/srv/irclogs.ubuntu.com/2009/09/03/#edubuntu.txt

sbalneav	Evening all	03:38
LaserJock	hi sbalneav	03:40
alkisg	Good morning	06:23
=== tester123 is now known as hehehe
nubae\|work	hey folks, Ive been tasked at work with finding a good local side http filter... u guys know of anything?	10:59
asanchez	nubae\|work, https://launchpad.net/gchildcare could be a good point	11:15
asanchez	but I think its not functional nowadays	11:15
mhall119\|work	dansguardian does local http filtering	13:44
mhall119\|work	you'll need to install a proxy	13:44
mhall119\|work	looks like some work is being done here too: https://launchpad.net/webcontentcontrol	13:47
nubae\|work	mhall119\|work, how would that work... I mean in this case that kids are all getting laptops, and when they are outside school their content needs to be filtered too	15:08
nubae\|work	so could one install a local dansguardian for this purpose?	15:09
sbalneav	Morning all	15:09
nubae\|work	hi sbalneav	15:10
nubae\|work	do u know of a good way to filter local content (ie, no server side proxy based filtering a la dansguardian?	15:10
sbalneav	Well, apart from the fact that I'm morally opposed to the idea of filtering, I'd say install dansguardian locally, and then set up transparent proxying.	15:12
sbalneav	Or are by local you referring to file:// urls?	15:12
mhall119\|work	nubae\|work: dansguardian and a proxy server would both be running on their laptops	15:14
mhall119\|work	point system and FF proxy settings to the local proxy server port, hook the proxy in with dansguardian (tutorials on this available online), and you're good to go	15:15
sbalneav	Usually, if you don't want someone to get around the proxy, you have to use transparent proxying with iptables redirects.	15:15
mhall119\|work	iptables is the best way to go	15:15
mhall119\|work	you can have iptables send traffic through the local proxy and dansguardian	15:15
mhall119\|work	transparently	15:15
sbalneav	Of course, if the kid's smart enough, they can set a forwarder on a non-standard port to an external proxy... :)	15:17
mhall119\|work	nubae\|work: http://linux.com/archive/feature/113733	15:17
mhall119\|work	sbalneav: iptables can route all traffic through the transparent proxy	15:17
nubae\|work	sbalneav, I've done this before but usually for a server side environment	15:17
sbalneav	mhall119\|work: What, forward EVERY port not in use otherwise through the proxy?	15:18
nubae\|work	mhall119\|work, thanks, I'll give it a go	15:18
nubae\|work	sbalneav, actually its just forward all traffic to port 80	15:18
nubae\|work	and/or port 443	15:18
sbalneav	yeah	15:18
nubae\|work	works quite well	15:18
nubae\|work	used that setup at the school I worked at	15:18
sbalneav	so what happens if the kid starts up an ssh forwarder from the local box to an external proxy on port 8080, say?	15:19
nubae\|work	but here at guadalinex... government is giving laptops to all the kids, and they dont wanna be caught by the press giving access to dangerous material when the kids go home	15:19
nubae\|work	traffic goes to port 80	15:19
nubae\|work	iptables reroutes everything	15:19
sbalneav	No, traffic does NOT always go to port 80	15:19
nubae\|work	on the server	15:19
nubae\|work	u force it to with iptables	15:20
nubae\|work	but this might not work locally	15:20
nubae\|work	agreed	15:20
mhall119\|work	ssh port forwarding still goes through the kernel, yes? so those packets still get trapped by iptables, yes?	15:20
sbalneav	no	15:20
mhall119\|work	no?	15:21
mhall119\|work	no on which?	15:21
sbalneav	You're only forwarding port 80	15:21
sbalneav	What happens if the kid sets up a forwarder to, say, port 6566	15:21
nubae\|work	sorry.. totally explainedn it wrong... here is the rule: iptables -t nat -A PREROUTING -p tcp -i $INTIF -s 192.168.0.0/24 --dport 80 -j REDIRECT --to-port 8080	15:21
