From brian at portsmouth-college.ac.uk Mon Oct 1 10:11:05 2007 From: brian at portsmouth-college.ac.uk (Brian Chivers) Date: Mon, 01 Oct 2007 11:11:05 +0100 Subject: [K12OSN] SambaLDAP question In-Reply-To: <1190996511.31843.86.camel@cube.tobyhouse.com> References: <20070927160025.CBA9C736DB@hormel.redhat.com> <1190921953.8388.34.camel@sabre> <46FCFBEB.3040006@portsmouth-college.ac.uk> <1190996511.31843.86.camel@cube.tobyhouse.com> Message-ID: <4700C7B9.7060503@portsmouth-college.ac.uk> Craig White wrote: > On Fri, 2007-09-28 at 14:04 +0100, Brian Chivers wrote: >> John Ingleby wrote: >>> We successfully joined the first XP Pro machine to our Samba LDAP >>> domain, but further machines simply return the error message "The >>> specified domain either does not exist or could not be contacted". >>> >>> We're using K12LTSP v5.0 for the classroom thin client server, with >>> CentOS 5 for the backend file & authentication server. With donated >>> machines and classes of 12-15 this seems the way to go. >>> >>> The important Windows XP Pro client registry settings are all the same, >>> so most likely we have somehow varied the procedure for adding machine >>> accounts. Can anyone point me to a detailed step-by-step howto for >>> adding machine accounts & joining Windows machines to the SambaLDAP >>> domain? >>> >>> The various LDAP-Samba HowTos are great for setting up Samba, and we >>> appear to have completed those steps successfully. However, I cannot >>> find a sufficiently detailed explanation of the subsequent steps for >>> >>> a) setting up machine accounts with SambaLDAP >> This should be managed using the smbldap-passwd scripts with a section like this in your smb.conf file >> >> # use the smbldap-tools scripts >> add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" >> #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" >> add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" >> add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" >> #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" >> add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" >> delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" >> set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u" >> >> >>> b) creating the Samba (or LDAP?) root user & password >> smbpasswd -a root >> >> where this is a DIFFERENT password to you linux root password >> >>> c) joining XP Pro machines to the domain >> Right click on My computer, Properties, Computer Name, Then click on the change button next to the line >> >> To rename the computer or join a domain ..... >> >> Hope this help at least get you started :-) >> > ---- > above is good but I would wonder about the wisdom of having a user root > in LDAP or smbpasswd > > Since OP is using LTSP-5 (CentOS-5) he is running recent samba and > therefore, a full set of privileges is described here: > http://samba.org/samba/docs/man/Samba-HOWTO-Collection/rights.html > > and I wouldn't recommend having a user 'root' in LDAP unless you > definitely know what you're doing. The machine should have a local root > user. That local root user really doesn't need to be a samba user. > > As described in the link above, the user Administrator should be created > with whatever uid, and the well-known RID of 500 > You can have a different password for the root LDAP user and local "all powerful" root, there is no way I'd have the same password. Brian ------------------------------------------------------------------------------------------------ The views expressed here are my own and not necessarily the views of Portsmouth College From mneves at ccems.pt Mon Oct 1 11:52:32 2007 From: mneves at ccems.pt (Marco Neves) Date: Mon, 1 Oct 2007 12:52:32 +0100 Subject: [K12OSN] Block all services: except http Message-ID: <001201c80421$90b03cc0$5716a8c0@olimpo.local> Hi all, We have a k12ltsp server (version 6.0 ) in our school, with 10 terminals. The terminals are used to produce some openoffice documents and in the majority to surf in the internet. The problem is that the students access the windows shares and another shares in the windows machines (we have passwords in the shares :-) ). How can i block the access to all services except "web access". It can be done with iptables? Our there is another simply way to do it? The server as two nic?s: one for the network for the terminals (eth0), and another receiving dynamic ip (eth1: this is the nic that gives accesso to the web) from a windows server. Thanks in advanced. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mblinn at peopleplaces.org Mon Oct 1 12:13:22 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Mon, 01 Oct 2007 08:13:22 -0400 Subject: [K12OSN] Block all services: except http In-Reply-To: <001201c80421$90b03cc0$5716a8c0@olimpo.local> References: <001201c80421$90b03cc0$5716a8c0@olimpo.local> Message-ID: <4700E462.7040107@peopleplaces.org> Yes, you do this with iptables. My firewall scripts are in /etc/sysconfig/iptables - you'll probably want to work off the template there. IE, default to ACCEPT, then allow everything already started (-m state --state ESTABLISHED,RELATED -j ACCEPT) then allow in port 80 (-m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT) and then drop everything else at the end (-j REJECT --reject-with icmp-host-prohibited) -Michael Marco Neves wrote: > Hi all, > > We have a k12ltsp server (version 6.0 ) in our school, with 10 > terminals. The terminals are used to produce some openoffice documents > and in the majority to surf in the internet. The problem is that the > students access the windows shares and another shares in the windows > machines (we have passwords in the shares :-) ). How can i block the > access to all services except "web access". It can be done with > iptables? Our there is another simply way to do it? > > The server as two nic?s: one for the network for the terminals (eth0), > and another receiving dynamic ip (eth1: this is the nic that gives > accesso to the web) from a windows server. > > > Thanks in advanced. > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- CONFIDENTIALITY NOTICE: This message, and any attachments that may accompany it, contain information that is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If the recipient of this message is not the intended recipient, any disclosure, copying, or other use of this communication or any of the information, which it contains is unauthorized and prohibited. If you have received this message in error, please notify the original sender by return mail and delete this message, along with any attachments, from your computer. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From linux at cotmac-proex.com Mon Oct 1 12:35:24 2007 From: linux at cotmac-proex.com (info) Date: Mon, 01 Oct 2007 18:05:24 +0530 Subject: [K12OSN] Server Sizing for 150 Users Message-ID: <4700E98C.2030300@cotmac-proex.com> Hello, I want to use a X-server for following applications , what should be the ideal server sizing for the 150 nos of thin-client 1) ICEwm 2) Netscape 7.0 for specific application 3) Firefox 2.0 4) Open-office 2.3 5) Mail-client Sylpheed Which RAID configuration i should use. I am planning a Xeon Dual processor server with 4 GB of RAM, Regards K.Dinesh From asmo.koskinen at arkki.info Mon Oct 1 13:41:16 2007 From: asmo.koskinen at arkki.info (Asmo Koskinen) Date: Mon, 01 Oct 2007 16:41:16 +0300 Subject: [K12OSN] Server Sizing for 150 Users In-Reply-To: <4700E98C.2030300@cotmac-proex.com> References: <4700E98C.2030300@cotmac-proex.com> Message-ID: <4700F8FC.8050307@arkki.info> info kirjoitti: > I am planning a Xeon Dual processor server with 4 GB of RAM, > From another list: http://marc.info/?l=ltsp-discuss&m=119118468518812&w=2 I have 113 clients and 2 servers, both 2xXeon Dual processors and 6 GB RAM. Home is another server (nfs). Login is by passwd-file, no ldap or something. http://wiki.ubuntu-fi.org/Wiki/LTSP_Ohjeita We use vanilla Ubuntu 6.06.1 with Gnome, FF, OOo etc. And Java. Truth is somewhere between, I think. Best regards Asmo Koskinen. From microman at cmosnetworks.com Mon Oct 1 15:10:21 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Mon, 01 Oct 2007 11:10:21 -0400 Subject: [K12OSN] Server Sizing for 150 Users In-Reply-To: <4700E98C.2030300@cotmac-proex.com> References: <4700E98C.2030300@cotmac-proex.com> Message-ID: <47010DDD.6050202@cmosnetworks.com> info wrote: > Hello, > I want to use a X-server for following applications , what should be > the ideal server sizing for the 150 nos of thin-client > 1) ICEwm > 2) Netscape 7.0 for specific application > 3) Firefox 2.0 > 4) Open-office 2.3 > 5) Mail-client Sylpheed > Which RAID configuration i should use. > > I am planning a Xeon Dual processor server with 4 GB of RAM, > > Regards > K.Dinesh With all those users, I'd go at least quad-processor with 16GB DRAM. Multiple Gig-E interfaces in a "multi-link" configuration is also needed. For RAID configuration, SCSI is your friend here. Assuming that you're storing your users' data on the same server, RAID 5 is the minimum, and if you can afford RAID 10, that's even better. Is there any reason why you cannot split up the 150 users onto multiple servers? --TP _______________________________ Do you GNU!? Microsoft Free since 2003 --the ultimate antivirus protection! -------------- next part -------------- An HTML attachment was scrubbed... URL: From ssh at tranquility.net Mon Oct 1 15:10:31 2007 From: ssh at tranquility.net (ssh at tranquility.net) Date: Mon, 1 Oct 2007 10:10:31 -0500 (CDT) Subject: [K12OSN] mixing IDE and SATA In-Reply-To: <20070929105817.R21989@dyyme.pair.com> References: <715471.66408.qm@web55606.mail.re4.yahoo.com> <37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl> <46FC9D1D.6030401@cmosnetworks.com> <9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl> <46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> <20070929105817.R21989@dyyme.pair.com> Message-ID: I am putting together a test/home server, and will have to mix one IDE drive and one SATA drive (based on the parts I have). The IDE drive will be master to the CD/DVD's slave. It will be K12LTSP v6 (I could never get v7 to install, tried on both Intel and AMD test machines). What would be a good mix of partitioning for this setup? This will be using tape for backup, so no HD resources need be reserved for that. From ssh at tranquility.net Mon Oct 1 15:31:27 2007 From: ssh at tranquility.net (ssh at tranquility.net) Date: Mon, 1 Oct 2007 10:31:27 -0500 (CDT) Subject: [K12OSN] mixing IDE and SATA In-Reply-To: References: <715471.66408.qm@web55606.mail.re4.yahoo.com> <37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl> <46FC9D1D.6030401@cmosnetworks.com> <9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl> <46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> <20070929105817.R21989@dyyme.pair.com> Message-ID: Perhaps a more accurate question on this, would the OS or /home be better suited for one drive of the other? This will not have a lot of clients on at one time, and it will have 2 gig of ram. From cockrell at honeygroveisd.net Mon Oct 1 16:04:52 2007 From: cockrell at honeygroveisd.net (Mark Cockrell) Date: Mon, 01 Oct 2007 11:04:52 -0500 Subject: [K12OSN] Re: K12OSN Digest, Vol 44, Issue 1 In-Reply-To: <20071001160020.47E447331C@hormel.redhat.com> References: <20071001160020.47E447331C@hormel.redhat.com> Message-ID: <47011AA4.3000807@honeygroveisd.net> >>> John Ingleby wrote: >>>> We successfully joined the first XP Pro machine to our Samba LDAP >>>> domain, but further machines simply return the error message "The >>>> specified domain either does not exist or could not be contacted". >>>> >>>> We're using K12LTSP v5.0 for the classroom thin client server, with >>>> CentOS 5 for the backend file & authentication server. With donated >>>> machines and classes of 12-15 this seems the way to go. >>>> >>>> The important Windows XP Pro client registry settings are all the >>>> same, >>>> so most likely we have somehow varied the procedure for adding machine >>>> accounts. Can anyone point me to a detailed step-by-step howto for >>>> adding machine accounts & joining Windows machines to the SambaLDAP >>>> domain? >>>> >>>> The various LDAP-Samba HowTos are great for setting up Samba, and we >>>> appear to have completed those steps successfully. However, I cannot >>>> find a sufficiently detailed explanation of the subsequent steps for >>>> >>>> a) setting up machine accounts with SambaLDAP >>> This should be managed using the smbldap-passwd scripts with a >>> section like this in your smb.conf file >>> >>> # use the smbldap-tools scripts >>> add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" >>> #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" >>> add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" >>> add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" >>> #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" >>> add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m >>> "%u" "%g" >>> delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod >>> -x "%u" "%g" >>> set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g >>> "%g" "%u" >>> >>> >>>> b) creating the Samba (or LDAP?) root user & password >>> smbpasswd -a root >>> >>> where this is a DIFFERENT password to you linux root password >>> >>>> c) joining XP Pro machines to the domain >>> Right click on My computer, Properties, Computer Name, Then click on >>> the change button next to the line >>> >>> To rename the computer or join a domain ..... >>> >>> Hope this help at least get you started :-) >>> >> ---- >> above is good but I would wonder about the wisdom of having a user root >> in LDAP or smbpasswd >> >> Since OP is using LTSP-5 (CentOS-5) he is running recent samba and >> therefore, a full set of privileges is described here: >> http://samba.org/samba/docs/man/Samba-HOWTO-Collection/rights.html >> >> and I wouldn't recommend having a user 'root' in LDAP unless you >> definitely know what you're doing. The machine should have a local root >> user. That local root user really doesn't need to be a samba user. >> >> As described in the link above, the user Administrator should be created >> with whatever uid, and the well-known RID of 500 >> > > You can have a different password for the root LDAP user and local > "all powerful" root, there is no > way I'd have the same password. > > Brian > > ------------------------------------------------------------------------------------------------ > > The views expressed here are my own and not necessarily > > the views of Portsmouth College John, I've seen this behavior before. If you use the "Network ID Wizard" it'll add to the domain every time. If you simply change the workgroup it may or may not work. From lnkemp at bolivar.k12.mo.us Mon Oct 1 16:10:46 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Mon, 1 Oct 2007 11:10:46 -0500 Subject: [K12OSN] References: <715471.66408.qm@web55606.mail.re4.yahoo.com><37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl><46FC9D1D.6030401@cmosnetworks.com><9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl><46FD3DC5.8020101@cmosnetworks.com><1191003954.31843.103.camel@cube.tobyhouse.com> <20070929105817.R21989@dyyme.pair.com> Message-ID: Sorry Tom, We don't use Read 180, just SRC and SRI. All I did for those was to complete one windows installation and copy the program folders. All the files are right there. Which is great because the installation takes forever, which is odd considering the folders are about 30mb. I do the same thing for windows clients too. Actually I put them all on a server and just let em run it from there, seems to be the way my boss likes to do all the apps. Back to Read 180 though, what it the difference between it and SRC? Levi Kemp Technology Specialist Bolivar R-1 Schools 417-328-8943 lnkemp at bolivar.k12.mo.us ________________________________ From: k12osn-bounces at redhat.com on behalf of Tom Wolfe Sent: Sat 9/29/2007 9:59 AM To: Support list for open source software in schools. Subject: Re: [K12OSN] Oh come on, the drama is what makes life worth living. So Levi -- Scholastic, you have it working on K12LTSP??? Do you have Read180 working too? I would really be interested in a little how-to or something. I can get everything BUT Read 180 to work over Terminal Services (it's killing me but it works). Regards, Tom Wolfe Morley, AB On Fri, 28 Sep 2007, Craig White wrote: > On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: >> Hello everyone, >> It's been too long since I've checked the list. I've had a lot >> of "fun" working with our LTSP lab. I finally resolved my issue with >> scholastic software. Even though I was able to get the older version >> working in the lab, it came down to the fact that the database wasn't >> stable. According to scholastic, "It is self-corrupting, two minutes >> after running the maintenance you WILL have errors in it again." So we >> upgraded to the new Enterprise Edition", which runs on a MySql database, >> using a flash player as a browser on the client to access the apps on >> the server. It uses Jboss as the appliation server. Funny how almost all >> of the software used open source, good side though, wine opens the >> executable to run any of the apps and uses native flash player, java, >> adobe, etc. So there is one problem solved. Unfortunately I'm still >> having a problem with a network drive that the school uses for both a >> digital dropbox and a basic application server for apps like microtype >> and geometer sketchpad. No on seems to have write access to the mounted >> drive and that is the main problem. It seems like it shouldn't be a hard >> thing to figure out, but I haven't had as much time to spend on it as I >> need to. Where should I start looking to fix this aside from chmod, >> because that doesn't seem to do it. If you need more info let me know, >> I'm hoping to get it fixed by Monday, otherwise I may be forced into a >> Microsoft Terminal setup, and that would kill me. > ---- > spare us the drama > > is the mount read only? on a computer that doesn't have write access to > the mounted drive, can you run the command... > > mount > > and report back to us? > > -- > Craig White > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see > -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 6485 bytes Desc: not available URL: From craig at tobyhouse.com Mon Oct 1 16:29:15 2007 From: craig at tobyhouse.com (Craig White) Date: Mon, 01 Oct 2007 09:29:15 -0700 Subject: [K12OSN] SambaLDAP question In-Reply-To: <4700C7B9.7060503@portsmouth-college.ac.uk> References: <20070927160025.CBA9C736DB@hormel.redhat.com> <1190921953.8388.34.camel@sabre> <46FCFBEB.3040006@portsmouth-college.ac.uk> <1190996511.31843.86.camel@cube.tobyhouse.com> <4700C7B9.7060503@portsmouth-college.ac.uk> Message-ID: <1191256155.3387.9.camel@cube.tobyhouse.com> On Mon, 2007-10-01 at 11:11 +0100, Brian Chivers wrote: > Craig White wrote: > > On Fri, 2007-09-28 at 14:04 +0100, Brian Chivers wrote: > >> John Ingleby wrote: > >>> We successfully joined the first XP Pro machine to our Samba LDAP > >>> domain, but further machines simply return the error message "The > >>> specified domain either does not exist or could not be contacted". > >>> > >>> We're using K12LTSP v5.0 for the classroom thin client server, with > >>> CentOS 5 for the backend file & authentication server. With donated > >>> machines and classes of 12-15 this seems the way to go. > >>> > >>> The important Windows XP Pro client registry settings are all the same, > >>> so most likely we have somehow varied the procedure for adding machine > >>> accounts. Can anyone point me to a detailed step-by-step howto for > >>> adding machine accounts & joining Windows machines to the SambaLDAP > >>> domain? > >>> > >>> The various LDAP-Samba HowTos are great for setting up Samba, and we > >>> appear to have completed those steps successfully. However, I cannot > >>> find a sufficiently detailed explanation of the subsequent steps for > >>> > >>> a) setting up machine accounts with SambaLDAP > >> This should be managed using the smbldap-passwd scripts with a section like this in your smb.conf file > >> > >> # use the smbldap-tools scripts > >> add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u" > >> #delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u" > >> add machine script = /opt/IDEALX/sbin/smbldap-useradd -w "%u" > >> add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g" > >> #delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g" > >> add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m "%u" "%g" > >> delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g" > >> set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g "%g" "%u" > >> > >> > >>> b) creating the Samba (or LDAP?) root user & password > >> smbpasswd -a root > >> > >> where this is a DIFFERENT password to you linux root password > >> > >>> c) joining XP Pro machines to the domain > >> Right click on My computer, Properties, Computer Name, Then click on the change button next to the line > >> > >> To rename the computer or join a domain ..... > >> > >> Hope this help at least get you started :-) > >> > > ---- > > above is good but I would wonder about the wisdom of having a user root > > in LDAP or smbpasswd > > > > Since OP is using LTSP-5 (CentOS-5) he is running recent samba and > > therefore, a full set of privileges is described here: > > http://samba.org/samba/docs/man/Samba-HOWTO-Collection/rights.html > > > > and I wouldn't recommend having a user 'root' in LDAP unless you > > definitely know what you're doing. The machine should have a local root > > user. That local root user really doesn't need to be a samba user. > > > > As described in the link above, the user Administrator should be created > > with whatever uid, and the well-known RID of 500 > > > > You can have a different password for the root LDAP user and local "all powerful" root, there is no > way I'd have the same password. > ---- probably not worth arguing a fine point that is more or less a personal method but having both a root user in /etc/passwd and ldap generates confusion and also error reports in LDAP logs if nothing less. you can have a user with a UID of 0 and it doesn't have to be named root if that is what you want...superuser powers on various machines and not generate the errors and the confusion. For the purposes of LTSP, there is no need to have a user 'root' in LDAP. For the purposes of Samba, <= 3.0.10, there was a practical benefit of having a 'superuser' who could create directories and join Windows machines to the domain, but the developers of samba saw fit to remove that requirement starting with version 3.0.11 where a Microsoft methodology of assigning privileges to individual users became a reasonable, practical and more secure option...that was the point of the link that I referenced. If you choose to keep a superuser in LDAP (uid=0), you probably don't want to have it called 'root' and it's likely that you are either using an old version of samba (3.0.10 or older), or simply choose convenience over security. I'm trying to suggest better practices rather than that which is easy. -- Craig White From lnkemp at bolivar.k12.mo.us Mon Oct 1 17:49:18 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Mon, 1 Oct 2007 12:49:18 -0500 Subject: [K12OSN] References: <715471.66408.qm@web55606.mail.re4.yahoo.com><37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl><46FC9D1D.6030401@cmosnetworks.com><9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl><46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> Message-ID: Here is my print out from mount: /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/cciss/c0d0p1 on /boot type ext3 (rw) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) //luke/apps on /mnt/M type cifs (rw,mand) //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) nfsd on /proc/fs/nfsd type nfsd (rw) //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) The folder in question is //luke/apps All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. Levi Kemp Technology Specialist Bolivar R-1 Schools 417-328-8943 lnkemp at bolivar.k12.mo.us -----Original Message----- From: k12osn-bounces at redhat.com on behalf of Craig White Sent: Fri 9/28/2007 1:25 PM To: Support list for open source software in schools. Subject: Re: [K12OSN] On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: > Hello everyone, > It's been too long since I've checked the list. I've had a lot > of "fun" working with our LTSP lab. I finally resolved my issue with > scholastic software. Even though I was able to get the older version > working in the lab, it came down to the fact that the database wasn't > stable. According to scholastic, "It is self-corrupting, two minutes > after running the maintenance you WILL have errors in it again." So we > upgraded to the new Enterprise Edition", which runs on a MySql database, > using a flash player as a browser on the client to access the apps on > the server. It uses Jboss as the appliation server. Funny how almost all > of the software used open source, good side though, wine opens the > executable to run any of the apps and uses native flash player, java, > adobe, etc. So there is one problem solved. Unfortunately I'm still > having a problem with a network drive that the school uses for both a > digital dropbox and a basic application server for apps like microtype > and geometer sketchpad. No on seems to have write access to the mounted > drive and that is the main problem. It seems like it shouldn't be a hard > thing to figure out, but I haven't had as much time to spend on it as I > need to. Where should I start looking to fix this aside from chmod, > because that doesn't seem to do it. If you need more info let me know, > I'm hoping to get it fixed by Monday, otherwise I may be forced into a > Microsoft Terminal setup, and that would kill me. ---- spare us the drama is the mount read only? on a computer that doesn't have write access to the mounted drive, can you run the command... mount and report back to us? -- Craig White _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 4525 bytes Desc: not available URL: From craig at tobyhouse.com Mon Oct 1 18:07:51 2007 From: craig at tobyhouse.com (Craig White) Date: Mon, 01 Oct 2007 11:07:51 -0700 Subject: [K12OSN] In-Reply-To: References: <715471.66408.qm@web55606.mail.re4.yahoo.com> <37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl> <46FC9D1D.6030401@cmosnetworks.com> <9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl> <46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> Message-ID: <1191262071.3387.30.camel@cube.tobyhouse.com> If you look directly on the computer named //LUKE and the folder that is shared as 'apps' - it would appear that a typical user doesn't have write access. Windows 2000 Server (and Windows 2003 server also) have a nice tool built-in to test user privileges...right click on a folder and choose Properties => Security => Advanced => User then you can locate a user and see his privileges on that folder. is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't have write access how are ltsp users authenticated? By local /etc/passwd entry? by winbindd from Windows Server? Craig On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: > Here is my print out from mount: > > /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) > proc on /proc type proc (rw) > sysfs on /sys type sysfs (rw) > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > /dev/cciss/c0d0p1 on /boot type ext3 (rw) > tmpfs on /dev/shm type tmpfs (rw) > none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) > sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) > //luke/apps on /mnt/M type cifs (rw,mand) > //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) > //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) > nfsd on /proc/fs/nfsd type nfsd (rw) > //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) > //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) > //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) > //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) > //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) > > The folder in question is //luke/apps > All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Fri 9/28/2007 1:25 PM > To: Support list for open source software in schools. > Subject: Re: [K12OSN] > > On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: > > Hello everyone, > > It's been too long since I've checked the list. I've had a lot > > of "fun" working with our LTSP lab. I finally resolved my issue with > > scholastic software. Even though I was able to get the older version > > working in the lab, it came down to the fact that the database wasn't > > stable. According to scholastic, "It is self-corrupting, two minutes > > after running the maintenance you WILL have errors in it again." So we > > upgraded to the new Enterprise Edition", which runs on a MySql database, > > using a flash player as a browser on the client to access the apps on > > the server. It uses Jboss as the appliation server. Funny how almost all > > of the software used open source, good side though, wine opens the > > executable to run any of the apps and uses native flash player, java, > > adobe, etc. So there is one problem solved. Unfortunately I'm still > > having a problem with a network drive that the school uses for both a > > digital dropbox and a basic application server for apps like microtype > > and geometer sketchpad. No on seems to have write access to the mounted > > drive and that is the main problem. It seems like it shouldn't be a hard > > thing to figure out, but I haven't had as much time to spend on it as I > > need to. Where should I start looking to fix this aside from chmod, > > because that doesn't seem to do it. If you need more info let me know, > > I'm hoping to get it fixed by Monday, otherwise I may be forced into a > > Microsoft Terminal setup, and that would kill me. > ---- > spare us the drama > > is the mount read only? on a computer that doesn't have write access to > the mounted drive, can you run the command... > > mount > > and report back to us? > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White From craig at tobyhouse.com Mon Oct 1 18:22:54 2007 From: craig at tobyhouse.com (Craig White) Date: Mon, 01 Oct 2007 11:22:54 -0700 Subject: [K12OSN] ltsp 6 and kde kiosktool Message-ID: <1191262974.3387.38.camel@cube.tobyhouse.com> Trying to lock down some settings for users with the kiosktool from kde. For those who are unfamiliar with kiosktool, it adds paths to the hierarchy for kde settings. It doesn't work out of the box on ltsp-6 I am trying to get it to work. I created a symbolic link from ltsp's /etc/kde-profile directory to the terminal distribution etc directory... ln -s /etc/kde-profile /opt/ltsp/ppc/etc ln -s /etc/kde-profile /opt/ltsp/i386/etc then I added the following to /etc/profile.d/kde.sh [ -z "$KDEDIRS" ] && KDEDIRS="/etc/kde-profile/default:/etc/kde-profile" export KDEDIRS I can see that the KDEDIRS variable is captured by a new login and that the user is affected but it still doesn't work. Any suggestions? -- Craig White From microman at cmosnetworks.com Mon Oct 1 18:23:13 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Mon, 01 Oct 2007 14:23:13 -0400 Subject: [K12OSN] mixing IDE and SATA In-Reply-To: References: <715471.66408.qm@web55606.mail.re4.yahoo.com> <37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl> <46FC9D1D.6030401@cmosnetworks.com> <9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl> <46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> <20070929105817.R21989@dyyme.pair.com> Message-ID: <47013B11.1010909@cmosnetworks.com> Depends on what you're doing. If you're manipulating a lot of data on /home a lot of the time, then put /home on SATA. If you're not (my home server's similar to yours, except I'm doing mirrored IDE), then it's pretty much a wash. Just remember to tell your BIOS which one (IDE or SATA) that you're booting from first! --TP _______________________________ Do you GNU!? Microsoft Free since 2003 --the ultimate antivirus protection! ssh at tranquility.net wrote: > Perhaps a more accurate question on this, would the OS or /home be > better suited for one drive of the other? This will not have a lot of > clients on at one time, and it will have 2 gig of ram. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From robark at gmail.com Mon Oct 1 19:27:36 2007 From: robark at gmail.com (Robert Arkiletian) Date: Mon, 1 Oct 2007 12:27:36 -0700 Subject: [K12OSN] Disable Disk Cache in Opera Message-ID: I took a look at iostat and I think browser caching is a major source of disk activity in /home. Therefore, I am using squid as a caching web proxy so I want to prevent everyone caching pages individually. Hence, I tried to disable Disk cache using these instructions http://www.opera.com/support/usingopera/operaini/ http://www.opera.com/support/mastering/sysadmin/ I edited /etc/opera6rc.fixed [Disk Cache] Enabled=0 and also tried Size=0 After restarting Opera it reports that indeed Disk cache is Off in Tools->Preferences->Advanced->History but it still is caching if I look in ~/.opera/cache4/ when I am browsing. Does anyone know how to really disable Disk Caching in Opera 9.23? -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From lnkemp at bolivar.k12.mo.us Mon Oct 1 19:39:28 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Mon, 1 Oct 2007 14:39:28 -0500 Subject: [K12OSN] References: <715471.66408.qm@web55606.mail.re4.yahoo.com><37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl><46FC9D1D.6030401@cmosnetworks.com><9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl><46FD3DC5.8020101@cmosnetworks.com><1191003954.31843.103.camel@cube.tobyhouse.com> <1191262071.3387.30.camel@cube.tobyhouse.com> Message-ID: Apps is mounted on M by root. And as far as security on the windows server all users have read/write access to the main apps folder, sub-folders vary by depending on use. Users are authenticated against a windows AD using winbind, that's the reason their home directories mount correctly. But would it be bad for the LTSP server to mount luke seperately for each user? If that would work, I'd just go that route. Levi Kemp Technology Specialist Bolivar R-1 Schools 417-328-8943 lnkemp at bolivar.k12.mo.us -----Original Message----- From: k12osn-bounces at redhat.com on behalf of Craig White Sent: Mon 10/1/2007 1:07 PM To: Support list for open source software in schools. Subject: RE: [K12OSN] If you look directly on the computer named //LUKE and the folder that is shared as 'apps' - it would appear that a typical user doesn't have write access. Windows 2000 Server (and Windows 2003 server also) have a nice tool built-in to test user privileges...right click on a folder and choose Properties => Security => Advanced => User then you can locate a user and see his privileges on that folder. is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't have write access how are ltsp users authenticated? By local /etc/passwd entry? by winbindd from Windows Server? Craig On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: > Here is my print out from mount: > > /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) > proc on /proc type proc (rw) > sysfs on /sys type sysfs (rw) > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > /dev/cciss/c0d0p1 on /boot type ext3 (rw) > tmpfs on /dev/shm type tmpfs (rw) > none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) > sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) > //luke/apps on /mnt/M type cifs (rw,mand) > //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) > //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) > nfsd on /proc/fs/nfsd type nfsd (rw) > //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) > //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) > //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) > //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) > //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) > > The folder in question is //luke/apps > All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Fri 9/28/2007 1:25 PM > To: Support list for open source software in schools. > Subject: Re: [K12OSN] > > On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: > > Hello everyone, > > It's been too long since I've checked the list. I've had a lot > > of "fun" working with our LTSP lab. I finally resolved my issue with > > scholastic software. Even though I was able to get the older version > > working in the lab, it came down to the fact that the database wasn't > > stable. According to scholastic, "It is self-corrupting, two minutes > > after running the maintenance you WILL have errors in it again." So we > > upgraded to the new Enterprise Edition", which runs on a MySql database, > > using a flash player as a browser on the client to access the apps on > > the server. It uses Jboss as the appliation server. Funny how almost all > > of the software used open source, good side though, wine opens the > > executable to run any of the apps and uses native flash player, java, > > adobe, etc. So there is one problem solved. Unfortunately I'm still > > having a problem with a network drive that the school uses for both a > > digital dropbox and a basic application server for apps like microtype > > and geometer sketchpad. No on seems to have write access to the mounted > > drive and that is the main problem. It seems like it shouldn't be a hard > > thing to figure out, but I haven't had as much time to spend on it as I > > need to. Where should I start looking to fix this aside from chmod, > > because that doesn't seem to do it. If you need more info let me know, > > I'm hoping to get it fixed by Monday, otherwise I may be forced into a > > Microsoft Terminal setup, and that would kill me. > ---- > spare us the drama > > is the mount read only? on a computer that doesn't have write access to > the mounted drive, can you run the command... > > mount > > and report back to us? > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 5341 bytes Desc: not available URL: From craig at tobyhouse.com Mon Oct 1 20:33:20 2007 From: craig at tobyhouse.com (Craig White) Date: Mon, 01 Oct 2007 13:33:20 -0700 Subject: [K12OSN] In-Reply-To: References: <715471.66408.qm@web55606.mail.re4.yahoo.com> <37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl> <46FC9D1D.6030401@cmosnetworks.com> <9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl> <46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> <1191262071.3387.30.camel@cube.tobyhouse.com> Message-ID: <1191270800.3387.53.camel@cube.tobyhouse.com> if Apps is mounted by root, then root owns the mount and all files/folders - that's something you can easily confirm from any workstation. On Mon, 2007-10-01 at 14:39 -0500, Kemp, Levi wrote: > Apps is mounted on M by root. And as far as security on the windows server all users have read/write access to the main apps folder, sub-folders vary by depending on use. Users are authenticated against a windows AD using winbind, that's the reason their home directories mount correctly. But would it be bad for the LTSP server to mount luke seperately for each user? If that would work, I'd just go that route. > > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Mon 10/1/2007 1:07 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > If you look directly on the computer named //LUKE and the folder that is > shared as 'apps' - it would appear that a typical user doesn't have > write access. Windows 2000 Server (and Windows 2003 server also) have a > nice tool built-in to test user privileges...right click on a folder and > choose Properties => Security => Advanced => User then you can locate a > user and see his privileges on that folder. > > is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't > have write access > > how are ltsp users authenticated? By local /etc/passwd entry? by > winbindd from Windows Server? > > Craig > > On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: > > Here is my print out from mount: > > > > /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) > > proc on /proc type proc (rw) > > sysfs on /sys type sysfs (rw) > > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > > /dev/cciss/c0d0p1 on /boot type ext3 (rw) > > tmpfs on /dev/shm type tmpfs (rw) > > none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) > > sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) > > //luke/apps on /mnt/M type cifs (rw,mand) > > //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) > > //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) > > nfsd on /proc/fs/nfsd type nfsd (rw) > > //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) > > //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) > > //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) > > //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) > > //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) > > > > The folder in question is //luke/apps > > All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. > > > > Levi Kemp > > Technology Specialist > > Bolivar R-1 Schools > > 417-328-8943 > > lnkemp at bolivar.k12.mo.us > > > > > > > > -----Original Message----- > > From: k12osn-bounces at redhat.com on behalf of Craig White > > Sent: Fri 9/28/2007 1:25 PM > > To: Support list for open source software in schools. > > Subject: Re: [K12OSN] > > > > On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: > > > Hello everyone, > > > It's been too long since I've checked the list. I've had a lot > > > of "fun" working with our LTSP lab. I finally resolved my issue with > > > scholastic software. Even though I was able to get the older version > > > working in the lab, it came down to the fact that the database wasn't > > > stable. According to scholastic, "It is self-corrupting, two minutes > > > after running the maintenance you WILL have errors in it again." So we > > > upgraded to the new Enterprise Edition", which runs on a MySql database, > > > using a flash player as a browser on the client to access the apps on > > > the server. It uses Jboss as the appliation server. Funny how almost all > > > of the software used open source, good side though, wine opens the > > > executable to run any of the apps and uses native flash player, java, > > > adobe, etc. So there is one problem solved. Unfortunately I'm still > > > having a problem with a network drive that the school uses for both a > > > digital dropbox and a basic application server for apps like microtype > > > and geometer sketchpad. No on seems to have write access to the mounted > > > drive and that is the main problem. It seems like it shouldn't be a hard > > > thing to figure out, but I haven't had as much time to spend on it as I > > > need to. Where should I start looking to fix this aside from chmod, > > > because that doesn't seem to do it. If you need more info let me know, > > > I'm hoping to get it fixed by Monday, otherwise I may be forced into a > > > Microsoft Terminal setup, and that would kill me. > > ---- > > spare us the drama > > > > is the mount read only? on a computer that doesn't have write access to > > the mounted drive, can you run the command... > > > > mount > > > > and report back to us? > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White From lnkemp at bolivar.k12.mo.us Mon Oct 1 21:38:23 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Mon, 1 Oct 2007 16:38:23 -0500 Subject: [K12OSN] References: <715471.66408.qm@web55606.mail.re4.yahoo.com><37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl><46FC9D1D.6030401@cmosnetworks.com><9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl><46FD3DC5.8020101@cmosnetworks.com><1191003954.31843.103.camel@cube.tobyhouse.com><1191262071.3387.30.camel@cube.tobyhouse.com> <1191270800.3387.53.camel@cube.tobyhouse.com> Message-ID: So is it going to be best(or easiest) to have each user mount the network drive as they log in, just like there home directory? I don't know why I didn't think of doing this before, I would have to change the links to applications on that server but it seems like it would be the quickest solution. Levi Kemp Technology Specialist Bolivar R-1 Schools 417-328-8943 lnkemp at bolivar.k12.mo.us -----Original Message----- From: k12osn-bounces at redhat.com on behalf of Craig White Sent: Mon 10/1/2007 3:33 PM To: Support list for open source software in schools. Subject: RE: [K12OSN] if Apps is mounted by root, then root owns the mount and all files/folders - that's something you can easily confirm from any workstation. On Mon, 2007-10-01 at 14:39 -0500, Kemp, Levi wrote: > Apps is mounted on M by root. And as far as security on the windows server all users have read/write access to the main apps folder, sub-folders vary by depending on use. Users are authenticated against a windows AD using winbind, that's the reason their home directories mount correctly. But would it be bad for the LTSP server to mount luke seperately for each user? If that would work, I'd just go that route. > > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Mon 10/1/2007 1:07 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > If you look directly on the computer named //LUKE and the folder that is > shared as 'apps' - it would appear that a typical user doesn't have > write access. Windows 2000 Server (and Windows 2003 server also) have a > nice tool built-in to test user privileges...right click on a folder and > choose Properties => Security => Advanced => User then you can locate a > user and see his privileges on that folder. > > is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't > have write access > > how are ltsp users authenticated? By local /etc/passwd entry? by > winbindd from Windows Server? > > Craig > > On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: > > Here is my print out from mount: > > > > /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) > > proc on /proc type proc (rw) > > sysfs on /sys type sysfs (rw) > > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > > /dev/cciss/c0d0p1 on /boot type ext3 (rw) > > tmpfs on /dev/shm type tmpfs (rw) > > none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) > > sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) > > //luke/apps on /mnt/M type cifs (rw,mand) > > //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) > > //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) > > nfsd on /proc/fs/nfsd type nfsd (rw) > > //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) > > //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) > > //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) > > //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) > > //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) > > > > The folder in question is //luke/apps > > All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. > > > > Levi Kemp > > Technology Specialist > > Bolivar R-1 Schools > > 417-328-8943 > > lnkemp at bolivar.k12.mo.us > > > > > > > > -----Original Message----- > > From: k12osn-bounces at redhat.com on behalf of Craig White > > Sent: Fri 9/28/2007 1:25 PM > > To: Support list for open source software in schools. > > Subject: Re: [K12OSN] > > > > On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: > > > Hello everyone, > > > It's been too long since I've checked the list. I've had a lot > > > of "fun" working with our LTSP lab. I finally resolved my issue with > > > scholastic software. Even though I was able to get the older version > > > working in the lab, it came down to the fact that the database wasn't > > > stable. According to scholastic, "It is self-corrupting, two minutes > > > after running the maintenance you WILL have errors in it again." So we > > > upgraded to the new Enterprise Edition", which runs on a MySql database, > > > using a flash player as a browser on the client to access the apps on > > > the server. It uses Jboss as the appliation server. Funny how almost all > > > of the software used open source, good side though, wine opens the > > > executable to run any of the apps and uses native flash player, java, > > > adobe, etc. So there is one problem solved. Unfortunately I'm still > > > having a problem with a network drive that the school uses for both a > > > digital dropbox and a basic application server for apps like microtype > > > and geometer sketchpad. No on seems to have write access to the mounted > > > drive and that is the main problem. It seems like it shouldn't be a hard > > > thing to figure out, but I haven't had as much time to spend on it as I > > > need to. Where should I start looking to fix this aside from chmod, > > > because that doesn't seem to do it. If you need more info let me know, > > > I'm hoping to get it fixed by Monday, otherwise I may be forced into a > > > Microsoft Terminal setup, and that would kill me. > > ---- > > spare us the drama > > > > is the mount read only? on a computer that doesn't have write access to > > the mounted drive, can you run the command... > > > > mount > > > > and report back to us? > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 5841 bytes Desc: not available URL: From ssh at tranquility.net Mon Oct 1 21:46:53 2007 From: ssh at tranquility.net (ssh at tranquility.net) Date: Mon, 1 Oct 2007 16:46:53 -0500 (CDT) Subject: [K12OSN] mixing IDE and SATA In-Reply-To: <47013B11.1010909@cmosnetworks.com> References: <715471.66408.qm@web55606.mail.re4.yahoo.com> <37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl> <46FC9D1D.6030401@cmosnetworks.com> <9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl> <46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> <20070929105817.R21989@dyyme.pair.com> <47013B11.1010909@cmosnetworks.com> Message-ID: Other than a few users using OpenOffice at the same time, it really won't be loaded very heavily. If it had less ram, perhaps having swap on SATA might be best, but that probably won't be a problem. thx for input! On Mon, 1 Oct 2007, "Terrell Prud? Jr." wrote: > Depends on what you're doing. If you're manipulating a lot of data on > /home a lot of the time, then put /home on SATA. If you're not (my home > server's similar to yours, except I'm doing mirrored IDE), then it's > pretty much a wash. Just remember to tell your BIOS which one (IDE or > SATA) that you're booting from first! > > --TP > _______________________________ > Do you GNU!? > Microsoft Free since 2003 --the ultimate antivirus > protection! > > > ssh at tranquility.net wrote: >> Perhaps a more accurate question on this, would the OS or /home be >> better suited for one drive of the other? This will not have a lot of >> clients on at one time, and it will have 2 gig of ram. >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see > From lnkemp at bolivar.k12.mo.us Mon Oct 1 22:08:59 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Mon, 1 Oct 2007 17:08:59 -0500 Subject: [K12OSN] Dynamic Launcher References: <715471.66408.qm@web55606.mail.re4.yahoo.com><37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl><46FC9D1D.6030401@cmosnetworks.com><9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl><46FD3DC5.8020101@cmosnetworks.com><1191003954.31843.103.camel@cube.tobyhouse.com><1191262071.3387.30.camel@cube.tobyhouse.com> <1191270800.3387.53.camel@cube.tobyhouse.com> Message-ID: Hate to reply to myself, but I wanted to say that this is going to work. I way overcomplicated this. Of cource it leads me to a new question. How do I create a dynamic launcher? One dependent on the current user logged in. For example /home/BOLIVAR/User/M/math/Sketchpad/"GSP 4.06.exe" I'm going to google for it for a while, but if anyone already knows the answer I'd appreciate it. Sorry for the drama by the way, let myself personal frustrations leak out. Thanks again. Levi Kemp Technology Specialist Bolivar R-1 Schools 417-328-8943 lnkemp at bolivar.k12.mo.us -----Original Message----- From: k12osn-bounces at redhat.com on behalf of Kemp, Levi Sent: Mon 10/1/2007 4:38 PM To: Support list for open source software in schools. Subject: RE: [K12OSN] So is it going to be best(or easiest) to have each user mount the network drive as they log in, just like there home directory? I don't know why I didn't think of doing this before, I would have to change the links to applications on that server but it seems like it would be the quickest solution. Levi Kemp Technology Specialist Bolivar R-1 Schools 417-328-8943 lnkemp at bolivar.k12.mo.us -----Original Message----- From: k12osn-bounces at redhat.com on behalf of Craig White Sent: Mon 10/1/2007 3:33 PM To: Support list for open source software in schools. Subject: RE: [K12OSN] if Apps is mounted by root, then root owns the mount and all files/folders - that's something you can easily confirm from any workstation. On Mon, 2007-10-01 at 14:39 -0500, Kemp, Levi wrote: > Apps is mounted on M by root. And as far as security on the windows server all users have read/write access to the main apps folder, sub-folders vary by depending on use. Users are authenticated against a windows AD using winbind, that's the reason their home directories mount correctly. But would it be bad for the LTSP server to mount luke seperately for each user? If that would work, I'd just go that route. > > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Mon 10/1/2007 1:07 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > If you look directly on the computer named //LUKE and the folder that is > shared as 'apps' - it would appear that a typical user doesn't have > write access. Windows 2000 Server (and Windows 2003 server also) have a > nice tool built-in to test user privileges...right click on a folder and > choose Properties => Security => Advanced => User then you can locate a > user and see his privileges on that folder. > > is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't > have write access > > how are ltsp users authenticated? By local /etc/passwd entry? by > winbindd from Windows Server? > > Craig > > On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: > > Here is my print out from mount: > > > > /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) > > proc on /proc type proc (rw) > > sysfs on /sys type sysfs (rw) > > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > > /dev/cciss/c0d0p1 on /boot type ext3 (rw) > > tmpfs on /dev/shm type tmpfs (rw) > > none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) > > sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) > > //luke/apps on /mnt/M type cifs (rw,mand) > > //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) > > //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) > > nfsd on /proc/fs/nfsd type nfsd (rw) > > //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) > > //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) > > //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) > > //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) > > //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) > > > > The folder in question is //luke/apps > > All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. > > > > Levi Kemp > > Technology Specialist > > Bolivar R-1 Schools > > 417-328-8943 > > lnkemp at bolivar.k12.mo.us > > > > > > > > -----Original Message----- > > From: k12osn-bounces at redhat.com on behalf of Craig White > > Sent: Fri 9/28/2007 1:25 PM > > To: Support list for open source software in schools. > > Subject: Re: [K12OSN] > > > > On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: > > > Hello everyone, > > > It's been too long since I've checked the list. I've had a lot > > > of "fun" working with our LTSP lab. I finally resolved my issue with > > > scholastic software. Even though I was able to get the older version > > > working in the lab, it came down to the fact that the database wasn't > > > stable. According to scholastic, "It is self-corrupting, two minutes > > > after running the maintenance you WILL have errors in it again." So we > > > upgraded to the new Enterprise Edition", which runs on a MySql database, > > > using a flash player as a browser on the client to access the apps on > > > the server. It uses Jboss as the appliation server. Funny how almost all > > > of the software used open source, good side though, wine opens the > > > executable to run any of the apps and uses native flash player, java, > > > adobe, etc. So there is one problem solved. Unfortunately I'm still > > > having a problem with a network drive that the school uses for both a > > > digital dropbox and a basic application server for apps like microtype > > > and geometer sketchpad. No on seems to have write access to the mounted > > > drive and that is the main problem. It seems like it shouldn't be a hard > > > thing to figure out, but I haven't had as much time to spend on it as I > > > need to. Where should I start looking to fix this aside from chmod, > > > because that doesn't seem to do it. If you need more info let me know, > > > I'm hoping to get it fixed by Monday, otherwise I may be forced into a > > > Microsoft Terminal setup, and that would kill me. > > ---- > > spare us the drama > > > > is the mount read only? on a computer that doesn't have write access to > > the mounted drive, can you run the command... > > > > mount > > > > and report back to us? > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 6382 bytes Desc: not available URL: From craig at tobyhouse.com Mon Oct 1 22:23:26 2007 From: craig at tobyhouse.com (Craig White) Date: Mon, 01 Oct 2007 15:23:26 -0700 Subject: [K12OSN] Dynamic Launcher In-Reply-To: References: <715471.66408.qm@web55606.mail.re4.yahoo.com> <37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl> <46FC9D1D.6030401@cmosnetworks.com> <9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl> <46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> <1191262071.3387.30.camel@cube.tobyhouse.com> <1191270800.3387.53.camel@cube.tobyhouse.com> Message-ID: <1191277406.26420.0.camel@cube.tobyhouse.com> something like "~/M/math/Sketchpad/"GSP 4.06.exe" On Mon, 2007-10-01 at 17:08 -0500, Kemp, Levi wrote: > Hate to reply to myself, but I wanted to say that this is going to work. I way overcomplicated this. Of cource it leads me to a new question. How do I create a dynamic launcher? One dependent on the current user logged in. For example /home/BOLIVAR/User/M/math/Sketchpad/"GSP 4.06.exe" I'm going to google for it for a while, but if anyone already knows the answer I'd appreciate it. Sorry for the drama by the way, let myself personal frustrations leak out. Thanks again. > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Kemp, Levi > Sent: Mon 10/1/2007 4:38 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > So is it going to be best(or easiest) to have each user mount the network drive as they log in, just like there home directory? I don't know why I didn't think of doing this before, I would have to change the links to applications on that server but it seems like it would be the quickest solution. > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Mon 10/1/2007 3:33 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > if Apps is mounted by root, then root owns the mount and all > files/folders - that's something you can easily confirm from any > workstation. > > On Mon, 2007-10-01 at 14:39 -0500, Kemp, Levi wrote: > > Apps is mounted on M by root. And as far as security on the windows server all users have read/write access to the main apps folder, sub-folders vary by depending on use. Users are authenticated against a windows AD using winbind, that's the reason their home directories mount correctly. But would it be bad for the LTSP server to mount luke seperately for each user? If that would work, I'd just go that route. > > > > > > Levi Kemp > > Technology Specialist > > Bolivar R-1 Schools > > 417-328-8943 > > lnkemp at bolivar.k12.mo.us > > > > > > > > -----Original Message----- > > From: k12osn-bounces at redhat.com on behalf of Craig White > > Sent: Mon 10/1/2007 1:07 PM > > To: Support list for open source software in schools. > > Subject: RE: [K12OSN] > > > > If you look directly on the computer named //LUKE and the folder that is > > shared as 'apps' - it would appear that a typical user doesn't have > > write access. Windows 2000 Server (and Windows 2003 server also) have a > > nice tool built-in to test user privileges...right click on a folder and > > choose Properties => Security => Advanced => User then you can locate a > > user and see his privileges on that folder. > > > > is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't > > have write access > > > > how are ltsp users authenticated? By local /etc/passwd entry? by > > winbindd from Windows Server? > > > > Craig > > > > On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: > > > Here is my print out from mount: > > > > > > /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) > > > proc on /proc type proc (rw) > > > sysfs on /sys type sysfs (rw) > > > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > > > /dev/cciss/c0d0p1 on /boot type ext3 (rw) > > > tmpfs on /dev/shm type tmpfs (rw) > > > none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) > > > sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) > > > //luke/apps on /mnt/M type cifs (rw,mand) > > > //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) > > > //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) > > > nfsd on /proc/fs/nfsd type nfsd (rw) > > > //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) > > > //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) > > > //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) > > > //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) > > > //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) > > > > > > The folder in question is //luke/apps > > > All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. > > > > > > Levi Kemp > > > Technology Specialist > > > Bolivar R-1 Schools > > > 417-328-8943 > > > lnkemp at bolivar.k12.mo.us > > > > > > > > > > > > -----Original Message----- > > > From: k12osn-bounces at redhat.com on behalf of Craig White > > > Sent: Fri 9/28/2007 1:25 PM > > > To: Support list for open source software in schools. > > > Subject: Re: [K12OSN] > > > > > > On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: > > > > Hello everyone, > > > > It's been too long since I've checked the list. I've had a lot > > > > of "fun" working with our LTSP lab. I finally resolved my issue with > > > > scholastic software. Even though I was able to get the older version > > > > working in the lab, it came down to the fact that the database wasn't > > > > stable. According to scholastic, "It is self-corrupting, two minutes > > > > after running the maintenance you WILL have errors in it again." So we > > > > upgraded to the new Enterprise Edition", which runs on a MySql database, > > > > using a flash player as a browser on the client to access the apps on > > > > the server. It uses Jboss as the appliation server. Funny how almost all > > > > of the software used open source, good side though, wine opens the > > > > executable to run any of the apps and uses native flash player, java, > > > > adobe, etc. So there is one problem solved. Unfortunately I'm still > > > > having a problem with a network drive that the school uses for both a > > > > digital dropbox and a basic application server for apps like microtype > > > > and geometer sketchpad. No on seems to have write access to the mounted > > > > drive and that is the main problem. It seems like it shouldn't be a hard > > > > thing to figure out, but I haven't had as much time to spend on it as I > > > > need to. Where should I start looking to fix this aside from chmod, > > > > because that doesn't seem to do it. If you need more info let me know, > > > > I'm hoping to get it fixed by Monday, otherwise I may be forced into a > > > > Microsoft Terminal setup, and that would kill me. > > > ---- > > > spare us the drama > > > > > > is the mount read only? on a computer that doesn't have write access to > > > the mounted drive, can you run the command... > > > > > > mount > > > > > > and report back to us? > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White From dyoung at mesd.k12.or.us Mon Oct 1 23:11:59 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Mon, 1 Oct 2007 16:11:59 -0700 Subject: [K12OSN] Dynamic Launcher In-Reply-To: References: <715471.66408.qm@web55606.mail.re4.yahoo.com> <46FD3DC5.8020101@cmosnetworks.com> <1191003954.31843.103.camel@cube.tobyhouse.com> <1191262071.3387.30.camel@cube.tobyhouse.com> <1191270800.3387.53.camel@cube.tobyhouse.com> Message-ID: <994441ae0710011611x2bcdfd11o44e6747c883c603e@mail.gmail.com> If you can wrap it in a shell script, $USER returns the current user. "~" is the home directory of the current user, or $HOME. -- Dan Young Multnomah ESD - Technology Services 503-257-1562 On 10/1/07, Kemp, Levi wrote: > Hate to reply to myself, but I wanted to say that this is going to work. I way overcomplicated this. Of cource it leads me to a new question. How do I create a dynamic launcher? One dependent on the current user logged in. For example /home/BOLIVAR/User/M/math/Sketchpad/"GSP 4.06.exe" I'm going to google for it for a while, but if anyone already knows the answer I'd appreciate it. Sorry for the drama by the way, let myself personal frustrations leak out. Thanks again. > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Kemp, Levi > Sent: Mon 10/1/2007 4:38 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > So is it going to be best(or easiest) to have each user mount the network drive as they log in, just like there home directory? I don't know why I didn't think of doing this before, I would have to change the links to applications on that server but it seems like it would be the quickest solution. > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Mon 10/1/2007 3:33 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > if Apps is mounted by root, then root owns the mount and all > files/folders - that's something you can easily confirm from any > workstation. > > On Mon, 2007-10-01 at 14:39 -0500, Kemp, Levi wrote: > > Apps is mounted on M by root. And as far as security on the windows server all users have read/write access to the main apps folder, sub-folders vary by depending on use. Users are authenticated against a windows AD using winbind, that's the reason their home directories mount correctly. But would it be bad for the LTSP server to mount luke seperately for each user? If that would work, I'd just go that route. > > > > > > Levi Kemp > > Technology Specialist > > Bolivar R-1 Schools > > 417-328-8943 > > lnkemp at bolivar.k12.mo.us > > > > > > > > -----Original Message----- > > From: k12osn-bounces at redhat.com on behalf of Craig White > > Sent: Mon 10/1/2007 1:07 PM > > To: Support list for open source software in schools. > > Subject: RE: [K12OSN] > > > > If you look directly on the computer named //LUKE and the folder that is > > shared as 'apps' - it would appear that a typical user doesn't have > > write access. Windows 2000 Server (and Windows 2003 server also) have a > > nice tool built-in to test user privileges...right click on a folder and > > choose Properties => Security => Advanced => User then you can locate a > > user and see his privileges on that folder. > > > > is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't > > have write access > > > > how are ltsp users authenticated? By local /etc/passwd entry? by > > winbindd from Windows Server? > > > > Craig > > > > On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: > > > Here is my print out from mount: > > > > > > /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) > > > proc on /proc type proc (rw) > > > sysfs on /sys type sysfs (rw) > > > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > > > /dev/cciss/c0d0p1 on /boot type ext3 (rw) > > > tmpfs on /dev/shm type tmpfs (rw) > > > none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) > > > sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) > > > //luke/apps on /mnt/M type cifs (rw,mand) > > > //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) > > > //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) > > > nfsd on /proc/fs/nfsd type nfsd (rw) > > > //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) > > > //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) > > > //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) > > > //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) > > > //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) > > > > > > The folder in question is //luke/apps > > > All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. > > > > > > Levi Kemp > > > Technology Specialist > > > Bolivar R-1 Schools > > > 417-328-8943 > > > lnkemp at bolivar.k12.mo.us > > > > > > > > > > > > -----Original Message----- > > > From: k12osn-bounces at redhat.com on behalf of Craig White > > > Sent: Fri 9/28/2007 1:25 PM > > > To: Support list for open source software in schools. > > > Subject: Re: [K12OSN] > > > > > > On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: > > > > Hello everyone, > > > > It's been too long since I've checked the list. I've had a lot > > > > of "fun" working with our LTSP lab. I finally resolved my issue with > > > > scholastic software. Even though I was able to get the older version > > > > working in the lab, it came down to the fact that the database wasn't > > > > stable. According to scholastic, "It is self-corrupting, two minutes > > > > after running the maintenance you WILL have errors in it again." So we > > > > upgraded to the new Enterprise Edition", which runs on a MySql database, > > > > using a flash player as a browser on the client to access the apps on > > > > the server. It uses Jboss as the appliation server. Funny how almost all > > > > of the software used open source, good side though, wine opens the > > > > executable to run any of the apps and uses native flash player, java, > > > > adobe, etc. So there is one problem solved. Unfortunately I'm still > > > > having a problem with a network drive that the school uses for both a > > > > digital dropbox and a basic application server for apps like microtype > > > > and geometer sketchpad. No on seems to have write access to the mounted > > > > drive and that is the main problem. It seems like it shouldn't be a hard > > > > thing to figure out, but I haven't had as much time to spend on it as I > > > > need to. Where should I start looking to fix this aside from chmod, > > > > because that doesn't seem to do it. If you need more info let me know, > > > > I'm hoping to get it fixed by Monday, otherwise I may be forced into a > > > > Microsoft Terminal setup, and that would kill me. > > > ---- > > > spare us the drama > > > > > > is the mount read only? on a computer that doesn't have write access to > > > the mounted drive, can you run the command... > > > > > > mount > > > > > > and report back to us? > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > -- > Craig White > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From jones_yeates at hotmail.com Mon Oct 1 23:56:41 2007 From: jones_yeates at hotmail.com (jones yeates) Date: Mon, 1 Oct 2007 23:56:41 +0000 Subject: [K12OSN] "dead but subsys locked" Message-ID: I installed ipxripd and started the service. I tried to restart it, and it failed to stop the service, but said it was ok for starting it up again. Is there a way to stop it and restart it properly? _________________________________________________________________ Connect to the next generation of MSN Messenger? http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline From joseph.bishay at gmail.com Tue Oct 2 00:58:41 2007 From: joseph.bishay at gmail.com (Joseph Bishay) Date: Mon, 1 Oct 2007 20:58:41 -0400 Subject: [K12OSN] Logged out but gone? Message-ID: Hello, I hope everyone is well. I have been running a K12LTSP lab for the past couple of years, and I've always been able to type in 'last' and see who was logged in, for how long, and so on. Recently, with a clean install of the most recent K12LTSP (Ver 6) I've come across this problem that if the person logs out, or if they don't, they are recorded as: user1 ws199.ltsp:0 Mon Oct 1 12:06 gone - no logout This happens even when I am sure that the person has logged in correctly. Previously it only happened when the person's session was cut off unexpectedly. Any advice? I usually use the last command to see who hasn't logged out correctly in order to tell them to do so (they like to just reboot the clients sometimes!) but with this error it shows everyone doing it. Thank you Joseph From meelis at nlib.ee Tue Oct 2 06:34:04 2007 From: meelis at nlib.ee (Meelis) Date: Tue, 2 Oct 2007 09:34:04 +0300 Subject: [K12OSN] USB hub not working on VXL thinclients ( TC4331 ) Message-ID: <00cd01c804be$3a098960$870d10ac@melka> Hi all! The problem is that we started using VXL thinclients ( TC4331 ) as our terminals but their USB is not working. Logs show that they are known to the server but server. messages log for USB : Oct 1 12:01:27 8k_terminal1 root: usbcore: registered new driver usbfs Oct 1 12:01:27 8k_terminal1 root: usbcore: registered new driver hub Oct 1 12:01:27 8k_terminal1 root: ehci_hcd 0000:00:10.4: EHCI Host Controller Oct 1 12:01:27 8k_terminal1 root: ehci_hcd 0000:00:10.4: new USB bus registered, assigned bus number 1 Oct 1 12:01:27 8k_terminal1 root: ehci_hcd 0000:00:10.4: irq 10, io mem 0xfa001000 Oct 1 12:01:27 8k_terminal1 root: ehci_hcd 0000:00:10.4: USB 2.0 started, EHCI 1.00, driver 10 Dec 2004 Oct 1 12:01:27 8k_terminal1 root: usb usb1: configuration #1 chosen from 1 choice Oct 1 12:01:27 8k_terminal1 root: hub 1-0:1.0: USB hub found Oct 1 12:01:27 8k_terminal1 root: hub 1-0:1.0: 8 ports detected Oct 1 12:01:27 8k_terminal1 root: USB Universal Host Controller Interface driver v3.0 Oct 1 12:01:27 8k_terminal1 root: ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 10 Oct 1 12:01:27 8k_terminal1 root: ACPI: PCI Interrupt 0000:00:10.0[A] -> Link [LNKA] -> GSI 10 (level, low) -> IRQ 10 Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.0: UHCI Host Controller Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.0: new USB bus registered, assigned bus number 2 Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.0: irq 10, io base 0x0000e800 Oct 1 12:01:27 8k_terminal1 root: usb usb2: configuration #1 chosen from 1 choice Oct 1 12:01:27 8k_terminal1 root: hub 2-0:1.0: USB hub found Oct 1 12:01:27 8k_terminal1 root: hub 2-0:1.0: 2 ports detected Oct 1 12:01:27 8k_terminal1 root: ACPI: PCI Interrupt 0000:00:10.1[A] -> Link [LNKA] -> GSI 10 (level, low) -> IRQ 10 Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.1: UHCI Host Controller Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.1: new USB bus registered, assigned bus number 3 Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.1: irq 10, io base 0x0000e900 Oct 1 12:01:27 8k_terminal1 root: usb usb3: configuration #1 chosen from 1 choice Oct 1 12:01:27 8k_terminal1 root: hub 3-0:1.0: USB hub found Oct 1 12:01:27 8k_terminal1 root: hub 3-0:1.0: 2 ports detected Oct 1 12:01:27 8k_terminal1 root: ACPI: PCI Interrupt 0000:00:10.2[B] -> Link [LNKB] -> GSI 11 (level, low) -> IRQ 11 Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.2: UHCI Host Controller Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.2: new USB bus registered, assigned bus number 4 Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.2: irq 11, io base 0x0000ea00 Oct 1 12:01:27 8k_terminal1 root: usb usb4: configuration #1 chosen from 1 choice Oct 1 12:01:27 8k_terminal1 root: hub 4-0:1.0: USB hub found Oct 1 12:01:27 8k_terminal1 root: hub 4-0:1.0: 2 ports detected Oct 1 12:01:27 8k_terminal1 root: ACPI: PCI Interrupt 0000:00:10.3[B] -> Link [LNKB] -> GSI 11 (level, low) -> IRQ 11 Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.3: UHCI Host Controller Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.3: new USB bus registered, assigned bus number 5 Oct 1 12:01:27 8k_terminal1 root: uhci_hcd 0000:00:10.3: irq 11, io base 0x0000eb00 Oct 1 12:01:27 8k_terminal1 root: usb usb5: configuration #1 chosen from 1 choice Oct 1 12:01:27 8k_terminal1 root: hub 5-0:1.0: USB hub found Oct 1 12:01:27 8k_terminal1 root: hub 5-0:1.0: 2 ports detected Oct 1 12:01:27 8k_terminal1 root: ohci_hcd: 2005 April 22 USB 1.1 'Open' Host Controller (OHCI) Driver (PCI) Oct 1 12:01:27 8k_terminal1 root: usbcore: registered new driver usbmouse Oct 1 12:01:27 8k_terminal1 root: drivers/usb/input/usbmouse.c: v1.6:USB HID Boot Protocol mouse driver Oct 1 12:01:27 8k_terminal1 root: usbcore: registered new driver usbkbd Oct 1 12:01:27 8k_terminal1 root: drivers/usb/input/usbkbd.c: :USB HID Boot Protocol keyboard driver --------------------- Is there a solution or an update to make server understand how to use VXL thinclients ( TC4331 ) USB hub and allow clients to save to USB sticks? I have searched google and tryed several solutions that are for USB support but none of them works. I'm using k12ltsp latest releace distro in my server ( since april or may 2007? ). In the testserver I have latest edubuntu and VXL thinclients work fine there. As old server is in the use with about 60 users I cannot just switch to edubuntu as it's under testing and configuration :( Thanks Meelis Mihhailov ----------------------------------------- S?steemi administraator Eesti Rahvusraamatukogu Infos?steemide osakond Telefon : 6307 181 E-mail : meelis at nlib.ee ----------------------------------------- From krsnendu108 at gmail.com Tue Oct 2 13:12:10 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Wed, 3 Oct 2007 01:12:10 +1200 Subject: [K12OSN] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. Message-ID: I am cross posting this to the ltsp lists as I got no response from the Crossover list and this software is essential for our school system which I need to get running by Monday. ---------- Forwarded message ---------- From: Krsnendu dasa Date: 1 Oct 2007 13:12 Subject: Unsupported app installed in managed mode only runs as root. To: discuss at crossover.codeweavers.com I am running Ubuntu Feisty and CXL 6.1 I have installed a multimedia program provided by the New Zealand Ministry of Education that is based on shockwave director. I installed it at home in single user mode and it runs well as on the main box as well as remotely with ltsp 5. When I went to install it at school I chose multiuser managed mode. The root can run the program no problem from the server (but not from a thin client.) For the end users (who are the ones who really matter), the program can be started but a system beep is heard and the program freezes when it starts. This is the same whether on the server or the thin client. I saw an error message box at one stage saying "I/O error" I guess it is a permissions problem but I don't know where to start. Can anyone offer any tips how to fix this problem? Thanks. Krsnendu dasa Update: If I wait a few minutes the program seems to respond temporarily before freezing again. The is no sound however and sound is essential. -------------- next part -------------- An HTML attachment was scrubbed... URL: From lnkemp at bolivar.k12.mo.us Tue Oct 2 15:07:05 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Tue, 2 Oct 2007 10:07:05 -0500 Subject: [K12OSN] Fwd: Unsupported Crossover (Wine) app installed in managedmode only runs as root. In-Reply-To: References: Message-ID: Does the app have to run on the LTSP server? Or is it a client/server sort of software? If it is the latter you may try installing it on another server and using it that way, although I'll admit my results on that vary with the app. Levi Kemp Technology Specialist Bolivar R-I School District 417-328-8943 lnkemp at bolivar.k12.mo.us ________________________________ From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On Behalf Of Krsnendu dasa Sent: Tuesday, October 02, 2007 8:12 AM To: ltsp-discuss at lists.sourceforge.net; Support list for open source software in schools. Subject: [K12OSN] Fwd: Unsupported Crossover (Wine) app installed in managedmode only runs as root. I am cross posting this to the ltsp lists as I got no response from the Crossover list and this software is essential for our school system which I need to get running by Monday. ---------- Forwarded message ---------- From: Krsnendu dasa Date: 1 Oct 2007 13:12 Subject: Unsupported app installed in managed mode only runs as root. To: discuss at crossover.codeweavers.com I am running Ubuntu Feisty and CXL 6.1 I have installed a multimedia program provided by the New Zealand Ministry of Education that is based on shockwave director. I installed it at home in single user mode and it runs well as on the main box as well as remotely with ltsp 5. When I went to install it at school I chose multiuser managed mode. The root can run the program no problem from the server (but not from a thin client.) For the end users (who are the ones who really matter), the program can be started but a system beep is heard and the program freezes when it starts. This is the same whether on the server or the thin client. I saw an error message box at one stage saying "I/O error" I guess it is a permissions problem but I don't know where to start. Can anyone offer any tips how to fix this problem? Thanks. Krsnendu dasa Update: If I wait a few minutes the program seems to respond temporarily before freezing again. The is no sound however and sound is essential. -------------- next part -------------- An HTML attachment was scrubbed... URL: From joebaker at dcresearch.com Tue Oct 2 16:10:27 2007 From: joebaker at dcresearch.com (Joe Baker) Date: Tue, 02 Oct 2007 11:10:27 -0500 Subject: [K12OSN] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. In-Reply-To: References: Message-ID: <47026D73.1050205@dcresearch.com> I've seen some very strange behavior with Crossover Office Pro 6.1. Try running /opt/cxoffice/bin/cxmessage --help Especially from a remote X desktop that logged in via XDMCP. A user here noticed that when the Thunderbird email client launched Excel to open an xls attachment that there would be a 1.5 minute delay before a box came up (spawned by cxmessage - which said something to the effect of "Email attachments can be dangerous do you want to [Continue|Always Continue|Cancel]." I had to remove the symbolic link to the bottle's configuration file and replace it with a user owned copy so that "Always Continue" could be selected and the preference saved. Also, you might try logging in as the user locally on the system to see if the application runs locally. You've shown that it runs this way for root, but you may be surprised if it also runs as a user on the local machine. -Joe Baker 262-763-3591 work Krsnendu dasa wrote: > I am cross posting this to the ltsp lists as I got no response from > the Crossover list and this software is essential for our school > system which I need to get running by Monday. > > ---------- Forwarded message ---------- > From: *Krsnendu dasa* > > Date: 1 Oct 2007 13:12 > Subject: Unsupported app installed in managed mode only runs as root. > To: discuss at crossover.codeweavers.com > > > I am running Ubuntu Feisty and CXL 6.1 > I have installed a multimedia program provided by the New Zealand > Ministry of Education that is based on shockwave director. > I installed it at home in single user mode and it runs well as on the > main box as well as remotely with ltsp 5. > When I went to install it at school I chose multiuser managed mode. > The root can run the program no problem from the server (but not from > a thin client.) > For the end users (who are the ones who really matter), the program > can be started but a system beep is heard and the program freezes when > it starts. This is the same whether on the server or the thin client. > I saw an error message box at one stage saying "I/O error" > > I guess it is a permissions problem but I don't know where to start. > Can anyone offer any tips how to fix this problem? > > Thanks. > > Krsnendu dasa > > Update: If I wait a few minutes the program seems to respond > temporarily before freezing again. The is no sound however and sound > is essential. > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From ahodson at elp.rr.com Tue Oct 2 17:16:54 2007 From: ahodson at elp.rr.com (ahodson at elp.rr.com) Date: Tue, 02 Oct 2007 11:16:54 -0600 Subject: [K12OSN] Thumbdrives not recognized by Centos5 server Message-ID: Hi group The students at one of the middle schools where we have a 30 user thin-client lab almost linched me when their PC formatted thumbdrives appeared on the desktopn, but not the content of the work they had saved using home and standalone PCs. I need some help here. Name of thumbdrive appears on the desktop and inside the "Drives" folder, but not the contents. Mounting the traditional way is not doing it... Help! Alan Hodson El Paso ISD, TX -=o=- From steve.hargadon at gmail.com Tue Oct 2 17:17:05 2007 From: steve.hargadon at gmail.com (Steve Hargadon) Date: Tue, 2 Oct 2007 10:17:05 -0700 Subject: [K12OSN] One Day Left for NECC Proposals - Call for Open Source! In-Reply-To: References: Message-ID: The NECC call for proposals closes tomorrow, October 3rd, and I'm just making sure that the Free and Open Source Software folks who would be interested in presenting in San Antonio get those proposal in! http://center.uoregon.edu/ISTE/NECC2008/program/ Steve -- Steve Hargadon steve at hargadon.com www.SteveHargadon.com 916-899-1400 From accessys at smart.net Tue Oct 2 17:30:25 2007 From: accessys at smart.net (Accessys@smart.net) Date: Tue, 2 Oct 2007 13:30:25 -0400 (EDT) Subject: [K12OSN] Thumbdrives not recognized by Centos5 server In-Reply-To: References: Message-ID: are they using the "new" word 2007 I don't think anything can read the new attempt by M$ to freeze out everyone and sabatage other operating systems.. Bob On Tue, 2 Oct 2007 ahodson at elp.rr.com wrote: > Hi group > > The students at one of the middle schools where we have a 30 user > thin-client lab almost linched me when their PC formatted thumbdrives > appeared on the desktopn, but not the content of the work they had saved > using home and standalone PCs. I need some help here. Name of thumbdrive > appears on the desktop and inside the "Drives" folder, but not the > contents. Mounting the traditional way is not doing it... Help! > Alan Hodson > El Paso ISD, TX > -=o=- > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ occasionally a true patriot must defend his country from its' government +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ "They that can give up essential liberty to obtain a little temporary safety deserve Neither liberty nor safety", Benjamin Franklin - - - - - - - - - - - - - - - - - - - ASCII Ribbon Campaign. . . . . . . . . . . . accessBob .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . . . Access Systems, engineers .NO attachments in e-mail, .*LINUX powered*. access is a civil right *#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# THIS message and any attachments are CONFIDENTIAL and may be privileged. They are intended ONLY for the individual or entity named From nils at breun.nl Tue Oct 2 18:02:53 2007 From: nils at breun.nl (Nils Breunese) Date: Tue, 2 Oct 2007 20:02:53 +0200 Subject: [K12OSN] Thumbdrives not recognized by Centos5 server In-Reply-To: References: Message-ID: <073F7EEF-D6A5-4CCC-8832-546D0CC25CA6@breun.nl> Alan Hodson wrote: > The students at one of the middle schools where we have a 30 user > thin-client lab almost linched me when their PC formatted thumbdrives > appeared on the desktopn, but not the content of the work they had > saved > using home and standalone PCs. I need some help here. Name of > thumbdrive > appears on the desktop and inside the "Drives" folder, but not the > contents. Mounting the traditional way is not doing it... Help! I have a K12LTSP 5EL (CentOS 5) 64-bit server and thumbdrives are working fine. No need to mount them manually, it's all done using FUSE. I wouldn't know where to start troubleshooting if the drive appears on the desktop, but doesn't seem to contain anything. Maybe some FUSE logs? Are these FAT32-formatted drives? Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From simpsond at leopards.k12.ar.us Tue Oct 2 18:15:36 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Tue, 02 Oct 2007 13:15:36 -0500 Subject: [K12OSN] Thumbdrives not recognized by Centos5 server In-Reply-To: <073F7EEF-D6A5-4CCC-8832-546D0CC25CA6@breun.nl> References: <073F7EEF-D6A5-4CCC-8832-546D0CC25CA6@breun.nl> Message-ID: <47024477.550C.0078.0@leopards.k12.ar.us> Are these formatted NTFS? May not work if they are. . .Others may have more information. . . If they are NTFS. . . backup the data somewhere, reformat to FAT32 and then put the data back. Winders won't care but they will likely work fine on both systems after that. Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us >>> Nils Breunese 10/2/2007 1:02 PM >>> Alan Hodson wrote: > The students at one of the middle schools where we have a 30 user > thin-client lab almost linched me when their PC formatted thumbdrives > appeared on the desktopn, but not the content of the work they had > saved > using home and standalone PCs. I need some help here. Name of > thumbdrive > appears on the desktop and inside the "Drives" folder, but not the > contents. Mounting the traditional way is not doing it... Help! I have a K12LTSP 5EL (CentOS 5) 64-bit server and thumbdrives are working fine. No need to mount them manually, it's all done using FUSE. I wouldn't know where to start troubleshooting if the drive appears on the desktop, but doesn't seem to contain anything. Maybe some FUSE logs? Are these FAT32-formatted drives? Nils Breunese. From sgonzalez at sau83.org Tue Oct 2 18:40:28 2007 From: sgonzalez at sau83.org (Sonja Gonzalez) Date: Tue, 2 Oct 2007 14:40:28 -0400 (EDT) Subject: [K12OSN] Thumbdrives not recognized by Centos5 server In-Reply-To: <073F7EEF-D6A5-4CCC-8832-546D0CC25CA6@breun.nl> Message-ID: <5032013.45511191350428695.JavaMail.root@mail.sau83.org> I have 2 comments... 1. We have our students buy their own thumb drives and most work just fine. Several students with SanDisk Cruzer thumb drives reported issues with certain sizes of these drives (smaller ones are the problem... over 2GB seems to work fine.) I'm running Edubuntu 7.04, not K12LTSP, but might be a related problem. I've seen the issue on many forums but no solutions. Since other brands work fine for me.... Mr. Hodson, you might want to try another brand might to see if it will bandaid the issue for you until a solution is found. 2. If it's a permission thing, here are steps to give all users permission to the fuse module: a. sudo chmod a+x /usr/bin/fusermount b. modify /etc/udev/rules.d/45-fuse.rules such that: MODE="666" c. run sudo /etc/init.d/udev restart d. sudo chmod 666 /dev/fuse HTH, Sonja _______________________________ Sonja Gonzalez Director of Technology Ellis School 432 Main Street Fremont, NH 03044 603.895.2511 x603 ----- Original Message ----- From: "Nils Breunese" To: "Support list for open source software in schools." Sent: Tuesday, October 2, 2007 2:02:53 PM (GMT-0500) America/New_York Subject: Re: [K12OSN] Thumbdrives not recognized by Centos5 server Alan Hodson wrote: > The students at one of the middle schools where we have a 30 user > thin-client lab almost linched me when their PC formatted thumbdrives > appeared on the desktopn, but not the content of the work they had > saved > using home and standalone PCs. I need some help here. Name of > thumbdrive > appears on the desktop and inside the "Drives" folder, but not the > contents. Mounting the traditional way is not doing it... Help! I have a K12LTSP 5EL (CentOS 5) 64-bit server and thumbdrives are working fine. No need to mount them manually, it's all done using FUSE. I wouldn't know where to start troubleshooting if the drive appears on the desktop, but doesn't seem to contain anything. Maybe some FUSE logs? Are these FAT32-formatted drives? Nils Breunese. From brcisna at eazylivin.net Tue Oct 2 21:17:16 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Tue, 2 Oct 2007 16:17:16 -0500 (CDT) Subject: [K12OSN] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. Message-ID: <48478.192.168.254.3.1191359836.squirrel@www.eazylivin.net> Krsnendu, Search back through the archives here. I'm not sure what month. I wrote a pretty decent how to on how to run Windows apps for all users/system wide. What version of K12LTSP are you using? Long story short, You make a directory of /wine on the root of your hard drive . You install all you Windows apps as *any* user,,,then copy /paste the ./wine/* folders of the "installer" user, to the newly created /wine folder. Create launchers, on the desktop for each app, then as root "push" the launchers to all users folder on desktop.Now all users will be able to run *most* Windows apps. I tried several and they all worked. I'm sure You'll run into trouble if these are say MS databased apps,,though. I had purchased CrossOver Office and this worked great on some apps,but with the newer versions of Wine I had even better luck! Take Care, Barry Cisna westcentral school From peter at scheie.homedns.org Tue Oct 2 23:50:22 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Tue, 02 Oct 2007 18:50:22 -0500 Subject: [K12OSN] Thumbdrives not recognized by Centos5 server In-Reply-To: <5032013.45511191350428695.JavaMail.root@mail.sau83.org> References: <5032013.45511191350428695.JavaMail.root@mail.sau83.org> Message-ID: <4702D93E.1030209@scheie.homedns.org> My money is on Sonja's point 2.c, permissions for /dev/fuse. I have this problem appear periodically on a K12LTSP 5 server. The problem is caused, I think, by reboots which /dev/fuse to get recreated with default permissions, which manifests itself in empty USB devices. Peter Sonja Gonzalez wrote: > I have 2 comments... > > 1. We have our students buy their own thumb drives and most work just fine. Several students with SanDisk Cruzer thumb drives reported issues with certain sizes of these drives (smaller ones are the problem... over 2GB seems to work fine.) I'm running Edubuntu 7.04, not K12LTSP, but might be a related problem. I've seen the issue on many forums but no solutions. Since other brands work fine for me.... Mr. Hodson, you might want to try another brand might to see if it will bandaid the issue for you until a solution is found. > > 2. If it's a permission thing, here are steps to give all users permission to the fuse module: > > a. sudo chmod a+x /usr/bin/fusermount > > b. modify /etc/udev/rules.d/45-fuse.rules such that: MODE="666" > > c. run sudo /etc/init.d/udev restart > > d. sudo chmod 666 /dev/fuse > > > HTH, > > Sonja > _______________________________ > Sonja Gonzalez > Director of Technology > Ellis School > 432 Main Street > Fremont, NH 03044 > 603.895.2511 x603 > > ----- Original Message ----- > From: "Nils Breunese" > To: "Support list for open source software in schools." > Sent: Tuesday, October 2, 2007 2:02:53 PM (GMT-0500) America/New_York > Subject: Re: [K12OSN] Thumbdrives not recognized by Centos5 server > > Alan Hodson wrote: > >> The students at one of the middle schools where we have a 30 user >> thin-client lab almost linched me when their PC formatted thumbdrives >> appeared on the desktopn, but not the content of the work they had >> saved >> using home and standalone PCs. I need some help here. Name of >> thumbdrive >> appears on the desktop and inside the "Drives" folder, but not the >> contents. Mounting the traditional way is not doing it... Help! > > I have a K12LTSP 5EL (CentOS 5) 64-bit server and thumbdrives are > working fine. No need to mount them manually, it's all done using > FUSE. I wouldn't know where to start troubleshooting if the drive > appears on the desktop, but doesn't seem to contain anything. Maybe > some FUSE logs? Are these FAT32-formatted drives? > > Nils Breunese. > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jones_yeates at hotmail.com Wed Oct 3 05:07:16 2007 From: jones_yeates at hotmail.com (jones yeates) Date: Wed, 3 Oct 2007 05:07:16 +0000 Subject: [K12OSN] "dead but subsys locked" In-Reply-To: References: Message-ID: I don't know if this was a fluke, but I was able to stop the ipxd service. I looked in the /var/log/message was getting IPX collisions with 802.2 and 802.3. I had: # ipx_configure --auto_interface=on --auto_primary=on I changed it to: # ipx_configure --auto_interface=off --auto_primary=on Then I set the manually set the interface for IPX and put the interface down/up. #ipx_interface add -p eth0 802.2 0x1 #ifconfig eth1 down #ifconfig eth1 up (resetting eth1) I did the same for eth0 Then I tried #service ipxd stop and it worked. > From: jones_yeates at hotmail.com> To: k12osn at redhat.com> Date: Mon, 1 Oct 2007 23:56:41 +0000> Subject: [K12OSN] "dead but subsys locked"> > > I installed ipxripd and started the service. I tried to restart it, and it failed to stop the service, but said it was ok for starting it up again.> > Is there a way to stop it and restart it properly?> > _________________________________________________________________> Connect to the next generation of MSN Messenger > http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline> > _______________________________________________> K12OSN mailing list> K12OSN at redhat.com> https://www.redhat.com/mailman/listinfo/k12osn> For more info see _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From twolfe at sawback.com Wed Oct 3 15:22:59 2007 From: twolfe at sawback.com (Tom Wolfe) Date: Wed, 3 Oct 2007 11:22:59 -0400 (EDT) Subject: [K12OSN] Dynamic Launcher In-Reply-To: References: <715471.66408.qm@web55606.mail.re4.yahoo.com><37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl><46FC9D1D.6030401@cmosnetworks.com><9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl><46FD3DC5.8020101@cmosnetworks.com><1191003954.31843.103.camel@cube.tobyhouse.com><1191262071.3387.30.camel@cube.tobyhouse.com> <1191270800.3387.53.camel@cube.tobyhouse.com> <20071003000624.X21358@dyyme.pair.com> Message-ID: <20071003111530.X41393@dyyme.pair.com> Oh, duh, I see now. I put a script into /etc/gdm/PostLogin/Default and create them there. Default is called just after gdm logs the user into the machine, but before it actually configures anything (I think). You can use something like: ln -s $HOME/.TeacherShare/$USER/My\ Documents $DESKTOP/$USER\'s\ Documents This is assuming that pam_mount has created a mount at $HOME/.TeacherShare and that you've defined DESKTOP as something like: DESKTOP=$HOME/Desktop And that DESKTOP actually exists, which it doesn't until after someone has already logged on to their desktop. SO I put this it in front of my link scripts to take care of brand new users: if [ ! -d $DESKTOP ]; then mkdir $DESKTOP fi which is bash for if $DESKTOP doesn't exist then create it. I'm a total Linux and bash hack (actually I'm a hack in the most general sense of the term) so take it all with a grain of salt. Regards, Tom Wolfe --- Tom Wolfe, IT Specialist twolfe at sawback.com Stoney Educational Authority tel: (403) 881-2650 Box 238, Morley AB, T0L 1N0 fax: (403) 881-2793 Morley Community School | Chief Jacob Bearspaw School | Ta-otha School On Wed, 3 Oct 2007, Kemp, Levi wrote: > Actually, that's how I came to this. I used pam_mount for the home > directories, and when I relialized the mount I had setup for a shared > drive was read only to everyone but root I followed advice from the list > and used pam_mount for it as well. So now when someone logs in they have > a G folder and an M folder under there home directory, just as they > would on a windows box. So even though they can access everything they > need I wanted to create a launcher for the apps so they wouldn't have to > go through so many folders to get to them. I may just copy the apps to > the K12LTSP server to keep from over complicating this though. > > Levi Kemp > Technology Specialist > Bolivar R-I School District > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > >> -----Original Message----- >> From: Tom Wolfe [mailto:twolfe at sawback.com] >> Sent: Tuesday, October 02, 2007 11:07 PM >> To: Kemp, Levi >> Subject: Re: [K12OSN] Dynamic Launcher >> >> Hi Levi, are you asking about how to set up pam_mount? I'd >> think that pam_mount would be the thing you would use...? >> >> Regards, >> Tom Wolfe >> >> --- >> Tom Wolfe, IT Specialist twolfe at sawback.com >> Stoney Educational Authority tel: (403) 881-2650 >> Box 238, Morley AB, T0L 1N0 fax: (403) 881-2793 >> Morley Community School | Chief Jacob Bearspaw School | Ta-otha School >> >> >> On Mon, 1 Oct 2007, Kemp, Levi wrote: >> >>> Hate to reply to myself, but I wanted to say that this is >> going to work. I way overcomplicated this. Of cource it leads >> me to a new question. How do I create a dynamic launcher? One >> dependent on the current user logged in. For example >> /home/BOLIVAR/User/M/math/Sketchpad/"GSP 4.06.exe" I'm going >> to google for it for a while, but if anyone already knows the >> answer I'd appreciate it. Sorry for the drama by the way, let >> myself personal frustrations leak out. Thanks again. >>> >>> Levi Kemp >>> Technology Specialist >>> Bolivar R-1 Schools >>> 417-328-8943 >>> lnkemp at bolivar.k12.mo.us >>> >>> >>> >>> -----Original Message----- >>> From: k12osn-bounces at redhat.com on behalf of Kemp, Levi >>> Sent: Mon 10/1/2007 4:38 PM >>> To: Support list for open source software in schools. >>> Subject: RE: [K12OSN] >>> >>> So is it going to be best(or easiest) to have each user >> mount the network drive as they log in, just like there home >> directory? I don't know why I didn't think of doing this >> before, I would have to change the links to applications on >> that server but it seems like it would be the quickest solution. >>> >>> Levi Kemp >>> Technology Specialist >>> Bolivar R-1 Schools >>> 417-328-8943 >>> lnkemp at bolivar.k12.mo.us >>> >>> >>> >>> -----Original Message----- >>> From: k12osn-bounces at redhat.com on behalf of Craig White >>> Sent: Mon 10/1/2007 3:33 PM >>> To: Support list for open source software in schools. >>> Subject: RE: [K12OSN] >>> >>> if Apps is mounted by root, then root owns the mount and all >>> files/folders - that's something you can easily confirm from any >>> workstation. >>> >>> On Mon, 2007-10-01 at 14:39 -0500, Kemp, Levi wrote: >>>> Apps is mounted on M by root. And as far as security on >> the windows server all users have read/write access to the >> main apps folder, sub-folders vary by depending on use. Users >> are authenticated against a windows AD using winbind, that's >> the reason their home directories mount correctly. But would >> it be bad for the LTSP server to mount luke seperately for >> each user? If that would work, I'd just go that route. >>>> >>>> >>>> Levi Kemp >>>> Technology Specialist >>>> Bolivar R-1 Schools >>>> 417-328-8943 >>>> lnkemp at bolivar.k12.mo.us >>>> >>>> >>>> >>>> -----Original Message----- >>>> From: k12osn-bounces at redhat.com on behalf of Craig White >>>> Sent: Mon 10/1/2007 1:07 PM >>>> To: Support list for open source software in schools. >>>> Subject: RE: [K12OSN] >>>> >>>> If you look directly on the computer named //LUKE and the >> folder that >>>> is shared as 'apps' - it would appear that a typical user doesn't >>>> have write access. Windows 2000 Server (and Windows 2003 >> server also) >>>> have a nice tool built-in to test user privileges...right >> click on a >>>> folder and choose Properties => Security => Advanced => >> User then you >>>> can locate a user and see his privileges on that folder. >>>> >>>> is //luke/apps mounted on /mnt/M by root? If so, then a >> user wouldn't >>>> have write access >>>> >>>> how are ltsp users authenticated? By local /etc/passwd entry? by >>>> winbindd from Windows Server? >>>> >>>> Craig >>>> >>>> On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: >>>>> Here is my print out from mount: >>>>> >>>>> /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) proc on /proc >>>>> type proc (rw) sysfs on /sys type sysfs (rw) devpts on >> /dev/pts type >>>>> devpts (rw,gid=5,mode=620) >>>>> /dev/cciss/c0d0p1 on /boot type ext3 (rw) tmpfs on /dev/shm type >>>>> tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) >>>>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) >> //luke/apps >>>>> on /mnt/M type cifs (rw,mand) //luke/scholastic on >> /mnt/.Scholastic >>>>> type cifs (rw,mand) //luke/schsuite on /mnt/.SMS_DATA type cifs >>>>> (rw,mand) nfsd on /proc/fs/nfsd type nfsd (rw) //br2/vswartz$ on >>>>> /home/BOLIVAR/vswartz/G type cifs (rw,mand) //br2/shall$ on >>>>> /home/BOLIVAR/shall/G type cifs (rw,mand) >> //br2/dpeterson$_br1$ on >>>>> /home/BOLIVAR/dpeterson/G type cifs (rw,mand) >> //br2/dshoemaker$_br1$ >>>>> on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) >> //br2/lnkemp$ on >>>>> /home/BOLIVAR/lnkemp/G type cifs (rw,mand) >>>>> >>>>> The folder in question is //luke/apps All the home folders, which >>>>> also reside on a windows server(till I get a NAS), work >> fine if that is helpful knowledge. >>>>> >>>>> Levi Kemp >>>>> Technology Specialist >>>>> Bolivar R-1 Schools >>>>> 417-328-8943 >>>>> lnkemp at bolivar.k12.mo.us >>>>> >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: k12osn-bounces at redhat.com on behalf of Craig White >>>>> Sent: Fri 9/28/2007 1:25 PM >>>>> To: Support list for open source software in schools. >>>>> Subject: Re: [K12OSN] >>>>> >>>>> On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: >>>>>> Hello everyone, >>>>>> It's been too long since I've checked the list. I've >> had a lot of >>>>>> "fun" working with our LTSP lab. I finally resolved my >> issue with >>>>>> scholastic software. Even though I was able to get the older >>>>>> version working in the lab, it came down to the fact that the >>>>>> database wasn't stable. According to scholastic, "It is >>>>>> self-corrupting, two minutes after running the >> maintenance you WILL >>>>>> have errors in it again." So we upgraded to the new Enterprise >>>>>> Edition", which runs on a MySql database, using a flash >> player as a >>>>>> browser on the client to access the apps on the server. It uses >>>>>> Jboss as the appliation server. Funny how almost all of the >>>>>> software used open source, good side though, wine opens the >>>>>> executable to run any of the apps and uses native flash player, >>>>>> java, adobe, etc. So there is one problem solved. >> Unfortunately I'm >>>>>> still having a problem with a network drive that the school uses >>>>>> for both a digital dropbox and a basic application >> server for apps >>>>>> like microtype and geometer sketchpad. No on seems to have write >>>>>> access to the mounted drive and that is the main >> problem. It seems >>>>>> like it shouldn't be a hard thing to figure out, but I >> haven't had >>>>>> as much time to spend on it as I need to. Where should I start >>>>>> looking to fix this aside from chmod, because that >> doesn't seem to >>>>>> do it. If you need more info let me know, I'm hoping to >> get it fixed by Monday, otherwise I may be forced into a >> Microsoft Terminal setup, and that would kill me. >>>>> ---- >>>>> spare us the drama >>>>> >>>>> is the mount read only? on a computer that doesn't have >> write access >>>>> to the mounted drive, can you run the command... >>>>> >>>>> mount >>>>> >>>>> and report back to us? >>>>> >>>>> _______________________________________________ >>>>> K12OSN mailing list >>>>> K12OSN at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/k12osn >>>>> For more info see >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >>> -- >>> Craig White >>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >>> >>> >>> >> > From aahodson at episd.org Wed Oct 3 15:52:04 2007 From: aahodson at episd.org (Alan Hodson) Date: Wed, 03 Oct 2007 09:52:04 -0600 Subject: [K12OSN] Thumbdrives not recognized by Centos5 server Message-ID: <470366440200006C00007934@episd14.episd.org> Sonja's comments are right on target ( c. run sudo /etc/init.d/udev restart) but in my set up I am unable to locate /etc/udev/rules.d/45-fuse rules (I see /99-fuse-rules) and verified MODE="0666". The c. suggestion yields an error (there is no /etc/init.d/udev) anywhere... Anyone with helping hints? We are close, but not there yet cheers A. Hodson El Paso, TX -=o=- From aahodson at episd.org Wed Oct 3 15:57:48 2007 From: aahodson at episd.org (Alan Hodson) Date: Wed, 03 Oct 2007 09:57:48 -0600 Subject: [K12OSN] Texas Users: How to deal with test.nav Message-ID: <4703679C0200006C00007937@episd14.episd.org> Greetings again list Texas users are mandated to use test.nav as an assessment tool - we as a district naturally have it available on Macs and PCs. I am wondering if anyone knows of a hack/way to implement the needed applications so thin-client labs can also become usable for testing. Thanks Alan Hodson http://tinyurl.com/3e4sh8 El Paso ISD, TX -=o=- From thewhitmers at gmail.com Wed Oct 3 16:01:28 2007 From: thewhitmers at gmail.com (David Whitmer) Date: Wed, 3 Oct 2007 12:01:28 -0400 Subject: [K12OSN] Thumbdrives not recognized by Centos5 server In-Reply-To: <470366440200006C00007934@episd14.episd.org> References: <470366440200006C00007934@episd14.episd.org> Message-ID: On 10/3/07, Alan Hodson wrote: > > Sonja's comments are right on target ( c. run sudo /etc/init.d/udev > restart) but in my set up I am unable to locate /etc/udev/rules.d/45-fuse > rules (I see /99-fuse-rules) and verified MODE="0666". > > The c. suggestion yields an error (there is no /etc/init.d/udev) > anywhere... > > Anyone with helping hints? We are close, but not there yet > > cheers > A. Hodson > El Paso, TX > -=o=- > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see http://www.k12os.org > Alan, I once had a similar problem on K12LTSP V5. Here's how I corrected things: 1) open "/etc/init.d/ltspfs-insecure" 2) find line: RULES=/etc/udev/rules.d/60- fuse.rules and change it to: RULES=/etc/udev/rules.d/99- fuse.rules 3) next do the following: /sbin/service ltspfs-insecure start /sbin/chkconfig ltspfs-insecure on I hope this helps. David Whitmer Director of Media & Technology Calvary Schools of Holland (Michigan) web: www.calvaryschoolsholland.org personal email: thewhitmers at gmail.com school email: david.whitmer at cshk12.org -------------- next part -------------- An HTML attachment was scrubbed... URL: From accessys at smart.net Wed Oct 3 16:32:25 2007 From: accessys at smart.net (Accessys@smart.net) Date: Wed, 3 Oct 2007 12:32:25 -0400 (EDT) Subject: [K12OSN] Texas Users: How to deal with test.nav In-Reply-To: <4703679C0200006C00007937@episd14.episd.org> References: <4703679C0200006C00007937@episd14.episd.org> Message-ID: technically under ADA and 508 laws it is illegal to MANDATE an unprovided (free) proprietary system. I think there are a few other laws on this issue too. Bob On Wed, 3 Oct 2007, Alan Hodson wrote: > Greetings again list > > Texas users are mandated to use test.nav as an assessment tool - we as a district naturally have it available on Macs and PCs. I am wondering if anyone knows of a hack/way to implement the needed applications so thin-client labs can also become usable for testing. > Thanks > > Alan Hodson > http://tinyurl.com/3e4sh8 > El Paso ISD, TX > -=o=- > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ occasionally a true patriot must defend his country from its' government +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ "They that can give up essential liberty to obtain a little temporary safety deserve Neither liberty nor safety", Benjamin Franklin - - - - - - - - - - - - - - - - - - - ASCII Ribbon Campaign. . . . . . . . . . . . accessBob .