[sabayon: 13/19] Added help manual for Sabayon. Translations will be welcome.
- From: Scott Balneaves <sbalneav src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [sabayon: 13/19] Added help manual for Sabayon. Translations will be welcome.
- Date: Fri, 4 Dec 2009 20:58:02 +0000 (UTC)
commit b77a5216baf10a7f50fdba08829a1332665b1fc2
Author: Scott Balneaves <sbalneav ltsp org>
Date: Sat Nov 14 19:46:06 2009 -0600
Added help manual for Sabayon. Translations will be welcome.
help/C/figures/add-profile.png | Bin 0 -> 5124 bytes
help/C/figures/apply-by-group.png | Bin 0 -> 6442 bytes
help/C/figures/apply-by-user.png | Bin 0 -> 9782 bytes
help/C/figures/changes.png | Bin 0 -> 25239 bytes
help/C/figures/edit-desktop.png | Bin 0 -> 88957 bytes
help/C/figures/lockdown.png | Bin 0 -> 22290 bytes
help/C/figures/main-window-edit.png | Bin 0 -> 8158 bytes
help/C/figures/main-window.png | Bin 0 -> 7774 bytes
help/C/figures/menu.png | Bin 0 -> 88265 bytes
help/C/legal.xml | 76 +++
help/C/sabayon.xml | 1084 +++++++++++++++++++++++++++++++++++
help/Makefile.am | 17 +
help/sabayon.omf.in | 9 +
13 files changed, 1186 insertions(+), 0 deletions(-)
---
diff --git a/help/C/figures/add-profile.png b/help/C/figures/add-profile.png
new file mode 100644
index 0000000..27b8d0f
Binary files /dev/null and b/help/C/figures/add-profile.png differ
diff --git a/help/C/figures/apply-by-group.png b/help/C/figures/apply-by-group.png
new file mode 100644
index 0000000..f461116
Binary files /dev/null and b/help/C/figures/apply-by-group.png differ
diff --git a/help/C/figures/apply-by-user.png b/help/C/figures/apply-by-user.png
new file mode 100644
index 0000000..c617e22
Binary files /dev/null and b/help/C/figures/apply-by-user.png differ
diff --git a/help/C/figures/changes.png b/help/C/figures/changes.png
new file mode 100644
index 0000000..3e37611
Binary files /dev/null and b/help/C/figures/changes.png differ
diff --git a/help/C/figures/edit-desktop.png b/help/C/figures/edit-desktop.png
new file mode 100644
index 0000000..21ffc51
Binary files /dev/null and b/help/C/figures/edit-desktop.png differ
diff --git a/help/C/figures/lockdown.png b/help/C/figures/lockdown.png
new file mode 100644
index 0000000..dee86fb
Binary files /dev/null and b/help/C/figures/lockdown.png differ
diff --git a/help/C/figures/main-window-edit.png b/help/C/figures/main-window-edit.png
new file mode 100644
index 0000000..e33d985
Binary files /dev/null and b/help/C/figures/main-window-edit.png differ
diff --git a/help/C/figures/main-window.png b/help/C/figures/main-window.png
new file mode 100644
index 0000000..316ba96
Binary files /dev/null and b/help/C/figures/main-window.png differ
diff --git a/help/C/figures/menu.png b/help/C/figures/menu.png
new file mode 100644
index 0000000..95aadad
Binary files /dev/null and b/help/C/figures/menu.png differ
diff --git a/help/C/legal.xml b/help/C/legal.xml
new file mode 100644
index 0000000..ac97e1d
--- /dev/null
+++ b/help/C/legal.xml
@@ -0,0 +1,76 @@
+ <legalnotice id="legalnotice">
+ <para>
+ Permission is granted to copy, distribute and/or modify this
+ document under the terms of the GNU Free Documentation
+ License (GFDL), Version 1.1 or any later version published
+ by the Free Software Foundation with no Invariant Sections,
+ no Front-Cover Texts, and no Back-Cover Texts. You can find
+ a copy of the GFDL at this <ulink type="help"
+ url="ghelp:fdl">link</ulink> or in the file COPYING-DOCS
+ distributed with this manual.
+ </para>
+ <para> This manual is part of a collection of GNOME manuals
+ distributed under the GFDL. If you want to distribute this
+ manual separately from the collection, you can do so by
+ adding a copy of the license to the manual, as described in
+ section 6 of the license.
+ </para>
+
+ <para>
+ Many of the names used by companies to distinguish their
+ products and services are claimed as trademarks. Where those
+ names appear in any GNOME documentation, and the members of
+ the GNOME Documentation Project are made aware of those
+ trademarks, then the names are in capital letters or initial
+ capital letters.