nubae\|work	so everything from 80 goes to 8080 which is dansguardian	15:21
sbalneav	Sure.	15:22
nubae\|work	it wont work	15:22
nubae\|work	if dansguardian is not running, no net access	15:22
nubae\|work	so it must go through	15:22
sbalneav	ssh -D 9999 my.home.box	15:22
sbalneav	set ff proxy to go to port 999	15:23
sbalneav	http:redtube.com	15:23
sbalneav	done	15:23
nubae\|work	nope	15:23
mhall119\|work	iptables won't let the traffic through	15:23
nubae\|work	right	15:23
sbalneav	How so? Traffic's not going over 80	15:23
mhall119\|work	only dansguardian packets are allowed out	15:24
sbalneav	it's going over 9999	15:24
mhall119\|work	sbalneav: you block all outbound traffic from the filtered user	15:24
sbalneav	ah, well if you're going to do that, then fine.	15:24
mhall119\|work	the user can _only_ access the local dansguardian	15:24
mhall119\|work	and _only_ dansguardian can access the rest of the internet	15:24
sbalneav	But that's going to break other things you might want to do.	15:24
mhall119\|work	such as?	15:24
sbalneav	Videoconferencing, f'rinstance	15:25
nubae\|work	right thats what dansguardian does... well... usually linked to squid	15:25
nubae\|work	well u make a special rule for that	15:25
sbalneav	sure.	15:25
nubae\|work	like for port 443	15:25
nubae\|work	and such	15:25
sbalneav	and if you're not running videoconferencing, then that's an open port	15:25
sbalneav	ssh -D $VIDEOCONFERENCEPORT myexternalhost	15:26
nubae\|work	right... but still since its not coming from port 80	15:26
nubae\|work	dansguardian ignores it	15:26
nubae\|work	as webpage	15:26
sbalneav	dansguardian doesn't enter into it if they're running their own proxy via ssh	15:26
mhall119\|work	but iptables does enter into it	15:26
sbalneav	but we just said: it's an open port	15:27
nubae\|work	here is a diagram: http://dansguardian.org/?page=dgflow	15:27
mhall119\|work	you can probably open it only for specific destinations	15:27
mhall119\|work	so, you can videoconference with skype, but not my.home.box	15:28
sbalneav	Sure. And when skype changes their IP addresses on you, then you've got 20,000 laptops borked.	15:29
nubae\|work	yeah its only vallid for the network u set in iptables I guess	15:29
nubae\|work	ah, no one said it was perfect :-)	15:29
mhall119\|work	or require that videoconferencing go through the proxy just like web traffic	15:29
nubae\|work	yeah thats whats done with 443 content	15:29
nubae\|work	send it through the filter	15:29
sbalneav	But whatever. Personally, I favour education, and a sound policy with clear consequences. But carry on. :)	15:29
mhall119\|work	I agree	15:29
nubae\|work	sbalneav, I agree wholeheartedly	15:30
mhall119\|work	to a point	15:30
nubae\|work	but this is work...	15:30
nubae\|work	I'm forced to do this	15:30
sbalneav	Sure.	15:30
mhall119\|work	my 5 and 4 year old's computer has filtering, not because I don't trust them, but because I don't trust the internet	15:30
sbalneav	Best web filter I ever installed was the one I put in my kids mind. :)	15:30
mhall119\|work	they won't be browsing for porn, but that doesn't mean they won't run across it	15:30
nubae\|work	sbalneav, mhall119\|work 's view applies there though still	15:30
nubae\|work	anyway, mhall119\|work where did u see that doc...? on dansguardian's pages there is a link	15:31
nubae\|work	but its broken	15:31
nubae\|work	oh wait, u pasted above	15:31
nubae\|work	never mind	15:31
mhall119\|work	http://dansguardian.org/?page=documentation there's several other HOWTOs here too	15:32
mhall119\|work	I'm going to work on improviding the dansguardian package for Qimo 2, so if have any ideas for making it easier/better let me know	15:32
