IRC chat logs for #ltsp on irc.libera.chat (webchat)


Channel log from 12 September 2017   (all times are UTC)

03:44muvlon has left IRC (muvlon!~muvlon@x2f7f0e2.dyn.telefonica.de, Ping timeout: 240 seconds)
03:52vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
04:06vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Ping timeout: 240 seconds)
05:00Statler has joined IRC (Statler!~Georg@p579FEA10.dip0.t-ipconnect.de)
05:18alkisg has left IRC (alkisg!~alkisg@ubuntu/member/alkisg, Ping timeout: 252 seconds)
05:20alkisg has joined IRC (alkisg!~alkisg@ubuntu/member/alkisg)
06:09ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
06:11mikkel has joined IRC (mikkel!~mikkel@mail.dlvs.dk)
06:25Eric5 has joined IRC (Eric5!~eric@sdi.iut-valence.fr)
07:36Statler has left IRC (Statler!~Georg@p579FEA10.dip0.t-ipconnect.de, Remote host closed the connection)
07:54HTTP_____GK1wmSU has joined IRC (HTTP_____GK1wmSU!~DEEP-BOOK@103.27.125.238)
07:57bcg has left IRC (bcg!b@dsl-tkubng11-54f942-246.dhcp.inet.fi, Quit: leaving)
08:00bcg has joined IRC (bcg!b@dsl-tkubng11-54f942-246.dhcp.inet.fi)
08:02Statler has joined IRC (Statler!~Georg@p579FE0B2.dip0.t-ipconnect.de)
08:54vlt has left IRC (vlt!~vlt@lvps87-230-93-209.dedicated.hosteurope.de, Ping timeout: 260 seconds)
08:54vlt has joined IRC (vlt!~vlt@2a01:488:66:1000:57e6:5dd1:0:1)
09:07Eric5 has left IRC (Eric5!~eric@sdi.iut-valence.fr, Ping timeout: 248 seconds)
09:11Eric5 has joined IRC (Eric5!~eric@sdi.iut-valence.fr)
09:20eu^107254163 has joined IRC (eu^107254163!53d420e4@gateway/web/freenode/ip.83.212.32.228)
09:30kjackal__ has joined IRC (kjackal__!~quassel@2a02:587:3125:7e00:9ce2:fc81:c406:c457)
09:30kjackal_ has left IRC (kjackal_!~quassel@2a02:587:310f:3a00:44e8:9c3a:e4c0:4c29, Ping timeout: 264 seconds)
09:46kjackal__ has left IRC (kjackal__!~quassel@2a02:587:3125:7e00:9ce2:fc81:c406:c457, Ping timeout: 252 seconds)
09:47kjackal_ has joined IRC (kjackal_!~quassel@2a02:587:3114:bf00:9ce2:fc81:c406:c457)
10:01kjackal_ has left IRC (kjackal_!~quassel@2a02:587:3114:bf00:9ce2:fc81:c406:c457, Ping timeout: 255 seconds)
10:01kjackal_ has joined IRC (kjackal_!~quassel@2a02:587:3111:be00:9ce2:fc81:c406:c457)
10:47kjackal__ has joined IRC (kjackal__!~quassel@2a02:587:3114:6a00:9ce2:fc81:c406:c457)
10:47kjackal_ has left IRC (kjackal_!~quassel@2a02:587:3111:be00:9ce2:fc81:c406:c457, Ping timeout: 264 seconds)
10:54kjackal__ has left IRC (kjackal__!~quassel@2a02:587:3114:6a00:9ce2:fc81:c406:c457, Ping timeout: 255 seconds)
10:54kjackal_ has joined IRC (kjackal_!~quassel@2a02:587:3110:9a00:9ce2:fc81:c406:c457)
11:00kjackal_ has left IRC (kjackal_!~quassel@2a02:587:3110:9a00:9ce2:fc81:c406:c457, Ping timeout: 255 seconds)
11:01kjackal_ has joined IRC (kjackal_!~quassel@2a02:587:3118:2b00:9ce2:fc81:c406:c457)
11:25lucascastro has joined IRC (lucascastro!~lucas@170.231.131.95.lunarnet.com.br)
11:53lucascastro has left IRC (lucascastro!~lucas@170.231.131.95.lunarnet.com.br, Remote host closed the connection)
12:23
<Hyperbyte>
Hello. :-) Is there some easy way in LTSP to make sure no programs stay running in the background after a user logs out? Currently I have a terminal server that's bogged down with LibreOffice processes consuming 100% CPU that are started by users that have since logged out
12:45
<vlt>
Hyperbyte: I know that problem well but we never found an LTSP built-in solution.
