[12:31] <effie_jayx> hey all
[12:31] <effie_jayx> is edubuntu somwhow lighter that ubuntu?
[12:32] <stgraber> nope
[12:32] <effie_jayx> I installed on a pentium II and pentium I as desktops and they run great?... how I couldn't install ubuntu is still a mistery to me
[12:32] <stgraber> it's also based on Gnome, only the set of software is different (and artwork)
[12:33] <stgraber> if you want something lighter than Ubuntu/Edubuntu you may want to have a look at Xubuntu
[12:40] <effie_jayx> stgraber,  xubuntu install cd didn't boot
[12:41] <effie_jayx> the edubuntu cd booted and installed ... on two gateways... a gateway 2000 desktop (pentium I and 256 ram)... and pentium II gateway E-2300 and 196 ram
[12:41] <effie_jayx> I am in shock
[12:42] <effie_jayx> I had prepared myself for mini cd install ...
[03:59] <borg7_> I have a 2 NIC LTSP setup I just installed dansguardian.  When I try to boot up a client it gets DHCP but it doesn't pull from TFTP. Any thoughts?
[04:17] <tuxus> hi.. I'd like to install edubuntu on my main system and run all the kids comps off it through ltsp. I do have a couple of questions, and was hoping I'd get some answers here
[04:19] <tuxus> My firewall is a Smoothwall box (smoothwall.org) which also acts as my dhcp server. Can I keep it that way if I give all the pc's on the network static IP's or MUST I relinquish the dhcp server status to the Edubuntu server?
[04:20] <tuxus> Also, I haven't seen much documentation on (network) printing. Can anyone point me in the right direction for information on that?
[04:20] <tuxus> (g2g now, but I'll check back later for any feedback.)
[04:35] <effie_jayx> hey guys...
[04:35] <effie_jayx> whats the equivalent of the alternate install for feisty in edubuntu?
[04:38] <jsgotangco> effie_jayx: the main edubuntu cd itself is alternate since its a server install from the start
[04:38] <jsgotangco> the other cd is desktop
[04:38] <effie_jayx> OK
[04:38] <effie_jayx> server install
[04:38] <effie_jayx> got it
[04:38] <jsgotangco> (it installs LTSP by default)
[04:44] <sbalneav> Evening all
[04:45] <borg7_> evening
[04:45] <jsgotangco> hi
[04:48] <borg7_> I have a 2 NIC LTSP setup I just installed dansguardian.  When I try to boot up a client it gets DHCP but it doesn't pull from TFTP. Any thoughts?
[04:48] <sbalneav> borg7_: So, you have the terminals hanging off a separate nic on the server?
[04:48] <borg7_> correct
[04:49] <sbalneav> What does it say with the tftp? File not found, etc?
[04:49] <borg7_> negative... it trys but times out
[04:50] <borg7_> It just notates that tftp times out
[04:50] <borg7_> The PXE client does get DHCP from the server
[04:50] <sbalneav> netstat -an | grep :69
[04:51] <sbalneav> what does that return?
[04:52] <borg7_> one sec... having trouble w/ vnc and ssh brb to let you know
[04:56] <borg7_> it says 0.0.0.0 :69
[04:57] <sbalneav> Which version of edubuntu are you running?
[04:58] <borg7_> fiesty
[04:59] <sbalneav> Might want to do an ltsp-update-kernels
[05:00] <borg7_> i've got that covered
[05:00] <borg7_> updated it twice
[05:01] <sbalneav> what does your /etc/ltsp/dhcpd.conf file look like?
[05:01] <sbalneav> !pastebin
[05:01] <ubotu> pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)
[05:05] <borg7_> http://paste.ubuntu-nl.org/25371/
[05:07] <sbalneav> Seems standard.
[05:07] <sbalneav> What are the addresses of the two interfaces?
