Discussion:
[Ltsp-discuss] LTSP FatClient - make home directory not persistent
Chris D
2016-08-23 11:32:38 UTC
Permalink
Hello *

I have about 100 fat clients in production environment which have the same
configuration
The configuration is made with one user account and I auto-login each fat
client to this account

but I want to prevent users from making changes to configuration,
because now home directory is mounted via sshfs from the server by each fat
client
and each change in user config/files is visible on each fat client

I've been thinking about using overlayfs and ram/tmpfs to save basic
configuration
so that all local changes will disappear after the reboot

as far as I've learned LTSP don't support such functionality
but is it possible to achieve such scenario with some hacks?
or could you please tell me which script is responsible for
mounting home directories over sshfs?

best,
Chris
Alkis Georgopoulos
2016-08-23 12:30:36 UTC
Permalink
Hi Chris,

one good way to implement this would be with an nbd-server cow export
for /home/template-user.
The script that mounts home directories is
/usr/share/ldm/rc.d/X01-localapps, but it would be best to create
another script, e.g. X00-mount-home-template.
I'm available for hire if you need help with it.

Cheers,
Alkis Georgopoulos
LTSP developer
Post by Chris D
Hello *
I have about 100 fat clients in production environment which have the
same configuration
The configuration is made with one user account and I auto-login each
fat client to this account
but I want to prevent users from making changes to configuration,
because now home directory is mounted via sshfs from the server by each
fat client
and each change in user config/files is visible on each fat client
I've been thinking about using overlayfs and ram/tmpfs to save basic
configuration
so that all local changes will disappear after the reboot
as far as I've learned LTSP don't support such functionality
but is it possible to achieve such scenario with some hacks?
or could you please tell me which script is responsible for
mounting home directories over sshfs?
best,
Chris
Chris Ditrich
2016-08-23 16:16:07 UTC
Permalink
Thank you Alkis!

for that script I've been looking for, now I should be able to solve my
problem
if not I will get back to you ;)

cheers,
Chris
Post by Alkis Georgopoulos
Hi Chris,
one good way to implement this would be with an nbd-server cow export
for /home/template-user.
The script that mounts home directories is
/usr/share/ldm/rc.d/X01-localapps, but it would be best to create
another script, e.g. X00-mount-home-template.
I'm available for hire if you need help with it.
Cheers,
Alkis Georgopoulos
LTSP developer
Post by Chris D
Hello *
I have about 100 fat clients in production environment which have the
same configuration
The configuration is made with one user account and I auto-login each
fat client to this account
but I want to prevent users from making changes to configuration,
because now home directory is mounted via sshfs from the server by each
fat client
and each change in user config/files is visible on each fat client
I've been thinking about using overlayfs and ram/tmpfs to save basic
configuration
so that all local changes will disappear after the reboot
as far as I've learned LTSP don't support such functionality
but is it possible to achieve such scenario with some hacks?
or could you please tell me which script is responsible for
mounting home directories over sshfs?
best,
Chris
------------------------------------------------------------------------------
_____________________________________________________________________
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
Valtteri Suojanen
2016-08-23 12:34:15 UTC
Permalink
Hi

You did not mention your users or anything about how they use the client
devices .

Autlogin on 100 device sounds like a kiosk environment to me. And
preventing changes sounds like a read only filesystem. There is a screen
script in ltsp package called 'kiosk' that creates a temporary session for
each login but you need to configure it to run a specific program or task.

And there are propably hundred others kiosk setups in the internet you can
apply with or without ltsp

"Kiosk" means that clients should have same service and taste every time.
So you create session on the client environment first as a template and
then you configure it to be used (copied) and mounted on tmpfs and cleanup
it on logout or reboot.

first describe what applications your clients use?

Valtteri
Post by Chris D
Hello *
I have about 100 fat clients in production environment which have the same
configuration
The configuration is made with one user account and I auto-login each fat
client to this account
but I want to prevent users from making changes to configuration,
because now home directory is mounted via sshfs from the server by each
fat client
and each change in user config/files is visible on each fat client
I've been thinking about using overlayfs and ram/tmpfs to save basic
configuration
so that all local changes will disappear after the reboot
as far as I've learned LTSP don't support such functionality
but is it possible to achieve such scenario with some hacks?
or could you please tell me which script is responsible for
mounting home directories over sshfs?
best,
Chris
------------------------------------------------------------
------------------
_____________________________________________________________________
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
Chris Ditrich
2016-08-23 16:32:24 UTC
Permalink
Hi Valtteri,

yes, I've been thinking about using 'kiosk' but it not exactly matches
my profile
to be honest my configuration is a little bit weird ;)
the idea is to have configuration on the server and manage it from the
server (using puppet maybe) so I will not have to rebuild ltsp image
each time it changes

but with the hints from Alkis I think I will be able to achieve what I want

best,
Chris
Post by Valtteri Suojanen
Hi
You did not mention your users or anything about how they use the
client devices .
Autlogin on 100 device sounds like a kiosk environment to me. And
preventing changes sounds like a read only filesystem. There is a
screen script in ltsp package called 'kiosk' that creates a temporary
session for each login but you need to configure it to run a specific
program or task.
And there are propably hundred others kiosk setups in the internet
you can apply with or without ltsp
"Kiosk" means that clients should have same service and taste every
time. So you create session on the client environment first as a
template and then you configure it to be used (copied) and mounted on
tmpfs and cleanup it on logout or reboot.
first describe what applications your clients use?
Valtteri
Hello *
I have about 100 fat clients in production environment which have
the same configuration
The configuration is made with one user account and I auto-login
each fat client to this account
but I want to prevent users from making changes to configuration,
because now home directory is mounted via sshfs from the server by
each fat client
and each change in user config/files is visible on each fat client
I've been thinking about using overlayfs and ram/tmpfs to save
basic configuration
so that all local changes will disappear after the reboot
as far as I've learned LTSP don't support such functionality
but is it possible to achieve such scenario with some hacks?
or could you please tell me which script is responsible for
mounting home directories over sshfs?
best,
Chris
------------------------------------------------------------------------------
_____________________________________________________________________
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
<https://lists.sourceforge.net/lists/listinfo/ltsp-discuss>
For additional LTSP help, try #ltsp channel on irc.freenode.net
<http://irc.freenode.net>
------------------------------------------------------------------------------
_____________________________________________________________________
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
Chris D
2016-08-31 08:18:33 UTC
Permalink
Hello all,

just for record, here is how I was able to solve this issue:

in script /usr/share/ldm/rc.d/X01-localapps

I replaced this line:

sshfs -o
"${follow_home_symlinks}${disable_hardlink}allow_other,nonempty,ControlPath=$LDM_SOCKET"
"$LDM_SERVER:$LDM_HOME" "$LDM_HOME"

whit this piece of code:

HOME_TEMP_DIR="$LDM_HOME"-template

if [ "$LOCK_HOME" = true ] ; then
mkdir "$HOME_TEMP_DIR"
sshfs -o
"${follow_home_symlinks}${disable_hardlink}allow_other,nonempty,ro,ControlPath=$LDM_SOCKET"
"$LDM_SERVER:$LDM_HOME" "$HOME_TEMP_DIR"
mkdir /cow/home-up
mkdir /cow/home-work
mount -t overlay overlay "$LDM_HOME" -o
lowerdir="$HOME_TEMP_DIR",upperdir=/cow/home-up,workdir=/cow/home-work
else
sshfs -o
"${follow_home_symlinks}${disable_hardlink}allow_other,nonempty,ControlPath=$LDM_SOCKET"
"$LDM_SERVER:$LDM_HOME" "$LDM_HOME"
fi


so now I can control if the home directory should be mounted with overlayfs
using LOCK_HOME in lts.conf file
you can notice that upperdir is located in /cow directory, which is tmpfs
mounted by default in LTSP

so sample config might look like this one:

[master-client]
LOCK_HOME = false


[Default]
LOCK_HOME = true
LTSP_FATCLIENT = true
LDM_AUTOLOGIN = true
LDM_USERNAME = user
LDM_PASSWORD = ****
LOCAL_APPS = true
SCREEN_07="ldm"

In this scenario only master-client is able to do changes in home directory
on the server. Al other client changes are local and will vanish after
reboot of the client.

One more time thanks for help to you all!

Best,
Chris
Post by Chris Ditrich
Hi Valtteri,
yes, I've been thinking about using 'kiosk' but it not exactly matches my
profile
to be honest my configuration is a little bit weird ;)
the idea is to have configuration on the server and manage it from the
server (using puppet maybe) so I will not have to rebuild ltsp image each
time it changes
but with the hints from Alkis I think I will be able to achieve what I want
best,
Chris
Hi
You did not mention your users or anything about how they use the client
devices .
Autlogin on 100 device sounds like a kiosk environment to me. And
preventing changes sounds like a read only filesystem. There is a screen
script in ltsp package called 'kiosk' that creates a temporary session for
each login but you need to configure it to run a specific program or task.
And there are propably hundred others kiosk setups in the internet you
can apply with or without ltsp
"Kiosk" means that clients should have same service and taste every time.
So you create session on the client environment first as a template and
then you configure it to be used (copied) and mounted on tmpfs and cleanup
it on logout or reboot.
first describe what applications your clients use?
Valtteri
Post by Chris D
Hello *
I have about 100 fat clients in production environment which have the
same configuration
The configuration is made with one user account and I auto-login each fat
client to this account
but I want to prevent users from making changes to configuration,
because now home directory is mounted via sshfs from the server by each
fat client
and each change in user config/files is visible on each fat client
I've been thinking about using overlayfs and ram/tmpfs to save basic
configuration
so that all local changes will disappear after the reboot
as far as I've learned LTSP don't support such functionality
but is it possible to achieve such scenario with some hacks?
or could you please tell me which script is responsible for
mounting home directories over sshfs?
best,
Chris
------------------------------------------------------------
------------------
_____________________________________________________________________
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
------------------------------------------------------------------------------
_____________________________________________________________________
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
Loading...