I blogged about this topic when I built my first proof of concept. I read the feedback and considered all options and have decided that my original plan seems the most robust, stable and feature rich. The HP thin clients run a Debian build, so I installed proftpd and got it working. The beauty of FTP is that it's stateless. Anyone that supports users of differing skills knows they will find ways to disrupt the best laid technology plans. :) I therefore did not want any stateful mounts from the servers to the thin clients. With the various techniques used by people, I know they would find a way to cause a problem with a mount or get something locked/stuck. FTP performs a task (list, upload, download) and then is immediately finished. Very clean, to me. I added a permissions based icon to the desktop:
When launched, the script gets the hostname of the thin client currently connected and then opens a nautilus window. The FTP account on the thin client has a password that is entered via the dialog window.
SDISPLAY=` echo $DISPLAY | awk -F ":" ' {print $1}'`
nautilus ftp://media@$SDISPLAY
From the users perspective they don't think about the technology, and simply get a file manager as expected. The files can be moved to the server or desktop as desired. Files on USB sticks at remote sites will upload and move right to the servers located here at City Hall.
Here are the lines in proftpd.conf of interest in this deployment:
ScoreboardFile /etc/proftpd.scoreboard # file system allows writes
DefaultRoot /media # FTP can only get to media only
MaxInstances 100 #Lots of quick UI clicking counts as new users, increased
HideFiles (\.bas|\.bat|\.cab|\.cmd|\.com|\.dll|\.exe|\.inf|\.js|\.mdb|\.msi|\.vb|\.vbe)
IgnoreHidden on
The last section hides most executables from view completely. If they are on the users USB stick, GNOME won't even see or display them. If you can't see them, you can't drop and drag them.
I'm sure there will be some tuning, but it's working well enough for a pre-release.
We are testing some perks of this design:
- Being able to share your USB stick with other users, from any facility.
- Someone in our support group might be at a remote site fixing something, and they need a utility or program here at City Hall. Staff can push it right to them.
Fun stuff, it will be interesting to see how it goes.