Tips and Tricks/User Experience
Here are all topics to improve the user experience.
LDM supports auto login of accounts, if specified in the lts.conf file. Simply create a config section for each of the terminals you want to log in automatically and specify the variable LDM_USERNAME and LDM_PASSWORD.
Screen scripts are how LTSP determines what type of login will run on what virtual screen. Most GNU/Linux machines have 12 virtual consoles, which you can access by pressing Control-Alt-F1, through Control-Alt-F12. On some distributions there is a text based getty that is started on screen 1, but you normally can’t log into it, as there are no local users on the thin client.
However, for debugging purposes, you may want to set up root to log in on the thin client. You may need to do this if you’re debugging problems with local devices, for example. Fortunately, it’s easy to do: on the server, as root, just chroot into the LTSP chroot, and set the password with passwd.
By default, if there’s nothing else mentioned in lts.conf, an LDM session will be started on screen 7. Up to 12 screen scripts can be specified for a thin client. This will give you up to 12 sessions on the thin client. Currently, possible values include: rdesktop, xdmcp, shell, ldm, startx (deprecated), and telnet. Look in the $CHROOT/usr/share/ltsp/screen.d directory for more scripts, or write your own, and put them there.
If the thin client is setup to have a character based interface, then the value of this TELNET_HOST will be used as the host to telnet into. If this value is NOT set, then it will use the value of SERVER.
Disable Virtual Terminals
If you want to prevent users switching to other virtual terminals put the following Xorg configuration section in your chroot:
LDM Greeter and Theme
The language of the texts in LDM are controlled by the client's locale. Some of the texts come from gtk while most are derived from ldm. You can see in /opt/ltsp/i686/usr/share/locale/your-language/LC_MESSAGES if ldm.po is available. If it is, the ldm messages will be translated if you set the client's language locale correctly.
If it isn't, to translate the file, download the template translation file from the LTSP upstream LDM trunk and translate it. Compile it and copy the binary to locale dir with:
Note: You can tribute to the LTSP effort by mailing your translation to the ltsp-developer mailing list.
The themes of the LDM greeter are stored in /opt/ltsp/i686/usr/share/ldm/themes where the symlink default points to the chosen theme.
Block Websites for Clients
In a school or company it might be desirable to block certain websites for any or all clients. To do this, you should set up a proxy server in your local network and make it use a blacklist. Squid with squidGuard and the open blacklist from Shalla Secure Services is a good way to do this without extra cost. Refer to the squidGuard documentation for more information and installation instructions.
Note: setting up a proxy server is the preferred method to block websites. The method below can very easily be bypassed by users and should not be used in production enviroments.
The following example shows how you can block access to certain URL's with dnsmasq. If dnsmasq is configured as a DNS server, you can block certain domains from resolving correctly. This does mean however, that users can use alternative URL's to access their favorite websites without problems.
The below example is only valid if dnsmasq is not only configured as a DHCP server, but also as a DNS server.
When booting a client, by default, the DNS information is retrieved from the DHCP server and this will probably contain only the DNS servers configured on the server's /etc/resolv.conf. To let the clients use the server itself as a DNS server also, configure it in lts.conf.
The Dnsmasq config file contains a line for each host you want to redirect. You can redirect them to 127.0.0.1, providing an "unable to connect" message of some sorts, or you can direct them to a dedicated website on the server, indicating the page is blocked.
Shutting down idle clients
Often people log out of thin or fat clients, but neglect or forget to shutdown the client at the end of the day. So the client stays at the LTSP LDM login prompt overnight. One way to remedy this, is to make all clients shutdown automatically after a while if nobody logs in.
To accomplish this, you can run a script alongside LDM, the LTSP login manager. The script would wait for a specified amount of time and then check if a user is logged in. If there is nobody logged in, the script shuts the client down.
This script would be created in LDM's "rc.d" directory on the client. Scripts in "rc.d" run alongside LDM. The script will look like this:
This command sleeps for 600 seconds, then checks if there is no instance of "ssh" running (which is always the case if there is nobody logged in to the server) and then shuts down the client. The ampersand (&) is necessary to run the command in the background.
Remember to always run ltsp-update-image after modifying files inside the /opt/ltsp/ directory.