LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Linux Answers > Applications / GUI / Multimedia
User Name
Password

Notices


By lukeprog at 2006-06-08 11:19
Version 2 (18/06/2006)

This tutorial assumes some basic Linux knowledge.

I wanted to ditch expensive, proprietary, vulnerable, resource-hogging Windows XP for Linux in my library system. After investigating dozens of distros, I found that openSUSE was best for my needs because it is free, easy to install, compatible with most hardware, and easy for patrons to use. Xandros OC3 was a good choice for lower-end machines; it runs fine on 450Mhz PCs.

I used the KDE Kiosk Tool to lock down the desktop environment for my "all" user account. However, I still needed a solution like DeepFreeze, which reverts a PC to a backup image of the disk upon reboot so that no changes made by the public will stick. I wanted to be able to tell location staff, "If something looks weird or isn't working, just reboot."

DeepFreeze is not available for Linux, but Linux has the tools to do that sort of thing built-in.

I tried using LiveCDs, which run a Linux OS completely off a CD (which is, of course, read-only). But I wanted more customization power than LiveCDs can offer. I tried mounting /home/all to a temporary filesystem (tmpfs) at boot, but that interfered with the KDE Kiosk Tool.

Finally, a more experienced friend helped me write some scripts that achieve a DeepFreeze-like effect for a single user account. This is actually better than DeepFreeze - assuming you don't give out your root account password! With DeepFreeze, you have to "thaw" a computer with the password, reboot, make changes, "freeze" the computer again, and reboot. With this Linux solution, you can just login as root, make changes, refresh the backup image, and log back in as "all" (or whatever account(s) you want the public to use).

Here are the basic steps:
1. Install your distro of choice and create the account(s) for public use.
2. Customize and lock down the public user account(s).
3. Write a script that creates the backup image(s) of the public user account(s).
4. Write a boot script that restores the backup image(s) of the public user account(s).

I'll assume you can handle (1) and (2). I recommend KDE and the KDE Kiosk Tool for easy interface lockdown. Now for the DeepFreeze-esque stuff:

Create a new text file on root's Desktop, make_backup.sh:
Code:
#!/bin/bash

rm -f /root/Desktop/clean_all.tar
tar -cpPf /root/Desktop/clean_all.tar /home/all
Give root execute permissions for it and add it to $PATH if necessary (I prefer to just execute it directly by going to its directory and typing ./make_backup.sh).

This is a very simple bash script. The third line removes the backup image (clean_all.tar) if it exists, without prompting for confirmation. The fourth line creates a tarball of the all user account directory (/home/all), which contains personal files and settings for the all user account. We use a tarball because it preserves permissions. We could compress the tarball, too, but here I'm more concerned with restoring the user account from backup quickly every time the computer boots than I am with conserving disk space.

I've stored the backup image in /root/Desktop. It doesn't matter where you store the backup or the scripts, as long as it's not in the home directory of a non-root user account or a temporary directory.

We should only run this script when the all user account exists exactly as we want it. So we'll run it once when we've set up the public user account (I've named it all). Then, we only run it after we make wanted changes to the all user account and verify it is working.

The second script will restore the all user account from the backup we just created. I'll call it restore_backup.sh:
Code:
#! /bin/bash

rm -fR /home/all
tar -xpPf /root/Desktop/clean_all.tar
Again, give root execute permissions for the file. This bash script removes the /home/all directory, which deletes all account files and settings without deleting the account. It then restores /home/all from the backup we created, preserving permissions. The tarball automatically unpacks to the directory from which it was created: /home/all.

Now we need to have the restore_backup.sh script run at boot. Linux boot scripts are located in the /etc/init.d directory. In openSUSE, I just made a copy of an existing script in /etc/init.d/rc3.d and cleared everything but the last line: rc_exit. In Xandros, the recommended boot script to modify for this sort of thing is bootmisc.sh.

