IRC chat logs for #ltsp on irc.libera.chat (webchat)


Channel log from 7 March 2018   (all times are UTC)

00:18vagrantc has left IRC (vagrantc!~vagrant@unaffiliated/vagrantc, Quit: leaving)
00:28ben_roose has left IRC (ben_roose!~roose@roose.cs.wichita.edu, Remote host closed the connection)
01:55lroca has joined IRC (lroca!~lroca@ool-18bfd59d.dyn.optonline.net)
02:42lroca has left IRC (lroca!~lroca@ool-18bfd59d.dyn.optonline.net, Quit: lroca)
04:57GodFather has left IRC (GodFather!~rcc@2602:306:cdc3:d7d0:8d85:d313:aa30:29e9, Ping timeout: 252 seconds)
06:37jgee has left IRC (jgee!~jgee@181.56.72.152, Ping timeout: 248 seconds)
06:41Statler|Home has joined IRC (Statler|Home!~Georg@p5B30EB5A.dip0.t-ipconnect.de)
07:18ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
07:42kjackal has joined IRC (kjackal!quassel@conference/ubuntu/x-emxxrbcihsjdhiai)
09:00kjackal has left IRC (kjackal!quassel@conference/ubuntu/x-emxxrbcihsjdhiai, Remote host closed the connection)
09:21Statler|Home has left IRC (Statler|Home!~Georg@p5B30EB5A.dip0.t-ipconnect.de, Remote host closed the connection)
10:13Statler_Office has joined IRC (Statler_Office!~Georg@gwrz3.lohn24.de)
11:40Faith has joined IRC (Faith!~Paty_@unaffiliated/faith)
13:07gp has joined IRC (gp!~gp@96.71.93.13)
13:16
<gp>
How would I go about using SSH auth on fatclients so I could log into the terminal screens without the user existing on the fatclient? ltsp-pnp
13:17
I'd prefer not to have a root shell screen
13:32
Another hurdle... I've updated my image and removed the local users in favor of ldap accounts. I rebuilt the image and now I am getting "the authenticity of server cannot be verified". ltsp-update-sshkeys seems not to be the answer. What do I do?
13:33
Before rebuilding the image, I could log in with ldap users or local users. So all I did was remove the user created during install and rebuilt the client image. No real changes
13:35
I don't really want to disable ssh checking with ssh opts
13:43
Never believe anyone that tells you "no real changes" =P
14:26
What script generates /etc/ssh/ssh_known_hosts for the entry "server"?
14:26
For the client. And where is it pulling the keys from?
14:35kjackal has joined IRC (kjackal!~quassel@109-74-56-122.static.acetelecom.hu)
14:43bcg has left IRC (bcg!b@dsl-tkubng11-54f942-246.dhcp.inet.fi, Quit: leaving)
14:48bcg has joined IRC (bcg!b@dsl-tkubng11-54f942-246.dhcp.inet.fi)
14:52zamba has left IRC (zamba!marius@flage.org)
15:34
<quinox1>
# cat usr/share/ltsp/cleanup.d/50-ssh-keys
15:34
# Copy the server SSH keys to /etc/ssh/ssh_known_hosts.
15:34
{
15:34
sed 's/^/server /' /etc/ssh/ssh_host_*_key.pub
15:34
find /etc/ltsp/ -type f -name "ssh_known_hosts.*" -exec cat {} + 2>/dev/null
15:34
} > /etc/ssh/ssh_known_hosts
15:40
<gp>
quinox1: thanks. does that run with ltsp-update-image?
15:40
not sure why it wouldn't be grabbing the updated ssh keys
15:47
<quinox1>
perhaps it only runs if you use --cleanup ?
