From jkinney at localnetsolutions.com Tue Jul 1 02:25:36 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Tue, 01 Jul 2008 02:25:36 +0000 Subject: [K12OSN] nic bonding -what mode are you using In-Reply-To: <1214746039.14056.7.camel@localhost.localdomain> References: <1214746039.14056.7.camel@localhost.localdomain> Message-ID: <1214879136.5604.896.camel@merlin.localnetsolutions.com> The mode used depends on the need and the hardware. Some nics can't handle having the MAC changed without a reset so that will cause problems. Some modes require switches to support the bond type. Because the outbound traffic (server to clients) is higest, I have used TLB - mode 5 - with switches that do not support link aggregation. For the ones that do support it (also known as IEEE 802.3ad) I use mode 4. I also use a miimon value of 100 so every 100 milliseconds the system polls for link status and will fail-over to another in the bond if the tested one is no longer connected. I do not know if the missing port becomes active again if the process will reattach back to the bond. Something else to test... mode= ? Specifies one of four policies allowed for the bonding module. Acceptable values for this parameter are: * 0 ? Sets a round-robin policy for fault tolerance and load balancing. Transmissions are received and sent out sequentially on each bonded slave interface beginning with the first one available. * 1 ? Sets an active-backup policy for fault tolerance. Transmissions are received and sent out via the first available bonded slave interface. Another bonded slave interface is only used if the active bonded slave interface fails. * 2 ? Sets an XOR (exclusive-or) policy for fault tolerance and load balancing. Using this method, the interface matches up the incoming request's MAC address with the MAC address for one of the slave NICs. Once this link is established, transmissions are sent out sequentially beginning with the first available interface. * 3 ? Sets a broadcast policy for fault tolerance. All transmissions are sent on all slave interfaces. * 4 ? Sets an IEEE 802.3ad dynamic link aggregation policy. Creates aggregation groups that share the same speed and duplex settings. Transmits and receives on all slaves in the active aggregator. Requires a switch that is 802.3ad compliant. * 5 ? Sets a Transmit Load Balancing (TLB) policy for fault tolerance and load balancing. The outgoing traffic is distributed according to the current load on each slave interface. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed slave. * 6 ? Sets an Active Load Balancing (ALB) policy for fault tolerance and load balancing. Includes transmit and receive load balancing for IPV4 traffic. Receive load balancing is achieved through ARP negotiation. Shamelessly copied from : http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/ref-guide/s1-modules-ethernet.html#S2-MODULES-BONDING On Sun, 2008-06-29 at 08:27 -0500, Barry R Cisna wrote: > Hello All, > > Could we get some postings on what nic bonding mode people here are > using in the k12ltsp enviornment along with what nics and what kinda > gotchas you run into when setting up your particular bonding scheme? > Etherchannell or IEEE802.3ad. > Just curious. Maybe also post if you done any actual throughput > tests,even if very primitive. What kind of switches you use,and what you > done to the switches config to enhance your bonding setup. I read a post > sometime back someone had six nics per server bonded! Talk about super > geekie,,:) > > Take Care, > Barry Cisna > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From robark at gmail.com Tue Jul 1 03:57:53 2008 From: robark at gmail.com (Robert Arkiletian) Date: Mon, 30 Jun 2008 20:57:53 -0700 Subject: [K12OSN] nic bonding -what mode are you using In-Reply-To: <4868FF5D.6080504@paasda.org> References: <1214746039.14056.7.camel@localhost.localdomain> <4868FF5D.6080504@paasda.org> Message-ID: On Mon, Jun 30, 2008 at 8:44 AM, Huck wrote: > I think it was either Nils, Jim, or James... It was Jim Kronebusch. He is no longer in Education. Sigh. But he did give me a link http://www.howtoforge.com/network_bonding_ubuntu_6.10 -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From robark at gmail.com Tue Jul 1 04:19:51 2008 From: robark at gmail.com (Robert Arkiletian) Date: Mon, 30 Jun 2008 21:19:51 -0700 Subject: [K12OSN] nic bonding -what mode are you using In-Reply-To: <1214879136.5604.896.camel@merlin.localnetsolutions.com> References: <1214746039.14056.7.camel@localhost.localdomain> <1214879136.5604.896.camel@merlin.localnetsolutions.com> Message-ID: 2008/6/30 James P. Kinney III : > The mode used depends on the need and the hardware. Some nics can't > handle having the MAC changed without a reset so that will cause > problems. Some modes require switches to support the bond type. Because > the outbound traffic (server to clients) is higest, I have used TLB - > mode 5 - with switches that do not support link aggregation. For the > ones that do support it (also known as IEEE 802.3ad) I use mode 4. I Have you seen an actual improvement in throughput with something like iptraf using mode 5? -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ C++ GUI tutorial http://www3.telus.net/public/robark/ From rgm at htt-consult.com Tue Jul 1 12:24:00 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Tue, 1 Jul 2008 08:24:00 -0400 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <4864EB51.9060900@gmail.com> References: <4864DEE4.2020809@htt-consult.com> Message-ID: <486A21E0.70607@htt-consult.com> John Lucas wrote: > Robert Moskowitz wrote: >> Re-opened this effort, yet again, now that Centos 5.2 is out and I >> bought a few new drives... >> >> http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ gives: >> >> The connection has timed out >> >> The server at www.vcsvikings.org is taking too long to respond. >> >> >> ====================== >> >> Can someone point me to a working site for the docs? >> > > No, I don't have those docs, but I have some of my own that work for > CentOS 5.1 and 5.0: > > http://fossvi.googlepages.com/centos-5.x-smbldap-fix Thanks for this pointer. I want to point out some problems I have had so far.... First was this written for installer 4.0 (current) or 3.1? As 4.0 came out in April. For system dependencies you say: pre-install all package dependencies (may use smbldap-prep.sh) I cannot find any such script. Not in installer 4.0 or even 3.1. Fortunately at the end of your docs you actually list the rpms installed. Some of these were all ready on my system. But I cannot find: perl-Net-LDAP thanks! From rgm at htt-consult.com Tue Jul 1 12:27:05 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Tue, 1 Jul 2008 08:27:05 -0400 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: References: <4864DEE4.2020809@htt-consult.com> Message-ID: <486A2299.5010008@htt-consult.com> David Trask wrote: > As I reported earlier, my web server crashed....but thanks to the Way Back > Machine I was able to find a cached copy and was able to replicate the > wiki in a few hours and post it on the Ubuntu Wiki site > https://wiki.ubuntu.com/SmbLdapInstaller This is where the docs will > live from now on. :-) Hope that helps! Well now I've got it. Getting the dependencies down for Centos 5.x is a challenge, as I noted on the prior message. One thing I have for you so far is on https://wiki.ubuntu.com/SmbLdapInstaller you state: "(as of this writing 07-12-06...version 5 rc1 is the latest...the new smbldap-installer will be released this week we hope)" Perhaps this calls for a bit of an update? From jkinney at localnetsolutions.com Tue Jul 1 12:28:06 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Tue, 01 Jul 2008 12:28:06 +0000 Subject: [K12OSN] nic bonding -what mode are you using In-Reply-To: References: <1214746039.14056.7.camel@localhost.localdomain> <1214879136.5604.896.camel@merlin.localnetsolutions.com> Message-ID: <1214915286.5604.903.camel@merlin.localnetsolutions.com> On Mon, 2008-06-30 at 21:19 -0700, Robert Arkiletian wrote: > 2008/6/30 James P. Kinney III : > > The mode used depends on the need and the hardware. Some nics can't > > handle having the MAC changed without a reset so that will cause > > problems. Some modes require switches to support the bond type. Because > > the outbound traffic (server to clients) is higest, I have used TLB - > > mode 5 - with switches that do not support link aggregation. For the > > ones that do support it (also known as IEEE 802.3ad) I use mode 4. I > > Have you seen an actual improvement in throughput with something like > iptraf using mode 5? As compared to using a single 1G nic, yes! I used 4 bonded nics in mode 5 for the APS project. The switches supported 802.3ad but that was not known at the start (and we didn't want to have to configure those as well). We wound up useing the 802.3ad on one school because of layout. We were able to trunk 2 lines between two switches as one server was split between 2 distant location. This provided 1/2 the bandwidth out to 1/2 the client load. The other 1/2 of the client load was connected directly to the first switch. I did run a brief bandwidth test but the data was useless as both ends would need to be bonded. I did not have another machine to run the test with that was suitable. So I don't have numbers. :( > > -- > Robert Arkiletian > Eric Hamber Secondary, Vancouver, Canada > Fl_TeacherTool http://www3.telus.net/public/robark/Fl_TeacherTool/ > C++ GUI tutorial http://www3.telus.net/public/robark/ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From rgm at htt-consult.com Tue Jul 1 12:33:20 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Tue, 1 Jul 2008 08:33:20 -0400 Subject: [K12OSN] Where is Samba Console these days? In-Reply-To: References: <4864DEE4.2020809@htt-consult.com> Message-ID: <486A2410.7080600@htt-consult.com> On http://majen.net/smbldap/ the section about Pretty-Clicky says to get Samba Console at http://imc.sourceforge.net/samba-console.html no such place: An error has been encountered in accessing this page. 1. *Server:* imc.sourceforge.net 2. *URL path:* /samba-console.html 3. *Error notes:* File does not exist: /home/groups/i/im/imc/htdocs/samba-console.html And when I try to go to just imc.sourceforge.net I get: You may takeover this project by contacting an admin . So obviously things have moved. But to where???? From sonjag at comcast.net Tue Jul 1 13:37:22 2008 From: sonjag at comcast.net (sonjag at comcast.net) Date: Tue, 01 Jul 2008 13:37:22 +0000 Subject: [K12OSN] Samba/LDAP Installer docs down Message-ID: <070120081337.3877.486A33120005BE2400000F252206424413090E0602019C@comcast.net> Thanks David!! Sonja -------------- Original message ---------------------- From: "David Trask" > As I reported earlier, my web server crashed....but thanks to the Way Back > Machine I was able to find a cached copy and was able to replicate the > wiki in a few hours and post it on the Ubuntu Wiki site > https://wiki.ubuntu.com/SmbLdapInstaller This is where the docs will > live from now on. :-) Hope that helps! > > > "Support list for open source software in schools." > writes: > >Re-opened this effort, yet again, now that Centos 5.2 is out and I > >bought a few new drives... > > > >http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ gives: > > > >The connection has timed out > > > >The server at www.vcsvikings.org is taking too long to respond. > > > > > >====================== > > > >Can someone point me to a working site for the docs? > > > > > >_______________________________________________ > >K12OSN mailing list > >K12OSN at redhat.com > >https://www.redhat.com/mailman/listinfo/k12osn > >For more info see > > > > David N. Trask > Technology Teacher/Director > Vassalboro Community School > dtrask at vcsvikings.org > (207)923-3100 > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From mrjohnlucas at gmail.com Tue Jul 1 13:55:20 2008 From: mrjohnlucas at gmail.com (John Lucas) Date: Tue, 01 Jul 2008 09:55:20 -0400 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <486A21E0.70607@htt-consult.com> References: <4864DEE4.2020809@htt-consult.com> <486A21E0.70607@htt-consult.com> Message-ID: <486A3748.10006@gmail.com> Robert Moskowitz wrote: > > > John Lucas wrote: >> Robert Moskowitz wrote: >>> Re-opened this effort, yet again, now that Centos 5.2 is out and I >>> bought a few new drives... >>> >>> http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ gives: >>> >>> The connection has timed out >>> >>> The server at www.vcsvikings.org is taking too long to respond. >>> >>> >>> ====================== >>> >>> Can someone point me to a working site for the docs? >>> >> >> No, I don't have those docs, but I have some of my own that work for >> CentOS 5.1 and 5.0: >> >> http://fossvi.googlepages.com/centos-5.x-smbldap-fix > Thanks for this pointer. I want to point out some problems I have had > so far.... > > First was this written for installer 4.0 (current) or 3.1? As 4.0 came > out in April. > It was likely v3.1, it was current when I wrote it up. I'm not at home right now so I can't check. > For system dependencies you say: > > pre-install all package dependencies (may use smbldap-prep.sh) > > I cannot find any such script. Not in installer 4.0 or even 3.1. > That script is not part of the installer, it is a one-liner I wrote and there is now a link to it in the text of the web page. Basically you prepend "yum install" to the list of dependencies. -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From rgm at htt-consult.com Tue Jul 1 14:00:47 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Tue, 1 Jul 2008 10:00:47 -0400 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <486A3748.10006@gmail.com> References: <4864DEE4.2020809@htt-consult.com> Message-ID: <486A388F.50809@htt-consult.com> John Lucas wrote: > Robert Moskowitz wrote: >> >> >> John Lucas wrote: >>> Robert Moskowitz wrote: >>>> Re-opened this effort, yet again, now that Centos 5.2 is out and I >>>> bought a few new drives... >>>> >>>> http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ gives: >>>> >>>> The connection has timed out >>>> >>>> The server at www.vcsvikings.org is taking too long to respond. >>>> >>>> >>>> ====================== >>>> >>>> Can someone point me to a working site for the docs? >>>> >>> >>> No, I don't have those docs, but I have some of my own that work for >>> CentOS 5.1 and 5.0: >>> >>> http://fossvi.googlepages.com/centos-5.x-smbldap-fix >> Thanks for this pointer. I want to point out some problems I have >> had so far.... >> >> First was this written for installer 4.0 (current) or 3.1? As 4.0 >> came out in April. >> > > It was likely v3.1, it was current when I wrote it up. I'm not at home > right now so I can't check. > >> For system dependencies you say: >> >> pre-install all package dependencies (may use smbldap-prep.sh) >> > >> I cannot find any such script. Not in installer 4.0 or even 3.1. >> > > That script is not part of the installer, it is a one-liner I wrote > and there is now a link to it in the text of the web page. Basically > you prepend "yum install" to the list of dependencies. Basically what I did from your list. But where is perl-Net-LDAP? From dhuckaby at paasda.org Tue Jul 1 14:31:32 2008 From: dhuckaby at paasda.org (Huck) Date: Tue, 01 Jul 2008 07:31:32 -0700 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <486A388F.50809@htt-consult.com> References: <4864DEE4.2020809@htt-consult.com> <486A388F.50809@htt-consult.com> Message-ID: <486A3FC4.3030703@paasda.org> use CPAN to get pretty much anything perl... I've forgotten the syntax, but it was something like: perl -CPAN -e 'perl-Net-LDAP' something like that...it's been a while... Robert Moskowitz wrote: > John Lucas wrote: >> Robert Moskowitz wrote: >>> >>> >>> John Lucas wrote: >>>> Robert Moskowitz wrote: >>>>> Re-opened this effort, yet again, now that Centos 5.2 is out and I >>>>> bought a few new drives... >>>>> >>>>> http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ gives: >>>>> >>>>> The connection has timed out >>>>> >>>>> The server at www.vcsvikings.org is taking too long to respond. >>>>> >>>>> >>>>> ====================== >>>>> >>>>> Can someone point me to a working site for the docs? >>>>> >>>> >>>> No, I don't have those docs, but I have some of my own that work for >>>> CentOS 5.1 and 5.0: >>>> >>>> http://fossvi.googlepages.com/centos-5.x-smbldap-fix >>> Thanks for this pointer. I want to point out some problems I have >>> had so far.... >>> >>> First was this written for installer 4.0 (current) or 3.1? As 4.0 >>> came out in April. >>> >> >> It was likely v3.1, it was current when I wrote it up. I'm not at home >> right now so I can't check. >> >>> For system dependencies you say: >>> >>> pre-install all package dependencies (may use smbldap-prep.sh) >>> >> >>> I cannot find any such script. Not in installer 4.0 or even 3.1. >>> >> >> That script is not part of the installer, it is a one-liner I wrote >> and there is now a link to it in the text of the web page. Basically >> you prepend "yum install" to the list of dependencies. > Basically what I did from your list. > > But where is perl-Net-LDAP? > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From rgm at htt-consult.com Tue Jul 1 14:59:53 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Tue, 1 Jul 2008 10:59:53 -0400 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <486A3FC4.3030703@paasda.org> References: <4864DEE4.2020809@htt-consult.com> Message-ID: <486A4669.5040606@htt-consult.com> Huck wrote: > use CPAN to get pretty much anything perl... > > I've forgotten the syntax, but it was something like: > > perl -CPAN -e 'perl-Net-LDAP' > > something like that...it's been a while... Been a long while for me with CPAN. I'd rather have an rpm if possible. > > Robert Moskowitz wrote: >> John Lucas wrote: >>> Robert Moskowitz wrote: >>>> >>>> >>>> John Lucas wrote: >>>>> Robert Moskowitz wrote: >>>>>> Re-opened this effort, yet again, now that Centos 5.2 is out and >>>>>> I bought a few new drives... >>>>>> >>>>>> http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ gives: >>>>>> >>>>>> The connection has timed out >>>>>> >>>>>> The server at www.vcsvikings.org is taking too long to respond. >>>>>> >>>>>> >>>>>> ====================== >>>>>> >>>>>> Can someone point me to a working site for the docs? >>>>>> >>>>> >>>>> No, I don't have those docs, but I have some of my own that work >>>>> for CentOS 5.1 and 5.0: >>>>> >>>>> http://fossvi.googlepages.com/centos-5.x-smbldap-fix >>>> Thanks for this pointer. I want to point out some problems I have >>>> had so far.... >>>> >>>> First was this written for installer 4.0 (current) or 3.1? As 4.0 >>>> came out in April. >>>> >>> >>> It was likely v3.1, it was current when I wrote it up. I'm not at >>> home right now so I can't check. >>> >>>> For system dependencies you say: >>>> >>>> pre-install all package dependencies (may use smbldap-prep.sh) >>>> >>> >>>> I cannot find any such script. Not in installer 4.0 or even 3.1. >>>> >>> >>> That script is not part of the installer, it is a one-liner I wrote >>> and there is now a link to it in the text of the web page. Basically >>> you prepend "yum install" to the list of dependencies. >> Basically what I did from your list. >> >> But where is perl-Net-LDAP? >> >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From monteslu at cox.net Tue Jul 1 21:52:54 2008 From: monteslu at cox.net (monteslu at cox.net) Date: Tue, 1 Jul 2008 17:52:54 -0400 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <486A4669.5040606@htt-consult.com> Message-ID: <20080701175254.ZKKAD.462410.imail@fed1rmwml38> Not sure it fulfills all the requirements, but on Centos 5.x you can do a "yum install perl-LDAP" Maybe the same thing as perl-Net-LDAP ? Luis ---- Robert Moskowitz wrote: > Huck wrote: > > use CPAN to get pretty much anything perl... > > > > I've forgotten the syntax, but it was something like: > > > > perl -CPAN -e 'perl-Net-LDAP' > > > > something like that...it's been a while... > Been a long while for me with CPAN. I'd rather have an rpm if possible. > > > > Robert Moskowitz wrote: > >> John Lucas wrote: > >>> Robert Moskowitz wrote: > >>>> > >>>> > >>>> John Lucas wrote: > >>>>> Robert Moskowitz wrote: > >>>>>> Re-opened this effort, yet again, now that Centos 5.2 is out and > >>>>>> I bought a few new drives... > >>>>>> > >>>>>> http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ gives: > >>>>>> > >>>>>> The connection has timed out > >>>>>> > >>>>>> The server at www.vcsvikings.org is taking too long to respond. > >>>>>> > >>>>>> > >>>>>> ====================== > >>>>>> > >>>>>> Can someone point me to a working site for the docs? > >>>>>> > >>>>> > >>>>> No, I don't have those docs, but I have some of my own that work > >>>>> for CentOS 5.1 and 5.0: > >>>>> > >>>>> http://fossvi.googlepages.com/centos-5.x-smbldap-fix > >>>> Thanks for this pointer. I want to point out some problems I have > >>>> had so far.... > >>>> > >>>> First was this written for installer 4.0 (current) or 3.1? As 4.0 > >>>> came out in April. > >>>> > >>> > >>> It was likely v3.1, it was current when I wrote it up. I'm not at > >>> home right now so I can't check. > >>> > >>>> For system dependencies you say: > >>>> > >>>> pre-install all package dependencies (may use smbldap-prep.sh) > >>>> > >>> > >>>> I cannot find any such script. Not in installer 4.0 or even 3.1. > >>>> > >>> > >>> That script is not part of the installer, it is a one-liner I wrote > >>> and there is now a link to it in the text of the web page. Basically > >>> you prepend "yum install" to the list of dependencies. > >> Basically what I did from your list. > >> > >> But where is perl-Net-LDAP? > >> > >> > >> _______________________________________________ > >> K12OSN mailing list > >> K12OSN at redhat.com > >> https://www.redhat.com/mailman/listinfo/k12osn > >> For more info see > >> > >> > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From rgm at htt-consult.com Tue Jul 1 22:20:48 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Tue, 1 Jul 2008 18:20:48 -0400 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <20080701175254.ZKKAD.462410.imail@fed1rmwml38> References: <20080701175254.ZKKAD.462410.imail@fed1rmwml38> Message-ID: <486AADC0.3040707@htt-consult.com> monteslu at cox.net wrote: > Not sure it fulfills all the requirements, but on Centos 5.x you can do a "yum install perl-LDAP" > > Maybe the same thing as perl-Net-LDAP ? > In http://fossvi.googlepages.com/centos-5.x-smbldap-fix, both are listed as needed. I already have perl-LDAP installed. I believe I still need perl-Net-LDAP. I have asked on the rpmforge list about it. > ---- Robert Moskowitz wrote: > >> Huck wrote: >> >>> use CPAN to get pretty much anything perl... >>> >>> I've forgotten the syntax, but it was something like: >>> >>> perl -CPAN -e 'perl-Net-LDAP' >>> >>> something like that...it's been a while... >>> >> Been a long while for me with CPAN. I'd rather have an rpm if possible. >> >>> Robert Moskowitz wrote: >>> >>>> John Lucas wrote: >>>> >>>>> Robert Moskowitz wrote: >>>>> >>>>>> John Lucas wrote: >>>>>> >>>>>>> Robert Moskowitz wrote: >>>>>>> >>>>>>>> Re-opened this effort, yet again, now that Centos 5.2 is out and >>>>>>>> I bought a few new drives... >>>>>>>> >>>>>>>> http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ gives: >>>>>>>> >>>>>>>> The connection has timed out >>>>>>>> >>>>>>>> The server at www.vcsvikings.org is taking too long to respond. >>>>>>>> >>>>>>>> >>>>>>>> ====================== >>>>>>>> >>>>>>>> Can someone point me to a working site for the docs? >>>>>>>> >>>>>>>> >>>>>>> No, I don't have those docs, but I have some of my own that work >>>>>>> for CentOS 5.1 and 5.0: >>>>>>> >>>>>>> http://fossvi.googlepages.com/centos-5.x-smbldap-fix >>>>>>> >>>>>> Thanks for this pointer. I want to point out some problems I have >>>>>> had so far.... >>>>>> >>>>>> First was this written for installer 4.0 (current) or 3.1? As 4.0 >>>>>> came out in April. >>>>>> >>>>>> >>>>> It was likely v3.1, it was current when I wrote it up. I'm not at >>>>> home right now so I can't check. >>>>> >>>>> >>>>>> For system dependencies you say: >>>>>> >>>>>> pre-install all package dependencies (may use smbldap-prep.sh) >>>>>> >>>>>> >>>>>> I cannot find any such script. Not in installer 4.0 or even 3.1. >>>>>> >>>>>> >>>>> That script is not part of the installer, it is a one-liner I wrote >>>>> and there is now a link to it in the text of the web page. Basically >>>>> you prepend "yum install" to the list of dependencies. >>>>> >>>> Basically what I did from your list. >>>> >>>> But where is perl-Net-LDAP? >>>> >>>> >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >>>> >>>> >>>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >>> >>> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> > > > From nils at breun.nl Tue Jul 1 22:53:27 2008 From: nils at breun.nl (Nils Breunese) Date: Wed, 2 Jul 2008 00:53:27 +0200 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <486AADC0.3040707@htt-consult.com> References: <20080701175254.ZKKAD.462410.imail@fed1rmwml38> <486AADC0.3040707@htt-consult.com> Message-ID: <22A9A896-9D99-4670-8ED7-65FD8EAF84D0@breun.nl> Robert Moskowitz wrote: > monteslu at cox.net wrote: >> Not sure it fulfills all the requirements, but on Centos 5.x you >> can do a "yum install perl-LDAP" >> >> Maybe the same thing as perl-Net-LDAP ? >> > > In http://fossvi.googlepages.com/centos-5.x-smbldap-fix, both are > listed as needed. The perl-LDAP package should suffice as it provides perl(Net::LDAP). # rpm -q --provides perl-LDAP perl(Bundle::Net::LDAP) = 0.02 perl(LWP::Protocol::ldap) = 1.10 perl(Net::LDAP) = 0.33 perl(Net::LDAP::ASN) = 0.03 perl(Net::LDAP::Bind) = 1.02 perl(Net::LDAP::Constant) = 0.04 perl(Net::LDAP::Control) = 0.05 perl(Net::LDAP::Control::EntryChange) = 0.01 perl(Net::LDAP::Control::ManageDsaIT) = 0.01 perl(Net::LDAP::Control::Paged) = 0.02 perl(Net::LDAP::Control::PersistentSearch) = 0.01 perl(Net::LDAP::Control::ProxyAuth) = 1.05 perl(Net::LDAP::Control::Sort) = 0.02 perl(Net::LDAP::Control::SortResult) = 0.01 perl(Net::LDAP::Control::VLV) = 0.03 perl(Net::LDAP::Control::VLVResponse) = 0.03 perl(Net::LDAP::DSML) = 0.12 perl(Net::LDAP::DSML::output) perl(Net::LDAP::DSML::pp) perl(Net::LDAP::Entry) = 0.22 perl(Net::LDAP::Extension) = 1.01 perl(Net::LDAP::Extension::SetPassword) = 0.02 perl(Net::LDAP::Extension::WhoAmI) = 0.01 perl(Net::LDAP::Extra) = 0.01 perl(Net::LDAP::Filter) = 0.14 perl(Net::LDAP::LDIF) = 0.16 perl(Net::LDAP::Message) = 1.08 perl(Net::LDAP::Message::Dummy) perl(Net::LDAP::Reference) perl(Net::LDAP::RootDSE) = 0.01 perl(Net::LDAP::Schema) = 0.9903 perl(Net::LDAP::Search) = 0.10 perl(Net::LDAP::Util) = 0.10 perl(Net::LDAPI) perl(Net::LDAPS) perl-LDAP = 1:0.33-3.fc6 Nils Breunese. From rgm at htt-consult.com Tue Jul 1 23:09:51 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Tue, 1 Jul 2008 19:09:51 -0400 Subject: [K12OSN] Samba/LDAP Installer docs down In-Reply-To: <22A9A896-9D99-4670-8ED7-65FD8EAF84D0@breun.nl> References: <20080701175254.ZKKAD.462410.imail@fed1rmwml38> Message-ID: <486AB93F.8000003@htt-consult.com> Nils Breunese wrote: > Robert Moskowitz wrote: > >> monteslu at cox.net wrote: >>> Not sure it fulfills all the requirements, but on Centos 5.x you can >>> do a "yum install perl-LDAP" >>> >>> Maybe the same thing as perl-Net-LDAP ? >>> >> >> In http://fossvi.googlepages.com/centos-5.x-smbldap-fix, both are >> listed as needed. > > The perl-LDAP package should suffice as it provides perl(Net::LDAP). > > # rpm -q --provides perl-LDAP > perl(Bundle::Net::LDAP) = 0.02 > perl(LWP::Protocol::ldap) = 1.10 I had looked for perl-Net-LDAP files, like there are perl-Net-SSLeay files and from that ASSuMEd I was still missing something. I ran rpm -q --provides perl-LDAP on my system and got the same results as you, so on with the actual install of smbldap! But first I have to set the IP address to the same as my good-old-NT-server (running since '96) so I can do this as a swapout! This requires a bit of double NATing (says the author of RFC 1918 :) ). Thanks for pointing this out to me. > perl(Net::LDAP) = 0.33 > perl(Net::LDAP::ASN) = 0.03 > perl(Net::LDAP::Bind) = 1.02 > perl(Net::LDAP::Constant) = 0.04 > perl(Net::LDAP::Control) = 0.05 > perl(Net::LDAP::Control::EntryChange) = 0.01 > perl(Net::LDAP::Control::ManageDsaIT) = 0.01 > perl(Net::LDAP::Control::Paged) = 0.02 > perl(Net::LDAP::Control::PersistentSearch) = 0.01 > perl(Net::LDAP::Control::ProxyAuth) = 1.05 > perl(Net::LDAP::Control::Sort) = 0.02 > perl(Net::LDAP::Control::SortResult) = 0.01 > perl(Net::LDAP::Control::VLV) = 0.03 > perl(Net::LDAP::Control::VLVResponse) = 0.03 > perl(Net::LDAP::DSML) = 0.12 > perl(Net::LDAP::DSML::output) > perl(Net::LDAP::DSML::pp) > perl(Net::LDAP::Entry) = 0.22 > perl(Net::LDAP::Extension) = 1.01 > perl(Net::LDAP::Extension::SetPassword) = 0.02 > perl(Net::LDAP::Extension::WhoAmI) = 0.01 > perl(Net::LDAP::Extra) = 0.01 > perl(Net::LDAP::Filter) = 0.14 > perl(Net::LDAP::LDIF) = 0.16 > perl(Net::LDAP::Message) = 1.08 > perl(Net::LDAP::Message::Dummy) > perl(Net::LDAP::Reference) > perl(Net::LDAP::RootDSE) = 0.01 > perl(Net::LDAP::Schema) = 0.9903 > perl(Net::LDAP::Search) = 0.10 > perl(Net::LDAP::Util) = 0.10 > perl(Net::LDAPI) > perl(Net::LDAPS) > perl-LDAP = 1:0.33-3.fc6 From dtrask at vcsvikings.org Wed Jul 2 12:34:57 2008 From: dtrask at vcsvikings.org (David Trask) Date: Wed, 02 Jul 2008 08:34:57 -0400 Subject: [K12OSN] FOSSED 2008 at Governor's Academy! Educators and developers come together! Message-ID: Spread this message far and wide! Register soon! Please register this week....I need to get the count as soon as possible! Hi all, I'm pleased to announce the 2008 edition of FOSSED (Free and Open Source Software in Education) at Governor's Academy in Byfield, MA on August 3-6, 2008. FOSSED has been in existence for 6 years providing incredible professional development opportunities for educators and techies from all over North America. The original FOSSED held each year at Gould Academy in Bethel, Maine has been a smashing success and has featured such notable FOSS celebrities as Jim McQuillan (founder of LTSP), Jon "Maddog" Hall, Warren Togami (founder of Fedora), and many more. For the past two years we've expanded FOSSED to another conference held at the University of New Hampshire (UNH). This year we're simply moving a little further south to the beautiful campus of Governors Academy in Byfield MA. http://www.thegovernorsacademy.org This year we're adding to and changing the focus of FOSSED a bit and giving developers an opportunity to come together, work together, learn and really get a chance to find out what's really going on in the world of FOSS in education. Educators and developers coming together. We're pleased to announce that Walter Bender of SugarLabs.org (read more here: http://www.openeducation.net/2008/06/03/walter-bender-discusses-sugar-labs-foundation/ ) will be one of our keynote speakers for FOSSED 2008. As the conference registrations develop we'll be inviting many more notable folks from the world of FOSS. We'd like to invite you to join us! Bring yourself...bring a team! Participate, present, sprint, or just listen and learn. We'll provide the atmosphere, the time, and the experience...all we need is YOU! We've made it easy for you to attend. One price includes EVERYTHING! Room, meals, and conference....all for one low price. $495 for on-campus and $445 for commuters 3 days of hands on learning, interaction, and more! For more information and to register please visit our site at http://fossed.blogspot.com or if you have questions please feel free to email me at copperdoggy at gmail.com Read more about FOSSED in the October issue of Linux Journal here: http://www.linuxjournal.com/article/9800 Register soon! Got questions? Contact me! --- David Trask FOSSED 2008 Copper Dog Consulting copperdoggy at gmail.com (207) 446-2738 David N. Trask Technology Teacher/Director Vassalboro Community School dtrask at vcsvikings.org (207)923-3100 From lewis at pcc.com Thu Jul 3 15:06:58 2008 From: lewis at pcc.com (Lewis Holcroft) Date: Thu, 3 Jul 2008 11:06:58 -0400 Subject: [K12OSN] Video Driver for Disklessworkstations.com 1220/1225 Message-ID: <4EF76E6B-18B2-4D37-8063-ED6DD356B0BC@pcc.com> I have several of the 1220PXE thin clients from disklessworkstations.com. These devices require that the drivers be updated. Instructions are here referred to here http://www.DisklessWorkstations.Com/web/documentation/LTSP_T-1220.pdf I was wondering it anyone has attempted this on the CeonOS-5 EL version? Is what the outcome? Also if this modification can be made upstream. Thanks Lewis From k12ltsp at hermon.net Thu Jul 3 15:36:10 2008 From: k12ltsp at hermon.net (k12ltsp) Date: Thu, 03 Jul 2008 11:36:10 -0400 Subject: [K12OSN] K12LTSP EL 5 Repo Message-ID: Hi, I'd like to suggest that we make the K12LTSP EL 5 repository available through RSYNC. We have several servers in our district and it would make installations and maitenance much easier if we can maintain our own copy of the LTSP repo. Also, some of the servers have old CD-Rom drives making it hard to install using media (we usually do network installs). The repository currently has all of the other distributions available via rsync, but only the ISO's are available for EL 5. Here is the output: root at ns5 [/repository/centos5]# rsync rsync://k12linux.mesd.k12.or.us/ K12LTSP-apt mirror of the K12LTSP apt repositories (DEPRECATED!) K12LTSP-4.4-i386 K12LTSP 4.4.1 install tree (DEPRECATED!) K12LTSP-4.4.1-all The whole K12LTSP 4.4.1 install tree, updates, and ISOs. (DEPRECATED!) webmin Webmin repository testing experimental rpms K12LTSP-beta development branch of K12LTSP, not intended for production use (not used) K12LTSP-pre pre-release branch of K12LTSP (not used) K12LTSP-5.0.0-32bit K12LTSP 5.0 ISO images, 32bit version (Pentium, Athlon) (3.5G) K12LTSP-5.0.0-64bit K12LTSP 5.0 ISO images, 64bit version (Opteron, EM64T) (3.7G) K12LTSP-5.0.0-32bit-all The whole K12LTSP 5.0 32bit version install tree, updates, and ISOs. (11G) K12LTSP-5.0.0-64bit-all The whole K12LTSP 5.0 64bit version install tree, updates, and ISOs. (12G) K12LTSP-EL K12LTSP "Enterprise" ISO images, 32bit version (Pentium, Athlon) (2.5G) K12LTSP-EL-64bit K12LTSP "Enterprise" ISO images, 64bit version (Opteron, EM64T) (2.7G) K12LTSP-4.2EL-32bit-all The whole K12LTSP 4.2EL 32bit version install tree, updates, and ISOs. (6.3G) K12LTSP-4.2EL-64bit-all The whole K12LTSP 4.2EL 64bit version install tree, updates, and ISOs. (7.5G) K12LTSP Use this if you want to mirror the latest K12LTSP distro (3.8G) K12LTSP-mirror Use this if you want to mirror the