Completely locking down XFCE 4.4

C

Codegen

Gawd
Joined
Aug 28, 2004
Messages
915
So, basically what I'm trying to do is create a Linux image that has just a connection to the terminal server, and an icon to shut down the computer. Nothing more, nothing less.

Because a lot of these systems are older (PII-350 is the lowest, with one oddball Celeron 366), I've chosen to use Xubuntu as the OS.

Now, I want to completely lock these down. I don't even want people to be able to change the wallpaper.

I've tried the kiosk mode options, but it seems pretty limited as to what you can do with it.

Any help would be greatly appreciated.

Thanks.
 
never tried it myself, but I'd think you could do it two ways.. one, setup a "default" setup and use that when the X server starts (copy it over), then if anyone changes anything.. so what, just restart the server and it's back to normal

or I'd think you could set all the config files permissions to not allow write, should stop any config changes.

read only FS? Hmm.. I dunno. I'd like to know how you get this done.
 
I've tried your second solution, setting the ownership on the XML files that control the desktop to the admin account (not root), and doing a chmod 755... crap.. should that be 744?

Anyway, XFCE seems to change the ownership to the student account when you make changes, making changing permissions useless.
 
if all you want if a terminal window and the option to shut down the computer, maybe having an entire desktop environment is overkill?

maybe you should just start X and your terminal window and thats it?
 
Codegen said:
I've tried your second solution, setting the ownership on the XML files that control the desktop to the admin account (not root), and doing a chmod 755... crap.. should that be 744?

Anyway, XFCE seems to change the ownership to the student account when you make changes, making changing permissions useless.
Click to expand...


eh.. well, you'll want the config file(s) to be owned by root (chown root <file>), and permissions to be 755. xfce shouldn't be able to change anything in the file if it's owned by root and X running as a user.

cavaet: I've never actually done that, so I could be wrong -- xfce could be suid. I doubt it though.
 
bleh! or you could just set the damn thing to 555, and probably not worry about it.
 
You must log in or register to reply here.
Back
Top