+ </para>
+
+ <para>
+ DOCUMENT AND MODIFIED VERSIONS OF THE DOCUMENT ARE PROVIDED
+ UNDER THE TERMS OF THE GNU FREE DOCUMENTATION LICENSE
+ WITH THE FURTHER UNDERSTANDING THAT:
+
+ <orderedlist>
+ <listitem>
+ <para>DOCUMENT IS PROVIDED ON AN "AS IS" BASIS,
+ WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR
+ IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES
+ THAT THE DOCUMENT OR MODIFIED VERSION OF THE
+ DOCUMENT IS FREE OF DEFECTS MERCHANTABLE, FIT FOR
+ A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE
+ RISK AS TO THE QUALITY, ACCURACY, AND PERFORMANCE
+ OF THE DOCUMENT OR MODIFIED VERSION OF THE
+ DOCUMENT IS WITH YOU. SHOULD ANY DOCUMENT OR
+ MODIFIED VERSION PROVE DEFECTIVE IN ANY RESPECT,
+ YOU (NOT THE INITIAL WRITER, AUTHOR OR ANY
+ CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY
+ SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER
+ OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS
+ LICENSE. NO USE OF ANY DOCUMENT OR MODIFIED
+ VERSION OF THE DOCUMENT IS AUTHORIZED HEREUNDER
+ EXCEPT UNDER THIS DISCLAIMER; AND
+ </para>
+ </listitem>
+ <listitem>
+ <para>UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL
+ THEORY, WHETHER IN TORT (INCLUDING NEGLIGENCE),
+ CONTRACT, OR OTHERWISE, SHALL THE AUTHOR,
+ INITIAL WRITER, ANY CONTRIBUTOR, OR ANY
+ DISTRIBUTOR OF THE DOCUMENT OR MODIFIED VERSION
+ OF THE DOCUMENT, OR ANY SUPPLIER OF ANY OF SUCH
+ PARTIES, BE LIABLE TO ANY PERSON FOR ANY
+ DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR
+ CONSEQUENTIAL DAMAGES OF ANY CHARACTER
+ INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS
+ OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR
+ MALFUNCTION, OR ANY AND ALL OTHER DAMAGES OR
+ LOSSES ARISING OUT OF OR RELATING TO USE OF THE
+ DOCUMENT AND MODIFIED VERSIONS OF THE DOCUMENT,
+ EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF
+ THE POSSIBILITY OF SUCH DAMAGES.
+ </para>
+ </listitem>
+ </orderedlist>
+ </para>
+ </legalnotice>
+
diff --git a/help/C/sabayon.xml b/help/C/sabayon.xml
new file mode 100644
index 0000000..37a7365
--- /dev/null
+++ b/help/C/sabayon.xml
@@ -0,0 +1,1084 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd";
+[<!ENTITY legal SYSTEM "legal.xml">
+ <!ENTITY appversion "2.29.0">
+ <!ENTITY manrevision "1.0">
+ <!ENTITY date "November 2009">
+ <!ENTITY app "<application>sabayon</application>">
+ <!ENTITY appname "Sabayon">
+ <!ENTITY ldquo "“"> <!-- Left Double Quote -->
+ <!ENTITY rdquo "”"> <!-- Right Double Quote -->
+]>
+
+<article id="index" lang="en">
+ <articleinfo>
+ <title>&appname; Administrator's Reference</title>
+ <abstract role="description">
+ <para>
+ &appname; is a profile editor for GNOME.
+ </para>
+ </abstract>
+
+ <copyright>
+ <year>2005</year>
+ <year>2009</year>
+ <holder>CRI74</holder>
+ <holder>Scott Balneaves</holder>
+ </copyright>
+
+ <publisher role="maintainer">
+ <publishername> Scott Balneaves </publishername>
+ </publisher>
+
+ <!-- License -->
+ &legal;
+
+ <authorgroup>
+ <author>
+ <firstname>Phillipe</firstname>
+ <surname>Tonguet</surname>
+ </author>
+ <author>
+ <firstname>Scott</firstname>
+ <surname>Balneaves</surname>
+ </author>
+ </authorgroup>
+
+ <revhistory>
+ <revision>
+ <revnumber>&appname; V&manrevision;</revnumber>
+ <date>&date;</date>
+ </revision>
+ </revhistory>
+
+ <releaseinfo>
+ This manual describes version &appversion; of &appname;.
+ </releaseinfo>
+
+ <legalnotice>
+ <title>Feedback</title>
+ <para>
+ To report a bug or make a suggestion regarding the &app;
+ application or this manual, follow the directions in
+ the <ulink url="ghelp:gnome-feedback" type="help">GNOME Feedback
+ Page</ulink>.