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . . . Access Systems, engineers .NO attachments in e-mail, .*LINUX powered*. access is a civil right *#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# THIS message and any attachments are CONFIDENTIAL and may be privileged. They are intended ONLY for the individual or entity named From nadavkav at gmail.com Wed Oct 3 21:06:09 2007 From: nadavkav at gmail.com (Nadav Kavalerchik) Date: Wed, 3 Oct 2007 23:06:09 +0200 Subject: [K12OSN] ltsp 6 and kde kiosktool In-Reply-To: <1191262974.3387.38.camel@cube.tobyhouse.com> References: <1191262974.3387.38.camel@cube.tobyhouse.com> Message-ID: <4219988b0710031406h682fc4e4w86a92637f8135958@mail.gmail.com> i don't think that you are using it correctly. i never had to do all this extra scripting as you did to make it work. we just use kde on the user's desktop. every computer is auto logged in with different user name pc1..pc50. i've set a group [students] to include all those users. inside kiosktool i assign a profile to students. that's it. when ever i logged into a user's Desktop i get the profile already assign to it. all those extra scripting you did seams to work on the local apps of the terminal, if you have any. as far as i can tell. hope, this helps and that i understood you correctly ;-) On 10/1/07, Craig White wrote: > > Trying to lock down some settings for users with the kiosktool from kde. > > For those who are unfamiliar with kiosktool, it adds paths to the > hierarchy for kde settings. > > It doesn't work out of the box on ltsp-6 I am trying to get it to work. > > I created a symbolic link from ltsp's /etc/kde-profile directory to the > terminal distribution etc directory... > > ln -s /etc/kde-profile /opt/ltsp/ppc/etc > ln -s /etc/kde-profile /opt/ltsp/i386/etc > > then I added the following to /etc/profile.d/kde.sh > > [ -z "$KDEDIRS" ] && KDEDIRS="/etc/kde-profile/default:/etc/kde-profile" > export KDEDIRS > > I can see that the KDEDIRS variable is captured by a new login and that > the user is affected but it still doesn't work. > > Any suggestions? > > -- > Craig White > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From craig at tobyhouse.com Wed Oct 3 21:59:54 2007 From: craig at tobyhouse.com (Craig White) Date: Wed, 03 Oct 2007 14:59:54 -0700 Subject: [K12OSN] ltsp 6 and kde kiosktool In-Reply-To: <4219988b0710031406h682fc4e4w86a92637f8135958@mail.gmail.com> References: <1191262974.3387.38.camel@cube.tobyhouse.com> <4219988b0710031406h682fc4e4w86a92637f8135958@mail.gmail.com> Message-ID: <1191448794.6068.35.camel@cube.tobyhouse.com> On Wed, 2007-10-03 at 23:06 +0200, Nadav Kavalerchik wrote: > i don't think that you are using it correctly. > > i never had to do all this extra scripting as you did to make it work. > > we just use kde on the user's desktop. every computer is auto logged > in > with different user name pc1..pc50. i've set a group [students] to > include all > those users. inside kiosktool i assign a profile to students. that's > it. > when ever i logged into a user's Desktop i get the profile already > assign to it. > > all those extra scripting you did seams to work on the local apps > of the terminal, if you have any. as far as i can tell. > > hope, this helps and that i understood you correctly ;-) > > On 10/1/07, Craig White < craig at tobyhouse.com> wrote: > Trying to lock down some settings for users with the kiosktool > from kde. > > For those who are unfamiliar with kiosktool, it adds paths to > the > hierarchy for kde settings. > > It doesn't work out of the box on ltsp-6 I am trying to get it > to work. > > I created a symbolic link from ltsp's /etc/kde-profile > directory to the > terminal distribution etc directory... > > ln -s /etc/kde-profile /opt/ltsp/ppc/etc > ln -s /etc/kde-profile /opt/ltsp/i386/etc > > then I added the following to /etc/profile.d/kde.sh > > [ -z "$KDEDIRS" ] && > KDEDIRS="/etc/kde-profile/default:/etc/kde-profile" > export KDEDIRS > > I can see that the KDEDIRS variable is captured by a new login > and that > the user is affected but it still doesn't work. > > Any suggestions? ---- well, 'users' are all from LDAP and their $HOME directories are loaded via NFS but I do have the 'default' profile set to include the 'dom_users' group and so far, it still isn't working. # cat /etc/kde-user-profile [General] groups=dom_users [Groups] dom_users=default # cat /etc/kde-profile/default/share/config/kdeglobals --- much snipped --- [KDE Control Module Restrictions] kde-screensaver.desktop=true # cat /etc/kde-profile/default/share/config/kdesktoprc [ScreenSaver] ActionBottomLeft=0 ActionBottomRight=1 ActionTopLeft=0 ActionTopRight=0 Enabled[$i]=true Lock[$i]=true LockGrace[$i]=60000 Priority=19 Saver=KBlankscreen.desktop Timeout[$i]=300 Where the settings have [$i] set are immutable and user cannot change. This setup works on individually installed workstations (Fedora 6/7) but not on LTSP-6 ;-( -- Craig White From meelis at nlib.ee Thu Oct 4 06:16:52 2007 From: meelis at nlib.ee (Meelis) Date: Thu, 4 Oct 2007 09:16:52 +0300 Subject: [K12OSN] USB hub not working on VXL thinclients ( TC4331 ) Message-ID: <00ae01c8064e$27e935f0$870d10ac@melka> As I can see nobody could help me solve this problem. Just like nobody shared no ideas how to enable martcard support that was an issue about ... ummm ... 3 months ago and still not solved. (No mail was returned at that time aswell!) It would be nice if someone at least writes an answer "I do not know" so I would know this list is still active and my mail goes through. To get no answer at all is silly and frustrating. -------------------------------------- And update to the problem : USB hub is still not working. I got so far that installed FC6 on the testserver with several updates to the packages. Kernel files including. I suspect that client is loading an old kernel (2.6.17.xx or something) but new kernel seems to be 2.6.2x.xx. I used ltspadmin utility to update but as I boot up the client ... it still shows that old kernel is loaded. So I switched pxelinux.0 and vmlinuz.ltsp files and their links to new ones (4.2) but still nothing. Client gets old kernel. Next I managed to get kernel panic message with the text like "modules.dep not found in this location " but there is a modules.dep in that location and it is set with read/write/what ever permissions. I tryed some copy/paste solutions so it's OK for me to get the panic message. Now I got to a point where I started to suspect maybe it's thinclient firmware problem. Navigated to their webpage, downloaded the manual and firmware releace notes (april 2007) and found out that there really is a problem like mine. The problem was old kernel that is updated to newer version with this update(logical as edubuntu server recognizes the usb hub). As I'm not using thinclient software to boot there is no use for this firmware update. This so called update is software based firmware update that updates preinstalled linux. Could someone please help me and write if there is somekind of manual for updateing ltsp kernel files that are sent to clients in order to make the USB hub work? Using FC6 downloaded from K12LTSP page with LTSP version 4.2 (at least I think it is using this version as it was updated with ltspadmin utility) With respect, Meelis Mihhailov ----------------------------------------- S?steemi administraator Eesti Rahvusraamatukogu Infos?steemide osakond Telefon : 6307 181 E-mail : meelis at nlib.ee ----------------------------------------- From rowens at ptd.net Thu Oct 4 11:54:16 2007 From: rowens at ptd.net (Rob Owens) Date: Thu, 4 Oct 2007 07:54:16 -0400 Subject: [K12OSN] smbldap and webmin - "modifications require authentication" Message-ID: <20071004115416.GA23520@junker.owens.net> I did an installation of Feisty server and ran the smbldap script. I logged into webmin as my local root user, and attempted to add an LDAP user. I got this error message: Failed to save user : Failed to add user to LDAP database : modifications require authentication I suspect that I have something mis-configured in webmin. (I actually didn't do any configuration -- just used the default settings). Does anyone have any suggestions for me on how to properly add an LDAP user? Thanks -Rob From mblinn at peopleplaces.org Thu Oct 4 13:01:05 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Thu, 04 Oct 2007 09:01:05 -0400 Subject: [K12OSN] /tmp Message-ID: <4704E411.9080205@peopleplaces.org> What is the convention for cleaning out /tmp in v6? It's slowly filling up, and I can see some very old files in there. Is there a /tmp manager, or a current method for 'rm -rf /tmp/*' on reboot, or ....? Thanks, Michael From nils at breun.nl Thu Oct 4 13:11:24 2007 From: nils at breun.nl (Nils Breunese) Date: Thu, 4 Oct 2007 15:11:24 +0200 Subject: [K12OSN] /tmp In-Reply-To: <4704E411.9080205@peopleplaces.org> References: <4704E411.9080205@peopleplaces.org> Message-ID: <5EA24039-7C26-4C82-A7A8-A742DCE17548@breun.nl> Michael Blinn wrote: > What is the convention for cleaning out /tmp in v6? It's slowly > filling up, and I can see some very old files in there. Is there a / > tmp manager, or a current method for 'rm -rf /tmp/*' on reboot, > or ....? Do you have the tmpwatch package installed (I think it is installed by default, but we don't run K12LTSP 6)? From rpm -qi tmpwatch: ---- The tmpwatch utility recursively searches through specified directories and removes files which have not been accessed in a specified period of time. Tmpwatch is normally used to clean up directories which are used for temporarily holding files (for example, /tmp). Tmpwatch ignores symlinks, won't switch filesystems and only removes empty directories and regular files. ---- It is run from /etc/cron.daily/tmpwatch on our systems. Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From craig at tobyhouse.com Thu Oct 4 16:29:46 2007 From: craig at tobyhouse.com (Craig White) Date: Thu, 04 Oct 2007 09:29:46 -0700 Subject: [K12OSN] smbldap and webmin - "modifications require authentication" In-Reply-To: <20071004115416.GA23520@junker.owens.net> References: <20071004115416.GA23520@junker.owens.net> Message-ID: <1191515386.13452.9.camel@cube.tobyhouse.com> On Thu, 2007-10-04 at 07:54 -0400, Rob Owens wrote: > I did an installation of Feisty server and ran the smbldap script. I logged into webmin as my local root user, and attempted to add an LDAP user. I got this error message: > > Failed to save user : Failed to add user to LDAP database : modifications require authentication > > I suspect that I have something mis-configured in webmin. (I actually didn't do any configuration -- just used the default settings). Does anyone have any suggestions for me on how to properly add an LDAP user? > > Thanks ---- In Webmin's LDAP Users and Groups configuration, there is the ability to manually set the binddn and bindpw for the module. -- Craig White From ahodson at elp.rr.com Thu Oct 4 17:55:30 2007 From: ahodson at elp.rr.com (ahodson at elp.rr.com) Date: Thu, 04 Oct 2007 11:55:30 -0600 Subject: [K12OSN] ***Texas Users: How to deal with test.nav In-Reply-To: References: <4703679C0200006C00007937@episd14.episd.org> Message-ID: I am surprised nobody picked up on this comment, as it really doesn't clarify what side of the fence you are sitting on. Are you saying that it is ILLEGAL to run a state mandated test on a system that is not proprietary (ie, Mac or Windows?) - If that is so, could you please expand a little? I sincerely hope that we haven't arrived at the stage where your operating system is mandated by law/lawyers/politicians!!! cheers Alan Hodson El Paso, TX -=o=- ----- Original Message ----- From: "Accessys at smart.net" Date: Wednesday, October 3, 2007 10:26 am Subject: Re: [K12OSN] Texas Users: How to deal with test.nav To: "Support list for open source software in schools." > > technically under ADA and 508 laws it is illegal to MANDATE an > unprovided (free) proprietary system. I think there are a few other > laws on this issue too. > > Bob > > On Wed, 3 Oct 2007, Alan Hodson wrote: > > > Greetings again list > > > > Texas users are mandated to use test.nav as an assessment tool - > we as a district naturally have it available on Macs and PCs. I am > wondering if anyone knows of a hack/way to implement the needed > applications so thin-client labs can also become usable for testing. > > Thanks > > > > Alan Hodson > > http://tinyurl.com/3e4sh8 > > El Paso ISD, TX > > -=o=- > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > occasionally a true patriot must defend his country from its' > government+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > "They that can give up essential liberty to obtain a little temporary > safety deserve Neither liberty nor safety", Benjamin Franklin > - - - - - - - - - - - - - - - - - > - - > ASCII Ribbon Campaign. . . . . . . . . . . . accessBob > .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . > accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . > . . Access Systems, engineers > .NO attachments in e-mail, .*LINUX powered*. access is a civil > right*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# > THIS message and any attachments are CONFIDENTIAL and may be > privileged. They are intended ONLY for the individual or entity named > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jones_yeates at hotmail.com Thu Oct 4 18:51:44 2007 From: jones_yeates at hotmail.com (jones yeates) Date: Thu, 4 Oct 2007 18:51:44 +0000 Subject: [K12OSN] Novell 5 client can't get through LTSP server In-Reply-To: <46FA829A.0F3C.0098.0@scesd.k12.or.us> References: <46FA829A.0F3C.0098.0@scesd.k12.or.us> Message-ID: I got it to work. To get the IP working for the Windows client, I entered: router# service iptables-k12ltsp start I needed IPX to be running on my Linux server, so I downloaded ipxripd and installed, then updated it. The problem with IPX is that the auto configuration for the interfaces wasn't doing what I was hoping it would. I was getting conflicts with 802.2 and 802.3. So I manually entered them in. So I had to manually configure the interfaces. router# ipx_configure --auto_interface=off --auto-primary=off router# ipx_interface add -p eth1 802.2 0x1 router# ipx_interface add eth0 802.2 0x2 Note: 0x1 is the IPX network number for the school and 0x2 is the IPX network number for the LAN. Thanks for all of your help and I hope that this helps someone out there. (Actually I hope that no one ever needs to use this.) > Date: Wed, 26 Sep 2007 16:02:35 -0700 > From: joeb at scesd.k12.or.us > To: k12osn at redhat.com > Subject: Re: [K12OSN] Novell 5 client can't get through LTSP server > > > > >>> "jones yeates" 9/26/2007 3:40 PM >>> > Ya, my Window clients are on the lan behind the linux router and I can't get > them to authenticate to the Novell server. > > You will need to configure SLP Services on the server and workstations if you have not already done so. > > Here is a link to a TID that explains how to configure the server and clients. > > http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=10059981&sliceId=&dialogID=46811520&stateId=0%200%2046817185 > > Joe > > > >From: "Robert Arkiletian" > >Reply-To: "Support list for open source software in schools." > > > >To: "Support list for open source software in schools." > >Subject: Re: [K12OSN] Novell 5 client can't get through LTSP server > >Date: Wed, 26 Sep 2007 15:29:20 -0700 > > > >On 9/26/07, jones yeates wrote: > > > I found the following link for Novell 6 that I believe explains how to > >get a > > > client with a Novell logon screen to get through the ltsp server. > > > http://www.novell.com/coolsolutions/appnote/6019.html > > > > > > >That article describes how to use a Novell server for your homes in > >Linux. In other words, how to auth and access the Novell accounts > >through an LTSP login. > > > >I think your problem is different. If I read correctly, you want your > >Windows boxes in your lan, which are being given an ip from your LTSP > >server, to *get through* to the external Novell server. > > > > > >-- > >Robert Arkiletian > >Eric Hamber Secondary, Vancouver, Canada > >Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ > >C++ GUI tutorial http://www3.telus.net/public/robark/ > > > >_______________________________________________ > >K12OSN mailing list > >K12OSN at redhat.com > >https://www.redhat.com/mailman/listinfo/k12osn > >For more info see > > _________________________________________________________________ > Enter to win a night a VIP night out at TIFF > http://redcarpet.sympatico.msn.ca/ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see _________________________________________________________________ Be seen when you can't be heard! Discover how today! http://www.freemessengeremoticons.ca/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From accessys at smart.net Thu Oct 4 20:50:35 2007 From: accessys at smart.net (Accessys@smart.net) Date: Thu, 4 Oct 2007 16:50:35 -0400 (EDT) Subject: [K12OSN] ***Texas Users: How to deal with test.nav In-Reply-To: References: <4703679C0200006C00007937@episd14.episd.org> Message-ID: What I'm saying is that under the Disability laws it is illegal to demand that proprietary software be aquired in order to use what is free to everyone else. 28CFR36.301.C technically this only applies to persons with disabilities, but if a visually impaired person uses EMACSpeak as their video to audio screen reader then they could not be charged or forced to pay for adaptive software such as JAWS in order to be able to take a test that works with say windows only. also I would check with the electronic freedom foundation to find the exact wording, but if the state mandates a certain software and the local system is using a different software and the software must be purchased from a single provider then I believe it is illegal, you should check with your local legal folks. Bob On Thu, 4 Oct 2007 ahodson at elp.rr.com wrote: > I am surprised nobody picked up on this comment, as it really doesn't > clarify what side of the fence you are sitting on. Are you saying that > it is ILLEGAL to run a state mandated test on a system that is not > proprietary (ie, Mac or Windows?) - If that is so, could you please > expand a little? I sincerely hope that we haven't arrived at the stage > where your operating system is mandated by law/lawyers/politicians!!! > cheers > Alan Hodson > El Paso, TX > -=o=- > > ----- Original Message ----- > From: "Accessys at smart.net" > Date: Wednesday, October 3, 2007 10:26 am > Subject: Re: [K12OSN] Texas Users: How to deal with test.nav > To: "Support list for open source software in schools." > > > > > technically under ADA and 508 laws it is illegal to MANDATE an > > unprovided (free) proprietary system. I think there are a few other > > laws on this issue too. > > > > Bob > > > > On Wed, 3 Oct 2007, Alan Hodson wrote: > > > > > Greetings again list > > > > > > Texas users are mandated to use test.nav as an assessment tool - > > we as a district naturally have it available on Macs and PCs. I am > > wondering if anyone knows of a hack/way to implement the needed > > applications so thin-client labs can also become usable for testing. > > > Thanks > > > > > > Alan Hodson > > > http://tinyurl.com/3e4sh8 > > > El Paso ISD, TX > > > -=o=- > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > > > > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > occasionally a true patriot must defend his country from its' > > > government+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > "They that can give up essential liberty to obtain a little temporary > > safety deserve Neither liberty nor safety", Benjamin Franklin > > - - - - - - - - - - - - - - - - - > > - - > > ASCII Ribbon Campaign. . . . . . . . . . . . accessBob > > .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . > > accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . > > . . Access Systems, engineers > > .NO attachments in e-mail, .*LINUX powered*. access is a civil > > > right*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# > > THIS message and any attachments are CONFIDENTIAL and may be > > privileged. They are intended ONLY for the individual or entity named > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ occasionally a true patriot must defend his country from its' government +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ "They that can give up essential liberty to obtain a little temporary safety deserve Neither liberty nor safety", Benjamin Franklin - - - - - - - - - - - - - - - - - - - ASCII Ribbon Campaign. . . . . . . . . . . . accessBob .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . . . Access Systems, engineers .NO attachments in e-mail, .*LINUX powered*. access is a civil right *#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# THIS message and any attachments are CONFIDENTIAL and may be privileged. They are intended ONLY for the individual or entity named From GLessard at cegepoutaouais.qc.ca Thu Oct 4 21:11:39 2007 From: GLessard at cegepoutaouais.qc.ca (Guy-Michel Lessard) Date: Thu, 04 Oct 2007 17:11:39 -0400 Subject: =?ISO-8859-1?Q?R=E9p.=20:=20RE:=20[K12OSN]=20Novell=205=20client?= =?ISO-8859-1?Q?=20can't=20get=20through=20LTSP=20server?= In-Reply-To: References: <46FA829A.0F3C.0098.0@scesd.k12.or.us> Message-ID: <47051ECB020000BB00006753@wise.cegepoutaouais.qc.ca> Does this mean that your windows boxes where using IPX to access the Netware Server? if that is the case, Netware can use exclusively TCP/IP so that you could eliminate loading IPX on the linux server. >>> jones yeates 2007-10-04 14:51:44 >>> I got it to work. To get the IP working for the Windows client, I entered: router# service iptables-k12ltsp start I needed IPX to be running on my Linux server, so I downloaded ipxripd and installed, then updated it. The problem with IPX is that the auto configuration for the interfaces wasn't doing what I was hoping it would. I was getting conflicts with 802.2 and 802.3. So I manually entered them in. So I had to manually configure the interfaces. router# ipx_configure --auto_interface=off --auto-primary=off router# ipx_interface add -p eth1 802.2 0x1 router# ipx_interface add eth0 802.2 0x2 Note: 0x1 is the IPX network number for the school and 0x2 is the IPX network number for the LAN. Thanks for all of your help and I hope that this helps someone out there. (Actually I hope that no one ever needs to use this.) > Date: Wed, 26 Sep 2007 16:02:35 -0700 > From: joeb at scesd.k12.or.us > To: k12osn at redhat.com > Subject: Re: [K12OSN] Novell 5 client can't get through LTSP server > > > > >>> "jones yeates" 9/26/2007 3:40 PM >>> > Ya, my Window clients are on the lan behind the linux router and I can't get > them to authenticate to the Novell server. > > You will need to configure SLP Services on the server and workstations if you have not already done so. > > Here is a link to a TID that explains how to configure the server and clients. > > http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=10059981&sliceId=&dialogID=46811520&stateId=0%200%2046817185 > > Joe > > > >From: "Robert Arkiletian" > >Reply-To: "Support list for open source software in schools." > > > >To: "Support list for open source software in schools." > >Subject: Re: [K12OSN] Novell 5 client can't get through LTSP server > >Date: Wed, 26 Sep 2007 15:29:20 -0700 > > > >On 9/26/07, jones yeates wrote: > > > I found the following link for Novell 6 that I believe explains how to > >get a > > > client with a Novell logon screen to get through the ltsp server. > > > http://www.novell.com/coolsolutions/appnote/6019.html > > > > > > >That article describes how to use a Novell server for your homes in > >Linux. In other words, how to auth and access the Novell accounts > >through an LTSP login. > > > >I think your problem is different. If I read correctly, you want your > >Windows boxes in your lan, which are being given an ip from your LTSP > >server, to *get through* to the external Novell server. > > > > > >-- > >Robert Arkiletian > >Eric Hamber Secondary, Vancouver, Canada > >Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ > >C++ GUI tutorial http://www3.telus.net/public/robark/ > > > >_______________________________________________ > >K12OSN mailing list > >K12OSN at redhat.com > >https://www.redhat.com/mailman/listinfo/k12osn > >For more info see > > _________________________________________________________________ > Enter to win a night a VIP night out at TIFF > http://redcarpet.sympatico.msn.ca/ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see Get cool Messenger Emoticons! Click here to learn more. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rowens at ptd.net Thu Oct 4 22:08:36 2007 From: rowens at ptd.net (Rob Owens) Date: Thu, 4 Oct 2007 18:08:36 -0400 Subject: [K12OSN] smbldap and webmin - "modifications require authentication" In-Reply-To: <1191515386.13452.9.camel@cube.tobyhouse.com> References: <20071004115416.GA23520@junker.owens.net> <1191515386.13452.9.camel@cube.tobyhouse.com> Message-ID: <20071004220836.GA3716@junker.owens.net> On Thu, Oct 04, 2007 at 09:29:46AM -0700, Craig White wrote: > On Thu, 2007-10-04 at 07:54 -0400, Rob Owens wrote: > > I did an installation of Feisty server and ran the smbldap script. I logged into webmin as my local root user, and attempted to add an LDAP user. I got this error message: > > > > Failed to save user : Failed to add user to LDAP database : modifications require authentication > > > > I suspect that I have something mis-configured in webmin. (I actually didn't do any configuration -- just used the default settings). Does anyone have any suggestions for me on how to properly add an LDAP user? > > > > Thanks > ---- > In Webmin's LDAP Users and Groups configuration, there is the ability to > manually set the binddn and bindpw for the module. > Thanks Craig. I got it working. Here's exactly what I did: In "Module Config" for LDAP Users and Groups, I set the following: "Bind to LDAP server as": cn=Manager,dc=mynetwork,dc=net "Credentials for bind name above": mypassword (This information is located in the /etc/smbldap-tools/smbldap_bind.conf file) After that, my first error went away but I got something about "no structuralObjectClass operational". I corrected that by entering "Module Config" and clicking "yes" for "Show fields for given name and surname?". (I got that info from this link: http://ubuntuforums.org/showthread.php?p=3459259 ) So now it seems to work. If I encounter any more problems I'll post back. -Rob From jones_yeates at hotmail.com Fri Oct 5 00:56:42 2007 From: jones_yeates at hotmail.com (jones yeates) Date: Fri, 5 Oct 2007 00:56:42 +0000 Subject: [K12OSN] Window Clients can't get past the Linux Server In-Reply-To: <1190721498.7247.84.camel@localhost> References: <1190721498.7247.84.camel@localhost> Message-ID: I got it to work. It was an IPX problem. I described it on another thread: https://www.redhat.com/archives/k12osn/2007-October/msg00051.html Thanks again for all of your help. Subject: Re: [K12OSN] Window Clients can't get past the Linux Server From: sjxn at bigpond.net.au To: k12osn at redhat.com Date: Tue, 25 Sep 2007 21:58:18 +1000 Hmmm. I think you need help from someone more familiar than me with the Novell logon process at this point. However.... As I understand things, the DNS suffix is used when querying DNS servers, and is added to the name of the machine being sought if it is not specified. Thus if your machine name was 'daneel,' your DNS suffix was 'robots.com' and you asked 'daneel' to ping 'giskard' without specifying a fully-qualified name such as 'giskard.solaria.net' then 'daneel' would query for 'giskard.robots.com,' adding its own DNS suffix on to the sought-for name. A connection-specific DNS suffix lets you tell a computer with more than one network interface that it is to use a different DNS suffix on each network it has available. In most cases there is only one network interface and the connection-specific suffix is not needed; but it is set by DHCP anyway, just in case you didn't give Windows a fully-qualified name, or in case that name doesn't work on this particular network. I am afraid I have no idea whether this will affect the Novell logon process. To find out, if you place the PC directly on the main network, does it login correctly? What DNS suffix does it get there? What happens if you set that DNS suffix in the DHCP settings on the LTSP server? (The terminals will get this suffix too, but it shouldn't matter AFAIK unless they are running local apps or print servers etc). As an aside, I assume you've looked in the log files on the Windows machine, to see if the Novell client is trying to tell you anything. I don't know where Novell would put that information (anyone?), but I would start with the Event Viewer. Also, it would be helpful to see the output of 'iptables -v -L' on the LTSP machine. With tcpdump, it's probably only worth doing this if you know a bit about recognising network packets. On the other hand, I see no way to get any further without doing something like it, after proving the logon works with the Windows box on the main network. Others may like to recommend a better protocol analyser for this, such as ethereal - I'm just telling you what I would do, having a limited memory :-) I would first try to see what happens on the terminal network, like this: 1. Start a command line on the LTSP server and type 'ifconfig' (omit the quotes, they are just for clarity here) to see which network is on which interface - look at the ip addresses for eth0, eth1, etc. Let's say eth0 is the terminal network (with 192.168.0.254) and eth1 the main network for what follows. If yours are different, make the appropriate changes below. 2. Make sure all other computers and terminals on the terminal network are turned off, to avoid extra traffic or having to use a filter while tcpdump-ing. 3. Do 'tcpdump -vv -i eth0 >file0' in the command line on the LTSP server - this causes tcpdump's output to be captured in a text file called 'file0'. 4. Turn on the Windows machine (this is so we capture any preliminary lookups it tries before logon). 5. Try to log in to Novell when Windows is ready. 6. When the login fails, use Ctrl/c on the LTSP server to interrupt the capture. 7. Shut down the Windows machine again. Now we repeat the process capturing traffic on the main network. You won't be able to shut everything down here, but try to do it at a quiet time. 8. With the Windows machine off, do 'tcpdump -vv -i eth1 >file1' on the LTSP server. 9. Repeat steps 4,5,6. Now compare the two capture files 'file0' and 'file1'. (I suggest doing the two captures separately so that file0 will give you a guide to what is relevant in file1, without having to search hard for it amongst all the other traffic.) The ip addresses (and ports on the LTSP server end) will be different owing to NAT, but you should see an outgoing packet in file1 for every incoming relevant packet in file0 (this is where it gets hard to describe what you are really looking for), and appropriate responses coming back from the DNS and Novell servers on the main network in file1, and being passed back to Windows in file0. Look out for repeated requests that give a clue about a response going missing. If you can't work out the order of packets, you could repeat steps 2-6 but using 'tcpdump -vv -i any >file2' which will capture both interfaces at once, in order. Again, look for corresponding packets on each side being relayed by the LTSP server. Look out for DNS lookup failures, and also look out for broadcasts other than ARP on the eth0 side (sent to a .255 address) - it may even be that Novell relies on broadcasts to find servers, but I sincerely hope not! It would be instructive to compare the results with a trace of a successful login on the main network, if you can manage that - but Windows has no native equivalent to tcpdump, and I don't know about Netware. By the way, I'm using Ubuntu to check the command parameters I'm telling you - they might be slightly different on FC5, but I doubt it. That's all I can think of at the moment. I hope it helps! Good luck! On Tue, 2007-09-25 at 05:05 +0000, jones yeates wrote: I tried to get the dhcp server to give the client the DNS server ip addresses on the school's network, and it still didn't work. As you mentioned, the Linux thin clients ended up not being able to connect properly. I noticed that the school machines have a different Connection-specific DNS Suffix than the LAN and I'm not sure if I should change it to what the school has or not. I don't know what that does. The Windows clints can ping the DNS servers. I installed tcpdump, but I'm not sure how to use it to see the packet flow from the Window's client. >From: Steve Jackson >Reply-To: "Support list for open source software in schools." > >To: "Support list for open source software in schools." >Subject: Re: [K12OSN] Window Clients can't get past the Linux Server >Date: Sun, 23 Sep 2007 08:23:11 +1000 > >This sounds like a DNS lookup problem to me. DNS is used to locate domain >servers in Active Directory, assuming that's what you mean by "tree server" >- and the same for Novell I think. >To diagnose, I would hand-configure the W2K DNS server entry to be the same >address as it would get if it were connected to the "main" network, and see >if it now works. If it does, you need to look at where the LTSP server's >DNS service is forwarding requests it can't handle to, and make it try the >"main" network's DNS. If your LTSP server doesn't have a DNS service, >change its DHCP config to tell the clients to use the main DNS address. > >Transparent proxying only affects web traffic IIRC (and I'm not sure what's >going on with squid, can't help there). The ip_forward setting must be 1. >NAT must be used unless the "main" network knows how to route packets back >into the "terminal & w2k" network. > >Steve > >jones yeates wrote: >>I am using a floppy to boot onto the LTSP server. It is working fine. >>The clients can log in and access the Internet. =] >> >>When the client doesn't boot from the floppy, it loads up Windows (2000). >>It is unable to find the "tree server" to authenticate the Windows user. >>However, if I say "Yes" to work on the Window's desktop, I can access the >>Internet. >> >>On the Fedora Core 5 server that is running K12LTSP, I tried: >> #echo 1 > /proc/sys/net/ipv4/ip_forward >>and that took care of the Windows client being able to access the >>Internet. >> >>I tried: >> #chkconfig --levels 345 transparent-proxying on >>and there was no change so I entered >> #chkconfig --levels 345 transparent-proxying off >> >>I restarted the server, for another attempt at solving this. >>I turned off the firewall, installed and ran squid. I made the changes >>discussed in >>http://www.redhat.com/archives/k12osn/2007-August/msg00221.html but it >>failed to #service squid restart. I removed the transparent value and >>#service squid restart worked fine. >> >>I tried >> #chkconfig --levels 345 transparent-proxying on >>again. This time it couldn't be found. I listed all the values for >>chkconfig and it wasn't on the list. I am not sure how I removed that >>item, is there a way I can get it back? >> >>Below is what the ipconfig looks like on the Window's client. >> >>E:\>ipconfig /all >>Windows 2000 IP Configuration >> Host Name . . . . . . . . . . . . : c-23 >> Primary DNS Suffix . . . . . . . : >> Node Type . . . . . . . . . . . . : Hybrid >> IP Routing Enabled. . . . . . . . : No >> WINS Proxy Enabled. . . . . . . . : No >> DNS Suffix Search List. . . . . . : ltsp >>Ethernet adapter Local Area Connection 2: >> Connection-specific DNS Suffix . : ltsp >> Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network >>Connection >> Physical Address. . . . . . . . . : 00-01-04-EB-12-1C >> DHCP Enabled. . . . . . . . . . . : Yes >> Autoconfiguration Enabled . . . . : Yes >> IP Address. . . . . . . . . . . . : 192.168.0.218 >> Subnet Mask . . . . . . . . . . . : 255.255.255.0 >> Default Gateway . . . . . . . . . : 192.168.0.254 >> DHCP Server . . . . . . . . . . . : 192.168.0.254 >> DNS Servers . . . . . . . . . . . : 192.168.0.254 >> Lease Obtained. . . . . . . . . . : Friday, September 21, 2007 >>4:25:40 PM >> Lease Expires . . . . . . . . . . : Friday, September 21, 2007 >>10:25:40PM >> >>As a Windows client, I am able to ping outside of the 192.168.0.0 LAN and >>onto the school's regular network. I believe nat is working because I can >>access the Internet on the Window's client. >> >> >>I am not sure what else to try. The transparent thing is my only guess. >> >>_________________________________________________________________ >>Windows Live Hotmail. Even hotter than before. Get a better look now. >>www.newhotmail.ca?icid=WLHMENCA148 >> >>_______________________________________________ >>K12OSN mailing list >>K12OSN at redhat.com >>https://www.redhat.com/mailman/listinfo/k12osn >>For more info see >> > >_______________________________________________ >K12OSN mailing list >K12OSN at redhat.com >https://www.redhat.com/mailman/listinfo/k12osn >For more info see _________________________________________________________________ Former Police Officer Paul Gillespies TAKE BACK THE INTERNET tips and tricks, watch the video now http://safety.sympatico.msn.ca/ _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see _________________________________________________________________ Express yourself with new emoticons. It?s easy! Try it! http://www.freemessengeremoticons.ca/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From carl at snarlnet.com Fri Oct 5 05:34:45 2007 From: carl at snarlnet.com (Carl Keil) Date: Thu, 04 Oct 2007 22:34:45 -0700 Subject: [K12OSN] Making a message pop up on a thin client Message-ID: <4705CCF5.7050100@snarlnet.com> Hey Folks, I've always wondered about sneaky thin client tricks. It seems like there's got to be a way to blast some audio or pop up a message on a thin client remotely, like from the command line. Does anybody know how to do that? Thanks, ck From microman at cmosnetworks.com Fri Oct 5 06:54:23 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 02:54:23 -0400 Subject: [K12OSN] /tmp In-Reply-To: <4704E411.9080205@peopleplaces.org> References: <4704E411.9080205@peopleplaces.org> Message-ID: <4705DF9F.4090000@cmosnetworks.com> Michael Blinn wrote: > What is the convention for cleaning out /tmp in v6? It's slowly > filling up, and I can see some very old files in there. Is there a > /tmp manager, or a current method for 'rm -rf /tmp/*' on reboot, or ....? > Thanks, > Michael I generally just rm -rf /tmp/* as root every so often. The whole point of /tmp is to hold temporary files while a user is logged on, especially with "heavy" desktops like GNOME and KDE. When the user is no longer logged on, that user's files in /tmp are no longer needed. --TP From sjxn at bigpond.net.au Fri Oct 5 07:03:34 2007 From: sjxn at bigpond.net.au (Steve Jackson) Date: Fri, 05 Oct 2007 17:03:34 +1000 Subject: [K12OSN] Window Clients can't get past the Linux Server In-Reply-To: References: <1190721498.7247.84.camel@localhost> Message-ID: <4705E1C6.1030906@bigpond.net.au> That's great! Full marks for persistence. Where there's a Linux there's a way. :-) Maybe your solution should be turned into a wiki article. jones yeates wrote: > I got it to work. It was an IPX problem. I described it on another > thread: > https://www.redhat.com/archives/k12osn/2007-October/msg00051.html > > Thanks again for all of your help. > > ------------------------------------------------------------------------ > Subject: Re: [K12OSN] Window Clients can't get past the Linux Server > From: sjxn at bigpond.net.au > To: k12osn at redhat.com > Date: Tue, 25 Sep 2007 21:58:18 +1000 > > Hmmm. I think you need help from someone more familiar than me > with the Novell logon process at this point. However.... > > As I understand things, the DNS suffix is used when querying DNS > servers, and is added to the name of the machine being sought if > it is not specified. Thus if your machine name was 'daneel,' your > DNS suffix was 'robots.com' and you asked 'daneel' to ping > 'giskard' without specifying a fully-qualified name such as > 'giskard.solaria.net' then 'daneel' would query for > 'giskard.robots.com,' adding its own DNS suffix on to the > sought-for name. A connection-specific DNS suffix lets you tell a > computer with more than one network interface that it is to use a > different DNS suffix on each network it has available. In most > cases there is only one network interface and the > connection-specific suffix is not needed; but it is set by DHCP > anyway, just in case you didn't give Windows a fully-qualified > name, or in case that name doesn't work on this particular network. > > I am afraid I have no idea whether this will affect the Novell > logon process. To find out, if you place the PC directly on the > main network, does it login correctly? What DNS suffix does it get > there? What happens if you set that DNS suffix in the DHCP > settings on the LTSP server? (The terminals will get this suffix > too, but it shouldn't matter AFAIK unless they are running local > apps or print servers etc). > > As an aside, I assume you've looked in the log files on the > Windows machine, to see if the Novell client is trying to tell you > anything. I don't know where Novell would put that information > (anyone?), but I would start with the Event Viewer. Also, it would > be helpful to see the output of 'iptables -v -L' on the LTSP machine. > > With tcpdump, it's probably only worth doing this if you know a > bit about recognising network packets. On the other hand, I see no > way to get any further without doing something like it, after > proving the logon works with the Windows box on the main network. > Others may like to recommend a better protocol analyser for this, > such as ethereal - I'm just telling you what I would do, having a > limited memory :-) > > I would first try to see what happens on the terminal network, > like this: > 1. Start a command line on the LTSP server and type 'ifconfig' > (omit the quotes, they are just for clarity here) to see which > network is on which interface - look at the ip addresses for eth0, > eth1, etc. Let's say eth0 is the terminal network (with > 192.168.0.254) and eth1 the main network for what follows. If > yours are different, make the appropriate changes below. > 2. Make sure all other computers and terminals on the terminal > network are turned off, to avoid extra traffic or having to use a > filter while tcpdump-ing. > 3. Do 'tcpdump -vv -i eth0 >file0' in the command line on the LTSP > server - this causes tcpdump's output to be captured in a text > file called 'file0'. > 4. Turn on the Windows machine (this is so we capture any > preliminary lookups it tries before logon). > 5. Try to log in to Novell when Windows is ready. > 6. When the login fails, use Ctrl/c on the LTSP server to > interrupt the capture. > 7. Shut down the Windows machine again. > > Now we repeat the process capturing traffic on the main network. > You won't be able to shut everything down here, but try to do it > at a quiet time. > 8. With the Windows machine off, do 'tcpdump -vv -i eth1 >file1' > on the LTSP server. > 9. Repeat steps 4,5,6. > > Now compare the two capture files 'file0' and 'file1'. (I suggest > doing the two captures separately so that file0 will give you a > guide to what is relevant in file1, without having to search hard > for it amongst all the other traffic.) The ip addresses (and ports > on the LTSP server end) will be different owing to NAT, but you > should see an outgoing packet in file1 for every incoming relevant > packet in file0 (this is where it gets hard to describe what you > are really looking for), and appropriate responses coming back > from the DNS and Novell servers on the main network in file1, and > being passed back to Windows in file0. > > Look out for repeated requests that give a clue about a response > going missing. If you can't work out the order of packets, you > could repeat steps 2-6 but using 'tcpdump -vv -i any >file2' which > will capture both interfaces at once, in order. Again, look for > corresponding packets on each side being relayed by the LTSP server. > > Look out for DNS lookup failures, and also look out for broadcasts > other than ARP on the eth0 side (sent to a .255 address) - it may > even be that Novell relies on broadcasts to find servers, but I > sincerely hope not! It would be instructive to compare the results > with a trace of a successful login on the main network, if you can > manage that - but Windows has no native equivalent to tcpdump, and > I don't know about Netware. > > By the way, I'm using Ubuntu to check the command parameters I'm > telling you - they might be slightly different on FC5, but I doubt it. > That's all I can think of at the moment. I hope it helps! Good luck! > > On Tue, 2007-09-25 at 05:05 +0000, jones yeates wrote: > > I tried to get the dhcp server to give the client the DNS server ip > addresses on the school's network, and it still didn't work. As you > mentioned, the Linux thin clients ended up not being able to connect > properly. > > I noticed that the school machines have a different Connection-specific DNS > Suffix than the LAN and I'm not sure if I should change it to what the > school has or not. I don't know what that does. > > The Windows clints can ping the DNS servers. > > I installed tcpdump, but I'm not sure how to use it to see the packet flow > from the Window's client. > > > >From: Steve Jackson > > >Reply-To: "Support list for open source software in schools." > >> > >To: "Support list for open source software in schools." > > >Subject: Re: [K12OSN] Window Clients can't get past the Linux Server > >Date: Sun, 23 Sep 2007 08:23:11 +1000 > > > >This sounds like a DNS lookup problem to me. DNS is used to locate domain > >servers in Active Directory, assuming that's what you mean by "tree server" > >- and the same for Novell I think. > >To diagnose, I would hand-configure the W2K DNS server entry to be the same > >address as it would get if it were connected to the "main" network, and see > >if it now works. If it does, you need to look at where the LTSP server's > >DNS service is forwarding requests it can't handle to, and make it try the > >"main" network's DNS. If your LTSP server doesn't have a DNS service, > >change its DHCP config to tell the clients to use the main DNS address. > > > >Transparent proxying only affects web traffic IIRC (and I'm not sure what's > >going on with squid, can't help there). The ip_forward setting must be 1. > >NAT must be used unless the "main" network knows how to route packets back > >into the "terminal & w2k" network. > > > >Steve > > > >jones yeates wrote: > >>I am using a floppy to boot onto the LTSP server. It is working fine. > >>The clients can log in and access the Internet. =] > >> > >>When the client doesn't boot from the floppy, it loads up Windows (2000). > >>It is unable to find the "tree server" to authenticate the Windows user. > >>However, if I say "Yes" to work on the Window's desktop, I can access the > >>Internet. > >> > >>On the Fedora Core 5 server that is running K12LTSP, I tried: > >> #echo 1 > /proc/sys/net/ipv4/ip_forward > >>and that took care of the Windows client being able to access the > >>Internet. > >> > >>I tried: > >> #chkconfig --levels 345 transparent-proxying on > >>and there was no change so I entered > >> #chkconfig --levels 345 transparent-proxying off > >> > >>I restarted the server, for another attempt at solving this. > >>I turned off the firewall, installed and ran squid. I made the changes > >>discussed in > >>http://www.redhat.com/archives/k12osn/2007-August/msg00221.html but it > >>failed to #service squid restart. I removed the transparent value and > >>#service squid restart worked fine. > >> > >>I tried > >> #chkconfig --levels 345 transparent-proxying on > >>again. This time it couldn't be found. I listed all the values for > >>chkconfig and it wasn't on the list. I am not sure how I removed that > >>item, is there a way I can get it back? > >> > >>Below is what the ipconfig looks like on the Window's client. > >> > >>E:\>ipconfig /all > >>Windows 2000 IP Configuration > >> Host Name . . . . . . . . . . . . : c-23 > >> Primary DNS Suffix . . . . . . . : > >> Node Type . . . . . . . . . . . . : Hybrid > >> IP Routing Enabled. . . . . . . . : No > >> WINS Proxy Enabled. . . . . . . . : No > >> DNS Suffix Search List. . . . . . : ltsp > >>Ethernet adapter Local Area Connection 2: > >> Connection-specific DNS Suffix . : ltsp > >> Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network > >>Connection > >> Physical Address. . . . . . . . . : 00-01-04-EB-12-1C > >> DHCP Enabled. . . . . . . . . . . : Yes > >> Autoconfiguration Enabled . . . . : Yes > >> IP Address. . . . . . . . . . . . : 192.168.0.218 > >> Subnet Mask . . . . . . . . . . . : 255.255.255.0 > >> Default Gateway . . . . . . . . . : 192.168.0.254 > >> DHCP Server . . . . . . . . . . . : 192.168.0.254 > >> DNS Servers . . . . . . . . . . . : 192.168.0.254 > >> Lease Obtained. . . . . . . . . . : Friday, September 21, 2007 > >>4:25:40 PM > >> Lease Expires . . . . . . . . . . : Friday, September 21, 2007 > >>10:25:40PM > >> > >>As a Windows client, I am able to ping outside of the 192.168.0.0 LAN and > >>onto the school's regular network. I believe nat is working because I can > >>access the Internet on the Window's client. > >> > >> > >>I am not sure what else to try. The transparent thing is my only guess. > >> > >>_________________________________________________________________ > >>Windows Live Hotmail. Even hotter than before. Get a better look now. > >>www.newhotmail.ca?icid=WLHMENCA148 > >> > >>_______________________________________________ > >>K12OSN mailing list > >>K12OSN at redhat.com > >>https://www.redhat.com/mailman/listinfo/k12osn > >>For more info see > >> > > > >_______________________________________________ > >K12OSN mailing list > >K12OSN at redhat.com > >https://www.redhat.com/mailman/listinfo/k12osn > >For more info see > > _________________________________________________________________ > Former Police Officer Paul Gillespies TAKE BACK THE INTERNET tips and > tricks, watch the video now http://safety.sympatico.msn.ca/ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > > ------------------------------------------------------------------------ > Express yourself with new emoticons. It?s easy! Try it! > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From microman at cmosnetworks.com Fri Oct 5 07:29:36 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 03:29:36 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP Message-ID: <4705E7E0.5090309@cmosnetworks.com> I just ran across this today over at www.linuxtoday.com. I tried out the following two settings on my K12LTSP 4.2EL box to see if they would indeed speed up response time for desktop apps. /sbin/sysctl -w vm.swappiness=1 (default is 60) /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) These are, as you might've guessed from the "vm" in the name, virtual memory settings for Linux (the kernel). So what the heck do these do? The first one tells Linux not to be so hasty to swap out applications to disk in favor of data. Normally Linux will swap out applications that you've loaded to disk, especially if you're working with large data sets (e. g. video editing on a large file). That's great for a server, where you've got a few tasks running all the time. But it *SUCKS* for a desktop, in which you want instant application response time, and you're quickly switching between apps (I know I sure do!). It's even worse on an LTSP server w/ multiple users. This setting fixes that problem. The second one tells Linux not to be so hasty to swap out inode (filesystem) info that it's cached. You do a search on, say, your homedir. The inode info for that search, of course, gets cached. Then you go and sling around a huge file or two...or three. Guess what? Not only did your app get swapped to disk (per the above), but also your inode data cache in DRAM for your homedir got wiped out, too. That means the next time you've got to search your homedir, you've got to go *back* to the disk instead of getting that info from cache! S-L-O-O-O-W-W-W. Again, fine for certain servers, but bad for a desktop. This second setting reduces that tendency. After applying these two, my K12LTSP server is giving my much better desktop app response than it ever has. It's like night and day. The original source for this info, with a much better explanation by its author, Manuel A. "Rudd-O" Briz, is here: http://rudd-o.com/archives/2007/10/02/tales-from-responsivenessland-why-linux-feels-slow-and-how-to-fix-that/ --TP _______________________________ Do you GNU!? Microsoft Free since 2003 --the ultimate antivirus protection! -------------- next part -------------- An HTML attachment was scrubbed... URL: From robark at gmail.com Fri Oct 5 07:36:35 2007 From: robark at gmail.com (Robert Arkiletian) Date: Fri, 5 Oct 2007 00:36:35 -0700 Subject: [K12OSN] ext2 usb partition with MToolsFM possible? Message-ID: Running ltsp 4.1 (K12LTSP 4 EL / no FUSE) 2 partitions on USB stick vfat sda1 ext2 sda2 MToolsFM only sees the first vfat partition. Is it possible to access both? -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From nadavkav at gmail.com Fri Oct 5 09:33:23 2007 From: nadavkav at gmail.com (Nadav Kavalerchik) Date: Fri, 5 Oct 2007 11:33:23 +0200 Subject: [K12OSN] Making a message pop up on a thin client In-Reply-To: <4705CCF5.7050100@snarlnet.com> References: <4705CCF5.7050100@snarlnet.com> Message-ID: <4219988b0710050233p3bcbbd93q92a8379d0b3ac8d4@mail.gmail.com> checkout Robert's TeacherTool: http://www3.telus.net/public/robark/Fl_TeacherTool/ it does what you want and much more :-) On 10/5/07, Carl Keil wrote: > > Hey Folks, > > I've always wondered about sneaky thin client tricks. It seems like > there's got to be a way to blast some audio or pop up a message on a > thin client remotely, like from the command line. Does anybody know how > to do that? > > Thanks, > > ck > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mblinn at peopleplaces.org Fri Oct 5 12:01:12 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Fri, 05 Oct 2007 08:01:12 -0400 Subject: [K12OSN] Making a message pop up on a thin client In-Reply-To: <4219988b0710050233p3bcbbd93q92a8379d0b3ac8d4@mail.gmail.com> References: <4705CCF5.7050100@snarlnet.com> <4219988b0710050233p3bcbbd93q92a8379d0b3ac8d4@mail.gmail.com> Message-ID: <47062788.401@peopleplaces.org> Here's a script that uses zenity. Thanks to sbalneaves & ogra in #ltsp who put it together a few months ago. This goes to all connected clients but I'm sure you can modify for just one. Invoke it with #scriptname "This is my message" -Michael #!/bin/bash for PID in $(pgrep metacity); do DISPLAY=$(cat /proc/${PID}/environ | tr '\0' '\n' | grep DISPLAY | sed -e 's/DISPLAY=//') XAUTHORITY=$(cat /proc/${PID}/environ | tr '\0' '\n' | grep XAUTH | sed -e 's/XAUTHORITY=//') zenity --info --text="$1" & done Nadav Kavalerchik wrote: > checkout Robert's TeacherTool: > http://www3.telus.net/public/robark/Fl_TeacherTool/ > it does what you want and much more :-) > > On 10/5/07, *Carl Keil* > > wrote: > > Hey Folks, > > I've always wondered about sneaky thin client tricks. It seems like > there's got to be a way to blast some audio or pop up a message on a > thin client remotely, like from the command line. Does anybody > know how > to do that? > > Thanks, > > ck > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- CONFIDENTIALITY NOTICE: This message, and any attachments that may accompany it, contain information that is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If the recipient of this message is not the intended recipient, any disclosure, copying, or other use of this communication or any of the information, which it contains is unauthorized and prohibited. If you have received this message in error, please notify the original sender by return mail and delete this message, along with any attachments, from your computer. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dyoung at mesd.k12.or.us Fri Oct 5 14:53:53 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Fri, 5 Oct 2007 07:53:53 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <4705E7E0.5090309@cmosnetworks.com> References: <4705E7E0.5090309@cmosnetworks.com> Message-ID: <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> On 10/5/07, "Terrell Prud? Jr." wrote: > /sbin/sysctl -w vm.swappiness=1 (default is 60) > /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) If you want those kind of changes to persist between reboots, you must add them to /etc/sysctl.conf -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From mblinn at peopleplaces.org Fri Oct 5 15:07:12 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Fri, 05 Oct 2007 11:07:12 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> References: <4705E7E0.5090309@cmosnetworks.com> <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> Message-ID: <47065320.4040701@peopleplaces.org> Nice - I didn't even know this setting existed. For the first time since I brought it online my server's immediate load is back to 0.00 -- with five clients, streaming audio, OOo, TB and Firefox plus a bunch of services (web, mysql, mail, DNS, etc). I guess the server was giving a surfeit of precedence to cached files with the newest kernel. Good to know. Thanks, Michael Dan Young wrote: > On 10/5/07, "Terrell Prud? Jr." wrote: > >> /sbin/sysctl -w vm.swappiness=1 (default is 60) >> /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) >> > > If you want those kind of changes to persist between reboots, you must add > them to /etc/sysctl.conf -------------- next part -------------- An HTML attachment was scrubbed... URL: From robark at gmail.com Fri Oct 5 16:05:51 2007 From: robark at gmail.com (Robert Arkiletian) Date: Fri, 5 Oct 2007 09:05:51 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <4705E7E0.5090309@cmosnetworks.com> References: <4705E7E0.5090309@cmosnetworks.com> Message-ID: On 10/5/07, "Terrell Prud? Jr." wrote: > > I just ran across this today over at www.linuxtoday.com. I tried out the > following two settings on my K12LTSP 4.2EL box to see if they would indeed > speed up response time for desktop apps. > > /sbin/sysctl -w vm.swappiness=1 (default is 60) > /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) > > These are, as you might've guessed from the "vm" in the name, virtual > memory settings for Linux (the kernel). > Will both these changes only make a difference if your server is actively using swap? IOW if you never hit swap, do they matter? -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From microman at cmosnetworks.com Fri Oct 5 17:02:48 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 13:02:48 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: References: <4705E7E0.5090309@cmosnetworks.com> Message-ID: <47066E38.8040804@cmosnetworks.com> Robert Arkiletian wrote: > On 10/5/07, "Terrell Prud? Jr." wrote: > >> I just ran across this today over at www.linuxtoday.com. I tried out the >> following two settings on my K12LTSP 4.2EL box to see if they would indeed >> speed up response time for desktop apps. >> >> /sbin/sysctl -w vm.swappiness=1 (default is 60) >> /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) >> >> These are, as you might've guessed from the "vm" in the name, virtual >> memory settings for Linux (the kernel). >> >> > > Will both these changes only make a difference if your server is > actively using swap? IOW if you never hit swap, do they matter? > > My server at home doesn't swap. However, I still notice a remarkable increase in app response time. Now, on a busy LTSP server with, say, 40 users, it'd probably benefit even more. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From robark at gmail.com Fri Oct 5 17:13:08 2007 From: robark at gmail.com (Robert Arkiletian) Date: Fri, 5 Oct 2007 10:13:08 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <47066E38.8040804@cmosnetworks.com> References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> Message-ID: On 10/5/07, "Terrell Prud? Jr." wrote: > > > Will both these changes only make a difference if your server is > actively using swap? IOW if you never hit swap, do they matter? > > > > My server at home doesn't swap. However, I still notice a remarkable > increase in app response time. Now, on a busy LTSP server with, say, 40 > users, it'd probably benefit even more. > Interesting. I'll give it a shot. Thanks Terrell. Also, a couple things I would add for better performance Add the noatime mount option to your drive partitions (or md devices) in /etc/fstab I don't think schools are so concerned about security that we need to know when each file is accessed. Also check dmesg | grep scheduler make sure you are using the cfq i/o scheduler here is an explanation of i/o scheduler options http://www.redhat.com/magazine/008jun05/features/schedulers/ -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From mrjohnlucas at gmail.com Fri Oct 5 18:37:09 2007 From: mrjohnlucas at gmail.com (John Lucas) Date: Fri, 5 Oct 2007 14:37:09 -0400 Subject: [K12OSN] /tmp In-Reply-To: <4705DF9F.4090000@cmosnetworks.com> References: <4704E411.9080205@peopleplaces.org> <4705DF9F.4090000@cmosnetworks.com> Message-ID: <200710051437.09905.MrJohnLucas@gmail.com> On Friday 05 October 2007 02:54, Terrell Prud? Jr. wrote: > Michael Blinn wrote: > > What is the convention for cleaning out /tmp in v6? It's slowly > > filling up, and I can see some very old files in there. Is there a > > /tmp manager, or a current method for 'rm -rf /tmp/*' on reboot, or ....? > > Thanks, > > Michael > > I generally just > > rm -rf /tmp/* > > as root every so often. The whole point of /tmp is to hold temporary > files while a user is logged on, especially with "heavy" desktops like > GNOME and KDE. When the user is no longer logged on, that user's files > in /tmp are no longer needed. > Just be aware that if /tmp is mounted on it's own filesystem, you will be deleting "lost+found", not a good thing. If /tmp is merely a sub-directory of another filesystem, then "rm -Rf /tmp/*" should only be run while in single-user mode, and any hidden files (with leading ".") will remain untouched. In multi-user mode, there is a danger of removing a "live" lock file or socket. -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From jjjggg at hotmail.com Fri Oct 5 18:06:42 2007 From: jjjggg at hotmail.com (JohnG) Date: Fri, 5 Oct 2007 14:06:42 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP References: <4705E7E0.5090309@cmosnetworks.com><47066E38.8040804@cmosnetworks.com> Message-ID: > Interesting. I'll give it a shot. Thanks Terrell. > > Also, a couple things I would add for better performance > It probably already exists in some fashion, but I was thinking it would be nice to have a post-install script of some sort that includes all these little k12ltsp specific tweaks. Does such a beast exist? From microman at cmosnetworks.com Fri Oct 5 19:02:49 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 15:02:49 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> Message-ID: <47068A59.5040901@cmosnetworks.com> Robert Arkiletian wrote: > Also, a couple things I would add for better performance > > Add the noatime mount option to your drive partitions (or md devices) > in /etc/fstab > I don't think schools are so concerned about security that we need to > know when each file is accessed. > > Hmm...good idea here. > Also check > dmesg | grep scheduler > make sure you are using the cfq i/o scheduler > > That's the default on my system, and I'm using 4.2EL. I'm not sure what the default is in Fedora. > here is an explanation of i/o scheduler options > http://www.redhat.com/magazine/008jun05/features/schedulers/ > Yo, man, you tryin' to fry my brain here? :-) Actually, for K12LTSP servers, it appears from this article that the Anticipatory (AS) scheduler might be even better for high-interactive, e. g. desktop, performance issues. Red Hat did their tests with an Oracle 10G task requiring lots and lots of disk I/O. Of course, if the K12LTSP server also serves double-duty as a major file server for the LAN (e. g. Samba or NFS), then CFQ might be the better overall bet. As always, it all depends on what kind of load you're running on the box. --TP From les at futuresource.com Fri Oct 5 19:48:42 2007 From: les at futuresource.com (Les Mikesell) Date: Fri, 05 Oct 2007 14:48:42 -0500 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: References: <4705E7E0.5090309@cmosnetworks.com><47066E38.8040804@cmosnetworks.com> Message-ID: <4706951A.3020103@futuresource.com> JohnG wrote: >> Interesting. I'll give it a shot. Thanks Terrell. >> >> Also, a couple things I would add for better performance >> > > It probably already exists in some fashion, but I was thinking it would > be nice to have a post-install script of some sort that includes all > these little k12ltsp specific tweaks. Does such a beast exist? Do you mean something like /opt/ltsp/templates/k12linux/sysctl-update.sh and all those other scripts in that directory? -- Les Mikesell lesmikesell at gmail.com From jim at winonacotter.org Fri Oct 5 20:05:57 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Fri, 5 Oct 2007 15:05:57 -0500 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> References: <4705E7E0.5090309@cmosnetworks.com> <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> Message-ID: <20071005200521.M371@winonacotter.org> On Fri, 5 Oct 2007 07:53:53 -0700, Dan Young wrote > On 10/5/07, "Terrell Prud? Jr." wrote: > > /sbin/sysctl -w vm.swappiness=1 (default is 60) > > /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) > > If you want those kind of changes to persist between reboots, you must add > them to /etc/sysctl.conf So in /etc/sysctl.conf you would just add the following two lines" vm.swappiness=1 vm.vfs_cache_pressure=50 Thanks, Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From microman at cmosnetworks.com Fri Oct 5 20:09:10 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 16:09:10 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005200521.M371@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> <20071005200521.M371@winonacotter.org> Message-ID: <470699E6.4000805@cmosnetworks.com> Jim Kronebusch wrote: > On Fri, 5 Oct 2007 07:53:53 -0700, Dan Young wrote > >> On 10/5/07, "Terrell Prud? Jr." wrote: >> >>> /sbin/sysctl -w vm.swappiness=1 (default is 60) >>> /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) >>> >> If you want those kind of changes to persist between reboots, you must add >> them to /etc/sysctl.conf >> > > So in /etc/sysctl.conf you would just add the following two lines" > > vm.swappiness=1 > vm.vfs_cache_pressure=50 > > Thanks, > Jim > Exactly. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From jim at winonacotter.org Fri Oct 5 20:09:28 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Fri, 5 Oct 2007 15:09:28 -0500 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> Message-ID: <20071005200731.M24354@winonacotter.org> > Add the noatime mount option to your drive partitions (or md devices) > in /etc/fstab > I don't think schools are so concerned about security that we need to > know when each file is accessed. I believe I have asked you this before, but I forgot. This setting only needs to be used on a client mounting via nfs, correct? So this won't really help the thin clients, but can help other systems mounting /home per say via nfs? thanks Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jim at winonacotter.org Fri Oct 5 20:11:04 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Fri, 5 Oct 2007 15:11:04 -0500 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <4705E7E0.5090309@cmosnetworks.com> References: <4705E7E0.5090309@cmosnetworks.com> Message-ID: <20071005201006.M96421@winonacotter.org> On Fri, 05 Oct 2007 03:29:36 -0400, Terrell Prud? Jr. wrote > I just ran across this today over at www.linuxtoday.com. I tried out > the following two settings on my K12LTSP 4.2EL box to see if they would > indeed speed up response time for desktop apps. > > /sbin/sysctl -w vm.swappiness=1 (default is 60) > /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) > > These are, as you might've guessed from the "vm" in the name, virtual > memory settings for Linux (the kernel). Can anyone think of any benefit to making these same changes in /opt/ltsp/i386/etc/sysctl.conf? I assume not since everything is basically running in RAM. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From krsnendu108 at gmail.com Fri Oct 5 20:12:07 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Sat, 6 Oct 2007 08:12:07 +1200 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005200731.M24354@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <20071005200731.M24354@winonacotter.org> Message-ID: Don't thin clients mount their root filesystem with nfs? On 06/10/2007, Jim Kronebusch wrote: > > > Add the noatime mount option to your drive partitions (or md devices) > > in /etc/fstab > > I don't think schools are so concerned about security that we need to > > know when each file is accessed. > > I believe I have asked you this before, but I forgot. This setting only > needs to be > used on a client mounting via nfs, correct? So this won't really help the > thin clients, > but can help other systems mounting /home per say via nfs? > > thanks > Jim > > -- > This message has been scanned for viruses and > dangerous content by the Cotter Technology > Department, and is believed to be clean. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From microman at cmosnetworks.com Fri Oct 5 20:12:08 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 16:12:08 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005200731.M24354@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <20071005200731.M24354@winonacotter.org> Message-ID: <47069A98.8070801@cmosnetworks.com> _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! Jim Kronebusch wrote: >> Add the noatime mount option to your drive partitions (or md devices) >> in /etc/fstab >> I don't think schools are so concerned about security that we need to >> know when each file is accessed. >> > > I believe I have asked you this before, but I forgot. This setting only needs to be > used on a client mounting via nfs, correct? So this won't really help the thin clients, > but can help other systems mounting /home per say via nfs? > > thanks > Jim > Just checked out the man page for mount. Doesn't appear to be specific to NFS, so it looks like it'd help speed things up regardless. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From krsnendu108 at gmail.com Fri Oct 5 20:13:08 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Sat, 6 Oct 2007 08:13:08 +1200 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <47069A98.8070801@cmosnetworks.com> References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <20071005200731.M24354@winonacotter.org> <47069A98.8070801@cmosnetworks.com> Message-ID: Would these settings also help with edubuntu? On 06/10/2007, "Terrell Prud? Jr." wrote: > > > _______________________________ > Do you GNU ? > Microsoft Free since 2003 --the ultimate > antivirus protection! > > > Jim Kronebusch wrote: > > Add the noatime mount option to your drive partitions (or md devices) > in /etc/fstab > I don't think schools are so concerned about security that we need to > know when each file is accessed. > > I believe I have asked you this before, but I forgot. This setting only needs to be > used on a client mounting via nfs, correct? So this won't really help the thin clients, > but can help other systems mounting /home per say via nfs? > > thanks > Jim > > > Just checked out the man page for mount. Doesn't appear to be specific to > NFS, so it looks like it'd help speed things up regardless. > > --TP > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From dyoung at mesd.k12.or.us Fri Oct 5 20:15:49 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Fri, 5 Oct 2007 13:15:49 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005200521.M371@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> <20071005200521.M371@winonacotter.org> Message-ID: <994441ae0710051315h53340512l2c39b6df36955f80@mail.gmail.com> On 10/5/07, Jim Kronebusch wrote: > On Fri, 5 Oct 2007 07:53:53 -0700, Dan Young wrote > > On 10/5/07, "Terrell Prud? Jr." wrote: > > > /sbin/sysctl -w vm.swappiness=1 (default is 60) > > > /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) > > > > If you want those kind of changes to persist between reboots, you must add > > them to /etc/sysctl.conf > > So in /etc/sysctl.conf you would just add the following two lines" > > vm.swappiness=1 > vm.vfs_cache_pressure=50 Yes. While I'm glad this setting has had positive results for the O.P., the results of these types of changes are likely to be highly dependent on your particular environment: http://kerneltrap.org/node/3000 -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From microman at cmosnetworks.com Fri Oct 5 20:20:32 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 16:20:32 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005201006.M96421@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <20071005201006.M96421@winonacotter.org> Message-ID: <47069C90.5080402@cmosnetworks.com> Jim Kronebusch wrote: > On Fri, 05 Oct 2007 03:29:36 -0400, Terrell Prud? Jr. wrote > >> I just ran across this today over at www.linuxtoday.com. I tried out >> the following two settings on my K12LTSP 4.2EL box to see if they would >> indeed speed up response time for desktop apps. >> >> /sbin/sysctl -w vm.swappiness=1 (default is 60) >> /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) >> >> These are, as you might've guessed from the "vm" in the name, virtual >> memory settings for Linux (the kernel). >> > > Can anyone think of any benefit to making these same changes in > /opt/ltsp/i386/etc/sysctl.conf? I assume not since everything is basically running in RAM. > > Jim > > I can think of one. If you're running apps locally on your thin client, and you have NFSSWAP turned on, then I could see it being a benefit. Otherwise, no. Anyone? --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From microman at cmosnetworks.com Fri Oct 5 20:22:32 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 16:22:32 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <20071005200731.M24354@winonacotter.org> <47069A98.8070801@cmosnetworks.com> Message-ID: <47069D08.1010006@cmosnetworks.com> They should. I noticed an improvement with Debian Etch last night as well. However, this is a kernel setting and thus should apply to anything running Linux 2.6. --TP Krsnendu dasa wrote: > Would these settings also help with edubuntu? > > On 06/10/2007, *"Terrell Prud? Jr."* > wrote: > > > Jim Kronebusch wrote: >>> Add the noatime mount option to your drive partitions (or md devices) >>> in /etc/fstab >>> I don't think schools are so concerned about security that we need to >>> know when each file is accessed. >>> >> I believe I have asked you this before, but I forgot. This setting only needs to be >> used on a client mounting via nfs, correct? So this won't really help the thin clients, >> but can help other systems mounting /home per say via nfs? >> >> >> thanks >> Jim >> > > Just checked out the man page for mount. Doesn't appear to be > specific to NFS, so it looks like it'd help speed things up > regardless. > > --TP > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jim at winonacotter.org Fri Oct 5 20:24:05 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Fri, 5 Oct 2007 15:24:05 -0500 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <20071005200731.M24354@winonacotter.org> <47069A98.8070801@cmosnetworks.com> Message-ID: <20071005201556.M8248@winonacotter.org> On Sat, 6 Oct 2007 08:13:08 +1200, Krsnendu dasa wrote > Would these settings also help with edubuntu? I am trying them on my Edubuntu Feisty system right now. I don't see any huge difference yet, but it has only been about 30 seconds since the change :-) How would one test the noatime options for a thin client as there does not seem to be a default /etc/fstab to start? I assume there is a script to build this on boot. I added the vm changes to my /opt/ltsp/i386/etc/sysctl.conf just for the heck of it to see if there is any noticeable difference. So in my /etc/fstab on the server would I add noatime like so? # /etc/fstab: static file system information. # # proc /proc proc defaults,noatime 0 0 # /dev/sda2 UUID=94d94ee4-a692-4885-84eb-6b8060dbc4e3 / ext3 defaults,noatime,errors=remount-ro 0 1 # /dev/sda3 UUID=e3b6ab1d-9b9b-42ba-833c-962cd6f44b4e /home ext3 defaults,noatime 0 2 # /dev/sda1 UUID=9e38dcdd-cadf-443e-b4a5-d78f16a592d2 none swap sw 0 0 /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto 0 0 /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0 Basically adding noatime after defaults on every mount, or is this only useful on / and /home? Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From robark at gmail.com Fri Oct 5 20:25:28 2007 From: robark at gmail.com (Robert Arkiletian) Date: Fri, 5 Oct 2007 13:25:28 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005200731.M24354@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <20071005200731.M24354@winonacotter.org> Message-ID: On 10/5/07, Jim Kronebusch wrote: > > Add the noatime mount option to your drive partitions (or md devices) > > in /etc/fstab > > I don't think schools are so concerned about security that we need to > > know when each file is accessed. > > I believe I have asked you this before, but I forgot. This setting only needs to be > used on a client mounting via nfs, correct? So this won't really help the thin clients, > but can help other systems mounting /home per say via nfs? No. Thin clients mount /opt/lstp/i386 read only. Noatime is only for rw mounts since it must write to the filesystem the time the file was accessed. At least this is my understanding. I use noatime for my / and /home software raid 1 devices on the server. (md0 and md1) Raid 1 benefits in read performance since it can read the same data from 2 possible drives. Write performance is not improved. But if you mount with atime (which is default) now all reads result in a write also. So it kind of kills the read performance benefit of raid 1. -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From eharrison at mail.mesd.k12.or.us Fri Oct 5 20:32:02 2007 From: eharrison at mail.mesd.k12.or.us (Eric Harrison) Date: Fri, 05 Oct 2007 13:32:02 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005200521.M371@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> <20071005200521.M371@winonacotter.org> Message-ID: <47069F42.8050704@mail.mesd.k12.or.us> Jim Kronebusch wrote: > On Fri, 5 Oct 2007 07:53:53 -0700, Dan Young wrote >> On 10/5/07, "Terrell Prud? Jr." wrote: >>> /sbin/sysctl -w vm.swappiness=1 (default is 60) >>> /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) >> If you want those kind of changes to persist between reboots, you must add >> them to /etc/sysctl.conf > > So in /etc/sysctl.conf you would just add the following two lines" > > vm.swappiness=1 > vm.vfs_cache_pressure=50 > > Thanks, > Jim > Close. You need spaces around the "=" vm.swappiness = 1 vm.vfs_cache_pressure = 50 I learned this one the hard way, it drove me nuts one day ;-) -Eric From microman at cmosnetworks.com Fri Oct 5 20:32:21 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 16:32:21 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005201556.M8248@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <20071005200731.M24354@winonacotter.org> <47069A98.8070801@cmosnetworks.com> <20071005201556.M8248@winonacotter.org> Message-ID: <47069F55.8040306@cmosnetworks.com> Jim Kronebusch wrote: > On Sat, 6 Oct 2007 08:13:08 +1200, Krsnendu dasa wrote > >> Would these settings also help with edubuntu? >> > > I am trying them on my Edubuntu Feisty system right now. I don't see any huge > difference yet, but it has only been about 30 seconds since the change :-) > > How would one test the noatime options for a thin client as there does not seem to be a > default /etc/fstab to start? I assume there is a script to build this on boot. > > I added the vm changes to my /opt/ltsp/i386/etc/sysctl.conf just for the heck of it to > see if there is any noticeable difference. > > So in my /etc/fstab on the server would I add noatime like so? > > # /etc/fstab: static file system information. > # > # > proc /proc proc defaults,noatime 0 0 > # /dev/sda2 > UUID=94d94ee4-a692-4885-84eb-6b8060dbc4e3 / ext3 > defaults,noatime,errors=remount-ro 0 1 > # /dev/sda3 > UUID=e3b6ab1d-9b9b-42ba-833c-962cd6f44b4e /home ext3 defaults,noatime > 0 2 > # /dev/sda1 > UUID=9e38dcdd-cadf-443e-b4a5-d78f16a592d2 none swap sw 0 0 > /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto 0 0 > /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0 > > Basically adding noatime after defaults on every mount, or is this only useful on / and > /home? > > Jim > > > In your case, yes, I'd see a benefit only on / and /home, because those are the only *disk* partitions (/proc is a pseudo-filesystem). Floppy and CD-ROM, I wouldn't bother. As for the thin clients, someone else just pointed out that they mount their root filesystems R/O anyway. Thus, it does seem logical to me to not bother for the clients. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From microman at cmosnetworks.com Fri Oct 5 20:36:21 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 05 Oct 2007 16:36:21 -0400 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <47069F42.8050704@mail.mesd.k12.or.us> References: <4705E7E0.5090309@cmosnetworks.com> <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> <20071005200521.M371@winonacotter.org> <47069F42.8050704@mail.mesd.k12.or.us> Message-ID: <4706A045.9000402@cmosnetworks.com> Eric Harrison wrote: > Jim Kronebusch wrote: > >> On Fri, 5 Oct 2007 07:53:53 -0700, Dan Young wrote >> >>> On 10/5/07, "Terrell Prud? Jr." wrote: >>> >>>> /sbin/sysctl -w vm.swappiness=1 (default is 60) >>>> /sbin/sysctl -w vm.vfs_cache_pressure=50 (default is 100) >>>> >>> If you want those kind of changes to persist between reboots, you must add >>> them to /etc/sysctl.conf >>> >> So in /etc/sysctl.conf you would just add the following two lines" >> >> vm.swappiness=1 >> vm.vfs_cache_pressure=50 >> >> Thanks, >> Jim >> >> > > Close. You need spaces around the "=" > > vm.swappiness = 1 > vm.vfs_cache_pressure = 50 > > > I learned this one the hard way, it drove me nuts one day ;-) > > -Eric > Thanks, Eric. Just fixed mine in accordance with this. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From jim at winonacotter.org Fri Oct 5 20:40:51 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Fri, 5 Oct 2007 15:40:51 -0500 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <47069F42.8050704@mail.mesd.k12.or.us> References: <4705E7E0.5090309@cmosnetworks.com> <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> <20071005200521.M371@winonacotter.org> <47069F42.8050704@mail.mesd.k12.or.us> Message-ID: <20071005204012.M44388@winonacotter.org> > Close. You need spaces around the "=" > > vm.swappiness = 1 > vm.vfs_cache_pressure = 50 > > I learned this one the hard way, it drove me nuts one day ;-) > > -Eric Thanks Eric! I made the changes without spaces and was sort of bummed out that I didn't see any difference yet. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From robark at gmail.com Fri Oct 5 20:48:39 2007 From: robark at gmail.com (Robert Arkiletian) Date: Fri, 5 Oct 2007 13:48:39 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <47068A59.5040901@cmosnetworks.com> References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <47068A59.5040901@cmosnetworks.com> Message-ID: On 10/5/07, "Terrell Prud? Jr." wrote: > > http://www.redhat.com/magazine/008jun05/features/schedulers/ > > > Yo, man, you tryin' to fry my brain here? :-) > > Actually, for K12LTSP servers, it appears from this article that the > Anticipatory (AS) scheduler might be even better for high-interactive, > e. g. desktop, performance issues. Red Hat did their tests with an > Oracle 10G task requiring lots and lots of disk I/O. Of course, if the > K12LTSP server also serves double-duty as a major file server for the > LAN (e. g. Samba or NFS), then CFQ might be the better overall bet. > > As always, it all depends on what kind of load you're running on the box. I have not tested my assumption but I don't think the AS scheduler is what you want on an lstp server. AS is best for a single desktop. Wikipedia explains it better than I can http://en.wikipedia.org/wiki/Anticipatory_scheduling http://en.wikipedia.org/wiki/CFQ -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From dyoung at mesd.k12.or.us Fri Oct 5 20:51:11 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Fri, 5 Oct 2007 13:51:11 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <47069F42.8050704@mail.mesd.k12.or.us> References: <4705E7E0.5090309@cmosnetworks.com> <994441ae0710050753u4a57538g773b7a89943ac9f4@mail.gmail.com> <20071005200521.M371@winonacotter.org> <47069F42.8050704@mail.mesd.k12.or.us> Message-ID: <994441ae0710051351v1887a161j7847661e7046fd51@mail.gmail.com> On 10/5/07, Eric Harrison wrote: > Close. You need spaces around the "=" > > vm.swappiness = 1 > vm.vfs_cache_pressure = 50 Doh! Nice catch. The rule is to always "make it look like the others," which in sysctl.conf do indeed have the spaces. -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From jim at winonacotter.org Fri Oct 5 21:01:43 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Fri, 5 Oct 2007 16:01:43 -0500 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <47068A59.5040901@cmosnetworks.com> Message-ID: <20071005210101.M13801@winonacotter.org> > I have not tested my assumption but I don't think the AS scheduler is > what you want on an lstp server. AS is best for a single desktop. > Wikipedia explains it better than I can It looks like Edubuntu defaults to Deadline, here is my output: jim at ltsp:~$ dmesg | grep scheduler [ 1.940498] io scheduler noop registered [ 1.940500] io scheduler anticipatory registered [ 1.940502] io scheduler deadline registered (default) [ 1.940545] io scheduler cfq registered How do I switch? -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From robark at gmail.com Fri Oct 5 21:15:56 2007 From: robark at gmail.com (Robert Arkiletian) Date: Fri, 5 Oct 2007 14:15:56 -0700 Subject: [K12OSN] How to DRASTICALLY speed up app response on K12LTSP In-Reply-To: <20071005210101.M13801@winonacotter.org> References: <4705E7E0.5090309@cmosnetworks.com> <47066E38.8040804@cmosnetworks.com> <47068A59.5040901@cmosnetworks.com> <20071005210101.M13801@winonacotter.org> Message-ID: On 10/5/07, Jim Kronebusch wrote: > > I have not tested my assumption but I don't think the AS scheduler is > > what you want on an lstp server. AS is best for a single desktop. > > Wikipedia explains it better than I can > > It looks like Edubuntu defaults to Deadline, here is my output: > > jim at ltsp:~$ dmesg | grep scheduler > [ 1.940498] io scheduler noop registered > [ 1.940500] io scheduler anticipatory registered > [ 1.940502] io scheduler deadline registered (default) > [ 1.940545] io scheduler cfq registered > > How do I switch? It's a boot time kernel parameter. edit grub.conf add elevator=cfq More info here http://www.redhat.com/magazine/008jun05/features/schedulers/ -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From carl at snarlnet.com Sat Oct 6 07:12:49 2007 From: carl at snarlnet.com (Carl Keil) Date: Sat, 06 Oct 2007 00:12:49 -0700 Subject: [K12OSN] Making a message pop up on a thin client Message-ID: <47073571.7010607@snarlnet.com> > > >Here's a script that uses zenity. Thanks to sbalneaves & ogra in #ltsp >who put it together a few months ago. This goes to all connected >clients but I'm sure you can modify for just one. > >Invoke it with > >#scriptname "This is my message" > >-Michael > >#!/bin/bash > >for PID in $(pgrep metacity); do > DISPLAY=$(cat /proc/${PID}/environ | tr '\0' '\n' | grep DISPLAY | >sed -e 's/DISPLAY=//') > XAUTHORITY=$(cat /proc/${PID}/environ | tr '\0' '\n' | grep XAUTH | >sed -e 's/XAUTHORITY=//') > zenity --info --text="$1" & >done > > > >Nadav Ka > Thanks for the replies. I haven't tried it yet, but this looks like what I was after. Thanks again. ck From carl at snarlnet.com Sat Oct 6 07:18:35 2007 From: carl at snarlnet.com (Carl Keil) Date: Sat, 06 Oct 2007 00:18:35 -0700 Subject: [K12OSN] Setting up a Managed Switch Message-ID: <470736CB.2060708@snarlnet.com> Hi Folks, I just bought a used 3Com Superstack 3, 26 port switch, with Gigabit uplink. When I transfer all the ethernet cables over to it from a fully working install of K12LTSP with 7 clients. The clients can't boot past a certain point. They do the DHCP handshake ok, but they lock up trying to find the NFS server at 192.168.0.254. When I move the cables back to the other switch, the clients boot normally and quickly. Can anyone diagnose my problem with the Superstack from that description? What do I need to change? I've telnetted into it via the serial port, but I'm bewildered by all the options. I've never set up a managed switch before. I'm wondering also, if I reinstall the BIOS or OS, or whatever it is on this switch, will it just work? If I restore it to factory defaults? Any thoughts would be appreciated. I'm also wondering if there's anyone in the Portland area that would be willing to configure this switch for me, if I brought it over. I feel a bit out of my depth. I could pay, maybe $50, if that's not a completely insultingly small amount. Thanks for any replies. ck From asmo.koskinen at arkki.info Sat Oct 6 08:30:15 2007 From: asmo.koskinen at arkki.info (Asmo Koskinen) Date: Sat, 06 Oct 2007 11:30:15 +0300 Subject: [K12OSN] Setting up a Managed Switch In-Reply-To: <470736CB.2060708@snarlnet.com> References: <470736CB.2060708@snarlnet.com> Message-ID: <47074797.8010009@arkki.info> Carl Keil kirjoitti: > The clients can't boot past a certain point. They do the DHCP > handshake ok, but they lock up trying to find the NFS server at > 192.168.0.254. That is common problem in 1000M network with client that has 100M network chip (HP t5135). I have been there. http://wiki.ltsp.org/twiki/bin/view/Ltsp/NFS#Solution_when_using_PXE I do use Ubuntu 6.06, but solution should be the same - add a line to file: /tftpboot/lts/[--]/pxelinux.cfg/default Best regards Asmo Koskinen. From asmo.koskinen at arkki.info Sat Oct 6 08:34:07 2007 From: asmo.koskinen at arkki.info (Asmo Koskinen) Date: Sat, 06 Oct 2007 11:34:07 +0300 Subject: [K12OSN] Setting up a Managed Switch In-Reply-To: <47074797.8010009@arkki.info> References: <470736CB.2060708@snarlnet.com> <47074797.8010009@arkki.info> Message-ID: <4707487F.6010502@arkki.info> Asmo Koskinen kirjoitti: > I do use Ubuntu 6.06, but solution should be the same - add a line to > file: > > /tftpboot/lts/[--]/pxelinux.cfg/default > Mine looks like this (LTSP 4.2): prompt 0 label linux kernel bzImage-2.6.16.1-ltsp-2 append rw root=/dev/ram0 initrd=initramfs.gz MOPTS=nolock,ro,wsize=2048,rsize=2048 Best regards Asmo Koskinen. From carl at snarlnet.com Sat Oct 6 18:36:05 2007 From: carl at snarlnet.com (Carl Keil) Date: Sat, 06 Oct 2007 11:36:05 -0700 Subject: [K12OSN] Setting up a Managed Switch Message-ID: <4707D595.9030400@snarlnet.com> > > >Asmo Koskinen kirjoitti: > > >>> I do use Ubuntu 6.06, but solution should be the same - add a line to >>> file: >>> >>> /tftpboot/lts/[--]/pxelinux.cfg/default >>> >> >> > >Mine looks like this (LTSP 4.2): > >prompt 0 >label linux > kernel bzImage-2.6.16.1-ltsp-2 > append rw root=/dev/ram0 initrd=initramfs.gz >MOPTS=nolock,ro,wsize=2048,rsize=2048 > >Best regards Asmo Koskinen. > Thanks so much for the replies. (And on the weekend, no less) The clients boot up now, but it takes almost 10 times longer than before on the other switch. Performance seems fine once they've booted. There are a lot of messages throughout the bootup process saying "nfs server not responding" followed by "nfs server OK". It eventually gets there, but I can't really function with bootup times this long. One thing I noticed is that it said that it had only negotiated 100BaseT, half duplex. Could that be causing the slowdown? I told the switch to auto negotiate, but to default to full duplex 100, should I force it to full 100? Any further tweaks I can try to speed up the boot times? Thanks, ck From efeldhusen.lists at gmail.com Sat Oct 6 18:40:27 2007 From: efeldhusen.lists at gmail.com (Eric J. Feldhusen) Date: Sat, 06 Oct 2007 14:40:27 -0400 Subject: [K12OSN] Setting up a Managed Switch In-Reply-To: <4707D595.9030400@snarlnet.com> References: <4707D595.9030400@snarlnet.com> Message-ID: <4707D69B.80008@gmail.com> Carl Keil wrote: > Thanks so much for the replies. (And on the weekend, no less) > The clients boot up now, but it takes almost 10 times longer than before > on the other switch. Performance seems fine once they've booted. There > are a lot of messages throughout the bootup process saying "nfs server > not responding" followed by "nfs server OK". It eventually gets there, > but I can't really function with bootup times this long. One thing I > noticed is that it said that it had only negotiated 100BaseT, half > duplex. Could that be causing the slowdown? I told the switch to auto > negotiate, but to default to full duplex 100, should I force it to full > 100? > > Any further tweaks I can try to speed up the boot times? Are both the clients and your server network cards set to auto-negotiate? -- Eric Feldhusen Network Administrator http://www.remc1.org eric at remc1.org PO Box 270 (906) 482-4520 x239 809 Hecla St (906) 482-5031 fax Hancock, MI 49930 (906) 370 6202 mobile From carl at snarlnet.com Sat Oct 6 22:35:29 2007 From: carl at snarlnet.com (Carl Keil) Date: Sat, 06 Oct 2007 15:35:29 -0700 Subject: [K12OSN] Setting up a Managed Switch Message-ID: <47080DB1.3000708@snarlnet.com> > > >Carl Keil wrote: >> Thanks so much for the replies. (And on the weekend, no less) >> The clients boot up now, but it takes almost 10 times longer than before >> on the other switch. Performance seems fine once they've booted. There >> are a lot of messages throughout the bootup process saying "nfs server >> not responding" followed by "nfs server OK". It eventually gets there, >> but I can't really function with bootup times this long. One thing I >> noticed is that it said that it had only negotiated 100BaseT, half >> duplex. Could that be causing the slowdown? I told the switch to auto >> negotiate, but to default to full duplex 100, should I force it to full >> 100? >> >> Any further tweaks I can try to speed up the boot times? > >Are both the clients and your server network cards set to auto-negotiate? > > I'm pretty sure the server is. It's showing up as 1000BaseT full duplex in the switch and at the server. I have no idea how to configure that on the client. The client I'm using to test is an old PIII Dell (optiplex, I'm pretty sure) small form facter. I'm using the onboard NIC set to On w/MBA in the BIOS. The MBA manager doesn't give me much choice about settings besides just "PXE". ck From microman at cmosnetworks.com Sun Oct 7 00:37:54 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Sat, 06 Oct 2007 20:37:54 -0400 Subject: [K12OSN] Setting up a Managed Switch In-Reply-To: <4707D595.9030400@snarlnet.com> References: <4707D595.9030400@snarlnet.com> Message-ID: <47082A62.8040903@cmosnetworks.com> Carl Keil wrote: >> >> >> Asmo Koskinen kirjoitti: >> >> >>>> I do use Ubuntu 6.06, but solution should be the same - add a line >>>> to file: >>>> >>>> /tftpboot/lts/[--]/pxelinux.cfg/default >>>> >>> >> >> Mine looks like this (LTSP 4.2): >> >> prompt 0 >> label linux >> kernel bzImage-2.6.16.1-ltsp-2 >> append rw root=/dev/ram0 initrd=initramfs.gz >> MOPTS=nolock,ro,wsize=2048,rsize=2048 >> >> Best regards Asmo Koskinen. >> > > > Thanks so much for the replies. (And on the weekend, no less) > The clients boot up now, but it takes almost 10 times longer than > before on the other switch. Performance seems fine once they've > booted. There are a lot of messages throughout the bootup process > saying "nfs server not responding" followed by "nfs server OK". It > eventually gets there, but I can't really function with bootup times > this long. One thing I noticed is that it said that it had only > negotiated 100BaseT, half duplex. Could that be causing the > slowdown? I told the switch to auto negotiate, but to default to full > duplex 100, should I force it to full 100? > > Any further tweaks I can try to speed up the boot times? > > Thanks, > > ck Nope, don't force it to 100Mb/FDX if you can at all avoid it. The IEEE rules for autonegotiation state that if one side autonegotiates, but the other side isn't, then the autonegotiating side MUST fall back to half duplex, at the speed of the locked-down (i. e. non-negotiating) device. However, if both sides are capable of autonegotiating to FDX, then that's what MUST happen. I've got Cisco Catalyst, Bay/Nortel, and Amer.com switches that do this perfectly, every time, no fuss. My NIC's are 3Com 3C905 series, Intel Pro/100 series, and Realtek 8129. I'd be getting on the phone with 3Com to troubleshoot this, especially if things were working right with your previous switch. --TP From ahodson at elp.rr.com Sun Oct 7 04:55:44 2007 From: ahodson at elp.rr.com (Alan Hodson) Date: Sat, 06 Oct 2007 22:55:44 -0600 Subject: [K12OSN] Thumbdrives not recognized... Alternatives??? In-Reply-To: References: Message-ID: <470866D0.3070007@elp.rr.com> Hi group Many postings later, CENTOS5 and USB thumb drives are not working together for me yet. I've taken a rather drastic road, and I am testing Ubuntu Server, but the K12LTSP ease of use is not there. Several of the files regularly used under Fedora/Centos are not there, and I am having a very hard time with the thin client configuration... Perhaps I'll try K12LTSP 6 and see if that handles the USBs any better... Anybody using 6 and USBs successfully? I *MUST* save to thumb drives... Suggestions welcomed ahodson at elp.rr.com wrote: > Hi group > > The students at one of the middle schools where we have a 30 user > thin-client lab almost linched me when their PC formatted thumbdrives > appeared on the desktopn, but not the content of the work they had saved > using home and standalone PCs. I need some help here. Name of thumbdrive > appears on the desktop and inside the "Drives" folder, but not the > contents. Mounting the traditional way is not doing it... Help! > Alan Hodson > El Paso ISD, TX > -=o=- > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From robark at gmail.com Sun Oct 7 05:17:18 2007 From: robark at gmail.com (Robert Arkiletian) Date: Sat, 6 Oct 2007 22:17:18 -0700 Subject: [K12OSN] Thumbdrives not recognized... Alternatives??? In-Reply-To: <470866D0.3070007@elp.rr.com> References: <470866D0.3070007@elp.rr.com> Message-ID: On 10/6/07, Alan Hodson wrote: > Hi group > > Many postings later, CENTOS5 and USB thumb drives are not working > together for me yet. I've taken a rather drastic road, and I am testing > Ubuntu Server, but the K12LTSP ease of use is not there. Several of the > files regularly used under Fedora/Centos are not there, and I am having > a very hard time with the thin client configuration... Perhaps I'll try > K12LTSP 6 and see if that handles the USBs any better... Anybody using 6 > and USBs successfully? I *MUST* save to thumb drives... Suggestions welcomed The suggestions by others in the previous thread were good ones. However, if you tried those I would see if a cdrom mounts automatically with ltspfs. Also make sure usb is enabled in the bios of the client. Although if you are getting the icon I would think it is. Also after you plug it in to the client check to see what's mounted on the server with mount. You should see somehting like this ltspfs on /home/dag/Drives/Removable_Device_393_Mb type fuse (rw,nosuid,nodev,user=dag) also check /var/log/messages One more idea, on the client hit ctrl-alt-f2 (assuming you have enabled shell in lts.conf) and check dmesg for any problems. Hope that helps. -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From rowens at ptd.net Sun Oct 7 15:22:03 2007 From: rowens at ptd.net (Rob Owens) Date: Sun, 7 Oct 2007 11:22:03 -0400 Subject: [K12OSN] smbldap - changing passwords Message-ID: <20071007152203.GA28171@junker.owens.net> I ran the smbldap-installer scripts on a Debian Etch machine as a test. Everything seems to have worked fine. My question is, what is the proper method to change passwords (as a non-privileged user). 'smbpasswd' seems to work. Is this what I'm supposed to use? What about a linux-only user who is not assigned any samba credentials? 