Here's a summary of recent activity in the Free Space suite at Zion; the "What
Happened" bits contain technical bullet-points which may freely be skipped by
the uninterested.
Questions To Ask
================
1) Which wallport should we be using for access to Zion's network and the
Internet beyond it?
2) What's on the other end of this wallport? Does it object to (say)
rapidly-changing or multiple MAC addresses? What firewall rules are in place?
3) Is there some kind of Zion-internal status page we can check to see whether
Zion's Internet connectivity is down?
4) Who should we talk to if we have problems with the Internet connectivity?
How can we contact them?
5) What conditions should we adhere to in our use of Zion's Internet
connectivity, and what conditions should we pass on to users of the suite?
Organisational Issues
=====================
1) Who is going to be responsible for looking after the Free Space Manchester
suite? How is that responsibility going to be shared?
2) How will those responsible communicate and share information to ensure that
everybody is kept in the loop?
What We Need
============
Hardware-wise, we could do with:
* An extra 4- or (preferably) 6-way mains adapter, to allow all LTSP clients
to be powered simultaneously.
* Cable ties and some way of labelling cables
* A two-port PS2 KVM to allow one monitor/keyboard/mouse to be shared between
an LTSP client and the server, for ease of administration.
What Happened: Saturday
=======================
Vicky and I were at the Zion Centre on Saturday 19th trying to get the Free
Space Manchester LTSP suite up and running for use by the Generate project on
Wednesday 23rd.
I had brought along ~50 tri-fold leaflets prepared by Manchester Free Software
as a basic introduction to free software, GNU/Linux, OpenOffice.org, GIMP and
Firefox. Vicky folded these and placed them on the table in the room.
Hardware-wise, I provided some network cables and a replacement network switch
(a slightly noisy 16-port Netgear) which were surplus to my employers'
requirements. This switch has replaced the one on loan from Mick.
* I reset the root password on the server, along with my own account password.
I had intended to back up the existing setup and reinstall, but failed to
bring my DVD writer with me. Instead updated the server from a very old
Debian install to the latest stable release from DVD.
* The internal network used by the LTSP suite used an IP address range of
192.168.0.0/16 which overlapped with Zion's own. I changed this to
10.23.23.0/24 which necessitated changing the following files:
- /etc/network/interfaces
- /etc/dhcp3/dhcpd.conf
- /etc/exports
- /opt/ltsp/i386/etc/lts.conf
- /etc/hosts
* I removed the ipmasq package which was allowing non-LTSP clients to connect
to the Internet through the server. This stops us being able to control
access to the system and to Zion's network, which is a risk when we are
plugging unknown machines in to see if they're useable as clients.
* With the network ranges fixed, I could get Internet access via wall-port 76
in Zion. This allowed me to download and install the latest security updates.
* Of the five working machines previously triaged by Mick, I got two of the
old Basement clients up and running, plus two new ones (zion001 and zion002)
reusing existing guest accounts. A fifth machine would not netboot and is not
currently working as a client.
* I changed the client desktop to match Manchester Free Software leaflet, with
links to OpenOffice.org, Firefox and GIMP. I also changed the background to
the logo of the Generate project, and the login message to "Welcome to Free
Space Manchester"
* I cobbled together a form of remote access - on startup, the server uses a
password-free SSH key to log into a third-party server (a machine I run in
York) where it listens for connections. These are port-forwarded to the
machine's own SSH server. Currently only three user accounts (me, hamish,
beng) have remote access to the system. This is obviously sub-par (for
starters, it should be a post-up stanza in /etc/network/interfaces!) but was
good enough at the time.
What Happened: Tuesday
======================
Vicky e-mailed me on Monday complaining of no net access; I gave her
instructions for rebooting the server, but these didn't help. I went down to
Zion late this evening to have a look for myself.
The main problem seems to be that there was no network access in wall-ports 76
and 77, the two which have worked before. The on-board network card on the
server was also behaving strangely, but the second network card couldn't get
a DHCP lease from the wallports either.
The upshot of this is that there'll be no Internet access from the suite
tomorrow when Vicky's Generate project starts tomorrow. I can't give any more
time until at least the weekend.
* I removed the dnsmasq package - it wasn't being used and was confusing the
hell out of me.
Apologies for length, but I hope this all keeps everyone in the loop.
Dave