A while ago I knocked up a header file and a support RPM to turn a DICE machine into a "Conference Kiosk". This allows anonymous access to a web browser, ssh, rlogin and telnet. The idea being that for conferences, it allowed delegates to contact home email accounts without the need for full DICE accounts.

I don't have the details here, but I believe it was OK from a Uni and JANET point of view, because we'd know who the delegates were, if not that actual one person doing anything against the rules.

Some day there may be more docs, but for now some headline info:

  • Uses the restricted shell mode of bash rbash to limit what commands can be run.
  • /usr/rbin/ contains links to the allowed executables.
  • The local user conf1 is automatically logged in by gdm after 10 seconds
  • His homedir is /tmp/home/conf1/ and is wiped and recreated between logins.
  • A minimal fvwm2 windowing environment is setup that allows a new shell, web browser or exit the kiosk.


I'm recording the problems when porting to FC6.

First just tried including the header dice/options/conf-kiosk.h. The first time seemed to go OKish (though problems with mozilla/firefox), but the second time, the "conf1" users home dir in /tmp/home/ didn't get created with the correct ownership, this was after a reboot. Deleting and running "om file configure" again fixed it. - This may have been fixed by copying the FC5 gdm resources to FC6 in the header file, which runs the setuphomedir script when gdm runs?

Previous setup was for mozilla, we're now using firefox. Just needed to update a few scripts, and take a new copy of a minimal .mozilla dir from the conf1 user.

Current mstone version for firefox appears to be - as reported by firefox -V!

Seems to be working. Just need to include the dice/options/conf-kiosk.h header file in a machine profile and run updaterpms, restart gdm. A reboot may be simpler.


Somethings that have occured to me:

  • Smarten up the Windowing environment. Looks very 80's.
  • Some online help?
  • A web browser only mode?
  • Some real docs!

-- NeilBrown - 23 Nov 2007

