Request for mDNS name resolution from Internet-in-a-Box project
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear OLPC Devel folks, Is it possible to enable mDNS name resolution in future builds of OLPC OS? Fedora and most Linux distros (not to mention Macs) support mDNS out of the box, yet for some reason it is turned off in OLPC OS. I believe all that is required is the addition of the nss-mdns package to the OLPC OS build. Enabling mDNS allows us to add an Internet-in-a-Box network appliance to an XO deployment network with zero configuration. The user just plugs our device into their network and browser queries for http://know.local simply resolve. This works on Mac and most flavors of Linux, and for Windows we provide an NMB name at http://know. But ironically the XO seems to lack any mechanism for de-centralized local resource discovery. Unfortunately, since OLPC OS does not resolve mDNS names we are finding deployments to XO schools are much, much harder. We are, for example, right now in the middle of a deployment to a large school with XOs in Pakistan. Instead of just plugging in the Internet-in-a-Box device, the people on-site need to reconfigure DHCPd on their CentOS XS School Server to supply a static IP to our appliance's MAC address, then use the IP address from the XO's browser. Not ideal, and I'm not sure they will succeed. A successful deployment of Internet-in-a-Box to a Windows-based school in Sierra Leone, on the other hand, was trivial. Thanks, Braddock Gaskill Founder, Internet-in-a-Box Project http://internet-in-a-box.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJR+YPTAAoJEHWLR/DQzlZubWAH/AsAPXBJgIiUzT44jqZeObJF a3ebCOypZnDTYHO+RVd3T3fGhx3uopFY3zQjiywZ+9sKYEQlMOg/pVoYtXxfAdXD wmxWKy26iyl2po+KXJlPyT7brEJ1MKkHmlyTZiXSj82E5pf9BbITFsQjEwqeeGwe 9JO8YjOmaUVbZVRuNSWfwsPJz2RlZZPNZR9d/VGkyTkvmNRiaqvNpFBa8SyFFC7D F7E6mPsAvzTDogXQz3RCsyHjmXV/BIpl5nqtFViVEp4hbjWc2kXwdEqLqX27dWJC /SWovkjOifwWyvd0aiLEM0202RN/FzsdhAl50e1ptV3EzEw1bZXHD+83ty0N0hQ= =xnyF -END PGP SIGNATURE- ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Request for mDNS name resolution from Internet-in-a-Box project
braddock wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear OLPC Devel folks, Is it possible to enable mDNS name resolution in future builds of OLPC OS? Fedora and most Linux distros (not to mention Macs) support mDNS out of the box, yet for some reason it is turned off in OLPC OS. I believe all that is required is the addition of the nss-mdns package to the OLPC OS build. if it's that simple, can your deployments simply do that installation with yum? or is there something else missing, either from the laptop, or from my understanding? paul Enabling mDNS allows us to add an Internet-in-a-Box network appliance to an XO deployment network with zero configuration. The user just plugs our device into their network and browser queries for http://know.local simply resolve. This works on Mac and most flavors of Linux, and for Windows we provide an NMB name at http://know. But ironically the XO seems to lack any mechanism for de-centralized local resource discovery. Unfortunately, since OLPC OS does not resolve mDNS names we are finding deployments to XO schools are much, much harder. We are, for example, right now in the middle of a deployment to a large school with XOs in Pakistan. Instead of just plugging in the Internet-in-a-Box device, the people on-site need to reconfigure DHCPd on their CentOS XS School Server to supply a static IP to our appliance's MAC address, then use the IP address from the XO's browser. Not ideal, and I'm not sure they will succeed. A successful deployment of Internet-in-a-Box to a Windows-based school in Sierra Leone, on the other hand, was trivial. Thanks, Braddock Gaskill Founder, Internet-in-a-Box Project http://internet-in-a-box.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJR+YPTAAoJEHWLR/DQzlZubWAH/AsAPXBJgIiUzT44jqZeObJF a3ebCOypZnDTYHO+RVd3T3fGhx3uopFY3zQjiywZ+9sKYEQlMOg/pVoYtXxfAdXD wmxWKy26iyl2po+KXJlPyT7brEJ1MKkHmlyTZiXSj82E5pf9BbITFsQjEwqeeGwe 9JO8YjOmaUVbZVRuNSWfwsPJz2RlZZPNZR9d/VGkyTkvmNRiaqvNpFBa8SyFFC7D F7E6mPsAvzTDogXQz3RCsyHjmXV/BIpl5nqtFViVEp4hbjWc2kXwdEqLqX27dWJC /SWovkjOifwWyvd0aiLEM0202RN/FzsdhAl50e1ptV3EzEw1bZXHD+83ty0N0hQ= =xnyF -END PGP SIGNATURE- ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel =- paul fox, p...@laptop.org ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Request for mDNS name resolution from Internet-in-a-Box project
