IRC chat logs for #ltsp on irc.libera.chat (webchat)


Channel log from 28 April 2017   (all times are UTC)

00:30Freejack has left IRC (Freejack!~quassel@unaffiliated/freejack, Ping timeout: 240 seconds)
00:36Freejack has joined IRC (Freejack!~quassel@unaffiliated/freejack)
02:06lucascastro has joined IRC (lucascastro!~lucas@186.227.186.18)
02:29gehidore is now known as man
02:57man is now known as gehidore
03:00adrianor1 has joined IRC (adrianor1!~adrianorg@177.134.60.77)
03:04adrianorg has left IRC (adrianorg!~adrianorg@189.58.230.128.dynamic.adsl.gvt.net.br, Ping timeout: 268 seconds)
03:12adrianor1 has left IRC (adrianor1!~adrianorg@177.134.60.77, Ping timeout: 240 seconds)
03:30adrianorg has joined IRC (adrianorg!~adrianorg@187.58.155.6)
03:31gehidore is now known as man
03:32man is now known as gehidore
05:13Statler has joined IRC (Statler!~Georg@p579FE75F.dip0.t-ipconnect.de)
05:39jgee has left IRC (jgee!~jgee@200.118.140.142, Ping timeout: 245 seconds)
06:15ricotz has joined IRC (ricotz!~ricotz@p5B2A9583.dip0.t-ipconnect.de)
06:15ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
06:23mikkel has joined IRC (mikkel!~mikkel@mail.dlvs.dk)
06:29lucas_ has joined IRC (lucas_!~lucas@186.227.186.18)
06:30lucascastro has left IRC (lucascastro!~lucas@186.227.186.18, Read error: Connection reset by peer)
06:39SYS64738 has joined IRC (SYS64738!~SYS64738@159.213.93.166)
06:43Statler has left IRC (Statler!~Georg@p579FE75F.dip0.t-ipconnect.de, Remote host closed the connection)
07:43adrianor1 has joined IRC (adrianor1!~adrianorg@177.18.98.140)
07:45adrianorg has left IRC (adrianorg!~adrianorg@187.58.155.6, Ping timeout: 240 seconds)
07:48adrianor1 has left IRC (adrianor1!~adrianorg@177.18.98.140, Ping timeout: 255 seconds)
07:53forum has joined IRC (forum!~Thunderbi@212-197-177-100.adsl.highway.telekom.at)
08:06forum has left IRC (forum!~Thunderbi@212-197-177-100.adsl.highway.telekom.at, Quit: forum)
08:13adrianorg has joined IRC (adrianorg!~adrianorg@177.204.157.203.dynamic.adsl.gvt.net.br)
08:22Statler has joined IRC (Statler!~Georg@mail.lohn24.de)
08:24Statler has joined IRC (Statler!~Georg@mail.lohn24.de)
08:36gdi2k has left IRC (gdi2k!~gdi2k@49.151.73.242, Ping timeout: 255 seconds)
08:49adrianor1 has joined IRC (adrianor1!~adrianorg@177.132.217.187)
08:52adrianorg has left IRC (adrianorg!~adrianorg@177.204.157.203.dynamic.adsl.gvt.net.br, Ping timeout: 240 seconds)
08:56adrianor1 has left IRC (adrianor1!~adrianorg@177.132.217.187, Ping timeout: 260 seconds)
09:19adrianorg has joined IRC (adrianorg!~adrianorg@186.213.153.156)
09:24trendzetter has joined IRC (trendzetter!51531c56@gateway/web/freenode/ip.81.83.28.86)
09:25
<trendzetter>
hello everyone!
09:26
I am setting up an webiosk server for taking web based exams
09:28
I am updating the image. Lets hope it boots now
09:30
<alkisg>
Hi trendzetter
09:30
Is there any question there?
09:30
<elias_a>
alkisg: Come on - he is sharing his enthusiasm. :)
09:30
<alkisg>
Yey!
09:31
!cookie
09:31
<ltsp>
I do not know about 'cookie', but I do know about these similar topics: 'compiz'
09:31
<alkisg>
Meh we don't have cookies in #ltsp...
