IRC chat logs for #ltsp on irc.freenode.net (webchat)


Channel log from 25 February 2020   (all times are UTC)

00:12vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
00:52vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
01:51vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
03:51shored1 has joined IRC (shored1!~shored@87-92-92-55.bb.dnainternet.fi)
03:52highvoltage has left IRC (highvoltage!~highvolta@ubuntu/member/highvoltage, Ping timeout: 260 seconds)
03:52shored has left IRC (shored!~shored@87-92-92-55.bb.dnainternet.fi, Ping timeout: 260 seconds)
03:52hank7 has left IRC (hank7!~erik@69.234.36.19, Ping timeout: 260 seconds)
03:52sutula has left IRC (sutula!~sutula@184.100.166.160, Ping timeout: 260 seconds)
03:53highvoltage has joined IRC (highvoltage!~highvolta@ubuntu/member/highvoltage)
03:53sutula has joined IRC (sutula!~sutula@184.100.166.160)
06:01statler has joined IRC (statler!~Georg@p54897A88.dip0.t-ipconnect.de)
06:43woernie has joined IRC (woernie!~werner@p57A0E378.dip0.t-ipconnect.de)
07:35eu^host-103-net- has joined IRC (eu^host-103-net-!77a07567@host-103-net-117-160-119.mobilinkinfinity.net.pk)
07:35
<eu^host-103-net->
hello
07:36
i am trying to setup ltsp server on vmware workstation 15
07:36
<alkisg>
Hello
07:37
<eu^host-103-net->
i have installed all packages that required to setup ltsp server but client is not getting connected to my server
07:37
hello alkisg
07:37
<alkisg>
Which ltsp are you trying, 5 or 20?
07:38
<eu^host-103-net->
i have installed this server by following this page www.havetheknowhow.com/Configure-the-server/Install-LTSP.html
07:38
i am using ubuntu 18 desktop version
07:38
<alkisg>
OK please delete that installation and follow the official instructions instead
07:38
!install
07:38
<ltspbot>
install: To install LTSP: https://ltsp.org/docs/installation/
07:39
<alkisg>
You installed the old ltsp, with a bad tutorial
07:39
It will take more time to salvage it than start anew
07:40
<eu^host-103-net->
ok i have configured two nics in vm one is selected on host only and 2nd one is selected with NAT setting
07:40
is it ok
07:40
<alkisg>
If the client is VM, sure; but the recommended way is single nic
07:40
Of course, if you do need a 2 nic setup, it's automatically supported
07:41
<eu^host-103-net->
what network setting do i need to select if i use only one nic card?
07:41
<alkisg>
Bridged networking
07:42
In both vm ltsp server and vm ltsp client
07:42
(or real client, it's the same)
07:42
The default is for people not to care about networking at all, it just works
07:42
<eu^host-103-net->
i can not because i am installing this server on my home lab in laptop
07:43
<alkisg>
Sure, it'll work fine with bridged networking
07:43
<eu^host-103-net->
even if it in not connected with any physical switch or network
07:44
<alkisg>
Then, no
07:44
You need a dhcp server
07:45
It'll either be your real dhcp server, or then you need the 2 nic setup so that ltsp will be a dhcp server
07:45
Don't you have a home router?
