To all: my question is answered by many. Thank you all for you input!
Dear Craig, Thank you for your reply. Our program is started from a background process, has the proper user rights, but needs a X for it to function. Once the program runs it can halt and user interaction might be required. For the moment we manual login using a smartcard and we remember the display environment. Our program (started from the background) then uses this display setting for its X display output. The problem is that when we reboot, this setup does not work anymore and we have to manual login again. The solutions so far are either - VNC server - Kioskmode We try the first solution first. Best, Rob -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Craig Bender Sent: dinsdag 19 maart 2013 20:04 To: [email protected]; SunRay-Users mailing list Subject: Re: [SunRay-Users] creation of an user session I'm not sure all of the information that is need has been presented? Do I have the following correct? 1) An application is started on the server 2) This application requires a display to start 3) The display is passed to the application as a run time argument 4) The application must execute as a specific user Questions: 1) How many instances of the application can run at any one time? Only one? Multiple? 2) How many users need to access the application at any given time? Only one? Multiple? 3) Do the users need to interact with the program or just view? Likewise, would some need to interact and some only need to view? If just one instance is going to run and only accessed by one person, you could easily start it on a non-card Sun Ray configured for kiosk mode. You could start the app as the specific user via sudo, and give that user rights to the current Kiosk User account's display. +Let's assume the application must be started by a user called "appuser1" and that "appuser1 is a valid unix account (either local or centralized via NIS, LDAP, etc) +Let's assume the application is a called "AppOne" 1) Configure sudo so that members of the utkiosk group can execute programs as "appuser1" (via /etc/sudoers) 2) Also configure /etc/sudoers so that members of the utkiosk group are not required enter a password (as the Kiosk User Accounts are locked in /etc/passwd) 2) Create a shell script called AppOne.sh that does the following: - Allows the user "appuser1" to access the current display - Using sudu, start "AppOne" as "appuser1" to the current display e.g. #!/bin/bash xhost +si:localuser:appuser1 sudo -u appuser1 /usr/bin/AppOne -display: $DISPLAY From there you can create a kiosk session type, registered a pseudo.token (or smart card toke) and depending if the new session type is set for the default kiosk session type, you could utkioskoverride the the behavior of the registered token to run kiosk and/or create another kiosk config (via utkiosk) and, specify, via utkioskoverride, to run that kiosk session type. Now if multiple users viewing the app is what is desired, then I would indeed go with a virtual frame buffer solution, like x11vnc. On 3/19/13 11:18 AM, Jim Klimov wrote: > To summarize both solutions, I'd suggest creating the following: > 1) A VNC server which is started automatically (with the OS as an > SMF service or via a legacy init-script), or is started by your > application's initialization routine. > The VNC server has a particular IP port assigned (maybe on the > localhost or accessible over the network) and an X11 display > number. You might need some tricks to ensure that this number > is reserved for the VNC display, i.e. start it as the first X > server on the system, before SRSS. > > 2) A kiosk session assigned to that smartcard which automatically > launches a vncviewer program to see what happens in that VNC > server. VNC can be configured to allow many clients to view > and/or control the same server. > > This way the VNC display will be accessible to your app after the > reboot and regardless of SRSS or anyone interactively logging in > at all. For example in our practice, OpenOffice is used as a filter > for Alfresco CMS, and even headless OOO requires an X11 display. > The VNC trick is used successfully on that box, even though there > is no OOO window in that session to look at. > > To create custom Kiosk sessions you could use my FLButselector > package (published on sun-rays.org), though I think latest SRSS > includes options to customize kiosks as well (in legacy times > there used to be just one type of kiosk, and any customization > started from the same template session). > > HTH, > //Jim Klimov > _______________________________________________ > SunRay-Users mailing list > [email protected] > http://www.filibeto.org/mailman/listinfo/sunray-users _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
