[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Text-only sessions in K12



I'm going to retract that SCREEN idea. It is a major security hole as it
open a root shell on the client with no password.

That said, it could still work by having a root user environment that
only calls a "fake login" than uses ssh to connect back to the server.
Basically an autorun script that asks for the username, feed that into
the ssh call and then they get a password prompt from the server in the
ssh session. Make the wrapper script a permanent loop and an autorestart
in .bashrc if they <ctl>-C it to death. You could also setup a generic
user user on the client and immediately have the root user su -
<fakeuser> and do the login stuff from there.
On Tue, 2008-06-10 at 17:48 +0200, David Fourie (TSC) wrote:
> I tried that - I set SCREEN_01 = shell in lts.conf for that particular
> workstation, but it only opened and shell with no login, and therefore no
> access to file server or /home directories etc.
> 
> How do you set a user session to open a terminal text-only session ?
> 
> Regds
> DF
> 
> > If you set the option in lts.conf, you can have a local shell on the
> > client.
> >
> > You can also set the user session to open a full-screen terminal and log
> > out if it exits.
> > On Tue, 2008-06-10 at 08:08 +0200, David Fourie (TSC) wrote:
> >> Hi there
> >> I will definitely try this option of using a 'simple' window manager -
> >> about to download ratpoison right now!
> >>
> >> It also occurred to me yesterday while deliberating on this issue that
> >> an
> >> X session is at runlevel 5 while and terminal shells are at runlevel 3.
> >> Is it not possible to set a user's session to only startup in runlevel
> >> 3??
> >>
> >> thanks for the post.
> >>
> >> regds
> >> DF
> >> Solution Centre, SA
> >> >
> >> >
> >> > I know this in not exactly what you are asking, but I was thinking
> >> maybe
> >> > just give them a VERY BASIC window manager.  the window manager
> >> ratpoison
> >> > (http://www.nongnu.org/ratpoison/) comes to mind.  This has the added
> >> > benefit of not locking the user(s) into a specific terminal.
> >> >
> >> >
> >> > Just adjust their $HOME/.xsession file to look something like:
> >> >
> >> >    # $HOME/.xsession startup script
> >> >    xterm &
> >> >    exec ratpoison
> >> >
> >> >
> >> > --
> >> > http://gentgeen.homelinux.org
> >> >
> >> > #############################################################
> >> >  Associate yourself with men of good quality if you esteem
> >> >  your own reputation; for 'tis better to be alone then in bad
> >> >  company.        - George Washington, Rules of Civility
> >> >
> >> > _______________________________________________
> >> > K12OSN mailing list
> >> > K12OSN redhat com
> >> > https://www.redhat.com/mailman/listinfo/k12osn
> >> > For more info see <http://www.k12os.org>
> >> >
> >>
> >> > On Sun, 8 Jun 2008 22:33:34 +0200 (SAST)
> >> > "David Fourie (TSC)" <k12 bizmail co za> wrote:
> >> >
> >> >> Hi all
> >> >> Forgive me if this has already been discussed, but I have been unable
> >> to
> >> >> find anything in the lists or howtos...
> >> >>
> >> >> I am trying to get a K12 ver 6 environment to provide a text-only
> >> >> session
> >> >> for selected users - these users do not require any of the
> >> >> X-applications
> >> >> and would prefer to boot/login directly to a text session or the text
> >> >> application that we have provided for them.
> >> >>
> >> >> I tried (unsuccessfuly) to make custom changes for the specific MAC
> >> >> address in lts.conf using a line "SCREEN_01 = shell" - this booted
> >> into
> >> >> a
> >> >> shell, but no connection to any of the filesystems, so it was not
> >> >> useful.
> >> >>
> >>
> >>
> >> _______________________________________________
> >> K12OSN mailing list
> >> K12OSN redhat com
> >> https://www.redhat.com/mailman/listinfo/k12osn
> >> For more info see <http://www.k12os.org>
> >>
> > --
> > James P. Kinney III
> > CEO & Director of Engineering
> > Local Net Solutions,LLC
> > http://www.localnetsolutions.com
> >
> > GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
> > <jkinney localnetsolutions com>
> > Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
> >
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by MailScanner, and is
> > believed to be clean.
> >
> > _______________________________________________
> > K12OSN mailing list
> > K12OSN redhat com
> > https://www.redhat.com/mailman/listinfo/k12osn
> > For more info see <http://www.k12os.org>
> >
> 
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN redhat com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
> 
-- 
James P. Kinney III          
CEO & Director of Engineering 
Local Net Solutions,LLC                           
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney localnetsolutions com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]