[Fsuk-manchester] Free Space Manchester @ Zion Centre - Updates 19th & 22nd July

[Dave Page]

Here's a summary of recent activity in the Free Space suite at Zion; the "What 
Happened" bits contain technical bullet-points which may freely be skipped by 
the uninterested.

Questions To Ask
================

1) Which wallport should we be using for access to Zion's network and the 
Internet beyond it?

2) What's on the other end of this wallport? Does it object to (say) 
rapidly-changing or multiple MAC addresses? What firewall rules are in place?

3) Is there some kind of Zion-internal status page we can check to see whether 
Zion's Internet connectivity is down?

4) Who should we talk to if we have problems with the Internet connectivity? 
How can we contact them?

5) What conditions should we adhere to in our use of Zion's Internet 
connectivity, and what conditions should we pass on to users of the suite?

Organisational Issues
=====================

1) Who is going to be responsible for looking after the Free Space Manchester 
suite? How is that responsibility going to be shared?

2) How will those responsible communicate and share information to ensure that 
everybody is kept in the loop?

What We Need
============

Hardware-wise, we could do with:

* An extra 4- or (preferably) 6-way mains adapter, to allow all LTSP clients 
to be powered simultaneously.

* Cable ties and some way of labelling cables

* A two-port PS2 KVM to allow one monitor/keyboard/mouse to be shared between 
an LTSP client and the server, for ease of administration.

What Happened: Saturday
=======================

Vicky and I were at the Zion Centre on Saturday 19th trying to get the Free 
Space Manchester LTSP suite up and running for use by the Generate project on 
Wednesday 23rd.

I had brought along ~50 tri-fold leaflets prepared by Manchester Free Software 
as a basic introduction to free software, GNU/Linux, OpenOffice.org, GIMP and 
Firefox. Vicky folded these and placed them on the table in the room.

Hardware-wise, I provided some network cables and a replacement network switch 
(a slightly noisy 16-port Netgear) which were surplus to my employers' 
requirements. This switch has replaced the one on loan from Mick.

* I reset the root password on the server, along with my own account password. 
I had intended to back up the existing setup and reinstall, but failed to 
bring my DVD writer with me. Instead updated the server from a very old 
Debian install to the latest stable release from DVD.

* The internal network used by the LTSP suite used an IP address range of 
192.168.0.0/16 which overlapped with Zion's own. I changed this to 
10.23.23.0/24 which necessitated changing the following files:

- /etc/network/interfaces
- /etc/dhcp3/dhcpd.conf
- /etc/exports
- /opt/ltsp/i386/etc/lts.conf
- /etc/hosts

* I removed the ipmasq package which was allowing non-LTSP clients to connect 
to the Internet through the server. This stops us being able to control 
access to the system and to Zion's network, which is a risk when we are 
plugging unknown machines in to see if they're useable as clients.

* With the network ranges fixed, I could get Internet access via wall-port 76 
in Zion. This allowed me to download and install the latest security updates.

* Of the five working machines previously triaged by Mick, I got two of the 
old Basement clients up and running, plus two new ones (zion001 and zion002) 
reusing existing guest accounts. A fifth machine would not netboot and is not 
currently working as a client.

* I changed the client desktop to match Manchester Free Software leaflet, with 
links to OpenOffice.org, Firefox and GIMP. I also changed the background to 
the logo of the Generate project, and the login message to "Welcome to Free 
Space Manchester"

* I cobbled together a form of remote access - on startup, the server uses a 
password-free SSH key to log into a third-party server (a machine I run in 
York) where it listens for connections. These are port-forwarded to the 
machine's own SSH server. Currently only three user accounts (me, hamish, 
beng) have remote access to the system. This is obviously sub-par (for 
starters, it should be a post-up stanza in /etc/network/interfaces!) but was 
good enough at the time.

What Happened: Tuesday
======================

Vicky e-mailed me on Monday complaining of no net access; I gave her 
instructions for rebooting the server, but these didn't help. I went down to 
Zion late this evening to have a look for myself.

The main problem seems to be that there was no network access in wall-ports 76 
and 77, the two which have worked before. The on-board network card on the 
server was also behaving strangely, but the second network card couldn't get 
a DHCP lease from the wallports either.

The upshot of this is that there'll be no Internet access from the suite 
tomorrow when Vicky's Generate project starts tomorrow. I can't give any more 
time until at least the weekend.

* I removed the dnsmasq package - it wasn't being used and was confusing the 
hell out of me.



Apologies for length, but I hope this all keeps everyone in the loop.

Dave
-- 
Dave Page <address@hidden>
Jabber: address@hidden