+ </para>
+ </legalnotice>
+ </articleinfo>
+ <indexterm zone="index">
+ <primary>&app;</primary>
+ </indexterm>
+ <indexterm zone="index">
+ <primary>Profiles</primary>
+ </indexterm>
+
+<!-- XXXXXXXXXXXXXXXX Document XXXXXXXXXXXXXXX -->
+
+ <sect1 id='introduction'>
+ <title>Introduction</title>
+ <sect2>
+ <title>Description</title>
+ <para>
+ &appname; is a system administration tool to manage GNOME desktop
+ settings. &appname; provides a sane way to edit GConf defaults
+ and GConf mandatory keys: the same way you edit your desktop.
+ &appname; launches profiles in a Xephyr window, which provides
+ an X session within an X session, like Xnest.
+ </para>
+ <para>
+ Any changes you make in the Xnest window are saved back to
+ the profile file, which can then be applied to user's accounts.
+ Currently &appname; is limited to the creation and update of user
+ preference profiles. It does not deal with the very large
+ problem of actually populating target system with those preferences.
+ So far &appname; supports complete files and the configuration format for:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ GConf
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Mozilla/Firefox
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ OpenOffice.org
+ </para>
+ </listitem>
+ </itemizedlist>
+ </sect2>
+ </sect1>
+ <sect1 id='installation'>
+ <title>Installation</title>
+ <sect2>
+ <title>Installation from a tarball</title>
+ <para>
+ Download &appname; at <ulink
+ url="http://ftp.gnome.org/pub/GNOME/sources/sabayon/"/>
+ </para>
+ <para>
+ To unpack the source, open a terminal and type :
+ </para>
+ <screen>
+$ tar -zxvf ~/sabayon-2.29.0.tar.gz
+$ cd sabayon-2.29.0
+ </screen>
+ <para>
+ Then you can configure and compile the program:
+ </para>
+ <screen>
+$ ./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man
+$ make
+$ sudo make install
+ </screen>
+ <para>
+ Add a user (you must have root permissions) :
+ </para>
+ <screen>
+# /usr/sbin/useradd -c "&appname; user" -d /var/sabayon -g nogroup -s /sbin/nologin sabayon
+ </screen>
+ <para>
+ Create the directory /var/sabayon :
+ </para>
+ <screen>
+# mkdir /var/sabayon
+ </screen>
+ <para>
+ Apply the following permissions :
+ </para>
+ <screen>
+# chown -R sabayon /var/sabayon
+# chgrp -R nogroup /var/sabayon
+ </screen>
+ </sect2>
+ <sect2 id='distropackage'>
+ <title>Installing your distributions package</title>
+ <para>
+ Your distribution probably contains a pre-packaged version of
+ &appname; which will be supported directly by your distribution.
+ Search for the package 'sabayon' in your distribution's package
+ management tools.
+ </para>
+ </sect2>
+ <sect2 id='git'>
+ <title>Installing from the git repository</title>
+ <para>
+ For those who wish to be on the bleeding edge, you can install
+ &appname; from GNOME's git repository.
+ </para>
+ <para>
+ Installing from git is precisely the procedure as installing
+ from the tarball, with the exception of obtaining the release
+ from git, and running the autoconfigure tools.
+ </para>
+ <screen>
+$ git clone git://git.gnome.org/sabayon
+$ cd sabayon
+$ ./autogen.sh â??prefix=/usr
+ </screen>
+ <para>
+ At this point, simply follow the same instructions for
+ configuring and compiling the program as you did for installing
+ from a tarball.
+ </para>
+ </sect2>
+ </sect1>
+ <sect1 id='profile_create'>
+ <title>Create a profile</title>
+ <para>
+ Your first step in creating profiles for your users will be to
+ map out what functions you want your users to have. If you're a
+ business, you may wish to provide a GNOME top panel with a set of
+ launchers already pre-defined. A teacher may want to disable the
+ "Administration" and "Preferences" menu items. These are all
+ things you can do with &appname;.
+ </para>
+ <sect2>
+ <title>Creating a profile</title>
+ <para>
+ Your first step will be to launch &appname;. If you've installed
+ Sabyon from your distribution's package manager, it may have an
+ icon available for you under the "Administration" menu. If
+ you've installed from source, you may need to launch it
+ manually. Press <alt><F2>, and type:
+ </para>
+ <screen>
+gksu sabayon
+ </screen>
+ <para>
+ and press enter. After you've authenticated, you should see
+ the main window for &appname;:
+ </para>
+ <figure>
+ <title>Main Window</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="figures/main-window.png"
+ format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Main window for &appname;</phrase>
+ </textobject>
+ <caption>
+ <para>
+ &appname;'s main window for creating, and applying
+ profiles.
