[K12OSN] k12ltsp as next-server - solved or almost

Johan Vermeulen jvermeulen at cawdekempen.be
Mon Feb 6 19:13:10 UTC 2012 

Hello William, hello All,

I tested this again today on the production environment.

1) on the test environment, clients did log in correctly

2) I don't think it's LDAP related, mostly because root can also not log in.

3) the clients do not log in on the wrong server. I think your advise 
was right, they make the thinclients boot.

I tested today with the two options in dhcpd.conf and ended up enabling 
them both, it makes no difference.

so tho thinks are puzling me:

* this is var/log/messages on thinclient boot :

*Feb  6 16:17:05 server2 in.tftpd[9413]: tftp: client does not accept 
options
Feb  6 16:17:24 server2 rpc.mountd[7744]: authenticated mount request 
from 192.168.50.148:678 for /opt/ltsp/i386 (/opt/ltsp)
Feb  6 16:17:40 server2 xinetd[7603]: START: nbdswapd pid=9431 
from=::ffff:192.168.50.148
Feb  6 16:17:40 server2 nbd-server: connect from 192.168.50.148, 
assigned file is /var/lib/ltsp/swapfiles/QlNwyt
Feb  6 16:17:40 server2 nbd-server: Size of exported file/device is 67108864
Feb  6 16:17:42 server2 xinetd[7603]: START: ldminfod pid=9438 
from=::ffff:192.168.50.148
Feb  6 16:17:42 server2 xinetd[7603]: EXIT: ldminfod status=0 pid=9438 
duration=0(sec)
Feb  6 16:18:37 server2 xinetd[7603]: START: ldminfod pid=9454 
from=::ffff:192.168.50.148
Feb  6 16:18:37 server2 xinetd[7603]: EXIT: ldminfod status=0 pid=9454 
duration=0(sec)
*
so I am wondering about the EXIT; ldminfod part, but I think it's not 
related to the problem. Or is it?

* this is /var/log/secure :

*Feb  6 16:11:12 server2 sshd[9228]: Accepted password for root from 
192.168.50.174 port 45240 ssh2
Feb  6 16:11:12 server2 sshd[9228]: pam_unix(sshd:session): session 
opened for user root by (uid=0)
Feb  6 16:11:13 server2 sshd[9228]: Received disconnect from 
192.168.50.174: 11: disconnected by user
Feb  6 16:11:13 server2 sshd[9228]: pam_unix(sshd:session): session 
closed for user root
Feb  6 16:12:59 server2 sshd[9271]: Connection closed by 192.168.50.148
Feb  6 16:15:13 server2 sshd[9309]: Connection closed by 192.168.50.148
Feb  6 16:18:36 server2 sshd[9443]: Connection closed by 192.168.50.148
*
I think this is the problem: sshd gets closed somehow.
So I tried different firewall configs, but to no avail. Also turned off 
Selinux, that's not it, either.
I also checked /etc/ssh/sshd_config to make shure  to have pam=on.

So I think it has to do with sshd, but cannot figure out what.

greetings, J.


Op 03-02-12 21:38, William Fragakis schreef:
> Johan,
> 1) In your test environment, did the clients log in correctly?
>
> 2) I know almost zero about using LDAP. Sorry.
>
> 3) If it appears that the clients are trying to log in to the wrong
> server:
>
> it appears I was incorrect to suggest editing
>
>   /opt/ltsp/i386/usr/sbin/ltsp-client-launch
>
> to point the clients to a server other than the default at installation.
>
> Although it works, it's the hard way to do something.
>
> Use the option LDM_SERVER in lts.conf to tell the clients the ip address
> of the server they should connect to.  Again, apologies. I forget how
> much I've forgotten.
> (Editing ltsp-client-launch, though, does eliminate the need to set
> LDM_SERVER if you are using an IP range other than the default
> installation.)
>
> Regards,
> William
>
>
> On Fri, 2012-02-03 at 12:00 -0500, k12osn-request at redhat.com wrote:
>> From: Johan Vermeulen<jvermeulen at cawdekempen.be>
>> To: "Support list for open source software in schools."
>>          <k12osn at redhat.com>
>> Subject: Re: [K12OSN] k12ltsp as next-server - solved
>> Message-ID:<4F2BE541.9040703 at cawdekempen.be>
>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>
>> hello William,
>>
>> actualy, I didn't know that.
>>
>> I'll have to do some more reading on the difference between the two
>> methods.
>>
>> It worked yesterday in my test environment, but today on the actual
>> site, it's less successfull.
>> The thinclients boot ok, but no matter what I try, users or root
>> cannot
>> log in on the thinclients. LDAP auth does work on the server...
>> It keeps coming back with : no response from server.
>>
>> grt, Johan
>>
>> Op 02-02-12 18:41, William Fragakis schreef:
>>> Johan,
>>> Glad it worked out for you. You probably want to comment out
>>> the root-path you aren't using as it is redundant and will confuse
>>> things if someone is trying
>>> debug/change things in the future.
>>>
>>> I don't know enough about how dhcpd.conf is read to say if the first
>> or
>>> last one is respected. iirc,
>>> nbd works better for larger installations. So maybe something like
>>>
>>> option root-path "nbd:192.168.66.150:2000:squashfs:ro";
>>> # option root-path "192.168.66.150:/opt/ltsp/i386";
>>>
>>> You probably already know that if you make any changes to the chroot
>>> like yum update or installing local apps, you'll need to run
>>> ltsp-update-kernels for the nbd image to be updated. You don't need
>> to
>>> do that if you are booting from /opt/ltsp/i386
>>>
>>> Good luck,
>>> William
>>>
>>>
>>>
>>>> ontent-Type: text/plain; charset="iso-8859-1"; Format="flowed"
>>>>
>>>> William,
> [snippage]
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see<http://www.k12os.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12osn/attachments/20120206/28196655/attachment.htm>

More information about the K12OSN mailing list