mhall119\|work	might make a dansguardian-local-filter metapackage that depends on a proxy and does the configuration during install	15:35
sbalneav	nubae\|work: Does work, BTW, have a good "introduction to the internet" course for the kids, that talks about the things they might encounter, along with a clear enunciation of the school's policy and outlining of the consequences, together with a brocure/manual for the parents that needs signing off?	15:35
sbalneav	My school didn't :(	15:35
nubae\|work	mhall119\|work, u could add a section to linux-for-education.org for Qimo	15:36
mhall119\|work	sbalneav: I'd love to see a school capabale of doing that accurately and honestly	15:36
mhall119\|work	nubae\|work: s/could/should/	15:37
nubae\|work	mhall119\|work, well, I have to document everything here at work, though it will be in Spanish :-)	15:38
nubae\|work	mhall119\|work, u're right.... you SHOULD add a section for qimo	15:38
mhall119\|work	google translates	15:38
nubae\|work	even if it includes just one course	15:38
nubae\|work	might entice others to add to it	15:38
mhall119\|work	nubae\|work: I've passed on your request to #ubuntu-us-fl, and my wife is going to pass it along to her English teacher friends	15:39
sbalneav	Well, and that's currently a problem. I appreciate that the filtering's needed. The problem comes in that no matter WHAT you do, they'll be a way around it. You'll forget an iptables rule. dansguardian will have a bug. Something. Then it blows up into a huge mess in the media, like it did in my division, because they didn't have the POLICY and EDUCATION bit in there, and were relying solely on the technology to do it right.	15:39
nubae\|work	sbalneav, thats a very good point... can u point me to that policy doc?	15:40
* nubae\|work tries to keep his ass covered		15:40
sbalneav	No, that was the problem: they didn't HAVE one.	15:40
mhall119\|work	nobody I know of HAS one	15:40
nubae\|work	right, but u said u have one now that u showed to your kid, no?	15:40
sbalneav	However, there are some good docs out there. We've got one at work.	15:40
mhall119\|work	at least, not a good one	15:40
sbalneav	nubae\|work: No, I laid out my OWN policy to my kids :)	15:40
nubae\|work	mhall119\|work, u should see the links are now fixed btw	15:41
nubae\|work	no more pointing to nubae.selfip :p	15:41
mhall119\|work	my college's internet use policy states that _all_ downloads of music and video from the internet is illegal	15:41
mhall119\|work	nubae\|work: cool	15:41
sbalneav	mhall119\|work: Even CC music?	15:41
sbalneav	i.e. jamendo, etc?	15:41
mhall119\|work	sbalneav: those writing the policy were evidently unaware	15:41
mhall119\|work	that's the problem	15:41
mhall119\|work	the information is either not enough, or too generalized	15:42
nubae\|work	well, they probably figured... open source music doesnt exist	15:42
nubae\|work	therefore its all illegal since its all copyrighted	15:42
mhall119\|work	I'm not sure they'd even recognize an Ubuntu torrent as legal	15:42
sbalneav	Might be interesting if edubuntu actually wrote UP some boilerplate policy's for schools to consider/modify for their own use.	15:42
mhall119\|work	sbalneav: fabulous idea	15:43
mhall119\|work	now you just have to find someone with enough time to do it	15:43
nubae\|work	thats like a teacher I overheard in a school once telling her students... now children.... what does this symbol mean (c) ?	15:43
sbalneav	And, interestingly enough, I work with lawyers who owe me favours.	15:43
nubae\|work	it means dont touch... illlegal she said sternly	15:43
mhall119\|work	what?!?	15:43
nubae\|work	to which I couldn't resist interjecting	15:43
sbalneav	mhall119\|work: Dude, I never suggest something should get done that I'm not willing to take on myself.	15:43
sbalneav	I'll have a look at it.	15:44