15:47
you can read /usr/sbin/ltsp-update-image to see what it does
15:48
LTSP is made out of a lot of bash scripts
15:48
so I usually grep through the scripts to learn how it works
15:48
<gp>
quinox1: thanks
15:49
ran into a bunch of headaches upgrading from ubuntu 14.04 to 16.04 and nothing is quite working the same
15:50
<quinox1>
my /etc/ssh/ssh_known_hosts is from last November, so it looks like that file is also created the first time the chroot is setup
15:50
I don't have `--cleanup` in my weekly ltsp update cron
15:51
I feel your pain, I've been upgrading LTSP for the last 7 years :)
15:52
the first few years LTSP has been black magic to me
15:53
luckily people in here are really helpful,if I couldn't fix it myself after wrestling with it for an afternoon I would ask here
15:57
<gp>
=)
16:00
<quinox1>
I have bad experience with upgrading Ubuntu versions from inside the LTSP chroot btw
16:00
after upgrading the server I always delete the chroot and make a new one
16:01
<gp>
Tried upgrading directly. But that didn't go well. Im working on a new box now but hitting issues. Do you start with the desktop installer or server installer?
16:02
I went with server so I could start clean and use mate-desktop
16:02
<quinox1>
let me share my notes ...
16:04
<gp>
Can you delete the chroot in ltsp-pnp? That would probably guarantee my ssh key issue gets fixed
16:04
right now I disabled host key checking in lts.conf
16:04
But I don't like that
16:05
<quinox1>
https://ghost.qtea.nl/tmp/2018-03-07_LTSP.pdf
16:05
<gp>
quinox1: wow thank you so much
16:06
<quinox1>
I don't use ltsp-manager / ltsp-pnp
16:07
you can always modify the /etc/ssh/ssh_known_hosts file inside the chroot yourself
16:09
of course you don't want to end up with a million custom hacks on LTSP itself
16:09
the documentation is from my internal wiki so the links don't work
16:09
duivenkracht = the server
16:09
gatekeeper = the firewall machine
16:11
my setup deviates from how you're supposed to run modern LTSP
16:11
fe. I maintain the DHCP configuration myself on gatekeeper in dnsmasq
16:13
it might also be somewhat wrong; it works for me, but "ltsp-update-kernels
16:14
" doesn't have to be called (anymore?) I believe
16:15
10.50.0.8 = IP of the server (duivenkracht)
16:16
<alkisg>
gp: cd /opt/ltsp before running ltsp-update-sshkeys, because it has a bug in the current ubuntu version
16:18
<gp>
thank you alkisg
16:18
<alkisg>
gp: although if you're using ltsp-pnp, this makes no sense, there's no chroot
16:19
!learn sshkeys-bug as apply this to fix a recent ltsp-update-sshkeys issue: https://git.launchpad.net/ltsp/commit/?id=b1030c40f40930928f2f114f96419edbeddb5e17
16:19
<ltsp>
The operation succeeded.
16:20
<alkisg>
Anyway apply that patch so that it works properly in all case
16:20
*cases
16:42
<gp>
Using ltsp-pnp, if I want to allow use of sudo on the clients but not the server, what would be the best way to do that? Script in lts.conf that generates a sudoers entry on boot?
16:46
<alkisg>
!sudo
16:46
<ltsp>
I do not know about 'sudo', but I do know about these similar topics: 'sudoers', 'fat-sudo'
16:46
<alkisg>
!sudoers
16:46
<ltsp>
sudoers: Not recommented for security reasons: RCFILE_01="echo USER ALL=NOPASSWD: /path/to/program >> /etc/sudoers". USER and /path/to/program can also be ALL.
16:46
<alkisg>
!fat-sudo
16:46
<ltsp>
fat-sudo: to allow members of the sudo group to execute "sudo" in fat clients without a password prompt, put this in lts.conf: RCFILE_01="echo '%sudo ALL=NOPASSWD: ALL' >> /etc/sudoers"
16:47
<alkisg>
The most important question though, would be "why"?
16:47
Why sudo in a fat client?
16:47
<gp>
To bind to port 80 for demonstrating a website but probably smarter just to use 8080 on a high port
16:48
<alkisg>
The user would bind there, or a service?
16:48
<gp>
running the webserver via the terminal
16:48
something like sudo python manage.py runserver 0.0.0.0:80
16:49
<alkisg>
So you want the users to run that, not the system while it boots...
