Ci-dessous, les différences entre deux révisions de la page.
papweb [2011/06/20 08:28] saitMoh créée |
papweb [2023/07/18 23:11] |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
- | ==== Configuration d'un Point d' | ||
- | === Objectifs === | ||
- | Mettre à la disposition du public des lieux publics (MPT, MJC, Associations, | ||
- | Recycler des ordinateurs anciens en installant une distribution légère de GNU/Linux qui proposera aux utilisateurs **un seul logiciel : le navigateur Web((le web n'est pas Internet)) ** | ||
- | |||
- | === Installation de l'OS === | ||
- | Comme OS on part sur une base de Debian/ | ||
- | |||
- | On fera 4 partitions((en principe 3 devrait suffire si on externalise le proxy et les logs)): | ||
- | * le swap | ||
- | * la racine (/) | ||
- | * le home (/home) | ||
- | * les logs et autre données du système (/data) | ||
- | |||
- | On peut créer ou pas l' | ||
- | |||
- | == Configuration de l'OS == | ||
- | <code bash> | ||
- | # mkdir /data/log | ||
- | # echo "/ | ||
- | # mkdir /root/.ssh && chmod 700 /root/.ssh | ||
- | # touch / | ||
- | </ | ||
- | |||
- | Copiez vos clés id_rsa.pub dans le fichier / | ||
- | < | ||
- | PasswordAuthentication no | ||
- | AllowUsers root | ||
- | </ | ||
- | |||
- | Puis on verrouille le compte root. Tous les accés suivants au compte root se faisant par ssh. | ||
- | <code bash> | ||
- | # passwd -l | ||
- | </ | ||
- | |||
- | On vérifie le fichier / | ||
- | < | ||
- | # This file describes the network interfaces available on your system | ||
- | # and how to activate them. For more information, | ||
- | |||
- | # The loopback network interface | ||
- | auto lo | ||
- | iface lo inet loopback | ||
- | |||
- | # The primary network interface | ||
- | allow-hotplug eth0 | ||
- | iface eth0 inet dhcp | ||
- | </ | ||
- | Attention au fichier / | ||
- | |||
- | On complète le fichier / | ||
- | < | ||
- | deb http:// | ||
- | |||
- | deb http:// | ||
- | |||
- | deb http:// | ||
- | |||
- | # Pour avoir xulrunner-2.0 et iceweasel-4.0 sur squeeze | ||
- | deb http:// | ||
- | </ | ||
- | |||
- | En fonction du matériel présesent dans la machine il peut être nécessaire d' | ||
- | <code bash> | ||
- | # apt-get install firmware-linux | ||
- | </ | ||
- | Si d' | ||
- | <code bash> | ||
- | # apt-cache search --names-only firmware | ||
- | </ | ||
- | |||
- | On ajoute le support acpi et la gestion du son avec alsa((ou pulseaudio)) | ||
- | <code bash> | ||
- | # apt-get install acpi acpi-support acpitool alsa-base alsa-firmware-loaders alsa-tools alsa-utils | ||
- | </ | ||
- | |||
- | Editez le fichier / | ||
- | |||
- | == installation du proxy == | ||
- | Le proxy ainsi que l' | ||
- | <code bash> | ||
- | # apt-get install squid adzapper | ||
- | </ | ||
- | Puis il faut ajouter la ligne | ||
- | < | ||
- | redirect_program / | ||
- | </ | ||
- | au fichier / | ||
- | |||
- | === Configuration de l' | ||
- | Créez l' | ||
- | <code bash> | ||
- | # rsync -av / | ||
- | # passwd -l linuxquimper | ||
- | </ | ||
- | |||
- | On ajoute le serveur X et le gestionnaire de connection automatique nodm: | ||
- | <code shell> | ||
