How to set up a Puppy Linux Cybercafe

A home for all kinds of Puppy related projects
Message
Author
User avatar
ecomoney
Posts: 2178
Joined: Fri 25 Nov 2005, 07:00
Location: Lincolnshire, England
Contact:

#91 Post by ecomoney »

thanks for the tip Raffy, and the knowledge of what to call things. I posted just after you.

I changed the APPEND line in the /home/tftpboot/pxelinux.cfg/default file to read

Code: Select all

APPEND initrd=initrd.gz pfix=noram
and took away the Ramdisk section entirely. This didint seem to me to make any difference whatsoever, the boot section still read "loading main pup_420.sfs" file (which it shouldnt do am I correct) and there were no RAM savings.

I had a look into the "init" file which is in the initrd.gz and found some interesting options. I think the new boot menu perhaps has some different boot parameters

Lines 167-184

Code: Select all

#now supporting a boot menu...
if [ "$pfix" ];then
 for ONEFIX in `echo -n "$pfix" | tr ',' ' '`
 do
  case $ONEFIX in
   ram)     PRAMONLY="yes";;      #run in ram only (do not load pup_save).
   rdsh)    RDSH="yes";;          #exit to shell in initial ramdisk.
   nox)     PNOX="yes";;          #do not start X.
   clean)   PCLEAN="yes";;        #force version upgrade and cleanup.
   purge)   PPURGE="yes";;        #radical cleanup for broken system.
   copy)    PCOPY="yes";;         #copy .sfs files into ram.
   noram)   PNORAM="yes";;        #v412 partial restore no copy sfs to ram.
   fsck)    PFSCK="yes";;         #do a fsck of pup_save file.
   [0-9]*)  PIGNORELAST=$ONEFIX;; #blacklist last $ONEFIX folders (multisession).
  esac
 done
fi
[ "$PNORAM" = "yes" ] && PCOPY="no" #v412
perhaps is something to do with these boot options

Ive had a quick scan of the "init" file (man that is some piece of engineering!) and in parts it refers to to humungous initrd's. I will attach it to this post, because Im having some real trouble deciphering it for now.

If it does turn out that it is "double-loading" the pup_420.sfs file (once while it loads the initrd.gz via PXE and then again during bootup proper (the tmpfs?) then this is a bug in puppy's implementation of netbooting. In netbooting, it should be able to call programmes directly from the pup_420.sfs inside the initrd.gz, otherwise client computers will waste RAM that could be used for running programs once puppy has PXE booted. It could also just be that the size of the free RAM in the final netbooted puppy is reported as larger, because I did hear that if Linux does find extra ram then it just uses it. If it is a bug(let) then it would be good to iron out and give and extra 100mb or so RAM for applications.

Im also going to have to add code to this file to autodhcp eth0 at bootup, to connect back to the smoothwall server for an i.p. address for the internet connection. That way the internet will "just work" when they launch seamonkey. Is this along the lines of

Code: Select all

dhcpcd eth0
?
Attachments
init.zip
init script from within the netboot initrd.gz for puppy linux 4.2 RC3
(17.1 KiB) Downloaded 469 times
Puppy Linux's [url=http://www.murga-linux.com/puppy/viewtopic.php?p=296352#296352]Mission[/url]

Sorry, my server is down atm!

raffy
Posts: 4798
Joined: Wed 25 May 2005, 12:20
Location: Manila

load <> copy

#92 Post by raffy »

I used "tmpfs" because I believe that's how Puppy's ramdisk is called (and there is another ramdisk associated with PXE booting). You're right, there should be no duplication of RAMdisks. You can check this while puppy is running via "df -h" in console : if there is loop0 and no identical tmpfs, then no separate RAMdisk is given to pup_420.sfs.
ecomoney wrote:.. the boot section still read "loading main pup_420.sfs" file (which it shouldnt do...
In theory, it should say "copying to RAM" if it is copying pup_420.sfs to RAM.
ecomoney wrote:It could also just be that the size of the free RAM in the final netbooted puppy is reported as larger, because I did hear that if Linux does find extra ram then it just uses it.
Puppy uses another tmpfs for /tmp (the scratch file), and that consumes RAM, too. The free RAM is displayed with "free" in console.
ecomoney wrote:Im also going to have to add code to this file to autodhcp eth0 at bootup
If you follow the old network wizard and save the setting, you will have eth0mode in /etc. Copy that into the remastered /etc and you will have autodhcp at boot time.
Puppy user since Oct 2004. Want FreeOffice? [url=http://puppylinux.info/topic/freeoffice-2012-sfs]Get the sfs (English only)[/url].

