Detailed Maverick Meerkat OS Netbook Customisation

From Linuxcentre Wiki

Jump to: navigation, search

Contents

BIOS settings

(for Dell Mini 10v)

  • In the BIOS, set a Supervisor password and disable 'Password on Boot' (allows reimaging the netbook without needing the BIOS password)

OS Installation

Ubuntu Maverick Meerkat seems to work very well on the Dell Mini 10v netbook out-of-the-box however you will need to follow this section to make things work better.

  • Install Ubuntu 10.10 Maverick Meerkat DVD (using whole disk).

Updates

  • Install all updates (very important if you want to have usable wireless access). You'll need to connect to the internet via an ethernet cable at this stage.
sudo apt-get update
sudo apt-get upgrade

Wireless Networking

  • Using the hardware/firmware tool, select the Broadcom STA wireless driver and reboot.
  • Add in preshared key for the school's wireless ESSID network on wireless (click the 'NetworkManager' icon, 'manage connections', check 'available to all users')
  • NOTE: Due to a bug in the Broadcom-supplied propietary wireless driver, the power saving mode results in high packet latency and slow network performance using the STA driver. There is a hacky way to work around it: 'iwconfig eth1 power off' ref

Reduce SSD wear

Optional for models with solid-state disks

  • Add the 'noatime' option to /etc/fstab for the / filesystem ref

Hide startup udevd errors

  • Hides those annoying startup udevd errors: ref
sudo -s
echo FRAMEBUFFER=y >>/etc/initramfs-tools/conf.d/splash
update-initramfs -u

Disable ipv6

  • This speeds up some network operations since we're still in the internet dark-age of ipv4.
  • Add these lines to the end of /etc/sysctl.conf:
#disable ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Tweak Startup

  • Start System->Administration->Startup Manager
  • Set Display resolution to 800x600
  • Set Display Color Depth to 24bit
  • Uncheck 'Show text during boot'
  • Check 'Show boot splash'

Web Proxy

  • In System->Preferences->Network Proxy, set the http proxy to 'proxy' port '8080' and 'apply system-wide'.

Startup services

  • Disable a few start-up services:
cd /etc/rc2.d/
sudo mv S20speech-dispatcher K20speech-dispatcher
sudo mv S25bluetooth K25bluetooth
sudo mv S50rsync K50rsync
sudo mv S70pppd-dns K70pppd-dns

Log retention

  • Improved log rotation, change this line in /etc/logrotate.conf :
rotate 0
size 1M

NTP Client

  • Allow laptop to use dhcp ntp servers list (not working so hard code the server):
  • Edit /etc/default/ntpdate and change as follows:
NTPSERVERS="server.network"

Add Package Repositories

  • Add the MIT scratch repository to synaptic:
deb http://ppa.launchpad.net/scratch/ppa/ubuntu maverick main
  • Install key for this PPA:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4EA7974E
  • Add medibuntu repo:
 sudo wget http://www.medibuntu.org/sources.list.d/`lsb_release -cs`.list \
 --output-document=/etc/apt/sources.list.d/medibuntu.list
 sudo apt-get -q update
 sudo apt-get --yes -q --allow-unauthenticated install medibuntu-keyring
 sudo apt-get -q update
  • In Ubuntu Software Centre, under Edit -> Software Sources in the 'Other Software' Tab enable the 'Canonical partners' repo.

Add Packages

  • Install these Media packages:
openclipart-openoffice.org ubuntu-restricted-extras adobe-flashplugin acroread acroread-fonts \
gstreamer0.10-ffmpeg latex-xft-fonts xul-ext-adblock-plus msttcorefonts libavcodec-extra-52 x264
  • Install these System packages:
openssh-server joe smbfs gsynaptics galternatives libnotify-bin sun-java6-plugin startupmanager gvfs-bin
  • Install these additional packages:
edubuntu-desktop mathwar audacity childsplay hydrogen mypaint freemind littlewizard vym klavaro kgeography \
klettres python-opengl python-gtkglext1 canorus gperiodic tuxtype-data-nonfree jokosher gnucap timidity \
celestia-common-nonfree celestia-gnome stellarium extremetuxracer ubuntustudio-audio-plugins luciole denemo \
pitivi pingus frozen-bubble scratch gpaint gnome-games cheese openoffice.org-base

