Re: multi-user guest account

To: debian-edu@lists.debian.org
Subject: Re: multi-user guest account
From: "cobaco (aka Bart Cornelis)" <cobaco@skolelinux.no>
Date: Tue, 10 May 2005 20:09:04 +0200
Message-id: <[🔎] 200505102009.11977.cobaco@skolelinux.no>
In-reply-to: <[🔎] 20050510171914.GP5077@fiachra.ucd.ie>
References: <[🔎] 20050510171914.GP5077@fiachra.ucd.ie>

On Tuesday 10 May 2005 19:19, Gavin McCullagh wrote:
> Hi,
>
> I was wondering would a preconfigured kiosk account be a nice addition to
> the default sarge install.

I think so

> Ideally, the settings should be moreorless fixed, it would be possible to
> run many mozilla instances on different displays without seeing the
> profile dialogue.  I guess I'm asking for the KDE Kiosk Framework.  

I have no idea about locking down mozilla, but we can lock konqueror and KDE 
down with the kiosk framework just fine.

> Has 
> anyone used it in debian-edu?  It appears the kiosk stuff has changed
> radically between kde2 and kde3.

kiosk framework was new in kde2

> Is it too late to be mentioning this for sarge?  
think so (should be no problem to create something that works on both sarge 
and etch though)

> Any suggestions as to how this would best be done?  Could it easily be
> done in a standalone package or should the LDAP database, etc just have
> it from the start?

can be done in a standalone package, the problem breaks down in 3 parts:
1) exactly what kind of setup do we want, what should be possible, what 
shouldn't, what do we not care about -> this is the hard part
2) implementing what's decided in 1) into a kde-profile (basically a 
directory with similar layout to ~/.kde,) -> just takes some effort (I'm 
willing to do this, given 1)
3) add the directory containing 2) in front of KDEDIRS whenever you want 
that setup activated -> my desktop-profiles package offers a generic way to 
do this (currently in my homedir on developer.skolelinux.no, should be in 
debian proper soon, as I found a sponsor for it at the devcamp in Valencia)

things you can lock down in kde:
- all settings in configuration files
- all actions (more or less everything that has a menu or toolbar item + 
some general things like shell_access
- certain url's (url's include everyting that can be accessed through kde's 
ioslaves mechanism), can also be redirected
- access to controlcenter modules

(note kiosk is off course to be used in addition to normal unix security 
measures)
-- 
cobaco (aka Bart Cornelis):
    Coördinator Belgisch Skolelinux team
    Coördinator Nederlandse Skolelinux vertaling

Attachment: pgpFhvdGTSDt2.pgp
Description: PGP signature

Reply to:

References:
- multi-user guest account
  - From: Gavin McCullagh <lists_gmc@fiachra.ucd.ie>

Prev by Date: [Bug 762] mkinitrd fails at Compaq Proliant with sym53c875 SCSI-RAID controller.
Next by Date: debconf5 debian-edu development gathering?
Previous by thread: multi-user guest account
Next by thread: New unofficial PowerPC kernel for LiveCD
Index(es):
- Date
- Thread