r3 - 07 Jun 2005 - 13:54:26 - JimMcQuillanYou are here: TWiki > 
Ltsp Web > ScreenScripts > SharingLocalDevsBySambaWithShortPasswordsGeneratedOnVT1
Ltsp Web > ScreenScripts > SharingLocalDevsBySambaWithShortPasswordsGeneratedOnVT1You can log on to a Windows-Terminal-Server and Unix-Servers
and then access the hardware physically connected to the Terminal
you are sitting at.
So CDROM, USB, and Floppy.
All this is done via samba, using one-(short)-time passwords, you can
generate on VT1.
- The Main Changes to ltsp-4.1
- Additional libraries required against ltsp-4.1
- New Options in lts.conf: and its purpose
- Changes to /etc/inittab as diff
- The NEW File /etc/passwd.tpl as diff
- Changes to /etc/rc.localdev as diff
- Changes to /etc/rc.sysinit as diff
- Changes to /etc/screen.d/rdesktop as diff
- Changes to /etc/screen.d/startx as diff
- The NEW File /etc/switchvt as diff
The Main Changes to ltsp-4.1
lts.conf: i386/etc/lts.conf Additional Files for etc: i386/etc/compose.latin1.inc.gz i386/etc/de-latin1-nodeadkeys.kmap.gz i386/etc/de-latin1.kmap.gz i386/etc/euro.inc.gz i386/etc/linux-keys-bare.inc.gz i386/etc/linux-with-alt-and-altgr.inc.gz i386/etc/qwertz-layout.inc i386/etc/rc.d/loadkeys i386/etc/screen.d/help1 i386/etc/screen.d/help2 i386/etc/screen.d/help3 i386/etc/screen.d/pw i386/etc/switchvt Additional Files for bin and usr/bin: i386/bin/loadkeys i386/usr/bin/seq i386/usr/bin/pgrep i386/usr/bin/pwgen Additional Files for lib and usr/lib: i386/lib/libcfont.so.0 i386/lib/libctutils.so.0 i386/lib/libconsole.so.0 i386/lib/libproc-3.2.3.so Additional Symlinks: i386/usr/local/share/rdesktop/keymaps -> i386/usr/share/rdesktop/keymaps New Symlinks: mv /etc/passwd /etc/passwd.tpl ln -s /tmp/passwd /etc/passwd
Additional libraries required against ltsp-4.1
ldd shows us:
/usr/bin/seq:
libm.so.6 => /lib/libm.so.6 (0x4002d000)
libc.so.6 => /lib/libc.so.6 (0x4004f000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
/usr/bin/pgrep:
libproc-3.2.3.so => /lib/libproc-3.2.3.so (0x4002d000)
libc.so.6 => /lib/libc.so.6 (0x4003e000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
/usr/bin/pwgen:
libc.so.6 => /lib/libc.so.6 (0x4002d000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
/bin/loadkeys:
libcfont.so.0 => /lib/libcfont.so.0 (0x4002d000)
libctutils.so.0 => /lib/libctutils.so.0 (0x40031000)
libconsole.so.0 => /lib/libconsole.so.0 (0x40036000)
libc.so.6 => /lib/libc.so.6 (0x40049000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
You need to copy all those libraries shown in bold.