latest K12LTSP distro (3.8G) K12Linux-mirror Use this if you want to mirror the latest K12Linux distro (3.8G) K12LTSP-all The whole latest K12LTSP install tree, updates, and ISOs. (14G) K12LTSP-6.0.0-32bit K12LTSP 6.0 ISO images, 32bit version (Pentium, Athlon) (3.8G) K12LTSP-6.0.0-64bit K12LTSP 6.0 ISO images, 64bit version (Opteron, EM64T) (4.3G) K12LTSP-6.0.0-32bit-dvd K12LTSP 6.0 DVD images, 32bit version (Pentium, Athlon) (3.8G) K12LTSP-6.0.0-64bit-dvd K12LTSP 6.0 DVD images, 64bit version (Opteron, EM64T) (4.3G) K12LTSP-6.0.0-32bit-all The whole K12LTSP 6.0 32bit version install tree, updates, and ISOs. (14G) K12LTSP-6.0.0-64bit-all The whole K12LTSP 6.0 64bit version install tree, updates, and ISOs. (16G) K12LTSP-5.0.0-EL-32bit-iso K12LTSP 5.0.0 EL 32bit ISOs. K12LTSP-5.0.0-EL-32bit-dvd K12LTSP 5.0.0 EL 32bit DVDs. K12LTSP-5.0.0-EL-64bit-iso K12LTSP 5.0.0 EL 64bit ISOs. K12LTSP-5.0.0-EL-64bit-dvd K12LTSP 5.0.0 EL 64bit DVDs. live-demo-cd An application demo CD that can be used without installing to your hard drive ~~~~~~~~~~~~~~~~~~~~~~~ Alan Owen Assistant to the Director of Information Services Hermon Information Services/Hermon School Department "Using Technology to Empower All Students to Succeed in a Changing World." ~~~~~~~~~~~~~~~~~~~~~~~ From nils at breun.nl Thu Jul 3 15:36:02 2008 From: nils at breun.nl (Nils Breunese) Date: Thu, 3 Jul 2008 17:36:02 +0200 Subject: [K12OSN] Video Driver for Disklessworkstations.com 1220/1225 In-Reply-To: <4EF76E6B-18B2-4D37-8063-ED6DD356B0BC@pcc.com> References: <4EF76E6B-18B2-4D37-8063-ED6DD356B0BC@pcc.com> Message-ID: <3BBEA754-9C20-4A14-918A-39C766105B36@breun.nl> Lewis Holcroft wrote: > I have several of the 1220PXE thin clients from > disklessworkstations.com. > > These devices require that the drivers be updated. Instructions are > here referred to here http://www.DisklessWorkstations.Com/web/documentation/LTSP_T-1220.pdf > > I was wondering it anyone has attempted this on the CeonOS-5 EL > version? Is what the outcome? Also if this modification can be made > upstream. That document is a bit confusing. It says you need LTSP 4.2 (which is part of K12LTSP 5EL), but also gives instructions on installing a custom driver. Have you tried this client without installing the custom driver? Maybe this is only needed when running LTSP <4.2? Nils Breunese. From henryhartley at westat.com Thu Jul 3 15:41:08 2008 From: henryhartley at westat.com (Henry Hartley) Date: Thu, 3 Jul 2008 11:41:08 -0400 Subject: [K12OSN] Motherboard Manufacturer Recommendations? Message-ID: <403593359CA56C4CAE1F8F4F00DCFE7D07E20924@MAILBE2.westat.com> These days we have such a huge variety of options that we really shouldn't complain. In the "old days" we had to decide what speed Pentium we should get. Before that, there were even fewer choices. So, I want to build a small server. It will be for testing purposes and will probably go to run a handful of thin clients in my home when I'm done. Since I'm paying for it out of my own pocket, price matters. Still, I'm not completely broke yet. So, I think I want to use a dual-core AMD processor but one should be adequate. I know I want room for lots of RAM, although again, this won't be running 20 or 30 stations, just three to five. Since it's for testing, and since the final product WILL be a larger lab, I want to take a step into the 64-bit world. That narrows things down a little but there are still a lot of options. So, a very specific question. Given the above, any motherboard manufacturers you would recommend, either to get or to avoid? If you have a specific model you want to recommend, that would be welcome, of course. The reasoning behind any of your thoughts would be most appreciated, too, of course. -- Henry Hartley From jkinney at localnetsolutions.com Thu Jul 3 20:36:55 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 03 Jul 2008 20:36:55 +0000 Subject: [K12OSN] Motherboard Manufacturer Recommendations? In-Reply-To: <403593359CA56C4CAE1F8F4F00DCFE7D07E20924@MAILBE2.westat.com> References: <403593359CA56C4CAE1F8F4F00DCFE7D07E20924@MAILBE2.westat.com> Message-ID: <1215117415.5604.951.camel@merlin.localnetsolutions.com> The top board maker by far is Tyan. They are not the least expensive nor the most expensive. Their boards are typically designed for heavy server use. The second place in most respects is Asus. They have a larger variety of boards than Tyan and that is tailored more toward the desktop. Many of their models are quite solid and some are really server-duty hardware. SuperMicro is my third choice maker. I only put it after Tyan because I have had a SuperMicro board fail (once) and non of my Tyans have failed (yet). As I have a strong preference for LTSP servers using AMD cpus, I do not use many SM boards as their line is geared more toward Intel. Last and certainly not least of what I will use is Abit. They have a large lineup of quite stable boards that are a good value for the money. I don't expect them to take the constant abuse of a Tyan, and they won't. But when a working Abit board can be bought and replaced twice for the cost of a Tyan board running the same cpu, it boils down to allowable down time. If a failure is OK, I use Abit. If the system MUST WORK and/or parts replacement is impossible because of remoteness, Tyan. Right now a solid system using Athlon X2/Phenom is a very good starter point for a new small server. Go look at the Asus Crosshair II Formula AM@/AM2+ board : http://www.newegg.com/Product/Product.aspx?Item=N82E16813131292 On Thu, 2008-07-03 at 11:41 -0400, Henry Hartley wrote: > These days we have such a huge variety of options that we really > shouldn't complain. In the "old days" we had to decide what speed > Pentium we should get. Before that, there were even fewer choices. So, > I want to build a small server. It will be for testing purposes and > will probably go to run a handful of thin clients in my home when I'm > done. Since I'm paying for it out of my own pocket, price matters. > Still, I'm not completely broke yet. So, I think I want to use a > dual-core AMD processor but one should be adequate. I know I want room > for lots of RAM, although again, this won't be running 20 or 30 > stations, just three to five. Since it's for testing, and since the > final product WILL be a larger lab, I want to take a step into the > 64-bit world. That narrows things down a little but there are still a > lot of options. > > So, a very specific question. Given the above, any motherboard > manufacturers you would recommend, either to get or to avoid? If you > have a specific model you want to recommend, that would be welcome, of > course. The reasoning behind any of your thoughts would be most > appreciated, too, of course. > > -- > Henry Hartley > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From scott at hosef.org Thu Jul 3 21:29:29 2008 From: scott at hosef.org (R. Scott Belford) Date: Thu, 3 Jul 2008 11:29:29 -1000 Subject: [K12OSN] Motherboard Manufacturer Recommendations? In-Reply-To: <1215117415.5604.951.camel@merlin.localnetsolutions.com> References: <403593359CA56C4CAE1F8F4F00DCFE7D07E20924@MAILBE2.westat.com> <1215117415.5604.951.camel@merlin.localnetsolutions.com> Message-ID: Essential dittos to James. My "Monorail" Tyan based PII from 1999 is still a great firewall. I have built all boxes with Tyan mobo's and AMD cpus, until recently. I like Supermicro, alot, and they provide great hardware. Just did a dual quad core 16gb ram box with SuperMicro. (it uses only 400w) For fun boxes, as James said, Abit and Asus rock. Some people give props to Gigabyte, too, but I have no experience with them. --scott On Thu, Jul 3, 2008 at 10:36 AM, James P. Kinney III < jkinney at localnetsolutions.com> wrote: > The top board maker by far is Tyan. They are not the least expensive nor > the most expensive. Their boards are typically designed for heavy server > use. > > The second place in most respects is Asus. They have a larger variety of > boards than Tyan and that is tailored more toward the desktop. Many of > their models are quite solid and some are really server-duty hardware. > > SuperMicro is my third choice maker. I only put it after Tyan because I > have had a SuperMicro board fail (once) and non of my Tyans have failed > (yet). As I have a strong preference for LTSP servers using AMD cpus, I > do not use many SM boards as their line is geared more toward Intel. > > Last and certainly not least of what I will use is Abit. They have a > large lineup of quite stable boards that are a good value for the money. > I don't expect them to take the constant abuse of a Tyan, and they > won't. But when a working Abit board can be bought and replaced twice > for the cost of a Tyan board running the same cpu, it boils down to > allowable down time. If a failure is OK, I use Abit. If the system MUST > WORK and/or parts replacement is impossible because of remoteness, Tyan. > > Right now a solid system using Athlon X2/Phenom is a very good starter > point for a new small server. Go look at the Asus Crosshair II Formula > AM@/AM2+ board : > http://www.newegg.com/Product/Product.aspx?Item=N82E16813131292 > > On Thu, 2008-07-03 at 11:41 -0400, Henry Hartley wrote: > > These days we have such a huge variety of options that we really > > shouldn't complain. In the "old days" we had to decide what speed > > Pentium we should get. Before that, there were even fewer choices. So, > > I want to build a small server. It will be for testing purposes and > > will probably go to run a handful of thin clients in my home when I'm > > done. Since I'm paying for it out of my own pocket, price matters. > > Still, I'm not completely broke yet. So, I think I want to use a > > dual-core AMD processor but one should be adequate. I know I want room > > for lots of RAM, although again, this won't be running 20 or 30 > > stations, just three to five. Since it's for testing, and since the > > final product WILL be a larger lab, I want to take a step into the > > 64-bit world. That narrows things down a little but there are still a > > lot of options. > > > > So, a very specific question. Given the above, any motherboard > > manufacturers you would recommend, either to get or to avoid? If you > > have a specific model you want to recommend, that would be welcome, of > > course. The reasoning behind any of your thoughts would be most > > appreciated, too, of course. > > > > -- > > Henry Hartley > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > -- > James P. Kinney III > CEO & Director of Engineering > Local Net Solutions,LLC > http://www.localnetsolutions.com > > GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) > > Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From microman at cmosnetworks.com Fri Jul 4 06:25:34 2008 From: microman at cmosnetworks.com (=?UTF-8?B?IlRlcnJlbGwgUHJ1ZMOpIEpyLiI=?=) Date: Fri, 04 Jul 2008 02:25:34 -0400 Subject: [K12OSN] Motherboard Manufacturer Recommendations? In-Reply-To: References: <403593359CA56C4CAE1F8F4F00DCFE7D07E20924@MAILBE2.westat.com> <1215117415.5604.951.camel@merlin.localnetsolutions.com> Message-ID: <486DC25E.7030001@cmosnetworks.com> Whatever you get, be sure it's a Socket AM2+, not just AM2. AM2+ will support the new tri- and quad-core Phenoms. Yes, I know AMD says they're supported on Socket AM2, too, but it requires an updated BIOS. A recent Tom's Hardware article showed that mobo makers don't really want to do that (only ASUS worked). So start with AM2+ from the get-go, and you should be fine. My experience with Tyan is likewise stellar, and I'd recommend one of their mobos any day. That's where Penguin Computing sources their mobos, and for a reason. My demo LTSP server runs a dual-Athlon Tyan Tiger MPX (S2466). Still rockin'. During the Socket 7 days, their S1590S Trinity motherboard (with AMD K6-2) was my mobo of choice, and they've never broken on me. I've also had good luck with MSI's dual Athlon boards, so I'd imagine their newer AMD64 boards are also good. --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! R. Scott Belford wrote: > Essential dittos to James. My "Monorail" Tyan based PII from 1999 is > still a great firewall. I have built all boxes with Tyan mobo's and > AMD cpus, until recently. I like Supermicro, alot, and they provide > great hardware. Just did a dual quad core 16gb ram box with > SuperMicro. (it uses only 400w) For fun boxes, as James said, Abit > and Asus rock. Some people give props to Gigabyte, too, but I have no > experience with them. > > --scott > > On Thu, Jul 3, 2008 at 10:36 AM, James P. Kinney III > > > wrote: > > The top board maker by far is Tyan. They are not the least > expensive nor > the most expensive. Their boards are typically designed for heavy > server > use. > > The second place in most respects is Asus. They have a larger > variety of > boards than Tyan and that is tailored more toward the desktop. Many of > their models are quite solid and some are really server-duty hardware. > > SuperMicro is my third choice maker. I only put it after Tyan > because I > have had a SuperMicro board fail (once) and non of my Tyans have > failed > (yet). As I have a strong preference for LTSP servers using AMD > cpus, I > do not use many SM boards as their line is geared more toward Intel. > > Last and certainly not least of what I will use is Abit. They have a > large lineup of quite stable boards that are a good value for the > money. > I don't expect them to take the constant abuse of a Tyan, and they > won't. But when a working Abit board can be bought and replaced twice > for the cost of a Tyan board running the same cpu, it boils down to > allowable down time. If a failure is OK, I use Abit. If the system > MUST > WORK and/or parts replacement is impossible because of remoteness, > Tyan. > > Right now a solid system using Athlon X2/Phenom is a very good starter > point for a new small server. Go look at the Asus Crosshair II Formula > AM@/AM2+ board : > http://www.newegg.com/Product/Product.aspx?Item=N82E16813131292 > > On Thu, 2008-07-03 at 11:41 -0400, Henry Hartley wrote: > > These days we have such a huge variety of options that we really > > shouldn't complain. In the "old days" we had to decide what speed > > Pentium we should get. Before that, there were even fewer > choices. So, > > I want to build a small server. It will be for testing purposes and > > will probably go to run a handful of thin clients in my home > when I'm > > done. Since I'm paying for it out of my own pocket, price matters. > > Still, I'm not completely broke yet. So, I think I want to use a > > dual-core AMD processor but one should be adequate. I know I > want room > > for lots of RAM, although again, this won't be running 20 or 30 > > stations, just three to five. Since it's for testing, and since the > > final product WILL be a larger lab, I want to take a step into the > > 64-bit world. That narrows things down a little but there are > still a > > lot of options. > > > > So, a very specific question. Given the above, any motherboard > > manufacturers you would recommend, either to get or to avoid? > If you > > have a specific model you want to recommend, that would be > welcome, of > > course. The reasoning behind any of your thoughts would be most > > appreciated, too, of course. > > > > -- > > Henry Hartley > > > > _______________________________________________ > > K12OSN mailing list > > K12OSN at redhat.com > > https://www.redhat.com/mailman/listinfo/k12osn > > For more info see > > > -- > James P. Kinney III > CEO & Director of Engineering > Local Net Solutions,LLC > http://www.localnetsolutions.com > > GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) > > > Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From brcisna at eazylivin.net Fri Jul 4 14:36:49 2008 From: brcisna at eazylivin.net (Barry R Cisna) Date: Fri, 04 Jul 2008 09:36:49 -0500 Subject: [K12OSN] Motherboard Manufacturer Recommendations? Message-ID: <1215182209.21348.10.camel@localhost.localdomain> Henry, All of the mobo's everyone has mentioned here are all good value for the $. They all have been around for many moons. Another vendor to diffently consider when paying for it out of your own billfold is MachSpeed. These mobo's ALL have an lifetime warranty,which is worth quite a bit. I don't know of any other mobo companies that offer this. I have never had one drop on me,and I have talked to the tech people at MachSpeed,just to get acclimated with the "phone in" drill and I did get an actual human to answer the phone. They are kinda bleeding edge a bit as they make other related products,as well. They don't have a big advertising/sales hype campaign. Take Care, Barry Cisna From brcisna at eazylivin.net Fri Jul 4 14:45:18 2008 From: brcisna at eazylivin.net (Barry R Cisna) Date: Fri, 04 Jul 2008 09:45:18 -0500 Subject: [K12OSN] Motherboard Manufacturer Recommendations? Message-ID: <1215182718.21348.14.camel@localhost.localdomain> Henry, My Bad. I just seen on MachSpeed website that starting in '08 their mobo's now only have an 1 year warranty. Sorry for misinformation. Barry Cisna From brcisna at eazylivin.net Fri Jul 4 14:49:01 2008 From: brcisna at eazylivin.net (Barry R Cisna) Date: Fri, 04 Jul 2008 09:49:01 -0500 Subject: [K12OSN] Motherboard Manufacturer Recommendations? Message-ID: <1215182941.21348.18.camel@localhost.localdomain> Henry, My Bad again,, MachSpeed mobo's does still have an lifetime warranty,as long as you send in the registration card provided,,within 30 days of purchase. Barry Cisna From phealy at dsta.net Sat Jul 5 19:35:27 2008 From: phealy at dsta.net (Patrick Healy) Date: Sat, 05 Jul 2008 12:35:27 -0700 Subject: [K12OSN] K12LTSP-5.2.0EL and Happy Seventh Birthday K12LTSP Message-ID: <1215286527.10425.4.camel@altair> Hello list, By way of introduction, I'm a continuous user of k12ltsp in my physics classroom since version 1.0. I'm a regular list reader, but seldom poster. I'm considering installation options for new hardware that I'll be building to replace my circa 2002 Pentium III servers that are now running k12ltsp versions 6 and 7. I've narrowed down the options to Centos 5.2 or Edubuntu 8.04, and have working 64 bit OS images of each for my test server (a desktop machine with Intel Q6600, P35, & 8GB DDR2). The Edubuntu installation was straightforward from CD's. But for the Centos, I had to install using the K12LTSP-5.0.0EL version via NFS, and then upgrade from there. The difficulty with this was that my Realtek RTL8111/8168B onboard NIC is not supported until Centos version 5.2. I tried a straight Centos 5.2 installation, then copied the k12ltsp yum repository files, and did ?yum install ltsp? but that didn't really work. So, the question for the list (and Eric, in particular): Are new iso installation images on the horizon for K12LTSP-5.2.0EL? Thanks. -- Patrick Healy Palm Desert High School From ahodson at elp.rr.com Sun Jul 6 00:51:58 2008 From: ahodson at elp.rr.com (ahodson at elp.rr.com) Date: Sat, 5 Jul 2008 19:51:58 -0500 Subject: [K12OSN] OT: Texas School IT folks - Beware! Message-ID: <29345710.609991215305518546.JavaMail.root@hrndva-web07-z02> Folks @ my Linux UG are being told to share this with their legal Dpts. It can affect our ability to act on "bad user" tips or on repairs at large. W/O licenses, not only are IT folks acting illegally in a lot of cases, they are vulnerable to lawsuits and fines/imprisonment. ========== New Texas Law Limits Computer Repair To Licensed Private Investigators Institute for Justice Texas Chapter Opens in Austin with Challenge to Statute WEB RELEASE: June 26, 2008 Media Contact: Matt Miller (512) 480-5936 John Kramer (703) 682-9320 [First Amendment] IJ client Mike Rife cannot compete with a government-created cartel that demands he close his businesses and complete a three-year apprenticeship under a licensed private investigator to get a state-required license to fix computers. Austin, Texas?The Institute for Justice?the nation's leading litigators for entrepreneurs who find their rights violated by the government?opens its new Texas Chapter today by filing a lawsuit against the Texas Private Security Board, a state agency, on behalf of computer repair shops that are being told they need a private investigator's license to continue solving their customers' computer problems. Under the new law enacted in 2007, Texas has put computer repair shops on notice that they had better watch their backs any time they work on a computer. If a computer repair technician without a government-issued private investigator's license takes any actions that the government deems to be an "investigation," they may be subject to criminal penalties of up to one year in jail and a $4,000 fine, as well as civil penalties of up to $10,000. The definition of "investigation" is very broad and encompasses many common computer repair tasks. To get a private investigator's license, owners of computer repair shops would have to close their business while they either obtained a criminal justice degree or completed a three-year apprenticeship under a licensed P.I. But the repair shops are not the only ones at risk. The law also criminalizes consumers who knowingly use an unlicensed company to perform any repair that constitutes an investigation in the eyes of the government. Consumers are subject to the same harsh penalties as the repair shops they use: criminal penalties of up to one year in jail and a $4,000 fine, and civil penalties of up to $10,000?just for having their computer repaired by an unlicensed technician. The newly launched Institute for Justice Texas Chapter (IJ-TX) is challenging the new law under the Texas Constitution by filing a lawsuit in Travis County against the Private Security Board on behalf of Texas computer repair companies and their customers. Mike Rife, one of the plaintiffs in the suit, operates AustinPCTech, a company he started more than 10 years ago. Rife has hundreds of satisfied customers and his business is thriving. Rife now operates under a cloud of uncertainty about which repairs the government will allow him to perform for his customers. David Norelid, another plaintiff, is co-owner of Citronix Tech Services in Houston. Norelid started Citronix in Florida before moving to Texas to pursue his degree in information technology management. Norelid said, "If I was required to get a P.I. license to run my business, I'd have to shut my business down." The flexibility of being an entrepreneur allows him to work full time while going to school. Rife and Norelid do not doubt their ability to compete with so-called "big box" competitors in the computer repair business. What they cannot compete with is a government-created cartel that demands they close their businesses and complete a three-year apprenticeship under a licensed private investigator to get a state-required license?or risk jail time and large monetary penalties if they continue serving their customers without one. Thane Hayhurst owns and operates Kiwi Computer Services and iTalent Consulting Group, both in Dallas. Kiwi Computer is a traditional do-it-all computer repair company that Hayhurst has operated in Dallas since 1992. More recently, Hayhurst opened iTalent Consulting, which offers IT outsourcing services to many prominent local businesses. iTalent sends employees on assignments (some lasting for many months) to clients' businesses where the consultant works to implement on-site computer and IT solutions. Both of Hayhurst's businesses are impacted by the new law because he and his employees are not licensed private investigators. Hayhurst is worried the government will decide he can no longer offer many of the services he currently provides to his clients. Hayhurst said, "There are thousands of computer contractors performing valuable services for almost every organization in Texas, and this law will hinder their ability to remain gainfully employed." Joining the computer repair companies as a plaintiff in this case is consumer Erle Rawlins, who frequently uses independent computer repair shops to keep his Dallas-based real estate buyer agency business running. Rawlins said, "This law is totally unfair. It requires using someone who is more expensive and may not be as good, and it uses government power to limit the number of competitors who are out there. It is bad for consumers and it is bad for entrepreneurs." The filing of this case marks the launch of IJ-TX in Austin. Lead attorney on the case is IJ-TX Executive Director Matt Miller. Miller said, "Texas is working hard to bring technology innovators to our state. Yet the government is now telling them they need to get a private investigator's license if they want to continue working here. That is not an effective strategy to grow our technology talent pool." Miller concluded, "It makes no sense to require a computer repairman with 10 or 20 years of experience to get a degree in criminal justice just to continue working in his occupation. This law will drive up the price of computer repair for everyone, and that's exactly what the private investigations industry wants." The Institute for Justice is a public interest law firm that advances a rule of law under which individuals can control their destinies as free and responsible members of society. IJ has additional chapters in Arizona, Minnesota and Washington state. IJ-TX litigates under the state and federal constitutions to reinvigorate economic liberty, preserve property rights, promote educational choice and defend the free flow of information essential to politics and commerce. ========== Alan Hodson -- \_\_\_\_\_\_\_\_\_\_\_\_\_\_ Fight the Digital Divide http://tinyurl.com/3e4sh8 _/_/_/_/_/_/_/_/_/_/_/_/_/_/ From sbarar at gmail.com Sun Jul 6 01:09:38 2008 From: sbarar at gmail.com (Sudev Barar) Date: Sun, 6 Jul 2008 06:39:38 +0530 Subject: [K12OSN] OT: Texas School IT folks - Beware! In-Reply-To: <29345710.609991215305518546.JavaMail.root@hrndva-web07-z02> References: <29345710.609991215305518546.JavaMail.root@hrndva-web07-z02> Message-ID: <774593a20807051809u578bc2bcj6cd26ac5d8c28e25@mail.gmail.com> 2008/7/6 : > Folks @ my Linux UG are being told to share this with their legal > Dpts. It can affect our ability to act on "bad user" tips or on > repairs at large. W/O licenses, not only are IT folks acting illegally > in a lot of cases, they are vulnerable to lawsuits and > fines/imprisonment. > ========== > New Texas Law Limits Computer Repair To Licensed Private Investigators > Institute for Justice Texas Chapter Opens in Austin with Challenge to Statute > [SNIP] First this is academic for me as I am not in Texas - not even in US for that matter. I think this is over reaction, There is already lot of words written on this subject and central point is "you only need PI license if you are going to snoop on data for purposes of determining if any crime has been committed" IAC interesting to see what justices will pronounce on this. -- Regards, Sudev Barar Read http://blog.sudev.in for topics ranging from here to there. PS: I know most of people do not follow email niceties (mostly they are not aware) but if you follow bottom post/in-line post style of email conversations it becomes a whole lot easier to carry on meaningful dialogue and you can snip out what is not meaningful too. Most people just hit reply button and top post leaving prior message appended uselessly at bottom. See if you can adopt this style and persuade others. In case you are already doing this ..... great, spread the message. From toddobryan at gmail.com Sun Jul 6 01:11:35 2008 From: toddobryan at gmail.com (Todd O'Bryan) Date: Sat, 5 Jul 2008 21:11:35 -0400 Subject: [K12OSN] OT - Student Entered Attendance System In-Reply-To: <4860389C.50901@paasda.org> References: <486002A1.8070000@snarlnet.com> <932609800806231643q13bbc0efkdd580e92a89143e6@mail.gmail.com> <4860389C.50901@paasda.org> Message-ID: <904774730807051811m36c33422k9504cbbb0b9944ef@mail.gmail.com> Actually, one of my students just wrote a similar system in Django for a school in our district that requires students to come for 15 hours/week, but leaves the hours flexible. They haven't used it yet, so I don't know how robust it is, but I could send you the code (assuming you haven't already written it--I've been out of touch for a while). He let students either scan their id card or enter a username/password. Todd On Mon, Jun 23, 2008 at 7:58 PM, Huck wrote: > as a matter of fact I bet(being a web programmer) that you could just write > a simple 'check-in/check-out' module for Moodle... > > --Huck > > Jay Pfaffman wrote: >> >> Moodle knows what students are and has logging. You could have >> students log in to say that they were there (checking the IP of the >> host). How they'd say they were leaving is less obvious, but the >> infrastructure that Moodle provides makes it a good starting point. >> >> On Mon, Jun 23, 2008 at 5:06 PM, Steven Santos >> wrote: >>> >>> I once worked in an after school program that faced a situation not >>> unlike >>> yours. What they did was give every student what amounted to a poker >>> chip >>> with their name on it, a string through it (to hand around their neck) >>> and a >>> magnet on the back of it (later changed to Velcro). >>> >>> When a student came in in the morning (AM care), they would take the chip >>> off the big board in the outer office. When they entered a room, they >>> would >>> put their chip on the classroom board. When they left to go to another >>> room, they would take the chip off the board, and take it with them to >>> place >>> on the next board. >>> >>> In the case of an emergency, the teacher would just take the board off >>> the >>> classroom wall and have an accurate attendance. Another teacher would >>> take >>> the remaining chips off the main board to know who is not in school, and >>> then they could do a quick comparison to get who is unaccounted for. >>> >>> that system has been in use in that program for over 25 years, and it is >>> still in use today. Sometimes computers are not the best solution to >>> these >>> kind of problems. On the other hand, this an RFID tag embedded in each >>> of >>> the chips and a reader in each of the boards may be another way to >>> accomplish this AND be able to track it... >>> _____ >>> >>> Steven Santos >>> Director, Simply Circus, Inc. >>> Email: Steven at SimplyCircus.com >>> Mail: 14 Pierrepont Road >>> Newton, MA 02462 >>> Phone: 617-527-0667 >>> Web: www.SimplyCircus.com >>> >>> >>> >>>> -----Original Message----- >>>> From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com]On >>>> Behalf Of Carl Keil >>>> Sent: Monday, June 23, 2008 4:08 PM >>>> To: k12osn at redhat.com >>>> Subject: Re: [K12OSN] OT - Student Entered Attendance System >>>> >>>> >>>>> Seems crude, but aren't you talking about an RFID warehousing system? >>>>>> >>>>>> On Mon, Jun 23, 2008 at 12:58 AM, Carl Keil wrote: >>>>>> >>>>>>>> Hey Kind Folks, >>>>>>>> >>>>>>>> I've been asked to create something and I thought I'd pick >>>> >>>> the collective >>>>>>>> >>>>>>>> brain before possibly entering into the wheel reinvention game. >>>>>>>> >>>>>>>> Does anyone know of a computerized system for keeping >>>> >>>> track of attendance >>>>>>>> >>>>>>>> that would function with the kids themselves (k-12) >>>> >>>> entering their own >>>>>>>> >>>>>>>> comings and goings into the system? As I sit down to >>>> >>>> design this I'm >>>>>>>> >>>>>>>> imagining all kinds of data integrity nightmares with >>>> >>>> kindergarteners >>>>>>>> >>>>>>>> clicking "sign in" and "sign out" buttons that are next >>>> >>>> their (or someone >>>>>>>> >>>>>>>> else's) name. This would be some sort of kiosk by the >>>> >>>> front door. I'm >>>>>>>> >>>>>>>> thinking that if I use a web interface (I am a web >>>> >>>> programmer), I'll use a >>>>>>>> >>>>>>>> thin client for this. >>>>>>>> This is for a free school, where kids can enter and leave >>>> >>>> the school at >>>>>>>> >>>>>>>> different times. There is no "home room" or designated >>>> >>>> check in time. >>>>>>>> >>>>>>>> Right now, kids sign in on paper, but it is making >>>> >>>> reporting and tracking >>>>>>>> >>>>>>>> trends difficult. I'm toying with the idea of using >>>> >>>> facial (and possibly >>>>>>>> >>>>>>>> voice) recognition software. So, a kid comes in, sticks >>>> >>>> their mug into a >>>>>>>> >>>>>>>> camera and clicks a button that either says they are >>>> >>>> coming or going. If >>>>>>>> >>>>>>>> the picture can't be recognized, it is stored and flagged for human >>>>>>>> identification. I have no idea how to do that though. >>>>>>>> One other design problem is that we need some record of >>>> >>>> who's in the >>>>>>>> >>>>>>>> building that we can grab if there's a fire or other >>>> >>>> emergency. That's >>>>>>>> >>>>>>>> where the sign-in sheet on the clipboard really shines. >>>>>>>> >>>>>>>> Any brainstormy thoughts at all about pitfalls or >>>> >>>> solutions would be >>>>>>>> >>>>>>>> helpful at this point. Anyone else have a situation >>>> >>>> similar to this? >>>>> >>>>> There are many pitfalls, the biggest being smart kids - don't ever >>>>> underestimate the ability of a four year old to deceive. >>>>> >>>>> Single scan (forget the in/out buttons, just have the current >>>> >>>> state ready) >>>>> >>>>> will tell you just that something got scanned, so there is a >>>> >>>> problem right >>>>> >>>>> there. The kids can scan in and -not- enter or leave. >>>>> >>>>> All the tokens not attached permanently can be exchanged .... >>>>> >>>>> Can you do something of a bit futuristic nature, since the future will >>>>> happen soon? What I have in mind is "chipping" the kids with tiny RFID >>>>> chips. Works for my cats. I had to change the design from a >>>> >>>> single scanner >>>>> >>>>> with the door mechanism to three scanners, so that I really know where >>>>> they are. I've seen cats and kids change their minds and back out after >>>>> opening the doors to go in -:) >>>>> >>>>> Of course the above was somewhat in jest, but there is no good solution >>>>> without the use of biometrics, and even those can be fooled. >>>>> >>>>> One inexpensive way is to count heads going in and out - web cam, >>>>> simple >>>>> software. Make sure you push the video to an external server. In case >>>>> of >>>>> an emergency, you'll now -how many- kids are in, to find out >>>> >>>> -which- kids, >>>>> >>>>> you'd need to view the video. As far as I know, this is acceptable >>>>> level >>>>> of data for emergencies. >>>>> >>>>> Good luck, julius >>>> >>>> The first thing I asked the school's director was if it would be OK to >>>> chip the kids. This is exactly like herding cats, which, apparently, >>>> you have some experience with. I've since realized that even chipping >>>> the kids and/or video surveillance won't work. The kids at this school >>>> have the option of playing outside if there is an adult out there to >>>> supervise. This isn't considered "checking out". The kids really do >>>> need to click or swipe something to signify their intention to >>>> stay/leave. Since these kids can't be relied on to bring ID badges >>>> every day and tattooing bar codes is a wee bit too futuristic, I'm >>>> heavily leaning towards fingerprint swipers. >>>> >>>> Can anyone recommend a linux friendly, affordable, USB, fingerprint >>>> reader? One that can read through gloves, mittens, masking tape and >>>> layers of assorted jams and jellies? My wife loves the idea of a hand >>>> sanitizer station next to the finger print swiper, cut down on colds and >>>> flus and track the kids all in one fluid motion. >>>> >>>> Thank you everyone for your help thinking this through. >>>> >>>> ck >>>> >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >>>> >>>> >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >>> >>> >> >> >> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From rgm at htt-consult.com Sun Jul 6 15:32:28 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Sun, 6 Jul 2008 11:32:28 -0400 Subject: [K12OSN] smbldap-tools (previously Samba Console) Message-ID: <4870E58C.7070804@htt-consult.com> I went looking for Samba Console that IDEALX use to provide. It is gone. After some searching, I seem to see that now just use smbldap-tools. The most recent copy I found is: smbldap-tools-0.9.5-1.noarch.rpm Over at http://download.gna.org/smbldap-tools/packages/ Anyone up to date on this? Does this give a nice GUI for Samba? Or is there something else worth using? From microman at cmosnetworks.com Sun Jul 6 16:47:00 2008 From: microman at cmosnetworks.com (=?UTF-8?B?IlRlcnJlbGwgUHJ1ZMOpIEpyLiI=?