From d0b5e4fcdedc5ad2a3c6b2a45da576659f880b81 Mon Sep 17 00:00:00 2001
From: Florent Gluck <florent.gluck@hesge.ch>
Date: Mon, 22 Jul 2024 12:56:58 +0200
Subject: [PATCH] Completed new live_exam_os iso generation: - power button now
works on host OS - brightness set to 100% - disabled screen blanking -
updated to latest nexus-exam with authentication
---
live_exam_os/Dockerfile | 38 ++++++++++--------
live_exam_os/config/boot_hooks/certificates | 23 +++++++++++
live_exam_os/config/boot_hooks/firewall | 16 ++++++++
.../config/{ => bootloader}/grub_config.cfg | 0
.../config/{ => bootloader}/grub_splash.png | Bin
.../config/{ => bootloader}/isolinux.cfg | 0
.../config/{ => bootloader}/isolinux_menu.cfg | 0
.../{ => bootloader}/isolinux_splash.png | Bin
.../{ => bootloader}/isolinux_stdmenu.cfg | 0
live_exam_os/config/keyboard | 10 -----
live_exam_os/config/live-exam-hook | 34 ----------------
.../config/screen/screen_settings.desktop | 12 ++++++
.../{Xsession => screen/screen_settings.sh} | 4 +-
.../config/systemd/screen_settings.service | 11 +++++
.../config/systemd/screen_settings.sh | 8 ++++
.../config/{ => wifi}/WIFI.nmconnection | 0
.../config/xfce/xfce4-power-manager.xml | 2 +-
17 files changed, 96 insertions(+), 62 deletions(-)
create mode 100755 live_exam_os/config/boot_hooks/certificates
create mode 100755 live_exam_os/config/boot_hooks/firewall
rename live_exam_os/config/{ => bootloader}/grub_config.cfg (100%)
rename live_exam_os/config/{ => bootloader}/grub_splash.png (100%)
rename live_exam_os/config/{ => bootloader}/isolinux.cfg (100%)
rename live_exam_os/config/{ => bootloader}/isolinux_menu.cfg (100%)
rename live_exam_os/config/{ => bootloader}/isolinux_splash.png (100%)
rename live_exam_os/config/{ => bootloader}/isolinux_stdmenu.cfg (100%)
delete mode 100644 live_exam_os/config/keyboard
delete mode 100755 live_exam_os/config/live-exam-hook
create mode 100644 live_exam_os/config/screen/screen_settings.desktop
rename live_exam_os/config/{Xsession => screen/screen_settings.sh} (70%)
create mode 100644 live_exam_os/config/systemd/screen_settings.service
create mode 100644 live_exam_os/config/systemd/screen_settings.sh
rename live_exam_os/config/{ => wifi}/WIFI.nmconnection (100%)
diff --git a/live_exam_os/Dockerfile b/live_exam_os/Dockerfile
index 96bcbdda..3e5a747f 100644
--- a/live_exam_os/Dockerfile
+++ b/live_exam_os/Dockerfile
@@ -19,16 +19,23 @@ ADD ${config_dir}/packages.list.chroot config/package-lists/
ADD ${config_dir}/removepkg.hook.chroot config/hooks/live/
## add swiss-french keyboard config
-ADD ${config_dir}/keyboard config/includes.chroot/etc/default/
+ADD ${config_dir}/keyboard/keyboard config/includes.chroot/etc/default/
## run "nexus-exam" as soon as user logs in
ADD ${config_dir}/nexus-exam config/includes.chroot/usr/local/bin/
ADD ${config_dir}/nexus-exam.desktop config/includes.chroot/etc/xdg/autostart/
-RUN mkdir config/includes.chroot/etc/skel/
-# ADD ${config_dir}/Xsession config/includes.chroot/etc/X11/Xsession.d/99x-user_session
-ADD ${config_dir}/Xsession config/includes.chroot/etc/skel/.xsessionrc
-#RUN echo "export NEXUS_SERVER=${server_ip}\nexport NEXUS_CERT=/etc/ssl/certs/nexus-server.pem\n" >> config/includes.chroot/etc/skel/.xsessionrc
+## run various screen settings as soon as user logs in
+ADD ${config_dir}/screen/screen_settings.sh config/includes.chroot/usr/local/bin/
+ADD ${config_dir}/screen/screen_settings.desktop config/includes.chroot/etc/xdg/autostart/
+
+## systemd service to set various screen settings (does not work - not sure why)
+# ADD ${config_dir}/systemd/screen_settings.sh config/includes.chroot/usr/local/bin/
