<div dir="ltr">In order to change from a appliance machine to a gateway machine, the playbook and ansible will need to rewrite the iptables, and get the ports right so that dansguardian properly filters content that comes from the internet.<div>
<br></div><div>I doubt very much that all this would work, without running "./runansible" again. When I was loading 0.5 on a x86-64, the adapters were not discovered properly. The quickest way to discover this, for me, is to type iptables-save in a root terminal. Look at the masquerade line. The output -o needs to be the wan adapter, and the -i the lan.</div>
<div><br></div><div>I'm not understanding why you would want to change appliance -> gateway without running ansible?</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Mon, Dec 30, 2013 at 8:18 PM, Curt Thompson <span dir="ltr"><<a href="mailto:curtathompson@gmail.com" target="_blank">curtathompson@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Just to recap for
<a href="mailto:server-devel@lists.laptop.org" target="_blank">server-devel@lists.laptop.org</a>,<br>
<br>
In virtualbox using XFCE and installing XSCE 0.5, a problem
appeared with idmgr when doing ./runansible<br>
->the solution was to first run "yum -y update audit" and then
rerun ./runansible. After this, XSCE seemed to be working
normally with the exception of the IIAB link being active despite
no IIAB device attached.<br>
<br>
New Info:<br>
Setting the network adapter in Virtualbox to "bridged" made XSCE
accessible from other devices on the LAN. Rerunning ./runansible
was not necessary (previously the adapter was in "NAT"mode).
"Appliance mode' seems to work quite smoothly and is easy to set
up, in VirtualBox at least (will try on physical hardware later
tonight).<br>
<br>
I had previously disabled SELinux, reenabled it to see if
disabling it was necessary. Many errors pop up when SELinux is
enabled. Set it back to "disabled"<br>
<br>
I enabled a second network adapter and booted up to see what would
happen. Everything seems to work locally, portal is still
accessible from other machines on the host's network.<br>
<br>
Next question:<br>
However, XSCE does not seem to be acting as a server/gateway.
Would the best solution be to rerun ./runansible now that two
network adapters are connected? My understanding is that
./runansible will detect that there are two available adapters,
one of which is an internet gateway, and set itself up in gateway
mode. Is that about right? Would it be easy enough to do without
rerunning ./runansible? (Just get dhcpd going, for example?)<br>
<br>
((I'm sort of imagining a real-world scenario where we got XSCE
installed with one network adapter, then internet was cut off,
then someone came through with a second USB network adapter - some
scenario like that. Could we get it going so that the machien
would work as a router/gateway when internet came back... easily?))<div><div class="h5"><br>
<br>
<br>
<br>
<br>
On 12/30/2013 4:29 PM, Anna wrote:<br>
</div></div></div><div><div class="h5">
<blockquote type="cite">
<div dir="ltr">
<div>As far as accessing it from other machines on your LAN,
I've had success with configuring the VM's network for Bridged
mode and specifying the host machine's adapter. Can't
remember if I needed to rerun ./runansible, but it seems like
I didn't have to (though it wouldn't hurt anything).<br>
<br>
</div>
I also can't remember if I needed to disable SELinux on the host
machine or not. Sorry, I just got back home after a week with
the family and my head's not quite back in the game yet.<br>
</div>
<div class="gmail_extra">
<br>
<br>
<div class="gmail_quote">On Mon, Dec 30, 2013 at 6:20 PM, Adam
Holt <span dir="ltr"><<a href="mailto:holt@laptop.org" target="_blank">holt@laptop.org</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Curt,<br>
<br>
Can you share your conclusions more publicly on <a href="mailto:server-devel@lists.laptop.org" target="_blank">server-devel@lists.laptop.org</a> or <a href="http://wiki.laptop.org/go/XS_Community_Edition" target="_blank">http://wiki.laptop.org/go/XS_Community_Edition</a>
or similar?<br>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">
<div>
<div>On Mon, Dec 30, 2013 at 7:11 PM, Curt
Thompson <span dir="ltr"><<a href="mailto:curtathompson@gmail.com" target="_blank">curtathompson@gmail.com</a>></span>
wrote:<br>
</div>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>
<div> Anna, George, Tim, Braddock,<br>
<br>
Thank you, ansible finished without issue after
"yum update audit", rebooted, and I seem to have
XSCE 0.5 running in appliance mode - quite easy.<br>
<br>
URLs "schoolserver" and local IP "10.0.2.15"
bring up portal as expected.<br>
<br>
semi-bug?<br>
Internet In A Box link appears active and is
clickable though no IIAB device is attached.<br>
<br>
Next:<br>
What would I need to do to convert this into a
Gateway-style install of XSCE? I could enable
another adapter in VirtualBox and rerun ansible,
but the install documentation seems to hint that
rerunning ansible may not be necessary.