=) Date: Sun, 06 Jul 2008 12:47:00 -0400 Subject: [K12OSN] OT: Texas School IT folks - Beware! In-Reply-To: <29345710.609991215305518546.JavaMail.root@hrndva-web07-z02> References: <29345710.609991215305518546.JavaMail.root@hrndva-web07-z02> Message-ID: <4870F704.3090605@cmosnetworks.com> Looks like there's some truth to this. Here's the private investigation industry's spin on the same thing. http://www.asginvestigations.com/pi-stories/?p=201 I wouldn't be too worried about this actually standing, though...at least not if it starts getting enforced! It's like the old "Blue Laws" that are still on the books in some of our states. If the government of Texas actually does start enforcing this law, then since a whole lot of voters have computers, that law will be rescinded faster than a rattlesnake would strike at a hare! You know, kinda like that Microsoft audit of 2002 against school districts in Portland, Oregon. :-) That said.... As an INFOSEC engineer myself who routinely does thing like penetration testing, I will be very careful to stay the hell away from Texas now, just on principle. The government of Texas can now go straight to Hell. And to think I was considering living there at one time! --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! ahodson at elp.rr.com wrote: > Folks @ my Linux UG are being told to share this with their legal > Dpts. It can affect our ability to act on "bad user" tips or on > repairs at large. W/O licenses, not only are IT folks acting illegally > in a lot of cases, they are vulnerable to lawsuits and > fines/imprisonment. > ========== > New Texas Law Limits Computer Repair To Licensed Private Investigators > Institute for Justice Texas Chapter Opens in Austin with Challenge to Statute > > WEB RELEASE: June 26, 2008 > Media Contact: > Matt Miller (512) 480-5936 > John Kramer (703) 682-9320 > > [First Amendment] > > IJ client Mike Rife cannot compete with a government-created cartel > that demands he close his businesses and complete a three-year > apprenticeship under a licensed private investigator to get a > state-required license to fix computers. > > Austin, Texas?The Institute for Justice?the nation's leading > litigators for entrepreneurs who find their rights violated by the > government?opens its new Texas Chapter today by filing a lawsuit > against the Texas Private Security Board, a state agency, on behalf of > computer repair shops that are being told they need a private > investigator's license to continue solving their customers' computer > problems. > > Under the new law enacted in 2007, Texas has put computer repair shops > on notice that they had better watch their backs any time they work on > a computer. If a computer repair technician without a > government-issued private investigator's license takes any actions > that the government deems to be an "investigation," they may be > subject to criminal penalties of up to one year in jail and a $4,000 > fine, as well as civil penalties of up to $10,000. The definition of > "investigation" is very broad and encompasses many common computer > repair tasks. > > To get a private investigator's license, owners of computer repair > shops would have to close their business while they either obtained a > criminal justice degree or completed a three-year apprenticeship under > a licensed P.I. > > But the repair shops are not the only ones at risk. The law also > criminalizes consumers who knowingly use an unlicensed company to > perform any repair that constitutes an investigation in the eyes of > the government. Consumers are subject to the same harsh penalties as > the repair shops they use: criminal penalties of up to one year in > jail and a $4,000 fine, and civil penalties of up to $10,000?just for > having their computer repaired by an unlicensed technician. > > The newly launched Institute for Justice Texas Chapter (IJ-TX) is > challenging the new law under the Texas Constitution by filing a > lawsuit in Travis County against the Private Security Board on behalf > of Texas computer repair companies and their customers. > > Mike Rife, one of the plaintiffs in the suit, operates AustinPCTech, a > company he started more than 10 years ago. Rife has hundreds of > satisfied customers and his business is thriving. Rife now operates > under a cloud of uncertainty about which repairs the government will > allow him to perform for his customers. > > David Norelid, another plaintiff, is co-owner of Citronix Tech > Services in Houston. Norelid started Citronix in Florida before > moving to Texas to pursue his degree in information technology > management. Norelid said, "If I was required to get a P.I. license to > run my business, I'd have to shut my business down." The flexibility > of being an entrepreneur allows him to work full time while going to > school. > > Rife and Norelid do not doubt their ability to compete with so-called > "big box" competitors in the computer repair business. What they > cannot compete with is a government-created cartel that demands they > close their businesses and complete a three-year apprenticeship under > a licensed private investigator to get a state-required license?or > risk jail time and large monetary penalties if they continue serving > their customers without one. > > Thane Hayhurst owns and operates Kiwi Computer Services and iTalent > Consulting Group, both in Dallas. Kiwi Computer is a traditional > do-it-all computer repair company that Hayhurst has operated in Dallas > since 1992. More recently, Hayhurst opened iTalent Consulting, which > offers IT outsourcing services to many prominent local businesses. > iTalent sends employees on assignments (some lasting for many months) > to clients' businesses where the consultant works to implement on-site > computer and IT solutions. Both of Hayhurst's businesses are impacted > by the new law because he and his employees are not licensed private > investigators. Hayhurst is worried the government will decide he can > no longer offer many of the services he currently provides to his > clients. Hayhurst said, "There are thousands of computer contractors > performing valuable services for almost every organization in Texas, > and this law will hinder their ability to remain gainfully employed." > > Joining the computer repair companies as a plaintiff in this case is > consumer Erle Rawlins, who frequently uses independent computer repair > shops to keep his Dallas-based real estate buyer agency business > running. Rawlins said, "This law is totally unfair. It requires > using someone who is more expensive and may not be as good, and it > uses government power to limit the number of competitors who are out > there. It is bad for consumers and it is bad for entrepreneurs." > > The filing of this case marks the launch of IJ-TX in Austin. Lead > attorney on the case is IJ-TX Executive Director Matt Miller. Miller > said, "Texas is working hard to bring technology innovators to our > state. Yet the government is now telling them they need to get a > private investigator's license if they want to continue working here. > That is not an effective strategy to grow our technology talent pool." > > Miller concluded, "It makes no sense to require a computer repairman > with 10 or 20 years of experience to get a degree in criminal justice > just to continue working in his occupation. This law will drive up > the price of computer repair for everyone, and that's exactly what the > private investigations industry wants." > > The Institute for Justice is a public interest law firm that advances > a rule of law under which individuals can control their destinies as > free and responsible members of society. IJ has additional chapters > in Arizona, Minnesota and Washington state. IJ-TX litigates under the > state and federal constitutions to reinvigorate economic liberty, > preserve property rights, promote educational choice and defend the > free flow of information essential to politics and commerce. > > ========== > > Alan Hodson > -- > \_\_\_\_\_\_\_\_\_\_\_\_\_\_ > Fight the Digital Divide > http://tinyurl.com/3e4sh8 > _/_/_/_/_/_/_/_/_/_/_/_/_/_/ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nils at breun.nl Sun Jul 6 17:12:42 2008 From: nils at breun.nl (Nils Breunese) Date: Sun, 6 Jul 2008 19:12:42 +0200 Subject: [K12OSN] smbldap-tools (previously Samba Console) In-Reply-To: <4870E58C.7070804@htt-consult.com> References: <4870E58C.7070804@htt-consult.com> Message-ID: <048FB7D8-FDF2-4ACB-979D-3B2F2DB3230F@breun.nl> Robert Moskowitz wrote: > I went looking for Samba Console that IDEALX use to provide. > > It is gone. > > After some searching, I seem to see that now just use smbldap- > tools. The most recent copy I found is: > > smbldap-tools-0.9.5-1.noarch.rpm > > Over at http://download.gna.org/smbldap-tools/packages/ > > Anyone up to date on this? Does this give a nice GUI for Samba? Or > is there something else worth using? What do you want to be able to do? Have you tried the system-config- samba package? Nils Breunese. From carl at snarlnet.com Sun Jul 6 20:45:01 2008 From: carl at snarlnet.com (Carl Keil) Date: Sun, 06 Jul 2008 13:45:01 -0700 Subject: [K12OSN] OT - Student Entered Attendance System Message-ID: <48712ECD.6040203@snarlnet.com> > > Actually, one of my students just wrote a similar system in Django for > a school in our district that requires students to come for 15 > hours/week, but leaves the hours flexible. They haven't used it yet, > so I don't know how robust it is, but I could send you the code > (assuming you haven't already written it--I've been out of touch for a > while). > > He let students either scan their id card or enter a username/password. > > Todd > Todd, That would be amazing if you could share that with me. I'm trying to avoid reinventing the wheel, if possible. I'm skeptical, but the director of the school is confident that the kids can master a username/password system or similar. So I'm more than willing to give it a try. Thanks a lot, ck From rgm at htt-consult.com Sun Jul 6 21:22:57 2008 From: rgm at htt-consult.com (Robert Moskowitz) Date: Sun, 6 Jul 2008 17:22:57 -0400 Subject: [K12OSN] smbldap-tools (previously Samba Console) In-Reply-To: <048FB7D8-FDF2-4ACB-979D-3B2F2DB3230F@breun.nl> References: <4870E58C.7070804@htt-consult.com> Message-ID: <487137B1.702@htt-consult.com> Nils Breunese wrote: > Robert Moskowitz wrote: > >> I went looking for Samba Console that IDEALX use to provide. >> >> It is gone. >> >> After some searching, I seem to see that now just use smbldap-tools. >> The most recent copy I found is: >> >> smbldap-tools-0.9.5-1.noarch.rpm >> >> Over at http://download.gna.org/smbldap-tools/packages/ >> >> Anyone up to date on this? Does this give a nice GUI for Samba? Or is >> there something else worth using? > > What do you want to be able to do? Have you tried the > system-config-samba package? Gee, I really don't know all that I have to do. I have a REAL NT server PDC. Been running since '96. At various times I have had BDCs as well. I do have WINS configed on the server and had had it on some other Win2000 boxes which are now gone. Every system accessing the domain is just configured to use the PDC as their WINS server. Each user has the home directory share and a login script. I got to migrate all of that. I am setting up the new box on a double-NATed net so it will have the same IP address as the current server and the same host/server name and same domain name. Oh, and of course I will need to get all the current systems registered to the new server once it is in place.... I thought about having the new samba server be a BDC and then promote it to a PDC, but then I would still have to work out how to change its name and IP address to the same as the current box. From DLWillson at TheGeek.NU Sun Jul 6 22:25:05 2008 From: DLWillson at TheGeek.NU (David L. Willson) Date: Sun, 6 Jul 2008 16:25:05 -0600 Subject: [K12OSN] smbldap-tools (previously Samba Console) In-Reply-To: <487137B1.702@htt-consult.com> References: <048FB7D8-FDF2-4ACB-979D-3B2F2DB3230F@breun.nl> <487137B1.702@htt-consult.com> Message-ID: <20080706222049.M61767@TheGeek.NU> ...Does this give a nice GUI for Samba? Or is > >> there something else worth using? ... http://www.samba.org/samba/GUI/ Gosa, SWAT, lam, system-config-samba all worthy of consideration, but if you want to keep your user and machine accounts as they are, you probably want to follow the BDC to PDC path you mentioned in one of your messages. Do it as a VM, in an isolated environment, first, so you can find out how much breakage you get when you change your server-name. I don't think it will be as much as you anticipate. From dyoung at mesd.k12.or.us Mon Jul 7 15:10:06 2008 From: dyoung at mesd.k12.or.us (Dan Young) Date: Mon, 7 Jul 2008 08:10:06 -0700 Subject: [K12OSN] K12LTSP EL 5 Repo In-Reply-To: References: Message-ID: <994441ae0807070810t678578achce4362f102f6df72@mail.gmail.com> OK, I added the next level up the directory tree in the same format as the other repos: K12LTSP-5.0.0-EL-32bit-all K12LTSP-5.0.0-EL-64bit-all -- Dan Young Multnomah ESD - Technology Services 503-257-1562 On Thu, Jul 3, 2008 at 8:36 AM, k12ltsp wrote: > Hi, > > I'd like to suggest that we make the K12LTSP EL 5 repository available > through RSYNC. We have several servers in our district and it would make > installations and maitenance much easier if we can maintain our own copy > of the LTSP repo. Also, some of the servers have old CD-Rom drives making > it hard to install using media (we usually do network installs). > > The repository currently has all of the other distributions available via > rsync, but only the ISO's are available for EL 5. Here is the output: > > root at ns5 [/repository/centos5]# rsync rsync://k12linux.mesd.k12.or.us/ > K12LTSP-apt mirror of the K12LTSP apt repositories (DEPRECATED!) > K12LTSP-4.4-i386 K12LTSP 4.4.1 install tree (DEPRECATED!) > K12LTSP-4.4.1-all The whole K12LTSP 4.4.1 install tree, updates, and > ISOs. (DEPRECATED!) > webmin Webmin repository > testing experimental rpms > K12LTSP-beta development branch of K12LTSP, not intended for production > use (not used) > K12LTSP-pre pre-release branch of K12LTSP (not used) > K12LTSP-5.0.0-32bit K12LTSP 5.0 ISO images, 32bit version (Pentium, > Athlon) (3.5G) > K12LTSP-5.0.0-64bit K12LTSP 5.0 ISO images, 64bit version (Opteron, > EM64T) (3.7G) > K12LTSP-5.0.0-32bit-all The whole K12LTSP 5.0 32bit version install tree, > updates, and ISOs. (11G) > K12LTSP-5.0.0-64bit-all The whole K12LTSP 5.0 64bit version install tree, > updates, and ISOs. (12G) > K12LTSP-EL K12LTSP "Enterprise" ISO images, 32bit version (Pentium, > Athlon) (2.5G) > K12LTSP-EL-64bit K12LTSP "Enterprise" ISO images, 64bit version > (Opteron, EM64T) (2.7G) > K12LTSP-4.2EL-32bit-all The whole K12LTSP 4.2EL 32bit version install > tree, updates, and ISOs. (6.3G) > K12LTSP-4.2EL-64bit-all The whole K12LTSP 4.2EL 64bit version install > tree, updates, and ISOs. (7.5G) > K12LTSP Use this if you want to mirror the latest K12LTSP distro > (3.8G) > K12LTSP-mirror Use this if you want to mirror the latest K12LTSP distro > (3.8G) > K12Linux-mirror Use this if you want to mirror the latest K12Linux distro > (3.8G) > K12LTSP-all The whole latest K12LTSP install tree, updates, and ISOs. > (14G) > K12LTSP-6.0.0-32bit K12LTSP 6.0 ISO images, 32bit version (Pentium, > Athlon) (3.8G) > K12LTSP-6.0.0-64bit K12LTSP 6.0 ISO images, 64bit version (Opteron, > EM64T) (4.3G) > K12LTSP-6.0.0-32bit-dvd K12LTSP 6.0 DVD images, 32bit version (Pentium, > Athlon) (3.8G) > K12LTSP-6.0.0-64bit-dvd K12LTSP 6.0 DVD images, 64bit version (Opteron, > EM64T) (4.3G) > K12LTSP-6.0.0-32bit-all The whole K12LTSP 6.0 32bit version install tree, > updates, and ISOs. (14G) > K12LTSP-6.0.0-64bit-all The whole K12LTSP 6.0 64bit version install tree, > updates, and ISOs. (16G) > K12LTSP-5.0.0-EL-32bit-iso K12LTSP 5.0.0 EL 32bit ISOs. > K12LTSP-5.0.0-EL-32bit-dvd K12LTSP 5.0.0 EL 32bit DVDs. > K12LTSP-5.0.0-EL-64bit-iso K12LTSP 5.0.0 EL 64bit ISOs. > K12LTSP-5.0.0-EL-64bit-dvd K12LTSP 5.0.0 EL 64bit DVDs. > live-demo-cd An application demo CD that can be used without installing > to your hard drive > > > ~~~~~~~~~~~~~~~~~~~~~~~ > Alan Owen > Assistant to the Director of Information Services > Hermon Information Services/Hermon School Department > "Using Technology to Empower All Students to Succeed in a Changing World." > ~~~~~~~~~~~~~~~~~~~~~~~ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From jamielist at gmail.com Wed Jul 9 09:02:15 2008 From: jamielist at gmail.com (Jamie Lists) Date: Wed, 9 Jul 2008 02:02:15 -0700 Subject: [K12OSN] Oh yee DHCP masters.. please help! Message-ID: I'm gonna try to not over complicate this but i really need some dhcp advise. At our school dist we have 3 subnets. We just purchased 21 k12ltsp servers. These will not be in a lab situation but rather serving thin clients in classrooms. We have ISC DHCP running on another linux box in each subnet What we want to accomplish is in the dhcpd.conf for each subnet is a "group" list which will list all of the terminal clients connecting to that particular server. So a rudimentary config would be like Server 1 host GX1-test { hardware ethernet 00:c0:4F:5E:4F:9B; } host GX2-test { hardware ethernet 00:c0:4F:5E:4F:9B; } host GX3-test { hardware ethernet 00:c0:4F:5E:4F:9B; } Server 2 host GX1-test { hardware ethernet 00:c0:4F:5E:4F:9B; } host GX2-test { hardware ethernet 00:c0:4F:5E:4F:9B; } host GX3-test { hardware ethernet 00:c0:4F:5E:4F:9B; } etc etc... This way when terminals pxe boot they will connect to the server assigned to them. The other caviat is we want the default pxe boot to boot to our DRBL box for cloning windows machines with clonezilla. So in essence the K12Ltsp clients will be assigned to the server they are going to use and all other pxe booting defaults to the DRBL server. Also for good measure and to really complicate things we have imac clients as well haha! So heres what i have started for a dhcpd.conf. Please take a look and offer any suggestions. I'm sure i've missed alot of stuff in here.Thanks! ########## Start of dhcpd.conf file ######### authoritative; allow booting; allow bootp; subnet 172.16.0.0 netmask 255.255.224.0 { option routers 172.16.16.3; option subnet-mask 255.255.224.0; option domain-name "newberg.k12.or.us"; option domain-name-servers 172.16.16.20; allow unknown-clients; ########## DRBL PXE Boot Settings ################# next-server 172.16.16.12; # This is the DRBL server option root-path "172.16.16.12:/whateverthepathis"; ### Windows Options#################################### option netbios-name-servers 172.16.16.82, 172.16.48.50; option netbios-node-type 2; ############################################# range dynamic-bootp 172.16.1.1 172.16.15.250; default-lease-time 21600; max-lease-time 43200; } ######### LTSP Server 1 ################### group { filename "/lts/vmlinuz.ltsp"; next-server 172.16.16.22; option root-path "172.16.16.22:/opt/ltsp/i386" host GX1-test { hardware ethernet 00:c0:4F:5E:4F:9B; } #host ncd8 { hardware ethernet 0:c0:c3:22:46:81; } #host ncd8 { hardware ethernet 0:c0:c3:22:46:81; } #host ncd8 { hardware ethernet 0:c0:c3:22:46:81; } #host ncd8 { hardware ethernet 0:c0:c3:22:46:81; } #host ncd8 { hardware ethernet 0:c0:c3:22:46:81; } #host ncd8 { hardware ethernet 0:c0:c3:22:46:81; } } # Apple Clients go Here group { filename "yaboot"; next-server 172.16.16.22; option root-path "172.16.16.22:/opt/ltsp/ppc"; option vendor-class-identifier "AAPLBSDPC"; host Orange-iMac { hardware ethernet 00:50:E4:40:C1:6E; } #host ncd8 { hardware ethernet 0:c0:c3:22:46:81; } } ######### End of LTSP Server 1 ################### ######### LTSP Server 2 ################### ### etc etc ######### End of LTSP Server 2 ################### From lewis at pcc.com Wed Jul 9 12:31:26 2008 From: lewis at pcc.com (Lewis Holcroft) Date: Wed, 9 Jul 2008 08:31:26 -0400 Subject: [K12OSN] Video Driver for Disklessworkstations.com 1220/1225 In-Reply-To: <3BBEA754-9C20-4A14-918A-39C766105B36@breun.nl> References: <4EF76E6B-18B2-4D37-8063-ED6DD356B0BC@pcc.com> <3BBEA754-9C20-4A14-918A-39C766105B36@breun.nl> Message-ID: <880791B3-C203-4055-BD2B-1F595FE83631@pcc.com> I have checked and the unit boots and errors out on the video driver. It defaults to vesa, which is fine. I was going to add the driver. I have done it once with LTSP, but not K12LTSP. the process while vague does work. I was just hoping to save myself some time and check first. Lewis On Jul 3, 2008, at 11:36 AM, Nils Breunese wrote: > Lewis Holcroft wrote: > >> I have several of the 1220PXE thin clients from >> disklessworkstations.com. >> >> These devices require that the drivers be updated. Instructions are >> here referred to here http://www.DisklessWorkstations.Com/web/documentation/LTSP_T-1220.pdf >> >> I was wondering it anyone has attempted this on the CeonOS-5 EL >> version? Is what the outcome? Also if this modification can be made >> upstream. > > That document is a bit confusing. It says you need LTSP 4.2 (which > is part of K12LTSP 5EL), but also gives instructions on installing a > custom driver. Have you tried this client without installing the > custom driver? Maybe this is only needed when running LTSP <4.2? > > Nils Breunese. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From nils at breun.nl Wed Jul 9 12:36:13 2008 From: nils at breun.nl (Nils Breunese) Date: Wed, 9 Jul 2008 14:36:13 +0200 Subject: [K12OSN] Video Driver for Disklessworkstations.com 1220/1225 In-Reply-To: <880791B3-C203-4055-BD2B-1F595FE83631@pcc.com> References: <4EF76E6B-18B2-4D37-8063-ED6DD356B0BC@pcc.com> <3BBEA754-9C20-4A14-918A-39C766105B36@breun.nl> <880791B3-C203-4055-BD2B-1F595FE83631@pcc.com> Message-ID: <4124AC5D-0AE4-4FA0-A907-0D684FAB6329@breun.nl> Lewis Holcroft wrote: > I have checked and the unit boots and errors out on the video > driver. It defaults to vesa, which is fine. Why do you think vesa is fine? If it were, then why would you need to install a custom VIA driver? > I was going to add the driver. I have done it once with LTSP, but > not K12LTSP. the process while vague does work. I was just hoping to > save myself some time and check first. If the unit erros out on the video driver, then I guess this custom driver really is needed. Maybe if could be incorporated into an K12LTSP update. Nils Breunese. From henryhartley at westat.com Wed Jul 9 15:41:44 2008 From: henryhartley at westat.com (Henry Hartley) Date: Wed, 9 Jul 2008 11:41:44 -0400 Subject: [K12OSN] Motherboard Manufacturer Recommendations? In-Reply-To: <486DC25E.7030001@cmosnetworks.com> Message-ID: <403593359CA56C4CAE1F8F4F00DCFE7D07E2093A@MAILBE2.westat.com> Terrell Prud? Jr. wrote: >> R. Scott Belford wrote: >> > James P. Kinney III wrote: >> > >> The top board maker by far is Tyan. >> > >> The second place in most respects is Asus. >> > >> SuperMicro is my third choice maker. >> > >> Last and certainly not least of what I will use is Abit. >> > >> >> > >> Right now a solid system using Athlon X2/Phenom is a very good >> > >> starter point for a new small server. Go look at the Asus >> > >> Crosshair II Formula AM@/AM2+ board : >> > >> http://www.newegg.com/Product/Product.aspx?Item=N82E16813131292 >> > >> > Essential dittos to James. >> >> Whatever you get, be sure it's a Socket AM2+, not just AM2. AM2+ >> will support the new tri- and quad-core Phenoms. Yes, I know AMD >> says they're supported on Socket AM2, too, but it requires an >> updated BIOS. A recent Tom's Hardware article showed that mobo >> makers don't really want to do that (only ASUS worked). So start >> with AM2+ from the get-go, and you should be fine. >> >> My experience with Tyan is likewise stellar, and I'd recommend one >> of their mobos any day. That's where Penguin Computing sources >> their mobos, and for a reason. >> >> My demo LTSP server runs a dual-Athlon Tyan Tiger MPX (S2466). >> Still rockin'. During the Socket 7 days, their S1590S Trinity >> motherboard (with AMD K6-2) was my mobo of choice, and they've >> never broken on me. >> >> I've also had good luck with MSI's dual Athlon boards, so I'd >> imagine their newer AMD64 boards are also good. Thanks for all this information. The first computer I built from parts was on a Tyan Tomcat motherboard (2.4MHz Pentium) and it worked beautifully, although I did have to "modify" my old Gateway 386 case in order to get the memory to fit under the drive cage. Rather than order the parts from New Egg, which I've done fairly often, I decided that this time I'd buy them at a local store (The Computer Place - http://www.tcponline.com/) although it might have cost a few dollars more (in the end didn't). I also decided that the difference in price of the Athlon and the Phenom was enough that I'd go with the cheaper Athlon for this machine. When we build the machine this one is the test/demo for, I'll recommend the higher end chip and motherboard. I ended up with an Asus board, since that's mostly what this store carries. If they had a bunch of Tyans to choose from, I would have done that but this should work. So, for $229 I got: ASUS M2A-VM AM2 AMD 690G Micro ATX motherboard AMD Athlon 64 X2 5200 processor 2 GB DDR2-667 RAM I have monitor, keyboard, mouse, and CD-ROM drive already. I got a case/power supply for $49 and a 250GB SATA drive for $69 and I'm pretty much ready to go. My wife was impressed that I spent as little as I did. It should be pretty decent as a small server and will allow us me to show the school what LTSP can do. I've burned CDs with 64-bit versions of both Fedora 9 and K12LTSP 5EL. I'll try F9 first but I understand that's not "done" yet with LTSP 5. I have CentOS 5 running (without the LTSP stuff) on a couple other machines and I'm pretty happy with it but it's always nice to show off the bleeding edge stuff. Anyway, it's worth a try. So, thanks again for your time. -- Henry From jkinney at localnetsolutions.com Wed Jul 9 16:01:06 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Wed, 09 Jul 2008 16:01:06 +0000 Subject: [K12OSN] Motherboard Manufacturer Recommendations? In-Reply-To: <403593359CA56C4CAE1F8F4F00DCFE7D07E2093A@MAILBE2.westat.com> References: <403593359CA56C4CAE1F8F4F00DCFE7D07E2093A@MAILBE2.westat.com> Message-ID: <1215619266.5604.1108.camel@merlin.localnetsolutions.com> On Wed, 2008-07-09 at 11:41 -0400, Henry Hartley wrote: > Thanks for all this information. The first computer I built from parts was on a Tyan Tomcat motherboard (2.4MHz Pentium) and it worked beautifully, although I did have to "modify" my old Gateway 386 case in order to get the memory to fit under the drive cage. > > Rather than order the parts from New Egg, which I've done fairly often, I decided that this time I'd buy them at a local store (The Computer Place - http://www.tcponline.com/) although it might have cost a few dollars more (in the end didn't). I also decided that the difference in price of the Athlon and the Phenom was enough that I'd go with the cheaper Athlon for this machine. When we build the machine this one is the test/demo for, I'll recommend the higher end chip and motherboard. > > I ended up with an Asus board, since that's mostly what this store carries. If they had a bunch of Tyans to choose from, I would have done that but this should work. So, for $229 I got: > > ASUS M2A-VM AM2 AMD 690G Micro ATX motherboard > AMD Athlon 64 X2 5200 processor > 2 GB DDR2-667 RAM > > I have monitor, keyboard, mouse, and CD-ROM drive already. I got a case/power supply for $49 and a 250GB SATA drive for $69 and I'm pretty much ready to go. My wife was impressed that I spent as little as I did. It should be pretty decent as a small server and will allow us me to show the school what LTSP can do. > > I've burned CDs with 64-bit versions of both Fedora 9 and K12LTSP 5EL. I'll try F9 first but I understand that's not "done" yet with LTSP 5. I have CentOS 5 running (without the LTSP stuff) on a couple other machines and I'm pretty happy with it but it's always nice to show off the bleeding edge stuff. Anyway, it's worth a try. > Save yourself some headache and just go with the 32-bit versions. Since you only have 2G RAM, there is really nothing to be gained with the 64-bit. The 64-bit only is needed above 3.5GB RAM (or use the PAE kernel in 32-bit but it's a performance hit). > So, thanks again for your time. > > -- > Henry > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From rob.owens at biochemfluidics.com Wed Jul 9 17:27:55 2008 From: rob.owens at biochemfluidics.com (Rob Owens) Date: Wed, 09 Jul 2008 13:27:55 -0400 Subject: [K12OSN] clients boot up to wrong xscreen with new EL5 In-Reply-To: <1214522157.4050.2.camel@localhost.localdomain> References: <1214522157.4050.2.camel@localhost.localdomain> Message-ID: <4874F51B.9070801@biochemfluidics.com> Barry, If you're having trouble w/ that link, here's the contents of my "rdesktop.wait" script. I'll also email it to you directly as an attachment. -Rob #!/bin/sh # # rdesktop # # rdesktop screen script for the linux terminal server project. # This script lives in the /opt/ltsp/i386/etc/screen.d directory # # Call it through lts.conf with the `SCREEN_xx = rdesktop` option. # # You can pass options to rdesktop 2 different ways. # # 1) Place all of the options you want after the 'rdesktop' setting # on the screen_script. # # For example: # # SCREEN_01 = rdesktop -u jam w2kserver.ltsp.org # # # 2) Place the rdesktop options in the RDP_OPTIONS option # and the name or IP address of the rdp server in # the RDP_SERVER option. # # For example: # # RDP_OPTIONS = "-f -u jam" # RDP_SERVER = w2kserver.ltsp.org # SCREEN_01 = rdesktop # PATH=/bin:$PATH; export PATH . /etc/ltsp_functions # # Get the lts.conf entries # eval `/bin/getltscfg -a` RDP_OPTIONS=${RDP_OPTIONS:-"-f"} reg_info RDP_SERVER reg_info RDP_OPTIONS TTY=`/usr/bin/basename \`/usr/bin/tty\` | sed s/tty//` XFCFG=/tmp/XF86Config.