[05:09] <borg7_> eth0 - ltsp side - 192.168.0.1
[05:09] <borg7_> eth1 - internet side - 192.168.1.105
[05:10] <sbalneav> ok, lets do this:
[05:10] <sbalneav> sudo invoke-rc.d openbsd-inetd restatr
[05:11] <sbalneav> err restart
[05:11] <borg7_> sbalneav: If I turn off dansguardian I can get the client to boot pxe
[05:11] <borg7_> dansguardian is the issue
[05:11] <borg7_> it seems
[05:11] <sbalneav> I have no idea what dansguardian is.
[05:11] <borg7_> a web content filter
[05:12] <sbalneav> Well, I'd say if a web content filter is mucking up your tftp server, there's a problem with that package :)
[05:13] <sbalneav> Does it do some kind of iptables filtering?
[05:13] <borg7_> http://dansguardian.org/
[05:13] <sbalneav> If so, you'll need to get it to stop filtering udp:69
[05:14] <borg7_> ok
[05:15] <borg7_> i'll look around the config files for a bit
[05:15] <sbalneav> iptables -L with it on should show you what it's blocking
[05:25] <sbalneav> be right back
[05:31] <sbalneav> back
[05:35] <tuxus> sbalneav: "just" the man who can answer my question..
[05:37] <tuxus> My firewall is a Smoothwall box (smoothwall.org) which also acts as my dhcp server. Can I keep it that way if I give all the pc's on the network static IP's or MUST I relinquish the dhcp server status to the Edubuntu server? Also, I haven't seen much documentation on (network) printing -perhaps because I haven't looked hard enough.. Is printer sharing a fairly straight forward setup?
[05:37] <tuxus> sbalneav: we've "met" earlier today, when I was wpgmb :o)
[05:38] <sbalneav> Are you statically assigning IP addresses on the smoothwall box?
[05:38] <tuxus> so far I have been, yes. Easier to control/monitor kids - ahum, other users' - activities
[05:39] <sbalneav> You'll then have to statically assign IP addresses on the edubuntu server too, you'll have to modify /etc/ltsp/dhcpd.conf
[05:39] <sbalneav> you can have two STATIC dhcpd servers on the same segment, as they'll just ignore addresses they dont know about, so they won't trip over each other
[05:40] <sbalneav> however, you can't have two DYNAMIC dhcpd servers on the same segment.
[05:40] <sbalneav> As for the printer sharing, is it a jetdirect network printer?
[05:41] <tuxus> Have several oldies-but-goodies... LaserJet III and II and IIP's
[05:41] <tuxus> so, no - not with a etherjet or something module
[05:42] <sbalneav> So, you can just hang it off the server.  All the ltsp clients will see it just fine.
[05:42] <tuxus> (or was etherjet IBM's baby? forgot..)
[05:42] <sbalneav> hp's
[05:42] <tuxus> cool
[05:43] <tuxus> thing is... my server, and probably my main workstation at the same time, will be locked in my office, while the other units are dispersed over 1st and 2nd floor. Can I hang a printer off one of the clients, that can be shared that way?
[05:44] <sbalneav> Hmmm, we've got usb printers going, but not // printers yet.
[05:45] <sbalneav> get a usb -> // printer cable, should work fine.
[05:45] <tuxus> okay.. what about a parallel to usb adapter?
[05:46] <tuxus> ok. Next: cd/dvd burner "sharing".. If I don't want to invest in burners for everyone, can I have one burner/floor and share it amongst clients?
[05:47] <tuxus> (provided they learn to burn thru cli over network)
[05:47] <sbalneav> We don't have any support for burning.
[05:48] <sbalneav> reading yes, and memory sticks and floppies.
[05:49] <tuxus> Ok. So, in order to burn a clients' mp3 directory, I could either 1]  ssh into the server, or 2]  be at the server, and simply access their /home?
[05:50] <sbalneav> yep
[05:51] <tuxus> I had that notion. Great.
[05:52] <tuxus> Next: (desktop) personalization.. possible, enabled by default, not possible?
