[Server-devel] upgrading moodle to 2.2 stable
Maybe this is already well known, but I thought I would report my experience here. I installed XS 0.6 some years ago. I never touched moodle. This year, we decided to upgrade to the latest moodle. The upgrade script didn't work. I determined that the version in mdl_config was wrong. It was 2009052500 but it should have been 2008030500. After changing the version, the upgrade proceeded without much trouble. I used apgdiff to do the last little bits to synchronize the schema. -- Joshua N. Pritikin Department of Psychology University of Virginia Gilmer Hall 102; Charlottesville, VA 22903 http://people.virginia.edu/~jnp3bc ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] iptables generation
On Wed, Sep 09, 2009 at 07:23:38PM +0200, Martin Langhoff wrote: > On Wed, Sep 9, 2009 at 6:00 PM, Martin > Langhoff wrote: > > I've integrated your script, with some changes to make it atomic, as > > you can see at > > > > http://dev.laptop.org/git/projects/xs-config/commit/ > > And pushed out the RPM too after testing it quite a bit. Neat! I'm glad it worked out. :-) ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] iptables generation
On Tue, Aug 11, 2009 at 10:15:39PM +0530, Joshua N Pritikin wrote:
> On Tue, Aug 11, 2009 at 11:45:15AM +0530, Joshua N Pritikin wrote:
> > + if re.match('@@MASQ@@', line):
> > + print '-A POSTROUTING -o %s -j MASQUERADE' % wan
>
> This is dumb. I'll try to fix the patch tomorrow to substitute only
> @@WAN@@. Or do you really want this written in sed? (I never even
> learned sed.)
---
sysconfig/iptables-config |7 +
sysconfig/olpc-scripts/gen-iptables | 37 +
sysconfig/olpc-scripts/iptables-xs.in | 12 ++
sysconfig/xs_wan_device |1 +
4 files changed, 52 insertions(+), 5 deletions(-)
create mode 100755 sysconfig/olpc-scripts/gen-iptables
create mode 100644 sysconfig/olpc-scripts/iptables-xs.in
create mode 100644 sysconfig/xs_wan_device
diff --git a/sysconfig/iptables-config b/sysconfig/iptables-config
index 819d809..f22076e 100755
--- a/sysconfig/iptables-config
+++ b/sysconfig/iptables-config
@@ -7,11 +7,8 @@
## config settings
SERVER_NUM=`cat /etc/sysconfig/xs_server_number`
if [ $SERVER_NUM=1 ];then
-if [ -e /etc/sysconfig/xs_httpcache_on ]; then
- IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables.principal.cache
-else
- IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables.principal
-fi
+IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables-xs
+/etc/sysconfig/olpc-scripts/gen-iptables > $IPTABLES_DATA
fi
# Load additional iptables modules (nat helpers)
diff --git a/sysconfig/olpc-scripts/gen-iptables
b/sysconfig/olpc-scripts/gen-iptables
new file mode 100755
index 000..91b3ade
--- /dev/null
+++ b/sysconfig/olpc-scripts/gen-iptables
@@ -0,0 +1,37 @@
+#!/usr/bin/python
+
+import re;
+import os;
+import logging;
+
+#sysconfig = './' # for testing
+sysconfig = '/etc/sysconfig/'
+
+wan = 'eth0'
+try:
+ conf = sysconfig + 'xs_wan_device'
+ file = open(conf)
+ wan = file.readline()
+ wan = re.sub(r'\s$', '', wan)
+except IOError:
+ logging.warning(conf + " not found, assuming "+wan)
+
+try:
+ conf = sysconfig + 'xs_httpcache_on'
+ os.stat(conf)
+ squid = 1
+except OSError:
+ squid = 0
+
+#print("wan="+wan+" squid=%i" % squid)
+
+template = open(sysconfig + 'olpc-scripts/iptables-xs.in')
+for line in template:
+ if (re.match('@@SQUID@@', line)):
+ if squid:
+ for inf in ('lanbond0', 'mshbond0', 'mshbond1', 'mshbond2'):
+ print '-A PREROUTING -i %s -p tcp --dport 80 -j REDIRECT
--to-ports 3128' % inf
+ else:
+ line = line.rstrip()
+ line = re.sub(r'\...@\@w...@\@', wan, line)
+ print(line)
diff --git a/sysconfig/olpc-scripts/iptables-xs.in
b/sysconfig/olpc-scripts/iptables-xs.in
new file mode 100644
index 000..610fbe4
--- /dev/null
+++ b/sysconfig/olpc-scripts/iptables-xs.in
@@ -0,0 +1,12 @@
+*nat
+:PREROUTING ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+@@SQUID@@
+-A POSTROUTING -o @@WAN@@ -j MASQUERADE
+COMMIT
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT
diff --git a/sysconfig/xs_wan_device b/sysconfig/xs_wan_device
new file mode 100644
index 000..d4398d5
--- /dev/null
+++ b/sysconfig/xs_wan_device
@@ -0,0 +1 @@
+ppp0
--
1.6.0.6
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] iptables generation
On Tue, Aug 11, 2009 at 11:45:15AM +0530, Joshua N Pritikin wrote:
> + if re.match('@@MASQ@@', line):
> + print '-A POSTROUTING -o %s -j MASQUERADE' % wan
This is dumb. I'll try to fix the patch tomorrow to substitute only
@@WAN@@. Or do you really want this written in sed? (I never even
learned sed.)
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] iptables generation (was Re: pppd restarting mysteriously)
On Mon, Aug 10, 2009 at 08:55:55PM +0200, Martin Langhoff wrote:
> On Fri, Aug 7, 2009 at 2:15 PM, Joshua N Pritikin wrote:
> > Here is the script I promised Martin.
>
> Right - thanks for that! I assume it works well and it's been tested
> for normal and ppp0 connectivity over there. How do you trigger it?
/etc/init.d/iptables sets IPTABLES_CONFIG to
/etc/sysconfig/iptables-config and runs it.
I'm not sure what /etc/sysconfig/iptables-config.in is for. It seems to
be ignored.
> Can you load the ruleset even if ppp0 is down?
Yes.
> I am wondering -- do we want local admins teams to be able to add
> rules relatively easily, in normal iptables syntax (meaning they can
> copy rules from books and howtos)? If so, a template to run through
> 'sed' might work better?
>
> What do you think?
See my attempt, attached.