MagicZaurus
Posts: 107
Joined: Mon 05 Jan 2009, 17:35

#93 Post by MagicZaurus »

1) From what I read at the dnsmasq man pages the TFTP server can handle multiple connections. The default maximum is 50 connections, but it can be changed with the following parameter in dnsmasq.conf.

Code: Select all

tftp-max=<connections>
But they mention that it depends on the number of available file descriptors. For every client 1 file descriptor is used up. So it depends on how many concurrent file accesses the Smoothwall kernel can handle and how many file descriptors are taken up by other processes on the Smoothwall.

2) For the RAM issue. How did you get the number of free RAM? There are always doubts about the number from 'top' command. If I boot from CD and check with 'top' I also get 275MB used and I'm pretty sure that the sfs-file is only loaded once. In my opinion the sfs-file also is only once on memory for the netbooting, but because more RAM is available the sfs-file will be 'decompressed' so that later access is faster.

MagicZaurus
Posts: 107
Joined: Mon 05 Jan 2009, 17:35

#94 Post by MagicZaurus »

One more issue came to my mind. Running the TFTP on the Smoothwall is a small security risk. TFTP doesn't need any authentication. So make sure it is only serving requests on the internal LAN interface and not the interface to the Internet. Still a small issue if you have nasty guests in your cybercafe who want to try to use the TFTP port to hack into your Smoothwall.

The TFTP protocol is slow because every data packet (maximum 1500 bytes) need to be acknowledged by the client before the next packet is send. Other protocols can send a few packets in a burst and the packets are numbered and the client can just request back if he missed out a packet. That's in simple words what I understood of the whole story.

User avatar
ecomoney
Posts: 2178
Joined: Fri 25 Nov 2005, 07:00
Location: Lincolnshire, England
Contact:

#95 Post by ecomoney »

@Raffy Yes, with the ram issue, I suppose the only sure way of testing is to reduce the RAM in the client machine to say 128mb and see if it still netboots. That way there will be no chance that the client computer will be able to hold both the initrd.gz (100MB) and a separate pup_420.sfs (100MB) in memory at the same time. I wish I knew of another method for making sure this isnt happening.

@MZ Re "File Descriptors", are these released once the tftp request has finished (i.e. the client booted)? I think I may need to ask these questions on the Smoothwall forum, especially about the open tft port on the "internet" side of the smoothwall. The terminology they use for this the "RED" interface for the network port connected to the modem, and "GREEN" for the network port connected via the hub to the client p.c.'s. From what I have read (most of which I dont understand) these guys are *very* knowledgeable when it comes to network security and the internals of whats going on. I will raise your concerns there, unless you wish to do it MZ? You could probably explain it a let better to them.

Another smoothwall mod that may be required is a "Cybercafe Supervisors Control Panel". At the immingham site there is an attendant onsite at all times, responsible for taking money and setting access (its only £1 per hour to cover costs, although I unofficially anyone in trouble may use it for free). This would list the active clients, set times and allow the supervisor to log individuals on and off.
Puppy Linux's [url=http://www.murga-linux.com/puppy/viewtopic.php?p=296352#296352]Mission[/url]

Sorry, my server is down atm!

User avatar
ecomoney
Posts: 2178
Joined: Fri 25 Nov 2005, 07:00
Location: Lincolnshire, England
Contact:

#96 Post by ecomoney »

Grrrrr! Ive just remembered, hotmail doesnt let people send messages when theyre using a linux client!!!! Guess theyre worried about linux users telling others how good Linux is!

I may have to modify the "useragent" settings on seamonkey to hack past this.
Puppy Linux's [url=http://www.murga-linux.com/puppy/viewtopic.php?p=296352#296352]Mission[/url]

Sorry, my server is down atm!

