Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
781
Installation and Upgrades / Re: Logs issue
« on: February 21, 2011, 08:49:07 am »
I was thinking something got borked on my side...
Having the same issue, logs do not log anymore. I would like to monitor what my users do and how much http traffic they consume from day to day.
With Dansguardian enabled it is hard enough because everything logs as localhost.
But if Zentyal doesn't log at all, we have nothing to go on.
Hope this can be resolved asap.
Cheers.
Having the same issue, logs do not log anymore. I would like to monitor what my users do and how much http traffic they consume from day to day.
With Dansguardian enabled it is hard enough because everything logs as localhost.
But if Zentyal doesn't log at all, we have nothing to go on.
Hope this can be resolved asap.
Cheers.
782
Installation and Upgrades / Re: Desktop Environment on Server Edition?
« on: February 18, 2011, 01:31:17 am »
Well, for me as a newbie I could not do without the desktop. Sometimes I need to browse the web to find some solution for Ubuntu Linux so it is nice to have the possibility.
Apart of that for remote I'm using WinSCP to edit conf files, and for the cli (ssh) I use Putty.
Agreed, the neatest way to manage the server is from a remote cli. But you have to know quite some Linux stuff for that.
Cheers.
Apart of that for remote I'm using WinSCP to edit conf files, and for the cli (ssh) I use Putty.
Agreed, the neatest way to manage the server is from a remote cli. But you have to know quite some Linux stuff for that.
Cheers.
783
Installation and Upgrades / Re: log in / hotspot
« on: February 17, 2011, 05:19:30 am »
Yeah it does suck.
The user authentication does work, but only if you set the HTTP proxy to non-transparent mode and set the default policy to "authorize".
In that way at least http traffic (web browsing) uses authorization. It is not meant for traffic on other ports, that still goes through without authorization.
If you are looking for something like hotspot, the best you can do for now is put an access point on your network with DD-WRT firmware. It includes a hotspot with captive portal.
You can't really compare Smoothwall to Zentyal.
Zentyal is so much more complete and is more like a SBS.
If you don't need all the features Zentyal offers, in that case your best shot would be Pfsense 2.0 or Zeroshell.
Cheers.
The user authentication does work, but only if you set the HTTP proxy to non-transparent mode and set the default policy to "authorize".
In that way at least http traffic (web browsing) uses authorization. It is not meant for traffic on other ports, that still goes through without authorization.
If you are looking for something like hotspot, the best you can do for now is put an access point on your network with DD-WRT firmware. It includes a hotspot with captive portal.
You can't really compare Smoothwall to Zentyal.
Zentyal is so much more complete and is more like a SBS.
If you don't need all the features Zentyal offers, in that case your best shot would be Pfsense 2.0 or Zeroshell.
Cheers.
784
Installation and Upgrades / Re: Blocking Net Access for specific group
« on: February 17, 2011, 05:06:41 am »
Set the default policy to "Filter".
If you have set network objects adjust "object policy", create new-choose object-set policy "always deny"-set time period if you wish-leave default policy.
If you have set user groups, adjust "group policy" and do the same but tis time choose user groups instead of network objects.
Cheers.
If you have set network objects adjust "object policy", create new-choose object-set policy "always deny"-set time period if you wish-leave default policy.
If you have set user groups, adjust "group policy" and do the same but tis time choose user groups instead of network objects.
Cheers.
785
Installation and Upgrades / Re: Controlar acceso de la red
« on: February 17, 2011, 03:45:53 am »
Si, lo que quieres hacer es posible con Zentyal.
Por ejemplo, para los aulas puedes usar "Network Objects" que contienen los MAC de los ordenadores en dicho aula.
Cada network object representa un aula entonces y los puedes usar con otros módulos en Zentyal.
Puedes limitar la velocidad de estos network objects con el modulo "trafic shaping".
