Debian Bug report logs - #613988
kerberized nfs4 mounting

Package: ltsp-client-core; Maintainer for ltsp-client-core is Debian LTSP Maintainers <team+ltsp@tracker.debian.org>; Source for ltsp-client-core is src:ltsp (PTS, buildd, popcon).

Reported by: Holger Levsen <holger@layer-acht.org>

Date: Sun, 13 Feb 2011 12:39:01 UTC

Severity: wishlist

Found in version ltsp/5.1.10-2

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#613167; Package debian-edu-config. (Sun, 13 Feb 2011 12:39:04 GMT) (full text, mbox, link).

Acknowledgement sent to Holger Levsen <holger@layer-acht.org>:
New Bug report received and forwarded. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Sun, 13 Feb 2011 12:39:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

package: debian-edu-config
severity: wishlist

Hi,

to ease maintainance (no more adding of workstations to be able to access home 
shares) and to improve security, it would be desirable to use kerberized nfs4 
mounting. 

This bug is for tracking this issue, ie by documenting the needed steps.

It's a wishlist feature and we can certainly release squeeze without. (It 
needs some time to implement and test properly.)


cheers,
	Holger

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#613167; Package debian-edu-config. (Wed, 16 Feb 2011 14:51:03 GMT) (full text, mbox, link).

Acknowledgement sent to "Andreas B. Mundt" <andi.mundt@web.de>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Wed, 16 Feb 2011 14:51:03 GMT) (full text, mbox, link).

Message #10 received at 613167@bugs.debian.org (full text, mbox, reply):

Hi,

to get Diskless Clients work with Kerberos we first have to find a way
to modify the entires in /etc/hosts.

Currently, there is an entry: 

10.0.2.2   server  

which spoils Kerberos (error messages about for example
ldap/server@INTERN service tickets not being available). 

I tried to find a way to change this by editing a variable in
lts.conf, but without success (the same after considering 'man
lts.conf').

Any help or pointers are appreciated,

    Andi

Acknowledgement sent to Wolfgang Schweer <schweer@cityweb.de>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Wed, 16 Feb 2011 21:00:15 GMT) (full text, mbox, link).

Message #15 received at 613167@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

On Mi, 16 Feb 2011, Andreas B. Mundt wrote:

> to get Diskless Clients work with Kerberos we first have to find a way
> to modify the entires in /etc/hosts.
> 
> Currently, there is an entry: 
> 
> 10.0.2.2   server  
  
This entry is supposed to be written by /usr/share/ltsp/screen.d/ldm 
(inside the chroot - by default /opt/ltsp/i386)

Wolfgang

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, vagrant@debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#613167; Package debian-edu-config. (Fri, 18 Feb 2011 16:06:10 GMT) (full text, mbox, link).

Acknowledgement sent to "Andreas B. Mundt" <andi.mundt@web.de>:
Extra info received and forwarded to list. Copy sent to vagrant@debian.org, Debian Edu Developers <debian-edu@lists.debian.org>. (Fri, 18 Feb 2011 16:06:10 GMT) (full text, mbox, link).

Message #20 received at 613167@bugs.debian.org (full text, mbox, reply):

X-Debbugs-Cc: vagrant@debian.org

Hi,

On Wed, Feb 16, 2011 at 09:59:44PM +0100, Wolfgang Schweer wrote:
> On Mi, 16 Feb 2011, Andreas B. Mundt wrote:
> 
> > to get Diskless Clients work with Kerberos we first have to find a way
> > to modify the entires in /etc/hosts.
> > 
> > Currently, there is an entry: 
> > 
> > 10.0.2.2   server  
>   
> This entry is supposed to be written by /usr/share/ltsp/screen.d/ldm 
> (inside the chroot - by default /opt/ltsp/i386)

Thanks for the pointer. With its help I found the following:

The 'server' looks like being hardcoded in the function configure_resolver()
defined in:  

     /opt/ltsp/i386/usr/share/ltsp/ltsp-init-common

Any ideas how to modify that entry easily?

Regards

	Andi

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#613167; Package debian-edu-config. (Fri, 18 Feb 2011 18:03:02 GMT) (full text, mbox, link).

Acknowledgement sent to Wolfgang Schweer <schweer@cityweb.de>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Fri, 18 Feb 2011 18:03:03 GMT) (full text, mbox, link).