[05:53] <sbalneav> Each userid's got it's own home dir, so backgrounds, themes, sounds, etc.  all are tied to the userid
[05:53] <sbalneav> whichever user logs into whatever terminal, that's what they get.
[05:53] <tuxus> What about a shared directory? Can I create a group with a directory for that group, and make all users part of that group?
[05:54] <sbalneav> yep
[05:54] <sbalneav> That;s what we have at Legalaid.
[05:54] <tuxus> (hmmm. there's GOTTA be something ltsp can't do.. lol )
[05:55] <sbalneav> Well, the cd burning :)
[05:55] <borg7_> sbalneav: I don't think the tftp server in feisty is running on port 69... possibly port 640...
[05:55] <borg7_> when i did a netstat -an it said pretty much all of the udp ports were 0.0.0.0
[05:56] <tuxus> ok - how about THIS one... can I set a time-out on a session, so it logs off after x minutes of idle time?
[05:56] <borg7_> (that's w/ dansguardian turned on)
[05:56] <sbalneav> That 0.0.0.0 means they listen from anywhere.
[05:56] <sbalneav> and yes, it is on 69, unless dansguardian, or you, have moved it.
[05:57] <sbalneav> tuxus: No, not a log off, but you can get it to lock.
[05:57] <borg7_> it establishes 2 tcp connections with the client... but port 640 doesn't establish w/ dansguardian turned on
[05:57] <borg7_> ... config files were no help
[05:57] <sbalneav> 640 isn't a standard port listed in /etc/services.
[05:57] <borg7_> hmm
[05:58] <tuxus> Sbalneav. ok. that's pretty much default for a "regualar" desktop
[05:58] <tuxus> I've read in a forum that one person said he was told having two nics in the server is better. Why would that be?
[05:58] <tuxus> (Edubuntu server running ltsp, that is)
[05:59] <sbalneav> Well, it puts all the ltsp traffic on it's own nic, and won't interfere with an existing dhcpd server.
[06:00] <tuxus> so - My smoothwall would come in the server at eht0, and the ltsp would hang off eht1, going to the switch?
[06:01] <sbalneav> yep
[06:03] <tuxus> could you use a Cisco 1604 ISDN router? Have one collecting dust.. (came in a box @ garage sale, with documentation)
[06:03] <tuxus> free, ofcourse
[06:04] <sbalneav> I suppose, you'd need an isdn line.
[06:04] <sbalneav> Last time I checked, those were about $259/month
[06:04] <tuxus> .. oh yeah... and the proper AC adapter might help too  :o)
[06:04] <tuxus> want it - it's yours.
[06:06] <sbalneav> Heh, nah, thanks for the offer, though.
[06:06] <tuxus> also have two internal 100Mb Zip's... boy, time flies...
[06:08] <tuxus> anywhoo.. d/l the discs this PM; I figured I won't have time in the near future to swing by your office
[06:09] <tuxus> (yawn) g2g  - If ("if" - who am I kidding) I have any other questions, I'll look here for you. Thanks to all, and to all a good-night!
[06:10] <sbalneav> NP
[06:10] <sbalneav> You know where to find me
[06:26] <sbalneav> ogra:
[06:26] <sbalneav> ping
[06:39] <sbalneav> Evening Corey
[06:42] <Burgundavia> hey sbalneav
[07:10] <borg7_> got it working sbalneav!
[07:13] <sbalneav> borg7_: what was it?
[07:14] <borg7_> I d/led a script that installed dansguardian... but come to find out it installed a few other packages also... tinyproxy, clamav, firehol
[07:14] <borg7_> firehol is an easy to use iptable package
[07:15] <borg7_> it blocked access to the tftp
[07:15] <borg7_> so i allowed it... yippee
[07:18] <borg7_> thanks for the direction... i'm in need of sleep so goodnighty
[09:10] <jsgotangco> hey highvoltage
[09:11] <highvoltage> hey jsgotangco
[11:34] <willvdl> anyone know how to find out a device's UUID?