16:49
<gp>
right
16:49
from a terminal
16:50vagrantc has joined IRC (vagrantc!~vagrant@unaffiliated/vagrantc)
16:50
<alkisg>
Yeah a non priviledged port would sound better for that
16:55
<||cw>
could put the command in a bash script that's only writable by root and put that in sudoers
17:16lucas_ has left IRC (lucas_!~lucas@201.182.221.14, Remote host closed the connection)
17:17adrianor1 has joined IRC (adrianor1!~adrianorg@177.156.230.65)
17:20adrianorg has left IRC (adrianorg!~adrianorg@186.215.23.34, Ping timeout: 240 seconds)
17:31kjackal has left IRC (kjackal!~quassel@109-74-56-122.static.acetelecom.hu, Ping timeout: 240 seconds)
17:39bob___ has joined IRC (bob___!8aa2002a@gateway/web/freenode/ip.138.162.0.42)
17:39adrianor1 is now known as adrianorg
17:43bob9393 has joined IRC (bob9393!8aa2002b@gateway/web/freenode/ip.138.162.0.43)
17:44lucascastro has joined IRC (lucascastro!~lucas@201.182.221.154)
17:45
<bob9393>
I am having trouble installing ltsp on Ubuntu 16.04.3. Client boot stops and drops to Busybox. Has anyone else had this problem?
17:46bob___ has left IRC (bob___!8aa2002a@gateway/web/freenode/ip.138.162.0.42, Ping timeout: 260 seconds)
17:51
<||cw>
sounds like one of the services isn't started, have you rebooted the server just to be sure it's got a clean start?
17:52
<vagrantc>
happens every day. :)
17:52
<bob9393>
yes several times
17:52
My installation on 12.04 is very stable and has not had any problems
17:53
<vagrantc>
is nbd-server running?
17:53
<||cw>
what's the last thing it's trying to do when to drops to busybox?
17:53
<vagrantc>
are there any messages before it drops to busybox?
17:57bob9393 has left IRC (bob9393!8aa2002b@gateway/web/freenode/ip.138.162.0.43, Ping timeout: 260 seconds)
17:59bob9394 has joined IRC (bob9394!8aa2002a@gateway/web/freenode/ip.138.162.0.42)
18:04bob9394 has left IRC (bob9394!8aa2002a@gateway/web/freenode/ip.138.162.0.42, Ping timeout: 260 seconds)
18:05VibesYuth has left IRC (VibesYuth!~lfesdaill@static-108-41-107-210.nycmny.fios.verizon.net, Quit: Leaving)
18:15lucascastro has left IRC (lucascastro!~lucas@201.182.221.154, Remote host closed the connection)
19:34ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)
19:39SmashK has joined IRC (SmashK!5b40100b@gateway/web/freenode/ip.91.64.16.11)
19:39
<SmashK>
Hi!
19:39
anyone with a fast hint: How to remove not needed images from LTSP? i386 not needed anymore, need place on hdd
19:42
<quinox1>
rm
19:42
<||cw>
rm, it's just a file
19:44
<SmashK>
while /opt/ltsp/images contains just 2 files: amd64.img and amd64.img.old
19:45
may I delete amd64.img.old?
19:46
dir /opt/ltsp/i386 contains alot of dirs
19:47
<vagrantc>
if you really don't need the i386 stuff anymore, you can remove /opt/ltsp/i386 as well
19:47
but be sure before you do
20:29Faith has left IRC (Faith!~Paty_@unaffiliated/faith, Quit: Leaving)
20:35
<||cw>
SmashK: if the new version is working fine, yes
20:35
<SmashK>
ok
20:36
so I deleted amd64.img.old and dir /opt/ltsp/i386
20:36kjackal has joined IRC (kjackal!~quassel@109-74-56-122.static.acetelecom.hu)
20:37
<SmashK>
is there a way to put new images not into /opt/ltsp but elsewhere on /home, which is on another partition with alot of free space?
20:38
<||cw>
easiest way to manage that is to symlink it.
20:39
mv /opt/ltsp /home/ && ln -s /home/ltsp /opt/ltsp
20:39
make sure you shut off all the clients first.
20:40
might need to restart nbd-server too
20:40
<SmashK>
o.O
20:40
no standard setting anywhere in the configs for this?
