LTSP Kiosk
Introduction

Basic Setup
Server-side Changes
Client-side Changes
Adding New Clients

Additional Features
Locking FireFox
PDF Support
Background Image
Printing

Advanced Issues
Securing Connection
Client Firewall
Detect Kiosk Idle
Booting Clients Remotely

Tailored Tools

Printing to LPD queues

In my environment the printing queues are served using Netware NDPS, which supports also LPD printing. Since this is maybe the most "native" printing protocol for unix/Linux, the implementation is quite straightforward. We need an utility that sends the postscript file to the native postscript printer. rlpr is ideal tool for this.

However, since the documented LTSP kiosk implementation does not respect standard UID/GID setup (/etc/passwd, /etc/group and relevant libraries) it was meaningful to comment out some parts of the rlpr code in order to make it work in kiosk environment.

Patched rlpr

The patched rlpr lacks all references to resolving UID.

Server-side Setup

lts.conf

Since my setup is not standard LTSP printing setup, I decided to use non-standard PRINTER_LDP environment variable (note the piquant spelling error throughout the scripts...). Sample setup:

[sampleworkstation.domain]
	PRINTER_LDP = Queue-Name@queue.server

Setting a default value in the Default section should work.

Writing Suitable Script

In my own system the "printing executable" is a shell script which gets the workstation's LPD queue and finally executes the rlpr with certain settings. For some not-so-obvious reason I have named this script as /usr/bin/rlpr-kiosk (instead of /usr/bin/lpr, for example) while the real rlpr binary is /usr/bin/rlpr.

However, here is my script:

#!/bin/sh

. /etc/ltsp_functions

PRINTER_LDP=`get_cfg PRINTER_LDP none`

if [ "$PRINTER_LDP" == "" -o "$PRINTER_LDP" == "none" ]; then
	exit 1
fi

cat - | rlpr --no-bind --user=kioski --no-burst --tmpdir=$TEMP --printer=$PRINTER_LDP

Please note, that

  • the --no-burst switch in rlpr 4.05 made both the HP 4100 and Netware NDPS implementations to freeze. This issue has been fixed in rlpr 4.06.
  • the --no-bind switch makes the connection to queue from non-privileged port and thus, the LPD may reject the print job. If this is your case, see the Printing Through rlprd section.

Printing Through rlprd (lpr proxy)

In case your print server

  • does not accept jobs from unprivileged ports (ports 1024-65535)
  • does not allow connections from unknown IP addresses

you may want to route your jobs through lpr proxy. The rlprd included in rlpr bundle is exaclty what you need. Copy it to server's /usr/local/bin and install this example initrd script to your /etc/init.d/. By default, the rlprd listens to TCP port 7290, so you have to open this from your server to your kiosk clients.

Finally, add -X switch to your script which executes rlpr. This switch tells where the rlprd lives. Luckily your lts.conf should already set variable SERVER which contains your server address. My current rlpr-kiosk script shows an example of this. It also introduces some new lts.conf switches for controlling printing behaviour.

Making FireFox to Print

This is perhaps the easiest part, but at the moment it is not very well documented.

Updated: 7-JUN-2005