Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, > The fix takes effect at LTSP chroot installation time. > > You can test it on an existing LTSP server: > > Replace > /usr/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings > with the file from the git repo. > > Run 'ltsp-build-client' (after having moved away or deleted the existing > chroot); see 'ltsp-build-client --extra-help' for all possible options. It does indeed work when the config is placed there by ltsp-build-client. I now wonder even more how and why ltsp-update-kernels works, but ok ;). - -nik -BEGIN PGP SIGNATURE- iQJlBAEBCgBPFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlz46CYxGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYwAKCRC3mjwW oMTylrsMEACJHHj5/gPj6nIyDkCm9HvCld2qYJUqWHXJKDkzFXT8puuZYIQ8GC62 lolzuNlFj6W751OPlmT+IfXvTXgQ88nQDC0gSv8dwxXsGGvBnNI3ATKgc3DrzrTt XAXKFD4XYi/LHMZwxny5FDUzgB4kN7DORuoQGhNghBxJsmuhDKSv0uQKS3iM0/p0 P2CQ5lwJiMUHB/TugPPELicZed1yMN6iRYCcchyhBrYLJC4a7BEHoThoUyKr11yy 3jstO6EbK8MqsnboSHvX/F6Ti/CDBWOkkpF9OAWrnLKwBjTxrPkf58cwvlUUxf8X yZLeaWG90ufvqhnNYJ1czyxivKnMwxq+VBCWBP5iYpzbjz2t2yjHDRLTg/0navIL TRSa8TNEkHvIR6mP/J+2hhBFKL1rlNLcmbHLDOnUW6Kz4z7rmJF0c1aP50gQcgGz kkxI5RHQTPiyPqFJkA6tipth4woMnyVgzZVMUFR+DU5HTOulVv37FBnds46uBHnh yF1KuLbiQN7/xt9rk7vr44RKZzl7e4JyI12gPVufHHLa1bWjUjyqgKXMNTmw8uYZ XFuEBSnTBczdP9cviqVxvVtNlKrM6cac4pWUvHURhWmDoq/TPc3LFT6jkTsAwNeD O1xM0Tp6RENjmqDPLx5rIVX6Pz56V4o5ZJcbSgKLPepxnKIwHY+riQ== =7AVD -END PGP SIGNATURE-
Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, > The fix takes effect at LTSP chroot installation time. > > You can test it on an existing LTSP server: > > Replace > /usr/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings > with the file from the git repo. > > Run 'ltsp-build-client' (after having moved away or deleted the existing > chroot); see 'ltsp-build-client --extra-help' for all possible options. ok… I did run the command from the script in my existing chroot and then ran ltsp-update-kernels. I was (and still am) very certain that this is exactly what the script does. I will test again using the script to generate the file. - -nik -BEGIN PGP SIGNATURE- iQJlBAEBCgBPFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlz4AEsxGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYwAKCRC3mjwW oMTylutaD/0SYSmasPGe5TyDZR0n1N77ufpUzDw8O4sPHFTlbWoTrplFvrvxdgrT HqzOIZg9P0VAcdLWTvG/wywW87L3E1cawedRLo4jL0oO1i5hhWQ3DhKwxmCNKimg J1fR0aeqQs32OR+RHxmIm3TFq63igzbQkBhCZo6Fzmq4y0yfEocl4M31ExdD5rOd GcScZM9/E+P9Z6Q7WBKEwCLbwVbiBKy1OHy3KWQ78Gwlf6JPaK87+2OcJ/7FXGBP IiFbGRYhUaH1D6tgAHx8OFViru7VWRBDPflwSHaXR3e7cloJU6LdqsuJM7YAbwWh BqOgppQ2rSnMi/lXX3YZp4CrfBDdTib7YZwNYVjrJYhKLQlRJ/bfgVPe6FcaxQz/ 3pYgFuRFRfRp7pinPVZu2jklCrt3pmoJM4BarVwkQI5Zt8ifECOYsEZMairR/wQJ 0M676SBMF5mtXro8NsrnfXP7kxOAnK7qG48IuGKCbJN1YGbqSFcOcxiprr4fVSpS /eS3I873usBwURJReO5tdzLaHT/JvdGNqFFtsV+P2iVJtpw/a1OcBCRTJswnCzMU ggydbUXNTVuFixVzAJBwH5qzqiT6LUdVOyLETo7g28tsGuCffZcTI0O7WICDDb4T Y/BvH9o+UAvu85m2BaVhpDPBtTCGg9lI0ydmokACwTG8JMykSdc13w== =6sHV -END PGP SIGNATURE-
Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00