- | # apt-get install xorg nodm | ||
- | </ | ||
- | |||
- | == Choix du navigateur == | ||
- | C'est ce qui pose le plus problème car on ne peut pas installer n' | ||
- | * pas d' | ||
- | * pas d' | ||
- | * support des onglets | ||
- | * support de l' | ||
- | * support optionnel des plugins pour avoir flash, la lecture de fichier pdf ou autres document bureautique directement dans le navigateur. | ||
- | |||
- | Actuellement, | ||
- | |||
- | Pour faire une démo de l' | ||
- | <code shell> | ||
- | # apt-get install libwebkit-1.0-2 | ||
- | </ | ||
- | |||
- | |||
- | En principe la compilation du programme doit ce faire sur une autre machine et on a besoin des paquets suivants | ||
- | <code shell> | ||
- | # apt-get install build-essential libwebkit-dev | ||
- | </ | ||
- | |||
- | et du code source de GtkLauncher: | ||
- | <code c> | ||
- | /* | ||
- | * Copyright (C) 2006, 2007 Apple Inc. | ||
- | * Copyright (C) 2007 Alp Toker < | ||
- | * | ||
- | * Redistribution and use in source and binary forms, with or without | ||
- | * modification, | ||
- | * are met: | ||
- | * 1. Redistributions of source code must retain the above copyright | ||
- | | ||
- | * 2. Redistributions in binary form must reproduce the above copyright | ||
- | | ||
- | | ||
- | * | ||
- | * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' | ||
- | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
- | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
- | * PURPOSE ARE DISCLAIMED. | ||
- | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, | ||
- | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, | ||
- | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR | ||
- | * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY | ||
- | * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
- | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | ||
- | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
- | * | ||
- | * Modification pour la démo: | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | */ | ||
- | |||
- | #include < | ||
- | #include < | ||
- | |||
- | static gint windowCount = 0; | ||
- | |||
- | static GtkWidget* createWindow(WebKitWebView** outWebView); | ||
- | |||
- | static void activateUriEntryCb(GtkWidget* entry, gpointer data) | ||
- | { | ||
- | WebKitWebView *webView = g_object_get_data(G_OBJECT(entry), | ||
- | const gchar* uri = gtk_entry_get_text(GTK_ENTRY(entry)); | ||
- | g_assert(uri); | ||
- | webkit_web_view_load_uri(webView, | ||
- | } | ||
- | |||
- | static void updateTitle(GtkWindow* window, WebKitWebView* webView) | ||
- | { | ||
- | GString *string = g_string_new(webkit_web_view_get_title(webView)); | ||
- | gdouble loadProgress = webkit_web_view_get_progress(webView) * 100; | ||
- | g_string_append(string, | ||
- | if (loadProgress < 100) | ||
- | g_string_append_printf(string, | ||
- | gchar *title = g_string_free(string, | ||
- | gtk_window_set_title(window, | ||
- | g_free(title); | ||
- | } | ||
- | |||
- | static void linkHoverCb(WebKitWebView* page, const gchar* title, const gchar* link, GtkStatusbar* statusbar) | ||
- | { | ||
