IRC chat logs for #ltsp on irc.libera.chat (webchat)


Channel log from 5 January 2023   (all times are UTC)

01:11jgee11869 has left IRC (jgee11869!~jgee@186.80.49.20, Remote host closed the connection)
06:16wyre is now away: Auto away at Thu Jan 5 06:16:11 2023 UTC
06:32jgee118692 has joined IRC (jgee118692!~jgee@186.80.49.20)
06:44adamjurkiewiczpy has joined IRC (adamjurkiewiczpy!~adamjurki@2001:470:69fc:105::f1a6)
06:47wyre is back
06:56woernie has joined IRC (woernie!~werner@p5ddecd2a.dip0.t-ipconnect.de)
07:05ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
08:54vagrantc has left IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:40, Quit: leaving)
08:58joris is back
09:00RodrigoAlves[m] has left IRC (RodrigoAlves[m]!~r0drigora@2001:470:69fc:105::2:2503, Quit: You have been kicked for being idle)
09:00fottsia[m] has left IRC (fottsia[m]!~fottsiama@2001:470:69fc:105::48bb, Quit: You have been kicked for being idle)
12:18joris is now away: Auto away at Thu Jan 5 13:18:23 2023
12:22joris is back
13:07
<system_analyst[m>
how to enable sound on ltsp client ? Is any driver needs to install before building ltsp image ?
13:07
<muhwalt>
system_analyst[m: it generally works "out of the box"
13:08
if it doesn't work, it's generally a kernel/module issue I think
13:10
<system_analyst[m>
when computer booted with ltsp images then only this sound issue, otherwise for device playing sound perfectly.
13:10
<muhwalt>
if you boot a live CD/USB of the same OS as the LTSP server the sound works fine?
13:12
<system_analyst[m>
Yes , audio works fine
13:12
<muhwalt>
dmesg/syslog on the client device should give clues as to what's going wrong, assuming you've already checked the sound settings
13:13
<system_analyst[m>
I have ubuntu 22.04 server os for my ltsp server.
13:14
<muhwalt>
I just went live last night w/ 4 22.04 LTSP servers, as far as I've seen none of my clients have had a sound issue so far
13:14
most are geminilake or newer celerons
13:14
up to gen10, whatever that is... comet lake?
13:14
with onboard sound
13:15
realtek I guess?
13:17
<system_analyst[m>
Realtek Audio
13:26
<alkisg>
Compare the kernel version in one system (ltsp) vs the other (live cd). Also check if /lib/modules/$(uname -r) exists on the client
13:44
<system_analyst[m>
kernel version on ltsp client is 5.15.0-25-generic and as in live ubuntu cd is 5.15.0.56 . On client machine when I click on sound icon it shows message establishing connection to PulseAudio. Please wait. and that pop up window stuck there.
13:47
output of ls lib/modules/5.15.0-2-5generic shows verious modules such as modules.devname modules.sysmbols and many more
15:24wyre is now away: Auto away at Thu Jan 5 15:24:20 2023 UTC
15:27
<muhwalt>
went live with latest LTSP last night, and I realized I wanted to disable some services on clients that I have running on the server.
15:28
I've added DISABLE_SESSION_SERVICES="wazuh-agent lsyncd" and MASK_SESSION_SERVICES="wazuh-agent lsyncd" to /etc/ltsp/ltsp.conf in the [clients] section
15:28
I ran `ltsp initrd` and rebooted a client... however those services are running on that client
15:29
am I doing something wrong?
15:29
(I did try *just* masking them first)
15:38
<alkisg>
system_analyst, muhwalt if you wish I could take a quick look over epoptes (screen sharing), if you have it installed
15:41
<muhwalt>
alkisg: sure, if you don't mind
15:41
<alkisg>
!vnc-edide
15:41
<ltspbot>
vnc-edide: To share your screen with me, open Epoptes → Help menu → Remote support → Host: srv1-dide.ioa.sch.gr, and click the Connect button
15:41
<muhwalt>
!vnc
15:41
<ltspbot>
I do not know about 'vnc', but I do know about these similar topics: 'kvm-vnc', 'uvnc-dide', 'vnc-alkisg', 'vnc-dide', 'vnc-edide', 'x11vnc'
15:41
<muhwalt>
;)
15:41
<alkisg>
:)
15:42
<muhwalt>
let me make sure that client has newest image/ltsp.conf
15:43
ltsp42 should be set correctly
15:43
with latest ltsp.conf
15:44
<alkisg>
muhwalt: no need
15:44
So, these services are system services, not session services
15:44
You can see them in systemctl status, not in systemctl --user status
15:44
<muhwalt>
oh, is there another setting?
15:45
I'm guessing mask/disable_SYSTEM_SERVICE?
15:45
:(
15:45
oh goodness
15:45
I'm sorry
15:45
<alkisg>
So, use DISABLE_SYSTEM_SERVICES, not DISABLE_SESSION_SERVICES
15:45
<muhwalt>
lol
15:45
<alkisg>
No worries that one was easy :)
15:45
<muhwalt>
Thank you, I appreciate your patience :D
15:50
Shockingly, it works perfectly when you use the right configuration key
16:02
<alkisg>
muhwalt: for security auditing, I'm using openvas in some site; I can't say I like it. Can wazuh replace it? Does it properly support Ubuntu clients?
16:09
<muhwalt>
wazuh is a fork of ossec, if you're familiar with that
16:09
wazuh seems to do *a lot*
16:10
It uses the ELK stack, which makes it really heavy
16:10
(resouce heavy... mostly memory)
16:10
I'm still figuring it out myself :D
16:10
let me take a look at openvas and see if they're comparable
16:13
I don't know that they're comparable. wazuh/ossec are host based intrusion detection systems
16:14
openvas looks like a vulnerability scanner
16:15
wazuh will check the host's configuration and surface differences to several standards. E.g., the US department of defense has various standards manuals for how to configure ubuntu for example
16:15
that's one of the ones that wazuh will compare your config against
16:15
(I think they're called STIGs)
16:15
standard technical implementation... something or other ;)
16:16
wazuh is definitely worth checking out... it's easily to test
16:18
I mostly use it for monitoring auditd for suspicious activity
16:19
oh! almost forgot, it'll compare installed package versions against the CVE database
16:19
that's a big one for us, too
16:26wyre is back
16:40wyre is now away: Auto away at Thu Jan 5 16:39:40 2023 UTC
16:49
<alkisg>
For hardening, I started to test my configuration against CIS using https://ubuntu.com/security/certifications/docs/usg, but then I realized it's mostly candy for bureaucrats, the proposed configuration changes weren't actually adding any real security
16:50
And then on every update my /etc would be a mess because it wouldn't automatically migrate to the newer ubuntu defaults
17:26Guest284 has joined IRC (Guest284!~Guest284@66.207.221.237)
17:35joris is now away: Auto away at Thu Jan 5 18:35:11 2023
17:43
<muhwalt>
I think wazuh also compares to CIS too, which yeah, I agree... for 90% of installs, most of it doesn't matter
17:44
IIRC, there were lots of things about partitioning off /var, /var/log, etc so out of space conditions don't mess up the entire system
17:44
...which... yeah, I guess... but for most installs it isn't really a problem :)
17:46
*mostly* what I use it for is alerting on auditd logs and things like that
18:19Guest284 has left IRC (Guest284!~Guest284@66.207.221.237, Quit: Client closed)
20:16vagrantc has joined IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:20)
21:03ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)
21:16vagrantc has left IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:20, Quit: leaving)
21:43vagrantc has joined IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:40)