[KLUG Members] Kiosk / Lightweight Workstation Recommendations
Adam Tauno Williams
awilliam at whitemice.org
Sun Dec 11 12:54:03 EST 2005
> I have been kicking around two kiosk scenarios and would like some
> outside perspective. I am trying to decide between a customized live CD
> or a locked-down desktop environment installed to hard drive.
I'd install on a drive; IMHO live CD distros are usually more fuss than
they are worth. Hard drives are very cheap.
> Two PIII/933 machines each with monitors, and one network printer. Each
> should have Firefox, OpenOffice.org, network printing, write to CD-R/USB
> drive only.
Going to be tough not to have a writable home directory. Don't make
your USB device a home directory, you'll burn up it's write cycles.
> The project does have two constraints: It has to be Gnome,
Whooo hoo! You've sold me. :)
> and it has to
> be on Ubuntu. Debian will do for obvious reasons. This is not to start a
> flame war but donning my fire retardant suit anyway.
Distributions don't much matter so long as it isn't something brain
damaged like Gentoo.
> The custom CD makes sense from the oops factor. If you make a mistake or
> an error is encountered, just reboot. Negatives, it is slow and very
> rigid. Plus, all changes require a rebuild, reburn, etc. The
> customization process is not the easiest, and there is no one set way to
> create it, although it _can_ be somewhat automated.
A hard drive installation can be make pretty much impervious to the oops
factor. Partition it correctly and you can even mount things like /opt
as read-only.
> The locked-down desktop makes sense from a flexibility standpoint, but
> the trade-off of speed is negated by the use of a hard drive that could
> be a point of failure.
So have two.
> And even after removing launchers from the
> panel(s) who knows if you "really" have everything locked down? Another
> big challenge here is blowing away the user directory after logout and
> recreating a clean user directory with the bare minimum dot config files
> et al.
rm -fR /home/tempuser
cp -pR /home/skel /home/tempuser
chown -R tempuser.nobody /home/tempuser
You can put it right in the GDM login script so that part runs as root.
> I have also thought of LTSP/Thin Client but it should/must go through
> NoCat (or another auth/accounting scheme) which generally blows up
> networking on LTSP right nicely.
> Ideas? Input? Thanks in advance!
What do you want to control/account for?
More information about the Members
mailing list