IRC chat logs for #ltsp on irc.libera.chat (webchat)


Channel log from 5 February 2017   (all times are UTC)

00:24GodFather has left IRC (GodFather!~rcc@2600:1006:b00a:4e9:40d4:2313:b1d7:45e4, Read error: Connection reset by peer)
02:07gdi2k has joined IRC (gdi2k!~gdi2k@119.94.27.63)
05:18Freejack has left IRC (Freejack!~Freejack@unaffiliated/freejack, Ping timeout: 240 seconds)
05:41gehidore is now known as gehidare
05:44gehidare is now known as gehidore
06:01Freejack has joined IRC (Freejack!~Freejack@unaffiliated/freejack)
06:09
<alkisg>
rlyshw: in general, thin clients are *not* the way to go, for desktop use
06:09
!cheap-client
06:09
<ltsp>
cheap-client: (#1) http://www.gearbest.com/tv-box-mini-pc/pp_343636.html, or (#2) https://www.aliexpress.com/store/product/New-arrival-Beelink-Pocket-Z83-Windows-10-Mini-PC-Z8300-64bit-1-84GHz-2GB-RAM-32GB/1871240_32640039781.html
06:09
<alkisg>
Get something like that ^ instead, or, normal diskless workstations...
06:09
There's a possibility LTSP 6 might only support fat clients, not thins...
07:35forum has joined IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at)
07:42ricotz has joined IRC (ricotz!~ricotz@p5B2A8210.dip0.t-ipconnect.de)
07:42ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
07:56forum has left IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at, Ping timeout: 256 seconds)
08:35Statler has joined IRC (Statler!~Georg@p4FC1FB0A.dip0.t-ipconnect.de)
09:05gdi2k has left IRC (gdi2k!~gdi2k@119.94.27.63, Ping timeout: 252 seconds)
09:19gdi2k has joined IRC (gdi2k!~gdi2k@119.94.27.63)
09:40forum has joined IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at)
09:53forum has left IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at, Ping timeout: 240 seconds)
09:57markus_e92 has left IRC (markus_e92!~markus_e9@91-115-21-174.adsl.highway.telekom.at, Ping timeout: 240 seconds)
10:00markus_e92 has joined IRC (markus_e92!~markus_e9@91-115-17-118.adsl.highway.telekom.at)
11:34gdi2k has left IRC (gdi2k!~gdi2k@119.94.27.63, Ping timeout: 245 seconds)
12:09sruli has left IRC (sruli!~sruli@82.152.117.29, Ping timeout: 240 seconds)
12:18markus_e92 has left IRC (markus_e92!~markus_e9@91-115-17-118.adsl.highway.telekom.at, Ping timeout: 248 seconds)
12:20markus_e92 has joined IRC (markus_e92!~markus_e9@62-46-101-133.adsl.highway.telekom.at)
12:23pppingme has left IRC (pppingme!~pppingme@unaffiliated/pppingme, Ping timeout: 240 seconds)
12:32forum has joined IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at)
12:41forum has left IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at, Ping timeout: 255 seconds)
12:55gdi2k has joined IRC (gdi2k!~gdi2k@119.94.27.63)
13:55gdi2k has left IRC (gdi2k!~gdi2k@119.94.27.63, Ping timeout: 276 seconds)
14:26gdi2k has joined IRC (gdi2k!~gdi2k@119.94.27.63)
15:56pppingme has joined IRC (pppingme!~pppingme@unaffiliated/pppingme)
16:20forum has joined IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at)
18:47forum has left IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at, Remote host closed the connection)
18:47forum1 has joined IRC (forum1!~Icedove@213-147-190-237.hdsl.highway.telekom.at)
18:50forum1 is now known as forum
19:10forum has left IRC (forum!~Icedove@213-147-190-237.hdsl.highway.telekom.at, Quit: forum)
19:19donais has joined IRC (donais!cffddf67@gateway/web/freenode/ip.207.253.223.103)
19:20
<donais>
Just moved to opensuse leap 42.2 and a new version of kiwi-ltsp In the past versions I just had to connect an USB printer to a station and acces it over the network using port 9100 and it wast working with any softwaremodification. But now with the upgrade I can't access the USB printer. Can somebody drive me to a solution?