09:31
<elias_a>
Only whole grain bread... :)
09:41
<trendzetter>
Yes I am sharing my enthusiasm
09:45||cw has left IRC (||cw!~chrisw@unaffiliated/cw/x-1182934, Ping timeout: 240 seconds)
09:58||cw has joined IRC (||cw!~chrisw@unaffiliated/cw/x-1182934)
10:01markus_e92 has left IRC (markus_e92!~markus_e9@91.115.155.107, Ping timeout: 240 seconds)
10:05markus_e92 has joined IRC (markus_e92!~markus_e9@91-115-19-99.adsl.highway.telekom.at)
10:13
<trendzetter>
I'm back and it's booting the generated image
10:13
but there are some issues
10:13
the first is that X is not starting
10:14
<alkisg>
Which distro/version are you using?
10:16adrianor1 has joined IRC (adrianor1!~adrianorg@177.156.60.151)
10:17
<trendzetter>
ubuntu. I will try to disable X_VIRTUAL_AUTO=false and try again
10:17
<alkisg>
And version?
10:19adrianorg has left IRC (adrianorg!~adrianorg@186.213.153.156, Ping timeout: 252 seconds)
10:19* alkisg gives trendzetter enough time to decide if he wants help or not... :)
10:26
<trendzetter>
there is some error saying "switching vt failed". I will probably have to update the image after adding a user to do some debugging
10:27
<alkisg>
OK, if you ever need any help, ping me
10:27* alkisg waves until monday...
10:28
<trendzetter>
k, thanks
11:14adrianorg has joined IRC (adrianorg!~adrianorg@186.215.17.139)
11:17adrianor1 has left IRC (adrianor1!~adrianorg@177.156.60.151, Ping timeout: 260 seconds)
11:21GodFather_ has joined IRC (GodFather_!~rcc@47.33.250.142)
11:21GodFather has left IRC (GodFather!~rcc@47.33.250.142, Read error: No route to host)
11:21GodFather_ has left IRC (GodFather_!~rcc@47.33.250.142, Remote host closed the connection)
11:22GodFather has joined IRC (GodFather!~rcc@47.33.250.142)
11:25adrianorg has left IRC (adrianorg!~adrianorg@186.215.17.139, Ping timeout: 240 seconds)
11:44adrianorg has joined IRC (adrianorg!~adrianorg@177.132.221.242)
11:47Michel_ has joined IRC (Michel_!2ef43f32@gateway/web/freenode/ip.46.244.63.50)
11:47
<Michel_>
Hello everyone
11:47
I have a question about booting ltsp
11:48
When i start a thin client in pxe boot, it shows a lot of log about the boot
11:48
is it possible to show a picture instead of the log?
11:49epoptes_user9 has joined IRC (epoptes_user9!be496121@gateway/web/freenode/ip.190.73.97.33)
11:49
<Michel_>
And how do i configure this in LTSP server 5.5.7 on LinuxMint 17.1
11:51
Can someone help me?
11:52
<trendzetter>
hey michel
11:52
<epoptes_user9>
Hi, I'm installing epopte on debian 7 .. but when I run the epotes-client -c command I get the following error .. error: 140770FC: SSL routines: SSL23_GET_SERVER_HELLO: unknown protocol: s23_clnt.c: 782: Epoptes-client ERROR: Failed to fetch certificate from Can somebody help me
11:52
<trendzetter>
I think the experts will be back on monday or thusday
11:56trendzetter_ has joined IRC (trendzetter_!51531c56@gateway/web/freenode/ip.81.83.28.86)
11:57trendzetter has left IRC (trendzetter!51531c56@gateway/web/freenode/ip.81.83.28.86, Ping timeout: 260 seconds)
12:00
<trendzetter_>
I am still stuck on "switching vt failed" when X should start. I created a user in the image to check the log as suggested in the error but the folder (/tmp/.kiosk/.local/..... with the log does not exist - I checked for hidden files)
12:02lucas_ has left IRC (lucas_!~lucas@186.227.186.18, Ping timeout: 240 seconds)
12:07trendzetter_ has left IRC (trendzetter_!51531c56@gateway/web/freenode/ip.81.83.28.86, Ping timeout: 260 seconds)
12:18lucascastro has joined IRC (lucascastro!~lucas@186.227.185.10)
12:23AndChat|248436 has joined IRC (AndChat|248436!~AndChat24@37-48-44-206.tmcz.cz)
12:29epoptes_user9 has left IRC (epoptes_user9!be496121@gateway/web/freenode/ip.190.73.97.33, Ping timeout: 260 seconds)
12:31donkey_ has joined IRC (donkey_!ad0e3e49@gateway/web/freenode/ip.173.14.62.73)
12:31
<donkey_>
my image is reporting that it is out of space
12:32
but its only 4gb/30
12:36
other strange things are happening as well
12:36
it isnt saving the user's profile information. i have to reset up printers and shortcuts every time they log in
12:51Trendzetter has joined IRC (Trendzetter!~trendzett@mail.sbat.be)
12:52
<Trendzetter>
Hi everyone! I am back
12:54
<alkisg>
donkey_: it sounds like out of ram issues on the client, due to something filling up the cow file system
12:54
donkey_: distro/version?
12:54
Also, do you have epoptes installed?
12:56
Michel_: you should be able to use this guide, even on mint:
12:56
!ltsp-pnp
12:56
<ltsp>
ltsp-pnp: ltsp-pnp is an alternative (upstream) method to maintain LTSP installations for thin and fat clients that doesn't involve chroots: https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp
12:56
<donkey_>
ubuntu server 16.04
12:57
<alkisg>
donkey_: ok, this messages are on the client, or on the server?
12:57
<donkey_>
on the client
12:57
<alkisg>
OK, do you have epoptes installed?
12:57
!epoptes
12:57
<ltsp>
epoptes: Epoptes is a computer lab administration and monitoring tool. It works on Ubuntu and Debian based labs with LTSP or non-LTSP servers, thin and fat clients, standalone workstations, NX clients etc. More info: http://www.epoptes.org
12:58
<donkey_>
no i dont have epoptes installed
12:58
<alkisg>
Do you have root access to the client?
12:58
Like this or something?
12:58
!screen_02
12:58
<ltsp>
screen_02: To get a root shell on an Ubuntu thin client: https://help.ubuntu.com/community/UbuntuLTSP/ClientTroubleshooting#Using_a_shell_SCREEN
12:58
<donkey_>
the weird thing is though, i had this exact environment running in a virtualbox vm for testing
12:58
and the test environment worked fine and had no problems
12:59
<alkisg>
One usual reason is the apt-daily task
12:59
So, when you create the chroot and test it, apt has no updates
12:59
<donkey_>
but when i built the production environment in vmware using the same software now i'm getting the issues
12:59
<alkisg>
A week later when you've moved to production, apt has security updates
12:59
And it autoinstalls them, wasting all client ram
12:59
That's just one of the possible causes that explains what you're seeing
12:59
To verify, you'll need root access to the client
13:00
<donkey_>
i have root access to the client
13:00
<alkisg>
In general, it's best to follow this guid to setup ltsp:
13:00
!ltsp-pnp
13:00
<ltsp>
ltsp-pnp: ltsp-pnp is an alternative (upstream) method to maintain LTSP installations for thin and fat clients that doesn't involve chroots: https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp
13:00
<alkisg>
OK, what's the output of: df -h | nc termbin.com 9999
13:02
<donkey_>
http://termbin.com/w52w
13:02
<alkisg>
That's from the server, not from the client
13:02
We want the output of the client
13:03
<donkey_>
can i do it in the chroot or do i have to be at the terminal
13:03
<alkisg>
You have to be on the terminal; unless you're using ssh or epoptes
13:03
<donkey_>
yea two secs then. i gotta run over there to do it
13:03
<alkisg>
And specifically on a terminal that has the issue
13:03
That's where epoptes helps, you don't have to run over there :)
13:03
<donkey_>
all of them have the same issue. its the same image/user
13:04
<alkisg>
You can't use the same user on many clients
13:04
Software isn't written with that in mind (gnome, firefox etc etc)
13:04
<donkey_>
well that might be part of the problem then
13:04
<alkisg>
I don't think so
13:04
I think it's just the apt-daily service
13:05
<donkey_>
yea let me get a terminal here then
13:07
<Trendzetter>
what should I check first if X is not starting on boot but I can get an x screen by running startx?
13:08
<alkisg>
Trendzetter: I don't know, I'm still waiting for the "which distribution version" question I asked first... :)
13:09
<Trendzetter>
Ubuntu 16.04.2 LTS
13:09
<alkisg>
Trendzetter: and which guide are you following to create a kiosk setup?
13:10
<Trendzetter>
http://ternarybit.org/chrome-web-kiosk-guide/
13:11
<alkisg>
Trendzetter: which cpu do your clients have, and how much RAM?
13:12
<Trendzetter>
intel i5 and 4 or 8gb ram or something. I am actually using a brand new Dell optiplex 3040
13:12
as cleint
13:13
<alkisg>
And why do you want all this extra trouble, instead of running just a normal ltsp diskless fat client setup?
13:13
<Trendzetter>
how normal?
13:13
<alkisg>
!ltsp-pnp
13:13
<ltsp>
ltsp-pnp: ltsp-pnp is an alternative (upstream) method to maintain LTSP installations for thin and fat clients that doesn't involve chroots: https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp
13:13
<alkisg>
It's the usual ltsp installation page; it covers 90+% of the cases...
13:14
<Trendzetter>
I will look into it but it seemed a very close match to my needs
13:14
<alkisg>
And if you want autologin, it's easy; if you want guest profiles (cleared on login), it's easy etc etc
13:15
It's a custom tutorial that noone really supports though
13:15
While with ltsp-pnp, you won't get to "why don't I have X?" issues
13:15
<donkey_>
ok
13:15
output from the terminal is http://termbin.com/0wgg
13:16
<Trendzetter>
but I also have older clients too. all of them are optiplex that can run windows vista so probably that classifies as powerful client machines
13:16
<alkisg>
donkey_: overlay 802M 3.1M 799M 1% / ==> this means it's not the apt-daily issue I was saying. What's the exact client error message, and when do you see it?
13:16
Trendzetter: yes, so just use ltsp-pnp
13:19
<donkey_>
i was installing acrobat in wine
13:19
and it reported out of space
13:19
plus the other issues. no saved profiles and cups isnt connecting even though i can see the service running on the server
13:20
<alkisg>
That may be related to "only one user for all clients", or it might be a wine issue
13:20
<Trendzetter>
I am very grateful for your answers but the docs at wiki.ltsp.org seem to be much more complicated and less strait forward than the howto I was following. Is their some step by step guide for a default setup ?
13:20
<donkey_>
well according to that link its showing dev/nbd0 as 100% used
13:20
<alkisg>
Start with using a different user per client
13:20
nbd0 is read only, it's ok
13:20
<Trendzetter>
the official ubuntu guide seems to be quite old
13:20
<alkisg>
It's normal to be 100% in use
13:20
Trendzetter: I don't know where you saw the wiki.ltsp.org link
13:21
I gave you this one :
13:21
!ltsp-pnp
13:21
<ltsp>
ltsp-pnp: ltsp-pnp is an alternative (upstream) method to maintain LTSP installations for thin and fat clients that doesn't involve chroots: https://help.ubuntu.com/community/UbuntuLTSP/ltsp-pnp
13:21
<alkisg>
This is not in wiki.ltsp.org
13:21
I'm maintaining this myself and it's working fine for Ubuntu 16.04.2
13:22
<Trendzetter>
k
13:22
<donkey_>
yea i'll be installing that later
13:23
<Trendzetter>
can I use a server iso to set up the server or should it be a desktop cd (given as example)
13:23
<alkisg>
It's best to use a desktop cd
13:23
It will save you a lot of trouble
13:24
And, ubuntu-mate is more tested than others
13:24
32bit, to make sure that older clients can boot as well
13:25
<Trendzetter>
k. I will put the current server at the side and give this setup a chance
13:51
<donkey_>
alkisg creating users worked for the CUPS and profile problems
13:51
all of the shortcuts are staying, and i dont have to restart the cups service everytime someone logs in/out
13:54ben_roose has joined IRC (ben_roose!~roose@roose.cs.wichita.edu)
13:55
<donkey_>
i dont know that this is going to solve the profile space issue though
13:55
is there a config entry that places a hard limit on profile space?
