1. Manuals
  2. Brands
  3. Red Hat Manuals
  4. Desktop
  5. DESKTOP
  6. Deployment manual

Red Hat DESKTOP Deployment Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Red Hat Desktop
Deployment Guide

Advertisement

Table of Contents
loading

Summary of Contents for Red Hat DESKTOP

  • Page 1 Red Hat Desktop Deployment Guide...
  • Page 2 All other trademarks referenced herein are the property of their respective owners. The GPG fingerprint of the security@redhat.com key is: CA 20 86 86 2B D6 9D FC 65 F6 EC C4 21 91 80 CD DB 42 A6 0E...

  • Page 3: Table Of Contents

    Table of Contents Introduction............................i 1. Document Conventions ......................i 2. Activate Your Subscription ....................iii 2.1. Provide a Red Hat Login..................iv 2.2. Provide Your Subscription Number ..............iv 2.3. Connect Your System.................... iv 3. We Need Feedback! ......................v 1.

  • Page 5: Introduction

    Introduction Welcome to the Red Hat Desktop Deployment Guide! Deploying the GNOME Desktop across an organization commonly requires that some aspects of the desktop enviroment be modified for that specific deployment. This document aims to enumerate common deployment tasks and establish best practices for those tasks. This document is not intended to address the more general topic of system administration and the GNOME Desktop.
  • Page 6 Introduction [key]-[combination] A combination of keystrokes is represented in this way. For example: The [Ctrl]-[Alt]-[Backspace] key combination exits your graphical session and returns you to the graphical login screen or the console. text found on a GUI interface A title, word, or phrase found on a GUI interface screen or window is shown in this style. Text shown in this style is being used to identify a particular GUI screen or an element on a GUI screen (such as text associated with a checkbox or field).
  • Page 7 Introduction <replaceable> Text used for examples, which is meant to be replaced with data provided by the user, is displayed in this style. In the following example, <version-number> is displayed in this style: The directory for the kernel source is , where /usr/src/kernels/ <...

  • Page 8: Activate Your Subscription

    If you can not complete registration during the Setup Agent (which requires network access), you can alternatively complete the Red Hat registration process online at http://www.redhat.com/register/. 2.1. Provide a Red Hat Login...

  • Page 9: We Need Feedback

    If you spot a typographical error in the Red Hat Desktop Deployment Guide, or if you have thought of a way to make this manual better, we would love to hear from you! Please submit a report in Bugzilla: http://bugzilla.redhat.com/bugzilla/ against the component rhd-dg. When submitting a bug report, be sure to mention the manual’s identifier: rhd-dg(EN)-4-Print-RHI (2005-03-09T16:26) If you have a suggestion for improving the documentation, try to be as specific as possible when de-...
  • Page 10 Introduction...

  • Page 11: Configuration Overview: The Gconf System

    Chapter 1. Configuration Overview: The GConf System The GConf system is one of the primary means to configure the users’ desktops, therefore a brief overview of this system is provided below. Many configurable quantities are accessible via key/value pairs using the graphical GConf editor tool. This tool is available from the command-line using the command , or, /usr/bin/gconf-editor...
  • Page 12 Chapter 1. Configuration Overview: The GConf System Readers might first wish to refer to the GConf section of the GNOME Desktop System Administration Guide available through Applications (the main menu on the panel) => Help, and by selecting the Desktop Category, selecting the System Administration Guide Document, and reading the chapter titled Using GConf , and also the GConf project page located on the web at http://www.gnome.org/projects/gconf/ before continuing.

  • Page 13: Setting System-Wide Default And Mandatory Preferences

    Chapter 1. Configuration Overview: The GConf System $(ENV_name) Any other environmental variable may be referenced by prefixing the environmental variables name with ENV_ 1.2. Setting System-Wide Default and Mandatory Preferences You can set system-wide settings using either the graphical GConf editor or the command line utility, .

  • Page 14: Using The Gconftool-2 Utility

    Chapter 1. Configuration Overview: The GConf System Refer to the Configuration Editor Manual (available through the online help system) for more detailed information on using the GConf editor. 1.2.2. Using the Utility gconftool-2 you can set the system-wide default number of workspaces to 5 by For example, using gconftool-2 issuing the command:...

  • Page 15: Configuring The Panel

    Chapter 2. Configuring the Panel For more information on configuring panels, refer to the GConf chapter of the GNOME Desktop Ad- ministration Guide available through Applications (the main menu on the panel) => Help, selecting the Desktop Category, and choosing the System Administration Guide Document. Note For information on locking down the panel, refer to Section 4.3 Locking Down the Panel .