${TTY} export TTY RDESKTOP_OPTIONS="${RDP_OPTIONS} $* ${RDP_SERVER}" # # Setup the DISP variable # export DISP=:$(expr ${TTY} - 1).0 ################################################################################ # # Setup the XF86Config file # XSERVER=${XSERVER:-"auto"} if [ "${XSERVER}" = "auto" ]; then echo "Scanning for video card" XSERVER=`/sbin/pci_scan /etc/vidlist` if [ -z "${XSERVER}" ]; then echo echo " ERROR: Auto probe of the video card failed !" echo " You need to specify the proper X server in lts.conf" echo echo -n "Press to continue " read CMD exit 1 fi fi if [ "${XSERVER}" = "i810" ]; then if [ ! -f /tmp/i810_loaded ]; then modprobe agpgart >/tmp/i810_loaded fi fi if [ ! -z "${XF86CONFIG_FILE}" ]; then # # If XF86CONFIG_FILE is defined in the lts.conf file, then # it points to an XF86Config file that is pre-made for a workstation # if [ -f /etc/${XF86CONFIG_FILE} ]; then cp /etc/${XF86CONFIG_FILE} ${XFCFG} else echo echo "Error! - ${XF86CONFIG_FILE} - File not found!" echo fi else # # Build the XF86Config file from entries in the lts.conf file # If it starts with 'XF86_', then we use XFree86 3.3.6. Otherwise, # we use Xorg # case ${XSERVER} in XF86_*) /etc/build_x3_cfg ${XSERVER} >${XFCFG} ;; *) /etc/build_x4_cfg ${XSERVER} >${XFCFG} ;; esac fi ################################################################################ # # Figure out how to run the X server # case ${XSERVER} in XF86_*) XBINARY="${XSERVER}" XOPTS="" ;; Xvesa) XBINARY="Xvesa" case "${X_MODE_0}" in 1280x1024) XOPTS="-shadow -mode 0x011A" ;; 1024x768) XOPTS="-shadow -mode 0x0117" ;; 800x600) XOPTS="-shadow -mode 0x0114" ;; 640x480) XOPTS="-shadow -mode 0x0111" ;; *) XOPTS="-shadow -mode 0x0117" ;; esac ;; *) XBINARY="Xorg" XOPTS="" ;; esac ACCESS_CONTROL=${DISABLE_ACCESS_CONTROL:-"N"} if [ "${ACCESS_CONTROL}" = "Y" ]; then ACC_CTRL="-ac" else ACC_CTRL="" fi clear echo echo echo echo echo echo echo echo echo echo echo echo echo -n " Press to Login to Windows" read if [ -w /proc/progress ]; then /usr/X11R6/bin/xinit /usr/bin/rdesktop.wrapper \ -u "" \ ${RDESKTOP_OPTIONS} \ -- /usr/X11R6/bin/${XBINARY}\ ${DISP} \ -xf86config ${XFCFG} \ vt${TTY} >/dev/null 2>&1 else /usr/X11R6/bin/xinit /usr/bin/rdesktop.wrapper \ -u "" \ ${RDESKTOP_OPTIONS} \ -- /usr/X11R6/bin/${XBINARY}\ ${DISP} \ -xf86config ${XFCFG} \ vt${TTY} fi Barry R Cisna wrote: > Hey Rob, > > Thanks for the feedback. The link you posted came up formatted broken. I > tried underscores, dots, searched, and can not get to message that you > posted. > Thanks Again, > > Barry Cisna > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** From rob.owens at biochemfluidics.com Wed Jul 9 17:29:15 2008 From: rob.owens at biochemfluidics.com (Rob Owens) Date: Wed, 09 Jul 2008 13:29:15 -0400 Subject: [K12OSN] clients boot up to wrong xscreen with new EL5 In-Reply-To: <1214522157.4050.2.camel@localhost.localdomain> References: <1214522157.4050.2.camel@localhost.localdomain> Message-ID: <4874F56B.4050200@biochemfluidics.com> Barry, I've attached my customized screen scripts. Hope they help you. -Rob Barry R Cisna wrote: > Hey Rob, > > Thanks for the feedback. The link you posted came up formatted broken. I > tried underscores, dots, searched, and can not get to message that you > posted. > Thanks Again, > > Barry Cisna > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: rdesktop.wait URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: startx.wait URL: From henryhartley at westat.com Wed Jul 9 17:29:59 2008 From: henryhartley at westat.com (Henry Hartley) Date: Wed, 9 Jul 2008 13:29:59 -0400 Subject: [K12OSN] Motherboard Manufacturer Recommendations? In-Reply-To: <1215619266.5604.1108.camel@merlin.localnetsolutions.com> Message-ID: <403593359CA56C4CAE1F8F4F00DCFE7D07E2093D@MAILBE2.westat.com> James P. Kinney III wrote: >> Save yourself some headache and just go with the 32-bit versions. >> Since you only have 2G RAM, there is really nothing to be gained >> with the 64-bit. The 64-bit only is needed above 3.5GB RAM (or >> use the PAE kernel in 32-bit but it's a performance hit). You're almost certainly right. Nevertheless, I'll probably give the 64-bit version a try, since this is my first 64-bit system. Also, on the eventual "production" machine, there will be enough memory to warrant the 64-bit install and this will let me see what concerns we'll have 64-bit wise. I know there are issues with 32-bit plug-ins (specifically the Flash player) for Firefox so I'll need to install the 32-bit Firefox. Are there others? -- Henry From rob.owens at biochemfluidics.com Wed Jul 9 17:37:20 2008 From: rob.owens at biochemfluidics.com (Rob Owens) Date: Wed, 09 Jul 2008 13:37:20 -0400 Subject: [K12OSN] Motherboard Manufacturer Recommendations? In-Reply-To: <1215117415.5604.951.camel@merlin.localnetsolutions.com> References: <403593359CA56C4CAE1F8F4F00DCFE7D07E20924@MAILBE2.westat.com> <1215117415.5604.951.camel@merlin.localnetsolutions.com> Message-ID: <4874F750.8070401@biochemfluidics.com> I had a problem with Abit boards once. I bought two at the same time, and the onboard NIC on both boards had the same MAC address. It really caused problems for DHCP. To Abit's credit, they sent me new bios chips immediately and didn't give me a bunch of BS about how having the same MAC address is impossible. (Actually, I suspect they may have had that problem before because the guy on the phone didn't even flinch when I told him my problem). Besides that, though, I don't have any complaints about the boards. They're in use in 2 of my BackupPC servers. -Rob James P. Kinney III wrote: > The top board maker by far is Tyan. They are not the least expensive nor > the most expensive. Their boards are typically designed for heavy server > use. > > The second place in most respects is Asus. They have a larger variety of > boards than Tyan and that is tailored more toward the desktop. Many of > their models are quite solid and some are really server-duty hardware. > > SuperMicro is my third choice maker. I only put it after Tyan because I > have had a SuperMicro board fail (once) and non of my Tyans have failed > (yet). As I have a strong preference for LTSP servers using AMD cpus, I > do not use many SM boards as their line is geared more toward Intel. > > Last and certainly not least of what I will use is Abit. They have a > large lineup of quite stable boards that are a good value for the money. > I don't expect them to take the constant abuse of a Tyan, and they > won't. But when a working Abit board can be bought and replaced twice > for the cost of a Tyan board running the same cpu, it boils down to > allowable down time. If a failure is OK, I use Abit. If the system MUST > WORK and/or parts replacement is impossible because of remoteness, Tyan. > > Right now a solid system using Athlon X2/Phenom is a very good starter > point for a new small server. Go look at the Asus Crosshair II Formula > AM@/AM2+ board : > http://www.newegg.com/Product/Product.aspx?Item=N82E16813131292 > > On Thu, 2008-07-03 at 11:41 -0400, Henry Hartley wrote: >> These days we have such a huge variety of options that we really >> shouldn't complain. In the "old days" we had to decide what speed >> Pentium we should get. Before that, there were even fewer choices. So, >> I want to build a small server. It will be for testing purposes and >> will probably go to run a handful of thin clients in my home when I'm >> done. Since I'm paying for it out of my own pocket, price matters. >> Still, I'm not completely broke yet. So, I think I want to use a >> dual-core AMD processor but one should be adequate. I know I want room >> for lots of RAM, although again, this won't be running 20 or 30 >> stations, just three to five. Since it's for testing, and since the >> final product WILL be a larger lab, I want to take a step into the >> 64-bit world. That narrows things down a little but there are still a >> lot of options. >> >> So, a very specific question. Given the above, any motherboard >> manufacturers you would recommend, either to get or to avoid? If you >> have a specific model you want to recommend, that would be welcome, of >> course. The reasoning behind any of your thoughts would be most >> appreciated, too, of course. >> >> -- >> Henry Hartley >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** From lewis at pcc.com Wed Jul 9 19:34:56 2008 From: lewis at pcc.com (Lewis Holcroft) Date: Wed, 9 Jul 2008 15:34:56 -0400 Subject: [K12OSN] Video Driver for Disklessworkstations.com 1220/1225 In-Reply-To: <4124AC5D-0AE4-4FA0-A907-0D684FAB6329@breun.nl> References: <4EF76E6B-18B2-4D37-8063-ED6DD356B0BC@pcc.com> <3BBEA754-9C20-4A14-918A-39C766105B36@breun.nl> <880791B3-C203-4055-BD2B-1F595FE83631@pcc.com> <4124AC5D-0AE4-4FA0-A907-0D684FAB6329@breun.nl> Message-ID: <4B0CE38E-5679-46B6-851D-9070DD19F547@pcc.com> Nils, On Jul 9, 2008, at 8:36 AM, Nils Breunese wrote: > Lewis Holcroft wrote: > >> I have checked and the unit boots and errors out on the video >> driver. It defaults to vesa, which is fine. > > Why do you think vesa is fine? If it were, then why would you need > to install a custom VIA driver? > It's fine because the screen with draw and the end user can use the system. I would like the correct driver so that screen redraws are optimized. My users are not picky (they were previously using IBM3151 terminals), but I would like their experience to be a good one. >> I was going to add the driver. I have done it once with LTSP, but >> not K12LTSP. the process while vague does work. I was just hoping >> to save myself some time and check first. > > If the unit erros out on the video driver, then I guess this custom > driver really is needed. Maybe if could be incorporated into an > K12LTSP update. > > Nils Breunese. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see --------- The instructions said to use Windows 98 or better.... So I installed Linux. From jkinney at localnetsolutions.com Wed Jul 9 19:37:31 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Wed, 09 Jul 2008 15:37:31 -0400 Subject: [K12OSN] Motherboard Manufacturer Recommendations? In-Reply-To: <403593359CA56C4CAE1F8F4F00DCFE7D07E2093D@MAILBE2.westat.com> References: <403593359CA56C4CAE1F8F4F00DCFE7D07E2093D@MAILBE2.westat.com> Message-ID: <1215632251.5604.1118.camel@merlin.localnetsolutions.com> On Wed, 2008-07-09 at 13:29 -0400, Henry Hartley wrote: > James P. Kinney III wrote: > > >> Save yourself some headache and just go with the 32-bit versions. > >> Since you only have 2G RAM, there is really nothing to be gained > >> with the 64-bit. The 64-bit only is needed above 3.5GB RAM (or > >> use the PAE kernel in 32-bit but it's a performance hit). > > You're almost certainly right. Nevertheless, I'll probably give the > 64-bit version a try, since this is my first 64-bit system. Also, on > the eventual "production" machine, there will be enough memory to > warrant the 64-bit install and this will let me see what concerns we'll > have 64-bit wise. I know there are issues with 32-bit plug-ins > (specifically the Flash player) for Firefox so I'll need to install the > 32-bit Firefox. Are there others? It's the firefox/flash issue that's the biggie. Just use the 32-bit firefox and affiliated multi-media toys) and it's all fine. > > -- > Henry > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From ernie_hudson at snowlineschools.com Thu Jul 10 13:54:01 2008 From: ernie_hudson at snowlineschools.com (Ernie Hudson) Date: Thu, 10 Jul 2008 06:54:01 -0700 Subject: [K12OSN] home directory permissions Message-ID: Does anyone have an easy way to change the permissions on the home directories so that only the owner has access to it. We have some very bright students and they have found out that they can copy work from someone else and have more free time. I am using the 5EL and have single sign on using likewise open from my windows server using active directory. I know I can change them one at a time using "chmod 700 filename". I am not adept at writing scripts and hoping someone can help. [cid:image001.gif at 01C8E259.BC0A56A0] ________________________________ Statement of Confidentiality: The contents of this e-mail message and any attachments are intended solely for the addressee. The information may also be confidential and/or legally privileged. This transmission is sent for the sole purpose of delivery to the intended recipient. If you have received this transmission in error, any use, reproduction, or dissemination of this transmission is strictly prohibited. If you are not the intended recipient, please immediately notify the sender by reply e-mail, send a copy to postmaster at snowlineschools.com and delete this message and its attachments, if any. E-mail is covered by the Electronic Communications Privacy Act, 18 USC SS 2510-2521 and is legally privileged. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 9589 bytes Desc: image001.gif URL: From microman at cmosnetworks.com Thu Jul 10 13:59:00 2008 From: microman at cmosnetworks.com (=?UTF-8?B?IlRlcnJlbGwgUHJ1ZMOpIEpyLiI=?=) Date: Thu, 10 Jul 2008 09:59:00 -0400 Subject: [K12OSN] home directory permissions In-Reply-To: References: Message-ID: <487615A4.5040900@cmosnetworks.com> Ernie Hudson wrote: > > Does anyone have an easy way to change the permissions on the home > directories so that only the owner has access to it. We have some very > bright students and they have found out that they can copy work from > someone else and have more free time. I am using the 5EL and have > single sign on using likewise open from my windows server using active > directory. I know I can change them one at a time using ?chmod 700 > filename?. I am not adept at writing scripts and hoping someone can help. > > > Do get the basics of shell-scripting down. I'd recommend heading over to http://www.tldp.org and reading the Advanced BASH Scripting Guide. That's how I learned how to do it. Extremely handy skill and very necessary, just as important as writing .BAT or .REG files on Windows. Now to your specific question. That's pretty easy to do. All you really have to do is change the top level directory permissions under /home, i. e. no recursion needed. I'd do it like this, in a basic FOR loop: #!/bin/bash cd /home for dir in * do chmod 700 $dir done If you want to recurse down and change everything in everyone's homedir to permissions 700, just add the "-R" switch after "chmod". --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! -------------- next part -------------- An HTML attachment was scrubbed... URL: From ernie_hudson at snowlineschools.com Thu Jul 10 14:05:58 2008 From: ernie_hudson at snowlineschools.com (Ernie Hudson) Date: Thu, 10 Jul 2008 07:05:58 -0700 Subject: [K12OSN] home directory permissions In-Reply-To: <487615A4.5040900@cmosnetworks.com> References: <487615A4.5040900@cmosnetworks.com> Message-ID: Thanks for the info. I will check out the site you recommended and give it a try. From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On Behalf Of "Terrell Prud? Jr." Sent: Thursday, July 10, 2008 6:59 AM To: Support list for open source software in schools. Subject: Re: [K12OSN] home directory permissions Ernie Hudson wrote: Does anyone have an easy way to change the permissions on the home directories so that only the owner has access to it. We have some very bright students and they have found out that they can copy work from someone else and have more free time. I am using the 5EL and have single sign on using likewise open from my windows server using active directory. I know I can change them one at a time using ?chmod 700 filename?. I am not adept at writing scripts and hoping someone can help. Do get the basics of shell-scripting down. I'd recommend heading over to http://www.tldp.org and reading the Advanced BASH Scripting Guide. That's how I learned how to do it. Extremely handy skill and very necessary, just as important as writing .BAT or .REG files on Windows. Now to your specific question. That's pretty easy to do. All you really have to do is change the top level directory permissions under /home, i. e. no recursion needed. I'd do it like this, in a basic FOR loop: #!/bin/bash cd /home for dir in * do chmod 700 $dir done If you want to recurse down and change everything in everyone's homedir to permissions 700, just add the "-R" switch after "chmod". --TP _______________________________ Do you GNU? Microsoft Free since 2003--the ultimate antivirus protection! -------------- next part -------------- An HTML attachment was scrubbed... URL: From nils at breun.nl Thu Jul 10 14:09:17 2008 From: nils at breun.nl (Nils Breunese) Date: Thu, 10 Jul 2008 16:09:17 +0200 Subject: [K12OSN] home directory permissions In-Reply-To: <487615A4.5040900@cmosnetworks.com> References: <487615A4.5040900@cmosnetworks.com> Message-ID: <230B82AD-2C78-40E1-AE09-BF2C9F955234@breun.nl> Terrell Prud? Jr. wrote: > Ernie Hudson wrote: >> >> Does anyone have an easy way to change the permissions on the home >> directories so that only the owner has access to it. We have some >> very bright students and they have found out that they can copy >> work from someone else and have more free time. I am using the 5EL >> and have single sign on using likewise open from my windows server >> using active directory. I know I can change them one at a time >> using ?chmod 700 filename?. I am not adept at writing scripts and >> hoping someone can help. >> > Do get the basics of shell-scripting down. I'd recommend heading > over to http://www.tldp.org and reading the Advanced BASH Scripting > Guide. That's how I learned how to do it. Extremely handy skill > and very necessary, just as important as writing .BAT or .REG files > on Windows. > > Now to your specific question. That's pretty easy to do. All you > really have to do is change the top level directory permissions > under /home, i. e. no recursion needed. I'd do it like this, in a > basic FOR loop: > > #!/bin/bash > cd /home > for dir in * > do > chmod 700 $dir > done Unless there are a lot of homedirs you should also be able to use this one-liner: # chmod 700 /home/* You might also want to make sure that new users get their homedir permissions set up like this. I don't know where to change this off the top of my head right now. Nils Breunese. From jkinney at localnetsolutions.com Thu Jul 10 14:33:30 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 10 Jul 2008 14:33:30 +0000 Subject: [K12OSN] home directory permissions In-Reply-To: References: Message-ID: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> Hmm. The default user setup is 700. So unless the students are changing things something is wrong with the permission controls from Likewise. chmod 700 /home/* That will reset the permissions on all directories in /home . If the problem recurs, make it a cron job as follows: crontab -e Now PgDn to the bottom of the file and hit "A" (capital letter A for Append) and hit the enter to start a new line now type in: * 7,11 * * * chmod 700 /home/* then hit then :wq (yes this is a vi environment - it's good to know at least the basics!) So now, every day at 7 and 11 am all directories will be reset to perms 700. If you want to do it every 2 hours, change the 7,11 to be */2 . If you want 3pm only, use 15 instead of 7,11 . If you don't want an email of everytime it runs make the first line of the crontab : MAILTO='' But I would look into WHY and HOW the perms were changed in the first place. Something is amiss! On Thu, 2008-07-10 at 06:54 -0700, Ernie Hudson wrote: > Does anyone have an easy way to change the permissions on the home > directories so that only the owner has access to it. We have some very > bright students and they have found out that they can copy work from > someone else and have more free time. I am using the 5EL and have > single sign on using likewise open from my windows server using active > directory. I know I can change them one at a time using ?chmod 700 > filename?. I am not adept at writing scripts and hoping someone can > help. > > > > > > outlook signature > > > > > > > ______________________________________________________________________ > Statement of Confidentiality: The contents of this e-mail message and > any attachments are intended solely for the addressee. The information > may also be confidential and/or legally privileged. This transmission > is sent for the sole purpose of delivery to the intended recipient. If > you have received this transmission in error, any use, reproduction, > or dissemination of this transmission is strictly prohibited. If you > are not the intended recipient, please immediately notify the sender > by reply e-mail, send a copy to postmaster at snowlineschools.com and > delete this message and its attachments, if any. > > E-mail is covered by the Electronic Communications Privacy Act, 18 USC > SS 2510-2521 and is legally privileged. > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From dhuckaby at paasda.org Thu Jul 10 16:13:07 2008 From: dhuckaby at paasda.org (Huck) Date: Thu, 10 Jul 2008 09:13:07 -0700 Subject: [K12OSN] home directory permissions In-Reply-To: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> Message-ID: <48763513.9020803@paasda.org> unless something has changed the default was 755 ...at least with all of the K12LTSP installs I've done... users of the same group were always able to see others' files...before tweaking a thing. rwxr-xr-x --Huck James P. Kinney III wrote: > Hmm. The default user setup is 700. So unless the students are changing > things something is wrong with the permission controls from Likewise. > > chmod 700 /home/* > > That will reset the permissions on all directories in /home . > If the problem recurs, make it a cron job as follows: > > crontab -e > > Now PgDn to the bottom of the file and hit "A" (capital letter A for > Append) and hit the enter to start a new line > > now type in: > > * 7,11 * * * chmod 700 /home/* > > then hit then :wq > > (yes this is a vi environment - it's good to know at least the basics!) > > So now, every day at 7 and 11 am all directories will be reset to perms > 700. If you want to do it every 2 hours, change the 7,11 to be */2 . If > you want 3pm only, use 15 instead of 7,11 . > > If you don't want an email of everytime it runs make the first line of > the crontab : > > MAILTO='' > > But I would look into WHY and HOW the perms were changed in the first > place. Something is amiss! > On Thu, 2008-07-10 at 06:54 -0700, Ernie Hudson wrote: >> Does anyone have an easy way to change the permissions on the home >> directories so that only the owner has access to it. We have some very >> bright students and they have found out that they can copy work from >> someone else and have more free time. I am using the 5EL and have >> single sign on using likewise open from my windows server using active >> directory. I know I can change them one at a time using ?chmod 700 >> filename?. I am not adept at writing scripts and hoping someone can >> help. >> >> >> >> >> >> outlook signature >> >> >> >> >> >> >> ______________________________________________________________________ >> Statement of Confidentiality: The contents of this e-mail message and >> any attachments are intended solely for the addressee. The information >> may also be confidential and/or legally privileged. This transmission >> is sent for the sole purpose of delivery to the intended recipient. If >> you have received this transmission in error, any use, reproduction, >> or dissemination of this transmission is strictly prohibited. If you >> are not the intended recipient, please immediately notify the sender >> by reply e-mail, send a copy to postmaster at snowlineschools.com and >> delete this message and its attachments, if any. >> >> E-mail is covered by the Electronic Communications Privacy Act, 18 USC >> SS 2510-2521 and is legally privileged. >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see From k12osn at deltacfax.com Thu Jul 10 16:07:30 2008 From: k12osn at deltacfax.com (Tim Born) Date: Thu, 10 Jul 2008 11:07:30 -0500 Subject: [K12OSN] home directory permissions In-Reply-To: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> Message-ID: <487633C2.90408@deltacfax.com> If your users have figured out a way to change perms on /home/* you have a security hole that needs a bigger patch than a cron job. Gotta find the source of the problem and fix it properly. James P. Kinney III wrote: >Hmm. The default user setup is 700. So unless the students are changing >things something is wrong with the permission controls from Likewise. > >chmod 700 /home/* > >That will reset the permissions on all directories in /home . >If the problem recurs, make it a cron job as follows: > >crontab -e > >Now PgDn to the bottom of the file and hit "A" (capital letter A for >Append) and hit the enter to start a new line > >now type in: > >* 7,11 * * * chmod 700 /home/* > >then hit then :wq > >(yes this is a vi environment - it's good to know at least the basics!) > >So now, every day at 7 and 11 am all directories will be reset to perms >700. If you want to do it every 2 hours, change the 7,11 to be */2 . If >you want 3pm only, use 15 instead of 7,11 . > >If you don't want an email of everytime it runs make the first line of >the crontab : > >MAILTO='' > >But I would look into WHY and HOW the perms were changed in the first >place. Something is amiss! >On Thu, 2008-07-10 at 06:54 -0700, Ernie Hudson wrote: > > >>Does anyone have an easy way to change the permissions on the home >>directories so that only the owner has access to it. We have some very >>bright students and they have found out that they can copy work from >>someone else and have more free time. I am using the 5EL and have >>single sign on using likewise open from my windows server using active >>directory. I know I can change them one at a time using ?chmod 700 >>filename?. I am not adept at writing scripts and hoping someone can >>help. >> >> >> >> >> >>outlook signature >> >> >> >> >> >> >>______________________________________________________________________ >>Statement of Confidentiality: The contents of this e-mail message and >>any attachments are intended solely for the addressee. The information >>may also be confidential and/or legally privileged. This transmission >>is sent for the sole purpose of delivery to the intended recipient. If >>you have received this transmission in error, any use, reproduction, >>or dissemination of this transmission is strictly prohibited. If you >>are not the intended recipient, please immediately notify the sender >>by reply e-mail, send a copy to postmaster at snowlineschools.com and >>delete this message and its attachments, if any. >> >>E-mail is covered by the Electronic Communications Privacy Act, 18 USC >>SS 2510-2521 and is legally privileged. >> >>-- >>This message has been scanned for viruses and >>dangerous content by MailScanner, and is >>believed to be clean. >>_______________________________________________ >>K12OSN mailing list >>K12OSN at redhat.com >>https://www.redhat.com/mailman/listinfo/k12osn >>For more info see >> >> From jkinney at localnetsolutions.com Thu Jul 10 16:19:36 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 10 Jul 2008 16:19:36 +0000 Subject: [K12OSN] home directory permissions In-Reply-To: <48763513.9020803@paasda.org> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> <48763513.9020803@paasda.org> Message-ID: <1215706776.5604.1174.camel@merlin.localnetsolutions.com> Double check that. The default RedHat/Fedora/CentOS sets new user dirs in /home to be 700. This has been the default RedHat way since RedHat 4.1 (1995 or so). This is how my current testbed install of K12LTSP-EL v5 also does it. The standard security model of all things *NIX has no user having read access to any other user directory they do not own unless specially created by the admin. If all of the /home/* dirs are set to 755, or worse 777, there has been a security breach of either admin mistake or elevated privileges by a user. On Thu, 2008-07-10 at 09:13 -0700, Huck wrote: > unless something has changed the default was 755 ...at least with all of > the K12LTSP installs I've done... users of the same group were always > able to see others' files...before tweaking a thing. > > rwxr-xr-x > > --Huck > > James P. Kinney III wrote: > > Hmm. The default user setup is 700. So unless the students are changing > > things something is wrong with the permission controls from Likewise. > > > > chmod 700 /home/* > > > > That will reset the permissions on all directories in /home . > > If the problem recurs, make it a cron job as follows: > > > > crontab -e > > > > Now PgDn to the bottom of the file and hit "A" (capital letter A for > > Append) and hit the enter to start a new line > > > > now type in: > > > > * 7,11 * * * chmod 700 /home/* > > > > then hit then :wq > > > > (yes this is a vi environment - it's good to know at least the basics!) > > > > So now, every day at 7 and 11 am all directories will be reset to perms > > 700. If you want to do it every 2 hours, change the 7,11 to be */2 . If > > you want 3pm only, use 15 instead of 7,11 . > > > > If you don't want an email of everytime it runs make the first line of > > the crontab : > > > > MAILTO='' > > > > But I would look into WHY and HOW the perms were changed in the first > > place. Something is amiss! > > On Thu, 2008-07-10 at 06:54 -0700, Ernie Hudson wrote: > >> Does anyone have an easy way to change the permissions on the home > >> directories so that only the owner has access to it. We have some very > >> bright students and they have found out that they can copy work from > >> someone else and have more free time. I am using the 5EL and have > >> single sign on using likewise open from my windows server using active > >> directory. I know I can change them one at a time using ?chmod 700 > >> filename?. I am not adept at writing scripts and hoping someone can > >> help. > >> > >> > >> > >> > >> > >> outlook signature > >> > >> > >> > >> > >> > >> > >> ______________________________________________________________________ > >> Statement of Confidentiality: The contents of this e-mail message and > >> any attachments are intended solely for the addressee. The information > >> may also be confidential and/or legally privileged. This transmission > >> is sent for the sole purpose of delivery to the intended recipient. If > >> you have received this transmission in error, any use, reproduction, > >> or dissemination of this transmission is strictly prohibited. If you > >> are not the intended recipient, please immediately notify the sender > >> by reply e-mail, send a copy to postmaster at snowlineschools.com and > >> delete this message and its attachments, if any. > >> > >> E-mail is covered by the Electronic Communications Privacy Act, 18 USC > >> SS 2510-2521 and is legally privileged. > >> > >> -- > >> This message has been scanned for viruses and > >> dangerous content by MailScanner, and is > >> believed to be clean. > >> _______________________________________________ > >> K12OSN mailing list > >> K12OSN at redhat.com > >> https://www.redhat.com/mailman/listinfo/k12osn > >> For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From dhuckaby at paasda.org Thu Jul 10 16:39:26 2008 From: dhuckaby at paasda.org (Huck) Date: Thu, 10 Jul 2008 09:39:26 -0700 Subject: [K12OSN] home directory permissions In-Reply-To: <1215706776.5604.1174.camel@merlin.localnetsolutions.com> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> <48763513.9020803@paasda.org> <1215706776.5604.1174.camel@merlin.localnetsolutions.com> Message-ID: <48763B3E.9050903@paasda.org> Huck uses Webmin to mass-create account... so perhaps it is within the Webmin module that is causing it. --Huck James P. Kinney III wrote: > Double check that. The default RedHat/Fedora/CentOS sets new user dirs > in /home to be 700. This has been the default RedHat way since RedHat > 4.1 (1995 or so). This is how my current testbed install of K12LTSP-EL > v5 also does it. The standard security model of all things *NIX has no > user having read access to any other user directory they do not own > unless specially created by the admin. > > If all of the /home/* dirs are set to 755, or worse 777, there has been > a security breach of either admin mistake or elevated privileges by a > user. > On Thu, 2008-07-10 at 09:13 -0700, Huck wrote: >> unless something has changed the default was 755 ...at least with all of >> the K12LTSP installs I've done... users of the same group were always >> able to see others' files...before tweaking a thing. >> >> rwxr-xr-x >> >> --Huck >> >> James P. Kinney III wrote: >>> Hmm. The default user setup is 700. So unless the students are changing >>> things something is wrong with the permission controls from Likewise. >>> >>> chmod 700 /home/* >>> >>> That will reset the permissions on all directories in /home . >>> If the problem recurs, make it a cron job as follows: >>> >>> crontab -e >>> >>> Now PgDn to the bottom of the file and hit "A" (capital letter A for >>> Append) and hit the enter to start a new line >>> >>> now type in: >>> >>> * 7,11 * * * chmod 700 /home/* >>> >>> then hit then :wq >>> >>> (yes this is a vi environment - it's good to know at least the basics!) >>> >>> So now, every day at 7 and 11 am all directories will be reset to perms >>> 700. If you want to do it every 2 hours, change the 7,11 to be */2 . If >>> you want 3pm only, use 15 instead of 7,11 . >>> >>> If you don't want an email of everytime it runs make the first line of >>> the crontab : >>> >>> MAILTO='' >>> >>> But I would look into WHY and HOW the perms were changed in the first >>> place. Something is amiss! >>> On Thu, 2008-07-10 at 06:54 -0700, Ernie Hudson wrote: >>>> Does anyone have an easy way to change the permissions on the home >>>> directories so that only the owner has access to it. We have some very >>>> bright students and they have found out that they can copy work from >>>> someone else and have more free time. I am using the 5EL and have >>>> single sign on using likewise open from my windows server using active >>>> directory. I know I can change them one at a time using ?chmod 700 >>>> filename?. I am not adept at writing scripts and hoping someone can >>>> help. >>>> >>>> >>>> >>>> >>>> >>>> outlook signature >>>> >>>> >>>> >>>> >>>> >>>> >>>> ______________________________________________________________________ >>>> Statement of Confidentiality: The contents of this e-mail message and >>>> any attachments are intended solely for the addressee. The information >>>> may also be confidential and/or legally privileged. This transmission >>>> is sent for the sole purpose of delivery to the intended recipient. If >>>> you have received this transmission in error, any use, reproduction, >>>> or dissemination of this transmission is strictly prohibited. If you >>>> are not the intended recipient, please immediately notify the sender >>>> by reply e-mail, send a copy to postmaster at snowlineschools.com and >>>> delete this message and its attachments, if any. >>>> >>>> E-mail is covered by the Electronic Communications Privacy Act, 18 USC >>>> SS 2510-2521 and is legally privileged. >>>> >>>> -- >>>> This message has been scanned for viruses and >>>> dangerous content by MailScanner, and is >>>> believed to be clean. >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> From ernie_hudson at snowlineschools.com Thu Jul 10 16:39:46 2008 From: ernie_hudson at snowlineschools.com (Ernie Hudson) Date: Thu, 10 Jul 2008 09:39:46 -0700 Subject: [K12OSN] home directory permissions In-Reply-To: <48763B3E.9050903@paasda.org> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> <48763513.9020803@paasda.org> <1215706776.5604.1174.camel@merlin.localnetsolutions.com> <48763B3E.9050903@paasda.org> Message-ID: If the user is created using the gui add user or command line each user is given their own group and their directory is private. This is happening because I am using single sign on and authenticating from active directory, so all the users have the same group. It also happened when I used webmin and assigned them all to the same group. Ernie -----Original Message----- From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On Behalf Of Huck Sent: Thursday, July 10, 2008 9:39 AM To: Support list for open source software in schools. Subject: Re: [K12OSN] home directory permissions Huck uses Webmin to mass-create account... so perhaps it is within the Webmin module that is causing it. --Huck James P. Kinney III wrote: > Double check that. The default RedHat/Fedora/CentOS sets new user dirs > in /home to be 700. This has been the default RedHat way since RedHat > 4.1 (1995 or so). This is how my current testbed install of K12LTSP-EL > v5 also does it. The standard security model of all things *NIX has no > user having read access to any other user directory they do not own > unless specially created by the admin. > > If all of the /home/* dirs are set to 755, or worse 777, there has been > a security breach of either admin mistake or elevated privileges by a > user. > On Thu, 2008-07-10 at 09:13 -0700, Huck wrote: >> unless something has changed the default was 755 ...at least with all of >> the K12LTSP installs I've done... users of the same group were always >> able to see others' files...before tweaking a thing. >> >> rwxr-xr-x >> >> --Huck >> >> James P. Kinney III wrote: >>> Hmm. The default user setup is 700. So unless the students are changing >>> things something is wrong with the permission controls from Likewise. >>> >>> chmod 700 /home/* >>> >>> That will reset the permissions on all directories in /home . >>> If the problem recurs, make it a cron job as follows: >>> >>> crontab -e >>> >>> Now PgDn to the bottom of the file and hit "A" (capital letter A