>From 339584865b35531cb03f1b52feedb35a2dd1b4a3 Mon Sep 17 00:00:00 2001
From: root
Date: Fri, 7 Aug 2009 10:26:23 +0530
Subject: [PATCH] Automate iptable rules generation
---
sysconfig/iptables-config |7 +
sysconfig/olpc-scripts/gen-iptables | 37 +
sysconfig/olpc-scripts/iptables-xs.in | 12 ++
sysconfig/xs_wan_device |1 +
4 files changed, 52 insertions(+), 5 deletions(-)
create mode 100755 sysconfig/olpc-scripts/gen-iptables
create mode 100644 sysconfig/olpc-scripts/iptables-xs.in
create mode 100644 sysconfig/xs_wan_device
diff --git a/sysconfig/iptables-config b/sysconfig/iptables-config
index 819d809..f22076e 100755
--- a/sysconfig/iptables-config
+++ b/sysconfig/iptables-config
@@ -7,11 +7,8 @@
## config settings
SERVER_NUM=`cat /etc/sysconfig/xs_server_number`
if [ $SERVER_NUM=1 ];then
-if [ -e /etc/sysconfig/xs_httpcache_on ]; then
- IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables.principal.cache
-else
- IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables.principal
-fi
+IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables-xs
+/etc/sysconfig/olpc-scripts/gen-iptables > $IPTABLES_DATA
fi
# Load additional iptables modules (nat helpers)
diff --git a/sysconfig/olpc-scripts/gen-iptables b/sysconfig/olpc-scripts/gen-iptables
new file mode 100755
index 000..a049b31
--- /dev/null
+++ b/sysconfig/olpc-scripts/gen-iptables
@@ -0,0 +1,37 @@
+#!/usr/bin/python
+
+import re;
+import os;
+import logging;
+
+#sysconfig = './' # for testing
+sysconfig = '/etc/sysconfig/'
+
+wan = 'eth0'
+try:
+ conf = sysconfig + 'xs_wan_device'
+ file = open(conf)
+ wan = file.readline()
+ wan = re.sub(r'\s$', '', wan)
+except IOError:
+ logging.warning(conf + " not found, assuming "+wan)
+
+try:
+ conf = sysconfig + 'xs_httpcache_on'
+ os.stat(conf)
+ squid = 1
+except OSError:
+ squid = 0
+
+#print("wan="+wan+" squid=%i" % squid)
+
+template = open(sysconfig + 'olpc-scripts/iptables-xs.in')
+for line in template:
+ if re.match('@@MASQ@@', line):
+ print '-A POSTROUTING -o %s -j MASQUERADE' % wan
+ elif (re.match('@@SQUID@@', line)):
+ if squid:
+ for inf in ('lanbond0', 'mshbond0', 'mshbond1', 'mshbond2'):
+ print '-A PREROUTING -i %s -p tcp --dport 80 -j REDIRECT --to-ports 3128' % inf
+ else:
+ print(line.rstrip())
diff --git a/sysconfig/olpc-scripts/iptables-xs.in b/sysconfig/olpc-scripts/iptables-xs.in
new file mode 100644
index 000..11dfb9f
--- /dev/null
+++ b/sysconfig/olpc-scripts/iptables-xs.in
@@ -0,0 +1,12 @@
+*nat
+:PREROUTING ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+@@SQUID@@
+@@MASQ@@
+COMMIT
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT
diff --git a/sysconfig/xs_wan_device b/sysconfig/xs_wan_device
new file mode 100644
index 000..d4398d5
--- /dev/null
+++ b/sysconfig/xs_wan_device
@@ -0,0 +1 @@
+ppp0
--
1.6.0.6
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] how to copy activation leases to XS?
On Mon, Aug 10, 2009 at 11:48:16AM +0545, Daniel Drake wrote: > 2009/8/10 Joshua N Pritikin : > > Is there an easy way to disable security on 30 laptops besides > > requesting dev keys, etc? > > You could send the 30 serial numbers to OLPC and ask if they will > create developer keys on your behalf. It is too bad that https://activation.laptop.org/devkey/post/ doesn't directly accept a laptops.dat as created by a collection key. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] how to copy activation leases to XS?
On Mon, Aug 10, 2009 at 11:02:13AM +0545, Daniel Drake wrote: > Activation leases are unrelated to the security features around signed > images. Currently the only option for creating your own signed images > which can be installed at the OFW level is to insert your own "S" > security key into the manufacturing data. You will also need your own > "O" key if you are going to use a custom initramfs and/or kernel. > http://wiki.laptop.org/go/Firmware_security#Multiple-Key_Support Ugh. That looks fairly complex. Is there an easy way to disable security on 30 laptops besides requesting dev keys, etc? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] how to copy activation leases to XS?
On Sun, Aug 09, 2009 at 01:00:07PM -0400, Martin Langhoff wrote:
> On Sun, Aug 9, 2009 at 11:38 AM, Joshua N Pritikin wrote:
> > Looking at http://wiki.laptop.org/go/Activation_and_developer_keys, it
> > seems like the lease should be stored in /security/lease.sig
>
> Yes.
I looked at one of our laptops, and there is no /security/lease.sig
Once a laptop is activated, can the lease.sig be removed? It looks like
that is what happened.
> > Looking at http://wiki.laptop.org/go/XS-activation ("Loading activation
> > data "), it seems like I should take a USB key, create a directory XS,
> > and concatenate all the laptop lease.sig files into a single lease.sig
> > file (?). Is this correct?
>
> Well, if you are managing a lot of XOs, you usually get an account in
> activation.laptop.org, and from there you can generate your leases in
> a leases.sig file that is consolidated for all the XOs you manage.
Is 32 XOs considered a lot? How do I apply for an account?
Maybe I should be working on delegated leases instead? Do I need
standard leases to generate OATS and ACT keys for delegated leases?
Ultimately I want to be able to flash my own signed images. When I
started down this path, it seemed like flashing OLPC signed images would
be a good step to work on first, but maybe I should skip directly to
making delegated leases?
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
[Server-devel] how to copy activation leases to XS?
Goal: I have a bunch of already activated XO laptops. I want to be able
to serve activation leases from the school server so I can reflash the
NAND with NANDblaster. At this stage, I don't want to create deligated
leases.
Looking at http://wiki.laptop.org/go/Activation_and_developer_keys, it
seems like the lease should be stored in /security/lease.sig
Looking at http://wiki.laptop.org/go/XS-activation ("Loading activation
data "), it seems like I should take a USB key, create a directory XS,
and concatenate all the laptop lease.sig files into a single lease.sig
file (?). Is this correct?
--
American? Vote on the National Initiative for Democracy, http://votep2.us
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
[Server-devel] iptables generation (was Re: pppd restarting mysteriously)
Here is the script I promised Martin.
>From f7333e727d7c3d89c3f6bc727dba7061d7ae584d Mon Sep 17 00:00:00 2001
From: Joshua Pritikin
Date: Fri, 7 Aug 2009 10:26:23 +0530
Subject: [PATCH] Automate iptable rules generation
---
sysconfig/iptables-config |7 +
sysconfig/olpc-scripts/gen-iptables | 46 +++
sysconfig/xs_wan_device |1 +
3 files changed, 49 insertions(+), 5 deletions(-)
create mode 100755 sysconfig/olpc-scripts/gen-iptables
create mode 100644 sysconfig/xs_wan_device
diff --git a/sysconfig/iptables-config b/sysconfig/iptables-config
index 819d809..f22076e 100755
--- a/sysconfig/iptables-config
+++ b/sysconfig/iptables-config
@@ -7,11 +7,8 @@
## config settings
SERVER_NUM=`cat /etc/sysconfig/xs_server_number`
if [ $SERVER_NUM=1 ];then
-if [ -e /etc/sysconfig/xs_httpcache_on ]; then
- IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables.principal.cache
-else
- IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables.principal
-fi
+IPTABLES_DATA=/etc/sysconfig/olpc-scripts/iptables-xs
+/etc/sysconfig/olpc-scripts/gen-iptables > $IPTABLES_DATA
fi
# Load additional iptables modules (nat helpers)
diff --git a/sysconfig/olpc-scripts/gen-iptables b/sysconfig/olpc-scripts/gen-iptables
new file mode 100755
index 000..e67cdfa
--- /dev/null
+++ b/sysconfig/olpc-scripts/gen-iptables
@@ -0,0 +1,46 @@
+#!/usr/bin/python
+
+import re;
+import os;
+import logging;
+
+#sysconfig = './' # for testing
+sysconfig = '/etc/sysconfig/'
+
+wan = 'eth0'
+try:
+ conf = sysconfig + 'xs_wan_device'
+ file = open(conf)
+ wan = file.readline()
+ wan = re.sub(r'\s$', '', wan)
+except IOError:
+ logging.warning(conf + " not found, assuming "+wan)
+
+try:
+ conf = sysconfig + 'xs_httpcache_on'
+ os.stat(conf)
+ squid = 1
+except OSError:
+ squid = 0
+
+#print("wan="+wan+" squid=%i" % squid)
+
+print '''\
+*nat
+:PREROUTING ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]'''
+
+if squid:
+ for inf in ('lanbond0', 'mshbond0', 'mshbond1', 'mshbond2'):
+ print '-A PREROUTING -i %s -p tcp --dport 80 -j REDIRECT --to-ports 3128' % inf
+
+print '-A POSTROUTING -o %s -j MASQUERADE' % wan
+
+print '''\
+COMMIT
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT'''
diff --git a/sysconfig/xs_wan_device b/sysconfig/xs_wan_device
new file mode 100644
index 000..d4398d5
--- /dev/null
+++ b/sysconfig/xs_wan_device
@@ -0,0 +1 @@
+ppp0
--
1.6.0.6
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
[Server-devel] errortoomanylogins
I'm not sure how, but one of our students triggered errortoomanylogins.
