The last few days I implemented a new feature for Debian Edu/Squeeze, where all users on the first login will get a web browser showing a welcome page. The URL to the welcome page is fetched from the root DSE entry in LDAP.
The relevant patch implementing this feature is included below, and I welcome input on the approach. Storing the URL using labeledURI in the root DSE make sure the URL is available independently of any access restrictions set on the LDAP tree, but it impossible to use normal LDAP tools to change the URL. The latter seem like a bad idea, and I wonder if it is better to store it under dc=skole,dc=skolelinux,dc=no instead. Is there a better LDAP schema for this? The labeledURI attribute from the labeledURIObject object class was one of the few I found for URL attributes, but I suspect an attribute named similar to welcomePageURI would better describe its purpose. Is there a LDAP schema providing a more sensible object class and attribute to use? For larger installations, it might be more useful to allow different classes of users to get different welcome pages. One idea to handle that would be to look for the URL in the entire LDAP tree, starting with the dn for the user in question and looking at all the parent objects until such URL is found. Anyone got ideas on how to do this in a sensible way? At the moment the current implementation use a autostart file to load the browser with the URL in question. It might be better to change Firefox to use the URL as its default page or start page instead, to ensure the sysadmin can control the default start page centrally. Anyone know if there exist an Firefox extension for this, or able to write one? Index: etc/ldap/rootDSE-debian-edu.ldif =================================================================== --- etc/ldap/rootDSE-debian-edu.ldif (revision 63950) +++ etc/ldap/rootDSE-debian-edu.ldif (working copy) @@ -1,5 +1,6 @@ # This entry is available using # ldapsearch -LLL -h ldap -s base -b '' -x '*' + +# The labeledURIObject class is defined in RFC 2079. dn: objectClass: labeledURIObject -labeledURI: http://www.skolelinux.org/ LDAP for Debian Edu/Skolelinux +labeledURI: http://www/ LDAP for Debian Edu/Skolelinux Index: Makefile =================================================================== --- Makefile (revision 63950) +++ Makefile (working copy) @@ -114,7 +118,8 @@ security/pam_mount-winbind-debian-edu.conf \ security/pam_mount-stateless-debian-edu.conf \ krb5-winbind-debian-edu.conf \ + xdg/autostart/welcome-webpage.desktop \ lsb-release \ apache2/mods-available/debian-edu-userdir.conf \ apache2/sites-available/debian-edu-default \ @@ -298,6 +315,7 @@ share/debian-edu-config/tools/squid-update-cachedir \ share/debian-edu-config/tools/update-iceweasel-homepage \ share/debian-edu-config/tools/update-proxy-from-wpad \ + share/debian-edu-config/tools/show-welcome-webpage \ share/debian-edu-config/tools/wpad-extract \ share/debian-edu-config/ltsp_set_runlevel \ share/debian-edu-config/ltsp_local_mount \ Index: etc/xdg/autostart/welcome-webpage.desktop =================================================================== --- etc/xdg/autostart/welcome-webpage.desktop (revision 0) +++ etc/xdg/autostart/welcome-webpage.desktop (revision 65398) @@ -0,0 +1,9 @@ +[Desktop Entry] +Encoding=UTF-8 +Name=Debian Edu welcome page +Comment=Display welcome web page on first time login +TryExec=/usr/share/debian-edu-config/tools/show-welcome-webpage +Exec=/usr/share/debian-edu-config/tools/show-welcome-webpage +Terminal=False +Type=Application +Categories= Index: share/debian-edu-config/tools/show-welcome-webpage =================================================================== --- share/debian-edu-config/tools/show-welcome-webpage (revision 0) +++ share/debian-edu-config/tools/show-welcome-webpage (revision 65398) @@ -0,0 +1,40 @@ +#!/bin/sh +# +# Start web browser with our welcome web page on first time login, and +# the first time when a user log after the URL to the page changes. + +set -e + +# Locate LDAP server dynamically +LDAPSERVER=$(debian-edu-ldapserver) + +if [ "$LDAPSERVER" ] ; then + welcomeurl=$(ldapsearch -LLL -h $LDAPSERVER -s base -b '' -x labeledURI \ + | awk '/labeledURI:/ {print $2}') +fi + +if [ -z "$welcomeurl" ] ; then + welcomeurl="http://www/"; +fi + +if [ -e /etc/debian-edu/config ] ; then + . /etc/debian-edu/config +fi + +flagdir="$HOME/.debian-edu" +flagfile="$flagdir/welcome-page-shown" + +show_welcome_page() { + mkdir -p "$flagdir" + echo "$welcomeurl" > "$flagfile" + exec x-www-browser "$welcomeurl" +} + +if [ ! -f "$flagfile" ] ; then + show_welcome_page +else + oldwelcomeurl="$(cat $flagfile)" + if [ "$welcomeurl" != "$oldwelcomeurl" ] ; then + show_welcome_page + fi +fi Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