+ </para>
+ </caption>
+ </mediaobject>
+ </figure>
+ <para>
+ To create a new profile, just click on the "Add" button.
+ You'll see a window, called "Add Profile", where you can name the profile, and
+ optionally, select an existing profile which will be the basis,
+ or starting point of this profile:
+ </para>
+ <figure>
+ <title>Add Profile</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="figures/add-profile.png"
+ format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Add Profile window for &appname;</phrase>
+ </textobject>
+ <caption>
+ <para>
+ Add Profile window for &appname;.
+ </para>
+ </caption>
+ </mediaobject>
+ </figure>
+ <para>
+ Now that you've created the profile, you will want to edit it.
+ Select the profile name, and click on Edit button:
+ </para>
+ <figure>
+ <title>Main window - Edit</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="figures/main-window-edit.png"
+ format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Main window - Edit</phrase>
+ </textobject>
+ <caption>
+ <para>
+ Main window - Edit
+ </para>
+ </caption>
+ </mediaobject>
+ </figure>
+ <para>
+ A "desktop within a window" is opened:
+ </para>
+ <figure>
+ <title>Edit Desktop</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="figures/edit-desktop.png"
+ format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Edit desktop</phrase>
+ </textobject>
+ <caption>
+ <para>
+ Edit desktop
+ </para>
+ </caption>
+ </mediaobject>
+ </figure>
+ <para>
+ Within this window, you may make whatever changes to the
+ profile that you wish. You can add launchers or applets to the
+ panels, add launchers to the desktop, or create example files
+ in the home directory.
+ </para>
+ <para>
+ When you are done, you may want to look at what changes to the
+ default session that &appname; has detected you've made. You may
+ do this by clicking on the "Edit" menu, and selecting
+ "Changes". You should see a screen that looks like the
+ following:
+ </para>
+ <figure>
+ <title>Changes window</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="figures/changes.png"
+ format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Changes window</phrase>
+ </textobject>
+ <caption>
+ <para>
+ Edit &appname;'s saved actions in the changes window
+ Edit desktop
+ </para>
+ </caption>
+ </mediaobject>
+ </figure>
+ <para>
+ You can modify what &appname; will save in the profile in the
+ changes screen:
+ </para>
+ <orderedlist>
+ <listitem>
+ <para>
+ If you want &appname; to ignore a setting that's been
+ made, check the "Ignore" checkbox for that item.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ To have a gconf key set as a "default" setting,
+ click the small shield in front of it once, so that
+ it's silver.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ To have a gconf key set as a "manditory" setting,
+ simply leave it as a gold shield.
+ </para>
+ </listitem>
+ </orderedlist>
+ <para>
+ Then save the profile by selecting Profile -> Save
+ The profile is saved in /etc/desktop-profiles, as a .zip file
+ with the name you selected for the profile.
+ </para>
+ </sect2>
+ <sect2>
+ <title>Lockdown Editor</title>
+ <para>
+ GNOME also has lockdown features, which allow you to do things
+ like prevent users from modifying their panels, opening a
+ "Run Application" dialogue, etc.
+ </para>
+ <para>
+ You can use &appname;'s lockdown editor by selecting Edit ->
+ Lockdown on the Desktop editor window.
+ </para>
+ <figure>
+ <title>Lockdown editor</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="figures/lockdown.png"
+ format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Lockdown editor</phrase>
+ </textobject>
+ <caption>
+ <para>
+ Edit GNOME's lockdown settings from &appname;.
+ </para>
+ </caption>
+ </mediaobject>
+ </figure>
+ </sect2>
+ </sect1>
+ <sect1 id='apply'>
+ <title>Applying Profiles</title>
+ <sect2>
+ <title>Applying a profile</title>
+ <para>
+ Important : I advise you creating a new user to test the profile.
+ Add the following lines in /etc/gconf/2/path (add them at the beginning of the file) :
+ </para>
+ <screen>
+xml:readonly:$(HOME)/.gconf.xml.mandatory
+xml:readwrite:$(HOME)/.gconf
+xml:readonly:$(HOME)/.gconf.xml.defaults
+ </screen>
+ </sect2>
+ <sect2>
+ <title>Applying profiles by user</title>
+ <para>
+ Create and edit /etc/X11/Xsesssion.d/60sabayon_apply.
+ </para>
+ <screen>
+#
+# Apply the Sabayon profile for the current user (if any)
+#
+if [ "x$DISABLE_SABAYON_XINITRC" = "x" ] ; then
+ if [ -x /usr/sbin/sabayon-apply ] ; then
+ /usr/sbin/sabayon-apply
+ fi
+fi
+ </screen>
+ <para>
+ Select the profile that you want to apply and click on Users :
+ Then, select the users that you want to apply the profile.
+ In this example Eleve1 and Eleve 2 will have the profile
+ my_profile.
+ </para>
+ <figure>
+ <title>Apply profile by user</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="figures/apply-by-user.png"
+ format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Apply profile by user</phrase>
+ </textobject>
+ <caption>
+ <para>
+ Apply a profile to only certain users.
+ </para>
+ </caption>
+ </mediaobject>
+ </figure>
+ </sect2>
+ <sect2>
+ <title>Applying profiles by group</title>
+ <para>
+ A common desire of systems administrators is to apply profiles
+ by group. You can do this either in the gui tool itself, or
+ alternatively, by a manual script.
+ </para>
+ <sect3>
+ <title>Manually with a script</title>
+ <para>
+ The following is a script to apply a profile to a group of users :
+ </para>
+ <screen>
+#!/bin/bash
+#
+#Script : apply a profile to a group of users
+#Argument 1 : name of the profile
+#Argument 2 : name of the group
+#
+chemin_profil="/etc/desktop-profiles/$1".zip
+if [ $# -eq 2 ]
+then
+ if [ -a $chemin_profil ]
+ then
+ getent group | cut -d ":" -f 1 | grep $2 > /dev/null
+ result=$?
+ if [ $result -eq 0 ]
+ then
+ if [ -x /usr/sbin/sabayon-apply ]
+ then
+ groupe=`getent group | cut -d ":" -f 1,3 | grep $2 | cut -d ":" -f 2`
+ getent passwd | while read ligne
+ do
+ gid=$(echo $ligne | cut -d ":" -f 4)
+ name=$(echo $ligne | cut -d ":" -f 1)
+ if [ $gid -eq $groupe ]
+ then
+ home=$(getent passwd | cut -d ":" -f 1,6 | grep $name | cut -d ":" -f 2)
+ touch $home/.gconf.path
+ touch $home/.gconf.path.defaults
+ touch $home/.gconf.path.mandatory
+ echo "include $home/.gconf.path.defaults" > $home/.gconf.path
+ echo "include $home/.gconf.path.mandatory" >> $home/.gconf.path
+ echo xml:readonly:$home/.gconf.xml.defaults > $home/.gconf.path.defaults
+ echo xml:readonly:$home/.gconf.xml.mandatory > $home/.gconf.path.mandatory
+ if [ -a $home/.gconf.xml.defaults ]
+ then
+ rm -r $home/.gconf.xml.defaults
+ fi
+ if [ -a $home/.gconf.xml.mandatory ]
+ then
+ rm -r $home/.gconf.xml.mandatory
+ fi
+ su $name -c "/usr/sbin/sabayon-apply $chemin_profil"
+ chown -R root $home/.gconf.path
+ chgrp -R root $home/.gconf.path
+ chmod 755 $home/.gconf.path
+ chown -R root $home/.gconf.path.defaults
+ chgrp -R root $home/.gconf.path.defaults
+ chmod 755 $home/.gconf.path.defaults
+ chown -R root $home/.gconf.path.mandatory
+ chgrp -R root $home/.gconf.path.mandatory
+ chmod 755 $home/.gconf.path.mandatory
+ chown -R root $home/.gconf.xml.defaults
+ chgrp -R root $home/.gconf.xml.defaults
+ chmod 755 $home/.gconf.xml.defaults
+ chown -R root $home/.gconf.xml.mandatory
+ chgrp -R root $home/.gconf.xml.mandatory
+ chmod 755 $home/.gconf.xml.mandatory
+ echo "The profile $1 has been applied to $name."
+ fi
+ done
+ echo "The profile $1 has been applied to the group $2."
+ fi
+ else
+ echo "The group does not exist."
+ fi
+ else
+ echo "The profile does not exist."
+ fi
+else
+ echo ""
+ echo "Usage: $0 [name of the profile] [name of the group]"
+ echo ""
+fi
+
+
+Usage :
+# sudo ./sabayon.sh my_profil eleves
+ - The name of the script is sabayon.sh.
+ - 1st argument : my_profil which is the name of the profile.
+ - 2nd argument : eleves which is the name of the group.
+ </screen>
+ </sect3>
+ <sect3>
+ <title>Via the gui</title>
+ <para>
+ Simply use the simply sabayon-apply script above, but
+ within the gui tool, select the 'Group' button, and check
+ off which groups you wish to apply the profile to.
