Welcome!

Linux Containers Authors: Elizabeth White, Yeshim Deniz, Pat Romanski, Automic Blog, Liz McMillan

Related Topics: Linux Containers

Linux Containers: Article

KDE's KIOSK Admin Tool

The desktop policeman

Linux is infinitely configurable. It's so flexible it runs on mainframes, cell phones, PCs, even gaming stations and digital video recorders (DVRs). This is one of its biggest strengths especially for those who want control or the freedom to tailor a desktop PC to their specific needs. It is also a boon to the system administrator who may want to configure the desktop to the point where it serves user needs, not their whims. Depending on your organization your desktop may be locked down so you can't install unnecessary programs that can cause the system to fail. In cases like schools there might be a reason to restrict functions. Linux can accommodate customization just like Windows does through the use of policies.

KDE's KIOSK framework provides a mechanism for managing and specifically restricting the KDE environment so users can't perform undesireable actions on their desktop. This capability is extremely useful in situations where PCs are used by multiple users or are left unattended as in libraries and other places to allow limited access to PC functions. As a Windows user you might be familiar with ini files where you can set certain parameters for the Windows operating system and programs. An interesting example is when you set the shell= line in the system.ini in Windows 98. It can replace the Windows shell with Word or another application and run the operating system with only one application. In KDE there are a number of configuration files that store settings like the Windows ini files. The KIOSK Admin tool can be used to configure and lock down a number of features in the KDE desktop. It works by creating profiles for certain types of users and applying those profiles to user accounts. Different accounts can be subject to different limitations, making it possible to turn a PC into a low-maintenances public access terminal kept in an immutable state that allows no permanent changes other than those made by an administrator.

The kinds of things you can do with KIOSK are very broad but the things that KIOSK can do fall into three basic categories.

  • Lock Down - You can lock down the K Panel so that no changes are made or configure network proxy settings so they are unchangeable. Users are then unable to circumvent proxies that filter content that doesn't fall within appropriate use policies.
  • Disable - KIOSK can be used to limit functionality. This might include taking advantage of certain programs or features like Desktop Sharing that are available to the fully privileged user. You can disable the Logout option, the Run Command, and a host of others.
  • Look-and-Feel - You can pre-configure a desktop so themes and other settings are static and the cosmetic aspects of the operating system stay intact.
This is handy when making a public use terminal that may advertise a company or organization. The desktop wallpaper and the look-and-feel can be maintained to represent the organization's interests without fear that vandals will change the wallpaper or leave inappropriate messages on the system.

Summary
KIOSK Admin Tool isn't so much an extension of KDE functionality as it is a systems management tool that can be used by a corporate systems administrator or parent who might be concerned about how his children are using their PCs. It's a great way to set up shared workstations among a great number of users or just a few. The tool isn't that well documented but the KIOSK Mailing List provides a good forum and valuable archives on how to do things or troubleshoot problems. While you could edit and tweak configuration files individually this type of tool, it's helpful in centralizing many common Linux configuration files into an easy-to-use menu driven interface.

Other Resources:
KDE KIOSK Mode HOWTO
- www.tldp.org/HOWTO/KDE-KIOSK-Mode/
KDE KIOSK Mailing List - https://mail.kde.org/mailman/listinfo/kde-KIOSK

Sidebar:

Interview with KIOSK Admin Tool Creater Waldo Bastian

LWM: I noticed the KIOSK Tool was included with SuSE 9.2 but that's the first I've seen of it. Can you give me some history on it?

Bastian: KIOSK and generic lock-down functionality were added to KDE 3.0 and from there it has slowly progressed based on feedback from our users. The functionality was originally aimed at making public terminals public-proof, hence the name KIOSK, but it quickly became clear that similar functionality is also very valuable in an enterprise setting where it can be put to use to reduce support costs.

What was still missing was an easy-to-use way for system administrators to unlock its potential. I started with the development of a graphical administration tool for it, the KIOSK Admin Tool, at the beginning of 2004. The aim was to have it ready in time for the Novell Linux Desktop.

LWM: It seems like the idea to lock down a Linux desktop would be appealing to other distributions as well. Is KIOSK dependent on anything outside of KDE?

Bastian: All the functionality provided by the KIOSK Admin Tool is part of the standard KDE platform; there are no outside dependencies.

