IRC chat logs for #ltsp on irc.libera.chat (webchat)


Channel log from 10 February 2023   (all times are UTC)

01:36ogra is now away: currently disconnected
02:00sugarbeet is back
02:06wyre is now away: Auto away at Fri Feb 10 02:06:46 2023 UTC
02:17
<alkisg1>
Typing usernames should be possible in any DM, not just in lightdm
02:17alkisg is now known as alkisg_irc
02:17
<alkisg1>
/nick alkisg
02:18alkisg1 is now known as alkisg
02:34sugarbeet is now away: [tmux detached]
05:49quinox has left IRC (quinox!~quinox@ghost.qtea.nl, Quit: WeeChat 3.6)
05:52quinox has joined IRC (quinox!~quinox@ghost.qtea.nl)
06:35wyre is back
06:52ricotz has joined IRC (ricotz!~ricotz@ubuntu/member/ricotz)
06:58woernie has left IRC (woernie!~werner@p5ddecea9.dip0.t-ipconnect.de, Quit: http://quassel-irc.org - Chat comfortably. Anywhere.)
06:59wyre is now away: Auto away at Fri Feb 10 06:59:06 2023 UTC
07:00woernie has joined IRC (woernie!~werner@p5ddecea9.dip0.t-ipconnect.de)
07:12woernie has left IRC (woernie!~werner@p5ddecea9.dip0.t-ipconnect.de, Remote host closed the connection)
07:15woernie has joined IRC (woernie!~werner@p5ddecea9.dip0.t-ipconnect.de)
07:20wyre is back
07:23woernie has left IRC (woernie!~werner@p5ddecea9.dip0.t-ipconnect.de, Remote host closed the connection)
07:23woernie has joined IRC (woernie!~werner@p5ddecea9.dip0.t-ipconnect.de)
07:24wyre is now away: Auto away at Fri Feb 10 07:24:33 2023 UTC
07:25woernie has left IRC (woernie!~werner@p5ddecea9.dip0.t-ipconnect.de, Remote host closed the connection)
07:26wyre is back
08:31ogra is back
09:06Lantizia has joined IRC (Lantizia!~Lantizia@195.62.201.126)
09:07
<Lantizia>
Hey... I know LTSP has been tested more with MATE... but in terms of a Ubuntu LTS to go for... is it more working/tested with 22.04 or 20.04 ?
09:08
As I'm hopefully going to attempt to install it on Trisquel GNU/Linux (either v10... based on 20.04... or v11... based on 22.04)
09:08
and use it at an FSFE (see fsfe.org) meeting
09:13
actually nevermind v11 isn't even out
09:15
<alkisg>
We're using it in many schools here so all >=18.04 LTS Ubuntu versions have been tested
10:03pr0f3 has joined IRC (pr0f3!~pr0f3@158.99.5.241)
10:03
<pr0f3>
hello, i'm trying to view a pc with epoptes and i cant
10:04
i dont know where i can see error o something
10:04
to fix it
10:04
is in linux mint, i have the firewall disable
10:05
<alkisg>
pr0f3: if you want, vnc to me from both the server AND the client, using this command: x11vnc -connect alkisg.ltsp.org
10:08wyre is now away: Auto away at Fri Feb 10 10:08:19 2023 UTC
10:09
<pr0f3>
listo
10:09
ready
10:10wyre is back
10:10
<pr0f3>
10/02/2023 11:07:44 Making connection to client on host alkisg.ltsp.org port 5500
10:10
10/02/2023 11:09:54 rfbConnectToTcoAddr: failed to connect
10:10
: Connection timed out
10:10
<alkisg>
pr0f3: are you using wayland?
10:11
Are you connected via GUI or via SSH?
10:11
<pr0f3>
gui
10:11
<alkisg>
GNOME/Wayland? Or Xorg?
10:11
<pr0f3>
idk
10:11
<alkisg>
Whats
10:11
<pr0f3>
i dont know
10:11
<alkisg>
What's the output of this: xrandr | nc termbin.com 9999
10:12
<pr0f3>
nothing
10:15
xorg
10:16
alkisg im using xor
10:16
<alkisg>
pr0f3: try to disable your firewall completely (sudo ufw disable), then try once more to connect to me
10:16
It sounds like your problem is the firewall
10:17
You can't even connect to termbin.com now
10:17
<pr0f3>
Firewall stopped and disabled on system startup
10:19
ohg
10:20
im in a public network and they have one security level that doesnt allow to me to visit termbin.com
10:20
is in a Andalucian School
10:21
Is there any log of the application to see errors?