12:53muvlon has joined IRC (muvlon!~muvlon@2001-4dd7-2465-0-ccd2-72bd-aa2a-cb2f.ipv6dyn.netcologne.de)
12:55lucascastro has joined IRC (lucascastro!~lucas@189.90.38.210.jupiter.com.br)
13:00
<alkisg>
Hyperbyte: thin or fat clients?
13:00
Also, which distro/version? ubuntu 16.04?
13:12lucascastro has left IRC (lucascastro!~lucas@189.90.38.210.jupiter.com.br, Remote host closed the connection)
13:17GodFather has joined IRC (GodFather!~rcc@96-92-43-9-static.hfc.comcastbusiness.net)
13:21
<Hyperbyte>
alkisg, thin. 14.04, migrating to 16.04.
13:28Eric5 has left IRC (Eric5!~eric@sdi.iut-valence.fr, Ping timeout: 260 seconds)
13:33
<alkisg>
Hyperbyte: 16.04 uses systemd and manages processes better, so it should work fine for thin clients too
13:33
(14.04 already worked fine for fat clients)
13:34
(systemd-logind, for user sessions)
13:34
Well, at least MATE, not sure about Unity
13:42muvlon has left IRC (muvlon!~muvlon@2001-4dd7-2465-0-ccd2-72bd-aa2a-cb2f.ipv6dyn.netcologne.de, Ping timeout: 246 seconds)
13:45mikkel has left IRC (mikkel!~mikkel@mail.dlvs.dk, Quit: Leaving)
13:51ben_roose has joined IRC (ben_roose!~roose@roose.cs.wichita.edu)
13:55lucascastro has joined IRC (lucascastro!~lucas@189.90.38.210.jupiter.com.br)
13:59
<Hyperbyte>
So you're saying this problem will disappear with Ubuntu 16.04? :-)
14:03
<alkisg>
Yup, although I don't really test thin clients a lot
14:03
Hyperbyte: which desktop environment?
14:34muvlon has joined IRC (muvlon!~muvlon@2001-4dd7-2465-0-ccd2-72bd-aa2a-cb2f.ipv6dyn.netcologne.de)
14:44
<Hyperbyte>
Mate.
14:45marsairforce has joined IRC (marsairforce!~marsairfo@198.41.29.45)
14:56
<alkisg>
Should be fine then
15:18Eric5 has joined IRC (Eric5!~eric@sdi.iut-valence.fr)
15:27GodFather has left IRC (GodFather!~rcc@96-92-43-9-static.hfc.comcastbusiness.net, Ping timeout: 255 seconds)
15:29marsairforce has left IRC (marsairforce!~marsairfo@198.41.29.45, Quit: Leaving)
15:32
<bennabiy>
alkisg: Hyperbyte : I have noticed this issue still with 16.04 and thin clients, but it is only with certain apps. It is not uncommon to have at least a small handful of processes run by logged out users
15:32
MATE
15:41marsairforce has joined IRC (marsairforce!~marsairfo@198.41.29.45)
15:44marsairforce has left IRC (marsairforce!~marsairfo@198.41.29.45, Remote host closed the connection)
15:51GodFather has joined IRC (GodFather!~rcc@75-145-237-204-Michigan.hfc.comcastbusiness.net)
16:16vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
16:33muvlon has left IRC (muvlon!~muvlon@2001-4dd7-2465-0-ccd2-72bd-aa2a-cb2f.ipv6dyn.netcologne.de, Ping timeout: 255 seconds)
16:43Statler has left IRC (Statler!~Georg@p579FE0B2.dip0.t-ipconnect.de, Remote host closed the connection)
17:24lucascastro has left IRC (lucascastro!~lucas@189.90.38.210.jupiter.com.br, Remote host closed the connection)
17:38muvlon has joined IRC (muvlon!~muvlon@2001-4dd0-af15-5b65-60dc-a224-9f16-9c92.ipv6dyn.netcologne.de)
17:40Statler has joined IRC (Statler!~Georg@p579FEA10.dip0.t-ipconnect.de)
17:42
<vagrantc>
w8
17:44Eric5 has left IRC (Eric5!~eric@sdi.iut-valence.fr, Ping timeout: 248 seconds)
17:57
<alkisg>
bennabiy: I thought systemd-logind was using cgroups to track the processes... it'll be worth checking if those processes do indeed belong to the same cgroup, and if there's some systemd option to "kill all processes on logout", which for some reason isn't on by default...
17:58
In my experience, after logout, I see processes for 5-10 seconds, and then they're cleaned up automatically
18:01kjackal_ has left IRC (kjackal_!~quassel@2a02:587:3118:2b00:9ce2:fc81:c406:c457, Remote host closed the connection)
18:10muvlon has left IRC (muvlon!~muvlon@2001-4dd0-af15-5b65-60dc-a224-9f16-9c92.ipv6dyn.netcologne.de, Ping timeout: 252 seconds)
18:23lucascastro has joined IRC (lucascastro!~lucas@170.78.53.20)
18:53muvlon has joined IRC (muvlon!~muvlon@2001-4dd0-af15-5b65-38f2-7212-872c-ee95.ipv6dyn.netcologne.de)
18:57GodFather has left IRC (GodFather!~rcc@75-145-237-204-Michigan.hfc.comcastbusiness.net, Ping timeout: 248 seconds)
18:58lucascastro has left IRC (lucascastro!~lucas@170.78.53.20, Remote host closed the connection)
19:13
<bennabiy>
I will check on it later... not much lab use right now
19:13lucascastro has joined IRC (lucascastro!~lucas@189.90.38.210.jupiter.com.br)
19:21Statler has left IRC (Statler!~Georg@p579FEA10.dip0.t-ipconnect.de, Remote host closed the connection)
19:35lucascastro has left IRC (lucascastro!~lucas@189.90.38.210.jupiter.com.br, Remote host closed the connection)
20:37GodFather has joined IRC (GodFather!~rcc@47.33.250.142)
20:54angel_ has left IRC (angel_!bdd55dab@gateway/web/freenode/ip.189.213.93.171, Ping timeout: 260 seconds)
21:28ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)
21:34dgroos has joined IRC (dgroos!~dagro001@205.215.175.117)
21:45GodFather has left IRC (GodFather!~rcc@47.33.250.142, Ping timeout: 248 seconds)
21:48dgroos has left IRC (dgroos!~dagro001@205.215.175.117, Ping timeout: 240 seconds)
22:05ben_roose has left IRC (ben_roose!~roose@roose.cs.wichita.edu, Remote host closed the connection)
22:05dgroos has joined IRC (dgroos!~dagro001@205.215.175.117)
22:07
<dgroos>
Hi All, Still working on this. My ltsp-pnp fat clients work great (with local users, and with internet access) until I join my server to the district’s AD authentication system. Then I can’t log in as a local user (like I could before) nor as an AD user.
22:11
I did a ‘before and after’ test to see how joining the AD affected: getent passwd LOCAL USER & getent group LOCAL USER. I tried those commands both before and after joining AD, and got the same results in syslog.
22:12GodFather has joined IRC (GodFather!~rcc@47.33.250.142)
22:29
<dgroos>
I plugged my laptop into the LAN along with the rest of the clients.
22:32
Now on my laptop I’m able to ssh into the ltsp server as a local users… and after joining the server to the AD like before, I’m able to ssh into server both as local and AD users!
22:33
i.e. ssh into server as AD user works, but login as AD user from a fat client doesn’t work. Any ideas things to check?
22:50
<vagrantc>
dgroos: are you using ldm or some other display manager?
22:50
<dgroos>
I assume ldm. Using Unity
22:51
<vagrantc>
you've been fighting with this long enough i would recommend not making assumptions anymore :P
22:51
<dgroos>
:-)
22:52
vagrantc: not always sure what i’m guessing and what I’m knowing and what I’m blindly assuming!
22:52
I’ll check…
22:55
I typed: echo $DESKTOP_SESSION and it says ubuntu
22:56
but oops… let me keep digging…
22:59
vagrantc: cat /etc/X11/default-display-manager returned:
23:03
<vagrantc>
it really returned nothing?
23:03
<dgroos>
It’s not wanting to display what it returned. Let me try again: /usr/sbin/lightdm
23:03
<vagrantc>
sounds like you're not using LDM
23:03
<dgroos>
wouldn’t print on it’s own line, sorry
23:03
<vagrantc>
fat client?
23:03
<dgroos>
yes
23:04
<vagrantc>
ok, that explains a lot
23:04
pgrep -l -a -f lightdm
23:04
or systemctl status lightdm
23:04
does it show processes running?
23:05
in any case, what's probably happening is lightdm is configured to use LDAP, AD, whatever, etc. and partially working
23:05
<dgroos>
the first command showed 3 processes: /usr/sbin/lightdm
23:05
and 2 others
23:05
<vagrantc>
and pgrep -l -a -f ldm
23:06
<dgroos>
didn’t return anything
23:06
<vagrantc>
ok, we've now identified the issue; you're not running a display manager that knows how to LTSP :)
23:06
you're kind of half-way into our future plans, though ... :)
23:07
<dgroos>
ah… the ltsp 6 holy grail!
23:07
<vagrantc>
so, something isn't triggering on boot that should stop lightdm from running
23:08
<dgroos>
but why does everthing work well with fat clients logging in when not joined to the AD?
23:08
<vagrantc>
e.g. /usr/share/ltsp/init-ltsp.d/*
23:08
<muvlon>
hey, quick question
23:08
what is ltsp-pnp and do I want that?