Restarting the browser did not seem to help. Therefore, I removed the
check.
Is this is sane thing to do?
What is the point of this check anyway? If I was going to try to guess a
password then I would create a fresh cookie for every attempt.
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index a83110b..11f79ca 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -2383,11 +2383,6 @@ function update_login_count() {
} else {
$SESSION->logincount++;
}
-
-if ($SESSION->logincount > $max_logins) {
-unset($SESSION->wantsurl);
-print_error('errortoomanylogins');
-}
}
/**
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] how to turn off OLPC autologin authentication?
On Sat, Aug 01, 2009 at 07:20:18AM -0600, Martin Langhoff wrote: > You do buy into a much harder usage model Yah, I know. The thing is, our teachers have never seen anything like moodle before. I figured if they realize what they're missing, they will better understand the need for laptops. The other factor is a simple lack of funds. > - users -- even those 6 year olds -- will have to know a username/password I'm not sure how young we'll go. We will start with the older kids and work towards the younger. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] how to turn off OLPC autologin authentication?
Our site is one of the crazy OLPC sites that lacks sufficient funds to supply one laptop to every child. We are using the infamous "computer lab" model. Hence, I want to turn off the wonderful OLPC autologin authentication method and use the tedious manual method. Is this the correct way to do it? diff --git a/config.php b/config.php index bf071ec..2367146 100644 --- a/config.php +++ b/config.php @@ -50,7 +50,7 @@ $CFG->guestloginbutton=0; // Don't allow registrations $CFG->registerauth=''; // OLPCXS -$CFG->auth='olpcxs'; +$CFG->auth='manual'; $CFG->olpcxsdb='/home/idmgr/identity.db'; // Frontpage This seems to have the intended effect in Administration / Users / Authentication / Manage authentication. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] web filtering
On Fri, Jul 31, 2009 at 10:46:33PM -0600, Martin Langhoff wrote: > - wiki material? Added, http://wiki.laptop.org/go/XS_Installing_Software#Internet_Filtering Is it worth mentioning DansGuardian? DansGuardian is free and does content filtering, not just URL or IP address filtering. > On Fri, Jul 31, 2009 at 7:54 PM, Joshua N Pritikin wrote: > > This freaks me out. We are giving unfiltered internet access to > > elementary school children? Is this wise? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] web filtering
On Fri, Jul 31, 2009 at 08:50:45PM -0430, Faaez Ul Haq wrote: > Could you refer me to the article? It might be another olpcorps team > that does. This freaks me out. We are giving unfiltered internet access to elementary school children? Is this wise? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] web filtering (was Re: pppd restarting mysteriously)
On Fri, Jul 31, 2009 at 09:36:15AM -0700, Faaez Ul Haq wrote: > I just completed an OLPCorps deployment in Sierra Leone; I just saw your article on OLPCPlanet. You folks have Dansguardian or something installed right? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] the "first user is admin" moodle policy
On Thu, Jul 30, 2009 at 02:45:48PM +0200, Martin Langhoff wrote: > I think you may have a bogus Browse.xo Yes, that was the problem. It worked after I erased browse manually and then reinstalled. Amazingly, I was not able to upgrade browse by customization key. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] the "first user is admin" moodle policy
On Wed, Jul 29, 2009 at 07:29:30AM -0400, Reuben K. Caron wrote: > Pass this first and then try to login (you may need to reboot after:) > > sudo -u apache php /var/www/moodle/web/local/scripts/adminuser-enable.php Finally! OK, we'll start playing with moodle. If you guys need any help testing the XO laptop autologin stuff, don't hesitate to ask. I'll do whatever I can to help you figure out why it's not working for us. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] the "first user is admin" moodle policy
On Tue, Jul 28, 2009 at 03:25:35PM +0200, Martin Langhoff wrote: > On Tue, Jul 28, 2009 at 2:16 PM, Joshua N Pritikin wrote: > > Can I create regular logins just to get started on exploring moodle? > > - If you want to get 'admin' on the patched Moodle on XS, see > /etc/moodle/adminpw -- login with "admin" as username, and that > password. But _our actual deployed XSs should not use this_, anything > we want real life users to do has to be doable with coursecreators and > standard user accts. That doesn't work for me. "Invalid login" Is there anything else I can do to debug the autologin stuff? Can I recreate the cookie on the XO laptop? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] the "first user is admin" moodle policy
On Sun, Jul 26, 2009 at 03:49:56PM +0200, Martin Langhoff wrote: > On Sun, Jul 26, 2009 at 1:37 PM, Joshua N Pritikin wrote: > > How do I further debug this? Can I create regular logins just to get started on exploring moodle? Can somebody point me in the right direction? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] the "first user is admin" moodle policy
On Sun, Jul 26, 2009 at 08:42:10AM -0700, Sameer Verma wrote: > Hmm. I vaguely remember that there was some confusion as to which copy of > Browse was going to be 102. I hope that was resolved. I use the 102 that > comes via the Control Panel's update process and my control panel update > points to the G1G1 repo. Maybe that makes the difference? Where is that repo? Here? http://wiki.laptop.org/go/Activities/G1G1/8.2 ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] the "first user is admin" moodle policy
On Sun, Jul 26, 2009 at 03:49:56PM +0200, Martin Langhoff wrote: > On Sun, Jul 26, 2009 at 1:37 PM, Joshua N Pritikin wrote: > > How do I further debug this? > > On the client side: > > - find the cookies.sqlite file (which will be in one of the > 'isolation' dirs rainbow makes). Open it with sqlite3 and you should > find it has 1 table, and that table has a some cookies for the FQDN of > the XS, one of them is very obviously the authentication one, and > should have the SN of the XO. I don't see a serial number (SHF80803DBC) here. I see: MOODLEID_ %25ED%25C3%251CC%25B7d > On the XS side. > > - there is a script -- I think /home/idmgr/list_registrations -- that > will show you who's registered successfully [r...@schoolserver idmgr]# ./list_registration Listing students from /home/idmgr/identity.db Parikrama 28SHF80803DBC > - /var/log/moodle/cron.php should show interesting output (like the > creation of the acct in Moodle, but that happens right after > registration so you may have lost that). Any errors there may be > interesting. I suspect that I lost the log for my initial registration. As an experiment, I registered another XO laptop: [r...@schoolserver idmgr]# ./list_registration Listing students from /home/idmgr/identity.db Parikrama 28SHF80803DBC Parikrama 22SHF80803F68 The next cron run did not show anything interesting (as far as I can tell): == Running cron - Sun Jul 26 22:05:01 IST 2009 == Server Time: Sun, 26 Jul 2009 22:05:02 +0530 Starting activity modules Processing module function assignment_cron ...done. Processing module function forum_cron ...Starting digest processing... Cleaned old digest records done. Finished activity modules Starting blocks Processing cron function for searchGlobal searching is not enabled. Nothing performed by search. done. Finished blocks Starting admin reports Finished admin reports Updating languages cache Removing expired enrolments ...none found Starting main gradebook job ... done. Running backups if required... Checking backup status...INACTIVE Backup tasks finished. Running auth crons if required... Running cron for auth/olpcxs... Cron script completed correctly Execution took 2.412476 seconds The MOODLEID_ for the 2nd laptop (on the client side) looked much the same: %25ED%25C3%251CC%25B7d > - /var/log/httpd/error_log -- any errors there may be interesting... No errors of interest here. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] the "first user is admin" moodle policy
On Sat, Jul 25, 2009 at 09:41:43PM -0700, Sameer Verma wrote: > Make sure you update your Browse version to 102. This version has all the > bits needed to do seamless login. Do this via the Control Panel | Software > Update I updated to Browse-102 from activities.sugarlabs.org using a customization key. I am still not getting autologin. This is build 802 sugar 0.82.1 firmware Q2E41. I'm suspicious about Browse because there are only 3 tabs: Activity, Browse, and View. Where is the Edit tab? /home/olpc/Activities/Browse.activity/activity/activity.info reports version 102. Control Panel | Software Update suggested that everything was up-to-date. How do I further debug this? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] the "first user is admin" moodle policy
On Fri, Jul 24, 2009 at 08:50:22PM +0200, Martin Langhoff wrote: > On Wed, Jun 17, 2009 at 6:00 PM, Martin Langhoff > wrote: > > - add the /etc/moodle/coursecreators support so that > > - if it exists, even if empty, magic "first come is CC" is disabled > > - it reads /etc/moodle/coursecreators looking for matching SNs (one > > SN per line) I must be missing something really obvious. I upgraded to the latest stuff using the olpcxs-testing repo. I took an XO laptop and registered it with the schoolserver. This is the first laptop to register. I browsed to http://school/. I got the moodle login screen. Isn't there suppose to be some kind of autologin mechanism? I added the XO's serial number to /etc/moodle/coursecreators. I tried browsing to http://school/ again. I got the some moodle login screen. Can somebody give me a clue? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] can I groupinstall 'X Window System'?