nubae\|work	and she said defensively... I know... but they won't understand if I explain it another way	15:44
nubae\|work	I was like...	15:44
mhall119\|work	sbalneav: put up a wiki page and we can start with a list of topics to cover, and an outline	15:44
sbalneav	mhall119\|work++	15:44
mhall119\|work	probably the best thing to start with is defining an audience, and what we want to convey to them	15:45
mhall119\|work	ie, do we want/need to discuss the licensing issues that make some content legal and others not	15:45
mhall119\|work	or, do we just want to say they they are responsible for obtaining permission to download any content so that it is legal	15:45
sbalneav	For a boilerplate, that would be best.	15:46
mhall119\|work	okay, so wiki sections for Audience, Intent of Message, and then list topics to cover	15:47
sbalneav	A school may decide even if something's LEGAL to download (i.e. CC licenced music) they don't WANT the kid to do it, as it may fill up the hard disk, etc.	15:47
mhall119\|work	from there we can pick which topics we want and start an outline	15:47
mhall119\|work	sbalneav: I think any technical issues like that are best left to individual institutions	15:47
sbalneav	Right.	15:47
sbalneav	And we should note that in the boilerplate.	15:48
mhall119\|work	the network/computer admins are usually smart enough to define those at leastt	15:48
sbalneav	i.e. (in red) "Insert your schools' techinal policy on media here"	15:48
mhall119\|work	Ideally, I'd like this to be something I can included with the computers I give away, which aren't necessarily associated with a school	15:48
mhall119\|work	many charities might like that	15:49
sbalneav	Even if we simply DEFINE the things they should THINK about in a policy, that'd be a help. I.e. content filtering, consequences of bypassing controls, licensed media, installing non-school supplied programs, etc.	15:49
sbalneav	Sure.	15:49
nubae\|work	so what would u call that kind of document?	15:50
sbalneav	Well, a policy template, or a policy checklist, one supposes.	15:50
mhall119\|work	End User Licensing Agreement	15:53
nubae\|work	hehehe (lol)	15:53
nubae\|work	but would it be a Usage policy Agreement?	15:54
mhall119\|work	that's a sure fire way to make sure nobody ever reads it, or follows it	15:54
nubae\|work	hehe... I can see it already... we're gonna get all parents to sign the UPA	15:54
nubae\|work	well, we can force parents to read the thing if they want their kids to use the computer on the net at home	15:55
mhall119\|work	not a bad idea, really, make the parents agree that they are ultimately responsible for their kid's activities	15:55
nubae\|work	so... computer detects its on a nonschool network, up comes the policy	15:55
nubae\|work	and it stays there for a reasonable amount of time, + scroll down they must to hit accept	15:56
nubae\|work	even force it to scroll down real slow	15:56
mhall119\|work	we already have a liability waiver we make parents sign when we give out computers	15:56
nubae\|work	so like it scrolls slow enough that its more boring not to read it, than to wait	15:56
nubae\|work	sorry, than to pay attention to it	15:57
mhall119\|work	nah, just make it a precondition to giving them the computer in the first place	15:57
mhall119\|work	that's how I do it	15:58
sbalneav	This sort of thing's important, IMHO, since a well written policy can/should cover off instances where the technology fails for one reason or another.	15:58
sbalneav	Hm	15:58
mhall119\|work	You don't want to take responsibility for what your kid does on this computer? Fine, they don't get it	15:58
sbalneav	I'm working on revamping the handbook, wonder if it should be a section in that.	15:58
nubae\|work	mhall119\|work, try that with 750,000 netbooks ;-)	16:00
* nubae\|work works on Guadalinex-edu used by 3500+ schools		16:00
