IRC chat logs for #ltsp on irc.freenode.net (webchat)


Channel log from 13 May 2016   (all times are UTC)

01:16raphr has left IRC (raphr!~chatzilla@mail.cpe-chartreux.com, Remote host closed the connection)
03:11
<alkisg>
Leolo_2: about nfs/nbd, note that overlay, nbd and aoe are upstream kernel modules that should work on any distro,
03:11
and that overlay doesn't work over nfs (a kernel issue), so we're not using it anymore in recent ltsp versions
03:12
So it might save you time to invest in upstream solutions instead
03:12
About ltsp-update-image, you can completely avoid it if you use a loopback btrfs or ext4 image instead of a chroot
03:13
About the DM, if you want PAM, try libpam_sshauth, it's in a good state and it's the "future", what we'll be using in ltsp 6
03:14
I don't think it makes any sense to use the ldm greeter without its backend. The backend is plugin based, you can write whatever backend you want, but personally I still wouldn't invest coding time there.
04:09
"so we're not using it anymore in recent ltsp versions" ==> I meant nfs there, it doesn't work as the root device in recent kernels because of the overlay module limitations
04:09championofcyrodi has joined IRC (championofcyrodi!~Charles@c-71-62-74-255.hsd1.va.comcast.net)
05:04ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
05:06alkisg has left IRC (alkisg!~alkisg@ubuntu/member/alkisg, Quit: Leaving.)
05:09alkisg has joined IRC (alkisg!~alkisg@ubuntu/member/alkisg)
06:00kjackal_ has left IRC (kjackal_!~kjackal@2a02:587:3117:9e00:a136:df82:6197:31ce, Ping timeout: 260 seconds)
06:18mikkel has joined IRC (mikkel!~mikkel@mail.dlvs.dk)
06:36kjackal_ has joined IRC (kjackal_!~kjackal@onopfy.static.otenet.gr)
06:41FJulien has joined IRC (FJulien!~julienf@77.42.226.226)
06:45championofcyrodi has left IRC (championofcyrodi!~Charles@c-71-62-74-255.hsd1.va.comcast.net, Read error: Connection reset by peer)
07:13FJulien has left IRC (FJulien!~julienf@77.42.226.226, Quit: FJulien)
07:16FJulien has joined IRC (FJulien!~julienf@77.42.226.226)
07:30FJulien has left IRC (FJulien!~julienf@77.42.226.226, Quit: FJulien)
07:31FJulien has joined IRC (FJulien!~julienf@77.42.226.226)
07:33FJulien has left IRC (FJulien!~julienf@77.42.226.226, Client Quit)
07:50_cool has joined IRC (_cool!~cool@host-178.249.90.17.net.telepuls.pl)
07:52
<_cool>
hey i got a problem with ltsp on ubuntu ltsp 14.04 everything work great until yesterday , i checked the image ( builded client from scratch ) , update sshkeys , updated image after build from scratch . Mine setup is ltsp-server with external DHCP and nbd-server. The problem is i can't log in on client side . Any quick tips ?
08:01
<alkisg>
_cool: try this in your lts.conf: RCFILE_01="ssh-keyscan server >/etc/ssh/ssh_known_hosts 2>/dev/null &"
08:01
Then reboot the client and see if you can login
08:01
If yes, it's a problem with your ssh keys
08:04
<_cool>
ok i will try this :)
08:08
still no change ;/
08:08
<alkisg>
!screen_02
08:08
<ltsp>
screen_02: To get a root shell on an Ubuntu thin client: https://help.ubuntu.com/community/UbuntuLTSP/ClientTroubleshooting#Using_a_shell_SCREEN
08:08
<alkisg>
OK, get a root shell on the client ^ and let's try from there
08:09
<_cool>
ok w8 a sec
08:12
ok I'm in
08:12
so what to look for :)
08:12
<alkisg>
Try this command:
08:12
ssh <user>@server
08:12
Put an existing username and try to login, BUT don't replace "server"
08:13
<_cool>
yes i can ssh to a server as user
08:13
<alkisg>
Not "a server"
08:13
It's a special name
08:13
Try it with "server" there
08:13
<_cool>
yes tha same result
08:13
<alkisg>
And see if you get any key errors or even warnings
08:13
<_cool>
i can log in with ssh
08:13
from client
08:14
without any warning || errors
08:14
<alkisg>
So from the client root shell, you ran `ssh cool@server`, and you didn't get any warnings at all/
08:14
<_cool>
yes
08:14
no errors
08:14
<alkisg>
Not even "adding the ssh keys for xxx"?
08:14
<_cool>
no
08:14
<alkisg>
I doubt that, since we're not saving the IP
08:14
OK anyway
08:14
<_cool>
dsh keys was not changed on serer if your asking
08:14
dsa
08:14
i mean
08:15
<alkisg>
cat /etc/rc.local
08:15
Do you see the ssh-keyscan command there?
08:15
(still on the client root shell)
08:16
<_cool>
No there only standard skel file with exit and hashbang on the begining
08:16
rest of file ist commented
08:16
<alkisg>
Do you see root@ltsp123 as the prompt there?
08:16
I.e. is the hostname ltspxxx?
08:17
<_cool>
jest
08:17
yes
08:17
<alkisg>
OK, what does `getltscfg -a` say?
08:17
Does it return the RCFILE_01 line?
08:17
<_cool>
that is error on 5th line
08:18
and on server i that lts.conf
08:18
LOCAL_APPS = True
08:18
<alkisg>
Can you put the whole lts.conf to pastebin?
08:18
<_cool>
ok w8
08:19
http://pastebin.com/nPNAea9u
08:20
<alkisg>
[default] needs to be on top of all the directives
08:20
That's the syntax error
08:20
Also, you have LDM_AUTOLOGIN without specifying a usename
08:20
Disable LDM_AUTOLOGIN while you're trying to troubleshoot login problems
08:23schlady has joined IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de)
08:23
<_cool>
ok
08:27
now getltscfg -a fetches whole config but problem is still present
08:29
<alkisg>
Did you disable LDM_AUTOLOGIN?