for >>> Append) and hit the enter to start a new line >>> >>> now type in: >>> >>> * 7,11 * * * chmod 700 /home/* >>> >>> then hit then :wq >>> >>> (yes this is a vi environment - it's good to know at least the basics!) >>> >>> So now, every day at 7 and 11 am all directories will be reset to perms >>> 700. If you want to do it every 2 hours, change the 7,11 to be */2 . If >>> you want 3pm only, use 15 instead of 7,11 . >>> >>> If you don't want an email of everytime it runs make the first line of >>> the crontab : >>> >>> MAILTO='' >>> >>> But I would look into WHY and HOW the perms were changed in the first >>> place. Something is amiss! >>> On Thu, 2008-07-10 at 06:54 -0700, Ernie Hudson wrote: >>>> Does anyone have an easy way to change the permissions on the home >>>> directories so that only the owner has access to it. We have some very >>>> bright students and they have found out that they can copy work from >>>> someone else and have more free time. I am using the 5EL and have >>>> single sign on using likewise open from my windows server using active >>>> directory. I know I can change them one at a time using "chmod 700 >>>> filename". I am not adept at writing scripts and hoping someone can >>>> help. >>>> >>>> >>>> >>>> >>>> >>>> outlook signature >>>> >>>> >>>> >>>> >>>> >>>> >>>> ______________________________________________________________________ >>>> Statement of Confidentiality: The contents of this e-mail message and >>>> any attachments are intended solely for the addressee. The information >>>> may also be confidential and/or legally privileged. This transmission >>>> is sent for the sole purpose of delivery to the intended recipient. If >>>> you have received this transmission in error, any use, reproduction, >>>> or dissemination of this transmission is strictly prohibited. If you >>>> are not the intended recipient, please immediately notify the sender >>>> by reply e-mail, send a copy to postmaster at snowlineschools.com and >>>> delete this message and its attachments, if any. >>>> >>>> E-mail is covered by the Electronic Communications Privacy Act, 18 USC >>>> SS 2510-2521 and is legally privileged. >>>> >>>> -- >>>> This message has been scanned for viruses and >>>> dangerous content by MailScanner, and is >>>> believed to be clean. >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From dhuckaby at paasda.org Thu Jul 10 16:47:16 2008 From: dhuckaby at paasda.org (Huck) Date: Thu, 10 Jul 2008 09:47:16 -0700 Subject: [K12OSN] home directory permissions In-Reply-To: References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> <48763513.9020803@paasda.org> <1215706776.5604.1174.camel@merlin.localnetsolutions.com> <48763B3E.9050903@paasda.org> Message-ID: <48763D14.2020200@paasda.org> correct.. it's assigning them all to the same group(like I am..all to the 'student' group)... perhaps *nix default only applies to the command-line creation? *shrugs* I haven't found much of a problem with students in this regard...only 250 at this high school and 120 at an elementary school... --Huck Ernie Hudson wrote: > If the user is created using the gui add user or command line each user is given their own group and their directory is private. This is happening because I am using single sign on and authenticating from active directory, so all the users have the same group. It also happened when I used webmin and assigned them all to the same group. > > Ernie > > -----Original Message----- > From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com] On Behalf Of Huck > Sent: Thursday, July 10, 2008 9:39 AM > To: Support list for open source software in schools. > Subject: Re: [K12OSN] home directory permissions > > Huck uses Webmin to mass-create account... so perhaps it is within the > Webmin module that is causing it. > > --Huck > > James P. Kinney III wrote: >> Double check that. The default RedHat/Fedora/CentOS sets new user dirs >> in /home to be 700. This has been the default RedHat way since RedHat >> 4.1 (1995 or so). This is how my current testbed install of K12LTSP-EL >> v5 also does it. The standard security model of all things *NIX has no >> user having read access to any other user directory they do not own >> unless specially created by the admin. >> >> If all of the /home/* dirs are set to 755, or worse 777, there has been >> a security breach of either admin mistake or elevated privileges by a >> user. >> On Thu, 2008-07-10 at 09:13 -0700, Huck wrote: >>> unless something has changed the default was 755 ...at least with all of >>> the K12LTSP installs I've done... users of the same group were always >>> able to see others' files...before tweaking a thing. >>> >>> rwxr-xr-x >>> >>> --Huck >>> >>> James P. Kinney III wrote: >>>> Hmm. The default user setup is 700. So unless the students are changing >>>> things something is wrong with the permission controls from Likewise. >>>> >>>> chmod 700 /home/* >>>> >>>> That will reset the permissions on all directories in /home . >>>> If the problem recurs, make it a cron job as follows: >>>> >>>> crontab -e >>>> >>>> Now PgDn to the bottom of the file and hit "A" (capital letter A for >>>> Append) and hit the enter to start a new line >>>> >>>> now type in: >>>> >>>> * 7,11 * * * chmod 700 /home/* >>>> >>>> then hit then :wq >>>> >>>> (yes this is a vi environment - it's good to know at least the basics!) >>>> >>>> So now, every day at 7 and 11 am all directories will be reset to perms >>>> 700. If you want to do it every 2 hours, change the 7,11 to be */2 . If >>>> you want 3pm only, use 15 instead of 7,11 . >>>> >>>> If you don't want an email of everytime it runs make the first line of >>>> the crontab : >>>> >>>> MAILTO='' >>>> >>>> But I would look into WHY and HOW the perms were changed in the first >>>> place. Something is amiss! >>>> On Thu, 2008-07-10 at 06:54 -0700, Ernie Hudson wrote: >>>>> Does anyone have an easy way to change the permissions on the home >>>>> directories so that only the owner has access to it. We have some very >>>>> bright students and they have found out that they can copy work from >>>>> someone else and have more free time. I am using the 5EL and have >>>>> single sign on using likewise open from my windows server using active >>>>> directory. I know I can change them one at a time using "chmod 700 >>>>> filename". I am not adept at writing scripts and hoping someone can >>>>> help. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> outlook signature >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> ______________________________________________________________________ >>>>> Statement of Confidentiality: The contents of this e-mail message and >>>>> any attachments are intended solely for the addressee. The information >>>>> may also be confidential and/or legally privileged. This transmission >>>>> is sent for the sole purpose of delivery to the intended recipient. If >>>>> you have received this transmission in error, any use, reproduction, >>>>> or dissemination of this transmission is strictly prohibited. If you >>>>> are not the intended recipient, please immediately notify the sender >>>>> by reply e-mail, send a copy to postmaster at snowlineschools.com and >>>>> delete this message and its attachments, if any. >>>>> >>>>> E-mail is covered by the Electronic Communications Privacy Act, 18 USC >>>>> SS 2510-2521 and is legally privileged. >>>>> >>>>> -- >>>>> This message has been scanned for viruses and >>>>> dangerous content by MailScanner, and is >>>>> believed to be clean. >>>>> _______________________________________________ >>>>> K12OSN mailing list >>>>> K12OSN at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/k12osn >>>>> For more info see >>> _______________________________________________ >>> K12OSN mailing list >>> K12OSN at redhat.com >>> https://www.redhat.com/mailman/listinfo/k12osn >>> For more info see >>> > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From mrjohnlucas at gmail.com Thu Jul 10 16:43:19 2008 From: mrjohnlucas at gmail.com (John Lucas) Date: Thu, 10 Jul 2008 12:43:19 -0400 Subject: [K12OSN] home directory permissions In-Reply-To: <487615A4.5040900@cmosnetworks.com> References: <487615A4.5040900@cmosnetworks.com> Message-ID: <48763C27.3030300@gmail.com> > Ernie Hudson wrote: >> >> Does anyone have an easy way to change the permissions on the home >> directories so that only the owner has access to it. We have some very >> bright students and they have found out that they can copy work from >> someone else and have more free time. I am using the 5EL and have >> single sign on using likewise open from my windows server using active >> directory. I know I can change them one at a time using ?chmod 700 >> filename?. I am not adept at writing scripts and hoping someone can help. >> >> >> > Do get the basics of shell-scripting down. I'd recommend heading over > to http://www.tldp.org and reading the Advanced BASH Scripting Guide. > That's how I learned how to do it. Extremely handy skill and very > necessary, just as important as writing .BAT or .REG files on Windows. > > Now to your specific question. That's pretty easy to do. All you > really have to do is change the top level directory permissions under > /home, i. e. no recursion needed. I'd do it like this, in a basic FOR loop: > > #!/bin/bash > cd /home > for dir in * > do > chmod 700 $dir > done > > If you want to recurse down and change everything in everyone's homedir > to permissions 700, just add the "-R" switch after "chmod". > > --TP > _______________________________ > How are you creating your accounts? The command-line "useradd" utility gets it's defaults from /etc/login.defs. The UMASK value in mine (CentOS v5.2) is set to "077" which should result in a user directory setting of "drwx------" (700 in octal, see man 2 umask for details). This is the value you want. The fact that this doesn't seem to be the case on your system means either you are using some other method to create user accounts/home directories or someone has changed either the UMASK setting or directory permissions. If you are using pam_mkhomedir.so (sometimes used in conjunction with LDAP) to create user homedirs on first login, the default umask is 0022 which would give permissions: dwrxr-xr-x (755 octal). If this is the case add the "umask=0077" to the pam_mkhomedir.so entry to give you the right permissions. See man pam_mkhomedir for details. -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From rob.owens at biochemfluidics.com Thu Jul 10 18:48:47 2008 From: rob.owens at biochemfluidics.com (Rob Owens) Date: Thu, 10 Jul 2008 14:48:47 -0400 Subject: [K12OSN] home directory permissions In-Reply-To: <1215706776.5604.1174.camel@merlin.localnetsolutions.com> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> <48763513.9020803@paasda.org> <1215706776.5604.1174.camel@merlin.localnetsolutions.com> Message-ID: <4876598F.50804@biochemfluidics.com> FYI, I just ran a test on my K12LTSP 5.0 (CentOS 5) system. I added a user using the system-config-users GUI and by running "useradd mytestuser" and both created a home directory with 700 permissions. -Rob James P. Kinney III wrote: > Double check that. The default RedHat/Fedora/CentOS sets new user dirs > in /home to be 700. This has been the default RedHat way since RedHat > 4.1 (1995 or so). This is how my current testbed install of K12LTSP-EL > v5 also does it. The standard security model of all things *NIX has no > user having read access to any other user directory they do not own > unless specially created by the admin. > > If all of the /home/* dirs are set to 755, or worse 777, there has been > a security breach of either admin mistake or elevated privileges by a > user. > On Thu, 2008-07-10 at 09:13 -0700, Huck wrote: >> unless something has changed the default was 755 ...at least with all of >> the K12LTSP installs I've done... users of the same group were always >> able to see others' files...before tweaking a thing. >> >> rwxr-xr-x >> >> --Huck >> >> James P. Kinney III wrote: >>> Hmm. The default user setup is 700. So unless the students are changing >>> things something is wrong with the permission controls from Likewise. >>> >>> chmod 700 /home/* >>> >>> That will reset the permissions on all directories in /home . >>> If the problem recurs, make it a cron job as follows: >>> >>> crontab -e >>> >>> Now PgDn to the bottom of the file and hit "A" (capital letter A for >>> Append) and hit the enter to start a new line >>> >>> now type in: >>> >>> * 7,11 * * * chmod 700 /home/* >>> >>> then hit then :wq >>> >>> (yes this is a vi environment - it's good to know at least the basics!) >>> >>> So now, every day at 7 and 11 am all directories will be reset to perms >>> 700. If you want to do it every 2 hours, change the 7,11 to be */2 . If >>> you want 3pm only, use 15 instead of 7,11 . >>> >>> If you don't want an email of everytime it runs make the first line of >>> the crontab : >>> >>> MAILTO='' >>> >>> But I would look into WHY and HOW the perms were changed in the first >>> place. Something is amiss! >>> On Thu, 2008-07-10 at 06:54 -0700, Ernie Hudson wrote: >>>> Does anyone have an easy way to change the permissions on the home >>>> directories so that only the owner has access to it. We have some very >>>> bright students and they have found out that they can copy work from >>>> someone else and have more free time. I am using the 5EL and have >>>> single sign on using likewise open from my windows server using active >>>> directory. I know I can change them one at a time using ?chmod 700 >>>> filename?. I am not adept at writing scripts and hoping someone can >>>> help. >>>> >>>> >>>> >>>> >>>> >>>> outlook signature >>>> >>>> >>>> >>>> >>>> >>>> >>>> ______________________________________________________________________ >>>> Statement of Confidentiality: The contents of this e-mail message and >>>> any attachments are intended solely for the addressee. The information >>>> may also be confidential and/or legally privileged. This transmission >>>> is sent for the sole purpose of delivery to the intended recipient. If >>>> you have received this transmission in error, any use, reproduction, >>>> or dissemination of this transmission is strictly prohibited. If you >>>> are not the intended recipient, please immediately notify the sender >>>> by reply e-mail, send a copy to postmaster at snowlineschools.com and >>>> delete this message and its attachments, if any. >>>> >>>> E-mail is covered by the Electronic Communications Privacy Act, 18 USC >>>> SS 2510-2521 and is legally privileged. >>>> >>>> -- >>>> This message has been scanned for viruses and >>>> dangerous content by MailScanner, and is >>>> believed to be clean. >>>> _______________________________________________ >>>> K12OSN mailing list >>>> K12OSN at redhat.com >>>> https://www.redhat.com/mailman/listinfo/k12osn >>>> For more info see >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** From DLWillson at TheGeek.NU Fri Jul 11 02:31:54 2008 From: DLWillson at TheGeek.NU (David L. Willson) Date: Thu, 10 Jul 2008 20:31:54 -0600 Subject: [K12OSN] home directory permissions In-Reply-To: <48763C27.3030300@gmail.com> References: <487615A4.5040900@cmosnetworks.com> <48763C27.3030300@gmail.com> Message-ID: <20080711022349.M82872@TheGeek.NU> On Thu, 10 Jul 2008 12:43:19 -0400, John Lucas wrote > > Ernie Hudson wrote: > >> > >> Does anyone have an easy way to change the permissions on the home > >> directories so that only the owner has access to it. We have some very > >> bright students and they have found out that they can copy work from > >> someone else and have more free time. I am using the 5EL and have > >> single sign on using likewise open from my windows server using active > >> directory. I know I can change them one at a time using [UTF-8?]?��chmod 700 > >> [UTF-8?]filename?��. I am not adept at writing scripts and hoping someone can help. > >> > >> > >> > > Do get the basics of shell-scripting down. I'd recommend heading over > > to http://www.tldp.org and reading the Advanced BASH Scripting Guide. > > That's how I learned how to do it. Extremely handy skill and very > > necessary, just as important as writing .BAT or .REG files on Windows. > > > > Now to your specific question. That's pretty easy to do. All you > > really have to do is change the top level directory permissions under > > /home, i. e. no recursion needed. I'd do it like this, in a basic FOR loop: > > > > #!/bin/bash > > cd /home > > for dir in * > > do > > chmod 700 $dir > > done No looping needed to just do the root of each home-folder unless there are a ~lot~ of home-folders. $ sudo chmod 700 /home/* -or- # chmod 700 /home/* > > If you want to recurse down and change everything in everyone's homedir > > to permissions 700, just add the "-R" switch after "chmod". I wouldn't do that. That will mark all the files user-executable. A better command, if you want do be recursive about it might be: # chmod -R go-rwx /home/betty - or - $ sudo chmod -R go-rwx /home/betty That will turn off read, write, and execute for group and others, but not change anything else, like 777 does. From DLWillson at TheGeek.NU Fri Jul 11 02:48:36 2008 From: DLWillson at TheGeek.NU (David L. Willson) Date: Thu, 10 Jul 2008 20:48:36 -0600 Subject: [K12OSN] home directory permissions In-Reply-To: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> Message-ID: <20080711023555.M25709@TheGeek.NU> > crontab -e > > Now PgDn to the bottom of the file and hit "A" (capital letter A for > Append) and hit the enter to start a new line > > now type in: > > * 7,11 * * * chmod 700 /home/* > > then hit then :wq Let me recommend: G <-- take me to the end of the file o <-- open a new line below and edit it * 7,11 * * * chmod 700 /home/* <-- type your new line ZZ <-- safe save and quit ZZ only saves if there are changes, so it doesn't update the time-stamp if you didn't make a change. If you're using Ubuntu, and these keys aren't working, don't panic. It's just that Ubuntu uses nano as it's default editor rather than vi. Good thing, because the default vi personality in Ubuntu seems to be retarded. From cfiaime at cfiaime.com Fri Jul 11 03:47:21 2008 From: cfiaime at cfiaime.com (jeff williams) Date: Thu, 10 Jul 2008 21:47:21 -0600 Subject: [K12OSN] Question on USB sticks on thin client Message-ID: <200807102147.21429.cfiaime@cfiaime.com> Greetings... I'm using a DevonIT 6030B thin client in a K12LTSP-5.0EL environment. I know that you can mount a USB stick on the thin client, at least that is what I have been lead to believe. The K12LTSP WIKI technical section says (paraphrased), "This writeup is obsolete." Ok, so how do I cause this to happen? Many thanks. -- jeff williams - cfiaime at cfiaime.com From nils at breun.nl Fri Jul 11 07:23:39 2008 From: nils at breun.nl (Nils Breunese) Date: Fri, 11 Jul 2008 09:23:39 +0200 Subject: [K12OSN] home directory permissions In-Reply-To: <20080711023555.M25709@TheGeek.NU> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> <20080711023555.M25709@TheGeek.NU> Message-ID: <889770F3-B98B-4676-A9C8-84FD8A83D44D@breun.nl> David L. Willson wrote: >> crontab -e >> >> Now PgDn to the bottom of the file and hit "A" (capital letter A for >> Append) and hit the enter to start a new line >> >> now type in: >> >> * 7,11 * * * chmod 700 /home/* >> >> then hit then :wq > > Let me recommend: > > G <-- take me to the end of the file > o <-- open a new line below and edit it > * 7,11 * * * chmod 700 /home/* <-- type your new line > ZZ <-- safe save and quit You can leave out G and directly use 'o' to insert a new line below your current position. Nils Breunese. From nils at breun.nl Fri Jul 11 07:24:28 2008 From: nils at breun.nl (Nils Breunese) Date: Fri, 11 Jul 2008 09:24:28 +0200 Subject: [K12OSN] Question on USB sticks on thin client In-Reply-To: <200807102147.21429.cfiaime@cfiaime.com> References: <200807102147.21429.cfiaime@cfiaime.com> Message-ID: jeff williams wrote: > I'm using a DevonIT 6030B thin client in a K12LTSP-5.0EL > environment. I know > that you can mount a USB stick on the thin client, at least that is > what I > have been lead to believe. The K12LTSP WIKI technical section says > (paraphrased), "This writeup is obsolete." > > Ok, so how do I cause this to happen? You plug it in and it should be mounted automatically on K12LTSP. Nils Breunese. From mrjohnlucas at gmail.com Fri Jul 11 10:35:47 2008 From: mrjohnlucas at gmail.com (John Lucas) Date: Fri, 11 Jul 2008 06:35:47 -0400 Subject: [K12OSN] Question on USB sticks on thin client In-Reply-To: <200807102147.21429.cfiaime@cfiaime.com> References: <200807102147.21429.cfiaime@cfiaime.com> Message-ID: <48773783.1010003@gmail.com> jeff williams wrote: > Greetings... > > I'm using a DevonIT 6030B thin client in a K12LTSP-5.0EL environment. I know > that you can mount a USB stick on the thin client, at least that is what I > have been lead to believe. The K12LTSP WIKI technical section says > (paraphrased), "This writeup is obsolete." > > Ok, so how do I cause this to happen? > > Many thanks. > I have K12LTSP-5.0EL working with sound and USB sticks on the DevonIT 6020P as well as DisklessWorkstations 1220 terminals. The 1220 support USB v2.0 but not the DevonIT. The problem is that the terminal only supports USB v1.1 and the USB v2.0 driver (ehci-hcd) gets "in the way". The work-around is to never load ehci-hcd so that the USB v1.1 driver loads first and can recognize the device. Other terminals with USB v2.0 support will still work with the USB v1.1 driver so don't lose much. The work-around is accomplished by trivial edits of two scripts. In /opt/ltsp/i386/etc/rc.sysinit: Change from this: for MODULE in ehci-hcd uhci-hcd ohci-hcd; do To this: for MODULE in uhci-hcd ohci-hcd; do In /opt/ltsp/i386/etc/rc.usb: Change from this: for module in usb-uhci usb-ohci ehci-hcd uhci-hcd ohci-hcd To this: for module in usb-uhci usb-ohci uhci-hcd ohci-hcd This assumes that everything else needed for local devices is in working order. One aspect sometimes overlooked is that NBD depends on both the terminal and the server agreeing on the name and IP address of the client. Make sure that your /etc/hosts file has the correct name to IP mapping for your terminals. -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From DLWillson at TheGeek.NU Fri Jul 11 14:30:25 2008 From: DLWillson at TheGeek.NU (David L. Willson) Date: Fri, 11 Jul 2008 08:30:25 -0600 Subject: [K12OSN] home directory permissions In-Reply-To: <889770F3-B98B-4676-A9C8-84FD8A83D44D@breun.nl> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> <20080711023555.M25709@TheGeek.NU> <889770F3-B98B-4676-A9C8-84FD8A83D44D@breun.nl> Message-ID: <20080711142711.M67866@TheGeek.NU> On Fri, 11 Jul 2008 09:23:39 +0200, Nils Breunese wrote > David L. Willson wrote: > > >> crontab -e > >> > >> Now PgDn to the bottom of the file and hit "A" (capital letter A for > >> Append) and hit the enter to start a new line > >> > >> now type in: > >> > >> * 7,11 * * * chmod 700 /home/* > >> > >> then hit then :wq > > > > Let me recommend: > > > > G <-- take me to the end of the file > > o <-- open a new line below and edit it > > * 7,11 * * * chmod 700 /home/* <-- type your new line > > ZZ <-- safe save and quit > > You can leave out G and directly use 'o' to insert a new line below > your current position. I understood from the words "PgDn to the bottom of the file" that we want the new line at the bottom of the file, though. If you don't hit 'G' before 'o' the new line will be inserted after the first, not after the last. From cfiaime at cfiaime.com Fri Jul 11 14:46:28 2008 From: cfiaime at cfiaime.com (jeff williams) Date: Fri, 11 Jul 2008 08:46:28 -0600 Subject: [K12OSN] Concerning local USB memory sticks Message-ID: <200807110846.28964.cfiaime@cfiaime.com> Greetings again, John Lucas pointed me to this URL. http://wiki.ltsp.org/twiki/bin/view/Ltsp/LTSP-42-LocalDev I got the USB sticks working on my local testbed. Because I am not specifying hosts in the dhcpd-k12ltsp.conf file, I needed to put get-leased-hostnames true; in the global section of this file. Many thanks. -- jeff williams - cfiaime at cfiaime.com From nils at breun.nl Fri Jul 11 15:33:37 2008 From: nils at breun.nl (Nils Breunese) Date: Fri, 11 Jul 2008 17:33:37 +0200 Subject: [K12OSN] home directory permissions In-Reply-To: <20080711142711.M67866@TheGeek.NU> References: <1215700410.5604.1155.camel@merlin.localnetsolutions.com> <20080711023555.M25709@TheGeek.NU> <889770F3-B98B-4676-A9C8-84FD8A83D44D@breun.nl> <20080711142711.M67866@TheGeek.NU> Message-ID: <9F943A77-63D3-4AB5-BCA0-FB277710E5C0@breun.nl> David L. Willson wrote: > On Fri, 11 Jul 2008 09:23:39 +0200, Nils Breunese wrote >> David L. Willson wrote: >> >>>> crontab -e >>>> >>>> Now PgDn to the bottom of the file and hit "A" (capital letter A >>>> for >>>> Append) and hit the enter to start a new line >>>> >>>> now type in: >>>> >>>> * 7,11 * * * chmod 700 /home/* >>>> >>>> then hit then :wq >>> >>> Let me recommend: >>> >>> G <-- take me to the end of the file >>> o <-- open a new line below and edit >>> it >>> * 7,11 * * * chmod 700 /home/* <-- type your new line >>> ZZ <-- safe save and quit >> >> You can leave out G and directly use 'o' to insert a new line below >> your current position. > > I understood from the words "PgDn to the bottom of the file" that we > want the new line > at the bottom of the file, though. If you don't hit 'G' before 'o' > the new line will be > inserted after the first, not after the last. You're right, I was reading 'end of the line' which I thought was unnecessary, but of course that's not what G does. Nils Breunese. From danbretherton at yahoo.co.uk Sat Jul 12 12:58:32 2008 From: danbretherton at yahoo.co.uk (Dan Bretherton) Date: Sat, 12 Jul 2008 13:58:32 +0100 Subject: [K12OSN] Pentium I and II still useful? Message-ID: <200807121358.33006.danbretherton@yahoo.co.uk> Dear All, I recently acquired two old computers that would make ideal diskless terminals for a school or community computer lab. ?One is a Pentium and the other a Pentium II. ?I set up three small LTSP based labs in Guyana between 2003 and 2005, and when I left donated Pentium class computers were still being shipped to developing countries by organisations such as Computer Aid International and the World Computer Exchange. ?Three years later, and now back in the UK, I have discovered that the minimum specification that computer refurbishment charities will accept is Pentium III. ?This may be because there are so many PIII and above PCs being donated that these organisations don't have the resources to deal with the lower specs any more. ? However, I am still hoping to find a home for my Pentium I and II, and it occurred to me that the UK LTSP community would be a good place to start. ? Please let me know if these computers would be useful to you or your organisation. ?I live in Reading and regularly visit East Devon, and I would be happy to drive a reasonable distance from either of those locations to drop them off. Regards, Dan. From microman at cmosnetworks.com Sat Jul 12 15:25:21 2008 From: microman at cmosnetworks.com (=?UTF-8?B?IlRlcnJlbGwgUHJ1ZMOpIEpyLiI=?=) Date: Sat, 12 Jul 2008 11:25:21 -0400 Subject: [K12OSN] Pentium I and II still useful? In-Reply-To: <200807121358.33006.danbretherton@yahoo.co.uk> References: <200807121358.33006.danbretherton@yahoo.co.uk> Message-ID: <4878CCE1.3080603@cmosnetworks.com> Dan Bretherton wrote: > Dear All, > > I recently acquired two old computers that would make ideal diskless terminals > for a school or community computer lab. One is a Pentium and the other a > Pentium II. I set up three small LTSP based labs in Guyana between 2003 and > 2005, and when I left donated Pentium class computers were still being > shipped to developing countries by organisations such as Computer Aid > International and the World Computer Exchange. Three years later, and now > back in the UK, I have discovered that the minimum specification that > computer refurbishment charities will accept is Pentium III. This may be > because there are so many PIII and above PCs being donated that these > organisations don't have the resources to deal with the lower specs any more. > However, I am still hoping to find a home for my Pentium I and II, and it > occurred to me that the UK LTSP community would be a good place to start. > Please let me know if these computers would be useful to you or your > organisation. I live in Reading and regularly visit East Devon, and I would > be happy to drive a reasonable distance from either of those locations to > drop them off. I'm in the US, and I've set up entire labs with Pentium I's and Pentium II's. They work great as LTSP terminals. I'm using an AMD K6-2 right now in my home, and my Pentium I (home-built) and Pentium II (Dell OptiPlex GX1) terminals are still rockin' and rollin'. The only modification I've had to make was drop in either an ATI Radeon 7500 or a Matrox Millenium G400 in them (they were cheap and available), and I can do full screen video w/ no problem. Computer refurbishment charities aren't thinking LTSP. They're thinking stand-alone box for someone's home, and for that scenario, they're right; PIII's with 512MB DRAM really are the minimum for any modern OS. A friend of mine is running Ubuntu Hardy on her PIII 700MHz laptop with 576MB, and she's happy. But I wouldn't put it on anything any smaller than that. --TP From gotthin at gmail.com Sat Jul 12 20:15:46 2008 From: gotthin at gmail.com (Jim Anderson) Date: Sat, 12 Jul 2008 16:15:46 -0400 Subject: [K12OSN] problem starting squid Message-ID: <1315fcd60807121315xe0d1fabqf618b4069dd87597@mail.gmail.com> I am trying to configure a squid proxy and a transparent proxy and I am having issues. I am using K12LTSP 5.0. I am trying to proxy all terminal clients that connect to the LTSP server but I am having problems starting squid. I get the following error: FATAL: Could not determine fully qualified hostname. Please set 'visible_hostname' Squid Cache (Version 2.5.STABLE14): Terminated abnormally. CPU Usage: 0.008 seconds = 0.004 user + 0.004 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0 Aborted I am using K12LTSP V.5.0. I cannot see where to set visible hostname in the config files. Thanks, Jim Anderson -------------- next part -------------- An HTML attachment was scrubbed... URL: From jkinney at localnetsolutions.com Sat Jul 12 20:50:41 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Sat, 12 Jul 2008 16:50:41 -0400 Subject: [K12OSN] problem starting squid In-Reply-To: <1315fcd60807121315xe0d1fabqf618b4069dd87597@mail.gmail.com> References: <1315fcd60807121315xe0d1fabqf618b4069dd87597@mail.gmail.com> Message-ID: <1215895841.5582.4.camel@merlin.localnetsolutions.com> Jim, Just append a line to the config file like: visible_hostname=myhost.mydomain.org It may require spaces around the = On Sat, 2008-07-12 at 16:15 -0400, Jim Anderson wrote: > I am trying to configure a squid proxy and a transparent proxy and I > am having issues. I am using K12LTSP 5.0. I am trying to proxy all > terminal clients that connect to the LTSP server but I am having > problems starting squid. I get the following error: > > FATAL: Could not determine fully qualified hostname. Please set > 'visible_hostname' > > Squid Cache (Version 2.5.STABLE14): Terminated abnormally. > CPU Usage: 0.008 seconds = 0.004 user + 0.004 sys > Maximum Resident Size: 0 KB > Page faults with physical i/o: 0 > Aborted > > I am using K12LTSP V.5.0. I cannot see where to set visible hostname > in the config files. > > Thanks, > Jim Anderson > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From julius at turtle.com Sat Jul 12 21:02:56 2008 From: julius at turtle.com (Julius Szelagiewicz) Date: Sat, 12 Jul 2008 17:02:56 -0400 (EDT) Subject: [K12OSN] problem starting squid In-Reply-To: <1215895841.5582.4.camel@merlin.localnetsolutions.com> Message-ID: On Sat, 12 Jul 2008, James P. Kinney III wrote: > Jim, > > Just append a line to the config file like: > visible_hostname=myhost.mydomain.org > > It may require spaces around the = > On Sat, 2008-07-12 at 16:15 -0400, Jim Anderson wrote: > > I am trying to configure a squid proxy and a transparent proxy and I > > am having issues. I am using K12LTSP 5.0. I am trying to proxy all > > terminal clients that connect to the LTSP server but I am having > > problems starting squid. I get the following error: > > > > FATAL: Could not determine fully qualified hostname. Please set > > 'visible_hostname' > > > > Squid Cache (Version 2.5.STABLE14): Terminated abnormally. > > CPU Usage: 0.008 seconds = 0.004 user + 0.004 sys > > Maximum Resident Size: 0 KB > > Page faults with physical i/o: 0 > > Aborted > > > > I am using K12LTSP V.5.0. I cannot see where to set visible hostname > > in the config files. > > > > Thanks, > > Jim Anderson Or better yet, make sure that there is fully qualified name of this server in the /etc/hosts file, say: 192.168.mmm.nnn squidhost.mydomain.com squidhost From jkinney at localnetsolutions.com Sat Jul 12 22:25:19 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Sat, 12 Jul 2008 18:25:19 -0400 Subject: [K12OSN] problem starting squid In-Reply-To: References: Message-ID: <1215901519.5582.7.camel@merlin.localnetsolutions.com> On Sat, 2008-07-12 at 17:02 -0400, Julius Szelagiewicz wrote: > Or better yet, make sure that there is fully qualified name of this server > in the /etc/hosts file, say: > 192.168.mmm.nnn squidhost.mydomain.com squidhost > Should always do that! But squid will still require the visible_hostname setting in the config file. This is for squid use so the logs make sense as squid can be clustered. -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From brcisna at eazylivin.net Sun Jul 13 02:15:37 2008 From: brcisna at eazylivin.net (Barry R Cisna) Date: Sat, 12 Jul 2008 21:15:37 -0500 Subject: [K12OSN] samba-vscan-clamav for your file server Message-ID: <1215915337.9975.14.camel@localhost.localdomain> Hello Listers, Don't know what everyone is using for virus scanning on your school's windersz boxes. Just thought this may be of interest to some people here. I set up a few weeks ago, on our Samba file server for all students and staff at school samba-vscan-clamav. I guess i shouldn't blow about it yet, but with quite a bit of testing by yours truly,this really works slick as a real time scanner on any samba share on your file server you want it to scan in real time.