a Linux Kiosk system

One Trick Pony


This is part of an exercise to use Linux as a kiosk system. 'Kiosk System' can mean a couple of things, but here we assume that it's a computer that runs just one application - i.c. a web browser - and does not allow the user to do anything else but use that browser. That way, the computer can be left unattended, e.g. in public places (public libraries, ... )


fluxbox and firefox as an online public catalogue for the Antwerp Public Library
fluxbox and firefox as an online public catalogue for a Public Library


What do we need ?

To run just a web browser we don't need a full-blown desktop : a minimal x-windows system will do : all we need is 1 window in which the browser can run. This approach is also used in this "minimal GUI" setup for a Linux server where we provide a web browser to take advantage of the graphical front-ends to configure the system. Building on that approach, we will set up a base Linux system (install nothing but the operating system - a minimalistic Debian or Ubuntu Linux system) and add some x-window components so that we can run a web browser (firefox).

Although a Window manager is not strictly necessarry since you're only running 1 application, you can add a lightweight Window Manager (i.c. FluxBox) to add some extra functionality, such as a Menu that'll allow you to shutdown or restart the kiosk itself, or the browser, or so.

Assuming this computer will be unattended, we don't want users to go and play with it, and we definitly don't want users to crack it or try to get escalate their privilegues or install their own software so that the machine becomes a zombie or what not - so we (try to) deny them access to the system.

Concept

We'll use an ordinary PC, possibly an old, decommisioned one, run a minimal Linux system on it with a custom fluxbox desktop to provide a small handful of menus when needed, and an preconfigured web browser. Note that you can add some eye candy here, eg run xscreensaver too for pretty pictures if the system is idle. You can also expand this concept to other applications (e.g. running a "remote desktop" client will turn this system into a "Terminal Services client"). A menu to stop/start/restart such apps can be a plus. Hence the Fluxbox.

Overall, we keep this simple and reproducable, so you can turn out many of these "thin" clients to easily provide any application (by way of your Terminal Server) to remote users, or as a poor man's way to Desktop Virualization.

Hardware, Operating system

We're mimicking thin clients here, using regular PC's. Hardware requirements are minimal, a 5 year old PC will do fine.

Start with a minimal Linux install - I usually do Debian (net installer) or Ubuntu (mini cd). Ubuntu gives you slightly better support for some proprietary hard- or software and overall user-friendliness and smoother look-and-feel, although most of that ends up in Debian sooner or later as well. Ubuntu may have the downside that it's evolving towards a highly integrated operating system, so custom pick-and-choose spins like these might get more difficult in the future.

Refer to Debian minimal system.
Consider developing automatic installations if you plan to do a lot of these.

Fluxbox

Although you can run GUI apps without a Window manager or a Desktop environmant, I usually add Fluxbox window manager to provide some Windows management, menus, etc. which sometimes comes in handy for troubleshooting, and to keep the user away from the shell (both for userfriendliness and as a security measure).

Fluxbox is easily configurable, so you can provide a simple menu to let the user restart a hung application or shutdown or restart the system, and you can autostart an application on login. Or set screensaver preferences.

Fluxbox Kiosk configuration

user account and login

Since you don't want any of this to run as root, you need to create a user account, with a password.
We create 1 user (www) with password www. This account will be used to use the PC as a web client.

	useradd -m -s /bin/false -p `mkpasswd www SD` www

A display manager ?

The display manager (or 'dm') is the app that provides a login prompt (or "greeter"). It's main purpose is to force a login with a normal, non-root user account after the system has gone through its startup, as you don't want the kiosk session to start under the root account.

install xdm - it's a pretty simple and straightforward display manager.

Downside : xdm does not provide an auto-logon mechanism - someone will have to type in username and password. If that's not what you're after you need a different solution here.

You could opt for a dm that offers autologon, such ad gdm. Problem there is that this might pull in a lot of dependencies, such as a complete gnome desktop environment. Not really what we want here. There are other display managers with autologin features but those I tried appeard to behave rather unpredictable sometimes, especially when the user logs out.

The alternative I eventually landed on is : do an automatic login on the console, then start the window manager automatially (and make it so that this happens again automatically when the user logs out (so that he can't drop to a shell and get creative with cli commands).

Automatic logon

For a atomatic console logon, the default 'getty' won't do, you need 'mingetty'. mingetty is a tty session tool (console, 'terminal') with autologin-option. To switch from a console to a window environment you need xinit or startx, from the xbase-tools package. To install them (The relevant Ubuntu repo is universe) :

 apt-get install mingetty xbase-tools 

Next, you need to insert mingetty in the upstart configuration (or the older init scripots or inittab). In Ubuntu, this is done by editing the tty[n].conf file(s) in /et/init/. You need something like

respawn
exec /sbin/mingetty --autologin www  tty1

remember that www is the logon name of the acount you wish to log on with

As we now have an (automatic) console logon, we can use the users .profile file to start applications, i.c. 'startx' to start the GUI environment (which will have its own autostarts for the actual applications such as a browser or a screensaver). Note that there's a weakness here in that the user can, normally, edit his own .profile file and could thus interfere with the mechanism we're setting up here. Conider preventing the user from making (persistent) changes, eg by changing the default permissions, set the file immutable, or providing a "deepreeze" mechanism.

As we mentioned earlier, we want all this to repeat itself when a user logs out. We accomplish that simply by stating 'logout' as a second command. That way, when the "startx" command terminates, i.e. when the GUI session ends, the user is logged out (and the 'respawn' command in tty conf triggers a new autologon, and we're full circle)

Here's the relevant part from the .profile file :

clear
echo -e "\n\nplease wait ...\n"
sleep 2
startx /usr/bin/startfluxbox
logout
#EOF

install and configure a browser

install and customize/lock down Firefox

Lockdown

Seriously consider hardening the system.

More


Koen Noens
December 2006
Partially rewritten July 2007