19:36donais has left IRC (donais!cffddf67@gateway/web/freenode/ip.207.253.223.103, Ping timeout: 260 seconds)
20:07Freejack has left IRC (Freejack!~Freejack@unaffiliated/freejack, Remote host closed the connection)
21:14ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)
21:27lucascastro has joined IRC (lucascastro!~lucas@186.227.186.18)
21:40Statler has left IRC (Statler!~Georg@p4FC1FB0A.dip0.t-ipconnect.de, Remote host closed the connection)
21:48muckypuppy has joined IRC (muckypuppy!~mucky@host86-145-156-212.range86-145.btcentralplus.com)
21:51
<muckypuppy>
Hi is it possible to push unique config files to different fat clients? I am trying to use freeipa and its ldap as authentication but sssd is required and cannot work correctly as each fat client would need a unique config file (and I think a krb5 key) to properly use sssd.
22:10
<quinox>
generate one on startup using something unique like the MAC address?
22:12
along the lines of http://unix.stackexchange.com/questions/144812/generate-consistent-machine-unique-id
22:20
<muckypuppy>
thanks but I am not completely following. How do I get LTSP to generate a unique config file specific to that particular fat client? Kind of along the lines of 'this mac address gets this version of sssd.conf and this krb5.key'. Is that possible in theory?
22:23
<quinox>
There might be better ways of doing it (stick around in the chat for a day or so and people more experienced with LTSP can answer you)
22:23
but
22:23
I would do the following:
22:23
put a dummy configuration file for SSSD in the image
22:24
with everything configured properly
22:24
except the kerberos key is configured as "krb5_key = DUMMY_KRB5_KEY"
22:25
then make a small bash/sed or python script that replaces the dummy variables inside this file with real data
22:26
either fully random (if that's ok with SSSD?) or derived from dmidecode/mac address if they need to be persisten across reboots
22:27
then add this to /etc/rc3.d/ as S01hack_sssd_config
22:28
<muckypuppy>
good idea thanks a lot. Sorry to sound stupid, but would this need all relevant krb5.key files to be in the chroot image?
22:28
<quinox>
this way the system will make the configuration file unique for each machine during the boot process
22:28
<muckypuppy>
that is a great idea. I did not know about rc3.d
22:28
<quinox>
I have no idea what krb5.keys look like or how to use them, sorry
22:29
if you can use random keys you can generate one every time you boot, then you won't need to put them all in
22:29
<muckypuppy>
that is very workable
22:29
<quinox>
if you need to configure them on the Kerberos server beforehand yeah you might have to put them all in
22:29
<muckypuppy>
but you cannot use random keys
22:30
I am sure there is a workaround. THanks for the very helpful start
22:30
<quinox>
You can do a lot per-instance using lts.conf : http://manpages.ubuntu.com/manpages/trusty/man5/lts.conf.5.html
22:30
which is what I use to let certain clients (based on MAC address) auto login
22:32
it might be possible to specify the keys inside lts.conf, that way you won't have to rebuild the image every time you want to add a new client
22:34
<muckypuppy>
will let you know how I get on with that
22:34
<quinox>
if nothing else you can use FSTAB_0="# My krb5.key: AA.BB.CC", which will end up in /etc/fstab, which S01hack_sssd_config can read :)
22:35
are these keys secret?
22:36
every client on the network will be able to see the complete lts.conf if I'm not mistaken, so everybody can see all the keys
22:36
<muckypuppy>
yeah but the environment is low security internally!
22:40
the keyfile is not just a string of text
22:40
but I think I have ideas
22:41muckypuppy has left IRC (muckypuppy!~mucky@host86-145-156-212.range86-145.btcentralplus.com)
22:53muckypuppy has joined IRC (muckypuppy!~mucky@host86-145-156-212.range86-145.btcentralplus.com)