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/31/2013 03:17 PM, Paul Fox wrote: Fedora and most Linux distros (not to mention Macs) support mDNS out of the box, yet for some reason it is turned off in OLPC OS. I believe all that is required is the addition of the nss-mdns package to the OLPC OS build. if it's that simple, can your deployments simply do that installation with yum? or is there something else missing, either from the laptop, or from my understanding? That would require installing nss-mdns on each and every XO laptop in each school, and doing it again every time an XO was upgraded. Not feasible. It needs to be done upstream. - -braddock -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJR+Y3IAAoJEHWLR/DQzlZuETIH/j+0Glx3vNu/wjlmb3oEyRVz pQ6ONyu7ESAcnqE1WWfx70BNW5lpuaFsLbuUKHrR3s7IqmsdTYV7nUCtSnKZOAR1 DtJ1gtP1JQXIPirDC1wPvp3CdgLPGrt/YLlmOhYGZRXUabJamQS0bzvk7z0qq2f4 S2hHEB7xpMCvrWLdRxUJvMl4a/I7IedlK3y34nicS2nRGHefiE/gAHyyXHPXj08p JtDxm0ycmOKCaPipGfKOX54aazhRs4aZLSrUKfChaJg3E1TTdHMSPUilrC/kivpg /NzROcCUQc0Jk0I+zcustLtyPsMkFz7i34vlUHn+bRo9NMg+koXUcaxuzCBOgmM= =UVWi -END PGP SIGNATURE- ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Request for mDNS name resolution from Internet-in-a-Box project
Thanks. I hit this yesterday. We already have some mDNS support present for Sugar collaboration in a network when a School Server is absent; we have the Avahi packages, but as you rightly point out we don't have the name service switch module for mDNS, and so a gethostbyname(3) doesn't look at that namespace. I have looked for but cannot see evidence of it being removed, it seems it was simply not included. Does mDNS for Internet-in-a-Box work for you in the face of the enthusiastic suspend of our automatic power management feature? What would prevent a network intruder, or a malicious user of OLPC OS, from supplanting http://know.local ? Installing nss-mdns as an RPM during XO customisation is practical if you use the right customisation tools, which in order of complexity are: - unlock the laptops and use the xo-custom script in mktinycorexo, thanks to Jerry, - unlock the laptops and make your own build, with the patch below, - sign an xo-custom script with deployment keys. Waiting for the next OLPC OS build is an option, but I don't know when that will be. I've raised ticket #12730 to track the enhancement request. From bc224068e4976fce2cbbc4de9378f4cb425027fe Mon Sep 17 00:00:00 2001 From: James Cameron qu...@laptop.org Date: Thu, 1 Aug 2013 08:31:01 +1000 Subject: [PATCH] add mDNS support for host name resolution --- modules/base/kspkglist.10.core.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/base/kspkglist.10.core.inc b/modules/base/kspkglist.10.core.inc index 857157c..1ff5b4c 100644 --- a/modules/base/kspkglist.10.core.inc +++ b/modules/base/kspkglist.10.core.inc @@ -55,3 +55,6 @@ usb_modeswitch-data # provides firewall-offline-cmd, needed for kickstart firewalld + +# support mDNS name resolution for local network content repositories +nss-mdns -- 1.8.1.2 -- James Cameron http://quozl.linux.org.au/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Request for mDNS name resolution from Internet-in-a-Box project
Are you sure a change is required? I just tried connecting using a randomly-grabbed 12.1.0 machine to a network-connected printer (http://hp-model_id.local/) via HTTP and it worked fine. On Wed, Jul 31, 2013 at 6:20 PM, Braddock bradd...@braddock.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/31/2013 03:17 PM, Paul Fox wrote: Fedora and most Linux distros (not to mention Macs) support mDNS out of the box, yet for some reason it is turned off in OLPC OS. I believe all that is required is the addition of the nss-mdns package to the OLPC OS build. if it's that simple, can your deployments simply do that installation with yum? or is there something else missing, either from the laptop, or from my understanding? That would require installing nss-mdns on each and every XO laptop in each school, and doing it again every time an XO was upgraded. Not feasible. It needs to be done upstream. - -braddock -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJR+Y3IAAoJEHWLR/DQzlZuETIH/j+0Glx3vNu/wjlmb3oEyRVz pQ6ONyu7ESAcnqE1WWfx70BNW5lpuaFsLbuUKHrR3s7IqmsdTYV7nUCtSnKZOAR1 DtJ1gtP1JQXIPirDC1wPvp3CdgLPGrt/YLlmOhYGZRXUabJamQS0bzvk7z0qq2f4 S2hHEB7xpMCvrWLdRxUJvMl4a/I7IedlK3y34nicS2nRGHefiE/gAHyyXHPXj08p JtDxm0ycmOKCaPipGfKOX54aazhRs4aZLSrUKfChaJg3E1TTdHMSPUilrC/kivpg /NzROcCUQc0Jk0I+zcustLtyPsMkFz7i34vlUHn+bRo9NMg+koXUcaxuzCBOgmM= =UVWi -END PGP SIGNATURE- ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Request for mDNS name resolution from Internet-in-a-Box project
