Profile

Cover photo
The Linux Schools Project
470 followers|222,162 views
AboutPostsPhotosVideos

Stream

 
News Update

Samba 4.3.8

New versions for Samba 4.3.8 have been built for Precise, Trusty, and Xenial and are available from our staging repository. These are built from the samba source and have a patch added so that round robin works for DNS entries.

https://launchpad.net/~linux-schools/+archive/ubuntu/staging

Postfwd

We have seen a few problems where students have set really easy passwords and then had their accounts used for sending spam. This is easy to spot after the event and the system warns of excessive E-Mail activity via an E-Mail alert and in the Web Management warning section. However at this stage it is a bit late as reputation is being affected for the domain. I am playing around with Postfwd to act as a policy daemon which is easy to automate a setup for and will rate limit incoming and outbound E-Mails. The only problem I have found is that the rule set requires “jump” rules to stop all rules being applied to all users which makes the config file more awkward to generate via the web management.

Distribution Server

Having done some testing on the distribution server for Karoshi V11 ( build on Ubuntu 16.04) I found that I could not network install Ubuntu 16.04 distributions at all. This has resulted in a redesign of the Distribution Server so that different netboots can be used for different Linux versions to give better compatibly.

Karoshi V11

Testing has been going well and I am hoping to have Karoshi version 11 released as close as possible to the official release of Ubuntu 16.04.

The main problem that has held up testing has been solved which was gluster volumes on top of zfs. The scenario that causes the problem was adding an additional domain controller to your main server which is coded to automatically set up a gluster volume for all critical data. The gluster volume is needed because samba does not currently do replication which is needed at least for the sysvol folder between domain controllers. Using gluster for this and having it available for any other data is really useful. The problem arises when you add a bunch of extra hard drives with a ZFS volume on them. The ZFS volume can be quickly created in the web management and the gluster volume data is automatically moved to the ZFS volume. The problem that arose was a timing problem when starting the server between the ZFS volume being available and gluster starting which if the order was wrong caused the gluster volume to not function correctly.
3
Add a comment...
 

News Update

Patch karoshi-web-controls-160222-1633 released

This patch provides the following changes:

Web Management

All of the web management has now been converted to HTML5.

A new page has been added to allow restricted distribution lists for E-Mail. This allows you to restrict sending of E-Mails to distribution lists to a limited set of users.

Documentation on this feature can be found at:
http://www.linuxschools.com/karoshi/documentation/wiki/index.php?title=E-Mail_Protected_Distribution_Lists

New Module

A Gitlab module has been added that allows you to install Gitlab on one of your servers .

Mac Support

Mac logonscript support added so that Mac clients can map the same network shares as the windows and Karoshi Linux clients.

Documentation on this feature can be found at:
http://www.linuxschools.com/karoshi/documentation/wiki/index.php?title=Mounting_User_Shares_at_Logon

Mail Server changes

Dovecot Sieve support has been added to enable support for Sogo vacation and forward messages. E-Mails are now delivered to users via dovecot-mda.


Fail2ban

The Fail2ban configuration has been changed to correctly work with later Apache logging styles so that it correctly detects and bans failed login attempts.
2
Benjamin Chakaodza's profile photoThe Linux Schools Project's profile photo
2 comments
 
if you go to http://www.linuxschools.com you can register on our forum to get extra help and information.
Add a comment...
 

News Update

I have left out weekly from the title since I haven’t managed to post for a couple of weeks!

Samba 4.3.2

Samba 4.3.2 is now available from our Linux Schools staging repository for testing. This is the latest of the 4.3 series and although this is primarily for Karoshi V9 and V10 servers can be used by anyone wanting to run Samba 4 on Ubuntu 12.04 or 14.04.

https://launchpad.net/~linux-schools/+archive/ubuntu/staging


Patch karoshi-web-controls-151209-1613

This patch is now available and provides the following changes:

nf_conntrack_max

We were having a problem with our internet slowing down at peak times on our proxy servers. An inspection of the logs showed “nf_conntrack: table full, dropping packet” . This message was being repeated many times in the logs.

As a result of this the patch sets nf_conntrack_max to 196608 for all proxy servers.

Configure Backup

This has been fixed for server names with hyphens

Internet Usage Trends

An Internet usage trends section has been added in the internet section of the web management.
This can be configured to search for any keywords that you want and gives a report showing internet usage for your users based on the keywords.

Update Server

The update server script now also checks to make sure that /etc/ssh_config has not been changed by an update.

Asset Register QR Codes

Asset register qrcodes now points to a new path that both admin and tech web management users can use. This has been changed so that any QR Code labels stuck onto assets around the school can be scanned and point to the relevant asset in the asset register.

Bulk User Creation

I made a change to this feature to allow special characters which also caused a problem with windows line returns. To fix this problem this patch installs dos2unix for dealing with windows line returns

Web Management

I have attempted to streamline the user section of the web management which was suffering from feature creep. The system section is next to receive some attention which will hopefully be improved for the next patch.
4
Add a comment...
 
