Beruflich Dokumente
Kultur Dokumente
net/PLUG/kiosks/howto/#3
James D. B. (email)
This version of my HOWTO is defucnt, outdated and old. From now on, please refer to the New version. A linux kiosk distribuition has been born of this howto. It is my brainchild and is called Debiosk. I am retracting my webconverger endorsement, as it has too many features. Thanks!
Changelog
v0.1 : Initial document. (03/07/07)
2 Synopsis
2.1 What's a kiosk anyway? 2.2 In 100 words or less... 2.3 Hardware 2.4 What we won't be covering... 2.5 How to use this HOWTO 2.6 "TO DO" list
4 Crank up Firefox!
4.1 Install Firefox from tarball
4.1.1 Dependencies 4.1.2 wget, tar, chown, mkdir, rm
1 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
4.4 Restart firefox, and... 4.5 Get out of Kiosk mode. 4.6 Configure extensions
4.6.1 Blocksite - OBSOLETE as of newest version of Public Fox! 4.6.2 Stealther 4.6.3 auto reset browser: 4.6.4 Public Fox 4.6.5 R-Kiosk
5 Configuring the OS
5.1 set up the kiosk's .xinitrc 5.2 /etc/init.d/kiosk 5.3 /bin/startkiosk.sh 5.4 Xwrapper.config 5.5 Test your new kiosk 5.6 GRUB Password
5.6.1 Reboot, test
5.7 Modify XF86Config or xorg.conf 5.8 Delete unused programs 5.9 rc2.d
Pleae read all of this (or any) howto in its entirety before starting the actual project. There is one pretty bad hole in this configuration right now, please read section 2.6 ("TO DO") for more information. If you choose to implement this, I encourage you ro email me and tell me how it went. I welcome all constructive criticism and will be more than happy to answer any questions you may have. Thank you.
1.1 Copyleft
This HOW-TO is in the public domain. Anybody can do whatever they want with it (modify it, remove things from it, distribute it, etc), as long as they keep this paragraph intact. Anyone who reads this also agrees that I (James D. Barrett, jadoba.net) am not responsible for anything that happens because of any use or misuse of the information, materials and ideas held within this document. This document comes with NO warantee of any kind.
1.2 Disclaimer
2 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
This is by no means a "complete" documentation. In public access computing, security is VERY important! I cannot stress this enough! A firewall is a good idea, as is good strong passwords and the removal of unneeded services and programs (such as gcc and apt). All of these issues are out of the scope of this documentation, so it would be wise to read up on this stuff yourself and implement those security measures appropriately.
2.3 Hardware
Typically, a pIII with at least 96MB of ram and 2-3GB of disk space would be sufficient. I would reccomend around an 800Mhz processor and 128MB of ram. On ebay it might cost you less for the machine itself than it would cost to cover shipping. Touchscreens are nice, but pricey, and fragile.
3 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
Firewalls, cleaning up of unneeded services, an easy way to maintain this thing, hardware specifications, special hardware, touchscreens and the manufacture of an enclosure, will not be discussed in this version of the howto. Check back later to see if a newer version has been posted.
Because of a bug in the OS, whenever I booted a newly-installed daily-built netinst image for debian etch testing, the ethernet card came up as a different interface every time (eth1 once, then eth2, then back to eth1...) Because I only had a couple days to finish this after the bug appeared, I decided to continue on with debian sarge. This makes for more headaches setting up X and dependencies, but it makes little difference in performance for the end result. As of this writing, the etch bug is probably fixed.
4 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
Fluxbox is what I used to develop this, but you could always use iceWM or windowmaker or whatever. Choose something lightewight. Whatever you decide on, it can be deleted later with 'apt-get remove ...' as we will not be needing it for the end result. # apt-get install x-window-system fluxbox If installing under etch, do this instead: # apt-get install xserver-xorg-core xorg fluxbox xli is a nice little thing used for displaying images. For this project, xli can be used for displaying an advertisement as the background of the kiosk screen. It will be visible only between firefox reloads. It's really a moot point, but it's also not the worst idea (not as bad as installing fvwm just so you can put graphics over top of parts of the browser...) I'm certain an advertisement popup system could easily be created within a half hour using tcl/tk and some creativity, or through a php frontend on a dedicated web server. So, if you want to add an ad later on, then install xli now. Fastjar is needed to unjar and rejar Firefox's browser.jar (which we won't need to do for this version of the howto.) Fastjar can be deleted after we're finished setting up. Note that if you don't plan on editing browser.jar, then fastjar can assuredly be omitted. # apt-get install xli fastjar If you're using sarge, XDM was probably installed as a dependency. So, right about this time I usually mv S99xdm to K01xdm in /etc/rc2.d like so: # mv /etc/rc2.d/S99xdm /etc/rc2.d/K01xdm
5 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
common libjpeg62 libpango1.0-0 libpango1.0-common libtiff4 libxp6 psmisc libstdc++5 (NOTE: The above command will also install gcc-3.3-base, which is undesirable) In sarge: # apt-get install libatk1.0-0 libglib2.0-0 libgtk2.0-0 libgtk2.0-common libidl0 libjpeg62 libpango1.0-0 libpango1.0-common libtiff4 libstdc++5 That ought to get Firefox running. And if you're wondering, yeah, all I did was type 'apt-get install firefox' and selected 'no', then installed everything that it listed - except Firefox and Iceweasel. 4.1.2 wget, tar, chown, mkdir, rm NOTE: Firefox 2.0.0.2 is out. It came out within the past week, which is why I'm not going to (can't) use it (some extensions don't work with it right now.) My suggestion would be to install the newest version of Firefox and see if the extensions work. If they don't, then remove the firefox directory AND the .mozilla directory and install one version number lower. 2.0.0.1 will probably work for everyone. $ cd ~/ $ wget http://ftp-mozilla.netscape.com/pub/mozilla.org/firefox/releases/2.0.0.1 /linux-i686/en-US/firefox-2.0.0.1.tar.gz $ tar xvzf firefox-2.0.0.1.tar.gz That should install Firefox to your home directory, which isn't such a bad thing, as we will chown it recursively as root. Then, as root, make a directory in the user's home called "downloads" (it can really be called anything, as long as it's owned by root.) Also we can now delete the Firefox tarball. # chown -R root:root /home/kiosk/firefox/ # mkdir /home/kiosk/downloads $ rm ~/firefox-2.0.0.1.tar.gz
6 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
7 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
seconds. It will not work unless you disable Firefox's session restore feature. That process is described later on. You definately want both checkboxes checked, and select a time you think would be a good one to reset the browser automatically. The default, 300 seconds, is a good amount IMHO. Both boxes should also be checked by default. 4.6.3 Public Fox This extension is useful for many reasons, particularly because it allows for passwordprotecting the add-ons dialog, feeds and bookmarking. Choose a semi-strong password, such as one with three or more random, unrelated five-letter words. Write it down. Also check all the boxes in the top left section of this extension's preferences dialog. This extension also can be used for primative wildcard-based blacklisting or whitelisting to block seedy sites, like those peddling smut, or any other unwanted sites. It filters URL's through a list containing entries with wildcards before displaying them. Sometime soon, I might have a somewhat effective and typically adequate blacklist file available in the "links" section at the end of this how-to. 4.6.4 R-Kiosk This is the 'heart and soul' of the kiosk and gives the basis of security. A few caveats: it doesn't stop the download OR upload dialogs, doesn't stop bookmarking, doesn't stop the installation of extensions, and is 99% un-configurable, only allowing you to disable printing (a moot point) and enable the navigation/location/search bar - we will discuss how to do this later.
8 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
2. Tabs
9 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
3. Content
10 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
11 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
12 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
13 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
8. Security
14 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
15 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
16 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
4.7.2 about:config Remember that password you set a while back? You're going to need it again. Put about:config into the location bar and hit enter. 1. Disable session store From Mozillazine.org: 'To disable the feature add boolean browser.sessionstore.enabled in about:config and set to "false". No startups will restore sessions.' - If you do not set this to 'false', then not only will Auto Reset Browser fail to work correctly, but session data will be saved and you do not want that. 2. Hack to disable addition of bookmarks (obsoleted after latest version of public fox) Skip this one unless you're having problems with people setting bookmarks by right-clicking the tab bar. Problems with people saving bookmarks are easily rectified by configuring browser.bookmarks.file in about:config - set the string to /home/user/downloads /bookmarks.html and it will prevent any saving of bookmarks. This works because,
17 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
as you may remember, that directory is owned by root and nothing can be deleted or changed there by the user. It will still be possible to create new bookmark folders, but they will vanish whenever auto reset browser does its thing. 3. Disable the file picker Looking for a solution to this security hole took the most time compared to any other part of this project. I found this fix literally 24 hours before the presentation was to be given. First, enter boolean option ui.allow_platform_file_picker and make sure it is set to "false". This will disable GTK's file picker. We're only 1/2 done, to complete this task we must delete a file and touch it for good measure: # rm /home/kiosk/firefox/components/nsFilePicker.js # touch /home/kiosk/firefox/components/nsFilePicker.js I'm told it would probably be wiser to chmod this file 000 instead of deleting it: # chmod 000 /home/kiosk/firefox/components/nsFilePicker.js What you have just done is force Firefox to use its own file picker, which is not accessible on that machine any more. When someone goes to upload a file, nothing should come up - no dialog, no error message, nothing. 4.7.3 Re-enable extensions This would be a good time to enable any extensions that you disabled previously. First, re-enable Auto Reset Browser and check to see if the settings are to your liking. After that, re-enable R-Kiosk. Restart Firefox to allow the changes to commit. 4.7.4 "Hack it up hack it in, let me login..." Close Firefox. There are two gaping security holes right now: installing extensions and running anything through an already installed program. We will also stop the print dialog from coming up. 1. Chown and chattr: extensions.ini Even under R-Kiosk you still have the ability to install extensions. This is easily rectified. Exit firefox, and execute the following commands, as root, replacing {default-profile} with whatever the directory happens to be named (hint - it ends with default) # chattr +i /home/kiosk/.mozilla/firefox/{default-profile}/extensions.ini What 'chattr +i' does is add the immutable bit to a file, making it impossible to delete, move, rename, append to or otherwise modify that file without first removing the bit. If you ever need to edit the extensions again, just do this: # chattr -i /home/user/.mozilla/firefox/{default-profile}/extensions.ini
18 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
2. Rm and touch: nsHelperAppDlg.js Here's the second security hole: we need to stop users from downloading and running files. Well, we got the downloading part fixed (sorta, the files still download to /tmp) but end users can still run shell scripts through bash. What better way to stop the end user from running evil shell scripts than to stop the 'open with' dialog from coming up? This is how it is done: # rm /home/user/firefox/components/nsHelperAppDlg.js # touch /home/user/firefox/components/nsHelperAppDlg.js Like before, if you prefer you can simply chmod it to 000 What you just did was completely remove the "save/open with" dialog. A substantial replacement (empty file) was created. Right now, if you were to try and download a file of an unknown type, it would pop up with an error message and Firefox would just keep chugging along. Here is yet another option to fix this security hole. From max1million on forums. mozillazine. org, I got a suggestion to change this line: show: function( aLauncher, aContext, aReason) { to say this: show: function( aLauncher, aContext, aReason) { return; That might stop any error popups from coming up when a link to an unknown file type is clicked. 3. Disable print dialog Directly from the developer of R-Kiosk: You can enable Navigation toolbar by adding the following to user.js: user_pref("rkiosk.navbar", true); You might want to remove the print dialog by adding following lines to your user.js: user_pref("print.always_print_silent",true); user_pref("print.show_print_progress",false); user.js resides the profile directory. It most likely won't be there so you must create it. I suggest you do NOT enable a navigation bar. Why? A couple reasons, mainly it's not necessary (I mean, seriously, what do you need on the web that can't be found through Google?) Many people, believe it or not, are oblivious to the location bar (if you don't believe me, then explain the ease of which people's information gets phished.) If you enable the navigation bar, you must disallow certain uri's ("file://" for example.) This last reason is a fairly simple task, and if you want more information please email me.
19 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
4.
Start up Firefox (it wasn't still on, was it?) and see if the modifications work - go to coolservice.dk and try to upload a file with their cell phone file uploader. Find a shell script on google and attempt to run it through bash. Try to install an extension. Try to print something. Try to visit a site you blacklisted. If you can not succeed, then proceed to the next objective.
5.2 /etc/init.d/kiosk
# pico -w /etc/init.d/kiosk Init scripts are meant to be run once and exit, and shouldn't be just hanging around waitiing for things to finish. Add the following code: #!/bin/bash echo 0 > /proc/sys/kernel/sysrq echo -e "\t Putting the machine into Kiosk mode . . . \n" sleep 3s /bin/startkiosk.sh & Therefore, we use the init script as a wrapper for another script. Also you might have noticed that "echo 0 ... " line. This is very important. No public Linux box should go without this step! Alt-SysRq can do a lot of things which you don't want to happen on a public computer (such as immediate reboot without syncing filesystems or unmounting disks, send
20 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
a SIGKILL or a SIGTERM to all processes (including or excluding init), remount all filesystems read-only, as well as a bunch of other stuff. I can not stress this enough: you must not omit that line if you plan on publicizing the machine. Don't forget to chmod it a+x: # chmod a+x /etc/init.d/kiosk
5.3 /bin/startkiosk.sh
# pico -w /bin/startkiosk.sh What this script does is login as the normal user with su and start up X through xinit. #!/bin/bash # this is /bin/startkiosk.sh su - kiosk -c 'xinit' shutdown -r now Optionally, a 'while true ; do ... done' statement can be utilized to run X perpetually: #!/bin/bash # this is another /bin/startkiosk.sh while true ; do su - user -c 'xinit' done Don't forget to chmod it a+x: # chmod a+x /bin/startkiosk.sh
5.4 Xwrapper.config
This modification will allow X to be run thorugh su in a script instead of just through the console. From http://www.knoppix.net/forum/... Edit file /etc/X11/Xwrapper.config ... Change this line: allowed_users=console to: allowed_users=anybody So, either fire up pico, or run this command: # sed -i 's/^allowed_users=.*/allowed_users=anybody/' /etc/X11 /Xwrapper.config
21 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
22 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
5.6.1 Reboot, test Reboot and test your password - at the grub screen, press any key and then hit p, enter your password. If it doesn't work, boot into "Start Kiosk" and start the GRUB password process (section 5.6) over again. If you can't get to a shell, then you'll have to boot a knoppix cd (or put the hard drive into another machine,) mount the drive and change menu.lst that way.
5.9 rc2.d
Prevent any services that you don't need from starting at bootup by moving them from S to K in /etc/rc2.d - here's an example for XDM: # cd /etc/rc2.d # mv S99xdm K01xdm We want the kiosk init script to run last, which is S99. So, let's move all the current S99 links to S98 links: # cd /etc/rc2.d # for i in S99*; do mv $i `echo $i | sed 's/99/98/'`; done # ln -s /etc/init.d/kiosk ./S99kiosk
You're done! And, in less than two hours, right? Please email me at jadoba@jadoba.net if you have any comments. Have fun!
23 de 24
http://jadoba.net/PLUG/kiosks/howto/#3
PLUG Website Slides from my presentation SOON (never): a tar file with copies of all the init scripts
24 de 24