On Wed, Jun 05, 2019 at 06:30:31PM +0200, Dominik George wrote: > > +after-install) > > +mkdir -p $ROOT/etc/ltsp/update-kernels.conf.d > > +echo 'IPAPPEND="2"' > $ROOT/etc/ltsp/update-kernels.conf.d/pxe > > +;; > > â¦I could not get ltsp-update-kernels to actually set ipappend to 2 in > the /var/lib/tftpboot/ltsp tree. I tried to put the IPAPPEND="2" > variable everywhere, but ltsp-update-kernels changed nothing and the > ltsp/ tree still had ipappend 3 everywhere. The fix takes effect at LTSP chroot installation time. You can test it on an existing LTSP server: Replace /usr/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings with the file from the git repo. Run 'ltsp-build-client' (after having moved away or deleted the existing chroot); see 'ltsp-build-client --extra-help' for all possible options. Wolfgang signature.asc Description: PGP signature
Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, I tested with the ipappend option, and it does indeed solve the major problem. I would prefert o have all domains as search domains so every host can be called by its short hostname, but that's a question of taste, so I am fine with the ipappend solution. However… > +after-install) > +mkdir -p $ROOT/etc/ltsp/update-kernels.conf.d > +echo 'IPAPPEND="2"' > $ROOT/etc/ltsp/update-kernels.conf.d/pxe > +;; …I could not get ltsp-update-kernels to actually set ipappend to 2 in the /var/lib/tftpboot/ltsp tree. I tried to put the IPAPPEND="2" variable everywhere, but ltsp-update-kernels changed nothing and the ltsp/ tree still had ipappend 3 everywhere. So, two parts: * Using ipappend works toget working DNS * The update-kernels config for some reason does not work Cheers, Nik -BEGIN PGP SIGNATURE- iQJlBAEBCgBPFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlz37iYxGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYwAKCRC3mjwW oMTyliAlEACwZvkfqq88Gln19846ygKgmVrdVDcJAq7vAFRgsT5fmqWfu1BVhNb2 M5pJOxpH+TszlE1f3zPib37SwfNL7EBJW6uApZ98iv4gBnNv5C8tPA8nfO/ZM4nZ 5wSt57briz4+E8oSMA1U36GqCvQWJXXXmlprNx805wFg7fUansWY7bJvTAefOOOl SqDMegi/fT4vVTKP1zhrJEki+fxty/OHeyo5Fq7uxL6nkGOC8hNc+xgDu7zKG4+i pGqTiqVwl2V2QGU4o3JyXFBd+0HH7eGDNqWp5DiSM4qeR69jvcDTXVxPAp2xock7 LNOZvronKn/kVSjzjn4sIyFeORGMH7MkkIgDZxy4StsGlGjH7TjQ6vG50mErg9ZJ /bg218SHtfNTlRRZ2owndkwqTrtOy1kh0X99bvs+LoZpTYEXVoA0Nwkgq8ulv0kj sMz2OgatYh3bHuCiYdrRw2t9A9j5KlEQFxJhZvb6Z5hBficc+Xc87QdO+WKW78dI dC5EucmbulhDmqjwabHCYAZKCreu8pAclypJvjpK4yDnP93FXY5i/3xH529L1SHV 8tGeb7VtdrAaIsuoKY515+JW5aG3rWna7GhDN3Ei+4B2hRJptxFVPcjq9KHxfIiI 0C1e5qYMNrTvunD66G4MZDFFoc/LkwzRaDxVHrbFeN8Z0cscLmy61Q== =7WSR -END PGP SIGNATURE-
Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00
