Synopsis: This is a reference guide for users/network/system admins who need a reliable and secured distro (es: production environments, kiosk, etc.) |
Contents
Introduction
Some environments require PCs to use only for specific applications and prevent any other form of interaction (es: lock games, internet, browse file system, restricted network access, etc):
- Drive production machines
- Testing workstations
- ...
To set up our Mageia distribution for this purpose, we need to consider following aspects:
- User interface locked
- Reduced use of resources
- System stability
- System reactivity
I used:
and created two users on the system:
- operator: with a minimal applications menu for that user. Also, many key-combinations are disabled to deny access to unauthorized actions
- admin: with complete applications menu
Customize Login Manager (LXDM)
To prevent use of login manager to change session, remove all other unused sessions under folder /usr/share/xsession (I leave only openbox).
To enable autologin use file /etc/lxdm/lxdm.conf, compile and uncomment autologin parameter. Set also session=/usr/bin/startopenbox to enable default session.
Customize Taskbar (Tint2)
To configure taskbar (clock settings, mouse actions, etc) we can use tint2conf to help us with GUI to setup tint2 configuration file ~/.config/tint2/tint2rc. After change file owner and permissions for locked user.
Each user has a folder ~/.config/openbox that contains openbox configuration files specific for that user, for applications menu file is menu.xml that contains menu that will show when right-clicking on the desktop. After modifying it for each user, on the operator file I changed owner and permissions so a user can't modify it.
Customize shortcut keys
Always in folder ~/.config/openbox there is file rc.xml that contains all key shortcuts so editing it can disable or enable each shortcut. Also in this case I changed owner and permissions so a user can't modify it.
Customize autostart applications
Always in folder ~/.config/openbox there is file autostart that contains the command sequence to launch at user login. This is an example of file:
# set keyboard layout as 104 Keys English USA
setxkbmap -model pc104 -layout us &
# disable screensaver and energy save
xset -dpms &
xset s noblank &
xset s off &
# desktop background
feh --bg-fill /usr/share/wallpapers/bg.jpg &
# thunar daemon for automount
thunar --daemon &
# Programs that will run after Openbox has started
tint2 &
(sleep 2 && volumeicon) &
Configure font aspects (Qt and Gtk)
First modify file /etc/fonts/fonts.conf adding:
<fontconfig>
...
...
<match target="font" >
<edit mode="assign" name="hinting" >
<bool>true</bool>
</edit>
<edit mode="assign" name="hintstyle" >
<const>hintslight</const>
</edit>
<edit mode="assign" name="antialias" >
<bool>true</bool>
</edit>
</match>
<match target="pattern">
<edit name="dpi" mode="assign">
<double>96</double>
</edit>
</match>
</fontconfig>
Then to set Qt4 aspect we can use:
[admin@locahost ~]$ qtconfig
Then to set Gtk aspect we can use:
[admin@locahost ~]$ lxappearance
On fonts tab using hinting slight.
We need to also create file under each home folder ~/.Xresources as follows:
Xft.dpi: 96
Xft.antialias: true
Xft.hinting: true
Xft.hintstyle: hintslight