We have an LCD projector. Since we don't have a USB->VGA adapter yet, I would like to drive projector with the schoolserver (using VNCLauncher & ssvnc). The groupinstall includes dnsmasq and NetworkManager. Is it safe to install these packages or am I asking for trouble? -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] pppd restarting mysteriously
On Fri, Jul 24, 2009 at 05:11:32PM +1000, James Cameron wrote: > On Fri, Jul 24, 2009 at 12:00:49PM +0530, Joshua N Pritikin wrote: > > The question is, what to change in /etc to make the change permanent? > > For Fedora, I don't yet know. For Debian and Ubuntu, the usual method > is a tiny script added to /etc/ppp/ip-up.d that adds the iptables rule > as soon as the connection is made. Another script in /etc/ppp/ip-down.d > can remove it, if the connection is only occasional. pppd can call a > script or set of scripts on connection. Yah, possible. Also, my testing indicates that the iptables rule can be added prior to the interface existing. Food for thought. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] pppd restarting mysteriously
On Fri, Jul 24, 2009 at 03:56:21PM +1000, James Cameron wrote: > On Fri, Jul 24, 2009 at 10:47:14AM +0530, Joshua N Pritikin wrote: > > I feel really dumb: > > Could you please send me by e-mail the output of the following commands, > which must be run as root: > > Then I'll suggest some commands that must be run just after the > CDMA EVDO connection starts, to see if that fixes the symptom. No need. The solution is to MASQ ppp0 instead of eth0. It works fine now. The question is, what to change in /etc to make the change permanent? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] pppd restarting mysteriously
On Fri, Jul 24, 2009 at 11:32:37AM +1000, James Cameron wrote: > The symptom is that your pppd receives an LCP Configuration Request from > the modem that attempts to begin authentication all over again. pppd > handles this (correctly) by shutting down the link. > > My analysis of this when I was observing the problem was that it was > caused by packets being sent with source IP addresses that the service > provider's network did not like. It might take up to 30 seconds between > the offending packet and the disconnection. I feel really dumb: # iptables -t nat -v -L Chain POSTROUTING (policy ACCEPT 341 packets, 24402 bytes) pkts bytes target prot opt in out source destination 0 0 MASQUERADE all -- anyeth0anywhere anywhere Where do I change the iptables rule? iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Access Point configuration
On Thu, Jul 23, 2009 at 06:59:55PM +0530, Joshua N Pritikin wrote: > On Thu, Jul 23, 2009 at 12:38:27PM +0200, Marten Vijn wrote: > > You can de-brick with soldering a tll to serial converter on the board > > on of the linksys. Then you can have a serial line to bios/dd-wrt. > > In the bios you can enable tftp to reflash the linksys over network. > > The are clear recovery howto's on wrt's website. > > Yah, I'll figure it out. Thanks. Fortunately, I regained control without reflashing via a failsafe mode. Hehe, this kind of stuff keeps the job exciting. ;-) ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] pppd restarting mysteriously
On Thu, Jul 23, 2009 at 02:54:20PM +0200, Martin Langhoff wrote: > On Thu, Jul 23, 2009 at 1:52 PM, Joshua N Pritikin wrote: > > I looked at the options for wvdial and turned off anything suspicious. I > > don't think wvdial is implicated. It looks like something crazy with > > pppd. If I enable debug in /etc/ppp/options, will I see something extra > > in /var/log/messages? > > /var/log/pppd.log I think. I am attaching two logs. dell-desktop shows a working ppp session. schoolserver shows a ppp session which is terminated shortly after connecting. Can anyone offer any insight into what is going wrong on the schoolserver? Jul 23 22:25:36 dell-desktop pppd[14482]: pppd 2.4.5 started by root, uid 0 Jul 23 22:25:36 dell-desktop pppd[14482]: using channel 40 Jul 23 22:25:36 dell-desktop pppd[14482]: Using interface ppp0 Jul 23 22:25:36 dell-desktop pppd[14482]: Connect: ppp0 <--> /dev/ttyUSB0 Jul 23 22:25:36 dell-desktop pppd[14482]: sent [LCP ConfReq id=0x1] Jul 23 22:25:36 dell-desktop pppd[14482]: rcvd [LCP ConfReq id=0x3] Jul 23 22:25:36 dell-desktop pppd[14482]: sent [LCP ConfAck id=0x3] Jul 23 22:25:36 dell-desktop pppd[14482]: rcvd [LCP ConfAck id=0x1] Jul 23 22:25:36 dell-desktop pppd[14482]: sent [LCP EchoReq id=0x0 magic=0xc140ebcc] Jul 23 22:25:36 dell-desktop pppd[14482]: rcvd [CHAP Challenge id=0x2 <14e30d98e64016736957963a1136c95a>, name = ""] Jul 23 22:25:36 dell-desktop pppd[14482]: sent [CHAP Response id=0x2 <93aac1f490ceff13b3e9d8931205b259>, name = "cdma"] Jul 23 22:25:36 dell-desktop pppd[14482]: rcvd [LCP EchoRep id=0x0 magic=0x8e2304] Jul 23 22:25:36 dell-desktop pppd[14482]: rcvd [CHAP Success id=0x2 ""] Jul 23 22:25:36 dell-desktop pppd[14482]: CHAP authentication succeeded Jul 23 22:25:36 dell-desktop pppd[14482]: CHAP authentication succeeded Jul 23 22:25:36 dell-desktop pppd[14482]: sent [CCP ConfReq id=0x1 ] Jul 23 22:25:36 dell-desktop pppd[14482]: sent [IPCP ConfReq id=0x1] Jul 23 22:25:36 dell-desktop pppd[14482]: rcvd [IPCP ConfReq id=0x2 ] Jul 23 22:25:36 dell-desktop pppd[14482]: sent [IPCP ConfAck id=0x2 ] Jul 23 22:25:37 dell-desktop pppd[14482]: rcvd [LCP ProtRej id=0x4 80 fd 01 01 00 0f 1a 04 78 00 18 04 78 00 15 03 2f 00 00 00 bf e0 e1 89 ac 01 34 69 12 90 21 04 ...] Jul 23 22:25:37 dell-desktop pppd[14482]: Protocol-Reject for 'Compression Control Protocol' (0x80fd) received Jul 23 22:25:37 dell-desktop pppd[14482]: rcvd [IPCP ConfRej id=0x1 ] Jul 23 22:25:37 dell-desktop pppd[14482]: sent [IPCP ConfReq id=0x2 ] Jul 23 22:25:37 dell-desktop pppd[14482]: rcvd [IPCP ConfNak id=0x2 ] Jul 23 22:25:37 dell-desktop pppd[14482]: sent [IPCP ConfReq id=0x3 ] Jul 23 22:25:37 dell-desktop pppd[14482]: rcvd [IPCP ConfAck id=0x3 ] Jul 23 22:25:37 dell-desktop pppd[14482]: Cannot determine ethernet address for proxy ARP Jul 23 22:25:37 dell-desktop pppd[14482]: local IP address 117.254.27.38 Jul 23 22:25:37 dell-desktop pppd[14482]: remote IP address 192.168.52.12 Jul 23 22:25:37 dell-desktop pppd[14482]: primary DNS address 218.248.240.134 Jul 23 22:25:37 