IRC chat logs for #ltsp on irc.freenode.net (webchat)


Channel log from 28 July 2020   (all times are UTC)

01:23
<alkisg>
Vercas: you can run a POST_INIT_xx="iptables or vpn..." command
04:46adrianorg has joined IRC (adrianorg!~adrianorg@179.177.213.68.dynamic.adsl.gvt.net.br)
04:49adrianor1 has left IRC (adrianor1!~adrianorg@187.113.249.8, Ping timeout: 240 seconds)
05:54adrianor1 has joined IRC (adrianor1!~adrianorg@187.113.251.177)
05:56adrianorg has left IRC (adrianorg!~adrianorg@179.177.213.68.dynamic.adsl.gvt.net.br, Ping timeout: 240 seconds)
08:40woernie has joined IRC (woernie!~werner@pd9f60310.dip0.t-ipconnect.de)
08:44woernie has left IRC (woernie!~werner@pd9f60310.dip0.t-ipconnect.de, Client Quit)
08:45woernie has joined IRC (woernie!~werner@p200300e3bf0a632995c49da715cfa4be.dip0.t-ipconnect.de)
09:09woernie has left IRC (woernie!~werner@p200300e3bf0a632995c49da715cfa4be.dip0.t-ipconnect.de, Ping timeout: 244 seconds)
09:11woernie has joined IRC (woernie!~werner@pd9f60310.dip0.t-ipconnect.de)
09:17woernie has left IRC (woernie!~werner@pd9f60310.dip0.t-ipconnect.de, Ping timeout: 264 seconds)
11:18mgariepy has left IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy, Ping timeout: 260 seconds)
11:51lucascastro has joined IRC (lucascastro!~lucascast@177-185-139-222.dynamic.isotelco.net.br)
11:53lucas_ has left IRC (lucas_!~lucascast@186.193.183.215.jupiter.com.br, Ping timeout: 260 seconds)
12:33mgariepy has joined IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy)
14:25gvy has joined IRC (gvy!~mike@altlinux/developer/mike)
16:04mgariepy has left IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy, Ping timeout: 256 seconds)
16:49gvy has left IRC (gvy!~mike@altlinux/developer/mike, Quit: ~)
16:53
<Vercas>
alkisg: But how do I make that affect just one user?
16:53
I'm struggling to find any info on this topic.
16:54
What my lizard brain says I should do is create a network namespace where the systemd user process should be run.
16:54
But I cannot figure out any way to do this.
16:54
In that namespace I'd just add the interface and routes and Bob's your uncle.
17:14mgariepy has joined IRC (mgariepy!~mgariepy@ubuntu/member/mgariepy)
17:21lucascastro has left IRC (lucascastro!~lucascast@177-185-139-222.dynamic.isotelco.net.br, Ping timeout: 240 seconds)
18:17vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
18:26lucascastro has joined IRC (lucascastro!~lucascast@177-185-139-222.dynamic.isotelco.net.br)
19:05
<alkisg>
Vercas: iptables do have modules that can do per-user filtering, for example: https://www.cyberciti.biz/tips/block-outgoing-network-access-for-a-single-user-from-my-server-using-iptables.html
19:06
But the actual commands there are not ltsp-specific, so you may also ask in #networking or #ubuntu etc..
19:08
<Vercas>
Interesting.
19:09
Thank you for that link, I'll look into it.
19:09
I've also asked on #systemd and they've pointed me to PAM modules that do this.
22:01
Is there any quick way to find which network interface is the boot interface?
22:10
I can see there's a BOOTIF kernel command line.
22:10
But that seems to be 7 bytes? MACs are 6. Not sure exactly how it's interpreted.
22:29
<vagrantc>
the first few characters are probably the interface type
23:05
<Vercas>
Fair enough. I'm working around that anyhow.
23:06
I've nearly got this sorted out.
23:06
Will resume tomorrow.
23:12
<vagrantc>
basically, grab the last N segments that matches the size of a mac address
23:13
6 segments
23:13
if i recall correctly