nubae\|work	and we are currently giving, courtesy of our friendly government a laptop to every child in Andalucia (our autonomous region)	16:01
nubae\|work	hence the filter stuff	16:01
nubae\|work	but I like the idea of a policy... it should indeed be there, at least so our asses are covered, should the parents/kids bypass whatever system is put in place for content filtering at home	16:02
nubae\|work	in other words, the parents should be able to easily read it should they want to	16:03
Ahmuck	nubae\|work: ur doing filtering ?	16:04
Ahmuck	i'm looking for a good filtering solution	16:05
nubae\|work	Ahmuck, right now I'm doing filtering yes	16:05
nubae\|work	if I dont find a good filter, I'll pick up willowng (a discarded python project) and work on that	16:06
nubae\|work	in other words, if the local dansguardian/squid method doesnt work	16:06
Ahmuck	dansguardian is a pay product iirc ?	16:18
mhall119\|work	nope	16:21
mhall119\|work	they may offer a pay proxy service, but the software itself it free	16:22
Ahmuck	hi Svenstaro	16:31
Svenstaro	Heyo	16:31
Ahmuck	mhall119\|work: so without the proxy service, how does that work ?	16:31
nubae\|work	Ahmuck, squid = proxy	16:31
mhall119\|work	Ahmuck: you run the proxy locally	16:31
nubae\|work	squid = free	16:32
Ahmuck	hrm, ok	16:32
nubae\|work	or what mhall119\|work said	16:32
nubae\|work	(grin)	16:32
Ahmuck	yes, but doesn't dansguardian offer a "black list" ?	16:32
nubae\|work	sure, u can use tht	16:32
nubae\|work	that	16:32
nubae\|work	that part is free	16:32
Svenstaro	I'm not sure what you guys are talking about but if you want to black list sites per topic automatically, I can recommend using opendns	16:32
ogra	its free as well, dansguardian itself has a weird license that makes it undistributable though	16:32
ogra	but you can use it	16:33
Ahmuck	Svenstaro: i'm using opendns and it'll never work for an edu system	16:33
ogra	ugh, opendns	16:33
Svenstaro	Uh, whats wrong?	16:33
Ahmuck	well, bing for one is not allowed	16:33
Svenstaro	That is a good thing	16:33
ogra	it breaks the dns protocol	16:33
Ahmuck	but there are plenty of ways to work around it	16:33
Svenstaro	So what else doesnt work?	16:34
nubae\|work	also... what happens to www.wellknowndomain.com/subfolder/offensivematerial?	16:34
nubae\|work	u block all of wellknowndomain?	16:34
Svenstaro	I don't about the OpenDNS policy there	16:34
Svenstaro	It's just a DNS service after all	16:34
nubae\|work	well, its a reason why its not a good solution... u cant block subfolders, or if u do, u end up blocking whole domains (imagine blocking all of yahoo, becuase there are offensive pages on it somewhere	16:36
Ahmuck	deviantart is one of the blocked domains	16:36
Ahmuck	deviantart has some good art, and some "off color" art as well	16:36
Ahmuck	photos, etc.	16:37
nubae\|work	yeah they have to make a tradeoff... a bad one	16:37
nubae\|work	if it contains just a little bad stuff... block it	16:37
nubae\|work	anyway... think the way to go is what mhall119\|work posted Ahmuck:-	16:38
Ahmuck	google images is another one	16:38
Ahmuck	which is why i think bing is blocked	16:38
Ahmuck	and if you've used bing, it's a resonable search enging	16:38
nubae\|work	https://launchpad.net/webcontentcontrol	16:38
nubae\|work	until either gchildcare or willowng is ready	16:39
Ahmuck	mhall119\|work: endian firewall, ipcop, and smoothwall do transparent proxies and have blocking capabilites	16:39
Svenstaro	Which option blocks deviantart?	16:39
Svenstaro	I don't mind Yahoo being blocked though	16:39
mhall119\|work	Ahmuck: I'll add them to my list	16:39
Ahmuck	opendns blocks deviantart	16:39
Svenstaro	No, which option? Adult?	16:39
mhall119\|work	Ahmuck: do they do content-based filtering?	16:39
Ahmuck	yes, based on blacklists	16:40