07:46
<eu^host-103-net->
i have gone through some articles that shows when we install ltsp server it also install dhcp server during installation of ltsp sever
07:46
<alkisg>
Yes, they're 10 year old articles that are no longer the recommended ones
07:46
We switched to recommending proxydhcp 10 years ago
07:46
More over, this summer ltsp was completely rewritten
07:46
So there's no point in trying to install the old ltsp now
07:47
As the changes were very big, so old tutorials don't apply at all anymore
07:47
Just read the installation page, and ignore anything else please
07:47
!install
07:47
<ltspbot>
install: To install LTSP: https://ltsp.org/docs/installation/
07:48
<eu^host-103-net->
thanks for your time and helping me
07:48
<alkisg>
np
07:49
<eu^host-103-net->
after having this chatting i have concluded on this that i can not install or setup ltsp server on my laptop
07:49
<alkisg>
I've no idea why you concluded this
07:50
LTSP is very flexible and can be installed in many setups; even with 4 NICs and load balancing inside VM etc etc
07:50
I've just recommended the easiest option, you can select the one that matches your use case best
07:54eu^host-103-net- has left IRC (eu^host-103-net-!77a07567@host-103-net-117-160-119.mobilinkinfinity.net.pk, Ping timeout: 260 seconds)
09:57statler has left IRC (statler!~Georg@p54897A88.dip0.t-ipconnect.de, Remote host closed the connection)
10:32statler has joined IRC (statler!~Georg@gwrz3.lohn24.de)
12:22
<Teridon>
I rebuilt my LTSP server because I wanted a different partition scheme. I believe I followed the LTSP installation instructions correctly for a 2 NIC, chrootless image. My LTSP client starts booting but fails during boot with error: "ln: /root/usr/bin/ltsp: No such file or directory. LTSP command failed: ln -sf ../share/ltsp/ltsp /root/usr/sbin/ltsp"
12:26
https://teridon.com/pictures/ltsp-boot-error-2020-02-25.png
12:56
let me back up a bit -- I started over again (from a snapshot with a basic Ubuntu 18.04 install). When I install ltsp, dnsmasq fails to start due to systemd-resolved using port 53. I know I can fix this by setting DNSStubListener=no in "/etc/systemd/resolved.conf", but this isn't mentioned in the installation instructions.
12:57
also if I do that, DNS for external connections stops working
13:12
ah, ok -- the conflict with systemd is fixed after running "ltsp dnsmasq --proxy-dhcp=0"
13:29
I'm stilling getting that same error on LTSP client boot though (ln: /root/usr/bin/ltsp...)
14:08
<alkisg>
Teridon: yes, the dnsmasq issue happens with just `apt install dnsmasq`, it's outside of our hands, we can only fix it after you run ltsp dnsmasq
14:08
<Teridon>
Yeah I can understand that.
14:09
<alkisg>
Teridon: can I look for vnc, for faster troubleshooting?
14:09
*via vnc
14:09
reverse shell etc etc
14:10
It sounds like you don't have a /usr/sbin folder
14:10
I.e. what was mounted there isn't a chroot/image
14:12
sudo mount -o loop,ro /srv/ltsp/images/x86_64.img /mnt; ls /mnt
14:12
<Teridon>
ah, sorry I can't do the remote desktop thing. would violate federal security policy.
14:12
<alkisg>
np
14:12
Check the command I wrote above
14:13
<Teridon>
one sec I have to revert my snapshot again
14:14
<alkisg>
To me it sounds like you've compressed the boot partition instead of the root partition
14:15
Is your /usr in another partition?
14:15
<Teridon>
yes. federal security requirements make me separate a bunch of partitions
14:15
<alkisg>
Haha
14:15
What does security have to do with it?
14:16
But ok, then you need a longer ltsp image command
14:16
!boot-partition
14:16
<ltspbot>
boot-partition: If you're using a separate partition for /boot, you need to define it like e.g. "ltsp image /,,/boot,subdir=boot". See "man ltsp ipxe" for more on "advanced image sources".
14:16
<alkisg>
This is for boot; you need for all your extra partitions
14:16
<Teridon>
security rationale is to prevent a user or program from filling up the disk and stopping logging
14:17
<alkisg>
And how does a separate usr help on that?
14:17
<Teridon>
hell, I dunno. I just do what I'm told
14:17
<alkisg>
I can surely understand imposing quotas or reserving admin quotas
14:17
But not that, that's plain silly
14:18
And do you want the clients to have those partitions over the network as well? :)
14:18
The ltsp server in chrootless is basically a template for the clients
14:18
I think maybe you need to separate "your main server" from "the ltsp server which just is the client template"
14:19
<Teridon>
my partition layout: https://pastebin.com/v64grVkK
14:19
see this is what I was getting at when I was attempting to use a chroot :(
14:19
Of course I didn't know the partition scheme would be an issue
14:19
<alkisg>
Why, the chroot doesn't come with that policy/
14:19
?