20:40
<||cw>
really, you should have just made your /opt partition bigger
20:41
as a one liner, not really
20:42
I'm sure there's cli options on all the tools, but you have to remember to use that every time on every tool
20:42
<SmashK>
no special partition for this dir, its on the root-partition but the ltsp-images amd64+old+i386 are using 3.3GB
20:42
<||cw>
and any 3rd party ones or copy/paste scripts may not have the option
20:42
<SmashK>
ok
20:43
<||cw>
yes, ltsp need bigger than average /opt, so if you don't put that on another partition, you need a bigger root
20:43
just like a desktop needs a bigger root than a server
20:43
<vagrantc>
SmashK: you could also bind-mount /opt/ltsp somewhere else
20:44
<||cw>
vagrantc: does that have any advantages over a symlink?
20:44
<SmashK>
maybe I'll manage to shrink the extended partition with /var swap and /home inside and extend the primary partition with root inside
20:44
<vagrantc>
||cw: depends on what you're comfortable with
20:45
<||cw>
SmashK: phsyical machine or virtual?
20:46
<vagrantc>
there are some settings to use a different location that /opt/ltsp ... but they're not very well tested, and you may have to specify them manually with numerous commands
20:46
<SmashK>
virtual
20:46
<vagrantc>
i don't remember the details
20:46
it's not recommended
20:59
<alkisg>
vagrantc: theoretically, people prefer nfs root because it allows to do changes live, without rebooting the client. But is this the case with nfs ro + tmpfs overlay? Because in my experience, the overlay in many cases doesn't reflect the underlying nfs changes... so a client reboot is actually necessary. Any experience on that?
21:04
<||cw>
SmashK: just add another vdisk?
21:06
<vagrantc>
alkisg: with aufs it worked fine, unless of course the tmpfs layer had a file that was edited
21:07
alkisg: i've not really had any luck with nfs and overlayfs
21:08nehemiah has joined IRC (nehemiah!~nehemiah@137.26.129.150)
21:08
<vagrantc>
alkisg: er, overlay fs ... since i've never used overlayfs
21:12gehidore has left IRC (gehidore!~username@unaffiliated/man, Quit: WeeChat 2.0.1)
21:13gehidore has joined IRC (gehidore!~username@unaffiliated/man)
21:14
<SmashK>
space isn't the problem, but it's on the wrong partition :D
21:15
<||cw>
SmashK: you can mount the new vdisk to a temp path, move /opt's contents, remount as /opt. it's all just paths, don't think to hard on it. it's also common to just one one partition for a desktop, which is what a ltsp server effectively is
21:15
<vagrantc>
SmashK: heh. or your partitions aren't allocated correctly :)
21:19
<alkisg>
SmashK: what's wrong with using a symlink like ||cw said? it's just 2 commands...
21:20
vagrantc: strange, maybe aufs didn't use caching so much as overlay does now...
21:33lucascastro has joined IRC (lucascastro!~lucas@201.182.221.14)
21:35
<quinox1>
yup, I use a symlink as well, works perfectly
21:35
<nehemiah>
Is there a way to set the default desktop session to mate for clients?
21:36
<quinox1>
LDM_SESSION
21:36
string, default unset
21:36
Used to chose the default session on the server, for example:
21:36
LDM_SESSION="gnome-fallback"
21:36
(from man lts.conf)
21:37
<nehemiah>
O my goodness. Haha, I've red that man page at least a dozen times and I still missed it. Thank you!
21:37
<quinox1>
it's easy to miss, there are so many useful things you can do with lts.conf
21:38
`man bash` is utterly pointless for me for that reason, it's so loooooooooooooooong... I can only use it for things I know are in there
21:43jgee has joined IRC (jgee!~jgee@181.56.72.152)
21:48Statler_Office has left IRC (Statler_Office!~Georg@gwrz3.lohn24.de, Remote host closed the connection)
22:28
<SmashK>
alkisg: no problem on this, will do it next days, thx @ all
22:28SmashK has left IRC (SmashK!5b40100b@gateway/web/freenode/ip.91.64.16.11, Quit: Page closed)
22:36kjackal has left IRC (kjackal!~quassel@109-74-56-122.static.acetelecom.hu, Ping timeout: 240 seconds)
23:36lucascastro has left IRC (lucascastro!~lucas@201.182.221.14, Remote host closed the connection)