08:29
<_cool>
yes
08:30
<alkisg>
Are you trying to login with the same user as the one that you tried in the console/ssh try?
08:30
<_cool>
i remove it from lts.conf
08:30
yes
08:30
<alkisg>
On the server, run: tail -f /var/log/auth.log
08:30
Then try to login from the client
08:31
Do you see a success or failure entry on the server?
08:32
<_cool>
yes
08:32
<alkisg>
What does it say, success or failure?
08:32
<_cool>
tahat is open session for user
08:33
thensystemd-logind closes the session
08:33
and sshd recived disconnect by user
08:33
<alkisg>
OK then it's not an issue with authentication, it's the client that disconnects
08:33
Back to the client. In "Preferences" => select session, do you have an "xterm" session?
08:34
<_cool>
safe xterm ?
08:34
<alkisg>
Yup, that one
08:34
Select that one and then try again to login
08:35
<_cool>
the same outcome
08:36
that's strange because this setup worked perfectly for 6 months
08:36
and yesterday went sideways
08:36
<alkisg>
It was yesterday that you rebuild the image?
08:36
<_cool>
upgraded packages from apt
08:36
then update image
08:37
*updated
08:37
<alkisg>
So, it's not strange
08:37
It's because of the updates, or of the ltsp-update-image, or from things that were done in the chroot months ago, and only now reached the clients
08:38
I don't know exactly what part broke it though
08:38
It needs more troubleshooting...
08:38
<_cool>
no the update-image was done few times since initial build-client because i added local apps
08:38
to the chroot
08:39
Ok resuming
08:39
<alkisg>
There's an ltsp-update-image --revert option
08:39
You can try that to see if the old image works
08:39
<_cool>
ok
08:39
but
08:39
<alkisg>
It's saved in /opt/ltsp/images/i386.img.old, and --revert puts it back
08:39
<_cool>
the quick way
08:39
if i build the client from scratch
08:40
will that be more helpfull on fresh image
08:40
<alkisg>
build client ==> half an hour. --revert ==> half a second
08:40
<_cool>
to debug the problem ?
08:40
no build client will be very fast it's dell server with 2 quad cores wit ht and 96 gigs of ram :D
08:40
<alkisg>
Well it appears that access to the client will be needed, so I'm not sure how much we can do over IRC...
08:41
There's remote support with vnc and access to the client via epoptes, but that's too much to do for free support :)
08:41
<_cool>
i know i just need a direction to look for :)
08:41
<alkisg>
At that point, where you can authenticate and yet xterm doesn't run, you'd need to step-by-step through the ltsp login scripts
08:42
<_cool>
we menage a houndreds of debian based systems but the ltsp stuff it's some kind frustrating at this point because it's so straight foward solution to build
08:43
so potential problem is on the line X11 and ldm on the client and X11 and ldm on the server ?
08:44
<alkisg>
The ltsp login scripts do a lot of things. Any one of them can break.
08:44
For example, if they cannot mount /home/username, they'll fail, and you'll see what you see now
08:44
But there's no easy way to check for all those things without actually debugging those scripts
08:44
<_cool>
i thought that problem is with nbd server
08:45
<alkisg>
No, nbd is needed to get to the login screen and you're already there
08:45
<_cool>
ok :)
08:46robb_nl has joined IRC (robb_nl!~robb_nl@ip-83-134-2-10.dsl.scarlet.be)
08:47
<_cool>
but that mount a home directory broblem will occour localy and remotly
08:47
<alkisg>
Don't focus on the example
08:47FJulien has joined IRC (FJulien!~julienf@37.209.255.85)
08:47
<_cool>
yeah i know just sayin :)
08:47
<alkisg>
It's one out of 100 things that can go wrong with the login scripts
08:47
<_cool>
I know same ol same ol :)
08:48
I think i will try to rebuild whole client image and start from there
08:49
<alkisg>
OK, if the problem is in the chroot, that should solve it even if you won't know what was wrong
08:49
If the problem is not in the chroot, it won't solve it
08:49
<_cool>
yes i know
08:49
but less options is better to track the problem
09:16cyberorg has left IRC (cyberorg!~cyberorg@opensuse/member/Cyberorg, Remote host closed the connection)
09:17schlady has left IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de, Remote host closed the connection)
09:32schlady has joined IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de)
09:47schlady has left IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de, Remote host closed the connection)
09:48cyberorg has joined IRC (cyberorg!~cyberorg@opensuse/member/Cyberorg)
09:51schlady has joined IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de)
10:02robb_nl has left IRC (robb_nl!~robb_nl@ip-83-134-2-10.dsl.scarlet.be, Quit: I'm gone, bye bye)
10:05Gremble has joined IRC (Gremble!~Ben@176.12.107.140)
10:05Gremble is now known as Guest24361
10:09kjackal_ has left IRC (kjackal_!~kjackal@onopfy.static.otenet.gr, Read error: Connection reset by peer)
10:13lbssousa has joined IRC (lbssousa!~lbssousa@177.143.29.73)
11:02gbaman has joined IRC (gbaman!~gbaman@cpc15-belf9-2-0-cust171.2-1.cable.virginm.net)
11:09schlady has left IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de, Remote host closed the connection)
11:10_cool has left IRC (_cool!~cool@host-178.249.90.17.net.telepuls.pl, Quit: Lost terminal)
11:20Guest24361 has left IRC (Guest24361!~Ben@176.12.107.140, Remote host closed the connection)