'passwd' gives me this error after allowing me to enter my new password twice: LDAP password information update failed: Unknown error 'ldappasswd' gives me this error immediately: ldap_sasl_interactive_bind_s: No such attribute (16) '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then gives me these two errors: failed to modify entry: Insufficient access at /usr/sbin/smbldap-passwd line 227, line 3. Unable to change password: Insufficient access at /usr/sbin/smbldap-passwd line 261, line 3. Also, I don't have any Windows clients to test... Does changing passwords through the Windows password utility work? Thanks -Rob From krsnendu108 at gmail.com Sun Oct 7 15:30:17 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Mon, 8 Oct 2007 04:30:17 +1300 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: <20071007152203.GA28171@junker.owens.net> References: <20071007152203.GA28171@junker.owens.net> Message-ID: It should work with windows clients. As far as linux users. search the archives. I had a suggestion for a script that runs smbldap as sudo. It might be a good starting point for you. The idea of a web interface to change passwords is a good idea mentioned on the smbldap website, but it seems nothing came of it. Krsnendu dasa On 08/10/2007, Rob Owens wrote: > > I ran the smbldap-installer scripts on a Debian Etch machine as a > test. Everything seems to have worked fine. My question is, what is the > proper method to change passwords (as a non-privileged user). > > 'smbpasswd' seems to work. Is this what I'm supposed to use? What about > a linux-only user who is not assigned any samba credentials? > > 'passwd' gives me this error after allowing me to enter my new password > twice: > LDAP password information update failed: Unknown error > > 'ldappasswd' gives me this error immediately: > ldap_sasl_interactive_bind_s: No such attribute (16) > > '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then gives > me these two errors: > failed to modify entry: Insufficient access at /usr/sbin/smbldap-passwd > line 227, line 3. > Unable to change password: Insufficient access at /usr/sbin/smbldap-passwd > line 261, line 3. > > Also, I don't have any Windows clients to test... Does changing passwords > through the Windows password utility work? > > Thanks > > -Rob > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From peter at scheie.homedns.org Sun Oct 7 16:18:04 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Sun, 07 Oct 2007 11:18:04 -0500 Subject: [K12OSN] Thumbdrives not recognized... Alternatives??? In-Reply-To: <470866D0.3070007@elp.rr.com> References: <470866D0.3070007@elp.rr.com> Message-ID: <470906BC.3000904@scheie.homedns.org> Carefully go through the steps in the Troubleshooting checklist on the LTSP wiki at http://wiki.ltsp.org/twiki/bin/view/Ltsp/LTSP-42-LocalDev#Troubleshooting Some of the steps are irrelevant because you didn't install the local device support, it came installed in K12LTSP. Nevertheless, the steps can usually help pinpoint the trouble. If it's still not working after going through the checklist, go through the checklist again, saving the output from every step, and then include all the output in an email to the LTSP list (not the K12LTSP list) or to #ltsp on IRC where one of the devs can probably help. Be forwarned, if you neglect to include the results from any step in the checklist, you'll be quickly chastised. Details matter and if you leave any out, they can't help you. Good luck. Peter Alan Hodson wrote: > Hi group > > Many postings later, CENTOS5 and USB thumb drives are not working > together for me yet. I've taken a rather drastic road, and I am testing > Ubuntu Server, but the K12LTSP ease of use is not there. Several of the > files regularly used under Fedora/Centos are not there, and I am having > a very hard time with the thin client configuration... Perhaps I'll try > K12LTSP 6 and see if that handles the USBs any better... Anybody using 6 > and USBs successfully? I *MUST* save to thumb drives... Suggestions > welcomed > > > ahodson at elp.rr.com wrote: >> Hi group >> >> The students at one of the middle schools where we have a 30 user >> thin-client lab almost linched me when their PC formatted thumbdrives >> appeared on the desktopn, but not the content of the work they had saved >> using home and standalone PCs. I need some help here. Name of thumbdrive >> appears on the desktop and inside the "Drives" folder, but not the >> contents. Mounting the traditional way is not doing it... Help! >> Alan Hodson >> El Paso ISD, TX >> -=o=- >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From rowens at ptd.net Sun Oct 7 16:12:25 2007 From: rowens at ptd.net (Rob Owens) Date: Sun, 7 Oct 2007 12:12:25 -0400 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: References: <20071007152203.GA28171@junker.owens.net> Message-ID: <20071007161225.GB28171@junker.owens.net> Thanks, I found the script you were talking about. However, if someone could confirm to me that 'smbpasswd' is just as good, then I wouldn't need to bother with the script and with sudoers, etc. But it would be really nice for the Linux password GUI tools to work. Maybe I could do this: mv /usr/bin/passwd /usr/bin/passwd.bak ln -s /usr/bin/smbpasswd /usr/bin/passwd (or link your script to /usr/bin/passwd) I tried it at the command line and it works, but I haven't tried it on a system with a GUI installed yet... I wonder if this could cause problems with any future software installations that create a user as part of the install (for instance: backuppc, apache, etc) -Rob On Mon, Oct 08, 2007 at 04:30:17AM +1300, Krsnendu dasa wrote: > It should work with windows clients. > As far as linux users. search the archives. I had a suggestion for a script > that runs smbldap as sudo. It might be a good starting point for you. > The idea of a web interface to change passwords is a good idea mentioned on > the smbldap website, but it seems nothing came of it. > > Krsnendu dasa > > On 08/10/2007, Rob Owens wrote: > > > > I ran the smbldap-installer scripts on a Debian Etch machine as a > > test. Everything seems to have worked fine. My question is, what is the > > proper method to change passwords (as a non-privileged user). > > > > 'smbpasswd' seems to work. Is this what I'm supposed to use? What about > > a linux-only user who is not assigned any samba credentials? > > > > 'passwd' gives me this error after allowing me to enter my new password > > twice: > > LDAP password information update failed: Unknown error > > > > 'ldappasswd' gives me this error immediately: > > ldap_sasl_interactive_bind_s: No such attribute (16) > > > > '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then gives > > me these two errors: > > failed to modify entry: Insufficient access at /usr/sbin/smbldap-passwd > > line 227, line 3. > > Unable to change password: Insufficient access at /usr/sbin/smbldap-passwd > > line 261, line 3. > > > > Also, I don't have any Windows clients to test... Does changing passwords > > through the Windows password utility work? > > > > Thanks > > > > -Rob > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From robert.pogson at gmail.com Sun Oct 7 16:43:28 2007 From: robert.pogson at gmail.com (pogson) Date: Sun, 07 Oct 2007 11:43:28 -0500 Subject: [K12OSN] Re: Setting up a Managed Switch In-Reply-To: <20071007160017.F0EAA73369@hormel.redhat.com> References: <20071007160017.F0EAA73369@hormel.redhat.com> Message-ID: <1191775408.27787.38.camel@beast> CS wrote:"Any further tweaks I can try to speed up the boot times?" Try getting rid of "spanning-tree" checks. You are very unlikely to have network loops in your own lab. Some switches take 30s to do the checks in which time you are growing older. Some bootloaders get tired after 10s of waiting and give up. That killed me once. I was booting ThinStation CDs and they had a 10s timeout whereupon the techies installed new switches and the whole lab could not boot.... Robert Pogson -------------- next part -------------- An HTML attachment was scrubbed... URL: From krsnendu108 at gmail.com Sun Oct 7 17:23:27 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Mon, 8 Oct 2007 06:23:27 +1300 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: <20071007161225.GB28171@junker.owens.net> References: <20071007152203.GA28171@junker.owens.net> <20071007161225.GB28171@junker.owens.net> Message-ID: smbpasswd is the program, but it is not runable by regular users. Otherwise they could change anyone's password. :( The concept of the script is to only allow users to change their own password, and to do that they have to enter their own current password. Your idea of a link seems like a good idea. Krsnendu dasa On 08/10/2007, Rob Owens wrote: > > Thanks, I found the script you were talking about. However, if someone > could confirm to me that 'smbpasswd' is just as good, then I wouldn't need > to bother with the script and with sudoers, etc. > > But it would be really nice for the Linux password GUI tools to > work. Maybe I could do this: > mv /usr/bin/passwd /usr/bin/passwd.bak > ln -s /usr/bin/smbpasswd /usr/bin/passwd (or link your script to > /usr/bin/passwd) > > I tried it at the command line and it works, but I haven't tried it on a > system with a GUI installed yet... I wonder if this could cause problems > with any future software installations that create a user as part of the > install (for instance: backuppc, apache, etc) > > -Rob > > On Mon, Oct 08, 2007 at 04:30:17AM +1300, Krsnendu dasa wrote: > > It should work with windows clients. > > As far as linux users. search the archives. I had a suggestion for a > script > > that runs smbldap as sudo. It might be a good starting point for you. > > The idea of a web interface to change passwords is a good idea mentioned > on > > the smbldap website, but it seems nothing came of it. > > > > Krsnendu dasa > > > > On 08/10/2007, Rob Owens wrote: > > > > > > I ran the smbldap-installer scripts on a Debian Etch machine as a > > > test. Everything seems to have worked fine. My question is, what is > the > > > proper method to change passwords (as a non-privileged user). > > > > > > 'smbpasswd' seems to work. Is this what I'm supposed to use? What > about > > > a linux-only user who is not assigned any samba credentials? > > > > > > 'passwd' gives me this error after allowing me to enter my new > password > > > twice: > > > LDAP password information update failed: Unknown error > > > > > > 'ldappasswd' gives me this error immediately: > > > ldap_sasl_interactive_bind_s: No such attribute (16) > > > > > > '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then > gives > > > me these two errors: > > > failed to modify entry: Insufficient access at > /usr/sbin/smbldap-passwd > > > line 227, line 3. > > > Unable to change password: Insufficient access at > /usr/sbin/smbldap-passwd > > > line 261, line 3. > > > > > > Also, I don't have any Windows clients to test... Does changing > passwords > > > through the Windows password utility work? > > > > > > Thanks > > > > > > -Rob > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rowens at ptd.net Sun Oct 7 19:18:40 2007 From: rowens at ptd.net (Rob Owens) Date: Sun, 7 Oct 2007 15:18:40 -0400 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: References: <20071007152203.GA28171@junker.owens.net> <20071007161225.GB28171@junker.owens.net> Message-ID: <20071007191840.GA6947@junker.owens.net> On my Debian Etch system, smbpasswd is runable by regular users. It also only seems to allow you to specify a username if you are root, so users cannot change the passwords of other users. -Rob On Mon, Oct 08, 2007 at 06:23:27AM +1300, Krsnendu dasa wrote: > smbpasswd is the program, but it is not runable by regular users. Otherwise > they could change anyone's password. :( > The concept of the script is to only allow users to change their own > password, and to do that they have to enter their own current password. > Your idea of a link seems like a good idea. > > Krsnendu dasa > > On 08/10/2007, Rob Owens wrote: > > > > Thanks, I found the script you were talking about. However, if someone > > could confirm to me that 'smbpasswd' is just as good, then I wouldn't need > > to bother with the script and with sudoers, etc. > > > > But it would be really nice for the Linux password GUI tools to > > work. Maybe I could do this: > > mv /usr/bin/passwd /usr/bin/passwd.bak > > ln -s /usr/bin/smbpasswd /usr/bin/passwd (or link your script to > > /usr/bin/passwd) > > > > I tried it at the command line and it works, but I haven't tried it on a > > system with a GUI installed yet... I wonder if this could cause problems > > with any future software installations that create a user as part of the > > install (for instance: backuppc, apache, etc) > > > > -Rob > > > > On Mon, Oct 08, 2007 at 04:30:17AM +1300, Krsnendu dasa wrote: > > > It should work with windows clients. > > > As far as linux users. search the archives. I had a suggestion for a > > script > > > that runs smbldap as sudo. It might be a good starting point for you. > > > The idea of a web interface to change passwords is a good idea mentioned > > on > > > the smbldap website, but it seems nothing came of it. > > > > > > Krsnendu dasa > > > > > > On 08/10/2007, Rob Owens wrote: > > > > > > > > I ran the smbldap-installer scripts on a Debian Etch machine as a > > > > test. Everything seems to have worked fine. My question is, what is > > the > > > > proper method to change passwords (as a non-privileged user). > > > > > > > > 'smbpasswd' seems to work. Is this what I'm supposed to use? What > > about > > > > a linux-only user who is not assigned any samba credentials? > > > > > > > > 'passwd' gives me this error after allowing me to enter my new > > password > > > > twice: > > > > LDAP password information update failed: Unknown error > > > > > > > > 'ldappasswd' gives me this error immediately: > > > > ldap_sasl_interactive_bind_s: No such attribute (16) > > > > > > > > '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then > > gives > > > > me these two errors: > > > > failed to modify entry: Insufficient access at > > /usr/sbin/smbldap-passwd > > > > line 227, line 3. > > > > Unable to change password: Insufficient access at > > /usr/sbin/smbldap-passwd > > > > line 261, line 3. > > > > > > > > Also, I don't have any Windows clients to test... Does changing > > passwords > > > > through the Windows password utility work? > > > > > > > > Thanks > > > > > > > > -Rob > > > > > > > > _______________________________________________ > > > > K12OSN mailing list > > > > K12OSN at redhat.com > > > > https://www.redhat.com/mailman/listinfo/k12osn > > > > For more info see > > > > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From rowens at ptd.net Sun Oct 7 19:28:20 2007 From: rowens at ptd.net (Rob Owens) Date: Sun, 7 Oct 2007 15:28:20 -0400 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: References: <20071007152203.GA28171@junker.owens.net> <20071007161225.GB28171@junker.owens.net> Message-ID: <20071007192820.GA7315@junker.owens.net> I tried creating the link that I described earlier and the "change password" GUI in GNOME's "About Me" dialog hung when I attempted to change the password for an LDAP user. Oh well. If anybody has a simple gui method to allow Linux users to change their passwords under smbldap, please let me know. -Rob On Mon, Oct 08, 2007 at 06:23:27AM +1300, Krsnendu dasa wrote: > smbpasswd is the program, but it is not runable by regular users. Otherwise > they could change anyone's password. :( > The concept of the script is to only allow users to change their own > password, and to do that they have to enter their own current password. > Your idea of a link seems like a good idea. > > Krsnendu dasa > > On 08/10/2007, Rob Owens wrote: > > > > Thanks, I found the script you were talking about. However, if someone > > could confirm to me that 'smbpasswd' is just as good, then I wouldn't need > > to bother with the script and with sudoers, etc. > > > > But it would be really nice for the Linux password GUI tools to > > work. Maybe I could do this: > > mv /usr/bin/passwd /usr/bin/passwd.bak > > ln -s /usr/bin/smbpasswd /usr/bin/passwd (or link your script to > > /usr/bin/passwd) > > > > I tried it at the command line and it works, but I haven't tried it on a > > system with a GUI installed yet... I wonder if this could cause problems > > with any future software installations that create a user as part of the > > install (for instance: backuppc, apache, etc) > > > > -Rob > > > > On Mon, Oct 08, 2007 at 04:30:17AM +1300, Krsnendu dasa wrote: > > > It should work with windows clients. > > > As far as linux users. search the archives. I had a suggestion for a > > script > > > that runs smbldap as sudo. It might be a good starting point for you. > > > The idea of a web interface to change passwords is a good idea mentioned > > on > > > the smbldap website, but it seems nothing came of it. > > > > > > Krsnendu dasa > > > > > > On 08/10/2007, Rob Owens wrote: > > > > > > > > I ran the smbldap-installer scripts on a Debian Etch machine as a > > > > test. Everything seems to have worked fine. My question is, what is > > the > > > > proper method to change passwords (as a non-privileged user). > > > > > > > > 'smbpasswd' seems to work. Is this what I'm supposed to use? What > > about > > > > a linux-only user who is not assigned any samba credentials? > > > > > > > > 'passwd' gives me this error after allowing me to enter my new > > password > > > > twice: > > > > LDAP password information update failed: Unknown error > > > > > > > > 'ldappasswd' gives me this error immediately: > > > > ldap_sasl_interactive_bind_s: No such attribute (16) > > > > > > > > '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then > > gives > > > > me these two errors: > > > > failed to modify entry: Insufficient access at > > /usr/sbin/smbldap-passwd > > > > line 227, line 3. > > > > Unable to change password: Insufficient access at > > /usr/sbin/smbldap-passwd > > > > line 261, line 3. > > > > > > > > Also, I don't have any Windows clients to test... Does changing > > passwords > > > > through the Windows password utility work? > > > > > > > > Thanks > > > > > > > > -Rob > > > > > > > > _______________________________________________ > > > > K12OSN mailing list > > > > K12OSN at redhat.com > > > > https://www.redhat.com/mailman/listinfo/k12osn > > > > For more info see > > > > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From kevin_mims at yahoo.com Sun Oct 7 23:58:24 2007 From: kevin_mims at yahoo.com (Kevin Mims) Date: Sun, 7 Oct 2007 16:58:24 -0700 (PDT) Subject: [K12OSN] Use K12LTSP with existing DHCP server Message-ID: <874330.43464.qm@web55603.mail.re4.yahoo.com> OK, bear with me, I'm definitely a Linux/K12LTSP newbie. I have built a K12LTSP Server but want to it to coexist with our existing DHCP Windows server. How can I tell the server and thin clients to get an address from the Windows DHCP server, but boot the linux image on the K12LTSP server? I suppose I'd still need two network cards in the K12 server, right? Can someone head me in the right direction on setting this up? I think this is in the DCHP.conf file... Thanks- Kevin -------------- next part -------------- An HTML attachment was scrubbed... URL: From les at futuresource.com Mon Oct 8 00:26:25 2007 From: les at futuresource.com (Les Mikesell) Date: Sun, 07 Oct 2007 19:26:25 -0500 Subject: [K12OSN] Use K12LTSP with existing DHCP server In-Reply-To: <874330.43464.qm@web55603.mail.re4.yahoo.com> References: <874330.43464.qm@web55603.mail.re4.yahoo.com> Message-ID: <47097931.7080900@futuresource.com> Kevin Mims wrote: > OK, bear with me, I'm definitely a Linux/K12LTSP newbie. > > I have built a K12LTSP Server but want to it to coexist with our existing DHCP Windows server. How can I tell the server and thin clients to get an address from the Windows DHCP server, but boot the linux image on the K12LTSP server? > > I suppose I'd still need two network cards in the K12 server, right? > Can someone head me in the right direction on setting this up? I think this is in the DCHP.conf file... > There are 2 choices. If you install K12LTSP in a system with 2 NICs, it comes up working with DHCP only on one of them (where you connect the clients) and the other can be connected to your main LAN. If you only have one system and the clients can be on a separate switch behind it, this is the easy approach. The other option is to install everything on a single subnet and configure a single DHCP server to hand out the necessary options for client booting. How this is done will depend on the type of DHCP server, and it makes bandwidth more of a concern. -- Les Mikesell les at futuresource.com From carl at snarlnet.com Mon Oct 8 04:45:52 2007 From: carl at snarlnet.com (Carl Keil) Date: Sun, 07 Oct 2007 21:45:52 -0700 Subject: [K12OSN] Moving Home files to a new server Message-ID: <4709B600.10301@snarlnet.com> Hi Folks, So, the big disaster happened. My K12LTSP hard drive died. I've got everything backed up (thank you BackupPC), so I thought I was golden, but I'm having a weird problem. When I restore files from backup they are showing up "read only" in people's directories. When I do a "ls -la /home/username" it is showing that the files are owned by other users and other groups. A "chown -R username:groupname /home/username" doesn't solve the problem. I tried copying over all the 500+ /etc/passwd and /etc/shadow info from the most recent backup but after that I couldn't even log in as different users. Any suggestions for what I should do? I'd really like to just set up new user accounts for everyone and then just copy over selected files from backup for each user. This is a family installation of K12LTSP, so there are only about 10 user accounts. I used "useradd" on the new server to create everyone's account and I don't think I did them in the same order as the original server. Should I delete everyone and re-add them in the exact same order? I could do that based on /etc/passwd from the backup? Thanks a lot, ck From krsnendu108 at gmail.com Mon Oct 8 07:38:55 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Mon, 8 Oct 2007 20:38:55 +1300 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: References: <20071007152203.GA28171@junker.owens.net> <20071007161225.GB28171@junker.owens.net> Message-ID: that should be smbldap-passwd On 08/10/2007, Krsnendu dasa wrote: > > smbpasswd is the program, but it is not runable by regular users. > Otherwise they could change anyone's password. :( > The concept of the script is to only allow users to change their own > password, and to do that they have to enter their own current password. > Your idea of a link seems like a good idea. > > Krsnendu dasa > > On 08/10/2007, Rob Owens wrote: > > > > Thanks, I found the script you were talking about. However, if someone > > could confirm to me that 'smbpasswd' is just as good, then I wouldn't need > > to bother with the script and with sudoers, etc. > > > > But it would be really nice for the Linux password GUI tools to > > work. Maybe I could do this: > > mv /usr/bin/passwd /usr/bin/passwd.bak > > ln -s /usr/bin/smbpasswd /usr/bin/passwd (or link your script to > > /usr/bin/passwd) > > > > I tried it at the command line and it works, but I haven't tried it on a > > system with a GUI installed yet... I wonder if this could cause problems > > with any future software installations that create a user as part of the > > install (for instance: backuppc, apache, etc) > > > > -Rob > > > > On Mon, Oct 08, 2007 at 04:30:17AM +1300, Krsnendu dasa wrote: > > > It should work with windows clients. > > > As far as linux users. search the archives. I had a suggestion for a > > script > > > that runs smbldap as sudo. It might be a good starting point for you. > > > The idea of a web interface to change passwords is a good idea > > mentioned on > > > the smbldap website, but it seems nothing came of it. > > > > > > Krsnendu dasa > > > > > > On 08/10/2007, Rob Owens < rowens at ptd.net> wrote: > > > > > > > > I ran the smbldap-installer scripts on a Debian Etch machine as a > > > > test. Everything seems to have worked fine. My question is, what > > is the > > > > proper method to change passwords (as a non-privileged user). > > > > > > > > 'smbpasswd' seems to work. Is this what I'm supposed to use? What > > about > > > > a linux-only user who is not assigned any samba credentials? > > > > > > > > 'passwd' gives me this error after allowing me to enter my new > > password > > > > twice: > > > > LDAP password information update failed: Unknown error > > > > > > > > 'ldappasswd' gives me this error immediately: > > > > ldap_sasl_interactive_bind_s: No such attribute (16) > > > > > > > > '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then > > gives > > > > me these two errors: > > > > failed to modify entry: Insufficient access at > > /usr/sbin/smbldap-passwd > > > > line 227, line 3. > > > > Unable to change password: Insufficient access at > > /usr/sbin/smbldap-passwd > > > > line 261, line 3. > > > > > > > > Also, I don't have any Windows clients to test... Does changing > > passwords > > > > through the Windows password utility work? > > > > > > > > Thanks > > > > > > > > -Rob > > > > > > > > _______________________________________________ > > > > K12OSN mailing list > > > > K12OSN at redhat.com > > > > https://www.redhat.com/mailman/listinfo/k12osn > > > > For more info see < http://www.k12os.org> > > > > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see < http://www.k12os.org> > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From krsnendu108 at gmail.com Mon Oct 8 08:13:44 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Mon, 8 Oct 2007 21:13:44 +1300 Subject: [K12OSN] Re: [Ltsp-discuss] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. In-Reply-To: <47067351.4070207@legalaid.mb.ca> References: <47067351.4070207@legalaid.mb.ca> Message-ID: On 06/10/2007, Scott Balneaves wrote: > > Krsnendu dasa wrote: > > I am cross posting this to the ltsp lists as I got no response from the > > Crossover list and this software is essential for our school system > > which I need to get running by Monday. > > Are the users members of all the necessary groups? (i.e. audio, cdrom, etc > Scott > The users are regular smbldap users who are members of students group. I don't think they are members of the audio group. Sound works fine for gcompris (-x), tuxpaint and flash videos in Firefox. Does that make any difference? Is it the users or the application which needs to be the a member audio group? I've also noticed a bug previously mentioned that when Crossover pops up an x message it takes a long time. When running as root I have to wait for over a minute for the box to come up which says, "You are running as root do yo uwant to continue?" Once I chose always continue, the start up time for windows applications became a lot quicker. All help is greatly appreciated. One of the main reasons for switching from K12ltsp to edubuntu is because it can run these multimedia programs. I hope we can get it going soon. It is one feature our principal has been wanting for for years. Thanks. Krsnendu dasa -------------- next part -------------- An HTML attachment was scrubbed... URL: From nils at breun.nl Mon Oct 8 08:44:07 2007 From: nils at breun.nl (Nils Breunese) Date: Mon, 8 Oct 2007 10:44:07 +0200 Subject: [K12OSN] Moving Home files to a new server In-Reply-To: <4709B600.10301@snarlnet.com> References: <4709B600.10301@snarlnet.com> Message-ID: <364E4BD2-DA2B-40A3-9285-B7FB3BE4A861@breun.nl> Carl Keil wrote: > So, the big disaster happened. My K12LTSP hard drive died. I've > got everything backed up (thank you BackupPC), so I thought I was > golden, but I'm having a weird problem. > > When I restore files from backup they are showing up "read only" in > people's directories. When I do a "ls -la /home/username" it is > showing that the files are owned by other users and other groups. That's probably because the numerical uid's and gid's on your new server are probably different from your old server. > A "chown -R username:groupname /home/username" doesn't solve the > problem. You mean that running that doesn't make username and groupname the owner? That's really weird. Do you get an error message of some kind? > I tried copying over all the 500+ /etc/passwd and /etc/shadow info > from the most recent backup but after that I couldn't even log in > as different users. Any suggestions for what I should do? I'd > really like to just set up new user accounts for everyone and then > just copy over selected files from backup for each user. This is a > family installation of K12LTSP, so there are only about 10 user > accounts. In that case I guess you really should be fine when you create the user accounts and just get everyone's homedir files from BackupPC. You might need to chown the files (might also depend on how you restore (directly or via tar or zip)), but that really should be it. > I used "useradd" on the new server to create everyone's account and > I don't think I did them in the same order as the original server. > Should I delete everyone and re-add them in the exact same order? > I could do that based on /etc/passwd from the backup? You could try that, but maybe uid's start at a different number on your new install (did you install the same version of K12LTSP as you have on your old server?). You shouldn't have to do this, chown should be able to fix the files. Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From nils at breun.nl Mon Oct 8 08:47:05 2007 From: nils at breun.nl (Nils Breunese) Date: Mon, 8 Oct 2007 10:47:05 +0200 Subject: [K12OSN] Re: [Ltsp-discuss] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. In-Reply-To: References: <47067351.4070207@legalaid.mb.ca> Message-ID: <78376F0E-D54C-4182-B611-23D1F5CE8997@breun.nl> Krsnendu dasa wrote: > On 06/10/2007, Scott Balneaves wrote: > Krsnendu dasa wrote: > > I am cross posting this to the ltsp lists as I got no response > from the > > Crossover list and this software is essential for our school system > > which I need to get running by Monday. > > Are the users members of all the necessary groups? (i.e. audio, > cdrom, etc > Scott > > The users are regular smbldap users who are members of students group. > I don't think they are members of the audio group. Sound works fine > for gcompris (-x), tuxpaint and flash videos in Firefox. Does that > make any difference? > Is it the users or the application which needs to be the a member > audio group? > > I've also noticed a bug previously mentioned that when Crossover > pops up an x message it takes a long time. When running as root I > have to wait for over a minute for the box to come up which says, > "You are running as root do yo uwant to continue?" Once I chose > always continue, the start up time for windows applications became > a lot quicker. > > All help is greatly appreciated. One of the main reasons for > switching from K12ltsp to edubuntu is because it can run these > multimedia programs. I hope we can get it going soon. It is one > feature our principal has been wanting for for years. What multimedia programs can Edubuntu run that K12LTSP can't? We're running Flash videos in Firefox and everything just fine off a K12LTSP 5EL server. Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From mrjohnlucas at gmail.com Mon Oct 8 10:46:20 2007 From: mrjohnlucas at gmail.com (John Lucas) Date: Mon, 8 Oct 2007 06:46:20 -0400 Subject: [K12OSN] Moving Home files to a new server In-Reply-To: <4709B600.10301@snarlnet.com> References: <4709B600.10301@snarlnet.com> Message-ID: <200710080646.20600.MrJohnLucas@gmail.com> On Monday 08 October 2007 00:45, Carl Keil wrote: > Hi Folks, > > So, the big disaster happened. My K12LTSP hard drive died. I've got > everything backed up (thank you BackupPC), so I thought I was golden, > but I'm having a weird problem. > > When I restore files from backup they are showing up "read only" in > people's directories. When I do a "ls -la /home/username" it is showing > that the files are owned by other users and other groups. A "chown -R > username:groupname /home/username" doesn't solve the problem. > What!? Unless your /home partition is mounted read-only the ownership should change when root tells it to change. What, if any, change takes place when you issue that command? Do you get any error message? Make sure that /home is mounted read/write. -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From e.pedragosa at gmail.com Mon Oct 8 11:46:50 2007 From: e.pedragosa at gmail.com (Edwardson) Date: Mon, 08 Oct 2007 18:46:50 +0700 Subject: [K12OSN] Course Outlines/Information Literacy Curriculum In-Reply-To: <20070929160020.64B6573106@hormel.redhat.com> References: <20070929160020.64B6573106@hormel.redhat.com> Message-ID: <470A18AA.4080104@gmail.com> Hi, I'm an educator in thailand. we've been using k12ltsp for the past 3 years and I want to make sure I'm doing right. I want to have a course outline that is being used in k12 environments that aligns with standards/benchmarks and indicators. So if anyone has documents (course outline/curriculum, standards and benchmarks) that you can share, please let me know. Regards, Edward, TH From rowens at bio-chemvalve.com Mon Oct 8 13:43:28 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Mon, 08 Oct 2007 09:43:28 -0400 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: References: <20071007152203.GA28171@junker.owens.net> <20071007161225.GB28171@junker.owens.net> Message-ID: <470A3400.4020206@bio-chemvalve.com> Yeah, I tried smbldap-passwd and as you say, it's only runable by root. But smbpasswd is runable by anyone, and seems to do the job. I say "seems to" because I don't know enough yet about ldap and samba to verify 100% that it works. However, I tried using it (as a regular user) to change a password and I was able to log into a Linux machine using that new password. I don't have any Windows clients to test, though. -Rob Krsnendu dasa wrote: > that should be smbldap-passwd > > On 08/10/2007, Krsnendu dasa wrote: >> smbpasswd is the program, but it is not runable by regular users. >> Otherwise they could change anyone's password. :( >> The concept of the script is to only allow users to change their own >> password, and to do that they have to enter their own current password. >> Your idea of a link seems like a good idea. >> >> Krsnendu dasa >> >> On 08/10/2007, Rob Owens wrote: >>> Thanks, I found the script you were talking about. However, if someone >>> could confirm to me that 'smbpasswd' is just as good, then I wouldn't need >>> to bother with the script and with sudoers, etc. >>> >>> But it would be really nice for the Linux password GUI tools to >>> work. Maybe I could do this: >>> mv /usr/bin/passwd /usr/bin/passwd.bak >>> ln -s /usr/bin/smbpasswd /usr/bin/passwd (or link your script to >>> /usr/bin/passwd) >>> >>> I tried it at the command line and it works, but I haven't tried it on a >>> system with a GUI installed yet... I wonder if this could cause problems >>> with any future software installations that create a user as part of the >>> install (for instance: backuppc, apache, etc) >>> >>> -Rob >>> >>> On Mon, Oct 08, 2007 at 04:30:17AM +1300, Krsnendu dasa wrote: >>>> It should work with windows clients. >>>> As far as linux users. search the archives. I had a suggestion for a >>> script >>>> that runs smbldap as sudo. It might be a good starting point for you. >>>> The idea of a web interface to change passwords is a good idea >>> mentioned on >>>> the smbldap website, but it seems nothing came of it. >>>> >>>> Krsnendu dasa >>>> >>>> On 08/10/2007, Rob Owens < rowens at ptd.net> wrote: >>>>> I ran the smbldap-installer scripts on a Debian Etch machine as a >>>>> test. Everything seems to have worked fine. My question is, what >>> is the >>>>> proper method to change passwords (as a non-privileged user). >>>>> >>>>> 'smbpasswd' seems to work. Is this what I'm supposed to use? What >>> about >>>>> a linux-only user who is not assigned any samba credentials? >>>>> >>>>> 'passwd' gives me this error after allowing me to enter my new >>> password >>>>> twice: >>>>> LDAP password information update failed: Unknown error >>>>> >>>>> 'ldappasswd' gives me this error immediately: >>>>> ldap_sasl_interactive_bind_s: No such attribute (16) >>>>> >>>>> '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then >>> gives >>>>> me these two errors: >>>>> failed to modify entry: Insufficient access at >>> /usr/sbin/smbldap-passwd >>>>> line 227, line 3. >>>>> Unable to change password: Insufficient access at >>> /usr/sbin/smbldap-passwd >>>>> line 261, line 3. >>>>> >>>>> Also, I don't have any Windows clients to test... Does changing >>> passwords >>>>> through the Windows password utility work? >>>>> >>>>> Thanks >>>>> >>>>> -Rob >>>>> >>>>> _______________________________________________ >>>>> K12OSN mailing list >>>>> K12OSN at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/k12osn >>>>> For more info see < http://www.k12os.org> >>>>> >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see < http://www.k12os.org> >>> >> > > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From craig at tobyhouse.com Mon Oct 8 16:33:36 2007 From: craig at tobyhouse.com (Craig White) Date: Mon, 08 Oct 2007 09:33:36 -0700 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: <20071007152203.GA28171@junker.owens.net> References: <20071007152203.GA28171@junker.owens.net> Message-ID: <1191861216.3220.6.camel@cube.tobyhouse.com> On Sun, 2007-10-07 at 11:22 -0400, Rob Owens wrote: > I ran the smbldap-installer scripts on a Debian Etch machine as a test. Everything seems to have worked fine. My question is, what is the proper method to change passwords (as a non-privileged user). > > 'smbpasswd' seems to work. Is this what I'm supposed to use? What about a linux-only user who is not assigned any samba credentials? ---- No - if not a samba user, it won't work ---- > > 'passwd' gives me this error after allowing me to enter my new password twice: > LDAP password information update failed: Unknown error > > 'ldappasswd' gives me this error immediately: > ldap_sasl_interactive_bind_s: No such attribute (16) ---- bad configuration in /etc/ldap.conf - probably need to fix this. ---- > '/usr/sbin/smbldap-passwd' lets me enter my new password twice, then gives me these two errors: > failed to modify entry: Insufficient access at /usr/sbin/smbldap-passwd line 227, line 3. > Unable to change password: Insufficient access at /usr/sbin/smbldap-passwd line 261, line 3. ---- looks like some problems with setup in smbldap_bind.conf (and maybe smbldap.conf too) ---- > > Also, I don't have any Windows clients to test... Does changing passwords through the Windows password utility work? ---- If smb.conf and smbldap.conf and smbldap_bind.conf are all properly configured, you should be able to change both samba and unix passwords from the Windows change password facilities. see 'ldap passwd sync = yes' option in smb.conf documentation... http://samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#ldappwsync -- Craig White From krsnendu108 at gmail.com Mon Oct 8 16:35:53 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Tue, 9 Oct 2007 05:35:53 +1300 Subject: [K12OSN] Re: [Ltsp-discuss] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. In-Reply-To: <78376F0E-D54C-4182-B611-23D1F5CE8997@breun.nl> References: <47067351.4070207@legalaid.mb.ca> <78376F0E-D54C-4182-B611-23D1F5CE8997@breun.nl> Message-ID: On 08/10/2007, Nils Breunese wrote: > > Krsnendu dasa wrote: > > > On 06/10/2007, Scott Balneaves wrote: > > Krsnendu dasa wrote: > > > I am cross posting this to the ltsp lists as I got no response > > from the > > > Crossover list and this software is essential for our school system > > > which I need to get running by Monday. > > > > Are the users members of all the necessary groups? (i.e. audio, > > cdrom, etc > > Scott > > > > The users are regular smbldap users who are members of students group. > > I don't think they are members of the audio group. Sound works fine > > for gcompris (-x), tuxpaint and flash videos in Firefox. Does that > > make any difference? > > Is it the users or the application which needs to be the a member > > audio group? > > > > I've also noticed a bug previously mentioned that when Crossover > > pops up an x message it takes a long time. When running as root I > > have to wait for over a minute for the box to come up which says, > > "You are running as root do yo uwant to continue?" Once I chose > > always continue, the start up time for windows applications became > > a lot quicker. > > > > All help is greatly appreciated. One of the main reasons for > > switching from K12ltsp to edubuntu is because it can run these > > multimedia programs. I hope we can get it going soon. It is one > > feature our principal has been wanting for for years. > > What multimedia programs can Edubuntu run that K12LTSP can't? We're > running Flash videos in Firefox and everything just fine off a > K12LTSP 5EL server. > > Nils Breunese. As I mentioned I also have flash and shockwave websites working in Firefox. These program is a multimedia cd created with Macromedia Director. So basically it is a stand alone shockwave program. There is a main .exe file which opens a page (.swf) with pictures and titles on it. As you mouse over each of the pictures the program calls corresponding mp3 files to play. If you click a the pictures it opens a story with pictures. If you click on the speaker button the computer reads the story to you while the words are simultaneously hightlighted. On the CD it says it is compatible with Windows and Mac and it is runnable from CD, but you can also install it to hd which basically just copies all the files over and also allows users to store data. When I tried to run it on K12LTSP 6 I couldn't even install it, but when I installed it at home in my own home directory bottle it ran fine. At present it runs fine as root user on the server. As root on the thin client the program loads and beeps. It appears to be running ok but without sound. As a regular user on server or thin client the program loads then beeps then appears to freeze. After a long time an xmessage window comes up about i/o error and the program runs very slowly (as good as frozen) with no sound. When I ran the program from the command line I got this message: umovestr input/output error Krsnendu dasa -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmcdaniel at indata.us Mon Oct 8 16:57:35 2007 From: rmcdaniel at indata.us (rmcdaniel at indata.us) Date: Mon, 08 Oct 2007 09:57:35 -0700 Subject: [K12OSN] change network IP Message-ID: <20071008095735.d7061e97b78b017ac15395d64f2ce134.be1895cffa.wbe@email.secureserver.net> An HTML attachment was scrubbed... URL: From mel at melwade.com Mon Oct 8 19:23:10 2007 From: mel at melwade.com (Mel Wade) Date: Mon, 8 Oct 2007 12:23:10 -0700 Subject: [K12OSN] change network IP In-Reply-To: <20071008095735.d7061e97b78b017ac15395d64f2ce134.be1895cffa.wbe@email.secureserver.net> References: <20071008095735.d7061e97b78b017ac15395d64f2ce134.be1895cffa.wbe@email.secureserver.net> Message-ID: <43080f460710081223y5fdd4633x5f324461e8d5ec9f@mail.gmail.com> Check the bottom of this page: http://k12ltsp.org/install.html Mel On 10/8/07, rmcdaniel at indata.us wrote: > > Which files do I need to edit to change from the default 192.168.0.Xsubnet to another subnet? I have made the changes in /etc/dhcpd- > k12ltsp.conf and /etc/hosts files to the new subnet. I am still getting > a Kernel panic when the client tries to boot. > > > Thanks, > > Ron > > Ronald R. McDaniel > Technology Coordinator > Conecuh County Schools > (251) 578-1752 x30 > rmcdaniel at indata.us > > "Things which matter most must never be at the mercy of things which > matter least" Goethe > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- Mel Wade "The real problem is not whether machines think but whether men do." - BF Skinner http://www.melwade.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From balmquist at mindfirestudios.com Mon Oct 8 22:13:33 2007 From: balmquist at mindfirestudios.com (Almquist Burke) Date: Mon, 8 Oct 2007 17:13:33 -0500 Subject: [K12OSN] smbldap - changing passwords In-Reply-To: <1191861216.3220.6.camel@cube.tobyhouse.com> References: <20071007152203.GA28171@junker.owens.net> <1191861216.3220.6.camel@cube.tobyhouse.com> Message-ID: <31C12D3B-E735-4327-90A7-AB2055A5D9FB@mindfirestudios.com> Does the usermin tool in Webmin work for this?? From karisue at gmail.com Mon Oct 8 23:53:31 2007 From: karisue at gmail.com (Kari Matthews) Date: Mon, 8 Oct 2007 18:53:31 -0500 Subject: [K12OSN] Re: [Ltsp-discuss] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. In-Reply-To: References: <47067351.4070207@legalaid.mb.ca> Message-ID: I have edubuntu workstations ... we use smbldap and I have to add this to get sound to work: sudo gedit /etc/udev/permissions.rules Find the sound device section Add MODE="0666", in front of GROUP="audio" I'm sure you've already tried that, but just in case ... ~kari -------------- next part -------------- An HTML attachment was scrubbed... URL: From brcisna at eazylivin.net Mon Oct 8 23:58:12 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Mon, 8 Oct 2007 18:58:12 -0500 (CDT) Subject: [K12OSN] change network IP Message-ID: <58131.192.168.254.3.1191887892.squirrel@www.eazylivin.net> Ron, Don't forget , if you changed your subnet / eth0 from default, you'll also need to change in; /etc/dhcpd-k12ltsp.conf 1. option routers = ( your new ipaddress); 2. option domain-name-servers = ( your new ipaddress); # most likely 3. next-server = (#if you are using parallel dhcp server setup); 4. option root-path = "( your new ipaddress)"; # (this is why you clients are probably not booting) After you've edited this remember to do a 'service dhcpd restart' from a bash terminal. Hope this helps. Take Care, Barry Cisna From brcisna at eazylivin.net Tue Oct 9 00:27:35 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Mon, 8 Oct 2007 19:27:35 -0500 (CDT) Subject: [K12OSN] Use K12LTSP with existing DHCP server Message-ID: <42933.192.168.254.3.1191889655.squirrel@www.eazylivin.net> Hi Kevin, Is your new server a two nic server setup? If so, how about keeping your existing Winders dhcp server " as is" and running your K12LTSP/eth0 nic, on port 1067, to " hide "it from the Winders machines? This way you can run 506 machines on the same subnet if you want to without even doing any vlan hocus pocus:) It is easy to setup your K12LTSP server to operate on port 1067 for dishing dhcp to " just" your thin clients. What medium are you using to boot? if you are using PXE via the onboard nics , for example this option would be too much of a hassle for you though. You can also setup in your /etc/dhcp-k12ltsp.conf file to specify your Winders dhcp server ip address at next-server xxx.xxx.xxx.xxx; # simply enter your winders dhcp server here then in a bash terminal do a ' server dhcpd restart' Let us know. Take Care, Barry Cisna From robark at gmail.com Tue Oct 9 03:10:28 2007 From: robark at gmail.com (Robert Arkiletian) Date: Mon, 8 Oct 2007 20:10:28 -0700 Subject: [K12OSN] Your posts on k12osn always create a new thread Message-ID: Hi Barry Cisna, Not sure if this is just me but for a long time now I have noticed that when you reply to someone on k12osn your posts always create a new thread even if it has the same Subject. I use gmail and wonder if anyone else has noticed this? Not that it's really important but just thought I'd inform you in case you didn't already know. -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From einfeldt at gmail.com Tue Oct 9 03:16:53 2007 From: einfeldt at gmail.com (Christian Einfeldt) Date: Mon, 8 Oct 2007 20:16:53 -0700 Subject: [K12OSN] Your posts on k12osn always create a new thread In-Reply-To: References: Message-ID: <4b5781040710082016x5c49f946k5f4095bddd06d27@mail.gmail.com> hi On 10/8/07, Robert Arkiletian wrote: > > Hi Barry Cisna, > > Not sure if this is just me but for a long time now I have noticed > that when you reply to someone on k12osn your posts always create a > new thread even if it has the same Subject. I use gmail and wonder if > anyone else has noticed this? I have not experienced that behavior on this list, but I have experienced it on another list. However, that behavior is new. It just started yesterday or today. -------------- next part -------------- An HTML attachment was scrubbed... URL: From carl at snarlnet.com Tue Oct 9 06:39:52 2007 From: carl at snarlnet.com (Carl Keil) Date: Mon, 08 Oct 2007 23:39:52 -0700 Subject: [K12OSN] The corrupted users saga continues Message-ID: <470B2238.105@snarlnet.com> Hi Folks, So, I've got a brand new installation of K12LTSP 6.0.0. I set up some users and then I thought I needed to remove them and recreate them. Now, the recreated ones can't log in. When they log in there's a flurry of about 15 error messages. They talk about not being able to access gconf, and stale nfs locks, etc., etc. (I can copy the exact wording and post that if it would help.) When all the error messages are closed, the desktop shows up completely black, with a few random seeming icons on the desktop. I've tried deleting the users and recreating them. And it doesn't work. It's really weird. The users are corrupted even after they've been fully deleted and recreated. Some other users can log in fine. So, some file somewhere is remembering the old users or something. I've also tried the "Reset my Desktop" login option. Can anyone suggest a way to solve this problem? I really need for these users to have their specific names, so I can restore some files to their /home directories from backup. The only thing I can think of is a complete reinstall of K12LTSP, but that seems a little drastic, since most users work, and a couple are hosed. Thanks so much for any ideas, ck From klaus at skolelinux.no Tue Oct 9 06:59:00 2007 From: klaus at skolelinux.no (Klaus Ade Johnstad) Date: Tue, 09 Oct 2007 08:59:00 +0200 Subject: [K12OSN] The corrupted users saga continues In-Reply-To: <470B2238.105@snarlnet.com> References: <470B2238.105@snarlnet.com> Message-ID: <200710090859.00427.klaus@skolelinux.no> Tirsdag 09 oktober 2007 08:39, skrev Carl Keil: > Thanks so much for any ideas, > > ck Have a look in /tmp and /var/tmp if these users have some directories lying around there, if they do, they probably have wrong user and group id. Just delete them. -- Klaus Ade 67E61D18B2C44F8A3DA35C6D849F9F5F 26FA477D -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From nils at breun.nl Tue Oct 9 08:08:14 2007 From: nils at breun.nl (Nils Breunese) Date: Tue, 9 Oct 2007 10:08:14 +0200 Subject: [K12OSN] The corrupted users saga continues In-Reply-To: <470B2238.105@snarlnet.com> References: <470B2238.105@snarlnet.com> Message-ID: <1EA84691-5A2B-433B-A65E-DCE6370B0014@breun.nl> Carl Keil wrote: > So, I've got a brand new installation of K12LTSP 6.0.0. I set up > some users and then I thought I needed to remove them and recreate > them. Now, the recreated ones can't log in. When they log in > there's a flurry of about 15 error messages. They talk about not > being able to access gconf, and stale nfs locks, etc., etc. (I can > copy the exact wording and post that if it would help.) When all > the error messages are closed, the desktop shows up completely > black, with a few random seeming icons on the desktop. > I've tried deleting the users and recreating them. And it doesn't > work. It's really weird. The users are corrupted even after > they've been fully deleted and recreated. Some other users can log > in fine. So, some file somewhere is remembering the old users or > something. I've also tried the "Reset my Desktop" login option. > > Can anyone suggest a way to solve this problem? I really need for > these users to have their specific names, so I can restore some > files to their /home directories from backup. The only thing I can > think of is a complete reinstall of K12LTSP, but that seems a > little drastic, since most users work, and a couple are hosed. Are hidden files and directories in the homedirs also chown'ed correctly? Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From peter at scheie.homedns.org Tue Oct 9 13:02:17 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Tue, 09 Oct 2007 08:02:17 -0500 Subject: [K12OSN] Your posts on k12osn always create a new thread In-Reply-To: <4b5781040710082016x5c49f946k5f4095bddd06d27@mail.gmail.com> References: <4b5781040710082016x5c49f946k5f4095bddd06d27@mail.gmail.com> Message-ID: <470B7BD9.1030905@scheie.homedns.org> For the record, I see the same thing Robert is, where each of Barry's replies starts a new thread. I'm running Thunderbird talking POP3 to my mail server, and all of Barry's messages in my archive, dating back to March, 2007, are like this. So, I don't think it's just a Gmail thing. (I'm not complaining, just observing.) Peter Christian Einfeldt wrote: > hi > > On 10/8/07, *Robert Arkiletian* > wrote: > > Hi Barry Cisna, > > Not sure if this is just me but for a long time now I have noticed > that when you reply to someone on k12osn your posts always create a > new thread even if it has the same Subject. I use gmail and wonder if > anyone else has noticed this? > > > > I have not experienced that behavior on this list, but I have > experienced it on another list. However, that behavior is new. It just > started yesterday or today. > > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From peter at scheie.homedns.org Tue Oct 9 13:05:58 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Tue, 09 Oct 2007 08:05:58 -0500 Subject: [K12OSN] The corrupted users saga continues In-Reply-To: <470B2238.105@snarlnet.com> References: <470B2238.105@snarlnet.com> Message-ID: <470B7CB6.2050206@scheie.homedns.org> I've run into this same problem, bunch of errors, black desktop. Do what Nils and Klaus suggested: check the permissions of hidden files in the user's $HOME (particularly any directory beginning with .g*) and in /tmp. Deleting all of these solved the problem. Peter Carl Keil wrote: > Hi Folks, > > So, I've got a brand new installation of K12LTSP 6.0.0. I set up some > users and then I thought I needed to remove them and recreate them. > Now, the recreated ones can't log in. When they log in there's a flurry > of about 15 error messages. They talk about not being able to access > gconf, and stale nfs locks, etc., etc. (I can copy the exact wording > and post that if it would help.) When all the error messages are > closed, the desktop shows up completely black, with a few random seeming > icons on the desktop. > I've tried deleting the users and recreating them. And it doesn't > work. It's really weird. The users are corrupted even after they've > been fully deleted and recreated. Some other users can log in fine. > So, some file somewhere is remembering the old users or something. I've > also tried the "Reset my Desktop" login option. > > Can anyone suggest a way to solve this problem? I really need for these > users to have their specific names, so I can restore some files to their > /home directories from backup. The only thing I can think of is a > complete reinstall of K12LTSP, but that seems a little drastic, since > most users work, and a couple are hosed. > > Thanks so much for any ideas, > > ck > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jim at winonacotter.org Tue Oct 9 13:08:39 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Tue, 9 Oct 2007 08:08:39 -0500 Subject: [K12OSN] Your posts on k12osn always create a new thread In-Reply-To: <470B7BD9.1030905@scheie.homedns.org> References: <4b5781040710082016x5c49f946k5f4095bddd06d27@mail.gmail.com> <470B7BD9.1030905@scheie.homedns.org> Message-ID: <20071009130731.M57955@winonacotter.org> On Tue, 09 Oct 2007 08:02:17 -0500, Peter Scheie wrote > For the record, I see the same thing Robert is, where each of Barry's > replies starts a new thread. I'm running Thunderbird talking POP3 to my > mail server, and all of Barry's messages in my archive, dating back to > March, 2007, are like this. So, I don't think it's just a Gmail thing. > (I'm not complaining, just observing.) > > Peter I'll third, I am running postfix with Open Webmail for a client and see the same thing. Not that I care, but it is definitely something with the post and not the clients. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From rowens at bio-chemvalve.com Tue Oct 9 14:29:06 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Tue, 09 Oct 2007 10:29:06 -0400 Subject: [K12OSN] Moving Home files to a new server In-Reply-To: <4709B600.10301@snarlnet.com> References: <4709B600.10301@snarlnet.com> Message-ID: <470B9032.7010200@bio-chemvalve.com> Carl, The system assigns ownership based on UID and GID (numbers) and "translates" that to usernames. Your user and group ID numbers in /etc/passwd and /etc/group need to be the same on the new system as they were on the old system. Alternatively, you can fix your problems by doing a "find" of files owned by a particular user and change ownership to the proper user. Same thing for groups. Like this: find /home -user wrongusername -exec chown -R rightusername {} \; find /home -group wronggroup -exec chgrp -R rightgroup {} \; Please test this on a small batch of files before letting it loose on your whole system. Also note that I specified /home as the path. You may have other folders to search, for instance /mnt/shared_drive or something. -Rob Carl Keil wrote: > Hi Folks, > > So, the big disaster happened. My K12LTSP hard drive died. I've got > everything backed up (thank you BackupPC), so I thought I was golden, > but I'm having a weird problem. > > When I restore files from backup they are showing up "read only" in > people's directories. When I do a "ls -la /home/username" it is showing > that the files are owned by other users and other groups. A "chown -R > username:groupname /home/username" doesn't solve the problem. > I tried copying over all the 500+ /etc/passwd and /etc/shadow info from > the most recent backup but after that I couldn't even log in as > different users. Any suggestions for what I should do? I'd really like > to just set up new user accounts for everyone and then just copy over > selected files from backup for each user. This is a family installation > of K12LTSP, so there are only about 10 user accounts. I used "useradd" > on the new server to create everyone's account and I don't think I did > them in the same order as the original server. Should I delete everyone > and re-add them in the exact same order? I could do that based on > /etc/passwd from the backup? > > Thanks a lot, > > ck > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From mblinn at peopleplaces.org Tue Oct 9 14:44:53 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue, 09 Oct 2007 10:44:53 -0400 Subject: [K12OSN] gnome resolution saving Message-ID: <470B93E5.3010702@peopleplaces.org> I found a problem when integrating NX access from home with users who log in at clients with different video capabilities. The general idea was that gnome saves the last resolution the user logged in as so that it will remember their preference - But I'm setting preferences in lts.conf to be /machine/ specific because we have a variety of terminals & monitors, so we don't want gnome to do that. Also, NX honors that gnome setting blindly - if I'm logging in from home using a Windows NX Client session at 1024x768, I can only see a small portion of my normal 1440x900 desktop, and no way to change this. One way around this is to make it so the user can't read or write to the directory where gnome stores the %gconf.xml setting file at logout. I did it by creating a little bash script that will iterate through all the directories in /home and chown/chmod the directory if it exists. I created this file as /etc/cron.daily/gnome_permissions so that it will run every night. I thought perhaps someone else might have run into this problem, hence the description & the small script - it took me awhile to find out where gnome was storing this. Cheers, Michael # 10/9/07 MPB for removing/disabling gnome saving resolution upon logout - fixes NoMachine remote NX screen resolution #! /bin/bash for user in `ls /home` do if [ -d /home/$user/.gconf/desktop/gnome/screen/default/0 ] then chown root.root /home/$user/.gconf/desktop/gnome/screen/default/0; chmod 700 /home/$user/.gconf/desktop/gnome/screen/default/0; fi done -------------- next part -------------- An HTML attachment was scrubbed... URL: From nils at breun.nl Tue Oct 9 14:54:49 2007 From: nils at breun.nl (Nils Breunese) Date: Tue, 9 Oct 2007 16:54:49 +0200 Subject: [K12OSN] gnome resolution saving In-Reply-To: <470B93E5.3010702@peopleplaces.org> References: <470B93E5.3010702@peopleplaces.org> Message-ID: <0C202CAE-B86D-4953-9919-03BA8E2FE3BE@breun.nl> Michael Blinn wrote: > I found a problem when integrating NX access from home with users > who log in at clients with different video capabilities. The > general idea was that gnome saves the last resolution the user > logged in as so that it will remember their preference - But I'm > setting preferences in lts.conf to be machine specific because we > have a variety of terminals & monitors, so we don't want gnome to > do that. Also, NX honors that gnome setting blindly - if I'm > logging in from home using a Windows NX Client session at 1024x768, > I can only see a small portion of my normal 1440x900 desktop, and > no way to change this. > > One way around this is to make it so the user can't read or write > to the directory where gnome stores the %gconf.xml setting file at > logout. I did it by creating a little bash script that will iterate > through all the directories in /home and chown/chmod the directory > if it exists. I created this file as /etc/cron.daily/ > gnome_permissions so that it will run every night. Instead of using chmod and chown you could maybe use 'chattr +i filename' to make the file immutable? (Use 'chattr -i filename' to undo this.) Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From mblinn at peopleplaces.org Tue Oct 9 15:06:45 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue, 09 Oct 2007 11:06:45 -0400 Subject: [K12OSN] gnome resolution saving In-Reply-To: <0C202CAE-B86D-4953-9919-03BA8E2FE3BE@breun.nl> References: <470B93E5.3010702@peopleplaces.org> <0C202CAE-B86D-4953-9919-03BA8E2FE3BE@breun.nl> Message-ID: <470B9905.5080607@peopleplaces.org> Thanks for the good suggestion, but for my setup I think permissions work better - Many of my users have yet to transition to LTSP - the directory and file may not exist, or may already exist and have error-producing entries in them. I don't see where chattr -i work with directories, and if so, I'm not sure it prevents files being created in the directory. - if not, I'd have to manually create all the files and then chattr the filename. - Now allowing them to be read from _or_ written to solves my situation. YMMV. Michael Nils Breunese wrote: > Instead of using chmod and chown you could maybe use 'chattr +i > filename' to make the file immutable? (Use 'chattr -i filename' to > undo this.) From krsnendu108 at gmail.com Tue Oct 9 15:17:12 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Wed, 10 Oct 2007 04:17:12 +1300 Subject: [K12OSN] Moving Home files to a new server In-Reply-To: <470B9032.7010200@bio-chemvalve.com> References: <4709B600.10301@snarlnet.com> <470B9032.7010200@bio-chemvalve.com> Message-ID: Is there a way to nfs mount a drive from another system with the same names but different uids and gids. I have just installed Edubuntu after previously installing K12ltsp. I used smbldap both times but I chose to make a new database the second time. If I copy the files from the old machine to the new machine the permissions match (showing names) but if I mount with nfs directly from the other machine it only shows numbers (not names) and therefore the user and group ownership doesn't match. Is there a /etc/exports or /etc/fstab option to get around this? Krsnendu dasa On 10/10/2007, Rob Owens wrote: > > Carl, > > The system assigns ownership based on UID and GID (numbers) and > "translates" that to usernames. Your user and group ID numbers in > /etc/passwd and /etc/group need to be the same on the new system as they > were on the old system. > > Alternatively, you can fix your problems by doing a "find" of files > owned by a particular user and change ownership to the proper user. > Same thing for groups. Like this: > > find /home -user wrongusername -exec chown -R rightusername {} \; > find /home -group wronggroup -exec chgrp -R rightgroup {} \; > > Please test this on a small batch of files before letting it loose on > your whole system. Also note that I specified /home as the path. You > may have other folders to search, for instance /mnt/shared_drive or > something. > > -Rob > > Carl Keil wrote: > > Hi Folks, > > > > So, the big disaster happened. My K12LTSP hard drive died. I've got > > everything backed up (thank you BackupPC), so I thought I was golden, > > but I'm having a weird problem. > > > > When I restore files from backup they are showing up "read only" in > > people's directories. When I do a "ls -la /home/username" it is showing > > that the files are owned by other users and other groups. A "chown -R > > username:groupname /home/username" doesn't solve the problem. > > I tried copying over all the 500+ /etc/passwd and /etc/shadow info from > > the most recent backup but after that I couldn't even log in as > > different users. Any suggestions for what I should do? I'd really like > > to just set up new user accounts for everyone and then just copy over > > selected files from backup for each user. This is a family installation > > of K12LTSP, so there are only about 10 user accounts. I used "useradd" > > on the new server to create everyone's account and I don't think I did > > them in the same order as the original server. Should I delete everyone > > and re-add them in the exact same order? I could do that based on > > /etc/passwd from the backup? > > > > Thanks a lot, > > > > ck > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From steven at simplycircus.com Tue Oct 9 15:39:52 2007 From: steven at simplycircus.com (Steven Santos) Date: Tue, 9 Oct 2007 11:39:52 -0400 Subject: [K12OSN] Charter School Message-ID: Simply Circus is putting in a new charter school proposal with the state of Mass., and I need some advice for the IT section of our proposal... First, while I can't specify it in so many words, I want to specify K12LTSP, and I am looking for language that will do so. We have a small K12LTSP server in our office that gets used for web surfing and OOo. Second, I need to offer a fairly wide range of services, and wish to do so with central LDAP authentication. For this proposal I need to include the names of software packages that do the job, and support LDAP for single sign on. I need suggestions for all of the following (they do not have to be OSS, but its obviously preferred. - ID cards (UIDs tied to student and staff ID cards and access the same LDAP database) - Physical Access (building locking/security tied to magnetic ID cards) - General computing (obviously K12LTSP) - Student Information System (records, classes, grades, etc. Ability for parents to check student progress a plus) - School Lunch system that can use student ID cards (bar code or magnetic) or authenticate with UID/Password - Library system (KOHA? Something that supports LDAP) - Remote access to databases that authenticates via the LDAP database (specifically we will be interfacing with International Index to the Performing Arts, SIRS Researcher, eLibrary CE, Culture Grams, Lexis Nexus Scholastic and 3 internal databases - 1 mediwiki, 2 SQL) Third, assuming that we are approved for this, can anyone offer any advice on hiring a person whose job will be 1/2 network admin and 1/2 computer teacher? _____ Steven Santos Director, Simply Circus, Inc. Email: Steven at SimplyCircus.com Mail: 14 Pierrepont Road Newton, MA 02462 Phone: 617-527-0667 Web: www.SimplyCircus.com From henryhartley at westat.com Tue Oct 9 16:05:11 2007 From: henryhartley at westat.com (Henry Hartley) Date: Tue, 9 Oct 2007 12:05:11 -0400 Subject: [K12OSN] Charter School In-Reply-To: Message-ID: <403593359CA56C4CAE1F8F4F00DCFE7D07E20253@MAILBE2.westat.com> Steven Santos wrote: >> First, while I can't specify it in so many words, I want to specify >> K12LTSP, and I am looking for language that will do so. We have a >> small K12LTSP server in our office that gets used for web surfing >> and OOo. One approach might be to make it a matter of cost, particularly hardware and client license cost. Just state a reasonable but low end cost. If you figure $100 to $150 each for the client boxes, plus monitors, etc. and zero for client software licenses, that should effectively narrow the field to something you can be happy with. At the same time, you can specify "state of the art" software - something like "a modern office suite including word processing, spreadsheet, presentation, and drawing package" (e.g. OpenOffice.org). You might also specify that all software used on the school system be available to students free of charge. That will eliminate some competing systems. -- Henry From scott at hosef.org Tue Oct 9 16:50:55 2007 From: scott at hosef.org (R. Scott Belford) Date: Tue, 09 Oct 2007 06:50:55 -1000 Subject: [K12OSN] Authenticating Edubuntu 7.04 LTSP Clients from SMBLDAP Server Message-ID: <470BB16F.30506@hosef.org> Aloha Y'all Has anyone had documented success authenticating Edubuntu 7.04 ltsp clients off of a smbldap server? If so, would you share it. I have scoured and searched, and I have found various pieces of good information linked below. No two how-tos are the same, and I am left with a few questions 1. For the clients to authenticate from the smbldap server, do I need to make the changes in the server's /etc or /opt/ltsp/i386/etc/ directory? 2. Is authtool supposed to work, because it does not. Any insight would make the sun shine brighter here. --scott References http://www.redhat.com/archives/k12osn/2005-October/msg00315.html http://www.1-cs.com/ubuntu_ldap_howto.txt http://www.redhat.com/archives/k12osn/2007-August/msg00238.html http://mcwhirter.com.au/craige/blog/2006/Making-a-Debian-or-Ubuntu-Machine-an-LDAP-Authentication-Client http://developer.novell.com/wiki/index.php/Feisty/HOWTO:_Configure_Ubuntu_for_Active_Directory_Authentication From scott at hosef.org Tue Oct 9 17:10:28 2007 From: scott at hosef.org (R. Scott Belford) Date: Tue, 09 Oct 2007 07:10:28 -1000 Subject: [K12OSN] Authenticating Edubuntu 7.04 LTSP Clients from SMBLDAP Server Message-ID: <470BB604.5040308@hosef.org> Aloha Y'all Has anyone had documented success authenticating Edubuntu 7.04 ltsp clients off of a smbldap server? If so, would you share it. I have scoured and searched, and I have found various pieces of good information linked below. No two how-tos are the same, and I am left with a few questions 1. For the clients to authenticate from the smbldap server, do I need to make the changes in the server's /etc or /opt/ltsp/i386/etc/ directory? 2. Is authtool supposed to work, because it does not. Any insight would make the sun shine brighter here. --scott References http://www.redhat.com/archives/k12osn/2005-October/msg00315.html http://www.1-cs.com/ubuntu_ldap_howto.txt http://www.redhat.com/archives/k12osn/2007-August/msg00238.html http://mcwhirter.com.au/craige/blog/2006/Making-a-Debian-or-Ubuntu-Machine-an-LDAP-Authentication-Client http://developer.novell.com/wiki/index.php/Feisty/HOWTO:_Configure_Ubuntu_for_Active_Directory_Authentication From jim at winonacotter.org Tue Oct 9 19:34:44 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Tue, 9 Oct 2007 14:34:44 -0500 Subject: [K12OSN] Authenticating Edubuntu 7.04 LTSP Clients from SMBLDAP Server In-Reply-To: <470BB604.5040308@hosef.org> References: <470BB604.5040308@hosef.org> Message-ID: <20071009192009.M88678@winonacotter.org> On Tue, 09 Oct 2007 07:10:28 -1000, R. Scott Belford wrote > Aloha Y'all > > Has anyone had documented success authenticating Edubuntu 7.04 ltsp > clients off of a smbldap server? If so, would you share it. I have > scoured and searched, and I have found various pieces of good > information linked below. No two how-tos are the same, and I am left > with a few questions I assume you simply want your users on the clients to come from LDAP, correct? If so there is no need to configure anything in the client tree (/opt/ltsp/i386) as all your users are merely logging into the server. So all you have to do is get the server to authenticate to LDAP and your done. > http://www.1-cs.com/ubuntu_ldap_howto.txt I composed the above howto for building a LDAP server from scratch in Ubuntu and how to authenticate FAT clients with NFS homes and a thin client system to it. This isn't specifically written to work with the SMBLDAP installer, but I assume it would work. As long as you already have a running LDAP server the only steps you should need to deal with to authenticate are 8-12. In this case your server is the LDAP "client". I did not need SMB support as this system has gone all Linux and NFS is used for all file shares if needed. So I did not use the packaged SMB/LDAP installer. I am sure David Trask has a specific howto for that. The howto I wrote assumes you will have a local user on the server with the uid of 1000 and no conflicting user ID in the LDAP server. The configs are designed to look at local files first then LDAP, that way if things go bad you can always log in with your local user and make changes on both the thin clients and the server. I also found that my Edubuntu server ran much smoother if I added all the default system groups into the LDAP server and assigned groups by default the same way the system would to a local user. Step 4 handles creation of an ldif to import all the default groups into your LDAP system. Also step 15-16 tell you how to use Webmin to manage your users in LDAP. I have not wrote this to address the SMB stuff as I didn't need it, but you can reference how I used that to assign new users to all those groups. I think there is a howto on configuring Webmin to work with SMB/LDAP. Hope that helps, Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From krsnendu108 at gmail.com Tue Oct 9 19:47:34 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Wed, 10 Oct 2007 08:47:34 +1300 Subject: [K12OSN] Re: [Ltsp-discuss] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. In-Reply-To: References: <47067351.4070207@legalaid.mb.ca> Message-ID: Shouldn't this be... /etc/udev/rules.d/40-permissions.rules for the server. and /opt/ltsp/i386/etc/udev/rules.d/40-permissions.rules for the thin clients. On 09/10/2007, Kari Matthews wrote: > > I have edubuntu workstations ... we use smbldap and I have to add this to > get sound to work: > > sudo gedit /etc/udev/permissions.rules > > Find the sound device section > > Add MODE="0666", in front of GROUP="audio" > > I'm sure you've already tried that, but just in case ... > > ~kari > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From scott at hosef.org Tue Oct 9 20:55:04 2007 From: scott at hosef.org (R. Scott Belford) Date: Tue, 09 Oct 2007 10:55:04 -1000 Subject: [K12OSN] Authenticating Edubuntu 7.04 LTSP Clients from SMBLDAP Server Message-ID: <470BEAA8.10709@hosef.org> Jim Kronenbusch Wrote > The howto I wrote assumes you will have a local user on the server with the uid of 1000 > and no conflicting user ID in the LDAP server. The configs are designed to look at > local files first then LDAP, that way if things go bad you can always log in with your > local user and make changes on both the thin clients and the server. I also found that > my Edubuntu server ran much smoother if I added all the default system groups into the > LDAP server and assigned groups by default the same way the system would to a local > user. Step 4 handles creation of an ldif to import all the default groups into your > LDAP system. Thanks, Jim. I have followed your directions and discovered the issue was a bit of pebcak and a bit of conflicting documentation. Sorry for the duplicate post, some mx changes today are delaying receipt of my mail. I am tracking this via the web archives, so it is not an accident that this is appearing as a new thread. With the clients booting, we are facing gconf issues. For a few years our K12LTSP box was authenticating off of the smbldap box in question. Having moved to Edubuntu for the LTSP component, the users are now trying to load desktop settings specific to Fedora and not Edubuntu. They are getting desktop wallpaper and the floppy icon, but nothing else. I see you have a script to synchronize users from the LTSP box to a LDAP server. Is there something similar that we need to do, erase, or change permissions for? We now seem to need to sync our LDAP users to the LTSP box? I have tried moving gconf and .gconfd in hopes that they would be recreated, but tailing syslog revealed that both had to be present. Needing help but having fun --scott From craig at tobyhouse.com Tue Oct 9 22:30:43 2007 From: craig at tobyhouse.com (Craig White) Date: Tue, 09 Oct 2007 15:30:43 -0700 Subject: [K12OSN] ltspinfo Message-ID: <1191969043.4942.11.camel@cube.tobyhouse.com> can't find any documentation on ltspinfo command but I know it's there... [root at ltsp ~]# ltspinfo --help Unknown option: help [root at ltsp ~]# ltspinfo -h mac-linux-3 -h Option h requires an argument [root at ltsp ~]# ltspinfo -h mac-linux-3 -r Couldn't open connection to mac-linux-3:9200: Connection refused [root at ltsp ~]# man ltspinfo No manual entry for ltspinfo I'm thinking that I could shut a station off. I can't get through to make it reboot, forgetting for a moment about shutting it off. -- Craig White From jam at mcquil.com Tue Oct 9 22:49:03 2007 From: jam at mcquil.com (Jim McQuillan) Date: Tue, 09 Oct 2007 18:49:03 -0400 Subject: [K12OSN] ltspinfo In-Reply-To: <1191969043.4942.11.camel@cube.tobyhouse.com> References: <1191969043.4942.11.camel@cube.tobyhouse.com> Message-ID: <470C055F.3010108@McQuil.com> Craig, The only way you can reboot or shutdown a terminal with ltspinfo is by setting the option in lts.conf that enables the remote capabilities. Specifically, you'd need: ALLOW_SHUTDOWN = Y in your lts.conf. It's disabled by default. Once that is set, you'd need to reboot the terminal for the new setting to take effect. Jim McQuillan jam at Ltsp.org Craig White wrote: > can't find any documentation on ltspinfo command but I know it's > there... > > [root at ltsp ~]# ltspinfo --help > Unknown option: help > > [root at ltsp ~]# ltspinfo -h mac-linux-3 -h > Option h requires an argument > > [root at ltsp ~]# ltspinfo -h mac-linux-3 -r > Couldn't open connection to mac-linux-3:9200: Connection refused > > [root at ltsp ~]# man ltspinfo > No manual entry for ltspinfo > > I'm thinking that I could shut a station off. > > I can't get through to make it reboot, forgetting for a moment about > shutting it off. > From craig at tobyhouse.com Tue Oct 9 22:54:38 2007 From: craig at tobyhouse.com (Craig White) Date: Tue, 09 Oct 2007 15:54:38 -0700 Subject: [K12OSN] ltspinfo In-Reply-To: <470C055F.3010108@McQuil.com> References: <1191969043.4942.11.camel@cube.tobyhouse.com> <470C055F.3010108@McQuil.com> Message-ID: <1191970478.4942.20.camel@cube.tobyhouse.com> I thought I just did that (googling e-mails) I put it in the general section...is that OK or must it be in each workstation configuration? Thanks Craig On Tue, 2007-10-09 at 18:49 -0400, Jim McQuillan wrote: > Craig, > > The only way you can reboot or shutdown a terminal with ltspinfo is by > setting the option in lts.conf that enables the remote capabilities. > > Specifically, you'd need: > > ALLOW_SHUTDOWN = Y > > in your lts.conf. It's disabled by default. > > Once that is set, you'd need to reboot the terminal for the new setting > to take effect. > > Jim McQuillan > jam at Ltsp.org > > > > > Craig White wrote: > > can't find any documentation on ltspinfo command but I know it's > > there... > > > > [root at ltsp ~]# ltspinfo --help > > Unknown option: help > > > > [root at ltsp ~]# ltspinfo -h mac-linux-3 -h > > Option h requires an argument > > > > [root at ltsp ~]# ltspinfo -h mac-linux-3 -r > > Couldn't open connection to mac-linux-3:9200: Connection refused > > > > [root at ltsp ~]# man ltspinfo > > No manual entry for ltspinfo > > > > I'm thinking that I could shut a station off. > > > > I can't get through to make it reboot, forgetting for a moment about > > shutting it off. > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White From craig at tobyhouse.com Tue Oct 9 23:27:13 2007 From: craig at tobyhouse.com (Craig White) Date: Tue, 09 Oct 2007 16:27:13 -0700 Subject: [K12OSN] ltspinfo In-Reply-To: <470C055F.3010108@McQuil.com> References: <1191969043.4942.11.camel@cube.tobyhouse.com> <470C055F.3010108@McQuil.com> Message-ID: <1191972433.4942.29.camel@cube.tobyhouse.com> Didn't matter if it was in General section or specific workstation section. I have been rebooting the workstations too. My thinking is that the problem is somehow involved with the fact that my Macintosh workstations never get their hostname set (which you generously worked with me on). It's not a big deal...it would have been nice to just shut off the workstations by cron script at night. Thanks Craig On Tue, 2007-10-09 at 18:49 -0400, Jim McQuillan wrote: > Craig, > > The only way you can reboot or shutdown a terminal with ltspinfo is by > setting the option in lts.conf that enables the remote capabilities. > > Specifically, you'd need: > > ALLOW_SHUTDOWN = Y > > in your lts.conf. It's disabled by default. > > Once that is set, you'd need to reboot the terminal for the new setting > to take effect. > > Jim McQuillan > jam at Ltsp.org > > > > > Craig White wrote: > > can't find any documentation on ltspinfo command but I know it's > > there... > > > > [root at ltsp ~]# ltspinfo --help > > Unknown option: help > > > > [root at ltsp ~]# ltspinfo -h mac-linux-3 -h > > Option h requires an argument > > > > [root at ltsp ~]# ltspinfo -h mac-linux-3 -r > > Couldn't open connection to mac-linux-3:9200: Connection refused > > > > [root at ltsp ~]# man ltspinfo > > No manual entry for ltspinfo > > > > I'm thinking that I could shut a station off. > > > > I can't get through to make it reboot, forgetting for a moment about > > shutting it off. > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White From jam at mcquil.com Tue Oct 9 23:08:01 2007 From: jam at mcquil.com (Jim McQuillan) Date: Tue, 09 Oct 2007 19:08:01 -0400 Subject: [K12OSN] ltspinfo In-Reply-To: <1191970478.4942.20.camel@cube.tobyhouse.com> References: <1191969043.4942.11.camel@cube.tobyhouse.com> <470C055F.3010108@McQuil.com> <1191970478.4942.20.camel@cube.tobyhouse.com> Message-ID: <470C09D1.5080409@McQuil.com> Craig White wrote: > I thought I just did that (googling e-mails) > > I put it in the general section...is that OK or must it be in each > workstation configuration? The [default] section is fine, if you want to enable that setting on all of your terminals. the specific section is what you'd want if you just want to enable that feature for specific workstations. I'm guessing that you are doing this on a Mac client tho. I'm not sure what's in the mac tree. that's not official LTSP-4.2. I'm not sure how old it is. Take a look in the (ltsp_root)/etc directory for a file called 'run_ltspinfod'. If you have that file, then the 'ALLOW_SHUTDOWN' paramter should do the trick. If you don't have that file, then your chroot tree is probably too old. Jim McQuillan jam at Ltsp.org > > Thanks > > Craig > > On Tue, 2007-10-09 at 18:49 -0400, Jim McQuillan wrote: >> Craig, >> >> The only way you can reboot or shutdown a terminal with ltspinfo is by >> setting the option in lts.conf that enables the remote capabilities. >> >> Specifically, you'd need: >> >> ALLOW_SHUTDOWN = Y >> >> in your lts.conf. It's disabled by default. >> >> Once that is set, you'd need to reboot the terminal for the new setting >> to take effect. >> >> Jim McQuillan >> jam at Ltsp.org >> >> >> >> >> Craig White wrote: >>> can't find any documentation on ltspinfo command but I know it's >>> there... >>> >>> [root at ltsp ~]# ltspinfo --help >>> Unknown option: help >>> >>> [root at ltsp ~]# ltspinfo -h mac-linux-3 -h >>> Option h requires an argument >>> >>> [root at ltsp ~]# ltspinfo -h mac-linux-3 -r >>> Couldn't open connection to mac-linux-3:9200: Connection refused >>> >>> [root at ltsp ~]# man ltspinfo >>> No manual entry for ltspinfo >>> >>> I'm thinking that I could shut a station off. >>> >>> I can't get through to make it reboot, forgetting for a moment about >>> shutting it off. >>> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see From microman at cmosnetworks.com Wed Oct 10 05:52:03 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Wed, 10 Oct 2007 01:52:03 -0400 Subject: [K12OSN] Charter School In-Reply-To: References: Message-ID: <470C6883.3090902@cmosnetworks.com> While I don't have much for your second question, I do have some input for your first and third questions. Answers below. --TP Steven Santos wrote: > Simply Circus is putting in a new charter school proposal with the state of > Mass., and I need some advice for the IT section of our proposal... > > First, while I can't specify it in so many words, I want to specify K12LTSP, > and I am looking for language that will do so. We have a small K12LTSP > server in our office that gets used for web surfing and OOo. > > Easy. Just do like the politicians do when they want to allocate earmark funds. Specify the following parameters for "The System": 1.) Must use a thin client architecture, and must use either the EtherBoot or PXE-Boot TFTP-booting specifications. 2.) Must be able to use older Intel "Pentium I" computers as a TFTP-booting thin client. [N. B. to my knowledge, only EtherBoot will do this!] 3.) Must be able to use older Apple Macintoshes (e. g. iMac G3) as a TFTP-booting thin client. [N. B. K12LTSP is preconfigured for this, and several of us do it, including me.] 4.) Must use the OpenLDAP directory system. [This gives the illusion that Apple's Mac OS X might be considered! Heh heh] 5.) Must use the Heimdal Kerberos authentication system. [Many, including the famous OpenBSD development team, prefer Heimdal Kerberos for security reasons.] You get the idea. :-) > Second, I need to offer a fairly wide range of services, and wish to do so > with central LDAP authentication. For this proposal I need to include the > names of software packages that do the job, and support LDAP for single sign > on. I need suggestions for all of the following (they do not have to be > OSS, but its obviously preferred. > > - ID cards (UIDs tied to student and staff ID cards and access the same LDAP > database) > > - Physical Access (building locking/security tied to magnetic ID cards) > > - General computing (obviously K12LTSP) > > - Student Information System (records, classes, grades, etc. Ability for > parents to check student progress a plus) > For a Student Information System, you might look at something called Web2School. In a conversation with them a while back, they told me that it is Java-based, runs on GNU/Linux, and is usable with pretty much any browser. Worth talking to them, perhaps. > - School Lunch system that can use student ID cards (bar code or magnetic) > or authenticate with UID/Password > > - Library system (KOHA? Something that supports LDAP) > > - Remote access to databases that authenticates via the LDAP database > (specifically we will be interfacing with International Index to the > Performing Arts, SIRS Researcher, eLibrary CE, Culture Grams, Lexis Nexus > Scholastic and 3 internal databases - 1 mediwiki, 2 SQL) > > > Third, assuming that we are approved for this, can anyone offer any advice > on hiring a person whose job will be 1/2 network admin and 1/2 computer > teacher? While it's doable, this one's not so easy. It's not because there aren't qualified people; there are plenty. But there are a few issues that, as a school employee myself and systems engineer/trainer, I can see you running into: 1.) It'd be a pay cut for a lot of people to go to the instructional side. Schools are just too damned cheap with teacher salaries, even my district. For example, I'm on the Dept. of IT side. If I were to get reclassed on the teacher scale, it'd be a US $30,000 pay cut for me. And that's at the high end of teacher's salaries! 2.) You'll have to weed through a flood of MCSE's and MCP's trying to sell you on MS Windows so that they stand a chance of getting the job. They are absolutely petrified of anything UNIX-y. Yes, in my MCSE days, I was guilty of exactly this. 3.) Most teachers (not all, but most) are ABSOLUTELY STUPID when it comes to computers, unfortunately. I see this every day. 4.) There's more than one male teacher that I know who left the profession after false accusations by underage girls for giving them the "B" or "C" that they actually deserved, instead of just handing them the "A" (didn't do their homework, etc.). I've seen these guys in their classrooms, and I can tell you we lost some very good teachers that way. So, my suggestion to you would be to head over to your local GNU/Linux Users' Group and tell people what you're trying to do. Since you're in Massachusetts, I don't know how close you are to Cambridge, but you might go visit the Free Software Foundation offices there and explain your situation. Given what you want to do, I'm sure they'd be *GLAD* to at least point you in the right direction. They may even know someone who'd be a good fit! --TP From accessys at smart.net Wed Oct 10 13:38:21 2007 From: accessys at smart.net (Accessys@smart.net) Date: Wed, 10 Oct 2007 09:38:21 -0400 (EDT) Subject: [K12OSN] ***Texas Users: How to deal with test.nav In-Reply-To: References: <4703679C0200006C00007937@episd14.episd.org> Message-ID: no said exact opposite, it is against the law to mandate a system that is proprietary unless it is provided free to those who do not have it. however as far as I know this is only for people with disabilities since it is in the ADA law. Bob On Thu, 4 Oct 2007 ahodson at elp.rr.com wrote: > I am surprised nobody picked up on this comment, as it really doesn't > clarify what side of the fence you are sitting on. Are you saying that > it is ILLEGAL to run a state mandated test on a system that is not > proprietary (ie, Mac or Windows?) - If that is so, could you please > expand a little? I sincerely hope that we haven't arrived at the stage > where your operating system is mandated by law/lawyers/politicians!!! > cheers > Alan Hodson > El Paso, TX > -=o=- > > ----- Original Message ----- > From: "Accessys at smart.net" > Date: Wednesday, October 3, 2007 10:26 am > Subject: Re: [K12OSN] Texas Users: How to deal with test.nav > To: "Support list for open source software in schools." > > > > > technically under ADA and 508 laws it is illegal to MANDATE an > > unprovided (free) proprietary system. I think there are a few other > > laws on this issue too. > > > > Bob > > > > On Wed, 3 Oct 2007, Alan Hodson wrote: > > > > > Greetings again list > > > > > > Texas users are mandated to use test.nav as an assessment tool - > > we as a district naturally have it available on Macs and PCs. I am > > wondering if anyone knows of a hack/way to implement the needed > > applications so thin-client labs can also become usable for testing. > > > Thanks > > > > > > Alan Hodson > > > http://tinyurl.com/3e4sh8 > > > El Paso ISD, TX > > > -=o=- > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > > > > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > occasionally a true patriot must defend his country from its' > > > government+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > "They that can give up essential liberty to obtain a little temporary > > safety deserve Neither liberty nor safety", Benjamin Franklin > > - - - - - - - - - - - - - - - - - > > - - > > ASCII Ribbon Campaign. . . . . . . . . . . . accessBob > > .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . > > accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . > > . . Access Systems, engineers > > .NO attachments in e-mail, .*LINUX powered*. access is a civil > > > right*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# > > THIS message and any attachments are CONFIDENTIAL and may be > > privileged. They are intended ONLY for the individual or entity named > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ occasionally a true patriot must defend his country from its' government +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ "They that can give up essential liberty to obtain a little temporary safety deserve Neither liberty nor safety", Benjamin Franklin - - - - - - - - - - - - - - - - - - - ASCII Ribbon Campaign. . . . . . . . . . . . accessBob .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . . . Access Systems, engineers .NO attachments in e-mail, .*LINUX powered*. access is a civil right *#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# THIS message and any attachments are CONFIDENTIAL and may be privileged. They are intended ONLY for the individual or entity named From kevin_mims at yahoo.com Wed Oct 10 14:06:48 2007 From: kevin_mims at yahoo.com (Kevin Mims) Date: Wed, 10 Oct 2007 07:06:48 -0700 (PDT) Subject: [K12OSN] Use K12LTSP with existing DHCP server In-Reply-To: <42933.192.168.254.3.1191889655.squirrel@www.eazylivin.net> Message-ID: <615330.71703.qm@web55615.mail.re4.yahoo.com> Wonderful! I'll give this a try and let you know. Thanks! Barry Cisna wrote: Hi Kevin, Is your new server a two nic server setup? If so, how about keeping your existing Winders dhcp server " as is" and running your K12LTSP/eth0 nic, on port 1067, to " hide "it from the Winders machines? This way you can run 506 machines on the same subnet if you want to without even doing any vlan hocus pocus:) It is easy to setup your K12LTSP server to operate on port 1067 for dishing dhcp to " just" your thin clients. What medium are you using to boot? if you are using PXE via the onboard nics , for example this option would be too much of a hassle for you though. You can also setup in your /etc/dhcp-k12ltsp.conf file to specify your Winders dhcp server ip address at next-server xxx.xxx.xxx.xxx; # simply enter your winders dhcp server here then in a bash terminal do a ' server dhcpd restart' Let us know. Take Care, Barry Cisna _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From rowens at bio-chemvalve.com Wed Oct 10 14:14:48 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Wed, 10 Oct 2007 10:14:48 -0400 Subject: [K12OSN] Moving Home files to a new server In-Reply-To: References: <4709B600.10301@snarlnet.com> <470B9032.7010200@bio-chemvalve.com> Message-ID: <470CDE58.7080802@bio-chemvalve.com> Not that I know of. The reason you are seeing numbers in the user and group field is that particular system has no username associated with the number you are seeing. Note that the 'find' command I posted below still works if you specify a UID number in the 'wrongusername' field. -Rob Krsnendu dasa wrote: > Is there a way to nfs mount a drive from another system with the same names > but different uids and gids. I have just installed Edubuntu after previously > installing K12ltsp. I used smbldap both times but I chose to make a new > database the second time. If I copy the files from the old machine to the > new machine the permissions match (showing names) but if I mount with nfs > directly from the other machine it only shows numbers (not names) and > therefore the user and group ownership doesn't match. > > Is there a /etc/exports or /etc/fstab option to get around this? > > Krsnendu dasa > > On 10/10/2007, Rob Owens wrote: >> Carl, >> >> The system assigns ownership based on UID and GID (numbers) and >> "translates" that to usernames. Your user and group ID numbers in >> /etc/passwd and /etc/group need to be the same on the new system as they >> were on the old system. >> >> Alternatively, you can fix your problems by doing a "find" of files >> owned by a particular user and change ownership to the proper user. >> Same thing for groups. Like this: >> >> find /home -user wrongusername -exec chown -R rightusername {} \; >> find /home -group wronggroup -exec chgrp -R rightgroup {} \; >> >> Please test this on a small batch of files before letting it loose on >> your whole system. Also note that I specified /home as the path. You >> may have other folders to search, for instance /mnt/shared_drive or >> something. >> >> -Rob >> >> Carl Keil wrote: >>> Hi Folks, >>> >>> So, the big disaster happened. My K12LTSP hard drive died. I've got >>> everything backed up (thank you BackupPC), so I thought I was golden, >>> but I'm having a weird problem. >>> >>> When I restore files from backup they are showing up "read only" in >>> people's directories. When I do a "ls -la /home/username" it is showing >>> that the files are owned by other users and other groups. A "chown -R >>> username:groupname /home/username" doesn't solve the problem. >>> I tried copying over all the 500+ /etc/passwd and /etc/shadow info from >>> the most recent backup but after that I couldn't even log in as >>> different users. Any suggestions for what I should do? I'd really like >>> to just set up new user accounts for everyone and then just copy over >>> selected files from backup for each user. This is a family installation >>> of K12LTSP, so there are only about 10 user accounts. I used "useradd" >>> on the new server to create everyone's account and I don't think I did >>> them in the same order as the original server. Should I delete everyone >>> and re-add them in the exact same order? I could do that based on >>> /etc/passwd from the backup? >>> >>> Thanks a lot, >>> >>> ck >>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> > > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From rowens at bio-chemvalve.com Wed Oct 10 14:35:47 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Wed, 10 Oct 2007 10:35:47 -0400 Subject: [K12OSN] USB hub not working on VXL thinclients ( TC4331 ) In-Reply-To: <00ae01c8064e$27e935f0$870d10ac@melka> References: <00ae01c8064e$27e935f0$870d10ac@melka> Message-ID: <470CE343.2030106@bio-chemvalve.com> I'm definitely not an expert on this stuff, so consider that when evaluating my response. If your thin client has a "usb hub", as you say, then the problem may be similar to what I reported in this thread: https://listman.redhat.com/archives/k12osn/2007-June/msg00289.html Basically, the thin client recognizes that the hub is there (or in my case, the card reader) because that is what is "plugged in" to the thin client. But anything that gets plugged in to the hub is not "noticed" by the kernel (it does not trigger an event, is the proper terminology I think). I never found a solution, but somebody gave me the idea that if you treated the usb hub (or card reader) more like a cdrom drive, then it would constantly check to see if something was plugged in to the hub. My understanding is that this is technically possible, but the developers have limited time and higher priorities than this one, which is understandable. -Rob Meelis wrote: > As I can see nobody could help me solve this problem. Just like nobody > shared no ideas how to enable martcard > support that was an issue about ... ummm ... 3 months ago and still not > solved. (No mail was returned at that time aswell!) > > It would be nice if someone at least writes an answer "I do not know" so > I would know this list is still active and my mail goes through. To get > no answer at all is silly and frustrating. > > -------------------------------------- > > And update to the problem : > > USB hub is still not working. I got so far that installed FC6 on the > testserver with several updates to the packages. Kernel files including. > I suspect that client is loading an old kernel (2.6.17.xx or something) > but new kernel seems to be 2.6.2x.xx. I used ltspadmin utility to update > but as I boot up the client ... it still shows that old kernel is > loaded. So I switched pxelinux.0 and vmlinuz.ltsp files and their links > to new ones (4.2) but still nothing. Client gets old kernel. > > Next I managed to get kernel panic message with the text like > "modules.dep not found in this location " but there is a > modules.dep in that location and it is set with read/write/what ever > permissions. I tryed some copy/paste solutions so it's OK for me to get > the panic message. > > Now I got to a point where I started to suspect maybe it's thinclient > firmware problem. Navigated to their webpage, downloaded the manual and > firmware releace notes (april 2007) and found out that there really is > a problem like mine. The problem was old kernel that is updated to newer > version with this update(logical as edubuntu server recognizes the usb > hub). As I'm not using thinclient software to boot there is no use for > this firmware update. This so called update is software based firmware > update that updates preinstalled linux. > > Could someone please help me and write if there is somekind of manual > for updateing ltsp kernel files that are sent to clients in order to > make the USB hub work? > > Using FC6 downloaded from K12LTSP page with LTSP version 4.2 (at least I > think it is using this version as it was updated with ltspadmin utility) > > With respect, > > Meelis Mihhailov > ----------------------------------------- > S?steemi administraator > Eesti Rahvusraamatukogu > Infos?steemide osakond > Telefon : 6307 181 > E-mail : meelis at nlib.ee > ----------------------------------------- > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From craig at tobyhouse.com Wed Oct 10 16:35:50 2007 From: craig at tobyhouse.com (Craig White) Date: Wed, 10 Oct 2007 09:35:50 -0700 Subject: [K12OSN] ltspinfo In-Reply-To: <470C09D1.5080409@McQuil.com> References: <1191969043.4942.11.camel@cube.tobyhouse.com> <470C055F.3010108@McQuil.com> <1191970478.4942.20.camel@cube.tobyhouse.com> <470C09D1.5080409@McQuil.com> Message-ID: <1192034150.4942.45.camel@cube.tobyhouse.com> On Tue, 2007-10-09 at 19:08 -0400, Jim McQuillan wrote: > > Craig White wrote: > > I thought I just did that (googling e-mails) > > > > I put it in the general section...is that OK or must it be in each > > workstation configuration? > > The [default] section is fine, if you want to enable that setting on all > of your terminals. the specific section is what you'd want if you just > want to enable that feature for specific workstations. > > I'm guessing that you are doing this on a Mac client tho. I'm not sure > what's in the mac tree. that's not official LTSP-4.2. I'm not sure how > old it is. Take a look in the (ltsp_root)/etc directory for a file > called 'run_ltspinfod'. If you have that file, then the > 'ALLOW_SHUTDOWN' paramter should do the trick. If you don't have that > file, then your chroot tree is probably too old. ---- Yes, Macintosh - that's where the best challenges are ;-) You guys have seemingly worked out most of the challenges with that hardware and it would be too easy. the file is definitely there (in /opt/ltsp/ppc/etc) by tracking through things in i386 tree, it would appear that by virtue of the line in /opt/ltsp/ppc/etc/inittab - this should have executed... l:345:respawn:/etc/run_ltspinfod and on a workstation, I am trying to reload via init Q (and init q - by using SCREEN_02 which is a shell) But the result is still the same... [root at ltsp etc]# ltspinfo -h mac-linux-1 -s Couldn't open connection to mac-linux-1:9200: Connection refused Studying the methodology employed by i386, i386/etc/inittab is created on the fly by virtue of i386/etc/rc.early-sysinit which doesn't exist in the ppc tree. I'll keep playing with it but if you have any ideas, please continue to toss them out...I appreciate all your help - you've gotten me close. Thanks -- Craig White From rowens at bio-chemvalve.com Wed Oct 10 17:49:10 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Wed, 10 Oct 2007 13:49:10 -0400 Subject: [K12OSN] In-Reply-To: References: <715471.66408.qm@web55606.mail.re4.yahoo.com><37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl><46FC9D1D.6030401@cmosnetworks.com><9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl><46FD3DC5.8020101@cmosnetworks.com><1191003954.31843.103.camel@cube.tobyhouse.com><1191262071.3387.30.camel@cube.tobyhouse.com> <1191270800.3387.53.camel@cube.tobyhouse.com> Message-ID: <470D1096.50206@bio-chemvalve.com> Levi, That's the only way I was able to give Linux users proper access to a shared folder on a Windows server. I used pam_mount to accomplish it. I can't say that I'm completely happy with the solution (I sometimes get long log-in times). I think the best thing would be do move the files to a Linux-based file server and share it with Samba. -Rob Kemp, Levi wrote: > So is it going to be best(or easiest) to have each user mount the network drive as they log in, just like there home directory? I don't know why I didn't think of doing this before, I would have to change the links to applications on that server but it seems like it would be the quickest solution. > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Mon 10/1/2007 3:33 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > if Apps is mounted by root, then root owns the mount and all > files/folders - that's something you can easily confirm from any > workstation. > > On Mon, 2007-10-01 at 14:39 -0500, Kemp, Levi wrote: >> Apps is mounted on M by root. And as far as security on the windows server all users have read/write access to the main apps folder, sub-folders vary by depending on use. Users are authenticated against a windows AD using winbind, that's the reason their home directories mount correctly. But would it be bad for the LTSP server to mount luke seperately for each user? If that would work, I'd just go that route. >> >> >> Levi Kemp >> Technology Specialist >> Bolivar R-1 Schools >> 417-328-8943 >> lnkemp at bolivar.k12.mo.us >> >> >> >> -----Original Message----- >> From: k12osn-bounces at redhat.com on behalf of Craig White >> Sent: Mon 10/1/2007 1:07 PM >> To: Support list for open source software in schools. >> Subject: RE: [K12OSN] >> >> If you look directly on the computer named //LUKE and the folder that is >> shared as 'apps' - it would appear that a typical user doesn't have >> write access. Windows 2000 Server (and Windows 2003 server also) have a >> nice tool built-in to test user privileges...right click on a folder and >> choose Properties => Security => Advanced => User then you can locate a >> user and see his privileges on that folder. >> >> is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't >> have write access >> >> how are ltsp users authenticated? By local /etc/passwd entry? by >> winbindd from Windows Server? >> >> Craig >> >> On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: >>> Here is my print out from mount: >>> >>> /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) >>> proc on /proc type proc (rw) >>> sysfs on /sys type sysfs (rw) >>> devpts on /dev/pts type devpts (rw,gid=5,mode=620) >>> /dev/cciss/c0d0p1 on /boot type ext3 (rw) >>> tmpfs on /dev/shm type tmpfs (rw) >>> none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) >>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) >>> //luke/apps on /mnt/M type cifs (rw,mand) >>> //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) >>> //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) >>> nfsd on /proc/fs/nfsd type nfsd (rw) >>> //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) >>> //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) >>> //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) >>> //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) >>> //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) >>> >>> The folder in question is //luke/apps >>> All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. >>> >>> Levi Kemp >>> Technology Specialist >>> Bolivar R-1 Schools >>> 417-328-8943 >>> lnkemp at bolivar.k12.mo.us >>> >>> >>> >>> -----Original Message----- >>> From: k12osn-bounces at redhat.com on behalf of Craig White >>> Sent: Fri 9/28/2007 1:25 PM >>> To: Support list for open source software in schools. >>> Subject: Re: [K12OSN] >>> >>> On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: >>>> Hello everyone, >>>> It's been too long since I've checked the list. I've had a lot >>>> of "fun" working with our LTSP lab. I finally resolved my issue with >>>> scholastic software. Even though I was able to get the older version >>>> working in the lab, it came down to the fact that the database wasn't >>>> stable. According to scholastic, "It is self-corrupting, two minutes >>>> after running the maintenance you WILL have errors in it again." So we >>>> upgraded to the new Enterprise Edition", which runs on a MySql database, >>>> using a flash player as a browser on the client to access the apps on >>>> the server. It uses Jboss as the appliation server. Funny how almost all >>>> of the software used open source, good side though, wine opens the >>>> executable to run any of the apps and uses native flash player, java, >>>> adobe, etc. So there is one problem solved. Unfortunately I'm still >>>> having a problem with a network drive that the school uses for both a >>>> digital dropbox and a basic application server for apps like microtype >>>> and geometer sketchpad. No on seems to have write access to the mounted >>>> drive and that is the main problem. It seems like it shouldn't be a hard >>>> thing to figure out, but I haven't had as much time to spend on it as I >>>> need to. Where should I start looking to fix this aside from chmod, >>>> because that doesn't seem to do it. If you need more info let me know, >>>> I'm hoping to get it fixed by Monday, otherwise I may be forced into a >>>> Microsoft Terminal setup, and that would kill me. >>> ---- >>> spare us the drama >>> >>> is the mount read only? on a computer that doesn't have write access to >>> the mounted drive, can you run the command... >>> >>> mount >>> >>> and report back to us? >>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see From jones_yeates at hotmail.com Wed Oct 10 18:17:01 2007 From: jones_yeates at hotmail.com (jones yeates) Date: Wed, 10 Oct 2007 18:17:01 +0000 Subject: [K12OSN] Static IP address Message-ID: Currently I am using DHCP to obtain an IP address for eth1. I have been given a static IP address to use, but when I try changing it, the change doesn't seem to get processed properly. Does anyone know how to give eth1 a static IP address and have it work? Thank you. _________________________________________________________________ Express yourself with free Messenger emoticons. Get them today! http://www.freemessengeremoticons.ca/?icid=EMENCA122 From mel at melwade.com Wed Oct 10 18:21:10 2007 From: mel at melwade.com (Mel Wade) Date: Wed, 10 Oct 2007 11:21:10 -0700 Subject: [K12OSN] Static IP address In-Reply-To: References: Message-ID: <43080f460710101121o7d378328u2a422104f63292b0@mail.gmail.com> Be sure to restart the network services after changing the IP configuration. service network restart On 10/10/07, jones yeates wrote: > > > Currently I am using DHCP to obtain an IP address for eth1. I have been > given a static IP address to use, but when I try changing it, the change > doesn't seem to get processed properly. > > Does anyone know how to give eth1 a static IP address and have it work? > > Thank you. > _________________________________________________________________ > Express yourself with free Messenger emoticons. Get them today! > http://www.freemessengeremoticons.ca/?icid=EMENCA122 > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- Mel Wade "The real problem is not whether machines think but whether men do." - BF Skinner http://www.melwade.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From scott at hosef.org Wed Oct 10 19:14:52 2007 From: scott at hosef.org (R. Scott Belford) Date: Wed, 10 Oct 2007 09:14:52 -1000 Subject: [K12OSN] Gnome Differences Between Fedora and Edubuntu Message-ID: <470D24AC.6080502@hosef.org> Aloha Folks We are migrating our K12LTSP server to Edubuntu 7.04. User homes and logins are handled by a smbldap server. Authentication of existing and the creation of new users works great. The problem is that the edubuntu thin-clients cannot load a desktop that is using existing fedora settings stored in their profiles. We have found that we can wipe all files in a current users directory, extract a tar.gz template made from a newly created user, and the existing user loads fine. If we don't wipe all the files in a current user's directory, and extract the template over the existing files, the user's desktop does not load. It appears that there are a few hidden files that are fedora specific that keep gnome from loading. I made a list of them. They are below. As we try to eliminate them one by one, I ponder - there must be a better way. Has anyone else dealt with this, and is there a more obvious way to handle this migration? Is it obvious that one of the below files must be deleted, is this a GID UID issue, or..? --scott ------------------------------- drwxrwx--x+ 2 tyler2c Domain Users 4096 Sep 9 2003 .AppleDB\ drwxrwx--x+ 2 tyler2c Domain Users 4096 Sep 9 2003 .AppleDouble\ drwxr-xr-x 6 tyler2c Domain Users 4096 Sep 18 13:56 .childsplay\ -rw-rwxr--+ 1 tyler2c Domain Users 73 Oct 13 2006 .crash_reportrc\ drwxrwx---+ 2 tyler2c Domain Users 4096 Jan 12 2007 .eggcups\ drwxr-xr-x 3 tyler2c Domain Users 4096 Sep 25 13:40 .evolution\ -rw-rwxr--+ 1 tyler2c Domain Users 101 Dec 13 2006 .fonts.cache-1\ drwxr-xr-x 6 tyler2c Domain Users 4096 Sep 18 14:06 .gcompris\ -rw-rwxr--+ 1 tyler2c Domain Users 120 Oct 30 2003 .gtkrc\ drwx------ 2 tyler2c Domain Users 4096 Aug 28 14:01 .kde\ prw-rwxr--+ 1 tyler2c Domain Users 0 Jan 12 2007 .lbus_fifo\ -rw-rwxr--+ 1 tyler2c Domain Users 346 Sep 25 13:25 .lbussd.out\ drwxrwx---+ 3 tyler2c Domain Users 4096 Apr 10 11:06 .macromedia\ -rw-rwxr--+ 1 tyler2c Domain Users 3082 Jan 16 2004 .mailcap\ drwxrwxr-x+ 2 tyler2c Domain Users 4096 Jan 30 2004 .mcop\ -rw-rwxr--+ 1 tyler2c Domain Users 1270 Jan 16 2004 .mime.types\ -rw-rwxr--+ 1 tyler2c Domain Users 482 Mar 11 2005 .mtoolsfm\ -rw-rwxr--+ 1 tyler2c Domain Users 32 Aug 18 2003 .mtoolsrc\ drwxrwxr-x+ 3 tyler2c Domain Users 4096 Sep 25 13:49 .openoffice.org2.0\ drwx------ 2 tyler2c Domain Users 4096 Sep 18 13:37 .purple\ drwxrwxr-x+ 2 tyler2c Domain Users 4096 Apr 11 2006 .qt\ -rw-rwx---+ 1 tyler2c Domain Users 2298 Sep 4 14:02 .recently-used\ -rw-r--r-- 1 tyler2c Domain Users 2309 Sep 4 13:42 .recently-used.xbel\ drwxrwxr-x+ 3 tyler2c Domain Users 4096 Jan 12 2007 .redhat\ -rwxrwxr-x+ 1 tyler2c Domain Users 66 Jan 16 2004 .sversionrc\ drwxrwxr-x+ 2 tyler2c Domain Users 4096 Feb 7 2006 .tuxtype\ From jim at winonacotter.org Wed Oct 10 19:32:03 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Wed, 10 Oct 2007 14:32:03 -0500 Subject: [K12OSN] Authenticating Edubuntu 7.04 LTSP Clients from SMBLDAP Server In-Reply-To: <470BEAA8.10709@hosef.org> References: <470BEAA8.10709@hosef.org> Message-ID: <20071010192406.M19472@winonacotter.org> > Thanks, Jim. I have followed your directions and discovered the issue > was a bit of pebcak and a bit of conflicting documentation. Sorry for > the duplicate post, some mx changes today are delaying receipt of my > mail. I am tracking this via the web archives, so it is not an accident > that this is appearing as a new thread. > > With the clients booting, we are facing gconf issues. For a few years > our K12LTSP box was authenticating off of the smbldap box in question. > Having moved to Edubuntu for the LTSP component, the users are now > trying to load desktop settings specific to Fedora and not Edubuntu. > They are getting desktop wallpaper and the floppy icon, but nothing else. > > I see you have a script to synchronize users from the LTSP box to a LDAP > server. Is there something similar that we need to do, erase, or change > permissions for? We now seem to need to sync our LDAP users to the LTSP > box? > > I have tried moving gconf and .gconfd in hopes that they would be > recreated, but tailing syslog revealed that both had to be present. > > Needing help but having fun When I set ours up this summer I deleted all .files out of user directories in /home to avoid this problem. I also had a fresh ldap server and used webmin to run the import, so webmin was set to pull from /etc/skel on the LTSP server when creating new accounts. I also had old stuff in /home from a K12LTSP6 server so I wanted to be sure to avoid conflicts. My setup seemed to create needed .files and everything worked out fine. I wasn't worried about saving personalized settings and just wanted to be sure "everything" worked with the new system so I dumped everything. Maybe not removing all .files is where your problem lies? I am not sure what you mean by a script to sync LDAP to LTSP. Maybe you mean the pam_mkhomedir.so skel=/etc/skel/ line in common-session?: sudo vim common-session Add: session required pam_unix.so session required pam_mkhomedir.so skel=/etc/skel/ session optional pam_ldap.so session optional pam_foreground.so This is the part that tells LDAP to create a /home directory if one doesn't exist and to copy the contents from /etc/skel there (I think :-). I wasn't able to get things working without this. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jim at winonacotter.org Wed Oct 10 19:57:08 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Wed, 10 Oct 2007 14:57:08 -0500 Subject: [K12OSN] USB hub not working on VXL thinclients ( TC4331 ) In-Reply-To: <00ae01c8064e$27e935f0$870d10ac@melka> References: <00ae01c8064e$27e935f0$870d10ac@melka> Message-ID: <20071010194730.M15868@winonacotter.org> On Thu, 4 Oct 2007 09:16:52 +0300, Meelis wrote > As I can see nobody could help me solve this problem. Just like nobody > shared no ideas how to enable martcard > support that was an issue about ... ummm ... 3 months ago and still not > solved. (No mail was returned at that time aswell!) > > It would be nice if someone at least writes an answer "I do not know" so I > would know this list is still active and my mail goes through. To get no > answer at all is silly and frustrating. Would 400 "I do not know" messages really be all that helpful? It is very safe to assume that if nobody responds that nobody knows or the users who do know did not see the message, or maybe saw it and did not post due to time constraints and forgot (I have done this plenty of times). A polite response to your original post saying "I'm still working on this and have made no progress, ideas?" Would be enough to get it in front of everyone again so you are not forgotten. If you search the archives you'll see the mentioned thread regarding the problems with USB hubs not working (Scott Balnaeves gave a great explanation on why this is a problem). As for Smartcards not working "I do not know". Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From scott at hosef.org Thu Oct 11 01:47:34 2007 From: scott at hosef.org (R. Scott Belford) Date: Wed, 10 Oct 2007 15:47:34 -1000 Subject: [K12OSN] Gnome Differences Between Fedora and Edubuntu - Solved In-Reply-To: <470D24AC.6080502@hosef.org> References: <470D24AC.6080502@hosef.org> Message-ID: <470D80B6.8000601@hosef.org> R. Scott Belford wrote: > > We have found that we can wipe all files in a current users directory, > extract a tar.gz template made from a newly created user, and the > existing user loads fine. If we don't wipe all the files in a current > user's directory, and extract the template over the existing files, the > user's desktop does not load. It appears that there are a few hidden > files that are fedora specific that keep gnome from loading. Syntax and permissions seem to have solved this issue. We have now, with only some pain, migrated the desktop settings from one variance of gnome to another in a thin-client environment. Given the superhuman work Eric does to make the k12ltsp so easy, one may wonder, for good reason, why. That's just the fun of fiddling, I guess. We made a new user with the smbldap-adduser command. Peter, the teacher, tweaked and refined its desktop and menus. We tarred this template user's home directory as template.tar.gz. Its gconf and gnome settings were appropriately tuned for the edubuntu variance of gnome. We extracted the template.tar.gz file in the home/user directories of a few students previously booting a fedora-specific gnome environment. After appropriately chown'ing the users' hidden and visible files, the edubuntu menus and complete desktop load. Prior to the extraction, only the wallpaper would load. Documents and application-specific hidden files are still present. From the 'template' user's directory tar -cvzf template.tar.gz * .