Puedes hacer proxy transparente con Suid. Para limitar la velocidad por puerto 80 http puedes usar los "delay pools" de Squid.
Para bloquear los sitios no adecuados para sus alumnos puedes usar "Dansguardian".
En cuanto al monitoreo, no creo que hay alguna representación gráfica pero si lo puedes observar en los registros de Dansguardian. Ahi figura cada IP y la pagina visitado.
También el modulo hhtp proxy te da algo de información (logs-query logs-http proxy) aunque no por IP si usas proxy transparente.
Saludos.
Por ejemplo, para los aulas puedes usar "Network Objects" que contienen los MAC de los ordenadores en dicho aula.
Cada network object representa un aula entonces y los puedes usar con otros módulos en Zentyal.
Puedes limitar la velocidad de estos network objects con el modulo "trafic shaping".
Puedes hacer proxy transparente con Suid. Para limitar la velocidad por puerto 80 http puedes usar los "delay pools" de Squid.
Para bloquear los sitios no adecuados para sus alumnos puedes usar "Dansguardian".
En cuanto al monitoreo, no creo que hay alguna representación gráfica pero si lo puedes observar en los registros de Dansguardian. Ahi figura cada IP y la pagina visitado.
También el modulo hhtp proxy te da algo de información (logs-query logs-http proxy) aunque no por IP si usas proxy transparente.
Saludos.
786
Installation and Upgrades / Re: Xsession: warning: unable to write to /tmp
« on: February 17, 2011, 03:21:56 am »
First off,
Partitioning and other harddisk stuff is basic Ubuntu stuff and has little to do with Zentyal itself.
I think that's why Zentyall staff doesn't support these kind of issues.
Although I understand their motivation, it does create a huge gap for people that are new to Linux and decide to try Zentyal as a first step.
Zentyal will only be accessible to the more experienced Linux folks who already know their basics.
So if we want to bridge that gap we will have to do it ourself. There is not much of a community here (judging by the amount of unanswered posts) so we have to build one
I do believe Zentyal to be a great product, and if the next update takes care of the speed issues I could become a happy user.
In the meanwhile, I'll try to help as much as possible at my n00b level.
From what I have gathered, the root fills up because:
- excessive log files
- Squid cache (located at /var/spool/squid)
- Zentyal backups
Note that the default cache size is set at 128MB, so Squid cache will only become a problem if you change it manually to something rather big.
For the log files, you can delete the Gzipped logs safely.
As for the resizing, I only dug in to the LVM method a few days ago. At this point I simply haven't got enough information to write a "step-by-step-resizing-manual".
If you decide to set up Zentyal from scratch, in that case I would recommend:
- Choose LVM. It's much more easier in the long rung
- Depending on your harddisk size, choose a large /root. I would do 30GB - 40GB
- Be carefull with the size of your Squid cache. If you choose several gigabytes they WILL be populated in days so take note of of your /root size.
- Do not worry about /home, if you should need more space it's easy to add or relocate.
- For swap, choose two times your mem size. For example, you have 4GB of RAM, swap can be 8GB.
- /boot is rather small and doesn't change from what I've noticed. It's about 195MB with 32MB used on my system.
Other more experienced users may opt to put /var on their own volume. Above is only meant as a n00b guide.
If you have something to add or if something is wrong, please comment. Others will be thankful.
Cheers.
Partitioning and other harddisk stuff is basic Ubuntu stuff and has little to do with Zentyal itself.
I think that's why Zentyall staff doesn't support these kind of issues.
Although I understand their motivation, it does create a huge gap for people that are new to Linux and decide to try Zentyal as a first step.
Zentyal will only be accessible to the more experienced Linux folks who already know their basics.
So if we want to bridge that gap we will have to do it ourself. There is not much of a community here (judging by the amount of unanswered posts) so we have to build one
I do believe Zentyal to be a great product, and if the next update takes care of the speed issues I could become a happy user.