Weekly Update

Gitlab Module

We are looking at using a versioning system for our students to use for Computer Science coursework projects. The easiest solution would have been to use github but this causes problems with student cousework which cannot be put in public view due to exam regulations.

I am fortunate in teaching some really talented and motivated students and Matthew Jowett volunteered to write a new module for Karoshi that would install gitlab on a chosen server.

The screenshots in the collection show Matthew's work on this module with gitlab running on a test server network and we are hoping to release this as a Karoshi module in the next patch.

Internet Usage Trends

This is an addition to the Internet section in the web management that allows Administrators to add categories to see user trends on internet usage. The trends are created from stored user internet logs. The aim of this feature is mainly to check for students that are consistently browsing for certain topics that could mean that there are concerns that need investigating.
5
Add a comment...
 

Weekly Update

Patch karoshi-web-controls-151103-1642

This patch is now available and provides the following changes:

Web Management
Additional table sorting added to the Web Management.
Helpdesk renamed to Technical Support.

Moosh
Moodle moosh support for adding users to moodle when they are created in the system. This is useful when creating users and being able to assign them to classes without having to get the users to log into Moodle first.

SOGo
Sogo alias support added so that E-mail clients will auto complete on aliases as well as normal E-Mails.

Apache SSL

The Apache ssl.conf is modified by this patch to disable SSLv3 and to only allow high level cyphers. The changed parameters are shown below.

SSLProtocol TLSv1 TLSv1.1 TLSv1.2
SSLCipherSuite AES256+EECDH:AES256+EDH
2
Add a comment...
 

Weekly Update

We had a request to add in the ability to sort data in the Web Management on relevant pages such as the dhcp leases page and the dns management page. This feature has now been added thanks to jquery and tablesorter. More information on tablesorter can be found at: http://tablesorter.com/docs/

Patch Available

The following patches are available:

Karoshi V10 – karoshi-web-controls-151018-1648

Karoshi V9 – karoshi-web-controls-151018-1651

These patches provide:

Web Management

Layout changed to a vertical navigation bar on the left.
Table sorting added to relevant pages.
Fix for viewing backup logs for server names with dashes.

Samba

Creating an additional samba share now correctly sets acls for groups.

E-Mail

Groups are now automatically added to the email restriction list so that distribution lists are restricted to internal emails.
Adding dynamic groups now only restricts E-Mail to the group and not all users in the group.

Gluster

Gluster volumes can now be created without having to have two domain controllers.
2
Add a comment...
Have them in circles
470 people
James Mousseau's profile photo
Andre Immanuel Quintos's profile photo
Hank Thomason's profile photo
OpenSource's profile photo
GeekMom's profile photo
Marco Buono's profile photo
Miroslav Babjak's profile photo
Kamal Sharma's profile photo
Brian Norris's profile photo
 

Karoshi Server V11.0.1 is in beta

This new version of the Karoshi Server is built on Ubuntu 16.04 “Xenial” LTS.

New install options for the main server

We have realised for quite some time that Karoshi Server does not have to be for education and with that in mind we now have three install options for the main server.

Education – installs with standard education groups
Business – Installs without student year groups
Home – Installs with a multimedia share and minidlna auto configured


Testing and Updates

Testing is going well and the majority of problems have now been sorted out. Some of the recent changes have been documented below.

Samba Version 4.3.6

We now have a Samba 4.3.6 built for Xenial. This is a patched version to provide DNS round robin support which is missing from official samba builds. Our Samba version can be found at:

https://launchpad.net/~linux-schools/+archive/ubuntu/backports

Owncloud Version 9

Owncloud has the ability to use external mounts for users which is really good for connecting up to user home areas. In Karoshi this is an automated process and changing where user home areas are stored also changes the Owncloud external mount configuration.

On updating the Owncloud module to  version 9 I found that external mounts are no longer configured in mount.json but are stored in the Owncloud database. Fortunately Owncloud has a command line option to import and export json format files. Unfortunately the json format has changed so we could not just import our existing json configuration which is auto generated as part of the logon script creation for for Windows, Linux, and Mac clients. With a bit of trial and error we now have support for creating and importing the json files.

Postfix

Postfix changes were needed to stop postfix running in compatibility mode due to changes in Postfix version 3 master.cf configuration.


Yad

We use Yad for the initial Karoshi setup on the servers and ran into a problem on the latest beta with some of the yad boxes only displaying a title.

Yad boxes with --timeout option now also has to have the –timeout-indictator parameter set otherwise the box will not display anything.
5
1
Add a comment...
 

News Update

Sogo Sieve Support

The E-Mail setup has now been modified to provide Sieve support for Sogo via dovecot. This has involved changing the local delivery agent from postdrop to dovecot-mda. This enables vacation messages and E-Mail forwarding in Sogo.

OpenVPN module

The OpenVPN module was incorrectly setting the shorewall firewall configuration resulting in shorewall not restarting. This has now been fixed and will be released in the next patch.

Gitlab Module

The Gitlab module has undergone testing and is now ready for release in the next patch.

Web Management HTML 5 conversion

The conversion to HTML for the Web Management is now complete and ready to be released in the next patch.
3
Add a comment...
 

News Update

Web Management HTML 5 conversion

The web management was written to validate as HTML 4.0.1 Transitional. Over the Christmas holiday I was persuaded to convert it all to HTML 5. I am glad to say that this process is now nearly at an end. Even after automating as much of the change over as possible it turned out to be quite a grind to get through all of the pages. We now have a set of web management pages that validate as HTML5 but look just like they did before!

E-Mail groups – restricted to certain users

After adding in the dynamic groups feature which allows a quick way of creating E-Mail distribution lists I then found that I needed to stop students from being able to reply to E-Mails sent to these groups which started to cause internal spam E-Mails. This took some testing to sort out correctly to get the postfix rules correct but is now working and just needs a Web Management page added to control it so that it can go out in a patch.

Check System Updates

The Web Management will now show warning messages if any server in the system has not been updated in the last 10 days.
3
Add a comment...
 

Weekly Update

Web Management Printer Queue Control

The printer queue control has been revamped to use tablesorter for the print queues. This caused problems with showing print jobs on the same page as the printer queue list and this has now been moved to a separate page for each printer although you can still clear all jobs in a queue from the main print queue page.

Web Management Warning Alerts

The web management now has its own dedicated page for warning alerts rather than just having to rely on the alert area at the top of the page.

E-mail Aliases

Our postfix configuration was stopping users from sending E-Mail using an alias E-Mail address that they had been assigned. This was due to our query filter being set to only check their mail address for sending E-Mails. This will be fixed in the next patch and ldap-mail.cf will be modified with:

query_filter = (|(mail=%s)(proxyAddresses=%s))
4
Add a comment...
 

Weekly Update

Moodle Moosh

Karoshi now has integrated support for adding and deleting users directly in Moodle rather than having to wait for users to login to moodle for them to be created in the moodle database. Any new users that are created are now automatically created in Moodle if the Moodle module has been applied. Applying the moodle module to any server will also trigger adding all existing users to Moodle.

This is integration is achieved using moosh which is a command line utility for Moodle.

More information on moosh can be found here: http://moosh-online.com/

E-Mail Alias Support

Alias support has been improved so that SOGo now recognises any aliases that have been added and will search on aliases as well as normal E-Mail addresses.

Adding an Alias now adds an extra entry to the Samba 4 ldap for the user in the ProxyAddresses field which SOGo now searches for as well as the normal mail field.
command line utility tool for moodle
1
1
Add a comment...
 

Weekly Update

Samba Shares

We have a feature in the Web Management to create samba shares on any server that has had the file server module added to it. Feedback on this feature indicated that there were problems with folders created in shares not having the correct permissions for group access resulting in administrators having to continually apply recursive permissions to the share. Testing on this issue proved that the acls for the share were not being created correctly to apply permissions recursively. This has now been corrected and will be available in the next patch.

Web Management Layout and Theme Update

The Web Management themes have now all been modified to match the new layout and all themes have a new preview screenshot to match the changes.

Latest Patch

The latest patch with the above changes has been delayed while we sort out a move of out web hosting to a VDS. Our existing shared hosting was proving to be very slow at times and was causing frustrations for our community wanting to use our forum. We are hoping that the migration will be completed tomorrow.
3
Add a comment...
People
Have them in circles
470 people
James Mousseau's profile photo
Andre Immanuel Quintos's profile photo
Hank Thomason's profile photo
OpenSource's profile photo
GeekMom's profile photo
Marco Buono's profile photo
Miroslav Babjak's profile photo
Kamal Sharma's profile photo
Brian Norris's profile photo
Contact Information
Contact info
Email
Story
Tagline
Linux for schools, both servers and clients
Introduction
A Linux based operating system designed around the everyday needs of administrators of networks in education created and maintained by people who work in schools everyday.

Install a server or set of servers based on your school needs then administrate it via a web browser. Being a modular based system you can pick and chose from various server modules to install, choosing as few or as many as you like and mixing and matching modules depending on your preferences and environment.

We aim to provide :

  • Simple, secure web interface – Allowing you to control your network worldwide.
  • Configured modules, just click and go.
  • No license fees! The system and all of its features are free.
  • No need for in depth knowledge of Linux server administration.
  • The continued use of your current computers.
  • Windows and Linux compatibility.
  • The stability of being remastered from Ubuntu LTS.
  • Downloadable Source-Code hosted on GitHub

The Linux Schools operating system currently provides fully configured: 

Primary Domain Controller(Samba4), Additional Domain Controllers(Samba4), Active Directory, Groupware(SoGo), eMail(DoveCot/IMAP), E-Learning(Moodle), DHCP with failover, External Access to files(Owncloud), Website(Joomla), Printing(CUPS),Internet Proxy(Squid), Filtering(e2guardian with failover), Radius, Digital Signage(Xibo), Operating System Distribution, Reverse Proxy(NGINX), Monitoring with eMail and SMS alerts, Distributed Storage Systems(Gluster FS).

If there are any extra features you feel we should provide, please post them on the feature request section of the forum found here: Linux Schools Feature Request Board.