( Most likely your users home folders of course). With this setup the higher ups will like it somewhat better than running the 'ol midnight cron job of clamd'.Also might mention,in the last 3 years since going to Clamav on all of our windersz boxes at school we have not had any "outbreaks" of viruses. I think this addition will be very nice as a transparent scanning piece,for all files coming and going on the file server. Other than having to compile it against whatever version of Samba you are running it was very easy, lightweight to setup.Couldn't find very many rpm's for samba-vscan-clamav. Just an FYI. take care, Barry Cisna From jkinney at localnetsolutions.com Sun Jul 13 04:04:07 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Sun, 13 Jul 2008 00:04:07 -0400 Subject: [K12OSN] samba-vscan-clamav for your file server In-Reply-To: <1215915337.9975.14.camel@localhost.localdomain> References: <1215915337.9975.14.camel@localhost.localdomain> Message-ID: <1215921847.3683.4.camel@merlin.localnetsolutions.com> Hey Barry! It gets even better. You can also auto-scan all web traffic for virus patterns as well using squid and clamav: http://www.opensourcehowto.org/how-to/squid/squid-clamav--havp.html Now add to all of this MailScanner with Spamassassin and Clamav for virus and you have a pretty solid and clean setup. http://www.mailscanner.info/ OpenSource is Great!! On Sat, 2008-07-12 at 21:15 -0500, Barry R Cisna wrote: > Hello Listers, > > Don't know what everyone is using for virus scanning on your school's > windersz boxes. Just thought this may be of interest to some people > here. I set up a few weeks ago, on our Samba file server for all > students and staff at school samba-vscan-clamav. I guess i shouldn't > blow about it yet, but with quite a bit of testing by yours truly,this > really works slick as a real time scanner on any samba share on your > file server you want it to scan in real time.( Most likely your users > home folders of course). With this setup the higher ups will like it > somewhat better than running the 'ol midnight cron job of clamd'.Also > might mention,in the last 3 years since going to Clamav on all of our > windersz boxes at school we have not had any "outbreaks" of viruses. I > think this addition will be very nice as a transparent scanning > piece,for all files coming and going on the file server. Other than > having to compile it against whatever version of Samba you are running > it was very easy, lightweight to setup.Couldn't find very many rpm's for > samba-vscan-clamav. > Just an FYI. > > take care, > > Barry Cisna > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From brcisna at eazylivin.net Sun Jul 13 14:03:25 2008 From: brcisna at eazylivin.net (Barry R Cisna) Date: Sun, 13 Jul 2008 09:03:25 -0500 Subject: [K12OSN] samba-vscan-clamav for your file server Message-ID: <1215957805.7110.6.camel@localhost.localdomain> Hello List, I posted on the wiki an howto on how to setup samba-vscan-clamav on a Samba file server. This maybe should be on the samba wiki, but I think it would apply to most folks here using K12LTSP, as well. It takes about 15 minutes to setup and have working. I did post a link to download a precompiled module for this that will work on Samba-3.0.23c which shipped with K12LTSP EL5.it may or may not work on a couple newer or older versions of Samba. the difference being the version of VFS that Samba was built with. If interested look under >Resources>Software>Admin> on the K12LTSP wiki. Take Care Barry Cisna From sharbour at nwresd.k12.or.us Sun Jul 13 16:02:48 2008 From: sharbour at nwresd.k12.or.us (Sean Harbour) Date: Sun, 13 Jul 2008 09:02:48 -0700 Subject: [K12OSN] Re: Ubuntu and vi In-Reply-To: <20080712160032.0F1D8618D7C@hormel.redhat.com> References: <20080712160032.0F1D8618D7C@hormel.redhat.com> Message-ID: <1215964968.16138.197.camel@s4> If you've noticed that the vi command in Ubuntu is a little too much "old school", use vim instead, or just fix the sim link at /usr/bin/vi to point to /etc/alternatives/vim. -- Sean Harbour Senior Network Engineer Northwest Regional Education Service District Helpdesk: 503-614-1400 Desk: 503-614-1448 Web: www.nwresd.k12.or.us Email: sharbour at nwresd.k12.or.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From asmo.koskinen at arkki.info Sun Jul 13 16:19:04 2008 From: asmo.koskinen at arkki.info (Asmo Koskinen) Date: Sun, 13 Jul 2008 19:19:04 +0300 Subject: [K12OSN] Re: Ubuntu and vi In-Reply-To: <1215964968.16138.197.camel@s4> References: <20080712160032.0F1D8618D7C@hormel.redhat.com> <1215964968.16138.197.camel@s4> Message-ID: <487A2AF8.9050305@arkki.info> Sean Harbour kirjoitti: > If you've noticed that the vi command in Ubuntu is a little too much > "old school", use vim instead, or > just fix the sim link at /usr/bin/vi to point to /etc/alternatives/vim. I think nano is way better (if is it installed...). But I myself install mc everywhere, with mc I can do so much more than just write some file... Best Regards Asmo Koskinen. From fastxr at gmail.com Sun Jul 13 19:43:06 2008 From: fastxr at gmail.com (Vince Callaway) Date: Sun, 13 Jul 2008 12:43:06 -0700 Subject: [K12OSN] Re: Ubuntu and vi In-Reply-To: <1215964968.16138.197.camel@s4> References: <20080712160032.0F1D8618D7C@hormel.redhat.com> <1215964968.16138.197.camel@s4> Message-ID: <1215978186.9751.0.camel@partagas> I must just be old school. I never noticed :) From onatawahtaw at yahoo.ca Sun Jul 13 20:07:25 2008 From: onatawahtaw at yahoo.ca (Onatawahtaw) Date: Sun, 13 Jul 2008 13:07:25 -0700 (PDT) Subject: [K12OSN] Re: Ubuntu and vi In-Reply-To: <1215964968.16138.197.camel@s4> Message-ID: <294153.88946.qm@web30501.mail.mud.yahoo.com> I find vi to be very close to vim and usually use vi, the only problem I encounter is that I have gotten used to the arrow keys for navigation (instead of h,j,k,l) so often forget to escape when I use the arrows, which can be annoying. -Kevin --- On Sun, 7/13/08, Sean Harbour wrote: > From: Sean Harbour > Subject: [K12OSN] Re: Ubuntu and vi > To: k12osn at redhat.com > Date: Sunday, July 13, 2008, 11:02 AM > If you've noticed that the vi command in Ubuntu is a > little too much > "old school", use vim instead, or > just fix the sim link at /usr/bin/vi to point to > /etc/alternatives/vim. > > -- > Sean Harbour > Senior Network Engineer > Northwest Regional Education Service District > Helpdesk: 503-614-1400 > Desk: 503-614-1448 > Web: www.nwresd.k12.or.us > Email: > sharbour at nwresd.k12.or.us_______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From william at fragakis.com Sun Jul 13 23:17:22 2008 From: william at fragakis.com (William Fragakis) Date: Sun, 13 Jul 2008 19:17:22 -0400 Subject: [K12OSN] Open Office In-Reply-To: <20070610160018.7624173707@hormel.redhat.com> References: <20070610160018.7624173707@hormel.redhat.com> Message-ID: <1215991042.13308.5.camel@server.ltsp> The docx issue finally bit me and in going through the old posts, I found lots of venting and workarounds. Thought these might help: http://fedoraforum.org/forum/archive/index.php/t-171119.html http://katana.oooninja.com/w/odf-converter-integrator I dropped in the convertor in the first link's instructions but the convertor would only work from the command line ie /usr/lib/openoffice.org/program/OdfConverter /i foo.docx installing the rpm from the second post allows you to click on the docx file and automatically convert it to an odf Hope this helps. Apologies if these links were posted earlier. Didn't see them when searching. William From DLWillson at TheGeek.NU Sun Jul 13 23:22:12 2008 From: DLWillson at TheGeek.NU (David L. Willson) Date: Sun, 13 Jul 2008 17:22:12 -0600 Subject: [K12OSN] Re: Ubuntu and vi In-Reply-To: <1215964968.16138.197.camel@s4> References: <20080712160032.0F1D8618D7C@hormel.redhat.com> <1215964968.16138.197.camel@s4> Message-ID: <20080713232205.M99415@TheGeek.NU> Thank you, Sean. This resolves a ~huge~ bother for me. On Sun, 13 Jul 2008 09:02:48 -0700, Sean Harbour wrote > If you've noticed that the vi command in Ubuntu is a little too much > "old school", use vim instead, or > just fix the sim link at /usr/bin/vi to point to /etc/alternatives/vim. > > -- > Sean Harbour > Senior Network Engineer > Northwest Regional Education Service District > Helpdesk: 503-614-1400 > Desk: 503-614-1448 > Web: www.nwresd.k12.or.us > Email: sharbour at nwresd.k12.or.us -- David From jkinney at localnetsolutions.com Mon Jul 14 02:36:06 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Mon, 14 Jul 2008 02:36:06 +0000 Subject: [K12OSN] Open Office In-Reply-To: <1215991042.13308.5.camel@server.ltsp> References: <20070610160018.7624173707@hormel.redhat.com> <1215991042.13308.5.camel@server.ltsp> Message-ID: <1216002966.3683.14.camel@merlin.localnetsolutions.com> Docx is a problem! The OoO v3.0 will have full support. I've been testing the beta version with good results so far. It handles docx fine so far. The only real issue with converting it to odf is when it gets sent back as doc and not docx, office2007 thinks the file is a virus. There is an "update" that is supposed to correct this behavior for office2007 but apparently is it not perfect. Thanks for the heads up on this solution!! Maybe I'm just getting crusty but wasn't rtf supposed to the "interoperable document format" designed by Microsoft? I like to point people to the ODF plugin site from Sun for the poor Microsoft Office users who just don't have an acceptable document interchange format :) http://www.sun.com/software/star/odf_plugin/index.jsp On Sun, 2008-07-13 at 19:17 -0400, William Fragakis wrote: > The docx issue finally bit me and in going through the old posts, I > found lots of venting and workarounds. Thought these might help: > > http://fedoraforum.org/forum/archive/index.php/t-171119.html > > > http://katana.oooninja.com/w/odf-converter-integrator > > I dropped in the convertor in the first link's instructions but the > convertor would only work from the command line > > ie /usr/lib/openoffice.org/program/OdfConverter /i foo.docx > > installing the rpm from the second post allows you to click on the docx > file and automatically convert it to an odf > Hope this helps. > > Apologies if these links were posted earlier. Didn't see them when > searching. > > William > > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From nils at breun.nl Mon Jul 14 09:01:57 2008 From: nils at breun.nl (Nils Breunese) Date: Mon, 14 Jul 2008 11:01:57 +0200 Subject: [K12OSN] Re: Ubuntu and vi In-Reply-To: <20080713232205.M99415@TheGeek.NU> References: <20080712160032.0F1D8618D7C@hormel.redhat.com> <1215964968.16138.197.camel@s4> <20080713232205.M99415@TheGeek.NU> Message-ID: David L. Willson wrote: > Thank you, Sean. This resolves a ~huge~ bother for me. On my Ubuntu system /usr/bin/vi is a symlink to /etc/alternatives/vi. No need to change the symlink, you can just install the vim-gnome package (Ubuntu comes with only vim-tiny installed by default I believe) and run 'sudo update-alternatives --config vi' to set your preference (mine is pointing to /usr/bin/vim.gnome). Nils Breunese. > On Sun, 13 Jul 2008 09:02:48 -0700, Sean Harbour wrote >> If you've noticed that the vi command in Ubuntu is a little too much >> "old school", use vim instead, or >> just fix the sim link at /usr/bin/vi to point to /etc/alternatives/ >> vim. >> >> -- >> Sean Harbour >> Senior Network Engineer >> Northwest Regional Education Service District >> Helpdesk: 503-614-1400 >> Desk: 503-614-1448 >> Web: www.nwresd.k12.or.us >> Email: sharbour at nwresd.k12.or.us > > > -- David From dhrubaster at gmail.com Mon Jul 14 11:20:36 2008 From: dhrubaster at gmail.com (Dhruba Adhikari) Date: Mon, 14 Jul 2008 17:05:36 +0545 Subject: [K12OSN] Client login problems Message-ID: <6f27d9050807140420y3c229977s7f36d7db19ed381@mail.gmail.com> Dear all, I have been using LTSP 5 in Fedora Core 5 K12LTSP system. Everything was fine right from the system deployment, however after some around of one month a problem in all the clients has started to appear. Problem Description. The clients boot up properly without any single problem, however, when an user gets to log in, he/she is authenticated and returned back to the same login screen within 2 seconds. But, 'root' is able to login via the clients. Also, I tried to ssh via a remote terminal to the server. Any other user other than root was able to login via ssh. It has been a week of reporting this problem and the whole internet LAB is shut down. Anyone please reply as soon as possible. Thank you in advance Dhruba Adhikari, Nepal. -- --- www.meronepalma.com --- (^ ^) Genius is one percent inspiration and || ninety-nine percent perspiration. ( ---- ) -- acpmasquerade --- -------------- next part -------------- An HTML attachment was scrubbed... URL: From jkinney at localnetsolutions.com Mon Jul 14 12:25:32 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Mon, 14 Jul 2008 12:25:32 +0000 Subject: [K12OSN] Client login problems In-Reply-To: <6f27d9050807140420y3c229977s7f36d7db19ed381@mail.gmail.com> References: <6f27d9050807140420y3c229977s7f36d7db19ed381@mail.gmail.com> Message-ID: <1216038332.3683.22.camel@merlin.localnetsolutions.com> Hi Dhruba, There are few things that can cause this problem. The first to check is if the users drive space is filled up. df -h If that shows the drives are full, you will need to remove files or migrate to a larger drive system. This is my first guess since root can log in and root doesn't use the same home directory space as normal users. On Mon, 2008-07-14 at 17:05 +0545, Dhruba Adhikari wrote: > Dear all, > I have been using LTSP 5 in Fedora Core 5 K12LTSP system. Everything > was fine right from the system deployment, however after some around > of one month a problem in all the clients has started to appear. > > Problem Description. > The clients boot up properly without any single problem, however, when > an user gets to log in, he/she is authenticated and returned back to > the same login screen within 2 seconds. But, 'root' is able to login > via the clients. > Also, I tried to ssh via a remote terminal to the server. Any other > user other than root was able to login via ssh. > > > It has been a week of reporting this problem and the whole internet > LAB is shut down. Anyone please reply as soon as possible. > > > Thank you in advance > Dhruba Adhikari, > Nepal. > -- > --- > www.meronepalma.com > --- > > (^ ^) Genius is one percent inspiration and > || ninety-nine percent perspiration. > ( ---- ) -- acpmasquerade --- > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From simpsond at leopards.k12.ar.us Mon Jul 14 13:22:53 2008 From: simpsond at leopards.k12.ar.us (Doug Simpson) Date: Mon, 14 Jul 2008 08:22:53 -0500 Subject: [K12OSN] Pentium I and II still useful? In-Reply-To: <4878CCE1.3080603@cmosnetworks.com> References: <200807121358.33006.danbretherton@yahoo.co.uk> <4878CCE1.3080603@cmosnetworks.com> Message-ID: <487B0CDC.550C.0078.0@leopards.k12.ar.us> Pentuim I and II? That's funny! I still use 486's for terminals sometimes at my house for the grandyounguns! If you find one that will work with 64MB RAM, they work surprisingly well for terminals for the types of things younger kids can/like to do. . . They are getting dated, though! DS Doug Simpson Technology Specialist De Queen Public Schools De Queen, AR simpsond at leopards.k12.ar.us "A Dollar Saved is a Dollar Earned" >>> "Terrell Prud? Jr." 7/12/2008 10:25 AM >>> Dan Bretherton wrote: > Dear All, > > I recently acquired two old computers that would make ideal diskless terminals > for a school or community computer lab. One is a Pentium and the other a > Pentium II. I set up three small LTSP based labs in Guyana between 2003 and > 2005, and when I left donated Pentium class computers were still being > shipped to developing countries by organisations such as Computer Aid > International and the World Computer Exchange. Three years later, and now > back in the UK, I have discovered that the minimum specification that > computer refurbishment charities will accept is Pentium III. This may be > because there are so many PIII and above PCs being donated that these > organisations don't have the resources to deal with the lower specs any more. > However, I am still hoping to find a home for my Pentium I and II, and it > occurred to me that the UK LTSP community would be a good place to start. > Please let me know if these computers would be useful to you or your > organisation. I live in Reading and regularly visit East Devon, and I would > be happy to drive a reasonable distance from either of those locations to > drop them off. I'm in the US, and I've set up entire labs with Pentium I's and Pentium II's. They work great as LTSP terminals. I'm using an AMD K6-2 right now in my home, and my Pentium I (home-built) and Pentium II (Dell OptiPlex GX1) terminals are still rockin' and rollin'. The only modification I've had to make was drop in either an ATI Radeon 7500 or a Matrox Millenium G400 in them (they were cheap and available), and I can do full screen video w/ no problem. Computer refurbishment charities aren't thinking LTSP. They're thinking stand-alone box for someone's home, and for that scenario, they're right; PIII's with 512MB DRAM really are the minimum for any modern OS. A friend of mine is running Ubuntu Hardy on her PIII 700MHz laptop with 576MB, and she's happy. But I wouldn't put it on anything any smaller than that. --TP _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From dhrubaster at gmail.com Mon Jul 14 19:42:35 2008 From: dhrubaster at gmail.com (Dhruba Adhikari) Date: Tue, 15 Jul 2008 01:27:35 +0545 Subject: [K12OSN] Re: Client login problems Message-ID: <6f27d9050807141242j448f3469xff6a595b951f3ad6@mail.gmail.com> Dear James P. Kinney, Thank you for your reply. I had previously checked the disk size, its only 35% full, and we have around 13 GB or hard disk space still left. As you have mentioned there could be lots of cases, please specify some other so that we could troubleshoot the problem. Thank you Dhruba Adhikari -- --- www.meronepalma.com --- (^ ^) Genius is one percent inspiration and || ninety-nine percent perspiration. ( ---- ) -- acpmasquerade --- -------------- next part -------------- An HTML attachment was scrubbed... URL: From jkinney at localnetsolutions.com Mon Jul 14 20:26:41 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Mon, 14 Jul 2008 20:26:41 +0000 Subject: [K12OSN] Re: Client login problems In-Reply-To: <6f27d9050807141242j448f3469xff6a595b951f3ad6@mail.gmail.com> References: <6f27d9050807141242j448f3469xff6a595b951f3ad6@mail.gmail.com> Message-ID: <1216067201.3683.39.camel@merlin.localnetsolutions.com> Can you clarify some stuff please?: Can any non-root user login at the console using the X login? Can any non-root user login from a ssh connection? Can root login using X/gdm at the console? Can root login using an ssh connection? Please post the output of df -h Please post the contents of /etc/fstab (scrub out passwords if there are samba mounts please) What user authentication method is used? (local password files, NIS, LDAP, Windows active directory, no logins only kiosk/userless mode). Please post the output of uname -a Please post the contents of /etc/issue If the user authentication method is not local password file, please verify the network connection to the remote server is valid. Also verify that the iptables rules have not been adjusted to block the reply from the remote server. Can you post a bit of the /var/log/message file. Ideally, append a marker (echo "###marker###" >> /var/log/messages), the try a client login, then post up the messages from the marker to the end, please. Are there errors appearing in the /var/log/security file? On Tue, 2008-07-15 at 01:27 +0545, Dhruba Adhikari wrote: > Dear James P. Kinney, > Thank you for your reply. I had previously checked the disk size, its > only 35% full, and we have around 13 GB or hard disk space still > left. > > As you have mentioned there could be lots of cases, please specify > some other so that we could troubleshoot the problem. > > Thank you > Dhruba Adhikari > > -- > --- > www.meronepalma.com > --- > > (^ ^) Genius is one percent inspiration and > || ninety-nine percent perspiration. > ( ---- ) -- acpmasquerade --- > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From brcisna at eazylivin.net Tue Jul 15 01:04:28 2008 From: brcisna at eazylivin.net (Barry R Cisna) Date: Mon, 14 Jul 2008 20:04:28 -0500 Subject: [K12OSN] Client login problems Message-ID: <1216083868.25039.9.camel@localhost.localdomain> Dhruba, 1.Try creating a new user via the Users& Groups GUI. AKA: John Doe. See if you can log in from terminal as John Doe. If John Doe ( newly created user) can log in, then your home folder permissions have gone wonky on you,,,but,, 2.If this fails try in a terminal as root: ../opt/ltsp/i386/ssh-keygen ,, if you have changed IP addresses on the sever ( which I doubt you have) this needs to be done,,,sometimes. 3. look in your /var/log/gdm directory at the logs here and see if anything looks wonky, as well as the syslog.log as well. If I read your post correctly you stated that anyone OTHER than root can log into the server via ssh remotely. is this correct? This doesn't sound conducive to root being able to log in via the remote login GUI? Let us know your findings. Barry Cisna From brcisna at eazylivin.net Tue Jul 15 01:54:32 2008 From: brcisna at eazylivin.net (Barry R Cisna) Date: Mon, 14 Jul 2008 20:54:32 -0500 Subject: [K12OSN] Client login problems Message-ID: <1216086872.26496.3.camel@localhost.localdomain> Dhruba, I fat fingered the #2 step in my previous post.(I'm pretty good at that!) Should be: ../opt/ltsp/i386/bin/ssh-keygen Barry Cisna From jkinney at localnetsolutions.com Tue Jul 15 02:05:47 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Tue, 15 Jul 2008 02:05:47 +0000 Subject: [K12OSN] Client login problems In-Reply-To: <1216086872.26496.3.camel@localhost.localdomain> References: <1216086872.26496.3.camel@localhost.localdomain> Message-ID: <1216087547.3683.44.camel@merlin.localnetsolutions.com> Barry, That won't work. The K12ltsp5 doesn't use ssh keys for user login or encryption of X channel data. It is only used for the server talking back to the clients for control things like lts and teachertool. On Mon, 2008-07-14 at 20:54 -0500, Barry R Cisna wrote: > Dhruba, > > I fat fingered the #2 step in my previous post.(I'm pretty good at > that!) > Should be: > > ../opt/ltsp/i386/bin/ssh-keygen > > Barry Cisna > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From microman at cmosnetworks.com Tue Jul 15 15:10:32 2008 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Tue, 15 Jul 2008 11:10:32 -0400 Subject: [K12OSN] Client login problems In-Reply-To: <1216087547.3683.44.camel@merlin.localnetsolutions.com> References: <1216086872.26496.3.camel@localhost.localdomain> <1216087547.3683.44.camel@merlin.localnetsolutions.com> Message-ID: <487CBDE8.6010104@cmosnetworks.com> If I read Dhruba's original post correctly, I think he's using LTSP 5 on Fedora Core 5. --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! James P. Kinney III wrote: > Barry, > That won't work. The K12ltsp5 doesn't use ssh keys for user login or > encryption of X channel data. It is only used for the server talking > back to the clients for control things like lts and teachertool. > On Mon, 2008-07-14 at 20:54 -0500, Barry R Cisna wrote: > >> Dhruba, >> >> I fat fingered the #2 step in my previous post.(I'm pretty good at >> that!) >> Should be: >> >> ../opt/ltsp/i386/bin/ssh-keygen >> >> Barry Cisna >> >> _______________________________________________ >> K12OSN mailing list >> K12OSN at redhat.com >> https://www.redhat.com/mailman/listinfo/k12osn >> For more info see >> >> -------------- next part -------------- An HTML attachment was scrubbed... URL: From microman at cmosnetworks.com Tue Jul 15 15:11:01 2008 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Tue, 15 Jul 2008 11:11:01 -0400 Subject: [K12OSN] Client login problems In-Reply-To: <6f27d9050807140420y3c229977s7f36d7db19ed381@mail.gmail.com> References: <6f27d9050807140420y3c229977s7f36d7db19ed381@mail.gmail.com> Message-ID: <487CBE05.8000001@cmosnetworks.com> One other thing: Fedora Core 5 is no longer supported by the Fedora Project. That means no bug fixes, security updates, etc. You're asking to get cracked. Please upgrade to CentOS 5. This newer version will be supported with security/bug fixes until the year 2014. --TP _______________________________ Do you GNU ? Microsoft Free since 2003 --the ultimate antivirus protection! Dhruba Adhikari wrote: > Dear all, > I have been using LTSP 5 in Fedora Core 5 K12LTSP system. Everything > was fine right from the system deployment, however after some around > of one month a problem in all the clients has started to appear. > > Problem Description. > The clients boot up properly without any single problem, however, when > an user gets to log in, he/she is authenticated and returned back to > the same login screen within 2 seconds. But, 'root' is able to login > via the clients. > Also, I tried to ssh via a remote terminal to the server. Any other > user other than root was able to login via ssh. > > > It has been a week of reporting this problem and the whole internet > LAB is shut down. Anyone please reply as soon as possible. > > > Thank you in advance > Dhruba Adhikari, > Nepal. > -- > --- > www.meronepalma.com > --- > > (^ ^) Genius is one percent inspiration and > || ninety-nine percent perspiration. > ( ---- ) -- acpmasquerade --- > ------------------------------------------------------------------------ > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -------------- next part -------------- An HTML attachment was scrubbed... URL: From mrjohnlucas at gmail.com Wed Jul 16 11:15:44 2008 From: mrjohnlucas at gmail.com (John Lucas) Date: Wed, 16 Jul 2008 07:15:44 -0400 Subject: [K12OSN] Major DNS security patch Message-ID: <487DD860.3040308@gmail.com> There is an important patch for DNS servers that mitigates a critical flaw in the DNS protocol. For the first time there has been a coordinated patch release from all major vendors across all major platforms to try to avoid massive DNS spoofing attacks. I first learned of this from this Slashdot article: http://it.slashdot.org/article.pl?sid=08/07/08/195225 This came about due to a major new exploit discovered by Dan Kaminsky. Controversially, he has not made the details of the exploit widely available; he will be revealing the details at the Blackhat conference in August. His reason for not revealing the details was to allow some time for the vendors to release patches and for admins to deploy them. He has been slammed for not revealing the details. In response he has shown his "goods" to a small number of security professionals. Paul Vixie (if you don't know who he is, see: http://en.wikipedia.org/wiki/Paul_Vixie) has probably given the most authoritative response: http://www.circleid.com/posts/87143_dns_not_a_guessing_game/ It is extremely important that system administrators deploy these patches and to try to get your ISP's to do so as well. The effectiveness of the patch also depends on "randomizing" the source query port of the DNS server. You can test your patches and configuration from the command line with the following (from Paul Vixie's blog): dig porttest.dns-oarc.net in txt If you need a GUI test, there is one on Dan Kaminsky's blog site: http://www.doxpara.com/ If you run your own DNS server (like me) it's up to you to upgrade; CentOS has the patch in their yum repositories. If you are dependent on your ISP's DNS servers and they don't come up to snuff, you should consider using the OpenDNS servers instead of the ISP's: http://www.opendns.com/ I've tested two local ISPs and both have applied the patch but (so far) have failed to adjust their configuration to use random query ports, so I have begun using OpenDNS servers on sites not running their own DNS. This patch is a no-brainer. Do your part to protect this vital part of the Internet Infrastructure. -- "History doesn't repeat itself; at best it rhymes." - Mark Twain | John Lucas MrJohnLucas at gmail.com | | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ | | 18.3?N, 65?W AST (UTC-4) | From adiantof at gmail.com Wed Jul 16 11:40:33 2008 From: adiantof at gmail.com (Fajar Adianto) Date: Wed, 16 Jul 2008 18:40:33 +0700 Subject: [K12OSN] Updating rdektop in k12ltsp Message-ID: <11a0d9090807160440j38c24ed0k933a477010a1405d@mail.gmail.com> Hi folks, I am in attempt to update rdesktop 1.5.0 to 1.6.0 from the source. By default, the new rdesktop would be installed under /usr/bin directory. I am using k12ltsp 4.2 where rdesktop is located under /opt/ltsp/i386/usr/bin directory. How is the correct procedure to do this, regarding the destination directory problem (including the files required by rdesktop 1.6, like keymaps and libraries)? Thanks, Fajar Adianto. -------------- next part -------------- An HTML attachment was scrubbed... URL: From joseph.bishay at gmail.com Wed Jul 16 20:38:58 2008 From: joseph.bishay at gmail.com (Joseph Bishay) Date: Wed, 16 Jul 2008 16:38:58 -0400 Subject: [K12OSN] Pentium I and II still useful? In-Reply-To: <200807121358.33006.danbretherton@yahoo.co.uk> References: <200807121358.33006.danbretherton@yahoo.co.uk> Message-ID: Hello, In the lab I'm maintaining, ALL the machines are Pentium I machines! Some of the more souped-up ones have *64* MB of ram! Have had no problems really. Had to turn on the LTSP-swap and we're good to go. Joseph On Sat, Jul 12, 2008 at 8:58 AM, Dan Bretherton wrote: > Dear All, > > I recently acquired two old computers that would make ideal diskless terminals > for a school or community computer lab. One is a Pentium and the other a > Pentium II. I set up three small LTSP based labs in Guyana between 2003 and > 2005, and when I left donated Pentium class computers were still being > shipped to developing countries by organisations such as Computer Aid > International and the World Computer Exchange. Three years later, and now > back in the UK, I have discovered that the minimum specification that > computer refurbishment charities will accept is Pentium III. This may be > because there are so many PIII and above PCs being donated that these > organisations don't have the resources to deal with the lower specs any more. > However, I am still hoping to find a home for my Pentium I and II, and it > occurred to me that the UK LTSP community would be a good place to start. > Please let me know if these computers would be useful to you or your > organisation. I live in Reading and regularly visit East Devon, and I would > be happy to drive a reasonable distance from either of those locations to > drop them off. > > Regards, > Dan. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From carl at snarlnet.com Mon Jul 21 19:59:36 2008 From: carl at snarlnet.com (Carl Keil) Date: Mon, 21 Jul 2008 12:59:36 -0700 Subject: [K12OSN] OT - what's the easiest route to centralized authentication and home folders? Message-ID: <4884EAA8.4050500@snarlnet.com> Hey folks, Starting from scratch, what's the best way to centralize logins and file serving for a mixed group of linux (ubuntu) and Windows XP (home) workstations. The school is also talking about installing a Mac. I'm thinking of trying the Samba/LDAP script on Centos 5 K12LTSP. Is there a better (easier) way to go? How would you do it if you were starting from scratch and actually implementing thin clients was a ways off in your planning? Should I go 64 bit? The server I'm thinking of using is a Pentium D. This needs to serve about 50 students - 10 staff and volunteers 17 workstations mixed Ubuntu / Windows (for now) - possibly all on at the same time. My plan so far is to install Centos 5 K12LTSP on a repurposed workstation with a mirrored software RAID for the home directories. Install backupPC on another repurposed workstation for nightly backups of above. Use the Samba/LDAP script to export /home and provide authentication for everybody. I intend to use LDAP for the school's Joomla site, possibly Moodle, an attendance program, etc. after I get the initial server set up. Any suggestions? Is this overkill for 50 students? We have $0 budget for this. Thank you so much, ck From dhuckaby at paasda.org Mon Jul 21 20:27:22 2008 From: dhuckaby at paasda.org (Huck) Date: Mon, 21 Jul 2008 13:27:22 -0700 Subject: [K12OSN] OT - what's the easiest route to centralized authentication and home folders? In-Reply-To: <4884EAA8.4050500@snarlnet.com> References: <4884EAA8.4050500@snarlnet.com> Message-ID: <4884F12A.7070208@paasda.org> Easiest? Mac OS/X server with their built-in SAMBA/LDAP :) it's juicy easy...but if you talk'n K12LTSP style... do you need active directory stuff or just login authentication and home dirs? check the k12ltspwiki(I don't know address off top of head) for active directory integration... otherwise the SMB/LDAP script should do ya just fine. Carl Keil wrote: > Hey folks, > > Starting from scratch, what's the best way to centralize logins and file > serving for a mixed group of linux (ubuntu) and Windows XP (home) > workstations. The school is also talking about installing a Mac. I'm > thinking of trying the Samba/LDAP script on Centos 5 K12LTSP. Is there > a better (easier) way to go? How would you do it if you were starting > from scratch and actually implementing thin clients was a ways off in > your planning? Should I go 64 bit? The server I'm thinking of using is > a Pentium D. > This needs to serve about 50 students - 10 staff and volunteers > 17 workstations mixed Ubuntu / Windows (for now) - possibly all on at > the same time. > > My plan so far is to install Centos 5 K12LTSP on a repurposed > workstation with a mirrored software RAID for the home directories. > Install backupPC on another repurposed workstation for nightly backups > of above. > Use the Samba/LDAP script to export /home and provide authentication for > everybody. I intend to use LDAP for the school's Joomla site, possibly > Moodle, an attendance program, etc. after I get the initial server set up. > Any suggestions? Is this overkill for 50 students? We have $0 budget > for this. > > Thank you so much, > > ck > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > > From nick at trilliumcharterschool.org Tue Jul 22 05:35:32 2008 From: nick at trilliumcharterschool.org (Nick Fenger) Date: Mon, 21 Jul 2008 22:35:32 -0700 Subject: [K12OSN] OT - what's the easiest route to centralized authentication and home folders? In-Reply-To: <4884EAA8.4050500@snarlnet.com> References: <4884EAA8.4050500@snarlnet.com> Message-ID: Carl, I first set up a centralized LDAP server and home exports some 4 years ago now. We had only 30 clients butI I had five Dual PIII 700 servers that I wanted to spread the load out on. I was a complete noob to linux when I set that up and used the the Fedora K12LTSP distro and ran the Samba/LDAP script without any issues. I even had some windows 2000 boxes authenticating to it for a while. We've scaled up to a single dual quad core Xenon running some 60 clients now and I have kept the separate LDAP box. I have LAM running on it but still use the smbldap-* commands to do just about all of my adding and removal of users. There's even a way for users to change their own passwords now (although I'm not sure this has saved me any time considering my middle schoolers are always changing their passwords to something they can't remember) -Nick On Mon, Jul 21, 2008 at 12:59 PM, Carl Keil wrote: > Hey folks, > > Starting from scratch, what's the best way to centralize logins and file > serving for a mixed group of linux (ubuntu) and Windows XP (home) > workstations. The school is also talking about installing a Mac. I'm > thinking of trying the Samba/LDAP script on Centos 5 K12LTSP. Is there a > better (easier) way to go? How would you do it if you were starting from > scratch and actually implementing thin clients was a ways off in your > planning? Should I go 64 bit? The server I'm thinking of using is a > Pentium D. > This needs to serve about 50 students - 10 staff and volunteers > 17 workstations mixed Ubuntu / Windows (for now) - possibly all on at the > same time. > > My plan so far is to install Centos 5 K12LTSP on a repurposed workstation > with a mirrored software RAID for the home directories. > Install backupPC on another repurposed workstation for nightly backups of > above. > Use the Samba/LDAP script to export /home and provide authentication for > everybody. I intend to use LDAP for the school's Joomla site, possibly > Moodle, an attendance program, etc. after I get the initial server set up. > Any suggestions? Is this overkill for 50 students? We have $0 budget for > this. > > Thank you so much, > > ck > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > -- Trillium Charter School MS Math & Technology Teacher Technology Coordinator Database Administrator www.trilliumcharterschool.org Trillium Charter School is democratically-structured environment that fosters students' natural curiosity, creativity, and self-awareness. Students learn to take initiative and assume responsibility for their own learning, which supports constructive interaction with the local, regional, and global community. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ckollars9 at yahoo.com Tue Jul 22 20:39:55 2008 From: ckollars9 at yahoo.com (Chuck Kollars) Date: Tue, 22 Jul 2008 13:39:55 -0700 (PDT) Subject: [K12OSN] OT - what's the easiest route to centralized authentication and home folders? Message-ID: <214011.78120.qm@web65612.mail.ac4.yahoo.com> > ... what's the best way to centralize logins and file serving for a > mixed group of linux (ubuntu) and Windows XP (home) workstations ... LDAP (& Samba) is the approach I'd recommend. I've handled logins from a mixture of Linux/Windows/Mac by implementing the list of authorized users in LDAP. My experience was that once I went to a mixed environment, none of the client software worked quite right out of the box and everything had to be tweaked a little. The LDAP database was the part that did _not_ change (except of course you may need to augment the schema a little:-). I don't have enough experience with the various different LDAP setup tools to recommend one over another. My experience was that although it isn't strictly required, facility with Perl blew right by a multitude of what might otherwise have been significant problems. The latest versions of Samba provide NFS-like semantics, and can be usefully mounted by Linux as well as Windows (and Macs). And supposedly in both cases file permissions can be manipulated on each client in the native way for that client. One thing to _not_ do is mix Samba with real NFS, so some clients mount one but that service in turn just mounts the other. The various locking mechanisms are not entirely compatible, so file corruption will be inevitable (especially with some M$ apps). Either do all Samba or all NFS - don't mix them in an attempt to serve mixed clients. It's neither workable nor necessary (if you plan ahead). > ... This needs to serve about 50 students - 10 staff and volunteers > 17 workstations mixed Ubuntu / Windows (for now) - possibly all on > at the same time. ... I have about 1200 entries in my LDAP database. The response is almost instantaneous, the load on the system is very light, and LDAP weenies consider my database "small" as it's many orders of magnitude smaller than OpenLDAP capabilities. (In fact I had to "tune" it for performance because the default cache size was _too_large_.) LDAP does run a whole lot faster with plenty of RAM though. Instead of looking for something like a faster CPU, look for more memory. And don't rely too heavily on swapping. > ... Is this overkill for 50 students? ... My opinion is "no". The advantages of all applications and uses referencing a single master list of users are HUGE. You'll never have a problem with some obscure application because you forgot to update one of many databases. You'll never have out-of-sync problems. And users will never have multiple passwords. thanks! -Chuck Kollars From carl at snarlnet.com Wed Jul 23 01:09:11 2008 From: carl at snarlnet.com (Carl Keil) Date: Tue, 22 Jul 2008 18:09:11 -0700 Subject: [K12OSN] FC9 based K12LTSP? Message-ID: <488684B7.3070800@snarlnet.com> Does anyone know when Fedora is going to include K12LTSP? Wasn't that the plan for FC9? I'm building some new servers and updating some others and I'm wondering if there's any option besides 5EL. Not that that's not a great option. Thanks, ck From jahnigl at hotmail.com Wed Jul 23 01:36:39 2008 From: jahnigl at hotmail.com (Lance Jahnig) Date: Tue, 22 Jul 2008 20:36:39 -0500 Subject: [K12OSN] FC9 based K12LTSP? In-Reply-To: <488684B7.3070800@snarlnet.com> References: <488684B7.3070800@snarlnet.com> Message-ID: See https://fedorahosted.org/k12linux/ for install instructions on Fedora 9. > Date: Tue, 22 Jul 2008 18:09:11 -0700> From: carl at snarlnet.com> To: k12osn at redhat.com> Subject: [K12OSN] FC9 based K12LTSP?> > Does anyone know when Fedora is going to include K12LTSP? Wasn't that > the plan for FC9? > > I'm building some new servers and updating some others and I'm wondering > if there's any option besides 5EL. Not that that's not a great option.> > Thanks,> > ck> > _______________________________________________> K12OSN mailing list> K12OSN at redhat.com> https://www.redhat.com/mailman/listinfo/k12osn> For more info see _________________________________________________________________ Use video conversation to talk face-to-face with Windows Live Messenger. http://www.windowslive.com/messenger/connect_your_way.html?ocid=TXT_TAGLM_WL_Refresh_messenger_video_072008 -------------- next part -------------- An HTML attachment was scrubbed... URL: From asmo.koskinen at arkki.info Wed Jul 23 06:05:49 2008 From: asmo.koskinen at arkki.info (Asmo Koskinen) Date: Wed, 23 Jul 2008 09:05:49 +0300 Subject: [K12OSN] FC9 based K12LTSP? In-Reply-To: <488684B7.3070800@snarlnet.com> References: <488684B7.3070800@snarlnet.com> Message-ID: <4886CA3D.5080804@arkki.info> Carl Keil kirjoitti: > Does anyone know when Fedora is going to include K12LTSP? I have tested Asus Eee PC (and P4 PC) with all major ditros (Ubuntu, openSUSE, Fedora) as thin client. All works (sound and usb-stick out-of-box), but Fedora needs more manual work than others. And there is language issue with LDM/Desktop on Fedora 9. Here are my test results. Fedora 9: http://marc.info/?l=ltsp-discuss&m=121672602610470&w=2 Ubuntu 8.04: http://marc.info/?l=ltsp-discuss&m=121570192801200&w=2 openSUSE 11: http://marc.info/?l=ltsp-discuss&m=121581091009732&w=2 Best Regards Asmo Koskinen. From sbarar at gmail.com Wed Jul 23 10:25:13 2008 From: sbarar at gmail.com (Sudev Barar) Date: Wed, 23 Jul 2008 15:55:13 +0530 Subject: [K12OSN] Reading TCP packets Message-ID: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> This may not be correct place but collective wisdom can perhaps point me to a good resource. I have a remote device that is generating data and is sending as a TCP packet to designated IP:Port. If I open and set a non standard port I am able to receive the packets using a listener. Problem is that the host where I have to move this project allows listening only on port 80 (apache) or port 25/110 (mail) or port 22 (ssh) How can I set up apache or iptables to log in incoming data packets while at the same time allow apache to serve web pages? My google time continues to turn up inconclusive leads. -- Regards, Sudev Barar Read http://blog.sudev.in for topics ranging from here to there. PS: I know most of people do not follow email niceties (mostly they are not aware) but if you follow bottom post/in-line post style of email conversations it becomes a whole lot easier to carry on meaningful dialogue and you can snip out what is not meaningful too. Most people just hit reply button and top post leaving prior message appended uselessly at bottom. See if you can adopt this style and persuade others. In case you are already doing this ..... great, spread the message. From rob.owens at biochemfluidics.com Wed Jul 23 13:56:06 2008 From: rob.owens at biochemfluidics.com (Rob Owens) Date: Wed, 23 Jul 2008 09:56:06 -0400 Subject: [K12OSN] Reading TCP packets In-Reply-To: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> References: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> Message-ID: <48873876.9000208@biochemfluidics.com> How about putting a hub (not a switch) in between the remote device and the host in question. Then you can hook up another computer to that hub and use wireshark or something similar. The hub will cause all traffic to be broadcast to all ports on the hub so you'll be able to see it all with wireshark. Or maybe just run wireshark on the host in question, and omit the hub. -Rob Sudev Barar wrote: > This may not be correct place but collective wisdom can perhaps point > me to a good resource. > > I have a remote device that is generating data and is sending as a TCP > packet to designated IP:Port. If I open and set a non standard port I > am able to receive the packets using a listener. Problem is that the > host where I have to move this project allows listening only on port > 80 (apache) or port 25/110 (mail) or port 22 (ssh) > > How can I set up apache or iptables to log in incoming data packets > while at the same time allow apache to serve web pages? > > My google time continues to turn up inconclusive leads. > ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** From microman at cmosnetworks.com Wed Jul 23 15:55:44 2008 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Wed, 23 Jul 2008 11:55:44 -0400 Subject: [K12OSN] Reading TCP packets In-Reply-To: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> References: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> Message-ID: <48875480.2000508@cmosnetworks.com> Sudev Barar wrote: > This may not be correct place but collective wisdom can perhaps point > me to a good resource. > > I have a remote device that is generating data and is sending as a TCP > packet to designated IP:Port. If I open and set a non standard port I > am able to receive the packets using a listener. Problem is that the > host where I have to move this project allows listening only on port > 80 (apache) or port 25/110 (mail) or port 22 (ssh) > > How can I set up apache or iptables to log in incoming data packets > while at the same time allow apache to serve web pages? > > My google time continues to turn up inconclusive leads. > If you're sniffing, which is what it sounds like you're doing, then it doesn't matter which "port you have open." You don't need to have any "ports open" on your sniffer. Rob Owens suggested Wireshark, and I agree with him. TCPDump is another good sniffer. Exactly how are you "opening and setting a non standard port"? --TP From sbarar at gmail.com Wed Jul 23 17:05:33 2008 From: sbarar at gmail.com (Sudev Barar) Date: Wed, 23 Jul 2008 22:35:33 +0530 Subject: [K12OSN] Reading TCP packets In-Reply-To: <48875480.2000508@cmosnetworks.com> References: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> <48875480.2000508@cmosnetworks.com> Message-ID: <774593a20807231005v514710f8uebf4433f46d09487@mail.gmail.com> 2008/7/23 "Terrell Prud? Jr." : >> I have a remote device that is generating data and is sending as a TCP >> packet to designated IP:Port. If I open and set a non standard port I >> am able to receive the packets using a listener. Problem is that the >> host where I have to move this project allows listening only on port >> 80 (apache) or port 25/110 (mail) or port 22 (ssh) >> >> How can I set up apache or iptables to log in incoming data packets >> while at the same time allow apache to serve web pages? >> >> My google time continues to turn up inconclusive leads. >> > If you're sniffing, which is what it sounds like you're doing, then it > doesn't matter which "port you have open." You don't need to have any > "ports open" on your sniffer. Rob Owens suggested Wireshark, and I > agree with him. TCPDump is another good sniffer. No I am not sniffing. The remote device can be set to send packets to any IP:Port combination. So I just opened a random high port in my firewall and used "nc" to read the packets at that port. Then another program takes over and process these and log them on to database. Now problem is after establishing proof of concept on my laptop I need to run this system on a web-host and that host only has ports mentioned open. -- Regards, Sudev Barar Read http://blog.sudev.in for topics ranging from here to there. PS: I know most of people do not follow email niceties (mostly they are not aware) but if you follow bottom post/in-line post style of email conversations it becomes a whole lot easier to carry on meaningful dialogue and you can snip out what is not meaningful too. Most people just hit reply button and top post leaving prior message appended uselessly at bottom. See if you can adopt this style and persuade others. In case you are already doing this ..... great, spread the message. From microman at cmosnetworks.com Wed Jul 23 17:43:05 2008 From: microman at cmosnetworks.com (=?ISO-8859-1?Q?=22Terrell_Prud=E9_Jr=2E=22?=) Date: Wed, 23 Jul 2008 13:43:05 -0400 Subject: [K12OSN] Reading TCP packets In-Reply-To: <774593a20807231005v514710f8uebf4433f46d09487@mail.gmail.com> References: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> <48875480.2000508@cmosnetworks.com> <774593a20807231005v514710f8uebf4433f46d09487@mail.gmail.com> Message-ID: <48876DA9.2060501@cmosnetworks.com> Sudev Barar wrote: > 2008/7/23 "Terrell Prud? Jr." : > >>> I have a remote device that is generating data and is sending as a TCP >>> packet to designated IP:Port. If I open and set a non standard port I >>> am able to receive the packets using a listener. Problem is that the >>> host where I have to move this project allows listening only on port >>> 80 (apache) or port 25/110 (mail) or port 22 (ssh) >>> >>> How can I set up apache or iptables to log in incoming data packets >>> while at the same time allow apache to serve web pages? >>> >>> My google time continues to turn up inconclusive leads. >>> >>> >> If you're sniffing, which is what it sounds like you're doing, then it >> doesn't matter which "port you have open." You don't need to have any >> "ports open" on your sniffer. Rob Owens suggested Wireshark, and I >> agree with him. TCPDump is another good sniffer. >> > > No I am not sniffing. The remote device can be set to send packets to > any IP:Port combination. So I just opened a random high port in my > firewall and used "nc" to read the packets at that port. Then another > program takes over and process these and log them on to database. > > Now problem is after establishing proof of concept on my laptop I need > to run this system on a web-host and that host only has ports > mentioned open. > Which packets do you want to log on this Web server? From your response, I'm guessing it's accessible directly from the Internet (i. e. not through a proxy) and uses packet-filtering as its firewalling strategy. --TP -------------- next part -------------- An HTML attachment was scrubbed... URL: From nils at breun.nl Wed Jul 23 17:47:58 2008 From: nils at breun.nl (Nils Breunese) Date: Wed, 23 Jul 2008 19:47:58 +0200 Subject: [K12OSN] Reading TCP packets In-Reply-To: <774593a20807231005v514710f8uebf4433f46d09487@mail.gmail.com> References: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> <48875480.2000508@cmosnetworks.com> <774593a20807231005v514710f8uebf4433f46d09487@mail.gmail.com> Message-ID: <680C040D-B9A7-46D9-9FB9-DCC6EBFC7F26@breun.nl> Sudev Barar wrote: > 2008/7/23 "Terrell Prud? Jr." : >>> I have a remote device that is generating data and is sending as a >>> TCP >>> packet to designated IP:Port. If I open and set a non standard >>> port I >>> am able to receive the packets using a listener. Problem is that the >>> host where I have to move this project allows listening only on port >>> 80 (apache) or port 25/110 (mail) or port 22 (ssh) >>> >>> How can I set up apache or iptables to log in incoming data packets >>> while at the same time allow apache to serve web pages? >>> >>> My google time continues to turn up inconclusive leads. >>> >> If you're sniffing, which is what it sounds like you're doing, then >> it >> doesn't matter which "port you have open." You don't need to have >> any >> "ports open" on your sniffer. Rob Owens suggested Wireshark, and I >> agree with him. TCPDump is another good sniffer. > > No I am not sniffing. The remote device can be set to send packets to > any IP:Port combination. So I just opened a random high port in my > firewall and used "nc" to read the packets at that port. Then another > program takes over and process these and log them on to database. > > Now problem is after establishing proof of concept on my laptop I need > to run this system on a web-host and that host only has ports > mentioned open. I don't know what kind of 'remote device' you're talking about, but can't that device make HTTP requests? If so, you could set up a web service on the web host and have that handle the messages. If SSH is supported you could also have the 'remote device' run a command on the web host via SSH. The third option seems to let the 'remote device' send an e-mail, as SMTP is also open. :o) Nils. From tnelson at rockbochs.com Wed Jul 23 21:28:26 2008 From: tnelson at rockbochs.com (Tim Nelson) Date: Wed, 23 Jul 2008 16:28:26 -0500 (CDT) Subject: [K12OSN] SMBLDAP Docs Missing... Message-ID: <17351029.781216848506509.JavaMail.root@zmail.rockbochs.com> Hello fellow listers... I know many of you are successfully using the SMBLDAP installer scripts over at http://majen.net/smbldap/ . As I start a testbed implementation, I'm seeing that the documentation supposedly available at http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ is indeed missing. Is there another mirror of that content available elsewhere? Thank you! Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 From julius at turtle.com Wed Jul 23 21:40:18 2008 From: julius at turtle.com (Julius Szelagiewicz) Date: Wed, 23 Jul 2008 17:40:18 -0400 (EDT) Subject: [K12OSN] Reading TCP packets In-Reply-To: <774593a20807230325g608189a9o17c8ac314be8dade@mail.gmail.com> Message-ID: So, Sudev, you'd rather have a "conforming" email that one with an answer? :-) The mechanism you can use is the same one used for port redirection for internet proxy. Below is my entry in nat table for proxy forwarding: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 216.216.171.6:3128 iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 216.216.171.6:3128 You would modify it by adding --source (your packet generator) and change port for the listener. Piece of cake. julius On Wed, 23 Jul 2008, Sudev Barar wrote: > This may not be correct place but collective wisdom can perhaps point > me to a good resource. > > I have a remote device that is generating data and is sending as a TCP > packet to designated IP:Port. If I open and set a non standard port I > am able to receive the packets using a listener. Problem is that the > host where I have to move this project allows listening only on port > 80 (apache) or port 25/110 (mail) or port 22 (ssh) > > How can I set up apache or iptables to log in incoming data packets > while at the same time allow apache to serve web pages? > > My google time continues to turn up inconclusive leads. > > -- > Regards, > Sudev Barar > Read http://blog.sudev.in for topics ranging from here to there. > > PS: I know most of people do not follow email niceties (mostly they > are not aware) but if you follow bottom post/in-line post style of > email conversations it becomes a whole lot easier to carry on > meaningful dialogue and you can snip out what is not meaningful too. > Most people just hit reply button and top post leaving prior message > appended uselessly at bottom. See if you can adopt this style and > persuade others. In case you are already doing this ..... great, > spread the message. > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From tnelson at rockbochs.com Wed Jul 23 22:24:37 2008 From: tnelson at rockbochs.com (Tim Nelson) Date: Wed, 23 Jul 2008 17:24:37 -0500 (CDT) Subject: [K12OSN] SMBLDAP Docs Missing... In-Reply-To: <26534629.1051216851774657.JavaMail.root@zmail.rockbochs.com> Message-ID: <31263599.1071216851877213.JavaMail.root@zmail.rockbochs.com> Ugh... I seem to have missed the recent post regarding the new placement of these docs: http://www.archivum.info/k12osn at redhat.com/2008-07/msg00001.html Maybe someone should update the SMBLDAP site... :-) Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 ----- Original Message ----- From: "Tim Nelson" To: k12osn at redhat.com Sent: Wednesday, July 23, 2008 4:28:26 PM GMT -06:00 US/Canada Central Subject: [K12OSN] SMBLDAP Docs Missing... Hello fellow listers... I know many of you are successfully using the SMBLDAP installer scripts over at http://majen.net/smbldap/ . As I start a testbed implementation, I'm seeing that the documentation supposedly available at http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ is indeed missing. Is there another mirror of that content available elsewhere? Thank you! Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From dtrask at vcsvikings.org Thu Jul 24 16:21:17 2008 From: dtrask at vcsvikings.org (David Trask) Date: Thu, 24 Jul 2008 12:21:17 -0400 Subject: [K12OSN] SMBLDAP Docs Missing... In-Reply-To: <17351029.781216848506509.JavaMail.root@zmail.rockbochs.com> References: <17351029.781216848506509.JavaMail.root@zmail.rockbochs.com> Message-ID: I moved/recreated them over here. Matt hasn't updated the link yet. https://wiki.ubuntu.com/SmbLdapInstaller "Support list for open source software in schools." writes: >Hello fellow listers... I know many of you are successfully using the >SMBLDAP installer scripts over at http://majen.net/smbldap/ . As I start >a testbed implementation, I'm seeing that the documentation supposedly >available at http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ is >indeed missing. Is there another mirror of that content available >elsewhere? Thank you! > >Tim Nelson >Systems/Network Support >Rockbochs Inc. >(218)727-4332 x105 > >_______________________________________________ >K12OSN mailing list >K12OSN at redhat.com >https://www.redhat.com/mailman/listinfo/k12osn >For more info see David N. Trask Technology Teacher/Director Vassalboro Community School dtrask at vcsvikings.org (207)923-3100 From dtrask at vcsvikings.org Thu Jul 24 16:21:17 2008 From: dtrask at vcsvikings.org (David Trask) Date: Thu, 24 Jul 2008 12:21:17 -0400 Subject: [K12OSN] SMBLDAP Docs Missing... In-Reply-To: <17351029.781216848506509.JavaMail.root@zmail.rockbochs.com> References: <17351029.781216848506509.JavaMail.root@zmail.rockbochs.com> Message-ID: I moved/recreated them over here. Matt hasn't updated the link yet. https://wiki.ubuntu.com/SmbLdapInstaller "Support list for open source software in schools." writes: >Hello fellow listers... I know many of you are successfully using the >SMBLDAP installer scripts over at http://majen.net/smbldap/ . As I start >a testbed implementation, I'm seeing that the documentation supposedly >available at http://www.vcsvikings.org/docuwiki/cgi-bin/moin.cgi/ is >indeed missing. Is there another mirror of that content available >elsewhere? Thank you! > >Tim Nelson >Systems/Network Support >Rockbochs Inc. >(218)727-4332 x105 > >_______________________________________________ >K12OSN mailing list >K12OSN at redhat.com >https://www.redhat.com/mailman/listinfo/k12osn >For more info see David N. Trask Technology Teacher/Director Vassalboro Community School dtrask at vcsvikings.org (207)923-3100 From wtogami at redhat.com Sat Jul 26 07:41:16 2008 From: wtogami at redhat.com (Warren Togami) Date: Sat, 26 Jul 2008 03:41:16 -0400 Subject: [K12OSN] Day 1: LTSP Hackfest Portland 2008 Message-ID: <488AD51C.5060000@redhat.com> http://wtogami.livejournal.com/26811.html I wrote up a summary of what happened today at day one of the Hackfest in Portland. We got a large amount done, with two days of of Hackfest. Check out the links to the more detailed notes and theoretical local apps implementation. Warren Togami wtogami at redhat.com From wtogami at redhat.com Sat Jul 26 07:49:42 2008 From: wtogami at redhat.com (Warren Togami) Date: Sat, 26 Jul 2008 03:49:42 -0400 Subject: [K12OSN] FC9 based K12LTSP? In-Reply-To: <4886CA3D.5080804@arkki.info> References: <488684B7.3070800@snarlnet.com> <4886CA3D.5080804@arkki.info> Message-ID: <488AD716.4080308@redhat.com> Asmo Koskinen wrote: > Carl Keil kirjoitti: > >> Does anyone know when Fedora is going to include K12LTSP? > > I have tested Asus Eee PC (and P4 PC) with all major ditros (Ubuntu, > openSUSE, Fedora) as thin client. All works (sound and usb-stick > out-of-box), but Fedora needs more manual work than others. And there is > language issue with LDM/Desktop on Fedora 9. > > Here are my test results. > > Fedora 9: > http://marc.info/?l=ltsp-discuss&m=121672602610470&w=2 > I looked at this link. What manual work exactly are you referring to? Your post seems to cause more confusion... https://fedorahosted.org/k12linux/ If you followed the directions then configuration really is simpler than this. Our default dhcpd.conf and ltps-dhcpd should Just Work unless you have special needs for your network topology. Your /etc/exports shouldn't have any /var/lib/ltsp/swapfiles as we do NBD swap instead. Finally tftp should be pre-configured, you only need to enable it as would have happened if you followed our directions. Warren Togami wtogami at redhat.com From asmo.koskinen at arkki.info Sat Jul 26 15:09:45 2008 From: asmo.koskinen at arkki.info (asmo.koskinen at arkki.info) Date: Sat, 26 Jul 2008 18:09:45 +0300 (EEST) Subject: [K12OSN] FC9 based K12LTSP? In-Reply-To: <488AD716.4080308@redhat.com> References: <488684B7.3070800@snarlnet.com> <4886CA3D.5080804@arkki.info> <488AD716.4080308@redhat.com> Message-ID: <43410.85.157.210.234.1217084985.squirrel@webmail2.nebula.fi> > I looked at this link. What manual work exactly are you referring to? > > Your post seems to cause more confusion... > > https://fedorahosted.org/k12linux/ I'm sorry for that. I'm off the town right now, but I will tell more next week. Best Regrads Asmo Koskinen. From vceder at canterburyschool.org Mon Jul 28 02:44:02 2008 From: vceder at canterburyschool.org (Vern Ceder) Date: Sun, 27 Jul 2008 22:44:02 -0400 Subject: [K12OSN] K12 Open Minds Conference Message-ID: <488D3272.3010609@canterburyschool.org> The following is an announcement of the second K12 Open Minds conference Sept 25-27 in Indianapolis. K12 Open Minds is dedicated to exploring open source software in K12 education and last year drew participants from several countries. Please feel free to pass this along to anyone who might be interested and I hope you can join us in Indy in September. Regards, Vern Ceder Dear Educational Leader: Schools around the United States and the world are discovering the benefits of Open-Source Software. In Indiana alone, over 150,000 students use Open-Source Software every day. Not only does Open-Source Software save money, it allows schools to extend essential educational software to students' homes and into after-school programs, providing extended learning opportunities at no cost. Are you looking for ways to provide more technology with less money? Could your teachers benefit from a Virtual Learning Environment (Moodle, Sakai)? Do you want a solution for all of your students to access their school work from home? Is your school community looking for ways to increase student engagement and learning? Have you thought about developing an Open-Source Software strategy to increase technology access while controlling costs? Join us September 25-27, 2008 in Indianapolis, Indiana for the K-12 Open Minds Conference! This is an unparalleled opportunity to talk with teachers, administrators and technology staff from around the U.S. and the world. We expect more than 600 attendees, from the US, Europe, Asia and North and South America. Dozens of sessions that address teaching and learning, leadership and technical issues related to open technologies make this conference a "must attend" event. Teaching and Learning sessions will feature experienced teachers from around the world demonstrating successful strategies and techniques. Technology and Infrastructure sessions will feature experts from around the world on issues such as: connecting to your local Windows or Mac authentication server, managing large and small network deployments, and using interactive whiteboards in classrooms in Linux and open-source environments, and more. Additional sessions designed for Leadership and Policy will demonstrate how policy initiatives and effective strategies for using Open-Source Software help to meet your educational objectives. Featured Speakers include: Donna Benjamin - Executive Director of Creative Contingencies and board member of Open Source Industry Australia; Alex Inman -- Director of Technology at Whitfield School, St. Louis, MO - an Essential School using open source; Chris Lehman -- Principal of the Science Leadership Academy in Philadelphia, PA, and; Dr. David Thornburg - Director of Global Operations for the Thornburg Center and author of several books including, When the Best is Free. For more information and to register go to: http://k12openminds.org A special conference hotel rate of $97 is available at the Indianapolis Downtown Marriott through Monday, August 25, 2008. After that, rates may be higher. If you have any questions please contact Mike Huffman at 317.232.6672 or mhuffman at doe.in.gov -- This time for sure! -Bullwinkle J. Moose ----------------------------- Vern Ceder, Director of Technology Canterbury School, 3210 Smith Road, Ft Wayne, IN 46804 vceder at canterburyschool.org; 260-436-0746; FAX: 260-436-5137 From k12ltsp at rwcinc.net Tue Jul 29 00:23:53 2008 From: k12ltsp at rwcinc.net (Patrick Fleming) Date: Mon, 28 Jul 2008 17:23:53 -0700 Subject: [K12OSN] Running Torrents Message-ID: <488E6319.9020403@rwcinc.net> Hey all, I have been running a torrent tracker for K12LTSPEL5 for some time now (it's on the download page) and I just recently realized that there is at least one other tracker running with the ISOs for the CDs. First of all, are there any plans to respin 5EL with K12LTSP to 5.2? Second, assuming the answer to my first question is yes I would like to coordinate with the other trackers so that if there are multiple torrents/seeds it can be in one .torrent file. Torrent technology should allow more than one tracker to be listed in the .torrent file. Had I realized there was another tracker I might have set mine up a little differently, ideally building .torrent files that announce to more than one tracker. From SteveSings at gmail.com Tue Jul 29 17:10:46 2008 From: SteveSings at gmail.com (Stephen Crampton) Date: Tue, 29 Jul 2008 13:10:46 -0400 Subject: [K12OSN] Proposal for Middle School Computer Lab Message-ID: Any comments on the following? ------------------------------ --------------------------------------------------------------------------- STATE OF THE ART COMPUTER LAB My preference would be to set up my classroom as a thin-client system. With the hardware I discuss below, we could have a "cutting edge" computer lab that would be ideal for the educational needs of our students. Before you read further, would you please peruse the following case study: http://www.k12ltsp.org/rhs_casestudy.html I think we could set up a Linux lab for considerably less money than described in the case study: 1. The case study cites 2002 prices; all of the equipment should be much cheaper today. 2. We should look to local businesses and parents to donate equipment. 3. With a down-turned economy, there has got to be an excess of computer equipment out there from down-sized businesses, etc. We may be able to get new or gently used equipment at big discounts. Note that the case study includes Mac, Linux, and Windows. For my lab, I would recommend having only Linux to start with. In this case, we would have $0 licensing costs. I like the thin-client paradigm for the following reasons: 1. It is easy to maintain; only one machine (the server) needs to be configured and updated. By the way, the school's network will directly interact only with the server, so security and other issues should be easy to resolve. 2. It is easy to control the classroom. In particular, from the server I can see what everyone is doing, send messages to them, take control of their computers to help them with issues, and blank the screens when I want everyone's attention. Moreover, I can display student work on an LCD projector so that students can evaluate each other's work. My syllabus for the year would include the following topics, all of which the lab would be ideal for: -programming using Logo and Alice -using spreadsheets to organize data, perform computations, and display graphs -3D animation using Blender -digital-image manipulation using G.I.M.P. (a Photoshop clone) -space exploration using Celestia and other planetarium software -web-page creation -podcasts and webcasts -other lessons utilizing the wealth of software included with Edubuntu ( http://www.edubuntu.org/UsingEdubuntu). I'd like to tie in my topics with other teachers, especially math and science teachers, so that topics learned in other classes can be explored further in my lab using constructivist learning techniques. THIN CLIENTS Regarding the "client" machines (the machines the students actually use), I think we should have 27 of them (2 spares). Here are three options: 1. Diskless, fanless machines similar to these: 5 HP clients for $750. These machines save a lot of space, heat, energy, and noise. Fans actually make a lot of noise, especially when you have 27 of them. I really like the idea of having LCD screens to replace the CRT monitors. The ones used in the case study can be gotten for $107 ( http://www.starsurplus.com/viewitem.lasso?i=LCD1550V-B). We might be able to get a better price buying 28 of them (includes one for the server). They save a lot of space, heat, and energy. In addition, they are better for the students' eyes. We might also be able to get a vendor to throw in some free keyboards and mice. Total price <= $7,000. 