14:06ZAJDAN has left IRC (ZAJDAN!4d30954b@gateway/web/freenode/ip.77.48.149.75, Quit: Page closed)
14:11
<alkisg>
donkey_: so to sum up, some problems are solved and you only have one left?
14:11
Whats that 'profile space issue'? The wine error?
14:12
There's no limit in user profiles in ubuntu, no
14:13GodFather has left IRC (GodFather!~rcc@47.33.250.142, Ping timeout: 240 seconds)
14:13
<donkey_>
well i'm looking at a mount point on the desktop that shows 188mb
14:14
and the current user profile is 165mb in size
14:14
<alkisg>
donkey_: put the result to pastebin
14:14mikkel has left IRC (mikkel!~mikkel@mail.dlvs.dk, Quit: Leaving)
14:14
<alkisg>
Like, df -h | nc termbin.com 9999
14:17
<donkey_>
http://termbin.com/08gr
14:18
<alkisg>
donkey_: no, run this as the user that has the issue, not as local root
14:18
<donkey_>
that is as the user
14:18
on the terminal
14:18
<alkisg>
...so you're using fat clients?
14:19
<donkey_>
only if its defaulting
14:19
which it shouldnt be
14:19
<alkisg>
If you build a fat chroot, and you have enough ram, then yes
14:19
<donkey_>
there's no disk in the terminal
14:19
<alkisg>
fat means diskless but running apps locally with the client ram/cpu
14:19
I don't see /home/username mounted
14:19
So that's a big issue there
14:20
What's your lts.conf like?
14:20
<donkey_>
whatever the defaults are
14:20
<alkisg>
Did you say that's mint?
14:20
<donkey_>
ubuntu 16.04
14:20
<alkisg>
Which desktop environment?
14:20
<donkey_>
xfce
14:20
<alkisg>
What's the output of ls /opt/ltsp/*/usr/share/xsessions ?
14:21
(on the server)
14:21
<donkey_>
xfce.desktop
14:21
<alkisg>
That means that you have a fat chroot with xfce on it
14:22
And since the client has 800 MB RAM, it defaults to fat client
14:22
So, it should have mounted /home/username with sshfs, but it didn't
14:22
That could mean that it hanged previously, or that you have a misconfiguration somewhere
14:22
What's the output of `ls -l /home` locally on the client?
14:24
Btw, did you run `adduser` inside the chroot at some point?
14:25
<donkey_>
output:
14:25
total 0
14:25
<alkisg>
And the user has logged in?
14:25
<donkey_>
drwxr-xr-x 14 room6 room6 300 <date> room6
14:25
<Trendzetter>
@alkisg The tutorial says run "ltsp-config dnsmasq" but I need to run my own dnsmasq on openwrt
14:25
<donkey_>
yes the user is logged in
14:25
<alkisg>
Ah ok there's a "room6" there
14:26
donkey_: so, it appears that you logged in as room6 at some point, then logged out or hanged, and the mount was not properly cleared,
14:26
and now ltsp thinks that you have a local home, and it's not using sshfs,
14:26
and it fills up your RAM thinking it's a disk
14:26
Reboot the client, login, and see `df -h` again
14:26
It should have an sshfs mount
14:26
If it doesn't, after a clean reboot, ping me
14:27
<donkey_>
ok
14:27
<alkisg>
Trendzetter: it's ok, you can run 2 dnsmasqs
14:27
You can even disable the proxydhcp range if you don't like it, afterwards
14:27
A single line in ltsp-server-dnsmasq.conf...
14:28
<Trendzetter>
I need to make sure that dnsmasq is not giving any answers to dhcp requests
14:28
<alkisg>
By default, it only does proxydhcp
14:28
So it doesn't give any leases
14:28
<Trendzetter>
mmm
14:29
I don't know much about it, I will give it a try
14:29
<alkisg>
Trendzetter: you can also run this:
14:29
sudo ltsp-config dnsmasq --no-proxy-dhcp
14:29
This won't use proxydhcp at all, but it will do the rest like tftp, dns if you want...
14:30
<donkey_>
do i need to have a user both on the server and in the chroot?
14:31
<alkisg>
donkey_: only on the server
14:32
Users in the chroot can cause issues
14:32
<donkey_>
ok
14:46SYS64738 has left IRC (SYS64738!~SYS64738@159.213.93.166, Remote host closed the connection)
15:01
<donkey_>
@alkisg http://termbin.com/y9n3 no home folder
15:01
it didnt save the profile after restart either
15:02
so it looks like its using ram as storage rather than the server
15:05
it looks like that none of the users home directories got created when i made the users
15:05
i.e. if i log into the server with the specific user, it says no home directory found
15:33trendzetter2 has joined IRC (trendzetter2!~trendzett@mail.sbat.be)
15:36Trendzetter has left IRC (Trendzetter!~trendzett@mail.sbat.be, Ping timeout: 246 seconds)
16:53lucascastro has left IRC (lucascastro!~lucas@186.227.185.10, Ping timeout: 260 seconds)
17:00AndChat|248436 has left IRC (AndChat|248436!~AndChat24@37-48-44-206.tmcz.cz, Ping timeout: 260 seconds)
17:10vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
17:35
<vlt>
Hello. I'm using LTSP on Ubuntu to boot my clients that finally run rdesktop on X. How can I set the key-repeat rate or its delay?
17:37
<vagrantc>
alkisg: regarding https://github.com/NetworkBlockDevice/nbd/issues/47
17:38
alkisg: why use sleep at all? if it keeps the file open, removing it immediately should work
17:38
alkisg: in the past, it didn't keep the file open, and so removing it didn't work
17:39
<alkisg>
vagrantc: we create the file. Then we exit. Then nbd-server opens it. Then we can delete it.
17:39
If we delete it before we exit, then nbd-server won't even find it to open it...
17:39
<vagrantc>
ah
17:40
would be nice if there were a hook "after nbd-server connects"
17:40
so as long as negotiation takes less than 10 seconds...
17:40
<alkisg>
No, negotiation is before prerun
17:40
We get called after negotiation
17:41
So it should be only a few msec...
17:41
The big downside is this:
17:41
if ever nbd-client properly supports reconnections,
17:41
then ideally we would like to assign the same nbd swap file, without reformatting it,
17:41
so that the client can continue from when it got disconnected
17:42
That's why I had selected a static file name and not a random one
17:42
This isn't supported currently by nbd-client, so we don't lose anything now
17:42
And, we can even make the tmp file name random, so that we don't hardcode /tmp/nbd-swap etc
17:42* vagrantc doesn't like the idea of swapfiles hanging around on-disk
17:42
<vagrantc>
could contain passwords and who knows what else
17:43
<alkisg>
A reconnection might happen within a second
17:43
The same swap file should be used then
17:43
<vagrantc>
but not within 10 seconds?
17:43
<alkisg>
The server swap partition can also contain passwords etc...
17:44
The tcp timeout is 2 hours 11 minutes
17:44
<vagrantc>
alkisg: i'll never buy the argument because some things are imperfect it means we shouldn't bother to do anything
17:44
<alkisg>
So a client supposedly can disconnect and reconnect within that time without the connection being dropped
17:44
We trust the disk; that's not a compromise
17:44
We trust that /etc/shadow isn't readable
17:45
That /tmp/nbd-swap isn't readable
17:45
That /dev/swap isn't readable etc
17:45
<vagrantc>
but random users of clients may not
17:45
<alkisg>
If the client has encrypted the swap file, and another client requests it, it won't be possible to decode it
17:46
<vagrantc>
except our current encryption implementation is broken
17:46
<alkisg>
If the sysadmin doesn't use encrypted swap files, and another requests the same swap file, ok, it's an issue
17:46
The nbd-client reconnection is broken too, so no harm done :D
17:46
<vagrantc>
at any rate, i don't really see the advantage of having stable names
17:47
<alkisg>
You don't see the advantage of nbd-client --persistent?
17:47
<vagrantc>
ideally, i think the swapfiles should be randomized and deleted as soon as technically possible
17:47
<alkisg>
That's what we're using currently, except it's broken...
17:47
<vagrantc>
alkisg: in theory that would handle transient network failures?
17:47
<alkisg>
Yes
17:48
<vagrantc>
that would be nice, sure.
17:48
<alkisg>
Also note that if someone wants to request a part of a swap file... it would be easy
17:48
They wouldn't have to rely on persistent names or anything
17:48
<vagrantc>
harder if it's only the inode
17:48
<alkisg>
The nbd protocol doesn't care about inodes
17:49
It's a network protocol...
17:49
It can be done at the tcp/ip level, without caring about the server file system at all
17:49
<vagrantc>
alkisg: wait, with swap persistance, any user on the client could connect and access the swap?
17:50
<alkisg>
From what I imagine, currently, with or without swap persistence, any client can break the nbd protocol, yes
17:50
I don't think they implemented anything about securing client requests
17:50
Encryption would solve that issue, of course
17:50
<vagrantc>
out current implementation is ip address restricted
17:50
right
17:51
really ought to fix encryption
17:51
<alkisg>
IP addresses can be spoofed etc...
17:51
<vagrantc>
well, not only that, but the client wouldn't need to spoof it ... they're already running locally
17:51
they're already running from the correct ip
17:51
<alkisg>
The client would require admin rights
17:51
<vagrantc>
to run nbd-client?
17:52
<alkisg>
To use the same source port as the root nbd-client...
17:52
<vagrantc>
but if the file was still there, they could make a new connection, no?
17:52
<alkisg>
We can detect reconnections vs new connections
17:52
(at least in theory)
17:53
<vagrantc>
but in practice, do we do anything about it?
17:53
<alkisg>
In practise nbd reconnections don't work at all
17:53
<vagrantc>
network swap is kind of a mess
17:53
<alkisg>
So we don't care about it, and it's fine :)
17:53
Right now we don't have any security issue related to reconnections or persistence
17:54
We do have one that related to non-encryption or non-authentication etc
17:54
*relates
17:55
vagrantc: this is what I'm thinking to commit: http://termbin.com/vgzl
17:56
<vagrantc>
alkisg: as long as the "The kernel won't remove it from disk while nbd-server is still using it." is true
17:56
alkisg: seems fine to me
17:57
<alkisg>
Cool, I'll commit it in a few days, I have it running on production now to test it
17:58
vagrantc: should I also randomize the name?
17:58
Like, /tmp/nbd-swap-XXXXX?
17:58
<vagrantc>
alkisg: seems better to me
17:58
<alkisg>
OK
17:59
(06:01:38 μμ) donkey_: @alkisg http://termbin.com/y9n3 no home folder ==> you have an issue, it needs troubleshooting. Install epoptes to make it easier, see epoptes.org
18:01
(08:35:18 μμ) vlt: Hello. I'm using LTSP on Ubuntu to boot my clients that finally run rdesktop on X. How can I set the key-repeat rate or its delay? ==> https://askubuntu.com/questions/140255/how-to-override-the-new-limited-keyboard-repeat-rate-limit ==> xset r rate, probably
18:09
<vlt>
alkisg: Thanks, I'll try that.
19:02Statler_ has joined IRC (Statler_!~Georg@p579FE75F.dip0.t-ipconnect.de)
20:05quinox has left IRC (quinox!~quinox@ghost.qtea.nl, Quit: :wq)
20:06quinox has joined IRC (quinox!~quinox@ghost.qtea.nl)
20:29* alkisg notes down a test for tuesday... to run nbd-client -persistent, and then to pull out the server network cable, and see if nbd-server immediately dies with SIGPIPE, which it shouldn't...
20:55ben_roose has left IRC (ben_roose!~roose@roose.cs.wichita.edu, Remote host closed the connection)
21:10
<Hyperbyte>
mmmm
21:23GodFather has joined IRC (GodFather!~rcc@47.33.250.142)
21:29fnurl has left IRC (fnurl!~url@36-227-13-126.dynamic-ip.hinet.net, Read error: Connection reset by peer)
21:29fnurl has joined IRC (fnurl!~url@36-227-38-174.dynamic-ip.hinet.net)
21:38GodFather has left IRC (GodFather!~rcc@47.33.250.142, Ping timeout: 240 seconds)
21:42jgee has joined IRC (jgee!~jgee@200.118.140.142)
21:45ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)
21:54Statler has left IRC (Statler!~Georg@mail.lohn24.de, Remote host closed the connection)
22:01lucascastro has joined IRC (lucascastro!~lucas@186.227.185.10)
22:02lucascastro has left IRC (lucascastro!~lucas@186.227.185.10, Remote host closed the connection)