11:22asmok has joined IRC (asmok!~asmok@df-wswyy8-pz5nb2jlgmt-3.rev.dnainternet.fi)
11:23schlady has joined IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de)
11:24
<asmok>
FYI - I asked and Liz Eben answered: "A little finessing to do there yet – but keep an eye on this blog for more on the subject!" - https://www.raspberrypi.org/blog/another-update-raspbian/#comment-1258121
11:25
Well, Liz is Eben's wife, so "Liz Upton" answered... ;-)
11:27asmok has left IRC (asmok!~asmok@df-wswyy8-pz5nb2jlgmt-3.rev.dnainternet.fi)
11:31schlady has left IRC (schlady!~schlady@ip1f111304.dynamic.kabel-deutschland.de, Remote host closed the connection)
11:43kjackal has joined IRC (kjackal!~kjackal@2a02:587:3117:9e00:503:aeb8:76a7:dc48)
11:58Faith has joined IRC (Faith!~paty_@unaffiliated/faith)
12:29FJulien has left IRC (FJulien!~julienf@37.209.255.85, Quit: FJulien)
12:54FJulien has joined IRC (FJulien!~julienf@37.209.255.85)
13:23gbaman has left IRC (gbaman!~gbaman@cpc15-belf9-2-0-cust171.2-1.cable.virginm.net, Remote host closed the connection)
13:33gbaman has joined IRC (gbaman!~gbaman@cpc15-belf9-2-0-cust171.2-1.cable.virginm.net)
13:38gbaman has left IRC (gbaman!~gbaman@cpc15-belf9-2-0-cust171.2-1.cable.virginm.net, Ping timeout: 276 seconds)
13:53ben_roose has joined IRC (ben_roose!~roose@roose.cs.wichita.edu)
14:12mikkel has left IRC (mikkel!~mikkel@mail.dlvs.dk, Quit: Leaving)
14:42FJulien has left IRC (FJulien!~julienf@37.209.255.85, Quit: FJulien)
15:13robb_nl has joined IRC (robb_nl!~robb_nl@ip-83-134-2-10.dsl.scarlet.be)
15:17FJulien has joined IRC (FJulien!~julienf@77.42.226.226)
15:25vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
15:35gbaman has joined IRC (gbaman!~gbaman@cpc15-belf9-2-0-cust171.2-1.cable.virginm.net)
15:39gbaman has left IRC (gbaman!~gbaman@cpc15-belf9-2-0-cust171.2-1.cable.virginm.net, Ping timeout: 244 seconds)
15:54robb_nl has left IRC (robb_nl!~robb_nl@ip-83-134-2-10.dsl.scarlet.be, Quit: I'm gone, bye bye)
16:08adrianorg has left IRC (adrianorg!~adrianorg@191.32.100.100, Ping timeout: 240 seconds)
16:10adrianorg has joined IRC (adrianorg!~adrianorg@189.58.235.168.dynamic.adsl.gvt.net.br)
16:24Faith has left IRC (Faith!~paty_@unaffiliated/faith, Quit: Leaving)
16:28raphr has joined IRC (raphr!~raphr@2a01:e35:2f01:481f:d8ac:8731:f2c9:6eda)
16:29
<raphr>
hi. What is the best way to test last release of ltsp on older distrib ?
16:31
<vagrantc>
depends on your distribution ... and what you mean by testing on an older distribution
16:31
you could use a virtual machine and run a new OS to test later releases
16:31
or do you mean access an older distribution from an LTSP environment running something newer?
16:32
<raphr>
I'm interested in new ltsp client from debian jessie server
16:32
<vagrantc>
so, you want debian stretch LTSP clients on a debian jessie server?
16:35
<raphr>
would like to test ubuntu
16:35
without adding dedicated vm
16:36
<vagrantc>
it's been a while since i've tested installing ubuntu from debian ... though in theory it might work
16:39
<raphr>
16.04 is the current base devel ?
16:39
<vagrantc>
ubuntu 16.04 was released last month, it's not development version anymore
16:40* vagrantc also needs to update the ltsp backports for jessie-backports
16:43
<raphr>
OK. For now build-client doesnt seems to recognize xenial
16:44
VENDOR="Ubuntu" and dist="xenial"
16:52
I've looked in source tee from ppa and wonder how devel is working. As there is many diferences with installed packages
16:52
<vagrantc>
what do you mean by devel?
16:53
<raphr>
ppa ltsp tree
16:55
it would be to have another test version not conflicting with installed one
16:56PeperPots has left IRC (PeperPots!sid1218@gateway/web/irccloud.com/x-wfiziafqbpdcjyzz, Read error: Connection reset by peer)
16:57
<raphr>
but I'm used to configure and Makefiles
16:57
<vagrantc>
the PPA doesn't support Debian
16:57
it's ubuntu-specific
16:58
<raphr>
so there's non common tree ?
16:59
<vagrantc>
there's the source code: https://code.launchpad.net/~ltsp-upstream/
17:03PeperPots has joined IRC (PeperPots!sid1218@gateway/web/irccloud.com/x-eaqrsmfsvcadxfko)
17:03
<raphr>
many branches
17:04
they are then all replicated to be debian or ubuntu specific ?
17:05
<vagrantc>
no
17:05
the upstream source has code for multiple distros
17:05
but the packages built for each distro may be different.
17:08
<raphr>
thos seems the one for debian https://alioth.debian.org/scm/loggerhead/pkg-ltsp/ltsp-debian-packaging/files
17:10
humm not correct. this is only the debian's tree
17:11
<vagrantc>
raphr: the reason VENDOR="Ubuntu" DIST="xenial" didn't work is likely that tools on debian jessie, such as debootstrap, may not support the newer ubuntu versions yet
17:11
raphr: and possibly other bugs. it's a rarely tested codepath
17:12
<raphr>
I understand
17:13
<vagrantc>
and apparently debootstrap in jessie-backports is one version behind the version that supports xenial
17:13
<||cw>
huh. I'd have thought that the ubuntu vendor handler would just concat the dist into the urls templates so anything would work
17:14
<raphr>
it is then debootstarp's fault
17:14
<vagrantc>
it uses an entirely different tree
17:14
raphr: i *bet* you can just symlink gusty -> xenial in /usr/share/debootstrap/scripts/
17:15
<raphr>
how many beers do you bet :D ?