New Options in lts.conf: and its purpose
- New Options in lts.conf and the purposes
- SMBPASSWD = <string>
- Description
Specifies the smbpasswd file, samba will use for authentification. See also the samba documentation. - Files affected
/etc/rc.localdev generating /tmp/smb.conf
smb passwd file = /etc/passwd - Default
SMBPASSWD = /etc/passwd - Example
SMBPASSWD = /tmp/smbpasswd
- Description
- SMBENCRYPTPW=<string>
- Description
Specifies wether samba uses
encrypt passwords = true or
encrypt passwords = false. See samba documentation. - Default
SMBENCRYPTPW = false - Files affected
/etc/rc.localdev generating /tmp/smb.conf - Example
SMBENCRYPTPW = true
- Description
- SMBGUESTACC=<string>
- Description
Specifies guest account = ${SMBGUESTACC:-"nobody"} - Default
SMBGUESTACC = nobody - Files affected
/etc/rc.localdev generating /tmp/smb.conf - Example
SMBGUESTACC = smb
- Description
- SMBDEBUGLEVEL=<int>
- Description
debuglevel = ${SMBDEBUGLEVEL:-"0"} - Default
0 - Files affected
/etc/rc.localdev generating /tmp/smb.conf
samba logfiles - Example
SMBDEBUGLEVEL = 3
- Description
- SMBWINS=<IP>
- Description
wins server = ${SMBWINS:-""} - Default
"" - Files affected
/etc/rc.localdev generating /tmp/smb.conf
and browsing in the samba/cifs/networkneighbourhood - Example
SMBWINS = 192.168.0.245
- Description
- SMBLOCALMASTER=<string>
- Description
local master = ${SMBLOCALMASTER:-"No"} - Default
No - Files affected
/etc/rc.localdev generating /tmp/smb.conf
and browsing in the samba/cifs/networkneighbourhood - Example
SMBLOCALMASTER = yes
- Description
- SMBSERVERSTRING=<string>
- Description
server string = ${SMBSERVERSTRING:-"%m"} - Default
%m resulting in the maschine name - Files affected
/etc/rc.localdev generating /tmp/smb.conf
and browsing in the samba/cifs/networkneighbourhood - Example
SMBSERVERSTRING = Terminal
- Description
- SMBONETIMEPASS=<string>
- Description
On per Share basis:
user = ${SMBGUESTACC}
guest ok = No - Default
guest ok = Yes - Files affected
/etc/rc.localdev generating /tmp/smb.conf
/etc/rc.sysinit, generating /tmp/passwd (/etc/passwd points to it) - Example
SMBONETIMEPASS = yes SMBGUESTACC = smb
- Description
- SMBSTARTNMBD=<bool>
- Description
Starts nmbd, once - Default
- Files affected
/etc/rc.localdev - Example
SMBSTARTNMBD = yes
- Description
- SWITCHVT1AFTERBOOT=<int>
- Description
Switches to vt1 after a given amount of seconds
When X starts, a normal system will switch to the X-Console.
SWITCHVT1AFTERBOOT will switch back to vt1 after the system-boot. - Default
- Files affected
/etc/rc.sysinit
/etc/switchvt1 - Example
SWITCHVT1AFTERBOOT = 10
- Description
Changes to /etc/inittab as diff
diff -Naur ltsp.orig/i386/etc/inittab ltsp.new/i386/etc/inittab --- ltsp.orig/i386/etc/inittab 2004-07-12 21:07:54.000000000 +0200 +++ ltsp.new/i386/etc/inittab 2004-11-22 16:58:54.000000000 +0100 @@ -12,15 +12,16 @@ s1:5:respawn:/bin/startsess tty1 /etc/screen_session s2:5:respawn:/bin/startsess tty2 /etc/screen_session s3:5:respawn:/bin/startsess tty3 /etc/screen_sessionWell, to recognize those lines was hard, but I finally found out why SCREEN_04 = help3 didnt show anything. So here's the point.
-s4:5:off:/bin/startsess tty4 /etc/screen_session -s5:5:off:/bin/startsess tty5 /etc/screen_session -s6:5:off:/bin/startsess tty6 /etc/screen_session +s4:5:respawn:/bin/startsess tty4 /etc/screen_session +s5:5:respawn:/bin/startsess tty5 /etc/screen_session +s6:5:respawn:/bin/startsess tty6 /etc/screen_session s7:5:off:/bin/startsess tty7 /etc/screen_session s8:5:off:/bin/startsess tty8 /etc/screen_session s9:5:off:/bin/startsess tty9 /etc/screen_session sa:5:off:/bin/startsess tty10 /etc/screen_session sb:5:off:/bin/startsess tty11 /etc/screen_session sc:5:off:/bin/startsess tty12 /etc/screen_sessionThere are better places to start switchvt, but, why not. Some could point out a way how to really do it the ltsp way
+sd:5:once:/etc/switchvt # # Start the printers @@ -32,3 +33,4 @@ l:345:respawn:/etc/run_ltspinfod s:0:wait:/bin/sh /etc/rc.shutdown r:6:wait:/bin/sh /etc/rc.rebootNice thing and really missing one:
+ca:12345:ctrlaltdel:/sbin/reboot
The NEW File /etc/passwd.tpl as diff
The purpose of the folling hack is, to let rc.sysinit copy /etc/passwd.tpl to /tmp/passwd.Then it looks like /etc/passwd -> /tmp/passwd
so you have the chance to change passwd on terminal-runtime.
Required for specifying the samba guest user on runtime. (e.g. you dont like nobody)
diff -Naur ltsp.orig/i386/etc/passwd.tpl ltsp.new/i386/etc/passwd.tpl --- ltsp.orig/i386/etc/passwd.tpl 1970-01-01 01:00:00.000000000 +0100 +++ ltsp.new/i386/etc/passwd.tpl 2004-11-22 16:43:51.000000000 +0100 @@ -0,0 +1,5 @@ +root:x:0:0:root:/root:/bin/bash +bin:x:1:1:bin:/bin: +sshd:x:74:74:sshd:/:/bin/false +nobody:x:99:99:Nobody:/:/bin/false ++::::::
Changes to /etc/rc.localdev as diff
diff -Naur ltsp.orig/i386/etc/rc.localdev ltsp.new/i386/etc/rc.localdev
--- ltsp.orig/i386/etc/rc.localdev 2004-08-20 06:46:15.000000000 +0200
+++ ltsp.new/i386/etc/rc.localdev 2004-11-22 17:37:50.000000000 +0100
@@ -27,13 +27,18 @@
#
if [ "${FOUND_ONE}" = "N" ]; then
FOUND_ONE=Y
the -p argument to mkdir will not let display mkdir an error
message, even if the directory already exists.
- mkdir ${SAMBATMP}
+ mkdir -p ${SAMBATMP}
cat <<-EOF >${SAMBACNF}
[global]
workgroup = ${WORKGROUP:-"LTSP"}
security = SHARE
Self explanatory
- smb passwd file = /etc/passwd
- guest account = nobody
+ smb passwd file = ${SMBPASSWD:-"/etc/passwd"}
+ encrypt passwords= ${SMBENCRYPTPW:-"false"}
+ guest account = ${SMBGUESTACC:-"nobody"}
+ debuglevel = ${SMBDEBUGLEVEL:-"0"}
+ wins server = ${SMBWINS:-""}
+ local master = ${SMBLOCALMASTER:-"No"}
+ server string = ${SMBSERVERSTRING:-"%m"}
log file = /tmp/samba/%m.log
max log size = 2
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
@@ -76,6 +81,7 @@
;;
sd* ) modprobe scsi_mod
modprobe sd_mod
USB sticks tend to have dos formatted partitions
+ modprobe vfat
RW="rw"
SRW="no"
FS="auto"
@@ -92,7 +98,14 @@
[${SHARE}]
path = /tmp/${SHARE}
read only = ${SRW}
- guest ok = Yes
+ EOF
+ if [ ! -z "${SMBONETIMEPASS}" ] && [ ! -z "${SMBGUESTACC}" ]; then
+ echo " user = ${SMBGUESTACC} " >> ${SAMBACNF}
+ echo " guest ok = No " >> ${SAMBACNF}
+ else
+ echo " guest ok = yes " >> ${SAMBACNF}
+ fi
+ cat <<-EOF >>${SAMBACNF}
locking = no
EOF
mkdir /tmp/${SHARE}
@@ -102,6 +115,12 @@
done
if [ "${START_SAMBA}" = "Y" ] ; then
+ killall smbd > /dev/null 2>&1
smbd -D -s /tmp/smb.conf
fi
+if [ "${SMBSTARTNMBD}" ]; then
+ if [ -z "`pgrep nmbd`" ]; then # no need to restart nmbd, once started.
+ nmbd -D -s /tmp/smb.conf
+ fi
+fi
Changes to /etc/rc.sysinit as diff
diff -Naur ltsp.orig/i386/etc/rc.sysinit ltsp.new/i386/etc/rc.sysinit
--- ltsp.orig/i386/etc/rc.sysinit 2004-07-18 17:10:18.000000000 +0200
+++ ltsp.new/i386/etc/rc.sysinit 2004-11-22 19:09:53.000000000 +0100
@@ -53,11 +53,21 @@
/sbin/mke2fs -q -m0 /dev/ram1 ${RAMDISK_SIZE}
/bin/mount -n /dev/ram1 /tmp
Could not be done earlier. And should be done here.+cp /etc/passwd.tpl /tmp/passwd + # # A place to store information that is retrieved by ltspinfod # mkdir /tmp/infoWe create a file /tmp/info/bootup. Switchvt removes it the first time, so vt switching will really happen only once
(insane enforcement)
+# System knows about boot is in process.
+# Useable for one-time jobs _after_ e.g. switching back to vt1
+# _after_ launching X-Windows
+
+if [ ! -z ${SWITCHVT1AFTERBOOT} ]; then
+ echo "1" > /tmp/info/bootup # there is no "touch"
+fi
+
#
# Find out if we want to allow local applications
#
@@ -381,14 +391,27 @@
pr_set 94 "Starting ypbind"
echo "Starting ypbind"
Ah well I think it will give you more flexibility
on what gets started and what doesnt.