On Fri, May 10, 2019 at 03:10:22PM +0200, Dominik George wrote: > The following misbehaviour occurs reproducibly in a new installation of > Debian Edu buster. > > 1. Install a combined server like normal. > 2. Add a machine on the LTSP network 192.168.0.0/32 as in the screenshot. > 3. Boot that machine as diskless workstation. > > If done like that, the /etc/resolv.conf generated at boot by ltsp-init with > the information provided by 08-edu-hostname is missing a search domain entry > (it should probably be subnet00.intern intern). The 08-edu-hostname script is unrelated to this issue, it's only about Debian Edu compliant hostname setting. > The configuration of the search domain works perfectly on the main network > 10.0.0.0/16. Yes, that's because the PXE configuration for the main 10.0.0.0/8 subnet uses 'ipappend 2'; this option makes sure that all DHCP server information gets through to the LTSP client. LTSP switched to using 'ipappend 3' instead of 'ipappend 2' during the Buster development cycle. While this option is useful for a simple LTSP setup w/o a proper DHCP server, it prevents the DHCP server information to get through to the client in the Debian Edu case. For the dedicated LTSP subnets to show the same behaviour like the main subnet, the related PXE option needs to be adjusted for the LTSP setup. I've tested the following patch to work on a fresh installation using the latest amd64 BD ISO image. (Replaced 001-ltsp-settings inside d-i environment.) It works like expected. diff --git a/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings +b/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings index 81946b3d..039ef6ac 100644 --- a/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings +++ b/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings @@ -18,4 +18,8 @@ case $MODE in echo 'APT::Cmdline::ignore-trust-violations "true";' ) >> $ROOT/etc/apt/apt.conf.d/90ltsp-build-client ;; +after-install) +mkdir -p $ROOT/etc/ltsp/update-kernels.conf.d +echo 'IPAPPEND="2"' > $ROOT/etc/ltsp/update-kernels.conf.d/pxe +;; esac While at it, I've also tested the changed finish-install script (like found in git) once again, works like expected (with haveged present). Wolfgang signature.asc Description: PGP signature
Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00
Hi, > Thanks for providing the screenshot. It's a special case to have fixed > IPs in this subnet. If you untick DNS it is supposed to work. But then I don't get a resolvable, fixed hostname, right? That was the whole idea behind adding the hosts: Have them limited to PXE booting, but still get readable hostnames in logs and for SSH access. I will still test without DNS. -nik signature.asc Description: PGP signature
Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00
On Fri, May 10, 2019 at 03:10:22PM +0200, Dominik George wrote: > 1. Install a combined server like normal. > 2. Add a machine on the LTSP network 192.168.0.0/32 as in the screenshot. Thanks for providing the screenshot. It's a special case to have fixed IPs in this subnet. If you untick DNS it is supposed to work. Please test. Wolfgang signature.asc Description: PGP signature
Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00
Package: debian-edu-config Version: 2.10.64 Severity: important -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 The following misbehaviour occurs reproducibly in a new installation of Debian Edu buster. 1. Install a combined server like normal. 2. Add a machine on the LTSP network 192.168.0.0/32 as in the screenshot. 3. Boot that machine as diskless workstation. If done like that, the /etc/resolv.conf generated at boot by ltsp-init with the information provided by 08-edu-hostname is missing a search domain entry (it should probably be subnet00.intern intern). Thus, short hostnames, like used by the default Firefox start page, are not resolvable. The configuration of the search domain works perfectly on the main network 10.0.0.0/16. I only tested on (two different) combined servers, not on a dedicated terminal server. - -- System Information: Debian Release: buster/sid Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages debian-edu-config depends on: ii bind9-host 1:9.11.5.P4+dfsg-1 ii cfengine33.12.1-2 ii debconf [debconf-2.0]1.5.71 ii debconf-utils1.5.71 ii debian-edu-artwork 2.10.5-1 ii desktop-profiles 1.4.30 ii e2fsprogs1.44.5-1 ii education-tasks 2.10.47 ii fping4.2-1 ii isenkram-cli 0.41 ii ldap-utils 2.4.47+dfsg-3 ii ldapscripts 2.0.8-1 ii libconfig-inifiles-perl 3.01-1 ii libfilesys-df-perl 0.92-6+b4 ii libhtml-fromtext-perl2.07-1 ii libio-socket-ssl-perl2.060-3 ii libnet-ldap-perl 1:0.6500+dfsg-1 ii libnet-netmask-perl 1.9104-1 ii libnss3-tools2:3.42.1-1 ii libpacparser11.3.6-1.1+b4 ii libpam-python1.0.6-1.1 ii libproxy1-plugin-kconfig 0.4.15-5 ii libproxy1-plugin-networkmanager 0.4.15-5 ii libproxy1-plugin-webkit 0.4.15-5 ii libterm-readkey-perl 2.38-1 ii libtext-unaccent-perl1.08-1.3+b3 ii lockfile-progs 0.1.18 ii lsb-base 10.2019031300 ii lsb-release 10.2019031300 ii mime-support 3.62 ii net-tools1.60+git20180626.aebd88e-1 ii netcat-traditional [netcat] 1.10-41.1 ii ng-utils 1.0-1+b1 ii openssl 1.1.1b-1 ii patch2.7.6-3 ii python 2.7.16-1 ii python-notify0.1.1-4 ii ssl-cert 1.0.39 ii swaks20181104.0-2 ii tftp-hpa 5.2+20150808-1+b1 ii uuid 1.6.2-1.5+b7 Versions of packages debian-edu-config recommends: ii binutils 2.31.1-15 ii libnotify-bin 0.7.7-4 ii lsof 4.91+dfsg-1 ii memtest86+ 5.01-3 pn resolvconf ii syslinux 3:6.04~git20190206.bf6db5b4+dfsg1-1 debian-edu-config suggests no packages. - -- Configuration Files: /etc/sssd/sssd-debian-edu.conf [Errno 13] Keine Berechtigung: '/etc/sssd/sssd-debian-edu.conf' - -- debconf-show failed -BEGIN PGP SIGNATURE- iQJ+BAEBCABoFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlzVeD0xGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxgcbmF0dXJl c2hhZG93QGRlYmlhbi5vcmcACgkQt5o8FqDE8pazfw//RV0gY6hiwqAj0VAnjZHQ +42aDgBSII0r/TBUFXMZjAzGSlEFivoJ366Yxcww8IbJ0fk8gCD0Pz/mdI6Vc6aj 7YeMgkbXChFPSED9PaqjeiAIY6sGl++5Y6Av3X51tsP/+lOkVH8kII5CI55Ggmk1 XY+j02jgh67mstrYZbuiX5DB/bVGuOwVY06t1FO6d8Wsi/YEP4sx7IDJL4o3Ng8b H1jiCFYWUNUt/b1dOTbUhKQS0dIuyPQp0KANQk8aXQ9/VffeypASi/XZQKwAfGF/ wB2ZwYUqtWAQ0qvYsc3WqTj6fkcSqvGc2KGm9vsT3OjfuShs6xPj5Dw0qN3WV2Hk MmlDnRhmUWS8P2y1W9ItbUXMuQ3lUYrxKbpz+E6qBqsriKRIw4KiLGViAwxftrpH fLwim9hC/VPk7bwNU7w0KSWcQfvOWYf6wre4xw3aGgxrk4fuV3i9EutPSSyRNd8m 9NzP1XJRUlghxL66JcYzisKMjKT12aenyABjy3ExOCCwpuZ6L7SWYHKwAbvNQP1b x9F/N0wyEciZ81H1S0GUdEyr5/AnohFlFLrxL7JaNg8xXE/t2JVHWWbO2iCNKbgp 8iUGrvyO8/FsF42UjexiWrNHg7hKDPBEWa4DLtpCMEjvIGEF/QIP4Q/RvBOC+vQC fdI4jtonFwurGbnWV2x5wLE= =ftWv -END PGP SIGNATURE-