Open the proper boot script for editing. First, we'll add a line so that we can easily enable or disable the code we're going to add. Near the top of the script, add the line
Code:
RESTORE=yes
This creates a variable called RESTORE and gives it the value "yes". So if we don't want restore_backup to run on startup, we can simply change "yes" to "no". Now, add this code later in the boot script:
Code:
if [ "$RESTORE" == yes ]
then
    /root/Desktop/restore_backup.sh
fi
If RESTORE is equal to "yes", the restore_backup.sh script will be executed at boot. Otherwise, it won't.

Save the file, reboot, and you're done! Naturally, if you want the backup tarball or scripts stored somewhere else or named something else, just modify the scripts to indicate the correct directories and filenames. The scripts can also be easily modified to accomodate backup and restore of multiple public user accounts.

Now I hope more experienced Linux users will provide feedback, corrections, suggestions for improvement or clarification, additions for getting this to work on other distributions, etc. Questions are also welcome!

by unSpawn on Thu, 2006-06-08 16:07
Looks good though there is something wrong with the URI formatting (uses double quotes).

I still do not get why you can't use tmpfs, cloop or any overlay FS, but since the discussion is closed and the LA was made I'll save that for another time...

One nit: the "/root" directory usually resides on "/". Apart from not using /root for "regular tasks" large backups may fill up your root if you have a large backup to make and you definately do not want that. Since it's not that persistent I would recommend something like /var/local or /var/cache.

And if you want automagical restoration on boot, why not add it to your rc.local (or equivalent)?

by lukeprog on Thu, 2006-06-15 09:42
Quote:
Originally Posted by unSpawn
And if you want automagical restoration on boot, why not add it to your rc.local (or equivalent)?
What's the difference between rc.local and other init directories?

tmpfs and similar solutions always caused problems when I tried them. This works.

How do I edit my article to fix those URIs?

by ashkev on Fri, 2007-09-21 09:06
This would be wonderful to have in Edubuntu. I am using Edubuntu for public access computing, with several users connecting through thin clients.

In the home directory I have: kevin patron4 patron5 patron6

The tutorial says to do this :

#!/bin/bash

rm -f /root/Desktop/clean_all.tar

tar -cpPf /root/Desktop/clean_all.tar /home/all


but , if i do that it will also restore my kevin directory right?
Is there a way to exclude the kevin directory from the tarball? Or is there a way for me to put all of my public profiles in a directory like all? How would I do that?

Thanks so much,

Also, the tutorial mentions that to get the restore script to run at bootup, the bootmisc.sh should be modified. Would this work by modifying /etc/rc.local?

by ashkev on Thu, 2007-09-27 14:22
This is what I came up with:

For the backup script.

Code:
cd /home
tar cvfz restore_patron4.tar.gz patron4
Then for the restore script I put this in /etc/rc.local:

Code:
cd /home
rm -fR /home/patron4
rm -fR /home/patron5
rm -fR /home/patron6
tar xvfz /home/restore_patron4.tar.gz
tar xvfz /home/restore_patron5.tar.gz
tar xvfz /home/restore_patron6.tar.gz
It has been working fine for multiple accounts on clients.

by jamiejacksoncumbria on Tue, 2007-10-30 20:18
Hi Guys,
I am running a internet cafe running ubuntu. To manage it I am using outkafe. Outkafe timer needs to be started at the start of the session and I needed all data and conf put back when the user leaves. So I decided to edit Xsession to do this. I Made all users part of a group and when a member of this groups logs in it would run the timer and hold the session open and then the timer would quit and close the session. Also I add an rsync command to copy skel over to the users home and of course if the user was not part of the group the session would just run normal. This was grate because I could set up apps as I want them add icons etc. If you want to change some think change it in skell and it would change it for all users. I suppose you might not want to use skell maybe another dir. As all users will end up with these settings to for example I removed the log button as it was on my timer. Now all user will not have a log out button. I will paste the bottom of the Xsession File.

if groups | grep -q outkafe
; then
SESSIONFILES=$(run_parts $SYSSESSIONDIR)
if [ -n "$SESSIONFILES" ]; then
set +e
for SESSIONFILE in $SESSIONFILES; do
. $SESSIONFILE
done
set -e
fi &
sleep 8
rsync -a --delete /etc/skel/ ~/
/usr/bin/oklin --session-manager
else
SESSIONFILES=$(run_parts $SYSSESSIONDIR)
if [ -n "$SESSIONFILES" ]; then
set +e
for SESSIONFILE in $SESSIONFILES; do
. $SESSIONFILE
done
set -e
fi
fi

exit 0
# vim:set ai et sts=2 sw=2 tw=80:

by boyet72 on Wed, 2008-02-13 12:54
Quote:
Originally Posted by jamiejacksoncumbria View Post
Hi Guys,
I am running a internet cafe running ubuntu. To manage it I am using outkafe. Outkafe timer needs to be started at the start of the session and I needed all data and conf put back when the user leaves. So I decided to edit Xsession to do this. I Made all users part of a group and when a member of this groups logs in it would run the timer and hold the session open and then the timer would quit and close the session. Also I add an rsync command to copy skel over to the users home and of course if the user was not part of the group the session would just run normal. This was grate because I could set up apps as I want them add icons etc. If you want to change some think change it in skell and it would change it for all users. I suppose you might not want to use skell maybe another dir. As all users will end up with these settings to for example I removed the log button as it was on my timer. Now all user will not have a log out button. I will paste the bottom of the Xsession File.

if groups | grep -q outkafe
; then
SESSIONFILES=$(run_parts $SYSSESSIONDIR)
if [ -n "$SESSIONFILES" ]; then
set +e
for SESSIONFILE in $SESSIONFILES; do
. $SESSIONFILE
done
set -e
fi &
sleep 8
rsync -a --delete /etc/skel/ ~/
/usr/bin/oklin --session-manager
else
SESSIONFILES=$(run_parts $SYSSESSIONDIR)
if [ -n "$SESSIONFILES" ]; then
set +e
for SESSIONFILE in $SESSIONFILES; do
. $SESSIONFILE
done
set -e
fi
fi

exit 0
# vim:set ai et sts=2 sw=2 tw=80:
sir can i have your guide on how did you install the outkafe in your ubuntu? i am going to open an internet cafe shop next month running 8units of ubuntu and 4units of windows xp with ubuntu running as server...pls send me the info of installing outkafe in your ubntu i need this program badly..thanks for your reply...boyet

my email address is chelery72@smartbro.net alternate is blery72@yahoo.com

by JohnnyForeigner on Tue, 2010-05-18 21:31
Thanks for the info in this thread. I'm installing linux in an internet cafe and needed a "Deep Freeze" solution. The backup of a clean "All Users" account and restore at startup works great (I put the restore script in rc.local). The problem I have is that I needed the PCs to boot automatically into the All Users account and not offer the 2 logins (with the admin user). I set this up in Linux and now get the error "/usr/libg/conf2-4/gconf-sanity-check-2 salio con el estado 256" when booting. Clicking "X" or pressing <CR> then boots OK, but why do I get this error? Would moving the restore into /etc/rc2.d fix it?, I will try this tomorrow in the cafe.

I am using Ubuntu 10.04.

by HuMan-BiEnG on Sun, 2010-06-13 06:28
yeah ,thanks for this great info ,
it helps me too ,
thanks alot for everyone

by mjolnir on Sun, 2010-06-13 08:05
Sorry if I am missing something here but wouldn't OpenSolaris with cloned BE's (Build Environments) be ideal for something like this?

by apollo495 on Tue, 2010-06-29 14:57
Hi all, forget about those scripts!


  



All times are GMT -5. The time now is 06:10 AM.

Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration