[K12OSN] I need help with an idea

David Trask dtrask at vcs.u52.k12.me.us
Wed Mar 30 19:40:07 UTC 2005 

Eric Harrison <eharrison at mail.mesd.k12.or.us> on Wednesday, March 30, 2005
at 1:55 PM +0000 wrote:
>The way this would work is that *every* application could be a
>local-app. Want to install firefox as a local app? No problem, just do
>something like:
>
>	chroot /opt/ltsp/i386/
>	yum install firefox
>
>	(or "apt-get install firefox" on a Ubuntu server, etc)
>
>Done.
>
>The tricky part is then the whole authentication, authorization, RPC
>mechanisms, etc that are required for local apps (the same problem set
>for the old way & the "development" way of doing local apps).
>
>Read through the wiki page a couple of times and see if it makes sense.
>If not, post where you are confused. Jim and I brain-stormed the whole
>idea, so it seems perfectly clear to me ;-)

Ok...how do we differentiate whether we want the terminal to use the
resources of the server or it's own resources....or are we headed down the
path of always using the terminals resources (fine with me).  (by
resources....I mean processor...RAM....etc)  For Example:  When Firefox
(usually with Flash) runs on a dedicate workstation...it works fine and
its quite fast because it uses the workstations CPU and so forth.  When
doing this in an LTSP environment....by the time you get a few terminals
running Firefox/Flash...it starts to crawl due to the CPU usage on the
server.  My idea is to shift that burden down to the terminal...especially
in cases where the terminal is powerful enough.  Secondly...is there a way
to use Samba/LDAP as the authentication piece as opposed to NIS?  smbldap
uses machine accounts for windows....we could easliy make machine accounts
to use for local apps authentication couldn't we?  In fact when the
"hosts" are generated during setup of a K12LTSP box...we could also
generate machine accounts for local apps.   This would be an easy script
to write.  Then....couldn't we even script key generation for the
workstations as well?  In fact, for simplicity might it make sense to
simply begin using LDAP or smbldap as the default method of authentication
from here on it?  Matt and I have gotten to the point where we set up
smbldap on all K12LTSP servers rather than try to remember how to do it
the old way with RedHat users  ;-)   Works fine and just gives us more
options in the end.  One drawback is that we need someone (Gideon?) to
write a good front end for Samba/LDAP user creation...etc.   Matt is doing
work for Canonical so he's also looking to possibly port the
smbldap-installer script to Ubuntu...in fact he'll be looking for you and
Jim in Sydney.  

David N. Trask
Technology Teacher/Coordinator
Vassalboro Community School
dtrask at vcs.u52.k12.me.us
(207)923-3100

More information about the K12OSN mailing list