17:16* vagrantc is not the betting type
17:16
<vagrantc>
my bets are empty assertions
17:16
used for dramatic effect
17:17
raphr: that said, you probably want to install ltsp-server from jessie-backports ... and i should really get that updated to the latest
17:18
<raphr>
OK, I think it is safer to test with jessie-backpaorts
17:18
<||cw>
I'd symlink raring instead
17:18
<vagrantc>
||cw: all of the symlinks are to gutsy
17:18
<||cw>
huh, no
17:19
<vagrantc>
raring is just a symlink to gutsy on my machine.
17:19
<||cw>
oh I see, warty is the only different one
17:19
well, pree gutsy
17:20
<raphr>
deboostrap is very different in debain and ubuntu then
17:21
<||cw>
raphr: the symlinks are the same on my debian and ubuntu
17:21
<raphr>
||cw: ok, nice to know
17:22
<Leolo_2>
ok, so I just read the libpam-sshauth and wow, storing a password as clear-text on the hard drive? really?
17:22
<||cw>
but yeah, I can see the scripts being different, but copying a file over to diff is more than I want to do right now, as it's lunch time
17:23
<raphr>
Good lunch !
17:23
<vagrantc>
Leolo_2: i didn't think it does that anymore
17:25
<Leolo_2>
I'm looking at the current bzr code
17:26
unless http://bazaar.launchpad.net/~sbalneav/ltsp/libpam-sshauth/files isn't the source of the most recent version
17:30
<raphr>
I tried just by curiosity xenial's symlink. It seems working
17:31
<vagrantc>
Leolo_2: not sure if it's out of sync with sbalneav's branch, but we've been experimenting with git: https://code.launchpad.net/~ltsp-upstream/+git/libpam-sshauth
17:39
<Leolo_2>
right
17:39
that *only* authenticates with ssh. it doesn't setup anything that can use sshfs
17:42
<raphr>
Do you know if italc is working with xenial ltsp ?
17:43
<alkisg>
!epoptes | echo raphr:
17:43
<ltsp>
raphr: epoptes: Epoptes is a computer lab administration and monitoring tool. It works on Ubuntu and Debian based labs with LTSP or non-LTSP servers, thin and fat clients, standalone workstations, NX clients etc. More info: http://www.epoptes.org
17:43
<alkisg>
italc had too many crashes in the past, so we developed that one instead
17:43
Also, note that:
17:43
!ltsp-pnp
17:43
<ltsp>
ltsp-pnp: ltsp-pnp is an alternative (upstream) method to maintain LTSP installations for thin and fat clients that doesn't involve chroots: https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp
17:43
<alkisg>
...you can create an ubuntu chroot that ^ way elsewhere, and just put it to your debian's /opt/ltsp/images folder
17:44
elsewhere == other pc, a vm...
17:44
The plus is that it's a fat chroot, able to serve both thin and fat clients
17:44
<raphr>
alkisg: thank you. I knew about epoptes, but not lts-pnp
17:45
Sadly windows is a need for teacher's PC so I thought about italc
17:46
<alkisg>
Yup that's the best reason to run italc
17:46
Although sometimes i prefer putting windows in a vm, and launching it on ltsp client boot, and then controlling the client via epoptes
17:47
<raphr>
Humm, that's not bad idea
17:51kjackal has left IRC (kjackal!~kjackal@2a02:587:3117:9e00:503:aeb8:76a7:dc48, Ping timeout: 260 seconds)
17:52
<raphr>
12 points for Greece :p
17:53
<vagrantc>
Leolo_2: yeah, libpam-sshauth does the pam part, our examples use pam_exec to set up other things like sshfs
17:54
<alkisg>
raphr: haha, is that about eurovision? I haven't seen it at all this year, but I think it's the first time that greece was cut off very early in the process :)
17:55
<raphr>
It is tomorrow afaik :)
17:57kjackal has joined IRC (kjackal!~kjackal@2a02:587:3117:9e00:503:aeb8:76a7:dc48)
18:08
<raphr>
Ok ltsp client xenial build seems huge (fat client by default ? ). And it's time for me to go. Thank you for support. Happy week end ! Monday's another day off here.
18:09raphr has left IRC (raphr!~raphr@2a01:e35:2f01:481f:d8ac:8731:f2c9:6eda, Quit: ChatZilla 0.9.92 [Firefox 46.0.1/20160502172042])
18:12
<Leolo_2>
examples/ltsp-session is not on git
18:13
<vagrantc>
Leolo_2: true ... i should fix that ... and kill off the bzr version of libpam-sshauth
18:20kjackal has left IRC (kjackal!~kjackal@2a02:587:3117:9e00:503:aeb8:76a7:dc48, Ping timeout: 260 seconds)
18:30
<sbalneav>
Leolo_2: That's not happening anymore.
18:31
<vagrantc>
sbalneav: heya!
18:31
sbalneav: would you mind if i rebased your new ltsp6-pam stuff back onto the old ltsp-pam and moved it over to git?
18:31
<sbalneav>
vagrantc: Yeah, ditch the old version.
18:32
vagrantc: No, go right ahead.
18:32
<vagrantc>
sbalneav: you're so accomodating
18:32
sbalneav: any chance you can swing by capetown in late june/early july?
18:32
<sbalneav>
Capetown.... South africa?
18:32
<vagrantc>
yeah
18:33
<sbalneav>
lol, prolly not.
18:33
<vagrantc>
sbalneav: sure would be good tro cross paths again sometime soon and really crank on ltsp6
18:34* vagrantc would love to figure out a time and place where at least sbalneav, alkisg and vagrantc could really go to town
18:34
<ogra_>
that would prolly be in greece then :)
18:35
<sbalneav>
I thought you and alkisg were gonna get a gofundme/kickstarter/etc thing going, and we were all gonna convene in maine!
