[Lancaster] Folly Terminals are go!

Andy Baxter andy at earthsong.free-online.co.uk
Thu May 27 23:36:32 BST 2004


On Thursday 27 May 2004 08:20, Martyn Welch wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi All,
>
> An amazing amount of work seems to have been done in the last month or two.
> The kitchen area looks far better and we now have a few working terminals!
> A huge thanks to Ken and Andy.
>
> We started to discuss a few things last night:
>
> 1) System Security
>
> The system is working, but it wouldn't take someone with too much knowledge
> of Linux to do some real damage. We need to improve security on the system,
> especially the server.
>
> - - The root password has _got_ to change to something far harder to guess

also have a seperate root password for the terminals (but the same one for 
each of these), so someone shoulder-surfing while we're working on it can't 
get the server p/w.

> - - The number of packages (especially Desktop Environments) need to be
> reduced so that the environment can be managed easily

It might reduce confusion to only have one window manager / desktop envt, but 
apart from this I don't see the need to cut down on programs, as long as 
there is enough disk space - even if people are mainly going to be using it 
for web browsing, it would still be nice to have a range of linux apps for 
people to look at and try out. I don't see how this makes things more 
complicated?

> - - Priviledges need to be set on account home directories
>
> - - The clients need to have there BIOS passwords set and boot from floppy
> disabled.

yes to both.

>
> 2) Mission critical kit
>
> The server is now _very_ important. With out the server the terminals are
> useless. Over time it might make sense to migrate some of the extra
> services of it onto another/other boxes, to reduce the work of rebuilding
> one of the boxes if it fails.

I was thinking for file storage, the only file storage on the server is some 
shared scratch space which is accessible by all the accounts, and deleted 
oldest file first by a cron script every midnight. This could be put on the 
desktop. This is meant for things like if someone downloads a file to work on 
that day, or maybe if they meant to copy it to floppy or CD, but don't have 
one with them and want to come in again the next day.

Then keep everything else on a separate file server.

> I think we need to have separate storage for the terminal equipment, for
> when the room is needed for other things. This I suppose includes setting
> aside a set of nice (pref. identical) keyboards and mice for use with the
> terminals. Getting them running after not being used should be very easy
> and setting aside clean nice keyboards will make the setup look far more
> inticing.
>
>
> 3) User accounts
>
> We need ideas. The best we could think of last night is a set of guest
> logins, one for each of the terminals & the posiblity of creating separate
> logins for advanced/ frequent users (giving them private data storage). Am
> I right in thinking there will be problems with 2 sessions logging in as
> the same user simultaneously?

I just checked on my machine, and this does cause problems for quite a few 
apps - open office somehow opens in the wrong X session; xmms and zinf won't 
start at all, and firefox asks you to make a new profile.

I reckon for the moment, just make a separate account for each terminal, and 
have a note on the box saying which one to log in as. Some time we might be 
able to figure a way to bring up a login screen which just has one guest 
account which gets directed to separate accounts for each machine, but this 
is going to be tricky I think.

To keep the config for the guest accounts the same, we could create a separate 
guest-config account, which we log into manually and set things up how we 
want, then have a script which copies this account's home directory over the 
home dirs of each of the guest accounts every midnight. Maybe the script 
should also copy any stray files from the desktops or the guest users' home 
dirs into the scratch space, in case people can't find the right place to 
store files.

I'll see if I can get something like this set up, and people can see what they 
think of it.

>
> 4) Publicity
>
> It would be nice to get the room in use and also to publicise the LUG,
> Linux and more generally open source software.
>
> It was felt that it would be nice to get hold of a CD burner and a stack of
> cheapish CDs for the folly and burn copies of Knoppix [www.knoppix.net/],
> Gnuwin [http://gnuwin.epfl.ch/en/index.html] and possibly a very friendly
> distro or two, either for free or a very minimal fee (£1/50p?)

This would be good i think.

> There is now a large screen in the kitchen space, a scrolling presentation
> with info about the use of the space and availibility of services would be
> nice!
>
> Posters?

> 5) LUG Organisation
>
> It would be nice to setup one of the spare machines as a LUG server, with a
> (passworded) WIKI on it for storing configuration info on it and other LUG
> related matters.

I should be able to get this set up some time next month.

> We also need to decide how we are going to carry this LUG forward now.

What I would like is less time in the monthly meetings taken up maintaining 
the network, and try to bring it back more to having time to chat about 
stuff, and show each other things we've been doing.

andy

-- 
Please don't send me html mail or un-notified attachments. These will be 
automatically filed under 'probable spam' unless I'm expecting an email which 
hasn't come.
If you do need to send an attachment or html mail, put [attachment] or [html] 
in the subject line.
Thanks, andy.



More information about the Lancaster mailing list