Trobin
Posts: 968
Joined: Fri 19 Aug 2005, 03:16
Location: BC Canada

#97 Post by Trobin »

http://www.murga-linux.com/puppy/viewtopic.php?t=36436

I had to use both methiods to get hotmail working in Seamonkey.
[url]http://speakpup.blogspot.com[/url]

MagicZaurus
Posts: 107
Joined: Mon 05 Jan 2009, 17:35

#98 Post by MagicZaurus »

1) Don't worry about the file descriptors. Standard setting in the linux kernel is 1024 descriptors for a single process. That is more than enough to serve 50 clients at the same time. But I expect the performance is not so good if you really boot all 50 machines at once. You can try and see how it performs.

2) For controlling the access you indeed need another MOD. If it doesn't exist then this will be a bigger project, as I expect that you want nice GUI, user friendly, bullet proof, ....

3) For the TFTP port it seems it's quite safe on the red interface. I read that all incoming traffic on red is blocked unless it's a response to an outgoing traffic.

User avatar
Aitch
Posts: 6518
Joined: Wed 04 Apr 2007, 15:57
Location: Chatham, Kent, UK

#99 Post by Aitch »


User avatar
ecomoney
Posts: 2178
Joined: Fri 25 Nov 2005, 07:00
Location: Lincolnshire, England
Contact:

#100 Post by ecomoney »

Ive just had this email through from the author of DNSMASQ!!!!
Hello,


I'm the author of dnsmasq. I have a regular Google-groups search going to keep an eye on how my baby is doing out in the world, and it found the thread on Murga-linux.com where you are talking about netbooting stuff.


I don't want to create yet another account to post there, so I though I'd just mail you, feel free to repost any of this stuff.

File descriptors: the limit is the number of descriptors available to a process: this is normally 1024, with a dozen of so used for other things, so you have plenty of room to increase the default tftp-max limit. The descriptors are only used while the tftp transfer is happening, and released afterwards. Each transfer uses two, one to read the file and one for a UDP socket, but if many transfers of the same file are going on, that only takes one descriptor plus one for the socket for each transfer.

Booting 100 machines should not take 100 times longer than booting one: TFTP uses the network very inefficiently, so there should be enough bandwidth for many transfers simultaneously.

Security. You should be OK, the dnsmasq TFTP server doesn't accept writes, and only gives access to stuff under --tftp-root. Look at the man page entry for tftp-secure too, If you're running dnsmasq as a dedicated user, you can make it serve only files owned by that user.


HTH

Simon.
This blew me away that the author of such a popular piece of software should go out of his way to contact me in this way to offer his knowledge. How come free software has better "customer support" than anything commercial I have ever paid for?

My faith in humanity is restored :D
Puppy Linux's [url=http://www.murga-linux.com/puppy/viewtopic.php?p=296352#296352]Mission[/url]

Sorry, my server is down atm!

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#101 Post by Lobster »

My faith in humanity is restored
This developer has puppytude

Learn the Lingo
http://pupweb.org/wikka/BowWow
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

User avatar
ecomoney
Posts: 2178
Joined: Fri 25 Nov 2005, 07:00
Location: Lincolnshire, England
Contact:

#102 Post by ecomoney »

Well doggie biscuits all round then! WoofWoof!

Ive just received via email the full spec for the required set of applications for the cybercafe. The installation of the cybercafe is through [http://www.humbersidecda.info/index2.htm]Humberside Co-Operative Development Agency[/url] who have had a working relationship with the Cybercafe's for some time, and are more aware of their day to day needs.

Here is the meaty bit of the required spec.
· We're using the clients equipment (they have around 30 machines, so plenty for the proposed café's with some backups).

· The bare minimum we need by 31/4/09 is:

· 2 cafes, each w/8 machines running Linux, all machines connecting through a single ADSL modem to the line-out via a wired LAN. Where needed, the client will install extra CAT5 cabling etc..

· Linux distro to be configured to block all ports by default, except for those needed for internet browsing and email (see below).

· Linux distro needs Skype, aMSN and Gyache Improved (that gives us audio/video chat for MSN and Yahoo).

· The Linux boxes need to boot and run Live, allowing the staff to just switch off and switch on for a clean system.

· Simple instructions for each machine for staff to configure the network connection on boot.