18:35
<ogra_>
!
18:35
<sbalneav>
hey ogra_
18:35
<ogra_>
hey sbalneav ... nice weather in your country ;)
18:35* ogra_ enjoys the sun in vancouver since monday ...
18:35
<vagrantc>
sbalneav: there's been talk of something along those lines, but the effort required hsn't yet manifested
18:36* vagrantc tosses a stone to vancouver
18:36* ogra_ catches it
18:37
<sbalneav>
If it wasnt my 25th wedding anniversary this year, and I already have a couple trips planned this season, I'd be inclined to just load up the station wagon and drive out to you for a week, vagrantc
18:38* talntid2 watches the stone get thrown from Spokane
18:39
<sbalneav>
https://github.com/sbalneav/libnss-external
18:39
I gotta figure out the launchpad git stuff
18:39
<vagrantc>
it's been 10 years since i met jammcq, sbalneav, ogra_ and other ltsp folks when we specced out ltsp5
18:40
<sbalneav>
then I'll move it over to LP
18:40
<vagrantc>
sbalneav: it's really quite easy
18:40
<sbalneav>
but libnss-external and libpam-external will be my magnum opuses... opii?
18:41
<vagrantc>
sbalneav: git remote add lp git+ssh://USER@git.launchpad.net/~USERORPROJECT/+git/REPOSITORY
18:42
sbalneav: https://help.launchpad.net/Code/Git
18:42
<sbalneav>
k, lemme try
18:43
<vagrantc>
there are some things on the help page to be able to use lp: URLs
18:47mmetzger has joined IRC (mmetzger!~mmetzger@172-125-4-17.lightspeed.rcsntx.sbcglobal.net)
18:50
<ogra_>
vagrantc, yeah, it is time for a celebration
19:02mmetzger has left IRC (mmetzger!~mmetzger@172-125-4-17.lightspeed.rcsntx.sbcglobal.net, Ping timeout: 250 seconds)
19:08alkisg has left IRC (alkisg!~alkisg@ubuntu/member/alkisg, Quit: Leaving.)
19:10
<Leolo_2>
here's a question : if ldm is by-passing pam and using ssh to authenticate, how does something like getpwnam work?
19:13
<sbalneav>
It doesn't :D
19:13
That's what we're trying to solve.
19:13
vagrantc: I just pushed:
19:13
<Leolo_2>
I'm guessing NIS is out?
19:13
<sbalneav>
git+ssh://sbalneav@git.launchpad.net/~ltsp-upstream/+git/libnss-external
19:13
But I can't see it anywhere
19:14
Leolo_2: The plan is to (hopefully) provide both pam and NSS services over ssh.
19:15FJulien has left IRC (FJulien!~julienf@77.42.226.226, Quit: FJulien)
19:17
<sbalneav>
vagrantc: ahhhhh
19:17
https://code.launchpad.net/~ltsp-upstream/+git
19:17
ok
19:17
vagrantc: I propose all LTSP6 stuff happen in git.
19:23
<Leolo_2>
so the NSS server would be running on the server? or on the client with data that was grabbed from the server (id -u, id -g and so on?)
19:24
NIS, even
19:25
<sbalneav>
We have no plans for officially supporting NIS that I'm aware of.
19:25
We want everything to go over the ssh tunnel that we plumb.
19:25
<Leolo_2>
or even getent passwd USER
19:26
<sbalneav>
Yes, all NSS stuff should happen over the plumbed ssh tunnel.
19:27
hence https://git.launchpad.net/~ltsp-upstream/+git/libnss-external?h=master
19:27
<Leolo_2>
gotcha
19:28lurky has left IRC (lurky!~paul@36-225-23-210.dynamic-ip.hinet.net, Read error: Connection reset by peer)
19:28
<sbalneav>
If we do that, then everything between client and server is secure.
19:28fnurl has joined IRC (fnurl!~paul@36-225-250-95.dynamic-ip.hinet.net)
20:00lunz has joined IRC (lunz!bed52637@gateway/web/freenode/ip.190.213.38.55)
20:01
<lunz>
hi, anyone can resolve pxe-t02/e53 errors?
20:02alkisg has joined IRC (alkisg!~alkisg@ubuntu/member/alkisg)
20:04FJulien has joined IRC (FJulien!~julienf@77.42.226.226)
20:14FJulien has left IRC (FJulien!~julienf@77.42.226.226, Quit: FJulien)
20:14
<lunz>
i have a server assigned static IP (through network-manager), thin clients and a wifi router (for Internet) plugged into a switch (and simulated in virtualbox using NAT, as well) and followed this guide exactly: https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp, choosing the alternate DNS resolution described there for the wifi router to act as DNS/DHCP server, but I keep getting PXE-T02, PXE-E53 errors physically and in virtualbox
20:18
i've tried installing LTSP on Ubuntu, Xubuntu and Mate and even tried various online tweaks without success
20:19lbssousa has left IRC (lbssousa!~lbssousa@177.143.29.73, Quit: Leaving)
20:19
<lunz>
is this hassle to build a basic ltsp network usual?
20:21
<vagrantc>
my guess is probably somethig amiss with DHCP configuration
20:23
<lunz>
mine too, but i cant narrow it down; i've experimented with variables in different conf files one-at-a-time, but no luck
20:23
<vagrantc>
you're using proxydhcp configuration with dnsmasq?
20:24
the virtualbox NAT will proably not get the right DHCP information for sure...
20:26
<lunz>
yes, dnsmasq ... but I get the same prob in the physical network i'm working on
20:27
but wouldnt virtualbox be the one assigning the dhcp info when dnsmasq_except=lo?
20:28
... and when proxy is used instead of assigning address ranges?
20:29
<vagrantc>
i doubt the virtualbox NAT setup would work correctly with proxyDHCP ... but i haven't used virtualbox in ages.
20:30
lunz: with the PXE-* errors, does it show you any ip addresses? tftp errors?