+# RUN chmod +x config/includes.chroot/usr/local/bin/screen_settings.sh
+# ADD ${config_dir}/systemd/screen_settings.service config/includes.chroot/etc/systemd/system/
+
+# RUN mkdir config/includes.chroot/etc/skel/
+# RUN echo "export NEXUS_SERVER=${server_ip}\nexport NEXUS_CERT=/etc/ssl/certs/nexus-server.pem\n" >> config/includes.chroot/etc/skel/.xsessionrc
## customize xfce4 desktop
ADD ${config_dir}/xubuntu-development.png config/includes.chroot/usr/share/xfce4/backdrops/xubuntu-development.png
@@ -39,24 +46,23 @@ ADD ${config_dir}/xfce/xfce4-power-manager.xml config/includes.chroot/etc/xdg/xf
ADD ${config_dir}/xfce/xfwm4.xml config/includes.chroot/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/
# syslinux (bios) cfg
-ADD ${config_dir}/isolinux.cfg config/includes.binary/isolinux/isolinux.cfg
-ADD ${config_dir}/isolinux_splash.png config/includes.binary/isolinux/splash.png
+ADD ${config_dir}/bootloader/isolinux.cfg config/includes.binary/isolinux/isolinux.cfg
+ADD ${config_dir}/bootloader/isolinux_splash.png config/includes.binary/isolinux/splash.png
# grub (uefi) cfg
-ADD ${config_dir}/grub_splash.png config/includes.binary/boot/grub/splash.png
-ADD ${config_dir}/grub_config.cfg config/includes.binary/boot/grub/config.cfg
-ADD ${config_dir}/isolinux_menu.cfg config/includes.binary/isolinux/menu.cfg
-ADD ${config_dir}/isolinux_stdmenu.cfg config/includes.binary/isolinux/stdmenu.cfg
+ADD ${config_dir}/bootloader/grub_splash.png config/includes.binary/boot/grub/splash.png
+ADD ${config_dir}/bootloader/grub_config.cfg config/includes.binary/boot/grub/config.cfg
+ADD ${config_dir}/bootloader/isolinux_menu.cfg config/includes.binary/isolinux/menu.cfg
+ADD ${config_dir}/bootloader/isolinux_stdmenu.cfg config/includes.binary/isolinux/stdmenu.cfg
# server pub cert to be installed (system wide)
#ADD ${config_dir}/${nexus_cert} config/includes.chroot/usr/share/ca-certificates/nexus-server/nexus-server.crt
-# script hook ran at boot time (install system wide cert and firewall)
-ADD ${config_dir}/live-exam-hook config/includes.chroot/lib/live/config/9999-custom
-# update server destination from docker's variable (all others IP are banned)
-RUN echo "firewall ${server_ip} ${server_port}\n" >> config/includes.chroot/lib/live/config/9999-custom
+# firewall hook ran at boot time
+ADD ${config_dir}/boot_hooks/firewall config/includes.chroot/lib/live/config/9999-firewall
+RUN echo "firewall ${server_ip} ${server_port}\n" >> config/includes.chroot/lib/live/config/9999-firewall
# install wifi template
-ADD ${config_dir}/WIFI.nmconnection config/includes.chroot/etc/NetworkManager/system-connections/
+ADD ${config_dir}/wifi/WIFI.nmconnection config/includes.chroot/etc/NetworkManager/system-connections/
RUN chmod 0600 config/includes.chroot/etc/NetworkManager/system-connections/WIFI.nmconnection
# script hook to set password for nexus user (pwd is "pipo")
diff --git a/live_exam_os/config/boot_hooks/certificates b/live_exam_os/config/boot_hooks/certificates
new file mode 100755
index 00000000..d75bf970
--- /dev/null
+++ b/live_exam_os/config/boot_hooks/certificates
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+. /lib/live/config.sh
+
+## live-config(7) - System Configuration Components
+## Copyright (C) 2016-2020 The Debian Live team
+## Copyright (C) 2006-2015 Daniel Baumann <mail@daniel-baumann.ch>
+##
+## This program comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
+## This is free software, and you are welcome to redistribute it
+## under certain conditions; see COPYING for details.
