fluxbox and firefox as an online public catalogue for a Public Library
This is part of an experiment to use Linux as a kiosk system. 'Kiosk System' can mean a couple of things, but here we assume that it's a computer that runs just one application - a web browser - and does not allow the user to do anything else but use that browser. That way, the computer can be left unattended, e.g. in public places (public libraries, ... )
fluxbox and firefox as an online public catalogue for a Public Library
To run just a web browser we don't need a full-blown desktop : a minimal x-windows system will do : all we need is 1 window in which the browser can run. This approach is also used in this "minimal GUI" setup for a Linux server where we provide a web browser to take advantage of the graphical front-ends to configure the system. Building on that approach, we will set up a base Linux system (install nothing but the operating system - e.g. Debian 3) and add some x-window components so that we can run a web browser (firefox).
Assuming this computer will be unattended, we don't want users to go and play with it, and we definitly don't want users to crack it or try to get escalate their privilegues or install their own software so that the machine becomes a zombie or what not - so we deny them all access to the system.
We'll use an ordinary PC, possibly an old, decommisioned one, run a minimal Linux system on it with a custom fluxbox desktop to provide a small handful of menus when needed, and an rdp-client preconfigured to connect to our Terminal Server.
We'll show how to (optionally) add an OpenVPN client that automatically connects to the HQ's VPN gateway.
Overall, we keep this simple and reproducable, so you can turn out many of these "thin" clients to easily provide any application (by way of your Terminal Server) to remote users, or as a poor man's way to Desktop Virualization.
We're mimicking thin clients here, using regular PC's. Hardware requirements are minimal, a 5 year old PC will do fine.
Start with a minimal Linux install - I usually do Debian (net installer) or Ubuntu (mini cd). Ubuntu gives you slightly better support for some proprietary hard- or software and overall user-friendliness and smoother look-and-feel, although most of that ends up in Debian sooner or later as well. Ubuntu may have the downside that it's evolving towards a highly integrated operating system, so custom pick-and-choose spins like these might get more difficult in the future.
Refer to Debian minimal system.
Consider automatic installations if you need to do a lot of these.
Although you can run GUI apps without a Window manager or a Desktop environmant, I usually add Fluxbox window manager to provide some Windows management, menus, etc. which sometimes comes in handy for troubleshooting, and to keep the user away from the shell (both for userfriendliness and as a security measure).
Fluxbox is easily configurable, so you can provide a simple menu to let the user restart a hung application or shutdown or restart the system, and you can autostart an application on login. Or set screensaver preferences.
Since you don't want any of this to run as root, you need to create a user account, with a password.
We create 1 user (www) with password www. This account will be used to use the PC as a web client.
useradd -m -s /bin/false -p `mkpasswd www SD` www
At this point, you also need to consider the use of a display manager.
The display manager (or 'dm') is the app that provides a login prompt (or "greeter"). It's main purpose is to force a login with a normal, non-root user account after the system has gone through its startup, as you don't want the kiosk session to start under the root account.
install xdm - it's a pretty simple and straightforward display manager.
install and customize/lock down Firefox
Seriously consider hardening the system.