[11:37] <ogra> use vol_id
[11:43] <highvoltage> willvdl: did you also get a message from Rolf Backstrom from Mosambique?
[11:44] <willvdl> highvoltage, in email or phone?
[11:44] <willvdl> I haven't received any that I know of
[11:44] <highvoltage> willvdl: email, about a week back
[11:44] <willvdl> ogra, thanks. this mount by UUID is a bit annoying
[11:44] <highvoltage> willvdl: I mean 2 days ago
[11:44] <ogra> willvdl, well, UUIDs dont change ... device names do nowadays
[11:45] <highvoltage> willvdl: I'll forward to you /RicheEd
[11:45] <willvdl> highvoltage, not that I recall
[11:45] <crimsun> ogra: hi, I handled the alsa-plugins merge while you were away (pinged you two days ago)
[11:45] <ogra> crimsun, thats fine ... just go ahead with such stuff, no need to ask me for permission ;)
[11:46] <willvdl> ogra, I realise that but since the upgrade it has mangled my UUIDs and now my devices are /sda* making it rather tricky to mount my drives since I can't find them
[11:46] <crimsun> ogra: if you feel that the inclusion of the a52 alsa-lib plugin (which grows libasound2-plugin's dependencies by ~2 MB, taking up extra space on the CD), then I can disable it
[11:46] <ogra> nah, thats fine
[11:46] <crimsun> ok.
[11:47] <ogra> space is not an issue for us anymore (on the server CD at least, the desktop CD has no ltsp bits, so no asound modules)
[11:47] <crimsun> ah, ok.
[11:53] <willvdl> darn, seems the only way to discover the partition label, UUID and device is to run a partitioner
[01:57] <RichEd> hi ... how many people do we have for the edubuntu meeting ?
[01:58] <RichEd> (ogra is away to sweden)
[01:58] <ogra> RichEd, ?
[01:58] <ogra> in july, no ?
[01:58] <RichEd> ogra: sweden ... we spoke about that last week ...
[01:58] <ogra> URGH !!!
[01:59] <RichEd> nope tomorrow ...
[01:59] <ogra> i was convinced thats for july , oh crap ...
[01:59] <Kamping_Kaiser> meeting?
[01:59] <RichEd> oops ... you did not respond to a ping yesterday so I thought you were on the road
[01:59] <RichEd> how long does it take to get there from Germany ?
[02:00] <ogra> no idea, i have to check if there are still flight options
[02:00] <RichEd> any chance of getting there at all ? even if you are late ?
[02:00] <RichEd> can you have a quick look ?
[02:00] <ogra> yup
[02:00] <RichEd> ta
[02:01] <ogra> there is a flight on thursday afternoon
[02:02] <ogra> and a return on monday
[02:02] <ogra> ah, no also a return on sunday, just more expensive
[02:03] <RichEd> when would you get there ... thursday evening ?
[02:03] <ogra> yeah
[02:03] <ogra> 16:00 but on a different airport than the mail said
[02:03] <ogra> so it might be 1h extra for taxi riding
[02:03] <RichEd> can you see if you can book ? and we'll just move the moodle stuff to friday ... i'll sort out the agenda with anestis
[02:03] <ogra> ok
[02:04] <RichEd> get that going ... we can wait with the meeting for a bit ... and keep it short so you can get organised
[02:06] <RichEd> apologies from me if I was any part of the confusion re months ... it just crept up on us I think.
[02:09] <ogra> RichEd, no, thats my fault i was to much distracted due to coding the last days and didnt pay enough attention
[02:16] <RichEd> hello highvoltage ...
[02:16] <RichEd> meeting delayed for a bit ... ogra has to make a quick urgent flight booking
[02:20] <ogra> if the webserver would like me :/ grmbl
[02:22] <Kamping_Kaiser> RichEd, what meeting?
