Linux Live-CD Kiosk: The Next Generation

The church I attend had a need for a new kiosk that would be used to serve up the webpage of their online giving portal. I immediately volunteered, having had done a few basic kiosks in the past for fun, using the Morphix and other old-school linux live cd version.

Its been over six years since my last “kiosk” experience, and figured this would be a piece of cake. Surely, the open-source “kiosk” scene would be light-years ahead of where they were before, since nearly every major linux distribution has a “live-cd” version.

I found that it was nearly the opposite.

If you do a search for “linux kiosks”, you’ll return thousands of sites with thousands of variations. There are however very few open-source distributions that allow a simple customized kiosk without any advance customization and/or system compilation. There are a few that come close, notable Webconverger (http://webconverger.com/), but they still lack easy customization without massive editing of config files with little documentation.

My final solution was based on a single distribution and a ton of hacking.

Special Thanks

Although out of date, I would like to thank Eric Hartwell’s article “HowTo: Create a Boot-From-CD Browser Kiosk with Firefox and SLAX Linux 5.1.8″, which gave me a great starting point and some background on Slax.

The requirements

1.) Needed to be a locked down modern browser supporting HTTPS and other modern plugins (Flash/etc).
2.) Needed to boot from CD. This was my requirement, since it would require NO effort to fix if the system got stuck/broken. Just reboot the live-cd.
3.) Needed to have a basic firewall and no-open service.
4.) Needed to run as a live-cd on somewhat older hardware. (I was targeting older Dells in the > 1.6 Ghz ranges, that our Church had some supply).
5.) Kiosk mode: Full screen browser.

Solution:

While Webconverger was a great system, I spent hours just trying to tweak basic configuration options and locking down the basic browser. I found the documentation was a bit scattered. I think in due time, this is going to be the defacto Kiosk platform.

For now I will have to do with the below solution.

Please note, these are high-level instructions and DO NOT go into great details of the Slax system. The system is well documented on their site and throughout the internet.

1.) Slax was a piece of cake to modify, was reasonably documented, and contained ALL the tools necessary to roll your own version directly from the downloadable ISO (Windows tools as well! Big time bonus).

2.) firefox 3.5.1 plugin and flash-plugin: Once you have extracted the Slax iso, you simply need to copy these plugins into the “modules” folder. When you compile your new “live cd” (using the simple tools included), these modules will automatically be added to your cd.

3.) R-Kiosk plugin: This is a standalone plugin that I downloaded directly from the firefox extension site. It is installed into firefox, once the live cd has booted, using the perl script described below.
(hint: “/usr/bin/firefox -install-global-extension /etc/r-kiosk-0.8.1-fx.xpi”).

4.) Kiosk Mode: To setup and “run” my kiosk mode, I used the default “KDE Autostart” folder and created a custom perl script to do my kiosk bidding.

First in the “rootcopy” folder, I created a structure /root/.kde/Autostart/.
a.) Setup a Firefox “prefs.js” file. I’ve put together one from a bunch of sites that had the need to lockdown a firefox browser. This file is supposed to be easily brought into any new firefox profile, but I had a dickens of a time getting it to work. I ended up using a bigger hammer (see perl script) to copy it into root’s firefox mozilla profile after it is created. Kind of a pain, but it seemed to work well enough.

b.) The perl script is used for a variety of tasks. It copies files from my /etc/ area that I have included as configured items (like firefox preferences and the R-kiosk plugin).

Then from an infinite loop, it run’s firefox, kills firefox (to create the profile directory), copies the firefox “js” configuration files into the new /root/.mozilla/firefox/randomn.default/ folder. The infinite loop helps out in two ways. If Firefox ever were to crash OR a user figured out a way around my lock-down controls, firefox is relaunched in seconds.

c.) Locking down the KDE keyboard shortcut is done in the
/root/.kde/share/config/kdeglobals file. You’ll need to grab a copy of this file out of the running slax distribution.

d.) Compilation. Building your new Slax cd is a piece of cake. In the Slax folder you extracted, there is a directory called “slax”. Inside that directory there are two script files “make_iso.bat” and “make_iso.sh”. Running either script (with your end ISO file as a parameter) will automatically compile, compress, and create your new iso. No additional software required, which made it a very simple process.

e.) Finally, I modified the “/boot/slax.cfg” file, to only allow a single entry to boot off of and disable hard-drive auto-detects.

5.) VMware (or other Virtualization tool) is your friend. I couldn’t tell you how important it is to have Vmware or other tool installed. Because you go through so many iterations of trial and error, its a peace of cake to fire up the new ISO image and see if it works or not instantly. I remember the old days of burning to a CD and booting it on my laptop.

The Result

The end result is an ISO image that can you burned to a CD and booted in any near-old machine (Gigahertz processor). It will boot into Slax, autoconfigure itself, installs the R-Kiosk plugin behind the scenes, installs a locked down firefox plugin, and starts a firefox window in a kiosk mode directed at a single url. The kiosk is locked down since all of the system shortcuts are disabled via “kdeglobals” and the R-kiosk firefox plugin locks-down the rest.

If the physical computer were to ever break, a staff member could simply take the CD out and put it into another older machine. No technical knowledge required. Should Firefox encounter any issue (crash, run out of memory for whatever reason), you simply just need to reboot the machine. If the power were to go out, all of the kiosks will automatically restart and reload to the same spot. Since its a CD, nothing is ever stored.

Other uses for this system could include: a major tiled wall mounted display system, kiosk display for continuous demonstrations (flash/movies/youtube/power point/ slide shows), automatic internet radio playing (Slax handles audio automatically..just add speakers), data mining / real-time display using Google Earth, VPN tunneled Skype Chat on a cd (encrypted tunnel on-top of Skype’s encryption), automatical MS Remote Desktop Thin-Client. The possibilities are endless considering Slax Vast Array of available modules

Please do not hesitate to Contact Us if you have any questions or need any customized Kiosk cds.

Posted in Tech Tips