+
+# Unused for now
+add_nexus_certs ()
+{
+ if [ ! -e /etc/ssl/certs/nexus-server.pem ] && [ -e /usr/share/ca-certificates/nexus-server/nexus-server.crt ]
+ then
+ echo "nexus-server/nexus-server.crt" >> /etc/ca-certificates.conf
+ update-ca-certificates
+ fi
+}
+
+add_nexus_certs
\ No newline at end of file
diff --git a/live_exam_os/config/boot_hooks/firewall b/live_exam_os/config/boot_hooks/firewall
new file mode 100755
index 00000000..e09fac38
--- /dev/null
+++ b/live_exam_os/config/boot_hooks/firewall
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+. /lib/live/config.sh
+
+firewall ()
+{
+ ufw default deny incoming
+ ufw default deny outgoing
+ ufw allow out from any to $1 port 80
+ ufw allow out from any to $1 port 443
+ ufw allow out from any to $1 port $2
+ ufw allow out from any to $1 port 1025:65535 proto tcp
+ ufw allow out from any to $1 port 1025:65535 proto udp
+ ufw enable
+}
+
diff --git a/live_exam_os/config/grub_config.cfg b/live_exam_os/config/bootloader/grub_config.cfg
similarity index 100%
rename from live_exam_os/config/grub_config.cfg
rename to live_exam_os/config/bootloader/grub_config.cfg
diff --git a/live_exam_os/config/grub_splash.png b/live_exam_os/config/bootloader/grub_splash.png
similarity index 100%
rename from live_exam_os/config/grub_splash.png
rename to live_exam_os/config/bootloader/grub_splash.png
diff --git a/live_exam_os/config/isolinux.cfg b/live_exam_os/config/bootloader/isolinux.cfg
similarity index 100%
rename from live_exam_os/config/isolinux.cfg
rename to live_exam_os/config/bootloader/isolinux.cfg
diff --git a/live_exam_os/config/isolinux_menu.cfg b/live_exam_os/config/bootloader/isolinux_menu.cfg
similarity index 100%
rename from live_exam_os/config/isolinux_menu.cfg
rename to live_exam_os/config/bootloader/isolinux_menu.cfg
diff --git a/live_exam_os/config/isolinux_splash.png b/live_exam_os/config/bootloader/isolinux_splash.png
similarity index 100%
rename from live_exam_os/config/isolinux_splash.png
rename to live_exam_os/config/bootloader/isolinux_splash.png
diff --git a/live_exam_os/config/isolinux_stdmenu.cfg b/live_exam_os/config/bootloader/isolinux_stdmenu.cfg
similarity index 100%
rename from live_exam_os/config/isolinux_stdmenu.cfg
rename to live_exam_os/config/bootloader/isolinux_stdmenu.cfg
diff --git a/live_exam_os/config/keyboard b/live_exam_os/config/keyboard
deleted file mode 100644
index ad849b1f..00000000
--- a/live_exam_os/config/keyboard
+++ /dev/null
@@ -1,10 +0,0 @@
-# KEYBOARD CONFIGURATION FILE
-
-# Consult the keyboard(5) manual page.
-
-XKBMODEL="pc105"
-XKBLAYOUT="ch"
-XKBVARIANT="fr"
-XKBOPTIONS=""
-
-BACKSPACE="guess"
diff --git a/live_exam_os/config/live-exam-hook b/live_exam_os/config/live-exam-hook
deleted file mode 100755
index b413a788..00000000
--- a/live_exam_os/config/live-exam-hook
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-
-. /lib/live/config.sh
-
-## live-config(7) - System Configuration Components
-## Copyright (C) 2016-2020 The Debian Live team
-## Copyright (C) 2006-2015 Daniel Baumann <mail@daniel-baumann.ch>
-##
-## This program comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
-## This is free software, and you are welcome to redistribute it
-## under certain conditions; see COPYING for details.