10:27pr0f3 has left IRC (pr0f3!~pr0f3@158.99.5.241, Quit: Client closed)
10:29
<alkisg>
Sure, run epoptes-client and see the screen
10:29
It shows the errors in plain old stderr
10:32wyre is now away: Auto away at Fri Feb 10 10:32:29 2023 UTC
10:34wyre is back
11:26ogra is now away: currently disconnected
11:56ogra is back
12:58
<err404[m]>
hello,... (full message at <https://libera.ems.host/_matrix/media/v3/download/libera.chat/9af9d6b47a8e0ff44f5cd42e852dfe5c08040c60>)
13:05
<alkisg>
err404: you can open a terminal on the clien tand try `ssh user@server`, to see if ssh logins work
13:05
Cheers :)
13:11
<err404[m]>
I cannot, because the console 1..6 ask for login and password
13:12
even the login"user" password "live" is not working in the debian-live.img
13:12
* the debian-live.img (it is the default login/password for debian live)
13:24
<tru_tru>
err404[m]: are your user allowed to ssh with password from the ltsp client to the ltsp server with password (as the default is having $HOME access from the client through sshfs)
13:26
I have been trying to shortcuts ltsp with debian and chroot, and failed as not knowing enough about LTSP, so baby steps now from an LTSP ubuntu live desktop as server and gradually improving/learnign my stepes
13:26
s/stepes/steps/
13:30wyre is now away: Auto away at Fri Feb 10 13:29:56 2023 UTC
13:54
<tru_tru>
https://termbin.com/rj20w <- failing to add ppa for raspios
14:09ogra is now away: currently disconnected
14:11woernie has joined IRC (woernie!~werner@2001:9e8:e267:3300:7290:6d68:6ab1:4b22)
14:12
<tru_tru>
so doing it the debian's way :P
14:18woernie has left IRC (woernie!~werner@2001:9e8:e267:3300:7290:6d68:6ab1:4b22, Remote host closed the connection)
14:24
<vsuojanen[m]>
when using chroot method without configuring anything in the choot /et/ltsp/ltsp.conf the login and home access are using sshfs from the ltsp server. also if using debian live (is it really that live cd now that we are talking about) the live cd users don't exist with ltsp
14:25
it's the ltsp server for default Installation
14:35
<tru_tru>
vsuojanen[m]: jumping into the discussion, how do one change the sshfs for home access? is just using NFS for /home enough ?
14:36
and so, what is the authentification method used (if not sshfs for home) ?
14:38
and for raspios integration, although epoptes-client is installed it did not configured /etc/hosts for server access (maybe because I was using NFS_RW + ADMINISTRATIVE_CLIENT=1) ?
14:43
for raspios, I just needed to add the "server" entry in /etc/hosts and "/usr/sbin/epoptes-client -c"
14:58
<vsuojanen[m]>
sshfs is the default for home access, then you don't configure anyhting in ltsp.conf. that's how it works by default when you follow Installation instructions
15:21
I have never used raspios. If I remember discussions it doesn't use sshfs and if needed then needs to be installed. Isn't that referenced already somewhere in ltsp raspios related instructions page?
15:22
<tru_tru>
if I don't want sshfs for the client user, I just need to use PASSWORDS_x= in ltsp.conf?
15:23
<vsuojanen[m]>
nope. So Are you using raspios?
15:23
<tru_tru>
/home/user should then be local and created on initial login (and ephemeral if no NFS server is providing access to /home).
15:23
I am playing with both: raspios and chrootless on lts2004-desktop based server
15:24
<vsuojanen[m]>
tru_tru: I doubt this
15:25
<alkisg>
vsuojanen: live CDs usually don't have sshfs; it can be provided dynamically if you put it under /etc/ltsp and run ltsp initrd, I describe that somewhere in the man pages
15:27
There: http://ltsp.org/man/ltsp-initrd/#examples
15:28
<vsuojanen[m]>
I don't know, it's advanced use anyway
15:28
<alkisg>
tru_tru: re raspios and add-apt-repository, raspios is debian yeah, so it needs the debian method of adding the ppa
15:48
<tru_tru>
can I mix, sshfs users and local user with on-the-fly creation for /home ?
16:01
<alkisg>
tru_tru: yes
16:02
And/or nfs users too
16:06
<err404[m]>
https://ltsp.org/man/ltsp.conf/#PASSWORDS_x <-- ltsp hash is md5, but actualy is $6$ means SHA-512 in many recents distro linux.
16:06
may be is the issue I encounter (every users and password did not let me login in ltsp client)
16:07
* https://ltsp.org/man/ltsp.conf/#PASSWORDS\_x \<-- ltsp hash is md5, but actualy is $6$ means SHA-512 in many recents distro linux.
16:07
may be is the issue I encounter (every users and password did not let me login in ltsp client)?
16:08
<alkisg>
err404: in that page, see the last line; it will allow you to login as root
16:08
After you login as root, check if you can ssh to the ltsp server
16:09
LTSP doesn't create hashes, it has its own pam module to test the password
16:09
So the md5 hash you see isn't created by ltsp
16:10
<tru_tru>
PASSWORDS_x="teacher/cXdlcjEyMzQK" goes into the [clients] section ? do I need anything else (beside ltsp initrd, and reboot the client) ?
