个人工具

UbuntuHelp:UbuntuLTSP/LTSPFatClients

来自Ubuntu中文

Wikibot讨论 | 贡献2008年5月9日 (五) 19:25的版本 (新页面: {{From|https://help.ubuntu.com/community/UbuntuLTSP/LTSPFatClients}} {{Languages|UbuntuHelp:UbuntuLTSP/LTSPFatClients}} This is a preliminary page on how to create FAT 'thin' clients with...)

(差异) ←上一版本 | 最后版本 (差异) | 下一版本→ (差异)
跳转至: 导航, 搜索

This is a preliminary page on how to create FAT 'thin' clients with LTSP under Ubuntu Gutsy 7.10+


There is now a plugin for all of this which can be found here: http://wwwuser.gwdg.de/~mrickma/edubuntu/030-workstation.gz Put it in /usr/share/ltsp/plugins/ltsp-build-client/Ubuntu and use the switch --workstation followed by Ubuntu or Kubuntu If you use the plugin above you dont need any of the below mentioned stuff... the plugin takes care of doing that for you... The plugin _does not_ do any nfs mounting of /home or creation of local ldap for authentication... you'll need to chroot into your low fat client and do that manually for now... The plugin was created by: Michael Rickmann Ubuntu Hardy 8.04 UPDATE: plugin not work correctly in Ubuntu 8.04. You must edit line 102 in plugin. Change this: chroot $ROOT usermod -G admin,adm,dialout,cdrom,floppy,audio,dip,plugdev,scanner,powerdev $TMP to this: chroot $ROOT usermod -G admin,adm,dialout,cdrom,floppy,audio,dip,plugdev,scanner $TMP On Hardy's /etc/group group powerdev is missing.


This should work for you, but all this takes into account that you already have nfs-kernel-server and the Open LDAP server properly installed on your server. There are plenty of how-to's to do this so its out of the scope of this help document. A good one which deals with booting up from different sources - http://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install A good LDAP server how to is located here: https://help.ubuntu.com/community/OpenLDAPServer?highlight=(ldap) Introduction Although generally thin clients are great for older hardware, in a real world setup you are likely going to see a wide variety of machines, both new and old. It is a waste to be running LTSP on Intel Core 2 Duos, and if your case is similar to mine, the bandwidth limits (even with with gigabit switches) don't allow for a usable environment for video, audio or even 3D graphics. The way LTSP works, the thin clients actually use the Server's RAM and CPU time, as well as its bandwidth, meaning its great when the terminals are old or actual thin clients (ie. run at 333mhz or 400 mhz) but if you have newer computers also, and you want to take advantage of their power (ie. laptops) but still want to administer everything from one location, then making some of your thin clients fat is for you. 1. The first step is to create the new chroot environment which will be modified into a fat client One important thing to note is that some users report conflicts using a name other than i386 (this document suggests "fati386" but this is unadviseable for now. Just use "i386").

sudo ltsp-build-client --base /opt/ltsp/ --chroot fati386 --prompt-rootpass For x64 users use the following command instead: sudo ltsp-build-client --arch i386 --base /opt/ltsp/ --chroot fati386 --prompt-rootpass You'll be prompted for a root password which you must have for debugging. Once you've done this, simplify the next bunch of steps by chrooting yourself. Keep in mind these next commands will not affect your system but rather the environment you build above: sudo chroot /opt/ltsp/fati386 2. When you've done that you can start expanding your thin chroot. The first thing to do is mount proc in and sys (might not be needed, but just in case) the chroot:

 mount /proc -t proc /proc 

mount /sys -t sysfs /sys 

When you've done that you are ready to expand the whole chroot. There are several ways to do this, depending on how big you want your chroot to be. For a minimal install you can just do: apt-get install edubuntu-addon-light gdm network-manager gnome-mount ubufox openoffice.org nfs-common ubuntu-artwork For a complete edubuntu desktop do: apt-get install edubuntu-desktop You could also try, depending on your desktop preferences: apt-get install kubuntu-desktop or apt-get install ubuntu-desktop or apt-get install kubuntu-kde4-desktop If you choose this option, it will take quite some time to download all the necessary packages and you may need to do apt-get install -f and sudo chroot /opt/ltsp/fati386 dpkg --configure -a a bunch of times. I had to do this several times for broken packages and dependencies. When everything has been downloaded, make sure that gdm is installed to by doing: apt-get install gdm 3. You'll need to install ldap on the client for authentication, otherwise you're users will not be able to login. We will also mount the /home folders via nfs on the fat clients. To begin with do the following commands to install the ldap client in the chroot:

apt-get install auth-client-config libpam-ldap libnss-ldap nano nfs-common Then, also from within the chroot do: nano /etc/ldap.conf this should be editted according to your ldap settings so change host 127.0.0.1 to host LDAP_SERVER_IP and change base = padl..... to base = dc=yourdomain,dc=local You also need to edit /etc/ldap/ldap.conf and make sure all the settings are changed to your ldap server's settings. When you've done this you need to make sure authentication happens via ldap first, like this: nano /etc/auth-client-config/profile.d/open_ldap and paste the following into it:

[open_ldap]
nss_passwd=passwd: ldap files
nss_group=group: ldap files
nss_shadow=shadow: ldap files
pam_auth=auth       required     pam_env.so
        auth       sufficient   pam_unix.so likeauth nullok
        auth       sufficient   pam_ldap.so use_first_pass
        auth       required     pam_deny.so
pam_account=account    sufficient   pam_unix.so
        account    sufficient   pam_ldap.so
        account    required     pam_deny.so
pam_password=password   sufficient   pam_unix.so nullok md5 shadow
        password   sufficient   pam_ldap.so use_first_pass
        password   required     pam_deny.so
pam_session=session    required     pam_limits.so
        session    required     pam_mkhomedir.so skel=/etc/skel/
        session    required     pam_unix.so
        session    optional     pam_ldap.so

Now to activate that pam profile do the following: auth-client-config -a -p open_ldap You also have to edit /etc/pam.d/login and /etc/pam.d/gdm and add the following line to the top of both files: auth optional pam_group.so And, perhaps this is necessary, perhaps, not, but it was taken from another wiki someplace: add the following to /etc/security/group.conf

 
login;*;*;Al0000-2400;users,cdrom,floppy,plugdev,audio,dip
kdm;*;*;Al0000-2400;users,cdrom,floppy,plugdev,audio,dip,video
gdm;*;*;Al0000-2400;users,cdrom,floppy,plugdev,audio,dip,video

To mount /home via nfs on the thin client you have to create a little script to do it since fstab is overwritten by the ltsp-setup. Make a script as follows and place it anywhere in the chroot. The location of the script just needs to match the "RCFILE_NN=" line in lts.conf. It is recommended to place the script in the /etc directory: nano /etc/nfsmounts.sh and paste the following into it:

#!/bin/bash

# Start nfs-common and portmap incase they get started further on down the line (as is the case in ltsp startup)
# if the ping command returns a "0 received" then we assume server down
# we then do nothing, because there inst a way to mount that NFS
# if we don't get the "0" in received then we assume it already up and then run the Mount

sudo /etc/init.d/portmap restart
sudo /etc/init.d/nfs-common restart

if [ "$(ping -c 3 192.168.0.254 | grep '0 received')" ]
then
        : ; exit 1
else
        # check to see if your NFS is mounted
        # : means if your NFS is there then doing nothing
        # if its not then mount your NFS

        if df | grep -q '192.168.0.254:/home'
        then :
        else
                mount -t nfs 192.168.0.254:/home /home
        fi
fi

Then make the script executable: chmod o+x /etc/nfsmounts.sh Then you must unmount proc and sys by doing the following:

umount /proc
umount /sys 

Also make sure you unmount the full /proc path if /proc doesn't unmount because it says its busy. Do:

 mount
umount /proc/<full-path-to-proc-mounts> 

Now you are done modifying the chroot! You can exit it by typing: exit 4. Finally we update the image so that you can start up your new thin 'fat' client:

sudo ltsp-update-image -a fati386 -b /opt/ltsp -p 2001 5. Remember to add the following to /etc/ltsp/dhcpd.conf, replacing your ethernet mac address and ip address for your own:

# Fat clients with ldap
      group {
       deny unknown-clients;
       if substring( option vendor-class-identifier , 0 , 9 ) = "PXEClient" {
               filename "/ltsp/fati386/pxelinux.0";
               }
       else {
               filename "/ltsp/fati386/nbi.img";
               }
       option root-path "/opt/ltsp/fati386/";
       host fattest {
                hardware ethernet  00:1A:92:28:B7:3A;
                fixed-address 192.168.0.2;
                }
       }

6. Also make sure you have the following line in /var/lib/tftpboot/ltsp/fati386/lts.conf:

RCFILE_NN=/etc/nfsmounts.sh where NN is a number like 00 or 01 or 02, etc. 7. Finally, use this terrible hack to get gdm to startup properly, if it doesn't startup with all the above mentioned items. Add the following line to /var/lib/tftpboot/ltsp/fati386/lts.conf:

RCFILE_01=/etc/startgdm.sh and then create the file /etc/startgdm.sh containing the following:

/etc/init.d/gdm restart
/usr/sbin/gdm

Make sure that /etc/startgdm.sh is executable or it won't work: chmod o+x /etc/startgdm.sh POST-NOTE: This has now been fully tested and works in a XFCE environment and gnome. Although you are advised to install everything necessary in the chroot that is extra, such as applications, file systems, plugins, etc. (ie, java, mplayer, flash, clipart-svg, etc.) NOTE about TFTP Timeout errors: If you encountered them, visit https://help.ubuntu.com/community/Installation/Netboot NOTE about FLASH in low fat clients: To get flash working install libflashsupport from the hardy repos (even if you are on gutsy) and install flash from source - from the adobe website (the flash-nonfree in the gutsy repos does not work!) NOTE about printers in low fat clients, connecting to print server: I finally managed to get this working properly. The main issue here seemed to be that cupsys was not starting automatically, and that by default the /etc/hosts file is overwritten. It created a /etc/hosts file with an entry for 192.168.0.254 pointing to server, not the actual name of my server?!? That means that cups can't find the print server, as was shown from the log files. Also, /etc/cups/cupsd.conf in the low fat client chroot must be modified to listen to port 631 of the server or just port 631 in general. It must also be set to allow the client to show printers shared by other systems. I'm going to start linking various of these sub tasks into sub pages (installing java, openoffice, flash, printers, etc.) In some cases they may be similar to existing solutions for normal clients, but in most cases they require unique intervention.