In the meanwhile, I'll try to help as much as possible at my n00b level.
From what I have gathered, the root fills up because:
- excessive log files
- Squid cache (located at /var/spool/squid)
- Zentyal backups
Note that the default cache size is set at 128MB, so Squid cache will only become a problem if you change it manually to something rather big.
For the log files, you can delete the Gzipped logs safely.
As for the resizing, I only dug in to the LVM method a few days ago. At this point I simply haven't got enough information to write a "step-by-step-resizing-manual".
If you decide to set up Zentyal from scratch, in that case I would recommend:
- Choose LVM. It's much more easier in the long rung
- Depending on your harddisk size, choose a large /root. I would do 30GB - 40GB
- Be carefull with the size of your Squid cache. If you choose several gigabytes they WILL be populated in days so take note of of your /root size.
- Do not worry about /home, if you should need more space it's easy to add or relocate.
- For swap, choose two times your mem size. For example, you have 4GB of RAM, swap can be 8GB.
- /boot is rather small and doesn't change from what I've noticed. It's about 195MB with 32MB used on my system.
Other more experienced users may opt to put /var on their own volume. Above is only meant as a n00b guide.
If you have something to add or if something is wrong, please comment. Others will be thankful.
Cheers.
787
Installation and Upgrades / Re: Seeking advice for TRIM on Zentyal
« on: February 17, 2011, 02:03:20 am »
Wow I didn't know that!
SSD was on my upgrade path but in this case it's something to consider.
I would opt for the kernel upgrade, if Zentyal staff could confirm that this doesn't give any problems.
It would also be beneficial for 3G USB modem support.
Cheers.
SSD was on my upgrade path but in this case it's something to consider.
I would opt for the kernel upgrade, if Zentyal staff could confirm that this doesn't give any problems.
It would also be beneficial for 3G USB modem support.
Cheers.
788
Installation and Upgrades / Re: CONFIGURE A STATIC IP FOR eth0
« on: February 17, 2011, 01:57:24 am »As the TP-Link router has the ability to reserve an IP to a MAC address, I am using that to give the Zentyal box a effective static IP - and it works with eth0 set at DHCP and the "auto-detected" gateway coming in correctly as the TP-Link's own LAN IP.
Yes, that is how it's supposed to be. Is this semi-static setup unacceptable for you? If it works with MAC reservation I would just leave it like that.
You can further shrink the DHCP pool on your router to have it hand out only one or two addresses. So the rest of your equipment that does work with static IP's can be assigned as you wish.
Indeed it could be something with the routers firmware. I don't think it's something with Ubuntu as my static setup works OK. I have the Zentyal box in the DMZ zone as my provider recently changed my old cablemodem without router for a Cisco with a router incorporated.
Anyway, sorry for not being able to provide the exact solution, but I would like to read your progress on this matter - if there is any.
Cheers.
789
Installation and Upgrades / Re: transparent proxy and number of NICs
« on: February 17, 2011, 01:33:22 am »
Remeber that you cannot proxy secure sites. This is by design.
If you try to proxy that traffic it won't work.
Web traffic on port 80 can be proxified, either transparent or non transparent.
I don't know how you manage to setup transparent proxy with only one network card.
It can be achieved with two network cards using the Zentyal box as a bridge. All traffic on por 80 (http) is redirected to Squid port 3128 and processed.
Cheers.
If you try to proxy that traffic it won't work.
Web traffic on port 80 can be proxified, either transparent or non transparent.
I don't know how you manage to setup transparent proxy with only one network card.
It can be achieved with two network cards using the Zentyal box as a bridge. All traffic on por 80 (http) is redirected to Squid port 3128 and processed.
Cheers.
790
Installation and Upgrades / Re: CONFIGURE A STATIC IP FOR eth0
« on: February 16, 2011, 04:38:38 am »
Well, if I read your other post your setup is like
modem-router-zentyal box
Then you have nothing to do with the PPPOA connection.