- | guint statusContextId = | ||
- | GPOINTER_TO_UINT(g_object_get_data(G_OBJECT(statusbar), | ||
- | /* underflow is allowed */ | ||
- | gtk_statusbar_pop(statusbar, | ||
- | if (link) | ||
- | gtk_statusbar_push(statusbar, | ||
- | } | ||
- | |||
- | static void notifyTitleCb(WebKitWebView* webView, GParamSpec* pspec, GtkWidget* window) | ||
- | { | ||
- | updateTitle(GTK_WINDOW(window), | ||
- | } | ||
- | |||
- | static void notifyLoadStatusCb(WebKitWebView* webView, GParamSpec* pspec, GtkWidget* uriEntry) | ||
- | { | ||
- | if (webkit_web_view_get_load_status(webView) == WEBKIT_LOAD_COMMITTED) { | ||
- | WebKitWebFrame *frame = webkit_web_view_get_main_frame(webView); | ||
- | const gchar *uri = webkit_web_frame_get_uri(frame); | ||
- | if (uri) | ||
- | gtk_entry_set_text(GTK_ENTRY(uriEntry), | ||
- | } | ||
- | } | ||
- | |||
- | static void notifyProgressCb(WebKitWebView* webView, GParamSpec* pspec, GtkWidget* window) | ||
- | { | ||
- | updateTitle(GTK_WINDOW(window), | ||
- | } | ||
- | |||
- | static void destroyCb(GtkWidget* widget, GtkWidget* window) | ||
- | { | ||
- | if (g_atomic_int_dec_and_test(& | ||
- | gtk_main_quit(); | ||
- | } | ||
- | |||
- | static void closeCb(GtkWidget* widget, | ||
- | { | ||
- | gtk_main_quit(); | ||
- | } | ||
- | |||
- | static void goBackCb(GtkWidget* widget, | ||
- | { | ||
- | webkit_web_view_go_back(webView); | ||
- | } | ||
- | |||
- | static void goForwardCb(GtkWidget* widget, WebKitWebView* webView) | ||
- | { | ||
- | webkit_web_view_go_forward(webView); | ||
- | } | ||
- | |||
- | static WebKitWebView* | ||
- | createWebViewCb(WebKitWebView* webView, WebKitWebFrame* web_frame, GtkWidget* window) | ||
- | { | ||
- | WebKitWebView *newWebView; | ||
- | createWindow(& | ||
- | return newWebView; | ||
- | } | ||
- | |||
- | static gboolean webViewReadyCb(WebKitWebView* webView, GtkWidget* window) | ||
- | { | ||
- | gtk_widget_grab_focus(GTK_WIDGET(webView)); | ||
- | gtk_widget_show_all(window); | ||
- | return FALSE; | ||
- | } | ||
- | |||
- | static gboolean closeWebViewCb(WebKitWebView* webView, GtkWidget* window) | ||
- | { | ||
- | gtk_widget_destroy(window); | ||
- | return TRUE; | ||
- | } | ||
- | |||
- | static useProxy(void) | ||
- | { | ||
- | SoupSession* session = webkit_get_default_session(); | ||
- | if(session) { | ||
- | | ||
- | | ||
- | g_object_set(session, | ||
- | soup_uri_free(uri); | ||
- | } | ||
- | } | ||
- | } | ||
- | |||
- | static GtkWidget* createBrowser(GtkWidget* window, GtkWidget* uriEntry, GtkWidget* statusbar, WebKitWebView* webView) | ||
- | { | ||
- | GtkWidget *scrolledWindow = gtk_scrolled_window_new(NULL, | ||
- | gtk_scrolled_window_set_policy(GTK_SCROLLED_WINDOW(scrolledWindow), | ||
- | |||
- | gtk_container_add(GTK_CONTAINER(scrolledWindow), | ||
- | |||
- | g_signal_connect(webView, | ||
- | g_signal_connect(webView, | ||
- | g_signal_connect(webView, | ||
- | g_signal_connect(webView, | ||
- | g_signal_connect(webView, | ||
- | g_signal_connect(webView, | ||
- | g_signal_connect(webView, | ||
- | |||
- | useProxy(); | ||
- | |||
- | return scrolledWindow; | ||
- | } | ||
- | |||
