I've made more progress!
1. For the VPN connection I decided to place a VPN Connect icon on the desktop instead of having it auto-launch, so the user can connect at will. The desktop launcher runs a simple bash script to offer the user a terminal to connect. After 20 seconds this terminal closes, but keeps the connection if it was made.
2. For the connection lockdown I went back and added
Code:
echo "prepend domain-name-servers 127.0.0.1;" >> /etc/dhcp3/dhclient.conf
This seems to have done the trick. Now a user can only connect to a website by IP, so the homepage is now set by IP.
Also
I've used gconf-editor to lock down the gnome panels and to relocate all of the top_panel applets to the bottom_panel as well as limiting to one desktop screen using:
Code:
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type list --list-type string --set /apps/panel/default_setup/general/object_id_list [browser_launcher]
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type list --list-type string --set /apps/panel/default_setup/general/applet_id_list [notification_area,window_list,clock]
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type integer --set /apps/panel/default_setup/toplevels/top_panel/size 0
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type string --set /apps/panel/default_setup/applets/notification_area/toplevel_id bottom_panel
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type string --set /apps/panel/default_setup/objects/browser_launcher/toplevel_id bottom_panel
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type string --set /apps/panel/default_setup/applets/clock/toplevel_id bottom_panel
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type boolean --set /apps/panel/global/locked_down true
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type boolean --set /apps/nautilus/preferences/show_desktop true
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type boolean --set /apps/panel/default_setup/toplevels/top_panel/auto_hide true
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type string --set /desktop/gnome/font_rendering/antialiasing "rgba"
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --type integer --set /apps/metacity/general/num_workspaces 1
I'm sure some of these are superfluous or unnecessary, but I'm making progress so I don't want to break anything just yet.
I then wrote a couple of bash scripts. One launches OpenVPN in a terminal, then gives the user 20 seconds to log on before closing. This is with the help of a separate devilspie script. The other script places a "shutdown machine/Are you sure?" launcher on the bottom panel since I removed the menu for users. This was done using this line in terminal:
Code:
/usr/lib/gnome-panel/gnome-panel-add --launcher=/etc/skel/Shutdown.desktop --panel=bottom_panel_screen0 --right-stick --position=0
Where /etc/skel/Shutdown.desktop is a file I created for my script.
Users can still use keyboard shortcuts to pull up the menu, but most users wouldn't understand this, and even if they did, it is a LiveCD so they will not be able to permanently damage the underlying OS.
If anyone is interested I can post the scripts I created:
- Shutdown.sh
- Minimize.ds
- VPN-Connect.sh
If anyone is interested in helping I'm still trying to use terminal commands to:
a. Remove the top panel entirely
b. Remove wubi installer
c. Launch a terminal command on GNOME startup
Any help is greatly appreciated!
Bookmarks