nubae\|work	but blacklists of whole domains	16:40
Ahmuck	they have squid built in	16:40
Ahmuck	so i put them between me and the inet	16:40
mhall119\|work	Ahmuck: dansguardian does content-inspection	16:40
mhall119\|work	so www.wellknowndomain.com/subfolder/offensivematerial will be blocked	16:40
nubae\|work	squid built in? how does that work.. u need a local cache, not a remote one	16:40
mhall119\|work	even if all of www.wellknowndomain.com isn't	16:40
Ahmuck	http://www.copfilter.org/	16:41
Ahmuck	squid is a part of ipcop upon installation	16:41
nubae\|work	ah ok	16:41
nubae\|work	I misunderstood, thought u meant it was part of opendns	16:41
Ahmuck	iirc	16:41
Svenstaro	Can you recommend copfilteR?	16:42
Svenstaro	I'm using IPcop anyway	16:42
Svenstaro	Thought copfilter did virus stuff only	16:43
Ahmuck	if you have the processor and the memory	16:43
Ahmuck	copfilter takes a lot of memory	16:43
Ahmuck	cause it's looking at everyting	16:43
Svenstaro	I know	16:43
Ahmuck	u might consider endian. these are already built in	16:43
Svenstaro	A 2ghz something with 2GB should be ok	16:43
Ahmuck	however, i was never able to get endian working	16:44
Svenstaro	What's endian?	16:44
Svenstaro	I really want to keep using IPCOP :)	16:44
Ahmuck	a word of warning, i put it on an older machine and decided to purge it, ended up having to re-build my ipcop machine. so you'll want to save a configuration to disk before you change to copfilter	16:44
Ahmuck	endian is a branch from ipcop	16:44
Ahmuck	smoothwall --> ipcop --> endian	16:44
Ahmuck	http://www.endian.com/en/community/	16:45
Ahmuck	ipcop is a branch off of smoothwall	16:45
Svenstaro	Ohh	16:45
Svenstaro	Is IPCop sucky now and I didn't notice or why did they branch it?	16:46
Svenstaro	Ugh, endian has "commercial" written all over it. I don't mind commercial or proprietary stuff, but when it jumps into your face and tries to rip your eyeballs out, that's usually a bad sign.	16:47
nubae\|work	shorewall rocks...	16:48
nubae\|work	or rocked...	16:48
nubae\|work	now just use ufw	16:49
Svenstaro	ufw?	16:50
mhall119\|work	uncomplicated firewall	16:50
Svenstaro	Isn't that a desktop firewall?	16:50
sbalneav	So, if anyone's interested in some "do-it-yourself" work, as my "new" role as sabayon-upstream developer, I've been working on adding one of our most desired features: profile application by group.	16:50
sbalneav	SHould you be interested in following the action/hilarity/blundering, my git repo's at:	16:51
sbalneav	http://github.com/sbalneav/sabayon/tree/master	16:52
Ahmuck	http://www.cafepress.com/cp/moredetails.aspx?productNo=393885992&colorNo=-1&pr=B&showbleed=false&tab=1&Zoom=1	16:53
Ahmuck	sysadmin day - one day is not enough !	16:53
Ahmuck	endian has all the "stuff" added in. they started out as community and then branched the community to commercial/community	16:54
nubae\|work	Svenstaro, what is a desktop firewall?	16:55
Ahmuck	smoothwall is the same, commercial/community	16:55
Svenstaro	Somethign that is not a server firewall, with GUI and stuff like that	16:55
nubae\|work	surely if it runs as a daemon there is no distinction	16:55
nubae\|work	then no	16:55
Ahmuck	ipcop grew out of smoothwall's decision to take it commercial	16:55
nubae\|work	but it does have a gui for it if u want to use it	16:55
nubae\|work	there is no such thing as a desktop firewall though	16:56
nubae\|work	that would imply it only ran with a gui, and couldnt run in the background	16:56
* nubae\|work notes himself becoming nitpicky... :-)		16:57
* ogra whacks nubae\|work for being so german today :P		16:57
ogra	ufw is just a frontend to the kernels firewalling thats supposed to improve usability ...	16:58
ogra	i.e.: ufw enable masquerading from eth0 to eth1	16:58
nubae\|work	isss veeery niiice	16:59