  • Page 16: Default Configuration

    = menu-bar position = 0 locked = true /apps/panel/objects/web_launcher: toplevel_id = top_panel object_type = launcher-object position = 1 launcher_location = file:///usr/share/applications/redhat-web.desktop /apps/panel/applets/clock: toplevel_id = top_panel object_type = bonobo-applet position = 1 panel_right_stick = true locked = true bonobo_iid = OAFIID:GNOME_ClockApplet 2.1.2.
  • Page 17 Chapter 2. Configuring the Panel Refer to the GNOME Desktop System Administration Guide for an alternative method for changing the default panel configuration to that described below. The following provides a more complex example of how to modify the default panel configuration. 2.1.3.1.
  • Page 18 Chapter 2. Configuring the Panel <string>clock</string> </value> <value> <!-- System Tray Applet --> <entry> <key>applets/systray/object_type</key> <schema_key>/schemas/apps/panel/objects/object_type</schema_key> <value> <string>bonobo-applet</string> </value> </entry> <entry> <key>applets/systray/menu_path</key> <schema_key>/schemas/apps/panel/objects/menu_path</schema_key> </entry> <entry> <key>applets/systray/launcher_location</key> <schema_key>/schemas/apps/panel/objects/launcher_location</schema_key> </entry> <entry> <key>applets/systray/action_type</key> <schema_key>/schemas/apps/panel/objects/action_type</schema_key> </entry> <!-- Clock Applet --> Create the configuration source into which you will load your modified default setup: •...

  • Page 19: Menu Editing And Configuration

    Chapter 3. Menu Editing and Configuration For detailed information describing the implementation of the menu system, refer to the Desktop Menu Specification located at the freedesktop.org website: http://standards.freedesktop.org/menu- spec/latest. It is often useful for an administrator to add or remove items from the main desktop Applications menu.

  • Page 20: Removing Menu Items For Individual Users

    Chapter 3. Menu Editing and Configuration Directory Entry ( ) Files *.directory files provide data about a menu such as its name, tooltip, and icon, and *.directory . Refer to the GNOME Desktop System are located in /usr/share/desktop-directories/ Administration Guide for more information on directory entry files. Desktop Entry ( ) Files *.desktop...

  • Page 21: Removing Submenus For Individual Users

    Chapter 3. Menu Editing and Configuration Note The user’s session must be restarted for the menu changes to take effect. 3.3. Removing Submenus for Individual Users To remove the entire System Settings submenu for a user, use the <Deleted/> element in the user’s file as shown: $HOME/.config/menus/applications.menu <!DOCTYPE Menu PUBLIC "-//freedesktop//DTD Menu 1.0//EN"...
  • Page 22 Chapter 3. Menu Editing and Configuration 3.5. Removing System Menus for All Users System Settings Applications remove submenu menu, edit , by adding the following before the final </Menu> tag /etc/xdg/menus/applications.menu in the file: <Menu> <Name>System Settings</Name> <Deleted/> </Menu> </Menu> <!-- End Applications --> The other submenus of the Applications can be removed in similar fashion.

  • Page 23: Locking Down The Desktop: Disabling Gnome Desktop Features

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features The GNOME desktop can be configured to restrict user access to a number of actions, such as print- ing, access to the command line, and even the ability to log out of the system. The most restricted configuration can be used to form the basis for a public terminal configuration or that of a kiosk-like setup, in which the user can only perform simple functions like web browsing.

  • Page 24: Window Manager Configuration

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features 4.2. Disabling [Ctrl]-[Alt]-[Delete] To prevent the key sequence [Ctrl]-[Alt]-[Delete] from rebooting the computer and from displaying the Log Out dialog, you must make configuration changes at both the window manager level and at the system level.

  • Page 25: System-Level Configuration

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-3. Resetting the run_command_1 4.2.2. System-Level Configuration To disable [Ctrl]-[Alt]-[Delete] at the system level, comment out the relevant section in as shown below: /etc/inittab # Trap CTRL-ALT-DELETE #ca::ctrlaltdel:/sbin/shutdown -t3 -r now 4.2.3.

  • Page 26: Disabling Applets

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features key using Gconf editor, as shown in Figure 4-4. Figure 4-4. Locking Down the Panel 4.3.1. Disabling Applets To disable certain applets from loading or appearing in the applet menu, you can specify which applets you wish to disable by adding the appropriate applet IID to the key.

  • Page 27: Disabling Command Line Access

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-5. Disabling Panel Applets Disabled applets may still appear in the dialog for adding applets, but will not be added to the panels. Note The panel must be restarted for disabled applet changes to take effect. 4.4.

  • Page 28: Restricting The Number Of Workspaces

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-6. Setting the GConf Key disable_command_line Disabling the Command Line (Mini Commander) applet disable this applet, will need applet OAFIID:GNOME_MiniCommanderApplet to the list of disabled applets. Refer to Section 4.3.1 Disabling Applets for information on disabling applets. Disabling Console Switching Access to all virtual consoles can be disabled by adding a option to the...

  • Page 29: Removing Desktop Icons

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-7. Setting the Number of Workspaces 4.6. Removing Desktop Icons To remove one or more of the default icons from the desktop, unset the appropriate key /apps/nautilus/desktop/*_icon_visible as shown in Figure 4-8.
  • Page 30 Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-8. Removing the Computer Desktop Icon To prevent the appearance of icons representing mounted media such as cdroms, unset the following /apps/nautilus/desktop/volumes_visible as shown in Figure 4-9.
  • Page 31 Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-9. Removing Desktop Volumes Icons To eliminate all icons from the desktop, unset the following key /apps/nautilus/preferences/show_desktop as shown in Figure 4-10.

  • Page 32: Other Kiosk-Related Configuration Tasks

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-10. Removing All Desktop Icons Note Unsetting this key also removes the desktop background menu, thereby eliminating access to the Open Terminal menu item. This is a recommended step for disabling command line access as described in Section 4.4 Disabling Command Line Access.

  • Page 33: Disabling Printing Functionality

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-11. Disabling Automounting 4.7.2. Disabling Printing Functionality To disable printing and printing setup, set the following keys /desktop/gnome/lockdown/printing /desktop/gnome/lockdown/print-setup as shown in Figure 4-12.

  • Page 34: Disabling File Saving

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-12. Disabling Printing Functionality 4.7.3. Disabling File Saving To prevent a user from saving files to disk and from access to all "Save As..." dialogs, set the /desktop/gnome/lockdown/save_to_disk key as shown in Figure 4-13.

  • Page 35: Disabling Application Force Quit

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-13. Disabling Writing to Disk 4.7.4. Disabling Application Force Quit To prevent the user from forcing an application to quit by eliminating access to the force quit button, set the /apps/panel/global/disable_force_quit key as shown in Figure 4-14.

  • Page 36: Locking Down Preferences For The Firefox Web Browser

    Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features Figure 4-14. Disabling Application Force Quit 4.7.5. Locking Down Preferences for the Firefox Web Browser A complete, succinct guide to locking down preferences for the Firefox and Mozilla web browsers is available on the web at http://togami.com/~warren/guides/mozlockdown.
  • Page 37 Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features 4.7.6.1. Using the Login Screen Setup Tool To enable automatic login using the graphical Login Screen Setup tool, start the application by either typing the command • gdmsetup or via the menus through Applications (the main menu on the panel) =>...
  • Page 38 Chapter 4. Locking Down the Desktop: Disabling GNOME Desktop Features...

  • Page 39: Remote Desktop Access

    Chapter 5. Remote Desktop Access In the enterprise environment, system administrators often need to deal with a large number of basic problems on users’ machines. Remotely taking control of a user’s desktop to fix the problem, while at the same time training the user how to resolve the problem for themselves, is an effective and simple way to handle these types of support scenarios.

  • Page 40: Gaining Remote Administrative Access

    Chapter 5. Remote Desktop Access Figure 5-1. Default Remote Desktop Access Control Dialog As can be seen in the above image, the access can be granted in a number of ways: Allow other users to view your desktop • Allow other users to control your desktop •...

  • Page 41: Connecting Using Vncviewer

    Chapter 5. Remote Desktop Access Figure 5-2. Remote Desktop Access for Administration With the above access permissions, the administrator should be able to gain complete access to the user’s desktop. This method has the further benefit that the user can observe the administrator control the user’s desktop in real time.

  • Page 42: Connecting To A Remote Linux Desktop

    Chapter 5. Remote Desktop Access The Terminal Server Client serves as a graphical interface to the command line programs , and can be accessed from the command line using the vncviewer rdesktop tsclient command. Terminal Server Client is a GNOME 2 application for remotely accessing Microsoft Windows NT/2000™...

  • Page 43: Connecting To A Remote Windows Desktop

    Chapter 5. Remote Desktop Access Figure 5-3. Terminal Server Client Using VNC to Connect to a Linux Desktop 5.3.2. Connecting to a Remote Windows Desktop The minimal configuration for a user named "sam" connecting to a Windows 2000™ desktop named using the RDPv5 protocol is shown in Figure 5-3.
  • Page 44 Chapter 5. Remote Desktop Access Figure 5-4. Terminal Server Client Using RDP to Connect to a Windows Desktop After choosing Connect, you will be prompted for a user name and password. Note The user account with which you connect to the terminal server must have administrative privileges on the machine to which you are connecting.

  • Page 45: Index

    Index feedback contact information for this manual, v file saving activating your subscription, iv disabling, 24 auto login, 26 Firefox editing gdm.conf, 27 lockdown, 26 automounting force quit disabling, 22 disabling, 25 browser lockdown, 26 gconf configuration sources, 1 reference, 1 GConf editor, 1 command line access introduction, 3...
  • Page 46 remote desktop access, 29 Lock Screen disable, 13 key, 13 lockdown subscription registration, iv desktop, 13 disabling applets, 16 Log Out disable, 13 Terminal Server Client key, 13 connecting, 31 login thin clients, 29 automatic, 26 editing gdm.conf, 27 gdmsetup, 27 Login Screen Setup Tool, 27 vncviewer using, 31...

  • Page 47: Colophon

    Colophon The manuals are written in DocBook SGML v4.1 format. The HTML and PDF formats are produced using custom DSSSL stylesheets and custom jade wrapper scripts. The DocBook SGML files are written in Emacs with the help of PSGML mode. Garrett LeSage created the admonition graphics (note, tip, important, caution, and warning).
  • Page 48 Nadine Richter — German translations Audrey Simons — French translations Francesco Valente — Italian translations Sarah Wang — Simplified Chinese translations Ben Hung-Pin Wu — Traditional Chinese translations...

Table of Contents