- | static GtkWidget* createStatusbar() | ||
- | { | ||
- | GtkStatusbar *statusbar = GTK_STATUSBAR(gtk_statusbar_new()); | ||
- | guint statusContextId = gtk_statusbar_get_context_id(statusbar, | ||
- | g_object_set_data(G_OBJECT(statusbar), | ||
- | GUINT_TO_POINTER(statusContextId)); | ||
- | |||
- | return GTK_WIDGET(statusbar); | ||
- | } | ||
- | |||
- | static GtkWidget* createToolbar(GtkWidget* uriEntry, WebKitWebView* webView) | ||
- | { | ||
- | GtkWidget *toolbar = gtk_toolbar_new(); | ||
- | |||
- | #if GTK_CHECK_VERSION(2, | ||
- | gtk_orientable_set_orientation(GTK_ORIENTABLE(toolbar), | ||
- | #else | ||
- | gtk_toolbar_set_orientation(GTK_TOOLBAR(toolbar), | ||
- | #endif | ||
- | gtk_toolbar_set_style(GTK_TOOLBAR(toolbar), | ||
- | |||
- | GtkToolItem *item; | ||
- | |||
- | /* the back button */ | ||
- | item = gtk_tool_button_new_from_stock(GTK_STOCK_GO_BACK); | ||
- | g_signal_connect(G_OBJECT(item), | ||
- | gtk_toolbar_insert(GTK_TOOLBAR(toolbar), | ||
- | |||
- | /* The forward button */ | ||
- | item = gtk_tool_button_new_from_stock(GTK_STOCK_GO_FORWARD); | ||
- | g_signal_connect(G_OBJECT(item), | ||
- | gtk_toolbar_insert(GTK_TOOLBAR(toolbar), | ||
- | |||
- | /* The URL entry */ | ||
- | item = gtk_tool_item_new(); | ||
- | gtk_tool_item_set_expand(item, | ||
- | gtk_container_add(GTK_CONTAINER(item), | ||
- | g_signal_connect(G_OBJECT(uriEntry), | ||
- | gtk_toolbar_insert(GTK_TOOLBAR(toolbar), | ||
- | |||
- | /* The go button */ | ||
- | g_object_set_data(G_OBJECT(uriEntry), | ||
- | item = gtk_tool_button_new_from_stock(GTK_STOCK_OK); | ||
- | g_signal_connect_swapped(G_OBJECT(item), | ||
- | gtk_toolbar_insert(GTK_TOOLBAR(toolbar), | ||
- | |||
- | item = gtk_tool_button_new_from_stock(GTK_STOCK_CLOSE); | ||
- | g_signal_connect_swapped(G_OBJECT(item), | ||
- | gtk_toolbar_insert(GTK_TOOLBAR(toolbar), | ||
- | |||
- | return toolbar; | ||
- | } | ||
- | |||
- | static GtkWidget* createWindow(WebKitWebView** outWebView) | ||
- | { | ||
- | WebKitWebView *webView; | ||
- | GtkWidget *vbox; | ||
- | GtkWidget *window; | ||
- | GtkWidget *uriEntry; | ||
- | GtkWidget *statusbar; | ||
- | |||
- | g_atomic_int_inc(& | ||
- | |||
- | window = gtk_window_new(GTK_WINDOW_TOPLEVEL); | ||
- | gtk_window_set_default_size(GTK_WINDOW(window), | ||
- | gtk_widget_set_size_request(window, | ||
- | gtk_widget_set_name(window, | ||
- | |||
- | webView = WEBKIT_WEB_VIEW(webkit_web_view_new()); | ||
- | uriEntry = gtk_entry_new(); | ||
- | |||
- | vbox = gtk_vbox_new(FALSE, | ||
- | statusbar = createStatusbar(webView); | ||
- | gtk_box_pack_start(GTK_BOX(vbox), | ||
- | gtk_box_pack_start(GTK_BOX(vbox), | ||
- | gtk_box_pack_start(GTK_BOX(vbox), | ||
- | |||
- | gtk_container_add(GTK_CONTAINER(window), | ||
- | |||
- | g_signal_connect(window, | ||
- | |||
- | gtk_window_set_resizable(GTK_WINDOW(window), | ||
- | |||
- | if (outWebView) | ||
- | *outWebView = webView; | ||
- | |||
- | return window; | ||
- | } | ||
- | |||
- | static gchar* filenameToURL(const char* filename) | ||
- | { | ||
- | if (!g_file_test(filename, | ||
- | return 0; | ||
- | |||
- | GFile *gfile = g_file_new_for_path(filename); | ||