PPP over ATM is similar to PPP over Ethernet but less overhead.
In this case your router is the PPPOA client. It's been authenticated either by MAC or by username and password registered in the router.
Your router gets it's IP and gateway automatically from your provider.
Your router has one or more lan ports. That's where you connect Zentyal.
If above is correct, then Zentyal WAN interface has to be setup like this:
eth0 - external - static 192.168.100.xx3
mask 255.255.255.0
Gateway: 192.168.100.1 (the router is your gateway) - set as default
Deactivate your router's DHCP server to avoid that it hand out addresses already in use, or set static ip's outside of the DHCP pool.
What I would do (but I do not know if it applies to your network) is taking out the router altogether.
Connect the modem directly to your zentyal box, configure eth0 as external PPPoE and set the user and pass. If your ISP uses MAC authentication, just clone the mac of your router but it's probably user and pass.
The gateway would be 91.85.164.167 - that was dynamically assigned you stated.
Make sure your problem is not just a simple DNS problem, try to execute some basic network diags if it does not work straight away.
Your modem appears to be bridged (not half) because your router gets a public IP. Indeed it is invisible because that's how bridges work, they are transparent. It's either in bridged mode or router mode.
It's not that hard, if it has been set by DHCP and it works than it can be set static also.
Cheers.
modem-router-zentyal box
Then you have nothing to do with the PPPOA connection.
PPP over ATM is similar to PPP over Ethernet but less overhead.
In this case your router is the PPPOA client. It's been authenticated either by MAC or by username and password registered in the router.
Your router gets it's IP and gateway automatically from your provider.
Your router has one or more lan ports. That's where you connect Zentyal.
If above is correct, then Zentyal WAN interface has to be setup like this:
eth0 - external - static 192.168.100.xx3
mask 255.255.255.0
Gateway: 192.168.100.1 (the router is your gateway) - set as default
Deactivate your router's DHCP server to avoid that it hand out addresses already in use, or set static ip's outside of the DHCP pool.
What I would do (but I do not know if it applies to your network) is taking out the router altogether.
Connect the modem directly to your zentyal box, configure eth0 as external PPPoE and set the user and pass. If your ISP uses MAC authentication, just clone the mac of your router but it's probably user and pass.
The gateway would be 91.85.164.167 - that was dynamically assigned you stated.
Make sure your problem is not just a simple DNS problem, try to execute some basic network diags if it does not work straight away.
Your modem appears to be bridged (not half) because your router gets a public IP. Indeed it is invisible because that's how bridges work, they are transparent. It's either in bridged mode or router mode.
It's not that hard, if it has been set by DHCP and it works than it can be set static also.
Cheers.
791
Installation and Upgrades / Re: basic settings, GATEWAY and ROUTE
« on: February 16, 2011, 04:01:51 am »
Denny is right, that's the way it should work.
No static route needed.
Cheers.
No static route needed.
Cheers.
792
Installation and Upgrades / Re: PDC - howto give Admin Rights to a PC from Zentyal
« on: February 16, 2011, 03:55:15 am »
PC's don't get rights.
It only applies to users on that particular system.
You could give any user admin rights if you put the user in the right group. If I'm not mistaken it is the admin group.
It only applies to users on that particular system.
You could give any user admin rights if you put the user in the right group. If I'm not mistaken it is the admin group.
793
Installation and Upgrades / Re: Xsession: warning: unable to write to /tmp
« on: February 15, 2011, 07:42:31 am »
I can't post a quick solution to the problem, but I can give some tips to prevent it.
My root was full a few days ago. It was mainly because of Squid, but logfiles also can cause the problem. My server did not start anymore.
If you are going to install Zentyall, DO NOT use the automated harddisk setup. You'll end up with a very small root (in my case 7GB) that fills up in no-time and the home gets all the space you'll likely never use.
One day your server will freeze, and at reboot it just won't start.