20:31
<lunz>
i managed to get virtualbox working with ltsp when i started trying it out using legacy ltsp (cant reproduce), but now i've switched to ltsp-pnp
20:31
<||cw>
I'd avoid all virtualization NAT
20:32
<lunz>
yes, the client displays ip addresses, so it's definitely connecting but i'm getting tftp violation and image reading errors
20:32
well, NAT is the only way i can think of emulating the router
20:33
... and the only way i know to access Internet on the same card (i'm using the 1-NIC method)
20:33
<||cw>
can you get another else in tftp/pxe to work? like livecd or pxeknife, or anything? even just a memtest86?
20:34kjackal has joined IRC (kjackal!~kjackal@2a02:587:3117:9e00:503:aeb8:76a7:dc48)
20:34
<lunz>
i'm not that expert ... i'm just learning ltsp, pxe, tftp, etc
20:35
right now i'm following "recipes" online, like the link above
20:36
the concept sounded simple and i decided to build a small homework centre
20:37
<||cw>
I also use a 1 nic method, but I have windows AD DHCP handling the addressing directly, giving the tftp address to another linux box that handles pxekniife and ISOs, and that has a menu option to hit the ltsp server's tftp via CONFIG and APPEND lines
20:37
it sounds complex, but it's flexible, and really not that hard
20:37
<lunz>
wow, i dream of reaching that level
20:38
i figured after getting ltsp working, i might add on ldap .. but i cant even get off the ground
20:38
<||cw>
I have 3 deployements, all different
20:39
one is the traditional 2 nic method, with the ltsp server as a VM that runs dnsmasq for a vlan where the thin clients are
20:39
that might be the easiest to setup
20:40
<lunz>
i dont understand how the youtube videos and online articles, both old and new, make it seem so strightfoward, while i cant get their instructions to work
20:40
<||cw>
is 1 nic what you want? so you can have thin and normal PCs ont he same lan?
20:41
and if so, what are you using for DHCP now?
20:41
<lunz>
i started off simulating the 2-NIC on virtualbox but i dont have access to 2-NIC computers ... i'm using a poor man's network with old equipment and just a wifi router
20:42
i was advised the 1-NIC pnp method would be a simpler, out-of-the-box solution
20:42
<||cw>
k, so full virtual simulation on 2-nic, make sure you aren't using NAT, just host only networks (i don't know what vbox calls it)
20:43
it is, but you need better control than most wifi routers can give
20:43
but you can disable the routers dhcp and just use dnsmasq on your lets server
20:43
ltsp server
20:44* vagrantc isn't sure why proxydhcp isn't working
20:44
<||cw>
personally, that's what I'd do for a small lan
20:44
vagrantc: probably something the router is doing wrong
20:44
most of them are complete turds
20:44
<lunz>
i have a working 2-nic vm, one for NAT and the other for internal network, but i cant replicate that setup on the 1-NIC physical network i'm working on
20:46
<vagrantc>
lunz: is the wifi router using the default dhcp configuration, or did you customize it at all?
20:46
<lunz>
maybe i'm missing some other settings to offload dhcp services to the router? besides the dnsmasq_except and proxy directives ...
20:46
<||cw>
if your router does let you enter dhcp options, add a 066 with your ltsp server IP, and a 067 with "pxelinux.0". make sure the ltsp tftp is set to have the base path as /var/tftp/
20:46
<vagrantc>
so much manual configuration...
20:46
<||cw>
yeah
20:47
<lunz>
well, i dont even have access to modifying the router: it's borrowed, so i let it use default settings to hand out addresses ... and the switch is unmanaged too
20:47
<||cw>
it's still easier than dealing with crappy wifi router implementations though
20:48* ||cw prefers manual to magic
20:48
<||cw>
and proxy is magic
20:50
<lunz>
i started off setting ips manually in virtualbox, but i understand that's discouraged with ltsp-pnp, am i right? /etc/network/interfaces should be default, not extended ...
20:51
<||cw>
that can have problems with pxe
20:51
<vagrantc>
honestly, network-manager might be a great source of problems
20:53
<lunz>
thing is, i get problems whether i set network manager manually or leave it alone, then i learned that it wasnt necessary to purge networkmanager and that ltsp-pnp uses it rather than the interfaces file
20:54
so i'm at a loss: keep nm? purge nm? static nm? default nm?
20:57
as long as i'm getting server Internet and client ips, I consider that a good sign in terms of connectivity
21:00
<alkisg>
lunz: are you on the physical or in the vm setup now?
21:00
<lunz>
which brings the issue back to the pxe-t02/e53 errors: file not found/tftp violation .. cannot read from boot medium
21:00
<vagrantc>
lunz: so, your setup is internet modem (cable? DSL?) -> wifi router -> switch -> servers & clients?
21:00
<lunz>
right now on vm
21:00
wont be on physical till next week
21:01
<vagrantc>
ah.
21:01
<alkisg>
Are you using NAT or bridged mode?
21:01
<lunz>
setup is wifi AP, ltsp server, ltsp clients plugged into unmanaged switch
21:02
<||cw>
the clients are phsycial
21:02
is server as well?
21:02
<lunz>
on vm, using NAT ... hoping to keep the virtual network private/contained
21:03
<alkisg>
You can't do DHCP behind NAT
21:03
<||cw>
PXE-T02 seems to be vbox specific, and the "fix" seems to be to sue bridge mode and enable promiscuous mode
21:03
<alkisg>
You can only use NAT with DHCP if your clients are virtual as well
21:03
<lunz>
that setup described was for the physical network alkisg asked about
21:03
<||cw>
k, but we need the whole stack
21:04
does vbox have anything like vmware's host only ?
21:04
<alkisg>
Sure
21:04
<||cw>
use that
21:04
<lunz>
the physical and virtual networks are separate
21:04
<alkisg>
lunz: your clients are real or virtual?
