Linux & Library – Web Kiosks for Peanuts

Sam DeeljorePius XII Memorial/HSC Libraries

Saint Louis University

LITA 2004 National ForumSt. Louis, Missouri

Introduction

➲ Library needs➲ Replace aging text terminals➲ Provide web access to library catalogs in a

simplified kiosk interface➲ Problems

➲ Lack of funds for new computer equipment➲ Windows is high maintenance➲ The Windows desktop UI is hard to control➲ Modern Windows requires powerful hardware

➲ Linux provides the solution

Why Linux?

➲ No licensing costs➲ Stability matches or exceeds Windows➲ Good support for and better performance on

older PC hardware➲ The desktop is easy to control and

customize➲ Solutions for thin clients are readily available➲ Older hardware can be put back in service

Linux Thin Clients

➲ All the advantages of linux plus centralized management

➲ Applications run on the server and the display is sent over the network to the thin clients

➲ Because the applications run on the server, they run with all the speed of the server

➲ Hard disks which are prone to failure are eliminated with thin clients

Overview of our linux system➲ Linux Terminal Server Project (LTSP)

software➲ 1 server

➲ 1.2 Ghz Pentium III with 1024 MB RAM➲ Holds all software including the terminals' OS➲ System load rarely exceeds 10%, 500MB RAM

used, no swapping➲ 10 public web terminals

➲ 166 Mhz Pentium I with 32 MB RAM➲ Terminals are diskless – no hard disk, no floppy➲ Terminals require a special chip for their network

cards to facilitate booting.

The Server Software

➲ Linux Terminal Server Project (LTSP)➲ Http://www.ltsp.org➲ Packaged for most major Linux distributions➲ Open source

➲ Provides the thin-client OS➲ A stripped down version of linux➲ Busybox software provides all the command line

tools usually found in linux➲ Xfree86 – X windows system

The Chip That Makes It Happen➲ The Boot ROM is inserted into a

socket on the ethernet card➲ Chips can be obtained from from

http://www.disklessworkstations.com➲ Uses Etherboot open source software,

available at http://etherboot.sourceforge.net

➲ A floppy loaded with etherboot can perform the same tasks as the chip

➲ Prices for the chip are $15-$18 depending on your NIC model

Etherboot – What the ROM does

➲ When machine boots, etherboot is loaded by the BIOS before any device in the boot order

➲ Etherboot requests an IP address, server IP and filename from the DHCP server

➲ Etherboot retrieves the file (the client's linux kernel) using tftp

➲ Etherboot boots the kernel it retrieved

The Web Browser

➲ Opera 7 for linux (http://opera.com)➲ Advantages

➲ Loads quickly, renders quickly➲ High-quality standards compliant rendering➲ Has an excellent kiosk mode

➲ Disadvantage: Must buy a license to make the banner ads go away

Opera Kiosk Mode

➲ Invoked by launching browser with certain arguments as the Shell

➲ Administrator can specify an idle time after which the cache is emptied, history is cleared, and the home page is reloaded

➲ Administrator can hide print, save, and exit menu choices

➲ Administrator can lock browser in fullscreen mode

➲ See www.opera.com/support/mastering/kiosk/

Getting Started

➲ Install your favorite linux on your server (we use RedHat 9.0)

➲ The following server packages are needed: tftp, dhcpd, and nfs.

➲ XDM, KDM, or GDM are needed. We use gdm.➲ Squid may be installed as a proxy server to

accelerate web browsing and/or to restrict kiosks to certain websites, such as your library catalog.

➲ XFS (the Xwindow font server) may be installed so that your server and your clients can share fonts from a single directory (recommended)

Install the Software

➲ Install the LTSP packages➲ Install boot ROMs on your clients ethernet

cards, record the MAC addresses of each of your client's ethernet card

➲ Create/modify the following files: /etc/dhcpd.conf - for dhcp requirements

➲ /etc/hosts - for access to the server➲ /opt/ltsp/i386/etc/lts.conf - for client

configuration

DHCP configuration

➲ Reserve an IP for each of your clients based on their MAC. Additional parameters that must be present for each client are hostname, filename, and root-path.

➲ If a dhcp server is already in place on the network, it can be used with minor modifications

➲ Be very careful with DHCP

Configuring the Clients

➲ Basic settings are all done in the file /opt/ltsp/i386/etc/lts.conf

➲ Default setting applies to all hosts not specifically defined

➲ Set client runlevel, turn swap file on/off, set size, choose custom X server settings

➲ When a client boots it reads lts.conf and dynamically creates all the configuration files a linux machine needs (in temporary storage in client RAM)

Linux Runlevels in LTSP

➲ Runlevel 3: for debugging – clients boots and the user gets a shell as root

➲ Runlevel 4: telnet to a host in a loop with no exit– set the telnet host to connect to in lts.conf

➲ Runlevel 5: graphical login, display is managed by the server

Desktop Security

➲ Opera kiosk mode

➲ Disable unwanted XDMCP sessions

➲ Enable timed login and autologin

➲ Disable remote root login

Network Security

➲ Firewall: iptables

➲ Tripewire Intrusion Detection System

➲ TCP Wrappers

➲ Keep current with patches

Beyond Web Kiosks➲ Ideal desktop replacement for departments

which are not dependent on Windows desktop or Windows only applications.

➲ What can users do on UNIX/LINUX?➲ Email (Web Mail or Pop3/Imap)➲ Open Office/Star Office (MS office clones)➲ Web applications and telnet and ssh sessions➲ UNIX software development

➲ Many users on one powerful server means more efficient use of CPU cycles than many users on many new powerful desktops.