dell-desktop pppd[14482]: secondary DNS address 218.248.240.181 Jul 23 22:25:37 dell-desktop pppd[14482]: Script /etc/ppp/ip-up started (pid 14487) Jul 23 22:25:37 dell-desktop pppd[14482]: Script /etc/ppp/ip-up finished (pid 14487), status = 0x0 Jul 23 22:26:06 dell-desktop pppd[14482]: sent [LCP EchoReq id=0x1 magic=0xc140ebcc] Jul 23 22:26:06 dell-desktop pppd[14482]: rcvd [LCP EchoRep id=0x1 magic=0x8e2304] Jul 23 22:26:36 dell-desktop pppd[14482]: sent [LCP EchoReq id=0x2 magic=0xc140ebcc] Jul 23 22:26:36 dell-desktop pppd[14482]: rcvd [LCP EchoRep id=0x2 magic=0x8e2304] Jul 23 22:27:06 dell-desktop pppd[14482]: sent [LCP EchoReq id=0x3 magic=0xc140ebcc] Jul 23 22:27:06 dell-desktop pppd[14482]: rcvd [LCP EchoRep id=0x3 magic=0x8e2304] Jul 23 22:16:01 schoolserver pppd[6859]: pppd 2.4.4 started by root, uid 0 Jul 23 22:16:01 schoolserver pppd[6859]: using channel 7 Jul 23 22:16:01 schoolserver pppd[6859]: Using interface ppp0 Jul 23 22:16:01 schoolserver pppd[6859]: Connect: ppp0 <--> /dev/ttyUSB0 Jul 23 22:16:01 schoolserver pppd[6859]: sent [LCP ConfReq id=0x1] Jul 23 22:16:02 schoolserver pppd[6859]: rcvd [LCP ConfAck id=0x1] Jul 23 22:16:04 schoolserver pppd[6859]: sent [LCP ConfReq id=0x1] Jul 23 22:16:05 schoolserver pppd[6859]: rcvd [LCP ConfReq id=0x1] Jul 23 22:16:05 schoolserver pppd[6859]: sent [LCP ConfAck id=0x1] Jul 23 22:16:05 schoolserver pppd[6859]: rcvd [LCP ConfAck id=0x1] Jul 23 22:16:05 schoolserver pppd[6859]: rcvd [CHAP Challenge id=0x1 <0f4c6dcb6a9aedb33fa9dc55e5fe20c1>, name = ""] Jul 23 22:16:05 schoolserver pppd[6859]: sent [CHAP Response id=0x1 , name = "cdma"] Jul 23 22:16:06 schoolserver pppd[6859]: rcvd [CHAP Success id=0x1 ""] Jul 23 22:16:06 schoolserver pppd[6859]: CHAP authenti
Re: [Server-devel] Access Point configuration
On Thu, Jul 23, 2009 at 12:38:27PM +0200, Marten Vijn wrote: > You can de-brick with soldering a tll to serial converter on the board > on of the linksys. Then you can have a serial line to bios/dd-wrt. > In the bios you can enable tftp to reflash the linksys over network. > The are clear recovery howto's on wrt's website. Yah, I'll figure it out. Thanks. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] pppd restarting mysteriously
As I mentioned, I have a CDMA EVDO modem for Internet access. This works fine Ubuntu and Debian laptops. On the schoolserver, pppd restarts within a minute for no reason. I looked at the options for wvdial and turned off anything suspicious. I don't think wvdial is implicated. It looks like something crazy with pppd. If I enable debug in /etc/ppp/options, will I see something extra in /var/log/messages? I have this vague feeling that I've seen this kind of failure before, but I can't recall the details. Was it some Fedora feature---network manager related---that I need to turn off? I even tried searching for my name and EVDO in google, but didn't find anything. -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Access Point configuration
On Thu, Jul 23, 2009 at 12:48:07PM +0200, Martin Langhoff wrote:
> On Thu, Jul 23, 2009 at 12:14 PM, Joshua N Pritikin
> wrote:
> > 2. To not run a DHCP Server means that I should turn off DHCP
> > completely? I only see options for DHCP Server and DHCP Forwarding. I
> > assume I want DHCP Forwarding? Should I turn off DNSMasq?
>
> - yes, turn off DHCP server (DNSmasq)
Done.
> - I think that you want DHCP forwarding, never heard of it before. We
> definitely do _not_ want the AP to block the DHCP leases that the XS
> offers :-)
Yah, I left it on. Not sure what it's doing.
> > The XS wants to issue DHCP assignments through the router, right?
>
> Yes. And see a "flat" space. It network terms, you want it to stop
> behaving like a router, and be a _bridge_ instead.
>
> I don't know much about DD-WRT unfortunately. Mayb Marten knows how to
> get it to be a bridge?
OK, I've done this before. It's coming back. In DD-WRT, I switched the
router from "Gateway" into "Router" mode. The other key change is moving
all the interfaces to the same VLAN. That seems to have done the trick.
Shall I add some notes on the wiki? I'm bound to forget and ask you the
same questions next year.
> Once you get it to be a bridge, packages will just be copied
> ("bridged") over, instead of routed, and this will be a non-issue. The
> DD-WRT device may still want an address (self configured or via DHCP)
> but packets from wireless will appear as coming from the XO IP addr.
Right, OK.
___
Server-devel mailing list
Server-devel@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
[Server-devel] Access Point configuration
I had my first experience of bricking a wireless router today. Fortunately, I had a backup router on hand. The steps listed in "AP Configuration" seem incomplete. Today I flashed my secondary WRT54GL with DD-WRT and loaded factory defaults. "Make sure that the access point is NOT running as a DHCP server and it's not running NAT" 1. DD-WRT does not have NAT enabled. That's easy. 2. To not run a DHCP Server means that I should turn off DHCP completely? I only see options for DHCP Server and DHCP Forwarding. I assume I want DHCP Forwarding? Should I turn off DNSMasq? Also, would be wrong to turn off DHCP for the WAN link? (I think that's how I bricked my router.) The XS wants to issue DHCP assignments through the router, right? Do I need to change the router operating mode from Gateway to Router (DD-WRT Advanced Routing / Operating Mode)? Currently, my router gets assigned WAN IP 172.18.96.24, which looks correct. However, the schoolserver log shows: DHCPDISCOVER from 00:1e:c9:04:9a:b0 via 192.168.1.1: unknown network segment 00:1e:c9:04:9a:b0 is my laptop's Ethernet MAC address. I get an analogous result if I try to connect via wireless. I presume the schoolserver is expecting DHCPDISCOVER via the router's WAN IP? How can I accomplish this? The Linksys routing table is: 192.168.1.0 255.255.255.0 0.0.0.0 LAN & WLAN 172.18.96.0 255.255.224.0 0.0.0.0 WAN 169.254.0.0 255.255.0.0 0.0.0.0 LAN & WLAN 0.0.0.0 0.0.0.0 172.18.96.1 WAN Do I want to statically assign the router to 172.18.96.24? (Probably not.) Suggestions welcome. Thanks for your help. -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] ejabberd and DNS hurdles (was Re: moodle howto?)
