[K12OSN] howto update

Johan Vermeulen jvermeulen at cawdekempen.be
Thu May 30 13:23:35 UTC 2013 

Op 25-04-13 21:38, Jeff Siddall schreef:
> On 04/24/2013 03:07 AM, Wadim Incognito wrote:
>> Hi Paul.
>>
>> I've run in such issue, and the solution is to update chroot
>> (/opt/ltsp/i386) to CentOS 6.4 After that, the problem with login is 
>> gone.
>
> I did a full update on my chroot _except_ for ltsp-client, which is 
> still at ltsp-client-5.2.17-1.el6.i686
>
> However, even after running ltsp-update-sshkeys I still cannot get 
> logged in.  LDM reports "no response from server".  So it appears 
> there is something bad in ldm-2.2.11-3.el6.i686 which I believe came 
> from epel.
>
> I also noticed most of the session choices disappeared from that 
> version of LDM.
>
> Reverting to ldm-2.2.4-1.el6.i686 from the old k12linux repo seems to 
> have fixed it and I can login again.
>
> I should point out I did _not_ upgrade the ltsp-server package.
>
> Joshua,
>
> Is this something you are working on?  It is a bad thing to have a 
> serious regression in a package that is part of widely used 
> repositories so removing that for now would probably be wise.
>
> Thanks,
>
> Jeff
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
> ,

hello All,

after updating, I can boot thinclients without issues.

But laptops / workstations that are also on the lan cannot connect 
connect to the outside world, e.g. ping 8.8.8.8

* root at centos-server ~]# /sbin/sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

* ltps-server-tweaks gives me :

[root at centos-server ~]# ltsp-server-tweaks
About to overwrite your default iptables (firewall) configuration.
hit Ctrl-C if unsure.

and hangs, even is firewall = off.

* here is my /etc/sysconfig/iptables:

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o em2 -j MASQUERADE
-A POSTROUTING -o ltspbr0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i em2 -j ACCEPT
-A INPUT -i ltspbr0 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -i em2 -j ACCEPT
-A FORWARD -i ltspbr0 -j ACCEPT
-A FORWARD -o em2 -j ACCEPT
-A FORWARD -o ltspbr0 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Can anyone offer further advise on this?

greetings, J.

More information about the K12OSN mailing list