|01:11||jgee11869 has left IRC (email@example.com, Remote host closed the connection)|
|06:16||wyre is now away: Auto away at Thu Jan 5 06:16:11 2023 UTC|
|06:32||jgee118692 has joined IRC (firstname.lastname@example.org)|
|06:44||adamjurkiewiczpy has joined IRC (adamjurkiewiczpy!~adamjurki@2001:470:69fc:105::f1a6)|
|06:47||wyre is back|
|06:56||woernie has joined IRC (email@example.com)|
|07:05||ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)|
|08:54||vagrantc has left IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:40, Quit: leaving)|
|08:58||joris is back|
|09:00||RodrigoAlves[m] has left IRC (RodrigoAlves[m]!~r0drigora@2001:470:69fc:105::2:2503, Quit: You have been kicked for being idle)|
|09:00||fottsia[m] has left IRC (fottsia[m]!~fottsiama@2001:470:69fc:105::48bb, Quit: You have been kicked for being idle)|
|12:18||joris is now away: Auto away at Thu Jan 5 13:18:23 2023|
|12:22||joris is back|
how to enable sound on ltsp client ? Is any driver needs to install before building ltsp image ?
system_analyst[m: it generally works "out of the box"
if it doesn't work, it's generally a kernel/module issue I think
when computer booted with ltsp images then only this sound issue, otherwise for device playing sound perfectly.
if you boot a live CD/USB of the same OS as the LTSP server the sound works fine?
Yes , audio works fine
dmesg/syslog on the client device should give clues as to what's going wrong, assuming you've already checked the sound settings
I have ubuntu 22.04 server os for my ltsp server.
I just went live last night w/ 4 22.04 LTSP servers, as far as I've seen none of my clients have had a sound issue so far
most are geminilake or newer celerons
up to gen10, whatever that is... comet lake?
with onboard sound
realtek I guess?
Compare the kernel version in one system (ltsp) vs the other (live cd). Also check if /lib/modules/$(uname -r) exists on the client
kernel version on ltsp client is 5.15.0-25-generic and as in live ubuntu cd is 22.214.171.124 . On client machine when I click on sound icon it shows message establishing connection to PulseAudio. Please wait. and that pop up window stuck there.
output of ls lib/modules/5.15.0-2-5generic shows verious modules such as modules.devname modules.sysmbols and many more
|15:24||wyre is now away: Auto away at Thu Jan 5 15:24:20 2023 UTC|
went live with latest LTSP last night, and I realized I wanted to disable some services on clients that I have running on the server.
I've added DISABLE_SESSION_SERVICES="wazuh-agent lsyncd" and MASK_SESSION_SERVICES="wazuh-agent lsyncd" to /etc/ltsp/ltsp.conf in the [clients] section
I ran `ltsp initrd` and rebooted a client... however those services are running on that client
am I doing something wrong?
(I did try *just* masking them first)
system_analyst, muhwalt if you wish I could take a quick look over epoptes (screen sharing), if you have it installed
alkisg: sure, if you don't mind
vnc-edide: To share your screen with me, open Epoptes → Help menu → Remote support → Host: srv1-dide.ioa.sch.gr, and click the Connect button
I do not know about 'vnc', but I do know about these similar topics: 'kvm-vnc', 'uvnc-dide', 'vnc-alkisg', 'vnc-dide', 'vnc-edide', 'x11vnc'
let me make sure that client has newest image/ltsp.conf
ltsp42 should be set correctly
with latest ltsp.conf
muhwalt: no need
So, these services are system services, not session services
You can see them in systemctl status, not in systemctl --user status
oh, is there another setting?
I'm guessing mask/disable_SYSTEM_SERVICE?
So, use DISABLE_SYSTEM_SERVICES, not DISABLE_SESSION_SERVICES
No worries that one was easy :)
Thank you, I appreciate your patience :D
Shockingly, it works perfectly when you use the right configuration key
muhwalt: for security auditing, I'm using openvas in some site; I can't say I like it. Can wazuh replace it? Does it properly support Ubuntu clients?
wazuh is a fork of ossec, if you're familiar with that
wazuh seems to do *a lot*
It uses the ELK stack, which makes it really heavy
(resouce heavy... mostly memory)
I'm still figuring it out myself :D
let me take a look at openvas and see if they're comparable
I don't know that they're comparable. wazuh/ossec are host based intrusion detection systems
openvas looks like a vulnerability scanner
wazuh will check the host's configuration and surface differences to several standards. E.g., the US department of defense has various standards manuals for how to configure ubuntu for example
that's one of the ones that wazuh will compare your config against
(I think they're called STIGs)
standard technical implementation... something or other ;)
wazuh is definitely worth checking out... it's easily to test
I mostly use it for monitoring auditd for suspicious activity
oh! almost forgot, it'll compare installed package versions against the CVE database
that's a big one for us, too
|16:26||wyre is back|
|16:40||wyre is now away: Auto away at Thu Jan 5 16:39:40 2023 UTC|
For hardening, I started to test my configuration against CIS using https://ubuntu.com/security/certifications/docs/usg, but then I realized it's mostly candy for bureaucrats, the proposed configuration changes weren't actually adding any real security
And then on every update my /etc would be a mess because it wouldn't automatically migrate to the newer ubuntu defaults
|17:26||Guest284 has joined IRC (Guest284!~Guest284@126.96.36.199)|
|17:35||joris is now away: Auto away at Thu Jan 5 18:35:11 2023|
I think wazuh also compares to CIS too, which yeah, I agree... for 90% of installs, most of it doesn't matter
IIRC, there were lots of things about partitioning off /var, /var/log, etc so out of space conditions don't mess up the entire system
...which... yeah, I guess... but for most installs it isn't really a problem :)
*mostly* what I use it for is alerting on auditd logs and things like that
|18:19||Guest284 has left IRC (Guest284!~Guest284@188.8.131.52, Quit: Client closed)|
|20:16||vagrantc has joined IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:20)|
|21:03||ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)|
|21:16||vagrantc has left IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:20, Quit: leaving)|
|21:43||vagrantc has joined IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:40)|