nubae\|work	:-)	16:59
ogra	would at some point enable everything thats necessary to have masquerading between the two interfaces ... no hoops to jump thought no complicated syntax	16:59
ogra	its not there yet, it does a lot already but not everything	16:59
ogra	(especially not masqeurading :P )	17:00
ogra	what Svenstaro was pointing to was gufw ... which is the gui for ufw ...	17:00
Svenstaro	I see	17:00
Ahmuck	masqeurading as in a different mac address ?	17:00
ogra	but that calls the ufw commands in the backend	17:01
Svenstaro	I usually do masquerading and interface forwarding by hand so that might come in handy	17:01
ogra	right, gufw will have something like the "internet connection sharing" checkbox in windows at some point ...	17:01
ogra	and the cmdline variant should be as easy	17:02
Svenstaro	"at some point"? It's extremely trivial to do	17:02
ogra	its trivial to do it somehow ... the devs want to do it perfect ;)	17:02
Svenstaro	Set source and end interface and enable IP forward and that's it	17:02
* nubae\|work thought it already had that		17:02
Ahmuck	it does	17:03
Svenstaro	Anyhow, I wanted to ask, how is Edubuntu currently? I went away for a bit because I was both busy and I wanted to wait until you had sorted out the issues that somehow we couldn't agree on.	17:03
ogra	not in the way its supposed to be in the end, but yes, you can already enable masquerading easier than hacking in iptables rules	17:03
ogra	edubuntu is just coming to life again lately after being unmaintained for quite some time ... LaserJock, stgrabe and highvoltage made some effort to get up the intrest again	17:04
ogra	though apparently nobody tested the images for todays alpha5 release	17:05
highvoltage	ogra: that's because our seeds aren't right yet	17:05
ogra	ah	17:05
highvoltage	ogra: LaserJock tried to get them right in time but it didn't work out	17:06
ogra	sad ... but there is always A6	17:06
nubae\|work	lol	17:06
highvoltage	ogra: it's going to be very tight	17:06
nubae\|work	hmm.. shouldnt be loling....	17:06
ogra	highvoltage, well, its your first release after the reorganization ...	17:07
highvoltage	ogra: I thought that the full install disc should have waited for karmic+1, but the overwhelming response was that edubuntu is useless as an add-on disc and that we should go for broke	17:07
ogra	well, up to you guys :)	17:08
ogra	i think getting enough testers will be hard with DVD size ... but you'll see	17:08
nubae\|work	oh wow, I didnt know it was going to be a distro again	17:08
highvoltage	ogra: I think it would be really cool if we can pull it off. I trust LaserJock and he got the seeds close to being sorted out, I think we can make it for the 6th alpha.	17:08
* nubae\|work gets enthusiastic		17:08
ogra	highvoltage, well, you have to	17:08
Ahmuck	ogra, there's been a lot of people involved	17:09
highvoltage	ogra: it was hard getting testers with a 300MB iso even	17:09
ogra	yes	17:09
ogra	Ahmuck, will they help testing regulary if they have to do a 6h download ?	17:09
nubae\|work	ogra?	17:09
ogra	DVDs are quite different	17:09
highvoltage	well even with my slow bandwidth rsync is fast	17:10
nubae\|work	rsync?	17:10
ogra	even the ubuntu DVDs are usually released later because they are so big	17:10
Ahmuck	i don't mind testing	17:10
highvoltage	Ahmuck: we'll take you up on that	17:10
nubae\|work	or zsync	17:10
ogra	heh :)	17:10
nubae\|work	hey, me too...	17:10
ogra	nubae\|work, yeah, we switched everything to zsync in karmic	17:10
nubae\|work	btw... right now guadalinex is based on ubuntu...	17:11
highvoltage	nice, I like zsync	17:11
ogra	it always was	17:11
Ahmuck	but even so, i think you devalue the community by stating a select group of users are the reason edubuntu is coming alive again.	17:11
