[Decaf-devel] Copy-on-Write-to-Discard Homedirs

Luis Matos gass at otiliamatos.ath.cx
Wed Dec 13 23:28:16 CET 2006 

Qua, 2006-12-13 às 21:50 +0000, Joachim Breitner escreveu:
> Hi,
> 
> Am Mittwoch, den 13.12.2006, 20:58 +0000 schrieb Luis Matos:
> > I don't look at decaf as a CDD but as debian package.
> > if you install libpam-decaf you WANT to use it. ok, maybe you don't
> > activate it, but provide all the files for it. The administrator will
> > only copy the file to the right location.
> > 
> > for example, provide /usr/share/doc/libpam-decaf/examples/decaf.pam to
> > administrator to copy to /etc/pam/pam.d/ .
> 
> That is a good point, an example pam file makes sense. 
> 
> > in decaf.conf we maybe also add the use of timecode logins and/or dbuser
> > logins (extending the decaf's current database in the future).
> 
> When you say dbuser, do you just mean that username and password is
> stored in the postgresql, but technically the same unix user will be
> used, or do you mean real system users?


stored in pgsql. something like libpam-pgsql
> 
> > i think for a current 0.2 goal we should implement 100% timecode and
> > have it tested.
> 
> Agreed.
> 
> > so, if i'm right, decaf client (libpam) works like:
> > 
> >  -> user is asked for timecode.
> >  -> user logins as decaf_user (defined in conf)
> Correct
> 
> >  -> a tempfs is mounted as user's home
> Not entirely correct. Using tempfs and unionfs, they have the
> normal /home/decaf directory as their home directory, with possible
> modifications (panel objects, backgrounds etc.) by the cafe owner, but
> all chanes will go to the tempfs and then removed after the user logs
> out. This ensures that the home directory stays intact, and that a
> customer can’t mess up the next customers environment.

i see ... all changes are reverted when he logs off.
> 
> I’m thinking about the best way to offer the cafe administrator to log
> in without this layer to make permanent modifications to the decaf
> user’s settings.

don't worry with this.the administrator would login via ssh or sftp only
to paste a new gconf scheme ... for example.
> 
> 
> What are you going to use DeCaf for, if I may ask? You said you run an
> internet cafe. Where is it? How large is it?


that's with Miguel.


> 
> Thanks,
> Joachim
-- 
Best Regards,
--
Luis Matos

More information about the Decaf-devel mailing list