diff options
Diffstat (limited to 'core/modules/kiosk-common/data/opt/openslx')
4 files changed, 118 insertions, 0 deletions
diff --git a/core/modules/kiosk-common/data/opt/openslx/lightdm/autologin.d/10-kiosk-mode b/core/modules/kiosk-common/data/opt/openslx/lightdm/autologin.d/10-kiosk-mode new file mode 100644 index 00000000..b740496b --- /dev/null +++ b/core/modules/kiosk-common/data/opt/openslx/lightdm/autologin.d/10-kiosk-mode @@ -0,0 +1,9 @@ +#!/bin/ash +# ^SOURCED + +# kiosk mode? +if [ -n "$SLX_BROWSER_URL" ]; then + exec /opt/openslx/scripts/kiosk-launch +fi + +true diff --git a/core/modules/kiosk-common/data/opt/openslx/lightdm/guest-account.d/00-iptables b/core/modules/kiosk-common/data/opt/openslx/lightdm/guest-account.d/00-iptables new file mode 100644 index 00000000..38e4893a --- /dev/null +++ b/core/modules/kiosk-common/data/opt/openslx/lightdm/guest-account.d/00-iptables @@ -0,0 +1,26 @@ +#!/bin/ash +# ^ SOURCED + +kiosk_rules="/opt/openslx/iptables/rules.d/90-kiosk" +cat <<-EOF > "$kiosk_rules" + #!/bin/ash + + iptables -w -A ipt-helper-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT + iptables -w -I ipt-helper-OUTPUT 1 -o br0 -d 132.230.0.0/16 -j ACCEPT + iptables -w -I ipt-helper-INPUT 1 -i br0 -d 132.230.0.0/16 -j ACCEPT + iptables -w -I ipt-helper-OUTPUT 1 -o br0 -d 10.0.0.0/8 -j ACCEPT + iptables -w -I ipt-helper-INPUT 1 -i br0 -d 10.0.0.0/8 -j ACCEPT + + iptables -P INPUT DROP + iptables -P FORWARD DROP + iptables -P OUTPUT DROP +EOF + +chmod +x "$kiosk_rules" + +# HACK: wait for iptables helper to setup the rules... +sleep 2 + +# make sure it is cleared on session close +echo "rm -f \"$kiosk_rules\"" > "/etc/X11/Xreset.d/clear-kiosk-iptables" +true diff --git a/core/modules/kiosk-common/data/opt/openslx/scripts/kiosk-launch b/core/modules/kiosk-common/data/opt/openslx/scripts/kiosk-launch new file mode 100755 index 00000000..43af3640 --- /dev/null +++ b/core/modules/kiosk-common/data/opt/openslx/scripts/kiosk-launch @@ -0,0 +1,26 @@ +#!/bin/bash +# generic kiosk mode launcher + +. /opt/openslx/config + +[ -z "$SLX_BROWSER_URL" ] && exit 1 + +# disable power management features +xset s off +xset -dpms + +# start openbox window manager +openbox --config-file "/etc/xdg/openbox/rc.xml.kiosk" & + +# move the mouse away +xdotool mousemove 20000 20000 & + +# run browser +for file in "$0".d/*; do + . "$file" || slxlog "kiosk-launch" "Failed to source '$file'." +done + +# should not come to this point as above sources should +# exec away +slxlog "kiosk-launch" "No kiosk browser configured!" +exit 1 diff --git a/core/modules/kiosk-common/data/opt/openslx/scripts/systemd-setup_kiosk b/core/modules/kiosk-common/data/opt/openslx/scripts/systemd-setup_kiosk new file mode 100755 index 00000000..a19e2bc3 --- /dev/null +++ b/core/modules/kiosk-common/data/opt/openslx/scripts/systemd-setup_kiosk @@ -0,0 +1,57 @@ +#!/bin/bash + +. /opt/openslx/config + +configure_fullscreen() { + # TODO having two variants of the rc.xml is quite bad, better to prune it with xmlstarlet? + local openbox_rc_file="/etc/xdg/openbox/rc.xml.kiosk" + local openbox_namespace="http://openbox.org/3.4/rc" + # for fullscreen functionality, use openbox + if [ ! -e "$openbox_rc_file" ]; then + echo "Could not find global openbox configuration" + return 1 + fi + local browser_node="//x:applications/x:application[@role='browser']" + local -i browser_node_count="$(xmlstarlet sel -N x="$openbox_namespace" -t -c "count($browser_node)" "$openbox_rc_file")" + if [ "$browser_node_count" -gt 1 ]; then + echo "More than one node for '$browser_node' found. Removing them all..." + xmlstarlet ed -L -N x="$openbox_namespace" -d "$browser_node" "$openbox_rc_file" + fi + # either we removed everything, or we had none to start with + if [ "$browser_node_count" -eq 0 ] ; then + local tmpname="application$RANDOM" + xmlstarlet ed -L -N x="$openbox_namespace" -s "//x:applications" -t elem -n "$tmpname" -i "//$tmpname" -t attr -n "role" -v "browser" "$openbox_rc_file" + browser_node="//x:applications/x:$tmpname" + fi + # Fullscreen or maximized depends on whether we should start an interactive session or not + # For now use SLX_BROWSER_INTERACTIVE + local state + if [ -n "$SLX_BROWSER_INTERACTIVE" ]; then + state="maximized" + xmlstarlet ed -L -N x="$openbox_namespace" -d "$browser_node/x:fullscreen" "$openbox_rc_file" + else + state="fullscreen" + xmlstarlet ed -L -N x="$openbox_namespace" -d "$browser_node/x:maximized" "$openbox_rc_file" + fi + + if ! xmlstarlet sel -Q -N x="$openbox_namespace" -t -c "$browser_node/x:$state" "$openbox_rc_file"; then + xmlstarlet ed -L -N x="$openbox_namespace" -s "$browser_node" -t elem -n "$state" -v "yes" "$openbox_rc_file" + elif [ "$(xmlstarlet sel -N x="$openbox_namespace" -t -v "$browser_node/x:$state" "$openbox_rc_file")" != "yes" ]; then + xmlstarlet ed -L -N x="$openbox_namespace" -u "$browser_node/x:$state" -v "yes" "$openbox_rc_file" + fi + xmlstarlet ed -L -N x="$openbox_namespace" -r "$browser_node" -v "application" "$openbox_rc_file" +} + +## MAIN +configure_fullscreen + +# Disable logout delay for demo user on shutdown/reboot/... +mkdir -p "/run/openslx" +touch "/run/openslx/demo-no-logout-delay" + +for file in "$0".d/*; do + # hooks for browser-related stuff + . "$file" || slxlog "kiosk-setup" "Failed to source '$file'." +done + +exit 0 |