[02:22] <RichEd> Kamping_Kaiser: isn't it the weekly edubuntu meeting slot ... or do i have times mixed up
[02:23] <Kamping_Kaiser> RichEd, i have no idea. workign full time has scrambled my brain
[02:23] <stgraber> hey
[02:23] <Kamping_Kaiser> hi
[02:24] <RichEd> hi stgraber
[02:29] <ogra> ok, got it
[02:33] <RichEd> good ...
[02:33] <RichEd> shall we move to the meeting room ?
[11:28] <Solifugus> Is it true that Edubuntu automatically starts serving DHCP anonymously by default, on boot?
[11:35] <Solifugus> This is a very stupid thing to make default.
[11:35] <Solifugus> And I just got in a lot of trouble for it.
[11:37] <SimonAnibal> Ummm, maybe if you're running it in server mode
[11:37] <SimonAnibal> and have the side that's supposed to be pointing at your thin-clients out towards the network at large
[11:38] <SimonAnibal> I've never had a problem with Ed/K/Ubuntu serving DHCP unwanted
[11:39] <Solifugus> Yes.. I installed this for a lab, but didn't have time to stick around and configure it.
[11:39] <SimonAnibal> do you have two network interfaces on it?
[11:40] <Solifugus> Yes.. of course.. one for internal lab and the other for the larger network and internet
[11:40] <SimonAnibal> on for your thin-client network and one pointing out towards the rest of the network?
[11:40] <Solifugus> Yes.. of course
[11:40] <SimonAnibal> Well, if you have the right cables plugged into the right interfaces, Edubuntu shouldn't server DHCP outwards
[11:40] <Solifugus> And--I read carefully to ensure that I was specifying the correct ethernet for the right thing...
[11:40] <SimonAnibal> On the other hand, it must server DHCP inwards
[11:41] <ball> SimonAnibal: the X terminals get their IP addresses (and kernel name?) from the server?
[11:41] <Solifugus> Yes.. but anonymously by default?
[11:41] <Solifugus> Should be by mac address
[11:41] <SimonAnibal> anonymously? I don't understand
[11:42] <SimonAnibal> DHCP servers can't really be anonymous, they respond to every DHCP request
[11:42] <Solifugus> dhcp should be served by mac address to each client
[11:42] <Solifugus> it sounds like its just giving addresses to any machine that asks for one
[11:42] <SimonAnibal> that's DHCP's job
[11:43] <Solifugus> that's one way to set it up.. but not a safe way...  not generally recommendable..
[11:43] <SimonAnibal> by default, ALL DHCP servers serve IP addresses to anyone that asks
[11:43] <Solifugus> no..
[11:43] <SimonAnibal> I've never seen a DHCP server NOT do that
[11:43] <SimonAnibal> And I've been a network administrator for several years now
[11:43] <Solifugus> that's a very bad idea for a default dhcp config
[11:44] <ball> So, do I tell Edubuntu server the MAC address of each X terminal?
[11:44] <Solifugus> Yes... by default.
[11:44] <SimonAnibal> Solifugus, why use DHCP if you have to go through the trouble of setting up each computer's IP. Just use manual
[11:45] <ball> SimonAnibal: so that each terminal can run an identical image would be my guess
[11:45] <SimonAnibal> Why have a DHCP server at all if you don't want it to hand out IP addresses?
[11:45] <ball> (assuming they're identical machines)
[11:45] <ball> s/image/ROM image/
[11:46] <Solifugus> SimonAnibal: several reasons... (1) so you know what machine has what address and that cannot get messed up. (2) so you don't have to configure this on the client...  (3) for security.. so you know who's allowed on your network and thus who isn't
[11:46] <SimonAnibal> *shrug* I don't know much about how LTSP works
[11:46] <ball> Does edubuntu include a TFTP server, for handing out kernels to the terminals?
[11:47] <SimonAnibal> Solifugus, that is an interesting perspective, though I must admit I'd never heard of it. If someone were to be connected enough on your network to even request a DHCP lease, though, denying them an IP isn't going to keep them from looking around
[11:47] <SimonAnibal> They can just manually set one up and go to town
[11:47] <Solifugus> Also.. LTSP uses NFS to mount a system image.. and NFS requires a name for each IP address (don't know why)... That's easier to control if you issue IPs by mac address.. you just just name them in /etc/hosts
[11:48] <SimonAnibal> Well, I can't speak for LTSP. I only know how I've seen DHCP used, and it's always been to make networking easier, not secure
[11:48] <Solifugus> ball: LTSP uses TFTP to pass the kernel and some initial startup that than uses NFS to mount /
[11:48] <SimonAnibal> security should be in place well before the point where someone could ask for DHCP
[11:49] <SimonAnibal> Anyhow, I'm out. Have a great evening!
[11:49] <Solifugus> SimonAnibal: It is (or should be) common sense... security is in everything.. this is just one aspect.
[11:50] <SimonAnibal> Solifugus, Common sense to some, maybe. Not common sense to me, though.
[11:50] <ball> Is / mounted read-only?
[11:50] <Solifugus> sometimes you do want to give IP addresses out anonymously... in certain ranges.. for laptops, for example.. but knowing what limited ranges you allow them in, enables you to control what they have access to/thru at other points.
[11:51] <SimonAnibal> Solifugus, I can see why you would want to do it the way you are speaking about. However, making that a default would mean expecting that every single person wants it that way, wants to spend all the time required to make that useful, and knows how to do that
[11:51] <ball> Solifugus: as has been pointed out though, someone could just set their own IP address.
[11:51] <Solifugus> ball: LTSP mounts it read/only by default... to run X so you can then remote into the server via X and access its regular accounts.
[11:52] <SimonAnibal> I think it's more reasonable to make the default the easiest and most immediately useful state, and expect that anyone that has a pre-conceived idea of what they want DHCP to do knows how to make it do that
[11:52] <Solifugus> ball: Yes they could.. But only you know what mac addresses should have what IPs and therefore who is legitimate.
[11:52] <Solifugus> and you can find the rogues
[11:53] <Solifugus> or disallow them access to what you wish
[11:53] <Solifugus> otherwise.. your network might as well be open to the world
[11:54] <ball> Hello Burgundavia
[11:54] <SimonAnibal> Solifugus, :-/ it would have to be open to the world for me to consider your model worthwhile
[11:54] <ball> Solifugus: provided someone can physically get to a jack, it pretty much is.
[11:54] <Burgundavia> hey ball
[11:56] <SimonAnibal> Solifugus, *shrug* to each their own, the default works just the way I expect and want it to. Anything else sounds like too much work for not much added benefit.
[11:56] <SimonAnibal> Solifugus, Have a great evening!
[11:57] <Solifugus> SimonAnibal: Sure.. if there will be a dangerous default like that, it should at least be clearly warned about...
[11:57] <Solifugus> this is a serious bug in edubuntu
[11:58] <ball> What is a bug?
[12:03] <ball> That it comes with a DHCP server?
[12:03] <Solifugus> That it is configured with a dangerous default.. without clear warning.
[12:04] <ball> What is the dangerous default?
[12:04] <ball> Does it hand out IP addresses to all who ask?
[12:06] <ball> ...or hand out IP addresses on the wrong interface?
[12:13] <ball> hello racter
[12:13] <racter> heyall
[12:13] <ball> racter: are you in Illinois?
[12:14] <racter> yep
[12:14] <racter> chicago
[12:14] <racter> you?
[12:15] <ball> Kankakee at present.
[12:15] <ball> (work in Kankakee)
[12:15] <ball> Do you use Edubuntu in Chicago?
[12:16] <racter> yeah i'm running a community lab & we use it in a thin client setup (http://dai5ychain.net/)