[a-zA-Z0-9]* we then copied this to the /home/{user} tar -xvzf template.tar.gz then, change permissions chown -fR user:Domain\ Users * .[^.]* or, as I was told, it could have been chown -R user:Domain\ Users ~user Now to script this for all the users. Any insight is welcome. We still have to make all the clients automagically use 1024x768 as they did before with the k12ltsp. Knowing that muekow is bringing edubuntu and the k12ltsp together into a package, I hope that this noisy post has been a little helpful. Ensuing wiki entries to come. --scott From scott at hosef.org Thu Oct 11 02:30:19 2007 From: scott at hosef.org (R. Scott Belford) Date: Wed, 10 Oct 2007 16:30:19 -1000 Subject: [K12OSN] Authenticating Edubuntu 7.04 LTSP Clients from SMBLDAP - Solved In-Reply-To: <20071010192406.M19472@winonacotter.org> References: <470BEAA8.10709@hosef.org> <20071010192406.M19472@winonacotter.org> Message-ID: <470D8ABB.3010608@hosef.org> Jim Kronebusch wrote: Thanks, Jim. I think you see from the other post that the main issue was solved. > > I am not sure what you mean by a script to sync LDAP to LTSP. Maybe you mean the > pam_mkhomedir.so skel=/etc/skel/ line in common-session?: Well, at first I thought maybe there was a UID type issue that could be changed by comparing and changing the settings. I was clearly grasping for logic. > > sudo vim common-session > Add: > session required pam_unix.so > session required pam_mkhomedir.so skel=/etc/skel/ > session optional pam_ldap.so > session optional pam_foreground.so > > This is the part that tells LDAP to create a /home directory if one doesn't exist and to > copy the contents from /etc/skel there (I think :-). I wasn't able to get things > working without this. Your excellent how-to guide included this, and it works. In fact, we are copying our template user's configs into here (/etc/skel) so that future users have the pre-defined desktop setting we want. It is currently not working just right simply because not all monitors are automagically adjusting to 1024x768. Once I figure that out, well, there will be something else. > > Jim > --scott From ahodson at elp.rr.com Thu Oct 11 02:33:26 2007 From: ahodson at elp.rr.com (ahodson at elp.rr.com) Date: Wed, 10 Oct 2007 20:33:26 -0600 Subject: [K12OSN] ***Texas Users: thin clients running PC programs via WTS In-Reply-To: References: <4703679C0200006C00007937@episd14.episd.org> Message-ID: TEA provides the web-based login for TestNav, the applications that run on Macs or PCs. We've tried using Windows Terminal Services (Virtual Server) - bought enough licenses for each lab, created users, gave them appropriate rights, and we are ready to roll... Connecting from the thin clients is SUPER easy - I assume other sites are using similar solutions for PC Programs that "must" be run on thin client labs. Cheers Alan Hodson El Paso ISD, TX -=o=- ----- Original Message ----- From: "Accessys at smart.net" Date: Wednesday, October 10, 2007 7:43 am Subject: Re: [K12OSN] ***Texas Users: How to deal with test.nav To: "Support list for open source software in schools." > > no said exact opposite, it is against the law to mandate a system that > is proprietary unless it is provided free to those who do not have it. > > however as far as I know this is only for people with disabilities > since it is in the ADA law. > > Bob > > > On Thu, 4 Oct 2007 ahodson at elp.rr.com wrote: > > > I am surprised nobody picked up on this comment, as it really > doesn't> clarify what side of the fence you are sitting on. Are you > saying that > > it is ILLEGAL to run a state mandated test on a system that is not > > proprietary (ie, Mac or Windows?) - If that is so, could you please > > expand a little? I sincerely hope that we haven't arrived at the > stage> where your operating system is mandated by > law/lawyers/politicians!!!> cheers > > Alan Hodson > > El Paso, TX > > -=o=- > > > > ----- Original Message ----- > > From: "Accessys at smart.net" > > Date: Wednesday, October 3, 2007 10:26 am > > Subject: Re: [K12OSN] Texas Users: How to deal with test.nav > > To: "Support list for open source software in schools." > > > > > > > > technically under ADA and 508 laws it is illegal to MANDATE an > > > unprovided (free) proprietary system. I think there are a > few other > > > laws on this issue too. > > > > > > Bob > > > > > > On Wed, 3 Oct 2007, Alan Hodson wrote: > > > > > > > Greetings again list > > > > > > > > Texas users are mandated to use test.nav as an assessment > tool - > > > we as a district naturally have it available on Macs and PCs. I am > > > wondering if anyone knows of a hack/way to implement the needed > > > applications so thin-client labs can also become usable for > testing.> > > Thanks > > > > > > > > Alan Hodson > > > > http://tinyurl.com/3e4sh8 > > > > El Paso ISD, TX > > > > -=o=- > > > > > > > > _______________________________________________ > > > > K12OSN mailing list > > > > K12OSN at redhat.com > > > > https://www.redhat.com/mailman/listinfo/k12osn > > > > For more info see > > > > > > > > > > > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++> > occasionally a true patriot must defend his country from its' > > > > > > government+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++> > "They that can give up essential liberty to obtain a little temporary > > > safety deserve Neither liberty nor safety", Benjamin Franklin > > > - - - - - - - - - - - - - - - - > - > > > - - > > > ASCII Ribbon Campaign. . . . . . . . . . . . accessBob > > > .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . > > > accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . > . . > > > . . Access Systems, engineers > > > .NO attachments in e-mail, .*LINUX powered*. access is a civil > > > > > > right*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#> > THIS message and any attachments are CONFIDENTIAL and may be > > > privileged. They are intended ONLY for the individual or > entity named > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > occasionally a true patriot must defend his country from its' > government+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > "They that can give up essential liberty to obtain a little temporary > safety deserve Neither liberty nor safety", Benjamin Franklin > - - - - - - - - - - - - - - - - - > - - > ASCII Ribbon Campaign. . . . . . . . . . . . accessBob > .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . > accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . > . . Access Systems, engineers > .NO attachments in e-mail, .*LINUX powered*. access is a civil > right*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# > THIS message and any attachments are CONFIDENTIAL and may be > privileged. They are intended ONLY for the individual or entity named > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jim at winonacotter.org Thu Oct 11 05:07:57 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Thu, 11 Oct 2007 00:07:57 -0500 Subject: [K12OSN] Authenticating Edubuntu 7.04 LTSP Clients from SMBLDAP - Solved In-Reply-To: <470D8ABB.3010608@hosef.org> References: <470BEAA8.10709@hosef.org> <20071010192406.M19472@winonacotter.org> <470D8ABB.3010608@hosef.org> Message-ID: <20071011050141.M44844@winonacotter.org> > Thanks, Jim. I think you see from the other post that the main issue > was solved. Cool, glad you got things figured out. > Your excellent how-to guide included this, and it works. In fact, we > are copying our template user's configs into here (/etc/skel) so that > future users have the pre-defined desktop setting we want. Thanks. All the steps are there, but explanation I am sure is lacking. I have a bunch of tutorials from getting my system going this year that I hope to get on the Edubuntu wiki shortly. When I post things there I will try and give some decent explanation as well. Also I need to break things up as the tutorial covers setting up LDAP and configuring a thin client system and fat clients to all talk together. Happy you were able to make sense of it :-) > It is currently not working just right simply because not all monitors > are automagically adjusting to 1024x768. Once I figure that out, well, > there will be something else. Can't help you there. I think you may want to browse the Edubuntu archives as I think some others ran into this a while back (may be mistaken, so don't search too long :-) I had a few bugs to work out, but I am VERY happy with how things are running at this point. Only problem I have currently is periodic browser crashes with Flash 9 sites, but usually this happens when they are playing flash games....so I don't care. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From meelis at nlib.ee Thu Oct 11 08:25:46 2007 From: meelis at nlib.ee (Meelis) Date: Thu, 11 Oct 2007 11:25:46 +0300 Subject: [K12OSN] USB hub not working on VXL thinclients ( TC4331 ) SOLVED References: <00ae01c8064e$27e935f0$870d10ac@melka> <20071010194730.M15868@winonacotter.org> Message-ID: <011401c80be0$52a9d1e0$870d10ac@melka> Hi Jim and thanks for the reply. If there was a text about this by Scott Balnaeves it would have been nice to make a reference to it at that time. No answer about it will not make me belive that nobody knows nothing at all. I'm a forum person and I'm used to the custom that instead of not answering people post links to related topics or webpages in order to help me get some sort of solution. However I have found a solution to USB problem thaks to Dave Hopkins who was kind to help me. There is no need to start pointing fingers and blaim people as this will take all day and solves nothing. :) For the future I'll share my solution as it might help others who may get the same problem :) My problem was with the kernel that was too old to handle new terminal USB hub. As I tried to update it by yum I found out that this did not do the trick. It did update packages but left alone LTSP packages that were in use. So first I updated by yum that downloaded new k12ltsp packages with the new kernel files. Now that I had the kernel I needed to give them to terminals. However as yum did not update ltsp fully I needed to use ltspadmin utility and set the location to old ltsp dir. ( /opt/ltsp ). Default would have been /opt/ltsp-4.2 or someting like that. So now that I updated by ltspadmin and my files in ltsp directory were fully updated I needed to make some new symlinks in order to serve terminals the new kernel. So first I copied from the kernel dir (from tftpboot dir made by yum) new PXE files to old PXE directory. Next I remade the symlinks to point to the new kernel. This did the trick as my terminals started to download the kernel and finally I got the USB hub working. With regards, Meelis --- meelis at nlib.ee ----- Original Message ----- From: "Jim Kronebusch" To: "Support list for open source software in schools." Sent: Wednesday, October 10, 2007 10:57 PM Subject: Re: [K12OSN] USB hub not working on VXL thinclients ( TC4331 ) > On Thu, 4 Oct 2007 09:16:52 +0300, Meelis wrote >> As I can see nobody could help me solve this problem. Just like nobody >> shared no ideas how to enable martcard >> support that was an issue about ... ummm ... 3 months ago and still not >> solved. (No mail was returned at that time aswell!) >> >> It would be nice if someone at least writes an answer "I do not know" so >> I >> would know this list is still active and my mail goes through. To get no >> answer at all is silly and frustrating. > > Would 400 "I do not know" messages really be all that helpful? It is very > safe to > assume that if nobody responds that nobody knows or the users who do know > did not see > the message, or maybe saw it and did not post due to time constraints and > forgot (I have > done this plenty of times). A polite response to your original post > saying "I'm still > working on this and have made no progress, ideas?" Would be enough to get > it in front > of everyone again so you are not forgotten. > > If you search the archives you'll see the mentioned thread regarding the > problems with > USB hubs not working (Scott Balnaeves gave a great explanation on why this > is a > problem). As for Smartcards not working "I do not know". > > Jim > > -- > This message has been scanned for viruses and > dangerous content by the Cotter Technology > Department, and is believed to be clean. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From rowens at bio-chemvalve.com Thu Oct 11 14:44:38 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Thu, 11 Oct 2007 10:44:38 -0400 Subject: [K12OSN] smbldap and XP Home - non-domain member access Message-ID: <470E36D6.9000300@bio-chemvalve.com> If I use the smbldap-installer scripts, will I still be able to create a Samba share that is accessible to non-domain members? For instance, XP Home Edition machines (which do not have the ability to join a domian). My understanding of a windows domain is that all shares and services are only available to domain members. I'd like to be able to bypass that rule with my soon-to-be smbldap setup, if possible. -Rob From ascensiontech at gmail.com Thu Oct 11 14:50:20 2007 From: ascensiontech at gmail.com (Peter Hartmann) Date: Thu, 11 Oct 2007 10:50:20 -0400 Subject: [K12OSN] smbldap and XP Home - non-domain member access In-Reply-To: <470E36D6.9000300@bio-chemvalve.com> References: <470E36D6.9000300@bio-chemvalve.com> Message-ID: <9bd317560710110750x709423c2q87a2fad5e916cd7b@mail.gmail.com> On windows you'd activating the 'guest' account to give XP Home access. I'm not sure how to do that on samba however. Peter On 10/11/07, Rob Owens wrote: > If I use the smbldap-installer scripts, will I still be able to create a > Samba share that is accessible to non-domain members? For instance, XP > Home Edition machines (which do not have the ability to join a domian). > > My understanding of a windows domain is that all shares and services are > only available to domain members. I'd like to be able to bypass that > rule with my soon-to-be smbldap setup, if possible. > > -Rob > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From thewhitmers at gmail.com Thu Oct 11 14:55:52 2007 From: thewhitmers at gmail.com (David Whitmer) Date: Thu, 11 Oct 2007 10:55:52 -0400 Subject: [K12OSN] smbldap and XP Home - non-domain member access In-Reply-To: <470E36D6.9000300@bio-chemvalve.com> References: <470E36D6.9000300@bio-chemvalve.com> Message-ID: On 10/11/07, Rob Owens wrote: > > If I use the smbldap-installer scripts, will I still be able to create a > Samba share that is accessible to non-domain members? For instance, XP > Home Edition machines (which do not have the ability to join a domian). > > My understanding of a windows domain is that all shares and services are > only available to domain members. I'd like to be able to bypass that > rule with my soon-to-be smbldap setup, if possible. > > -Rob > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see http://www.k12os.org > Do you want the XP Home Edition users to have to supply a username & password when access the Samba shares? In our setup, XP Home Edition users can easily access our file server's Samba shares by just supplying their domain username & password when prompted for those. (We'd used the smbldap-installer scripts, too.) David Whitmer Director of Media & Technology Calvary Schools of Holland (Michigan) web: www.calvaryschoolsholland.org personal email: thewhitmers at gmail.com school email: david.whitmer at cshk12.org -------------- next part -------------- An HTML attachment was scrubbed... URL: From craig at tobyhouse.com Thu Oct 11 16:20:12 2007 From: craig at tobyhouse.com (Craig White) Date: Thu, 11 Oct 2007 09:20:12 -0700 Subject: [K12OSN] smbldap and XP Home - non-domain member access In-Reply-To: <470E36D6.9000300@bio-chemvalve.com> References: <470E36D6.9000300@bio-chemvalve.com> Message-ID: <1192119612.18828.7.camel@cube.tobyhouse.com> On Thu, 2007-10-11 at 10:44 -0400, Rob Owens wrote: > If I use the smbldap-installer scripts, will I still be able to create a > Samba share that is accessible to non-domain members? For instance, XP > Home Edition machines (which do not have the ability to join a domian). > > My understanding of a windows domain is that all shares and services are > only available to domain members. I'd like to be able to bypass that > rule with my soon-to-be smbldap setup, if possible. ---- XP home (and likewise, Vista home) versions can connect to shares but since there is no domain membership, each connection is separately authenticated. There is no security mechanism built into Windows that would prevent a user from authenticating as DOMAIN\User within underlying Windows authentication but policies might be able to add additional security features like this. Unfortunately, within Samba, there really isn't much available as a group policy. I have given users on WinXP Home shell scripts to connect to domain based shares... something like this (from memory, untested) net use f: /DELETE net use f: \\SERVER\SHARE PASSWORD /USER:some_login I think you can omit the password for it to prompt user... net use /? for info (obviously from Windows CLI) -- Craig White From shane.sammons at gmail.com Thu Oct 11 16:47:02 2007 From: shane.sammons at gmail.com (Shane Sammons) Date: Thu, 11 Oct 2007 12:47:02 -0400 Subject: [K12OSN] Linux, Windows, and my DNS troubles Message-ID: <3610bbec0710110947t1d246923x16074fbd6caa74c2@mail.gmail.com> Hi everyone! I am encountering an issue with DNS I have never experienced before. I am hopeful someone can think of something I have missed, or maybe has encountered something similar and has an answer. I switched DNS to a Windows server so I can re-build a server. Everything seemed fine at first, then caches cleared and our domains we manage on the server for the network were no longer accessible. I tossed this up to an error on my part. I checked my A name entries and everything. It all was correct. I then proceeded to use ping and nslookup. The DNS server responded quickly with the proper IP address and I could ping -a and get the name back from the IP. The network has all 3com switches, but is 99% Mac's. I thought perhaps there is a protocol or such that isn't playing nice with windows. The OS X server used BIND, I am sure a modified version. So, on another server I setup Ubuntu Linux and installed BIND 9. I set everything up on there and testing things again. This time I used dig on that server, nslookup from my workstation. Same, server responded yet I can not access the domain via a browser. So I ventured onto IRC, where some helpful people told me to telnet from the DNS server to the webservers domain (telnet npelem.com 80). I did this and it connected, they then told me to type "GET / HTTP/1.0" (may have the slash wrong) and press enter twice. I did that, and low and behold it returned the HTML code of the index.php. At this point they told me DNS is doing its job and it is the browser. I quit for the day. Today I came in and decided it can't be 3 new systems, 2 servers, and 3 different operating systems. I am on Vista with FireFox and IE 7, the Windows server was not updated to IE 7, so it just has the secured IE with I took down to low security, and Ubuntu Linux 7.04 using FireFox. Both the Windows 2003 server and the Ubuntu system have DNS running. So instead of just explaining more and more I will just list some information and link to the BIND file I pasted at pastebin.ca. Windows Server 2003, ip 192.168.168.6 static, running DHCP and DNS, no Active Directory / Domain integration, just a plain DHCP/DNS server. DHCP points it for DNS DHCP supplies: IP, Gateway, Subnet, DNS, TimeServer, and LDAP Ubuntu: IP 192.168.168.7 DNS using BIND9 only. Setup for itself and my Vista system only as DNS server My System: I installed wireshark to watch the network today, I use DHCP via wired connecting, but set the DNS manually to 192.168.168.7 Old Server: OS X Server 10.3.9 running AFP, DNS, DHCP, NFS, Open Directory, Print Sharing. IP 192.168.168.203 (don't ask...I am changing it when I re-do the server) Webserver/MailServer: OS X Server 10.3.9, IP 192.168.112.2 Network Devices: Barracuda Spyware Firewall (192.168.168.2) and Watchguard Firebox Edge X50 ( 192.168.168.1 -Gateway) Note: Firebox was the former filter, it now just does NAT routing to direct traffic to our off network webserver, it allows passthrough between the networks with no restrictions atm..defeating the purpose of the segmentation I know). The two new servers are Dell Power Edge 860's. My system is an HP Pavillion Notebook, and the old server is an Xserver. BIND9 Files: (all zones and zone config) http://www.pastebin.ca/733070 (just the named.conf main file) http://www.pastebin.ca/733077 Seperated the first paste's files with equals signs Our domains: npelem.com and nationalpark.k12.nj.us (they just need to redirect to servers, nothing like active directory where it is integrated into every system) Here is the really strange thing that has me baffled. While running wire shark, I can see BIND requests as DNS, while most request to Microsoft show as MDNS. As I watched my system, when I go to say www.google.com with FireFox I see the request and the response with the DNS protocol. When I go to one of the two domains the server manages, I never see the request or a response on wireshark. I tried this on the server, but wireshark can't see the looping on the server, as it never goes across the network and is handled internally. Anyone have a clue why the local command line testing say the DNS on both server is working fine, yet applications like FireFox can't ever get to the webserver via name but by IP? If you need more information please let me know. I am going nuts, because I can't track this down yet. Thanks, Shane Sammons National Park Elementary -------------- next part -------------- An HTML attachment was scrubbed... URL: From mblinn at peopleplaces.org Thu Oct 11 17:58:40 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Thu, 11 Oct 2007 13:58:40 -0400 Subject: [K12OSN] LTSP5 Message-ID: <470E6450.2060100@peopleplaces.org> Has there been any development toward implementing LTSP5 in Fedora? Ubuntu has done a good job of active integration, and, being a Fedora fan, I would like to be able to continue to use LTSP as Fedora matures. It seems to me like, with the wealth of knowledge available through this list, we ought to be able to throw together a small team to at least have a look at the problem, but if there is a push already in progress then I'd like to know - I wouldn't want to duplicate work. Any takers? -Michael From craig at tobyhouse.com Thu Oct 11 18:05:38 2007 From: craig at tobyhouse.com (Craig White) Date: Thu, 11 Oct 2007 11:05:38 -0700 Subject: [K12OSN] ltspinfo In-Reply-To: <470C09D1.5080409@McQuil.com> References: <1191969043.4942.11.camel@cube.tobyhouse.com> <470C055F.3010108@McQuil.com> <1191970478.4942.20.camel@cube.tobyhouse.com> <470C09D1.5080409@McQuil.com> Message-ID: <1192125939.18828.27.camel@cube.tobyhouse.com> On Tue, 2007-10-09 at 19:08 -0400, Jim McQuillan wrote: > > Craig White wrote: > > I thought I just did that (googling e-mails) > > > > I put it in the general section...is that OK or must it be in each > > workstation configuration? > > The [default] section is fine, if you want to enable that setting on all > of your terminals. the specific section is what you'd want if you just > want to enable that feature for specific workstations. > > I'm guessing that you are doing this on a Mac client tho. I'm not sure > what's in the mac tree. that's not official LTSP-4.2. I'm not sure how > old it is. Take a look in the (ltsp_root)/etc directory for a file > called 'run_ltspinfod'. If you have that file, then the > 'ALLOW_SHUTDOWN' paramter should do the trick. If you don't have that > file, then your chroot tree is probably too old. > > > Jim McQuillan > jam at Ltsp.org > > > > > > > Thanks > > > > Craig > > > > On Tue, 2007-10-09 at 18:49 -0400, Jim McQuillan wrote: > >> Craig, > >> > >> The only way you can reboot or shutdown a terminal with ltspinfo is by > >> setting the option in lts.conf that enables the remote capabilities. > >> > >> Specifically, you'd need: > >> > >> ALLOW_SHUTDOWN = Y > >> > >> in your lts.conf. It's disabled by default. > >> > >> Once that is set, you'd need to reboot the terminal for the new setting > >> to take effect. > >> > >> Jim McQuillan > >> jam at Ltsp.org > >> > >> > >> > >> > >> Craig White wrote: > >>> can't find any documentation on ltspinfo command but I know it's > >>> there... > >>> > >>> [root at ltsp ~]# ltspinfo --help > >>> Unknown option: help > >>> > >>> [root at ltsp ~]# ltspinfo -h mac-linux-3 -h > >>> Option h requires an argument > >>> > >>> [root at ltsp ~]# ltspinfo -h mac-linux-3 -r > >>> Couldn't open connection to mac-linux-3:9200: Connection refused > >>> > >>> [root at ltsp ~]# man ltspinfo > >>> No manual entry for ltspinfo > >>> > >>> I'm thinking that I could shut a station off. > >>> > >>> I can't get through to make it reboot, forgetting for a moment about > >>> shutting it off. ---- OK - going through what is happening on a PPC (iMac) workstation. # ps aux|grep ltspinfo 257 root 2628 S /bin/sh /etc/run_ltspinfod 354 root 1460 R /sbin/ltspinfod --nodaemon -s -r so it's clear that the line in /opt/ltsp/ppc/etc/inittab l:345:respawn:/etc/run_ltspinfod is being executed (pid 257) and in turn, that tells the system to execute /sbin/ltspinfod --nodaemon -s -r (pid 354) but it's clearly not responding to port 9200 -- Craig White From craig at tobyhouse.com Thu Oct 11 18:07:41 2007 From: craig at tobyhouse.com (Craig White) Date: Thu, 11 Oct 2007 11:07:41 -0700 Subject: [K12OSN] LTSP5 In-Reply-To: <470E6450.2060100@peopleplaces.org> References: <470E6450.2060100@peopleplaces.org> Message-ID: <1192126061.18828.30.camel@cube.tobyhouse.com> On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: > Has there been any development toward implementing LTSP5 in Fedora? > Ubuntu has done a good job of active integration, and, being a Fedora > fan, I would like to be able to continue to use LTSP as Fedora matures. > It seems to me like, with the wealth of knowledge available through this > list, we ought to be able to throw together a small team to at least > have a look at the problem, but if there is a push already in progress > then I'd like to know - I wouldn't want to duplicate work. > > Any takers? ---- the uptake that I had on irc with the developers is that they are solely concentrated on Ubuntu. -- Craig White From jam at mcquil.com Thu Oct 11 18:32:09 2007 From: jam at mcquil.com (Jim McQuillan) Date: Thu, 11 Oct 2007 14:32:09 -0400 Subject: [K12OSN] LTSP5 In-Reply-To: <1192126061.18828.30.camel@cube.tobyhouse.com> References: <470E6450.2060100@peopleplaces.org> <1192126061.18828.30.camel@cube.tobyhouse.com> Message-ID: <470E6C29.1020402@McQuil.com> Craig White wrote: > On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: >> Has there been any development toward implementing LTSP5 in Fedora? >> Ubuntu has done a good job of active integration, and, being a Fedora >> fan, I would like to be able to continue to use LTSP as Fedora matures. >> It seems to me like, with the wealth of knowledge available through this >> list, we ought to be able to throw together a small team to at least >> have a look at the problem, but if there is a push already in progress >> then I'd like to know - I wouldn't want to duplicate work. >> >> Any takers? > ---- > the uptake that I had on irc with the developers is that they are solely > concentrated on Ubuntu. Because this really can't be done without the cooperation with the distro team, and so far, Ubuntu is the only distro that has stepped up and provided access and commitment from their developers. Fedora talks about it, but so far hasn't provided any help. OpenSuse is definately making some headway with the kiwi-ltsp stuff. Still, I don't think they are getting much traction within the distro tho. Believe me, if distro folks would come into the IRC channel, we'd be glad to work with them to get LTSP-5 working. Jim McQuillan jam at Ltsp.org From krsnendu108 at gmail.com Thu Oct 11 19:12:18 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Fri, 12 Oct 2007 08:12:18 +1300 Subject: [K12OSN] LTSP5 In-Reply-To: <470E6C29.1020402@McQuil.com> References: <470E6450.2060100@peopleplaces.org> <1192126061.18828.30.camel@cube.tobyhouse.com> <470E6C29.1020402@McQuil.com> Message-ID: What about K12LTSP 7? On 12/10/2007, Jim McQuillan wrote: > > > > Craig White wrote: > > On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: > >> Has there been any development toward implementing LTSP5 in Fedora? > >> Ubuntu has done a good job of active integration, and, being a Fedora > >> fan, I would like to be able to continue to use LTSP as Fedora matures. > >> It seems to me like, with the wealth of knowledge available through > this > >> list, we ought to be able to throw together a small team to at least > >> have a look at the problem, but if there is a push already in progress > >> then I'd like to know - I wouldn't want to duplicate work. > >> > >> Any takers? > > ---- > > the uptake that I had on irc with the developers is that they are solely > > concentrated on Ubuntu. > > Because this really can't be done without the cooperation with the > distro team, and so far, Ubuntu is the only distro that has stepped up > and provided access and commitment from their developers. > > Fedora talks about it, but so far hasn't provided any help. > > OpenSuse is definately making some headway with the kiwi-ltsp stuff. > Still, I don't think they are getting much traction within the distro tho. > > Believe me, if distro folks would come into the IRC channel, we'd be > glad to work with them to get LTSP-5 working. > > Jim McQuillan > jam at Ltsp.org > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ernie_hudson at snowline.k12.ca.us Thu Oct 11 19:55:10 2007 From: ernie_hudson at snowline.k12.ca.us (Ernie Hudson) Date: Thu, 11 Oct 2007 12:55:10 -0700 Subject: [K12OSN] usb drives on thin clients not mounting k12ltsp ver6 Message-ID: I have been using edubuntu and everything has just worked from the start. We are considering using k12ltsp for our computer labs so I did a fresh install, ran all the updates, etc.. The clients boot up and everything is fine except for the fact that the usb drives will not mount on the clients. They will mount on the server just fine. Made sure that users are a member of the fuse group. What gives? Ernie Hudson CLS3 Serrano High School -------------- next part -------------- An HTML attachment was scrubbed... URL: From monteslu at cox.net Thu Oct 11 19:55:29 2007 From: monteslu at cox.net (monteslu at cox.net) Date: Thu, 11 Oct 2007 12:55:29 -0700 Subject: [K12OSN] LTSP5 In-Reply-To: Message-ID: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> Fedora 8 is out in less than a month. If there's going to be another k12 ltsp4.x-based release it would seem like a waste to use fedora 7. Luis ---- Krsnendu dasa wrote: > What about K12LTSP 7? > > On 12/10/2007, Jim McQuillan wrote: > > > > > > > > Craig White wrote: > > > On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: > > >> Has there been any development toward implementing LTSP5 in Fedora? > > >> Ubuntu has done a good job of active integration, and, being a Fedora > > >> fan, I would like to be able to continue to use LTSP as Fedora matures. > > >> It seems to me like, with the wealth of knowledge available through > > this > > >> list, we ought to be able to throw together a small team to at least > > >> have a look at the problem, but if there is a push already in progress > > >> then I'd like to know - I wouldn't want to duplicate work. > > >> > > >> Any takers? > > > ---- > > > the uptake that I had on irc with the developers is that they are solely > > > concentrated on Ubuntu. > > > > Because this really can't be done without the cooperation with the > > distro team, and so far, Ubuntu is the only distro that has stepped up > > and provided access and commitment from their developers. > > > > Fedora talks about it, but so far hasn't provided any help. > > > > OpenSuse is definately making some headway with the kiwi-ltsp stuff. > > Still, I don't think they are getting much traction within the distro tho. > > > > Believe me, if distro folks would come into the IRC channel, we'd be > > glad to work with them to get LTSP-5 working. > > > > Jim McQuillan > > jam at Ltsp.org > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > From peter at scheie.homedns.org Fri Oct 12 00:43:18 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Thu, 11 Oct 2007 19:43:18 -0500 Subject: [K12OSN] LTSP5 In-Reply-To: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> Message-ID: <470EC326.6000102@scheie.homedns.org> Actually, a beta version of K12LTSP7, based on Fedora 7, is available at ftp://k12linux.mesd.k12.or.us/pub/K12LTSP/testing/7.0.0-32bit/iso and has been since July or so. The problem is that K12LTSP is largely the result of one man's efforts, Eric, and the time he can devote to it varies. While LTSP development is focused on LTSP 5, I would argue that there's not a significant benefit *to users* of version 5 over version 4.2. Therefore, in many (most?) cases, K12LTSP 6, based on LTSP 4.2 and Fedora 6, or K12LTSP-5EL, based on LTSP 4.2 and Centos5, is just fine, and can actually perform better in some areas such as client boot time. Lately, I've been sticking with vesion 5EL because it's got long-term support, and I don't see any compelling advantage to LTSP 5 yet. LTSP 5 is the future, and I watch it closely, but I don't think users will notice much if any difference. Others may disagree with me, and that's okay. ;-) Peter monteslu at cox.net wrote: > Fedora 8 is out in less than a month. If there's going to be another k12 ltsp4.x-based release it would seem like a waste to use fedora 7. > > Luis > > ---- Krsnendu dasa wrote: >> What about K12LTSP 7? >> >> On 12/10/2007, Jim McQuillan wrote: >>> >>> >>> Craig White wrote: >>>> On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: >>>>> Has there been any development toward implementing LTSP5 in Fedora? >>>>> Ubuntu has done a good job of active integration, and, being a Fedora >>>>> fan, I would like to be able to continue to use LTSP as Fedora matures. >>>>> It seems to me like, with the wealth of knowledge available through >>> this >>>>> list, we ought to be able to throw together a small team to at least >>>>> have a look at the problem, but if there is a push already in progress >>>>> then I'd like to know - I wouldn't want to duplicate work. >>>>> >>>>> Any takers? >>>> ---- >>>> the uptake that I had on irc with the developers is that they are solely >>>> concentrated on Ubuntu. >>> Because this really can't be done without the cooperation with the >>> distro team, and so far, Ubuntu is the only distro that has stepped up >>> and provided access and commitment from their developers. >>> >>> Fedora talks about it, but so far hasn't provided any help. >>> >>> OpenSuse is definately making some headway with the kiwi-ltsp stuff. >>> Still, I don't think they are getting much traction within the distro tho. >>> >>> Believe me, if distro folks would come into the IRC channel, we'd be >>> glad to work with them to get LTSP-5 working. >>> >>> Jim McQuillan >>> jam at Ltsp.org >>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >>> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From rmiller at seminole.k12.ga.us Fri Oct 12 00:41:42 2007 From: rmiller at seminole.k12.ga.us (Ronnie Miller) Date: Thu, 11 Oct 2007 20:41:42 -0400 (EDT) Subject: [K12OSN] LTSP5 Message-ID: <1839.75.91.68.147.1192149702.squirrel@mail.seminole.k12.ga.us> I'll say this for K12LTSP-5EL, it installs and works better than Version 6. I ran into several problems installing version 6 that were NOT an issue in 5EL. It is solid as a rock and I'm really enjoying it. Now, if only sound in Flash would work like it's supposed to... ERIC, KEEP UP THE GOOD WORK! YOU'VE DEFINITELY GOT A FAN IN ME! * From: Peter Scheie * To: "Support list for open source software in schools." * Subject: Re: [K12OSN] LTSP5 * Date: Thu, 11 Oct 2007 19:43:18 -0500 Actually, a beta version of K12LTSP7, based on Fedora 7, is available at ftp://k12linux.mesd.k12.or.us/pub/K12LTSP/testing/7.0.0-32bit/iso and has been since July or so. The problem is that K12LTSP is largely the result of one man's efforts, Eric, and the time he can devote to it varies. While LTSP development is focused on LTSP 5, I would argue that there's not a significant benefit *to users* of version 5 over version 4.2. Therefore, in many (most?) cases, K12LTSP 6, based on LTSP 4.2 and Fedora 6, or K12LTSP-5EL, based on LTSP 4.2 and Centos5, is just fine, and can actually perform better in some areas such as client boot time. Lately, I've been sticking with vesion 5EL because it's got long-term support, and I don't see any compelling advantage to LTSP 5 yet. LTSP 5 is the future, and I watch it closely, but I don't think users will notice much if any difference. Others may disagree with me, and that's okay. ;-) Peter monteslu cox net wrote: Fedora 8 is out in less than a month. If there's going to be another k12 ltsp4.x-based release it would seem like a waste to use fedora 7. Luis ---- Krsnendu dasa wrote: What about K12LTSP 7? On 12/10/2007, Jim McQuillan wrote: Craig White wrote: On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: Has there been any development toward implementing LTSP5 in Fedora? Ubuntu has done a good job of active integration, and, being a Fedora fan, I would like to be able to continue to use LTSP as Fedora matures. It seems to me like, with the wealth of knowledge available through this list, we ought to be able to throw together a small team to at least have a look at the problem, but if there is a push already in progress then I'd like to know - I wouldn't want to duplicate work. Any takers? ---- the uptake that I had on irc with the developers is that they are solely concentrated on Ubuntu. Because this really can't be done without the cooperation with the distro team, and so far, Ubuntu is the only distro that has stepped up and provided access and commitment from their developers. Fedora talks about it, but so far hasn't provided any help. OpenSuse is definately making some headway with the kiwi-ltsp stuff. Still, I don't think they are getting much traction within the distro tho. Believe me, if distro folks would come into the IRC channel, we'd be glad to work with them to get LTSP-5 working. Jim McQuillan jam Ltsp org _______________________________________________ K12OSN mailing list K12OSN redhat com https://www.redhat.com/mailman/listinfo/k12osn For more info see _______________________________________________ K12OSN mailing list K12OSN redhat com https://www.redhat.com/mailman/listinfo/k12osn For more info see -- Ronnie Miller Technology Specialist Seminole County Schools 800 S. Woolfork Ave. Donalsonville, GA 39845 229.524.5235 Ext. 227 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From rowens at ptd.net Fri Oct 12 01:00:06 2007 From: rowens at ptd.net (Rob Owens) Date: Thu, 11 Oct 2007 21:00:06 -0400 Subject: [K12OSN] Linux, Windows, and my DNS troubles In-Reply-To: <3610bbec0710110947t1d246923x16074fbd6caa74c2@mail.gmail.com> References: <3610bbec0710110947t1d246923x16074fbd6caa74c2@mail.gmail.com> Message-ID: <20071012010006.GA13118@junker.owens.net> Hi Shane. I'm too tired right now to follow everything that you wrote, but here's some food for thought. MS systems often (always?) use a WINS server to get DNS information. I've seen issues in the past where WINS and DNS somehow got a different set if hostname-to-IP mappings. I'm not 100% sure if this is only for internal IP addresses or if it goes for external ones as well. To clear cached DNS info on the clients, you can use: /etc/init.d/nscd restart (on linux) ipconfig /flushdns (on windows) I recall reading somewhere that Firefox has its own DNS cache. I'm not sure how to clear it, or if that's even a correct statement, but you might want to look into it. -Rob On Thu, Oct 11, 2007 at 12:47:02PM -0400, Shane Sammons wrote: > Hi everyone! > > I am encountering an issue with DNS I have never experienced before. I am > hopeful someone can think of something I have missed, or maybe has > encountered something similar and has an answer. > > I switched DNS to a Windows server so I can re-build a server. Everything > seemed fine at first, then caches cleared and our domains we manage on the > server for the network were no longer accessible. I tossed this up to an > error on my part. I checked my A name entries and everything. It all was > correct. > > I then proceeded to use ping and nslookup. The DNS server responded quickly > with the proper IP address and I could ping -a and get the name back from > the IP. > > The network has all 3com switches, but is 99% Mac's. I thought perhaps there > is a protocol or such that isn't playing nice with windows. The OS X server > used BIND, I am sure a modified version. So, on another server I setup > Ubuntu Linux and installed BIND 9. I set everything up on there and testing > things again. This time I used dig on that server, nslookup from my > workstation. Same, server responded yet I can not access the domain via a > browser. > > So I ventured onto IRC, where some helpful people told me to telnet from the > DNS server to the webservers domain (telnet npelem.com 80). I did this and > it connected, they then told me to type "GET / HTTP/1.0" (may have the slash > wrong) and press enter twice. I did that, and low and behold it returned the > HTML code of the index.php. > > At this point they told me DNS is doing its job and it is the browser. I > quit for the day. Today I came in and decided it can't be 3 new systems, 2 > servers, and 3 different operating systems. I am on Vista with FireFox and > IE 7, the Windows server was not updated to IE 7, so it just has the secured > IE with I took down to low security, and Ubuntu Linux 7.04 using FireFox. > Both the Windows 2003 server and the Ubuntu system have DNS running. > > So instead of just explaining more and more I will just list some > information and link to the BIND file I pasted at pastebin.ca. > Windows Server 2003, ip 192.168.168.6 static, running DHCP and DNS, no > Active Directory / Domain integration, just a plain DHCP/DNS server. DHCP > points it for DNS > DHCP supplies: IP, Gateway, Subnet, DNS, TimeServer, and LDAP > > Ubuntu: IP 192.168.168.7 DNS using BIND9 only. Setup for itself and my Vista > system only as DNS server > > My System: I installed wireshark to watch the network today, I use DHCP via > wired connecting, but set the DNS manually to 192.168.168.7 > > Old Server: OS X Server 10.3.9 running AFP, DNS, DHCP, NFS, Open Directory, > Print Sharing. IP 192.168.168.203 (don't ask...I am changing it when I re-do > the server) > > Webserver/MailServer: OS X Server 10.3.9, IP 192.168.112.2 > > Network Devices: Barracuda Spyware Firewall (192.168.168.2) and Watchguard > Firebox Edge X50 ( 192.168.168.1 -Gateway) > Note: Firebox was the former filter, it now just does NAT routing to direct > traffic to our off network webserver, it allows passthrough between the > networks with no restrictions atm..defeating the purpose of the segmentation > I know). > > The two new servers are Dell Power Edge 860's. My system is an HP Pavillion > Notebook, and the old server is an Xserver. > > BIND9 Files: (all zones and zone config) http://www.pastebin.ca/733070 (just > the named.conf main file) http://www.pastebin.ca/733077 > Seperated the first paste's files with equals signs > > Our domains: npelem.com and nationalpark.k12.nj.us (they just need to > redirect to servers, nothing like active directory where it is integrated > into every system) > > Here is the really strange thing that has me baffled. While running wire > shark, I can see BIND requests as DNS, while most request to Microsoft show > as MDNS. As I watched my system, when I go to say www.google.com with > FireFox I see the request and the response with the DNS protocol. When I go > to one of the two domains the server manages, I never see the request or a > response on wireshark. I tried this on the server, but wireshark can't see > the looping on the server, as it never goes across the network and is > handled internally. > > Anyone have a clue why the local command line testing say the DNS on both > server is working fine, yet applications like FireFox can't ever get to the > webserver via name but by IP? > > If you need more information please let me know. I am going nuts, because I > can't track this down yet. > > Thanks, > Shane Sammons > National Park Elementary > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From rowens at ptd.net Fri Oct 12 01:03:31 2007 From: rowens at ptd.net (Rob Owens) Date: Thu, 11 Oct 2007 21:03:31 -0400 Subject: [K12OSN] smbldap and XP Home - non-domain member access In-Reply-To: References: <470E36D6.9000300@bio-chemvalve.com> Message-ID: <20071012010331.GB13118@junker.owens.net> On Thu, Oct 11, 2007 at 10:55:52AM -0400, David Whitmer wrote: > On 10/11/07, Rob Owens wrote: > > > > If I use the smbldap-installer scripts, will I still be able to create a > > Samba share that is accessible to non-domain members? For instance, XP > > Home Edition machines (which do not have the ability to join a domian). > > > > My understanding of a windows domain is that all shares and services are > > only available to domain members. I'd like to be able to bypass that > > rule with my soon-to-be smbldap setup, if possible. > > > > -Rob > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see http://www.k12os.org > > > > > Do you want the XP Home Edition users to have to supply a username & > password when access the Samba shares? > > In our setup, XP Home Edition users can easily access our file server's > Samba shares by just supplying their domain username & password when > prompted for those. (We'd used the smbldap-installer scripts, too.) > That's good to know. I was actually looking for a way to let them access a share with no authentication, though. Similar to security=share in smb.conf. Thanks for the info everybody. -Rob From shane.sammons at gmail.com Fri Oct 12 01:09:10 2007 From: shane.sammons at gmail.com (Shane Sammons) Date: Thu, 11 Oct 2007 21:09:10 -0400 Subject: [K12OSN] Linux, Windows, and my DNS troubles In-Reply-To: <20071012010006.GA13118@junker.owens.net> References: <3610bbec0710110947t1d246923x16074fbd6caa74c2@mail.gmail.com> <20071012010006.GA13118@junker.owens.net> Message-ID: <3610bbec0710111809h42b78412te4734c3d0207c766@mail.gmail.com> Hi all, it turns out the issue was not the DNS, but instead the barracuda filter that was stopping the DNS resolution, I am not sure why it did not show the DNS request in Wireshark. However, I was getting upset and starting just simplifying the network and took a piece of the equation and tried it and finally came down to the content filter/spyware firewall. I will see what other issues crop up. Thank you all for the suggestions to try so far. Tomorrow I get to see how things run without that in place and then try and put it back in. Shane On 10/11/07, Rob Owens wrote: > > Hi Shane. > > I'm too tired right now to follow everything that you wrote, but here's > some food for thought. MS systems often (always?) use a WINS server to get > DNS information. I've seen issues in the past where WINS and DNS somehow > got a different set if hostname-to-IP mappings. I'm not 100% sure if this > is only for internal IP addresses or if it goes for external ones as well. > > To clear cached DNS info on the clients, you can use: > /etc/init.d/nscd restart (on linux) > ipconfig /flushdns (on windows) > > I recall reading somewhere that Firefox has its own DNS cache. I'm not > sure how to clear it, or if that's even a correct statement, but you might > want to look into it. > > -Rob > > On Thu, Oct 11, 2007 at 12:47:02PM -0400, Shane Sammons wrote: > > Hi everyone! > > > > I am encountering an issue with DNS I have never experienced before. I > am > > hopeful someone can think of something I have missed, or maybe has > > encountered something similar and has an answer. > > > > I switched DNS to a Windows server so I can re-build a server. > Everything > > seemed fine at first, then caches cleared and our domains we manage on > the > > server for the network were no longer accessible. I tossed this up to an > > error on my part. I checked my A name entries and everything. It all was > > correct. > > > > I then proceeded to use ping and nslookup. The DNS server responded > quickly > > with the proper IP address and I could ping -a and get the name back > from > > the IP. > > > > The network has all 3com switches, but is 99% Mac's. I thought perhaps > there > > is a protocol or such that isn't playing nice with windows. The OS X > server > > used BIND, I am sure a modified version. So, on another server I setup > > Ubuntu Linux and installed BIND 9. I set everything up on there and > testing > > things again. This time I used dig on that server, nslookup from my > > workstation. Same, server responded yet I can not access the domain via > a > > browser. > > > > So I ventured onto IRC, where some helpful people told me to telnet from > the > > DNS server to the webservers domain (telnet npelem.com 80). I did this > and > > it connected, they then told me to type "GET / HTTP/1.0" (may have the > slash > > wrong) and press enter twice. I did that, and low and behold it returned > the > > HTML code of the index.php. > > > > At this point they told me DNS is doing its job and it is the browser. I > > quit for the day. Today I came in and decided it can't be 3 new systems, > 2 > > servers, and 3 different operating systems. I am on Vista with FireFox > and > > IE 7, the Windows server was not updated to IE 7, so it just has the > secured > > IE with I took down to low security, and Ubuntu Linux 7.04 using > FireFox. > > Both the Windows 2003 server and the Ubuntu system have DNS running. > > > > So instead of just explaining more and more I will just list some > > information and link to the BIND file I pasted at pastebin.ca. > > Windows Server 2003, ip 192.168.168.6 static, running DHCP and DNS, no > > Active Directory / Domain integration, just a plain DHCP/DNS server. > DHCP > > points it for DNS > > DHCP supplies: IP, Gateway, Subnet, DNS, TimeServer, and LDAP > > > > Ubuntu: IP 192.168.168.7 DNS using BIND9 only. Setup for itself and my > Vista > > system only as DNS server > > > > My System: I installed wireshark to watch the network today, I use DHCP > via > > wired connecting, but set the DNS manually to 192.168.168.7 > > > > Old Server: OS X Server 10.3.9 running AFP, DNS, DHCP, NFS, Open > Directory, > > Print Sharing. IP 192.168.168.203 (don't ask...I am changing it when I > re-do > > the server) > > > > Webserver/MailServer: OS X Server 10.3.9, IP 192.168.112.2 > > > > Network Devices: Barracuda Spyware Firewall (192.168.168.2) and > Watchguard > > Firebox Edge X50 ( 192.168.168.1 -Gateway) > > Note: Firebox was the former filter, it now just does NAT routing to > direct > > traffic to our off network webserver, it allows passthrough between the > > networks with no restrictions atm..defeating the purpose of the > segmentation > > I know). > > > > The two new servers are Dell Power Edge 860's. My system is an HP > Pavillion > > Notebook, and the old server is an Xserver. > > > > BIND9 Files: (all zones and zone config) http://www.pastebin.ca/733070(just > > the named.conf main file) http://www.pastebin.ca/733077 > > Seperated the first paste's files with equals signs > > > > Our domains: npelem.com and nationalpark.k12.nj.us (they just need to > > redirect to servers, nothing like active directory where it is > integrated > > into every system) > > > > Here is the really strange thing that has me baffled. While running wire > > shark, I can see BIND requests as DNS, while most request to Microsoft > show > > as MDNS. As I watched my system, when I go to say www.google.com with > > FireFox I see the request and the response with the DNS protocol. When I > go > > to one of the two domains the server manages, I never see the request or > a > > response on wireshark. I tried this on the server, but wireshark can't > see > > the looping on the server, as it never goes across the network and is > > handled internally. > > > > Anyone have a clue why the local command line testing say the DNS on > both > > server is working fine, yet applications like FireFox can't ever get to > the > > webserver via name but by IP? > > > > If you need more information please let me know. I am going nuts, > because I > > can't track this down yet. > > > > Thanks, > > Shane Sammons > > National Park Elementary > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jam at mcquil.com Fri Oct 12 01:48:42 2007 From: jam at mcquil.com (Jim McQuillan) Date: Thu, 11 Oct 2007 21:48:42 -0400 Subject: [K12OSN] LTSP5 In-Reply-To: <470EC326.6000102@scheie.homedns.org> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> <470EC326.6000102@scheie.homedns.org> Message-ID: <470ED27A.4080505@McQuil.com> Peter Scheie wrote: > Actually, a beta version of K12LTSP7, based on Fedora 7, is available at > ftp://k12linux.mesd.k12.or.us/pub/K12LTSP/testing/7.0.0-32bit/iso > and has been since July or so. The problem is that K12LTSP is largely > the result of one man's efforts, Eric, and the time he can devote to it > varies. > > While LTSP development is focused on LTSP 5, I would argue that there's > not a significant benefit *to users* of version 5 over version 4.2. > Therefore, in many (most?) cases, K12LTSP 6, based on LTSP 4.2 and > Fedora 6, or K12LTSP-5EL, based on LTSP 4.2 and Centos5, is just fine, > and can actually perform better in some areas such as client boot time. > Lately, I've been sticking with vesion 5EL because it's got long-term > support, and I don't see any compelling advantage to LTSP 5 yet. LTSP 5 > is the future, and I watch it closely, but I don't think users will > notice much if any difference. Others may disagree with me, and that's > okay. ;-) > LTSP-5 is going to give you cool things like the latest version of Xorg. LTSP-4.2 is stuck back in the world of Xorg-6.9. By today's standards thats old stuff. If you are using older hardware, LTSP-4.2 is great. If you have newer thin clients, based on newer chipsets, your only hope might be LTSP-5. the LTSP-5 in Ubuntu Gutsy, which will be released next week is WAY better than any previous releases. It addresses the boot-time and run-time performance issues. It has awesome local device support, audio support, secure login and a bunch more features. While K12LTSP is an awesome distro, the LTSP that's in it is starting to show its age. Jim McQuillan jam at Ltsp.org > Peter > > monteslu at cox.net wrote: >> Fedora 8 is out in less than a month. If there's going to be another >> k12 ltsp4.x-based release it would seem like a waste to use fedora 7. >> >> Luis >> >> ---- Krsnendu dasa wrote: >>> What about K12LTSP 7? >>> >>> On 12/10/2007, Jim McQuillan wrote: >>>> >>>> >>>> Craig White wrote: >>>>> On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: >>>>>> Has there been any development toward implementing LTSP5 in Fedora? >>>>>> Ubuntu has done a good job of active integration, and, being a Fedora >>>>>> fan, I would like to be able to continue to use LTSP as Fedora >>>>>> matures. >>>>>> It seems to me like, with the wealth of knowledge available through >>>> this >>>>>> list, we ought to be able to throw together a small team to at least >>>>>> have a look at the problem, but if there is a push already in >>>>>> progress >>>>>> then I'd like to know - I wouldn't want to duplicate work. >>>>>> >>>>>> Any takers? >>>>> ---- >>>>> the uptake that I had on irc with the developers is that they are >>>>> solely >>>>> concentrated on Ubuntu. >>>> Because this really can't be done without the cooperation with the >>>> distro team, and so far, Ubuntu is the only distro that has stepped up >>>> and provided access and commitment from their developers. >>>> >>>> Fedora talks about it, but so far hasn't provided any help. >>>> >>>> OpenSuse is definately making some headway with the kiwi-ltsp stuff. >>>> Still, I don't think they are getting much traction within the >>>> distro tho. >>>> >>>> Believe me, if distro folks would come into the IRC channel, we'd be >>>> glad to work with them to get LTSP-5 working. >>>> >>>> Jim McQuillan >>>> jam at Ltsp.org >>>> >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >>>> >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From craig at tobyhouse.com Fri Oct 12 16:22:34 2007 From: craig at tobyhouse.com (Craig White) Date: Fri, 12 Oct 2007 09:22:34 -0700 Subject: [K12OSN] LTSP5 In-Reply-To: <470ED27A.4080505@McQuil.com> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> <470EC326.6000102@scheie.homedns.org> <470ED27A.4080505@McQuil.com> Message-ID: <1192206154.28176.0.camel@cube.tobyhouse.com> On Thu, 2007-10-11 at 21:48 -0400, Jim McQuillan wrote: > > Peter Scheie wrote: > > Actually, a beta version of K12LTSP7, based on Fedora 7, is available at > > ftp://k12linux.mesd.k12.or.us/pub/K12LTSP/testing/7.0.0-32bit/iso > > and has been since July or so. The problem is that K12LTSP is largely > > the result of one man's efforts, Eric, and the time he can devote to it > > varies. > > > > While LTSP development is focused on LTSP 5, I would argue that there's > > not a significant benefit *to users* of version 5 over version 4.2. > > Therefore, in many (most?) cases, K12LTSP 6, based on LTSP 4.2 and > > Fedora 6, or K12LTSP-5EL, based on LTSP 4.2 and Centos5, is just fine, > > and can actually perform better in some areas such as client boot time. > > Lately, I've been sticking with vesion 5EL because it's got long-term > > support, and I don't see any compelling advantage to LTSP 5 yet. LTSP 5 > > is the future, and I watch it closely, but I don't think users will > > notice much if any difference. Others may disagree with me, and that's > > okay. ;-) > > > > > LTSP-5 is going to give you cool things like the latest version of Xorg. > LTSP-4.2 is stuck back in the world of Xorg-6.9. By today's standards > thats old stuff. If you are using older hardware, LTSP-4.2 is great. > If you have newer thin clients, based on newer chipsets, your only hope > might be LTSP-5. > > the LTSP-5 in Ubuntu Gutsy, which will be released next week is WAY > better than any previous releases. It addresses the boot-time and > run-time performance issues. It has awesome local device support, audio > support, secure login and a bunch more features. > > While K12LTSP is an awesome distro, the LTSP that's in it is starting to > show its age. ---- even though I've always been a Red Hat / Fedora / CentOS user, I would have no qualms about switching over to Ubuntu for LTSP. -- Craig White From microman at cmosnetworks.com Fri Oct 12 17:02:39 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 12 Oct 2007 13:02:39 -0400 Subject: [K12OSN] LTSP5 In-Reply-To: <1192206154.28176.0.camel@cube.tobyhouse.com> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> <470EC326.6000102@scheie.homedns.org> <470ED27A.4080505@McQuil.com> <1192206154.28176.0.camel@cube.tobyhouse.com> Message-ID: <470FA8AF.2000300@cmosnetworks.com> Craig White wrote: > ---- > even though I've always been a Red Hat / Fedora / CentOS user, I would > have no qualms about switching over to Ubuntu for LTSP. > > In concept, neither would I, as I'm a major Kubuntu fan (my mail server runs Ubuntu Dapper). However, whenever I've tried to demo Edubuntu LTSP in front of actual people, it craps out in some way. The most recent was my Feisty Fawn demo in late June of this year. Terminals would simply hang, with no apparent reason (the server console itself was fine). Since this was a demo, I didn't have time to diagnose it. I had people in front of me, watching! Thank goodness I had planned for Murphy's Law and had a second server running K12LTSP 5.0EL to use for my demo! It worked like a charm (thank you, Eric!!). To save face, I blamed the hardware and still talked up Edubuntu. Later, after everyone had left, I tried out K12LTSP 5.0EL on the exact same hardware as the Edubuntu Feisty setup. Everything worked perfectly. Looks like the hardware's good after all. I like what the Edubuntu project is doing, and I *love* both Ubuntu Server and Kubuntu Desktop. Heck, I like Edubuntu as a desktop! But for now, the K12LTSP "EL" releases seem to be the most solid ones for actual LTSP deployments. I simply can't take the risk of that happening again. Especially in front of decision-makers. Maybe it'll be better with Gutsy or Hardy. I'll give both a fair shot. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From les at futuresource.com Fri Oct 12 17:28:35 2007 From: les at futuresource.com (Les Mikesell) Date: Fri, 12 Oct 2007 12:28:35 -0500 Subject: [K12OSN] LTSP5 In-Reply-To: <1192206154.28176.0.camel@cube.tobyhouse.com> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> <470EC326.6000102@scheie.homedns.org> <470ED27A.4080505@McQuil.com> <1192206154.28176.0.camel@cube.tobyhouse.com> Message-ID: <470FAEC3.1020208@futuresource.com> Craig White wrote: >> >> While K12LTSP is an awesome distro, the LTSP that's in it is starting to >> show its age. > ---- > even though I've always been a Red Hat / Fedora / CentOS user, I would > have no qualms about switching over to Ubuntu for LTSP. Just keep in mind that Eric has been building K12LTSP releases since at least 2002 and they usually 'just work'. It may take the other guys a while to catch up. -- Les Mikesell lesmikesell at gmail.com From microman at cmosnetworks.com Fri Oct 12 18:06:07 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 12 Oct 2007 14:06:07 -0400 Subject: [K12OSN] LTSP5 In-Reply-To: <470FAEC3.1020208@futuresource.com> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> <470EC326.6000102@scheie.homedns.org> <470ED27A.4080505@McQuil.com> <1192206154.28176.0.camel@cube.tobyhouse.com> <470FAEC3.1020208@futuresource.com> Message-ID: <470FB78F.1040703@cmosnetworks.com> Les Mikesell wrote: > Craig White wrote: >>> >>> While K12LTSP is an awesome distro, the LTSP that's in it is >>> starting to show its age. >> ---- >> even though I've always been a Red Hat / Fedora / CentOS user, I would >> have no qualms about switching over to Ubuntu for LTSP. > > Just keep in mind that Eric has been building K12LTSP releases since > at least 2002 and they usually 'just work'. It may take the other > guys a while to catch up. > Oh, you're quite correct. That was kinda the point of my last post. When Edubuntu does catch up--and I expect that they will--it'll be pretty slick indeed. I do look forward to trying out the goodies in LTSP 5 when I get some time. The latter has been in scarce supply over the last year.... --TP From microman at cmosnetworks.com Fri Oct 12 18:23:00 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 12 Oct 2007 14:23:00 -0400 Subject: [K12OSN] LTSP5 In-Reply-To: <470EC326.6000102@scheie.homedns.org> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> <470EC326.6000102@scheie.homedns.org> Message-ID: <470FBB84.1000107@cmosnetworks.com> I'm with you, Peter. My current one at home runs K12LTSP 4.2EL. Why not 5.0? Because it still works, and it's rock-solid. All I do is update OpenOffice.org to the latest version (OO.o provides both RPM's and DEB's), and then I might as well be running CentOS 5 anyway, for my purposes. Yum Update takes care of the rest. "If it ain't broke yet, no need to fix it." That said, new deployments do get 5.0EL, and that's what I demo, since that's the latest EL version. ERIC, U R DA MAN! --TP Peter Scheie wrote: > Actually, a beta version of K12LTSP7, based on Fedora 7, is available > at ftp://k12linux.mesd.k12.or.us/pub/K12LTSP/testing/7.0.0-32bit/iso > and has been since July or so. The problem is that K12LTSP is largely > the result of one man's efforts, Eric, and the time he can devote to > it varies. > > While LTSP development is focused on LTSP 5, I would argue that > there's not a significant benefit *to users* of version 5 over version > 4.2. Therefore, in many (most?) cases, K12LTSP 6, based on LTSP 4.2 > and Fedora 6, or K12LTSP-5EL, based on LTSP 4.2 and Centos5, is just > fine, and can actually perform better in some areas such as client > boot time. Lately, I've been sticking with vesion 5EL because it's > got long-term support, and I don't see any compelling advantage to > LTSP 5 yet. LTSP 5 is the future, and I watch it closely, but I don't > think users will notice much if any difference. Others may disagree > with me, and that's okay. ;-) > > Peter > > monteslu at cox.net wrote: >> Fedora 8 is out in less than a month. If there's going to be another >> k12 ltsp4.x-based release it would seem like a waste to use fedora 7. >> >> Luis >> >> ---- Krsnendu dasa wrote: >>> What about K12LTSP 7? >>> >>> On 12/10/2007, Jim McQuillan wrote: >>>> >>>> >>>> Craig White wrote: >>>>> On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: >>>>>> Has there been any development toward implementing LTSP5 in >>>>>> Fedora? >>>>>> Ubuntu has done a good job of active integration, and, being a >>>>>> Fedora >>>>>> fan, I would like to be able to continue to use LTSP as Fedora >>>>>> matures. >>>>>> It seems to me like, with the wealth of knowledge available through >>>> this >>>>>> list, we ought to be able to throw together a small team to at least >>>>>> have a look at the problem, but if there is a push already in >>>>>> progress >>>>>> then I'd like to know - I wouldn't want to duplicate work. >>>>>> >>>>>> Any takers? >>>>> ---- >>>>> the uptake that I had on irc with the developers is that they are >>>>> solely >>>>> concentrated on Ubuntu. >>>> Because this really can't be done without the cooperation with the >>>> distro team, and so far, Ubuntu is the only distro that has stepped up >>>> and provided access and commitment from their developers. >>>> >>>> Fedora talks about it, but so far hasn't provided any help. >>>> >>>> OpenSuse is definately making some headway with the kiwi-ltsp stuff. >>>> Still, I don't think they are getting much traction within the >>>> distro tho. >>>> >>>> Believe me, if distro folks would come into the IRC channel, we'd be >>>> glad to work with them to get LTSP-5 working. >>>> >>>> Jim McQuillan >>>> jam at Ltsp.org >>>> >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >>>> >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From rowens at ptd.net Fri Oct 12 19:15:29 2007 From: rowens at ptd.net (Rob Owens) Date: Fri, 12 Oct 2007 15:15:29 -0400 Subject: [K12OSN] same name for local and ldap users Message-ID: <20071012191529.GB5322@junker.owens.net> After installing ldap using the smbldap-installer, I have noticed that I am able to create ldap users with the same username as my local (/etc/passwd) users. The local user and the ldap user can have different passwords, but seem to have access to the same files based on their username. I'm not sure if this is a bug or a feature. If it's a feature I'd like to use it on my laptop, so I can log in with the same username and have access to all my local whether I'm "on the network" or not. So does anybody know if it is recommended/acceptable to do what I'm talking about? -Rob From craig at tobyhouse.com Fri Oct 12 19:26:14 2007 From: craig at tobyhouse.com (Craig White) Date: Fri, 12 Oct 2007 12:26:14 -0700 Subject: [K12OSN] same name for local and ldap users In-Reply-To: <20071012191529.GB5322@junker.owens.net> References: <20071012191529.GB5322@junker.owens.net> Message-ID: <1192217174.28176.6.camel@cube.tobyhouse.com> On Fri, 2007-10-12 at 15:15 -0400, Rob Owens wrote: > After installing ldap using the smbldap-installer, I have noticed that I am able to create ldap users with the same username as my local (/etc/passwd) users. The local user and the ldap user can have different passwords, but seem to have access to the same files based on their username. I'm not sure if this is a bug or a feature. If it's a feature I'd like to use it on my laptop, so I can log in with the same username and have access to all my local whether I'm "on the network" or not. > > So does anybody know if it is recommended/acceptable to do what I'm talking about? ---- Not recommended...each user would likely have different uid/gid's and there would be an element of unpredictability. Overlapping uid's/gid's would break security. -- Craig White From rowens at ptd.net Fri Oct 12 19:40:35 2007 From: rowens at ptd.net (Rob Owens) Date: Fri, 12 Oct 2007 15:40:35 -0400 Subject: [K12OSN] same name for local and ldap users In-Reply-To: <1192217174.28176.6.camel@cube.tobyhouse.com> References: <20071012191529.GB5322@junker.owens.net> <1192217174.28176.6.camel@cube.tobyhouse.com> Message-ID: <20071012194035.GA7103@junker.owens.net> On Fri, Oct 12, 2007 at 12:26:14PM -0700, Craig White wrote: > On Fri, 2007-10-12 at 15:15 -0400, Rob Owens wrote: > > After installing ldap using the smbldap-installer, I have noticed that I am able to create ldap users with the same username as my local (/etc/passwd) users. The local user and the ldap user can have different passwords, but seem to have access to the same files based on their username. I'm not sure if this is a bug or a feature. If it's a feature I'd like to use it on my laptop, so I can log in with the same username and have access to all my local whether I'm "on the network" or not. > > > > So does anybody know if it is recommended/acceptable to do what I'm talking about? > ---- > Not recommended...each user would likely have different uid/gid's and > there would be an element of unpredictability. Overlapping uid's/gid's > would break security. > Thanks Craig. I recall seeing your post arguing against having a root account in ldap for the same reasons. With regards to my laptop, how can I ensure if I save something to the local hard drive as my ldap user that my local user can access it (for when I'm on the road)? Group access wouldn't seem to work since the ldap group would be unknown to the local machine if no ldap authentication has occurred. -Rob From craig at tobyhouse.com Fri Oct 12 20:27:53 2007 From: craig at tobyhouse.com (Craig White) Date: Fri, 12 Oct 2007 13:27:53 -0700 Subject: [K12OSN] same name for local and ldap users In-Reply-To: <20071012194035.GA7103@junker.owens.net> References: <20071012191529.GB5322@junker.owens.net> <1192217174.28176.6.camel@cube.tobyhouse.com> <20071012194035.GA7103@junker.owens.net> Message-ID: <1192220873.28176.11.camel@cube.tobyhouse.com> On Fri, 2007-10-12 at 15:40 -0400, Rob Owens wrote: > On Fri, Oct 12, 2007 at 12:26:14PM -0700, Craig White wrote: > > On Fri, 2007-10-12 at 15:15 -0400, Rob Owens wrote: > > > After installing ldap using the smbldap-installer, I have noticed that I am able to create ldap users with the same username as my local (/etc/passwd) users. The local user and the ldap user can have different passwords, but seem to have access to the same files based on their username. I'm not sure if this is a bug or a feature. If it's a feature I'd like to use it on my laptop, so I can log in with the same username and have access to all my local whether I'm "on the network" or not. > > > > > > So does anybody know if it is recommended/acceptable to do what I'm talking about? > > ---- > > Not recommended...each user would likely have different uid/gid's and > > there would be an element of unpredictability. Overlapping uid's/gid's > > would break security. > > > > Thanks Craig. I recall seeing your post arguing against having a root account in ldap for the same reasons. > > With regards to my laptop, how can I ensure if I save something to the local hard drive as my ldap user that my local user can access it (for when I'm on the road)? Group access wouldn't seem to work since the ldap group would be unknown to the local machine if no ldap authentication has occurred. ---- I guess I am a bit confused... a local user would normally have his home directory in /home/$USER - I always put LDAP users $HOME directories in an nfs mount - i.e. /home/storage/users/$USER and that NFS mount wouldn't be available if not connected to the network. If the LDAP user and the local user were going to try to use the same $HOME directory, you might as well assign them to the same uid - but I can tell you that I haven't considered the impact of the methodology other than it is a single machine philosophy. -- Craig White From rowens at ptd.net Fri Oct 12 20:48:11 2007 From: rowens at ptd.net (Rob Owens) Date: Fri, 12 Oct 2007 16:48:11 -0400 Subject: [K12OSN] same name for local and ldap users In-Reply-To: <1192220873.28176.11.camel@cube.tobyhouse.com> References: <20071012191529.GB5322@junker.owens.net> <1192217174.28176.6.camel@cube.tobyhouse.com> <20071012194035.GA7103@junker.owens.net> <1192220873.28176.11.camel@cube.tobyhouse.com> Message-ID: <20071012204811.GA10239@junker.owens.net> On Fri, Oct 12, 2007 at 01:27:53PM -0700, Craig White wrote: > On Fri, 2007-10-12 at 15:40 -0400, Rob Owens wrote: > > On Fri, Oct 12, 2007 at 12:26:14PM -0700, Craig White wrote: > > > On Fri, 2007-10-12 at 15:15 -0400, Rob Owens wrote: > > > > After installing ldap using the smbldap-installer, I have noticed that I am able to create ldap users with the same username as my local (/etc/passwd) users. The local user and the ldap user can have different passwords, but seem to have access to the same files based on their username. I'm not sure if this is a bug or a feature. If it's a feature I'd like to use it on my laptop, so I can log in with the same username and have access to all my local whether I'm "on the network" or not. > > > > > > > > So does anybody know if it is recommended/acceptable to do what I'm talking about? > > > ---- > > > Not recommended...each user would likely have different uid/gid's and > > > there would be an element of unpredictability. Overlapping uid's/gid's > > > would break security. > > > > > > > Thanks Craig. I recall seeing your post arguing against having a root account in ldap for the same reasons. > > > > With regards to my laptop, how can I ensure if I save something to the local hard drive as my ldap user that my local user can access it (for when I'm on the road)? Group access wouldn't seem to work since the ldap group would be unknown to the local machine if no ldap authentication has occurred. > ---- > I guess I am a bit confused... a local user would normally have his home > directory in /home/$USER - I always put LDAP users $HOME directories in > an nfs mount - i.e. /home/storage/users/$USER and that NFS mount > wouldn't be available if not connected to the network. > > If the LDAP user and the local user were going to try to use the same > $HOME directory, you might as well assign them to the same uid - but I > can tell you that I haven't considered the impact of the methodology > other than it is a single machine philosophy. > For all wire-networked computers, /home would be on an NFS share. But for the laptop, I can't do that because it makes the laptop useless off of the network. So I'll have a local /home and an NFS-mounted /mnt/otherhome. At least that is my plan. Currently I do something similar using sshfs to mount "otherhome". Most stuff gets saved in the sshfs-mounted "otherhome", but if I know I'll need something when I'm on the road I'll copy or move it to the local /home. Again, my issue is how do I make sure that my local "on the road" user can access files that he saved to local /home while he was authenticated using ldap. Thanks for your help. -Rob From craig at tobyhouse.com Fri Oct 12 21:05:57 2007 From: craig at tobyhouse.com (Craig White) Date: Fri, 12 Oct 2007 14:05:57 -0700 Subject: [K12OSN] same name for local and ldap users In-Reply-To: <20071012204811.GA10239@junker.owens.net> References: <20071012191529.GB5322@junker.owens.net> <1192217174.28176.6.camel@cube.tobyhouse.com> <20071012194035.GA7103@junker.owens.net> <1192220873.28176.11.camel@cube.tobyhouse.com> <20071012204811.GA10239@junker.owens.net> Message-ID: <1192223157.28176.23.camel@cube.tobyhouse.com> On Fri, 2007-10-12 at 16:48 -0400, Rob Owens wrote: > On Fri, Oct 12, 2007 at 01:27:53PM -0700, Craig White wrote: > > On Fri, 2007-10-12 at 15:40 -0400, Rob Owens wrote: > > > On Fri, Oct 12, 2007 at 12:26:14PM -0700, Craig White wrote: > > > > On Fri, 2007-10-12 at 15:15 -0400, Rob Owens wrote: > > > > > After installing ldap using the smbldap-installer, I have noticed that I am able to create ldap users with the same username as my local (/etc/passwd) users. The local user and the ldap user can have different passwords, but seem to have access to the same files based on their username. I'm not sure if this is a bug or a feature. If it's a feature I'd like to use it on my laptop, so I can log in with the same username and have access to all my local whether I'm "on the network" or not. > > > > > > > > > > So does anybody know if it is recommended/acceptable to do what I'm talking about? > > > > ---- > > > > Not recommended...each user would likely have different uid/gid's and > > > > there would be an element of unpredictability. Overlapping uid's/gid's > > > > would break security. > > > > > > > > > > Thanks Craig. I recall seeing your post arguing against having a root account in ldap for the same reasons. > > > > > > With regards to my laptop, how can I ensure if I save something to the local hard drive as my ldap user that my local user can access it (for when I'm on the road)? Group access wouldn't seem to work since the ldap group would be unknown to the local machine if no ldap authentication has occurred. > > ---- > > I guess I am a bit confused... a local user would normally have his home > > directory in /home/$USER - I always put LDAP users $HOME directories in > > an nfs mount - i.e. /home/storage/users/$USER and that NFS mount > > wouldn't be available if not connected to the network. > > > > If the LDAP user and the local user were going to try to use the same > > $HOME directory, you might as well assign them to the same uid - but I > > can tell you that I haven't considered the impact of the methodology > > other than it is a single machine philosophy. > > > > For all wire-networked computers, /home would be on an NFS share. But for the laptop, I can't do that because it makes the laptop useless off of the network. So I'll have a local /home and an NFS-mounted /mnt/otherhome. At least that is my plan. > > Currently I do something similar using sshfs to mount "otherhome". Most stuff gets saved in the sshfs-mounted "otherhome", but if I know I'll need something when I'm on the road I'll copy or move it to the local /home. > > Again, my issue is how do I make sure that my local "on the road" user can access files that he saved to local /home while he was authenticated using ldap. > > Thanks for your help. ---- I think that you create all sorts of issues by having nfs mount /home ... I always have it mount in a subdirectory or somewhere else altogether. as for local user and ldap user...there are all sorts of tools like rsync... -- Craig White From scott at hosef.org Fri Oct 12 21:43:12 2007 From: scott at hosef.org (R. Scott Belford) Date: Fri, 12 Oct 2007 11:43:12 -1000 Subject: [K12OSN] LTSP5 In-Reply-To: <470ED27A.4080505@McQuil.com> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> <470EC326.6000102@scheie.homedns.org> <470ED27A.4080505@McQuil.com> Message-ID: <470FEA70.3060901@hosef.org> Jim McQuillan wrote: > LTSP-5 is going to give you cool things like the latest version of Xorg. > LTSP-4.2 is stuck back in the world of Xorg-6.9. By today's standards > thats old stuff. If you are using older hardware, LTSP-4.2 is great. If > you have newer thin clients, based on newer chipsets, your only hope > might be LTSP-5. This is outstanding, Jim. Will LTSP-5 be as good as LTSP-4.2 with older hardware? > > the LTSP-5 in Ubuntu Gutsy, which will be released next week is WAY > better than any previous releases. It addresses the boot-time and > run-time performance issues. It has awesome local device support, audio > support, secure login and a bunch more features. The boot time improvement sounds great. The initial reaction from a few teachers migrating from the K12 to EDU7.04 for LTSP services has been - wow, it loads a lot slower, but it runs as well. We are anticipating the release of 7.10. From what I have seen so from early downloads is that, like frosted lucky charms, it's magically delicious. > > While K12LTSP is an awesome distro, the LTSP that's in it is starting to > show its age. > > Jim McQuillan > jam at Ltsp.org --scott From dahopkins429 at gmail.com Fri Oct 12 23:06:58 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Fri, 12 Oct 2007 19:06:58 -0400 Subject: [K12OSN] Moving the primary LDAP/PDC functions Message-ID: I have been trying to figure out how to move the primary LDAP/PDC server to a system which only acts as the LDAP/SMB PDC. My biggest concern is that I will have to rejoin all the Windows machines to the domain, and also have other DOMAIN related issues. What I have tried is to use the smbldap-installer scripts. Since I am using CentOS5, the script doesn't quite work for installing the correct rpms. It uses the dag repositories. However, I removed the dag rpms and replaced them with rpmforge rpms for those packages. At that point, I had all the required packages installed. Then, I used net getlocalsid on the existing LDAP/PDC to get the DOMAIN sid. I then used net setlocalsid on the system that is to become the new PDC. Finally, I ran smbldap-configure to enter the rest of the information. In particular, I gave the new system the same DOMAIN information. I have run slapcat on the existing LDAP server with the intent of importing everything to the new server, but I have duplicate entries. If I delete the ldif entries from the slapcat'ed file that are the same as what the smbldap-installer script created and then sladadd what is left, this should leave me with a new system that can act as the new LDAP/SMB PDC. I checked the DOMAIN ldif info and it looks the same. I tested with one account, and I can log in on Linux with it. Without activating smb though, I can't verify the Windows login. So, before I do this, I wanted to ask the list if they see anything wrong with this approach, or is there a simpler approach? For instance, I have a slave ldap server running as well. Is it possible to just make the slave become the master, and also make it the PDC server as well? In this case, moving the ldap/pdc is just creating a slave replica and promoting it. I haven't seen any notes on how to do this though. Sincerely, Dave Hopkins -------------- next part -------------- An HTML attachment was scrubbed... URL: From craig at tobyhouse.com Fri Oct 12 23:17:53 2007 From: craig at tobyhouse.com (Craig White) Date: Fri, 12 Oct 2007 16:17:53 -0700 Subject: [K12OSN] Moving the primary LDAP/PDC functions In-Reply-To: References: Message-ID: <1192231074.28176.35.camel@cube.tobyhouse.com> On Fri, 2007-10-12 at 19:06 -0400, David Hopkins wrote: > I have been trying to figure out how to move the primary LDAP/PDC > server to a system which only acts as the LDAP/SMB PDC. My biggest > concern is that I will have to rejoin all the Windows machines to the > domain, and also have other DOMAIN related issues. > > What I have tried is to use the smbldap-installer scripts. Since I am > using CentOS5, the script doesn't quite work for installing the > correct rpms. It uses the dag repositories. However, I removed the dag > rpms and replaced them with rpmforge rpms for those packages. At that > point, I had all the required packages installed. Then, I used net > getlocalsid on the existing LDAP/PDC to get the DOMAIN sid. I then > used net setlocalsid on the system that is to become the new PDC. > Finally, I ran smbldap-configure to enter the rest of the information. > In particular, I gave the new system the same DOMAIN information. > > I have run slapcat on the existing LDAP server with the intent of > importing everything to the new server, but I have duplicate entries. > If I delete the ldif entries from the slapcat'ed file that are the > same as what the smbldap-installer script created and then sladadd > what is left, this should leave me with a new system that can act as > the new LDAP/SMB PDC. I checked the DOMAIN ldif info and it looks the > same. I tested with one account, and I can log in on Linux with it. > Without activating smb though, I can't verify the Windows login. > > So, before I do this, I wanted to ask the list if they see anything > wrong with this approach, or is there a simpler approach? For > instance, I have a slave ldap server running as well. Is it possible > to just make the slave become the master, and also make it the PDC > server as well? In this case, moving the ldap/pdc is just creating a > slave replica and promoting it. I haven't seen any notes on how to do > this though. ---- dag/rpmforge... # rpm -q smbldap-tools smbldap-tools-0.9.4-1.el5.rf I would clean out whatever you have in abortive attempts of importing and slapadd the whole enchilada from a slapcat on the current ldap server...shouldn't be all that difficult. That would prevent having to re-join Windows workstations. I would think that the first thing to do would be to set up smb.conf on the new system as a BDC (primary master = no), then join that system to the domain...then slapcat, then slapadd on the new system, change smb.conf on the new system and restart samba on the new system. Obviously you have to set up smbldap-tools properly on the new system as well. -- Craig White From dyoung at mesd.k12.or.us Fri Oct 12 23:19:41 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Fri, 12 Oct 2007 16:19:41 -0700 Subject: [K12OSN] LTSP5 In-Reply-To: <470ED27A.4080505@McQuil.com> References: <20071011155529.HT03D.160389.root@fed1wml09.mgt.cox.net> <470EC326.6000102@scheie.homedns.org> <470ED27A.4080505@McQuil.com> Message-ID: <994441ae0710121619g736f8e21yf7e2443dbe232aa1@mail.gmail.com> On 10/11/07, Jim McQuillan wrote: > While K12LTSP is an awesome distro, the LTSP that's in it is starting to > show its age. http://wtogami.livejournal.com/19365.html -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From mrjohnlucas at gmail.com Fri Oct 12 23:36:33 2007 From: mrjohnlucas at gmail.com (John Lucas) Date: Fri, 12 Oct 2007 19:36:33 -0400 Subject: [K12OSN] Moving the primary LDAP/PDC functions In-Reply-To: References: Message-ID: <200710121936.33901.MrJohnLucas@gmail.com> Below are my notes on getting the smbldap-installer scripts to work on K12LTSP-5EL (CentOS5). They might be helpful: ============================================================================ All testing was done using K12LTSP-5EL (based on CentOS 5) and smbldap-installer script v3.1.1. The server was a virtual machine running under VMWare Server v1.0.2. The client tested was an Intel Mac Mini with 512MB of RAM and Mac OS X 10.4.10. All commands are performed as root, and the LDAP manager password must be known. The "smbldap-installer" scripts referred to are by Matt Oquist and David Trask (http://majen.net/smbldap/) 1. Once authentication is switched to LDAP, system boot hangs when the "system message bus" attempts to initialize. This seems to be related to authorization being required prior to LDAP being launched. The fix is to delay loading the "messagebus" service until *after* LDAP loads. This is most easily accomplished thus: chkconfig --level 35 messagebus on chkconfig --level 24 messagebus off cd /etc/rc.d/rc5.d ; mv S22messagebus S28messagebus cd /etc/rc.d/rc3.d ; mv S22messagebus S28messagebus The "ldap" service is S27. *WARNING* You need to make sure that messagebus is "on" (with chkconfig) *before* any manual changes (like renaming) are performed, since chkconfig will set it back to the default start order (S22) *every time* it is run. Running chkconfig to change the runtime status of messagbus will require renaming the links again. 2. As many of the smbldap-installer dependancies were pre-installed manually (actually I created a simple script) prior to running the script to avoid version conflicts that would prevent the script from completing successfully. Make certain that your "/etc/yum.reposd.d/k12ltsp-rpmforge.repo" is enabled *before* running the "smbldap-prep.sh" script, since most of what is needed is in that repository. I used "smbldap-configure" instead of "./smbldap all". This was done because the latest version of CentOS automatically supported by the script is 4.4, in future this step may not be needed. A list of pre-installed packages (from the yum log) is in Appendix A. 2a. After running "smbldap-configure" I discovered that the LDAP tree was missing a vital object. To correct this bug, I manually created an LDIF file with the needed object (NextFreeUnixId) and added it with the commands: service ldap restart ldapadd -x -W -D "cn=Manager,dc=ascs,dc=net" -f fix-ldap.ldif You will be prompted for the LDAP password that you used during the "smbldap-configure" step. The object is required to record and supply the the next "uid" and "gid" numbers when creating new users and groups. The values are incremented and stored in the object. Without fixing the LDAP tree, no new users or groups can be created. A sample LDIF file with the object is listed in Appendix B. The sample will need to be edited to match your domain. 3. It is important to realize that "local" users on both server and client do not appear in the LDAP tree and that means that you can have duplicate user names (local and net users), causing confusion. Better would be to limit local accounts to special administrative users only; people should be in LDAP. 4. Basic authentication of net users on the Mac client works great and the user's home directory is automatically created on first login. Network users (LDAP) have their home directories in "/home", while local Mac users are under "/Users". It's a good idea to keep the net users separate from local users. Later /home will become and NFS filesystem mount point (I hope). Create the "/home" directory on the Mac before letting net users login. 5. Groups defined in LDAP are recognized by the Mac. By default groups are LDAP "posixGroup" objects. 6. It is important when creating groups (on the LDAP server) to use the "-a" flag to "smbldap-groupadd" to allow the same groups to be used by Samba, and therefore Windows domain clients. This is also useful for Mac users, since this allows them to access their home directories on the Samba/LDAP server so they can backup their files. 7. The biggest surprise was discovering that Mac OS X treats all directories as if the group "sticky bit" were set: files created in a directory inherit group ownership from their parent directory. I feel uneasy about this behavior since it is counter to all my Unix/Linux experience. For this reason, I created a unique group ("scholars") in LDAP to "own" the /home directory on the Mac: mkdir /home chgrp scholars /home chmod 1777 /home It makes me feel better to see directories owned by the unprivleged "scholars" instead of the privleged "admin" (the default). It may not make any real difference, but I don't claim to be perfectly rational. The groups assigned to the users in LDAP *are* valid and read/write/execute privleges are determined by them, but by default group ownership is inherited from the parent directory. BTW this is true of local Mac users too. If/when the /home partition is mounted via NFS from the smbldap server, all permissions should come set up correctly from the Linux server already created and ready to go. 8. SSL can be used with LDAP *if* slapd.conf has valid certificates installed. It is important to *not* disable clear text passwords; they are protected in an encrypted SSL tunnel. 8a. A side effect of running the "smbldap-configure" script is that it generates a certificate/key pair for the "slapd" daemon. There are several steps to turn on TLS/SSL for LDAP: change permissions and ownership of two files, and edit the /etc/openldap/slapd.conf file. Both the certificate and key files have to be readable by the user "ldap", the certificate needs to be world readable. The files needed are in /etc/pkt/tls/certs. Here are the steps needed to prepare TLS/SSL: mkdir /etc/openldap/certs cd /etc/pki/tls/certs cp ca-bundle.crt /etc/openldap/certs cp slapd.pem /etc/openldap/certs cd /etc/openldap/certs chmod 444 ca-bundle.crt At this point, I used the "jstar" text editor to split "slapd.pem" into two separate files, one containing the key (slapd-key.pem) and one containing the certificate (slapd-cert.pem) using the block-write commands. This was done so that the proper permissions could be used. After creating the two files I performed the following steps: chmod 400 slapd-key.pem chmod 444 slapd-cert.pem rm slapd.pem chown -R ldap:ldap /etc/openldap/certs Now edit the /etc/openldap/slapd.conf file and change the three "TLS" paths to look like this: TLSCACertificateFile /etc/openldap/certs/ca-bundle.crt TLSCertificateFile /etc/openldap/certs/slapd-cert.pem TLSCertificateKeyFile /etc/openldap/certs/slapd-key.pem Then restart the ldap service: service ldap restart Now SSL can be used on LDAP transport. 9. Functional groups (e.g. "teachers" and "students" etc.) should be assigned at account creation time (on the LDAP server). The default group for smbldap is "Domain Users" for everyone. To ease correct account creation, I will write some simple "wrappers" for the smbldap commands to standardize the accounts. One wrapper for each functional group is probably the right approach. I have been using something like: smbldap-useradd -a -m -P -c "John Lucas" -g teachers jlucas It would be nice to populate the "givenName", "sn" and "cn" LDAP attributes in order to make a better "white pages". So I am thinking of creating a wrapper that takes the firstname and lastname and ID as arguments and does something like this: smbldap-useradd -a -m -P -N John -S Lucas -c "John Lucas" -g teachers jlucas 10. In order to have all this great stuff work, you need to configure the two directory services (LDAP and SMB) on each Mac workstation. This is done with the "Directory Access" utility on each Mac. Add the LDAP server as a new ldapv3 directory, making sure to enable clear text passwords in the security section and enable SSL for transport encryption; these changes are made in the "Security" section. It is useful to allow SMB/CIFS access too. This enables the user to connect to her server-based "home" folder and copy to/from the local workstation's home folder for backup and mobility reasons, when not mounting /home from the server on the workstation. This is also done in the "Directory Access" utility and configuring the "SMB/CIFS" entry and adding the domain name and the address of the WINS server (the smbldap server). Home folders are not automatically connected, but are available from the "Network" icon in the Finder sidebar. Appendix A: Yum log listing of pre-installed dependancy packages Apr 25 10:33:51 Installed: perl-Net-SSLeay.i386 1.30-4.fc6 Apr 25 10:33:52 Installed: perl-IO-Socket-SSL.noarch 1.01-1.fc6 Apr 25 10:34:08 Installed: libtool-ltdl.i386 1.5.22-6.1 Apr 25 10:34:09 Installed: perl-XML-NamespaceSupport.noarch 1.09-1.2.1 Apr 25 10:34:10 Installed: perl-XML-SAX.noarch 0.14-5 Apr 25 10:34:11 Installed: perl-Convert-ASN1.noarch 0.20-1.1 Apr 25 10:34:12 Installed: perl-HTML-Tagset.noarch 3.10-2.1.1 Apr 25 10:34:13 Installed: perl-HTML-Parser.i386 3.55-1.fc6 Apr 25 10:34:14 Installed: perl-Compress-Zlib.i386 1.42-1.fc6 Apr 25 10:34:17 Installed: perl-libwww-perl.noarch 5.805-1.1.1 Apr 25 10:34:36 Installed: samba.i386 3.0.23c-2.el5.2 Apr 25 10:34:37 Installed: perl-Crypt-SSLeay.i386 0.51-11.el5 Apr 25 10:34:45 Installed: openldap-servers.i386 2.3.27-5 Apr 25 10:34:46 Installed: openldap-clients.i386 2.3.27-5 Apr 25 10:34:49 Installed: perl-LDAP.noarch 1:0.33-3.fc6 Apr 25 10:34:49 Installed: perl-Digest-SHA1.i386 2.11-1.2.1 Apr 25 11:14:26 Installed: perl-Digest-HMAC.noarch 1.01-15 Apr 25 11:14:27 Installed: perl-GSSAPI.i386 0.23-1.el5.rf Apr 25 11:14:28 Installed: perl-Authen-SASL.noarch 2.10-1.el5.rf Apr 25 11:14:30 Installed: perl-Net-LDAP.noarch 0.3202-1.2.el5.rf Apr 25 11:15:06 Installed: smbldap-tools.noarch 0.9.1-1.2.el5.rf Appendix B Listing of "fix-ldap.ldif" dn: cn=NextFreeUnixId,dc=ascs,dc=net objectClass: inetOrgPerson objectClass: sambaUnixIdPool cn: NextFreeUnixId sn: NextFreeUnixId gidNumber: 10001 uidNumber: 10001 =========================================================================== On Friday 12 October 2007 19:06, David Hopkins wrote: > I have been trying to figure out how to move the primary LDAP/PDC server to > a system which only acts as the LDAP/SMB PDC. My biggest concern is that I > will have to rejoin all the Windows machines to the domain, and also have > other DOMAIN related issues. > > What I have tried is to use the smbldap-installer scripts. Since I am > using CentOS5, the script doesn't quite work for installing the correct > rpms. It uses the dag repositories. However, I removed the dag rpms and > replaced them with rpmforge rpms for those packages. At that point, I had > all the required packages installed. Then, I used net getlocalsid on the > existing LDAP/PDC to get the DOMAIN sid. I then used net setlocalsid on > the system that is to become the new PDC. Finally, I ran smbldap-configure > to enter the rest of the information. In particular, I gave the new system > the same DOMAIN information. > > I have run slapcat on the existing LDAP server with the intent of importing > everything to the new server, but I have duplicate entries. If I delete the > ldif entries from the slapcat'ed file that are the same as what the > smbldap-installer script created and then sladadd what is left, this should > leave me with a new system that can act as the new LDAP/SMB PDC. I checked > the DOMAIN ldif info and it looks the same. I tested with one account, and > I can log in on Linux with it. Without activating smb though, I can't > verify the Windows login. > > So, before I do this, I wanted to ask the list if they see anything wrong > with this approach, or is there a simpler approach? For instance, I have a > slave ldap server running as well. Is it possible to just make the slave > become the master, and also make it the PDC server as well? In this case, > moving the ldap/pdc is just creating a slave replica and promoting it. I > haven't seen any notes on how to do this though. > > Sincerely, > Dave Hopkins -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From craig at tobyhouse.com Fri Oct 12 23:53:44 2007 From: craig at tobyhouse.com (Craig White) Date: Fri, 12 Oct 2007 16:53:44 -0700 Subject: [K12OSN] Moving the primary LDAP/PDC functions In-Reply-To: <200710121936.33901.MrJohnLucas@gmail.com> References: <200710121936.33901.MrJohnLucas@gmail.com> Message-ID: <1192233224.28176.44.camel@cube.tobyhouse.com> On Fri, 2007-10-12 at 19:36 -0400, John Lucas wrote: > Below are my notes on getting the smbldap-installer scripts to work on > K12LTSP-5EL (CentOS5). They might be helpful: > > ============================================================================ > All testing was done using K12LTSP-5EL (based on CentOS 5) and > smbldap-installer script v3.1.1. The server was a virtual machine running > under VMWare Server v1.0.2. The client tested was an Intel Mac Mini with 512MB > of RAM and Mac OS X 10.4.10. All commands are performed as root, and the LDAP > manager password must be known. The "smbldap-installer" scripts referred to > are by Matt Oquist and David Trask (http://majen.net/smbldap/) > > 1. Once authentication is switched to LDAP, system boot hangs when the "system > message bus" attempts to initialize. This seems to be related to authorization > being required prior to LDAP being launched. The fix is to delay loading the > "messagebus" service until *after* LDAP loads. This is most easily > accomplished thus: > > chkconfig --level 35 messagebus on > chkconfig --level 24 messagebus off > cd /etc/rc.d/rc5.d ; mv S22messagebus S28messagebus > cd /etc/rc.d/rc3.d ; mv S22messagebus S28messagebus > > The "ldap" service is S27. > > *WARNING* You need to make sure that messagebus is "on" (with chkconfig) > *before* any manual changes (like renaming) are performed, since chkconfig > will set it back to the default start order (S22) *every time* it is run. > Running chkconfig to change the runtime status of messagbus will require > renaming the links again ---- moving the messagebus links is messy and bad form. you could solve the issue much more simply by adding to /etc/ldap.conf... timelimit 30 bind_timelimit 30 bind_policy soft nss_initgroups_ignoreusers root,ldap ---- > > 2. As many of the smbldap-installer dependancies were pre-installed manually > (actually I created a simple script) prior to running the script to avoid > version conflicts that would prevent the script from completing successfully. > Make certain that your "/etc/yum.reposd.d/k12ltsp-rpmforge.repo" is enabled > *before* running the "smbldap-prep.sh" script, since most of what is needed is > in that repository. > > I used "smbldap-configure" instead of "./smbldap all". This was done because > the latest version of CentOS automatically supported by the script is 4.4, in > future this step may not be needed. A list of pre-installed packages (from the > yum log) is in Appendix A. > > 2a. After running "smbldap-configure" I discovered that the LDAP tree was > missing a vital object. To correct this bug, I manually created an LDIF file > with the needed object (NextFreeUnixId) and added it with the commands: > > service ldap restart > ldapadd -x -W -D "cn=Manager,dc=ascs,dc=net" -f fix-ldap.ldif > > You will be prompted for the LDAP password that you used during the > "smbldap-configure" step. The object is required to record and supply the the > next "uid" and "gid" numbers when creating new users and groups. The values > are incremented and stored in the object. Without fixing the LDAP tree, no > new users or groups can be created. A sample LDIF file with the object is > listed in Appendix B. The sample will need to be edited to match your domain. > > 3. It is important to realize that "local" users on both server and client do > not appear in the LDAP tree and that means that you can have duplicate user > names (local and net users), causing confusion. Better would be to limit local > accounts to special administrative users only; people should be in LDAP. > > 4. Basic authentication of net users on the Mac client works great and the > user's home directory is automatically created on first login. Network users > (LDAP) have their home directories in "/home", while local Mac users are under > "/Users". It's a good idea to keep the net users separate from local users. > Later /home will become and NFS filesystem mount point (I hope). Create the > "/home" directory on the Mac before letting net users login. > > 5. Groups defined in LDAP are recognized by the Mac. By default groups are > LDAP "posixGroup" objects. > > 6. It is important when creating groups (on the LDAP server) to use the "-a" > flag to "smbldap-groupadd" to allow the same groups to be used by Samba, and > therefore Windows domain clients. This is also useful for Mac users, since > this allows them to access their home directories on the Samba/LDAP server so > they can backup their files. > > 7. The biggest surprise was discovering that Mac OS X treats all directories > as if the group "sticky bit" were set: files created in a directory inherit > group ownership from their parent directory. I feel uneasy about this behavior > since it is counter to all my Unix/Linux experience. For this reason, I > created a unique group ("scholars") in LDAP to "own" the /home directory on > the Mac: > > mkdir /home > chgrp scholars /home > chmod 1777 /home > > It makes me feel better to see directories owned by the unprivleged "scholars" > instead of the privleged "admin" (the default). It may not make any real > difference, but I don't claim to be perfectly rational. The groups assigned to > the users in LDAP *are* valid and read/write/execute privleges are determined > by them, but by default group ownership is inherited from the parent > directory. BTW this is true of local Mac users too. > > If/when the /home partition is mounted via NFS from the smbldap server, all > permissions should come set up correctly from the Linux server already created > and ready to go. > > 8. SSL can be used with LDAP *if* slapd.conf has valid certificates installed. > It is important to *not* disable clear text passwords; they are protected in > an encrypted SSL tunnel. > > 8a. A side effect of running the "smbldap-configure" script is that it > generates a certificate/key pair for the "slapd" daemon. There are several > steps to turn on TLS/SSL for LDAP: change permissions and ownership of two > files, and edit the /etc/openldap/slapd.conf file. Both the certificate and > key files have to be readable by the user "ldap", the certificate needs to be > world readable. The files needed are in /etc/pkt/tls/certs. Here are the steps > needed to prepare TLS/SSL: > > mkdir /etc/openldap/certs > cd /etc/pki/tls/certs > cp ca-bundle.crt /etc/openldap/certs > cp slapd.pem /etc/openldap/certs > cd /etc/openldap/certs > chmod 444 ca-bundle.crt > > At this point, I used the "jstar" text editor to split "slapd.pem" into two > separate files, one containing the key (slapd-key.pem) and one containing the > certificate (slapd-cert.pem) using the block-write commands. This was done so > that the proper permissions could be used. After creating the two files I > performed the following steps: > > chmod 400 slapd-key.pem > chmod 444 slapd-cert.pem > rm slapd.pem > chown -R ldap:ldap /etc/openldap/certs > > Now edit the /etc/openldap/slapd.conf file and change the three "TLS" paths to > look like this: > > TLSCACertificateFile /etc/openldap/certs/ca-bundle.crt > TLSCertificateFile /etc/openldap/certs/slapd-cert.pem > TLSCertificateKeyFile /etc/openldap/certs/slapd-key.pem > > Then restart the ldap service: > > service ldap restart > > Now SSL can be used on LDAP transport. > > 9. Functional groups (e.g. "teachers" and "students" etc.) should be assigned > at account creation time (on the LDAP server). The default group for smbldap > is "Domain Users" for everyone. To ease correct account creation, I will > write some simple "wrappers" for the smbldap commands to standardize the > accounts. One wrapper for each functional group is probably the right > approach. I have been using something like: > > smbldap-useradd -a -m -P -c "John Lucas" -g teachers jlucas > > It would be nice to populate the "givenName", "sn" and "cn" LDAP attributes in > order to make a better "white pages". So I am thinking of creating a wrapper > that takes the firstname and lastname and ID as arguments and does something > like > this: > > smbldap-useradd -a -m -P -N John -S Lucas -c "John Lucas" -g teachers jlucas > > 10. In order to have all this great stuff work, you need to configure the two > directory services (LDAP and SMB) on each Mac workstation. This is done with > the "Directory Access" utility on each Mac. Add the LDAP server as a new > ldapv3 directory, making sure to enable clear text passwords in the security > section and enable SSL for transport encryption; these changes are made in the > "Security" section. > > It is useful to allow SMB/CIFS access too. This enables the user to connect to > her server-based "home" folder and copy to/from the local workstation's home > folder for backup and mobility reasons, when not mounting /home from the > server on the workstation. This is also done in the "Directory Access" utility > and configuring the "SMB/CIFS" entry and adding the domain name and the > address of the WINS server (the smbldap server). Home folders are not > automatically connected, but are available from the "Network" icon in the > Finder sidebar. > > > Appendix A: Yum log listing of pre-installed dependancy packages > > Apr 25 10:33:51 Installed: perl-Net-SSLeay.i386 1.30-4.fc6 > Apr 25 10:33:52 Installed: perl-IO-Socket-SSL.noarch 1.01-1.fc6 > Apr 25 10:34:08 Installed: libtool-ltdl.i386 1.5.22-6.1 > Apr 25 10:34:09 Installed: perl-XML-NamespaceSupport.noarch 1.09-1.2.1 > Apr 25 10:34:10 Installed: perl-XML-SAX.noarch 0.14-5 > Apr 25 10:34:11 Installed: perl-Convert-ASN1.noarch 0.20-1.1 > Apr 25 10:34:12 Installed: perl-HTML-Tagset.noarch 3.10-2.1.1 > Apr 25 10:34:13 Installed: perl-HTML-Parser.i386 3.55-1.fc6 > Apr 25 10:34:14 Installed: perl-Compress-Zlib.i386 1.42-1.fc6 > Apr 25 10:34:17 Installed: perl-libwww-perl.noarch 5.805-1.1.1 > Apr 25 10:34:36 Installed: samba.i386 3.0.23c-2.el5.2 > Apr 25 10:34:37 Installed: perl-Crypt-SSLeay.i386 0.51-11.el5 > Apr 25 10:34:45 Installed: openldap-servers.i386 2.3.27-5 > Apr 25 10:34:46 Installed: openldap-clients.i386 2.3.27-5 > Apr 25 10:34:49 Installed: perl-LDAP.noarch 1:0.33-3.fc6 > Apr 25 10:34:49 Installed: perl-Digest-SHA1.i386 2.11-1.2.1 > Apr 25 11:14:26 Installed: perl-Digest-HMAC.noarch 1.01-15 > Apr 25 11:14:27 Installed: perl-GSSAPI.i386 0.23-1.el5.rf > Apr 25 11:14:28 Installed: perl-Authen-SASL.noarch 2.10-1.el5.rf > Apr 25 11:14:30 Installed: perl-Net-LDAP.noarch 0.3202-1.2.el5.rf > Apr 25 11:15:06 Installed: smbldap-tools.noarch 0.9.1-1.2.el5.rf > > > Appendix B Listing of "fix-ldap.ldif" > > dn: cn=NextFreeUnixId,dc=ascs,dc=net > objectClass: inetOrgPerson > objectClass: sambaUnixIdPool > cn: NextFreeUnixId > sn: NextFreeUnixId > gidNumber: 10001 > uidNumber: 10001 > > =========================================================================== > > > On Friday 12 October 2007 19:06, David Hopkins wrote: > > I have been trying to figure out how to move the primary LDAP/PDC server to > > a system which only acts as the LDAP/SMB PDC. My biggest concern is that I > > will have to rejoin all the Windows machines to the domain, and also have > > other DOMAIN related issues. > > > > What I have tried is to use the smbldap-installer scripts. Since I am > > using CentOS5, the script doesn't quite work for installing the correct > > rpms. It uses the dag repositories. However, I removed the dag rpms and > > replaced them with rpmforge rpms for those packages. At that point, I had > > all the required packages installed. Then, I used net getlocalsid on the > > existing LDAP/PDC to get the DOMAIN sid. I then used net setlocalsid on > > the system that is to become the new PDC. Finally, I ran smbldap-configure > > to enter the rest of the information. In particular, I gave the new system > > the same DOMAIN information. > > > > I have run slapcat on the existing LDAP server with the intent of importing > > everything to the new server, but I have duplicate entries. If I delete the > > ldif entries from the slapcat'ed file that are the same as what the > > smbldap-installer script created and then sladadd what is left, this should > > leave me with a new system that can act as the new LDAP/SMB PDC. I checked > > the DOMAIN ldif info and it looks the same. I tested with one account, and > > I can log in on Linux with it. Without activating smb though, I can't > > verify the Windows login. > > > > So, before I do this, I wanted to ask the list if they see anything wrong > > with this approach, or is there a simpler approach? For instance, I have a > > slave ldap server running as well. Is it possible to just make the slave > > become the master, and also make it the PDC server as well? In this case, > > moving the ldap/pdc is just creating a slave replica and promoting it. I > > haven't seen any notes on how to do this though. > > > > Sincerely, > > Dave Hopkins > > -- > "History doesn't repeat itself; at best it rhymes." > - Mark Twain > > | John Lucas MrJohnLucas at gmail.com | > | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | > | 18.3?N, 65?W AST (UTC-4) | > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- Craig White From krsnendu108 at gmail.com Sat Oct 13 02:43:56 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Sat, 13 Oct 2007 15:43:56 +1300 Subject: [K12OSN] Re: [Ltsp-discuss] Fwd: Unsupported Crossover (Wine) app installed in managed mode only runs as root. In-Reply-To: <47067351.4070207@legalaid.mb.ca> References: <47067351.4070207@legalaid.mb.ca> Message-ID: Update: I put esd as the sound driver for Crossover. As a result: Root works fine on the thin clients with sound. The local user with administrative rights that was created at installation time works fine with sound. However: smbldap users don't work at all. another locally created user doesn't run properly. The program loads then freezes then works for a short while then freezes again. There is some sound. The rights for the main executable are root:root rwxr-xr-x I tried changing the owner and group of this file and it didn't seem to make any difference. Local admin user can run it fine as it is. The only difference I could see between admin user and other local user is membership of video group, but couldn't find an option to join that group. Neither admin or local user are members of the audio group. Any other clues about what changes could be made to allow other users to run the program like the local admin user? I feel we have made progress but we are not sure what to try next. Any help is greatly appreciated. Thanks. Krsnendu dasa On 06/10/2007, Scott Balneaves wrote: > Krsnendu dasa wrote: > > I am cross posting this to the ltsp lists as I got no response from the > > Crossover list and this software is essential for our school system > > which I need to get running by Monday. > > Are the users members of all the necessary groups? (i.e. audio, cdrom, etc) > > Scott > > -- > Scott L. Balneaves | "Eternity is a very long time, > Systems Department | especially towards the end." > Legal Aid Manitoba | -- Woody Allen > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _____________________________________________________________________ > Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: > https://lists.sourceforge.net/lists/listinfo/ltsp-discuss > For additional LTSP help, try #ltsp channel on irc.freenode.net > From morten at gmail.com Sat Oct 13 06:30:29 2007 From: morten at gmail.com (Morten Gausland) Date: Sat, 13 Oct 2007 08:30:29 +0200 Subject: [K12OSN] KLTSP6 connect via vnc from PC Message-ID: <65f300be0710122330k7cd3e6adw5a0a700ab8d55d46@mail.gmail.com> Have just done my first K12LTSP installation. Before asking a question, let me explain what I've done so far: 1. Installed K12LTSP version 6 accepting all defaults on a Netfinity 5600 with 2 NICs. 2. Connected a hub and an old PC to eth0 and network-booted the PC. Got login, and all worked fine. 3. Connected my Windows Vista PC to the above mentioned HUB, and opened a VNC (ultraVNC) session on 192.168.0.254:0. This also worked fine. 4. Since my existing network (and most private networks using ADSL internet connection) is using the 192.168 subnet, I wanted to change the default subnet used by eth0 (LTSP). I changed all the files mentioned in the ONE NIC portion of the Installation guide to use the 10.0 subnet, and connected the eth1 card to my existing 192.168 that is connected to internet via router with a dhcp server. Again I was able to network boot my old PC, and all worked fine. Internet now works on the terminal. So far so good!!!! Now my question (probably first in a series): I would like to connect to the server via vnc using xinetd (so without starting the vnc-server) from my Vista PC connected to the 192.168 subnet (so it would need to connect to the K12LTSP server on eth1). I have tried playing around with it some, but can't get it to work. Has anyone tried something similar with success? Any feed-back would be appreciated. Thanks in advance. From brcisna at eazylivin.net Sat Oct 13 13:04:34 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Sat, 13 Oct 2007 08:04:34 -0500 (CDT) Subject: [K12OSN] nfs traffic monitoring Message-ID: <59655.192.168.254.3.1192280674.squirrel@www.eazylivin.net> Hello List, I'm hoping someone may be able to shed some light on this. I was monitoring via Ethereal/Wireshark on one server on eth0. I had two thin clients logged through k12ltsp into a Winders terminal server sitting idle after school hours. On eth0 Ethereal was showing almost 2MB's/sec, almost 2000 packets/sec, all udp/NFS traffic for 30 second capture time. Does this seem like high volume for these two clients just sitting idle or is there constant "chatter" between client/server? I never actually see any traffic via Ethereal from the thin client to the Winders TS I would guess because of natting? I guess I have never actually done much monitoring this way via Ethereal for any period as it seems I'm always putting out fires to keep the Winders machines UNvirused/going:) We have several thin clients set this way to log into Winders TS to use Accelerated Reader/Math,etc. At one of the other school buildings I have setup all of these to run through Wine and I'm guessing this may be the better setup? Anyone care to explain, that is smarter than I am:). Take Care, Barry Cisna westcentral school From thewhitmers at gmail.com Sat Oct 13 18:24:13 2007 From: thewhitmers at gmail.com (David Whitmer) Date: Sat, 13 Oct 2007 14:24:13 -0400 Subject: [K12OSN] KLTSP6 connect via vnc from PC In-Reply-To: <65f300be0710122330k7cd3e6adw5a0a700ab8d55d46@mail.gmail.com> References: <65f300be0710122330k7cd3e6adw5a0a700ab8d55d46@mail.gmail.com> Message-ID: On 10/13/07, Morten Gausland wrote: > > Have just done my first K12LTSP installation. Before asking a > question, let me explain what I've done so far: > > 1. Installed K12LTSP version 6 accepting all defaults on a Netfinity > 5600 with 2 NICs. > > 2. Connected a hub and an old PC to eth0 and network-booted the PC. > Got login, and all worked fine. > > 3. Connected my Windows Vista PC to the above mentioned HUB, and > opened a VNC (ultraVNC) session on 192.168.0.254:0. This also worked > fine. > > 4. Since my existing network (and most private networks using ADSL > internet connection) is using the 192.168 subnet, I wanted to change > the default subnet used by eth0 (LTSP). I changed all the files > mentioned in the ONE NIC portion of the Installation guide to use the > 10.0 subnet, and connected the eth1 card to my existing 192.168 that > is connected to internet via router with a dhcp server. Again I was > able to network boot my old PC, and all worked fine. Internet now > works on the terminal. So far so good!!!! > > Now my question (probably first in a series): I would like to connect > to the server via vnc using xinetd (so without starting the > vnc-server) from my Vista PC connected to the 192.168 subnet (so it > would need to connect to the K12LTSP server on eth1). I have tried > playing around with it some, but can't get it to work. Has anyone > tried something similar with success? Any feed-back would be > appreciated. Thanks in advance. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > While this doesn't actually answer your question, I'd recommend that you instead install freenx on your K12LTSP server, and then use NoMachine's ( www.nomachine.com) Windows client to connect from your Windows Vista PC. It's performance, even over an internal LAN, is much better than VNC. If you decide to try freenx, be sure to check out Rick Stout's web page about freenx for information on copying the keys into the client software. You should also then install NoMachine's Linux client on the K12LTSP server, too. http://fedoranews.org/contributors/rick_stout/freenx/ David Whitmer Director of Media & Technology Calvary Schools of Holland (Michigan) web: www.calvaryschoolsholland.org personal email: thewhitmers at gmail.com school email: david.whitmer at cshk12.org -------------- next part -------------- An HTML attachment was scrubbed... URL: From morten at gmail.com Sat Oct 13 22:11:38 2007 From: morten at gmail.com (Morten Gausland) Date: Sun, 14 Oct 2007 00:11:38 +0200 Subject: [K12OSN] KLTSP6 connect via vnc from PC In-Reply-To: References: <65f300be0710122330k7cd3e6adw5a0a700ab8d55d46@mail.gmail.com> Message-ID: <65f300be0710131511j4ed8017asb20ebb1c79d0ffd@mail.gmail.com> > While this doesn't actually answer your question, I'd recommend that you > instead install freenx on your K12LTSP server, and then use NoMachine's ( > www.nomachine.com) Windows client to connect from your Windows Vista PC. > It's performance, even over an internal LAN, is much better than VNC. > > If you decide to try freenx, be sure to check out Rick Stout's web page > about freenx for information on copying the keys into the client software. > You should also then install NoMachine's Linux client on the K12LTSP server, > too. > > http://fedoranews.org/contributors/rick_stout/freenx/ Downloaded and installed. On first test got the error message: "nxssh: localhost: Name or service not known". I added 127.0.0.1 localhost to my /etc/hosts file, and then everything worked fine. Thanks a lot for the advice. I will stick with this solution as it seems very fast and secure. From eharrison at mesd.k12.or.us Sun Oct 14 05:38:13 2007 From: eharrison at mesd.k12.or.us (Eric Harrison) Date: Sat, 13 Oct 2007 22:38:13 -0700 Subject: [K12OSN] LTSP5 In-Reply-To: <1839.75.91.68.147.1192149702.squirrel@mail.seminole.k12.ga.us> References: <1839.75.91.68.147.1192149702.squirrel@mail.seminole.k12.ga.us> Message-ID: <9e29091b0710132238n27540facgd67a311b14c3087@mail.gmail.com> On 10/11/07, Ronnie Miller wrote: > I'll say this for K12LTSP-5EL, it installs and works better than Version > 6. I ran into several problems installing version 6 that were NOT an issue > in 5EL. It is solid as a rock and I'm really enjoying it. > > Now, if only sound in Flash would work like it's supposed to... Any chance that installed the 64bit os and use the 32bit browser installed? Warren Togami mentioned this morning that there is a bug in the current EL5 kernel that breaks this combo. An update is coming down the pike.... -Eric > ERIC, KEEP UP THE GOOD WORK! YOU'VE DEFINITELY GOT A FAN IN ME! > > * From: Peter Scheie > * To: "Support list for open source software in schools." redhat com> > * Subject: Re: [K12OSN] LTSP5 > * Date: Thu, 11 Oct 2007 19:43:18 -0500 > > Actually, a beta version of K12LTSP7, based on Fedora 7, is available at > ftp://k12linux.mesd.k12.or.us/pub/K12LTSP/testing/7.0.0-32bit/iso and has > been since July or so. The problem is that K12LTSP is largely the result > of one man's efforts, Eric, and the time he can devote to it varies. > > While LTSP development is focused on LTSP 5, I would argue that there's > not a significant benefit *to users* of version 5 over version 4.2. > Therefore, in many (most?) cases, K12LTSP 6, based on LTSP 4.2 and Fedora > 6, or K12LTSP-5EL, based on LTSP 4.2 and Centos5, is just fine, and can > actually perform better in some areas such as client boot time. Lately, > I've been sticking with vesion 5EL because it's got long-term support, and > I don't see any compelling advantage to LTSP 5 yet. LTSP 5 is the future, > and I watch it closely, but I don't think users will notice much if any > difference. Others may disagree with me, and that's okay. ;-) > > Peter > > monteslu cox net wrote: > > Fedora 8 is out in less than a month. If there's going to be another > k12 ltsp4.x-based release it would seem like a waste to use fedora 7. > > Luis > > > ---- Krsnendu dasa wrote: > > What about K12LTSP 7? > > On 12/10/2007, Jim McQuillan wrote: > > > Craig White wrote: > > On Thu, 2007-10-11 at 13:58 -0400, Michael Blinn wrote: > > Has there been any development toward implementing > LTSP5 in Fedora? > Ubuntu has done a good job of active integration, and, > being a Fedora > fan, I would like to be able to continue to use LTSP > as Fedora matures. > It seems to me like, with the wealth of knowledge > available through > > this > > list, we ought to be able to throw together a small > team to at least > have a look at the problem, but if there is a push > already in progress > then I'd like to know - I wouldn't want to duplicate > work. > > Any takers? > > ---- > the uptake that I had on irc with the developers is that > they are solely > concentrated on Ubuntu. > > Because this really can't be done without the cooperation with > the > distro team, and so far, Ubuntu is the only distro that has > stepped up > and provided access and commitment from their developers. > > Fedora talks about it, but so far hasn't provided any help. > > OpenSuse is definately making some headway with the kiwi-ltsp > stuff. > Still, I don't think they are getting much traction within the > distro tho. > > Believe me, if distro folks would come into the IRC channel, > we'd be > glad to work with them to get LTSP-5 working. > > Jim McQuillan > jam Ltsp org > > _______________________________________________ > K12OSN mailing list > K12OSN redhat com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN redhat com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > > -- > Ronnie Miller > Technology Specialist > Seminole County Schools > 800 S. Woolfork Ave. > Donalsonville, GA 39845 > 229.524.5235 Ext. 227 > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From dahopkins429 at gmail.com Mon Oct 15 14:05:44 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Mon, 15 Oct 2007 10:05:44 -0400 Subject: [K12OSN] Audacity and recording Message-ID: Well, in the 'no good deed' column, I installed Picasa and Audacity on our K12LTSP servers (3 running K12LTSP Fedora version, 2 running the CentOS version). Sound works for Audacity if I launch it using "esdsp audacity" so I created a launcher for the package that does just this. However, I have now been asked why the recording function doesn't work at the thin clients and can I get it working. Under audacity, the mic shows up with /dev/dsp as the device. We use gnome for the GUI. Does anyone have recording at thin clients working? The clients' sound is recognized as AC97. Thanks, Dave Hopkins -------------- next part -------------- An HTML attachment was scrubbed... URL: From lnkemp at bolivar.k12.mo.us Mon Oct 15 14:36:32 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Mon, 15 Oct 2007 09:36:32 -0500 Subject: [K12OSN] References: <715471.66408.qm@web55606.mail.re4.yahoo.com><37F921EB-ED16-4690-B9DE-F338C1F9C495@breun.nl><46FC9D1D.6030401@cmosnetworks.com><9B9AD1AF-8D1D-4BAE-80F8-7E17D3BAC430@breun.nl><46FD3DC5.8020101@cmosnetworks.com><1191003954.31843.103.camel@cube.tobyhouse.com><1191262071.3387.30.camel@cube.tobyhouse.com><1191270800.3387.53.camel@cube.tobyhouse.com> <470D1096.50206@bio-chemvalve.com> Message-ID: Rob, Well I took your advice and it seems to work fine now. It shows up with a folder under their Home Directory for their network drive and the shared network drive. It seems to be easier for them to understand as well. It didn't solve the the problem with the shared applications so I just moved them over to the K12LTSP server for now. Only one has saved profiles on it, so I'll just figure out how to cron an rsync between the linux and windows server. Thanks for the help. Levi Kemp Technology Specialist Bolivar R-1 Schools 417-328-8943 lnkemp at bolivar.k12.mo.us -----Original Message----- From: k12osn-bounces at redhat.com on behalf of Rob Owens Sent: Wed 10/10/2007 12:49 PM To: Support list for open source software in schools. Subject: Re: [K12OSN] Levi, That's the only way I was able to give Linux users proper access to a shared folder on a Windows server. I used pam_mount to accomplish it. I can't say that I'm completely happy with the solution (I sometimes get long log-in times). I think the best thing would be do move the files to a Linux-based file server and share it with Samba. -Rob Kemp, Levi wrote: > So is it going to be best(or easiest) to have each user mount the network drive as they log in, just like there home directory? I don't know why I didn't think of doing this before, I would have to change the links to applications on that server but it seems like it would be the quickest solution. > > Levi Kemp > Technology Specialist > Bolivar R-1 Schools > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > -----Original Message----- > From: k12osn-bounces at redhat.com on behalf of Craig White > Sent: Mon 10/1/2007 3:33 PM > To: Support list for open source software in schools. > Subject: RE: [K12OSN] > > if Apps is mounted by root, then root owns the mount and all > files/folders - that's something you can easily confirm from any > workstation. > > On Mon, 2007-10-01 at 14:39 -0500, Kemp, Levi wrote: >> Apps is mounted on M by root. And as far as security on the windows server all users have read/write access to the main apps folder, sub-folders vary by depending on use. Users are authenticated against a windows AD using winbind, that's the reason their home directories mount correctly. But would it be bad for the LTSP server to mount luke seperately for each user? If that would work, I'd just go that route. >> >> >> Levi Kemp >> Technology Specialist >> Bolivar R-1 Schools >> 417-328-8943 >> lnkemp at bolivar.k12.mo.us >> >> >> >> -----Original Message----- >> From: k12osn-bounces at redhat.com on behalf of Craig White >> Sent: Mon 10/1/2007 1:07 PM >> To: Support list for open source software in schools. >> Subject: RE: [K12OSN] >> >> If you look directly on the computer named //LUKE and the folder that is >> shared as 'apps' - it would appear that a typical user doesn't have >> write access. Windows 2000 Server (and Windows 2003 server also) have a >> nice tool built-in to test user privileges...right click on a folder and >> choose Properties => Security => Advanced => User then you can locate a >> user and see his privileges on that folder. >> >> is //luke/apps mounted on /mnt/M by root? If so, then a user wouldn't >> have write access >> >> how are ltsp users authenticated? By local /etc/passwd entry? by >> winbindd from Windows Server? >> >> Craig >> >> On Mon, 2007-10-01 at 12:49 -0500, Kemp, Levi wrote: >>> Here is my print out from mount: >>> >>> /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) >>> proc on /proc type proc (rw) >>> sysfs on /sys type sysfs (rw) >>> devpts on /dev/pts type devpts (rw,gid=5,mode=620) >>> /dev/cciss/c0d0p1 on /boot type ext3 (rw) >>> tmpfs on /dev/shm type tmpfs (rw) >>> none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) >>> sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) >>> //luke/apps on /mnt/M type cifs (rw,mand) >>> //luke/scholastic on /mnt/.Scholastic type cifs (rw,mand) >>> //luke/schsuite on /mnt/.SMS_DATA type cifs (rw,mand) >>> nfsd on /proc/fs/nfsd type nfsd (rw) >>> //br2/vswartz$ on /home/BOLIVAR/vswartz/G type cifs (rw,mand) >>> //br2/shall$ on /home/BOLIVAR/shall/G type cifs (rw,mand) >>> //br2/dpeterson$_br1$ on /home/BOLIVAR/dpeterson/G type cifs (rw,mand) >>> //br2/dshoemaker$_br1$ on /home/BOLIVAR/dshoemaker/G type cifs (rw,mand) >>> //br2/lnkemp$ on /home/BOLIVAR/lnkemp/G type cifs (rw,mand) >>> >>> The folder in question is //luke/apps >>> All the home folders, which also reside on a windows server(till I get a NAS), work fine if that is helpful knowledge. >>> >>> Levi Kemp >>> Technology Specialist >>> Bolivar R-1 Schools >>> 417-328-8943 >>> lnkemp at bolivar.k12.mo.us >>> >>> >>> >>> -----Original Message----- >>> From: k12osn-bounces at redhat.com on behalf of Craig White >>> Sent: Fri 9/28/2007 1:25 PM >>> To: Support list for open source software in schools. >>> Subject: Re: [K12OSN] >>> >>> On Fri, 2007-09-28 at 12:54 -0500, Kemp, Levi wrote: >>>> Hello everyone, >>>> It's been too long since I've checked the list. I've had a lot >>>> of "fun" working with our LTSP lab. I finally resolved my issue with >>>> scholastic software. Even though I was able to get the older version >>>> working in the lab, it came down to the fact that the database wasn't >>>> stable. According to scholastic, "It is self-corrupting, two minutes >>>> after running the maintenance you WILL have errors in it again." So we >>>> upgraded to the new Enterprise Edition", which runs on a MySql database, >>>> using a flash player as a browser on the client to access the apps on >>>> the server. It uses Jboss as the appliation server. Funny how almost all >>>> of the software used open source, good side though, wine opens the >>>> executable to run any of the apps and uses native flash player, java, >>>> adobe, etc. So there is one problem solved. Unfortunately I'm still >>>> having a problem with a network drive that the school uses for both a >>>> digital dropbox and a basic application server for apps like microtype >>>> and geometer sketchpad. No on seems to have write access to the mounted >>>> drive and that is the main problem. It seems like it shouldn't be a hard >>>> thing to figure out, but I haven't had as much time to spend on it as I >>>> need to. Where should I start looking to fix this aside from chmod, >>>> because that doesn't seem to do it. If you need more info let me know, >>>> I'm hoping to get it fixed by Monday, otherwise I may be forced into a >>>> Microsoft Terminal setup, and that would kill me. >>> ---- >>> spare us the drama >>> >>> is the mount read only? on a computer that doesn't have write access to >>> the mounted drive, can you run the command... >>> >>> mount >>> >>> and report back to us? >>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 6469 bytes Desc: not available URL: From lnkemp at bolivar.k12.mo.us Tue Oct 16 12:52:52 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Tue, 16 Oct 2007 07:52:52 -0500 Subject: [K12OSN] nfs traffic monitoring In-Reply-To: <59655.192.168.254.3.1192280674.squirrel@www.eazylivin.net> References: <59655.192.168.254.3.1192280674.squirrel@www.eazylivin.net> Message-ID: Barry, Are you not using the RenPlace Software for AR and Math? I was able to login to both using just firefox on linux. If you aren't but are able to use wine elsewhere I don't see a good reason to log into a windows terminal unless you have other unsupported apps. The only part of RenPlace that doesn't work under linux is the special print plugin, but you wouldn't know it because it automatically opens up the document to be printed as a pdf, then you can save or print. Levi Kemp Technology Specialist Bolivar R-I School District 417-328-8943 lnkemp at bolivar.k12.mo.us > -----Original Message----- > From: k12osn-bounces at redhat.com > [mailto:k12osn-bounces at redhat.com] On Behalf Of Barry Cisna > Sent: Saturday, October 13, 2007 8:05 AM > To: k12osn at redhat.com > Subject: [K12OSN] nfs traffic monitoring > > Hello List, > > I'm hoping someone may be able to shed some light on this. I > was monitoring via Ethereal/Wireshark on one server on eth0. > I had two thin clients logged through k12ltsp into a Winders > terminal server sitting idle after school hours. On eth0 > Ethereal was showing almost 2MB's/sec, almost 2000 > packets/sec, all udp/NFS traffic for 30 second capture time. > Does this seem like high volume for these two clients just > sitting idle or is there constant "chatter" between client/server? > I never actually see any traffic via Ethereal from the thin > client to the Winders TS I would guess because of natting? I > guess I have never actually done much monitoring this way via > Ethereal for any period as it seems I'm always putting out > fires to keep the Winders machines UNvirused/going:) We have > several thin clients set this way to log into Winders TS to > use Accelerated Reader/Math,etc. At one of the other school > buildings I have setup all of these to run through Wine and > I'm guessing this may be the better setup? > Anyone care to explain, that is smarter than I am:). > > Take Care, > > Barry Cisna > westcentral school > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jkorzeni at battle-creek.k12.mi.us Tue Oct 16 12:54:54 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Tue, 16 Oct 2007 08:54:54 -0400 Subject: [K12OSN] Volume Mounting Question Message-ID: <47147C5E0200003C00004091@BCPSSMTP.battle-creek.k12.mi.us> I have a k12ltsp6 server set up to mount the root of a netware volume so that I can let young students all save to a shared location. I have two different problems. I can get the netware volume to mount in fstab using this line: server/.user.context /mnt/mountpoint ncp uid=root,gid=users,mode=777,owner=root,A=dns.address.org,volume=VOL1,passwd=pwd,multiple 0 0 My problems are these: 1) I haven't found a way to mount a particular subdirectory of this volume rather than the volume root... this wouldn't be a problem if not for problem 2 which is: 2) When this mounts, it automatically puts an icon on everybody's desktop pointing to the root of the volume. Any idea how to make this not show up? Thanks in advance. -Joe Korzeniewski From rowens at bio-chemvalve.com Tue Oct 16 12:54:57 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Tue, 16 Oct 2007 08:54:57 -0400 Subject: [K12OSN] graphics problems w/ multiple SCREENs In-Reply-To: <46A0D801.4010003@bio-chemvalve.com> References: <29AEB552E5D40645BA38E82F0939CB0829200C@MAIL-EXCH.bio-chemvalve.com> <46A0D801.4010003@bio-chemvalve.com> Message-ID: <4714B4A1.60705@bio-chemvalve.com> Just a quick update to let you all know that Gideon Romm solved this problem for me. He solved it by adding a framebuffer module in lts.conf, so for instance: For my LTSP Term 1000 PXE: MODULE_01 = "sisfb" For my ATI-equipped machines: MODULE_01 = "radeonfb" All of these "fb" modules are located in /opt/ltsp/i386/lib/modules//kernel/drivers/video -Rob Rob Owens wrote: > I just bought a new LTSP Term 1000 PXE and I'm having the same problem. > Has anybody else seen this happen? I thought it might have been due to > my older hardware, but now I'm seeing the problem on a brand-new thin > client. > > The issue occurs when using either the sis or the vesa driver. > > This is really screwing up my LTSP implementation here. My users need > to toggle back and forth between the Linux and Windows terminal servers. > > I ran ltspadmin to see if all my components are up to date, and > everything is except it says that ltsp_kernel is not installed. This > can't be right, I don't think, since I am successfully running thin clients. > > Any ideas would be appreciated. I'm running K12LTSP 5.0EL, fully > updated from a beta version. > > -Rob > > Rob Owens wrote: >> Forcing the vesa driver seemed to be an improvement, but it did not >> completely fix the problem. I say it was an improvement because it went >> from being a problem 100% of the time, to being a problem about 50% of >> the time. Weird. >> >> -Rob >> >> -----Original Message----- >> From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On >> Behalf Of Rob Owens >> Sent: Friday, June 01, 2007 11:26 AM >> To: Support list for open source software in schools. >> Subject: RE: [K12OSN] graphics problems w/ multiple SCREENs >> >> This sure is a lonely thread... >> >> I took one of the P3 machines that was giving me trouble with the LCD >> monitor, and tested it using a CRT. Same problem. So my >> not-so-educated guess is that there's a glitch in the auto-detection of >> the video cards in the problem machines. I'll try forcing the vesa >> driver and see if that has any effect. >> >> -Rob >> >> -----Original Message----- >> From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On >> Behalf Of Rob Owens >> Sent: Friday, May 25, 2007 2:35 PM >> To: Support list for open source software in schools. >> Subject: RE: [K12OSN] graphics problems w/ multiple SCREENs >> >> Some more info: >> >> I tested on another client w/ a CRT monitor and the problem did not >> occur. It still occurs on the machines specified in the emails below. >> >> Out of desperation I tried upgrading to rdesktop 1.5, and that did not >> fix the problem. >> >> -Rob >> >> -----Original Message----- >> From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On >> Behalf Of Rob Owens >> Sent: Thursday, May 24, 2007 11:16 AM >> To: Support list for open source software in schools. >> Subject: RE: [K12OSN] graphics problems w/ multiple SCREENs >> >> I've now also confirmed this problem on another client which has a CRT >> monitor (same server as #1 and #2, below). Again, this is on K12LTSP >> 5.0.0EL >> >> -Rob >> >> -----Original Message----- >> From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On >> Behalf Of Rob Owens >> Sent: Thursday, May 24, 2007 7:54 AM >> To: Support list for open source software in schools. >> Subject: RE: [K12OSN] graphics problems w/ multiple SCREENs >> >> I've confirmed the following: >> >> 1) This problem exists on two different computers (both computers have >> the same make/model of lcd monitor, but different video cards) >> >> 2) This problem occurs *sometimes* on a laptop that's being used as a >> thin client. When the problem occurs on this laptop, the graphics are >> only slightly messed up (a black bar across the bottom of the screen). >> Toggling back to SCREEN_01 then back to SCREEN_02 usually corrects it. >> >> 3) This problem does not occur on my home system, which is LTSP 4.2 on >> Xubuntu 6.10 >> >> I'll test out more machines and post back. Let me know if any of you >> have any ideas... >> >> -Rob >> >> -----Original Message----- >> From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On >> Behalf Of Rob Owens >> Sent: Wednesday, May 23, 2007 12:12 PM >> To: Support list for open source software in schools. >> Subject: [K12OSN] graphics problems w/ multiple SCREENs >> >> I'm running K12LTSP 5.0.0EL >> >> SCREEN_01 = startx >> SCREEN_02 = rdesktop -f -a 16 10.xxx.xxx.xxx >> SCREEN_03 = shell >> >> All screens work fine, but if I log in to the Windows terminal server on >> SCREEN_02, then go to SCREEN_01, then back to SCREEN_02, the graphics >> are unreadable on SCREEN_02. >> >> I can "fix" it by toggling to SCREEN_03 and then back to SCREEN_02 -- >> the graphics go back to normal. >> >> Any idea what I can do to fix this? >> >> -Rob >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From lnkemp at bolivar.k12.mo.us Tue Oct 16 12:58:20 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Tue, 16 Oct 2007 07:58:20 -0500 Subject: [K12OSN] Volume Mounting Question In-Reply-To: <47147C5E0200003C00004091@BCPSSMTP.battle-creek.k12.mi.us> References: <47147C5E0200003C00004091@BCPSSMTP.battle-creek.k12.mi.us> Message-ID: You could hide the mountpoint. /mnt/.mountpoint That seemed to work for me, though I just swicthed all my mounts from fstab to pam_mount. Levi Kemp Technology Specialist Bolivar R-I School District 417-328-8943 lnkemp at bolivar.k12.mo.us > -----Original Message----- > From: k12osn-bounces at redhat.com > [mailto:k12osn-bounces at redhat.com] On Behalf Of Joe Korzeniewski > Sent: Tuesday, October 16, 2007 7:55 AM > To: k12osn at redhat.com > Subject: [K12OSN] Volume Mounting Question > > I have a k12ltsp6 server set up to mount the root of a > netware volume so that I can let young students all save to a > shared location. I have two different problems. I can get the > netware volume to mount in fstab using this line: > > server/.user.context /mnt/mountpoint ncp > uid=root,gid=users,mode=777,owner=root,A=dns.address.org,volum > e=VOL1,passwd=pwd,multiple 0 0 > > My problems are these: > > 1) I haven't found a way to mount a particular subdirectory > of this volume rather than the volume root... this wouldn't > be a problem if not for problem 2 which is: > > 2) When this mounts, it automatically puts an icon on > everybody's desktop pointing to the root of the volume. Any > idea how to make this not show up? > > Thanks in advance. > > -Joe Korzeniewski > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jkorzeni at battle-creek.k12.mi.us Tue Oct 16 13:16:05 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Tue, 16 Oct 2007 09:16:05 -0400 Subject: [K12OSN] Volume Mounting Question Message-ID: <471481550200003C00004095@BCPSSMTP.battle-creek.k12.mi.us> Thanks Levi, that did the trick. Are you using pam_mount with netware? If so, does it authenticate and mount the home directory and / or process the login script? Does it require using a FDN for login or can it detect the context? I did some searching for something that could do all of this but couldn't find anything that suited my needs. I didn't look too deeply at pam_mount though. I ended up writing a utility for ubuntu to make it easier for the other guys in our dept to switch away from windows. It basically takes a username and pwd and looks up the context and home directory for a user and mounts it. I extended it to mount other shares as well. I converted this over to k12ltsp6 for the students who have their home directories and it works fairly well, but the students have to log in twice (until I set up autologin). http://sourceforge.net/projects/jkmount Thanks for your help -Joe Korzeniewski >>> "Kemp, Levi" 10/16/07 8:58 AM >>> You could hide the mountpoint. /mnt/.mountpoint That seemed to work for me, though I just swicthed all my mounts from fstab to pam_mount. Levi Kemp Technology Specialist Bolivar R-I School District 417-328-8943 lnkemp at bolivar.k12.mo.us > -----Original Message----- > From: k12osn-bounces at redhat.com > [mailto:k12osn-bounces at redhat.com] On Behalf Of Joe Korzeniewski > Sent: Tuesday, October 16, 2007 7:55 AM > To: k12osn at redhat.com > Subject: [K12OSN] Volume Mounting Question > > I have a k12ltsp6 server set up to mount the root of a > netware volume so that I can let young students all save to a > shared location. I have two different problems. I can get the > netware volume to mount in fstab using this line: > > server/.user.context /mnt/mountpoint ncp > uid=root,gid=users,mode=777,owner=root,A=dns.address.org,volum > e=VOL1,passwd=pwd,multiple 0 0 > > My problems are these: > > 1) I haven't found a way to mount a particular subdirectory > of this volume rather than the volume root... this wouldn't > be a problem if not for problem 2 which is: > > 2) When this mounts, it automatically puts an icon on > everybody's desktop pointing to the root of the volume. Any > idea how to make this not show up? > > Thanks in advance. > > -Joe Korzeniewski > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From lnkemp at bolivar.k12.mo.us Tue Oct 16 13:54:28 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Tue, 16 Oct 2007 08:54:28 -0500 Subject: [K12OSN] Volume Mounting Question In-Reply-To: <471481550200003C00004095@BCPSSMTP.battle-creek.k12.mi.us> References: <471481550200003C00004095@BCPSSMTP.battle-creek.k12.mi.us> Message-ID: Sorry we are a bit Mircocentric over here. I'm authenticating against Server 2003. My only problem is when changing the pam_mount settings my users now have to enter domain+username instead of just username. I'd like to fix it but no time really. Besides for web access email on exchange they have to enter in domain\username, unless they user firefox ;-) I don't know for sure but I'd assume that if you are already authenticating against a netware server that pam_mount should be able to mount your shares if they are setup like ours are with permissions attached to the user. Fstab caused me more headaches than I can remember, considering I didn't even know it was causing my problems. Pam_mount took care of all my permissions issues, r/w problems, etc. Not to mention on the file server I can actually see who is accessing files again, instead of just the user in the fstab line, that always bugged me from a security standpoint. Levi Kemp Technology Specialist Bolivar R-I School District 417-328-8943 lnkemp at bolivar.k12.mo.us > -----Original Message----- > From: k12osn-bounces at redhat.com > [mailto:k12osn-bounces at redhat.com] On Behalf Of Joe Korzeniewski > Sent: Tuesday, October 16, 2007 8:16 AM > To: k12osn at redhat.com > Subject: RE: [K12OSN] Volume Mounting Question > > Thanks Levi, that did the trick. > > Are you using pam_mount with netware? If so, does it > authenticate and mount the home directory and / or process > the login script? Does it require using a FDN for login or > can it detect the context? I did some searching for something > that could do all of this but couldn't find anything that > suited my needs. I didn't look too deeply at pam_mount though. > > I ended up writing a utility for ubuntu to make it easier for > the other guys in our dept to switch away from windows. It > basically takes a username and pwd and looks up the context > and home directory for a user and mounts it. I extended it to > mount other shares as well. I converted this over to k12ltsp6 > for the students who have their home directories and it works > fairly well, but the students have to log in twice (until I > set up autologin). http://sourceforge.net/projects/jkmount > > Thanks for your help > > -Joe Korzeniewski > > >>> "Kemp, Levi" 10/16/07 8:58 AM >>> > You could hide the mountpoint. /mnt/.mountpoint That seemed > to work for me, though I just swicthed all my mounts from > fstab to pam_mount. > > Levi Kemp > Technology Specialist > Bolivar R-I School District > 417-328-8943 > lnkemp at bolivar.k12.mo.us > > > > > -----Original Message----- > > From: k12osn-bounces at redhat.com > > [mailto:k12osn-bounces at redhat.com] On Behalf Of Joe Korzeniewski > > Sent: Tuesday, October 16, 2007 7:55 AM > > To: k12osn at redhat.com > > Subject: [K12OSN] Volume Mounting Question > > > > I have a k12ltsp6 server set up to mount the root of a > netware volume > > so that I can let young students all save to a shared > location. I have > > two different problems. I can get the netware volume to > mount in fstab > > using this line: > > > > server/.user.context /mnt/mountpoint ncp > > uid=root,gid=users,mode=777,owner=root,A=dns.address.org,volum > > e=VOL1,passwd=pwd,multiple 0 0 > > > > My problems are these: > > > > 1) I haven't found a way to mount a particular subdirectory of this > > volume rather than the volume root... this wouldn't be a problem if > > not for problem 2 which is: > > > > 2) When this mounts, it automatically puts an icon on everybody's > > desktop pointing to the root of the volume. Any idea how to > make this > > not show up? > > > > Thanks in advance. > > > > -Joe Korzeniewski > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From eharrison at mail.mesd.k12.or.us Tue Oct 16 15:30:16 2007 From: eharrison at mail.mesd.k12.or.us (Eric Harrison) Date: Tue, 16 Oct 2007 08:30:16 -0700 Subject: [K12OSN] Oregon users: packages for OAKS (Oregon Assessment of Knowledge and Skills) In-Reply-To: <46CA28C7.9090109@mail.mesd.k12.or.us> References: <46CA28C7.9090109@mail.mesd.k12.or.us> Message-ID: <4714D908.2030605@mail.mesd.k12.or.us> Eric Harrison wrote: > I packaged up the official OAKS configurations for K12LTSP & created an > "OAKS" session type that functions in the same way that my old TESA > session worked. > > Just run 'yum install oregon-oaks' and your K12LTSP server will be setup > for testing ;-) > > -Eric ....and they broke the package on the first morning of testing! OAKS just put out a patch & I uploaded new packages. Run "yum install oregon-oaks" and you'll be back in business. Be sure that you have version 0.6.65 installed: $ rpm -q oregon-oaks oregon-oaks-0.6.65-k12ltsp.7.0.0 If you don't, run "yum clean all" and then re-run "yum install oregon-oaks" -Eric From dtrask at vcsvikings.org Wed Oct 17 01:19:54 2007 From: dtrask at vcsvikings.org (David Trask) Date: Tue, 16 Oct 2007 21:19:54 -0400 Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice Message-ID: Hi all, Let me be your voice. I have a bazillion ideas for things that we need to work on for Edubuntu, Open Source, and FOSS in education in general. Not many of my ideas are programming so much as marketing, advocacy, support and so forth. I'm soliciting ideas from all of you (as an educator/IT support person) to bring up for discussion and work at the Ubuntu Developers Summit in just over a week (programming ideas welcome as well). I will be there and would like to be able to be your "voice". Let's get those ideas flowing and I will add them to a wiki page so that specs can be generated accordingly. Let 'em rip.... What are your wishes....what would you like to see added....what would you like to see in terms of advocacy and support...what about education programs....what needs fixing....what could be made even easier? David N. Trask Technology Teacher/Director Vassalboro Community School dtrask at vcsvikings.org (207)923-3100 From ascensiontech at gmail.com Wed Oct 17 01:36:11 2007 From: ascensiontech at gmail.com (Peter Hartmann) Date: Tue, 16 Oct 2007 21:36:11 -0400 Subject: [K12OSN] OT: Alice.org Message-ID: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> I just came across this free(as in beer) educational programming software at Alice.org developed at Carnegie Melon. Just thought people might want to be aware of it and also see if anyone has experience with it, and to know what they thought. It looks pretty cool to me. Peter From sgonzalez at sau83.org Wed Oct 17 01:52:39 2007 From: sgonzalez at sau83.org (Sonja Gonzalez) Date: Tue, 16 Oct 2007 21:52:39 -0400 (EDT) Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice In-Reply-To: Message-ID: <2191623.33941192585959302.JavaMail.root@mail.sau83.org> Hey David-- Nice to hear from you. I hope your school year has started well!! Here are my top ideas on this subject... 1. Easier setup for integration with Active Directory, including single home folder location and UID/GID mapping. 2. Easier UID/GID and home folder management between servers running DHCP failover. 3. Inclusion of NSCD. 4. Inclusion of kernel server on standard edubuntu server installation. 5. Have USB permissions set correctly on edubuntu LTSP install. Fix issue with San Disk Cruzer USB drives with U3 installed. 6. Better Group Policy-type management. Sabayon is a bit of a kludge. MS's implementation is cleaner for many things. That's what comes to mind as I sit here watching the game :) Thanks for allowing me to give my input! Have fun at the summit! Sonja _______________________________ Sonja Gonzalez Director of Technology Ellis School 432 Main Street Fremont, NH 03044 603.895.2511 x603 ----- Original Message ----- From: "David Trask" To: ACTEMLIST at LISTS.MAINE.EDU Cc: K12OSN at redhat.com Sent: Tuesday, October 16, 2007 9:19:54 PM (GMT-0500) America/New_York Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice Hi all, Let me be your voice. I have a bazillion ideas for things that we need to work on for Edubuntu, Open Source, and FOSS in education in general. Not many of my ideas are programming so much as marketing, advocacy, support and so forth. I'm soliciting ideas from all of you (as an educator/IT support person) to bring up for discussion and work at the Ubuntu Developers Summit in just over a week (programming ideas welcome as well). I will be there and would like to be able to be your "voice". Let's get those ideas flowing and I will add them to a wiki page so that specs can be generated accordingly. Let 'em rip.... What are your wishes....what would you like to see added....what would you like to see in terms of advocacy and support...what about education programs....what needs fixing....what could be made even easier? David N. Trask Technology Teacher/Director Vassalboro Community School dtrask at vcsvikings.org (207)923-3100 _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From sbarar at gmail.com Wed Oct 17 01:57:27 2007 From: sbarar at gmail.com (Sudev Barar) Date: Wed, 17 Oct 2007 07:27:27 +0530 Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice In-Reply-To: <2191623.33941192585959302.JavaMail.root@mail.sau83.org> References: <2191623.33941192585959302.JavaMail.root@mail.sau83.org> Message-ID: <774593a20710161857q1ec7a574qd94088a184f796c8@mail.gmail.com> On 17/10/2007, Sonja Gonzalez wrote: > Inclusion of kernel server on standard edubuntu server installation. +1 for including raid tools and capabilities. -- Regards, Sudev Barar From toddobryan at mac.com Wed Oct 17 02:25:21 2007 From: toddobryan at mac.com (Todd O'Bryan) Date: Tue, 16 Oct 2007 22:25:21 -0400 Subject: [K12OSN] OT: Alice.org In-Reply-To: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> Message-ID: <1192587921.6221.4.camel@200-TC-TOBRYAN1> Wait for the next version, out next year. Alice would make a good intro to programming for middle school, but I didn't like it much when I used it as part of a pre-AP course. On Tue, 2007-10-16 at 21:36 -0400, Peter Hartmann wrote: > I just came across this free(as in beer) educational programming > software at Alice.org developed at Carnegie Melon. Just thought > people might want to be aware of it and also see if anyone has > experience with it, and to know what they thought. It looks pretty > cool to me. > > Peter > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From accessys at smart.net Wed Oct 17 02:38:03 2007 From: accessys at smart.net (Accessys@smart.net) Date: Tue, 16 Oct 2007 22:38:03 -0400 (EDT) Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice In-Reply-To: References: Message-ID: great thanks for carrying the messages. one of the biggest problems with open source is it's lack of support for issues related to disability . Special Ed. . screen readers (Emacspeak is too complicated for kids) . aux aids. without proper support for Special Ed it will never be able to fully be used in federally funded programs, including public school systems. Bob On Tue, 16 Oct 2007, David Trask wrote: > Hi all, > > Let me be your voice. I have a bazillion ideas for things that we need to > work on for Edubuntu, Open Source, and FOSS in education in general. Not > many of my ideas are programming so much as marketing, advocacy, support > and so forth. I'm soliciting ideas from all of you (as an educator/IT > support person) to bring up for discussion and work at the Ubuntu > Developers Summit in just over a week (programming ideas welcome as well). > I will be there and would like to be able to be your "voice". Let's get > those ideas flowing and I will add them to a wiki page so that specs can > be generated accordingly. Let 'em rip.... > > What are your wishes....what would you like to see added....what would you > like to see in terms of advocacy and support...what about education > programs....what needs fixing....what could be made even easier? > > David N. Trask > Technology Teacher/Director > Vassalboro Community School > dtrask at vcsvikings.org > (207)923-3100 > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ occasionally a true patriot must defend his country from its' government +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ "They that can give up essential liberty to obtain a little temporary safety deserve Neither liberty nor safety", Benjamin Franklin - - - - - - - - - - - - - - - - - - - ASCII Ribbon Campaign. . . . . . . . . . . . accessBob .NO HTML/PDF/RTF/MIME in e-mail. . . . . . . accessys at smartnospam.net .NO MSWord docs in e-mail . . . .. . . . . . Access Systems, engineers .NO attachments in e-mail, .*LINUX powered*. access is a civil right *#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*# THIS message and any attachments are CONFIDENTIAL and may be privileged. They are intended ONLY for the individual or entity named From dhuckaby at paasda.org Wed Oct 17 02:43:08 2007 From: dhuckaby at paasda.org (Huck) Date: Tue, 16 Oct 2007 19:43:08 -0700 Subject: [K12OSN] OT: Alice.org In-Reply-To: <1192587921.6221.4.camel@200-TC-TOBRYAN1> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> <1192587921.6221.4.camel@200-TC-TOBRYAN1> Message-ID: <471576BC.1040500@paasda.org> Todd, for the benefit of those of us who haven't had the chance... what things weren't so good that are improving next year? --Huck Todd O'Bryan wrote: > Wait for the next version, out next year. Alice would make a good intro > to programming for middle school, but I didn't like it much when I used > it as part of a pre-AP course. > > On Tue, 2007-10-16 at 21:36 -0400, Peter Hartmann wrote: >> I just came across this free(as in beer) educational programming >> software at Alice.org developed at Carnegie Melon. Just thought >> people might want to be aware of it and also see if anyone has >> experience with it, and to know what they thought. It looks pretty >> cool to me. >> >> Peter >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From tom.hoffman at gmail.com Wed Oct 17 02:36:55 2007 From: tom.hoffman at gmail.com (Tom Hoffman) Date: Tue, 16 Oct 2007 22:36:55 -0400 Subject: [K12OSN] OT: Alice.org In-Reply-To: <1192587921.6221.4.camel@200-TC-TOBRYAN1> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> <1192587921.6221.4.camel@200-TC-TOBRYAN1> Message-ID: <92de6c880710161936r2e535014q6ebfe0a60e0b0443@mail.gmail.com> Alice has always seemed to be a "wait 'til the next version" product... unfortunately. --Tom On 10/16/07, Todd O'Bryan wrote: > Wait for the next version, out next year. Alice would make a good intro > to programming for middle school, but I didn't like it much when I used > it as part of a pre-AP course. > > On Tue, 2007-10-16 at 21:36 -0400, Peter Hartmann wrote: > > I just came across this free(as in beer) educational programming > > software at Alice.org developed at Carnegie Melon. Just thought > > people might want to be aware of it and also see if anyone has > > experience with it, and to know what they thought. It looks pretty > > cool to me. > > > > Peter > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From tom.hoffman at gmail.com Wed Oct 17 02:38:31 2007 From: tom.hoffman at gmail.com (Tom Hoffman) Date: Tue, 16 Oct 2007 22:38:31 -0400 Subject: [K12OSN] Fwd: StarLogo TNG Beta 1 Released In-Reply-To: <20071017013531.5D78221C3AE@education.mit.edu> References: <20071017013531.5D78221C3AE@education.mit.edu> Message-ID: <92de6c880710161938i4d1801bm4047e3e46d89bbb6@mail.gmail.com> If you're interested in Alice, this is a timely announcement as well (although I haven't tried it enough to recommend it or not). Linux version "days away." Hopefully... --Tom ---------- Forwarded message ---------- From: StarLogoTNG Date: Oct 16, 2007 9:35 PM Subject: StarLogo TNG Beta 1 Released To: tom.hoffman at gmail.com Coinciding well with the commemoration of 40 years of Logo in Wired and Slashdot today, we are proud to at long last announced the official release of StarLogo TNG Beta 1. StarLogo TNG has undergone a major transformation from Preview 4 (or 4.2) to our first real beta. Much of the code has been entirely rewritten, changing what happens on the surface as well as underneath. These changes have increased speed, usability, stability and extensibility, and will hopefully be the basis of TNG for quite some time. While there are many new features, because this is such a major revision some features of Preview 4 have not yet been implemented. If you must have those features you should stick with Preview 4, otherwise we highly recommend shifting to the new version. We have made our best efforts to update projects and support backwards compatibility, but some projects that rely on features that haven't yet been implemented one load. New and more extensive documentation is coming (including new sample curriculum very shortly), but in the mean time we have provided a list of changes that can be used to apply the basics of Preview 4.2 to this versio n. We're very excited about this new version. The look and feel, as well as the usability have received quite favorable reviews across the board. We hope you'll like it to. Mac and Windows releases are now available, and the first official Linux version is days away. Changes, additions and subtractions to TNG are available on our website at http://education.mit.edu/starlogo-tng Enjoy! The StarLogo Team From microman at cmosnetworks.com Wed Oct 17 02:41:42 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Tue, 16 Oct 2007 22:41:42 -0400 Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice In-Reply-To: References: Message-ID: <47157666.3090307@cmosnetworks.com> I would like LTSP files to be in the same places that they are in upstream LTSP. K12LTSP does this; Edubuntu does not. --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! David Trask wrote: > Hi all, > > Let me be your voice. I have a bazillion ideas for things that we need to > work on for Edubuntu, Open Source, and FOSS in education in general. Not > many of my ideas are programming so much as marketing, advocacy, support > and so forth. I'm soliciting ideas from all of you (as an educator/IT > support person) to bring up for discussion and work at the Ubuntu > Developers Summit in just over a week (programming ideas welcome as well). > I will be there and would like to be able to be your "voice". Let's get > those ideas flowing and I will add them to a wiki page so that specs can > be generated accordingly. Let 'em rip.... > > What are your wishes....what would you like to see added....what would you > like to see in terms of advocacy and support...what about education > programs....what needs fixing....what could be made even easier? > > David N. Trask > Technology Teacher/Director > Vassalboro Community School > dtrask at vcsvikings.org > (207)923-3100 > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From toddobryan at mac.com Wed Oct 17 02:56:13 2007 From: toddobryan at mac.com (Todd O'Bryan) Date: Tue, 16 Oct 2007 22:56:13 -0400 Subject: [K12OSN] OT: Alice.org In-Reply-To: <471576BC.1040500@paasda.org> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> <1192587921.6221.4.camel@200-TC-TOBRYAN1> <471576BC.1040500@paasda.org> Message-ID: <1192589773.6221.8.camel@200-TC-TOBRYAN1> The problem I noticed is that my students spent way more time using trial and error to get all the numbers right to make their animations look good than they did thinking. The new version of Alice is supposed to have more interesting primitives built in so that students can concentrate more on the sequencing and problem solving than on the minutiae of getting things to look right. It should let teachers assign more interesting projects and let students do more higher level thinking. Todd On Tue, 2007-10-16 at 19:43 -0700, Huck wrote: > Todd, for the benefit of those of us who haven't had the chance... > what things weren't so good that are improving next year? > > --Huck > > Todd O'Bryan wrote: > > Wait for the next version, out next year. Alice would make a good intro > > to programming for middle school, but I didn't like it much when I used > > it as part of a pre-AP course. > > > > On Tue, 2007-10-16 at 21:36 -0400, Peter Hartmann wrote: > >> I just came across this free(as in beer) educational programming > >> software at Alice.org developed at Carnegie Melon. Just thought > >> people might want to be aware of it and also see if anyone has > >> experience with it, and to know what they thought. It looks pretty > >> cool to me. > >> > >> Peter > >> > >> _______________________________________________ > >> K12OSN mailing list > >> K12OSN at redhat.com > >> https://www.redhat.com/mailman/listinfo/k12osn > >> For more info see > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From jam at mcquil.com Wed Oct 17 03:05:31 2007 From: jam at mcquil.com (Jim McQuillan) Date: Tue, 16 Oct 2007 23:05:31 -0400 Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice In-Reply-To: <47157666.3090307@cmosnetworks.com> References: <47157666.3090307@cmosnetworks.com> Message-ID: <47157BFB.9040506@McQuil.com> Terrell Prud? Jr. wrote: > I would like LTSP files to be in the same places that they are in > upstream LTSP. K12LTSP does this; Edubuntu does not. K12ltsp uses LTSP-4.2. Ubuntu and Edubuntu use LTSP-5. THings changes. Files changed. As soon as K12ltsp gets the LTSP-5 integration done, then the file locations should all match. Jim McQuillan jam at Ltsp.org > > --TP > _______________________________ > Do you GNU ? > Microsoft Free since 2003 --the ultimate > antivirus protection! > > > David Trask wrote: >> Hi all, >> >> Let me be your voice. I have a bazillion ideas for things that we need to >> work on for Edubuntu, Open Source, and FOSS in education in general. Not >> many of my ideas are programming so much as marketing, advocacy, support >> and so forth. I'm soliciting ideas from all of you (as an educator/IT >> support person) to bring up for discussion and work at the Ubuntu >> Developers Summit in just over a week (programming ideas welcome as well). >> I will be there and would like to be able to be your "voice". Let's get >> those ideas flowing and I will add them to a wiki page so that specs can >> be generated accordingly. Let 'em rip.... >> >> What are your wishes....what would you like to see added....what would you >> like to see in terms of advocacy and support...what about education >> programs....what needs fixing....what could be made even easier? >> >> David N. Trask >> Technology Teacher/Director >> Vassalboro Community School >> dtrask at vcsvikings.org >> (207)923-3100 >> >> >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From tom.hoffman at gmail.com Wed Oct 17 03:25:23 2007 From: tom.hoffman at gmail.com (Tom Hoffman) Date: Tue, 16 Oct 2007 23:25:23 -0400 Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice In-Reply-To: References: Message-ID: <92de6c880710162025t64ffeda3v9878b4c5bef22dad@mail.gmail.com> On 10/16/07, Accessys at smart.net wrote: > without proper support for Special Ed it will never be able to fully > be used in federally funded programs, including public school systems. The big hurdle here, or at least the first step, is getting a clear specification of what needs to be written (and put on Launchpad.net). --Tom From baci at harborcityschool.org Wed Oct 17 03:48:49 2007 From: baci at harborcityschool.org (Chris Bacigalupo) Date: Tue, 16 Oct 2007 23:48:49 -0400 Subject: [K12OSN] OT: Alice.org In-Reply-To: <1192589773.6221.8.camel@200-TC-TOBRYAN1> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> <1192587921.6221.4.camel@200-TC-TOBRYAN1> <471576BC.1040500@paasda.org> <1192589773.6221.8.camel@200-TC-TOBRYAN1> Message-ID: <1192592929.3859.10.camel@localhost.localdomain> I've had alot of fun teaching blender and blender programming to kids. The blender game engine has matured to the point where it's fairly rapid On Tue, 2007-10-16 at 22:56 -0400, Todd O'Bryan wrote: > The problem I noticed is that my students spent way more time using > trial and error to get all the numbers right to make their animations > look good than they did thinking. > > The new version of Alice is supposed to have more interesting primitives > built in so that students can concentrate more on the sequencing and > problem solving than on the minutiae of getting things to look right. It > should let teachers assign more interesting projects and let students do > more higher level thinking. > > Todd > > On Tue, 2007-10-16 at 19:43 -0700, Huck wrote: > > Todd, for the benefit of those of us who haven't had the chance... > > what things weren't so good that are improving next year? > > > > --Huck > > > > Todd O'Bryan wrote: > > > Wait for the next version, out next year. Alice would make a good intro > > > to programming for middle school, but I didn't like it much when I used > > > it as part of a pre-AP course. > > > > > > On Tue, 2007-10-16 at 21:36 -0400, Peter Hartmann wrote: > > >> I just came across this free(as in beer) educational programming > > >> software at Alice.org developed at Carnegie Melon. Just thought > > >> people might want to be aware of it and also see if anyone has > > >> experience with it, and to know what they thought. It looks pretty > > >> cool to me. > > >> > > >> Peter > > >> > > >> _______________________________________________ > > >> K12OSN mailing list > > >> K12OSN at redhat.com > > >> https://www.redhat.com/mailman/listinfo/k12osn > > >> For more info see > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From meelis at nlib.ee Wed Oct 17 05:12:03 2007 From: meelis at nlib.ee (Meelis) Date: Wed, 17 Oct 2007 08:12:03 +0300 Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let mebe your voice References: Message-ID: <008001c8107c$4167cd10$870d10ac@melka> Hi David! It would be nice to have a working smartcard support on terminals in order to use ID-cards. I have batteled several months now with several distros to make it work but still no luck. There are limited access to support on this topic as well (generally spoken that it's supported on somehow but how, where and when is not specified) so if smartcard support for terminals will be developed (or documented somewhere if it's already done) I would be quite happy :) With respect Meelis --- meelis at nlib.ee ----- Original Message ----- From: "David Trask" To: Cc: Sent: Wednesday, October 17, 2007 4:19 AM Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let mebe your voice > Hi all, > > Let me be your voice. I have a bazillion ideas for things that we need to > work on for Edubuntu, Open Source, and FOSS in education in general. Not > many of my ideas are programming so much as marketing, advocacy, support > and so forth. I'm soliciting ideas from all of you (as an educator/IT > support person) to bring up for discussion and work at the Ubuntu > Developers Summit in just over a week (programming ideas welcome as well). > I will be there and would like to be able to be your "voice". Let's get > those ideas flowing and I will add them to a wiki page so that specs can > be generated accordingly. Let 'em rip.... > > What are your wishes....what would you like to see added....what would you > like to see in terms of advocacy and support...what about education > programs....what needs fixing....what could be made even easier? > > David N. Trask > Technology Teacher/Director > Vassalboro Community School > dtrask at vcsvikings.org > (207)923-3100 > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From dstcyr at shaker.k12.nh.us Wed Oct 17 12:11:59 2007 From: dstcyr at shaker.k12.nh.us (David St Cyr) Date: Wed, 17 Oct 2007 08:11:59 -0400 Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let me be your voice In-Reply-To: References: Message-ID: <4715FC0F.7000205@shaker.k12.nh.us> Good morning, David. this is a little off your topic but I thought I would pick your brain a little about a Moodle alternative--Manhattan Virtual Classroom. Do you know anything about the project. Pros-Cons.... Here in Belmont, we are looking very seriously at something to give the teachers more options for their students and classes. My son at Springfield College told me about MVC so I took a brief look at it. He is enthusiastic about it as this is his 1st trip into the world of a Blackboard/Moodle type experience. Any thoughts on this project? Thanks. David St Cyr Technology Coordinator Shaker Regional School District 58 School Street Belmont, NH 03220 dstcyr at shaker.k12.nh.us 603-267-9223 603-267-9225(FAX) David Trask wrote: > Hi all, > > Let me be your voice. I have a bazillion ideas for things that we need to > work on for Edubuntu, Open Source, and FOSS in education in general. Not > many of my ideas are programming so much as marketing, advocacy, support > and so forth. I'm soliciting ideas from all of you (as an educator/IT > support person) to bring up for discussion and work at the Ubuntu > Developers Summit in just over a week (programming ideas welcome as well). > I will be there and would like to be able to be your "voice". Let's get > those ideas flowing and I will add them to a wiki page so that specs can > be generated accordingly. Let 'em rip.... > > What are your wishes....what would you like to see added....what would you > like to see in terms of advocacy and support...what about education > programs....what needs fixing....what could be made even easier? > > David N. Trask > Technology Teacher/Director > Vassalboro Community School > dtrask at vcsvikings.org > (207)923-3100 > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > From dtrask at vcsvikings.org Wed Oct 17 13:05:38 2007 From: dtrask at vcsvikings.org (David Trask) Date: Wed, 17 Oct 2007 09:05:38 -0400 Subject: [K12OSN] Ideas from you for the Ubuntu Developers Summit...let=?ISO-8859-1?Q? me ?= =?ISO-8859-1?Q? be_?= your In-Reply-To: <47157BFB.9040506@McQuil.com> References: < > <47157666.3090307@cmosnetworks.com> <47157BFB.9040506@McQuil.com> Message-ID: "Support list for open source software in schools." writes: >Terrell Prud? Jr. wrote: >> I would like LTSP files to be in the same places that they are in >> upstream LTSP. K12LTSP does this; Edubuntu does not. > >K12ltsp uses LTSP-4.2. Ubuntu and Edubuntu use LTSP-5. THings changes. > Files changed. > >As soon as K12ltsp gets the LTSP-5 integration done, then the file >locations should all match. > >Jim McQuillan >jam at Ltsp.org Yeah....what he said ;-) David N. Trask Technology Teacher/Director Vassalboro Community School dtrask at vcsvikings.org (207)923-3100 From jkinney at localnetsolutions.com Wed Oct 17 13:48:12 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Wed, 17 Oct 2007 13:48:12 +0000 Subject: [K12OSN] LTSP5 In-Reply-To: <1839.75.91.68.147.1192149702.squirrel@mail.seminole.k12.ga.us> References: <1839.75.91.68.147.1192149702.squirrel@mail.seminole.k12.ga.us> Message-ID: <1192628892.3145.170.camel@merlin.localnetsolutions.com> On Thu, 2007-10-11 at 20:41 -0400, Ronnie Miller wrote: > I'll say this for K12LTSP-5EL, it installs and works better than Version > 6. I ran into several problems installing version 6 that were NOT an issue > in 5EL. It is solid as a rock and I'm really enjoying it. > > Now, if only sound in Flash would work like it's supposed to... Make sure you have the libflashplugin installed and that the /tmp/.esd/socket file exists (a cron job to check and create as needed is recommended - the socket will vanish periodically - flash design bug not a linux bug). > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From nils at breun.nl Wed Oct 17 14:15:08 2007 From: nils at breun.nl (Nils Breunese) Date: Wed, 17 Oct 2007 16:15:08 +0200 Subject: [K12OSN] LTSP5 In-Reply-To: <1192628892.3145.170.camel@merlin.localnetsolutions.com> References: <1839.75.91.68.147.1192149702.squirrel@mail.seminole.k12.ga.us> <1192628892.3145.170.camel@merlin.localnetsolutions.com> Message-ID: <47E32A94-63FE-4EC2-BA83-1C63F5A0E1D5@breun.nl> James P. Kinney III wrote: > On Thu, 2007-10-11 at 20:41 -0400, Ronnie Miller wrote: >> I'll say this for K12LTSP-5EL, it installs and works better than >> Version >> 6. I ran into several problems installing version 6 that were NOT >> an issue >> in 5EL. It is solid as a rock and I'm really enjoying it. >> >> Now, if only sound in Flash would work like it's supposed to... > > Make sure you have the libflashplugin installed I believe you refer to the libflashsupport package? > and that the /tmp/.esd/socket file exists (a cron job to check and > create as > needed is recommended - the socket will vanish periodically - flash > design bug not a linux bug). On our K12LTSP 5EL server I found /etc/cron.hourly/ltsp_esd_hack. This cronjob creates /tmp/.esd/socket when FLASH_SOUND_HACK is set to yes in /etc/sysconfig/k12ltsp. Looking at /etc/sysconfig/k12ltsp I don't see a setting called FLASH_SOUND_HACK, but I do see REMOTE_SOUND_HACKS (set to NO by default). Can someone shed some more light on this? Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From dtrask at vcsvikings.org Wed Oct 17 14:18:11 2007 From: dtrask at vcsvikings.org (David Trask) Date: Wed, 17 Oct 2007 10:18:11 -0400 Subject: [K12OSN] This is great...keep the ideas coming! Message-ID: Great input....keep the ideas coming! I'm adding them to the wiki for discussion at UDS. (Ubuntu Developers summit) I realize that K12LTSP is based on Fedora, but the underlying premise is the same...especially as the newer versions of K12LTSP are working toward LTSP 5. We'll also be meeting after UDS to do some work in the area of Fedora and K12LTSP + LTSP 5. So...let me be your voice! Get these ideas posted on this list and I'll take them and organize 'em. Several great ideas have been posted....let your minds run wild! David N. Trask Technology Teacher/Director Vassalboro Community School dtrask at vcsvikings.org (207)923-3100 From dhuckaby at paasda.org Wed Oct 17 15:35:22 2007 From: dhuckaby at paasda.org (Huck) Date: Wed, 17 Oct 2007 08:35:22 -0700 Subject: [K12OSN] OT: Alice.org In-Reply-To: <1192589773.6221.8.camel@200-TC-TOBRYAN1> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> <1192587921.6221.4.camel@200-TC-TOBRYAN1> <471576BC.1040500@paasda.org> <1192589773.6221.8.camel@200-TC-TOBRYAN1> Message-ID: <47162BBA.7050805@paasda.org> Yay, so after posting my initial reply...I then went home...dl'd Alice as well as StorytimeAlice... went through the meager tutorials they gave... and well...in my opinion it was FAR from teaching programming, and was more of a lesson in sequential step-building(some would argue programming is nothing more than that on a more complex scale). I did see how you meant the students would take more time trying to get their animations LOOKING GOOD(since it is a VISUAL end-product) and dragging and dropping methods to and fro was just the means to the end(the end being a stellar animation! *what the kids ACTUALLY care about*)... honestly Alice looked like more of a, "Johnny, you're done with all of your work? Great! You can go use the computer and make a nice little story of Jack and the Beanstalk using Alice." --Huck Todd O'Bryan wrote: > The problem I noticed is that my students spent way more time using > trial and error to get all the numbers right to make their animations > look good than they did thinking. > > The new version of Alice is supposed to have more interesting primitives > built in so that students can concentrate more on the sequencing and > problem solving than on the minutiae of getting things to look right. It > should let teachers assign more interesting projects and let students do > more higher level thinking. > > Todd > > On Tue, 2007-10-16 at 19:43 -0700, Huck wrote: >> Todd, for the benefit of those of us who haven't had the chance... >> what things weren't so good that are improving next year? >> >> --Huck >> >> Todd O'Bryan wrote: >>> Wait for the next version, out next year. Alice would make a good intro >>> to programming for middle school, but I didn't like it much when I used >>> it as part of a pre-AP course. >>> >>> On Tue, 2007-10-16 at 21:36 -0400, Peter Hartmann wrote: >>>> I just came across this free(as in beer) educational programming >>>> software at Alice.org developed at Carnegie Melon. Just thought >>>> people might want to be aware of it and also see if anyone has >>>> experience with it, and to know what they thought. It looks pretty >>>> cool to me. >>>> >>>> Peter >>>> >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >>> >>> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From rmiller at seminole.k12.ga.us Wed Oct 17 15:31:34 2007 From: rmiller at seminole.k12.ga.us (Ronnie Miller) Date: Wed, 17 Oct 2007 11:31:34 -0400 (EDT) Subject: [K12OSN] Yum updates and Proxy Settings (chapter 2) Message-ID: <55445.10.10.100.1.1192635094.squirrel@mail.seminole.k12.ga.us> I appreciate the help on getting the proxy settings working for yum, but now I've got a new wrinkle in my school network. Not only are we proxying all internet access, but we've now tied our proxy filter to our NDS LDAP server so that everyone has to enter their network user name and password to get internet access. Since this has been put into place, I can't get to any software updates and/or the "Add/Remove Software" menu item. Both give basically the same message: "Unable to retrieve software/update information". Under "Details" is the word "none". I changes the yum.conf file to show the right proxy settings and even added a valid user name and password. I've saved and restarted the server, but still no luck. What am I missing? Here's the entries I have in /etc/yum.conf proxy=http://10.10.100.1:8080 proxy_username=user proxy_password=password Thanks for any help! -- Ronnie Miller Technology Specialist Seminole County Schools 800 S. Woolfork Ave. Donalsonville, GA 39845 229.524.5235 Ext. 227 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From dyoung at mesd.k12.or.us Wed Oct 17 15:47:22 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Wed, 17 Oct 2007 08:47:22 -0700 Subject: [K12OSN] Yum updates and Proxy Settings (chapter 2) In-Reply-To: <55445.10.10.100.1.1192635094.squirrel@mail.seminole.k12.ga.us> References: <55445.10.10.100.1.1192635094.squirrel@mail.seminole.k12.ga.us> Message-ID: <994441ae0710170847j31b039daw9f2bc04ace7264d2@mail.gmail.com> On 10/17/07, Ronnie Miller wrote: > I changes the yum.conf file to show the right proxy settings and even > added a valid user name and password. I've saved and restarted the > server, but still no luck. What am I missing? > > Here's the entries I have in /etc/yum.conf > > proxy=http://10.10.100.1:8080 proxy_username=user > proxy_password=password >From a terminal, can you try: export http_proxy=http://username:password at your_proxy:port/ yum list updates -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From tom.hoffman at gmail.com Wed Oct 17 15:53:38 2007 From: tom.hoffman at gmail.com (Tom Hoffman) Date: Wed, 17 Oct 2007 11:53:38 -0400 Subject: [K12OSN] OT: Alice.org In-Reply-To: <47162BBA.7050805@paasda.org> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> <1192587921.6221.4.camel@200-TC-TOBRYAN1> <471576BC.1040500@paasda.org> <1192589773.6221.8.camel@200-TC-TOBRYAN1> <47162BBA.7050805@paasda.org> Message-ID: <92de6c880710170853r77a0275cx5342a03ef16706cf@mail.gmail.com> On 10/17/07, Huck wrote: > honestly Alice looked like more of a, "Johnny, you're done with all of > your work? Great! You can go use the computer and make a nice little > story of Jack and the Beanstalk using Alice." To be fair, what Alice is designed for is to allow non-prorgrammers at Carnegie Mellon to create 3-d applications. It isn't trivial, but it also is not literally designed to teach programming (it would actually be more correct to say it is designed to NOT teach programming). But it is sophisticated in its own way and scratches the author's itch. There was a proposal written (like, six years ago) by Guido van Rossum (the creator of Python) and others to get funding to create a version of Alice aimed at teaching programming to secondary students, but it never got off the ground. --Tom From willhatch at fayhoneyknoppschool.org Wed Oct 17 19:14:46 2007 From: willhatch at fayhoneyknoppschool.org (willhatch at fayhoneyknoppschool.org) Date: Wed, 17 Oct 2007 12:14:46 -0700 Subject: [K12OSN] wireless Message-ID: <20071017121446.af6af33cab8c3852ebe1fe55c84796fe.a64d1b6f0c.wbe@email.secureserver.net> An HTML attachment was scrubbed... URL: From dyoung at mesd.k12.or.us Wed Oct 17 19:29:08 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Wed, 17 Oct 2007 12:29:08 -0700 Subject: [K12OSN] wireless In-Reply-To: <20071017121446.af6af33cab8c3852ebe1fe55c84796fe.a64d1b6f0c.wbe@email.secureserver.net> References: <20071017121446.af6af33cab8c3852ebe1fe55c84796fe.a64d1b6f0c.wbe@email.secureserver.net> Message-ID: <994441ae0710171229t1500a620ud4660ca7cd3064d@mail.gmail.com> On 10/17/07, willhatch at fayhoneyknoppschool.org wrote: > I have a Dell Inspiron 2200 laptop that I have installed Fedora Core 6 on. > The install went perfect, and now I'm trying to get the wireless going. The > card is a Broadcom Corporation BCM4318 [Airforce One 54G] 802.11 Wireless > Lan Controller. How do I get this thing going? Thanks! yum install bcm43xx-fwcutter less /usr/share/doc/bcm43xx-fwcutter-*/README.Fedora less /usr/share/doc/bcm43xx-fwcutter-*/README -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From brcisna at eazylivin.net Wed Oct 17 20:11:02 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Wed, 17 Oct 2007 15:11:02 -0500 (CDT) Subject: [K12OSN] nfs traffic monitoring Message-ID: <35418.192.168.254.3.1192651862.squirrel@www.eazylivin.net> Levi, We are still using version 6.35 acc reader along with 3-4 other NON renplace apps. Therefor the having to use either TS or run via Wine in K12ltsp server. These are the versions that I believe were shipped on the mayflower:) Does this seem like too much "chatter" on eth0? Thanks, Barry Cisna westcentral school From microman at cmosnetworks.com Thu Oct 18 00:49:14 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Wed, 17 Oct 2007 20:49:14 -0400 Subject: [K12OSN] wireless In-Reply-To: <994441ae0710171229t1500a620ud4660ca7cd3064d@mail.gmail.com> References: <20071017121446.af6af33cab8c3852ebe1fe55c84796fe.a64d1b6f0c.wbe@email.secureserver.net> <994441ae0710171229t1500a620ud4660ca7cd3064d@mail.gmail.com> Message-ID: <4716AD8A.4010100@cmosnetworks.com> Dan Young wrote: > On 10/17/07, willhatch at fayhoneyknoppschool.org > wrote: > >> I have a Dell Inspiron 2200 laptop that I have installed Fedora Core 6 on. >> The install went perfect, and now I'm trying to get the wireless going. The >> card is a Broadcom Corporation BCM4318 [Airforce One 54G] 802.11 Wireless >> Lan Controller. How do I get this thing going? Thanks! >> > > yum install bcm43xx-fwcutter > less /usr/share/doc/bcm43xx-fwcutter-*/README.Fedora > less /usr/share/doc/bcm43xx-fwcutter-*/README > And in the future, avoid any laptops or other computers with that Broadcom junk. If you can replace that wireless card with something else, so much the better. Look for Ralink, Realtek, or Intel wireless instead. I've had to wrestle with that Broadcom crap before. FWCutter does indeed work, but we shouldn't have to do it. Vote with your wallet. It works. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From toddobryan at mac.com Thu Oct 18 02:17:25 2007 From: toddobryan at mac.com (Todd O'Bryan) Date: Wed, 17 Oct 2007 22:17:25 -0400 Subject: [K12OSN] OT: Alice.org In-Reply-To: <92de6c880710170853r77a0275cx5342a03ef16706cf@mail.gmail.com> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> <1192587921.6221.4.camel@200-TC-TOBRYAN1> <471576BC.1040500@paasda.org> <1192589773.6221.8.camel@200-TC-TOBRYAN1> <47162BBA.7050805@paasda.org> <92de6c880710170853r77a0275cx5342a03ef16706cf@mail.gmail.com> Message-ID: <1192673845.6221.17.camel@200-TC-TOBRYAN1> On Wed, 2007-10-17 at 11:53 -0400, Tom Hoffman wrote: > On 10/17/07, Huck wrote: > > > honestly Alice looked like more of a, "Johnny, you're done with all of > > your work? Great! You can go use the computer and make a nice little > > story of Jack and the Beanstalk using Alice." > > To be fair, what Alice is designed for is to allow non-prorgrammers at > Carnegie Mellon to create 3-d applications. It isn't trivial, but it > also is not literally designed to teach programming (it would actually > be more correct to say it is designed to NOT teach programming). But > it is sophisticated in its own way and scratches the author's itch. > > There was a proposal written (like, six years ago) by Guido van Rossum > (the creator of Python) and others to get funding to create a version > of Alice aimed at teaching programming to secondary students, but it > never got off the ground. > Actually, they market it as an alternative to CS1 and many colleges use it for that. The book produced by the team is called "Learning to Program with Alice." To be fair, you can do things like recursion, create lists of objects, event-driven programming, and other interesting topics, so it's far more than just a toy, and they do have some good data that show it's effective at retaining students into later CS classes than traditional intro courses. And the Alice team got a *HUGE* NSF grant to promote it as a new CS1 alternative. Todd From sbarar at gmail.com Thu Oct 18 02:17:42 2007 From: sbarar at gmail.com (Sudev Barar) Date: Thu, 18 Oct 2007 07:47:42 +0530 Subject: [Possible thread hijack?] Re: [K12OSN] This is great...keep the ideas coming! In-Reply-To: References: Message-ID: <774593a20710171917v74594dek985f5cc0a63f36b7@mail.gmail.com> On 17/10/2007, David Trask wrote: > I'll take them and organize 'em. Several great ideas have been > posted....let your minds run wild! > OT on development but an idea to be considered all the same: Can there be a repository of all content developed by teachers willing to share under GPL/CC licensing? Things could be organised in wiki + SVN type of listing. This way instead of teachers looking at FOSS movement having to cope with learning curve AND content development can first concentrate on learning curve of dealing with linux and desktop while at the same time having q library of (almost) ready to use lessons. Will make the whole FOSS migration even more attractive. I must say I am not an educator but just a peripheral supporter to organisations doing work in this area. -- Regards, Sudev Barar From tom.hoffman at gmail.com Thu Oct 18 02:53:48 2007 From: tom.hoffman at gmail.com (Tom Hoffman) Date: Wed, 17 Oct 2007 22:53:48 -0400 Subject: [K12OSN] OT: Alice.org In-Reply-To: <1192673845.6221.17.camel@200-TC-TOBRYAN1> References: <9bd317560710161836y535fa6e7k4ac9fbe56b1335d@mail.gmail.com> <1192587921.6221.4.camel@200-TC-TOBRYAN1> <471576BC.1040500@paasda.org> <1192589773.6221.8.camel@200-TC-TOBRYAN1> <47162BBA.7050805@paasda.org> <92de6c880710170853r77a0275cx5342a03ef16706cf@mail.gmail.com> <1192673845.6221.17.camel@200-TC-TOBRYAN1> Message-ID: <92de6c880710171953s1451d0adl549531b99d93fa60@mail.gmail.com> On 10/17/07, Todd O'Bryan wrote: > On Wed, 2007-10-17 at 11:53 -0400, Tom Hoffman wrote: > > On 10/17/07, Huck wrote: > > > > > honestly Alice looked like more of a, "Johnny, you're done with all of > > > your work? Great! You can go use the computer and make a nice little > > > story of Jack and the Beanstalk using Alice." > > > > To be fair, what Alice is designed for is to allow non-prorgrammers at > > Carnegie Mellon to create 3-d applications. It isn't trivial, but it > > also is not literally designed to teach programming (it would actually > > be more correct to say it is designed to NOT teach programming). But > > it is sophisticated in its own way and scratches the author's itch. > > > > There was a proposal written (like, six years ago) by Guido van Rossum > > (the creator of Python) and others to get funding to create a version > > of Alice aimed at teaching programming to secondary students, but it > > never got off the ground. > > > Actually, they market it as an alternative to CS1 and many colleges use > it for that. The book produced by the team is called "Learning to > Program with Alice." To be fair, you can do things like recursion, > create lists of objects, event-driven programming, and other interesting > topics, so it's far more than just a toy, and they do have some good > data that show it's effective at retaining students into later CS > classes than traditional intro courses. > > And the Alice team got a *HUGE* NSF grant to promote it as a new CS1 > alternative. I guess I haven't been keeping up... --Tom From willhatch at fayhoneyknoppschool.org Thu Oct 18 08:40:27 2007 From: willhatch at fayhoneyknoppschool.org (willhatch at fayhoneyknoppschool.org) Date: Thu, 18 Oct 2007 01:40:27 -0700 Subject: [K12OSN] wireless Message-ID: <20071018014027.af6af33cab8c3852ebe1fe55c84796fe.2343f83580.wbe@email.secureserver.net> An HTML attachment was scrubbed... URL: From nils at breun.nl Thu Oct 18 09:54:23 2007 From: nils at breun.nl (Nils Breunese) Date: Thu, 18 Oct 2007 11:54:23 +0200 Subject: [K12OSN] wireless In-Reply-To: <20071017121446.af6af33cab8c3852ebe1fe55c84796fe.a64d1b6f0c.wbe@email.secureserver.net> References: <20071017121446.af6af33cab8c3852ebe1fe55c84796fe.a64d1b6f0c.wbe@email.secureserver.net> Message-ID: <7F860F8E-F887-4BF1-B022-6C7AE4E514F5@breun.nl> willhatch at fayhoneyknoppschool.org wrote: > I have a Dell Inspiron 2200 laptop that I have installed Fedora > Core 6 on. You might want to look into upgrading soon, as Fedora Core 6 will go EOL shortly after Fedora 8 is released (early November). Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From julius at turtle.com Thu Oct 18 12:24:39 2007 From: julius at turtle.com (Julius Szelagiewicz) Date: Thu, 18 Oct 2007 08:24:39 -0400 (EDT) Subject: [K12OSN] wireless In-Reply-To: <4716AD8A.4010100@cmosnetworks.com> Message-ID: On Wed, 17 Oct 2007, [ISO-8859-1] "Terrell Prud? Jr." wrote: > Dan Young wrote: > > On 10/17/07, willhatch at fayhoneyknoppschool.org > > wrote: > > > >> I have a Dell Inspiron 2200 laptop that I have installed Fedora Core 6 on. > >> The install went perfect, and now I'm trying to get the wireless going. The > >> card is a Broadcom Corporation BCM4318 [Airforce One 54G] 802.11 Wireless > >> Lan Controller. How do I get this thing going? Thanks! > >> > > > > yum install bcm43xx-fwcutter > > less /usr/share/doc/bcm43xx-fwcutter-*/README.Fedora > > less /usr/share/doc/bcm43xx-fwcutter-*/README > > > > And in the future, avoid any laptops or other computers with that > Broadcom junk. If you can replace that wireless card with something > else, so much the better. Look for Ralink, Realtek, or Intel wireless > instead. > > I've had to wrestle with that Broadcom crap before. FWCutter does > indeed work, but we shouldn't have to do it. > > Vote with your wallet. It works. > > --TP > Terrel, I'm not so sure about Intel - I've been trying to get the 3945ABG to work for about a year now, to no avail. julius From willhatch at fayhoneyknoppschool.org Thu Oct 18 13:28:39 2007 From: willhatch at fayhoneyknoppschool.org (willhatch at fayhoneyknoppschool.org) Date: Thu, 18 Oct 2007 06:28:39 -0700 Subject: [K12OSN] wireless Message-ID: <20071018062839.af6af33cab8c3852ebe1fe55c84796fe.08b3131988.wbe@email.secureserver.net> An HTML attachment was scrubbed... URL: From simpsond at leopards.k12.ar.us Thu Oct 18 13:30:42 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Thu, 18 Oct 2007 08:30:42 -0500 Subject: [K12OSN] CDA CD Audio files Message-ID: <471719B2.550C.0078.0@leopards.k12.ar.us> Is there any linux-based programs that will take wav, mp3 or any other audio format and convert it to cda or CD Audio to be burned onto a CD and played in a regular CD player? Thanks. Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us From simpsond at leopards.k12.ar.us Thu Oct 18 13:31:46 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Thu, 18 Oct 2007 08:31:46 -0500 Subject: [K12OSN] wireless In-Reply-To: <20071018062839.af6af33cab8c3852ebe1fe55c84796fe.08b3131988.wbe@email.secureserver.net> References: <20071018062839.af6af33cab8c3852ebe1fe55c84796fe.08b3131988.wbe@email.secureserver.net> Message-ID: <471719F2.550C.0078.0@leopards.k12.ar.us> Did you follow the rest of the instructions to go read the README files? Perhaps your answer is in there? Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us >>> 10/18/2007 8:28 AM >>> I followed the instructions to download the driver through Yum, and it installed properly. Now what? When I go to system/applications/network, and try to activate the wireless, it says it can't determine the ip address - to check to see if the cable is connected. Arrrrrrrrrrr! -------- Original Message -------- From: "Dan Young" Date: Wed, October 17, 2007 12:29 pm To: "Support list for open source software in schools." On 10/17/07, willhatch at fayhoneyknoppschool.org ( http://email.secureserver.net/pcompose.php#Compose ) wrote: > I have a Dell Inspiron 2200 laptop that I have installed Fedora Core 6 on. > The install went perfect, and now I'm trying to get the wireless going. The > card is a Broadcom Corporation BCM4318 [Airforce One 54G] 802.11 Wireless > Lan Controller. How do I get this thing going? Thanks! yum install bcm43xx-fwcutter less /usr/share/doc/bcm43xx-fwcutter-*/README.Fedora less /usr/share/doc/bcm43xx-fwcutter-*/README -- Dan Young Multnomah ESD - Technology Services 503-257-1562 _______________________________________________ K12OSN mailing list K12OSN at redhat.com ( http://email.secureserver.net/pcompose.php#Compose ) https://www.redhat.com/mailman/listinfo/k12osn For more info see From thewhitmers at gmail.com Thu Oct 18 13:38:38 2007 From: thewhitmers at gmail.com (David Whitmer) Date: Thu, 18 Oct 2007 09:38:38 -0400 Subject: [K12OSN] CDA CD Audio files In-Reply-To: <471719B2.550C.0078.0@leopards.k12.ar.us> References: <471719B2.550C.0078.0@leopards.k12.ar.us> Message-ID: On 10/18/07, Doug Simpson wrote: > Is there any linux-based programs that will take wav, mp3 or any other > audio format and convert it to cda or CD Audio to be burned onto a CD and > played in a regular CD player? > > Thanks. > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > > Check out K3b. I use it all the time. David Whitmer Director of Media & Technology Calvary Schools of Holland (Michigan) web: www.calvaryschoolsholland.org personal email: thewhitmers at gmail.com school email: david.whitmer at cshk12.org -------------- next part -------------- An HTML attachment was scrubbed... URL: From fastxr at gmail.com Thu Oct 18 14:19:01 2007 From: fastxr at gmail.com (Vince Callaway) Date: Thu, 18 Oct 2007 07:19:01 -0700 Subject: [K12OSN] CDA CD Audio files In-Reply-To: <471719B2.550C.0078.0@leopards.k12.ar.us> References: <471719B2.550C.0078.0@leopards.k12.ar.us> Message-ID: <1192717141.6645.1.camel@vince-dell17> On Thu, 2007-10-18 at 08:30 -0500, Doug Simpson wrote: > Is there any linux-based programs that will take wav, mp3 or any other audio format and convert it to cda or CD Audio to be burned onto a CD and played in a regular CD player? I use Exaile with the Serpentine plugin. Create a playlist and click the burn CD icon. Works great. From dyoung at mesd.k12.or.us Thu Oct 18 15:26:27 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Thu, 18 Oct 2007 08:26:27 -0700 Subject: [K12OSN] wireless In-Reply-To: References: <4716AD8A.4010100@cmosnetworks.com> Message-ID: <994441ae0710180826i5c71753dp5777e2df9ed91fd9@mail.gmail.com> On 10/18/07, Julius Szelagiewicz wrote: > I'm not so sure about Intel - I've been trying to get the 3945ABG > to work for about a year now, to no avail. The Intel wireless were "in flux" for the last year while all the mac80211 common wireless infrastructure got sorted out. The iwl3945 was one of the first to use it, IIRC. Should be _much_ better in Fedora 8. -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From microman at cmosnetworks.com Thu Oct 18 15:50:12 2007 From: microman at cmosnetworks.com (=?UTF-8?B?IlRlcnJlbGwgUHJ1ZMOpIEpyLiI=?=) Date: Thu, 18 Oct 2007 11:50:12 -0400 Subject: [K12OSN] wireless In-Reply-To: References: Message-ID: <471780B4.9060205@cmosnetworks.com> Julius Szelagiewicz wrote: > On Wed, 17 Oct 2007, [ISO-8859-1] "Terrell Prud? Jr." wrote: > > >> Dan Young wrote: >> >>> On 10/17/07, willhatch at fayhoneyknoppschool.org >>> wrote: >>> >>> >>>> I have a Dell Inspiron 2200 laptop that I have installed Fedora Core 6 on. >>>> The install went perfect, and now I'm trying to get the wireless going. The >>>> card is a Broadcom Corporation BCM4318 [Airforce One 54G] 802.11 Wireless >>>> Lan Controller. How do I get this thing going? Thanks! >>>> >>>> >>> yum install bcm43xx-fwcutter >>> less /usr/share/doc/bcm43xx-fwcutter-*/README.Fedora >>> less /usr/share/doc/bcm43xx-fwcutter-*/README >>> >>> >> And in the future, avoid any laptops or other computers with that >> Broadcom junk. If you can replace that wireless card with something >> else, so much the better. Look for Ralink, Realtek, or Intel wireless >> instead. >> >> I've had to wrestle with that Broadcom crap before. FWCutter does >> indeed work, but we shouldn't have to do it. >> >> Vote with your wallet. It works. >> >> --TP >> >> > Terrel, > I'm not so sure about Intel - I've been trying to get the 3945ABG > to work for about a year now, to no avail. > julius > > You're right about the 3945, and I should've mentioned that. Intel makes it difficult for reasons rather similar to that for Broadcom. I'd stay away from those as well. The other Intel wireless chips, i. e. pre-3945, work great, though. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From microman at cmosnetworks.com Thu Oct 18 15:55:13 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Thu, 18 Oct 2007 11:55:13 -0400 Subject: [K12OSN] CDA CD Audio files In-Reply-To: <471719B2.550C.0078.0@leopards.k12.ar.us> References: <471719B2.550C.0078.0@leopards.k12.ar.us> Message-ID: <471781E1.4080404@cmosnetworks.com> Sox will do it. So will MPlayer. I've used both, and both work great. Actually, if your files are already in WAV format, you don't need to do anything else to 'em. You can just run cdrecord (and therefore any front-ends like K3b) on them directly. MP3's, OGG's, and so on, I just convert to regular ol' WAV first. --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! Doug Simpson wrote: > Is there any linux-based programs that will take wav, mp3 or any other audio format and convert it to cda or CD Audio to be burned onto a CD and played in a regular CD player? > > Thanks. > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mrjohnlucas at gmail.com Thu Oct 18 16:48:47 2007 From: mrjohnlucas at gmail.com (John Lucas) Date: Thu, 18 Oct 2007 12:48:47 -0400 Subject: [K12OSN] wireless In-Reply-To: References: Message-ID: <200710181248.48370.MrJohnLucas@gmail.com> On Thursday 18 October 2007 08:24, Julius Szelagiewicz wrote: > > Terrel, > I'm not so sure about Intel - I've been trying to get the 3945ABG > to work for about a year now, to no avail. > julius > I was able to get my Intel 3945abg working on my Inspiron 6400 with Fedora Core 6 by adapting this howto: http://www.mabula.net/dell_inspiron_6400.html It works with WPA PSK and WPA Enterprise (using networkmanager). One upgrade of (as I recall) the dkms-ipw3945 package managed to break it, so I had to revert to these versions: ipw3945-firmware-1.13-1 dkms-ipw3945-1.2.0-1 ipw3945d-1.7.22-4 -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From simpsond at leopards.k12.ar.us Thu Oct 18 17:33:08 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Thu, 18 Oct 2007 12:33:08 -0500 Subject: [K12OSN] Script for checking if servers are up. Message-ID: <47175284.550C.0078.0@leopards.k12.ar.us> I am trying to make a script that will ping servers and if they are down, send a message. If they are up it won't send a message. The problem I am having is if there are more than one, it won't work. Here is a sample of my script: **********sample begins below************* while (true) do sleep 30 if ping -i 3 -c 3 192.168.0.222 then continue else echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net break fi done **********sample ends above*************** If I add a second (or more) to it, it fails to work properly. **********broken sample begins below******** while (true) do sleep 30 if ping -i 3 -c 3 192.168.0.222 then continue else echo "192.168.0.222 down!" | mail -s "222 down" me at here.there break fi if ping -i 3 -c 3 192.168.0.223 then continue else echo "192.168.0.223 down!" |mail -s "223 down" me at here.there done ***********broken sample ends above************** Obviously a bogus email address, but it is for reference. Any ideas? Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us From rowens at bio-chemvalve.com Thu Oct 18 17:34:55 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Thu, 18 Oct 2007 13:34:55 -0400 Subject: [K12OSN] CDA CD Audio files In-Reply-To: <471719B2.550C.0078.0@leopards.k12.ar.us> References: <471719B2.550C.0078.0@leopards.k12.ar.us> Message-ID: <4717993F.7040304@bio-chemvalve.com> Gnomebaker works, at least in converting ogg files to cda. It probably will do other formats as long as the proper codecs are installed (it uses the gstreamer codecs, I believe). -Rob Doug Simpson wrote: > Is there any linux-based programs that will take wav, mp3 or any other audio format and convert it to cda or CD Audio to be burned onto a CD and played in a regular CD player? > > Thanks. > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From dhuckaby at paasda.org Thu Oct 18 17:44:37 2007 From: dhuckaby at paasda.org (Huck) Date: Thu, 18 Oct 2007 10:44:37 -0700 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175284.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> Message-ID: <47179B85.3070800@paasda.org> throw in a 'foreach' ? and list your IP addresses? I don't know 'script syntax'... but that is what I'd do.. in Ruby thinking anyway. --Huck Doug Simpson wrote: > I am trying to make a script that will ping servers and if they are down, send a message. If they are up it won't send a message. > > The problem I am having is if there are more than one, it won't work. > > Here is a sample of my script: > **********sample begins below************* > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > break > fi > done > **********sample ends above*************** > > > If I add a second (or more) to it, it fails to work properly. > **********broken sample begins below******** > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > break > fi > if ping -i 3 -c 3 192.168.0.223 > then > continue > else > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > done > ***********broken sample ends above************** > > Obviously a bogus email address, but it is for reference. > Any ideas? > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From dhuckaby at paasda.org Thu Oct 18 17:46:52 2007 From: dhuckaby at paasda.org (Huck) Date: Thu, 18 Oct 2007 10:46:52 -0700 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175284.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> Message-ID: <47179C0C.3060302@paasda.org> double-replying.. $list = 192.168.0.222,192.168.0.223 for $x in $list do sleep 30 if ping -i 3 -c 3 $x then continue else echo "$x down!" | mail -s "222 down" veewee777 at alltel.net break fi done something like that? Doug Simpson wrote: > I am trying to make a script that will ping servers and if they are down, send a message. If they are up it won't send a message. > > The problem I am having is if there are more than one, it won't work. > > Here is a sample of my script: > **********sample begins below************* > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > break > fi > done > **********sample ends above*************** > > > If I add a second (or more) to it, it fails to work properly. > **********broken sample begins below******** > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > break > fi > if ping -i 3 -c 3 192.168.0.223 > then > continue > else > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > done > ***********broken sample ends above************** > > Obviously a bogus email address, but it is for reference. > Any ideas? > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From roger.in.eugene at gmail.com Thu Oct 18 17:41:45 2007 From: roger.in.eugene at gmail.com (Roger) Date: Thu, 18 Oct 2007 10:41:45 -0700 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175284.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> Message-ID: <69b790a80710181041m4492891hac21a511b266fee9@mail.gmail.com> On 10/18/07, Doug Simpson wrote: > I am trying to make a script that will ping servers and if they are down, send a message. If they are up it won't send a message. > How many servers? I'd just create a batch script for each one. actually, I'd install something like BigBrother and just use that. You don't have to install bigbrother on each server, you can just run ping tests from your desktop. -- Roger From dahopkins429 at gmail.com Thu Oct 18 17:43:58 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Thu, 18 Oct 2007 13:43:58 -0400 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47179C0C.3060302@paasda.org> References: <47175284.550C.0078.0@leopards.k12.ar.us> <47179C0C.3060302@paasda.org> Message-ID: That is what I would try, but are all your servers on the same 192.168subnet? If they have 2 NIC's, shouldn't you be using the other interfaces IP address instead of the one used for the thin clients? On 10/18/07, Huck wrote: > > double-replying.. > > $list = 192.168.0.222,192.168.0.223 > > for $x in $list > do > sleep 30 > if ping -i 3 -c 3 $x > then continue > else > echo "$x down!" | mail -s "222 down" veewee777 at alltel.net > break > fi > done > > > > > something like that? > > > Doug Simpson wrote: > > I am trying to make a script that will ping servers and if they are > down, send a message. If they are up it won't send a message. > > > > The problem I am having is if there are more than one, it won't work. > > > > Here is a sample of my script: > > **********sample begins below************* > > while (true) > > do > > sleep 30 > > if ping -i 3 -c 3 192.168.0.222 > > then > > continue > > else > > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > > break > > fi > > done > > **********sample ends above*************** > > > > > > If I add a second (or more) to it, it fails to work properly. > > **********broken sample begins below******** > > while (true) > > do > > sleep 30 > > if ping -i 3 -c 3 192.168.0.222 > > then > > continue > > else > > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > > break > > fi > > if ping -i 3 -c 3 192.168.0.223 > > then > > continue > > else > > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > > done > > ***********broken sample ends above************** > > > > Obviously a bogus email address, but it is for reference. > > Any ideas? > > > > Doug > > > > Doug Simpson > > Technology Specialist > > De Queen Public Schools > > De Queen, AR > > simpsond at leopards.k12.ar.us > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From roger.in.eugene at gmail.com Thu Oct 18 17:44:10 2007 From: roger.in.eugene at gmail.com (Roger) Date: Thu, 18 Oct 2007 10:44:10 -0700 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47179C0C.3060302@paasda.org> References: <47175284.550C.0078.0@leopards.k12.ar.us> <47179C0C.3060302@paasda.org> Message-ID: <69b790a80710181044v479e6016h1be33ae81a066f0c@mail.gmail.com> Uh, would that send an email each time it checks and the server is down? or would the break cause the whole script to quit working? On 10/18/07, Huck wrote: > double-replying.. > > $list = 192.168.0.222,192.168.0.223 > -- Roger ~~~~//~~~~ low cost web hosting: http://www.dreamhost.com/r.cgi?91357 From rasher at paragould.k12.ar.us Thu Oct 18 17:49:46 2007 From: rasher at paragould.k12.ar.us (Rob Asher) Date: Thu, 18 Oct 2007 12:49:46 -0500 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175284.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> Message-ID: <4717566B.0172.0037.0@paragould.k12.ar.us> You might like this: http://sourceforge.net/project/showfiles.php?group_id=175575 HTH, Rob ------------------------------------- Rob Asher Network Systems Technician Paragould School District (870)236-7744 Ext. 169 >>> "Doug Simpson" 10/18/2007 12:33 pm >>> I am trying to make a script that will ping servers and if they are down, send a message. If they are up it won't send a message. The problem I am having is if there are more than one, it won't work. Here is a sample of my script: **********sample begins below************* while (true) do sleep 30 if ping -i 3 -c 3 192.168.0.222 then continue else echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net break fi done **********sample ends above*************** If I add a second (or more) to it, it fails to work properly. **********broken sample begins below******** while (true) do sleep 30 if ping -i 3 -c 3 192.168.0.222 then continue else echo "192.168.0.222 down!" | mail -s "222 down" me at here.there break fi if ping -i 3 -c 3 192.168.0.223 then continue else echo "192.168.0.223 down!" |mail -s "223 down" me at here.there done ***********broken sample ends above************** Obviously a bogus email address, but it is for reference. Any ideas? Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -- This message has been scanned for viruses and dangerous content by The MailScanner at the Paragould School District, http://paragould.k12.ar.us, and is believed to be clean. From craig at tobyhouse.com Thu Oct 18 17:56:01 2007 From: craig at tobyhouse.com (Craig White) Date: Thu, 18 Oct 2007 10:56:01 -0700 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175284.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> Message-ID: <1192730161.17591.5.camel@cube.tobyhouse.com> On Thu, 2007-10-18 at 12:33 -0500, Doug Simpson wrote: > I am trying to make a script that will ping servers and if they are down, send a message. If they are up it won't send a message. > > The problem I am having is if there are more than one, it won't work. > > Here is a sample of my script: > **********sample begins below************* > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > break > fi > done > **********sample ends above*************** > > > If I add a second (or more) to it, it fails to work properly. > **********broken sample begins below******** > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > break > fi > if ping -i 3 -c 3 192.168.0.223 > then > continue > else > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > done > ***********broken sample ends above************** > > Obviously a bogus email address, but it is for reference. > Any ideas? ---- webmin has all sorts of monitoring available built-in. See System and Server status under 'Others' -- Craig White From simpsond at leopards.k12.ar.us Thu Oct 18 18:11:25 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Thu, 18 Oct 2007 13:11:25 -0500 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: References: <47175284.550C.0078.0@leopards.k12.ar.us> <47179C0C.3060302@paasda.org> Message-ID: <47175B7C.550C.0078.0@leopards.k12.ar.us> Thanks to all for the replies. I guess I should clarify what I am attempting to do here. I looked at the programs and etc submitted by all of you and while they are probably good at what they do, they don't do what I am wanting to do. The references in the script I submitted are for reference only. IP addresses are not actual and are actually the servers are on several campuses, several LANs and some are even over a WAN. I can ping all of the servers I want to use this for from the one I want to run the script on. When I complete the script and get it running properly, the |mail -s "222 is down" me at here.there will be substituted with something like: |festival --tts and festival has a hard time speaking IP addresses. The script will audibly announce the name of the server that is down. This script will be run from a linux server that is on all the time, and the script will run in the background whether anyone is logged in or not.If a server goes down (ie a ping test fails) it will audibly say something like "Please check Room tewnty seven's server. It appears to be down." No one must be logged in and watching the script run. It just does it's thing silently until it detects a down server. If the script runs continuously in a loop, it will keep repeating the message every trip through the script until the problem is corrected. Kinda funny, but I find the audible messages are GREAT for monitoring things. If all is well, he's quiet. If there are problems, he lets you know about it. I have done similar things with simple cron jobs, but the script will be better in this instance, I think. Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us >>> "David Hopkins" 10/18/2007 12:43 PM >>> That is what I would try, but are all your servers on the same 192.168subnet? If they have 2 NIC's, shouldn't you be using the other interfaces IP address instead of the one used for the thin clients? On 10/18/07, Huck wrote: > > double-replying.. > > $list = 192.168.0.222,192.168.0.223 > > for $x in $list > do > sleep 30 > if ping -i 3 -c 3 $x > then continue > else > echo "$x down!" | mail -s "222 down" veewee777 at alltel.net > break > fi > done > > > > > something like that? > > > Doug Simpson wrote: > > I am trying to make a script that will ping servers and if they are > down, send a message. If they are up it won't send a message. > > > > The problem I am having is if there are more than one, it won't work. > > > > Here is a sample of my script: > > **********sample begins below************* > > while (true) > > do > > sleep 30 > > if ping -i 3 -c 3 192.168.0.222 > > then > > continue > > else > > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > > break > > fi > > done > > **********sample ends above*************** > > > > > > If I add a second (or more) to it, it fails to work properly. > > **********broken sample begins below******** > > while (true) > > do > > sleep 30 > > if ping -i 3 -c 3 192.168.0.222 > > then > > continue > > else > > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > > break > > fi > > if ping -i 3 -c 3 192.168.0.223 > > then > > continue > > else > > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > > done > > ***********broken sample ends above************** > > > > Obviously a bogus email address, but it is for reference. > > Any ideas? > > > > Doug > > > > Doug Simpson > > Technology Specialist > > De Queen Public Schools > > De Queen, AR > > simpsond at leopards.k12.ar.us > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jkinney at localnetsolutions.com Thu Oct 18 19:12:03 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 18 Oct 2007 15:12:03 -0400 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175284.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> Message-ID: <1192734723.3960.60.camel@merlin.localnetsolutions.com> for address in `cat addresslistfile.txt` do isdown=`ping -c 1 -n $address|sed -e 's/\-\-\-//g'| grep -c "0 received"` if [ "$isdown" = "1" ] then now=`date` echo "$address is down at $now" | mail -s "$address down" my at me.org fi done The addresslistfile.txt is a simple IP address list with one per line and no blank line at the end. On Thu, 2007-10-18 at 12:33 -0500, Doug Simpson wrote: > I am trying to make a script that will ping servers and if they are down, send a message. If they are up it won't send a message. > > The problem I am having is if there are more than one, it won't work. > > Here is a sample of my script: > **********sample begins below************* > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > break > fi > done > **********sample ends above*************** > > > If I add a second (or more) to it, it fails to work properly. > **********broken sample begins below******** > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > break > fi > if ping -i 3 -c 3 192.168.0.223 > then > continue > else > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > done > ***********broken sample ends above************** > > Obviously a bogus email address, but it is for reference. > Any ideas? > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From dyioulos at firstbhph.com Thu Oct 18 19:29:52 2007 From: dyioulos at firstbhph.com (Dimitri Yioulos) Date: Thu, 18 Oct 2007 15:29:52 -0400 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175B7C.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> <47175B7C.550C.0078.0@leopards.k12.ar.us> Message-ID: <200710181529.53277.dyioulos@firstbhph.com> On Thursday 18 October 2007 2:11 pm, Doug Simpson wrote: > Thanks to all for the replies. I guess I should clarify what I am > attempting to do here. > > I looked at the programs and etc submitted by all of you and while they are > probably good at what they do, they don't do what I am wanting to do. The > references in the script I submitted are for reference only. IP addresses > are not actual and are actually the servers are on several campuses, > several LANs and some are even over a WAN. I can ping all of the servers I > want to use this for from the one I want to run the script on. > > When I complete the script and get it running properly, the |mail -s "222 is down" me at here.there will be substituted with something like: > |festival --tts and festival has a hard time speaking IP addresses. The > | script will audibly announce the name of the server that is down. > > This script will be run from a linux server that is on all the time, and > the script will run in the background whether anyone is logged in or not.If > a server goes down (ie a ping test fails) it will audibly say something > like "Please check Room tewnty seven's server. It appears to be down." No > one must be logged in and watching the script run. It just does it's thing > silently until it detects a down server. If the script runs continuously in > a loop, it will keep repeating the message every trip through the script > until the problem is corrected. > > Kinda funny, but I find the audible messages are GREAT for monitoring > things. If all is well, he's quiet. If there are problems, he lets you know > about it. I have done similar things with simple cron jobs, but the script > will be better in this instance, I think. > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > >>> "David Hopkins" 10/18/2007 12:43 PM >>> > > That is what I would try, but are all your servers on the same > 192.168subnet? If they have 2 NIC's, shouldn't you be using the other > interfaces IP > address instead of the one used for the thin clients? > > On 10/18/07, Huck wrote: > > double-replying.. > > > > $list = 192.168.0.222,192.168.0.223 > > > > for $x in $list > > do > > sleep 30 > > if ping -i 3 -c 3 $x > > then continue > > else > > echo "$x down!" | mail -s "222 down" veewee777 at alltel.net > > break > > fi > > done > > > > > > > > > > something like that? > > > > Doug Simpson wrote: > > > I am trying to make a script that will ping servers and if they are > > > > down, send a message. If they are up it won't send a message. > > > > > The problem I am having is if there are more than one, it won't work. > > > > > > Here is a sample of my script: > > > **********sample begins below************* > > > while (true) > > > do > > > sleep 30 > > > if ping -i 3 -c 3 192.168.0.222 > > > then > > > continue > > > else > > > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > > > break > > > fi > > > done > > > **********sample ends above*************** > > > > > > > > > If I add a second (or more) to it, it fails to work properly. > > > **********broken sample begins below******** > > > while (true) > > > do > > > sleep 30 > > > if ping -i 3 -c 3 192.168.0.222 > > > then > > > continue > > > else > > > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > > > break > > > fi > > > if ping -i 3 -c 3 192.168.0.223 > > > then > > > continue > > > else > > > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > > > done > > > ***********broken sample ends above************** > > > > > > Obviously a bogus email address, but it is for reference. > > > Any ideas? > > > > > > Doug > > > > > > Doug Simpson > > > Technology Specialist > > > De Queen Public Schools > > > De Queen, AR > > > simpsond at leopards.k12.ar.us > > > #!/bin/bash cat hostlist | while read line do pingcount=$(ping -c 1 $line |grep received|awk -F',' '{print $2}'| awk '{print $1}') if [ $pingcount -eq 0 ]; then echo "$line is unreachable. Please check, and reboot, if necessary"| mail -s "$line unreachable" myaddress at mydomain.com fi done "hostlist can be the ip addresses or hostnames of your servers. Dimitri -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From dyioulos at firstbhph.com Thu Oct 18 19:35:25 2007 From: dyioulos at firstbhph.com (Dimitri Yioulos) Date: Thu, 18 Oct 2007 15:35:25 -0400 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <200710181529.53277.dyioulos@firstbhph.com> References: <47175284.550C.0078.0@leopards.k12.ar.us> <47175B7C.550C.0078.0@leopards.k12.ar.us> <200710181529.53277.dyioulos@firstbhph.com> Message-ID: <200710181535.26163.dyioulos@firstbhph.com> On Thursday 18 October 2007 3:29 pm, Dimitri Yioulos wrote: > On Thursday 18 October 2007 2:11 pm, Doug Simpson wrote: > > Thanks to all for the replies. I guess I should clarify what I am > > attempting to do here. > > > > I looked at the programs and etc submitted by all of you and while they > > are probably good at what they do, they don't do what I am wanting to do. > > The references in the script I submitted are for reference only. IP > > addresses are not actual and are actually the servers are on several > > campuses, several LANs and some are even over a WAN. I can ping all of > > the servers I want to use this for from the one I want to run the script > > on. > > > > When I complete the script and get it running properly, the |mail -s "222 > > is > > down" me at here.there will be substituted with something like: > > |festival --tts and festival has a hard time speaking IP addresses. The > > | script will audibly announce the name of the server that is down. > > > > This script will be run from a linux server that is on all the time, and > > the script will run in the background whether anyone is logged in or > > not.If a server goes down (ie a ping test fails) it will audibly say > > something like "Please check Room tewnty seven's server. It appears to be > > down." No one must be logged in and watching the script run. It just does > > it's thing silently until it detects a down server. If the script runs > > continuously in a loop, it will keep repeating the message every trip > > through the script until the problem is corrected. > > > > Kinda funny, but I find the audible messages are GREAT for monitoring > > things. If all is well, he's quiet. If there are problems, he lets you > > know about it. I have done similar things with simple cron jobs, but the > > script will be better in this instance, I think. > > > > Doug Simpson > > Technology Specialist > > De Queen Public Schools > > De Queen, AR > > simpsond at leopards.k12.ar.us > > > > >>> "David Hopkins" 10/18/2007 12:43 PM >>> > > > > That is what I would try, but are all your servers on the same > > 192.168subnet? If they have 2 NIC's, shouldn't you be using the other > > interfaces IP > > address instead of the one used for the thin clients? > > > > On 10/18/07, Huck wrote: > > > double-replying.. > > > > > > $list = 192.168.0.222,192.168.0.223 > > > > > > for $x in $list > > > do > > > sleep 30 > > > if ping -i 3 -c 3 $x > > > then continue > > > else > > > echo "$x down!" | mail -s "222 down" veewee777 at alltel.net > > > break > > > fi > > > done > > > > > > > > > > > > > > > something like that? > > > > > > Doug Simpson wrote: > > > > I am trying to make a script that will ping servers and if they are > > > > > > down, send a message. If they are up it won't send a message. > > > > > > > The problem I am having is if there are more than one, it won't work. > > > > > > > > Here is a sample of my script: > > > > **********sample begins below************* > > > > while (true) > > > > do > > > > sleep 30 > > > > if ping -i 3 -c 3 192.168.0.222 > > > > then > > > > continue > > > > else > > > > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > > > > break > > > > fi > > > > done > > > > **********sample ends above*************** > > > > > > > > > > > > If I add a second (or more) to it, it fails to work properly. > > > > **********broken sample begins below******** > > > > while (true) > > > > do > > > > sleep 30 > > > > if ping -i 3 -c 3 192.168.0.222 > > > > then > > > > continue > > > > else > > > > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > > > > break > > > > fi > > > > if ping -i 3 -c 3 192.168.0.223 > > > > then > > > > continue > > > > else > > > > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > > > > done > > > > ***********broken sample ends above************** > > > > > > > > Obviously a bogus email address, but it is for reference. > > > > Any ideas? > > > > > > > > Doug > > > > > > > > Doug Simpson > > > > Technology Specialist > > > > De Queen Public Schools > > > > De Queen, AR > > > > simpsond at leopards.k12.ar.us > > > > #!/bin/bash > cat hostlist | while read line > do > pingcount=$(ping -c 1 $line |grep received|awk -F',' '{print $2}'| > awk '{print $1}') > if [ $pingcount -eq 0 ]; then > echo "$line is unreachable. Please check, and reboot, if necessary"| > mail -s "$line unreachable" myaddress at mydomain.com > fi > done > > "hostlist can be the ip addresses or hostnames of your servers. > > Dimitri addendum: This should be cronned. Dimitri -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From simpsond at leopards.k12.ar.us Thu Oct 18 19:36:52 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Thu, 18 Oct 2007 14:36:52 -0500 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <200710181529.53277.dyioulos@firstbhph.com> References: <47175284.550C.0078.0@leopards.k12.ar.us> <47175B7C.550C.0078.0@leopards.k12.ar.us> <200710181529.53277.dyioulos@firstbhph.com> Message-ID: <47176F83.550C.0078.0@leopards.k12.ar.us> I don't have it setup where I can ping the servers by name. I need to beable to ping them by IP but send the name instead of IP. Interesting script! Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us >>> Dimitri Yioulos 10/18/2007 2:29 PM >>> On Thursday 18 October 2007 2:11 pm, Doug Simpson wrote: > Thanks to all for the replies. I guess I should clarify what I am > attempting to do here. > > I looked at the programs and etc submitted by all of you and while they are > probably good at what they do, they don't do what I am wanting to do. The > references in the script I submitted are for reference only. IP addresses > are not actual and are actually the servers are on several campuses, > several LANs and some are even over a WAN. I can ping all of the servers I > want to use this for from the one I want to run the script on. > > When I complete the script and get it running properly, the |mail -s "222 is down" me at here.there will be substituted with something like: > |festival --tts and festival has a hard time speaking IP addresses. The > | script will audibly announce the name of the server that is down. > > This script will be run from a linux server that is on all the time, and > the script will run in the background whether anyone is logged in or not.If > a server goes down (ie a ping test fails) it will audibly say something > like "Please check Room tewnty seven's server. It appears to be down." No > one must be logged in and watching the script run. It just does it's thing > silently until it detects a down server. If the script runs continuously in > a loop, it will keep repeating the message every trip through the script > until the problem is corrected. > > Kinda funny, but I find the audible messages are GREAT for monitoring > things. If all is well, he's quiet. If there are problems, he lets you know > about it. I have done similar things with simple cron jobs, but the script > will be better in this instance, I think. > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > >>> "David Hopkins" 10/18/2007 12:43 PM >>> > > That is what I would try, but are all your servers on the same > 192.168subnet? If they have 2 NIC's, shouldn't you be using the other > interfaces IP > address instead of the one used for the thin clients? > > On 10/18/07, Huck wrote: > > double-replying.. > > > > $list = 192.168.0.222,192.168.0.223 > > > > for $x in $list > > do > > sleep 30 > > if ping -i 3 -c 3 $x > > then continue > > else > > echo "$x down!" | mail -s "222 down" veewee777 at alltel.net > > break > > fi > > done > > > > > > > > > > something like that? > > > > Doug Simpson wrote: > > > I am trying to make a script that will ping servers and if they are > > > > down, send a message. If they are up it won't send a message. > > > > > The problem I am having is if there are more than one, it won't work. > > > > > > Here is a sample of my script: > > > **********sample begins below************* > > > while (true) > > > do > > > sleep 30 > > > if ping -i 3 -c 3 192.168.0.222 > > > then > > > continue > > > else > > > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > > > break > > > fi > > > done > > > **********sample ends above*************** > > > > > > > > > If I add a second (or more) to it, it fails to work properly. > > > **********broken sample begins below******** > > > while (true) > > > do > > > sleep 30 > > > if ping -i 3 -c 3 192.168.0.222 > > > then > > > continue > > > else > > > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > > > break > > > fi > > > if ping -i 3 -c 3 192.168.0.223 > > > then > > > continue > > > else > > > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > > > done > > > ***********broken sample ends above************** > > > > > > Obviously a bogus email address, but it is for reference. > > > Any ideas? > > > > > > Doug > > > > > > Doug Simpson > > > Technology Specialist > > > De Queen Public Schools > > > De Queen, AR > > > simpsond at leopards.k12.ar.us > > > #!/bin/bash cat hostlist | while read line do pingcount=$(ping -c 1 $line |grep received|awk -F',' '{print $2}'| awk '{print $1}') if [ $pingcount -eq 0 ]; then echo "$line is unreachable. Please check, and reboot, if necessary"| mail -s "$line unreachable" myaddress at mydomain.com fi done "hostlist can be the ip addresses or hostnames of your servers. Dimitri I don't have it setup where I can ping the servers by name. I need to beable to ping them by IP but send the name instead of IP. Interesting script! Doug From ernie_hudson at snowline.k12.ca.us Thu Oct 18 19:48:06 2007 From: ernie_hudson at snowline.k12.ca.us (Ernie Hudson) Date: Thu, 18 Oct 2007 12:48:06 -0700 Subject: [K12OSN] Thumb drives and dell servers Message-ID: I am having a major issue with thumb drives not being recognized on the client. Everything I plug into the server or an optiplex gx280 is mounted, but on the client this is not the case. I have an old lexar thumb drive that will mount on a client but not anything newer. I also see this error on boot, usb 1-2: device not accepting address 2, error -71, there is an ata2 error as well. Is this a known issue with Dell? I have installed edubuntu, both versions, and everything just worked. Should I be looking for an AMD based server? We are planning to put a thin client solution in our computer intech labs and I would really appreciate any help. Ernie Hudson CLS3 Serrano High School -------------- next part -------------- An HTML attachment was scrubbed... URL: From mrjohnlucas at gmail.com Thu Oct 18 20:03:22 2007 From: mrjohnlucas at gmail.com (John Lucas) Date: Thu, 18 Oct 2007 16:03:22 -0400 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47176F83.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> <200710181529.53277.dyioulos@firstbhph.com> <47176F83.550C.0078.0@leopards.k12.ar.us> Message-ID: <200710181603.22353.MrJohnLucas@gmail.com> On Thursday 18 October 2007 15:36, Doug Simpson wrote: > I don't have it setup where I can ping the servers by name. I need to > beable to ping them by IP but send the name instead of IP. > Put the IP addresses and assigned names in your /etc/hosts file, then use those names to feed the script. Or look at something like "Big Brother": http://www.bb4.org/ > Interesting script! > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > >>> Dimitri Yioulos 10/18/2007 2:29 PM >>> > > On Thursday 18 October 2007 2:11 pm, Doug Simpson wrote: > > Thanks to all for the replies. I guess I should clarify what I am > > attempting to do here. > > > > I looked at the programs and etc submitted by all of you and while they > > are probably good at what they do, they don't do what I am wanting to do. > > The references in the script I submitted are for reference only. IP > > addresses are not actual and are actually the servers are on several > > campuses, several LANs and some are even over a WAN. I can ping all of > > the servers I want to use this for from the one I want to run the script > > on. > > > > When I complete the script and get it running properly, the |mail -s "222 > > is > > down" me at here.there will be substituted with something like: > > |festival --tts and festival has a hard time speaking IP addresses. The > > | script will audibly announce the name of the server that is down. > > > > This script will be run from a linux server that is on all the time, and > > the script will run in the background whether anyone is logged in or > > not.If a server goes down (ie a ping test fails) it will audibly say > > something like "Please check Room tewnty seven's server. It appears to be > > down." No one must be logged in and watching the script run. It just does > > it's thing silently until it detects a down server. If the script runs > > continuously in a loop, it will keep repeating the message every trip > > through the script until the problem is corrected. > > > > Kinda funny, but I find the audible messages are GREAT for monitoring > > things. If all is well, he's quiet. If there are problems, he lets you > > know about it. I have done similar things with simple cron jobs, but the > > script will be better in this instance, I think. > > > > Doug Simpson > > Technology Specialist > > De Queen Public Schools > > De Queen, AR > > simpsond at leopards.k12.ar.us > > > > >>> "David Hopkins" 10/18/2007 12:43 PM >>> > > > > That is what I would try, but are all your servers on the same > > 192.168subnet? If they have 2 NIC's, shouldn't you be using the other > > interfaces IP > > address instead of the one used for the thin clients? > > > > On 10/18/07, Huck wrote: > > > double-replying.. > > > > > > $list = 192.168.0.222,192.168.0.223 > > > > > > for $x in $list > > > do > > > sleep 30 > > > if ping -i 3 -c 3 $x > > > then continue > > > else > > > echo "$x down!" | mail -s "222 down" veewee777 at alltel.net > > > break > > > fi > > > done > > > > > > > > > > > > > > > something like that? > > > > > > Doug Simpson wrote: > > > > I am trying to make a script that will ping servers and if they are > > > > > > down, send a message. If they are up it won't send a message. > > > > > > > The problem I am having is if there are more than one, it won't work. > > > > > > > > Here is a sample of my script: > > > > **********sample begins below************* > > > > while (true) > > > > do > > > > sleep 30 > > > > if ping -i 3 -c 3 192.168.0.222 > > > > then > > > > continue > > > > else > > > > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > > > > break > > > > fi > > > > done > > > > **********sample ends above*************** > > > > > > > > > > > > If I add a second (or more) to it, it fails to work properly. > > > > **********broken sample begins below******** > > > > while (true) > > > > do > > > > sleep 30 > > > > if ping -i 3 -c 3 192.168.0.222 > > > > then > > > > continue > > > > else > > > > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > > > > break > > > > fi > > > > if ping -i 3 -c 3 192.168.0.223 > > > > then > > > > continue > > > > else > > > > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > > > > done > > > > ***********broken sample ends above************** > > > > > > > > Obviously a bogus email address, but it is for reference. > > > > Any ideas? > > > > > > > > Doug > > > > > > > > Doug Simpson > > > > Technology Specialist > > > > De Queen Public Schools > > > > De Queen, AR > > > > simpsond at leopards.k12.ar.us > > > > #!/bin/bash > cat hostlist | while read line > do > pingcount=$(ping -c 1 $line |grep received|awk -F',' '{print $2}'| > awk '{print $1}') > if [ $pingcount -eq 0 ]; then > echo "$line is unreachable. Please check, and reboot, if necessary"| > mail -s "$line unreachable" myaddress at mydomain.com > fi > done > > "hostlist can be the ip addresses or hostnames of your servers. > > Dimitri > > I don't have it setup where I can ping the servers by name. I need to > beable to ping them by IP but send the name instead of IP. > > Interesting script! > > Doug > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From nils at breun.nl Thu Oct 18 21:05:55 2007 From: nils at breun.nl (Nils Breunese) Date: Thu, 18 Oct 2007 23:05:55 +0200 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175284.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> Message-ID: <4A62A084-AAAD-4F3B-8749-679B729A4003@breun.nl> Doug Simpson wrote: > I am trying to make a script that will ping servers and if they are > down, send a message. If they are up it won't send a message. > > The problem I am having is if there are more than one, it won't work. > > Here is a sample of my script: > **********sample begins below************* > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > break > fi > done > **********sample ends above*************** You realize that you'll be getting an email every 30 seconds if the ping is not succesful? Instead of scripting something like this myself, I'd just install a simple monitoring tool like munin [0]. I was very pleasantly surprised by the easy setup of munin, because of the sane defaults it has for its included plugins. You yum install munin on one machine and yum install munin-node on all machines you want to monitor (might as well install munin-node on the munin machine too). You set the IP address of the munin machine in the config file for the nodes and right after enabling notifications you will automatically be emailed when one of the machines is under high load, is down, has high disk usage, etc. Plus munin also generates all kinds of pretty graphs for everything it monitors. I highly recommend it for simple monitoring. ZABBIX, Nagios, ZenOSS et al are all really nice and flexible, but generally a much bigger PITA to setup. Nils Breunese. [0] http://munin.sourceforge.net/ -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From brcisna at eazylivin.net Thu Oct 18 22:06:35 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Thu, 18 Oct 2007 17:06:35 -0500 (CDT) Subject: [K12OSN] Script for checking if servers are up Message-ID: <58710.192.168.254.3.1192745195.squirrel@www.eazylivin.net> Doug, Sounds like you are getting pretty geeky with your "server's up/down" script. Throwing festival into the picture:) Can you get festival to "emulate" mm,,, Aretha Franklin, or Bon Jovi ? Anyways, just thought Id throw this out. I setup OpenNMS a few weeks ago and it sure does a good job of keeping track of outages on multiple subnets at our school. Wasn't too difficult to get it rolling either. This may be too heavy for what you are wanting to do with it,though. There are rpm s avaliable so its pretty easy setup. You probably "like the challenge" of doing it yourself anyways:) Take Care, Barry Cisna westcentral school From dyioulos at firstbhph.com Thu Oct 18 22:14:24 2007 From: dyioulos at firstbhph.com (Dimitri Yioulos) Date: Thu, 18 Oct 2007 18:14:24 -0400 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <200710181603.22353.MrJohnLucas@gmail.com> References: <47175284.550C.0078.0@leopards.k12.ar.us> <47176F83.550C.0078.0@leopards.k12.ar.us> <200710181603.22353.MrJohnLucas@gmail.com> Message-ID: <200710181814.24994.dyioulos@firstbhph.com> On Thursday 18 October 2007 4:03 pm, John Lucas wrote: > On Thursday 18 October 2007 15:36, Doug Simpson wrote: > > I don't have it setup where I can ping the servers by name. I need to > > beable to ping them by IP but send the name instead of IP. > > Put the IP addresses and assigned names in your /etc/hosts file, then use > those names to feed the script. > > Or look at something like "Big Brother": > > http://www.bb4.org/ > > > Interesting script! > > > > Doug > > > > Doug Simpson > > Technology Specialist > > De Queen Public Schools > > De Queen, AR > > simpsond at leopards.k12.ar.us > > > > >>> Dimitri Yioulos 10/18/2007 2:29 PM >>> > > > > On Thursday 18 October 2007 2:11 pm, Doug Simpson wrote: > > > Thanks to all for the replies. I guess I should clarify what I am > > > attempting to do here. > > > > > > I looked at the programs and etc submitted by all of you and while they > > > are probably good at what they do, they don't do what I am wanting to > > > do. The references in the script I submitted are for reference only. IP > > > addresses are not actual and are actually the servers are on several > > > campuses, several LANs and some are even over a WAN. I can ping all of > > > the servers I want to use this for from the one I want to run the > > > script on. > > > > > > When I complete the script and get it running properly, the |mail -s > > > "222 is > > > > down" me at here.there will be substituted with something like: > > > |festival --tts and festival has a hard time speaking IP addresses. The > > > | script will audibly announce the name of the server that is down. > > > > > > This script will be run from a linux server that is on all the time, > > > and the script will run in the background whether anyone is logged in > > > or not.If a server goes down (ie a ping test fails) it will audibly say > > > something like "Please check Room tewnty seven's server. It appears to > > > be down." No one must be logged in and watching the script run. It just > > > does it's thing silently until it detects a down server. If the script > > > runs continuously in a loop, it will keep repeating the message every > > > trip through the script until the problem is corrected. > > > > > > Kinda funny, but I find the audible messages are GREAT for monitoring > > > things. If all is well, he's quiet. If there are problems, he lets you > > > know about it. I have done similar things with simple cron jobs, but > > > the script will be better in this instance, I think. > > > > > > Doug Simpson > > > Technology Specialist > > > De Queen Public Schools > > > De Queen, AR > > > simpsond at leopards.k12.ar.us > > > > > > >>> "David Hopkins" 10/18/2007 12:43 PM >>> > > > > > > That is what I would try, but are all your servers on the same > > > 192.168subnet? If they have 2 NIC's, shouldn't you be using the other > > > interfaces IP > > > address instead of the one used for the thin clients? > > > > > > On 10/18/07, Huck wrote: > > > > double-replying.. > > > > > > > > $list = 192.168.0.222,192.168.0.223 > > > > > > > > for $x in $list > > > > do > > > > sleep 30 > > > > if ping -i 3 -c 3 $x > > > > then continue > > > > else > > > > echo "$x down!" | mail -s "222 down" veewee777 at alltel.net > > > > break > > > > fi > > > > done > > > > > > > > > > > > > > > > > > > > something like that? > > > > > > > > Doug Simpson wrote: > > > > > I am trying to make a script that will ping servers and if they are > > > > > > > > down, send a message. If they are up it won't send a message. > > > > > > > > > The problem I am having is if there are more than one, it won't > > > > > work. > > > > > > > > > > Here is a sample of my script: > > > > > **********sample begins below************* > > > > > while (true) > > > > > do > > > > > sleep 30 > > > > > if ping -i 3 -c 3 192.168.0.222 > > > > > then > > > > > continue > > > > > else > > > > > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > > > > > break > > > > > fi > > > > > done > > > > > **********sample ends above*************** > > > > > > > > > > > > > > > If I add a second (or more) to it, it fails to work properly. > > > > > **********broken sample begins below******** > > > > > while (true) > > > > > do > > > > > sleep 30 > > > > > if ping -i 3 -c 3 192.168.0.222 > > > > > then > > > > > continue > > > > > else > > > > > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > > > > > break > > > > > fi > > > > > if ping -i 3 -c 3 192.168.0.223 > > > > > then > > > > > continue > > > > > else > > > > > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > > > > > done > > > > > ***********broken sample ends above************** > > > > > > > > > > Obviously a bogus email address, but it is for reference. > > > > > Any ideas? > > > > > > > > > > Doug > > > > > > > > > > Doug Simpson > > > > > Technology Specialist > > > > > De Queen Public Schools > > > > > De Queen, AR > > > > > simpsond at leopards.k12.ar.us > > > > > > > > #!/bin/bash > > cat hostlist | while read line > > do > > pingcount=$(ping -c 1 $line |grep received|awk -F',' '{print $2}'| > > awk '{print $1}') > > if [ $pingcount -eq 0 ]; then > > echo "$line is unreachable. Please check, and reboot, if necessary"| > > mail -s "$line unreachable" myaddress at mydomain.com > > fi > > done > > > > "hostlist can be the ip addresses or hostnames of your servers. > > > > Dimitri > > > > I don't have it setup where I can ping the servers by name. I need to > > beable to ping them by IP but send the name instead of IP. > > > > Interesting script! > > > > Doug > > I know that the following code snippet will return the ip addresses of the hosts listed by hostname in the "hostlist" file: for i in `cat hostlist`; do nslookup $i 2>&1 | grep Address | tail -1 | tr ',' ' ' | awk '{print $2}'; done I'm just not seeing how to fold this into the script so that you'll get what you're after. Now, if the real code jockeys out there would step in ... -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From mrjohnlucas at gmail.com Thu Oct 18 22:43:58 2007 From: mrjohnlucas at gmail.com (John Lucas) Date: Thu, 18 Oct 2007 18:43:58 -0400 Subject: [K12OSN] Thumb drives and dell servers In-Reply-To: References: Message-ID: <200710181843.59154.MrJohnLucas@gmail.com> On Thursday 18 October 2007 15:48, Ernie Hudson wrote: > I am having a major issue with thumb drives not being recognized on the > client. Everything I plug into the server or an optiplex gx280 is mounted, > but on the client this is not the case. I have an old lexar thumb drive > that will mount on a client but not anything newer. I also see this error > on boot, usb 1-2: device not accepting address 2, error -71, there is an > ata2 error as well. Is this a known issue with Dell? I have installed > edubuntu, both versions, and everything just worked. Should I be looking > for an AMD based server? We are planning to put a thin client solution in > our computer intech labs and I would really appreciate any help. > I ran into something similar and it turned out to be that the terminal hardware only supported USB v1.1 and the USB v2.0 driver was interfering with identifying the flash drives. So, I eliminated loading the USB v2.0 driver in the LTSP kernel. Most USB v2.0 devices are backward compatible, so it has worked fine on both old and new flash drives now. The file altered were: /opt/ltsp/i386/etc/rc.sysinit: < for MODULE in ehci-hcd uhci-hcd ohci-hcd; do --- > for MODULE in ohci-hcd uhci-hcd ; do and /opt/ltsp/i385/rc.usb: < for module in usb-uhci usb-ohci ehci-hcd uhci-hcd ohci-hcd --- > for module in usb-ohci usb-uhci ohci-hcd uhci-hcd You might try the same (make backups of the originals, of course). -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From paul.ive at rch.org.au Thu Oct 18 23:54:14 2007 From: paul.ive at rch.org.au (Paul Ive) Date: Fri, 19 Oct 2007 09:54:14 +1000 Subject: [K12OSN] OT: Scratch instead of Alice Message-ID: <4717F226.8050803@rch.org.au> I know it doesn't have a linux version [ :-( ] but my 11 year old son has done some great stuff with Scratch from MIT [http://srcatch.mit.edu]. I wonder if, with a bit of prompting, they would consider a linux version? -- Paul Ive ICT Systems Administrator RCH Education Institute Royal Children's Hospital Melbourne Flemington Road, Parkville, 3052, Australia -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: paul.ive.vcf Type: text/x-vcard Size: 379 bytes Desc: not available URL: From tom.hoffman at gmail.com Fri Oct 19 00:07:09 2007 From: tom.hoffman at gmail.com (Tom Hoffman) Date: Thu, 18 Oct 2007 20:07:09 -0400 Subject: [K12OSN] OT: Scratch instead of Alice In-Reply-To: <4717F226.8050803@rch.org.au> References: <4717F226.8050803@rch.org.au> Message-ID: <92de6c880710181707odde6c6cy2522a25c84709578@mail.gmail.com> Actually, since Scratch is written with Squeak, it is highly portable, and David Thornburg whipped up a Linux version which is available on his website. There are links in the Scratch forums as well. In general, the Scratch team has some kind of pole up their butt about Linux and the open source community. Their grant proposal promised periodic public source code releases but they've refused to actually do that. --Tom On 10/18/07, Paul Ive wrote: > > I know it doesn't have a linux version [ :-( ] but my 11 year old son has > done some great stuff with Scratch from MIT [http://srcatch.mit.edu]. > > I wonder if, with a bit of prompting, they would consider a linux version? > > > -- > > > Paul Ive > > ICT Systems Administrator > > RCH Education Institute > Royal Children's Hospital Melbourne > > Flemington Road, Parkville, 3052, Australia > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From ssh at tranquility.net Fri Oct 19 01:32:48 2007 From: ssh at tranquility.net (ssh at tranquility.net) Date: Thu, 18 Oct 2007 20:32:48 -0500 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <4A62A084-AAAD-4F3B-8749-679B729A4003@breun.nl> References: <47175284.550C.0078.0@leopards.k12.ar.us> <4A62A084-AAAD-4F3B-8749-679B729A4003@breun.nl> Message-ID: <1192757568.17405.1.camel@bofh.ltsp> Speaking of monitoring/email, has anyone had any luck getting the Webmin monitoring emails to work? I worked on it a while ago with no luck, I don't recall the problem now. I take care of several machines that have Webmin installed, it would be nice to use what is on there. thx Scott S. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From ssh at tranquility.net Fri Oct 19 01:35:49 2007 From: ssh at tranquility.net (ssh at tranquility.net) Date: Thu, 18 Oct 2007 20:35:49 -0500 Subject: [K12OSN] wireless In-Reply-To: <471780B4.9060205@cmosnetworks.com> References: <471780B4.9060205@cmosnetworks.com> Message-ID: <1192757749.17405.4.camel@bofh.ltsp> I struggled with Intel 3945abg on a laptop for a long time. I was back to using PCMCIA cards. Sidux.com has scripts that make it work painlessly. Sid is a bleeding edge Debian, but I have had very good luck with it for a year. thx Scott S. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From les at futuresource.com Fri Oct 19 02:56:24 2007 From: les at futuresource.com (Les Mikesell) Date: Thu, 18 Oct 2007 21:56:24 -0500 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175B7C.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us> <47179C0C.3060302@paasda.org> <47175B7C.550C.0078.0@leopards.k12.ar.us> Message-ID: <47181CD8.70707@futuresource.com> Doug Simpson wrote: > Thanks to all for the replies. I guess I should clarify what I am attempting to do here. > > I looked at the programs and etc submitted by all of you and while they are probably good at what they do, they don't do what I am wanting to do. > The references in the script I submitted are for reference only. IP addresses are not actual and are actually the servers are on several campuses, several LANs and some are even over a WAN. > I can ping all of the servers I want to use this for from the one I want to run the script on. > > When I complete the script and get it running properly, the |mail -s "222 is down" me at here.there will be substituted with something like: > |festival --tts and festival has a hard time speaking IP addresses. The script will audibly announce the name of the server that is down. > > This script will be run from a linux server that is on all the time, and the script will run in the background whether anyone is logged in or not.If a server goes down (ie a ping test fails) it will audibly say something like "Please check Room tewnty seven's server. It appears to be down." > No one must be logged in and watching the script run. It just does it's thing silently until it detects a down server. If the script runs continuously in a loop, it will keep repeating the message every trip through the script until the problem is corrected. > > Kinda funny, but I find the audible messages are GREAT for monitoring things. If all is well, he's quiet. If there are problems, he lets you know about it. I have done similar things with simple cron jobs, but the script will be better in this instance, I think. > If you montor enough machines to make it worth the trouble to set up you might like OpenNMS (http://www.opennms.org). It recently became easy to do the base install from their yum repository but there is still a lot of configuration to do. -- Les Mikesell les at futuresource.com From simpsond at leopards.k12.ar.us Fri Oct 19 12:59:19 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Fri, 19 Oct 2007 07:59:19 -0500 Subject: [K12OSN] Script for checking if servers are up In-Reply-To: <58710.192.168.254.3.1192745195.squirrel@www.eazylivin.net> References: <58710.192.168.254.3.1192745195.squirrel@www.eazylivin.net> Message-ID: <471863D7.550C.0078.0@leopards.k12.ar.us> Yes, I do like the challenge. The purpose of the audible message is that the server running the script will verbally tell me which server is offline by name, and repeatedly do so until it comes back on line. I do not have to sit and watch any monitoring screens, read any emails or anything like that. Basically, if the server running the script isn't talking, then all is well. . . Thanks Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us >>> Barry Cisna 10/18/2007 5:06 PM >>> Doug, Sounds like you are getting pretty geeky with your "server's up/down" script. Throwing festival into the picture:) Can you get festival to "emulate" mm,,, Aretha Franklin, or Bon Jovi ? Anyways, just thought Id throw this out. I setup OpenNMS a few weeks ago and it sure does a good job of keeping track of outages on multiple subnets at our school. Wasn't too difficult to get it rolling either. This may be too heavy for what you are wanting to do with it,though. There are rpm s avaliable so its pretty easy setup. You probably "like the challenge" of doing it yourself anyways:) Take Care, Barry Cisna westcentral school _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From nils at breun.nl Fri Oct 19 13:03:11 2007 From: nils at breun.nl (Nils Breunese) Date: Fri, 19 Oct 2007 15:03:11 +0200 Subject: [K12OSN] Script for checking if servers are up In-Reply-To: <471863D7.550C.0078.0@leopards.k12.ar.us> References: <58710.192.168.254.3.1192745195.squirrel@www.eazylivin.net> <471863D7.550C.0078.0@leopards.k12.ar.us> Message-ID: <78AA7651-7606-43FF-9270-7CB41E4C200F@breun.nl> Doug Simpson wrote: > Yes, I do like the challenge. > > The purpose of the audible message is that the server running the > script will verbally tell me which server is offline by name, and > repeatedly do so until it comes back on line. I do not have to sit > and watch any monitoring screens, read any emails or anything like > that. Basically, if the server running the script isn't talking, > then all is well. . . You better setup a machine monitoring your talking machine, because if your talking server is down it won't do much talking either. Hmm, how do you monitor whether the speakers are turned on? :o) Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From simpsond at leopards.k12.ar.us Fri Oct 19 13:03:48 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Fri, 19 Oct 2007 08:03:48 -0500 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <4A62A084-AAAD-4F3B-8749-679B729A4003@breun.nl> References: <47175284.550C.0078.0@leopards.k12.ar.us> <4A62A084-AAAD-4F3B-8749-679B729A4003@breun.nl> Message-ID: <471864E3.550C.0078.0@leopards.k12.ar.us> Ultimately, the server running the script will use festival to speak the name of the down server and the time can be adjusted as needed. The email was just being used for a test until I get it running. . . it would be annoying during testing for it to be speaking. Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us >>> Nils Breunese 10/18/2007 4:05 PM >>> Doug Simpson wrote: > I am trying to make a script that will ping servers and if they are > down, send a message. If they are up it won't send a message. > > The problem I am having is if there are more than one, it won't work. > > Here is a sample of my script: > **********sample begins below************* > while (true) > do > sleep 30 > if ping -i 3 -c 3 192.168.0.222 > then > continue > else > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > break > fi > done > **********sample ends above*************** You realize that you'll be getting an email every 30 seconds if the ping is not succesful? Instead of scripting something like this myself, I'd just install a simple monitoring tool like munin [0]. I was very pleasantly surprised by the easy setup of munin, because of the sane defaults it has for its included plugins. You yum install munin on one machine and yum install munin-node on all machines you want to monitor (might as well install munin-node on the munin machine too). You set the IP address of the munin machine in the config file for the nodes and right after enabling notifications you will automatically be emailed when one of the machines is under high load, is down, has high disk usage, etc. Plus munin also generates all kinds of pretty graphs for everything it monitors. I highly recommend it for simple monitoring. ZABBIX, Nagios, ZenOSS et al are all really nice and flexible, but generally a much bigger PITA to setup. Nils Breunese. [0] http://munin.sourceforge.net/ From simpsond at leopards.k12.ar.us Fri Oct 19 13:10:02 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Fri, 19 Oct 2007 08:10:02 -0500 Subject: [K12OSN] Script for checking if servers are up In-Reply-To: <78AA7651-7606-43FF-9270-7CB41E4C200F@breun.nl> References: <58710.192.168.254.3.1192745195.squirrel@www.eazylivin.net> <471863D7.550C.0078.0@leopards.k12.ar.us> <78AA7651-7606-43FF-9270-7CB41E4C200F@breun.nl> Message-ID: <4718665A.550C.0078.0@leopards.k12.ar.us> That's funny. . . I actually thought about that. . .the server running the script will be in my office. A quick glance will tell me if it is online. . . quarter, half, three quarter and hourly time greetings can be used (like a speaking grandfather clock) if you want to get that critical. Likely by the time the server finds a down server, the phone will likely be ringing anyway, but it'll be fun anyway. Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us >>> Nils Breunese 10/19/2007 8:03 AM >>> Doug Simpson wrote: > Yes, I do like the challenge. > > The purpose of the audible message is that the server running the > script will verbally tell me which server is offline by name, and > repeatedly do so until it comes back on line. I do not have to sit > and watch any monitoring screens, read any emails or anything like > that. Basically, if the server running the script isn't talking, > then all is well. . . You better setup a machine monitoring your talking machine, because if your talking server is down it won't do much talking either. Hmm, how do you monitor whether the speakers are turned on? :o) Nils Breunese. From jkorzeni at battle-creek.k12.mi.us Fri Oct 19 14:03:18 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Fri, 19 Oct 2007 10:03:18 -0400 Subject: [K12OSN] Autologin Message-ID: <471880E8.6C73.003C.0@battle-creek.k12.mi.us> I have read the tutorial here: http://k12ltsp.org/mediawiki/index.php/A_more_complete_How-To_for_setting_up_autologin_of_clients_using_Gnome_&_GDM on how to get autologin working. Has anyone had success using these steps in k12ltsp6? I didn't have enough time to finish troubleshooting it yesterday when I had time to work on it and didn't get it working using those steps. One big question I had was: do the autologin user accounts need to have no password, a blank password, some other password or does it not matter? Thanks, -Joe From jkinney at localnetsolutions.com Fri Oct 19 14:34:43 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Fri, 19 Oct 2007 10:34:43 -0400 Subject: [K12OSN] Usage question Message-ID: <1192804483.3960.219.camel@merlin.localnetsolutions.com> Hi All, OpenAdmin can certainly support large schools and school systems. I am wondering what the school sizes are that currently use OA? 500 students? 1000 10,000 25,000 50,000 larger? I am trying to build up a body of "evidence" for a large school system here in Georgia to use OA (instead of some closed-source lets-burn-more-cash-proprietary system). The big benefit for OA users is this school system will be funding some additions to the package that we all get to benefit from (and feeding Les is good too! :) -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From lnkemp at bolivar.k12.mo.us Fri Oct 19 15:02:05 2007 From: lnkemp at bolivar.k12.mo.us (Kemp, Levi) Date: Fri, 19 Oct 2007 10:02:05 -0500 Subject: [K12OSN] nfs traffic monitoring References: <35418.192.168.254.3.1192651862.squirrel@www.eazylivin.net> Message-ID: I guess it really depends on your network, but here's a thought. I setup our new scholastic server in my office, and didn't move it from a 10/100 to a 10/100/1000 connection till last night. Nearly a month of use at a tenth the speed and nobody complained, and I doubt they'll even notice the difference. Levi Kemp Technology Specialist Bolivar R-1 Schools 417-328-8943 lnkemp at bolivar.k12.mo.us "The only secure computer is one that's unplugged, locked in a safe, and buried 20 feet under the ground in a secret location... and I'm not even too sure about that one" --Dennis Hughes, FBI ________________________________ From: k12osn-bounces at redhat.com on behalf of Barry Cisna Sent: Wed 10/17/2007 3:11 PM To: k12osn at redhat.com Subject: [K12OSN] nfs traffic monitoring Levi, We are still using version 6.35 acc reader along with 3-4 other NON renplace apps. Therefor the having to use either TS or run via Wine in K12ltsp server. These are the versions that I believe were shipped on the mayflower:) Does this seem like too much "chatter" on eth0? Thanks, Barry Cisna westcentral school _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see > -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 4212 bytes Desc: not available URL: From garza.r.tx at gmail.com Fri Oct 19 15:09:42 2007 From: garza.r.tx at gmail.com (Ray Garza) Date: Fri, 19 Oct 2007 10:09:42 -0500 Subject: [K12OSN] Autologin In-Reply-To: <471880E8.6C73.003C.0@battle-creek.k12.mi.us> References: <471880E8.6C73.003C.0@battle-creek.k12.mi.us> Message-ID: <4718C8B6.2030507@gmail.com> Joe Korzeniewski wrote: > I have read the tutorial here: http://k12ltsp.org/mediawiki/index.php/A_more_complete_How-To_for_setting_up_autologin_of_clients_using_Gnome_&_GDM on how to get autologin working. Has anyone had success using these steps in k12ltsp6? I didn't have enough time to finish troubleshooting it yesterday when I had time to work on it and didn't get it working using those steps. One big question I had was: do the autologin user accounts need to have no password, a blank password, some other password or does it not matter? > > Thanks, > > -Joe > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > / /I used those instructions and it worked for some Kiosks at work. The accounts I used had passwords and I changed the autologin timer from 30 secs to 5 secs (the lowest it would go). Ray From dhuckaby at paasda.org Fri Oct 19 16:15:00 2007 From: dhuckaby at paasda.org (Huck) Date: Fri, 19 Oct 2007 09:15:00 -0700 Subject: [K12OSN] Script for checking if servers are up In-Reply-To: <471863D7.550C.0078.0@leopards.k12.ar.us> References: <58710.192.168.254.3.1192745195.squirrel@www.eazylivin.net> <471863D7.550C.0078.0@leopards.k12.ar.us> Message-ID: <4718D804.8060709@paasda.org> I like my servers to run silently as well :) --Huck Doug Simpson wrote: > Yes, I do like the challenge. > > The purpose of the audible message is that the server running the script will verbally tell me which server is offline by name, and repeatedly do so until it comes back on line. I do not have to sit and watch any monitoring screens, read any emails or anything like that. Basically, if the server running the script isn't talking, then all is well. . . > > Thanks > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > >>>> Barry Cisna 10/18/2007 5:06 PM >>> > Doug, > > Sounds like you are getting pretty geeky with your "server's up/down" > script. > Throwing festival into the picture:) Can you get festival to "emulate" > mm,,, Aretha Franklin, or Bon Jovi ? Anyways, just thought Id throw this > out. I setup OpenNMS a few weeks ago and it sure does a good job of > keeping track of outages on multiple subnets at our school. Wasn't too > difficult to get it rolling either. This may be too heavy for what you are > wanting to do with it,though. There are rpm s avaliable so its pretty easy > setup. You probably "like the challenge" of doing it yourself anyways:) > > Take Care, > > Barry Cisna > westcentral school > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From rmiller at seminole.k12.ga.us Fri Oct 19 17:51:36 2007 From: rmiller at seminole.k12.ga.us (Ronnie Miller) Date: Fri, 19 Oct 2007 13:51:36 -0400 (EDT) Subject: [K12OSN] Autologin Message-ID: <39166.10.10.100.1.1192816296.squirrel@mail.seminole.k12.ga.us> I used these with 5EL and it worked fine. The users have passwords on my system and the security model (I'm assuming it's selinux) requires it. But once you set it up, it just works! ------------- [K12OSN] Autologin * From: "Joe Korzeniewski" * To: * Subject: [K12OSN] Autologin * Date: Fri, 19 Oct 2007 10:03:18 -0400 I have read the tutorial here: http://k12ltsp.org/mediawiki/index.php/A_more_complete_How-To_for_setting_up_autologin_of_clients_using_Gnome_&_GDM on how to get autologin working. Has anyone had success using these steps in k12ltsp6? I didn't have enough time to finish troubleshooting it yesterday when I had time to work on it and didn't get it working using those steps. One big question I had was: do the autologin user accounts need to have no password, a blank password, some other password or does it not matter? Thanks, -Joe -- Ronnie Miller Technology Specialist Seminole County Schools 800 S. Woolfork Ave. Donalsonville, GA 39845 229.524.5235 Ext. 227 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From robark at gmail.com Fri Oct 19 19:50:08 2007 From: robark at gmail.com (Robert Arkiletian) Date: Fri, 19 Oct 2007 12:50:08 -0700 Subject: [K12OSN] Make screen capture videos for your students Message-ID: Teachers can make instructional videos (with audio) for their students. http://recordmydesktop.iovar.org/about.php Although probably won't work on a thin client. -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From rowens at ptd.net Fri Oct 19 23:55:53 2007 From: rowens at ptd.net (Rob Owens) Date: Fri, 19 Oct 2007 19:55:53 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups Message-ID: <20071019235553.GA479@junker.owens.net> How can I add LDAP users to local system groups? I am trying to move to LDAP, but I'm a bit confused now... I tried to add a new LDAP user to the "fuse" group (which is a non-LDAP group) and I got the message: /usr/sbin/smbldap-usermod: group "fuse" doesn't exist Am I supposed to make an LDAP group for every one of my local system groups? This seems dangerous, because there's no guarantee that the "fuse" group on one of my systems is treated the same as the "fuse" group on another system. Thanks for any help you guys can provide. -Rob From rowens at ptd.net Sat Oct 20 12:05:46 2007 From: rowens at ptd.net (Rob Owens) Date: Sat, 20 Oct 2007 08:05:46 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071019235553.GA479@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> Message-ID: <20071020120546.GA311@junker.owens.net> On Fri, Oct 19, 2007 at 07:55:53PM -0400, Rob Owens wrote: > How can I add LDAP users to local system groups? I am trying to move to LDAP, but I'm a bit confused now... I tried to add a new LDAP user to the "fuse" group (which is a non-LDAP group) and I got the message: /usr/sbin/smbldap-usermod: group "fuse" doesn't exist > > Am I supposed to make an LDAP group for every one of my local system groups? This seems dangerous, because there's no guarantee that the "fuse" group on one of my systems is treated the same as the "fuse" group on another system. > Here's an example of what I'm concerned about. I compared /etc/group on a Debian Etch machine and an Ubuntu Feisty machine. Here are some system group numbers that are different between the two machines. gid Etch group Feisty Group 101 crontab dhcp 102 Debian-exim syslog 103 ssh klog 104 messagebus ssl-cert 105 avahi crontab 106 netdev ssh 107 lpadmin messagebus 108 haldaemon avahi 109 powerdev lpadmin 110 scanner haldaemon 111 gdm scanner 112 backuppc slocate 113 ntp gdm 114 openldap admin 116 mythtv avahi-autoipd 117 bind netdev 118 winbindd_priv nvram For gids from 0 to 100, the Etch and Feisty group names are identical. My Centos 5 system, however, has differences in the 0-100 range. Additionally, the Centos system has the all-important "fuse" group at gid 101, whereas the Etch and Feisty systems have "fuse" at gid 115. So if I want to have multiple distros on the same network, how do I properly tie them together with LDAP? From nadavkav at gmail.com Sat Oct 20 13:05:30 2007 From: nadavkav at gmail.com (Nadav Kavalerchik) Date: Sat, 20 Oct 2007 15:05:30 +0200 Subject: [K12OSN] Make screen capture videos for your students In-Reply-To: References: Message-ID: <4219988b0710200605n52cf4fj846149f7eb2b48e6@mail.gmail.com> thanks :-) that helped allot ! i made(recorded) some screen casts on the server (some howtos about using openoffice) and i'm playing it with kplayer on the clients, successfully :-) these ogg files are big. if they'll be converted to mpeg4 successfully (visually) i'll share them on vimeo (only ones that support bigger them 320x240 videos) so you can all enjoy :-) On 10/19/07, Robert Arkiletian wrote: > > Teachers can make instructional videos (with audio) for their students. > http://recordmydesktop.iovar.org/about.php > > Although probably won't work on a thin client. > > -- > Robert Arkiletian > Eric Hamber Secondary, Vancouver, Canada > Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ > C++ GUI tutorial http://www3.telus.net/public/robark/ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see < http://www.k12os.org> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jkinney at localnetsolutions.com Sat Oct 20 13:06:22 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Sat, 20 Oct 2007 09:06:22 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071019235553.GA479@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> Message-ID: <1192885582.3960.369.camel@merlin.localnetsolutions.com> On Fri, 2007-10-19 at 19:55 -0400, Rob Owens wrote: > How can I add LDAP users to local system groups? I am trying to move > to LDAP, but I'm a bit confused now... I tried to add a new LDAP user > to the "fuse" group (which is a non-LDAP group) and I got the > message: /usr/sbin/smbldap-usermod: group "fuse" doesn't exist > It looks like you need to add users FROM the LDAP space TO the local fuse group. I think that creating an LDAP group called fusers and adding LDAP accounts to this group is step one. Then add the LDAP group fusers to be a member of the local machine fuse group. > Am I supposed to make an LDAP group for every one of my local system > groups? This seems dangerous, because there's no guarantee that the > "fuse" group on one of my systems is treated the same as the "fuse" > group on another system. The treatment of the fuse group locally is handled locally, not cross-system. The specific membership is applied from a common point (the ldap) to the multiple systems and the UID/GID is handled by each local system. The connection is made by group name to group name and group member user names. > > Thanks for any help you guys can provide. Clear as mud? :) > > -Rob > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From dahopkins429 at gmail.com Sat Oct 20 13:09:49 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Sat, 20 Oct 2007 09:09:49 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071020120546.GA311@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> <20071020120546.GA311@junker.owens.net> Message-ID: I have multiple distros. It is straightforward. Set up your ldap server with all your users and groups. Then, have your other systems authenticate against the system running ldap. You can use authconfig to specify the ldap server's IP address. This is a very very short intro, but you have a central authentication server with LDAP and it is used to authenticate everyone everywhere. No need for local accounts on each system. The MS-centric corollary is the idea of a Domain and Domain Users in Active Directory. (which is just an ldap database as well) On 10/20/07, Rob Owens wrote: > > On Fri, Oct 19, 2007 at 07:55:53PM -0400, Rob Owens wrote: > > How can I add LDAP users to local system groups? I am trying to move to > LDAP, but I'm a bit confused now... I tried to add a new LDAP user to the > "fuse" group (which is a non-LDAP group) and I got the > message: /usr/sbin/smbldap-usermod: group "fuse" doesn't exist > > > > Am I supposed to make an LDAP group for every one of my local system > groups? This seems dangerous, because there's no guarantee that the "fuse" > group on one of my systems is treated the same as the "fuse" group on > another system. > > > > Here's an example of what I'm concerned about. > > I compared /etc/group on a Debian Etch machine and an Ubuntu Feisty > machine. Here are some system group numbers that are different between the > two machines. > > gid Etch group Feisty Group > 101 crontab dhcp > 102 Debian-exim syslog > 103 ssh klog > 104 messagebus ssl-cert > 105 avahi crontab > 106 netdev ssh > 107 lpadmin messagebus > 108 haldaemon avahi > 109 powerdev lpadmin > 110 scanner haldaemon > 111 gdm scanner > 112 backuppc slocate > 113 ntp gdm > 114 openldap admin > 116 mythtv avahi-autoipd > 117 bind netdev > 118 winbindd_priv nvram > > For gids from 0 to 100, the Etch and Feisty group names are identical. My > Centos 5 system, however, has differences in the 0-100 range. Additionally, > the Centos system has the all-important "fuse" group at gid 101, whereas the > Etch and Feisty systems have "fuse" at gid 115. > > So if I want to have multiple distros on the same network, how do I > properly tie them together with LDAP? > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jkinney at localnetsolutions.com Sat Oct 20 13:24:26 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Sat, 20 Oct 2007 09:24:26 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071020120546.GA311@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> <20071020120546.GA311@junker.owens.net> Message-ID: <1192886666.3960.380.camel@merlin.localnetsolutions.com> On Sat, 2007-10-20 at 08:05 -0400, Rob Owens wrote: > On Fri, Oct 19, 2007 at 07:55:53PM -0400, Rob Owens wrote: > > How can I add LDAP users to local system groups? I am trying to > move to LDAP, but I'm a bit confused now... I tried to add a new LDAP > user to the "fuse" group (which is a non-LDAP group) and I got the > message: /usr/sbin/smbldap-usermod: group "fuse" doesn't exist > > > > Am I supposed to make an LDAP group for every one of my local system > groups? This seems dangerous, because there's no guarantee that the > "fuse" group on one of my systems is treated the same as the "fuse" > group on another system. > > > > Here's an example of what I'm concerned about. > > I compared /etc/group on a Debian Etch machine and an Ubuntu Feisty > machine. Here are some system group numbers that are different > between the two machines. > > gid Etch group Feisty Group > 101 crontab dhcp > 102 Debian-exim syslog > 103 ssh klog > 104 messagebus ssl-cert > 105 avahi crontab > 106 netdev ssh > 107 lpadmin messagebus > 108 haldaemon avahi > 109 powerdev lpadmin > 110 scanner haldaemon > 111 gdm scanner > 112 backuppc slocate > 113 ntp gdm > 114 openldap admin > 116 mythtv avahi-autoipd > 117 bind netdev > 118 winbindd_priv nvram The individual systems handle the GIDs internally but your external connections use the text names. Don't sweat the details on this UNLESS you have created user or group names in LDAP that have text equivalents for the "special" names on the local systems. i.e. a user named avhai will have some serious file system and security problems! > > For gids from 0 to 100, the Etch and Feisty group names are identical. > My Centos 5 system, however, has differences in the 0-100 range. > Additionally, the Centos system has the all-important "fuse" group at > gid 101, whereas the Etch and Feisty systems have "fuse" at gid 115. > > So if I want to have multiple distros on the same network, how do I > properly tie them together with LDAP? Yes. Define your groupings on the ldap (class2008, mathteachers, sciclub, students, etc.) and then use the local tools on the different systems to add ldap groups as members of local groups defined groups. NOTE: there needs to be better group management tools in Linux than is currently available. The tool groupmems looks like the right thing but it does not work as discussed in the man pages and segfaults under some uses (bug report is being sent upstream). So in the mean time manually adding ldap groups to the local fuse group is the only reliable way. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From microman at cmosnetworks.com Sat Oct 20 16:54:21 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Sat, 20 Oct 2007 12:54:21 -0400 Subject: [K12OSN] Make screen capture videos for your students In-Reply-To: <4219988b0710200605n52cf4fj846149f7eb2b48e6@mail.gmail.com> References: <4219988b0710200605n52cf4fj846149f7eb2b48e6@mail.gmail.com> Message-ID: <471A32BD.9010505@cmosnetworks.com> Hmm...an Ogg file should be no larger than an MP4 and should be of better quality. What settings are you using for your OGG compression? --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! Nadav Kavalerchik wrote: > thanks :-) > > that helped allot ! > > i made(recorded) some screen casts on the server (some howtos about > using openoffice) > and i'm playing it with kplayer on the clients, successfully :-) > > these ogg files are big. if they'll be converted to mpeg4 successfully > (visually) > i'll share them on vimeo (only ones that support bigger them 320x240 > videos) so you can all enjoy :-) > > On 10/19/07, *Robert Arkiletian* < robark at gmail.com > > wrote: > > Teachers can make instructional videos (with audio) for their > students. > http://recordmydesktop.iovar.org/about.php > > Although probably won't work on a thin client. > > -- > Robert Arkiletian > Eric Hamber Secondary, Vancouver, Canada > Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ > C++ GUI tutorial http://www3.telus.net/public/robark/ > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see < http://www.k12os.org> > > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From brcisna at eazylivin.net Sat Oct 20 17:12:17 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Sat, 20 Oct 2007 12:12:17 -0500 (CDT) Subject: [K12OSN] Samba K12LTSP Windows Vista home folders on Wiki Message-ID: <38005.192.168.254.3.1192900337.squirrel@www.eazylivin.net> Hello All, I posted a how to on setting up K12LTSP Samba with Windows Vista clients to an Windows 2003 server AD domain to seamlessly mount home folders on the K12LTSP wiki. There is none of the ugly authentication voodoo, that Vista has generated, that has to be done with this setup.The formatting got ugly but it is all there . Here is a link for those interested: http://www.k12ltsp.org/mediawiki/index.php/K12LTSP%2CSamba%2CWindows_Vista_Client_Home_Folders_Interoperabilty_how_to Take Care, Barry Cisna From barry at solof.org Sat Oct 20 17:22:32 2007 From: barry at solof.org (Barry Solof) Date: Sat, 20 Oct 2007 13:22:32 -0400 Subject: [K12OSN] Ghost Printers Message-ID: <471A3958.3060605@solof.org> We are running K12ltsp version 5. The server runs one classroom of 12 terminals. It ran flawlessly for months with one deskjet printer connected to a workstation. When we added another deskjet to another workstation things got a bit weird. Long story short, updating the server software fixed all of the issues but one. There is a phantom printer that still shows up in our users print dialog box. This queue was deleted quite a while ago in the printer create/delete program (but it does show up as a recently accessed queue). How do we get rid of the phantom printer/queue? From krsnendu108 at gmail.com Sat Oct 20 17:32:12 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Sun, 21 Oct 2007 06:32:12 +1300 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1192885582.3960.369.camel@merlin.localnetsolutions.com> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> Message-ID: On 21/10/2007, James P. Kinney III wrote: > On Fri, 2007-10-19 at 19:55 -0400, Rob Owens wrote: > It looks like you need to add users FROM the LDAP space TO the local > fuse group. > > I think that creating an LDAP group called fusers and adding LDAP > accounts to this group is step one. Then add the LDAP group fusers to be > a member of the local machine fuse group. Step one is straightforward. How do you do step two? Krsnendu dasa From jkinney at localnetsolutions.com Sat Oct 20 18:46:42 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Sat, 20 Oct 2007 14:46:42 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> Message-ID: <1192906002.3960.443.camel@merlin.localnetsolutions.com> On Sun, 2007-10-21 at 06:32 +1300, Krsnendu dasa wrote: > On 21/10/2007, James P. Kinney III wrote: > > On Fri, 2007-10-19 at 19:55 -0400, Rob Owens wrote: > > > It looks like you need to add users FROM the LDAP space TO the local > > fuse group. > > > > I think that creating an LDAP group called fusers and adding LDAP > > accounts to this group is step one. Then add the LDAP group fusers to be > > a member of the local machine fuse group. > > Step one is straightforward. > How do you do step two? From a console on the server as root: vigr (this is a vi-based group file editor - it locks the file to prevent other writes) now append fusers to the fuse group entry. If it is after another entry for the fuse group, use a comma between the entries. You will not need to edit the gshadow file. > > Krsnendu dasa > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From brcisna at eazylivin.net Sat Oct 20 20:21:37 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Sat, 20 Oct 2007 15:21:37 -0500 (CDT) Subject: [K12OSN] Ghost Printers Message-ID: <54847.192.168.254.3.1192911697.squirrel@www.eazylivin.net> Barry, Open a webbrowser on the server to http://localhost:631 see if you have any extra printers listed here & delete it. If your ghost printer does not show up here drill down to /etc/cups/printers.conf in this file will be your added printers with the form of info info info more info Delete whatever printer shouldnt be showing up & Save. Do a 'service cups restart' in a terminal You'll be go'in again. Take Care, Barry Cisna From rowens at ptd.net Sun Oct 21 00:26:15 2007 From: rowens at ptd.net (Rob Owens) Date: Sat, 20 Oct 2007 20:26:15 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1192906002.3960.443.camel@merlin.localnetsolutions.com> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> Message-ID: <20071021002614.GA3725@junker.owens.net> On Sat, Oct 20, 2007 at 02:46:42PM -0400, James P. Kinney III wrote: > On Sun, 2007-10-21 at 06:32 +1300, Krsnendu dasa wrote: > > On 21/10/2007, James P. Kinney III wrote: > > > On Fri, 2007-10-19 at 19:55 -0400, Rob Owens wrote: > > > > > It looks like you need to add users FROM the LDAP space TO the local > > > fuse group. > > > > > > I think that creating an LDAP group called fusers and adding LDAP > > > accounts to this group is step one. Then add the LDAP group fusers to be > > > a member of the local machine fuse group. > > > > Step one is straightforward. > > How do you do step two? > > From a console on the server as root: > > vigr (this is a vi-based group file editor - it locks the file to > prevent other writes) > > now append fusers to the fuse group entry. If it is after another entry > for the fuse group, use a comma between the entries. > > You will not need to edit the gshadow file. Thanks for the info. Unfortunately it didn't work for me, though. Is there something I need to do to "initialize" the group membership? I logged out/in, then tried rebooting. Still no good. Is there anything special I need to do in the creation of the ldap group? I used smbldap-groupadd -a ldapgroupname. The group memberships seem to be correct (I used the cdrom group as a test): $ getent group | grep cdrom cdrom:x:24:mythtv,ldapcdrom ldapcdrom:*:10005:rob But I can't access anything with cdrom group privileges. I even created a text file owned by root.cdrom with 770 permissions, and I can't read it. Let me know if you've got any ideas. -Rob > > > > Krsnendu dasa > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > -- > James P. Kinney III > CEO & Director of Engineering > Local Net Solutions,LLC > 770-493-8244 > http://www.localnetsolutions.com > > GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) > > Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From jkorzeni at battle-creek.k12.mi.us Mon Oct 22 12:11:36 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Mon, 22 Oct 2007 08:11:36 -0400 Subject: [K12OSN] Removing students home from desktop Message-ID: <471C5B380200003C00004404@BCPSSMTP.battle-creek.k12.mi.us> Does anyone know of a way to remove default icons from the desktop such as the students' home folder, computer and trash? I have a script that mounts their network share once they have logged in, so I don't want to confuse them with their linux home directory. Thanks, -Joe Korzeniewski From mblinn at peopleplaces.org Mon Oct 22 14:57:46 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Mon, 22 Oct 2007 10:57:46 -0400 Subject: [K12OSN] i810 backporting Message-ID: <471CBA6A.9090204@peopleplaces.org> Does anyone have the know-how or the wherewithall to walk/talk/email me through a backporting of the newer i810 xserver? I've been testing Ubuntu Gutsy and my GX110 boxes don't crash when using the newer xserver. I'd like to get it working on my K12LTSPv6 setup. Cheers, Michael From jim at winonacotter.org Mon Oct 22 16:33:06 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Mon, 22 Oct 2007 11:33:06 -0500 Subject: [K12OSN] X -query possible with LTSP 5? Message-ID: <20071022160943.M24494@winonacotter.org> In the past with LTSP we could do an "X -query 192.168.1.254 -quartz" from a mac OSX with XDarwin installed. Then I could run a terminal session from within a window on the Mac OSX desktop. Does anyone know if this is still possible with LTSP 5? I tried to mess with it for a while on Friday but didn't have any luck, I was thinking this might not work because XDMCP is no longer used. If this isn't possible, does anyone know a way to make this work with LTSP 5? I am not against a VNC session, but I had trouble before with keyboard mappings with VNC. I am running Edubuntu 7.04 with LDM_DIRECTX and LDAP. Thanks, Jim Kronebusch Cotter Tech Department 453-5188 -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jones_yeates at hotmail.com Mon Oct 22 16:55:23 2007 From: jones_yeates at hotmail.com (jones yeates) Date: Mon, 22 Oct 2007 16:55:23 +0000 Subject: [K12OSN] NAT In-Reply-To: <20071022160943.M24494@winonacotter.org> References: <20071022160943.M24494@winonacotter.org> Message-ID: I had everything working. Then I changed the IP address for eth1 to a static IP, did a service network restart and lost some stuff. I have a lab that can boot both into LInux and Windows. Everything works fine in LInux. In Windows I can't seem to get the clients to ping outside of the LAN. I have tried: service nat stop service iptables stop iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE iptables --append FORWARD --in-interface eth0 -j ACCEPT service nat start service iptables start I even tried: service iptables-k12ltsp start and it won't start up because I took the firewall off, which was off when I was able to start it last time. THe iptables-k12ltsp is was what got the nat thing working last time. Any ideas what I could be doing wrong? Thanks. _________________________________________________________________ R U Ready for Windows Live Messenger Beta 8.5? Try it today! http://entertainment.sympatico.msn.ca/WindowsLiveMessenger From les at futuresource.com Mon Oct 22 16:57:41 2007 From: les at futuresource.com (Les Mikesell) Date: Mon, 22 Oct 2007 11:57:41 -0500 Subject: [K12OSN] X -query possible with LTSP 5? In-Reply-To: <20071022160943.M24494@winonacotter.org> References: <20071022160943.M24494@winonacotter.org> Message-ID: <471CD685.8010603@futuresource.com> Jim Kronebusch wrote: > In the past with LTSP we could do an "X -query 192.168.1.254 -quartz" from a mac OSX > with XDarwin installed. Then I could run a terminal session from within a window on the > Mac OSX desktop. Does anyone know if this is still possible with LTSP 5? I tried to > mess with it for a while on Friday but didn't have any luck, I was thinking this might > not work because XDMCP is no longer used. If this isn't possible, does anyone know a > way to make this work with LTSP 5? I am not against a VNC session, but I had trouble > before with keyboard mappings with VNC. I am running Edubuntu 7.04 with LDM_DIRECTX and > LDAP. I don't know what ltsp 5 uses, but what you really want from OSX is the NX client and freenx on the server... X should work if you can enable XDMCP but NX is nicer. The mac client will even let you resize the window in the middle of a session. -- Les Mikesell lesmikesell at gmail.com From mblinn at peopleplaces.org Mon Oct 22 17:05:26 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Mon, 22 Oct 2007 13:05:26 -0400 Subject: [K12OSN] NAT In-Reply-To: References: <20071022160943.M24494@winonacotter.org> Message-ID: <471CD856.9070004@peopleplaces.org> The file /etc/init.d/nat has your public ethernet card and public IP - Change these to your new IP, service nat restart, and you should be OK -Michael jones yeates wrote: > I had everything working. Then I changed the IP address for eth1 to a static IP, did a service network restart and lost some stuff. > > I have a lab that can boot both into LInux and Windows. Everything works fine in LInux. In Windows I can't seem to get the clients to ping outside of the LAN. > > I have tried: > service nat stop > service iptables stop > iptables --flush > iptables --table nat --flush > iptables --delete-chain > iptables --table nat --delete-chain > iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE > iptables --append FORWARD --in-interface eth0 -j ACCEPT > service nat start > service iptables start > > I even tried: service iptables-k12ltsp start > and it won't start up because I took the firewall off, which was off when I was able to start it last time. THe iptables-k12ltsp is was what got the nat thing working last time. Any ideas what I could be doing wrong? > > Thanks. > From nadavkav at gmail.com Mon Oct 22 17:08:15 2007 From: nadavkav at gmail.com (Nadav Kavalerchik) Date: Mon, 22 Oct 2007 19:08:15 +0200 Subject: [K12OSN] Removing students home from desktop In-Reply-To: <471C5B380200003C00004404@BCPSSMTP.battle-creek.k12.mi.us> References: <471C5B380200003C00004404@BCPSSMTP.battle-creek.k12.mi.us> Message-ID: <4219988b0710221008jd8a243cwc6efd9675b3a5170@mail.gmail.com> here is a link to a script we use: http://www.eagle-israel.co.il/ltsp/admin-scripts/clear-new-users-desktop-files it uses a text file with a list of users. http://www.eagle-israel.co.il/ltsp/admin-scripts/users.list enjoy :-) On 10/22/07, Joe Korzeniewski wrote: > Does anyone know of a way to remove default icons from the desktop such as the students' home folder, computer and trash? I have a script that mounts their network share once they have logged in, so I don't want to confuse them with their linux home directory. > > Thanks, > > -Joe Korzeniewski > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jam at mcquil.com Mon Oct 22 17:12:04 2007 From: jam at mcquil.com (Jim McQuillan) Date: Mon, 22 Oct 2007 13:12:04 -0400 Subject: [K12OSN] X -query possible with LTSP 5? In-Reply-To: <20071022160943.M24494@winonacotter.org> References: <20071022160943.M24494@winonacotter.org> Message-ID: <471CD9E4.3090804@McQuil.com> Jim, Sure it's possible. Just because LTSP isn't using XDMCP anymore doesn't mean you can't use it from a mac. You'll just need to configure GDM to allow remote connections. That's possible through the "Login Window" preferences. Jim McQuillan jam at Ltsp.org Jim Kronebusch wrote: > In the past with LTSP we could do an "X -query 192.168.1.254 -quartz" from a mac OSX > with XDarwin installed. Then I could run a terminal session from within a window on the > Mac OSX desktop. Does anyone know if this is still possible with LTSP 5? I tried to > mess with it for a while on Friday but didn't have any luck, I was thinking this might > not work because XDMCP is no longer used. If this isn't possible, does anyone know a > way to make this work with LTSP 5? I am not against a VNC session, but I had trouble > before with keyboard mappings with VNC. I am running Edubuntu 7.04 with LDM_DIRECTX and > LDAP. > > Thanks, > > Jim Kronebusch > Cotter Tech Department > 453-5188 > > From jim at winonacotter.org Mon Oct 22 17:46:57 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Mon, 22 Oct 2007 12:46:57 -0500 Subject: [K12OSN] X -query possible with LTSP 5? In-Reply-To: <471CD9E4.3090804@McQuil.com> References: <20071022160943.M24494@winonacotter.org> <471CD9E4.3090804@McQuil.com> Message-ID: <20071022174232.M8345@winonacotter.org> On Mon, 22 Oct 2007 13:12:04 -0400, Jim McQuillan wrote > Jim, > > Sure it's possible. Just because LTSP isn't using XDMCP anymore doesn't > mean you can't use it from a mac. > > You'll just need to configure GDM to allow remote connections. That's > possible through the "Login Window" preferences. Is there any side effects to this or should everything still work just as before? Only reason to doing this that teachers still run OSX until next summer. So in the meantime I want to provide them and easy solution (such as a shortcut on their desktop) that will allow them to run the LTSP environment from their current osx session without any rebooting or anything. So the old X -query trick was the first thing that came to mind. If you could just give me a confirmation that this "shouldn't" (I promise I won't take that as a guarantee :-) break anything or have any performance hits, I'll give it a whirl. I thought of VNC or FreeNX, but just thought that this could be quicker, and the keyboard mapping thing was a bugger before when I tried it. But that was almost 5 months ago, so maybe this is fixed. Thanks, Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jim at winonacotter.org Mon Oct 22 17:52:12 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Mon, 22 Oct 2007 12:52:12 -0500 Subject: [K12OSN] Removing students home from desktop In-Reply-To: <471C5B380200003C00004404@BCPSSMTP.battle-creek.k12.mi.us> References: <471C5B380200003C00004404@BCPSSMTP.battle-creek.k12.mi.us> Message-ID: <20071022174853.M898@winonacotter.org> On Mon, 22 Oct 2007 08:11:36 -0400, Joe Korzeniewski wrote > Does anyone know of a way to remove default icons from the desktop such as the > students' home folder, computer and trash? I have a script that mounts their > network share once they have logged in, so I don't want to confuse them with > their linux home directory. I added the home icon to our Edubuntu Feisty setup with gconf-editor by checking /apps/nautilus/desktop/home_icon_visible and making it mandatory and default. I imagine this would be similar with Fedora, so just be sure that the box is unchecked and right click and set mandatory and default. This should make them all go away and not show up with new users. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jam at mcquil.com Mon Oct 22 18:39:51 2007 From: jam at mcquil.com (Jim McQuillan) Date: Mon, 22 Oct 2007 14:39:51 -0400 Subject: [K12OSN] X -query possible with LTSP 5? In-Reply-To: <20071022174232.M8345@winonacotter.org> References: <20071022160943.M24494@winonacotter.org> <471CD9E4.3090804@McQuil.com> <20071022174232.M8345@winonacotter.org> Message-ID: <471CEE77.1060305@McQuil.com> Jim, Enabling remote access on the login manager won't effect LTSP in any way. Keep in mind that by enabling remote access it does setup a certain amount of vulnerability, but anybody running LTSP-4.2 already has that vulnerability anyway, so i'm thinking it's not a big deal for you. Jim McQuillan jam at Ltsp.org Jim Kronebusch wrote: > On Mon, 22 Oct 2007 13:12:04 -0400, Jim McQuillan wrote >> Jim, >> >> Sure it's possible. Just because LTSP isn't using XDMCP anymore doesn't >> mean you can't use it from a mac. >> >> You'll just need to configure GDM to allow remote connections. That's >> possible through the "Login Window" preferences. > > Is there any side effects to this or should everything still work just as before? > > Only reason to doing this that teachers still run OSX until next summer. So in the > meantime I want to provide them and easy solution (such as a shortcut on their desktop) > that will allow them to run the LTSP environment from their current osx session without > any rebooting or anything. So the old X -query trick was the first thing that came to mind. > > If you could just give me a confirmation that this "shouldn't" (I promise I won't take > that as a guarantee :-) break anything or have any performance hits, I'll give it a whirl. > > I thought of VNC or FreeNX, but just thought that this could be quicker, and the > keyboard mapping thing was a bugger before when I tried it. But that was almost 5 > months ago, so maybe this is fixed. > > Thanks, > Jim > From jim at winonacotter.org Mon Oct 22 21:18:40 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Mon, 22 Oct 2007 16:18:40 -0500 Subject: [K12OSN] X -query possible with LTSP 5? In-Reply-To: <471CEE77.1060305@McQuil.com> References: <20071022160943.M24494@winonacotter.org> <471CD9E4.3090804@McQuil.com> <20071022174232.M8345@winonacotter.org> <471CEE77.1060305@McQuil.com> Message-ID: <20071022211740.M60072@winonacotter.org> On Mon, 22 Oct 2007 14:39:51 -0400, Jim McQuillan wrote > Jim, > > Enabling remote access on the login manager won't effect LTSP in any way. > > Keep in mind that by enabling remote access it does setup a certain > amount of vulnerability, but anybody running LTSP-4.2 already has that > vulnerability anyway, so i'm thinking it's not a big deal for you. Thanks Jim, I'll give it a shot tomorrow. After this year all the macs will be history anyhow, I just need to get their feet wet. -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jones_yeates at hotmail.com Mon Oct 22 22:10:53 2007 From: jones_yeates at hotmail.com (jones yeates) Date: Mon, 22 Oct 2007 22:10:53 +0000 Subject: [K12OSN] NAT In-Reply-To: <471CD856.9070004@peopleplaces.org> References: <20071022160943.M24494@winonacotter.org> <471CD856.9070004@peopleplaces.org> Message-ID: Thank you! The line: PUBLIC_IP was completely missing. ----------------------------------------> Date: Mon, 22 Oct 2007 13:05:26 -0400> From: mblinn at peopleplaces.org> To: k12osn at redhat.com> Subject: Re: [K12OSN] NAT>> The file /etc/init.d/nat has your public ethernet card and public IP -> Change these to your new IP, service nat restart, and you should be OK> -Michael>> jones yeates wrote:>> I had everything working. Then I changed the IP address for eth1 to a static IP, did a service network restart and lost some stuff.>>>> I have a lab that can boot both into LInux and Windows. Everything works fine in LInux. In Windows I can't seem to get the clients to ping outside of the LAN.>>>> I have tried:>> service nat stop>> service iptables stop>> iptables --flush>> iptables --table nat --flush>> iptables --delete-chain>> iptables --table nat --delete-chain>> iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE>> iptables --append FORWARD --in-interface eth0 -j ACCEPT>> service nat start>> service iptables start>>>> I even tried: service iptables-k12ltsp start>> and it won't start up because I took the firewall off, which was off when I was able to start it last time. THe iptables-k12ltsp is was what got the nat thing working last time. Any ideas what I could be doing wrong?>>>> Thanks.>>>> _______________________________________________> K12OSN mailing list> K12OSN at redhat.com> https://www.redhat.com/mailman/listinfo/k12osn> For more info see _________________________________________________________________ R U Ready for Windows Live Messenger Beta 8.5? Try it today! http://entertainment.sympatico.msn.ca/WindowsLiveMessenger From jkorzeni at battle-creek.k12.mi.us Tue Oct 23 11:38:16 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Tue, 23 Oct 2007 07:38:16 -0400 Subject: [K12OSN] Removing students home from desktop In-Reply-To: <20071022174853.M898@winonacotter.org> References: <471C5B380200003C00004404@BCPSSMTP.battle-creek.k12.mi.us> <20071022174853.M898@winonacotter.org> Message-ID: <471DA511.6C73.003C.0@battle-creek.k12.mi.us> Worked like a charm, thanks a bunch. -Joe >>> "Jim Kronebusch" 10/22/2007 1:52 PM >>> On Mon, 22 Oct 2007 08:11:36 -0400, Joe Korzeniewski wrote > Does anyone know of a way to remove default icons from the desktop such as the > students' home folder, computer and trash? I have a script that mounts their > network share once they have logged in, so I don't want to confuse them with > their linux home directory. I added the home icon to our Edubuntu Feisty setup with gconf-editor by checking /apps/nautilus/desktop/home_icon_visible and making it mandatory and default. I imagine this would be similar with Fedora, so just be sure that the box is unchecked and right click and set mandatory and default. This should make them all go away and not show up with new users. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From jkorzeni at battle-creek.k12.mi.us Tue Oct 23 11:39:55 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Tue, 23 Oct 2007 07:39:55 -0400 Subject: [K12OSN] Removing students home from desktop In-Reply-To: <4219988b0710221008jd8a243cwc6efd9675b3a5170@mail.gmail.com> References: <471C5B380200003C00004404@BCPSSMTP.battle-creek.k12.mi.us> <4219988b0710221008jd8a243cwc6efd9675b3a5170@mail.gmail.com> Message-ID: <471DA574.6C73.003C.0@battle-creek.k12.mi.us> Nadav, Thanks for your help. I should have mentioned that I was using K12LTSP6. I didn't see the .desktop files for home and such. Just out of curiosity, what version are you running? -Joe >>> "Nadav Kavalerchik" 10/22/2007 1:08 PM >>> here is a link to a script we use: http://www.eagle-israel.co.il/ltsp/admin-scripts/clear-new-users-desktop-files it uses a text file with a list of users. http://www.eagle-israel.co.il/ltsp/admin-scripts/users.list enjoy :-) On 10/22/07, Joe Korzeniewski wrote: > Does anyone know of a way to remove default icons from the desktop such as the students' home folder, computer and trash? I have a script that mounts their network share once they have logged in, so I don't want to confuse them with their linux home directory. > > Thanks, > > -Joe Korzeniewski > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From rmiller at seminole.k12.ga.us Tue Oct 23 14:47:00 2007 From: rmiller at seminole.k12.ga.us (Ronnie Miller) Date: Tue, 23 Oct 2007 10:47:00 -0400 (EDT) Subject: [K12OSN] Yum updates and Proxy Settings (chapter 2) Message-ID: <41560.10.10.100.1.1193150820.squirrel@mail.seminole.k12.ga.us> Hey guys, I'm still not having any luck with this issue. Since we started the authenticating to our LDAP server to get proxy access, I've been unable to get any updates or do anything with yum. I tried what Dan suggested below (thanks Dan!), but I get the following error: "-bash: export: `10.10.100.1:8080/': not a valid identifier" 10.10.100.1:8080 is the address of my proxy. Any ideas? Re: [K12OSN] Yum updates and Proxy Settings (chapter 2) * From: "Dan Young" * To: "Support list for open source software in schools." * Subject: Re: [K12OSN] Yum updates and Proxy Settings (chapter 2) * Date: Wed, 17 Oct 2007 08:47:22 -0700 On 10/17/07, Ronnie Miller wrote: > I changes the yum.conf file to show the right proxy settings and even > added a valid user name and password. I've saved and restarted the > server, but still no luck. What am I missing? > > Here's the entries I have in /etc/yum.conf > > proxy=http://10.10.100.1:8080 proxy_username=user > proxy_password=password >From a terminal, can you try: export http_proxy=http://username:password your_proxy:port/ yum list updates -- Dan Young Multnomah ESD - Technology Services 503-257-1562 -- Ronnie Miller Technology Specialist Seminole County Schools 800 S. Woolfork Ave. Donalsonville, GA 39845 229.524.5235 Ext. 227 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From dyoung at mesd.k12.or.us Tue Oct 23 15:01:24 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Tue, 23 Oct 2007 08:01:24 -0700 Subject: [K12OSN] Yum updates and Proxy Settings (chapter 2) In-Reply-To: <41560.10.10.100.1.1193150820.squirrel@mail.seminole.k12.ga.us> References: <41560.10.10.100.1.1193150820.squirrel@mail.seminole.k12.ga.us> Message-ID: <994441ae0710230801r40251ab1x872bf98800968ee7@mail.gmail.com> Might want to try that export again, looks like my mail got munged somewhere, you want to do: export http_proxy=http://username:password at your_proxy:port/ note the @ here --------------^ -- Dan Young Multnomah ESD - Technology Services 503-257-1562 On 10/23/07, Ronnie Miller wrote: > Hey guys, I'm still not having any luck with this issue. Since we started > the authenticating to our LDAP server to get proxy access, I've been > unable to get any updates or do anything with yum. > > I tried what Dan suggested below (thanks Dan!), but I get the following > error: > > "-bash: export: `10.10.100.1:8080/': not a valid identifier" > > 10.10.100.1:8080 is the address of my proxy. Any ideas? > > > Re: [K12OSN] Yum updates and Proxy Settings (chapter 2) > > * From: "Dan Young" > * To: "Support list for open source software in schools." redhat com> > * Subject: Re: [K12OSN] Yum updates and Proxy Settings (chapter 2) > * Date: Wed, 17 Oct 2007 08:47:22 -0700 > > On 10/17/07, Ronnie Miller wrote: > > I changes the yum.conf file to show the right proxy settings and even > > added a valid user name and password. I've saved and restarted the > > server, but still no luck. What am I missing? > > > > Here's the entries I have in /etc/yum.conf > > > > proxy=http://10.10.100.1:8080 proxy_username=user > > proxy_password=password > > >From a terminal, can you try: > export http_proxy=http://username:password your_proxy:port/ > yum list updates > > -- > Dan Young > Multnomah ESD - Technology Services > 503-257-1562 > > > > -- > Ronnie Miller > Technology Specialist > Seminole County Schools > 800 S. Woolfork Ave. > Donalsonville, GA 39845 > 229.524.5235 Ext. 227 > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From dyoung at mesd.k12.or.us Tue Oct 23 15:28:05 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Tue, 23 Oct 2007 08:28:05 -0700 Subject: [K12OSN] Re: Yum update and proxy setting In-Reply-To: <56737.10.10.100.1.1193152535.squirrel@mail.seminole.k12.ga.us> References: <58155.10.10.100.1.1193150549.squirrel@mail.seminole.k12.ga.us> <994441ae0710230803i3474d120x9fefac1884512192@mail.gmail.com> <56737.10.10.100.1.1193152535.squirrel@mail.seminole.k12.ga.us> Message-ID: <994441ae0710230828x60f775d4xb7fd8b3f1a64bdea@mail.gmail.com> Can you comment out the proxy* lines in /etc/yum.conf? -- Dan Young Multnomah ESD - Technology Services 503-257-1562 On 10/23/07, Ronnie Miller wrote: > Dan, I tried this, but here's the error I'm getting in the terminal window: > > Could not retrieve mirrorlist > http://k12linux.mesd.k12.or.us/mirrors/k12ltsp-5.0EL-i386 error was > [Errno 4] IOError: > Error: Cannot find a valid baseurl for repo: k12ltsp > [root at e214 ~]# > > Any ideas? > > > I replied on the K12OSN list so hopefully others might benefit too. > > Looks like you're just missing the "@" between the proxy password and > > the proxy hostname. Don't know where that's getting munged, but it > > looks OK in the source of the original message I sent. Hope this > > helps. > > > > -- > > Dan Young > > Multnomah ESD - Technology Services > > 503-257-1562 > > > > On 10/23/07, Ronnie Miller wrote: > >> Good morning, Dan. Recently, I posted this problem on the K12LTSP > >> archives > >> and you gave me soemthing to try. To refesh your memory about my > >> problem: > >> > >> We recently switched to proxying internet access and have tied it to our > >> Netware NDS tree via LDAP. It works very well, except for yum updates. > >> Before tying it to LDAP to track user logins, we were just using > >> straight > >> proxy settings of 10.10.100.1:8080 as our proxy server. I found how to > >> set > >> yum.conf to reflect our proxy (thanks to the K12LTSP archive) and yum > >> worked until we activated the LDAP authentication. > >> > >> You suggested that I try: > >> > >> >From a terminal, can you try: > >> export http_proxy=http://username:password your_proxy:port/ > >> yum list updates > >> > >> So, I go to terminal and enter: > >> > >> >From a terminal, can you try: > >> export http_proxy=http://username:password 10.10.100.1:8080/ > >> > >> And get the following error: > >> "-bash: export: `10.10.100.1:8080/': not a valid identifier" > >> > >> So, now I can't install updates or make changes to our installed > >> software. > >> There may be a command line method for doing all this, but I'm not that > >> skilled on Linux/Fedora yet. Being an overworked, underpaid tech > >> specialist in a small school system, I really haven't had the time to > >> devote to learning the ins and outs of Linux, so I depend on gui's to do > >> my jobs. > >> > >> Any help you can give me would be appreciated. Thanks for what you've > >> done! > >> > >> > >> -- > >> Ronnie Miller > >> Technology Specialist > >> Seminole County Schools > >> 800 S. Woolfork Ave. > >> Donalsonville, GA 39845 > >> 229.524.5235 Ext. 227 > >> > >> -- > >> This message has been scanned for viruses and > >> dangerous content by MailScanner, and is > >> believed to be clean. > >> > >> > > > > -- > > This message has been scanned for viruses and > > dangerous content by MailScanner, and is > > believed to be clean. > > > > > -- > Ronnie Miller > Technology Specialist > Seminole County Schools > 800 S. Woolfork Ave. > Donalsonville, GA 39845 > 229.524.5235 Ext. 227 > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > From jkorzeni at battle-creek.k12.mi.us Tue Oct 23 16:09:44 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Tue, 23 Oct 2007 12:09:44 -0400 Subject: [K12OSN] Ghostscript - A tough one Message-ID: <471DE496.6C73.003C.0@battle-creek.k12.mi.us> This isn't as much of a k12ltsp problem as it is a plain old fc6 problem. I am trying to use the foo2hp driver provided here: http://foo2hp.rkkda.com/ but it mentions an issue with the version of ghostscript on FC6 (8.15). Just like it says, I can print B&W but not color. Somehow I need to get a ghostscript on there that is 8.54 or later. I tried building from GS from source, but ghostscript -v still returns the 8.15 as the version. There aren't any updated GS packages in yum and I have tried installing the FC8 package for GS 8.6 and have a huge trail of missing dependencies and conflicts (expected). Just wondering if anybody has any ideas or has been through this before. Thanks, -Joe From spowers at inlandlakes.org Tue Oct 23 16:17:54 2007 From: spowers at inlandlakes.org (Shawn Powers) Date: Tue, 23 Oct 2007 12:17:54 -0400 Subject: [K12OSN] Archiving Email Message-ID: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> If you are archiving every incoming and outgoing email in your network, how are you doing it? We've had too many instances that have required searching, and my current email backup scheme doesn't really lend itself to forensics. Is it possible to pipe all emails (again, incoming and outgoing) into something like pipermail that mailman uses? Ideally with searching and sorting abilities... I'm currently using sendmail and dovecot with maildir folders. I'm willing to change MTAs, but I'm really scratching my head to come up with the best way to accomplish the task. I'm looking for any advice you can offer. (No, I'm not looking for ethical or political responses, we're way past that...) Thanks, -Shawn -- Shawn Powers Technology Director Inland Lakes Schools PHN: 231-238-6868 x9174 FAX: 509-356-7024 spowers at inlandlakes.org Work Website: http://techcorner.inlandlakes.org Personal Blog: http://www.brainofshawn.com ---- The views, opinions, visions, thoughts, comments, sarcastic whims, forecasts, poetic outbursts, cynical wit, future plans, implementation ideas, OS preference, curricular insight, ice cream preference, or anything else I might infer are not the views of Inland Lakes Schools. Pretty much everything I say, do, think, or imply with punctuation should be considered my own delusions, and ignored completely. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mblinn at peopleplaces.org Tue Oct 23 17:22:12 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Tue, 23 Oct 2007 13:22:12 -0400 Subject: [K12OSN] Ghostscript - A tough one In-Reply-To: <471DE496.6C73.003C.0@battle-creek.k12.mi.us> References: <471DE496.6C73.003C.0@battle-creek.k12.mi.us> Message-ID: <471E2DC4.4090501@peopleplaces.org> If the ghostscript command is still returning the old on, yum erase it first, then try your build from source install. -Michael Joe Korzeniewski wrote: > This isn't as much of a k12ltsp problem as it is a plain old fc6 problem. I am trying to use the foo2hp driver provided here: http://foo2hp.rkkda.com/ but it mentions an issue with the version of ghostscript on FC6 (8.15). Just like it says, I can print B&W but not color. Somehow I need to get a ghostscript on there that is 8.54 or later. I tried building from GS from source, but ghostscript -v still returns the 8.15 as the version. There aren't any updated GS packages in yum and I have tried installing the FC8 package for GS 8.6 and have a huge trail of missing dependencies and conflicts (expected). Just wondering if anybody has any ideas or has been through this before. > > Thanks, > > -Joe > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > -- CONFIDENTIALITY NOTICE: This message, and any attachments that may accompany it, contain information that is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise exempt from disclosure under applicable law. If the recipient of this message is not the intended recipient, any disclosure, copying, or other use of this communication or any of the information, which it contains is unauthorized and prohibited. If you have received this message in error, please notify the original sender by return mail and delete this message, along with any attachments, from your computer. Thank you. From akisakye at ucs.ucu.ac.ug Tue Oct 23 17:18:04 2007 From: akisakye at ucs.ucu.ac.ug (Kisakye ALex) Date: Tue, 23 Oct 2007 20:18:04 +0300 Subject: [K12OSN] Archiving Email In-Reply-To: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> Message-ID: <200710231807.l9NI21S7013639@mx3.redhat.com> Hi, I don't know of any archives for sendmail There is something for Qmail call qmail-taps. How it works, it keeps a copy of sent and received email at a specified email address. It can work per address archiving or for the whole domain. I use it personally This is if you decide to change MTA. ALex _____ From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On Behalf Of Shawn Powers Sent: Tuesday, October 23, 2007 7:18 PM To: k12osn at redhat.com Subject: [K12OSN] Archiving Email If you are archiving every incoming and outgoing email in your network, how are you doing it? We've had too many instances that have required searching, and my current email backup scheme doesn't really lend itself to forensics. Is it possible to pipe all emails (again, incoming and outgoing) into something like pipermail that mailman uses? Ideally with searching and sorting abilities... I'm currently using sendmail and dovecot with maildir folders. I'm willing to change MTAs, but I'm really scratching my head to come up with the best way to accomplish the task. I'm looking for any advice you can offer. (No, I'm not looking for ethical or political responses, we're way past that...) Thanks, -Shawn -- Shawn Powers Technology Director Inland Lakes Schools PHN: 231-238-6868 x9174 FAX: 509-356-7024 spowers at inlandlakes.org Work Website: http://techcorner.inlandlakes.org Personal Blog: http://www.brainofshawn.com ---- The views, opinions, visions, thoughts, comments, sarcastic whims, forecasts, poetic outbursts, cynical wit, future plans, implementation ideas, OS preference, curricular insight, ice cream preference, or anything else I might infer are not the views of Inland Lakes Schools. Pretty much everything I say, do, think, or imply with punctuation should be considered my own delusions, and ignored completely. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dyoung at mesd.k12.or.us Tue Oct 23 18:25:00 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Tue, 23 Oct 2007 11:25:00 -0700 Subject: [K12OSN] Archiving Email In-Reply-To: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> References: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> Message-ID: <994441ae0710231125v7e967143x24d40eebcb0cb8e7@mail.gmail.com> On 10/23/07, Shawn Powers wrote: > If you are archiving every incoming and outgoing email in your > network, how are you doing it? We've had too many instances that have > required searching, and my current email backup scheme doesn't really > lend itself to forensics. This has come up in the context of my work. We're evaluating some possiblilites right now. One that occurred to me was to BCC everything to a Zimbra box, since that appears to index mail using Lucene. It has a command-line client to query the index: http://wiki.zimbra.com/index.php?title=CLI_zmmboxsearch_%28Cross_mailbox_search%29 I have no clue how well that scales. There seem to be a plethora of commercial options, with Sarbanes-Oxley being the driver as near as I can tell. -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From rasher at paragould.k12.ar.us Tue Oct 23 20:02:43 2007 From: rasher at paragould.k12.ar.us (Rob Asher) Date: Tue, 23 Oct 2007 15:02:43 -0500 Subject: [K12OSN] Archiving Email In-Reply-To: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> References: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> Message-ID: <471E0D18.0172.0037.0@paragould.k12.ar.us> Using an email gateway/filter such as MailScanner(http://www.mailscanner.info/) on top of sendmail, you have the option to archive all mail passing through it or forward a copy to a particular mbox - http://www.mailscanner.info/MailScanner.conf.index.html#Archive%20Mail You can also achieve about the same effect and also have the messages purged on a schedule using the "store" option with the various mail actions in the config file such as http://www.mailscanner.info/MailScanner.conf.index.html#Non%20Spam%20Actions, http://www.mailscanner.info/MailScanner.conf.index.html#Spam%20Actions and http://www.mailscanner.info/MailScanner.conf.index.html#High%20Scoring%20Spam%20Actions Adding a web based front end to the system like Mailwatch http://mailwatch.sourceforge.net/doku.php gives you the option to search through all the messages in the quarantine by date and run various reports against the stored messages as well. HTH, Rob ------------------------------------- Rob Asher Network Systems Technician Paragould School District (870)236-7744 Ext. 169 >>> Shawn Powers 10/23/2007 11:17:54 am >>> If you are archiving every incoming and outgoing email in your network, how are you doing it? We've had too many instances that have required searching, and my current email backup scheme doesn't really lend itself to forensics. Is it possible to pipe all emails (again, incoming and outgoing) into something like pipermail that mailman uses? Ideally with searching and sorting abilities... I'm currently using sendmail and dovecot with maildir folders. I'm willing to change MTAs, but I'm really scratching my head to come up with the best way to accomplish the task. I'm looking for any advice you can offer. (No, I'm not looking for ethical or political responses, we're way past that...) Thanks, -Shawn -- Shawn Powers Technology Director Inland Lakes Schools PHN: 231-238-6868 x9174 FAX: 509-356-7024 spowers at inlandlakes.org Work Website: http://techcorner.inlandlakes.org Personal Blog: http://www.brainofshawn.com ---- The views, opinions, visions, thoughts, comments, sarcastic whims, forecasts, poetic outbursts, cynical wit, future plans, implementation ideas, OS preference, curricular insight, ice cream preference, or anything else I might infer are not the views of Inland Lakes Schools. Pretty much everything I say, do, think, or imply with punctuation should be considered my own delusions, and ignored completely. -- This message has been scanned for viruses and dangerous content by The MailScanner at the Paragould School District, http://paragould.k12.ar.us, and is believed to be clean. From jim at winonacotter.org Tue Oct 23 21:04:08 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Tue, 23 Oct 2007 16:04:08 -0500 Subject: [K12OSN] Archiving Email In-Reply-To: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> References: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> Message-ID: <20071023205152.M53428@winonacotter.org> On Tue, 23 Oct 2007 12:17:54 -0400, Shawn Powers wrote > If you are archiving every incoming and outgoing email in your > network, how are you doing it? We've had too many instances that > have required searching, and my current email backup scheme doesn't > really lend itself to forensics. > > Is it possible to pipe all emails (again, incoming and outgoing) into > something like pipermail that mailman uses? Ideally with searching > and sorting abilities... > > I'm currently using sendmail and dovecot with maildir folders. I'm > willing to change MTAs, but I'm really scratching my head to come up > with the best way to accomplish the task. I'm looking for any advice > you can offer. > > (No, I'm not looking for ethical or political responses, we're way > past that...) Well, here is something I've been using for a few years now. My business has ran into companies that we serve mail for who have wanted archives of all incoming or outgoing mail for reference in court trials if necessary. Now it is actually a law that archives must be kept. So that eliminates any of the ethical or political responses :-) I run postfix, but I assume there is something very similar for sendmail. First you need to create the lookup files. First is /etc/postfix/sender_bcc_maps. This would have a list of email addresses or domains in order of from to like so: @yourdomain.com archive at yourdomain.com specific_sender at yourdomain.com specific_user at yourdomain.com Just create a text file with the syntax above and save it. The run "postmap /etc/postfix/sender_bcc_maps" to create the database file. Anytime this file is modified you'll have to run the postmap command to update the database. This will catch all outgoing email. Then you can create a /etc/postfix/recipient_bcc_maps file with the same syntax to catch all incoming email: @yourdomain.com archive at yourdomain.com specific_sender at yourdomain.com specific_user at yourdomain.com Save that and run the postmap command. Then modify your /etc/postfix/main.cf and add the following to the end of the file: # Archive mail from specific Sender sender_bcc_maps = hash:/etc/postfix/sender_bcc_maps # Archive mail to specific recipient recipient_bcc_maps = hash:/etc/postfix/recipient_bcc_maps Then reload the postfix configuration with "/etc/init.d/postfix reload". Of course create your archive users in advance. Now you have all archive mail in a single mailbox for future reference. You can browse this with webmail or download periodically to an email client and then backup the client data. You can also use this for many other purposes. Basically this just adds a bcc at the server level to all sent/received email to the specified addresses. Very handy. Hope this helps someone. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jkinney at localnetsolutions.com Wed Oct 24 12:48:11 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Wed, 24 Oct 2007 08:48:11 -0400 Subject: [K12OSN] HP buys neoware Message-ID: <1193230091.3960.650.camel@merlin.localnetsolutions.com> Interesting: http://www.neoware.com/HP-acquires-Neoware.php -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From peter at scheie.homedns.org Wed Oct 24 13:11:30 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Wed, 24 Oct 2007 08:11:30 -0500 Subject: [K12OSN] autologin with GDM on K12LTSP5-EL Message-ID: <471F4482.2020407@scheie.homedns.org> I'm setting up autologin on a K12LTSP5-EL (CentOS 5) system. While it works for those client machines that I designate for autologin, it's causing problems with those that should not autologin. On a client that should autologin, the GDM greeter shows a message that says "Login auto1 will login in X seconds", and X counts down to zero and it logs in. But on a non-autologin client, there should be no message at all; it should just sit there waiting for a user to login. Instead, I'm seeing "Login will login in X seconds"; note the blank ID. So, while the autologin script is not returning a login ID for autologin for that client, just as it should, GDM is still trying to make that client do autologin, rather than interpreting the null value that the /usr/bin/autologin| setting in /etc/gdm/custom.conf returns to mean "don't do autologin". I've compared the /etc/gdm/custom.conf and /usr/bin/autologin with that of a K12LTSP6 system where autologin is working correctly, and they're identical, which suggests that GDM is once again broken with respect to autologin. K12LTSP 6/Fedora 6 uses gdm 2.16.5 whereas K12LTSP5-EL/CentOS 5 uses gdm 2.16.0. Is anyone else who is running autologin on 5-EL seeing this behavior? Peter From jkinney at localnetsolutions.com Wed Oct 24 13:06:11 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Wed, 24 Oct 2007 09:06:11 -0400 Subject: [K12OSN] autologin with GDM on K12LTSP5-EL In-Reply-To: <471F4482.2020407@scheie.homedns.org> References: <471F4482.2020407@scheie.homedns.org> Message-ID: <1193231171.3960.657.camel@merlin.localnetsolutions.com> On Wed, 2007-10-24 at 08:11 -0500, Peter Scheie wrote: > I'm setting up autologin on a K12LTSP5-EL (CentOS 5) system. While it > works for those client machines that I designate for autologin, it's > causing problems with those that should not autologin. On a client that > should autologin, the GDM greeter shows a message that says "Login auto1 > will login in X seconds", and X counts down to zero and it logs in. But > on a non-autologin client, there should be no message at all; it should > just sit there waiting for a user to login. Instead, I'm seeing "Login > will login in X seconds"; note the blank ID. So, while the autologin > script is not returning a login ID for autologin for that client, just > as it should, GDM is still trying to make that client do autologin, > rather than interpreting the null value that the /usr/bin/autologin| > setting in /etc/gdm/custom.conf returns to mean "don't do autologin". > > I've compared the /etc/gdm/custom.conf and /usr/bin/autologin with that > of a K12LTSP6 system where autologin is working correctly, and they're > identical, which suggests that GDM is once again broken with respect to > autologin. K12LTSP 6/Fedora 6 uses gdm 2.16.5 whereas > K12LTSP5-EL/CentOS 5 uses gdm 2.16.0. Is anyone else who is running > autologin on 5-EL seeing this behavior? I don't have autologin enabled on my 5-EL setup. But I expect that since 5-EL uses the same gdm as K12LTSP5 did originally, the same fix should be applied - upgrade the busted gdm to a newer version. The src.rpm from K12LTSP6 _should_ be a drop in replacement after compiling it with rpmbuild --rebuild gdm-2.616.5.src.rpm and then an rpm -Uvh > > Peter > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From les at futuresource.com Wed Oct 24 13:10:13 2007 From: les at futuresource.com (Les Mikesell) Date: Wed, 24 Oct 2007 08:10:13 -0500 Subject: [K12OSN] Archiving Email In-Reply-To: <994441ae0710231125v7e967143x24d40eebcb0cb8e7@mail.gmail.com> References: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> <994441ae0710231125v7e967143x24d40eebcb0cb8e7@mail.gmail.com> Message-ID: <471F4435.4060201@futuresource.com> Dan Young wrote: > On 10/23/07, Shawn Powers wrote: >> If you are archiving every incoming and outgoing email in your >> network, how are you doing it? We've had too many instances that have >> required searching, and my current email backup scheme doesn't really >> lend itself to forensics. > > This has come up in the context of my work. We're evaluating some > possiblilites right now. One that occurred to me was to BCC everything > to a Zimbra box, since that appears to index mail using Lucene. It has a > command-line client to query the index: > > http://wiki.zimbra.com/index.php?title=CLI_zmmboxsearch_%28Cross_mailbox_search%29 > > I have no clue how well that scales. > > There seem to be a plethora of commercial options, with Sarbanes-Oxley > being the driver as near as I can tell. If you are running sendmail, I'd recommend adding MimeDefang to get more control. It runs as a miter, provides a lot of built in functionality in terms of virus and spam scanning, and lets you control all the delivery steps with a small snippet of perl. -- Les Mikesell lesmikesell at gmail.com From jim at winonacotter.org Wed Oct 24 19:24:08 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Wed, 24 Oct 2007 14:24:08 -0500 Subject: [K12OSN] OT Help with file deletion script Message-ID: <20071024192118.M46396@winonacotter.org> I need to purge files out of an old /home server that is only running email now. I need a script that will run through every user folder on /home and delete every file/folder except a folder named "mail" and a folder named ".openwebmail". I need those two folders and their contents to remain untouched. Can anyone help with this? Of course I'll assume all caveats regarding testing first and not hold anyone responsible for data loss :-) Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From dhuckaby at paasda.org Wed Oct 24 19:34:44 2007 From: dhuckaby at paasda.org (Huck) Date: Wed, 24 Oct 2007 12:34:44 -0700 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <20071024192118.M46396@winonacotter.org> References: <20071024192118.M46396@winonacotter.org> Message-ID: <471F9E54.2060105@paasda.org> for $x in 'ls' do for $y in 'ls -a' if $y != 'mail' || '.openwebmail' do rm -rf $y something like that? of course that won't run..but it's the logical thinking behind it maybe? --Huck Jim Kronebusch wrote: > I need to purge files out of an old /home server that is only running email now. I need > a script that will run through every user folder on /home and delete every file/folder > except a folder named "mail" and a folder named ".openwebmail". I need those two > folders and their contents to remain untouched. Can anyone help with this? > > Of course I'll assume all caveats regarding testing first and not hold anyone > responsible for data loss :-) > > Jim > From rowens at ptd.net Wed Oct 24 19:40:55 2007 From: rowens at ptd.net (Rob Owens) Date: Wed, 24 Oct 2007 15:40:55 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1192906002.3960.443.camel@merlin.localnetsolutions.com> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> Message-ID: <20071024194055.GA19941@junker.owens.net> On Sat, Oct 20, 2007 at 02:46:42PM -0400, James P. Kinney III wrote: > On Sun, 2007-10-21 at 06:32 +1300, Krsnendu dasa wrote: > > On 21/10/2007, James P. Kinney III wrote: > > > On Fri, 2007-10-19 at 19:55 -0400, Rob Owens wrote: > > > > > It looks like you need to add users FROM the LDAP space TO the local > > > fuse group. > > > > > > I think that creating an LDAP group called fusers and adding LDAP > > > accounts to this group is step one. Then add the LDAP group fusers to be > > > a member of the local machine fuse group. > > > > Step one is straightforward. > > How do you do step two? > > From a console on the server as root: > > vigr (this is a vi-based group file editor - it locks the file to > prevent other writes) > > now append fusers to the fuse group entry. If it is after another entry > for the fuse group, use a comma between the entries. I tried adding an ldap group to a local group and it did not work properly (it was as if members of the ldap group were not members of the local group). Then I tried adding a local group to another local group and that also did not work (similar results as above). Is there something special I need to do in order to allow a group to be a member of another group and have the "child group" inherit the permissions of the "parent group"? -Rob From jim at winonacotter.org Wed Oct 24 20:10:03 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Wed, 24 Oct 2007 15:10:03 -0500 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <471F9E54.2060105@paasda.org> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> Message-ID: <20071024200827.M80473@winonacotter.org> On Wed, 24 Oct 2007 12:34:44 -0700, Huck wrote > for $x in 'ls' > do > for $y in 'ls -a' > if $y != 'mail' || '.openwebmail' > do rm -rf $y > > something like that? > of course that won't run..but it's the logical thinking behind it maybe? I'm not sure, I'll play around and see if I can get it to work. Thanks, Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jim at winonacotter.org Wed Oct 24 20:13:33 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Wed, 24 Oct 2007 15:13:33 -0500 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071024194055.GA19941@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> Message-ID: <20071024201039.M67568@winonacotter.org> > > From a console on the server as root: > > > > vigr (this is a vi-based group file editor - it locks the file to > > prevent other writes) > > > > now append fusers to the fuse group entry. If it is after another entry > > for the fuse group, use a comma between the entries. > > I tried adding an ldap group to a local group and it did not work properly (it > was as if members of the ldap group were not members of the local group). > Then I tried adding a local group to another local group and that also did not > work (similar results as above). Is there something special I need to do in > order to allow a group to be a member of another group and have the "child > group" inherit the permissions of the "parent group"? > > -Rob I had tried the same thing before and could not get this too work. As you said it acted as if the users were not part of the group. I was only able to get local groups working if I mirrored them in the LDAP server as shown in Step 4 of www.1-cs.com/ubuntu_ldap_howto.txt. I then set up Webmin to add all new users to these groups. This is working very well for me. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From cisna-barry at wc235.k12.il.us Wed Oct 24 20:31:12 2007 From: cisna-barry at wc235.k12.il.us (Mr Barry Cisna) Date: Wed, 24 Oct 2007 15:31:12 -0500 (CDT) Subject: [K12OSN] maximum directory size for linux /vsftp Message-ID: <61789.74.32.255.121.1193257872.squirrel@216.24.126.68> Hello All, I'm not sure this is a limitation of Linux or vsftp? Our school purchased Adobe Premium Design( on DVD), for Winders,so I uploaded to our vsftp server. The upload was fine but after uploading I wanted to chmod the files to 755,so whoever wanted to access them could install right from the ftp server. I could not cd into that directory? As soon as I cut the "bulk" of the subfolders and pasted into another directory( just to test my theory). I could then cd into the Adobe directory. So,,, what is the default maximum file/folder size for Linux,or vsftp? Is this the maxfilesize that I can not even remember were this is located now? I've never run into this scenario before. The directory shows to be 1.9 GB in size when i do properties on it. Thanks, Barry Cisna westcentral school From jkinney at localnetsolutions.com Wed Oct 24 20:32:00 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Wed, 24 Oct 2007 16:32:00 -0400 Subject: [K12OSN] maximum directory size for linux /vsftp In-Reply-To: <61789.74.32.255.121.1193257872.squirrel@216.24.126.68> References: <61789.74.32.255.121.1193257872.squirrel@216.24.126.68> Message-ID: <1193257920.3960.695.camel@merlin.localnetsolutions.com> On Wed, 2007-10-24 at 15:31 -0500, Mr Barry Cisna wrote: > Hello All, > > I'm not sure this is a limitation of Linux or vsftp? Our school purchased > Adobe Premium Design( on DVD), for Winders,so I uploaded to our vsftp > server. The upload was fine but after uploading I wanted to chmod the > files to 755,so whoever wanted to access them could install right from the > ftp server. > I could not cd into that directory? As soon as I cut the "bulk" of the > subfolders and pasted into another directory( just to test my theory). I > could then cd into the Adobe directory. So,,, what is the default maximum > file/folder size for Linux,or vsftp? > Is this the maxfilesize that I can not even remember were this is located > now? I've never run into this scenario before. > The directory shows to be 1.9 GB in size when i do properties on it. Sounds like a hard drive problem. My /opt folder is 74+GB (and growing) and it displays and is accessible just fine. Check out dmesg and /var/log/messages for errors. Check the perms on the folder one up from the the location of the new files. > > Thanks, > > Barry Cisna > westcentral school > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From rowens at ptd.net Wed Oct 24 22:29:27 2007 From: rowens at ptd.net (Rob Owens) Date: Wed, 24 Oct 2007 18:29:27 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071024201039.M67568@winonacotter.org> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> Message-ID: <20071024222927.GB26619@junker.owens.net> On Wed, Oct 24, 2007 at 03:13:33PM -0500, Jim Kronebusch wrote: > > > From a console on the server as root: > > > > > > vigr (this is a vi-based group file editor - it locks the file to > > > prevent other writes) > > > > > > now append fusers to the fuse group entry. If it is after another entry > > > for the fuse group, use a comma between the entries. > > > > I tried adding an ldap group to a local group and it did not work properly (it > > was as if members of the ldap group were not members of the local group). > > Then I tried adding a local group to another local group and that also did not > > work (similar results as above). Is there something special I need to do in > > order to allow a group to be a member of another group and have the "child > > group" inherit the permissions of the "parent group"? > > > > -Rob > > I had tried the same thing before and could not get this too work. As you said it acted > as if the users were not part of the group. I was only able to get local groups working > if I mirrored them in the LDAP server as shown in Step 4 of > www.1-cs.com/ubuntu_ldap_howto.txt. I then set up Webmin to add all new users to these > groups. This is working very well for me. Yes, I read that document (thanks, by the way). My only concern is that if I make the GID for the ldap group the same as the GID for the local group, that's only good for one operating system. The GID-to-groupname for Debian, Ubuntu, and CentOS are not always the same. Are there any workarounds for this problem? -Rob From rowens at ptd.net Wed Oct 24 23:34:35 2007 From: rowens at ptd.net (Rob Owens) Date: Wed, 24 Oct 2007 19:34:35 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071024222927.GB26619@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> Message-ID: <20071024233435.GA29736@junker.owens.net> On Wed, Oct 24, 2007 at 06:29:27PM -0400, Rob Owens wrote: > On Wed, Oct 24, 2007 at 03:13:33PM -0500, Jim Kronebusch wrote: > > > > From a console on the server as root: > > > > > > > > vigr (this is a vi-based group file editor - it locks the file to > > > > prevent other writes) > > > > > > > > now append fusers to the fuse group entry. If it is after another entry > > > > for the fuse group, use a comma between the entries. > > > > > > I tried adding an ldap group to a local group and it did not work properly (it > > > was as if members of the ldap group were not members of the local group). > > > Then I tried adding a local group to another local group and that also did not > > > work (similar results as above). Is there something special I need to do in > > > order to allow a group to be a member of another group and have the "child > > > group" inherit the permissions of the "parent group"? > > > > > > -Rob > > > > I had tried the same thing before and could not get this too work. As you said it acted > > as if the users were not part of the group. I was only able to get local groups working > > if I mirrored them in the LDAP server as shown in Step 4 of > > www.1-cs.com/ubuntu_ldap_howto.txt. I then set up Webmin to add all new users to these > > groups. This is working very well for me. > > Yes, I read that document (thanks, by the way). My only concern is that if I make the GID for the ldap group the same as the GID for the local group, that's only good for one operating system. The GID-to-groupname for Debian, Ubuntu, and CentOS are not always the same. > > Are there any workarounds for this problem? I just checked two of my Debian Etch machines for GID-to-groupname info. They are the same up until GID 100 or so, then they start to differ. It seems the GIDs are simply in the order that the groups were created. So very basic system groups probably always have the same GID. But groups for optional packages will tend to differ. For instance, GID 107 on one of my Etch machines is lpadmin, and on the other it's gdm. GID 105 on one Etch machine is mysql, and on the other it's avahi. So what if, for instance, I want an ldap user to be a member of the mysql group on two different machines, and that group is a different GID on each machine? Does this mean I should create a mysql ldap group and remove the local mysql groups? (And that would mean chgrp'ing all the files that had local mysql group associated with them). -Rob From craig at tobyhouse.com Wed Oct 24 23:41:02 2007 From: craig at tobyhouse.com (Craig White) Date: Wed, 24 Oct 2007 16:41:02 -0700 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071024233435.GA29736@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> <20071024233435.GA29736@junker.owens.net> Message-ID: <1193269262.7330.106.camel@cube.tobyhouse.com> On Wed, 2007-10-24 at 19:34 -0400, Rob Owens wrote: > On Wed, Oct 24, 2007 at 06:29:27PM -0400, Rob Owens wrote: > > On Wed, Oct 24, 2007 at 03:13:33PM -0500, Jim Kronebusch wrote: > > > > > From a console on the server as root: > > > > > > > > > > vigr (this is a vi-based group file editor - it locks the file to > > > > > prevent other writes) > > > > > > > > > > now append fusers to the fuse group entry. If it is after another entry > > > > > for the fuse group, use a comma between the entries. > > > > > > > > I tried adding an ldap group to a local group and it did not work properly (it > > > > was as if members of the ldap group were not members of the local group). > > > > Then I tried adding a local group to another local group and that also did not > > > > work (similar results as above). Is there something special I need to do in > > > > order to allow a group to be a member of another group and have the "child > > > > group" inherit the permissions of the "parent group"? > > > > > > > > -Rob > > > > > > I had tried the same thing before and could not get this too work. As you said it acted > > > as if the users were not part of the group. I was only able to get local groups working > > > if I mirrored them in the LDAP server as shown in Step 4 of > > > www.1-cs.com/ubuntu_ldap_howto.txt. I then set up Webmin to add all new users to these > > > groups. This is working very well for me. > > > > Yes, I read that document (thanks, by the way). My only concern is that if I make the GID for the ldap group the same as the GID for the local group, that's only good for one operating system. The GID-to-groupname for Debian, Ubuntu, and CentOS are not always the same. > > > > Are there any workarounds for this problem? > > I just checked two of my Debian Etch machines for GID-to-groupname info. They are the same up until GID 100 or so, then they start to differ. It seems the GIDs are simply in the order that the groups were created. So very basic system groups probably always have the same GID. But groups for optional packages will tend to differ. For instance, GID 107 on one of my Etch machines is lpadmin, and on the other it's gdm. GID 105 on one Etch machine is mysql, and on the other it's avahi. > > So what if, for instance, I want an ldap user to be a member of the mysql group on two different machines, and that group is a different GID on each machine? Does this mean I should create a mysql ldap group and remove the local mysql groups? (And that would mean chgrp'ing all the files that had local mysql group associated with them). ---- makes perfectly good sense Craig From dahopkins429 at gmail.com Thu Oct 25 00:02:01 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Wed, 24 Oct 2007 20:02:01 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1193269262.7330.106.camel@cube.tobyhouse.com> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> <20071024233435.GA29736@junker.owens.net> <1193269262.7330.106.camel@cube.tobyhouse.com> Message-ID: Perhaps I am missing something here, but I thought the whole reason for using a central ldap authentication approach is that all groups and users are defined in the ldap server and every local machine uses that server for authentication and association of rights to local resources (files and such) for all accounts, except for local system accounts and root? The global groups being added to local groups is something that I am familiar with from Microsoft's view of how to assign rights to files, and local resources, but I have never seen it used that way in *nix. As an aside, isn't the purpose of newgrp so you can switch what group your associated with on a local system? Dave Hopkins On 10/24/07, Craig White wrote: > > On Wed, 2007-10-24 at 19:34 -0400, Rob Owens wrote: > > On Wed, Oct 24, 2007 at 06:29:27PM -0400, Rob Owens wrote: > > > On Wed, Oct 24, 2007 at 03:13:33PM -0500, Jim Kronebusch wrote: > > > > > > From a console on the server as root: > > > > > > > > > > > > vigr (this is a vi-based group file editor - it locks the file > to > > > > > > prevent other writes) > > > > > > > > > > > > now append fusers to the fuse group entry. If it is after > another entry > > > > > > for the fuse group, use a comma between the entries. > > > > > > > > > > I tried adding an ldap group to a local group and it did not work > properly (it > > > > > was as if members of the ldap group were not members of the local > group). > > > > > Then I tried adding a local group to another local group and that > also did not > > > > > work (similar results as above). Is there something special I > need to do in > > > > > order to allow a group to be a member of another group and have > the "child > > > > > group" inherit the permissions of the "parent group"? > > > > > > > > > > -Rob > > > > > > > > I had tried the same thing before and could not get this too > work. As you said it acted > > > > as if the users were not part of the group. I was only able to get > local groups working > > > > if I mirrored them in the LDAP server as shown in Step 4 of > > > > www.1-cs.com/ubuntu_ldap_howto.txt. I then set up Webmin to add > all new users to these > > > > groups. This is working very well for me. > > > > > > Yes, I read that document (thanks, by the way). My only concern is > that if I make the GID for the ldap group the same as the GID for the local > group, that's only good for one operating system. The GID-to-groupname for > Debian, Ubuntu, and CentOS are not always the same. > > > > > > Are there any workarounds for this problem? > > > > I just checked two of my Debian Etch machines for GID-to-groupname > info. They are the same up until GID 100 or so, then they start to > differ. It seems the GIDs are simply in the order that the groups were > created. So very basic system groups probably always have the same > GID. But groups for optional packages will tend to differ. For instance, > GID 107 on one of my Etch machines is lpadmin, and on the other it's > gdm. GID 105 on one Etch machine is mysql, and on the other it's avahi. > > > > So what if, for instance, I want an ldap user to be a member of the > mysql group on two different machines, and that group is a different GID on > each machine? Does this mean I should create a mysql ldap group and remove > the local mysql groups? (And that would mean chgrp'ing all the files that > had local mysql group associated with them). > ---- > makes perfectly good sense > > Craig > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From craig at tobyhouse.com Thu Oct 25 00:18:03 2007 From: craig at tobyhouse.com (Craig White) Date: Wed, 24 Oct 2007 17:18:03 -0700 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> <20071024233435.GA29736@junker.owens.net> <1193269262.7330.106.camel@cube.tobyhouse.com> Message-ID: <1193271483.7330.115.camel@cube.tobyhouse.com> On Wed, 2007-10-24 at 20:02 -0400, David Hopkins wrote: > Perhaps I am missing something here, but I thought the whole reason > for using a central ldap authentication approach is that all groups > and users are defined in the ldap server and every local machine uses > that server for authentication and association of rights to local > resources (files and such) for all accounts, except for local system > accounts and root? The global groups being added to local groups is > something that I am familiar with from Microsoft's view of how to > assign rights to files, and local resources, but I have never seen it > used that way in *nix. > > As an aside, isn't the purpose of newgrp so you can switch what group > your associated with on a local system? > ---- the mysql user is a local user/group by Red Hat packaging and I am presuming by the OP, the same is true of Debian/Ubuntu. the issue becomes the toolset that you use to maintain users and groups and the suggestion of smbldap makes me think that OP is using Windows tools to maintain user accounts which isn't going to know about the local users/groups on a specific server. There are all sorts of different tools to maintain users/groups, some make use of smbldap and some could care less (though in the case of having Samba act as a PDC, it's still necessary to have smbldap or suitable replacement for allowing $MACHINE accounts to change their passwords). I don't know of any concept that embraces nested groups within UNIX/Linux (well winbindd can but that is just too tacky for UNIX/Linux group purposes) but if someone has some new tricks, I'd love to hear them. Craig From rowens at ptd.net Thu Oct 25 00:25:27 2007 From: rowens at ptd.net (Rob Owens) Date: Wed, 24 Oct 2007 20:25:27 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> <20071024233435.GA29736@junker.owens.net> <1193269262.7330.106.camel@cube.tobyhouse.com> Message-ID: <20071025002527.GB30926@junker.owens.net> Well, being new to LDAP I guess I'm having trouble deciding where to draw the line between using local groups and using LDAP groups. I'm also trying to simplify my work as much as possible, but inconsistent group numbering and naming conventions between distros is causing me trouble. (For instance, on Debian the Apache user is "apache", but on CentOS it's "httpd" - if I remember correctly). I thought the easiest way would be to create an "ldapapache" group, and then make that group a member of local "apache" or "httpd" groups on various machines, but I've run into a dead end there, too (so far it doesn't seem possible to do, but it seems like it *should* be possible). I only learned about newgrp today. I'm not sure it would help me, though. Can you explain? My main concern is enabling users access to local devices like cdrom, usb, etc. and these require special group memberships. -Rob On Wed, Oct 24, 2007 at 08:02:01PM -0400, David Hopkins wrote: > Perhaps I am missing something here, but I thought the whole reason for > using a central ldap authentication approach is that all groups and users > are defined in the ldap server and every local machine uses that server for > authentication and association of rights to local resources (files and such) > for all accounts, except for local system accounts and root? The global > groups being added to local groups is something that I am familiar with from > Microsoft's view of how to assign rights to files, and local resources, but > I have never seen it used that way in *nix. > > As an aside, isn't the purpose of newgrp so you can switch what group your > associated with on a local system? > > Dave Hopkins > > > On 10/24/07, Craig White wrote: > > > > On Wed, 2007-10-24 at 19:34 -0400, Rob Owens wrote: > > > On Wed, Oct 24, 2007 at 06:29:27PM -0400, Rob Owens wrote: > > > > On Wed, Oct 24, 2007 at 03:13:33PM -0500, Jim Kronebusch wrote: > > > > > > > From a console on the server as root: > > > > > > > > > > > > > > vigr (this is a vi-based group file editor - it locks the file > > to > > > > > > > prevent other writes) > > > > > > > > > > > > > > now append fusers to the fuse group entry. If it is after > > another entry > > > > > > > for the fuse group, use a comma between the entries. > > > > > > > > > > > > I tried adding an ldap group to a local group and it did not work > > properly (it > > > > > > was as if members of the ldap group were not members of the local > > group). > > > > > > Then I tried adding a local group to another local group and that > > also did not > > > > > > work (similar results as above). Is there something special I > > need to do in > > > > > > order to allow a group to be a member of another group and have > > the "child > > > > > > group" inherit the permissions of the "parent group"? > > > > > > > > > > > > -Rob > > > > > > > > > > I had tried the same thing before and could not get this too > > work. As you said it acted > > > > > as if the users were not part of the group. I was only able to get > > local groups working > > > > > if I mirrored them in the LDAP server as shown in Step 4 of > > > > > www.1-cs.com/ubuntu_ldap_howto.txt. I then set up Webmin to add > > all new users to these > > > > > groups. This is working very well for me. > > > > > > > > Yes, I read that document (thanks, by the way). My only concern is > > that if I make the GID for the ldap group the same as the GID for the local > > group, that's only good for one operating system. The GID-to-groupname for > > Debian, Ubuntu, and CentOS are not always the same. > > > > > > > > Are there any workarounds for this problem? > > > > > > I just checked two of my Debian Etch machines for GID-to-groupname > > info. They are the same up until GID 100 or so, then they start to > > differ. It seems the GIDs are simply in the order that the groups were > > created. So very basic system groups probably always have the same > > GID. But groups for optional packages will tend to differ. For instance, > > GID 107 on one of my Etch machines is lpadmin, and on the other it's > > gdm. GID 105 on one Etch machine is mysql, and on the other it's avahi. > > > > > > So what if, for instance, I want an ldap user to be a member of the > > mysql group on two different machines, and that group is a different GID on > > each machine? Does this mean I should create a mysql ldap group and remove > > the local mysql groups? (And that would mean chgrp'ing all the files that > > had local mysql group associated with them). > > ---- > > makes perfectly good sense > > > > Craig > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From craig at tobyhouse.com Thu Oct 25 00:31:04 2007 From: craig at tobyhouse.com (Craig White) Date: Wed, 24 Oct 2007 17:31:04 -0700 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071025002527.GB30926@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> <20071024233435.GA29736@junker.owens.net> <1193269262.7330.106.camel@cube.tobyhouse.com> <20071025002527.GB30926@junker.owens.net> Message-ID: <1193272264.7330.119.camel@cube.tobyhouse.com> clarification... on Red Hat (Fedora and RHEL clones like CentOS), apache software packaging and daemon are referred to as 'httpd' but the user/group is still apache users ***should*** have access to local devices such as usb drives, cdrom and stuff via udev in their own user space and shouldn't need anything extra in terms of group memberships. Craig On Wed, 2007-10-24 at 20:25 -0400, Rob Owens wrote: > Well, being new to LDAP I guess I'm having trouble deciding where to draw the line between using local groups and using LDAP groups. I'm also trying to simplify my work as much as possible, but inconsistent group numbering and naming conventions between distros is causing me trouble. (For instance, on Debian the Apache user is "apache", but on CentOS it's "httpd" - if I remember correctly). > > I thought the easiest way would be to create an "ldapapache" group, and then make that group a member of local "apache" or "httpd" groups on various machines, but I've run into a dead end there, too (so far it doesn't seem possible to do, but it seems like it *should* be possible). > > I only learned about newgrp today. I'm not sure it would help me, though. Can you explain? My main concern is enabling users access to local devices like cdrom, usb, etc. and these require special group memberships. > > -Rob > > On Wed, Oct 24, 2007 at 08:02:01PM -0400, David Hopkins wrote: > > Perhaps I am missing something here, but I thought the whole reason for > > using a central ldap authentication approach is that all groups and users > > are defined in the ldap server and every local machine uses that server for > > authentication and association of rights to local resources (files and such) > > for all accounts, except for local system accounts and root? The global > > groups being added to local groups is something that I am familiar with from > > Microsoft's view of how to assign rights to files, and local resources, but > > I have never seen it used that way in *nix. > > > > As an aside, isn't the purpose of newgrp so you can switch what group your > > associated with on a local system? > > > > Dave Hopkins > > > > > > On 10/24/07, Craig White wrote: > > > > > > On Wed, 2007-10-24 at 19:34 -0400, Rob Owens wrote: > > > > On Wed, Oct 24, 2007 at 06:29:27PM -0400, Rob Owens wrote: > > > > > On Wed, Oct 24, 2007 at 03:13:33PM -0500, Jim Kronebusch wrote: > > > > > > > > From a console on the server as root: > > > > > > > > > > > > > > > > vigr (this is a vi-based group file editor - it locks the file > > > to > > > > > > > > prevent other writes) > > > > > > > > > > > > > > > > now append fusers to the fuse group entry. If it is after > > > another entry > > > > > > > > for the fuse group, use a comma between the entries. > > > > > > > > > > > > > > I tried adding an ldap group to a local group and it did not work > > > properly (it > > > > > > > was as if members of the ldap group were not members of the local > > > group). > > > > > > > Then I tried adding a local group to another local group and that > > > also did not > > > > > > > work (similar results as above). Is there something special I > > > need to do in > > > > > > > order to allow a group to be a member of another group and have > > > the "child > > > > > > > group" inherit the permissions of the "parent group"? > > > > > > > > > > > > > > -Rob > > > > > > > > > > > > I had tried the same thing before and could not get this too > > > work. As you said it acted > > > > > > as if the users were not part of the group. I was only able to get > > > local groups working > > > > > > if I mirrored them in the LDAP server as shown in Step 4 of > > > > > > www.1-cs.com/ubuntu_ldap_howto.txt. I then set up Webmin to add > > > all new users to these > > > > > > groups. This is working very well for me. > > > > > > > > > > Yes, I read that document (thanks, by the way). My only concern is > > > that if I make the GID for the ldap group the same as the GID for the local > > > group, that's only good for one operating system. The GID-to-groupname for > > > Debian, Ubuntu, and CentOS are not always the same. > > > > > > > > > > Are there any workarounds for this problem? > > > > > > > > I just checked two of my Debian Etch machines for GID-to-groupname > > > info. They are the same up until GID 100 or so, then they start to > > > differ. It seems the GIDs are simply in the order that the groups were > > > created. So very basic system groups probably always have the same > > > GID. But groups for optional packages will tend to differ. For instance, > > > GID 107 on one of my Etch machines is lpadmin, and on the other it's > > > gdm. GID 105 on one Etch machine is mysql, and on the other it's avahi. > > > > > > > > So what if, for instance, I want an ldap user to be a member of the > > > mysql group on two different machines, and that group is a different GID on > > > each machine? Does this mean I should create a mysql ldap group and remove > > > the local mysql groups? (And that would mean chgrp'ing all the files that > > > had local mysql group associated with them). > > > ---- > > > makes perfectly good sense > > > > > > Craig > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From rowens at ptd.net Thu Oct 25 01:00:07 2007 From: rowens at ptd.net (Rob Owens) Date: Wed, 24 Oct 2007 21:00:07 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1193271483.7330.115.camel@cube.tobyhouse.com> References: <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> <20071024233435.GA29736@junker.owens.net> <1193269262.7330.106.camel@cube.tobyhouse.com> <1193271483.7330.115.camel@cube.tobyhouse.com> Message-ID: <20071025010007.GC30926@junker.owens.net> On Wed, Oct 24, 2007 at 05:18:03PM -0700, Craig White wrote: > On Wed, 2007-10-24 at 20:02 -0400, David Hopkins wrote: > > Perhaps I am missing something here, but I thought the whole reason > > for using a central ldap authentication approach is that all groups > > and users are defined in the ldap server and every local machine uses > > that server for authentication and association of rights to local > > resources (files and such) for all accounts, except for local system > > accounts and root? The global groups being added to local groups is > > something that I am familiar with from Microsoft's view of how to > > assign rights to files, and local resources, but I have never seen it > > used that way in *nix. > > > > As an aside, isn't the purpose of newgrp so you can switch what group > > your associated with on a local system? > > > ---- > the mysql user is a local user/group by Red Hat packaging and I am > presuming by the OP, the same is true of Debian/Ubuntu. > > the issue becomes the toolset that you use to maintain users and groups > and the suggestion of smbldap makes me think that OP is using Windows > tools to maintain user accounts which isn't going to know about the > local users/groups on a specific server. > I'll be using tools such as smbldap-useradd and smbldap-usermod, etc. One of my networks is Linux-only, but I'm still using smbldap simply because it made it easier for me to set up ldap (being new to this stuff). -Rob From jim at winonacotter.org Thu Oct 25 03:21:59 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Wed, 24 Oct 2007 22:21:59 -0500 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071025002527.GB30926@junker.owens.net> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> <20071024233435.GA29736@junker.owens.net> <1193269262.7330.106.camel@cube.tobyhouse.com> <20071025002527.GB30926@junker.owens.net> Message-ID: <20071025030049.M28242@winonacotter.org> On Wed, 24 Oct 2007 20:25:27 -0400, Rob Owens wrote > Well, being new to LDAP I guess I'm having trouble deciding where to draw the > line between using local groups and using LDAP groups. I have not yet ran into a situation where I am serving "users" on multiple operating systems. I see where this could be a big problem. I have drawn the line on system groups that are not added to a regular user by default, and with users that are system/application dependent. And I order lookup by local files first then LDAP. This has allowed me to have users for my LTSP Edubuntu server use the same LDAP base as users on my Fedora based mail server. But if I ran into the situation where I had some Fedora based LTSP servers and some Edubuntu based LTSP servers, along with stand alone machines with other operating system, eventually I would run into a problem with mismatched default group id's for new standard users. Not sure what a good solution would be in that situation. I did try adding ldap groups by default to local groups, but I could not get things to work. Given that default system GIDs and group names could vary between operating systems, you'd almost have to have a service that could translate based on operating system. I imagine this is possible, but wouldn't be an easy task, and probably a nightmare to maintain. I would think the best option is to have a central LDAP that has the default user groups of your most common os that users run a desktop from. Then add those default groups to new users. Then try and keep all user desktops and LTSP machines running on the same flavor. This should give you central auth for most everything. Stay away from putting default system accounts or application specific accounts/groups on the LDAP. After all those users probably wouldn't be secure in a central location anyhow and you probably want different passwords and such for every server running mysql or apache, etc. Keep those all as local accounts and check local files before looking at LDAP. After all most other servers such as mail or web won't have users logging in locally so they won't need the extra groups and users anyhow. If you need to auth another OS that has differences in the standard user groups, you would then have to modify the system groups to match that in your LDAP server on install. One could maybe even create a script to verify compliance with the central scheme and modify accordingly. Just some thoughts, Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From steven at simplycircus.com Thu Oct 25 04:43:05 2007 From: steven at simplycircus.com (Steven Santos) Date: Thu, 25 Oct 2007 00:43:05 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071025030049.M28242@winonacotter.org> Message-ID: So you are looking for something like IDMAP in SAMBA to map LDAP group names to local group names, without the numbers needing to match, or more to the point, the machine being able to say to the LDAP database "I am a Centros/RedHat/Whatever machine, the correct gid for the FUSE group is...?" and to get the proper mapping that way. Now, I don't know LDAP, so I may be shooting in the dark here, but is it possible to set the machine up to filter the groups it returns, so that it only retrieves group entries that match the machine type? _____ Steven Santos Director, Simply Circus, Inc. Email: Steven at SimplyCircus.com Mail: 14 Pierrepont Road Newton, MA 02462 Phone: 617-527-0667 Web: www.SimplyCircus.com From microman at cmosnetworks.com Thu Oct 25 06:50:27 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Thu, 25 Oct 2007 02:50:27 -0400 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <471F9E54.2060105@paasda.org> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> Message-ID: <47203CB3.1070403@cmosnetworks.com> Here's a modification that might make it actually run. Std. "no guarantees" caveat applies. #!/bin/sh cd /home for userdir in `ls -C1` do echo Working on $userdir... cd $userdir for deleteme in `ls -C1 -a` do if [[ $deleteme != 'mail' ]] || [[ $deleteme != '.openwebmail' ]] then do echo Removing $deleteme... rm -ri $deleteme done else echo "Oops, encountered "$deleteme", not deleting!" fi done done --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! Huck wrote: > for $x in 'ls' > do > for $y in 'ls -a' > if $y != 'mail' || '.openwebmail' > do rm -rf $y > > > something like that? > of course that won't run..but it's the logical thinking behind it maybe? > > --Huck > > Jim Kronebusch wrote: >> I need to purge files out of an old /home server that is only running >> email now. I need >> a script that will run through every user folder on /home and delete >> every file/folder >> except a folder named "mail" and a folder named ".openwebmail". I >> need those two >> folders and their contents to remain untouched. Can anyone help with >> this? >> >> Of course I'll assume all caveats regarding testing first and not >> hold anyone >> responsible for data loss :-) >> Jim >> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From microman at cmosnetworks.com Thu Oct 25 06:53:39 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Thu, 25 Oct 2007 02:53:39 -0400 Subject: [K12OSN] maximum directory size for linux /vsftp In-Reply-To: <61789.74.32.255.121.1193257872.squirrel@216.24.126.68> References: <61789.74.32.255.121.1193257872.squirrel@216.24.126.68> Message-ID: <47203D73.4060002@cmosnetworks.com> I've got directories way, waaaaay bigger than that, full of files large and small. Are you sure there aren't any funky characters in the dir that you're missing? Are permissions on that directory still set to execute (for directories, that means "you can enter and view the files in me")? --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! Mr Barry Cisna wrote: > Hello All, > > I'm not sure this is a limitation of Linux or vsftp? Our school purchased > Adobe Premium Design( on DVD), for Winders,so I uploaded to our vsftp > server. The upload was fine but after uploading I wanted to chmod the > files to 755,so whoever wanted to access them could install right from the > ftp server. > I could not cd into that directory? As soon as I cut the "bulk" of the > subfolders and pasted into another directory( just to test my theory). I > could then cd into the Adobe directory. So,,, what is the default maximum > file/folder size for Linux,or vsftp? > Is this the maxfilesize that I can not even remember were this is located > now? I've never run into this scenario before. > The directory shows to be 1.9 GB in size when i do properties on it. > > Thanks, > > Barry Cisna > westcentral school > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From micha at arava.co.il Thu Oct 25 07:18:07 2007 From: micha at arava.co.il (Micha Silver) Date: Thu, 25 Oct 2007 09:18:07 +0200 Subject: [K12OSN] maximum directory size for linux /vsftp In-Reply-To: <47203D73.4060002@cmosnetworks.com> References: <61789.74.32.255.121.1193257872.squirrel@216.24.126.68> <47203D73.4060002@cmosnetworks.com> Message-ID: <4720432F.7080408@arava.co.il> This might throw some light on the prob: https://www.centos.org/modules/newbb/viewtopic.php?forum=7&topic_id=3839&viewmode=threaded Terrell Prud? Jr. wrote: > I've got directories way, waaaaay bigger than that, full of files > large and small. Are you sure there aren't any funky characters in > the dir that you're missing? Are permissions on that directory still > set to execute (for directories, that means "you can enter and view > the files in me")? > > --TP > _______________________________ > Do you GNU ? > Microsoft Free since 2003 --the ultimate > antivirus protection! > > > Mr Barry Cisna wrote: >> Hello All, >> >> I'm not sure this is a limitation of Linux or vsftp? Our school purchased >> Adobe Premium Design( on DVD), for Winders,so I uploaded to our vsftp >> server. The upload was fine but after uploading I wanted to chmod the >> files to 755,so whoever wanted to access them could install right from the >> ftp server. >> I could not cd into that directory? As soon as I cut the "bulk" of the >> subfolders and pasted into another directory( just to test my theory). I >> could then cd into the Adobe directory. So,,, what is the default maximum >> file/folder size for Linux,or vsftp? >> Is this the maxfilesize that I can not even remember were this is located >> now? I've never run into this scenario before. >> The directory shows to be 1.9 GB in size when i do properties on it. >> >> Thanks, >> >> Barry Cisna >> westcentral school >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> > > > This mail was sent via Kinneret Mail-SeCure System. > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From cisna-barry at wc235.k12.il.us Thu Oct 25 12:15:22 2007 From: cisna-barry at wc235.k12.il.us (Mr Barry Cisna) Date: Thu, 25 Oct 2007 07:15:22 -0500 (CDT) Subject: [K12OSN] maximum directory size for linux /vsftp- Fixed Message-ID: <47921.172.28.8.55.1193314522.squirrel@172.28.8.55> Hello All, Finally figured out what the prob was with my directory i could not cd to or chmod the files. I simply had to do an 'updatedb' then the filesystem "seen" this directory. I've never had this happen before? Anyways like I said, This was about a quick 1.9 GB directory transfer. I was thinking it was probably a vsftp server limitation.As was posted here, it seems others have had probs in the past doing large file transfers via vsftp,though. My Bad, Thanks for the suggestions from everyone. Take Care, Barry Cisna From peter at scheie.homedns.org Thu Oct 25 12:55:57 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Thu, 25 Oct 2007 07:55:57 -0500 Subject: [K12OSN] autologin with GDM on K12LTSP5-EL In-Reply-To: <1193231171.3960.657.camel@merlin.localnetsolutions.com> References: <471F4482.2020407@scheie.homedns.org> <1193231171.3960.657.camel@merlin.localnetsolutions.com> Message-ID: <4720925D.9040100@scheie.homedns.org> James P. Kinney III wrote: > On Wed, 2007-10-24 at 08:11 -0500, Peter Scheie wrote: >> I'm setting up autologin on a K12LTSP5-EL (CentOS 5) system. While it >> works for those client machines that I designate for autologin, it's >> causing problems with those that should not autologin. On a client that >> should autologin, the GDM greeter shows a message that says "Login auto1 >> will login in X seconds", and X counts down to zero and it logs in. But >> on a non-autologin client, there should be no message at all; it should >> just sit there waiting for a user to login. Instead, I'm seeing "Login >> will login in X seconds"; note the blank ID. So, while the autologin >> script is not returning a login ID for autologin for that client, just >> as it should, GDM is still trying to make that client do autologin, >> rather than interpreting the null value that the /usr/bin/autologin| >> setting in /etc/gdm/custom.conf returns to mean "don't do autologin". >> >> I've compared the /etc/gdm/custom.conf and /usr/bin/autologin with that >> of a K12LTSP6 system where autologin is working correctly, and they're >> identical, which suggests that GDM is once again broken with respect to >> autologin. K12LTSP 6/Fedora 6 uses gdm 2.16.5 whereas >> K12LTSP5-EL/CentOS 5 uses gdm 2.16.0. Is anyone else who is running >> autologin on 5-EL seeing this behavior? > > I don't have autologin enabled on my 5-EL setup. But I expect that since > 5-EL uses the same gdm as K12LTSP5 did originally, the same fix should > be applied - upgrade the busted gdm to a newer version. The src.rpm from > K12LTSP6 _should_ be a drop in replacement after compiling it with > rpmbuild --rebuild gdm-2.616.5.src.rpm and then an rpm -Uvh rpm> That worked. Thanks, Jim! I'll update the wiki page on autologin and post a copy of the rebuilt gdm package. Peter From jkorzeni at battle-creek.k12.mi.us Thu Oct 25 14:24:37 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Thu, 25 Oct 2007 10:24:37 -0400 Subject: [K12OSN] Victory Message-ID: <47206EF6.6C73.003C.0@battle-creek.k12.mi.us> After a ton of preparation I finally got my LTSP lab running. I have 27 Dell GX150's as terminals and a Dell Poweredge 1900 with 2x Quad Core Xeon processors and 8gb ram (overkill :-) running K12LTSP6. We unveiled it yesterday to the students and the response was overwhelmingly good. I sat in there and watched as the third graders pulled the word docs that they have been working on from their novell shared drive and worked on them using open office. I also got to watch a group of first graders go through and play games in GCompris. One of them came up to me on her way out the door and asked "are these computers going to stay in our lab?" with a real sad look on her face like we were going to take them away or something. At the end of each class, she asked the students if they like their new lab. All of them raised their hand each time. Before I left, the teacher was even asking me if it would be possible to do a linux installation party for parents (not in those words of course). I just want to thank everybody on this list for helping me with all my dumb questions along the way. We couldn't have had this victory without your help! Joe Korzeniewski Network Admin Battle Creek Public Schools From jkinney at localnetsolutions.com Thu Oct 25 14:44:43 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 25 Oct 2007 10:44:43 -0400 Subject: [K12OSN] Victory In-Reply-To: <47206EF6.6C73.003C.0@battle-creek.k12.mi.us> References: <47206EF6.6C73.003C.0@battle-creek.k12.mi.us> Message-ID: <1193323483.3960.710.camel@merlin.localnetsolutions.com> WooHoo!! Congrats for the screaming success!! Isn't it fun seeing the kids being able to really _USE_ the machines?! When you see the parents be sure to have a stack of live CD's available and some K12LTSP DVD's. Impress upon them the importance of having the freedom to share both the knowledge AND the tools used. On Thu, 2007-10-25 at 10:24 -0400, Joe Korzeniewski wrote: > After a ton of preparation I finally got my LTSP lab running. I have > 27 Dell GX150's as terminals and a Dell Poweredge 1900 with 2x Quad > Core Xeon processors and 8gb ram (overkill :-) running K12LTSP6. We > unveiled it yesterday to the students and the response was > overwhelmingly good. I sat in there and watched as the third graders > pulled the word docs that they have been working on from their novell > shared drive and worked on them using open office. I also got to watch > a group of first graders go through and play games in GCompris. One of > them came up to me on her way out the door and asked "are these > computers going to stay in our lab?" with a real sad look on her face > like we were going to take them away or something. At the end of each > class, she asked the students if they like their new lab. All of them > raised their hand each time. Before I left, the teacher was even > asking me if it would be possible to do a linux installation party for > parents (not in those words of cour > se). I just want to thank everybody on this list for helping me with > all my dumb questions along the way. We couldn't have had this victory > without your help! > > Joe Korzeniewski > Network Admin > Battle Creek Public Schools > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From sbarar at gmail.com Thu Oct 25 14:46:32 2007 From: sbarar at gmail.com (Sudev Barar) Date: Thu, 25 Oct 2007 20:16:32 +0530 Subject: [K12OSN] Victory In-Reply-To: <47206EF6.6C73.003C.0@battle-creek.k12.mi.us> References: <47206EF6.6C73.003C.0@battle-creek.k12.mi.us> Message-ID: <774593a20710250746h2dd29616k43bad7fd0d98b783@mail.gmail.com> On 25/10/2007, Joe Korzeniewski wrote: > se). I just want to thank everybody on this list for helping me with all my dumb questions along the way. We couldn't have had this victory without your help! > Way to go Joe, now get the next guy online going and the circle spreads!! -- Regards, Sudev Barar From rmcdaniel at indata.us Thu Oct 25 14:53:30 2007 From: rmcdaniel at indata.us (rmcdaniel at indata.us) Date: Thu, 25 Oct 2007 07:53:30 -0700 Subject: [K12OSN] Victory Message-ID: <20071025075330.d7061e97b78b017ac15395d64f2ce134.f31fe563d6.wbe@email.secureserver.net> An HTML attachment was scrubbed... URL: From jim at winonacotter.org Thu Oct 25 15:02:55 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Thu, 25 Oct 2007 10:02:55 -0500 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <47203CB3.1070403@cmosnetworks.com> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> <47203CB3.1070403@cmosnetworks.com> Message-ID: <20071025150239.M57668@winonacotter.org> On Thu, 25 Oct 2007 02:50:27 -0400, Terrell Prud? Jr. wrote > Here's a modification that might make it actually run. Std. "no > guarantees" caveat applies. > > #!/bin/sh > cd /home > for userdir in `ls -C1` > do > echo Working on $userdir... > cd $userdir > for deleteme in `ls -C1 -a` > do > if [[ $deleteme != 'mail' ]] || [[ $deleteme != '.openwebmail' ]] > then do > echo Removing $deleteme... > rm -ri $deleteme > done > else echo "Oops, encountered "$deleteme", not deleting!" > fi > done > done > > --TP thanks, I'll give it a whirl. Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jim at winonacotter.org Thu Oct 25 15:16:46 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Thu, 25 Oct 2007 10:16:46 -0500 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <47203CB3.1070403@cmosnetworks.com> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> <47203CB3.1070403@cmosnetworks.com> Message-ID: <20071025151622.M16554@winonacotter.org> On Thu, 25 Oct 2007 02:50:27 -0400, Terrell Prud? Jr. wrote > Here's a modification that might make it actually run. Std. "no > guarantees" caveat applies. > > #!/bin/sh > cd /home > for userdir in `ls -C1` > do > echo Working on $userdir... > cd $userdir > for deleteme in `ls -C1 -a` > do > if [[ $deleteme != 'mail' ]] || [[ $deleteme != '.openwebmail' ]] > then do > echo Removing $deleteme... > rm -ri $deleteme > done > else echo "Oops, encountered "$deleteme", not deleting!" > fi > done > done I get this error when run: ./homedir_purge: 10: Syntax error: "do" unexpected Ideas? Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jkinney at localnetsolutions.com Thu Oct 25 15:31:22 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 25 Oct 2007 11:31:22 -0400 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <20071025151622.M16554@winonacotter.org> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> <47203CB3.1070403@cmosnetworks.com> <20071025151622.M16554@winonacotter.org> Message-ID: <1193326282.3960.725.camel@merlin.localnetsolutions.com> On Thu, 2007-10-25 at 10:16 -0500, Jim Kronebusch wrote: > On Thu, 25 Oct 2007 02:50:27 -0400, Terrell Prud? Jr. wrote > > Here's a modification that might make it actually run. Std. "no > > guarantees" caveat applies. > > > > #!/bin/sh > > cd /home > > for userdir in `ls -C1` > > do > > echo Working on $userdir... > > cd $userdir > > for deleteme in `ls -C1 -a` > > do > > if [[ $deleteme != 'mail' ]] || [[ $deleteme != '.openwebmail' ]] > > then do > > echo Removing $deleteme... > > rm -ri $deleteme > > done > > else echo "Oops, encountered "$deleteme", not deleting!" > > fi > > done > > done > > I get this error when run: > > ./homedir_purge: 10: Syntax error: "do" unexpected > > Ideas? Remove the "do" from line 10 and the "done" from line 13. The if ... then . . . else . . fi is sufficient grouping. > > Jim > > -- > This message has been scanned for viruses and > dangerous content by the Cotter Technology > Department, and is believed to be clean. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From jim at winonacotter.org Thu Oct 25 15:55:14 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Thu, 25 Oct 2007 10:55:14 -0500 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <1193326282.3960.725.camel@merlin.localnetsolutions.com> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> <47203CB3.1070403@cmosnetworks.com> <20071025151622.M16554@winonacotter.org> <1193326282.3960.725.camel@merlin.localnetsolutions.com> Message-ID: <20071025155224.M68323@winonacotter.org> > Remove the "do" from line 10 and the "done" from line 13. The > if ... > then > . > . > . > else > . > . > fi > > is sufficient grouping. Funny, I did that already :-) Here is what I have now: #!/bin/sh cd /home for userdir in `ls -C1` do echo Working on $userdir... cd /home/$userdir for deleteme in `ls -C1 -a` do if [ $deleteme != mail ] || [ $deleteme != .openwebmail ] then echo Removing $deleteme... rm -ri $deleteme else echo "Oops, encountered "$deleteme", not deleting!" fi done done I pulled the extra [ and ] from line 8 as well. Otherwise it gave me errors like so all the way through and didn't remove anything: ./homedir_purge: 16: [[: not found ./homedir_purge: 16: [[: not found Oops, encountered .update-manager-core, not deleting! ./homedir_purge: 16: [[: not found ./homedir_purge: 16: [[: not found Oops, encountered .update-notifier, not deleting! ./homedir_purge: 16: [[: not found ./homedir_purge: 16: [[: not found Oops, encountered Videos, not deleting! ./homedir_purge: 16: [[: not found ./homedir_purge: 16: [[: not found Oops, encountered .Xauthority, not deleting! But now it removes everything and doesn't pay attention to the 2 exceptions. I am reading some script tutorials right now. Other suggestiosn? -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From jim at winonacotter.org Thu Oct 25 16:08:25 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Thu, 25 Oct 2007 11:08:25 -0500 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <20071025155224.M68323@winonacotter.org> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> <47203CB3.1070403@cmosnetworks.com> <20071025151622.M16554@winonacotter.org> <1193326282.3960.725.camel@merlin.localnetsolutions.com> <20071025155224.M68323@winonacotter.org> Message-ID: <20071025160557.M41437@winonacotter.org> Okay, this removes everything but the .openwebmail directory. It will still remove mail. #!/bin/sh cd /home for userdir in `ls -C1` do echo Working on $userdir... cd /home/$userdir for deleteme in `ls -C1 -a` do if [ $deleteme != mail ] | [$deleteme != .openwebmail ] then echo Removing $deleteme... rm -ri $deleteme else echo "Oops, encountered "$deleteme", not deleting!" fi done done Not sure why mail still gets deleted, must be a small syntax error on line 9. Here is a snip of results when ran: Removing .ICEauthority... rm: remove regular file `.ICEauthority'? n Removing mail... rm: remove directory `mail'? n Removing .metacity... rm: descend into directory `.metacity'? n Removing .mozilla... rm: descend into directory `.mozilla'? n Removing Music... rm: remove directory `Music'? n Removing .nautilus... rm: descend into directory `.nautilus'? n Oops, encountered .openwebmail, not deleting! Removing Pictures... rm: remove directory `Pictures'? n Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From peter at scheie.homedns.org Thu Oct 25 16:31:37 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Thu, 25 Oct 2007 11:31:37 -0500 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <20071025160557.M41437@winonacotter.org> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> <47203CB3.1070403@cmosnetworks.com> <20071025151622.M16554@winonacotter.org> <1193326282.3960.725.camel@merlin.localnetsolutions.com> <20071025155224.M68323@winonacotter.org> <20071025160557.M41437@winonacotter.org> Message-ID: <4720C4E9.4090906@scheie.homedns.org> You may need || instead of just | on line 9. And I usually put a semi-colon at the end of the 'if...' line, although that may not be mandatory. Peter Jim Kronebusch wrote: > Okay, this removes everything but the .openwebmail directory. It will still remove mail. > > #!/bin/sh > cd /home > for userdir in `ls -C1` > do > echo Working on $userdir... > cd /home/$userdir > for deleteme in `ls -C1 -a` > do > if [ $deleteme != mail ] | [$deleteme != .openwebmail ] > then > echo Removing $deleteme... > rm -ri $deleteme > else echo "Oops, encountered "$deleteme", not deleting!" > fi > done > done > > Not sure why mail still gets deleted, must be a small syntax error on line 9. > > Here is a snip of results when ran: > > Removing .ICEauthority... > rm: remove regular file `.ICEauthority'? n > Removing mail... > rm: remove directory `mail'? n > Removing .metacity... > rm: descend into directory `.metacity'? n > Removing .mozilla... > rm: descend into directory `.mozilla'? n > Removing Music... > rm: remove directory `Music'? n > Removing .nautilus... > rm: descend into directory `.nautilus'? n > Oops, encountered .openwebmail, not deleting! > Removing Pictures... > rm: remove directory `Pictures'? n > > Jim > From tom.hoffman at gmail.com Thu Oct 25 16:22:41 2007 From: tom.hoffman at gmail.com (Tom Hoffman) Date: Thu, 25 Oct 2007 12:22:41 -0400 Subject: [K12OSN] CAS? Message-ID: <92de6c880710250922y7f809fe2nc24b7af74c605ab7@mail.gmail.com> Anyone have any experience using CAS for single sign on for web apps at your school? There seem to be a couple open source servers but it doesn't seem like any are packaged for Fedora or Ubuntu. --Tom From jkinney at localnetsolutions.com Thu Oct 25 16:24:03 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 25 Oct 2007 12:24:03 -0400 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <20071025155224.M68323@winonacotter.org> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> <47203CB3.1070403@cmosnetworks.com> <20071025151622.M16554@winonacotter.org> <1193326282.3960.725.camel@merlin.localnetsolutions.com> <20071025155224.M68323@winonacotter.org> Message-ID: <1193329443.3960.733.camel@merlin.localnetsolutions.com> On Thu, 2007-10-25 at 10:55 -0500, Jim Kronebusch wrote: > > Remove the "do" from line 10 and the "done" from line 13. The > > if ... > > then > > . > > . > > . > > else > > . > > . > > fi > > > > is sufficient grouping. > > Funny, I did that already :-) Here is what I have now: > > #!/bin/sh > cd /home > for userdir in `ls -C1` > do > echo Working on $userdir... > cd /home/$userdir > for deleteme in `ls -C1 -a` > do > if [ $deleteme != mail ] || [ $deleteme != .openwebmail ] > then > echo Removing $deleteme... > rm -ri $deleteme > else echo "Oops, encountered "$deleteme", not deleting!" > fi > done > done > > I pulled the extra [ and ] from line 8 as well. Otherwise it gave me errors like so all > the way through and didn't remove anything: > > ./homedir_purge: 16: [[: not found > ./homedir_purge: 16: [[: not found > Oops, encountered .update-manager-core, not deleting! > ./homedir_purge: 16: [[: not found > ./homedir_purge: 16: [[: not found > Oops, encountered .update-notifier, not deleting! > ./homedir_purge: 16: [[: not found > ./homedir_purge: 16: [[: not found > Oops, encountered Videos, not deleting! > ./homedir_purge: 16: [[: not found > ./homedir_purge: 16: [[: not found > Oops, encountered .Xauthority, not deleting! > > But now it removes everything and doesn't pay attention to the 2 exceptions. > > I am reading some script tutorials right now. Other suggestiosn? Put " around the $deleteme and the value being checked against in the if line. This will force character mode. Change the OR to an AND in the if line ||->&& otherwise it will always return true and delete everything. I like : #!/bin/sh cd /home for userdir in `ls -C1` do echo Working on $userdir... cd /home/$userdir for deleteme in `ls -C1 -a` do if [ "$deleteme" == "mail" ] || [ "$deleteme" == ".openwebmail" ] then echo "Oops, encountered "$deleteme", not deleting!" else echo "Removing $deleteme..." rm -ri $deleteme fi done done > > -- > This message has been scanned for viruses and > dangerous content by the Cotter Technology > Department, and is believed to be clean. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From peter at scheie.homedns.org Thu Oct 25 16:47:11 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Thu, 25 Oct 2007 11:47:11 -0500 Subject: [K12OSN] can't save or preview edits on wiki Message-ID: <4720C88F.1040307@scheie.homedns.org> I see that www.k12ltsp.org goes directly to a wiki page now; this is a good thing! However, in trying to update a sub-document, when I click on Save or Preview I get Method Not Implemented POST to /mediawiki/index.php not supported. Peter From jobrien at meridian.wednet.edu Thu Oct 25 16:42:58 2007 From: jobrien at meridian.wednet.edu (Joe OBrien) Date: Thu, 25 Oct 2007 09:42:58 -0700 Subject: [K12OSN] Please not M$ Exchange Message-ID: <4720C792.3010700@meridian.wednet.edu> The new superintendent wants an Exchange Server, mostly for web based email, task, calendar and group calendars w/free busy info. He liked the look of Zimbra and Scalix, but Scalix doesn't seem to have tasks and I don't like the yearly fee for Zimbra. He didn't like the look of Horde (I need to find a better skin). I've also started looking at eGroupWare and OpenGroupware. Has anyone had success with any of these or have an alternative they could recommend? --thanks --joe o'brien --meridian school district From caldodge at gmail.com Thu Oct 25 16:47:22 2007 From: caldodge at gmail.com (Calvin Dodge) Date: Thu, 25 Oct 2007 10:47:22 -0600 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <4720C792.3010700@meridian.wednet.edu> References: <4720C792.3010700@meridian.wednet.edu> Message-ID: <824a5f7a0710250947j51995c2qb50245f3ad1ed577@mail.gmail.com> On 10/25/07, Joe OBrien wrote: > The new superintendent wants an Exchange Server, mostly for web based > email, task, calendar and group calendars w/free busy info. He liked > the look of Zimbra and Scalix, but Scalix doesn't seem to have tasks and > I don't like the yearly fee for Zimbra. He didn't like the look of Has he looked at the open source version of Zimbra? If it has all the features he wants, then there's no yearly fee (just your cost to set up a dedicated server). Calvin Dodge From scott at remc1.org Thu Oct 25 17:21:24 2007 From: scott at remc1.org (Scott Sherrill) Date: Thu, 25 Oct 2007 13:21:24 -0400 Subject: [K12OSN] Archiving Email In-Reply-To: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> References: <2A46DDB6-753E-4019-A980-FFFA2E6FA1FE@inlandlakes.org> Message-ID: <4720D094.50008@remc1.org> Shawn Powers wrote: > If you are archiving every incoming and outgoing email in your network, > how are you doing it? We've had too many instances that have required > searching, and my current email backup scheme doesn't really lend itself > to forensics. > > Is it possible to pipe all emails (again, incoming and outgoing) into > something like pipermail that mailman uses? Ideally with searching and > sorting abilities... > > I'm currently using sendmail and dovecot with maildir folders. I'm > willing to change MTAs, but I'm really scratching my head to come up > with the best way to accomplish the task. I'm looking for any advice > you can offer. > > (No, I'm not looking for ethical or political responses, we're way past > that...) > > Shawn - My boss stumbled across this: http://www.google.com/support/a/bin/answer.py?answer=77182 It would be a way to do for free, and w/o changing your existing structure (other than some dns records). You would also have to sign up for Google Apps. Just another idea, Scott Sherrill From jim at winonacotter.org Thu Oct 25 17:24:17 2007 From: jim at winonacotter.org (Jim Kronebusch) Date: Thu, 25 Oct 2007 12:24:17 -0500 Subject: [K12OSN] OT Help with file deletion script In-Reply-To: <4720C4E9.4090906@scheie.homedns.org> References: <20071024192118.M46396@winonacotter.org> <471F9E54.2060105@paasda.org> <47203CB3.1070403@cmosnetworks.com> <20071025151622.M16554@winonacotter.org> <1193326282.3960.725.camel@merlin.localnetsolutions.com> <20071025155224.M68323@winonacotter.org> <20071025160557.M41437@winonacotter.org> <4720C4E9.4090906@scheie.homedns.org> Message-ID: <20071025172237.M96387@winonacotter.org> Thanks for the help guys. This is what I ended up with and it works perfectly (at least in simulation :-) #!/bin/sh cd /home for userdir in `ls -C1` do echo Working on $userdir... cd /home/$userdir for deleteme in `ls -C1 -a` do if [ "$userdir" = "support" ] then echo "Whoaa, not removing my main user!" elif [ "$deleteme" = "mail" ] then echo "Oops, encountered "$deleteme", not deleting!" elif [ "$deleteme" = ".openwebmail" ] then echo "Oops, encountered "$deleteme", not deleting!" else echo Removing $deleteme... rm -rif $deleteme fi done done Scripting a rm -rif is scary! But it works. I couldn't get the if to work with both folders on the same line, so I just broke them out with elif. Thanks again, Jim -- This message has been scanned for viruses and dangerous content by the Cotter Technology Department, and is believed to be clean. From rowens at bio-chemvalve.com Thu Oct 25 17:30:36 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Thu, 25 Oct 2007 13:30:36 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1193272264.7330.119.camel@cube.tobyhouse.com> References: <20071019235553.GA479@junker.owens.net> <1192885582.3960.369.camel@merlin.localnetsolutions.com> <1192906002.3960.443.camel@merlin.localnetsolutions.com> <20071024194055.GA19941@junker.owens.net> <20071024201039.M67568@winonacotter.org> <20071024222927.GB26619@junker.owens.net> <20071024233435.GA29736@junker.owens.net> <1193269262.7330.106.camel@cube.tobyhouse.com> <20071025002527.GB30926@junker.owens.net> <1193272264.7330.119.camel@cube.tobyhouse.com> Message-ID: <4720D2BC.9000902@bio-chemvalve.com> Craig White wrote: > clarification... on Red Hat (Fedora and RHEL clones like CentOS), apache > software packaging and daemon are referred to as 'httpd' but the > user/group is still apache > I stand corrected on that one. But still, there's no guarantee that each distro will share the same group name for a particular application or process. > users ***should*** have access to local devices such as usb drives, > cdrom and stuff via udev in their own user space and shouldn't need > anything extra in terms of group memberships. > On my Debian-based systems, users need to be a member of the "cdrom" group in order to access the cdrom. On my CentOS system, users need to be a member of the "disk" group in order to access the cdrom. If I have 1000 users (I don't, but for the sake of argument...) and wanted to give them access to the cdrom, I'd have to add 1000 LDAP users to the local group on each machine that has a cdrom drive (and update each local group every time I add a new LDAP user who needs cdrom access). I'd prefer to authorize cdrom usage through use of an LDAP group, but I can't seem to figure out how to do it. Of course I could simply change the permissions of /dev/cdrom so that everybody has access, but that seems like a cop-out and it takes away my ability to limit cdrom usage. -Rob From rowens at bio-chemvalve.com Thu Oct 25 17:43:52 2007 From: rowens at bio-chemvalve.com (Rob Owens) Date: Thu, 25 Oct 2007 13:43:52 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: References: Message-ID: <4720D5D8.7000906@bio-chemvalve.com> Steven Santos wrote: > So you are looking for something like IDMAP in SAMBA to map LDAP group names > to local group names, without the numbers needing to match, Yes, I think so... > or more to the > point, the machine being able to say to the LDAP database "I am a > Centros/RedHat/Whatever machine, the correct gid for the FUSE group is...?" > and to get the proper mapping that way. I wouldn't need any logic like this built in if I could simply do this: 1) create an LDAP group called "ldapcdrom" 2) add millions of LDAP users to the ldapcdrom group 3) on a Debian machine, make "ldapcdrom" a member of the local group "cdrom" 4) on a CentOS machine, make "ldapcdrom" a member of the local group "disk" 5) *not* have to add millions of LDAP users to each local group ("cdrom", "disk", etc) That way I decide which local group matches up with which ldap group, but I only have to establish that relationship once on each machine. Unfortunately, local groups do not seem to accept other groups as members -- they only accept users. That is what my testing suggests, anyway. -Rob From jkinney at localnetsolutions.com Thu Oct 25 17:59:50 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 25 Oct 2007 13:59:50 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <4720D5D8.7000906@bio-chemvalve.com> References: <4720D5D8.7000906@bio-chemvalve.com> Message-ID: <1193335190.3960.758.camel@merlin.localnetsolutions.com> At this point, consolidating the distro used on the servers may be a best route forward. Also be aware that it is only the local machine that uses UID/GID numbers. If I have a jkinney account on 2 machines, one with UID 10223 and another with UID 500, I can NFS mount the /home from one and have full rights on the other as user jkinney. The local kernel does the mapping between name and number. I would strongly suggest giving a hard thought about choosing a particular distro for your servers and sticking with it. It will simplify the admin/support aspect enough to warrant the effort changing. On Thu, 2007-10-25 at 13:43 -0400, Rob Owens wrote: > Steven Santos wrote: > > So you are looking for something like IDMAP in SAMBA to map LDAP group names > > to local group names, without the numbers needing to match, > Yes, I think so... > > > or more to the > > point, the machine being able to say to the LDAP database "I am a > > Centros/RedHat/Whatever machine, the correct gid for the FUSE group is...?" > > and to get the proper mapping that way. > I wouldn't need any logic like this built in if I could simply do this: > 1) create an LDAP group called "ldapcdrom" > 2) add millions of LDAP users to the ldapcdrom group > 3) on a Debian machine, make "ldapcdrom" a member of the local group "cdrom" > 4) on a CentOS machine, make "ldapcdrom" a member of the local group "disk" > 5) *not* have to add millions of LDAP users to each local group > ("cdrom", "disk", etc) > > That way I decide which local group matches up with which ldap group, > but I only have to establish that relationship once on each machine. > Unfortunately, local groups do not seem to accept other groups as > members -- they only accept users. That is what my testing suggests, > anyway. > > -Rob > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From craig at tobyhouse.com Thu Oct 25 18:02:17 2007 From: craig at tobyhouse.com (Craig White) Date: Thu, 25 Oct 2007 11:02:17 -0700 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <4720D5D8.7000906@bio-chemvalve.com> References: <4720D5D8.7000906@bio-chemvalve.com> Message-ID: <1193335337.2287.31.camel@cube.tobyhouse.com> On Thu, 2007-10-25 at 13:43 -0400, Rob Owens wrote: > Steven Santos wrote: > > So you are looking for something like IDMAP in SAMBA to map LDAP group names > > to local group names, without the numbers needing to match, > Yes, I think so... > > > or more to the > > point, the machine being able to say to the LDAP database "I am a > > Centros/RedHat/Whatever machine, the correct gid for the FUSE group is...?" > > and to get the proper mapping that way. > I wouldn't need any logic like this built in if I could simply do this: > 1) create an LDAP group called "ldapcdrom" > 2) add millions of LDAP users to the ldapcdrom group > 3) on a Debian machine, make "ldapcdrom" a member of the local group "cdrom" > 4) on a CentOS machine, make "ldapcdrom" a member of the local group "disk" > 5) *not* have to add millions of LDAP users to each local group > ("cdrom", "disk", etc) > > That way I decide which local group matches up with which ldap group, > but I only have to establish that relationship once on each machine. > Unfortunately, local groups do not seem to accept other groups as > members -- they only accept users. That is what my testing suggests, > anyway. ---- perhaps you should define what a CentOS machine and a CentOS user is. In my thinking, a user that logs onto a CentOS 4.4 or CentOS 5 system and inserts a CD has no problem using it. This of course assumes an /etc/fstab and udev/hal rules that haven't been mucked with. Am I missing something really basic here? Granted that I tend to use CentOS or RHEL for servers and Fedora for user workstations but I had an LDAP user connect a USB Zip drive to her Fedora 7 system yesterday and it was truly plug and play - no group accommodations at all. Craig From jkorzeni at battle-creek.k12.mi.us Thu Oct 25 18:08:53 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Thu, 25 Oct 2007 14:08:53 -0400 Subject: [K12OSN] Tuxpaint Printing Message-ID: <4720A386.6C73.003C.0@battle-creek.k12.mi.us> has anyone encountered this error when printing in tuxpaint? "No appropriate filter was found to convert the file format image/x-eps into application/postscript." It gives some instructions on checking the filters in kprint. I even added image/x-eps to the input types for the filter and it just says "not an image". Now I can print the .png in the save directory just fine, but it doesn't print directly from tuxpaint. I am running k12ltsp6 64 bit. -Joe From dyoung at mesd.k12.or.us Thu Oct 25 18:11:21 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Thu, 25 Oct 2007 11:11:21 -0700 Subject: [K12OSN] can't save or preview edits on wiki In-Reply-To: <4720C88F.1040307@scheie.homedns.org> References: <4720C88F.1040307@scheie.homedns.org> Message-ID: <994441ae0710251111m6e7a9d0cyb7101dc13764b890@mail.gmail.com> On 10/25/07, Peter Scheie wrote: > I see that www.k12ltsp.org goes directly to a wiki page now; this is a > good thing! However, in trying to update a sub-document, when I click > on Save or Preview I get > > Method Not Implemented > > POST to /mediawiki/index.php not supported. mod_security thinks you're being naughty when you POST something with '/etc/' in it, among other things. I'll sort it out here shortly. -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From dahopkins429 at gmail.com Thu Oct 25 18:19:28 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Thu, 25 Oct 2007 14:19:28 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <4720D5D8.7000906@bio-chemvalve.com> References: <4720D5D8.7000906@bio-chemvalve.com> Message-ID: > > That way I decide which local group matches up with which ldap group, > but I only have to establish that relationship once on each machine. > Unfortunately, local groups do not seem to accept other groups as > members -- they only accept users. That is what my testing suggests, > anyway. Unfortunately, I think that is a rather correct perception. I have asked around and no one here knows of a way to embed groups like can be done with MS. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dyoung at mesd.k12.or.us Thu Oct 25 18:40:19 2007 From: dyoung at mesd.k12.or.us (Dan Young) Date: Thu, 25 Oct 2007 11:40:19 -0700 Subject: [K12OSN] can't save or preview edits on wiki In-Reply-To: <994441ae0710251111m6e7a9d0cyb7101dc13764b890@mail.gmail.com> References: <4720C88F.1040307@scheie.homedns.org> <994441ae0710251111m6e7a9d0cyb7101dc13764b890@mail.gmail.com> Message-ID: <994441ae0710251140r827dbb3r4974ff83eef0195b@mail.gmail.com> On 10/25/07, Dan Young wrote: > On 10/25/07, Peter Scheie wrote: > > I see that www.k12ltsp.org goes directly to a wiki page now; this is > > a good thing! However, in trying to update a sub-document, when I > > click on Save or Preview I get > > > > Method Not Implemented > > > > POST to /mediawiki/index.php not supported. > > mod_security thinks you're being naughty when you POST something with > '/etc/' in it, among other things. > > I'll sort it out here shortly. Giving up on mod_security for the time being. Please don't pop our web server. ;-) -- Dan Young Multnomah ESD - Technology Services 503-257-1562 From peter at scheie.homedns.org Thu Oct 25 19:07:17 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Thu, 25 Oct 2007 14:07:17 -0500 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: References: <4720D5D8.7000906@bio-chemvalve.com> Message-ID: <4720E965.2060805@scheie.homedns.org> David Hopkins wrote: > > > That way I decide which local group matches up with which ldap group, > but I only have to establish that relationship once on each machine. > Unfortunately, local groups do not seem to accept other groups as > members -- they only accept users. That is what my testing suggests, > anyway. > > > > > Unfortunately, I think that is a rather correct perception. I have > asked around and no one here knows of a way to embed groups like can be > done with MS. > Not being able to have groups within groups is a Unix thing; always been that way, probably always will be. When you consider the permissions model for Unix--user,group,other--it prevents circular things like group A being a member of group B and group B being a member of group A. Peter From matrimble at gmail.com Thu Oct 25 20:31:27 2007 From: matrimble at gmail.com (Mark Trimble) Date: Thu, 25 Oct 2007 14:31:27 -0600 Subject: [K12OSN] MythTV and K12LTSP Message-ID: <17b895960710251331k61d55323qe0a7d7c2aa2960e0@mail.gmail.com> Would anyone happen to know if it is possible to install MythTV ( http://www.mythtv.org/) on a K12LTSP (v6) server and use it's thin clients as MythTV clients? If so, this would serve as a great media distribution system for classrooms, labs, and individual students and teachers. Thanks in advance! Mark -------------- next part -------------- An HTML attachment was scrubbed... URL: From rowens at ptd.net Thu Oct 25 20:44:01 2007 From: rowens at ptd.net (Rob Owens) Date: Thu, 25 Oct 2007 16:44:01 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1193335337.2287.31.camel@cube.tobyhouse.com> References: <4720D5D8.7000906@bio-chemvalve.com> <1193335337.2287.31.camel@cube.tobyhouse.com> Message-ID: <20071025204401.GB5714@junker.owens.net> On Thu, Oct 25, 2007 at 11:02:17AM -0700, Craig White wrote: > On Thu, 2007-10-25 at 13:43 -0400, Rob Owens wrote: > > Steven Santos wrote: > > > So you are looking for something like IDMAP in SAMBA to map LDAP group names > > > to local group names, without the numbers needing to match, > > Yes, I think so... > > > > > or more to the > > > point, the machine being able to say to the LDAP database "I am a > > > Centros/RedHat/Whatever machine, the correct gid for the FUSE group is...?" > > > and to get the proper mapping that way. > > I wouldn't need any logic like this built in if I could simply do this: > > 1) create an LDAP group called "ldapcdrom" > > 2) add millions of LDAP users to the ldapcdrom group > > 3) on a Debian machine, make "ldapcdrom" a member of the local group "cdrom" > > 4) on a CentOS machine, make "ldapcdrom" a member of the local group "disk" > > 5) *not* have to add millions of LDAP users to each local group > > ("cdrom", "disk", etc) > > > > That way I decide which local group matches up with which ldap group, > > but I only have to establish that relationship once on each machine. > > Unfortunately, local groups do not seem to accept other groups as > > members -- they only accept users. That is what my testing suggests, > > anyway. > ---- > perhaps you should define what a CentOS machine and a CentOS user is. > > In my thinking, a user that logs onto a CentOS 4.4 or CentOS 5 system > and inserts a CD has no problem using it. > Hmm. I also have a CentOS 4.4 and CentOS 5 server and I couldn't access the cd as a regular user w/o assigning myself to the "disk" group. Ubuntu and Debian definitely do it this way. Additionally, those distros use group membership to provide access to the sound card, video devices, scanners, and stuff like that. -Rob From caldodge at gmail.com Thu Oct 25 20:48:17 2007 From: caldodge at gmail.com (Calvin Dodge) Date: Thu, 25 Oct 2007 14:48:17 -0600 Subject: [K12OSN] MythTV and K12LTSP In-Reply-To: <17b895960710251331k61d55323qe0a7d7c2aa2960e0@mail.gmail.com> References: <17b895960710251331k61d55323qe0a7d7c2aa2960e0@mail.gmail.com> Message-ID: <824a5f7a0710251348k5ea3370cmb44f69bcf7e817e3@mail.gmail.com> On 10/25/07, Mark Trimble wrote: > Would anyone happen to know if it is possible to install MythTV > (http://www.mythtv.org/) on a K12LTSP (v6) server and use it's thin clients > as MythTV clients? Install? Yes. Use thin clients as Mythtv clients? Doubtful. Why? Straight video uses a lot of network bandwidth. It might be doable IF mythtv can be run as a local application on each client - that would drop the bandwidth to around 350KBps. For that each client would need at least 700-800 MHz OR hardware MPEG2 decoding (which works only if all video is in MPEG2 format). I know that some people have been successful using certain VIA motherboards with said hardware decoding as diskless frontends - you might check the mythtv-users email archives for their experiences. Calvin From jwhite at codeweavers.com Thu Oct 25 20:53:31 2007 From: jwhite at codeweavers.com (Jeremy White) Date: Thu, 25 Oct 2007 15:53:31 -0500 Subject: [K12OSN] MythTV and K12LTSP In-Reply-To: <824a5f7a0710251348k5ea3370cmb44f69bcf7e817e3@mail.gmail.com> References: <17b895960710251331k61d55323qe0a7d7c2aa2960e0@mail.gmail.com> <824a5f7a0710251348k5ea3370cmb44f69bcf7e817e3@mail.gmail.com> Message-ID: <4721024B.2050809@codeweavers.com> > It might be doable IF mythtv can be run as a local application on each > client - that would drop the bandwidth to around 350KBps. For that > each client would need at least 700-800 MHz OR hardware MPEG2 decoding > (which works only if all video is in MPEG2 format). I know that some > people have been successful using certain VIA motherboards with said > hardware decoding as diskless frontends - you might check the > mythtv-users email archives for their experiences. I'm doing this successfully with LTSP on my main mythbackend server, and mythfrontend as a local app; I'm using a VIA VB7001G based system ($184 new; very nice). Of course, this is in my house, and there aren't a whole lot of nodes, so I'm not exactly straining the network . Cheers, Jeremy From rmcdaniel at indata.us Thu Oct 25 20:53:47 2007 From: rmcdaniel at indata.us (rmcdaniel at indata.us) Date: Thu, 25 Oct 2007 13:53:47 -0700 Subject: [K12OSN] VMWare and K12LTSP Message-ID: <20071025135347.d7061e97b78b017ac15395d64f2ce134.3613695244.wbe@email.secureserver.net> Is it a good idea to run a VMWare server so that you can run K12LTSP and Win2000 on the same box??? I am just trying to make sense of this vmware hype and the reality/fit in a school system. Thanks, Ron Ron McDaniel Technology Coordinator Conecuh County Schools rmcdaniel at indata.us From matrimble at gmail.com Thu Oct 25 21:07:16 2007 From: matrimble at gmail.com (Mark Trimble) Date: Thu, 25 Oct 2007 15:07:16 -0600 Subject: [K12OSN] MythTV and K12LTSP In-Reply-To: <4721024B.2050809@codeweavers.com> References: <17b895960710251331k61d55323qe0a7d7c2aa2960e0@mail.gmail.com> <824a5f7a0710251348k5ea3370cmb44f69bcf7e817e3@mail.gmail.com> <4721024B.2050809@codeweavers.com> Message-ID: <17b895960710251407t146abb88q27e05cd9d016ca1a@mail.gmail.com> Thanks Jeremy, I was checking out what VIA has to offer for its C7 ( http://www.logicsupply.com/categories/mainboards/via_c7) and notice some fanless cpu/mb combinations. Just wondering what lead you to chose the VB7001G (which does use a cooling fan)? I'm interested because quiet doesn't help me if the sound or video cards don't work well under LTSP! Mark On 10/25/07, Jeremy White wrote: > > > It might be doable IF mythtv can be run as a local application on each > > client - that would drop the bandwidth to around 350KBps. For that > > each client would need at least 700-800 MHz OR hardware MPEG2 decoding > > (which works only if all video is in MPEG2 format). I know that some > > people have been successful using certain VIA motherboards with said > > hardware decoding as diskless frontends - you might check the > > mythtv-users email archives for their experiences. > > I'm doing this successfully with LTSP on my main mythbackend server, > and mythfrontend as a local app; I'm using a VIA VB7001G based system > ($184 new; very nice). > Of course, this is in my house, and there aren't a whole lot of nodes, so > I'm not exactly > straining the network . > > Cheers, > > Jeremy > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Stephen.Maloy at arkansas.gov Thu Oct 25 21:16:18 2007 From: Stephen.Maloy at arkansas.gov (Stephen Maloy) Date: Thu, 25 Oct 2007 16:16:18 -0500 Subject: [K12OSN] Script for checking if servers are up. In-Reply-To: <47175B7C.550C.0078.0@leopards.k12.ar.us> References: <47175284.550C.0078.0@leopards.k12.ar.us><47179C0C.3060302@paasda.org> <47175B7C.550C.0078.0@leopards.k12.ar.us> Message-ID: What it sounds like you need is a SNMP monitor. You can download Zenoss. They have a VM already created that you can use. You set your servers, printers, switches, routers, etc to answer SNMP. Zenoss will send you an email if your device goes down. Likewise, you can tell it, if a specific service stops running on a computer, then send an email notification. It has a Board view to monitor on a webpage and all the setup, server side, is on a webpage. Of course SNMP setup is on the individual devices. Hope this helps. Thanks, Stephen Maloy Lead Tech, APSCN LAN Support Department of Information Systems -----Original Message----- From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On Behalf Of Doug Simpson Sent: Thursday, October 18, 2007 1:11 PM To: Support list for open source software in schools. Subject: Re: [K12OSN] Script for checking if servers are up. Thanks to all for the replies. I guess I should clarify what I am attempting to do here. I looked at the programs and etc submitted by all of you and while they are probably good at what they do, they don't do what I am wanting to do. The references in the script I submitted are for reference only. IP addresses are not actual and are actually the servers are on several campuses, several LANs and some are even over a WAN. I can ping all of the servers I want to use this for from the one I want to run the script on. When I complete the script and get it running properly, the |mail -s "222 is down" me at here.there will be substituted with something like: |festival --tts and festival has a hard time speaking IP addresses. The script will audibly announce the name of the server that is down. This script will be run from a linux server that is on all the time, and the script will run in the background whether anyone is logged in or not.If a server goes down (ie a ping test fails) it will audibly say something like "Please check Room tewnty seven's server. It appears to be down." No one must be logged in and watching the script run. It just does it's thing silently until it detects a down server. If the script runs continuously in a loop, it will keep repeating the message every trip through the script until the problem is corrected. Kinda funny, but I find the audible messages are GREAT for monitoring things. If all is well, he's quiet. If there are problems, he lets you know about it. I have done similar things with simple cron jobs, but the script will be better in this instance, I think. Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us >>> "David Hopkins" 10/18/2007 12:43 PM >>> That is what I would try, but are all your servers on the same 192.168subnet? If they have 2 NIC's, shouldn't you be using the other interfaces IP address instead of the one used for the thin clients? On 10/18/07, Huck wrote: > > double-replying.. > > $list = 192.168.0.222,192.168.0.223 > > for $x in $list > do > sleep 30 > if ping -i 3 -c 3 $x > then continue > else > echo "$x down!" | mail -s "222 down" veewee777 at alltel.net > break > fi > done > > > > > something like that? > > > Doug Simpson wrote: > > I am trying to make a script that will ping servers and if they are > down, send a message. If they are up it won't send a message. > > > > The problem I am having is if there are more than one, it won't work. > > > > Here is a sample of my script: > > **********sample begins below************* > > while (true) > > do > > sleep 30 > > if ping -i 3 -c 3 192.168.0.222 > > then > > continue > > else > > echo "192.168.0.222 down!" | mail -s "222 down" veewee77 at alltel.net > > break > > fi > > done > > **********sample ends above*************** > > > > > > If I add a second (or more) to it, it fails to work properly. > > **********broken sample begins below******** > > while (true) > > do > > sleep 30 > > if ping -i 3 -c 3 192.168.0.222 > > then > > continue > > else > > echo "192.168.0.222 down!" | mail -s "222 down" me at here.there > > break > > fi > > if ping -i 3 -c 3 192.168.0.223 > > then > > continue > > else > > echo "192.168.0.223 down!" |mail -s "223 down" me at here.there > > done > > ***********broken sample ends above************** > > > > Obviously a bogus email address, but it is for reference. > > Any ideas? > > > > Doug > > > > Doug Simpson > > Technology Specialist > > De Queen Public Schools > > De Queen, AR > > simpsond at leopards.k12.ar.us > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From les at futuresource.com Thu Oct 25 21:21:07 2007 From: les at futuresource.com (Les Mikesell) Date: Thu, 25 Oct 2007 16:21:07 -0500 Subject: [K12OSN] VMWare and K12LTSP In-Reply-To: <20071025135347.d7061e97b78b017ac15395d64f2ce134.3613695244.wbe@email.secureserver.net> References: <20071025135347.d7061e97b78b017ac15395d64f2ce134.3613695244.wbe@email.secureserver.net> Message-ID: <472108C3.7060805@futuresource.com> rmcdaniel at indata.us wrote: > Is it a good idea to run a VMWare server so that you can run K12LTSP and > Win2000 on the same box??? > I am just trying to make sense of this vmware hype and the reality/fit > in a school system. It would work. Whether it's a good idea would depend on the capacity of the server compared to the number of clients. For a small number of clients it would be easier than managing additional hardware. -- Les Mikesell lesmikesell at gmail.com From craig at tobyhouse.com Thu Oct 25 21:31:59 2007 From: craig at tobyhouse.com (Craig White) Date: Thu, 25 Oct 2007 14:31:59 -0700 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071025204401.GB5714@junker.owens.net> References: <4720D5D8.7000906@bio-chemvalve.com> <1193335337.2287.31.camel@cube.tobyhouse.com> <20071025204401.GB5714@junker.owens.net> Message-ID: <1193347919.2287.46.camel@cube.tobyhouse.com> On Thu, 2007-10-25 at 16:44 -0400, Rob Owens wrote: > On Thu, Oct 25, 2007 at 11:02:17AM -0700, Craig White wrote: > > On Thu, 2007-10-25 at 13:43 -0400, Rob Owens wrote: > > > Steven Santos wrote: > > > > So you are looking for something like IDMAP in SAMBA to map LDAP group names > > > > to local group names, without the numbers needing to match, > > > Yes, I think so... > > > > > > > or more to the > > > > point, the machine being able to say to the LDAP database "I am a > > > > Centros/RedHat/Whatever machine, the correct gid for the FUSE group is...?" > > > > and to get the proper mapping that way. > > > I wouldn't need any logic like this built in if I could simply do this: > > > 1) create an LDAP group called "ldapcdrom" > > > 2) add millions of LDAP users to the ldapcdrom group > > > 3) on a Debian machine, make "ldapcdrom" a member of the local group "cdrom" > > > 4) on a CentOS machine, make "ldapcdrom" a member of the local group "disk" > > > 5) *not* have to add millions of LDAP users to each local group > > > ("cdrom", "disk", etc) > > > > > > That way I decide which local group matches up with which ldap group, > > > but I only have to establish that relationship once on each machine. > > > Unfortunately, local groups do not seem to accept other groups as > > > members -- they only accept users. That is what my testing suggests, > > > anyway. > > ---- > > perhaps you should define what a CentOS machine and a CentOS user is. > > > > In my thinking, a user that logs onto a CentOS 4.4 or CentOS 5 system > > and inserts a CD has no problem using it. > > > Hmm. I also have a CentOS 4.4 and CentOS 5 server and I couldn't access the cd as a regular user w/o assigning myself to the "disk" group. Ubuntu and Debian definitely do it this way. Additionally, those distros use group membership to provide access to the sound card, video devices, scanners, and stuff like that. > ---- I'm not going to say I don't believe you but I am going to say that it doesn't match my experiences... Recognize though that if you log into GUI or somehow mount a CD as root and then log in as a user, that the user is not gonna have access to it. But the standard distribution, upon startup, user logs in, inserts CD, CD mounts for user (special circumstances with music CD's and DVD's) and the user can open it (generally automatically mounts in /media), user can use it, and even eject it. Craig From carl at snarlnet.com Thu Oct 25 21:39:39 2007 From: carl at snarlnet.com (Carl Keil) Date: Thu, 25 Oct 2007 14:39:39 -0700 Subject: [K12OSN] Tuxpaint Printing Message-ID: <47210D1B.50202@snarlnet.com> > > >Message: 14 >Date: Thu, 25 Oct 2007 14:08:53 -0400 >From: "Joe Korzeniewski" >Subject: [K12OSN] Tuxpaint Printing >To: >Message-ID: <4720A386.6C73.003C.0 at battle-creek.k12.mi.us> >Content-Type: text/plain; charset=US-ASCII > >has anyone encountered this error when printing in tuxpaint? "No appropriate filter was found to convert the file format image/x-eps into application/postscript." It gives some instructions on checking the filters in kprint. I even added image/x-eps to the input types for the filter and it just says "not an image". Now I can print the .png in the save directory just fine, but it doesn't print directly from tuxpaint. I am running k12ltsp6 64 bit. > >-Joe > I encountered that error a year or so ago. I asked about it on the list, but never resolved the issue. I developed a workaround where we printed the PNGs via a 3rd application. ck From jwhite at codeweavers.com Thu Oct 25 21:41:36 2007 From: jwhite at codeweavers.com (Jeremy White) Date: Thu, 25 Oct 2007 16:41:36 -0500 Subject: [K12OSN] MythTV and K12LTSP In-Reply-To: <17b895960710251407t146abb88q27e05cd9d016ca1a@mail.gmail.com> References: <17b895960710251331k61d55323qe0a7d7c2aa2960e0@mail.gmail.com> <824a5f7a0710251348k5ea3370cmb44f69bcf7e817e3@mail.gmail.com> <4721024B.2050809@codeweavers.com> <17b895960710251407t146abb88q27e05cd9d016ca1a@mail.gmail.com> Message-ID: <47210D90.9070003@codeweavers.com> > I was checking out what VIA has to offer for its C7 > (http://www.logicsupply.com/categories/mainboards/via_c7) and notice > some fanless cpu/mb combinations. Just wondering what lead you to chose > the VB7001G (which does use a cooling fan)? Poor research :-/. I bought it when it was pretty new, and my initial research seemed to suggest it was fanless (I got a Molex case, and run it without the case fans, and it doesn't have heat problems, and it's noise level is extremely modest). I guess I was swayed by the whole 'carbon-neutral' branding; I was really going for the lowest wattage system I thought would be able to drive MythTV. Cheers, Jeremy From cisna-barry at wc235.k12.il.us Thu Oct 25 22:34:22 2007 From: cisna-barry at wc235.k12.il.us (Mr Barry Cisna) Date: Thu, 25 Oct 2007 17:34:22 -0500 (CDT) Subject: [K12OSN] Please not M$ Exchange Message-ID: <60996.74.32.255.121.1193351662.squirrel@216.24.126.68> Joe, Squirrelmail will do ALL of the features your super wants with the add on plugins. We've used SM for four years now. I wouldn't ever go to MS Exchange. SM is rock solid. It looks kinda generic to most people but doesn't confuse the novice user:).. And the kicker. It is on the K12ltsp cd's. How much easier can it get! Most supers likes to spend $$$ by nature ,though:) Ya better go with MS$$, tell your super, to keep him happy. Take Care, Barry Cisna From dhuckaby at paasda.org Thu Oct 25 22:45:33 2007 From: dhuckaby at paasda.org (Huck) Date: Thu, 25 Oct 2007 15:45:33 -0700 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <60996.74.32.255.121.1193351662.squirrel@216.24.126.68> References: <60996.74.32.255.121.1193351662.squirrel@216.24.126.68> Message-ID: <47211C8D.3040703@paasda.org> I've got SM up and running but can't figure out the iptables rule to let my staff access it from the outside... --Huck Mr Barry Cisna wrote: > Joe, > > Squirrelmail will do ALL of the features your super wants with the add on > plugins. We've used SM for four years now. I wouldn't ever go > to MS Exchange. SM is rock solid. It looks kinda generic to most people > but doesn't confuse the novice user:).. > And the kicker. It is on the K12ltsp cd's. How much easier can it get! > Most supers likes to spend $$$ by nature ,though:) Ya better go with MS$$, > tell your super, to keep him happy. > > Take Care, > > Barry Cisna > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From cisna-barry at wc235.k12.il.us Thu Oct 25 23:08:33 2007 From: cisna-barry at wc235.k12.il.us (Mr Barry Cisna) Date: Thu, 25 Oct 2007 18:08:33 -0500 (CDT) Subject: [K12OSN] Please not M$ Exchange Message-ID: <61687.74.32.255.121.1193353713.squirrel@216.24.126.68> Huck, To allow users "at home" access to your SM server , just port forward on your border firewall. For example your SM servers internal IP address is 1.2.3.4 and you have an public ip range for your school of 4.3.2.1-4.3.2.10, just port forward 1.2.3.4 ,> 4.3.2.1. You will need to port forward, both tcp 143 and tcp 80 to the public ip address. To test get on a box "outside" of your lan and do 'telnet publicipaddress 143' and 'telnet publicipaddress 80'. if you get a response on both of these port numbers your users can access your SM at home as easy as they can at school. Take Care, Barry Cisna From rowens at ptd.net Thu Oct 25 23:57:03 2007 From: rowens at ptd.net (Rob Owens) Date: Thu, 25 Oct 2007 19:57:03 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1193347919.2287.46.camel@cube.tobyhouse.com> References: <4720D5D8.7000906@bio-chemvalve.com> <1193335337.2287.31.camel@cube.tobyhouse.com> <20071025204401.GB5714@junker.owens.net> <1193347919.2287.46.camel@cube.tobyhouse.com> Message-ID: <20071025235703.GB15190@junker.owens.net> On Thu, Oct 25, 2007 at 02:31:59PM -0700, Craig White wrote: > On Thu, 2007-10-25 at 16:44 -0400, Rob Owens wrote: > > On Thu, Oct 25, 2007 at 11:02:17AM -0700, Craig White wrote: > > > On Thu, 2007-10-25 at 13:43 -0400, Rob Owens wrote: > > > > Steven Santos wrote: > > > > > So you are looking for something like IDMAP in SAMBA to map LDAP group names > > > > > to local group names, without the numbers needing to match, > > > > Yes, I think so... > > > > > > > > > or more to the > > > > > point, the machine being able to say to the LDAP database "I am a > > > > > Centros/RedHat/Whatever machine, the correct gid for the FUSE group is...?" > > > > > and to get the proper mapping that way. > > > > I wouldn't need any logic like this built in if I could simply do this: > > > > 1) create an LDAP group called "ldapcdrom" > > > > 2) add millions of LDAP users to the ldapcdrom group > > > > 3) on a Debian machine, make "ldapcdrom" a member of the local group "cdrom" > > > > 4) on a CentOS machine, make "ldapcdrom" a member of the local group "disk" > > > > 5) *not* have to add millions of LDAP users to each local group > > > > ("cdrom", "disk", etc) > > > > > > > > That way I decide which local group matches up with which ldap group, > > > > but I only have to establish that relationship once on each machine. > > > > Unfortunately, local groups do not seem to accept other groups as > > > > members -- they only accept users. That is what my testing suggests, > > > > anyway. > > > ---- > > > perhaps you should define what a CentOS machine and a CentOS user is. > > > > > > In my thinking, a user that logs onto a CentOS 4.4 or CentOS 5 system > > > and inserts a CD has no problem using it. > > > > > Hmm. I also have a CentOS 4.4 and CentOS 5 server and I couldn't access the cd as a regular user w/o assigning myself to the "disk" group. Ubuntu and Debian definitely do it this way. Additionally, those distros use group membership to provide access to the sound card, video devices, scanners, and stuff like that. > > > ---- > I'm not going to say I don't believe you but I am going to say that it > doesn't match my experiences... > > Recognize though that if you log into GUI or somehow mount a CD as root > and then log in as a user, that the user is not gonna have access to it. > But the standard distribution, upon startup, user logs in, inserts CD, > CD mounts for user (special circumstances with music CD's and DVD's) and > the user can open it (generally automatically mounts in /media), user > can use it, and even eject it. > Ubuntu (maybe CentOS, I'm not sure) automatically assign users to the cdrom group (and certain other groups) if you create the users as a "Desktop User" or something like that. If you want to check your system and see if it's this way, do ls -al /dev/cdrom and see if it's readable by all. Mine isn't. -Rob From dhuckaby at paasda.org Fri Oct 26 01:48:20 2007 From: dhuckaby at paasda.org (Huck) Date: Thu, 25 Oct 2007 18:48:20 -0700 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <61687.74.32.255.121.1193353713.squirrel@216.24.126.68> References: <61687.74.32.255.121.1193353713.squirrel@216.24.126.68> Message-ID: <47214764.5050702@paasda.org> fought with this for the past hour...gave up again. it's my 3rd attempt..this is on a stand-alone debian box with no gui. I tried the following: iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j DNAT --to 10.1.3.5:143 iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j DNAT --to 10.1.3.5:80 didn't work so tried: iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.1.3.5 iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j DNAT --to-destination 10.1.3.5 am I thinking backwards ? I copied what I have for my e-mail port 25 to be redirected to my email server...and that I know works =) --Huck Mr Barry Cisna wrote: > Huck, > > To allow users "at home" access to your SM server , just port forward on > your border firewall. > For example your SM servers internal IP address is 1.2.3.4 and you have an > public ip range for your school of 4.3.2.1-4.3.2.10, just port forward > 1.2.3.4 ,> 4.3.2.1. > You will need to port forward, both tcp 143 and tcp 80 to the public ip > address. > To test get on a box "outside" of your lan and do 'telnet publicipaddress > 143' and 'telnet publicipaddress 80'. if you get a response on both of > these port numbers your users can access your SM at home as easy as they > can at school. > > Take Care, > > Barry Cisna > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From jkinney at localnetsolutions.com Fri Oct 26 02:34:47 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 25 Oct 2007 22:34:47 -0400 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <47214764.5050702@paasda.org> References: <61687.74.32.255.121.1193353713.squirrel@216.24.126.68> <47214764.5050702@paasda.org> Message-ID: <1193366087.3960.789.camel@merlin.localnetsolutions.com> Is the SquirrelMail machine 1. Behind a firewall 2. different from the imap server 3. different from the smtp server ? A common scenario is to have SM on the mail machine running both smtp and imap behind the firewall. If that is the case, all that is needed is to open up port 80 and 443 at the firewall and direct the traffic to the SM/smtp server. iptables -t nat -I PREROUTING -d -p tcp -m tcp --dports 80,443 -j DNAT --to-destination iptables -I FORWARD -p tcp -m tcp -m state --state NEW --dports 80,443 -j ACCEPT iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT The incoming packets have to cross BOTH the nat AND filter tale so nat is used to redirect (--dports may not be in your kernel so use --dport and two rules instead). Now the packet is "inside" the system and needs to be allowed to be forwarded so the next rule happens. But we still don't trust it so the state is checked and only related transfers happen afterwards. Port numbers: You don't need to allow access to port 143 to the outside world unless people are checking their email with a client from home. If so, you need to set up TLS/SSL encryption or else you will be staring at a security breach in the future. I HIGHLY recommend the excellent book "Real World Linux Security" by Bob Toxen (ISBN # 0-13-046456-2) for anyone tasked/cursed with hardening Linux systems. Bob was on the team that ported Unix to Silicon Graphics hardware and currently a system security guru. On Thu, 2007-10-25 at 18:48 -0700, Huck wrote: > fought with this for the past hour...gave up again. > it's my 3rd attempt..this is on a stand-alone debian box with no gui. > > I tried the following: > > iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j > DNAT --to 10.1.3.5:143 > iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j > DNAT --to 10.1.3.5:80 > > didn't work so tried: > > iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j > DNAT --to-destination 10.1.3.5 > iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j > DNAT --to-destination 10.1.3.5 > > > am I thinking backwards ? I copied what I have for my e-mail port 25 to > be redirected to my email server...and that I know works =) > > --Huck > > Mr Barry Cisna wrote: > > Huck, > > > > To allow users "at home" access to your SM server , just port forward on > > your border firewall. > > For example your SM servers internal IP address is 1.2.3.4 and you have an > > public ip range for your school of 4.3.2.1-4.3.2.10, just port forward > > 1.2.3.4 ,> 4.3.2.1. > > You will need to port forward, both tcp 143 and tcp 80 to the public ip > > address. > > To test get on a box "outside" of your lan and do 'telnet publicipaddress > > 143' and 'telnet publicipaddress 80'. if you get a response on both of > > these port numbers your users can access your SM at home as easy as they > > can at school. > > > > Take Care, > > > > Barry Cisna > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From microman at cmosnetworks.com Fri Oct 26 04:25:00 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Fri, 26 Oct 2007 00:25:00 -0400 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <4720C792.3010700@meridian.wednet.edu> References: <4720C792.3010700@meridian.wednet.edu> Message-ID: <47216C1C.7060301@cmosnetworks.com> You might also look at Citadel. I played around with it a bit here at home, and it's pretty slick. It's got all those features that you list below. BTW, like several other list members, I too am a former MS Exchange Server administrator. There's no way I'd go back to it now. --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! Joe OBrien wrote: > The new superintendent wants an Exchange Server, mostly for web based > email, task, calendar and group calendars w/free busy info. He liked > the look of Zimbra and Scalix, but Scalix doesn't seem to have tasks > and I don't like the yearly fee for Zimbra. He didn't like the look > of Horde (I need to find a better skin). I've also started looking at > eGroupWare and OpenGroupware. Has anyone had success with any of > these or have an alternative they could recommend? > > --thanks > --joe o'brien > --meridian school district > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From jkinney at localnetsolutions.com Fri Oct 26 11:40:31 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Fri, 26 Oct 2007 07:40:31 -0400 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <47216C1C.7060301@cmosnetworks.com> References: <4720C792.3010700@meridian.wednet.edu> <47216C1C.7060301@cmosnetworks.com> Message-ID: <1193398831.3960.807.camel@merlin.localnetsolutions.com> On Fri, 2007-10-26 at 00:25 -0400, "Terrell Prud? Jr." wrote: > BTW, like several other list members, I too am a former MS Exchange > Server administrator. There's no way I'd go back to it now. That is the most compelling reason for a manager/director to NOT use Exchange. The advice of experienced exchange admins who have tried something else and now will NOT recommend Exchange. -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From peter at scheie.homedns.org Fri Oct 26 13:02:50 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Fri, 26 Oct 2007 08:02:50 -0500 Subject: [K12OSN] VMWare and K12LTSP In-Reply-To: <20071025135347.d7061e97b78b017ac15395d64f2ce134.3613695244.wbe@email.secureserver.net> References: <20071025135347.d7061e97b78b017ac15395d64f2ce134.3613695244.wbe@email.secureserver.net> Message-ID: <4721E57A.5020002@scheie.homedns.org> I've got a site where I installed VMWare and Win XP onto the K12LTSP-5EL server. One user had a few Windows apps they couldn't do without, and it was cheaper than buying a separate Windows machine, etc. While the permissions are such that any of the users can use the XP VM, I think only that one user so far is using it. It works pretty well, but it's a small installation and I don't know how well it would scale up to many simultaneous users. Peter rmcdaniel at indata.us wrote: > Is it a good idea to run a VMWare server so that you can run K12LTSP and > Win2000 on the same box??? > I am just trying to make sense of this vmware hype and the reality/fit > in a school system. > > > Thanks, > > Ron > > > Ron McDaniel > Technology Coordinator > Conecuh County Schools > rmcdaniel at indata.us > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From peter at scheie.homedns.org Fri Oct 26 13:21:16 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Fri, 26 Oct 2007 08:21:16 -0500 Subject: [K12OSN] Tuxpaint Printing In-Reply-To: <47210D1B.50202@snarlnet.com> References: <47210D1B.50202@snarlnet.com> Message-ID: <4721E9CC.9040402@scheie.homedns.org> Carl Keil wrote: >> >> >> Message: 14 >> Date: Thu, 25 Oct 2007 14:08:53 -0400 >> From: "Joe Korzeniewski" >> Subject: [K12OSN] Tuxpaint Printing >> To: >> Message-ID: <4720A386.6C73.003C.0 at battle-creek.k12.mi.us> >> Content-Type: text/plain; charset=US-ASCII >> >> has anyone encountered this error when printing in tuxpaint? "No >> appropriate filter was found to convert the file format image/x-eps >> into application/postscript." It gives some instructions on checking >> the filters in kprint. I even added image/x-eps to the input types for >> the filter and it just says "not an image". Now I can print the .png >> in the save directory just fine, but it doesn't print directly from >> tuxpaint. I am running k12ltsp6 64 bit. >> >> -Joe >> > I encountered that error a year or so ago. I asked about it on the > list, but never resolved the issue. I developed a workaround where we > printed the PNGs via a 3rd application. > > ck I suggest asking on the tuxpaint mailing list, or you could contact Bill Kendrick, the lead developer directly; his email address is posted on the tuxpaint.org website. He used to be on this list a while back but formally dropped off because of time commitments--he and his wife had a baby. ;-) Peter From les at futuresource.com Fri Oct 26 13:49:52 2007 From: les at futuresource.com (Les Mikesell) Date: Fri, 26 Oct 2007 08:49:52 -0500 Subject: [K12OSN] VMWare and K12LTSP In-Reply-To: <4721E57A.5020002@scheie.homedns.org> References: <20071025135347.d7061e97b78b017ac15395d64f2ce134.3613695244.wbe@email.secureserver.net> <4721E57A.5020002@scheie.homedns.org> Message-ID: <4721F080.9000806@futuresource.com> Peter Scheie wrote: > I've got a site where I installed VMWare and Win XP onto the K12LTSP-5EL > server. One user had a few Windows apps they couldn't do without, and > it was cheaper than buying a separate Windows machine, etc. While the > permissions are such that any of the users can use the XP VM, I think > only that one user so far is using it. It works pretty well, but it's a > small installation and I don't know how well it would scale up to many > simultaneous users. I don't think you'd want to run more than one or two VM's at once along with normal k12ltsp activity. However, you might configure a windows server under vmware to provide terminal servers to several rdesktop clients. One really nice thing about using virtual machines is that you can save an image in a working state (at the file level even without any of the internal snapshot tricks), do some experimental stuff, and if you don't like it you can always discard the new copy and go back to a state you liked. They are great for testing things even if you end up needing another machine to handle your load. -- Les Mikesell lesmikesell at gmail.com From julius at turtle.com Fri Oct 26 13:27:25 2007 From: julius at turtle.com (Julius Szelagiewicz) Date: Fri, 26 Oct 2007 09:27:25 -0400 (EDT) Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <47214764.5050702@paasda.org> Message-ID: 443 - you need SSL access to Squirrelmail julius On Thu, 25 Oct 2007, Huck wrote: > fought with this for the past hour...gave up again. > it's my 3rd attempt..this is on a stand-alone debian box with no gui. > > I tried the following: > > iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j > DNAT --to 10.1.3.5:143 > iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j > DNAT --to 10.1.3.5:80 > > didn't work so tried: > > iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j > DNAT --to-destination 10.1.3.5 > iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j > DNAT --to-destination 10.1.3.5 > > > am I thinking backwards ? I copied what I have for my e-mail port 25 to > be redirected to my email server...and that I know works =) > > --Huck > > Mr Barry Cisna wrote: > > Huck, > > > > To allow users "at home" access to your SM server , just port forward on > > your border firewall. > > For example your SM servers internal IP address is 1.2.3.4 and you have an > > public ip range for your school of 4.3.2.1-4.3.2.10, just port forward > > 1.2.3.4 ,> 4.3.2.1. > > You will need to port forward, both tcp 143 and tcp 80 to the public ip > > address. > > To test get on a box "outside" of your lan and do 'telnet publicipaddress > > 143' and 'telnet publicipaddress 80'. if you get a response on both of > > these port numbers your users can access your SM at home as easy as they > > can at school. > > > > Take Care, > > > > Barry Cisna > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From adiantof at gmail.com Fri Oct 26 15:39:32 2007 From: adiantof at gmail.com (Fajar Adianto) Date: Fri, 26 Oct 2007 22:39:32 +0700 Subject: [K12OSN] Client can't get IP Message-ID: <11a0d9090710260839x22d1caa7ne5105a750292283@mail.gmail.com> I am new in LTSP. I use various brand of lancards in client machines and boot via floppy. All cards work well except realtek8139c and realtek 8139b (8139d's work). The clients boot stop on searching DHCP server. However from /var/log/messages I know that server had offered ip for the clients, but clients screen keep on displaying Searching for DHCP server ........I have tried various version of ROM image from rom-o-matic. What might go wrong? Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From carl at snarlnet.com Fri Oct 26 17:02:14 2007 From: carl at snarlnet.com (Carl Keil) Date: Fri, 26 Oct 2007 10:02:14 -0700 Subject: [K12OSN] Tuxpaint Printing Message-ID: <47221D96.9060400@snarlnet.com> > > >has anyone encountered this error when printing in tuxpaint? "No >>> appropriate filter was found to convert the file format image/x-eps >>> into application/postscript." It gives some instructions on checking >>> the filters in kprint. I even added image/x-eps to the input types for >>> the filter and it just says "not an image". Now I can print the .png >>> in the save directory just fine, but it doesn't print directly from >>> tuxpaint. I am running k12ltsp6 64 bit. >>> >>> -Joe >>> > > >> I encountered that error a year or so ago. I asked about it on the >> list, but never resolved the issue. I developed a workaround where we >> printed the PNGs via a 3rd application. >> >> ck > > > >I suggest asking on the tuxpaint mailing list, or you could contact Bill >Kendrick, the lead developer directly; his email address is posted on >the tuxpaint.org website. He used to be on this list a while back but >formally dropped off because of time commitments--he and his wife had a >baby. ;-) > >Peter > That was suggested when I posted my issue. I tried contacting Kendrick, he did reply, but couldn't solve my issue. That doesn't mean he can't necessarily help you solve your issue now. ck From dhuckaby at paasda.org Fri Oct 26 17:56:48 2007 From: dhuckaby at paasda.org (Huck) Date: Fri, 26 Oct 2007 10:56:48 -0700 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <1193366087.3960.789.camel@merlin.localnetsolutions.com> References: <61687.74.32.255.121.1193353713.squirrel@216.24.126.68> <47214764.5050702@paasda.org> <1193366087.3960.789.camel@merlin.localnetsolutions.com> Message-ID: <47222A60.20504@paasda.org> I wonder if it could be since I have Squid and Dansguardian on this same machine that something with their configuration is preventing me from achieving this. SM machine is behind this firewall and all mail services run on it alone. James P. Kinney III wrote: > Is the SquirrelMail machine > 1. Behind a firewall > 2. different from the imap server > 3. different from the smtp server > ? > > A common scenario is to have SM on the mail machine running both smtp > and imap behind the firewall. If that is the case, all that is needed is > to open up port 80 and 443 at the firewall and direct the traffic to the > SM/smtp server. > > iptables -t nat -I PREROUTING -d -p tcp -m tcp > --dports 80,443 -j DNAT --to-destination > > iptables -I FORWARD -p tcp -m tcp -m state --state NEW --dports 80,443 > -j ACCEPT > iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > > The incoming packets have to cross BOTH the nat AND filter tale so nat > is used to redirect (--dports may not be in your kernel so use --dport > and two rules instead). Now the packet is "inside" the system and needs > to be allowed to be forwarded so the next rule happens. But we still > don't trust it so the state is checked and only related transfers happen > afterwards. > > Port numbers: You don't need to allow access to port 143 to the outside > world unless people are checking their email with a client from home. > If so, you need to set up TLS/SSL encryption or else you will be staring > at a security breach in the future. > > I HIGHLY recommend the excellent book "Real World Linux Security" by Bob > Toxen (ISBN # 0-13-046456-2) for anyone tasked/cursed with hardening > Linux systems. Bob was on the team that ported Unix to Silicon Graphics > hardware and currently a system security guru. > > On Thu, 2007-10-25 at 18:48 -0700, Huck wrote: >> fought with this for the past hour...gave up again. >> it's my 3rd attempt..this is on a stand-alone debian box with no gui. >> >> I tried the following: >> >> iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j >> DNAT --to 10.1.3.5:143 >> iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j >> DNAT --to 10.1.3.5:80 >> >> didn't work so tried: >> >> iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j >> DNAT --to-destination 10.1.3.5 >> iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j >> DNAT --to-destination 10.1.3.5 >> >> >> am I thinking backwards ? I copied what I have for my e-mail port 25 to >> be redirected to my email server...and that I know works =) >> >> --Huck >> >> Mr Barry Cisna wrote: >>> Huck, >>> >>> To allow users "at home" access to your SM server , just port forward on >>> your border firewall. >>> For example your SM servers internal IP address is 1.2.3.4 and you have an >>> public ip range for your school of 4.3.2.1-4.3.2.10, just port forward >>> 1.2.3.4 ,> 4.3.2.1. >>> You will need to port forward, both tcp 143 and tcp 80 to the public ip >>> address. >>> To test get on a box "outside" of your lan and do 'telnet publicipaddress >>> 143' and 'telnet publicipaddress 80'. if you get a response on both of >>> these port numbers your users can access your SM at home as easy as they >>> can at school. >>> >>> Take Care, >>> >>> Barry Cisna >>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >>> >>> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see From dhuckaby at paasda.org Fri Oct 26 18:05:42 2007 From: dhuckaby at paasda.org (Huck) Date: Fri, 26 Oct 2007 11:05:42 -0700 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <1193366087.3960.789.camel@merlin.localnetsolutions.com> References: <61687.74.32.255.121.1193353713.squirrel@216.24.126.68> <47214764.5050702@paasda.org> <1193366087.3960.789.camel@merlin.localnetsolutions.com> Message-ID: <47222C76.4080004@paasda.org> also...is it somehow possible that the webserver on the SM machine only accepts requests from INTERAL subnet addresses? --Huck James P. Kinney III wrote: > Is the SquirrelMail machine > 1. Behind a firewall > 2. different from the imap server > 3. different from the smtp server > ? > > A common scenario is to have SM on the mail machine running both smtp > and imap behind the firewall. If that is the case, all that is needed is > to open up port 80 and 443 at the firewall and direct the traffic to the > SM/smtp server. > > iptables -t nat -I PREROUTING -d -p tcp -m tcp > --dports 80,443 -j DNAT --to-destination > > iptables -I FORWARD -p tcp -m tcp -m state --state NEW --dports 80,443 > -j ACCEPT > iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > > The incoming packets have to cross BOTH the nat AND filter tale so nat > is used to redirect (--dports may not be in your kernel so use --dport > and two rules instead). Now the packet is "inside" the system and needs > to be allowed to be forwarded so the next rule happens. But we still > don't trust it so the state is checked and only related transfers happen > afterwards. > > Port numbers: You don't need to allow access to port 143 to the outside > world unless people are checking their email with a client from home. > If so, you need to set up TLS/SSL encryption or else you will be staring > at a security breach in the future. > > I HIGHLY recommend the excellent book "Real World Linux Security" by Bob > Toxen (ISBN # 0-13-046456-2) for anyone tasked/cursed with hardening > Linux systems. Bob was on the team that ported Unix to Silicon Graphics > hardware and currently a system security guru. > > On Thu, 2007-10-25 at 18:48 -0700, Huck wrote: >> fought with this for the past hour...gave up again. >> it's my 3rd attempt..this is on a stand-alone debian box with no gui. >> >> I tried the following: >> >> iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j >> DNAT --to 10.1.3.5:143 >> iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j >> DNAT --to 10.1.3.5:80 >> >> didn't work so tried: >> >> iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j >> DNAT --to-destination 10.1.3.5 >> iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j >> DNAT --to-destination 10.1.3.5 >> >> >> am I thinking backwards ? I copied what I have for my e-mail port 25 to >> be redirected to my email server...and that I know works =) >> >> --Huck >> >> Mr Barry Cisna wrote: >>> Huck, >>> >>> To allow users "at home" access to your SM server , just port forward on >>> your border firewall. >>> For example your SM servers internal IP address is 1.2.3.4 and you have an >>> public ip range for your school of 4.3.2.1-4.3.2.10, just port forward >>> 1.2.3.4 ,> 4.3.2.1. >>> You will need to port forward, both tcp 143 and tcp 80 to the public ip >>> address. >>> To test get on a box "outside" of your lan and do 'telnet publicipaddress >>> 143' and 'telnet publicipaddress 80'. if you get a response on both of >>> these port numbers your users can access your SM at home as easy as they >>> can at school. >>> >>> Take Care, >>> >>> Barry Cisna >>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >>> >>> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see From craig at tobyhouse.com Fri Oct 26 18:00:47 2007 From: craig at tobyhouse.com (Craig White) Date: Fri, 26 Oct 2007 11:00:47 -0700 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071025235703.GB15190@junker.owens.net> References: <4720D5D8.7000906@bio-chemvalve.com> <1193335337.2287.31.camel@cube.tobyhouse.com> <20071025204401.GB5714@junker.owens.net> <1193347919.2287.46.camel@cube.tobyhouse.com> <20071025235703.GB15190@junker.owens.net> Message-ID: <1193421647.2287.76.camel@cube.tobyhouse.com> On Thu, 2007-10-25 at 19:57 -0400, Rob Owens wrote: > On Thu, Oct 25, 2007 at 02:31:59PM -0700, Craig White wrote: > > On Thu, 2007-10-25 at 16:44 -0400, Rob Owens wrote: > > > On Thu, Oct 25, 2007 at 11:02:17AM -0700, Craig White wrote: > > > > On Thu, 2007-10-25 at 13:43 -0400, Rob Owens wrote: > > > > > Steven Santos wrote: > > > > > > So you are looking for something like IDMAP in SAMBA to map LDAP group names > > > > > > to local group names, without the numbers needing to match, > > > > > Yes, I think so... > > > > > > > > > > > or more to the > > > > > > point, the machine being able to say to the LDAP database "I am a > > > > > > Centros/RedHat/Whatever machine, the correct gid for the FUSE group is...?" > > > > > > and to get the proper mapping that way. > > > > > I wouldn't need any logic like this built in if I could simply do this: > > > > > 1) create an LDAP group called "ldapcdrom" > > > > > 2) add millions of LDAP users to the ldapcdrom group > > > > > 3) on a Debian machine, make "ldapcdrom" a member of the local group "cdrom" > > > > > 4) on a CentOS machine, make "ldapcdrom" a member of the local group "disk" > > > > > 5) *not* have to add millions of LDAP users to each local group > > > > > ("cdrom", "disk", etc) > > > > > > > > > > That way I decide which local group matches up with which ldap group, > > > > > but I only have to establish that relationship once on each machine. > > > > > Unfortunately, local groups do not seem to accept other groups as > > > > > members -- they only accept users. That is what my testing suggests, > > > > > anyway. > > > > ---- > > > > perhaps you should define what a CentOS machine and a CentOS user is. > > > > > > > > In my thinking, a user that logs onto a CentOS 4.4 or CentOS 5 system > > > > and inserts a CD has no problem using it. > > > > > > > Hmm. I also have a CentOS 4.4 and CentOS 5 server and I couldn't access the cd as a regular user w/o assigning myself to the "disk" group. Ubuntu and Debian definitely do it this way. Additionally, those distros use group membership to provide access to the sound card, video devices, scanners, and stuff like that. > > > > > ---- > > I'm not going to say I don't believe you but I am going to say that it > > doesn't match my experiences... > > > > Recognize though that if you log into GUI or somehow mount a CD as root > > and then log in as a user, that the user is not gonna have access to it. > > But the standard distribution, upon startup, user logs in, inserts CD, > > CD mounts for user (special circumstances with music CD's and DVD's) and > > the user can open it (generally automatically mounts in /media), user > > can use it, and even eject it. > > > Ubuntu (maybe CentOS, I'm not sure) automatically assign users to the cdrom group (and certain other groups) if you create the users as a "Desktop User" or something like that. If you want to check your system and see if it's this way, do ls -al /dev/cdrom and see if it's readable by all. Mine isn't. ---- RHELv5 (ES - Server install) # ls -l /dev/cdrom lrwxrwxrwx 1 root root 3 May 19 11:19 /dev/cdrom -> hda Fedora Core 6 # ls -l /dev/cdrom lrwxrwxrwx 1 root root 3 Oct 16 08:56 /dev/cdrom -> hdc These are 'out of the box' configurations Craig From mblinn at peopleplaces.org Fri Oct 26 18:18:36 2007 From: mblinn at peopleplaces.org (Michael Blinn) Date: Fri, 26 Oct 2007 14:18:36 -0400 Subject: [K12OSN] 32-bit FF Message-ID: <47222F7C.8040809@peopleplaces.org> I've finally given up on nspluginwrapper in a 64-bit Firefox (for stability reasons) and would like to run a 32-bit FF and associated plugins (java, mplayerplug-in). I have flash with sound working now on 32-bit, however I'm not sure how to proceed with the java and mplayerplug-in/mplayer installation. Does anyone have a HOWTO/experience about doing this? -Michael From jkinney at localnetsolutions.com Fri Oct 26 18:31:02 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Fri, 26 Oct 2007 14:31:02 -0400 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <47222A60.20504@paasda.org> References: <61687.74.32.255.121.1193353713.squirrel@216.24.126.68> <47214764.5050702@paasda.org> <1193366087.3960.789.camel@merlin.localnetsolutions.com> <47222A60.20504@paasda.org> Message-ID: <1193423462.3960.851.camel@merlin.localnetsolutions.com> On Fri, 2007-10-26 at 10:56 -0700, Huck wrote: > I wonder if it could be since I have Squid and Dansguardian on this same > machine that something with their configuration is preventing me from > achieving this. That could be an issue. Check the httpd logs as well as the squid logs. > > SM machine is behind this firewall and all mail services run on it alone. That simplifies things. Now the imap server is just "localhost" as well as the smtp. > > James P. Kinney III wrote: > > Is the SquirrelMail machine > > 1. Behind a firewall > > 2. different from the imap server > > 3. different from the smtp server > > ? > > > > A common scenario is to have SM on the mail machine running both smtp > > and imap behind the firewall. If that is the case, all that is needed is > > to open up port 80 and 443 at the firewall and direct the traffic to the > > SM/smtp server. > > > > iptables -t nat -I PREROUTING -d -p tcp -m tcp > > --dports 80,443 -j DNAT --to-destination > > > > iptables -I FORWARD -p tcp -m tcp -m state --state NEW --dports 80,443 > > -j ACCEPT > > iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > > > > The incoming packets have to cross BOTH the nat AND filter tale so nat > > is used to redirect (--dports may not be in your kernel so use --dport > > and two rules instead). Now the packet is "inside" the system and needs > > to be allowed to be forwarded so the next rule happens. But we still > > don't trust it so the state is checked and only related transfers happen > > afterwards. > > > > Port numbers: You don't need to allow access to port 143 to the outside > > world unless people are checking their email with a client from home. > > If so, you need to set up TLS/SSL encryption or else you will be staring > > at a security breach in the future. > > > > I HIGHLY recommend the excellent book "Real World Linux Security" by Bob > > Toxen (ISBN # 0-13-046456-2) for anyone tasked/cursed with hardening > > Linux systems. Bob was on the team that ported Unix to Silicon Graphics > > hardware and currently a system security guru. > > > > On Thu, 2007-10-25 at 18:48 -0700, Huck wrote: > >> fought with this for the past hour...gave up again. > >> it's my 3rd attempt..this is on a stand-alone debian box with no gui. > >> > >> I tried the following: > >> > >> iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j > >> DNAT --to 10.1.3.5:143 > >> iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j > >> DNAT --to 10.1.3.5:80 > >> > >> didn't work so tried: > >> > >> iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j > >> DNAT --to-destination 10.1.3.5 > >> iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j > >> DNAT --to-destination 10.1.3.5 > >> > >> > >> am I thinking backwards ? I copied what I have for my e-mail port 25 to > >> be redirected to my email server...and that I know works =) > >> > >> --Huck > >> > >> Mr Barry Cisna wrote: > >>> Huck, > >>> > >>> To allow users "at home" access to your SM server , just port forward on > >>> your border firewall. > >>> For example your SM servers internal IP address is 1.2.3.4 and you have an > >>> public ip range for your school of 4.3.2.1-4.3.2.10, just port forward > >>> 1.2.3.4 ,> 4.3.2.1. > >>> You will need to port forward, both tcp 143 and tcp 80 to the public ip > >>> address. > >>> To test get on a box "outside" of your lan and do 'telnet publicipaddress > >>> 143' and 'telnet publicipaddress 80'. if you get a response on both of > >>> these port numbers your users can access your SM at home as easy as they > >>> can at school. > >>> > >>> Take Care, > >>> > >>> Barry Cisna > >>> > >>> _______________________________________________ > >>> K12OSN mailing list > >>> K12OSN at redhat.com > >>> https://www.redhat.com/mailman/listinfo/k12osn > >>> For more info see > >>> > >>> > >> _______________________________________________ > >> K12OSN mailing list > >> K12OSN at redhat.com > >> https://www.redhat.com/mailman/listinfo/k12osn > >> For more info see > >> > >> > >> ------------------------------------------------------------------------ > >> > >> _______________________________________________ > >> K12OSN mailing list > >> K12OSN at redhat.com > >> https://www.redhat.com/mailman/listinfo/k12osn > >> For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From jkinney at localnetsolutions.com Fri Oct 26 18:34:23 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Fri, 26 Oct 2007 14:34:23 -0400 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <47222C76.4080004@paasda.org> References: <61687.74.32.255.121.1193353713.squirrel@216.24.126.68> <47214764.5050702@paasda.org> <1193366087.3960.789.camel@merlin.localnetsolutions.com> <47222C76.4080004@paasda.org> Message-ID: <1193423663.3960.856.camel@merlin.localnetsolutions.com> On Fri, 2007-10-26 at 11:05 -0700, Huck wrote: > also...is it somehow possible that the webserver on the SM machine only > accepts requests from INTERAL subnet addresses? Check the iptables on the machine to see if port 80 is blocked for non-local addresses. Since that machine runs squid, you will need to have a redirect rule for internal IPs only to use squid. Non-internal IPs should proceed unaltered to the web server. -OR- make the rule for squid to only use squid if the destination IP is Not the local IP. > > --Huck > > James P. Kinney III wrote: > > Is the SquirrelMail machine > > 1. Behind a firewall > > 2. different from the imap server > > 3. different from the smtp server > > ? > > > > A common scenario is to have SM on the mail machine running both smtp > > and imap behind the firewall. If that is the case, all that is needed is > > to open up port 80 and 443 at the firewall and direct the traffic to the > > SM/smtp server. > > > > iptables -t nat -I PREROUTING -d -p tcp -m tcp > > --dports 80,443 -j DNAT --to-destination > > > > iptables -I FORWARD -p tcp -m tcp -m state --state NEW --dports 80,443 > > -j ACCEPT > > iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > > > > The incoming packets have to cross BOTH the nat AND filter tale so nat > > is used to redirect (--dports may not be in your kernel so use --dport > > and two rules instead). Now the packet is "inside" the system and needs > > to be allowed to be forwarded so the next rule happens. But we still > > don't trust it so the state is checked and only related transfers happen > > afterwards. > > > > Port numbers: You don't need to allow access to port 143 to the outside > > world unless people are checking their email with a client from home. > > If so, you need to set up TLS/SSL encryption or else you will be staring > > at a security breach in the future. > > > > I HIGHLY recommend the excellent book "Real World Linux Security" by Bob > > Toxen (ISBN # 0-13-046456-2) for anyone tasked/cursed with hardening > > Linux systems. Bob was on the team that ported Unix to Silicon Graphics > > hardware and currently a system security guru. > > > > On Thu, 2007-10-25 at 18:48 -0700, Huck wrote: > >> fought with this for the past hour...gave up again. > >> it's my 3rd attempt..this is on a stand-alone debian box with no gui. > >> > >> I tried the following: > >> > >> iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j > >> DNAT --to 10.1.3.5:143 > >> iptables -t nat -I PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j > >> DNAT --to 10.1.3.5:80 > >> > >> didn't work so tried: > >> > >> iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 80 -j > >> DNAT --to-destination 10.1.3.5 > >> iptables -t nat -A PREROUTING -d $ETH0IP -p tcp -m tcp --dport 143 -j > >> DNAT --to-destination 10.1.3.5 > >> > >> > >> am I thinking backwards ? I copied what I have for my e-mail port 25 to > >> be redirected to my email server...and that I know works =) > >> > >> --Huck > >> > >> Mr Barry Cisna wrote: > >>> Huck, > >>> > >>> To allow users "at home" access to your SM server , just port forward on > >>> your border firewall. > >>> For example your SM servers internal IP address is 1.2.3.4 and you have an > >>> public ip range for your school of 4.3.2.1-4.3.2.10, just port forward > >>> 1.2.3.4 ,> 4.3.2.1. > >>> You will need to port forward, both tcp 143 and tcp 80 to the public ip > >>> address. > >>> To test get on a box "outside" of your lan and do 'telnet publicipaddress > >>> 143' and 'telnet publicipaddress 80'. if you get a response on both of > >>> these port numbers your users can access your SM at home as easy as they > >>> can at school. > >>> > >>> Take Care, > >>> > >>> Barry Cisna > >>> > >>> _______________________________________________ > >>> K12OSN mailing list > >>> K12OSN at redhat.com > >>> https://www.redhat.com/mailman/listinfo/k12osn > >>> For more info see > >>> > >>> > >> _______________________________________________ > >> K12OSN mailing list > >> K12OSN at redhat.com > >> https://www.redhat.com/mailman/listinfo/k12osn > >> For more info see > >> > >> > >> ------------------------------------------------------------------------ > >> > >> _______________________________________________ > >> K12OSN mailing list > >> K12OSN at redhat.com > >> https://www.redhat.com/mailman/listinfo/k12osn > >> For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From jkorzeni at battle-creek.k12.mi.us Sat Oct 27 18:28:09 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Sat, 27 Oct 2007 14:28:09 -0400 Subject: [K12OSN] 32-bit FF In-Reply-To: <47222F7C.8040809@peopleplaces.org> References: <47222F7C.8040809@peopleplaces.org> Message-ID: <47234B00.6C73.003C.0@battle-creek.k12.mi.us> There is a good walkthrough on the wiki that has what you are looking for as far as java (although it also includes flash and flash sound). I haven't installed mplayer, so unfortunately I can't help you out there. http://www.k12ltsp.org/mediawiki/index.php/K12LTSP_6.0-64bit_Config_walk_through -Joe >>> Michael Blinn 10/26/2007 2:18 PM >>> I've finally given up on nspluginwrapper in a 64-bit Firefox (for stability reasons) and would like to run a 32-bit FF and associated plugins (java, mplayerplug-in). I have flash with sound working now on 32-bit, however I'm not sure how to proceed with the java and mplayerplug-in/mplayer installation. Does anyone have a HOWTO/experience about doing this? -Michael _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From jkorzeni at battle-creek.k12.mi.us Sat Oct 27 18:36:16 2007 From: jkorzeni at battle-creek.k12.mi.us (Joe Korzeniewski) Date: Sat, 27 Oct 2007 14:36:16 -0400 Subject: [K12OSN] Client can't get IP In-Reply-To: <11a0d9090710260839x22d1caa7ne5105a750292283@mail.gmail.com> References: <11a0d9090710260839x22d1caa7ne5105a750292283@mail.gmail.com> Message-ID: <47234CE8.6C73.003C.0@battle-creek.k12.mi.us> Fajar, Although I haven't experienced this particular problem, I can tell you what I would start with. Get a hub (a real hub, not a switch) and download wireshark (runs on windows or linux). Wireshark is a packet analyzer and you can see all the traffic going on between that host and the server. Simply filter by the mac address of the client you are trying to boot and you should be able to see the dhcp dialog going on and it will give you a clue as to what part of the process is failing. Post back to the list with the results (which part is failing) and we can help from there. If you aren't familiar with the dhcp process, this link describes the basics of what happens. http://www.inetdaemon.com/tutorials/lan/dhcp/process.shtml The LTSP boot process does more with dhcp than just what is described in that page, but it does describe the part that you need to troubleshoot. -Joe >>> "Fajar Adianto" 10/26/2007 11:39 AM >>> I am new in LTSP. I use various brand of lancards in client machines and boot via floppy. All cards work well except realtek8139c and realtek 8139b (8139d's work). The clients boot stop on searching DHCP server. However from /var/log/messages I know that server had offered ip for the clients, but clients screen keep on displaying Searching for DHCP server ........I have tried various version of ROM image from rom-o-matic. What might go wrong? Thank you. From krsnendu108 at gmail.com Sun Oct 28 15:37:13 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Mon, 29 Oct 2007 04:37:13 +1300 Subject: [K12OSN] Bare metal backup strategy with RAID 10 Message-ID: We have BackupPC set up to backup /home and configuration files. Does anyone know of a good strategy to backup a complete system (that is using Linux software RAID 10)? Without RAID we can use SysrescueCD and then use Partimage to make an image copy of the partition that / is mounted on. This allows us to attempt updates etc, and if it doesn't work we can go back to the last working system without having to reinstall and reconfigure the whole system again (smbldap, flash with sound, printers etc.) I don't think partimage works with RAID 10. Is that right? Are there alternatives? Is it possible to just tar the whole / tree and achive the same effect? Thanks, Krsnendu dasa From krsnendu108 at gmail.com Sun Oct 28 15:41:12 2007 From: krsnendu108 at gmail.com (Krsnendu dasa) Date: Mon, 29 Oct 2007 04:41:12 +1300 Subject: [K12OSN] Re: Bare metal backup strategy with RAID 10 In-Reply-To: References: Message-ID: On 29/10/2007, Krsnendu dasa wrote: > We have BackupPC set up to backup /home and configuration files. > Does anyone know of a good strategy to backup a complete system (that > is using Linux software RAID 10)? > > Without RAID we can use SysrescueCD and then use Partimage to make an > image copy of the partition that / is mounted on. This allows us to > attempt updates etc, and if it doesn't work we can go back to the last > working system without having to reinstall and reconfigure the whole > system again (smbldap, flash with sound, printers etc.) > > I don't think partimage works with RAID 10. Is that right? > Are there alternatives? Is it possible to just tar the whole / tree > and achive the same effect? > I forgot to mention LVM. If it can work with LVM it is even better. From brcisna at eazylivin.net Sun Oct 28 18:06:51 2007 From: brcisna at eazylivin.net (Barry Cisna) Date: Sun, 28 Oct 2007 13:06:51 -0500 (CDT) Subject: [K12OSN] MS-Publisher ,Samba problem RE-saving files Message-ID: <51909.192.168.254.3.1193594811.squirrel@www.eazylivin.net> I posted the following over at lists samba org but not receive any responses, so I thought I post here to see if anyone has any ideas. Hello All, Run into a weird one. When students save their MS Publisher files to the samba server,they save fine. But,when they reopen them to edit them, then try to resave them they will not save. Even if they save with an extra number behind the original file name they do not save. I enabled hidden files and I do not see any lock files that have been placed into the Samba server /users/home folder? Also when MS Publisher is opened to the already saved files on Samba the program throws a couple errors about not finding the Samba shared printers. I'm guessing it is possibly a terminal services bug with MS Publisher program itself. The old days of trying to get some of the $MS programs to even install correctly on TS servers:( I'm glad they are gone. This is MS Office 2003, if that makes any diff. I never see any errors in the samba logs either right after doing the failed save.All other formats of MS Office save and re save fine. Anyone run into this before? I know we should migrate to OO2,,:) I've tried to convince all the Winders diehards of this! Thanks, Barry Cisna From HBurroughs at hhprep.org Mon Oct 29 12:31:30 2007 From: HBurroughs at hhprep.org (Burroughs, Henry) Date: Mon, 29 Oct 2007 08:31:30 -0400 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <20071026160026.C76667332A@hormel.redhat.com> Message-ID: <3437EBC2F7B463439E7CD8796349DCF2229DCC@enterprise.hhp.hhprep.org> Remember to, MS Exchange Web Access is pretty crippled in any other browser other than Internet Explorer. The pretty features your boss may be seeing will go away if used with Firefox/Opera/Safari. I'm stuck with Exchange at the moment due to Outlook. Also, for firewalls stuff, I stopped writing iptables awhile ago and use firehol (firehol.sf.net). It is a wonderful script that autogenerates your firewall rules using a fairly human readable language. It also works from the principal of everything blocked unless you specifically allow it. I do all kinds of SNAT/DNAT and other things with it. It also has a "try" command that allows you to try a new firewall and if you cause yourself to be locked out of the firewall, it automatically reverts in 30 seconds to your working firewall. Henry Burroughs Technology Director Hilton Head Preparatory School www.hhprep.org -----Original Message----- On Fri, 2007-10-26 at 00:25 -0400, "Terrell Prud? Jr." wrote: > BTW, like several other list members, I too am a former MS Exchange > Server administrator. There's no way I'd go back to it now. That is the most compelling reason for a manager/director to NOT use Exchange. The advice of experienced exchange admins who have tried something else and now will NOT recommend Exchange. -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : https://www.redhat.com/archives/k12osn/attachments/20071026/e118690c/attachment.bin From kueckerd at shenandoah.k12.ia.us Mon Oct 29 15:47:03 2007 From: kueckerd at shenandoah.k12.ia.us (Daniel Kuecker) Date: Mon, 29 Oct 2007 10:47:03 -0500 Subject: [K12OSN] NX Message-ID: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> Hello World! I am trying to setup NX so teachers can monitor some students. I have a k12ltsp 6 and k12ltsp-el5 and both are having the same problem. I keep getting the following error: NX> 203 NXSSH running with pid: 26832 NX> 285 Enabling check on switch command NX> 285 Enabling skip of SSH config files NX> 285 Setting the preferred NX options NX> 200 Connected to address: 192.168.0.18 on port: 22 NX> 202 Authenticating user: nx NX> 208 Using auth method: publickey NX> 204 Authentication failed. I have tried following some steps on the net, but none seem to work. the keys are the same... any ideas? From thewhitmers at gmail.com Mon Oct 29 15:58:32 2007 From: thewhitmers at gmail.com (David Whitmer) Date: Mon, 29 Oct 2007 11:58:32 -0400 Subject: [K12OSN] NX In-Reply-To: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: Looks like your nx client software needs to import the client key from the server. Check out the following site for instructions on doing that: http://fedoranews.org/contributors/rick_stout/freenx/ David Whitmer Director of Media & Technology Calvary Schools of Holland (Michigan) web: www.calvaryschoolsholland.org personal email: thewhitmers at gmail.com school email: david.whitmer at cshk12.org On 10/29/07, Daniel Kuecker wrote: > > > Hello World! > I am trying to setup NX so teachers can monitor some students. I have a > k12ltsp 6 and k12ltsp-el5 and both are having the same problem. I keep > getting the following error: > > NX> 203 NXSSH running with pid: 26832 > NX> 285 Enabling check on switch command > NX> 285 Enabling skip of SSH config files > NX> 285 Setting the preferred NX options > NX> 200 Connected to address: 192.168.0.18 on port: 22 > NX> 202 Authenticating user: nx > NX> 208 Using auth method: publickey > NX> 204 Authentication failed. > > I have tried following some steps on the net, but none seem to work. the > keys are the same... any ideas? > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From cliebow at ellsworthschools.org Mon Oct 29 16:02:08 2007 From: cliebow at ellsworthschools.org (Chuck Liebow) Date: Mon, 29 Oct 2007 12:02:08 -0400 Subject: [K12OSN] NX In-Reply-To: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: you Did move client.id_dsa.key to the client machine and imported that key??? From kueckerd at shenandoah.k12.ia.us Mon Oct 29 16:13:35 2007 From: kueckerd at shenandoah.k12.ia.us (Daniel Kuecker) Date: Mon, 29 Oct 2007 11:13:35 -0500 Subject: [K12OSN] NX In-Reply-To: References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> Yes i have imported the key. It appears to be the default key, but i imported it anyway. I also enabled debug logging and this is what i see : Oct 29 11:03:31 hsthin sshd[25224]: debug1: userauth-request for user nx service ssh-connection method publickey Oct 29 11:03:31 hsthin sshd[25224]: debug1: attempt 1 failures 1 Oct 29 11:03:31 hsthin sshd[25223]: debug1: PAM: setting PAM_RHOST to "192.168.10.1" Oct 29 11:03:31 hsthin sshd[25223]: debug1: PAM: setting PAM_TTY to "ssh" Oct 29 11:03:31 hsthin sshd[25223]: debug1: temporarily_use_uid: 101/103 (e=0/0) Oct 29 11:03:31 hsthin sshd[25223]: debug1: trying public key file /var/lib/nxserver/home/.ssh/authorized_keys Oct 29 11:03:31 hsthin sshd[25223]: debug1: restore_uid: 0/0 Oct 29 11:03:31 hsthin sshd[25223]: debug1: temporarily_use_uid: 101/103 (e=0/0) Oct 29 11:03:31 hsthin sshd[25223]: debug1: trying public key file /var/lib/nxserver/home/.ssh/authorized_keys Oct 29 11:03:31 hsthin sshd[25223]: debug1: restore_uid: 0/0 Oct 29 11:03:31 hsthin sshd[25223]: Failed publickey for nx from 192.168.10.1 port 34477 ssh2 >>> "David Whitmer" 10/29/07 10:58 AM >>> Looks like your nx client software needs to import the client key from the server. Check out the following site for instructions on doing that: http://fedoranews.org/contributors/rick_stout/freenx/ David Whitmer Director of Media & Technology Calvary Schools of Holland (Michigan) web: www.calvaryschoolsholland.org personal email: thewhitmers at gmail.com school email: david.whitmer at cshk12.org On 10/29/07, Daniel Kuecker wrote: > > > Hello World! > I am trying to setup NX so teachers can monitor some students. I have a > k12ltsp 6 and k12ltsp-el5 and both are having the same problem. I keep > getting the following error: > > NX> 203 NXSSH running with pid: 26832 > NX> 285 Enabling check on switch command > NX> 285 Enabling skip of SSH config files > NX> 285 Setting the preferred NX options > NX> 200 Connected to address: 192.168.0.18 on port: 22 > NX> 202 Authenticating user: nx > NX> 208 Using auth method: publickey > NX> 204 Authentication failed. > > I have tried following some steps on the net, but none seem to work. the > keys are the same... any ideas? > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From nadavkav at gmail.com Mon Oct 29 16:16:26 2007 From: nadavkav at gmail.com (Nadav Kavalerchik) Date: Mon, 29 Oct 2007 18:16:26 +0200 Subject: [K12OSN] Removing students home from desktop In-Reply-To: <471DA574.6C73.003C.0@battle-creek.k12.mi.us> References: <471C5B380200003C00004404@BCPSSMTP.battle-creek.k12.mi.us> <4219988b0710221008jd8a243cwc6efd9675b3a5170@mail.gmail.com> <471DA574.6C73.003C.0@battle-creek.k12.mi.us> Message-ID: <4219988b0710290916o56736779ld4344a5d502c0d77@mail.gmail.com> i'm running the same version as you, but we use KDE not GNOME. On 10/23/07, Joe Korzeniewski wrote: > > Nadav, > > Thanks for your help. I should have mentioned that I was using K12LTSP6. I > didn't see the .desktop files for home and such. Just out of curiosity, what > version are you running? > > -Joe > > >>> "Nadav Kavalerchik" 10/22/2007 1:08 PM >>> > here is a link to a script we use: > > http://www.eagle-israel.co.il/ltsp/admin-scripts/clear-new-users-desktop-files > it uses a text file with a list of users. > http://www.eagle-israel.co.il/ltsp/admin-scripts/users.list > > enjoy :-) > > On 10/22/07, Joe Korzeniewski wrote: > > Does anyone know of a way to remove default icons from the desktop such > as the students' home folder, computer and trash? I have a script that > mounts their network share once they have logged in, so I don't want to > confuse them with their linux home directory. > > > > Thanks, > > > > -Joe Korzeniewski > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From craig at tobyhouse.com Mon Oct 29 17:18:34 2007 From: craig at tobyhouse.com (Craig White) Date: Mon, 29 Oct 2007 10:18:34 -0700 Subject: [K12OSN] NX In-Reply-To: <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: <1193678314.26242.10.camel@cube.tobyhouse.com> On Mon, 2007-10-29 at 11:13 -0500, Daniel Kuecker wrote: > Yes i have imported the key. It appears to be the default key, but i imported it anyway. I also enabled debug logging and this is what i see : > > Oct 29 11:03:31 hsthin sshd[25224]: debug1: userauth-request for user nx service ssh-connection method publickey > Oct 29 11:03:31 hsthin sshd[25224]: debug1: attempt 1 failures 1 > Oct 29 11:03:31 hsthin sshd[25223]: debug1: PAM: setting PAM_RHOST to "192.168.10.1" > Oct 29 11:03:31 hsthin sshd[25223]: debug1: PAM: setting PAM_TTY to "ssh" > Oct 29 11:03:31 hsthin sshd[25223]: debug1: temporarily_use_uid: 101/103 (e=0/0) > Oct 29 11:03:31 hsthin sshd[25223]: debug1: trying public key file /var/lib/nxserver/home/.ssh/authorized_keys > Oct 29 11:03:31 hsthin sshd[25223]: debug1: restore_uid: 0/0 > Oct 29 11:03:31 hsthin sshd[25223]: debug1: temporarily_use_uid: 101/103 (e=0/0) > Oct 29 11:03:31 hsthin sshd[25223]: debug1: trying public key file /var/lib/nxserver/home/.ssh/authorized_keys > Oct 29 11:03:31 hsthin sshd[25223]: debug1: restore_uid: 0/0 > Oct 29 11:03:31 hsthin sshd[25223]: Failed publickey for nx from 192.168.10.1 port 34477 ssh2 > ---- /var/lib/nxserver/home.ssh/authorized_keys ? why not /var/lib/nxserver/home.ssh/authorized_keys2 ? Craig From cliebow at ellsworthschools.org Mon Oct 29 17:32:09 2007 From: cliebow at ellsworthschools.org (Chuck Liebow) Date: Mon, 29 Oct 2007 13:32:09 -0400 Subject: [K12OSN] NX In-Reply-To: <1193678314.26242.10.camel@cube.tobyhouse.com> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> < > < > <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> Message-ID: i wont say another word til i get my six working..the first one just worked..the next two giving me fits in ubuntu... From kueckerd at shenandoah.k12.ia.us Mon Oct 29 19:16:00 2007 From: kueckerd at shenandoah.k12.ia.us (Daniel Kuecker) Date: Mon, 29 Oct 2007 14:16:00 -0500 Subject: [K12OSN] NX In-Reply-To: <1193678314.26242.10.camel@cube.tobyhouse.com> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> Message-ID: <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> I dont know, that is the default i guess. I never set that... >>> Craig White 10/29/07 12:18 PM >>> On Mon, 2007-10-29 at 11:13 -0500, Daniel Kuecker wrote: > Yes i have imported the key. It appears to be the default key, but i imported it anyway. I also enabled debug logging and this is what i see : > > Oct 29 11:03:31 hsthin sshd[25224]: debug1: userauth-request for user nx service ssh-connection method publickey > Oct 29 11:03:31 hsthin sshd[25224]: debug1: attempt 1 failures 1 > Oct 29 11:03:31 hsthin sshd[25223]: debug1: PAM: setting PAM_RHOST to "192.168.10.1" > Oct 29 11:03:31 hsthin sshd[25223]: debug1: PAM: setting PAM_TTY to "ssh" > Oct 29 11:03:31 hsthin sshd[25223]: debug1: temporarily_use_uid: 101/103 (e=0/0) > Oct 29 11:03:31 hsthin sshd[25223]: debug1: trying public key file /var/lib/nxserver/home/.ssh/authorized_keys > Oct 29 11:03:31 hsthin sshd[25223]: debug1: restore_uid: 0/0 > Oct 29 11:03:31 hsthin sshd[25223]: debug1: temporarily_use_uid: 101/103 (e=0/0) > Oct 29 11:03:31 hsthin sshd[25223]: debug1: trying public key file /var/lib/nxserver/home/.ssh/authorized_keys > Oct 29 11:03:31 hsthin sshd[25223]: debug1: restore_uid: 0/0 > Oct 29 11:03:31 hsthin sshd[25223]: Failed publickey for nx from 192.168.10.1 port 34477 ssh2 > ---- /var/lib/nxserver/home.ssh/authorized_keys ? why not /var/lib/nxserver/home.ssh/authorized_keys2 ? Craig _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From craig at tobyhouse.com Mon Oct 29 20:07:44 2007 From: craig at tobyhouse.com (Craig White) Date: Mon, 29 Oct 2007 13:07:44 -0700 Subject: [K12OSN] NX In-Reply-To: <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: <1193688465.26242.28.camel@cube.tobyhouse.com> protocol 1 would use authorized_keys protocol 2 would use authorized_keys2 I am no expert on this stuff but that is my understanding. Craig On Mon, 2007-10-29 at 14:16 -0500, Daniel Kuecker wrote: > I dont know, that is the default i guess. I never set that... > > >>> Craig White 10/29/07 12:18 PM >>> > On Mon, 2007-10-29 at 11:13 -0500, Daniel Kuecker wrote: > > Yes i have imported the key. It appears to be the default key, but i imported it anyway. I also enabled debug logging and this is what i see : > > > > Oct 29 11:03:31 hsthin sshd[25224]: debug1: userauth-request for user nx service ssh-connection method publickey > > Oct 29 11:03:31 hsthin sshd[25224]: debug1: attempt 1 failures 1 > > Oct 29 11:03:31 hsthin sshd[25223]: debug1: PAM: setting PAM_RHOST to "192.168.10.1" > > Oct 29 11:03:31 hsthin sshd[25223]: debug1: PAM: setting PAM_TTY to "ssh" > > Oct 29 11:03:31 hsthin sshd[25223]: debug1: temporarily_use_uid: 101/103 (e=0/0) > > Oct 29 11:03:31 hsthin sshd[25223]: debug1: trying public key file /var/lib/nxserver/home/.ssh/authorized_keys > > Oct 29 11:03:31 hsthin sshd[25223]: debug1: restore_uid: 0/0 > > Oct 29 11:03:31 hsthin sshd[25223]: debug1: temporarily_use_uid: 101/103 (e=0/0) > > Oct 29 11:03:31 hsthin sshd[25223]: debug1: trying public key file /var/lib/nxserver/home/.ssh/authorized_keys > > Oct 29 11:03:31 hsthin sshd[25223]: debug1: restore_uid: 0/0 > > Oct 29 11:03:31 hsthin sshd[25223]: Failed publickey for nx from 192.168.10.1 port 34477 ssh2 > > > ---- > /var/lib/nxserver/home.ssh/authorized_keys ? > > why not > > /var/lib/nxserver/home.ssh/authorized_keys2 ? > > Craig > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From jobrien at meridian.wednet.edu Mon Oct 29 20:28:03 2007 From: jobrien at meridian.wednet.edu (Joe OBrien) Date: Mon, 29 Oct 2007 13:28:03 -0700 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <3437EBC2F7B463439E7CD8796349DCF2229DCC@enterprise.hhp.hhprep.org> References: <3437EBC2F7B463439E7CD8796349DCF2229DCC@enterprise.hhp.hhprep.org> Message-ID: <47264253.7060108@meridian.wednet.edu> Thanks for the input. I'll take a look at squirrelmail. The "free" Zimbra seems disables the Group Scheduling for more than 25 users, which is why I tabled that one. --joe o'brien From les at futuresource.com Mon Oct 29 20:47:24 2007 From: les at futuresource.com (Les Mikesell) Date: Mon, 29 Oct 2007 15:47:24 -0500 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <47264253.7060108@meridian.wednet.edu> References: <3437EBC2F7B463439E7CD8796349DCF2229DCC@enterprise.hhp.hhprep.org> <47264253.7060108@meridian.wednet.edu> Message-ID: <472646DC.6060302@futuresource.com> Joe OBrien wrote: > Thanks for the input. I'll take a look at squirrelmail. The "free" > Zimbra seems disables the Group Scheduling for more than 25 users, which > is why I tabled that one. I just noticed an announcement of this bundled install with open-exchange and some other things over on the Centos list: http://www.nnortux.no/www/index.php?page=ntx---collabration-solution I haven't tried it myself - or even verified that it is all in English. -- Les Mikesell lesmikesell at gmail.com From jkinney at localnetsolutions.com Mon Oct 29 21:49:50 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Mon, 29 Oct 2007 17:49:50 -0400 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <472646DC.6060302@futuresource.com> References: <3437EBC2F7B463439E7CD8796349DCF2229DCC@enterprise.hhp.hhprep.org> <47264253.7060108@meridian.wednet.edu> <472646DC.6060302@futuresource.com> Message-ID: <1193694590.3960.900.camel@merlin.localnetsolutions.com> On Mon, 2007-10-29 at 15:47 -0500, Les Mikesell wrote: > Joe OBrien wrote: > > Thanks for the input. I'll take a look at squirrelmail. The "free" > > Zimbra seems disables the Group Scheduling for more than 25 users, which > > is why I tabled that one. > > I just noticed an announcement of this bundled install with > open-exchange and some other things over on the Centos list: > http://www.nnortux.no/www/index.php?page=ntx---collabration-solution > > I haven't tried it myself - or even verified that it is all in English. From the screen shots it looks like a Nordic OpenExchange. so not all English. Must use English here. Because: What do you call some one who speaks three languages? Tri-lingual How about a person who speaks two languages? Bi-lingual Well. What do you call someone who speaks only one language? An American! > > -- > Les Mikesell > lesmikesell at gmail.com > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From nils at breun.nl Mon Oct 29 21:51:50 2007 From: nils at breun.nl (Nils Breunese) Date: Mon, 29 Oct 2007 22:51:50 +0100 Subject: [K12OSN] NX In-Reply-To: <1193688465.26242.28.camel@cube.tobyhouse.com> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> Message-ID: <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> Craig White wrote: > protocol 1 would use authorized_keys > protocol 2 would use authorized_keys2 > > I am no expert on this stuff but that is my understanding. This used to be the case, but is not generally true anymore. This depends on your distribution I believe. On Red Hat / CentOS / Fedora you can just use authorized_keys for protocol version 2. I don't know if you have to add the '2' on Debian / Ubuntu, but I usually see authorized_keys2 in howto's for Debian / Ubuntu. Maybe it works without the '2' on those distributions as well, I don't know. Nils Breunese. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: Dit deel van het bericht is digitaal ondertekend URL: From les at futuresource.com Mon Oct 29 23:15:02 2007 From: les at futuresource.com (Les Mikesell) Date: Mon, 29 Oct 2007 18:15:02 -0500 Subject: [K12OSN] Please not M$ Exchange In-Reply-To: <1193694590.3960.900.camel@merlin.localnetsolutions.com> References: <3437EBC2F7B463439E7CD8796349DCF2229DCC@enterprise.hhp.hhprep.org> <47264253.7060108@meridian.wednet.edu> <472646DC.6060302@futuresource.com> <1193694590.3960.900.camel@merlin.localnetsolutions.com> Message-ID: <47266976.6060307@futuresource.com> James P. Kinney III wrote: >> I just noticed an announcement of this bundled install with >> open-exchange and some other things over on the Centos list: >> http://www.nnortux.no/www/index.php?page=ntx---collabration-solution >> >> I haven't tried it myself - or even verified that it is all in English. > > From the screen shots it looks like a Nordic OpenExchange. so not all > English. I wouldn't make that assumption - there are probably language choices when you install it, but I don't know for sure. -- Les Mikesell lesmikesell at gmail.com From petrial at hotmail.com Tue Oct 30 10:14:50 2007 From: petrial at hotmail.com (Petri Ala-Louvesniemi) Date: Tue, 30 Oct 2007 12:14:50 +0200 Subject: [K12OSN] Edubuntu 7.10 Thin Client issue Message-ID: Hello everyone! I have been trying to setup an edubuntu thin client environment in the school I'm working. "at the moment" The computer I'm using as a server is: Dell Poweredge 2500, it has two 1 Gigabits processors, about 2 Gigabits of memory and two network cards. The cards are: Intel Corporation 82557/8/9 Ethernet pro 100 and 3Com 3c905B 100BaseTX [Cyclone]. I'm using Intel's card to connect to internet and 3Com to share ip's for thin clients through a router. The thin client I'm using to test the environment has: 2,5 Gigahertz AMD processor and 1,024 memory. It has integrated NIC on it's motherboard, NIC is NVidias nForce Networking controller. I've installed Edubuntu 7.10 on the server and modified the dhcpd.conf file. Then I run the thin client with PXE-boot and get this message: [17179570.788000] ACPI; Getting cpuindex for acpiid 0x1 ipconfig; eth0: SIOCGIFINDEX: No such device ipconfig: no devices to configure /init: .: 1: Can't open /tmp/net-eth0.conf [17179571.112000] Kernel panic - not syncing: Attempted to kill init! I'm still quite an amateur with Ubuntu, I've worked with it only for a couple of months so please, make your explanation as simple as possible. Thanks! _________________________________________________________________ Lataa 30 ILMAISTA hymi?t? Windows Live Messengeriisi! http://www.livemessenger-emoticons.com/fi-fi/ From asmo.koskinen at arkki.info Tue Oct 30 10:31:11 2007 From: asmo.koskinen at arkki.info (Asmo Koskinen) Date: Tue, 30 Oct 2007 12:31:11 +0200 Subject: [K12OSN] Edubuntu 7.10 Thin Client issue In-Reply-To: References: Message-ID: <472707EF.6050800@arkki.info> Petri Ala-Louvesniemi kirjoitti: > I have been trying to setup an edubuntu thin client environment in the school I'm working. "at the moment" > This might help you (in finnish, sorry). http://wiki.ubuntu-fi.org/LTSP_Ohjeita http://wiki.ubuntu-fi.org/Ubuntu_6.06_LTSP42 http://wiki.ubuntu-fi.org/Ubuntu_7.10_LTSP5 *blink, blink* My Schoo - well, I'm not a teacher or IT-staff ;-) - http://wiki.ubuntu-fi.org/LTSP_M%C3%A4ntykankaan_koulussa Best Regards Asmo Koskinen, Kokkola, Finland. From kueckerd at shenandoah.k12.ia.us Tue Oct 30 16:22:43 2007 From: kueckerd at shenandoah.k12.ia.us (Daniel Kuecker) Date: Tue, 30 Oct 2007 11:22:43 -0500 Subject: [K12OSN] NX In-Reply-To: <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> Message-ID: <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> I tried both keys and both failed. when I look at the client file it appears to be the nomachine key. is there a way to reset the keys? >>> Nils Breunese 10/29/07 4:51 PM >>> Craig White wrote: > protocol 1 would use authorized_keys > protocol 2 would use authorized_keys2 > > I am no expert on this stuff but that is my understanding. This used to be the case, but is not generally true anymore. This depends on your distribution I believe. On Red Hat / CentOS / Fedora you can just use authorized_keys for protocol version 2. I don't know if you have to add the '2' on Debian / Ubuntu, but I usually see authorized_keys2 in howto's for Debian / Ubuntu. Maybe it works without the '2' on those distributions as well, I don't know. Nils Breunese. From rowens at ptd.net Tue Oct 30 16:26:55 2007 From: rowens at ptd.net (Rob Owens) Date: Tue, 30 Oct 2007 12:26:55 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1193421647.2287.76.camel@cube.tobyhouse.com> References: <4720D5D8.7000906@bio-chemvalve.com> <1193335337.2287.31.camel@cube.tobyhouse.com> <20071025204401.GB5714@junker.owens.net> <1193347919.2287.46.camel@cube.tobyhouse.com> <20071025235703.GB15190@junker.owens.net> <1193421647.2287.76.camel@cube.tobyhouse.com> Message-ID: <20071030162655.GA4811@junker.owens.net> > > Ubuntu (maybe CentOS, I'm not sure) automatically assign users to the cdrom group (and certain other groups) if you create the users as a "Desktop User" or something like that. If you want to check your system and see if it's this way, do ls -al /dev/cdrom and see if it's readable by all. Mine isn't. > ---- > RHELv5 (ES - Server install) > > # ls -l /dev/cdrom > lrwxrwxrwx 1 root root 3 May 19 11:19 /dev/cdrom -> hda > > Fedora Core 6 > > # ls -l /dev/cdrom > lrwxrwxrwx 1 root root 3 Oct 16 08:56 /dev/cdrom -> hdc > > These are 'out of the box' configurations > > Craig I think symbolic links always have 777 permissions. See what the permissions are on /dev/hda and /dev/hdc on those machines. -Rob From mel at melwade.com Tue Oct 30 16:28:17 2007 From: mel at melwade.com (Mel Wade) Date: Tue, 30 Oct 2007 09:28:17 -0700 Subject: [K12OSN] NX In-Reply-To: <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: <43080f460710300928q27f8a293yc2dcab053e97c478@mail.gmail.com> I'm having the same issue. Did: yum install freenx Tried connection with Nomachine and it grabbed a key but give the same error. -- Mel Wade "The real problem is not whether machines think but whether men do." - BF Skinner http://www.melwade.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From rowens at ptd.net Tue Oct 30 16:30:39 2007 From: rowens at ptd.net (Rob Owens) Date: Tue, 30 Oct 2007 12:30:39 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <4720D5D8.7000906@bio-chemvalve.com> References: <4720D5D8.7000906@bio-chemvalve.com> Message-ID: <20071030163039.GB4811@junker.owens.net> I decided to try changing all of my local devices to have ldap-group memberships. For instance, I ran this command: find /dev -group audio -exec chgrp ldapaudio {} \; This finds every file in /dev with "audio" group membership and changes it to "ldapaudio" group membership. This works and my ldap user who is a member of the "ldapaudio" group but not the local "audio" group has access to sound devices. The problem is that on reboot, many of these /dev files get set back to "audio" group membership. Does anybody know how to stop this? I'm working on a Debian machine right now, but I'm interested in doing this on Debian, Ubuntu, and CentOS. -Rob From thewhitmers at gmail.com Tue Oct 30 16:35:35 2007 From: thewhitmers at gmail.com (David Whitmer) Date: Tue, 30 Oct 2007 12:35:35 -0400 Subject: [K12OSN] NX In-Reply-To: <43080f460710300928q27f8a293yc2dcab053e97c478@mail.gmail.com> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> <43080f460710300928q27f8a293yc2dcab053e97c478@mail.gmail.com> Message-ID: On 10/30/07, Mel Wade wrote: > > I'm having the same issue. > > Did: yum install freenx > > Tried connection with Nomachine and it grabbed a key but give the same > error. > -- > Mel Wade > "The real problem is not whether machines think but whether men do." - BF > Skinner > http://www.melwade.com > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > Grab client.id_dsa.key from the freenx server computer, from either: /etc/nxserver/ or /var/lib/nxserver/home/.ssh/ I don't recall which is the correct source for the current release of freenx. Next, copy that key file to the computer you're running NX Client on, and then import the key. David Whitmer Director of Media & Technology Calvary Schools of Holland (Michigan) web: www.calvaryschoolsholland.org personal email: thewhitmers at gmail.com school email: david.whitmer at cshk12.org -------------- next part -------------- An HTML attachment was scrubbed... URL: From craig at tobyhouse.com Tue Oct 30 16:50:15 2007 From: craig at tobyhouse.com (Craig White) Date: Tue, 30 Oct 2007 09:50:15 -0700 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071030162655.GA4811@junker.owens.net> References: <4720D5D8.7000906@bio-chemvalve.com> <1193335337.2287.31.camel@cube.tobyhouse.com> <20071025204401.GB5714@junker.owens.net> <1193347919.2287.46.camel@cube.tobyhouse.com> <20071025235703.GB15190@junker.owens.net> <1193421647.2287.76.camel@cube.tobyhouse.com> <20071030162655.GA4811@junker.owens.net> Message-ID: <1193763015.22233.17.camel@cube.tobyhouse.com> On Tue, 2007-10-30 at 12:26 -0400, Rob Owens wrote: > > > Ubuntu (maybe CentOS, I'm not sure) automatically assign users to the cdrom group (and certain other groups) if you create the users as a "Desktop User" or something like that. If you want to check your system and see if it's this way, do ls -al /dev/cdrom and see if it's readable by all. Mine isn't. > > ---- > > RHELv5 (ES - Server install) > > > > # ls -l /dev/cdrom > > lrwxrwxrwx 1 root root 3 May 19 11:19 /dev/cdrom -> hda > > > > Fedora Core 6 > > > > # ls -l /dev/cdrom > > lrwxrwxrwx 1 root root 3 Oct 16 08:56 /dev/cdrom -> hdc > > > > These are 'out of the box' configurations > > > > Craig > > I think symbolic links always have 777 permissions. See what the permissions are on /dev/hda and /dev/hdc on those machines. ---- I agree - that totally misses my point about udev see my reply to another fork in this thread coming shortly Craig From craig at tobyhouse.com Tue Oct 30 16:56:37 2007 From: craig at tobyhouse.com (Craig White) Date: Tue, 30 Oct 2007 09:56:37 -0700 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <20071030163039.GB4811@junker.owens.net> References: <4720D5D8.7000906@bio-chemvalve.com> <20071030163039.GB4811@junker.owens.net> Message-ID: <1193763397.22233.26.camel@cube.tobyhouse.com> On Tue, 2007-10-30 at 12:30 -0400, Rob Owens wrote: > I decided to try changing all of my local devices to have ldap-group memberships. For instance, I ran this command: > > find /dev -group audio -exec chgrp ldapaudio {} \; > > This finds every file in /dev with "audio" group membership and changes it to "ldapaudio" group membership. This works and my ldap user who is a member of the "ldapaudio" group but not the local "audio" group has access to sound devices. The problem is that on reboot, many of these /dev files get set back to "audio" group membership. Does anybody know how to stop this? I'm working on a Debian machine right now, but I'm interested in doing this on Debian, Ubuntu, and CentOS. > ---- when all you have is a hammer, everything looks like a nail. You really need to read up on udev because that is about using devices in user space. this is about the best write up on udev I have seen... http://www.reactivated.net/writing_udev_rules.html The entire point is to establish a set of rules that dynamically sets permissions for removable devices in user space so that root permissions and various entries into fstab are not required. You should discover that udev has rules & permissions that are set within the files in /etc/udev/rules.d, parsed in order and the devices and permissions attached to those devices are created dynamically according to those rules. Craig From craig at tobyhouse.com Tue Oct 30 16:59:09 2007 From: craig at tobyhouse.com (Craig White) Date: Tue, 30 Oct 2007 09:59:09 -0700 Subject: [K12OSN] NX In-Reply-To: References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> <43080f460710300928q27f8a293yc2dcab053e97c478@mail.gmail.com> Message-ID: <1193763549.22233.28.camel@cube.tobyhouse.com> On Tue, 2007-10-30 at 12:35 -0400, David Whitmer wrote: > On 10/30/07, Mel Wade wrote: > I'm having the same issue. > > Did: yum install freenx > > Tried connection with Nomachine and it grabbed a key but give > the same error. > -- > Mel Wade > "The real problem is not whether machines think but whether > men do." - BF Skinner > http://www.melwade.com > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > Grab client.id_dsa.key from the freenx server computer, from either: > > /etc/nxserver/ > > or > > /var/lib/nxserver/home/.ssh/ > > I don't recall which is the correct source for the current release of > freenx. > > Next, copy that key file to the computer you're running NX Client on, > and then import the key. ---- this file on the nx 'server' /etc/nxserver/client.id_dsa.key must be copied/imported into any client connection key wishing to connect to that server Craig From simpsond at leopards.k12.ar.us Tue Oct 30 18:09:56 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Tue, 30 Oct 2007 12:09:56 -0600 Subject: [K12OSN] bash script help Message-ID: <47271F14.550C.0078.0@leopards.k12.ar.us> Hi all! I have a script that I am trying to get to work and I can't get it right. It is a script that will write the names of offline servers to a textfile. As it is, it only does the first server and repeats, *unless* the first server is not online, in which it writes to the file and then goes on to the next one. How can I make it continue through the script regardless of whether or not each server is online, but still echo the text to the file if it finds one offline and then restart at the top of the list again? The script follows. ****************************************** #!/bin/bash while (true) do #sleep 30 if ping -i 3 -c 3 10.40.12.56 then continue else echo "Doug's workstation is offline. Please check it!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.1 then continue else echo "Please check on Leopards Server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.26 then continue else echo "Please check on Students server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.2 then continue else echo "Please check on elementary lab server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.10 then continue else echo "Please check on elementary primary server. It appears to be offline!" >>serverdown.txt fi done *************************************************** Thanks for any assistance. Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us From les at futuresource.com Tue Oct 30 18:04:37 2007 From: les at futuresource.com (Les Mikesell) Date: Tue, 30 Oct 2007 13:04:37 -0500 Subject: [K12OSN] bash script help In-Reply-To: <47271F14.550C.0078.0@leopards.k12.ar.us> References: <47271F14.550C.0078.0@leopards.k12.ar.us> Message-ID: <47277235.9070208@futuresource.com> Doug Simpson wrote: > I have a script that I am trying to get to work and I can't get it right. It is a script that will write the names of offline servers to a textfile. > > As it is, it only does the first server and repeats, *unless* the first server is not online, in which it writes to the file and then goes on to the next one. > How can I make it continue through the script regardless of whether or not each server is online, but still echo the text to the file if it finds one offline and then restart at the top of the list again? > > The script follows. > > ****************************************** > #!/bin/bash > while (true) > do > #sleep 30 > if ping -i 3 -c 3 10.40.12.56 > then > continue > else > echo "Doug's workstation is offline. Please check it!" >>serverdown.txt > fi [..lots of repeated stuff...] I'd make a text file in the form: ip_address text to log And use a script like: #!/bin/bash while : sleep 30 do while read ADD TEXT ping -i 3 -c 3 $ADD || echo $TEXT >>serverdown.txt done References: <47271F14.550C.0078.0@leopards.k12.ar.us> Message-ID: <47273259.0172.0037.0@paragould.k12.ar.us> See if this will work for you: #!/bin/bash # add IP or hostname separated by white space HOSTS="170.211.125.81 170.211.125.76 70.128.5.138" # number of ping requests COUNT=3 for thisHost in $HOSTS do count=$(ping -c $COUNT $thisHost | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }') if [ $count -eq 0 ]; then # 100% failed echo "Host : $thisHost is down (ping failed) at $(date)" >> /usr/local/serverdown.txt fi done exit 0 HTH, Rob ------------------------------------- Rob Asher Network Systems Technician Paragould School District (870)236-7744 Ext. 169 >>> "Doug Simpson" 10/30/2007 1:09 pm >>> Hi all! I have a script that I am trying to get to work and I can't get it right. It is a script that will write the names of offline servers to a textfile. As it is, it only does the first server and repeats, *unless* the first server is not online, in which it writes to the file and then goes on to the next one. How can I make it continue through the script regardless of whether or not each server is online, but still echo the text to the file if it finds one offline and then restart at the top of the list again? The script follows. ****************************************** #!/bin/bash while (true) do #sleep 30 if ping -i 3 -c 3 10.40.12.56 then continue else echo "Doug's workstation is offline. Please check it!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.1 then continue else echo "Please check on Leopards Server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.26 then continue else echo "Please check on Students server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.2 then continue else echo "Please check on elementary lab server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.10 then continue else echo "Please check on elementary primary server. It appears to be offline!" >>serverdown.txt fi done *************************************************** Thanks for any assistance. Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -- This message has been scanned for viruses and dangerous content by The MailScanner at the Paragould School District, http://paragould.k12.ar.us, and is believed to be clean. From rowens at ptd.net Tue Oct 30 18:36:38 2007 From: rowens at ptd.net (Rob Owens) Date: Tue, 30 Oct 2007 14:36:38 -0400 Subject: [K12OSN] smbldap - adding ldap users to local groups In-Reply-To: <1193763397.22233.26.camel@cube.tobyhouse.com> References: <4720D5D8.7000906@bio-chemvalve.com> <20071030163039.GB4811@junker.owens.net> <1193763397.22233.26.camel@cube.tobyhouse.com> Message-ID: <20071030183638.GA7809@junker.owens.net> On Tue, Oct 30, 2007 at 09:56:37AM -0700, Craig White wrote: > On Tue, 2007-10-30 at 12:30 -0400, Rob Owens wrote: > > I decided to try changing all of my local devices to have ldap-group memberships. For instance, I ran this command: > > > > find /dev -group audio -exec chgrp ldapaudio {} \; > > > > This finds every file in /dev with "audio" group membership and changes it to "ldapaudio" group membership. This works and my ldap user who is a member of the "ldapaudio" group but not the local "audio" group has access to sound devices. The problem is that on reboot, many of these /dev files get set back to "audio" group membership. Does anybody know how to stop this? I'm working on a Debian machine right now, but I'm interested in doing this on Debian, Ubuntu, and CentOS. > > > ---- > when all you have is a hammer, everything looks like a nail. > > You really need to read up on udev because that is about using devices > in user space. > > this is about the best write up on udev I have seen... > http://www.reactivated.net/writing_udev_rules.html > > The entire point is to establish a set of rules that dynamically sets > permissions for removable devices in user space so that root permissions > and various entries into fstab are not required. > > You should discover that udev has rules & permissions that are set > within the files in /etc/udev/rules.d, parsed in order and the devices > and permissions attached to those devices are created dynamically > according to those rules. > Thanks. I did find /etc/udev/rules.d/020_permissions.rules, and that looked promising. Unfortunately, changing the "audio" groups in that file to "ldapaudio" did not do what I was hoping it would do. Time to read the link you sent me. -Rob From rowens at ptd.net Tue Oct 30 18:53:53 2007 From: rowens at ptd.net (Rob Owens) Date: Tue, 30 Oct 2007 14:53:53 -0400 Subject: [K12OSN] NX In-Reply-To: <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: <20071030185353.GB7809@junker.owens.net> I think CentOS (and probably Fedora) packages for nxserver automatically generate their own server key instead of using the default nomachine key. You can generate the nomachine key on the server by running "nxsetup --setup-nomachine-key". This will make your client configuration simpler (they will by default have the correct key), but it's slightly less secure in that you cannot be positive that your client is communicating with *your* server (and not a man-in-the-middle server). On a small local network this isn't really an issue. Over the internet, though, it could be exploited. -Rob On Tue, Oct 30, 2007 at 11:22:43AM -0500, Daniel Kuecker wrote: > I tried both keys and both failed. when I look at the client file it appears to be the nomachine key. is there a way to reset the keys? > > >>> Nils Breunese 10/29/07 4:51 PM >>> > Craig White wrote: > > > protocol 1 would use authorized_keys > > protocol 2 would use authorized_keys2 > > > > I am no expert on this stuff but that is my understanding. > > This used to be the case, but is not generally true anymore. This > depends on your distribution I believe. On Red Hat / CentOS / Fedora > you can just use authorized_keys for protocol version 2. I don't know > if you have to add the '2' on Debian / Ubuntu, but I usually see > authorized_keys2 in howto's for Debian / Ubuntu. Maybe it works > without the '2' on those distributions as well, I don't know. > > Nils Breunese. > > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From rasher at paragould.k12.ar.us Tue Oct 30 20:55:22 2007 From: rasher at paragould.k12.ar.us (Rob Asher) Date: Tue, 30 Oct 2007 15:55:22 -0500 Subject: [K12OSN] bash script help In-Reply-To: <47271F14.550C.0078.0@leopards.k12.ar.us> References: <47271F14.550C.0078.0@leopards.k12.ar.us> Message-ID: <472753F0.0172.0037.0@paragould.k12.ar.us> Had a couple people ask how the results could be emailed to them so here's a revised version of my earlier script: #!/bin/bash # add IP or hostname separated by white space HOSTS="10.40.12.1 10.40.12.2 10.40.12.10 10.40.12.26 10.40.12.56" # Optional email report variables SUBJECT="Host(s) Down!" EMAIL="you at whereever.com" # number of ping requests COUNT=3 for myHost in $HOSTS do count=$(ping -c $COUNT $myHost | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }') if [ $count -eq 0 ]; then # 100% failed HOSTSDOWN=$(printf "%s\n%s\n" "$myHost" "$HOSTSDOWN") echo "Host : $myHost is down (ping failed) at $(date)" >> /usr/local/serverdown.txt fi done # uncomment to email results when done #if [ -n "$HOSTSDOWN" ]; then #mail -s "$SUBJECT" $EMAIL <>> "Doug Simpson" 10/30/2007 1:09 pm >>> Hi all! I have a script that I am trying to get to work and I can't get it right. It is a script that will write the names of offline servers to a textfile. As it is, it only does the first server and repeats, *unless* the first server is not online, in which it writes to the file and then goes on to the next one. How can I make it continue through the script regardless of whether or not each server is online, but still echo the text to the file if it finds one offline and then restart at the top of the list again? The script follows. ****************************************** #!/bin/bash while (true) do #sleep 30 if ping -i 3 -c 3 10.40.12.56 then continue else echo "Doug's workstation is offline. Please check it!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.1 then continue else echo "Please check on Leopards Server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.26 then continue else echo "Please check on Students server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.2 then continue else echo "Please check on elementary lab server. It appears to be offline!" >>serverdown.txt fi if ping -i 3 -c 3 10.40.12.10 then continue else echo "Please check on elementary primary server. It appears to be offline!" >>serverdown.txt fi done *************************************************** Thanks for any assistance. Doug Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see -- This message has been scanned for viruses and dangerous content by The MailScanner at the Paragould School District, http://paragould.k12.ar.us, and is believed to be clean. From adiantof at gmail.com Tue Oct 30 21:15:53 2007 From: adiantof at gmail.com (Fajar Adianto) Date: Wed, 31 Oct 2007 04:15:53 +0700 Subject: [K12OSN] Client can't get IP In-Reply-To: <47234CE8.6C73.003C.0@battle-creek.k12.mi.us> References: <11a0d9090710260839x22d1caa7ne5105a750292283@mail.gmail.com> <47234CE8.6C73.003C.0@battle-creek.k12.mi.us> Message-ID: <11a0d9090710301415t471320axc723c18f2c89cef4@mail.gmail.com> Joe, I don't know what the problem is. One terminal that failed to get IP is now succeded to catch the IP reserved to it in dhcpd.conf. But the boot process is stop at "loading 192.168.0.254:/lts/vmlinuz.ltsp............. .". I didn't do anything. I really need any suggestion. Here I attach the result captured from wireshark. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ws005.txt URL: From ssh at tranquility.net Wed Oct 31 02:02:11 2007 From: ssh at tranquility.net (ssh at tranquility.net) Date: Tue, 30 Oct 2007 21:02:11 -0500 Subject: [K12OSN] Re: Bare metal backup strategy with RAID 10 In-Reply-To: References: Message-ID: <1193796132.15505.13.camel@bofh.ltsp> On Mon, 2007-10-29 at 04:41 +1300, Krsnendu dasa wrote: > On 29/10/2007, Krsnendu dasa wrote: > > We have BackupPC set up to backup /home and configuration files. > > Does anyone know of a good strategy to backup a complete system (that > > is using Linux software RAID 10)? Mondorescue may be what you need. It lets you back up to tape, ISO, NFS mounts or nearly anything writable. I have been using it off and on for years. I stopped for awhile, because there was a disagreement on the default blocksize between Fedora and Mondorescue. This was _very_ annoying after it had worked perfectly for years. For the sake of archive, here is the solution I found: Q20/ I get error messages like size 4096, block-18446744071562067968, b_blocknr=2147483648 what is the problem ?? You may be using a default minimum blocksize for RAM disks of 4k (Fedora kernel 2.6.18* and higher, e.g., RHEL5, ...) so try to add ramdisk_blocksize=1024 to your boot command at boot prompt of isolinux when booting your mondorescue media. For example: boot: interactive ramdisk_blocksize=1024 Another way to solve it is to edit the file /usr/sbin/mindi and add the ramdisk_blocksize to the line of additional boot parameters. Then make a new backup. I added it to mindi and it works flawlessly. I backup to 110 gig tapes. I can format and restore from bare metal in under 30 minutes. When I first got this working reliably, I would gleefully blow away my working install every day, just to see it happen. I use it on a basic filesystem, but looking through http://www.mondorescue.org/docs/mondorescue-howto.html it looks like it can back up LVM and RAID. You may need to manually edit the mountlist manually to restore, but backup can be automated through cron jobs. I use it on K12LTSP 4.4.2 and I had to get a newer version than was available in the repos. Hope this helps, Scott S. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From jkinney at localnetsolutions.com Wed Oct 31 12:20:07 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Wed, 31 Oct 2007 08:20:07 -0400 Subject: [K12OSN] NX In-Reply-To: <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: <1193833207.3960.936.camel@merlin.localnetsolutions.com> On Tue, 2007-10-30 at 11:22 -0500, Daniel Kuecker wrote: > I tried both keys and both failed. when I look at the client file it appears to be the nomachine key. is there a way to reset the keys? > > >>> Nils Breunese 10/29/07 4:51 PM >>> > Craig White wrote: > > > protocol 1 would use authorized_keys > > protocol 2 would use authorized_keys2 > > > > I am no expert on this stuff but that is my understanding. > > This used to be the case, but is not generally true anymore. This > depends on your distribution I believe. On Red Hat / CentOS / Fedora > you can just use authorized_keys for protocol version 2. I don't know > if you have to add the '2' on Debian / Ubuntu, but I usually see > authorized_keys2 in howto's for Debian / Ubuntu. Maybe it works > without the '2' on those distributions as well, I don't know. The authorized_keys used is defined in /etc/ssh/sshd_config as the line: AuthorizedKeysFile .ssh/authorized_keys > > Nils Breunese. > > > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From simpsond at leopards.k12.ar.us Wed Oct 31 13:51:45 2007 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Wed, 31 Oct 2007 07:51:45 -0600 Subject: [K12OSN] bash script help In-Reply-To: <47277235.9070208@futuresource.com> References: <47271F14.550C.0078.0@leopards.k12.ar.us> <47277235.9070208@futuresource.com> Message-ID: <47283411.550C.0078.0@leopards.k12.ar.us> Is it just not possible to make a bash script run in a continuous loop? Your solution looks to be about the easiest to do, but, like the rest, has no provision for the "restart at the top of the list again" part. No one has offered a solution that includes that. . . In your solution, would I need the text to log in quotes if it were more than one word so it wouldn't think it was more than one variable? like: 10.40.12.3 "This hostname is down." And, will it not report anything if the host is *not* down? For the purpose, I need it to sit there quietly running until it sees that a host is actually down before it takes any action. Then it reports, and continues on to the next one and so on. What does this line do?: done >> Les Mikesell 10/30/2007 1:04 PM >>> Doug Simpson wrote: > I have a script that I am trying to get to work and I can't get it right. It is a script that will write the names of offline servers to a textfile. > > As it is, it only does the first server and repeats, *unless* the first server is not online, in which it writes to the file and then goes on to the next one. > How can I make it continue through the script regardless of whether or not each server is online, but still echo the text to the file if it finds one offline and then restart at the top of the list again? > > The script follows. > > ****************************************** > #!/bin/bash > while (true) > do > #sleep 30 > if ping -i 3 -c 3 10.40.12.56 > then > continue > else > echo "Doug's workstation is offline. Please check it!" >>serverdown.txt > fi [..lots of repeated stuff...] I'd make a text file in the form: ip_address text to log And use a script like: #!/bin/bash while : sleep 30 do while read ADD TEXT ping -i 3 -c 3 $ADD || echo $TEXT >>serverdown.txt done From jkinney at localnetsolutions.com Wed Oct 31 13:08:21 2007 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Wed, 31 Oct 2007 09:08:21 -0400 Subject: [K12OSN] bash script help In-Reply-To: <47283411.550C.0078.0@leopards.k12.ar.us> References: <47271F14.550C.0078.0@leopards.k12.ar.us> <47277235.9070208@futuresource.com> <47283411.550C.0078.0@leopards.k12.ar.us> Message-ID: <1193836101.3960.945.camel@merlin.localnetsolutions.com> #!/bin/sh runforever=1 while [ $runforever ] do done It will chew up resources and spit out the pieces (unless sleep is used judiciously). Which is why it is best to have it as a cron job run once a minute. From a sysadmin standpoint, a 30-40 second delay in notification of a failed service is usually OK. If it's not, that service needs to be on a dedicated machine running watchdog services. I have seen wrapper scripts that do something along the lines as above but use the PID of the service. This can be used to auto-restart a failed service but it will not detect the crashed service that has a dangling PID. On Wed, 2007-10-31 at 07:51 -0600, Doug Simpson wrote: > Is it just not possible to make a bash script run in a continuous > loop? Your solution looks to be about the easiest to do, but, like the > rest, has no provision for the "restart at the top of the list again" > part. No one has offered a solution that includes that. . . > > In your solution, would I need the text to log in quotes if it were > more than one word so it wouldn't think it was more than one variable? > > like: > 10.40.12.3 "This hostname is down." > > And, will it not report anything if the host is *not* down? For the > purpose, I need it to sit there quietly running until it sees that a > host is actually down before it takes any action. Then it reports, and > continues on to the next one and so on. > > What does this line do?: > done > Thanks for your assistance! > > Doug > > Doug Simpson > Technology Specialist > De Queen Public Schools > De Queen, AR > simpsond at leopards.k12.ar.us > > >>> Les Mikesell 10/30/2007 1:04 PM >>> > Doug Simpson wrote: > > > I have a script that I am trying to get to work and I can't get it > right. It is a script that will write the names of offline servers to > a textfile. > > > > As it is, it only does the first server and repeats, *unless* the > first server is not online, in which it writes to the file and then > goes on to the next one. > > How can I make it continue through the script regardless of whether > or not each server is online, but still echo the text to the file if > it finds one offline and then restart at the top of the list again? > > > > The script follows. > > > > ****************************************** > > #!/bin/bash > > while (true) > > do > > #sleep 30 > > if ping -i 3 -c 3 10.40.12.56 > > then > > continue > > else > > echo "Doug's workstation is offline. Please check it!" > >>serverdown.txt > > fi > > [..lots of repeated stuff...] > > > I'd make a text file in the form: > > ip_address text to log > > And use a script like: > > #!/bin/bash > while : > sleep 30 > do > while read ADD TEXT > ping -i 3 -c 3 $ADD || echo $TEXT >>serverdown.txt > done done > > -- > Les Mikesell > lesmikesell at gmail.com > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC 770-493-8244 http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From les at futuresource.com Wed Oct 31 13:23:04 2007 From: les at futuresource.com (Les Mikesell) Date: Wed, 31 Oct 2007 08:23:04 -0500 Subject: [K12OSN] bash script help In-Reply-To: <47283411.550C.0078.0@leopards.k12.ar.us> References: <47271F14.550C.0078.0@leopards.k12.ar.us> <47277235.9070208@futuresource.com> <47283411.550C.0078.0@leopards.k12.ar.us> Message-ID: <472881B8.7070206@futuresource.com> Doug Simpson wrote: > Is it just not possible to make a bash script run in a continuous loop? Yes, note the outer loop of while : do [...] done The : statement does nothing but evaluates 'true' so the loop runs forever. > Your solution looks to be about the easiest to do, but, like the rest, > has no provision for the "restart at the top of the list again" part. Try it. It will wait 30 seconds after it restarts the loop. > In your solution, would I need the text to log in quotes if it were more than one word so it wouldn't think it was more than one variable? > > like: > 10.40.12.3 "This hostname is down." In a read statement, the line is split on white space (actually $IFS so it coud be changed) and assigned to the variables in the list. All remaining variables go to the last variable. So you don't need to quote, although multiple spaces might get collapsed to one if you don't quote the variable in the echo like "$TEXT" > And, will it not report anything if the host is *not* down? For the > purpose, I need it to sit there quietly running until it sees that a > host is actually down before it takes any action. Then it reports, > and continues on to the next one and so on. Yes the || construct means 'or' and the right side won't happen unless the left side fails (returns a non-zero status). > What does this line do?: > done I'd make a text file in the form: > > ip_address text to log > > And use a script like: > > #!/bin/bash > while : > sleep 30 > do > while read ADD TEXT > ping -i 3 -c 3 $ADD || echo $TEXT >>serverdown.txt > done done -- Les Mikesell les at futuresource.com From kueckerd at shenandoah.k12.ia.us Wed Oct 31 15:36:44 2007 From: kueckerd at shenandoah.k12.ia.us (Daniel Kuecker) Date: Wed, 31 Oct 2007 10:36:44 -0500 Subject: [K12OSN] NX In-Reply-To: <1193833207.3960.936.camel@merlin.localnetsolutions.com> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> <1193833207.3960.936.camel@merlin.localnetsolutions.com> Message-ID: <472850C5.0DA4.007D.0@shenandoah.k12.ia.us> OK. Finally got it working. I had to run /usr/share/doc/freenx/nxsetup --setup-nomachine-key. but I kept getting an error about nxloader not found, so I had to create a link to it in /usr/local/sbin. now it works fine.. Thanks everyone! From microman at cmosnetworks.com Wed Oct 31 16:02:33 2007 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Wed, 31 Oct 2007 12:02:33 -0400 Subject: [K12OSN] Client can't get IP In-Reply-To: <11a0d9090710301415t471320axc723c18f2c89cef4@mail.gmail.com> References: <11a0d9090710260839x22d1caa7ne5105a750292283@mail.gmail.com> <47234CE8.6C73.003C.0@battle-creek.k12.mi.us> <11a0d9090710301415t471320axc723c18f2c89cef4@mail.gmail.com> Message-ID: <4728A719.1060102@cmosnetworks.com> Fajar Adianto wrote: > Joe, > > I don't know what the problem is. One terminal that failed to get IP > is now succeded to catch the IP reserved to it in dhcpd.conf. But the > boot process is stop at "loading 192.168.0.254:/lts/vmlinuz > .ltsp............. .". I didn't do anything. > I really need any suggestion. > Here I attach the result captured from wireshark. > >From what I read of this, I'm not seeing any replies from 192.168.0.254 in your capture, yet I do see a DHCPDISCOVER followed by the DHCPREQUEST, and you can't have the latter before the former unless you really are renewing an existing lease (from the client's perspective). Am I missing something? --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! -------------- next part -------------- An HTML attachment was scrubbed... URL: From les at futuresource.com Wed Oct 31 16:21:31 2007 From: les at futuresource.com (Les Mikesell) Date: Wed, 31 Oct 2007 11:21:31 -0500 Subject: [K12OSN] NX In-Reply-To: <472850C5.0DA4.007D.0@shenandoah.k12.ia.us> References: <4725B024.0DA4.007D.0@shenandoah.k12.ia.us> <4725B65C.0DA4.007D.0@shenandoah.k12.ia.us> <1193678314.26242.10.camel@cube.tobyhouse.com> <4725E11E.0DA4.007D.0@shenandoah.k12.ia.us> <1193688465.26242.28.camel@cube.tobyhouse.com> <5C7455B7-B83F-4972-9CDD-0529F751E4C8@breun.nl> <47270A06.0DA4.007D.0@shenandoah.k12.ia.us> <1193833207.3960.936.camel@merlin.localnetsolutions.com> <472850C5.0DA4.007D.0@shenandoah.k12.ia.us> Message-ID: <4728AB8B.3050403@futuresource.com> Daniel Kuecker wrote: > OK. Finally got it working. I had to run /usr/share/doc/freenx/nxsetup --setup-nomachine-key. but I kept getting an error about nxloader not found, so I had to create a link to it in /usr/local/sbin. now it works fine.. > > Thanks everyone! You should only have needed to do that if you used the default key in the client. It should also work to pick up the unique /etc/nxserver/client.id_dsa.key generated by the freenx install and import that into the client for that specific server. -- Les Mikesell les at futuresource.com From dahopkins429 at gmail.com Wed Oct 31 17:22:48 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Wed, 31 Oct 2007 13:22:48 -0400 Subject: [K12OSN] OT: Pushing a printer to windows systems Message-ID: This is OT, but is there a simple way to add a network printer to a windows system via Samba? Other than logging onto each system and adding the printer manually, I have not found a simple way to do so. Windows Server 2003 has a printer tool that can do so in an Active Directory environment, but I am using LDAP. Sincerely, Dave Hopkins From craig at tobyhouse.com Wed Oct 31 17:45:06 2007 From: craig at tobyhouse.com (Craig White) Date: Wed, 31 Oct 2007 10:45:06 -0700 Subject: [K12OSN] OT: Pushing a printer to windows systems In-Reply-To: References: Message-ID: <1193852706.3469.27.camel@cube.tobyhouse.com> On Wed, 2007-10-31 at 13:22 -0400, David Hopkins wrote: > This is OT, but is there a simple way to add a network printer to a > windows system via Samba? Other than logging onto each system and > adding the printer manually, I have not found a simple way to do so. > Windows Server 2003 has a printer tool that can do so in an Active > Directory environment, but I am using LDAP. ---- net use \\SERVER\PRINTER probably a good place to add this is in logon script type 'net use /?' on a Windows system to get other parameters to this command if necessary Craig From dahopkins429 at gmail.com Wed Oct 31 18:19:19 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Wed, 31 Oct 2007 14:19:19 -0400 Subject: [K12OSN] OT: Pushing a printer to windows systems In-Reply-To: <1193852706.3469.27.camel@cube.tobyhouse.com> References: <1193852706.3469.27.camel@cube.tobyhouse.com> Message-ID: That then requires making sure that Samba knows where the correct printer definition files are located as well then so that the local machine can install them correctly? On 10/31/07, Craig White wrote: > On Wed, 2007-10-31 at 13:22 -0400, David Hopkins wrote: > > This is OT, but is there a simple way to add a network printer to a > > windows system via Samba? Other than logging onto each system and > > adding the printer manually, I have not found a simple way to do so. > > Windows Server 2003 has a printer tool that can do so in an Active > > Directory environment, but I am using LDAP. > ---- > net use \\SERVER\PRINTER > > probably a good place to add this is in logon script > > type 'net use /?' on a Windows system to get other parameters to this > command if necessary > > Craig > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From cockrell at honeygroveisd.net Wed Oct 31 19:52:51 2007 From: cockrell at honeygroveisd.net (Mark Cockrell) Date: Wed, 31 Oct 2007 14:52:51 -0500 Subject: [K12OSN] VNC Setup Script Message-ID: <4728DD13.7070601@honeygroveisd.net> One of my favorite things about the default k12LTSP setup is the way it integrates VNC so smoothly. Is there a script somewhere I can use on my non-K12LTSP servers (Fedora Core and CentOS) that would create the same results? I'm sure I could search Google and find out how to do it, but since it's already been done so well, I thought I'd just ask here first. -- C-ya, Mark ____ A full seven percent of the entire Irish barley crop goes to the production of Guinness beer. From craig at tobyhouse.com Wed Oct 31 19:58:26 2007 From: craig at tobyhouse.com (Craig White) Date: Wed, 31 Oct 2007 12:58:26 -0700 Subject: [K12OSN] OT: Pushing a printer to windows systems In-Reply-To: References: <1193852706.3469.27.camel@cube.tobyhouse.com> Message-ID: <1193860706.3469.46.camel@cube.tobyhouse.com> Yes - the printer definition/drivers either must be installed already on the computer (requires administrator privileges) or what I have found to be the absolutely best way of handling things... http://samba.org/samba/docs/man/Samba-HOWTO-Collection/classicalprinting.html#id388379 Windows 'Add Printer Wizard' as administrator which will automatically install the print drivers (if needed) on any domain client system Craig On Wed, 2007-10-31 at 14:19 -0400, David Hopkins wrote: > That then requires making sure that Samba knows where the correct > printer definition files are located as well then so that the local > machine can install them correctly? > > On 10/31/07, Craig White wrote: > > On Wed, 2007-10-31 at 13:22 -0400, David Hopkins wrote: > > > This is OT, but is there a simple way to add a network printer to a > > > windows system via Samba? Other than logging onto each system and > > > adding the printer manually, I have not found a simple way to do so. > > > Windows Server 2003 has a printer tool that can do so in an Active > > > Directory environment, but I am using LDAP. > > ---- > > net use \\SERVER\PRINTER > > > > probably a good place to add this is in logon script > > > > type 'net use /?' on a Windows system to get other parameters to this > > command if necessary > > > > Craig > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From dahopkins429 at gmail.com Wed Oct 31 20:14:14 2007 From: dahopkins429 at gmail.com (David Hopkins) Date: Wed, 31 Oct 2007 16:14:14 -0400 Subject: [K12OSN] OT: Pushing a printer to windows systems In-Reply-To: <1193860706.3469.46.camel@cube.tobyhouse.com> References: <1193852706.3469.27.camel@cube.tobyhouse.com> <1193860706.3469.46.camel@cube.tobyhouse.com> Message-ID: Thanks, I will be trying it. On 10/31/07, Craig White wrote: > Yes - the printer definition/drivers either must be installed already on > the computer (requires administrator privileges) or what I have found to > be the absolutely best way of handling things... > > http://samba.org/samba/docs/man/Samba-HOWTO-Collection/classicalprinting.html#id388379 > > Windows 'Add Printer Wizard' as administrator which will automatically > install the print drivers (if needed) on any domain client system > > Craig > > On Wed, 2007-10-31 at 14:19 -0400, David Hopkins wrote: > > That then requires making sure that Samba knows where the correct > > printer definition files are located as well then so that the local > > machine can install them correctly? > > > > On 10/31/07, Craig White wrote: > > > On Wed, 2007-10-31 at 13:22 -0400, David Hopkins wrote: > > > > This is OT, but is there a simple way to add a network printer to a > > > > windows system via Samba? Other than logging onto each system and > > > > adding the printer manually, I have not found a simple way to do so. > > > > Windows Server 2003 has a printer tool that can do so in an Active > > > > Directory environment, but I am using LDAP. > > > ---- > > > net use \\SERVER\PRINTER > > > > > > probably a good place to add this is in logon script > > > > > > type 'net use /?' on a Windows system to get other parameters to this > > > command if necessary > > > > > > Craig > > > > > > _______________________________________________ > > > K12OSN mailing list > > > K12OSN at redhat.com > > > https://www.redhat.com/mailman/listinfo/k12osn > > > For more info see > > > > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From twolfe at sawback.com Wed Oct 31 21:54:44 2007 From: twolfe at sawback.com (Tom Wolfe) Date: Wed, 31 Oct 2007 17:54:44 -0400 (EDT) Subject: [K12OSN] wine question -- Scholastic READ180 works on server console, not on terminals Message-ID: <20071031174941.Q93941@dyyme.pair.com> I'm getting closer and closer to getting this READ180 business up and running. I moved the program files directory for Scholastic's READ180 suite onto a wine drive and copied over the one dll file that was causing it to hiccup (msvcirt.dll). It runs well from the server console (although I haven't tested it for sound or microphone yet). Which is fantastic. Now I have to get it to run on the terminals. I get an error that likely has to do with the displays: an error saying that "GLX" is missing. Is GLX even possible on the terminals? Here's the output. If anyone would be so kind as to look it over, or refer me to a better place to have this issue resolve, I would appreciate it greatly. [root at srv06 READ180]# wine READ180.exe Xlib: extension "GLX" missing on display "localhost.localdomain:14.0". err:wgl:X11DRV_WineGL_InitOpenglInfo couldn't initialize OpenGL, expect problem s wine: Unhandled page fault on read access to 0x00000048 at address 0x7e33c2d9 (t hread 0012), starting debugger... Unhandled exception: page fault on read access to 0x00000048 in 32-bit code (0x7 e33c2d9). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:7e33c2d9 ESP:0033faac EBP:0033fb24 EFLAGS:00010246( - 00 -RIZP1) EAX:00000000 EBX:7e3a6dec ECX:7c028118 EDX:00000000 ESI:00000000 EDI:00000000 Stack dump: 0x0033faac: 00000000 00000000 00000000 00000000 0x0033fabc: 00000020 00000020 ffffffff 00000002 0x0033facc: 0000111f 00000120 00000000 00000020 0x0033fadc: 00000000 001633ec 001633ec 7e9d0d04 0x0033faec: 00000000 00004f4b 00000000 7e9a0b0f 0x0033fafc: 7e9d8a00 00000000 00000020 00000020 Backtrace: =>1 0x7e33c2d9 X11DRV_GetBitmapBits+0x1c9() in winex11 (0x0033fb24) 2 0x7e97590e GetBitmapBits+0x18e() in gdi32 (0x0033fb84) 3 0x7ea320bc CreateIconFromResourceEx+0x93c() in user32 (0x0033fc24) 4 0x7ea32fe7 in user32 (+0x32fe7) (0x0033fca4) 5 0x7ea33ad8 LoadImageW+0x368() in user32 (0x0033fd44) 6 0x7ea34106 LoadImageA+0x56() in user32 (0x0033fe24) 7 0x7ea345f7 LoadCursorA+0x97() in user32 (0x0033fe54) 8 0x005490c8 in read180 (+0x1490c8) (0x0033ff08) 9 0x7ee58a1e in kernel32 (+0x58a1e) (0x0033ffe8) 10 0xf7eb6717 wine_switch_to_stack+0x17() in libwine.so.1 (0x00000000) 0x7e33c2d9 X11DRV_GetBitmapBits+0x1c9 in winex11: call *0x48(%eax) Modules: Module Address Debug info Name (76 modules) ELF 101000- 181000 Deferred libfreetype.so.6 ELF 25b000- 272000 Deferred libnsl.so.1 ELF 2dd000- 2f0000 Deferred libresolv.so.2 ELF 348000- 369000 Deferred libexpat.so.0 PE 400000- 5b1000 Export read180 ELF 5cf000- 6d1000 Deferred libx11.so.6 ELF 6d3000- 6e3000 Deferred libxext.so.6 ELF 6e5000- 6ea000 Deferred libxfixes.so.3 ELF 6ec000- 6f5000 Deferred libxrender.so.1 ELF 6f7000- 6fa000 Deferred libxinerama.so.1 ELF 6fc000- 706000 Deferred libxcursor.so.1 ELF 708000- 70c000 Deferred libxrandr.so.2 ELF aa3000- abe000 Deferred ld-linux.so.2 ELF ac0000- bfd000 Deferred libc.so.6 ELF bff000- c2d000 Deferred libcrypt.so.1 ELF bff000- c2d000 Deferred libcrypt.so.1 ELF bff000- c2d000 Deferred libcrypt.so.1 ELF c2e000- c45000 Deferred libpthread.so.0 ELF d4b000- d51000 Deferred libxdmcp.so.6 ELF d53000- d56000 Deferred libxau.so.6 ELF d6a000- d7d000 Deferred libz.so.1 ELF dc2000- df1000 Deferred libfontconfig.so.1 PE 12000000-12260000 Deferred xerces-c_2_4_0 PE 607c0000-607d1000 Deferred msvcirt ELF 7bf00000-7bf03000 Deferred ELF 7e0f0000-7e124000 Deferred uxtheme \-PE 7e100000-7e124000 \ uxtheme ELF 7e124000-7e139000 Deferred midimap \-PE 7e130000-7e139000 \ midimap ELF 7e139000-7e161000 Deferred msacm32 \-PE 7e140000-7e161000 \ msacm32 ELF 7e178000-7e1cd000 Deferred libgcrypt.so.11 ELF 7e1fb000-7e278000 Deferred libgnutls.so.13 ELF 7e278000-7e2ae000 Deferred libcups.so.2 ELF 7e2b7000-7e2cf000 Deferred msacm32 \-PE 7e2c0000-7e2cf000 \ msacm32 ELF 7e2e6000-7e2ea000 Deferred libgpg-error.so.0 ELF 7e2ff000-7e31c000 Deferred imm32 \-PE 7e310000-7e31c000 \ imm32 ELF 7e31c000-7e3b0000 Export winex11 \-PE 7e330000-7e3b0000 \ winex11 ELF 7e4a1000-7e4ed000 Deferred dbghelp \-PE 7e4b0000-7e4ed000 \ dbghelp ELF 7e4ed000-7e51b000 Deferred ws2_32 \-PE 7e500000-7e51b000 \ ws2_32 ELF 7e51b000-7e5e0000 Deferred comctl32 \-PE 7e520000-7e5e0000 \ comctl32 ELF 7e5e0000-7e673000 Deferred winmm \-PE 7e5f0000-7e673000 \ winmm ELF 7e78b000-7e7e1000 Deferred ddraw \-PE 7e790000-7e7e1000 \ ddraw ELF 7e800000-7e815000 Deferred psapi \-PE 7e810000-7e815000 \ psapi ELF 7e815000-7e86e000 Deferred rpcrt4 \-PE 7e820000-7e86e000 \ rpcrt4 ELF 7e86e000-7e916000 Deferred ole32 \-PE 7e880000-7e916000 \ ole32 ELF 7e916000-7e94a000 Deferred winspool \-PE 7e920000-7e94a000 \ winspool ELF 7e94a000-7e9e9000 Export gdi32 \-PE 7e960000-7e9e9000 \ gdi32 ELF 7e9e9000-7eb35000 Export user32 \-PE 7ea00000-7eb35000 \ user32 ELF 7eb35000-7eb9f000 Deferred msvcrt \-PE 7eb40000-7eb9f000 \ msvcrt ELF 7eb9f000-7ebe8000 Deferred advapi32 \-PE 7ebb0000-7ebe8000 \ advapi32 ELF 7ede8000-7ef1b000 Export kernel32 \-PE 7ee00000-7ef1b000 \ kernel32 ELF 7ef44000-7ef63000 Deferred iphlpapi \-PE 7ef50000-7ef63000 \ iphlpapi ELF 7ef63000-7f000000 Deferred ntdll \-PE 7ef80000-7f000000 \ ntdll ELF f7d50000-f7d55000 Deferred libxxf86vm.so.1 ELF f7eaf000-f7fc1000 Export libwine.so.1 ELF f7fc5000-f7fd0000 Deferred libnss_files.so.2 Threads: process tid prio (all id:s are in hex) 0000000f (D) T:\READ180\READ180.exe 00000012 0 <== 00000021 00000023 0 00000022 0 0000000a 0000000c 0 0000000b 0 [root at srv06 READ180]# [root at srv06 READ180]# Regards, Tom Wolfe --- Tom Wolfe, IT Specialist twolfe at sawback.com Stoney Educational Authority tel: (403) 881-2650 Box 238, Morley AB, T0L 1N0 fax: (403) 881-2793 Morley Community School | Chief Jacob Bearspaw School | Ta-otha School From peter at scheie.homedns.org Wed Oct 31 23:39:56 2007 From: peter at scheie.homedns.org (Peter Scheie) Date: Wed, 31 Oct 2007 18:39:56 -0500 Subject: [K12OSN] VNC Setup Script In-Reply-To: <4728DD13.7070601@honeygroveisd.net> References: <4728DD13.7070601@honeygroveisd.net> Message-ID: <4729124C.4000708@scheie.homedns.org> Try installing the vnc-ltsp-config rpm file from your K12LTSP installation (or download it from the web). You'll need to have the vnc-server package already installed first. Peter Mark Cockrell wrote: > One of my favorite things about the default k12LTSP setup is the way it > integrates VNC so smoothly. Is there a script somewhere I can use on my > non-K12LTSP servers (Fedora Core and CentOS) that would create the same > results? I'm sure I could search Google and find out how to do it, but > since it's already been done so well, I thought I'd just ask here first. >