LWM: Is there a home page for KIOSK, other than http://extragear.kde.org/apps/KIOSKtool.php?

Bastian: http://extragear.kde.org/apps/KIOSKtool.php is the homepage of the KIOSK Admin tool but the System Administration section on the KDE Web site also contains valuable information for administrators who want to deploy KDE. It is here: www.kde.org/areas/sysadmin/

Another good source of information is the [email protected] mailing list. You'll find many people there who have successfully used the KIOSK framework while deploying KDE. See https://mail.kde.org/mailman/listinfo/kde-KIOSK

LWM: Do you have any favorite KIOSK success stories?

Bastian: My favorite is about a new school in Denmark that's using KDE and SUSE and KIOSK to provide the teaching staff and the 138 children with desktops. KIOSK provides both young and old with a safe computing environment where they don't have to be afraid of breaking anything. As with many schools they don't have a big budget, so they use a thin client setup that allows them to run one central server with a mixture of old and very old PCs as clients

More Stories By Mark R. Hinkle

Mark Hinkle is the Senior Director, Open Soure Solutions at Citrix. He also is along-time open source expert and advocate. He is a co-founder of both the Open Source Management Consortium and the Desktop Linux Consortium. He has served as Editor-in-Chief for both LinuxWorld Magazine and Enterprise Open Source Magazine. Hinkle is also the author of the book, "Windows to Linux Business Desktop Migration" (Thomson, 2006). His blog on open source, technology, and new media can be found at http://www.socializedsoftware.com.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA
SYS-CON Events announced today that Outscale will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Outscale's technology makes an automated and adaptable Cloud available to businesses, supporting them in the most complex IT projects while controlling their operational aspects. You boost your IT infrastructure's reactivity, with request responses that only take a few seconds.
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs oft...
DevOps at Cloud Expo – being held October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real r...
In his opening keynote at 20th Cloud Expo, Michael Maximilien, Research Scientist, Architect, and Engineer at IBM, will motivate why realizing the full potential of the cloud and social data requires artificial intelligence. By mixing Cloud Foundry and the rich set of Watson services, IBM's Bluemix is the best cloud operating system for enterprises today, providing rapid development and deployment of applications that can take advantage of the rich catalog of Watson services to help drive insigh...
As cloud adoption continues to transform business, today's global enterprises are challenged with managing a growing amount of information living outside of the data center. The rapid adoption of IoT and increasingly mobile workforce are exacerbating the problem. Ensuring secure data sharing and efficient backup poses capacity and bandwidth considerations as well as policy and regulatory compliance issues.
SYS-CON Events announced today that Cloud Academy will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud computing technologies. Ge...
The 21st International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs ofte...
SYS-CON Events announced today that Interoute has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Interoute is the owner operator of Europe's largest network and a global cloud services platform, which encompasses over 70,000 km of lit fiber, 15 data centers, 17 virtual data centers and 33 colocation centers, with connections to 195 additional partner data centers. Our full-service Unifie...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assis...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo Silicon Valley Call for Papers is now open.
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
Existing Big Data solutions are mainly focused on the discovery and analysis of data. The solutions are scalable and highly available but tedious when swapping in and swapping out occurs in disarray and thrashing takes place. The resolution for thrashing through machine learning algorithms and support nomenclature is through simple techniques. Organizations that have been collecting large customer data are increasingly seeing the need to use the data for swapping in and out and thrashing occurs ...
SYS-CON Events announced today that DivvyCloud will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. DivvyCloud software enables organizations to achieve their cloud computing goals by simplifying and automating security, compliance and cost optimization of public and private cloud infrastructure. Using DivvyCloud, customers can leverage programmatic Bots to identify and remediate common cloud problems in rea...
SYS-CON Events announced today that Tintri, Inc, a leading provider of enterprise cloud infrastructure, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Tintri offers an enterprise cloud platform built with public cloud-like web services and RESTful APIs. Organizations use Tintri all-flash storage with scale-out and automation as a foundation for their own clouds – to build agile development environments...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
SYS-CON Events announced today that Cloudistics, an on-premises cloud computing company, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloudistics delivers a complete public cloud experience with composable on-premises infrastructures to medium and large enterprises. Its software-defined technology natively converges network, storage, compute, virtualization, and management into a ...