On Thu, Jul 23, 2009 at 05:37:11PM +0800, Deds Castillo wrote: > On Thursday 23 July 2009, Joshua N Pritikin wrote: > > On Thu, Jul 23, 2009 at 08:18:14AM +0200, Martin Langhoff wrote: > > > For xs0.6 you should _not_ configure ejabberd. I've posted the > > > (much simpler!) instructions for 0.6on this list about 2 months > > > ago. Google has excellent coverage of the archive ... ;-) > > > > For future reference, it appears Martin was referring to: > > > > http://www.mail-archive.com/server-devel@lists.laptop.org/msg02287. > >html > > That's actually what I did but I was still able to replicate the > behavior you wrote on fresh install of 0.6d2 where ejabberctl status > shows that the server is running but nothing is listening on 5280. > I'm on a slow connection so I can't try it right now on 0.6 and > compare if it only happens for me on 0.6d2. If I understood Martin correctly, he is saying that nothing listening on 5280 is expected and correct behavior. I have added a note to the XS Install guide section "Setup Shared Roster Groups for ejabberd": "(If you are using a version of XS 0.6 from June 2009 or later then you should skip this section. EJabberd is automatically configured.)" ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] ejabberd and DNS hurdles
On Wed, Jul 22, 2009 at 04:09:22PM -0700, Sameer Verma wrote: > This might get fixed by doing a forwarders for DNS. I have to do this when I > use the XS on campus. > http://www.mail-archive.com/server-devel@lists.laptop.org/msg02381.html Added to the end of "Network Configuration": "If you can only resolve hostnames on the schoolserver but not from other computers using the schoolserver as a gateway then you may have to force use of your ISP's DNS servers. Add your ISP's nameservers to /etc/named-xs.conf file as forwarders." Did I describe everything accurately? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] ejabberd and DNS hurdles (was Re: moodle howto?)
On Thu, Jul 23, 2009 at 08:18:14AM +0200, Martin Langhoff wrote: > For xs0.6 you should _not_ configure ejabberd. I've posted the (much > simpler!) instructions for 0.6on this list about 2 months ago. Google > has excellent coverage of the archive ... ;-) For future reference, it appears Martin was referring to: http://www.mail-archive.com/server-devel@lists.laptop.org/msg02287.html ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] ejabberd and DNS hurdles
On Thu, Jul 23, 2009 at 08:18:14AM +0200, Martin Langhoff wrote: > Sameer's suggestion to set forwarders is very good, recommended. Yes, this worked for me. It would be more ideal to include /var/run/ppp/resolv.conf into named-xs.conf dynamically, but I am happy enough. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] ejabberd and DNS hurdles (was Re: moodle howto?)
On Wed, Jul 22, 2009 at 02:24:05PM +0200, Martin Langhoff wrote: > Then I think around the time you looked at the instructions the > DNS configuration steps were all messed up. > > Daniel Drake just did a major cleanup of that. Maybe it'd be a good > idea to retry from the start with the better instructions. Today I installed 0.6d2 from scratch. I noticed a few problems: 1. "Basic ejabberd Configuration" went smoothly. However, I got stuck in "Setup Shared Roster Groups for ejabberd." ejabberd is not listening on port 5280: [r...@schoolserver etc]# ejabberdctl status Node ejabb...@schoolserver is started. Status: started ejabberd is running [r...@schoolserver etc]# netstat -n -l | grep 5280# (nothing) 2. Similar to my previous report, there is some DNS dysfunction. I can ping external sites (e.g. laptop.org) from the schoolserver. I can ssh to the schoolserver from my laptop. However, I cannot ping external sites from my laptop. I am using a USB EV-DO CDMA adapter to connect to the Internet. When it connects, it creates a ppp0 interface. Since eth0 is not my uplink, I ran xs-swapnics once and my local wireless router (WRT54GL) is now showing up as eth1. -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] moodle howto?
On Tue, Jul 21, 2009 at 09:51:24PM +0200, Martin Langhoff wrote: > Did you edit the XS install pages recently, perhaps? Yes, I got stuck on the installation because a step was missing. The "Install using kickstart" option is not present until you get past the first boot prompt. I mentioned that in the install page. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] moodle howto?
I found http://docs.moodle.org/en/OLPC_XS_installation However, I have a vague recollection that XS Moodle is set up with Postgresql. Are the instructions stale or shall I follw them? -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] taming a fresh 0.5.2 install
There is some DNS dysfunction. I can ping external sites (e.g. laptop.org) from the schoolserver. I can ssh to the schoolserver from my laptop. However, I cannot ping external sites from my laptop. I am using a USB EV-DO CDMA adapter to connect to the Internet. When it connects, it creates a ppp0 interface. Since eth0 is not my uplink, I ran xs-swapnics once and my local wireless router (WRT45GL) is now showing up as eth1. Any suggestions? I am happy to test early builds of XS 0.6. -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] anaconda deletes /fsckoptions on F9 based XS
On Thu, Sep 18, 2008 at 12:49:22PM +1200, Martin Langhoff wrote: > good question. In the field, the XS machines never get switched off - > they are headless, and set in the bios to auto-switch-on. Most of them > will be in locations with unreliable power - so they will switch off > when power gets cut. One more comment---sometimes (frequently) the voltage would dip enough to bork the machine but not enough to cause a reboot. I think a hardware watchdog would solve this, but I never had a chance to try it. -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] anaconda deletes /fsckoptions on F9 based XS
On Thu, Sep 18, 2008 at 12:49:22PM +1200, Martin Langhoff wrote: > good question. In the field, the XS machines never get switched off - > they are headless, and set in the bios to auto-switch-on. Most of them > will be in locations with unreliable power - so they will switch off > when power gets cut. I have run servers like this for a few years with ext3. I was surprised how well it worked. I never got anything resembling file system corruption. ext3 worked like a charm. What tended to fail was the RAID1 set up. For some reason, the volumes got unsync'd and had to be reassembled manually. But after issuing 'mdadm -a /dev/md0 /dev/foo' by hand, then it worked fine. The only other problem was actual hard drive failure. But there is nothing we can do about that anyway. -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Network transparent XS services - limitations and alternatives
On Tue, Aug 26, 2008 at 07:53:19PM -0400, C. Scott Ananian wrote: > On Tue, Aug 26, 2008 at 7:40 PM, Martin Langhoff > <[EMAIL PROTECTED]> wrote: > >> http://wiki.laptop.org/go/Network_principles#Disconnected_operation is > >> a principled means to substitute unavailable resources in the offline > >> case. > > > > The solution you suggest has problems, and I mentioned them in my > > previous email. Have you got any light to shed on them? > > a) Don't lie about DNS entries when you are connected. > b) When you are disconnected, use a DNS server which allows you to map > names to short lifetime addresses, then serve resources for those > addresses. Maybe I don't understand the big picture, but just a & b seem unworkable. Here is the use case: Here I am in India with a wireless CDMA connection that typically provides 50 kbytes per sec with 500ms latency. This is not fast enough to olpc-update laptops from Cambridge. I must use xs-rsync, connected or not connected. Or I must use a USB key. In the long term, I prefer to use xs-rsync because of the promise of automatic updates to a large number of laptops. So here is a network service which must use the XS regardless of the status of the internet connection and which should not interfere with users browsing the internet or XS internet cache. -- American? Vote on the National Initiative for Democracy, http://votep2.us ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Help test OLPC_XS_169 - RC1 for xs-0.4
On Sat, Aug 23, 2008 at 05:33:21PM +1200, Martin Langhoff wrote: > YES. I nowrealise that I forgot this bit of instructions (I think I > included in an earlier set). It goes like this: > > - if you are upgrading, you *must* re-run domain_config OK, fair enough. [EMAIL PROTECTED] etc]# find /etc -type l -lname '*fsroot*' /etc/squid/squid.conf.old [EMAIL PROTECTED] etc]# find /etc -type f -name '*rpmnew' (nothing) ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Help test OLPC_XS_169 - RC1 for xs-0.4
On Sat, Aug 23, 2008 at 01:33:48PM +1200, Martin Langhoff wrote: > Odder even. What's your version of xs-config? [EMAIL PROTECTED] ~]# rpm -q --provides xs-config config(xs-config) = 0.3.5-1 xs-config = 0.3.5-1 ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Help test OLPC_XS_169 - RC1 for xs-0.4
On Fri, Aug 22, 2008 at 04:16:38PM -0500, Jerry Vonau wrote:
> Might know what the issue is, could you post the contents of
> /etc/sysconfig/named,
OPTIONS='-c /etc/named-xs.conf'
> /etc/named-xs.conf
Attached.