- if [ -z "${NIS_SERVER}" ]; then
- ypbind -broadcast
- else
- ypbind -f /tmp/yp.conf
+ if [ "${START_NIS}" ]; then
+ echo "+::::::" >> /tmp/passwd
+ if [ -z "${NIS_SERVER}" ]; then
+ ypbind -broadcast
+ else
+ ypbind -f /tmp/yp.conf
+ fi
+ fi
+ if [ "${START_SSHD}" ]; then
+ echo "Starting sshd..."
+ sshd
fi
Same here, now you can determine sshd.
- echo "Starting sshd..."
- sshd
+ if [ "${SMBONETIMEPASS}" ] && [ ! -z "${SMBGUESTACC}" ]; then
+ grep -v "+:::::" < /tmp/passwd > /tmp/passwd.tmp || cp /etc/passwd.tpl /tmp/passwd
+ cp /tmp/passwd.tmp /tmp/passwd
+ echo "${SMBGUESTACC}:x:100:100:Nobody:/:/bin/false" >> /tmp/passwd
+ if [ "${START_NIS}" ]; then
+ echo "+:::::" >> /tmp/passwd
+ fi
+ fi
fi
Changes to /etc/screen.d/rdesktop as diff
diff -Naur ltsp.orig/i386/etc/screen.d/rdesktop ltsp.new/i386/etc/screen.d/rdesktop --- ltsp.orig/i386/etc/screen.d/rdesktop 2004-07-27 07:16:40.000000000 +0200 +++ ltsp.new/i386/etc/screen.d/rdesktop 2004-11-22 18:47:49.000000000 +0100 @@ -159,7 +159,7 @@ echo echo echoSome more info for the user.
-echo -n " Pressto Login " +echo -n " Press to Login to ${RDP_SERVER}" read if [ -w /proc/progress ]; then
Changes to /etc/screen.d/startx as diff
diff -Naur ltsp.orig/i386/etc/screen.d/startx ltsp.new/i386/etc/screen.d/startx
--- ltsp.orig/i386/etc/screen.d/startx 2004-07-19 05:50:02.000000000 +0200
+++ ltsp.new/i386/etc/screen.d/startx 2004-11-22 20:13:36.000000000 +0100
@@ -21,11 +21,11 @@
XFCFG=/tmp/XF86Config.${TTY}
export TTY
if you do XDM_SERVER = some.host
and have XF_ARGS = -indirect some_otherhost
it now does not unset XF_ARGS any more.-if [ $# -lt 1 ]; then - XF_ARGS="" -else - XF_ARGS=$* -fi +#if [ $# -lt 1 ]; then +# XF_ARGS="" +#else +# XF_ARGS=$* +#fi ################################################################################ #
The NEW File /etc/switchvt as diff
diff -Naur ltsp.orig/i386/etc/switchvt ltsp.new/i386/etc/switchvt --- ltsp.orig/i386/etc/switchvt 1970-01-01 01:00:00.000000000 +0100 +++ ltsp.new/i386/etc/switchvt 2004-11-22 17:03:37.000000000 +0100 @@ -0,0 +1,8 @@Check for /tmp/info/bootup, remove it, switch to vt1 and vt1 displays "hey, press return to generate a new password"
+#!/bin/bash + +VALUE=`/bin/getltscfg SWITCHVT1AFTERBOOT` +if [ -f "/tmp/info/bootup" ]; then + rm /tmp/info/bootup + sleep $VALUE + chvt 1 +fi
- Bild2.gif:
Show attachments
Hide attachments
| I | Attachment | Action | Size | Date | Who | Comment |
|---|---|---|---|---|---|---|
 conf | lts.conf | manage | 1.6 K | 16 Dec 2004 - 20:36 | ThomasReifferscheid | |
 txt | loadkeys.txt | manage | 0.4 K | 16 Dec 2004 - 20:40 | ThomasReifferscheid | |
 gif | Bild2.gif | manage | 42.4 K | 16 Dec 2004 - 20:40 | ThomasReifferscheid | |
| txt | diff.txt | manage | 6.4 K | 16 Dec 2004 - 20:41 | ThomasReifferscheid | |
| txt | help1.txt | manage | 2.5 K | 16 Dec 2004 - 20:41 | ThomasReifferscheid | |
| txt | help2.txt | manage | 2.3 K | 16 Dec 2004 - 20:41 | ThomasReifferscheid | |
| txt | help3.txt | manage | 2.3 K | 16 Dec 2004 - 20:41 | ThomasReifferscheid | |
| txt | pw.txt | manage | 2.4 K | 16 Dec 2004 - 20:42 | ThomasReifferscheid | |
| txt | switchvt.txt | manage | 0.2 K | 16 Dec 2004 - 20:42 | ThomasReifferscheid |
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback