Any way to make the installer non-persistant, like a kiosk mode (for students)?

Kip · December 31, 2020, 9:17pm

Is there a way to make the installer create a non-persistant “guest” account to a hard drive?
I would like to use nomadBSD as the OS on some student laptops at a school, and I would like them to behave like kiosks, allowing students to do some work with Firefox/Libreoffice and then when another student signs in/reboots, all the data is cleared. Previously we had guest account sessions using Ubuntu 16. Can this be done easily? Any help would be appreciated.

UniXstyle · January 29, 2021, 12:43pm

FreeBSD and done easily, can you get a donkey to move somewhere when it does not want to?
I don’t think there is a quick and easy way but I don’t think it is impossible either…
I’m thinking about some construction with jails, which might work. But you need to look into and read the BSD handbook to see if you can get a construction that works for your situation.

mk1 · January 29, 2021, 4:17pm

Hi @Kip,

Install NomadBSD on the system
Boot the system, and log in.
Create a “student” account (System → Add user)
Log in as student, and configure that account.
Remove student from the operator and wheel group, so that they can’t reboot, become root, etc:
```
# pw groupmod operator -d student
# pw groupmod wheel -d student
```

Save the current state which will be restored every time another student logs in:

# mkdir /usr/local/share/kiosk-session
# cd /home/student
# tar cfz /usr/local/share/kiosk-session/home.student.tgz .

Add the following lines to /usr/local/etc/slim.conf:

sessionstart_cmd	/usr/local/bin/kiosk-session start %user
sessionstop_cmd		/usr/local/bin/kiosk-session stop %user

Finally, create the kiosk-session script under /usr/local/bin:

#!/bin/sh
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin

tmphome="/tmp/kiosk.home"
kiosk_user="student"
user_files="/usr/local/share/kiosk-session/home.${kiosk_user}.tgz"

usage()
{
	echo "$0 <start|stop> username"
	exit 1
}

session_start()
{
	# Regular account. Just exit
	$1 != "${kiosk_user}" && exit 0

	cd /

	if [ ! -d ${tmphome} ]; then
		mkdir ${tmphome} || exit 1 
	fi

	# Unmount previous home dir if it wasn't unmounted
	umount /home/${kiosk_user} || umount -f /home/${kiosk_user}

	# Remove previous temp. home dirs
	rm -rf ${tmphome}/*

	# Create a temp. user dir
	tmp_user_dir=$(mktemp -d "${tmphome}/${kiosk_user}.XXXXXX")

	# Mount temp. user dir via nullfs on the student's home dir
	mount -t nullfs ${tmp_user_dir} /home/${kiosk_user}

	# Extract fresh dot files into temp. user dir and make them the owner
	tar -C ${tmp_user_dir} -xf ${user_files}

	chown -R ${kiosk_user}:${kiosk_user} ${tmp_user_dir}

	exit 0
}

session_stop()
{
	# Regular account. Just exit
	$1 != "${kiosk_user}" && exit 0

	unmount /home/${kiosk_user} || umount -f /home/${kiosk_user}
	# Remove temp. home dirs
	rm -rf ${tmphome}/*
	exit 0
}

[ $# -lt 2 ] && usage

while [ $# -gt 1 ]; do
	case $1 in
	start)
		shift
		session_start $1
		;;
	stop)
		shift
		session_stop $1
		;;
	*)
		usage
		;;
	esac
	shift
done

You can, of course, replace student by guest.