- | gchar *fileURL = g_file_get_uri(gfile); | ||
- | g_object_unref(gfile); | ||
- | |||
- | return fileURL; | ||
- | } | ||
- | |||
- | #ifndef GTK_API_VERSION_2 | ||
- | static void disablePlugin(const char* pluginName) | ||
- | { | ||
- | WebKitWebPluginDatabase *database = webkit_get_web_plugin_database(); | ||
- | GSList *plugins = webkit_web_plugin_database_get_plugins(database); | ||
- | GSList *p; | ||
- | |||
- | for (p = plugins; p; p = g_slist_next(p)) { | ||
- | WebKitWebPlugin *plugin = WEBKIT_WEB_PLUGIN(p-> | ||
- | |||
- | if (!g_strcmp0(webkit_web_plugin_get_name(plugin), | ||
- | webkit_web_plugin_set_enabled(plugin, | ||
- | } | ||
- | |||
- | webkit_web_plugin_database_plugins_list_free(plugins); | ||
- | } | ||
- | #endif | ||
- | int main(int argc, char* argv[]) | ||
- | { | ||
- | WebKitWebView *webView; | ||
- | GtkWidget *main_window; | ||
- | |||
- | gtk_init(& | ||
- | if (!g_thread_supported()) | ||
- | g_thread_init(NULL); | ||
- | |||
- | #ifndef GTK_API_VERSION_2 | ||
- | disablePlugin(" | ||
- | #endif | ||
- | |||
- | main_window = createWindow(& | ||
- | |||
- | gchar *uri =(gchar*)(argc > 1 ? argv[1] : " | ||
- | gchar *fileURL = filenameToURL(uri); | ||
- | |||
- | webkit_web_view_load_uri(webView, | ||
- | g_free(fileURL); | ||
- | |||
- | gtk_widget_grab_focus(GTK_WIDGET(webView)); | ||
- | gtk_widget_show_all(main_window); | ||
- | gtk_main(); | ||
- | |||
- | return 0; | ||
- | } | ||
- | |||
- | </ | ||
- | |||
- | et du Makefile | ||
- | <code make> | ||
- | all: GtkLauncher | ||
- | |||
- | GtkLauncher: | ||
- | gcc -DGTK_API_VERSION_2 -o GtkLauncher main.c `pkg-config --cflags --libs webkit-1.0` | ||
- | |||
- | |||
- | install: GtkLauncher | ||
- | install GtkLauncher /opt/ | ||
- | |||
- | clean: | ||
- | rm -f GtkLauncher | ||
- | </ | ||
- | |||
- | que l'on installe avec la commande | ||
- | <code bash> | ||
- | # make install | ||
- | </ | ||
- | |||
- | == configuration de la session == | ||
- | |||
- | On configure nodm pour se connecter directement sur le compte linuxquimper en éditant le fichier / | ||
- | < | ||
- | # nodm configuration | ||
- | |||
- | # Set NODM_ENABLED to something different than ' | ||
- | NODM_ENABLED=true | ||
- | |||
- | # User to autologin for | ||
- | NODM_USER=linuxquimper | ||
- | |||
- | # xinit program | ||
- | NODM_XINIT=/ | ||
- | |||
- | # First vt to try when looking for free VTs | ||
- | NODM_FIRST_VT=7 | ||
- | |||
- | # X session | ||
- | NODM_XSESSION=/ | ||
- | |||
- | # Options for the X server | ||
- | NODM_X_OPTIONS=' | ||
- | |||
- | # If an X session will run for less than this time in seconds, nodm will wait an | ||
- | # increasing bit of time before restarting the session. | ||
- | NODM_MIN_SESSION_TIME=120 | ||
- | </ | ||
- | |||
- | On créer le fichier / | ||
- | <code bash> | ||
- | #!/bin/sh | ||
- | |||
- | rsync -a --delete / | ||
- | |||
- | exec / | ||
- | </ | ||
- | |||
- | et on créer le ficher / | ||
- | <code bash> | ||
- | # This file is sourced by Xsession(5), | ||
- | |||
- | if [ " | ||
- | |||
- | export LANG=fr_FR.UTF-8 | ||
- | // exec xulrunner-2.0 / | ||