21:04
<||cw>
then use dnsmasq in full operation on that vnic
21:05
<lunz>
alkisg: the physical is the actual project and the virtual is for experimentation
21:05
<alkisg>
lunz: I still don't get what your current setup is, please describe only your current setup
21:05
<||cw>
is vbox running the clients on the ltsp host?
21:05
<alkisg>
Your real server, the one that hosts the VM, how many nics does that have? One or two (the second wifi)?
21:06
<||cw>
or do you have a vbox host with ltsp server clients all virtiual?
21:07
<lunz>
physical network has a wifi AP, an ltsp server and diskless clients attached to a switch ... the clients can see the server because they are getting ip address, but they cant pxe-boot, hence the t02/e53
21:07
i try to work out the problems on vm when i'm dont have access to the physical network
21:08
<alkisg>
lunz: you're describing two things and we don't understand anything
21:08ben_roose has left IRC (ben_roose!~roose@roose.cs.wichita.edu, Remote host closed the connection)
21:08
<alkisg>
Describe only what you are trying to do now
21:08
And where you're getting the error now
21:08
Let's start with the main server, the physical machine
21:08
What OS is that one running?
21:09
<lunz>
what i'm saying is that i'm getting similar problems whether on physical or virtual network ... in both cases, i'm getting as far as having ip addresses assigned but cant pxe boot
21:10
<||cw>
then your dhcp ins't doing its thing
21:10
which is not uncommon for many consumer grade wifi routers
21:10
<alkisg>
OK, so do you want to try to troubleshoot one of them right now? E.g. the virtual one?
21:10
<lunz>
the primary os is xubuntu (both physically and virtually) but i recently installed mate to see whether there would be improvment
21:11
alkisg: ok, let's try the xubuntu vm
21:11
<alkisg>
OK. Let me understand the situation first.
21:11
<lunz>
alkisg: what specs do u want from it?
21:11
<alkisg>
You have a physical xubuntu machine. Right?
21:12
<lunz>
no, i'm only on my vms at present, no access to the physical till next week
21:12
<alkisg>
The VMs run on a PC
21:12
You don't have access to the PC?
21:13
I mean the host computer where the guest, the vm, runs
21:13
<lunz>
alkisg: ok, my host is ubuntu running an ltsp xubuntu guest
21:13
both ubuntu and xubuntu are 16.04
21:14
<alkisg>
OK. So your host is ubuntu. How many network cards does it have, both wired and wireless?
21:14
<lunz>
sorry, 15.10 host and 16.04 guest ... will be upgrading host soon
21:14
alkisg: the host has 1 wired NIC, no wifi
21:15
<alkisg>
OK. Is that NIC connected to a switch or directly to a router?
21:15
<lunz>
cable modem
21:15
no, the host is standalone, connected to a cable modem
21:15
<alkisg>
So you are not testing with real clients, but with VM clients?
21:16
<lunz>
alkisg: exactly
21:16
<alkisg>
OK. On the host, what is the ethernet card name? e.g. eth0 ?
21:17
<lunz>
the host is eth0 (the guest is enp0s3)
21:18
alkisg: however, i get similar results in both virtual network (here) and physical network (off-site)
21:19
<alkisg>
I'm not very familiar with cable modems, I assume they can only assign a single IP, right?
21:20
<lunz>
not sure of their capabilities, but the ip appears static
21:20
<alkisg>
OK, so the plan is for the VM to have 2 NICs, one NAT in order to get access to the internet, and one "internal network" in order to emulate an ltsp network?
21:21
<lunz>
the vms wont see the cable modem that's on the other side of virtualbox though
21:21
<alkisg>
If you do it that way, the ltsp server will be able to do natting and let them access the internet
21:21
<lunz>
the plan is the have 1 nic, to match the physical setup
21:22
<alkisg>
Well, there is one setting in vbox that has internal network AND nat together
21:22
That would be the one that emulates what you want
21:22
But I don't think they have it working correctly yet, it's too new
21:22
So if you want to emulate the 1 nic setup with vbox without bridged mode, you won't have internet access
21:22
Is that ok for you?
21:23
<lunz>
i have a 2-nic guest for the legacy solution and another 1-nic guest for the pnp solution
21:23
<alkisg>
The pnp solution requires a router with internet access
21:23
<lunz>
both 2-nic and 1-nic have Internet in NAT mode
21:23
<alkisg>
Vbox doesn't have that
21:23
nat clients don't communicate with each other
21:23
So you can't have local network with nat
21:24
<lunz>
virtualbox NAT acts as a router
21:24
<alkisg>
Yes
21:24
Seperate routers
21:24
So the ltsp server is like it's in one house, and the ltsp client in another house
21:24
They don't communicate with each other
21:24
Except if you use that new option I'm saying, which isn't working very well yet
21:25
I think it's called "NAT Network" in english
21:25
<lunz>
alkisg: so you're saying the appearance of assigned ips is an illusion?
21:25
<alkisg>
(different to plain "NAT")
21:25
I don't understand your question...
21:25
<lunz>
alkisg: yes, virtualbox also has an experimental NAT network; i never used it
21:26
<alkisg>
Did you select the plain "NAT" setting, or the "NAT network" setting?
21:26
OK, so plain NAT
21:26
<lunz>
plain NAT
21:26
<alkisg>
What I'm saying is that your ltsp server will get ip = 10.0.0.15
21:26
and your client = 10.0.0.15
21:26
<lunz>
and the diskless client is getting an ip address
21:26
<alkisg>
And they won't be able to access each other
21:27
Because each NAT client is considered to be on a separate network
21:27
<lunz>
exactly ... i thought the 10.0.2.15 was coming from the same network
21:27
<alkisg>
Imagine two people in two different houses
21:27
Both are behind nat and they both have e.g. ip=192.168.1.2
21:27
They can't ping each other
21:27
That's what happens in your setup
21:27
I.e. you've selected the wrong vbox settings/scenario to do
21:28
<lunz>
alkisg: ok, understood; so what about the physical network that has similar results, getting assigned addresses?
21:28
<alkisg>
When you're there, we'll try to troubleshoot that one
21:29
<lunz>
alkisg: hmm, lol ... if i manage to catch you then
21:29
<alkisg>
Now if you want to try with VMs, you'd do the ltsp-pnp setup with 2 nics, or with 1 nic and nat network
21:30
<lunz>
i have a working 2-nic vm, so i'll try converting my 1-nic nat to a nat network instead and see what happens
21:30
<alkisg>
The working 2-nic vm, is it with ltsp-pnp, dnsmasq etc?
21:30
<lunz>
no, the 2-nic vm is legacy ltsp
21:30
<alkisg>
You can do it with ltsp-pnp as well.
21:31
So anyway for now I suggest that you select "internal network"
21:31
And make ltsp-pnp work without internet access, with 1 nic
21:31
Once you get that going, then change to nat network
21:31
Because it's buggy, and you should first know that your setup is correct before you go that way
21:32
<lunz>
alkisg: ok, so you're saying setup with the server with Internet, then when done switch to internal network for the clients to see the server?
21:32
<alkisg>
Yup
21:33
And when the clients boot fine when both the clients and the server are on internal network, THEN switch them all to nat network
21:33
<lunz>
ok, i'll do that
21:33
<alkisg>
Remember to run `ltsp-config dnsmasq` each and every time you switch to another network
21:33
<lunz>
the appearance of connectivity turned out to be an illusion under NAT
21:33
alkisg: ok, will do
21:34
alkisg: thanks for clearing up that aspect
21:34
<alkisg>
under nat, the tftp server that the clients see is the one provided by vbox, at 10.0.0.2 or something
21:35
You're welcome
21:35
<lunz>
i thought they were all seeing the same network; didnt realise it was "partitioned"
21:36
<alkisg>
Yeah that first case is the "nat network" that they're trying to implement, and it represents a typical house scenario with all pcs behind a router
21:38
<lunz>
ok, i hope the physical network isnt an illusion too, lol ... since everything is connected to the same switch and using the same wifi access/router
21:40
at any rate, i'll tackle that next week
21:43lunz has left IRC (lunz!bed52637@gateway/web/freenode/ip.190.213.38.55, Quit: Page closed)
21:46
<vagrantc>
sbalneav: ok, merge ltsp6-pam and ltsp-pam into git, and deleted the bzr branches.
21:47
sbalneav: also moved libpam-sshauth to git, and deleted it's bzr branch(es)
21:51
<alkisg>
Let's go to github, all the trendy developers are there :D
21:53
<vagrantc>
alkisg: sbalneav just moved a repository from github to launchpad :)
21:53
<alkisg>
Haha
21:54* vagrantc wonders if there's an automated, trivial way to mirror to a github repository
21:54
<vagrantc>
probably more trouble than it's worth.
21:55
<||cw>
clone, then pull in a cron job
21:58
<alkisg>
I think the opposite would make more sense, source on github, and launchpad mirrored branch, which is a 2 click to set it up
21:59
I think the main motivation of using github is that everyone would have an account there... no need for multiple accounts, centralized point to see the contributions, karma, easier forking, stuff like that
21:59
For that, it needs to be the source, not the clone...
22:01
<||cw>
github is great for pulling in community developers
22:01
super easy to do to pull reqs instead of diffs and sending patches
22:01
<alkisg>
Well so far I haven't seen that many patches offered by the community :)
22:02
<||cw>
on github?
22:02
<alkisg>
For ltsp, on any medium
22:02
<||cw>
yeah, that's because it's hard to do
22:02
well, maybe not JUST because...
22:02
but it's a large factor
22:03
<alkisg>
I think the hard part is writing the patch, not sending it
22:03
<||cw>
true, but on github, if it's a script, you fork, branch, paste in the new file contents, pull req, done.
22:04
super easy
22:04
<alkisg>
On the ltsp mailing list, you just send a
22:04
+ x=x+1
22:04
line on a mail. Superest easy :D
22:05
<||cw>
unless it's not that easy a fix
22:05
<alkisg>
OK on a more serious not, the same process work on launchpad too
22:05
*note
22:05
*tone
22:05
whatever
22:05
:)
22:05
So we have had hundreds of bug reports, and very very few patches
22:05
<||cw>
Ive not yet stumbled into that part of launchpad
22:06
<alkisg>
and most of them usually were completely discarded and rewritten from scratch by the developers, due to low quality
22:06
Launchpad has forks, merge requests, comments on merge requests etc etc
22:08
Here are the branches related to ltsp: https://code.launchpad.net/ltsp
22:09
Some of those were merge requests, others were forks to test some new work etc
22:10
97 branches is a large number, people were actively working on ltsp on launchpad back then
22:11
<||cw>
yeah, that's no where near as easy as github
22:11
<alkisg>
The active proposals are here: https://code.launchpad.net/ltsp/+activereviews
22:11
<vagrantc>
we could have thousands of abandoned forks if we switched to github!
22:12
<alkisg>
Here's a specific one: https://code.launchpad.net/~jigish-gohil/ltsp/ltsp-trunk/+merge/121327
22:12
Haha
22:12
I don't see anything had to do on launchpad
22:12
*hard
22:12
We get centralized code, builds, repositories, bug reports, questions etc
22:13
<||cw>
I dont' see how to do anything at all on launchpad. github is code focused
22:13
<alkisg>
And translations as well
22:13
So we can have daily builds on PPAs automatically, things that github can't do at all
22:14
I don't think we'll stop using those parts of launchpad. The question is if we want to have the main code in github and then mirror it in launchpad to do all the rest there... what benefits that would give us etc
22:16
And another part is if we want to host the translations in transifex instead of launchpad as well
22:17
So our contributors might need to have 3 accounts to contribute in all parts :)
23:32ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)
23:32vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)