2. Laptops with hard drives removed give you a "thin client," keyboard, mouse, and LCD monitor in one. It's possible that we could get business donations for these. 3. We could use the machines in the room, plus another 14 or so similar machines, so that each student has access to a computer. The biggest challenge with this is fitting all of the machines and students into the space in such a way that it is a good learning environment. The current machines are noisy, hot, and energy inefficient. Replacing the CRT monitors with LCD monitors would help a lot. SERVER Because I would like to have the students do 3D animation using Blender and video editing, we need as powerful a server as we can get. The minimum recommended memory is 128 MB per client x 25 = 3.2 GB memory. To permit animation and video, I would like at least 6 GB of memory. Here is a sample server: Dell PowerEdge? SC1430 I'm attaching a quote for $3,500 for the server. I assume that we can get a better price as a public school. For the quote, I chose a RAID5 controller with three disks. This speeds up disk access and protects us against disk failure. If one disk fails, the system still works until we replace the disk. If we want to stick with a single disk drive, we can save a few hundred dollars. I also chose the maximum memory of 8 GB for the best performance. We could save a few hundred dollars by starting with less memory. It's also possible that the school district has a server we could use or that we could get a donated server. OTHER HARDWARE We need a switch for the 27 computers plus one server. I would recommend a gigabit switch so that there will be enough speed to display videos and animations on all of the clients. We also need cabling for all of the computers, including network cabling and power cables. It might be a good idea to put the server on a UPS power supply to protect against surges and power outages. We need enough tables for all of the computers. I'd like to cluster the computers into groups of 5-6 students, where each student can see all of his or her group members' screens. If the clients are very small, we may want to lock them to the desk to prevent theft. I need an LCD projector and screen so I can demonstrate how to do things on the computer. The image should be large and bright enough so that everyone can see it clearly. The LCD resolution should be at least 1024x768 so that the kids can see the little buttons and controls on programs such as Blender. With the thin-client setup, I will be able to display one or more student screens on the projector. This may be how we wrap up most classes, by having each student (or perhaps each group) show their day's work. I've attached a sample screen shot to this email. For audio editing and podcasts, we need headphones and microphones for the students. They can be inexpensive ones. For video work, it might be a good idea to get some webcams. Most webcams have microphones built in. The webcams could be also used for creating webcasts. For image editing, I would like to coordinate with the photography teacher. In particular, does he or she have digital cameras for student use? If not, I think it would be a good idea to get 5 or 6 inexpensive digital cameras, so that each group can have one camera. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jkinney at localnetsolutions.com Tue Jul 29 17:53:22 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Tue, 29 Jul 2008 13:53:22 -0400 Subject: [K12OSN] Proposal for Middle School Computer Lab In-Reply-To: References: Message-ID: <1217354002.3973.57.camel@merlin.localnetsolutions.com> On Tue, 2008-07-29 at 13:10 -0400, Stephen Crampton wrote: > Any comments on the following? Yep! Check inline. > > > > ------------------------------ > --------------------------------------------------------------------------- > > STATE OF THE ART COMPUTER LAB > > My preference would be to set up my classroom as a thin-client system. > With the hardware I discuss below, we could have a "cutting edge" > computer lab that would be ideal for the educational needs of our > students. > > Before you read further, would you please peruse the following case > study: http://www.k12ltsp.org/rhs_casestudy.html > > I think we could set up a Linux lab for considerably less money than > described in the case study: > 1. The case study cites 2002 prices; all of the equipment should be > much cheaper today. > 2. We should look to local businesses and parents to donate equipment. > 3. With a down-turned economy, there has got to be an excess of > computer equipment out there from down-sized businesses, etc. We may > be able to get new or gently used equipment at big discounts. Used business-class desktop make good thin client (especially if the hard drives can be removed) or use them as stand-alone linux desktops with remote /home storage. > > Note that the case study includes Mac, Linux, and Windows. For my > lab, I would recommend having only Linux to start with. In this case, > we would have $0 licensing costs. Avoid putting in the proprietary OS stuff at all costs. It's like a virus/fungus/mold. Once it takes root, it spreads and wipes out all the other stuff. Mac has a place (in the video lab) and windows does as well (playing games) but a Linux-only initial setup make later expansion easier to justify. > > I like the thin-client paradigm for the following reasons: > 1. It is easy to maintain; only one machine (the server) needs to be > configured and updated. By the way, the school's network will > directly interact only with the server, so security and other issues > should be easy to resolve. Yep! > 2. It is easy to control the classroom. In particular, from the > server I can see what everyone is doing, send messages to them, take > control of their computers to help them with issues, and blank the > screens when I want everyone's attention. Moreover, I can display > student work on an LCD projector so that students can evaluate each > other's work. Good plan. fl_TeacherTool is excellent and highly recommended. > > My syllabus for the year would include the following topics, all of > which the lab would be ideal for: > -programming using Logo and Alice > -using spreadsheets to organize data, perform computations, and > display graphs > -3D animation using Blender The big server can be used after hours for heavy rendering tasks. > -digital-image manipulation using G.I.M.P. (a Photoshop clone) > -space exploration using Celestia and other planetarium software Celestia requires hardware accelerated 3D graphics. If you have that hardware, great!. If not, it is too slow to be useable. > -web-page creation > -podcasts and webcasts > -other lessons utilizing the wealth of software included with > Edubuntu (http://www.edubuntu.org/UsingEdubuntu). > I'd like to tie in my topics with other teachers, especially math and > science teachers, so that topics learned in other classes can be > explored further in my lab using constructivist learning techniques. The wealth of science tools in Linux are astounding. The challenge will be to narrow them down to the ones suitable for middle school. There are many that are "research-grade" available and they may be daunting. > > > THIN CLIENTS > > Regarding the "client" machines (the machines the students actually > use), I think we should have 27 of them (2 spares). Here are three > options: > > 1. Diskless, fanless machines similar to these: 5 HP clients for > $750. These machines save a lot of space, heat, energy, and noise. > Fans actually make a lot of noise, especially when you have 27 of > them. I really like the idea of having LCD screens to replace the CRT > monitors. The ones used in the case study can be gotten for $107 > (http://www.starsurplus.com/viewitem.lasso?i=LCD1550V-B). We might be > able to get a better price buying 28 of them (includes one for the > server). They save a lot of space, heat, and energy. In addition, > they are better for the students' eyes. We might also be able to get > a vendor to throw in some free keyboards and mice. Total price <= > $7,000. Fanless is best. However, be prepared to do some tweaking to get a happy setup with 3D hardware accelerated graphics. None of the available thin clients I've seen yet have NVidia graphics (really good hardware accelerated support with the NVidia drivers). Check this little box out: http://www.norhtec.com/products/mcsr/index.html I've used their little brother and been very happy. The new one has 3D graphics and more RAM and horsepower. It will still need some tweaking but being able to bolt to the back of an LCD screen has many, many pluses! > > 2. Laptops with hard drives removed give you a "thin client," > keyboard, mouse, and LCD monitor in one. It's possible that we could > get business donations for these. Old laptops make good r However, any failure puts the whole thing out of commission. Beware: some laptops won't boot without a hard drive and some won't boot once the battery fails. Grr. > > 3. We could use the machines in the room, plus another 14 or so > similar machines, so that each student has access to a computer. The > biggest challenge with this is fitting all of the machines and > students into the space in such a way that it is a good learning > environment. The current machines are noisy, hot, and energy > inefficient. Replacing the CRT monitors with LCD monitors would help > a lot. Ditching the CRT's is a space, cooling and vision saver! > > > SERVER > > Because I would like to have the students do 3D animation using > Blender and video editing, we need as powerful a server as we can get. > The minimum recommended memory is 128 MB per client x 25 = 3.2 GB > memory. To permit animation and video, I would like at least 6 GB of > memory. Correction on the memory calculation: 512MB for the server itself, plus 128 per user. Yes, you can reserve smaller amounts for the server but you will start getting some slow down. As soon as the server _needs_ to use swap space, the system is sunk. It will use swap early but for non-critical stuff. The animation and video stuff uses RAM but is mainly CPU intensive. Fast cpu and multi-core, multi-chip is best. A dual-chip, dual-core 2.4 GHz Opteron with 16GB of RAM will do fine as a server for 100 simultaneous thin clients. But add in streaming video or flash think: United Streaming) and that supportable client count drops to 50 or less. > > Here is a sample server: Dell PowerEdge? SC1430 I'm attaching a > quote for $3,500 for the server. I assume that we can get a better > price as a public school. For the quote, I chose a RAID5 controller > with three disks. This speeds up disk access and protects us against > disk failure. If one disk fails, the system still works until we > replace the disk. If we want to stick with a single disk drive, we > can save a few hundred dollars. I also chose the maximum memory of 8 > GB for the best performance. We could save a few hundred dollars by > starting with less memory. Skip the Raid5. The read speed is the same as Raid1 and the write speed is slower. Go for a raid1 root partition on a pair of 300GB SATA II drives and plop in a second pair of 500GB SATA II for a raid 1 /home. The only way to get better performance is to get hardware Raid which costs more than the extra drive anyway. > > It's also possible that the school district has a server we could use > or that we could get a donated server. Be sure to put the used machine through a rigorous burn-in test. You credibility is one the line and the server is a central point of failure! > > > OTHER HARDWARE > > We need a switch for the 27 computers plus one server. I would > recommend a gigabit switch so that there will be enough speed to > display videos and animations on all of the clients. We also need > cabling for all of the computers, including network cabling and power > cables. It might be a good idea to put the server on a UPS power > supply to protect against surges and power outages. Gig-uplink switches are good. Most thin clients are 100Mb anyway so an all gig switch is radical overkill. Be aware of bandwidth issues early and use multiple gig NICs in the server. In my 100-client servers, I used 4 gig NICs bonded. The bandwidth really only called for 2 until the video stuff started up, then all 4 were maxed out. You can bond a pair to one 24-port and another pair to a second 24-port. A 48-port is more $/port than a pair of 24's. > > We need enough tables for all of the computers. I'd like to cluster > the computers into groups of 5-6 students, where each student can see > all of his or her group members' screens. If the clients are very > small, we may want to lock them to the desk to prevent theft. If you use laptops, they are a theft risk. Tiny thin clients are not. Once it gets out they don't work at all without the server, nobody wants them :) Be aware that is middle school students can _touch_ each other, they will get very little work done! And they are big! It is often they will need both room for a keyboarde, a notepad AND and open book and mouse space all at the same time. > > I need an LCD projector and screen so I can demonstrate how to do > things on the computer. The image should be large and bright enough > so that everyone can see it clearly. The LCD resolution should be at > least 1024x768 so that the kids can see the little buttons and > controls on programs such as Blender. With the thin-client setup, I > will be able to display one or more student screens on the projector. > This may be how we wrap up most classes, by having each student (or > perhaps each group) show their day's work. I've attached a sample > screen shot to this email. I have an epson and it's great! Be aware that TeacherTool can be used to share a screen for all to see and it doesn't require additional hardware. > > For audio editing and podcasts, we need headphones and microphones for > the students. They can be inexpensive ones. Be sure to check if the mic input works on your clients before you push ahead on this. > > For video work, it might be a good idea to get some webcams. Most > webcams have microphones built in. The webcams could be also used for > creating webcasts. Webcams are hit or miss on working with Linux. About 1/2 of the usb stuff I've tested doesn't work at all with Linux. I don't know first hand if even the working ones will work from a thin client environment. Hmm. More testing. > > For image editing, I would like to coordinate with the photography > teacher. In particular, does he or she have digital cameras for > student use? If not, I think it would be a good idea to get 5 or 6 > inexpensive digital cameras, so that each group can have one camera. > Cool idea! It might also be a good idea to look into a drawing tablet as well. They should work OK as they are seen as a fancy mouse. Again, it will likely take some tweaking but it'll be worth it. I have an older serial port Wacom tablet and can't imagine using a mouse for freehand work. > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From microman at cmosnetworks.com Tue Jul 29 18:21:35 2008 From: microman at cmosnetworks.com (Terrell Prude' Jr.) Date: Tue, 29 Jul 2008 14:21:35 -0400 Subject: [K12OSN] Proposal for Middle School Computer Lab In-Reply-To: <1217354002.3973.57.camel@merlin.localnetsolutions.com> References: <1217354002.3973.57.camel@merlin.localnetsolutions.com> Message-ID: <488F5FAF.3090509@cmosnetworks.com> James P. Kinney III wrote: > >> Here is a sample server: Dell PowerEdge? SC1430 I'm attaching a >> quote for $3,500 for the server. I assume that we can get a better >> price as a public school. For the quote, I chose a RAID5 controller >> with three disks. This speeds up disk access and protects us against >> disk failure. If one disk fails, the system still works until we >> replace the disk. If we want to stick with a single disk drive, we >> can save a few hundred dollars. I also chose the maximum memory of 8 >> GB for the best performance. We could save a few hundred dollars by >> starting with less memory. >> > Skip the Raid5. The read speed is the same as Raid1 and the write speed > is slower. Go for a raid1 root partition on a pair of 300GB SATA II > drives and plop in a second pair of 500GB SATA II for a raid 1 /home. > The only way to get better performance is to get hardware Raid which > costs more than the extra drive anyway. > Looks like he has spec'd a hardware RAID controller, which I would always recommend anyway. In this case, I think RAID 5 is indeed the way to go here. We use it all the time at my place of work with great results. >> It's also possible that the school district has a server we could use >> or that we could get a donated server. >> > > Be sure to put the used machine through a rigorous burn-in test. You > credibility is one the line and the server is a central point of > failure! > I couldn't agree more here, and with the rest of what James says generally. --TP From rob.owens at biochemfluidics.com Tue Jul 29 18:33:09 2008 From: rob.owens at biochemfluidics.com (Rob Owens) Date: Tue, 29 Jul 2008 14:33:09 -0400 Subject: [K12OSN] Proposal for Middle School Computer Lab In-Reply-To: References: Message-ID: <488F6265.7060209@biochemfluidics.com> Stephen Crampton wrote: > Any comments on the following? > I'd like to tie in my topics with other teachers, especially math and > science teachers, so that topics learned in other classes can be > explored further in my lab using constructivist learning techniques. > I always thought it would be a cool idea to have the photography students go out and photograph animals, then have the programming students integrate those pictures into Gcompris (in the mouse-moving games where you remove tiles to uncover a picture of an animal). If you could get your changes accepted into the upstream code, you guys would be a big hit and you'd certainly have something to brag about in the school newsletter. > Here is a sample server: Dell PowerEdge? SC1430 I'm attaching a quote > for $3,500 for the server. I assume that we can get a better price as a > public school. For the quote, I chose a RAID5 controller with three > disks. This speeds up disk access and protects us against disk > failure. If one disk fails, the system still works until we replace the > disk. If we want to stick with a single disk drive, we can save a few > hundred dollars. I also chose the maximum memory of 8 GB for the best > performance. We could save a few hundred dollars by starting with less > memory. > Personally I'd rather get all the RAM I could, and save money by using software RAID and SATA disks. But I've never had more than 10 users on one of my servers, so there may be problems with that setup that I haven't seen yet. > It's also possible that the school district has a server we could use or > that we could get a donated server. > Careful about using too much recycled hardware. People (especially non-technical people) like to see fancy new things. Start by requesting all new hardware, and if price is an issue then talk about donated servers and old P2's as thin clients. You'll be perceived as "resourceful" instead of as a cheapskate! > We need enough tables for all of the computers. I'd like to cluster the > computers into groups of 5-6 students, where each student can see all of > his or her group members' screens. You might want to head-off any concerns about students copying work from each other. It sounds like you intend for this to be used for group learning, but some folks might not realize that. -Rob ******************************************************** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the addressee, any disclosure, reproduction, copying, distribution, or other dissemination or use of this transmission in error please notify the sender immediately and then delete this e-mail. E-mail transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ******************************************************** From tom.hoffman at gmail.com Tue Jul 29 18:48:08 2008 From: tom.hoffman at gmail.com (Tom Hoffman) Date: Tue, 29 Jul 2008 14:48:08 -0400 Subject: [K12OSN] Proposal for Middle School Computer Lab In-Reply-To: References: Message-ID: <92de6c880807291148n23943d1eo921067645ceeb703@mail.gmail.com> 2008/7/29 Stephen Crampton : > Any comments on the following? > My syllabus for the year would include the following topics, all of which > the lab would be ideal for: > -programming using Logo and Alice > -using spreadsheets to organize data, perform computations, and display > graphs > -3D animation using Blender > -digital-image manipulation using G.I.M.P. (a Photoshop clone) > -space exploration using Celestia and other planetarium software > -web-page creation > -podcasts and webcasts > -other lessons utilizing the wealth of software included with Edubuntu > (http://www.edubuntu.org/UsingEdubuntu). > I'd like to tie in my topics with other teachers, especially math and > science teachers, so that topics learned in other classes can be explored > further in my lab using constructivist learning techniques. This is very 3-d graphics and multimedia intensive set of applications. I'm more of a lurker here than an expert, but I think what you'd really want is what SkoleLinux calls a "low fat" client -- diskless but doing the processing (particularly video) locally. I'm sure that all this is *possible* using thin clients, but I think it would require a particularly finely tuned system. --Tom From wtogami at redhat.com Tue Jul 29 23:39:37 2008 From: wtogami at redhat.com (Warren Togami) Date: Tue, 29 Jul 2008 19:39:37 -0400 Subject: [K12OSN] Full Report: LTSP Hackfest Portland 2008 Message-ID: <488FAA39.8020706@redhat.com> http://wtogami.livejournal.com/27023.html Please read details about what happened at the Hackfest event in Portland. Big changes coming soon, and plans for further improvements were formed. Warren Togami wtogami at redhat.com From brian at portsmouth-college.ac.uk Wed Jul 30 13:55:29 2008 From: brian at portsmouth-college.ac.uk (Brian Chivers) Date: Wed, 30 Jul 2008 14:55:29 +0100 Subject: [K12OSN] Migrating from one server to another Message-ID: <489072D1.6070100@portsmouth-college.ac.uk> I'm in the process of migrating our main PDC / Samba3 / Openldap server from one server to a new box. I have installed the basic system including the smbldap-tools & done an initial rsync of the /home directory but I'm wondering what else I need to do. This is how I'd intended to complete the swap. 1.) Backup main ldap server & import this to new one. 2.) copy over changes from smb.conf to new box so domain & server name are the same on both boxes. 3.) record sid from existing server & set new server to the same sid (this bit I'm not sure if I need to do as domain sid is stored in LDAP server 4.) stop samba on old server 5.) Start samba & ldap on new server 6.) Cross finger 7.) Test that existing Windows machines can login OK. Does this seem right ?? Brian Chivers Portsmouth College ------------------------------------------------------------------------------------------------ The views expressed here are my own and not necessarily the views of Portsmouth College From k12osn at deltacfax.com Wed Jul 30 14:17:10 2008 From: k12osn at deltacfax.com (Tim Born) Date: Wed, 30 Jul 2008 09:17:10 -0500 Subject: [K12OSN] Migrating from one server to another In-Reply-To: <489072D1.6070100@portsmouth-college.ac.uk> References: <489072D1.6070100@portsmouth-college.ac.uk> Message-ID: <489077E6.8090702@deltacfax.com> I have been wearing out the pages on this article: Virtualize a Server with Minimal Downtime (http://www.linuxjournal.com/article/9942). It has lots of great information about how to, among other things, take an existing machine and pull it into a virtual machine untouched, so you can slide it to new hardware. best, -tim Brian Chivers wrote: > I'm in the process of migrating our main PDC / Samba3 / Openldap > server from one server to a new box. > > I have installed the basic system including the smbldap-tools & done > an initial rsync of the /home directory but I'm wondering what else I > need to do. > > This is how I'd intended to complete the swap. > > 1.) Backup main ldap server & import this to new one. > 2.) copy over changes from smb.conf to new box so domain & server name > are the same on both boxes. > 3.) record sid from existing server & set new server to the same sid > (this bit I'm not sure if I need to do as domain sid is stored in LDAP > server > 4.) stop samba on old server > 5.) Start samba & ldap on new server > 6.) Cross finger > 7.) Test that existing Windows machines can login OK. > > Does this seem right ?? > > Brian Chivers > Portsmouth College > > ------------------------------------------------------------------------------------------------ > > The views expressed here are my own and not necessarily > > the views of Portsmouth College > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see From asmo.koskinen at arkki.info Wed Jul 30 17:13:04 2008 From: asmo.koskinen at arkki.info (Asmo Koskinen) Date: Wed, 30 Jul 2008 20:13:04 +0300 Subject: [K12OSN] Fedora 9 and LTSP 5 by the book Message-ID: <4890A120.5080308@arkki.info> I did a new fresh installation - Fedora 9 and LTSP 5, now by the book. https://fedorahosted.org/k12linux/wiki/InstallGuide I'm sorry for my earlier post... Everything really worked out as Warren has told... My notes are here (I - some tools, II setup by the book): http://www.arkki.info/howto/Fedora/Fedora9-LTSP5.txt I just changed my dhcpd.conf: http://www.arkki.info/howto/Fedora/dhcpd.conf I added finnish keyboard: http://www.arkki.info/howto/Fedora/lts.conf Gnome is finnish (P4 PC), there is on LDM list languages finnish, too (fi_FI.utf8): http://www.arkki.info/howto/Fedora/P4_01.png http://www.arkki.info/howto/Fedora/P4_01.png Asus Eee PC as thin client (everything just works, sound, YouTube Flash with sound, SD-card, MP3 streaming...): http://www.arkki.info/howto/Fedora/Eee_01.png http://www.arkki.info/howto/Fedora/Eee_02.png Virtual thin client works, too: http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-0.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-1.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-2.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-3.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-4.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-5.png Best Regards Asmo Koskinen. From jmakoid at devonit.com Wed Jul 30 17:49:31 2008 From: jmakoid at devonit.com (Joe Makoid) Date: Wed, 30 Jul 2008 13:49:31 -0400 Subject: [K12OSN] Fedora 9 and LTSP 5 by the book Message-ID: Joe Makoid President Devon IT (a Devon International Group Company) "the Alternative Desktop Computing Company" 215-479-6152 Exec Asst. & Dir. Operations Rebecca Blair rblair at devonit.com ----- Original Message ----- From: k12osn-bounces at redhat.com To: Support list for open source software in schools. Sent: Wed Jul 30 13:13:04 2008 Subject: [K12OSN] Fedora 9 and LTSP 5 by the book I did a new fresh installation - Fedora 9 and LTSP 5, now by the book. https://fedorahosted.org/k12linux/wiki/InstallGuide I'm sorry for my earlier post... Everything really worked out as Warren has told... My notes are here (I - some tools, II setup by the book): http://www.arkki.info/howto/Fedora/Fedora9-LTSP5.txt I just changed my dhcpd.conf: http://www.arkki.info/howto/Fedora/dhcpd.conf I added finnish keyboard: http://www.arkki.info/howto/Fedora/lts.conf Gnome is finnish (P4 PC), there is on LDM list languages finnish, too (fi_FI.utf8): http://www.arkki.info/howto/Fedora/P4_01.png http://www.arkki.info/howto/Fedora/P4_01.png Asus Eee PC as thin client (everything just works, sound, YouTube Flash with sound, SD-card, MP3 streaming...): http://www.arkki.info/howto/Fedora/Eee_01.png http://www.arkki.info/howto/Fedora/Eee_02.png Virtual thin client works, too: http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-0.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-1.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-2.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-3.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-4.png http://www.arkki.info/howto/Fedora/Kuvakaappaus-QEMU-5.png Best Regards Asmo Koskinen. _______________________________________________ K12OSN mailing list K12OSN at redhat.com https://www.redhat.com/mailman/listinfo/k12osn For more info see From lists.john at gmail.com Thu Jul 31 17:28:46 2008 From: lists.john at gmail.com (john) Date: Thu, 31 Jul 2008 10:28:46 -0700 Subject: [K12OSN] Full Report: LTSP Hackfest Portland 2008 In-Reply-To: <488FAA39.8020706@redhat.com> References: <488FAA39.8020706@redhat.com> Message-ID: <2be970b50807311028g5478fe80jef9f94974ba498e8@mail.gmail.com> Thanks for the link Warren It's cool to see the faces behind the code. As an end user of all of the hacking that you and the other's did at FreeGeek last week I'd like to say THANK YOU for your smarts and your (collective) hard work! BTW, I think the fund-raising note at the bottom was a good idea. John On Tue, Jul 29, 2008 at 4:39 PM, Warren Togami wrote: > http://wtogami.livejournal.com/27023.html > Please read details about what happened at the Hackfest event in > Portland. Big changes coming soon, and plans for further improvements > were formed. > > Warren Togami > wtogami at redhat.com > > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see > From sergio.chaves at gmail.com Thu Jul 31 22:12:02 2008 From: sergio.chaves at gmail.com (Sergio Chaves) Date: Thu, 31 Jul 2008 18:12:02 -0400 Subject: [K12OSN] Broadcom 4401 and a few more questions... Message-ID: <30f1a9da0807311512k63eeed83y10cbdd8a62e5728@mail.gmail.com> Hi all. I've been "listening" to the list for quite a while and I am a great Linux enthusiast. Thanks to all of you for making ltsp a great tool! A - Broadcom Issue: I've been given the opportunity to create a lab with 25 PCs running LTSP for a test drive. PCs are DELL Dimension 2350 with PXE enabled Broadcom BCM4401 (Per Knoppix). After LTSP install, I am able to connect to the server but fail to load the required driver. I checked the wiki and "googled" it. It seems that the LTSP kernel does not have a driver for it. As I was searching, I read an email where (as I understood) the user was able to initially connect to the server via PXE and then, with an "if" statement in the LTSP_dhcpd.conf, below the "filename" line, was able to continue the boot process using ETHERBOOT, which contains the required driver. Did I understand that correctly? If so, how would I do it. My goal is (preferred but not necessary): 01 - Diskless Clients 02 - Avoid Floppy's or any other type of removable media. B - Question on /etc/skel and Firefox: I've read on earlier posts to this list that we can use /etc/skel to control and/or create a general, unchangeable user profile (?) and tweak Firefox to limit the user web experience. Can I get some input on that one too? Thanks Sergio -- . . . . v v /(_)\ /(_)\ ^ ^ ^ ^ Sergio Chaves Linux User #221305 -------------- next part -------------- An HTML attachment was scrubbed... URL: From jkinney at localnetsolutions.com Thu Jul 31 22:28:57 2008 From: jkinney at localnetsolutions.com (James P. Kinney III) Date: Thu, 31 Jul 2008 18:28:57 -0400 Subject: [K12OSN] Broadcom 4401 and a few more questions... In-Reply-To: <30f1a9da0807311512k63eeed83y10cbdd8a62e5728@mail.gmail.com> References: <30f1a9da0807311512k63eeed83y10cbdd8a62e5728@mail.gmail.com> Message-ID: <1217543337.17576.10.camel@merlin.localnetsolutions.com> Greetings Sergio, There are 2 phases to the boot up. PXE is first and it doesn't matter what the NIC chip is. It asks for data and the tftp process spits a kernel at it. The next phase is after the kernel boots and then tries to initialize the hardware. This is where you need the correct kernel modules. Often, a working module exists but the testing doesn't identify it by the maker and model number. (actually PCI ID numbers) If you know which module ran the NIC from Knoppix, you need to just edit the file in the ltsp /etc and add in the corrected data. You can get the data from lspci. Holler if you need help as I am local to you :) On Thu, 2008-07-31 at 18:12 -0400, Sergio Chaves wrote: > Hi all. > > I've been "listening" to the list for quite a while and I am a great > Linux > enthusiast. Thanks to all of you for making ltsp a great tool! > > A - Broadcom Issue: > > I've been given the opportunity to create a lab with 25 PCs running > LTSP for a > test drive. > > PCs are DELL Dimension 2350 with PXE enabled Broadcom BCM4401 (Per > Knoppix). > After LTSP install, I am able to connect to the server but fail to > load the > required driver. I checked the wiki and "googled" it. It seems that > the LTSP > kernel does not have a driver for it. > > As I was searching, I read an email where (as I understood) the user > was able > to initially connect to the server via PXE and then, with an "if" > statement > in the LTSP_dhcpd.conf, below the "filename" line, was able to > continue the > boot process using ETHERBOOT, which contains the required driver. Did > I > understand that correctly? If so, how would I do it. > > My goal is (preferred but not necessary): > > 01 - Diskless Clients > 02 - Avoid Floppy's or any other type of removable media. > > B - Question on /etc/skel and Firefox: > > I've read on earlier posts to this list that we can use /etc/skel to > control > and/or create a general, unchangeable user profile (?) and tweak > Firefox to > limit the user web experience. > Can I get some input on that one too? > > Thanks > > Sergio > > > > -- > . . . . > v v > /(_)\ /(_)\ > ^ ^ ^ ^ > Sergio Chaves > Linux User #221305 > > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > _______________________________________________ > K12OSN mailing list > K12OSN at redhat.com > https://www.redhat.com/mailman/listinfo/k12osn > For more info see -- James P. Kinney III CEO & Director of Engineering Local Net Solutions,LLC http://www.localnetsolutions.com GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.