> just to confirm my suspicions.
> Also, does /var/named-xs exist?
Yes.
[EMAIL PROTECTED] ~]# ls -l /var/named-xs
total 64
drwxrwx--- 2 named named 4096 2008-08-22 08:30 data
-rwxr-xr-x 1 root root 198 2008-08-22 08:30 localdomain.zone
-rwxr-xr-x 1 root root 195 2008-08-22 08:30 localhost.zone
-rwxr-xr-x 1 root root 427 2008-08-22 08:30 named.broadcast
-rwxr-xr-x 1 root root 424 2008-08-22 08:30 named.ip6.local
-rwxr-xr-x 1 root root 426 2008-08-22 08:30 named.local
-rwxr-xr-x 1 root root 907 2008-08-22 08:30 named.rfc1912.zones
-rwxr-xr-x 1 root root 2517 2008-08-22 08:30 named.root
-rwxr-xr-x 1 root root 524 2008-08-22 08:30 named.root.hints
-rwxr-xr-x 1 root root 427 2008-08-22 08:30 named.zero
-rwxr-xr-x 1 root root 336 2008-08-22 08:30 school.external.zone.db
-rwxr-xr-x 1 root root91 2008-08-22 08:30
school.internal.zone.16.in-addr.db.in
-rwxr-xr-x 1 root root91 2008-08-22 08:30
school.internal.zone.32.in-addr.db.in
-rwxr-xr-x 1 root root91 2008-08-22 08:30
school.internal.zone.48.in-addr.db.in
-rwxr-xr-x 1 root root 740 2008-08-22 08:30 school.internal.zone.db
-rwxr-xr-x 1 root root91 2008-08-22 08:30
school.internal.zone.in-addr.db.in
//
// Named.conf file for the OLPC schoolserver
//
// See the BIND Administrator's Reference Manual (ARM) for details, in:
// file:///usr/share/doc/bind-*/arm/Bv9ARM.html
// Also see the BIND Configuration GUI : /usr/bin/system-config-bind and
// its manual.
//
options
{
/* make named use port 53 for the source of all queries, to allow
* firewalls to block all ports except 53:
*/
query-sourceport 53;
query-source-v6 port 53;
listen-on-v6 { any; };
// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
};
logging
{
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory
(/var/named).
* By default, SELinux policy does not allow named to modify the
/var/named directory,
* so put the default debug log file in data/ :
*/
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
//
// All BIND 9 zones are in a "view", which allow different zones to be served
// to different types of client addresses, and for options to be set for groups
// of zones.
//
// By default, if named.conf contains no "view" clauses, all zones are in the
// "default" view, which matches all clients.
//
// If named.conf contains any "view" clause, then all zones MUST be in a view;
// so it is recommended to start off using views to avoid having to restructure
// your configuration files in the future.
//
view "localhost_resolver"
{
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
# all views must contain the root hints zone:
include "/var/named/named.root.hints";
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should
* ONLY be served to localhost clients:
*/
include "/var/named/named.rfc1912.zones";
/* and these are the local subnet names */
zone "nashik.xs.laptop.org" in {
type master;
file "school.internal.zone.db";
allow-update {127.0.0.1; };
};
};
acl "school-subnets" { 172.18/16; };
view "internal"
{
/* This view will contain zones you want to serve only to clients
that are on the school network
*/
match-clients { school-subnets; };
recursion yes;
// all views must contain the root hints zone:
include "/var/named/named.root.hints";
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
zone "nashik.xs.laptop.org" {
type master;
file "school.internal.zone.db";
allow-update {127.0.0.1; };
};
zone "0.18.172.in-addr.arpa" {
type master;
file "school.internal.zone.in-addr.db";
allow-update {127.0.0.1; };
};
zone "16.18.172.in-addr.arpa" {
type master;
file "school.internal.zone.16.in-addr.db";
allow-update {127.0.0.1; };
};
zone "18.18.172.in-
Re: [Server-devel] Help test OLPC_XS_169 - RC1 for xs-0.4
On Fri, Aug 22, 2008 at 05:15:19PM -0500, Jerry Vonau wrote: > Did you run config_domain after the upgrade? No. Should I have? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Help test OLPC_XS_169 - RC1 for xs-0.4
After upgrading, I got this: Error in named configuration: /etc/named-xs.conf:53: open: /var/named/named.root.hints: file not found It's a broken link: [EMAIL PROTECTED] ~]# ls -l /var/named/named.root.hints lrwxrwxrwx 1 root root 40 2008-07-30 06:44 /var/named/named.root.hints -> //fsroot.olpc/var/named/named.root.hints Actually the directory is full of broken links: [EMAIL PROTECTED] ~]# ls -l /var/named total 44 drwxrwx--- 2 named named 4096 2008-08-20 04:47 data drwxrwx--- 2 named named 4096 2007-10-09 18:51 dynamic lrwxrwxrwx 1 root root40 2008-07-30 06:44 localdomain.zone -> //fsroot.olpc/var/named/localdomain.zone lrwxrwxrwx 1 root root38 2008-07-30 06:44 localhost.zone -> //fsroot.olpc/var/named/localhost.zone lrwxrwxrwx 1 root root39 2008-07-30 06:44 named.broadcast -> //fsroot.olpc/var/named/named.broadcast lrwxrwxrwx 1 root root39 2008-07-30 06:44 named.ip6.local -> //fsroot.olpc/var/named/named.ip6.local lrwxrwxrwx 1 root root35 2008-07-30 06:44 named.local -> //fsroot.olpc/var/named/named.local lrwxrwxrwx 1 root root43 2008-07-30 06:44 named.rfc1912.zones -> //fsroot.olpc/var/named/named.rfc1912.zones lrwxrwxrwx 1 root root34 2008-07-30 06:44 named.root -> //fsroot.olpc/var/named/named.root lrwxrwxrwx 1 root root40 2008-07-30 06:44 named.root.hints -> //fsroot.olpc/var/named/named.root.hints lrwxrwxrwx 1 root root34 2008-07-30 06:44 named.zero -> //fsroot.olpc/var/named/named.zero lrwxrwxrwx 1 root root47 2008-07-30 06:44 school.external.zone.db -> //fsroot.olpc/var/named/school.external.zone.db -rw-r--r-- 1 root root96 2008-08-20 04:47 school.internal.zone.16.in-addr.db -rw-r--r-- 1 root root96 2008-08-20 04:47 school.internal.zone.16.in-addr.db.old -rw-r--r-- 1 root root96 2008-08-20 04:47 school.internal.zone.32.in-addr.db -rw-r--r-- 1 root root96 2008-08-20 04:47 school.internal.zone.32.in-addr.db.old -rw-r--r-- 1 root root96 2008-08-20 04:47 school.internal.zone.48.in-addr.db -rw-r--r-- 1 root root96 2008-08-20 04:47 school.internal.zone.48.in-addr.db.old lrwxrwxrwx 1 root root47 2008-07-30 06:44 school.internal.zone.db -> //fsroot.olpc/var/named/school.internal.zone.db -rw-r--r-- 1 root root96 2008-08-20 04:47 school.internal.zone.in-addr.db -rw-r--r-- 1 root root96 2008-08-20 04:47 school.internal.zone.in-addr.db.old drwxrwx--- 2 named named 4096 2007-10-09 18:51 slaves What's the best way to fix this? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] ejabberd not getting shutdown
I don't know if this is worth mentioning, but recently ejabberd is resisting shutdown when I reboot. It takes long enough that I get tired of waiting and hit the power switch. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] config file mess
On Thu, Aug 21, 2008 at 04:33:42PM +1200, Martin Langhoff wrote: > On Thu, Aug 21, 2008 at 4:11 PM, Joshua N Pritikin <[EMAIL PROTECTED]> wrote: > > I updated to testing. The GIT stuff is great. > > Did your configuration survive? Any _broken_ symlinks? Things still work? I grab my local mods out of GIT. I didn't notice broken symlinks. Everything works. > > However, why is > > xs-commit-change so slow? > > It's not slow for me -- in relative terms. Definitely ~1s each call here. > > If you are used to git's normal blazing speeds, a couple of things get > in the way... > > - /etc is a large directory. git is optimised to keep track of all or > most of the files it sees... > > - The ops will mostly be on cold-cache. > > - The python wrapper imposes ~1s startup costs... I did draft it in > shell, but a shell metachar escapes are safer/saner in python, and I'm > not out to win a speed race with this, so... > > Let me know if you see it significantly slower than ~1s Yah, it takes about 1s. I was surprised because typically GIT is so fast than I am suspicious about whether it is doing anything. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] ext2resize?