Looking into this a bit more, what I am seeing may be dependency specific. If you are lucky enough to have a XO image that has extra items added, nss-mdns may be present as a dependency. Otherwise it is not. I could have sworn this worked at one point in this past though because I have definitely pinged .local addresses when testing collaboration. On Wed, Jul 31, 2013 at 6:39 PM, James Cameron qu...@laptop.org wrote: Thanks. I hit this yesterday. We already have some mDNS support present for Sugar collaboration in a network when a School Server is absent; we have the Avahi packages, but as you rightly point out we don't have the name service switch module for mDNS, and so a gethostbyname(3) doesn't look at that namespace. I have looked for but cannot see evidence of it being removed, it seems it was simply not included. Does mDNS for Internet-in-a-Box work for you in the face of the enthusiastic suspend of our automatic power management feature? What would prevent a network intruder, or a malicious user of OLPC OS, from supplanting http://know.local ? Installing nss-mdns as an RPM during XO customisation is practical if you use the right customisation tools, which in order of complexity are: - unlock the laptops and use the xo-custom script in mktinycorexo, thanks to Jerry, - unlock the laptops and make your own build, with the patch below, - sign an xo-custom script with deployment keys. Waiting for the next OLPC OS build is an option, but I don't know when that will be. I've raised ticket #12730 to track the enhancement request. From bc224068e4976fce2cbbc4de9378f4cb425027fe Mon Sep 17 00:00:00 2001 From: James Cameron qu...@laptop.org Date: Thu, 1 Aug 2013 08:31:01 +1000 Subject: [PATCH] add mDNS support for host name resolution --- modules/base/kspkglist.10.core.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/base/kspkglist.10.core.inc b/modules/base/kspkglist.10.core.inc index 857157c..1ff5b4c 100644 --- a/modules/base/kspkglist.10.core.inc +++ b/modules/base/kspkglist.10.core.inc @@ -55,3 +55,6 @@ usb_modeswitch-data # provides firewall-offline-cmd, needed for kickstart firewalld + +# support mDNS name resolution for local network content repositories +nss-mdns -- 1.8.1.2 -- James Cameron http://quozl.linux.org.au/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Request for mDNS name resolution from Internet-in-a-Box project
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/31/2013 03:39 PM, James Cameron wrote: What would prevent a network intruder, or a malicious user of OLPC OS, from supplanting http://know.local ? Well, it is no worse a problem than someone arp poisoning or handing out fake dhcp replies. If they have access to the local network they can do certain bad things. - -braddock Installing nss-mdns as an RPM during XO customisation is practical if you use the right customisation tools, which in order of complexity are: - unlock the laptops and use the xo-custom script in mktinycorexo, thanks to Jerry, - unlock the laptops and make your own build, with the patch below, - sign an xo-custom script with deployment keys. Waiting for the next OLPC OS build is an option, but I don't know when that will be. I've raised ticket #12730 to track the enhancement request. From bc224068e4976fce2cbbc4de9378f4cb425027fe Mon Sep 17 00:00:00 2001 From: James Cameron qu...@laptop.org Date: Thu, 1 Aug 2013 08:31:01 +1000 Subject: [PATCH] add mDNS support for host name resolution --- modules/base/kspkglist.10.core.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/base/kspkglist.10.core.inc b/modules/base/kspkglist.10.core.inc index 857157c..1ff5b4c 100644 --- a/modules/base/kspkglist.10.core.inc +++ b/modules/base/kspkglist.10.core.inc @@ -55,3 +55,6 @@ usb_modeswitch-data # provides firewall-offline-cmd, needed for kickstart firewalld + +# support mDNS name resolution for local network content repositories +nss-mdns -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJR+Zz5AAoJEHWLR/DQzlZutGYH/1q9S3IVKsceXZTAl/HICj2l aJH8VSUzMD++oyMsgRBlGmXZ8TGUnS+ESb/tAxv7U0CT1CXOVSqeAgJ8GiJJRQWp veWOWPEqeB1ws06miq1yDPZlnOpsKskZPWv3kPYVOVhaaNWbIgWRfZJoSu0YNbXy dW2SDpwSjgry4hXjOPatmUoEz/2tVPGRsbPWV4kDXHVjAiCKrkR2qs+1Npwrujpb aYDtBliLIt9i6/aGRYZ9Uvefs+xyNGqwJgiIwySuGiuKdh2niNPHJ/EqejB15ROP JUjvCkZhS/ZrqCX1Abh0dsaF1E498HnAk/WPZB0e+l0ZOT4OVYQpQTyIXBbJuCY= =jI5N -END PGP SIGNATURE- ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel