]> pere.pagekite.me Git - homepage.git/blob - blog/Thoughts_on_roaming_laptop_setup_for_Debian_Edu.html
projects / homepage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Generated.
[homepage.git] / blog / Thoughts_on_roaming_laptop_setup_for_Debian_Edu.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
4 <head>
5 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
6 <title>Petter Reinholdtsen: Thoughts on roaming laptop setup for Debian Edu</title>
7 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css" />
8 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/vim.css" />
9
10
11 </head>
12 <body>
13 <div class="title">
14 <h1>
15 <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
16
17 </h1>
18
19 </div>
20
21
22 <div class="entry">
23 <div class="title">Thoughts on roaming laptop setup for Debian Edu</div>
24 <div class="date">28th April 2010</div>
25 <div class="body"><p>For some years now, I have wondered how we should handle laptops in
26 Debian Edu. The Debian Edu infrastructure is mostly designed to
27 handle stationary computers, and less suited for computers that come
28 and go.</p>
29
30 <p>Now I finally believe I have an sensible idea on how to adjust
31 Debian Edu for laptops, by introducing a new profile for them, for
32 example called Roaming Workstations. Here are my thought on this.
33 The setup would consist of the following:</p>
34
35 <ul>
36
37 <li>During installation, the user name of the owner / primary user of
38 the laptop is requested and a local home directory is set up for
39 the user, with uid and gid information fetched from the LDAP
40 server. This allow the user to work also when offline. The
41 central home directory can be available in a subdirectory on
42 request, for example mounted via CIFS. It could be mounted
43 automatically when a user log in while on the Debian Edu network,
44 and unmounted when the machine is taken away (network down,
45 hibernate, etc), it can be set up to do automatic mounting on
46 request (using autofs), or perhaps some GUI button on the desktop
47 can be used to access it when needed. Perhaps it is enough to use
48 the fish protocol in KDE?</li>
49
50 <li>Password checking is set up to use LDAP or Kerberos
51 authentication when the machine is on the Debian Edu network, and
52 to cache the password for offline checking when the machine unable
53 to reach the LDAP or Kerberos server. This can be done using
54 <a href="http://www.padl.com/OSS/pam_ccreds.html">libpam-ccreds</a>
55 or the Fedora developed
56 <a href="https://fedoraproject.org/wiki/Features/SSSD">System
57 Security Services Daemon</a> packages.</li>
58
59 <li>File synchronisation with the central home directory is set up
60 using a shared directory in both the local and the central home
61 directory, using unison.</li>
62
63 <li>Printing should be set up to print to all printers broadcasting
64 their existence on the local network, and should then work out of
65 the box with CUPS. For sites needing accurate printer quotas, some
66 system with Kerberos authentication or printing via ssh could be
67 implemented.</li>
68
69 <li>For users that should have local root access to their laptop,
70 sudo should be used to allow this to the local user.</li>
71
72 <li>It would be nice if user and group information from LDAP is
73 cached on the client, but given that there are entries for the
74 local user and primary group in /etc/, it should not be needed.</li>
75
76 </ul>
77
78 <p>I believe all the pieces to implement this are in Debian/testing at
79 the moment. If we work quickly, we should be able to get this ready
80 in time for the Squeeze release to freeze. Some of the pieces need
81 tweaking, like libpam-ccreds should get support for pam-auth-update
82 (<a href="http://bugs.debian.org/566718">#566718</a>) and nslcd (or
83 perhaps debian-edu-config) should get some integration code to stop
84 its daemon when the LDAP server is unavailable to avoid long timeouts
85 when disconnected from the net. If we get Kerberos enabled, we need
86 to make sure we avoid long timeouts there too.</p>
87
88 <p>If you want to help out with implementing this for Debian Edu,
89 please contact us on debian-edu@lists.debian.org.</p>
90 </div>
91
92 <div class="tags">Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.</div>
93
94
95 </div>
96
97
98
99
100 <div id="sidebar">
101
102
103
104 <h2>Archive</h2>
105 <ul>
106
107 <li>2013
108 <ul>
109
110 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/01/">January (11)</a></li>
111
112 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/02/">February (9)</a></li>
113
114 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/03/">March (9)</a></li>
115
116 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/04/">April (2)</a></li>
117
118 </ul></li>
119
120 <li>2012
121 <ul>
122
123 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/01/">January (7)</a></li>
124
125 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/02/">February (10)</a></li>
126
127 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/03/">March (17)</a></li>
128
129 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/04/">April (12)</a></li>
130
131 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/05/">May (12)</a></li>
132
133 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/06/">June (20)</a></li>
134
135 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/07/">July (17)</a></li>
136
137 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/08/">August (6)</a></li>
138
139 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/09/">September (9)</a></li>
140
141 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/10/">October (17)</a></li>
142
143 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/11/">November (10)</a></li>
144
145 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/12/">December (7)</a></li>
146
147 </ul></li>
148
149 <li>2011
150 <ul>
151
152 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (16)</a></li>
153
154 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/02/">February (6)</a></li>
155
156 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/03/">March (6)</a></li>
157
158 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/04/">April (7)</a></li>
159
160 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/05/">May (3)</a></li>
161
162 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/06/">June (2)</a></li>
163
164 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/07/">July (7)</a></li>
165
166 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/08/">August (6)</a></li>
167
168 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/09/">September (4)</a></li>
169
170 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/10/">October (2)</a></li>
171
172 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/11/">November (3)</a></li>
173
174 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/12/">December (1)</a></li>
175
176 </ul></li>
177
178 <li>2010
179 <ul>
180
181 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>
182
183 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>
184
185 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>
186
187 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>
188
189 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>
190
191 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>
192
193 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>
194
195 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>
196
197 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>
198
199 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>
200
201 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>
202
203 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>
204
205 </ul></li>
206
207 <li>2009
208 <ul>
209
210 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>
211
212 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>
213
214 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>
215
216 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>
217
218 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>
219
220 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>
221
222 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>
223
224 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>
225
226 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>
227
228 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>
229
230 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>
231
232 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>
233
234 </ul></li>
235
236 <li>2008
237 <ul>
238
239 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>
240
241 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>
242
243 </ul></li>
244
245 </ul>
246
247
248
249 <h2>Tags</h2>
250 <ul>
251
252 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>
253
254 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>
255
256 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>
257
258 <li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>
259
260 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (6)</a></li>
261
262 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (12)</a></li>
263
264 <li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
265
266 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (71)</a></li>
267
268 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (121)</a></li>
269
270 <li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
271
272 <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (9)</a></li>
273
274 <li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
275
276 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (186)</a></li>
277
278 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
279
280 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
281
282 <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (11)</a></li>
283
284 <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (11)</a></li>
285
286 <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (33)</a></li>
287
288 <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (6)</a></li>
289
290 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (18)</a></li>
291
292 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (8)</a></li>
293
294 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (6)</a></li>
295
296 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
297
298 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (25)</a></li>
299
300 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (228)</a></li>
301
302 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (151)</a></li>
303
304 <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (7)</a></li>
305
306 <li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
307
308 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (44)</a></li>
309
310 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (65)</a></li>
311
312 <li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
313
314 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
315
316 <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (2)</a></li>
317
318 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (6)</a></li>
319
320 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
321
322 <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (4)</a></li>
323
324 <li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
325
326 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (29)</a></li>
327
328 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
329
330 <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>
331
332 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (41)</a></li>
333
334 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>
335
336 <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (6)</a></li>
337
338 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (15)</a></li>
339
340 <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>
341
342 <li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (7)</a></li>
343
344 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (38)</a></li>
345
346 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
347
348 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (26)</a></li>
349
350 </ul>
351
352
353 </div>
354 <p style="text-align: right">
355 Created by <a href="http://steve.org.uk/Software/chronicle">Chronicle v4.6</a>
356 </p>
357
358 </body>
359 </html>
Nettsider og blogg.