summaryrefslogtreecommitdiff
path: root/doc/README.Kiosk
blob: de158cbba35a72b9f67fc8a04da7169be5ee86f2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
The Xfce session manager supports the KIOSK mode introduced with libxfce4util
4.1.13. It provides the following KIOSK capabilities:

	CustomizeSplash		whether or not the user is allowed to customize
				the splash screen.

	CustomizeChooser	whether or not the user is allowed to customize
				the session chooser settings

	CustomizeLogout		whether or not the user is allowed to customize
				the logout settings

	CustomizeCompatibility	whether or not the user is allowed to customize
				the compatibility settings (KDE/Gnome compat)

	CustomizeSecurity	whether or not the user is allowed to customize
				the security settings. This is one of the most
				IMPORTANT settings, since it prevents users
				(actually libICE) from binding to a TCP port.

	Shutdown		whether or not the user is allowed to shutdown
				(reboot or poweroff) the system. If a user lacks
				this capability the reboot and poweroff options
				in the shutdown dialog will be greyed out.

	SaveSession		whether or not the user is allowed to save
				the session on logout. If a user lacks this
				capability the "Save session for future logins"
				checkbox in the shutdown dialog will be
				greyed out.

So a sample xfce4-session section in your kioskrc might look like this:

--- snip ---
[xfce4-session]
CustomizeSplash=ALL
CustomizeChooser=ALL
CustomizeLogout=ALL
CustomizeCompatibility=%wheel
CustomizeSecurity=NONE
Shutdown=%wheel
SaveSession=%admin
--- snip ---

This allows all users to change their splash, chooser and logout settings, but
allows only users in the group wheel to customize the compatibility settings
and shutdown the system, and only users in the group admin to save the
session on logout. No one will be allowed to adjust the security settings.