[K12OSN] A little K12LTSP Firefox Kiosk HOWTO

Mike Thostenson mthostenson at ci.owatonna.mn.us
Thu Jan 26 22:26:42 UTC 2006 

I have written a few custom PHP/MySQL apps that required a locked down
kiosk for patrons at the front desk so that they can sign in and out by
themselves. I did not want the user to be able to easily close the web
browser or see any toolbars including the address bar. I thought I would
write a few of these notes from this project down to help me remember
what I did and then also save someone else the hassle of battling this
in the future.

Hardware:
1 - Dell PowerEdge SC430 3.0Ghz EMT64 1GB RAM SATA HDD
2 - Wyse S50 Terminals
2 - Wyse VESA Monitor Mounts (wrap the mount onto the stem of the dell
LCD base then clip the S50 to it...the pressure holds it to the stem
perfectly)
2 - Dell E156FP Flat Panel LCD Monitors

Software:
K12LTSP-4.2.3EL x86_64
Stock Mozilla Firefox 1.5 from mozilla.com
R-kiosk 0.2 Firefox Extension written by Kimmo Heinaaro

Some Notes:
I won't go into detail about everything that was done due to the lack of
time, but the following info should give the average linux dude a good
idea of what to do (if they would like to use my method).

I started by installing and setting up k12ltsp and creating some user
accounts that automatically login. You will need to edit the following
files to make this happen:
/etc/X11/gdm/gdm.conf (to get gdm to work in kiosk mode)
**hints:
AutomaticLoginEnable=false
AutomaticLogin=/usr/bin/autologin.sh|
TimedLoginEnable=true
TimedLogin=/usr/bin/autologin.sh|
TimedLoginDelay=0
***end hints (lots more...just short on time)
/etc/dhcpd.conf (to get ip address based on mac address)
/opt/ltsp/i386/etc/ltsp.conf (configure drivers and hw settings for a
specific node)
/etc/hosts (to insure ip address assigned matches host name)

Once you have k12ltsp logging in automatically you will want to set your
default window manager to IceWM.desktop and disable Gnome and KDE. (I
won't get into that here)

Tell IceWM not to start Nautilus (resource hog):
ICEWM_USE_SESSION=YES
ICEWM_USE_NAUTILUS=NO

Edit /usr/share/icewm/preferences and disable your taskbar, logout
prompting, and anything else you desire.

You should now have IceWM being automatically logged in with just a bare
desktop...nothing else.

Next, we will setup firefox

Download the stock firefox 1.5, untar and unzip it.
Put this in a users home directory just as /home/john/firefox
Run firefox/firefox and install the R-Kiosk 2 Extension as that user
Setup firefox the exact way you want it locking things down by doing:
cd greprefs
create a file called mozilla.cfg.txt with the following inside it:
//

try {

lockPref("network.proxy.http", "192.168.10.1");
lockPref("network.proxy.http_port", 8080);
lockPref("network.proxy.type", 1);
lockPref("network.proxy.no_proxies_on", "localhost, 127.0.0.1,
www.YOURSITE.com");
lockPref("browser.startup.homepage", "http://www.YOURSITE.com");
lockPref("browser.startup.homepage_override.mstone", "rv:1.7");
lockPref("browser.cache.disk.capacity", 10000);
lockPref("signon.rememberSignons", false);
lockPref("security.warn_entering_secure", false);
lockPref("security.warn_leaving_secure", false);
lockPref("security.warn_submit_insecure", false);
lockPref("security.warn_viewing_mixed", false);
lockPref("print.always_print_silent", true);
lockPref("print.show_print_progress", false);

}

catch(e){
displayError("lockedPref", e);
}

Save and exit this file
Download moz-byteshift.pl (Google it...you will find it)
./moz-byteshift.pl -s 13 <mozilla.cfg.txt >mozilla.cfg
mv mozilla.cfg /home/john/firefox
Edit /home/john/firefox/greprefs/all.js and add the following to the
bottom:
pref("general.config.filename","mozilla.cfg");

Save and exit then launch firefox again...your firefox config should be
set.
Do cp -R /home/john/firefox /etc
You will need to change some permissions on some of the extension files
for my icewm startup script which blows away /home/$USER/firefox and
/home/$USER/.mozilla everytime icewm is started. This was designed so
that if firefox freaks out...a power off and on of the terminal will
cure everything.
Permission changes needed in this directory and subdirectories:
/home/john/firefox/extensions/\{4D498D0A-05AD-4fdb-97B5-8A0AABC1FC5B\}/c
hrome/
I changed them like:
chmod 644 contents.rdf rkioskbrowser.js rkioskbrowser.xul
chmod 644 rkiosk.jar

Now what I did was setup icewm to blow away each stations firefox
program and settings everytime icewm is started.
Edit /usr/share/icewm/startup and add something like:
pkill -U $USER firefox
rm -Rf /home/$USER/.mozilla
rm -Rf /home/$USER/firefox
cp -R /etc/firefox /home/$USER/firefox
chown -R $USER:$USER /home/$USER/firefox
/home/$USER/firefox/firefox www.YOURSITE.com &

Now when IceWM starts it will first killall any stale firefox process
for that station. (Needed cause the terminals are just shutoff)
All firefox program for that user and settings are nuked.
A fresh copy is then loaded into the users home directory
Firefox is then launched and set to visit www.YOURSITE.com

That should give you a place to start. I will try to replace these notes
with a formal HOWTO in the future but at least this will give you a
place to start.

Please feel free to comment and provide a more efficient means that is
bullet proof and reliable.

Mike Thostenson

More information about the K12OSN mailing list