Remove Packages

  • Problem packages: solfege camorama ktoon synfigstudio pencil
  • Remove (purge) these packages:
ttf-sil-gentium openoffice.org-filter-binfilter openoffice.org-java-common liferea-data libmysql-java \
ttf-sil-gentium-basic openoffice.org-officebean liferea transmission-common evolution-common tomboy \
empathy gwibber nanny ubuntuone-client libsqlite0 python-sqlite python-hachoir-regex python-gtop \
apparmor apparmor-utils icedtea6-plugin

Tuxpaint

  • Create /etc/tuxpaint/tuxpaint.conf as follows:
fullscreen=yes
windowsize=1024x600
altprint=always
papersize=a4
saveover=new
startblank=yes
nolockfile=yes

Scratch

  • Edit /home/pupil/.scratch.ini and add:
ProxyServer=proxy
ProxyPort=8080
Home=/home/*

Google Earth

  • Install package builder:
apt-get install googleearth-package
  • Build pkg
make-googleearth-package --force
  • install resulting pkg (version may differ):
sudo dpkg -i googleearth_*.deb
  • clean up
googleearth_*.deb GoogleEarthLinux.bin
  • Remove build packages
apt-get purge build-essential dpkg-dev g++ g++-4.4 googleearth-package libalgorithm-diff-perl libalgorithm-merge-perl libdpkg-perl libstdc++6-4.4-dev

iTalc client

guvcview custom build

Since cheese performance is so poor, it has been replaced by guvcview which is a far superior video webcam and audio recording tool. It was rather complex for children to use so I have written a patch to give it a simple mode. The submitted patch can be found here.

  • Build notes:
apt-get install libudev-dev subversion
apt-get build-deps guvcview
svn co guvcview
apply patch
set /usr in configure
./configure
make
make install
  • Remove dev packages:
apt-get purge x11proto-core-dev libice-dev libxau-dev libxdmcp-dev x11proto-input-dev x11proto-kb-dev xtrans-dev libpthread-stubs0 libpthread-stubs0-dev libxcb1-dev libx11-dev autotools-dev html2text libunistring0 gettext intltool-debian po-debconf debhelper jackd1 jackd1-firewire zlib1g-dev libpng12-dev libslang2-dev libncurses5-dev libaa1-dev libasound2-dev libglib2.0-bin libglib2.0-dev libatk1.0-dev libaudiofile-dev libavahi-common-dev libdbus-1-dev libavahi-client-dev libavutil-dev libavcodec-dev libcaca-dev libcairo-gobject2 libexpat1-dev libfreetype6-dev libfontconfig1-dev x11proto-render-dev libxrender-dev libsm-dev libpixman-1-dev libxcb-render0-dev libxcb-shm0-dev libcairo2-dev libkms1 libdrm-dev libesd0-dev libxml2-dev libffado-dev libgdk-pixbuf2.0-dev mesa-common-dev libgl1-mesa-dev libglu1-mesa-dev libxft-dev libpango1.0-dev x11proto-xext-dev libxext-dev x11proto-xinerama-dev libxinerama-dev libxi-dev x11proto-randr-dev libxrandr-dev x11proto-fixes-dev libxfixes-dev libxcursor-dev x11proto-composite-dev libxcomposite-dev x11proto-damage-dev libxdamage-dev libgtk2.0-dev libsamplerate0-dev libjack-dev libsys-hostname-long-perl libmail-sendmail-perl libportaudiocpp0 libxt-dev libpulse-dev libaudio-dev libsdl1.2-dev libtwolame-dev libv4l-dev portaudio19-dev libapr1 libaprutil1 libsvn1 subversion libudev-dev
  • Required packages to get MP3 recording support:
apt-get install libavcodec-extra-52 x264
  • Settings:
Frame rate: 15 fps
Resolution 352x288
Camera Output: YUYV
Video Codec: MS MP4 V3
Video Format: AVI, bitrate 300,000
Audio Sample rate: 44100
Channels: Dev Default
Audio format: MP3 (lavc), bitrate: 96000

  • Change menu to invoke guvcview -S

Login Specific settings

These changes are all changed/stored per user:

Keyboard Tweaks

  • Make the 'Windows' key do F11 zooming in applications that support it
  • Create a file called $HOME/.Xmodmap as follows:
keycode 133 = F11
  • When you next login you should add the modmap as requested.