Message #25 received at 613167@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

Hi,

On Fr, 18 Feb 2011, Andreas B. Mundt wrote:

> The 'server' looks like being hardcoded in the function configure_resolver()
> defined in:  
> 
>      /opt/ltsp/i386/usr/share/ltsp/ltsp-init-common

maybe this way (not sure, if SERVER_NAME is used already):

replace »$SERVER server« by »$SERVER ${SERVER_NAME:-"server"}« in
ltsp-init-common.

then set SERVER_NAME in lts.conf

(if getltscfg is called SERVER_NAME will be taken out of lts.conf and
exported)

for testing set PILLE_PALLE=something in lts.conf and execute
»getltscfg -a« after entering the chroot using »ltsp-chroot«
 
Wolfgang

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#613167; Package debian-edu-config. (Fri, 18 Feb 2011 18:15:05 GMT) (full text, mbox, link).

Acknowledgement sent to Vagrant Cascadian <vagrant@freegeek.org>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Fri, 18 Feb 2011 18:15:05 GMT) (full text, mbox, link).

Message #30 received at 613167@bugs.debian.org (full text, mbox, reply):

clone 613167 -1
reassign -1 ltsp-client-core
found -1 5.1.10-2
thanks

On Fri, Feb 18, 2011 at 05:03:47PM +0100, Andreas B. Mundt wrote:
> On Wed, Feb 16, 2011 at 09:59:44PM +0100, Wolfgang Schweer wrote:
> > On Mi, 16 Feb 2011, Andreas B. Mundt wrote:
> > 
> > > to get Diskless Clients work with Kerberos we first have to find a way
> > > to modify the entires in /etc/hosts.
> > > 
> > > Currently, there is an entry: 
> > > 
> > > 10.0.2.2   server  
> >   
> > This entry is supposed to be written by /usr/share/ltsp/screen.d/ldm 
> > (inside the chroot - by default /opt/ltsp/i386)

that's a different, but nearly identical, problem...
 
> Thanks for the pointer. With its help I found the following:
> 
> The 'server' looks like being hardcoded in the function configure_resolver()
> defined in:  
> 
>      /opt/ltsp/i386/usr/share/ltsp/ltsp-init-common
> 
> Any ideas how to modify that entry easily?

there is no good way to do this, unfortunately. gah. sorry about that. for
years, LTSP development assumed DNS would not available, and this is clearly a
poor assumption.

live well,
  vagrant

Bug 613167 cloned as bug 613988. Request was from Vagrant Cascadian <vagrant@freegeek.org> to control@bugs.debian.org. (Fri, 18 Feb 2011 18:15:05 GMT) (full text, mbox, link).

Bug reassigned from package 'debian-edu-config' to 'ltsp-client-core'. Request was from Vagrant Cascadian <vagrant@freegeek.org> to control@bugs.debian.org. (Fri, 18 Feb 2011 18:15:08 GMT) (full text, mbox, link).

Bug Marked as found in versions ltsp/5.1.10-2. Request was from Vagrant Cascadian <vagrant@freegeek.org> to control@bugs.debian.org. (Fri, 18 Feb 2011 18:15:08 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, LTSP Debian/Ubuntu Maintainers <pkg-ltsp-devel@lists.alioth.debian.org>:
Bug#613988; Package ltsp-client-core. (Sat, 04 Jun 2011 13:39:05 GMT) (full text, mbox, link).

Acknowledgement sent to Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:
Extra info received and forwarded to list. Copy sent to LTSP Debian/Ubuntu Maintainers <pkg-ltsp-devel@lists.alioth.debian.org>. (Sat, 04 Jun 2011 13:39:05 GMT) (full text, mbox, link).

Message #41 received at 613988@bugs.debian.org (full text, mbox, reply):

[Message part 1 (text/plain, inline)]

When setting up a test installation of Debian Edu squeeze at end of  
April there definitely had to be done some fixes still, but none of  
them addressed

  /etc/hostname
  /etc/hosts

For kerberized NFSv4 (on diskless workstations) you have to

(a)
tweak /etc/default/nfs-common and add the line

RPCGSSDOPTS=-n

(b)
make sure that the diskless workstations is set up as a Kerberos  
client, including the

  [libdefaults]
  allow_weak_crypto = true

line...

Mike

-- 

DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419

GnuPG Key ID 0xB588399B
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb

[Message part 2 (application/pgp-signature, inline)]

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Jul 1 12:54:27 2023; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Debian Bug report logs - #613988 kerberized nfs4 mounting

Debian Bug report logs - #613988
kerberized nfs4 mounting