I have written up how I built an XFCE kiosk using Xubuntu 12.04 (which includes XFCE 4.8). My objective was to build a task-specific unit (in my case, a computer to access one single web site in a church library i.e. an OPAC station) that could sit more-or-less unattended.
I have uploaded this as a PDF as an attachment to a post at ubuntuforums.org (look under my user name, charles-2007). Unfortunately to download it one must be logged in to that forum. If I could ascertain how to upload it here, I would do so as well.
I would appreciate any feedback. This is a work in progress and the PDF is labelled a "beta". It will stay a beta until I get the teenagers to try and hack it!
OK here is the document.
- - - - -
Create a Linux Kiosk with XFCE and Xubuntu
BETA WRITE-UP January 2013 STILL IN TESTING
Objective: a freestanding, hardened PC that connects only to whitelisted web sites (for example, as an OPAC “card catalog” station in a library). Disclaimer: this is less of a HOWTO and more of a “how I baked cookies using plain ingredients.”
+Note: when finished setting up the station, password the BIOS and perhaps disable peripherals (CD drives) from the BIOS as added security. Back up the installation either to a separate partition on the hard drive or to a USB flash drive (even better) using Clonezilla or equivalent.
+The following assumes a clean install on an empty drive. Prior to installation, optionally use GParted to partition the hard drive (to create a partition to serve as a backup or for alternative use).
+Install Xubuntu 12.04 (Ubuntu with the XFCE desktop) using the default parameters. I attempted this with 12.10 and found it too challenging. The 12.04 will be supported until April 2017 and runs all that is below well. This release runs XFCE 4.8. I did try an installation of the next XFCE release which crashed my system.
+The default install choice creates a partition for the operating system, a partition for swap files, and installs GRUB the bootloader on the MBR. Opt to get third-party files during the installation. Encrypt the admin’s home folder for added security. Do not select to autologin the admin.
+After installation completes, go to Ubuntu Software Center > Edit > Software Sources and under Other Sources opt for both Partners and Independent to be able to get some familiar software later. Allow the system to download and install all the updates. Later, when all setups are complete, I turned off automatic updates so users would not face update messages. The admin will need to run updates periodically.
+At this point, if you have an Nvidia or ATI graphics card, the Jockey program may offer to install proprietary drivers rather than the open-source ones. This can also be found under Settings > Additional Drivers. This is important as without good video your web browser may slow noticeably.
+I won’t go into details, but I chose to replace the swap partition with a swap file (check the Ubuntu Forums). This is optional. I reclaimed the swap partition for inclusion in a backup partition later using GParted.
+Uninstall programs (via Software Center) that are not important for your mission. I took down messaging programs (including Thunderbird) and the like. If unclear, leave it. I also removed the default word processor, AbiWord, and spreadsheet Gnumeric; I installed full LibreOffice instead for our librarians. I also replaced PDF viewers with Adobe Reader. Open JDK and its plug-ins may be added if there are sites of interest that use Java.
+XFCE uses Thunar as its file manager, Leafpad as its text editor, and Catfish as its file search program. Shortcutting to these via the terminal (SUPER-T keys) and running them (e.g. sudo thunar) and opting for hidden files is handy subsequently.
+Xubuntu 12.04 (and other flavors of 12.04) install a guest session by default. Logging in as “guest” is non-persistent, meaning once logged off all the manipulations done by the guest vanish. This seems like a good idea for a kiosk, but since this guest is allowed full run of the house (try it!), it can be deleted if desired as follows:
From the terminal: sudo leafpad /etc/lightdm/lightdm.conf
In the Leafpad window, add the line: allow-guest=false
+Instead of guest, I created another user (“visitor” in this example) in System > Users and Groups. Under that user in Advanced, I disabled all options except network access. I also created a group and added the user to it (if you want multiple users, you can then apply settings across them using groups). This user becomes the default login as follows from the terminal:
sudo leafpad /etc/lightdm/lightdm.conf
In the Leafpad window, add:
With this as default, the admin can at any time log out of the user and then into an admin session. An admin should be reminded to log out or shut down when leaving! Log in once as the user but don’t edit settings under that user for now and return to the admin.