Zentyal is using lvm2 (Logical Volume Manager 2) for the automated hd setup.
If you see /dev/mapper/ it means that your setup uses the LVM2 scheme.
In that case what you can do is resize the root volume, that's where all the important stuff is.
Zentyal LVM2 setup only uses 3 volumes:
- root = all the important stuff
- swap = only used as a kind of swap memory, not for storage
- home = for user files and samba stuff
The /boot volume is NOT part of the LVM2 scheme, you can see it like /dev/sda1.
Don't be confused about hda and sda, it just IDE harddisk or SATA / SCSI harddisk.
Leave swap alone.
Check how much space is used for /home. You have to take some space from /home and give it to /root.
You'll have to shrink /home, after that expand /root to use that free space.
Now the bad news:
1. You will have to learn the LVM2 partitioning scheme. Search on the web.
2. Resizing is done from the Ubuntu live CD WITHOUT mounting the volumes.
3. Each resize operation has two steps, resizing the volume AND the file system. If you do it wrong, you will LOOSE your /home volume and will have to recreate it (I screwed it).
4. Do NOT use Gparted. It doesn't support LVM2 yet.
5. Do not use the graphical interface "system-config-lvm" as it will wipe out the whole VG.
In some cases you might just start over all again and choose manual hd setup.
I find it a mayor flaw that Zentyal/Ubuntu automatic setup uses such a smal root.
Some commands you can use from commandline:
df lists the filesystems and used/available space. Start here to see what is full.
pvdisplay lists the physical volume, you can see this as a partition
vgdisplay lists details about the volume group like name, allocated/available space. A volume group can hold one or more partitions, they can sit on different hd's.
lvdisplay lists the logical volumes inside the volume group. On a default install, /root, /swap and /home will be listed.
What can you do to avoid filling your /root?
1. Relocate the Squid cache. I had the cache set to 6GB while my /root was 7GB. Stupid but I learned.
2. Logfiles are being renamed first, then compressed. You might try and delete the gzipped log files, but Zentyal itself has an option to purge logs. Anyway, it has been recommended to rotate logs more aggressively.
Should we better not use LVM2 partitioning scheme but the normal one instead?
No. I do think that LVM2, once mastered, will be way more easier to manage volumes. It has a learning curve but in the long run it makes adding hd's a snap. Imagine just adding a new harddisk to your system and extending your root volume to use that space?
I'm surprised that there is so little input from Zentyal staff on these kind of problems. Sometimes we need just a little guidance, it's hard enough already coming from Windows.
Cheers.
My root was full a few days ago. It was mainly because of Squid, but logfiles also can cause the problem. My server did not start anymore.
If you are going to install Zentyall, DO NOT use the automated harddisk setup. You'll end up with a very small root (in my case 7GB) that fills up in no-time and the home gets all the space you'll likely never use.
One day your server will freeze, and at reboot it just won't start.
Zentyal is using lvm2 (Logical Volume Manager 2) for the automated hd setup.
If you see /dev/mapper/ it means that your setup uses the LVM2 scheme.
In that case what you can do is resize the root volume, that's where all the important stuff is.
Zentyal LVM2 setup only uses 3 volumes:
- root = all the important stuff
- swap = only used as a kind of swap memory, not for storage
- home = for user files and samba stuff
The /boot volume is NOT part of the LVM2 scheme, you can see it like /dev/sda1.
Don't be confused about hda and sda, it just IDE harddisk or SATA / SCSI harddisk.
Leave swap alone.
Check how much space is used for /home. You have to take some space from /home and give it to /root.
You'll have to shrink /home, after that expand /root to use that free space.
Now the bad news:
1. You will have to learn the LVM2 partitioning scheme. Search on the web.
2. Resizing is done from the Ubuntu live CD WITHOUT mounting the volumes.
3. Each resize operation has two steps, resizing the volume AND the file system. If you do it wrong, you will LOOSE your /home volume and will have to recreate it (I screwed it).
4. Do NOT use Gparted. It doesn't support LVM2 yet.
5. Do not use the graphical interface "system-config-lvm" as it will wipe out the whole VG.
In some cases you might just start over all again and choose manual hd setup.
I find it a mayor flaw that Zentyal/Ubuntu automatic setup uses such a smal root.
Some commands you can use from commandline:
df lists the filesystems and used/available space. Start here to see what is full.
pvdisplay lists the physical volume, you can see this as a partition
vgdisplay lists details about the volume group like name, allocated/available space. A volume group can hold one or more partitions, they can sit on different hd's.
lvdisplay lists the logical volumes inside the volume group. On a default install, /root, /swap and /home will be listed.
What can you do to avoid filling your /root?
1. Relocate the Squid cache. I had the cache set to 6GB while my /root was 7GB. Stupid but I learned.
2. Logfiles are being renamed first, then compressed. You might try and delete the gzipped log files, but Zentyal itself has an option to purge logs. Anyway, it has been recommended to rotate logs more aggressively.
Should we better not use LVM2 partitioning scheme but the normal one instead?
No. I do think that LVM2, once mastered, will be way more easier to manage volumes. It has a learning curve but in the long run it makes adding hd's a snap. Imagine just adding a new harddisk to your system and extending your root volume to use that space?
I'm surprised that there is so little input from Zentyal staff on these kind of problems. Sometimes we need just a little guidance, it's hard enough already coming from Windows.
Cheers.
794
Installation and Upgrades / Re: CONFIGURE A STATIC IP FOR eth0
« on: February 14, 2011, 09:27:48 am »
Oh Dear- spoke too soon. A re-boot of the system has left me without internet access again. Had to go back to DHCP provided IP on eth0 "up, internal, link ok" and auto-gateway "dhcp-gw-eth0"
That can happen when you didn't set the gateway as "default". It's a little tricky, when changing the IP you first have to delete the dynamic gateway, change the IP to static, recreate the gateway manually and then set it as default.
I see no reason it shouldn't work.
Cheers.
795
Installation and Upgrades / Zentyal admin user lost after resize operation.
« on: February 14, 2011, 05:01:01 am »
I've come across something that's over my head...
Today my root partition filled up because of the Squid cache located there. I use the default LVM setup from Zentyal.
I resized the partition, taking some space from the /home volume.
After that, root had enough space but home became corrupted because I skipped the resize fs step.
To resolve that, I deleted the home volume and made a new one. That worked but....
Now I have a totally stripped down desktop interface and menu, even the link to Zentyal via FF is gone!
I temporarily activated root user and put him in the admin group to be able to get to the Zentyal web interface.
Obviously this is an emergency situation, my question is: Can I somehow reconfigure the default options for Zentyal admin user like menu, shortcuts and quotas?
I do not use the /home volume to store anything. Later on I would like to give Squid it's own piece of the disk so it doesn't mess with root. I have a 160 GB velociraptor and two 2TB drives for sharing purposes.
Cheers.
Today my root partition filled up because of the Squid cache located there. I use the default LVM setup from Zentyal.
I resized the partition, taking some space from the /home volume.
After that, root had enough space but home became corrupted because I skipped the resize fs step.
To resolve that, I deleted the home volume and made a new one. That worked but....
Now I have a totally stripped down desktop interface and menu, even the link to Zentyal via FF is gone!
I temporarily activated root user and put him in the admin group to be able to get to the Zentyal web interface.
Obviously this is an emergency situation, my question is: Can I somehow reconfigure the default options for Zentyal admin user like menu, shortcuts and quotas?
I do not use the /home volume to store anything. Later on I would like to give Squid it's own piece of the disk so it doesn't mess with root. I have a 160 GB velociraptor and two 2TB drives for sharing purposes.
Cheers.