Epoptes

Search this site

http://ts.sch.gr

Installation

Epoptes consists of a server package called epoptes and a client package called epoptes-client. Install the server part on the PC where you'll be monitoring the clients from. If you want to use the GUI from a thin-client, install it on the LTSP server.

Adding the epoptes PPA to your sources

You don't need to add the epoptes repository to your sources if you're using Debian 7.0 (Wheezy), Ubuntu 12.04 (Precise) or newer versions. For previous Debian and Ubuntu versions, you need to execute the following commands, but not yet, wait until you're prompted to do from the following sections.
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0350B375
series=$(lsb_release -s -c)
test "$series" = squeeze && series=lucid
test "$series" = wheezy && series=precise
echo "deb http://ppa.launchpad.net/epoptes/ppa/ubuntu $series main" > \
     "/etc/apt/sources.list.d/epoptes-ppa-$series.list"
apt-get update

Server package installation

Execute the following commands as root (use sudo -i first on Ubuntu or su - on Debian):
==> now run the commands from the "Adding the epoptes PPA to your sources" step
apt-get install epoptes

After the installation you need to add some users to group "epoptes" (or use another group as mentioned in the Configuration section below). These users will be allowed to launch the GUI and control clients:
gpasswd -a username epoptes

Users that are currently logged on need to logoff/logon for the group change to take effect (or use newgrp).

Client package installation for LTSP chroots

For LTSP chroots, execute the following commands. Substitute i386 with amd64 if you have an amd64 chroot:
sudo chroot /opt/ltsp/i386
==> now run the commands from the "Adding the epoptes PPA to your sources" step
apt-get install epoptes-client
epoptes-client -c             # Fetches the OpenSSL certificate from the server
exit

On Ubuntu, you also need to update the NBD image for the changes to take effect:
sudo ltsp-update-image

Client package installation for standalone clients

For all other cases, e.g. standalone clients, execute those commands as root (use sudo -i first on Ubuntu or su - on Debian):
==> now run the commands from the "Adding the epoptes PPA to your sources" step
apt-get install epoptes-client
epoptes-client -c             # Fetches the OpenSSL certificate from the server

Then you need to tell epoptes-client to which server it should connect. By default, it will try to connect to the DNS name "server". If you don't have a DNS server, you can put that in /etc/hosts.
If you don't want to use "server" as the server name where the clients connect to, see the following section.
Also note that packages are not allowed to start programs inside a user's session, so you need to logoff and logon for epoptes-client installation to take effect.

Configuration

Per-user settings are stored in ~/.config/epoptes. Most of them are exposed in the application UI, but you can also manually edit the files in that directory for more obscure settings.

The server package settings are stored in /etc/default/epoptes. There you can specify the unix group which members are allowed to launch the application GUI. By default that is set to epoptes, but for example you can create a staff group and modify the group line in the configuration file as follows:
# Epoptes server will use the following group for the communications socket.
# That means that any user in that group will be able to launch the epoptes UI
# and control the clients.
SOCKET_GROUP=staff

The client package settings are stored in /etc/default/epoptes-client. A useful variable in that file is SERVER, which is the DNS name or IP address of the server that the clients will be connecting to:
# The server which epoptes-client will be connecting to.
# If unset, thin client user sessions running on the server will try to connect
# to "localhost", while thin client root sessions and fat or standalone clients
# will try to connect to "server".
# LTSP automatically puts "server" in /etc/hosts for thin and fat clients,
# but you'd need to put "server" in DNS manually for standalone clients.
SERVER=fatclient5

Be careful not to put spaces around the equal signs in those files, as they're shell files and it would be considered a syntax error. You can check for syntax errors with
sh -n /etc/default/epoptes

Notes for ltsp-cluster

If you have multiple application servers and are using ltsp-cluster, you need to install epoptes-client to each one of the application servers by following the "Client package installation for standalone clients" section above.

Manually updating the OpenSSL certificate

You shouldn't ever need to manually update the epoptes OpenSSL certificate, but if you need to, here's a command to get you started. You can read more options in the openssl man page.
openssl req -batch -x509 -nodes -newkey rsa:1024 -days 1826 -keyout /etc/epoptes/server.key -out /etc/epoptes/server.crt
Comments