Detailed Karmic Koala OS Netbook Customisation

From Linuxcentre Wiki

Jump to: navigation, search

Contents

OS Build

  • Follow these instructions (including all optional steps)
  • In the BIOS, set a Supervisor password and disable 'Password on Boot' (allows reimaging the netbook without needing the BIOS password)
  • Set the system-wide proxy to http://proxy:8080
  • Disable a few start-up services:
cd /etc/rc2.d/
sudo mv S20speech-dispatcher K20speech-dispatcher
sudo mv S25bluetooth K25bluetooth
sudo mv S50rsync K50rsync
sudo mv S70pppd-dns K70pppd-dns
sudo mv S99timidity K99timidity
  • Improved log rotation, change this line in /etc/logrotate.conf :
rotate 0
size 1M
  • Add in preshared key for the school's wireless ESSID network on wireless (click the 'NetworkManager' icon, 'manage connections', check 'available to all users')

Packages

  • Add medibuntu repo
 sudo wget http://www.medibuntu.org/sources.list.d/`lsb_release -cs`.list --output-document=/etc/apt/sources.list.d/medibuntu.list
 sudo apt-get -q update
 sudo apt-get --yes -q --allow-unauthenticated install medibuntu-keyring
 sudo apt-get -q update
  • In Synaptic package manager, enable the 'partner' repo.
  • Remove (purge) these packages:
ubuntu-netbook-remix-default-settings netbook-launcher ubuntu-netbook-remix maximus webfav apparmor apparmor-utils
  • Install these Educational packages:
edubuntu-desktop mathwar
  • Install these Media packages:
 openclipart-openoffice.org ubuntu-restricted-extras adobe-flashplugin acroread acroread-fonts gstreamer0.10-ffmpeg
latex-xft-fonts firefox adblock-plus icedtea6-plugin ubufox
  • Install these System packages:
openssh-server joe smbfs gsynaptics galternatives libnotify-bin
  • Install these additional packages:
audacity childsplay hydrogen jclic freemind littlewizard stopmotion vym klavaro kgeography klettres ktoon python-opengl python-gtkglext1 canorus
gperiodic tuxtype-data-nonfree  jokosher gnucap timidity celestia-common-nonfree celestia-gnome stellarium extremetuxracer ubuntustudio-audio-plugins
pitivi pingus frozen-bubble
  • Problems packages: solfege camorama stopmotion
  • Remove (purge) these packages:
liferea cellwriter transmission-common ekiga evolution-common tomboy pidgin pidgin-data (solfege camorama??)
  • Install MIT Scratch, Add this repository to synaptic:
deb http://ppa.launchpad.net/scratch/ppa/ubuntu karmic main
  • Install key for this PPA:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4EA7974E
sudo apt-get update
sudo apt-get install scratch

General

  • Setup login screen to auto-login 'pupil' and auto-login at boot.
  • Add common ssh root public key(s) for remote root admin if required
  • Disable package update checking (this should be done in a controlled manner and not on an ad-hoc basis).
  • Use Gnome desktop.
  • Edit the menus:
    • Add MathWar

Printing

  • Add this before 'exit 0' in /etc/rc.local to clean up stale print jobs
# remove old print jobs
rm -f /var/spool/cups/[cd]*

Copy over Custom Scripts

  • Copy the custom-scripts into place from the server:
sudo mkdir -p /opt/custom-scripts/
sudo rsync -av server::custom-scripts/ /opt/custom-scripts/

Auto-mount of network share

  • Link to NetworkManager scripts dir so that it runs upon network interface up/down events:
sudo ln -s /opt/custom-scripts/NetworkManager_actions /etc/NetworkManager/dispatcher.d/99-NetworkManager_actions

User Management

  • All users would auto-login as user 'pupil'.
  • Create an 'administrator' user and make sure this is the ONLY user with sudo rights.
  • No account management required.
  • Create the following directories on the server share:
Class1,Class2,Class3,Class4, or Year1, Year2, Year3 and so on
  • In each of these directories create named directories for the pupils in each class.

Security

  • Security mark the laptops with SelectaDNA
  • Label the laptops

Scripted Symlinks

  • The script '/opt/custom-scripts/link_user' will be run whenever the network gets connected
  • Create a desktop Launcher called 'Change User' pointing to this script.
  • The /opt/custom-scripts/cifs-gvfs-mount script mounts a share in Nautilus for a specified user using gvfs-mount.

Tuxpaint

  • Create /etc/tuxpaint/tuxpaint.conf as follows:
fullscreen=native
altprint=always      
papersize=a4      
saveover=new   
startblank=yes
nolockfile=yes

NTP Client

  • Allow laptop to use dhcp ntp servers list (not working so hard code the server):
  • Edit /etc/default/ntpdate and change as follows:
NTPSERVERS="server.network"

Google Earth

  • Install package builder:
apt-get install googleearth-package
  • Build pkg
make-googleearth-package --force
  • install resulting pkg (version may differ):
sudo dpkg -i googleearth_5.1.3509.4636+0.5.4.1-1_i386.deb

iTalc client

Login Specific settings

These changes are all changed/stored per user:

Keyboard Tweaks

  • Make the 'Windows' key do F11 zooming in applications that support it
  • Create a file called $HOME/.Xmodmap as follows:
keycode 133 = F11
  • When you next login you should add the modmap as requested.

Touchpad Tweaks

  • Since there appears to be a small bug in xorg not inheriting the correct synaptics touchpad driver settings, create the following in /home/pupil/.config/autostart/synclient.desktop
[Desktop Entry]
Type=Application
Exec=/usr/bin/synclient AreaBottomEdge=4000 AreaLeftEdge=1500 TapButton1=1 JumpyCursorThreshold=90
Hidden=false
X-GNOME-Autostart-enabled=true
Name[en_GB]=Synclient Touchpad Tweaks
Name=Synclient Touchpad Tweaks
Comment[en_GB]=Synclient Touchpad Tweaks
Comment=Synclient Touchpad Tweaks

Desktop Customisation

  • Change the background to Edubuntu dark one.
  • Change Theme to Edubuntu colours
  • Put desktop icons for most used applications.
  • Create a logical menu structure for all programs sorted by subject (they may appear more than once). See here for structure used.
  • Move top menu to bottom of screen to be more windows-like.
  • Run Lockdown Editor (pessulus) to lock-down gnome: lock panels, allow logout, disable lockscreen
  • Add gconf entry to allow moving of windows out of screen area with ALT key and drag (for oversized dialogue boxes) ref
gconftool-2 --set /apps/compiz/plugins/move/allscreens/options/constrain_y --type bool 0
  • In start-up applications disable bluetooth, evolution alarms, update notifier
  • Disable locking of screen and hibernate modes, open gconf-editor
    • browse to apps->gnome-power-manager->general, uncheck can_hibernate option
    • browse to apps->gnome-power-manager->lock, uncheck all buttons
    • browse to desktop->gnome->lockdown, check disable_lock_screen and, disable_user_switching
  • In Nautilus add bookmarks for folders such as: MyFiles, Downloads, Pictures, Scratch Projects, Videos, MyFiles Backups

Timidity

  • Timidity is required by the Canorus music package.
  • In System->Preferences->Startup Programs, add a new item called Timidity which starts the following command:
/usr/bin/timidity -Os -iA &

Remove Keyring Passphrase

  • When first ever prompted, select no password and confirm unsafe settings.

OR,

  • To prevent the user being prompted for an unlock passphrase when wireless key is required, disable the passphrase as follows:
  • Start Accessories -> Passwords and Encryption Keys
  • In the passwords tab, right click the Passwords: Login and select 'Change password'
  • Enter the old passphrase (if one was set)
  • Click Change and confirm using unsafe settings.