On Wed, Aug 20, 2008 at 05:24:48PM -0700, Nifty Egg Mitch wrote: > On Thu, Aug 21, 2008 at 10:53:02AM +1200, Martin Langhoff wrote: > > On Thu, Aug 21, 2008 at 4:53 AM, Joshua N Pritikin <[EMAIL PROTECTED]> > > wrote: > > > What is the proper way to install ext2resize? It doesn't appear to be in > > > yum? > > > > Perhaps it's not packaged for fedora or included in a different > > package? `yum search ext2` shows some candidates... > > $ rpm -qf `which resize2fs` > e2fsprogs-1.40.4-2.fc8 Ah, OK. I'm coming from Debian, so I need to get up to speed on yum. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] config file mess
On Thu, Aug 21, 2008 at 09:07:02AM +1200, Martin Langhoff wrote: > On Thu, Aug 21, 2008 at 3:39 AM, Joshua N Pritikin <[EMAIL PROTECTED]> wrote: > > I accidentally upgraded from XS_165 to a new xs-config (maybe 0.3.1?). > > Ouch. That will be a big disaster, I am just fixing the bugs around > that at the moment. Two options > > - reinstall the most recent xs-config you can get from the testing > repo. That will leave just a couple of broken bits that I am fixing > today hopefully I updated to testing. The GIT stuff is great. However, why is xs-commit-change so slow? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] ext2resize?
What is the proper way to install ext2resize? It doesn't appear to be in yum? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] config file mess
I accidentally upgraded from XS_165 to a new xs-config (maybe 0.3.1?). The upgrade got stuck halfway through, and I cancelled it. What is the proper way to fix config files? Copy foo.conf to foo-xs.conf? I already fixed named and squid. What other services do I need to check? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] wvdial woes
On Wed, Aug 20, 2008 at 11:23:30AM +1200, Martin Langhoff wrote: > Our networking setup is somewhat rigged (something that Jerry is > looking at curing for F9 :-) ) and according to Wad running netplugd > makes it trip up so we've disabled it. Maybe the usb connection > scripts start netplugd? Thanks for the hint. Actually netplugd _is_ enabled for eth*. I disabled it and all is well. How can I get dansguardian? I don't find it in yum list. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] wvdial woes
On Tue, Aug 19, 2008 at 03:36:38PM +0530, Joshua N Pritikin wrote: > The USB modem works fine at long as my wired network is disconnected. As > soon as I connect the WRT54GL, the something is running ifdown/ifup on > ppp about every 5 seconds. When I disconnect the wired network, things > return to normal (ppp stays up). eth0 has a static address. dhcp is > running on eth0 to assign an address to the WRT54GL. Is this a network-manager problem? The crappy modem I have cannot be started automatically. It is necessary to poweroff (disconnect) the device and reconnect it before starting wvdial. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] wvdial woes
On Tue, Aug 19, 2008 at 06:38:53PM +1000, James Cameron wrote: > On Tue, Aug 19, 2008 at 01:21:11PM +0530, Joshua N Pritikin wrote: > > Any suggestions? > > Enable pppd debug, configure syslog to capture the debug lines, and > examine why the disconnection occurs. Oh! I didn't think to check the syslog.conf stuff. There is something strange going on. I have a simple set up. There are only two important network interfaces. I have a wired network connected to a WRT54GL wireless router, and I have a USB CDMA modem. The USB modem works fine at long as my wired network is disconnected. As soon as I connect the WRT54GL, the something is running ifdown/ifup on ppp about every 5 seconds. When I disconnect the wired network, things return to normal (ppp stays up). eth0 has a static address. dhcp is running on eth0 to assign an address to the WRT54GL. Also, /etc/resolv.conf isn't being written by pppd, but it is easy enough to do that myself for now. Suggestions? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] wvdial woes
I copied my perfectly working wvdial config to the schoolserver (XS 165). It doesn't work. Looking in /var/log/messages, I see that CHAP authentication succeeds. I am assigned a local and remote IP address. I receive DNS servers. Then pppd terminates on signal 15. The connection lasts for 0.1 minutes, disconnects, and reconnects endlessly. /etc/resolv.conf is never set up. I turned off "Check DNS" but the behavior is the same. This is the same USB CDMA modem which is working on my laptop to send this email. Any suggestions? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] installing a school server
On Mon, Aug 18, 2008 at 06:06:17AM -0500, Jerry Vonau wrote: > What version of squashfs-tools are you using? If it 3.3.x > try adding -no-sparse -b 64k to the mksqushfs call Yup, that worked. However, my kickstart modifications were not successful. My hard drive got repartitioned. Eventually grub failed to install. I'm not sure why. After I installed grub manually then the system refused to up all the way up, possibly due to a bad hard drive. Now that I lost my data anyway, I'll just use a clean XS_165 install to a different hard drive and see what happens. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] installing a school server
On Mon, Aug 11, 2008 at 09:57:47AM +1200, Martin Langhoff wrote: > Yes, but you will need to tweak the kickstart file on the image (no > "do your own partitioning" option yet, sorry). By default, the XS > install CD will wipe the disk and setup an LVM (w/o RAID). I modified the kickstart file following the procedure: http://wiki.laptop.org/go/User:Az990tony/squashfs-surgery I did this on an Ubuntu hardy machine with kernel 2.6.24-19. When I try to boot the USB stick, it fails with: ... Done copying live image to RAM. SQUASHFS error: Major/Minor mismatch, trying to mount newer 3.1 filesystem SQUASHFS error: Please update your kernel mount: wrong fs type, bad open, bad superblock on /dev/loop120 ... Bug in initramfs /init detected. Dropping to a shell. Good luck! I hit the same error using the "Run from image" option. Suggestions? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] installing a school server
I finally got a reasonably fast internet connection at our school in India (BSNL EV-DO). I would like to try to install the school server. We have 15 XO laptops. Just to get something working, I installed Ubuntu with Squid/Dansguardian. I have about 200Gb of hard drive and 2G RAM. Can I get an ext2 image of the school server and load it on a logical partition? I prefer to store anything important on LVM+RAID1. Does the school server understand this disk format? ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