-
-# add_nexus_certs ()
-# {
-# if [ ! -e /etc/ssl/certs/nexus-server.pem ] && [ -e /usr/share/ca-certificates/nexus-server/nexus-server.crt ]
-# then
-# echo "nexus-server/nexus-server.crt" >> /etc/ca-certificates.conf
-# update-ca-certificates
-# fi
-# }
-
-firewall ()
-{
- ufw default deny incoming
- ufw default deny outgoing
- ufw allow out from any to $1 port 80
- ufw allow out from any to $1 port 443
- ufw allow out from any to $1 port $2
- ufw allow out from any to $1 port 1025:65535 proto tcp
- ufw allow out from any to $1 port 1025:65535 proto udp
- ufw enable
-}
-
-# add_nexus_certs
\ No newline at end of file
diff --git a/live_exam_os/config/screen/screen_settings.desktop b/live_exam_os/config/screen/screen_settings.desktop
new file mode 100644
index 00000000..16b92103
--- /dev/null
+++ b/live_exam_os/config/screen/screen_settings.desktop
@@ -0,0 +1,12 @@
+[Desktop Entry]
+Encoding=UTF-8
+Version=0.9.4
+Type=Application
+Name=screen settings
+Comment=
+Exec=bash /usr/local/bin/screen_settings.sh
+OnlyShowIn=XFCE;
+RunHook=0
+StartupNotify=false
+Terminal=true
+Hidden=false
diff --git a/live_exam_os/config/Xsession b/live_exam_os/config/screen/screen_settings.sh
similarity index 70%
rename from live_exam_os/config/Xsession
rename to live_exam_os/config/screen/screen_settings.sh
index 3222364c..670b38a0 100644
--- a/live_exam_os/config/Xsession
+++ b/live_exam_os/config/screen/screen_settings.sh
@@ -1,6 +1,8 @@
+#!/bin/bash
+
# Set brightness at 100%
screen=`xrandr -q|grep ' connected'|head -n1|cut -d ' ' -f1`
-xrandr --output $screen --brightness 0.5
+xrandr --output $screen --brightness 1
# Disable screen blanking
xset s off
diff --git a/live_exam_os/config/systemd/screen_settings.service b/live_exam_os/config/systemd/screen_settings.service
new file mode 100644
index 00000000..9ee3773a
--- /dev/null
+++ b/live_exam_os/config/systemd/screen_settings.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Screen settings
+After=display-manager.service
+Requires=display-manager.service
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/screen_settings.sh
+
+[Install]
+WantedBy=default.target
diff --git a/live_exam_os/config/systemd/screen_settings.sh b/live_exam_os/config/systemd/screen_settings.sh
new file mode 100644
index 00000000..670b38a0
--- /dev/null
+++ b/live_exam_os/config/systemd/screen_settings.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# Set brightness at 100%
+screen=`xrandr -q|grep ' connected'|head -n1|cut -d ' ' -f1`
+xrandr --output $screen --brightness 1
+
+# Disable screen blanking
+xset s off
diff --git a/live_exam_os/config/WIFI.nmconnection b/live_exam_os/config/wifi/WIFI.nmconnection
similarity index 100%
rename from live_exam_os/config/WIFI.nmconnection
rename to live_exam_os/config/wifi/WIFI.nmconnection
diff --git a/live_exam_os/config/xfce/xfce4-power-manager.xml b/live_exam_os/config/xfce/xfce4-power-manager.xml
index 40b61b67..3b653cd2 100644
--- a/live_exam_os/config/xfce/xfce4-power-manager.xml
+++ b/live_exam_os/config/xfce/xfce4-power-manager.xml
@@ -2,7 +2,7 @@
<channel name="xfce4-power-manager" version="1.0">
<property name="xfce4-power-manager" type="empty">
- <property name="power-button-action" type="empty"/>
+ <property name="power-button-action" type="uint" value="3"/>
<property name="dpms-enabled" type="bool" value="false"/>
</property>
</channel>
--
GitLab