nubae\|work	but it could be based on edubuntu	17:11
ogra	indeed	17:11
nubae\|work	ogra, u talking to me?	17:11
ogra	yes	17:11
nubae\|work	well it wasnt always no	17:11
ogra	sure	17:12
nubae\|work	it was based on debian first	17:12
highvoltage	nubae\|work: at the last uds they said they would use straight edubuntu if we can solve their menu problems, which is kind of done	17:12
ogra	huh ?	17:12
nubae\|work	server version still is actually	17:12
* ogra wonders what he did in sevilla the last years then		17:12
nubae\|work	yup... then it was based Guadalinex... which is not the same as guadalinex-edu	17:12
nubae\|work	this was in 2003	17:12
nubae\|work	first year only	17:13
ogra	oh, 2003	17:13
ogra	indeed there was no ubuntu back then :)	17:13
nubae\|work	:p	17:13
nubae\|work	proof!!	17:13
nubae\|work	lol	17:13
ogra	since i was involved in edu in ubuntu i was always working with these guys ...	17:13
ogra	i dont know about the time before my time	17:13
ogra	gosh am i ignorant :P	17:14
nubae\|work	anyway, guadalinex itself is pretty shitty	17:14
nubae\|work	and guadalinex-edu is supposed to be based on it	17:14
nubae\|work	but its not	17:14
nubae\|work	its based on ubuntu direct	17:14
ogra	yeah	17:14
ogra	i know the problem	17:14
ogra	but they improved	17:15
nubae\|work	yeah, politicians like to take pictures every once in a while with guadalinex	17:15
ogra	it used to be the case that they took the released version and trew stuff and hacks on top	17:15
nubae\|work	but I think other than the discs they use in the pictures	17:15
nubae\|work	its unused	17:15
ogra	*threw	17:15
nubae\|work	yeah	17:15
ogra	they synced up their releases	17:15
nubae\|work	problem of any distro based on a distro	17:15
nubae\|work	yep, smartest move ever	17:16
ogra	so they can do their work in ubuntu instead of on top	17:16
nubae\|work	also, somehow it makes them upstream a little more	17:16
nubae\|work	though very little	17:16
ogra	well, that was part of my work to convince them ...	17:16
nubae\|work	well then u did a good job ;-)	17:17
ogra	now that you are there, move forward and get them to be upstream edubuntu ;)	17:17
ogra	and everyone wins :)	17:17
nubae\|work	now we are contemplating switching server to ubuntu server	17:17
ogra	cool	17:17
nubae\|work	debian server that is	17:17
ogra	the cloud stuff must be very intresting for a project like guadalinex	17:17
nubae\|work	or just plain debian even	17:17
nubae\|work	gosh...	17:17
nubae\|work	well, deployment is a nightmare...	17:18
nubae\|work	gadi's sbs might be a solution	17:18
nubae\|work	we'll see	17:18
ogra	sbs ?	17:18
nubae\|work	the wireless usb stick that is kinda LTSP	17:19
nubae\|work	:-)	17:19
ogra	ah, that, yeah	17:19
ogra	he showed me one two years ago	17:19
ogra	though it was still in development	17:19
nubae\|work	it actually fits the profile here quite well, now that notebooks and wireless networks are the new trend	17:19
ogra	yup	17:19
nubae\|work	so yeah edubuntu becoming a distro again sounds interesting... if guadalinex-edu become an offspring... that would give it some real traction	17:21
=== nubae_ is now known as Nubae
dgroos	Minor miracle here: I successfully got CmapTools to initiate a graphical install in the chroot.	23:05
dgroos	actually, I'm in process and it is asking where to install it.	23:06
dgroos	Where is a good place to install the folder containing all the files for the application when you are going to use it as a localapp?	23:06
dgroos	In otherwords, in which directory in the chroot do you install applications when they will be localapps?	23:07
dgroos	"For the record..." it appears that the Firefox 3.5.2 folder is installed in /opt/ltsp/i386/usr/lib (or from the chroot perspective: /usr/lib). I'll try there.	23:19

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!