14:20
It's not a problem you just need a bigger ltsp image command
14:20
<Teridon>
I just meant that I thought the clients would be different enough from the server. But I really don't know at this point.
14:20
<alkisg>
I'm only talking because it's not a security improvement; I'll stop talking since it doesn't matter for ltsp
14:20
<Teridon>
gotcha
14:22
<alkisg>
The ltsp template can be different to the "servers where the users will log in"
14:22
You want a simple ltsp template, and to propagate the resulting image to a few servers for replication, redundancy, failover etc
14:23
Once booted, the clients only care about authentication (which is ldap in your case) and home (which is sshfs, but can be cephfs in your case)
14:23
So the concept of "ltsp server" in your case doesn't really exist
14:24
Anyway, play with the basics first, you'll scratch and redesign after you get some more experience with ltsp
14:25
I.e. in no case will the users have the ability to fill up your server, except for /home
14:39
<Teridon>
I'm not making the connection between ipxe and the image command. Is ",,/boot,subdir=boot" being passed to ipxe boot arguments?
14:45
I built the image with "ltsp image /,,/boot,subdir=boot" -- but the image still doesn't contain data from the other partitions (e.g. /var and /usr are empty)
14:51
<alkisg>
Teridon: yes, you need to specify the other partitions there too
14:51
man ltsp ipxe
14:51
advanced image sources
14:51
Explains the format used there
14:52
!ltsp-ipxe
14:52
<ltspbot>
ltsp-ipxe: Install iPXE binaries and configuration in TFTP: https://ltsp.org/man/ltsp-ipxe
14:53
<Teridon>
This doesn't explain how the arguments to "ltsp image" affect the ipxe file
14:54
<alkisg>
Image sources are used in various placed. They need to be documented somewhere
14:54
And, advanced image sources are mostly needed in ipxe, not in ltsp image, but they've the same syntax anyway
14:54
<Teridon>
I tried "ltsp image /,,/boot,subdir=boot,,/usr,subdir=usr,,/var,subdir=var" ; building the image fails
14:55
<alkisg>
With what error?
14:55
<Teridon>
sorry, my mistake. /srv ran out of space :-/
14:56
<alkisg>
Too many partitions do that ;)
14:56
<Teridon>
haha yeah
14:56
<alkisg>
Really, youre users won't even ssh to your server, they won't have access to it
14:56
All this installation you're doing now is just a template for the image, it's not for general use
14:57
So there's really no point in all those partitions...
14:59
<Teridon>
hey I'm just trying to comply with requirements given to me. If they break stuff, I can in some cases plead for an exception. But if I can make the software work and still fulfill the security requirements... that's what I have to do
15:00
you are of course under no obligation to change your software to fit my requirements
15:03
<alkisg>
Teridon: of course; I'm just wondering why a VM needs to have those restrictions, and a chroot doesn't need them, and a netbooted client doesn't need them
15:04
I did spend a week to support the "multiple partitions" scheme even though none of my users needed it; after a request from debian-edu
15:07Talikka has left IRC (Talikka!uid18862@gateway/web/irccloud.com/x-gtqlmadbbhvqbiqe, Quit: Connection closed for inactivity)
15:26
<Teridon>
I guess you can count me as the first person that needed it? :) thanks!
15:27
and just to confirm: the client boots successfully now.
18:00Teridon has left IRC (Teridon!~Teridon@dragon.teridon.com, Remote host closed the connection)
18:09Teridon has joined IRC (Teridon!~Teridon@dragon.teridon.com)
19:44statler has left IRC (statler!~Georg@gwrz3.lohn24.de, Remote host closed the connection)
20:42woernie has left IRC (woernie!~werner@p57A0E378.dip0.t-ipconnect.de, Remote host closed the connection)
21:20eu^78186122101st has joined IRC (eu^78186122101st!4eba7a65@78.186.122.101)
21:23eu^78186122101st has left IRC (eu^78186122101st!4eba7a65@78.186.122.101, Remote host closed the connection)