- | exec / | ||
- | |||
- | # Reset default startup | ||
- | STARTUP=/ | ||
- | fi | ||
- | |||
- | # vim:set ai et sts=2 sw=2 tw=80: | ||
- | </ | ||
- | |||
- | Puis on peut lancer la session utilisateur avec / | ||
- | |||
- | === fin de la configuration === | ||
- | Il faut sécuriser l' | ||
- | <code bash> | ||
- | #!/bin/sh | ||
- | set -e | ||
- | |||
- | cat <<EOF | ||
- | |||
- | set superusers=" | ||
- | password_pbkdf2 root grub.pbkdf2.sha512.64.2D0F37B9.37B35EF82745CEA0B146C451BD90BDC12DAB53EF29919FA888C7FA5E6417EBD0072FF9D0DC917D69E68046ECA991C799687849A1D012B2057AE82E9A2688DA83 | ||
- | |||
- | EOF | ||
- | </ | ||
- | |||
- | Pour avoir un boot graphique on peut installer plymouth et ajouter splash à la ligne de commande linux | ||
- | <code bash> | ||
- | # apt-get install plymouth plymouth-themes-solar | ||
- | </ | ||
- | |||
- | et on édite le fichier / | ||
- | < | ||
- | # If you change this file, run ' | ||
- | # / | ||
- | |||
- | GRUB_DEFAULT=0 | ||
- | GRUB_TIMEOUT=5 | ||
- | GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` | ||
- | GRUB_CMDLINE_LINUX_DEFAULT=" | ||
- | GRUB_CMDLINE_LINUX="" | ||
- | |||
- | # Uncomment to enable BadRAM filtering, modify to suit your needs | ||
- | # This works with Linux (no patch required) and with any kernel that obtains | ||
- | # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) | ||
- | # | ||
- | |||
- | # Uncomment to disable graphical terminal (grub-pc only) | ||
- | # | ||
- | |||
- | # The resolution used on graphical terminal | ||
- | # note that you can use only modes which your graphic card supports via VBE | ||
- | # you can see them in real GRUB with the command `vbeinfo' | ||
- | # | ||
- | |||
- | # Uncomment if you don't want GRUB to pass " | ||
- | # | ||
- | |||
- | # Uncomment to disable generation of recovery mode menu entries | ||
- | GRUB_DISABLE_LINUX_RECOVERY=" | ||
- | |||
- | # Uncomment to get a beep at grub start | ||
- | # | ||
- | </ | ||
- | |||
- | ensuite on peut mettre le fichier grub.cfg à jour | ||
- | <code bash> | ||
- | # update-grub | ||
- | </ | ||
- | |||
- | on termine on mettant toutes les partions sauf / en noexec et / en read-only dans le fichier /etc/fstab | ||
- | < | ||
- | # /etc/fstab: static file system information. | ||
- | # | ||
- | # Use 'blkid -o value -s UUID' to print the universally unique identifier | ||
- | # for a device; this may be used with UUID= as a more robust way to name | ||
- | # devices that works even if disks are added and removed. See fstab(5). | ||
- | # | ||
- | # <file system> <mount point> | ||
- | proc /proc | ||
- | UUID=d240c895-f500-42fb-b34a-1335cf861c1b / | ||
- | UUID=0ffae1e9-f09a-4aa5-a8d0-7a681304e8d9 none swap sw 0 0 | ||
- | UUID=cb7b0fac-b92c-4c8c-9792-5a2ea4e1032b /home | ||
- | UUID=5fe5af3f-f3a8-479e-bd43-e8a77f2df74b /data | ||
- | |||
- | /data/log /var/log none bind 0 0 | ||
- | /data/squid / | ||
- | |||
- | tmpfs / | ||
- | tmpfs / | ||
- | tmpfs / | ||
- | |||
- | ## Pas de device externe | ||
- | #/ | ||
- | </ | ||
- | |||
- | Aprés on peut rebooter la machine pour voir si tout fonctionne. | ||
- | |||