Desktop Customisation

  • Add gconf entry to allow moving of windows out of screen area with ALT key and drag (for oversized dialogue boxes) ref
gconftool-2 --set /apps/compiz/plugins/move/allscreens/options/constrain_y --type bool 0
  • In start-up applications disable bluetooth, remote desktop, ssh key agent, ubuntu-one, visual assistance, update notifier
  • Change the background to Edubuntu dark one.
  • Put desktop icons for most used applications (e.g. Web Browser, GCompris, Image Editor, Celestia, Stellarium, Scratch, Presentation, Work Processor, Spreadsheet, Scribus, TuxMath, Tux Paint).
  • Create a logical menu structure for all programs sorted by subject (they may appear more than once). See here for structure used.
  • Move top menu to bottom of screen to be more windows-like.
  • Run Lockdown Editor (pessulus) to lock-down gnome: lock panels, allow logout, disable lockscreen
  • Disable locking of screen and hibernate modes, open gconf-editor
    • browse to apps->gnome-power-manager->general, uncheck can_hibernate option
    • browse to apps->gnome-power-manager->lock, uncheck all buttons
    • browse to desktop->gnome->lockdown, check disable_lock_screen and, disable_user_switching
  • In Nautilus add bookmarks for folders such as: MyFiles, Downloads, Pictures, Scratch Projects, Videos, MyFiles Backups
  • Move window controls from right to left

Remove Keyring Passphrase

  • When first ever prompted, select no password and confirm unsafe settings.

OR,

  • To prevent the user being prompted for an unlock passphrase when wireless key is required, disable the passphrase as follows:
  • Start System -> Preferences -> Passwords and Encryption Keys
  • In the passwords tab, right click the Passwords: Login and select 'Change password'
  • Enter the old passphrase (if one was set)
  • Click Change and confirm using unsafe settings.

OpenOffice

  • For extra presentation templates download this
  • For even more presentation templates download this
  • Install the above by simply opening the downloaded files in openoffice and accepting the agreement.
  • Disable auto-correction features:
    • Open openoffice writer
    • go into 'Tools->AutoCorrect Options'
    • uncheck Autoinclude in 'Exceptions' tab
    • In the 'Options' tab disabled the following features: 'Correct Two Initial Capitals', 'Capitalize first letter of every sentence'
    • In the 'Word Completion' tab, unchecked 'Enable Word Completion'.
  • In Tools->Options->Paths change 'My Documents' entry to be /home/pupil/Documents/

Web Browser Customisation

  • Set firefox homepage and bookmarks as required.
  • Set firefox to not update any add-ons
  • Adblock plus plugin: configure it to use 'Easylist USA'.
  • Add the 'OptimizeGoogle' add-n and enable all privacy and safe-search options.
  • Add the 'Compact Menu 2' add-on.
  • Add the 'AutoHideStatsbar' add-on.
  • Set web browser HTTP proxy to auto-detection
  • In about:config disable 'browser.fullscreen.autohide', enable 'network.dns.disableIPv6', enable 'browser.tabs.autoHide', disable 'network.prefetch-next'.
  • In prefs security tab, uncheck the Tell me if ... suspected attack site, and forgery site (otherwise it downloads a massive file from google).
  • Right-click customize on the navigation bar, drag the compact menu icon to the far right, add the compact bookmarks icon to the nav bar,
  • Disable Google auto-suggestion features in OptimizeGoogle add-on preferences.
  • Set camera/microphone access to 'Always Allow' for www.klp.rm.com on Adobe web privacy panel.

General

  • Setup login screen to auto-login 'pupil' and auto-login at boot.
  • Add common ssh root public key(s) for remote root admin if required
  • Disable package update checking (this should be done in a controlled manner and not on an ad-hoc basis).