+ </para>
+ <figure>
+ <title>Apply profile by group</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="figures/apply-by-group.png"
+ format="PNG"/>
+ </imageobject>
+ <textobject>
+ <phrase>Apply profile by group</phrase>
+ </textobject>
+ <caption>
+ <para>
+ Apply a profile to users who are members of
+ a group.
+ </para>
+ </caption>
+ </mediaobject>
+ </figure>
+ </sect3>
+ </sect2>
+ </sect1>
+ <sect1 id='technical'>
+ <title>&appname; Internals</title>
+ <para>
+ This section outlines some information about &appname; that
+ Administrators, or potential &appname; developers may find useful.
+ </para>
+ <sect2 id='user-database'>
+ <title>User database</title>
+ <para>
+ This page details the format of the user configuration file,
+ where to store and access them.
+ </para>
+ <para>
+ This file is located under
+ <filename>/etc/desktop-profiles/users.xml</filename>
+ (see PROFILESDIR in the config.py file to change the
+ prefix), as the name makes clear it is an XML file and
+ usually look like:
+ </para>
+ <screen>
+<profiles>
+ <user name="titeuf" profile="developer"/>
+ <user name="fab" profile="developer"/>
+ <user name="bianca" profile="secretary"/>
+ ...
+ <default profile="default"/>
+</profiles>
+ </screen>
+ <para>
+ It contains a list of named users, and their associated profile.
+ The profile in that case are aliases, for example
+ <emphasis>developer</emphasis>
+ is a shortcut for <filename>developer.zip</filename> in the same directory.
+ </para>
+ <para>
+ The default profile will be applied for any login not listed
+ explicitely in the set of users.
+ </para>
+ </sect2>
+ <sect2 id='centralized-profiles'>
+ <title>Centralized user databases and profiles</title>
+ <para>
+ For large and automated deployement, maintaining copies of the user
+ database and profiles on all machines does not really make sense. To
+ avoid the problem, the profile values can be an URI - preferably using
+ HTTP - to reference a remote resource like:
+ </para>
+ <screen>
+...
+<user name="titeuf"
+ profile="http://server.corp.com/prof/developers.zip"/>
+<user name="fab"
+ profile="http://server.corp.com/prof/developers.zip"/>
+...
+ </screen>
+ <para>
+ The profiles should then be maintained on a separate machine and
+ copied over to the server when updated.
+ </para>
+ <para>
+ The user database can also be centralized, using the
+ <emphasis>XInclude</emphasis> mechanism for XML.
+ For example the following assume there is a developer list maintained
+ separately on the server, and defining the profiles for
+ them:
+ </para>
+ <screen>
+<profiles>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude";
+ href="http://server.corp.com/user/devel.xml#xpointer(//user)"/>
+ ...
+ <default profile="default"/>
+</profiles>
+ </screen>
+ <para>
+ This XInclude will just collect all user definitions in the developer
+ list at <emphasis>http://server.corp.com/user/devel.xml</emphasis>
+ and replace the include statement with that list, and process
+ the XML as usual. The only difference is that the profile
+ values are then assumed to be URI-References
+ and for example if the <emphasis>devel.xml</emphasis> contains
+ </para>
+ <screen>
+...
+ <user name="titeuf" profile="../prof/developers.zip"/>
+...
+ </screen>
+ <para>
+ then &appname; will fetch the profile relative to the location of
+ devel.xml, that is it will lookup the profiles relative to the base
+ of where the fragment was defined and use
+ <emphasis>http://server.corp.com/prof/developers.zip</emphasis>. Also note that
+ shortcut are not allowed there, the trailing
+ <emphasis>.zip</emphasis> is needed.
+ </para>
+ <para>
+ The last point about the centralized support is that &appname; will
+ use a cache located in the user home directory under
+ <filename>.sabayon/profile_cache</filename>
+ to keep a copy of the non-local files, this allows profile to function
+ normally in disconnected operations or in case of server failures.
+ </para>
+ </sect2>
+ <sect2 id='profile-format'>
+ <title>Format of profile storage</title>
+ <para>
+ The following is a description of the requirement and the choices
+ made when designing the user profile files. The existing format may
+ change in the future but unless some of the requirement were missing
+ it seems the existing choice is simple and flexible enough that no
+ big change should be needed in the future.
+ </para>
+ <sect3 id='format-requirements'>
+ <title>Format requiements</title>
+ <itemizedlist>
+ <listitem>
+ <para>
+ incremental update
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ container for sets of settings of different apps
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ associate apps with settings
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ independent update of one set of settings
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ ability to store full file
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ ability to save path with the content
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ provide metadata for the whole set and for each apps settings
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ possibility to merge and detect potential clashes on merges
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ possibility to extract or remove a simple set of data
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ allow to process with as standard tools as possible
+ </para>
+ </listitem>
+ </itemizedlist>
+ </sect3>
+ <sect3 id='design-choices'>
+ <title>Design Choices</title>
+ <para>
+ Use ZIP for the container format:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ platform ubiquity Linux/Windows/Mac...
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ free software tools and libraries
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ compressed
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ allows to access a single stream without exploding everything like a compressed tar or cpio requires
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ allow to store name/paths
+ </para>
+ </listitem>
+ </itemizedlist>
+ </sect3>
+ <sect3 id='metadata'>
+ <title>XML Metadata description</title>
+ <para>
+ Add an XML metadata section as the first entry:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ classic design (jar)
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ allow to store all metadata informations associated
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ easy to extend in a backward and forward compatible way
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ open source tools and local knowledge
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ a lot of configuration data already require XML handling so this doesn't add an extra dependancy
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ load/modify subpart/save operations are easy on an XML tree
+ </para>
+ </listitem>
+ </itemizedlist>
+ </sect3>
+ <sect3 id='internal-structure'>
+ <title>Internal structure</title>
+ <para>
+ The container is a Zip, its content can be viewed using the command
+ </para>
+ <screen>
+unzip -l /etc/desktop-profiles/test.zip
+ </screen>
+ <para>
+ The first entry is the metadata part, it is an XML file describing the
+ content of the archive. It can be viewed using the command
+ </para>
+ <screen>
+unzip -p /etc/desktop-profiles/test.zip metadata
+ </screen>
+ <para>
+ Currently, the metadata contains
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ general description for the whole set of settings e.g. "Configuration for developers in project foo":
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ administrative informations
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ last change timestamp
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ contact
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ changelog
+ </para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ per stream description
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ name of the stream in the archive
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ associated application
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ description for settings e.g. "Mozilla starts full screen"
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ administrative info
+ </para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ </itemizedlist>
+ <para>
+ Then in the ZIP, each update has its own stream, the format is left to
+ the corresponding user profile writer module. It can potentially be a
+ full raw file, or a more synthetic description recognized by the specific
+ profile module.
+ </para>
+ <para>
+ Note that an application can have one
+ stream per different configuration file for example
+ .openoffice1.1/user/registry/data/org/openoffice/Inet.xcu and
+ .openoffice1.1/user/registry/data/org/openoffice/Office/Common.xcu
+ would be 2 different streams maintained by the OpenOffice reader
+ writer module. An application may have both raw configuration files
+ and digested name/values pairs, but in different files.
+ </para>
+ </sect3>
+ </sect2>
+ <sect2 id='ldap'>
+ <title>LDAP profile storage</title>
+ <para>
+ Sabayon supports using LDAP to get profiles in a very flexible way.
+ By defining server settings and queries in the
+ <filename>/etc/desktop-profiles/users.xml</filename> file it can do the mapping from user
+ to profile file using LDAP queries. An example setup can look like:
+ </para>
+ <screen>
+<profiles>
+ <ldap server="ldap.example.com">
+ <profilemap search_base="ou=People,dc=example,dc=com"
+ scope="one"
+ query_filter="(uid=%u)"
+ result_attribute="sabayonProfileURL"/>
+ </ldap>
+ <default profile="default"/>
+</profiles>
+ </screen>
+ <sect3 id='ldap-server-config'>
+ <title>LDAP server configuration</title>
+ <para>
+ The toplevel ldap tag sets up the server connection. Availible
+ attributes are:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ server (default: localhost): The address of the ldap server
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ port (default: 389): The port of the ldap server
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ version (default: 3): The ldap version to use
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ timeout (default: 10): Timeout to use for ldap operations, 0 to disable
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ bind_dn: dn to bind as, or leave out to run queries without binding
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ bind_pw: password used when binding
+ </para>
+ </listitem>
+ </itemizedlist>
+ </sect3>
+ <sect3 id='ldap-queries'>
+ <title>LDAP queries</title>
+ <para>
+ Inside the ldap tag you can define the two queries used by
+ &appname;. The
+ first is the profilemap query, which maps from the username to the profile
+ name to use for the user. The profile name is just a string, and it can be
+ either an absolute URI, a URI relative to the config file, or just a name.
+ If it is a name it will be looked up in the locationmap LDAP query (if specified)
+ and if that didn't match, it will be converted to a filename in /etc/desktop-profiles
+ by appending ".zip".
+ </para>
+ <para>
+ The locationmap query specifies the mapping from profile name to profile
+ URI. This can optinally be used instead of storing the profile URI directly
+ in the LDAP user object, to allow more flexibility in changing the URI.
