> I guess what I mean is that if I install the default ltsp-standalone-server
> the thin-clients boot into /opt/ltsp/i386. When I opened a terminal in a
> client I was in the chroot
No, that's not the case. If you open a terminal in a default
installation, you're on the server. So I guess that's what you
misunderstood.
> I thought the purpose of a chroot enviroment was to
> seperate the clients from the server. If I am wrong please correct me. If
> this is installed in a school and a student wants to mess with the chroot it
> can be rebuild.
No, the thin client chroot isn't built for security. It only contains some
basic stuff for the clients to boot and show the login screen. It doesn't
contain firefox, openoffice, gnome etc. If it helps, imagine the thin chroot
like a very light version of Ubuntu that can be used on clients with e.g. 64MB
RAM, so that they only boot and then make a remote desktop connection to the
server. Nothing more.
The same thing is also true for a fat chroot if LTSP_FATCLIENT=False, there's
no difference between those 2 cases.
Of course, with a fat chroot and LTSP_FATCLIENT=True, the chroot
contains a full system (gnome, firefox etc). But that doesn't give you
any extra security, because the users still have ssh access to the
server.
So no, chroots don't have anything to do with security in LTSP thin/fat
client setups, unless you divert much from the default setup and start
using LDAP with fat chroots etc.
I'm closing the bug because I think it was just a misunderstaning, feel
free to continue asking / commenting or even reopening it.
** Changed in: ltsp (Ubuntu)
Status: Incomplete => Invalid
--
LTSP_FATCLIENT=False sends thin-clients into root directory
https://bugs.launchpad.net/bugs/615216
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