23:08
<vagrantc>
dgroos: did you use --cleanup when building the image?
23:08
<dgroos>
yes
23:08
<vagrantc>
dgroos: sounds suspiciously like you haven't
23:09
muvlon: it allows you to build a network bootable LTSP environment out of the installed server's OS
23:09
muvlon: and yes, it's the recommended way to try out LTSP these days
23:09
<dgroos>
I just checked and the last command was sudo ltsp-update-image —cleanup /
23:10
<vagrantc>
sudo mount -o loop /opt/ltsp/images/i386.img /mnt ; grep SOMEUSER /mnt/etc/passwd
23:10
(or amd64.img)
23:10
where SOMEUSER is some user on the server.
23:11
or wc -l /etc/passwd /mnt/etc/passwd
23:12
<dgroos>
I’ve got a test user (standard) so did: sudo mount -o loop /opt/ltsp/images/amd64.img /mnt ; grep addit /mnt/etc/passwd
23:12
and it returned nothing.
23:12
<vagrantc>
and grep addit /etc/passwd returns a line for that user?
23:13
<dgroos>
yes
23:13
<muvlon>
vagrantc, any downsides to using ltsp-pnp?
23:13
<vagrantc>
muvlon: server and client architecture must match
23:13
<muvlon>
ah
23:13
<vagrantc>
muvlon: users have login access to the server, effectively
23:14
dgroos: well, i don't know how lightdm could possibly authenticate as a user that isn't part of the system
23:14
<muvlon>
so the server must be safe against privilege escalation?
23:14
<vagrantc>
dgroos: unless you're LDAP/AD configuration somehow cached the local users in some alternate location
23:14
muvlon: sure
23:15
dgroos: you must have some scary magic, or found a very scary bug in lightdm
23:15
<muvlon>
up-to-date Debian should be reasonably secure
23:16
<vagrantc>
muvlon: although, the default setup for classic LTSP had the same issue
23:17
<dgroos>
vagrantc: must be a local cache then since I can see the AD users that I’ve authenticated to while sitting at the server, and they have home folders and all, but right, they aren’t part of /etc/passwd.
23:18
<muvlon>
vagrantc: can I do ltsp-pnp without a separate DHCP server?
23:18
<vagrantc>
dgroos: i know this may sound like a lot of work, but have you tried setting this up without AD just to see that it all works, and then incrementally add AD until it breaks?
23:18
muvlon: sure
23:18
<muvlon>
i.e. can I tell dnsmasq to be a full DHCP server instead of DHCP-proxy
23:18
<vagrantc>
muvlon: yes.
23:19
<dgroos>
Well I think I’ve not been detailed enough in my description.
23:19
<muvlon>
ah, found it
23:20
<dgroos>
If I’m joined to the AD, I can’t log into fat clients either as local or AD user. BUT…
23:20
<vagrantc>
dgroos: your first problem is that LDM isn't running at all
23:21
<dgroos>
If I unjoin from AD, then without reboot or anything at the fat clients, I can log in at the clients! Internet works and my system is just great.
23:21
So the break point is joining my server to the AD.
23:22
<vagrantc>
well, the problem is you're running the wrong display manager for LTSP
23:23
dgroos: it might have something to do with the fact that your clients all have cached AD credentials of the server, and once the server joins the AD domain, AD refuses connections from other machines with the same credentials
23:23
dgroos: but you're not using LTSP at this point, effectively
23:23
dgroos: as lightdm has no ltsp-specific hooks or code
23:23
<dgroos>
OK, I followed the instructions on Alkis’ ltsp-pnp install page (which is now outdated) and I also tried adding ltsp-manager.
23:24
<vagrantc>
dgroos: just to make sure, you ran the commands to check for a running lightdm on a fat client, not on the server?
23:24
<dgroos>
no… on the server :-(
23:24
let me re-try…
23:24
<vagrantc>
ah, so we've been chasing the wrong issue, possibly
23:25
well, i gotta head out soon
23:25
<dgroos>
vagrantc For sure, thanks for giving it a go again.
23:27
I’m going to try a re-install and see what happens. Also, Simon B and I are going to create detailed docs on using AD in ltsp. He has set up a VM environment. But that will take a while.
23:28
In the mean while I’m trying to solve this here so may bother you again tomorrow after the students leave. Have a good eve!
23:29
<vagrantc>
good luck!
23:29* vagrantc waves
23:29
<dgroos>
:-)
23:29
<vagrantc>
dgroos: also, do run the lightdm checks on the fat client; that would be interesting to know
23:29
<dgroos>
vagrantc: will do!
23:31vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
23:31
<dgroos>
vagrantc: yes, it returned /usr/sbin/ldm
23:36dgroos has left IRC (dgroos!~dagro001@205.215.175.117, Ping timeout: 240 seconds)