PDA

View Full Version : Make your knoppix multi-user without installing to hard drv



true1ever
04-08-2003, 03:08 AM
A few days ago I wrote a couple of scripts to enable thin-client X terminals to connect to a knoppix server. A side benefit of the scripts is that it gives you the ability to create a multi-user environment like you would have on a regular hard drive install. This can be useful if you want to have multiple users ssh into the server with their own usernames/passwords, having their own home directories, etc, etc. It even gives you the ability to backup and restore these settings on subsequent reboots. And you don't even have to remaster the CD, these scripts have been tested with the plain Knoppix3.2 03_30 version with no changes. Make a scripts directory in the knoppix directory and put these 3 scripts in there.

Here is the script to enable creation of users:
#!/bin/bash
cp /etc/kde3/kdm/Xaccess /ramdisk
cp /etc/kde3/kdm/kdmrc /ramdisk
rm -r /etc/kde3/kdm/Xaccess
rm -r /etc/kde3/kdm/kdmrc
sed 's/^#\*/\*/g' < /ramdisk/Xaccess > /ramdisk/Xaccess1
mv -f /ramdisk/Xaccess1 /ramdisk/Xaccess
sed 's/^Enable=false/Enable=true/g' < /ramdisk/kdmrc > /ramdisk/kdmrc1
mv -f /ramdisk/kdmrc1 /ramdisk/kdmrc
ln -s /ramdisk/Xaccess /etc/kde3/kdm/Xaccess
ln -s /ramdisk/kdmrc /etc/kde3/kdm/kdmrc
/etc/init.d/kdm start
cp /etc/gshadow /etc/gshadow1
mv -f /etc/gshadow1 /etc/gshadow
while [ "$usr" != none ]
do
echo To add users enter username or press enter to quit adding users
read usr
if [ "$usr" != "" ]
then
adduser $usr
rm /home/$usr/* -rf
rm /home/$usr/.* -rf
else
usr="none"
fi
done



To save the contents of the user homedirs and the usernames/passwords run this script:

#!/bin/bash
tar -cvvf /home/knoppix/tcph.tar /home/* /etc/passwd /etc/shadow /etc/group /etc/gshadow --exclude /home/knoppix
gzip /home/knoppix/tcph.tar
chown knoppix.knoppix /home/knoppix/tcph.tar.gz


The second line is long and may span two lines on the display, make sure it is entered as is with no carriage returns. (Line 3 starts with the word gzip)

The script to restore is as follows:

#!/bin/bash
cd /
tar xfvz /home/knoppix/tcph.tar.gz


These last two scripts save/restore using a file called tcph.tar.gz in the knoppix directory. Since this file is is in the knoppix directory it will also get saved through the regular knoppix save-configuration or persistent home scripts of the knoppix user so you'll have it handy next time you want to restore the multi-user function.

The basic usage scenario is like this:
a) Run script one, create users
b) use the system to your heart's content
c) before shutting down, run script two and then run the regular knoppix "save configuration" script

On a reboot to recreate all the usernames, home directories and passwords:
d) boot with myconfig=scan cheatcode or similar
e) run script one but don't create any users
f) run script three

Thats it! :) At this point you'll be exactly as you left off at point c above with all the home directories, files, passwords restored.

Any questions, feel free to ask me.

regards,
Jim

RockMumbles
04-12-2003, 06:20 AM
I am using knoppix 3.1-1-20 since on my old hardware it is much faster and does everything I need, so I changed your first kdm script slightly, I have it ask for root and knoppix passwords and put the script on my partition where my persistent home is located. I have the persistent home knoppix.sh on a floppy and I added a line at the end of the knoppix.sh that calls the kdm script. the only problem I've run into is with the 3.1 persistent home I can only save user knoppix's home but that's OK with me.

this is sweet!

rock

blackshadow
06-23-2003, 03:54 PM
Question: What I want is to unable Windows machines running some x-server software like ReflectionX to be able to connect and login to the Knoppix box (boot from the CD). The best solution would be to enable XDM so I don't need to know the IP of the Knoppix machine (a broadcast will show all x-clients, in this case the Knoppix box, that are running on the subnet.

Tried with your scripts but it doesn't seem to do what I want. Any ideas? If possible, I would like to config it to enable access to all workstations on a given subnet, something like 192.168.*.*.

Thanks.