That's the bare minimum to solve [the cybercafe's] problem come the end of April.

The next two problems are wifi access and stopping P2P activity.

On Wifi, the idea is to buy 2xWifi access points. These just plug into the ADSL line and control access, nice and simple. The questions will be:

· Does the Wifi point have wired LAN connectors.

· Can we configure the router in the wifi point to block ports.

For P2P there would seem to be two options:

· Plumb a Smoothwall box in between the ADSL modem and the router.

· OR

· Configure the router to block all ports except

· TCP 21(FTP),22(SSH),80(HTTP),110(POP3),443(SSL), 6901 (Messenger Voice Chat PC to PC),6891-6900 (Messenger File Transfer),25 (SMTP),143(IMAP4), 5000-5001(Yahoo Messenger Voice), 5050(Yahoo Messenger Messages),5100(Yahoo webcams)

· UDP 53, 6901,2001-2120, 6801, 6901 (MSN, PC to Phone and PC to PC) , 5000-5001(Yahoo Messenger Voice
I think Im going to need to do another visit to audit how their network is currently set up and what computers and equipment (i.e. webcams etc) they are using. Im also suspect going to have to find out the current fixed i.p.s on their network just to ensure there isnt any conflicts when I plumb in the Smoothwall (192.168.0.1 is a pretty common number!). Oh Joy!

At the moment, I think the installation only takes around 100mb of transfer for a boot time of just over one minute. Im assuming most of the computers are of at least 512mb spec, so we have about 100mb of additional space that can be used for the extra requirements of aMsn and Skype (a two minute boot time Im sure would be no problem). I hear that the latest version of amsn (0.98 beta) has experimental audio/video support, and I would like to do some tests on it, and provide some feedback to the amsn team.....after all, without msn how are Windows Refugees going to be able to tell their friends about this marvelous new operating system? Sometimes long term change requires short term compromise ;-)

Thanks for reading

Woof Woof
Puppy Linux's [url=http://www.murga-linux.com/puppy/viewtopic.php?p=296352#296352]Mission[/url]

Sorry, my server is down atm!

User avatar
Aitch
Posts: 6518
Joined: Wed 04 Apr 2007, 15:57
Location: Chatham, Kent, UK

#103 Post by Aitch »

Rob
.....without msn how are Windows Refugees going to be able to tell their friends about this marvelous new operating system?
From puppy, I use meebo, which is an online msn + others, messenger

http://www.meebo.com/

It's also available, with hotmail, for those who want it, plus loads of other online stuff on technosaurus's fantastic web desktop

http://pupweb.org/desktop/

Good luck with the rest of it.....

Aitch :)

User avatar
Dougal
Posts: 2502
Joined: Wed 19 Oct 2005, 13:06
Location: Hell more grotesque than any medieval woodcut

#104 Post by Dougal »

G'day,
Just thought I'd mention something regarding the whole copy/don't copy sfs into ram part:
Since the move from an initrd to an initramfs (initrd.gz which is a CPIO archive, like you made), the initial ramdisk does not stay in ram after the switch_root, which means you can't have a humungus initrd and mount the sfs directly from it.

I think the reason you saw that much memory used is that just starting Puppy up with Xorg (without the sfs in ram) takes up about 140MB of ram... I know that when I boot it seems to take about that much up before I open anything.
I presume this is just due to all the bulk being paged to memory when you start X (plus squashfs overhead) -- if I'm not mistaken, booting with pfix=nox I get only about 40MB used at startup...
What's the ugliest part of your body?
Some say your nose
Some say your toes
But I think it's your mind

User avatar
tronkel
Posts: 1116
Joined: Fri 30 Sep 2005, 11:27
Location: Vienna Austria
Contact:

#105 Post by tronkel »

ecomoney wrote:
How come free software has better "customer support" than anything commercial I have ever paid for?
I've wondered about that for a long time too.

The world of software and OS development does not appear to behave in what would be thought of as a logical business model. It's all upside down.

You would think that Linux would be the paid-for stuff and the MS stuff would be free - judging by the results of these two differing approaches. The real world of software is really strange - good for us Linux types though!
Life is too short to spend it in front of a computer

User avatar
ecomoney
Posts: 2178
Joined: Fri 25 Nov 2005, 07:00
Location: Lincolnshire, England
Contact:

#106 Post by ecomoney »

Just thought I'd mention something regarding the whole copy/don't copy sfs into ram part:
Since the move from an initrd to an initramfs (initrd.gz which is a CPIO archive, like you made), the initial ramdisk does not stay in ram after the switch_root, which means you can't have a humungus initrd and mount the sfs directly from it.
I feel as if this is something I should understand :oops:

Would you know of any links where I might read up Dougal, thanks.

@Tronkel

I have had the pleasure recently of introducing a quite highly skilled windows engineer to puppy linux. He now wonders why he ever went to the trouble of Pirating windoze. ;-)
Puppy Linux's [url=http://www.murga-linux.com/puppy/viewtopic.php?p=296352#296352]Mission[/url]

Sorry, my server is down atm!

User avatar
Aitch
Posts: 6518
Joined: Wed 04 Apr 2007, 15:57
Location: Chatham, Kent, UK

#107 Post by Aitch »

Rob

More info on Hotmail/MSNMessenger in browser options

See my post, here

http://murga-linux.com/puppy/viewtopic.php?t=39679

HTH

Aitch :)

User avatar
ecomoney
Posts: 2178
Joined: Fri 25 Nov 2005, 07:00
Location: Lincolnshire, England
Contact:

#108 Post by ecomoney »

Thanks Aitch. It seems that the only way round the problem is to get seamonkey to "lie" about the type of browser it is. Its a shame that there isnt an browser extension to just lie when on Microsoft sites, fight fire with fire thats what I say ;-)

Its these types of things that are show-stoppers when people are trying to switch to linux. Changing the browser "useragent" across all of the internet will stop other sites realizing a lot more people are using linux!

From the specs...
Linux distro needs Skype, aMSN and Gyache Improved (that gives us audio/video chat for MSN and Yahoo).


Webcam support for the messenger clients is going to be pretty important. Children, relatives and friends will be a lot more re-assured by being able to actually see their missing parent/relative/friend, rather than just type to them.

I know Skype 2 (which is available for puppy I believe) handles video chat now. Gyachi seems to handle video for yahoo clients. For Msn it seems that the latest aMSN beta will handle video, and its a very useable chat client for new linux users too (very similar in layout and operation to MSN for windows) so new users will not find it unfamiliar.

The only other issue is openoffice support. While Im writing this im downloading the latest version of Oxygenoffice. This has got docx support by default. Im hoping to use MU's script to create an .sfs extention of this from the .rpm download. How this is going to be implemented Im not sure as its huge.

It may be possible to use rootz to load this separately from the central server when required (which will be rarely, but it would be nice to have when required). I would hate to think that the cybercafes computers would be unable to open whatever (possibly very important) document that was sent to them. They dont have access to any other computers and are usually hundreds of miles from home.
Puppy Linux's [url=http://www.murga-linux.com/puppy/viewtopic.php?p=296352#296352]Mission[/url]

Sorry, my server is down atm!

ypup
Posts: 3
Joined: Wed 25 Mar 2009, 01:03

Cybercafe Comparison

#109 Post by ypup »

My interests is the use of the customized smoothwall in a Cybercafe in contrast to a DBRL server appliance that would be configured to boot several version of puppy linux.

Diskless Remote Boot Linux DRBL
How would an inexpensive computer in a CyberCafe's, setup to use Diskless Remote Boot Linux configured to boot Puppy versions 4.X, 3.X and 2.X, Compare with the customized smoothwall network boot that is being developed?.

This is a brief description of DBRL:

DBRL Description
================
DRBL is an open source solution to managing the deployment of the GNU/Linux operating system across many clients. Imagine the time required to install GNU/Linux on 40, 30, or even 10 client machines individually! DRBL allows for the configuration all of your client computers by installing just one server machine.

Diskless Remote Boot in Linux (DRBL) provides a diskless or systemless environment for client machines. It works on Debian, Puppy Linux, Ubuntu, Mandriva, Red Hat, Fedora, CentOS and SuSE. DRBL uses distributed hardware resources and makes it possible for clients to fully access local hardware.
*(Replace the other versions of Linux with the different versions of Puppy. Developers could work on special versions of Puppy to perform maintenance of the DRBP server appliance and workstations in the Cybercafe configuration. This could be added as a boot option .)

DRBL uses PXE/etherboot, NFS, and NIS to provide services to client machines so that it is not necessary to install GNU/Linux on the client hard drives individually. Once the server is ready to be a DRBL server, the client machines can boot via PXE/etherboot (diskless). "DRBL" does NOT touch the client hard drives, therefore, other Operating Systems (i.e. M$ Windows) installed on the client machines will be unaffected. This could be useful in, for example, during a phased deployment of GNU/Linux where users still want to have the option of booting to Windows and running Office. DRBL allows great flexibility in the deployment of GNU/Linux.
========================================================
This is a Link:
http://drbl.sourceforge.net/

These are the instructions for configuring small GNU/Linux distributions. The DBRP could be setup to exclusively use the different versions of Puppy linux.

drbl-SL.sh can load some small GNU/Linux, like DamnSmall Linux (DSL), Puppylinux, INSERT Linux, PLD rescue linux, Debian Live, GeeXbox or PUD-Linux into DRBL environment.
** By doing this, the client can use that Small GNU/Linu after booting via PXE. The client still can work even if the network cable is unplugged. It's fire and forget. In this mode, all the programs are loaded into client's memory. Therefore, the memory of client should be large enough. For DSL, PuppyLinux, INSERT, the memory requirement of client is 192 MB. For PLD Rescue Linux, since it will only run in rescue mode without graphic, the memory requirement for client is 25 MB.
Syntax:

Usage: /opt/drbl/sbin/drbl-SL.sh [OPTION] [SL-ISO|SL-INDEX]

OPTION:
-i, --install: Load Small Linux into DRBL environment.
-u, --uninstall: Uninstall Small Linux.
-v, --verbose: Verbose mode.
SL-ISO is one of DSL PuppyLinux INSERT PLD ISO file, used with installation.
S-L-INDEX is one of DSL PuppyLinux INSERT PLD, used with uninstallation.
Ex: To load DSL Linux, run '/opt/drbl/sbin/drbl-SL.sh -i dsl-3.0.1.iso'
To load PuppyLinux, run '/opt/drbl/sbin/drbl-SL.sh -i puppy-2.12-seamonkey.iso'
To load INSERT Linux, run '/opt/drbl/sbin/drbl-SL.sh -i INSERT-1.3.8_en.iso' To load PLD Rescue CD, run '/opt/drbl/sbin/drbl-SL.sh -i rescue.iso'
To remove DSL, run '/opt/drbl/sbin/drbl-SL.sh -u DSL'
To remove PuppyLinux, run '/opt/drbl/sbin/drbl-SL.sh -u PuppyLinux'
To remove INSERT, run '/opt/drbl/sbin/drbl-SL.sh -u INSERT'
To remove PLD, run '/opt/drbl/sbin/drbl-SL.sh -u PLD'
To remove all Small Linux, run '/opt/drbl/sbin/drbl-SL.sh -u all'


Has this been considered for use in the Cybercafe?

A comparison of the tradeoffs in the Cybercafe would be appreciated, as well as links to more information on the customized smoothwall configuration.

Was DBRL eliminated from consideration in being used in the Cybercafe?

raffy
Posts: 4798
Joined: Wed 25 May 2005, 12:20
Location: Manila

drbl

#110 Post by raffy »

DRBL can handle both large and small Linuxes. With small Linux, it's "fire and forget" as you said, meaning, that a continuous connection with the server is not required. This is not so with large Linux.

The net-booting setup here is for small Linux ("fire and forget"). However, the issue of maintaining some form of connection with the server will still be necessary, like when bigger programs such as OpenOffice would be needed.

In that regard, someone has suggested rootz:
http://murga-linux.com/puppy/viewtopic.php?t=26218

It would be good if someone can implement DRBL in Puppy to net-boot the basic OS and then to make available bigger programs from a central server.

Will you be able to help implement this? Thanks in advance!
Puppy user since Oct 2004. Want FreeOffice? [url=http://puppylinux.info/topic/freeoffice-2012-sfs]Get the sfs (English only)[/url].

Post Reply