16:10
<err404[m]>
ok, I mean about inserting /etc/shadow from the server by the command `ltsp initrd`
16:10
I will try to edit the ltsp.conf
16:11
<alkisg>
tru_tru: right
16:12
err404: if your /etc/shadow entries on the server are md5sum'ed, the server is misconfigured
16:12
If you use PWMERGE to forward shadow entries, then ltsp copies them as is
16:12
By default, ltsp doesn't process shadow
16:12
<err404[m]>
my /etc/shadow entries are sha-512
16:13
<alkisg>
It doesn't include it in the image or in ltsp initrd
16:13
OK, and where do you see the md5sum entries?
16:13
<err404[m]>
I only read it in the doc, as example, sorry
16:14
<alkisg>
Ah maybe you mean some old example that I copied from some older ubuntu system, with existing shadow entries, that were not related by ltsp
16:14
*created by ltsp
16:15
err404: if you're talking about the URL you pasted, that's NOT md5sum. It's base64
16:15
That's a completely different thing. It's a method to tell LTSP your actual password, NOT the hash, so that it can use it for autologin via ssh
16:15
<err404[m]>
hat's NOT md5sum. It's base64 <-- ooops, sorry again 😛
16:15
<alkisg>
In that case, ltsp needs the password, not the hash; and base64 just encrypts it just a bit, to avoid over the shoulder watchers
16:16
<err404[m]>
but, I seen that users are imported to ltsp client (even on yhe debian live), I hoped same about passords
16:17
<alkisg>
To be safe, ltsp doesn't includes passwords or hashes in the image by default
16:17
You can add them with the PWMERGE ltsp.conf directive
16:18
<err404[m]>
ok, so, the PWMERGE ltsp.conf directive is mandatory, that is clear now for me, thanks
16:20
<alkisg>
err404: it's ONLY mandatory if you want to include local users
16:23
(and if you don't want base64 passwords)
16:25
<vsuojanen[m]>
And you can use the simple ltsp.conf [clients] hash method also. Just don't do it for root but for some other local username (If when creating The locale homes during client boot
16:26
<tru_tru>
x86_64 chrootless + PASSWORDS_x is not working for me [clients] or [:mac:] -> the teacher account does not show in /etc/passwd|shadow (ssh login for root with ssh keys works fine to login into the booted client)
16:29
<vsuojanen[m]>
vsuojanen[m]: I mean POST_INIT_SET_ROOT_HASH method works for normal usernames also
16:30
<alkisg>
tru_tru: the teacher account exists on the server but not on the client?
16:30
<tru_tru>
no teacher does not exist on ltsp server
16:31
no, the teacher account does not exist on ltsp server
16:31
<alkisg>
LTSP doesn't create user accounts
16:31
If you want to create them dynamically, you need to call adduser in POST_INIT something
16:31
<tru_tru>
ack'ed
16:31
<alkisg>
(or useradd)
16:31
tru_tru: is this supposed to be a local user, with a local home partition?
16:32
Where will /home/teacher come from? local, sshfs, nfs, tmpfs?
16:32
<tru_tru>
yes, local ephemeral user on the client only
16:32
<alkisg>
OK then calling useradd in POST_INIT should also create a temp home
16:33
<tru_tru>
ie no NFS, no sshfs, just on the client without touching the local storage
16:33
<alkisg>
(assuming you have enough RAM for all that)
16:33
<tru_tru>
right (for RAM restriction)
16:33
what is tmpfs VS local ?
16:33
<alkisg>
I think there should be a kiosk-related discussion somewhere on github/ltsp, that demonstrates useradd. Or in the wiki.
16:34
Local means home=/dev/sda1, while tmpfs means ram
16:34
<tru_tru>
one could 'mkfs.xfs /dev/sda && mount /dev/sda /home' in init ?
16:36
<err404[m]>
yes, we need specific pas for users (add users, importing users, password ...)
16:36
* yes, we need specific wiki page for users (add users, importing users, password ...)
16:36
<tru_tru>
PASSWORDS_x is just for changing password, but not creating accounts... I was a little confused by that.
16:37
<vsuojanen[m]>
does mksf programs exist in The initramfs?
16:37
<alkisg>
Sure, one could do that
16:37
<tru_tru>
I assumed (wrongly) that it would spit an error and/or create the account on the fly! Now that is cleared, I can proceed with my testing.
16:37
<alkisg>
init isn't the initramfs
16:38
It's like init=/bin/bash
16:38
POST_INITRD_BOTTOM => initramfs, POST_INIT => real root
16:38* tru_tru waves, week-end duties calling
16:38
<alkisg>
Cheers
16:39
<vsuojanen[m]>
* waves
17:03wyre is back
17:47shored is back
18:00vagrantc has joined IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:20)
20:55Lantizia has left IRC (Lantizia!~Lantizia@user/lantizia, Ping timeout: 264 seconds)
21:18wyre is now away: Auto away at Fri Feb 10 21:18:24 2023 UTC
23:50vagrantc has left IRC (vagrantc!~vagrant@2600:3c01:e000:21:7:77:0:20, Quit: leaving)
23:58ricotz has left IRC (ricotz!~ricotz@ubuntu/member/ricotz, Quit: Leaving)