy.mi.charter.com, Ping timeout: 260 seconds)
14:15tharkun_ has left IRC (tharkun_!~0@201.157.71.45, Ping timeout: 268 seconds)
14:16tharkun has joined IRC (tharkun!~0@201.157.71.45)
15:29adrianorg has left IRC (adrianorg!~adrianorg@177.156.58.29, Ping timeout: 252 seconds)
15:31adrianorg has joined IRC (adrianorg!~adrianorg@177.156.227.170)
15:55gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Remote host closed the connection)
15:56gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
16:01gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Remote host closed the connection)
16:02gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
16:04gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
17:34gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Read error: Connection reset by peer)
17:35gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
17:59gbaman has left IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com, Read error: Connection reset by peer)
17:59gbaman has joined IRC (gbaman!~gbaman@host81-142-46-233.in-addr.btopenworld.com)
19:12GodFather has joined IRC (GodFather!~rcc@2600:1007:b022:4203:f0fa:e211:acac:8e7f)
20:07FJulien has joined IRC (FJulien!~julienf@77.42.170.49)
20:38
<maldridge>
ha, I actually spent quite a while trying to get steam to work with ltsp, only to never actually use it once it was up and working
20:53FJulien has left IRC (FJulien!~julienf@77.42.170.49, Quit: FJulien)
22:03Marqin is now known as marqin_
22:12
<alkisg>
maldridge: did it need special care for running under ltsp? why so? sshfs issues?
22:12marqin_ has left IRC (marqin_!~marqin@spiramirabilis.net, Quit: leaving)
22:17
<maldridge>
it needed some special stuff because the home folder was on a COW volume
22:18
<alkisg>
Ah, so not under stock ltsp, but modified...
22:18
<maldridge>
yeah, I needed to have one pristine steam_root and then load that on a bunch of accounts
22:20ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)
22:49ogra_ has left IRC (ogra_!~ogra_@p5098ed03.dip0.t-ipconnect.de, Ping timeout: 240 seconds)
22:49ogra_ has joined IRC (ogra_!~ogra_@p5098ed03.dip0.t-ipconnect.de)
23:00vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
23:54FJulien has joined IRC (FJulien!~julienf@77.42.170.49)
23:59FJulien has left IRC (FJulien!~julienf@77.42.170.49, Ping timeout: 246 seconds)