+ </para>
+ <para>
+ Both queries support these attributes:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ search_base: The search base of the query
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ query_filter: the LDAP filter to use
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ result_attribute: The name of the attribute to look at in the query result
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ scope (default "sub"): The search scope. Can be sub, base or one.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ multiple_result (default "first"): How to handle multiple values in the
+ resulting attribute. Can be "first", use the first attribute or "random", pick
+ a random one (for e.g. load balancing).
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ Both search_base and query_filter are expanded. In profilemap %u expands to the username
+ and in locationmap %p expands to the profile name. In both maps %h expands to the full
+ hostname of the client, and %% expands to %.
+ </para>
+ </sect3>
+ <sect3 id='ldap-examples'>
+ <title>Examples</title>
+ <para>
+ There are many way to set up the &appname; LDAP integration. Here are some examples,
+ all using the &appname; LDAP schema that comes in the
+ &appname; package.
+ </para>
+ <sect4 id='store-by-user'>
+ <title>Store profile URL in the user</title>
+ <para>
+ This is the simplest setup. Add a sabayonProfileURLObject to your user objects
+ and set the sabayonProfileURL property for each user to a URI of the profile.
+ </para>
+ <screen>
+ ...
+ <ldap server="...">
+ <profilemap search_base="ou=People,dc=example,dc=com"
+ scope="one"
+ query_filter="(uid=%u)"
+ result_attribute="sabayonProfileURL"/>
+ </ldap>
+ ...
+ </screen>
+ </sect4>
+ <sect4 id='store-by-entity'>
+ <title>Store profile as a separate entity in ldap</title>
+ <para>
+ Store the name of the profile for each user (using a
+ sabayonProfileNameObject object), and store the actual URI in
+ a sabayonProfile object. This gives a lot of flexibility to change
+ the URI of the profile, without having to update each user.
+ </para>
+ <screen>
+ ...
+ <ldap server="...">
+ <profilemap search_base="ou=People,dc=example,dc=com"
+ scope="one"
+ query_filter="(uid=%u)"
+ result_attribute="sabayonProfileName"/>
+ <locationmap search_base="ou=Profiles,dc=example,dc=com"
+ scope="one"
+ query_filter="(cn=%p)"
+ result_attribute="sabayonProfileURL"/>
+ </ldap>
+ ...
+ </screen>
+ </sect4>
+ <sect4 id='pick-by-group'>
+ <title>Pick profile based on group membership</title>
+ <para>
+ This lets you pick a profile based on what group the user
+ is part of by adding the sabayonProfileURL attribute to the
+ group object.
+ </para>
+ <screen>
+ ...
+ <ldap server="...">
+ <profilemap search_base="ou=Group,dc=example,dc=com"
+ scope="one"
+ query_filter="(memberUid=%u)"
+ result_attribute="sabayonProfileURL"/>
+ </ldap>
+ ...
+ </screen>
+ </sect4>
+ <sect4 id='ldap-others'>
+ <title>Others</title>
+ <para>
+ There are countless other ways, for example you could combine the
+ group example and the separate profile object example. If you come up
+ with an interesting way, please tell us on the mailing list.
+ </para>
+ </sect4>
+ </sect3>
+ </sect2>
+ </sect1>
+</article>
diff --git a/help/Makefile.am b/help/Makefile.am
new file mode 100644
index 0000000..a52da4f
--- /dev/null
+++ b/help/Makefile.am
@@ -0,0 +1,17 @@
+include $(top_srcdir)/gnome-doc-utils.make
+dist-hook: doc-dist-hook
+
+DOC_MODULE = sabayon
+DOC_ENTITIES = legal.xml
+DOC_FIGURES = \
+ figures/add-profile.png \
+ figures/apply-by-group.png \
+ figures/apply-by-user.png\
+ figures/changes.png \
+ figures/edit-desktop.png \
+ figures/lockdown.png \
+ figures/main-window-edit.png \
+ figures/main-window.png \
+ figures/menu.png
+
+# DOC_LINGUAS =
diff --git a/help/sabayon.omf.in b/help/sabayon.omf.in
new file mode 100644
index 0000000..91c3fc4
--- /dev/null
+++ b/help/sabayon.omf.in
@@ -0,0 +1,9 @@
+<?xml version="1.0" standalone="no" ?>
+<omf>
+ <resource>
+ <subject category="GNOME|Other" />
+ <type>user guide</type>
+ <relation seriesid="451607ae-c9a2-4f1f-9eaa-2680d24733cf" />
+ <rights type="GNU FDL" license.version="1.1" holder="Scott Balneaves" />
+ </resource>
+</omf>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