Printing

  • Add this before 'exit 0' in /etc/rc.local to clean up stale print jobs
# remove old print jobs
rm -f /var/spool/cups/[cd]*

Set the Build Version

  • Set the netbook build version so that the custom scripts and pupil home dir are obtained from the correct server dirs:
sudo -s
echo '2' > /etc/build_version

Copy over Custom Scripts

  • Copy the custom-scripts into place from the server:
sudo mkdir -p /opt/custom-scripts/
sudo rsync -av server::custom-scripts2/ /opt/custom-scripts/

Auto-mount of network share

  • Link to NetworkManager scripts dir so that it runs upon network interface up/down events:
sudo ln -s /opt/custom-scripts/NetworkManager_actions /etc/NetworkManager/dispatcher.d/99-NetworkManager_actions

User Management

  • All users would auto-login as user 'pupil'.
  • No account management required.
  • Create the following directories on the server share:
Class1,Class2,Class3,Class4, or Year1, Year2, Year3 and so on
  • In each of these directories create named directories for the pupils in each class.

Security

  • Security mark the laptops with SelectaDNA
  • Label the laptops

Scripted Symlinks

  • The script '/opt/custom-scripts/link_user' will be run whenever the network gets connected
  • Create a desktop Launcher called 'Change User' pointing to this script.
  • The /opt/custom-scripts/cifs-gvfs-mount script mounts a share in Nautilus for a specified user using gvfs-mount.

Printer

  • Add and configure networked printer (photocopier)
  • Need to determine model, IP address and driver if required.

Home Directory Synchronisation

  • A custom service runs that, upon network connectivity, runs a start-up script that performs the following:
    • Gets the common /opt/custom-scripts from the server if available (via rsync)
    • Runs the script which could contain: commands to install or update certain packages, other sysadmin type tasks (todo)
    • Syncs server master copy of pupil home dir /opt/pupilhome/ with the local /opt/pupilhome/
  • Add a command that syncs the /opt/pupilhome/ dir with /home/pupil/ upon boot-up as follows in /etc/rc.local (before 'exit 0'):
test -f /opt/custom-scripts/.home-sync-xfer-lock \
|| rsync -av --progress --one-file-system --delete /opt/pupilhome/ /home/pupil/ \
--exclude=Desktop/Emergency\ MyFiles/** --exclude=.gvfs
# remove 'Emergency MyFiles' older than 30 days
find /home/pupil/Desktop/Emergency\ MyFiles/ -ctime +30 -type d -exec rmdir {} \;
find /home/pupil/Desktop/Emergency\ MyFiles/ -ctime +30 -type f -exec rm {} \;

Update Master Pupil Home Directory

  • Copy the current /home/pupil to the server after logging out:
  • Logout of pupil account
  • On a text terminal (Fn-ALT-F1) login as pupil and run this:
rsync -avx --delete /home/pupil/ /opt/pupilhome/
rsync -avx --delete /home/pupil/ root@server:/opt/pupilhome/

Add Windows XP virtual machine capability

WinXP using VirtualBox

To-Do

  • In safe mode before imaging, Remove the entries in /etc/udevd/rules.d/70-persistent-net.rules for eth0 and eth1 (prevents laptops trying to use eth2/3 instead after imaging)
  • Clear the apt cache to save disk space: sudo rm -f /var/cache/apt/archives/*
  • 'Phone-home' for security: Add an autossh service to a trusted internet server IP so that if any laptop is stolen we have the IP address and service tag (from dmidecode) if booted.
  • Once all netbooks are running this build, edit the link-user script and change those 'Scratch Projects' subdir links to 'Scratch Projects' because the new version of Scratch does not have the same limitation as before.

Future Improvements

Known Issues

  • ntp-servers in dhcp server list not used by dhcpclient
  • Parley cannot get new collections due to proxy not being effective in kde apps
  • In firefox, resized images (i.e. images rendered with smaller than native size) have a 1pixel visible top and left border.
  • iTalc client randomly crashes Xorg - client is currently disabled.
  • Cheese framerate is worse than on Karmic. Recording is jerky and freezes even at 320x240. Use guvcview instead.
Personal tools