<div><br>
<br>
<br>
On 12/30/2013 3:28 PM, Anna wrote:<br>
</div>
<span style="white-space:pre-wrap">
<div>> Oh, you're right, Braddock, Miguel
resolved that with pr/103: <a href="https://github.com/XSCE/xsce/pull/103" target="_blank">https://github.com/XSCE/xsce/pull/103</a><br>
><br>
> So updating the audit package on FC18
should be the only workaround for a
successful install, now.<br>
><br>
><br>
</div>
<div> > On Mon, Dec 30, 2013 at 5:22 PM,
Braddock <<a href="mailto:braddock@braddock.com" target="_blank">braddock@braddock.com</a>
<a href="mailto:braddock@braddock.com" target="_blank"><mailto:braddock@braddock.com></a>>
wrote:<br>
></div>
</span><br>
<blockquote type="cite">
<div>On 12/30/2013 03:20 PM, Anna wrote:<br>
> I've used that ISO and for idmgr had to
do:<br>
<br>
> yum update audit<br>
<br>
> Then there's a conflict with IIAB
(which is currently being<br>
> addressed, I believe) but in the
meantime, the workaround is:<br>
<br>
What is the conflict, and am I the one
addressing it? I don't recall<br>
it off hand.<br>
<br>
</div>
<div> -braddock<br>
<br>
> On Mon, Dec 30, 2013 at 5:11 PM, Curt
Thompson<br>
</div>
<div> > <<a href="mailto:curtathompson@gmail.com" target="_blank">curtathompson@gmail.com</a>
<a href="mailto:curtathompson@gmail.com" target="_blank"><mailto:curtathompson@gmail.com></a>
<<a href="mailto:curtathompson@gmail.com" target="_blank">mailto:curtathompson@gmail.com</a>
<a href="mailto:curtathompson@gmail.com" target="_blank"><mailto:curtathompson@gmail.com></a>>>
wrote:<br>
<br>
> I started with XFCE, the ISO file is
named:<br>
> Fedora-18-x86_64-Live-XFCE.iso<br>
<br>
> Installed through the GUI without
customization except what the<br>
> installer asks for (location, username,
pass, etc).<br>
<br>
> On 12/30/2013 3:07 PM, Tim Moody wrote:<br>
>> what do you start with as a blank
FC18 before installing xsce?<br>
>> I start with a minimal install.<br>
>><br>
>> Tim -----Original Message-----
From: Curt Thompson Sent: Monday,<br>
>> December 30, 2013 5:52 PM To: <a href="mailto:xsce-devel@googlegroups.com" target="_blank">xsce-devel@googlegroups.com</a>
<a href="mailto:xsce-devel@googlegroups.com" target="_blank"><mailto:xsce-devel@googlegroups.com></a><br>
</div>
>> <<a href="mailto:xsce-devel@googlegroups.com" target="_blank">mailto:xsce-devel@googlegroups.com</a>
<a href="mailto:xsce-devel@googlegroups.com" target="_blank"><mailto:xsce-devel@googlegroups.com></a>>
Subject: [XSCE] XSCE 0.5
<div>
<div><br>
>><br>
>> Hi everyone,<br>
>><br>
>> I've been trying to get XSCE 0.5
running in a VirtualBox VM for a<br>
>> few days now, but without much
success. Since there don't seem<br>
>> to be instructions for x86_64
machines yet, I just followed the<br>
>> instructions for XOs and hoped to
fix whatever problems arise.<br>
>> Perhaps we should start with
this:<br>
>><br>
>> TASK: [idmgr | Install idmgr
packages] fails. Summarized as:<br>
>> "file /usr/lib64/audit from
install of glibc-2.16-34.fc18x86_64<br>
>> conflicts with file from package
audit-2.2.1-2.fc18.x86_64"<br>
>><br>
>> Under PLAY RECAP, I see ok-67,
changed=10, unreachable=0,<br>
>> failed=1<br>
>><br>
>> This VM has one network adapter,
ideally I'd be installing it as<br>
>> an appliance first to test out,
then either changing the current<br>
>> installation to the gateway
install or reinstalling from scratch<br>
>> with XSCE 0.5 in gateway mode
(former method preferable)<br>
>><br>
>> I did try to reboot to see if
XSCE would work, the VM just grabs<br>
>> the same DHCP address from the
gateway here (10.0.2.15). Typing<br>
>> "schoolserver" or <local ip
address> brings me to Fedora/Apache<br>
>> Test Page.<br>
>><br>
>> I have some familiarity with
linux, but I'm no superstar. If<br>
>> anybody would like to help me get
this XSCE 0.5 VM going please<br>
>> let me know, send me some advice,
or point me to some<br>
>> documentation if I've<br>
> missed it.<br>
>><br>
>> Thanks Curt<br>
<br>
<br>
<br>
</div>
</div>
</blockquote>
</div>
</div>
<span style="white-space:pre-wrap">><br>
><span><font color="#888888"><br clear="all">
<br>
-- <br>
<div dir="ltr">Unsung Heroes of OLPC,
interviewed live @ <a href="http://unleashkids.org" target="_blank">http://unleashkids.org</a>
!</div>
</font></span></span></div>
</blockquote>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</div></div></div>
</blockquote></div><br></div>