Building a Kiosk where Google Chrome is running in full screen and user interaction with the system are reduced to the minimum.
This will be pass as most of you should be able to install a basic Debian system. Just set lvm encryption, strong password for root and for the user and mostly do not install useless program, check only the program you need (ssh for instance).
Installing the packages
We will need a few more packages to be able to run things:
- X (display server)
- A light window manager able to run Chrome in full screen
- Google Chrome
- sudo to be able to impersonate the user
The first operations will be done using root as the sudo command is not installed yet.
First we add the Google Chrome repository and the key to check the package integrity:
- Edit the file
/etc/apt/source.listand add the following repository:
deb http://dl.google.com/linux/chrome/deb/ stable main
- Execute the following command:
wget -qO- https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add -
Then we need to update the package list and install all necessary packages:
apt-get updateapt-get install --no-install-recommends xorg openbox sudo google-chrome-stable
--no-install-recommendsparameter some useless packages will be
Load Chrome in kiosk at startup
We need a script that will configure and load Chrome at the X server startup. As we don't want any data saved between each session we will delete the Chrome profile each time the script is used. Moreover it is in this script that we choose the starting page of Chrome.
Create and edit the script:
sudo vi /opt/kiosk.sh
The file content is the following:
1 2 3 4 5 6 7 8
Give the execution right to the script:
sudo chmod +x /opt/kiosk.sh
In order to start the X server and launch the
kiosk.sh script, we need to
create a systemd service.
In order to to that, create and edit the file
sudo vi /etc/systemd/system/kiosk.service
The content of the file is the following:
[Unit]Description=Kiosk [Service] Type=oneshot ExecStart=/usr/bin/sudo –u user /usr/bin/startx /etc/X11/Xsession /opt/kiosk.sh -- [Install] WantedBy=multi-user.target
We need to enable the script with the following command:
systemctl enable kiosk
To run the script use the following command:
systemctl start kiosk »
You can also reboot in order to check that the script is automatically launch at startup.
If you need a terminal, you can use
Automatically mount USB key
If your users need to copy data from the machine this paragraph is for you. Otherwise this is just informational.
As our users don't have a shell access they are unable to mount USB key. Therefore we need to automatically mount them.
We need the
apt-get install --no-install-recommends usbmount
The USB keys will be automatically mount into
/mnt/usbX.In order for the user
to have the permissions to right on it we need to add its
gid in the
Edit the file
/etc/usbmount/usbmount.conf and the user
guid to the
following line (the
gid can be found in
The line would be something like the following: