TC Boot and Sys configuration

[Cyberwinder]

Hi there,

I'm new to TC so I apologize in advance for my lack of familiarity for what many of you could probably do blindfolded... in your sleep.

I'm working on a project similar to the kiosk browser concept but that instead runs my own application, and is completely contained to a flash drive. Users would boot into their own device, only have access to the application and be are restricted from viewing and modifying any other part of the OS. Anything else that isn't depended on by the application can go away to achieve a bare minimum system with minimized insecurities. The idea is to create an environment where a user can use the application but nothing the user does persists across reboots.

At this point I have TCP installed on a drive, and I've gone through the first several sections of "Into the Core - A look at Tiny Core Linux."
However, it's not clear to me where and how system configuration happens. I've gotten a glimpse of the how, but I am clueless as to the where. Maybe the when as well, whether or not I can configure after install.

If I could get some general pointers, direction to resources it would be fantastic and much appreciated.

Your questions help me as much as my answers help you.

[polikuo]

At this point I have TCP installed on a drive, and I've gone through the first several sections of "Into the Core - A look at Tiny Core Linux."
However, it's not clear to me where and how system configuration happens. I've gotten a glimpse of the how, but I am clueless as to the where. Maybe the when as well, whether or not I can configure after install.

Hi Cyberwinder.
Welcome to the forum
I believe you're looking for chapter 7. Persistence
What are you trying to accomplish ?

[Cyberwinder]

The final result should be a drive that when booted into opens my application for use. That is all the user should be able access. No desktop, no terminal, nothing. Startup would go something like this. Boot into USB, enter username and password at prompt, select wifi network and password at prompt. Application starts up and is ready for use. User uses application, plays some pacman, minesweeper or whatever. On shutdown no new data persist except a few pieces of updated application data, like the users new high score.
I use pacman and minesweeper to illustrate how the OS design interacts with the application. I've only just started developing the actual application and it's a completely separate ball of wax.

[polikuo]

Boot into USB, enter username and password at prompt, select wifi network and password at prompt.

I think you can do that withe boot code "noautologin", but you'll have to backup your "new user" beforehand.

Boot into USB, enter username and password at prompt, select wifi network and password at prompt.

The wifi connection is handled by an interactive shell script.
I'm not sure if you can boot into that script interactively.
Besides, that would be in the command prompt.

Application starts up and is ready for use. User uses application, plays some pacman, minesweeper or whatever.

If you use X, you can start applications with scripts in ~/.X.d
For prompt, however, I think you'll need to hack around .ashrc or .profile
You'll defiantly need several checkers so the the program won't be called multiple time.
I think you can create an empty file as a marker, and check if file existed.

On shutdown no new data persist except a few pieces of updated application data, like the users new high score.

This is fairly easy, use /opt/.filetool.lst and /opt/.xfiletool.lst to control the files that need to be preserved or removed.

[Rich]

Hi Cyberwinder

... That is all the user should be able access. No desktop, no terminal, nothing. ...

That means starting at the beginning, the boot process. You have to make sure the user can not enter any boot
codes, like  text  or  base. Those would provide access to the console.

You could set up the bootloaders config file to prevent entering a boot code. You posts suggest a removable
drive, so someone could plug it into a running machine and edit the config file to allow entering a boot code.

You could unpack the initrd, edit the  /etc/init.d/tc-config  startup file and delete the 2 lines that recognize those
boot codes, then repack the initrd. Someone knowledgeable to Tinycores inner workings could still undo that, but
it's a little more involved. tc-config calls other scripts and programs. You could modify one of those to run a md5
or a simple checksum to see if  tc-config  has been modified. Then shutdown the computer if tampering was
detected. You could even tie it to the computers MAC address. That would make it harder to trace what's going
on by booting it or a copy on another machine. How far do you want to take this?

You'll probably want to block certain key combinations, like  Ctrl-Alt-F1 , which switches you to the console, and
Ctrl-Alt-Backspace , which exits the desktop and leaves you in the console.
You might want to check out these threads:
http://forum.tinycorelinux.net/index.php/topic,18785.0.html
http://forum.tinycorelinux.net/index.php/topic,21896.0.html

Boot into USB, enter username and password at prompt, select wifi network and password at prompt.

I think you can do that withe boot code "noautologin", but you'll have to backup your "new user" beforehand. ...

I think I would integrate the user/password function directly into the application.

[Cyberwinder]

Wow! Thank you Polikuo and Rich. I have my homework cut out for me now.