OpenOffice

  • For extra presentation templates download this
  • For even more presentation templates download this
  • Install the above by simply opening the downloaded files in openoffice and accepting the agreement.
  • Disable auto-correction features:
    • Open openoffice writer
    • go into 'Tools->AutoCorrect Options'
    • uncheck Autoinclude in 'Exceptions' tab
    • In the 'Options' tab disabled the following features: 'Correct Two Initial Capitals', 'Capitalize first letter of every sentence'
    • In the 'Word Completion' tab, unchecked 'Enable Word Completion'.
  • In Tools->Options->Paths change 'My Documents' entry to be /home/pupil/Documents/

Web Browser Customisation

  • Set firefox homepage and bookmarks as required.
  • Set firefox to not update any add-ons
  • Adblock plus plugin: configure it to use 'Easylist USA'.
  • Add the CustomizeGoogle plugin and enable all privacy and safe-search options.
  • Set web browser HTTP proxy to auto-detection
  • In about:config disable 'browser.fullscreen.autohide', enable 'network.dns.disableIPv6'
  • In prefs security tab, uncheck the Tell me if ... suspected attack site, and forgery site (otherwise it downloads a massive file from google).
  • Disable Google auto-suggestion features in CustomizeGoogle plugin preferences.
  • (This is webcam model specific) To work around a bug in Adobe Flash plugin, add the following line near the top of the /usr/bin/firefox script: 'export LD_PRELOAD=/usr/lib/libv4l/v4l1compat.so' and this will allow the camera to be used in flash in V4L1 compatibility mode.

Printer

  • Add and configure networked printer (photocopier)
  • Need to determine model, IP address and driver if required.

Scratch

  • Edit /home/pupil/.scratch.ini and add:
ProxyServer=proxy
ProxyPort=8080
Home=/home/*
  • Add a symlink to examples in "~/Scratch Projects"
 sudo ln -sf /usr/share/scratch/Projects/ "/home/pupil/Scratch Projects/Examples"
 sudo ln -sf /home/pupil/Share/ "/home/pupil/Scratch Projects/Share"
 sudo ln -sf /usr/share/scratch/Media/ "/home/pupil/Scratch Projects/Media"

JClic

  • Add activities into it by downloading them from the JClic site here
  • Ensure that when you click the 'Install' link for an activity that you associate it with openjdk as prompted then select to do this automatically.

Home Directory Synchronisation

  • A custom service runs that, upon network connectivity, runs a start-up script that performs the following:
    • Gets the common /opt/custom-scripts from the server if available (via rsync)
    • Runs the script which could contain: commands to install or update certain packages, other sysadmin type tasks (todo)
    • Syncs server master copy of pupil home dir /opt/pupilhome/ with the local /opt/pupilhome/
  • Add a command that syncs the /opt/pupilhome/ dir with /home/pupil/ upon boot-up as follows in /etc/rc.local (before 'exit 0'):
test -f /opt/custom-scripts/.home-sync-xfer-lock \
|| rsync -av --progress --one-file-system --delete /opt/pupilhome/ /home/pupil/ \
--exclude=Desktop/Emergency\ MyFiles/** --exclude=.gvfs
# remove 'Emergency MyFiles' older than 30 days
find /home/pupil/Desktop/Emergency\ MyFiles/ -ctime +30 -type d -exec rmdir {} \;
find /home/pupil/Desktop/Emergency\ MyFiles/ -ctime +30 -type f -exec rm {} \;

Update Master Pupil Home Directory

  • Copy the current /home/pupil to the server after logging out:
  • Logout of pupil account
  • On a text terminal (Fn-ALT-F1) login as pupil and run this:
rsync -avx --delete /home/pupil/ /opt/pupilhome/
rsync -avx --delete /home/pupil/ root@server:/opt/pupilhome/

To-Do

  • In safe mode before imaging, Remove the entries in /etc/udevd/rules.d/70-persistent-net.rules for eth0 and eth1 (prevents laptops trying to use eth2/3 instead after imaging)
  • 'Phone-home' for security: Add an autossh service to a trusted internet server IP so that if any laptop is stolen we have the IP address and service tag (from dmidecode) if booted.
  • Add SelectaDNA paint

Future Improvements

Known Issues

  • Where to set proxy for IcedTea Java plugin? (Is this a java property - java.net.useSystemProxies ?)
  • ntp-servers in dhcp server list not used by dhcpclient
  • Parley cannot get new collections due to proxy not being effective in kde apps
  • JClic does not quit
  • In firefox, resized images (i.e. images rendered with smaller than native size) have a 1pixel visible top and left border.
Personal tools