Difference between revisions of "Kiosk"
(→Automated Process) |
(→Automated Process) |
||
Line 86: | Line 86: | ||
Edit /etc/gdm/Init/Default and put: | Edit /etc/gdm/Init/Default and put: | ||
− | # Start the x11vnc Server | + | # Start the x11vnc Server |
− | sudo /usr/bin/x11vnc -safer -localhost -once -nopw -auth /var/lib/gdm/:0.Xauth -display :0 -bg -forever | + | sudo /usr/bin/x11vnc -safer -localhost -once -nopw -auth /var/lib/gdm/:0.Xauth -display :0 -bg -forever |
Right before exit 0 at the end of the file. You have to have -bg. If the process does not background then gdm will be stuck until that proccess exits | Right before exit 0 at the end of the file. You have to have -bg. If the process does not background then gdm will be stuck until that proccess exits |
Revision as of 14:30, 20 February 2012
The concept is to build a Kiosk that will only allow a user to browse one website. The goal is to get the user to sign up for the newsletter.
Requirements
- Can be fixed by an admin over the internet
- User can only browse one website
- User cannot change the settings or edit other parts of the computer
Hardware
- ASUS Eee Box EB1021-B028E Desktop PC AMD Dual-Core Processor E-450(1.65GHz) 2GB DDR3 320GB HDD Capacity AMD Radeon HD 6320 Window 7 Home Premium 64-Bit
Software
After a quick search it seems that Ubuntu has been used alot for the Kiosk OS. Their are numerous lockdown guides to securing the OS for a Kiosk. It looks like Chrome, Firefox, and Opera can all be used for the browsing.
Manual Process
- Install a LTS version of Ubuntu
- Update System
- Install ubuntu-restricted-extras
- Create kiosk user account via gui
- Remove all user privileges via gui tool
- Install Firefox
- Install Reset Kiosk 0.4
- Install R-kiosk
- Disable Plug-in
- Install dansguardian
- Install tinyproxy
- Install firehol
Automated Process
http://jacob.steelsmith.org/content/ubuntu-kiosk-based-10041
It looks like someone has a LiveCD/InstallCD/Release of Ubuntu LTS out that has alot of the kiosk things done for you. The individual has the scripts available but not the configuration files for download on his website. But he is missing documentation/examples of what he did to the install so the scripts will run well. For example the creator distributes the scripts but not the config file directory where the scripts source from. He does not show how he editied the .xsession file to make ff start as the kiosk user. Etc. I may or may not document what I did but I am going to provide some files for downloading that have the config files and copies of the kiosk users home dir from the boot cd for the future.
It also looks like the creator has specific versions of software installed. An older but working version of firefox, etc. I tried doing an apt-get update/upgrade and it messed with system. I think one of the plugins does not work with ff. This can be easily fixed but I do not have the time. It could have been something bigger though. Something he customized that when upgraded borked the system.
Default itadmin password is 'changeme'
To edit Firefox settings edit /home/kiosk/.xsession and make FF go into safe mode.
Other things I did:
- Installed/Upgraded Java and the flashplugin: aptitude install openjdk-6-jre flashplugin-nonfree
- Disabled tabbed browsing in FF (Options, Tabs, Always Show Tabs): http://www22.verizon.com/residentialhelp/fiosinternet/general+support/top+questions/questionsone/121582.htm
- I added the Firefox extensions R-kiosk and Reset Kiosk
- After turning on dansguardian I could not ssh into the box. I allowed ping and ssh by editing the firehol config:
- I disabled Caret Browsing:
- about:config - accessibility.browsewithcaret_shortcut.enabled - false
- about:config - accessibility.warn_on_browsewithcaret - false
- I disabled the printscreen feature in gnome but putting ' xmodmap -e "keysym Print = BackSpace" ' in /home/kiosk/.xsession
- ctrl+alt+f4 was logging the user out or closing the window or switching sessions or something I disabled with ' xmodmap -pke | sed -n 's/ = .*VT_4.*/ = /p' | xmodmap - '
I wanted to be able to VNC in to a system because I was sending it out. If their where any problems I wanted to be able to see them. I can already ssh in. I want to VNC in.
aptitude install x11vnc
Ubuntu Wiki has a nice script:
#!/bin/sh ssh -f -L 5900:localhost:5900 rebecca@rebeccas-pc.dyndns.org \ x11vnc -safer -localhost -nopw -once -display :0 \ && sleep 5 \ && vncviewer localhost:0
Seems to work fine if a user is logged in.
I want vnc to start before login just in case.
Edit /etc/gdm/Init/Default and put:
# Start the x11vnc Server sudo /usr/bin/x11vnc -safer -localhost -once -nopw -auth /var/lib/gdm/:0.Xauth -display :0 -bg -forever
Right before exit 0 at the end of the file. You have to have -bg. If the process does not background then gdm will be stuck until that proccess exits
Notes
- http://lists.debian.org/debian-firewall/2004/11/msg00006.html
- http://firehol.sourceforge.net/services.html#vnc
- https://help.ubuntu.com/community/VNC#accessing-your-pc
- https://help.ubuntu.com/community/VNC?action=show&redirect=VNCOverSSH
- https://help.ubuntu.com/community/VNC/Servers#x11vnc-before-login