+Note that at the loginscreen, the user sees a choice of a xubuntu or XFCE session. To limit to just a Xubuntu session, in terminal type cd /usr/share/xsessions and then sudo rm xfce.desktop and the choice will go away.
+Perform the following steps during an admin login. The admin panel and desktop will become the template for the user(s) later using XFCE settings.
+The bottom XFCE panel may be a distraction and can be deleted via right click options when on the panel (it is panel2). Multiple desktops via Settings > Workspaces can be reduced to one and then it can be removed from the top panel. For a kiosk, I suggest that the top panel should have as few items as possible. Right click on the panel and opt for Preferences > Items and customize.
menu showing all applications can be offered but perhaps not, or severely redacted (more on this later)
windows buttons are needed for minimized windows or the user will be confused
time and date are useful
session menu shows the name of the logged-in user (helpful to the admin)
action buttons gives a logout menu
+A launcher can be added to the panel for programs of interest to your users (Firefox, LibreOffice). There is a problem with panel launchers applied to all users that will be remedied later.
+This would be a good point to stop and back up the installation.
+The next steps lock the panel to a system standard. Understand that by default each user’s home folder determines the desktop settings unless a systemwide file overrides it. For example for user visitor the path is:
and the path for an override file will be inside
Also understand that in the XML files that XFCE uses (which can be edited with Leafpad), the lead item in a file, the channel parameter, overrides the lesser property parameters beneath it. Locking the channel locks everything in the file. Further, items referred to in the xdg directory should point to system items, not items in a specific user’s home folder. This last point we be clearer shortly. If you have removed XFCE Session from the login screen, then you can ignore the xfce4 folding in xdg.
+If you are satisfied with the top panel in the admin’s desktop, copy xfce4-panel.xml from the .config folder noted above (using the correct user’s name!) to the sytem folder noted above. An easy way to do this is via sudo thunar and opt to show hidden files (.config is normally hidden) and copy and paste. Now open xcfe4.panel.xml in the system folder (right click, open with Leafpad), and edit the channel line:
<channel name="xfce4-panel" version="1.0" locked="@GROUP-NAME" unlocked="ADMIN-NAME">
and save it. The phrasing between the quotes is either just a user’s name, or a group (using @ prior). Locking a user or group and leaving the admin unlocked means the admin can try additional edits and repeat this process later if desired, though the lock edits and others will need to be repeated too.
+If launchers have been placed on the admin panel, they will not work in on the user desktop as they reference a shortcut in the admin’s configuration. For example, I placed Firefox and LibreOffice launchers on the panel. The system shortcuts can be seen in /usr/share/applications if you need a reference. Using Leafpad to edit xfce4-panel.xml in the system folder, I changed one (longnumber).desktop to firefox.desktop and the other to libreoffice-startcenter.desktop to correct this.
+If you only want your users to access a couple of programs, why offer a fuller menu on the panel? A limited panel can be created via the steps above, and then subsequently the unlocked admin can pin the full applications menu back on the admin’s panel if desired. Alternatively, the user or the system menu can be edited using the Menu tool or directly at: xfce-applications.menu (there is one in the user’s config files that gets merged with the system one).
+The process used for xfce4-panel.xml can be repeated for xfce4-desktop.xml. However, there is a shortcut if you only have one user beyond the admin. This one works within the user login. The objective is to remove the rightclick shortcuts on the desktop. If you have opted to leave the Applications Menu on the panel of the limited user, the path is: Settings Manager > Desktop where under Menu you should clear the rightclick option and next clear the list of default icons and opt for none as icon type on the Icon tab. If you have removed Applications Menu from the panel of the limited user, you can click SUPER R to bring up the applications and find Settings Manager. Again, this is all done within the login of the limited user. If you plan to have multiple users, then apply the previous method involving the xdg folder.
+Once you like what you have, this would be another good point to do a backup.
+The subsequent challenge is locking down the web browser. Firefox (default for Xubuntu) stores the user preferences under a specific user (visitor in this example) within a subfolder of the hidden folder /home/vistor/.mozilla as a prefs.js file. Changes to preferences such as the home page as stored to this file. If the preferred settings to the browser are made and the browser is closed, the prefs.js file can be opened with Leafpad and saved as a user.js file in the same user folder. Firefox preferentially obeys user.js if it exists instead of the prefs.js file. The user can still manipulate the browser settings, but the changes simply do not persist once the browser is closed. This method is user-specific, but the user.js file can be placed in each user’s home folder and it will be applied. It is the easiest method I have found to control the browser. But there is a problem in the newer versions of Firefox! Clicking on Help > Troubleshooting and opting to Reset Firefox blows up all these configurations.
+The Firefox Add-On Public Fox can perform the steps noted above, but, in my testing, it is also destroyed by the reset. The Add-On Easy Whitelist can be passworded to block access both to preferences (configure them first) as well as blocking access to the rest button. More on Easy Whitelist subsequently.
+The kiosk tool for Firefox, R-kiosk, is good for offering a browser window without an address bar and without the back/forward arrows (the latter I found to be problematic). If you wish to test it, I suggest creating a demonstration user as it is not straightforward to deactivate.
+If there is only one user, what is above is probably adequate. To block access by multiple users to settings systemwide, it is necessary to create a mozilla.cfg file in the folder with the Firefox program (usr/lib/firefox in 12.04). The syntax is a little different than the prefs.js and user.js file but the concept is the same. Names of the preferences vary by Firefox version. I will attach an appendix of a sample mozilla.cfg for Firefox 18 after further testing.
+This mozilla.cfg file must be referenced in a file placed in the usr/lib/firefox/defaults/pref folder (same location as channel-prefs.js) in Firefox 18. Create a file using Leafpad called local-settings.js that simply contains:
Save the file and these settings will be applied on the next run of Firefox.
+Lastly, how to enforce limits on sites? In my testing of Easy Whitelist, I found this product quite adequate for application to one user’s browser. For more “serious” control of a computer (or for multiple users), especially if the box is to be dedicated to a single purpose (serving as access to a library card catalog in my example), it would be wiser perhaps to use Ubuntu’s firewall software in a whitelist mode. Either the built-in UFW program can be used in graphical format by downloading GUFW from the Ubuntu Software Center, or the older Firestarter program can be downlownloaded. Pick one or the other; both should not be running simultaneously. The firewall can be used in a whitelist mode (i.e. only allowing defined connections).
+In conclusion, I believe that an admin with some experience with the Ubuntu version of Linux can set up a station dedicated to a single, single purpose in an afternoon with some assurance that it won’t be easy to hack. It will require episodic maintenance (perhaps biweekly). As always: backup, backup backup.
I will appreciate your feedback via the forums. Best wishes.
+Instead of using Firefox, which requires (pretty much unguided) trial-and-error manipulation of a system mozilla.cfg file, it is far easier to achieve the same objective using the Chromium browser, as documented here:
http://www.chromium.org/administrators/ … uick-start
The Chromium site offers a template file for Linux and includes fairly clear instructions about the options inside the template. In one step, the browser preferences can be locked for all users -- including direct control of blacklisting and whitelisting. In (X)ubuntu 12.04 the path to /policies/managed/ where the file is placed is slightly different that in the tutorial (but no worries, it is created when the Chromium browser is installed via Ubuntu's Software Center) but it works out of the box. Make an typographical syntax error, though, and the file won't work. But using chrome://policies in the address line will show what is working and what is broken, and turning options on and off is as easy as (un)commenting in a text file (i.e. "//").