[Cialug] Kiosk suggestions?

Zachary Kotlarek zach at kotlarek.com
Wed Jun 30 11:00:11 CDT 2010


On Jun 30, 2010, at 10:45 AM, L. V. Lammert wrote:

> At 10:31 AM 6/30/2010, you wrote:
> 
> Why not just reset permissions on the HD to RO for everything except 
> /var/log, .. and then tweak the /home partition so as to prevent 
> downloads? A cron job could also blow out a 'stock' user profile if 
> anything changed.


You'd be surprised how much work it is to turn a modern desktop distribution into something that can run truly read-only, or with /var as the only writable mountpoint, at least without whining all the time.

It's certainly something that linux supports, but there are a lot of programs that assume at least /etc, /var, and /tmp are writable, and it's not uncommon to find apps that expect a writable home directory as well. For example, in many distributions you can't run DHCP (to get DNS info) without a writable /etc/resolv.conf. Even distros that remap that file to someplace more appropriate like /var need that location to be writable. And that's just to get you on the network, let alone actually run things.

Hence the suggestion to use a "live USB" modification, which takes care of those changes for you. If you installed it on an HD you could make the underlying disk read-only, but if you just `mount -o remount,ro /` on a typical desktop distribution you're going to have a hard time of things.

	Zach

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2746 bytes
Desc: not available
Url : http://cialug.org/pipermail/cialug/attachments/20100630/01bfcd00/attachment.bin 


More information about the Cialug mailing list