ubuntu kiosk with phidgethub using touch screen
section_18() {
##############################################
# SECTION 18: USB AUTO-UPDATE SERVICE + EVENTUAL REBOOT
##############################################
echo "=== SECTION 18: USB AUTO-UPDATE SERVICE + Eventual Reboot ==="
apt install -y inotify-tools zenity udevil udisks2
SERVICE_NAME="usb-app-updater"
SERVICE_PATH="/etc/systemd/system/${SERVICE_NAME}.service"
SCRIPT_PATH="/usr/local/bin/${SERVICE_NAME}.sh"
cat >"$SCRIPT_PATH" <<'EOF'
#!/bin/bash
set -euo pipefail
MOUNT_POINT="/mnt/RECHARJME"
TARGET_DIR="/home/kiosk/Desktop/APP"
LOG_FILE="/var/log/usb-updater.log"
# Ensure log file exists and is writable
touch "$LOG_FILE" 2>/dev/null || LOG_FILE="/tmp/usb-updater.log"
# Function to log messages
log_msg() {
echo "$(date): $1" >> "$LOG_FILE"
}
# Function to get all logged-in users
get_all_logged_users() {
local users=()
# Method 1: Get users from who command (currently logged in)
while read -r user; do
[[ -n "$user" ]] && users+=("$user")
done < <(who | awk '{print $1}' | sort -u)
# Method 2: Get users from loginctl (active sessions)
while read -r user; do
[[ -n "$user" ]] && [[ ! " ${users[*]} " =~ " $user " ]] && users+=("$user")
done < <(loginctl --no-pager list-sessions --no-legend | awk '{print $3}' | sort -u)
# Method 3: If no users found, check for kiosk user specifically
if [ ${#users[@]} -eq 0 ] && id kiosk &>/dev/null; then
users+=("kiosk")
fi
# Method 4: If still no users, get first non-system user as fallback
if [ ${#users[@]} -eq 0 ]; then
local fallback_user=$(awk -F: '$3>=1000 && $3<65534 {print $1}' /etc/passwd | head -1 2>/dev/null || echo "")
[[ -n "$fallback_user" ]] && users+=("$fallback_user")
fi
# Return users as space-separated string
printf "%s\n" "${users[@]}"
}
# Function to get primary user for file ownership (first logged-in user)
get_primary_user() {
local all_users=($(get_all_logged_users))
if [ ${#all_users[@]} -gt 0 ]; then
echo "${all_users[0]}"
return 0
fi
return 1
}
# Function to show notification to all logged-in users
broadcast_notification() {
local message="$1"
local users=($(get_all_logged_users))
local notification_sent=false
log_msg "Broadcasting notification to ${#users[@]} user(s): ${users[*]}"
for user in "${users[@]}"; do
local user_uid=$(id -u "$user" 2>/dev/null || echo "")
if [ -z "$user_uid" ]; then
log_msg "Could not get UID for user $user, skipping"
continue
fi
# Set up environment for GUI applications
export XDG_RUNTIME_DIR="/run/user/$user_uid"
export DISPLAY=:0
# Try different notification methods
if sudo -u "$user" DISPLAY=:0 zenity --info --text="$message" --timeout=5 2>/dev/null; then
log_msg "Zenity notification sent to user $user"
notification_sent=true
elif sudo -u "$user" DISPLAY=:0 notify-send "USB Update" "$message" 2>/dev/null; then
log_msg "notify-send notification sent to user $user"
notification_sent=true
else
log_msg "Could not show notification to user $user"
fi
done
if [ "$notification_sent" = false ]; then
log_msg "Failed to send notification to any user"
fi
}
log_msg "USB Auto-Update Service started"
# Lock file to prevent concurrent updates
LOCK_FILE="/var/lock/usb-updater.lock"
while true; do
# FIRST: Check if there's a lock file - handle cleanup logic before doing any USB detection
if [ -f "$LOCK_FILE" ]; then
log_msg "Lock file exists, checking if USB key is still present"
# Quick check: is USB still present? (minimal detection for cleanup purposes)
USB_PRESENT=false
# Method 1: Check if already auto-mounted
if find /media /mnt /run/media -name "*RECHARJME*" -type d 2>/dev/null | head -1 | grep -q RECHARJME; then
USB_PRESENT=true
fi
# Method 2: Check device list if not auto-mounted
if [ "$USB_PRESENT" = false ] && lsblk -o LABEL -nr 2>/dev/null | grep -q "RECHARJME"; then
USB_PRESENT=true
fi
if [ "$USB_PRESENT" = false ]; then
log_msg "USB key removed, removing lock file"
rm -f "$LOCK_FILE"
else
log_msg "USB key still present with active lock, doing nothing"
fi
sleep 5
continue
fi
# SECOND: No lock file exists, do full USB detection for processing
DEV=""
MOUNT_PATH=""
# Method 1: Check if already auto-mounted by system
AUTO_MOUNT=$(find /media /mnt /run/media -name "*RECHARJME*" -type d 2>/dev/null | head -1)
if [ -n "$AUTO_MOUNT" ] && [ -d "$AUTO_MOUNT" ]; then
DEV="auto-mounted"
MOUNT_PATH="$AUTO_MOUNT"
log_msg "Found auto-mounted USB at: $MOUNT_PATH"
else
# Method 2: Find device by label and try to mount manually
DEV=$(lsblk -o LABEL,PATH -nr 2>/dev/null | awk '$1=="RECHARJME"{print $2; exit}')
if [ -n "$DEV" ]; then
MOUNT_PATH="$MOUNT_POINT"
log_msg "Found USB device: $DEV (not auto-mounted)"
fi
fi
# Process USB if found
if [ -n "$DEV" ] && [ "$DEV" != "auto-mounted" ]; then
log_msg "Found USB device: $DEV - starting update process"
elif [ -n "$AUTO_MOUNT" ]; then
log_msg "Found auto-mounted USB device at: $MOUNT_PATH - starting update process"
DEV="auto-mounted"
fi
if [ -n "$DEV" ]; then
# Create lock file
echo $$ > "$LOCK_FILE"
# Get all logged-in users and primary user for file ownership
ALL_USERS=($(get_all_logged_users))
PRIMARY_USER=$(get_primary_user)
if [ ${#ALL_USERS[@]} -eq 0 ] || [ -z "$PRIMARY_USER" ]; then
log_msg "Could not determine any logged-in users, skipping USB processing"
rm -f "$LOCK_FILE" # Remove lock if we can't process
sleep 5
continue
fi
log_msg "Logged-in users detected: ${ALL_USERS[*]}"
log_msg "Primary user (for file ownership): $PRIMARY_USER"
# Handle mounting if not already auto-mounted
MOUNTED=false
if [ "$DEV" != "auto-mounted" ]; then
# Create mount point if it doesn't exist
mkdir -p "$MOUNT_POINT" 2>/dev/null || {
log_msg "ERROR: Could not create mount point $MOUNT_POINT"
rm -f "$LOCK_FILE"
sleep 5
continue
}
# Try multiple mount methods
if mount "$DEV" "$MOUNT_POINT" 2>/dev/null; then
MOUNTED=true
log_msg "Successfully mounted $DEV to $MOUNT_POINT"
elif udisksctl mount -b "$DEV" 2>/dev/null; then
# udisksctl auto-mounts, find where it mounted
sleep 2
NEW_MOUNT=$(find /media /mnt /run/media -name "*RECHARJME*" -type d 2>/dev/null | head -1)
if [ -n "$NEW_MOUNT" ]; then
MOUNT_PATH="$NEW_MOUNT"
MOUNTED=true
log_msg "Successfully auto-mounted $DEV to $MOUNT_PATH via udisksctl"
fi
else
log_msg "ERROR: Failed to mount $DEV using both mount and udisksctl"
fi
else
MOUNTED=true # Already auto-mounted
fi
if [ "$MOUNTED" = true ] && [ -d "$MOUNT_PATH" ]; then
# Check if APP directory exists
if [ -d "$MOUNT_PATH/APP" ]; then
log_msg "Found APP directory at $MOUNT_PATH/APP, starting update process"
# Show update notification to all users
broadcast_notification "Updating APP..."
# Create backup directory if it doesn't exist
if ! mkdir -p "/home/$PRIMARY_USER/Desktop/BACKUPS" 2>/dev/null; then
log_msg "WARNING: Could not create backup directory, proceeding without backup"
fi
# Backup existing APP if it exists
if [ -d "$TARGET_DIR" ]; then
BACKUP_NAME="APP.backup.$(date +%s)"
if mv "$TARGET_DIR" "/home/$PRIMARY_USER/Desktop/BACKUPS/$BACKUP_NAME" 2>/dev/null; then
log_msg "Backed up existing APP to BACKUPS/$BACKUP_NAME"
else
log_msg "WARNING: Could not backup existing APP, removing it"
rm -rf "$TARGET_DIR" 2>/dev/null || true
fi
fi
# Copy new APP with detailed error handling
mkdir -p "$(dirname "$TARGET_DIR")" 2>/dev/null || {
log_msg "ERROR: Could not create parent directory for $TARGET_DIR"
if [ "$DEV" != "auto-mounted" ]; then
umount "$MOUNT_PATH" 2>/dev/null || udisksctl unmount -b "$DEV" 2>/dev/null || true
fi
rm -f "$LOCK_FILE"
continue
}
if cp -r "$MOUNT_PATH/APP" "$TARGET_DIR" 2>/dev/null; then
log_msg "Successfully copied APP to $TARGET_DIR"
# Set proper ownership to the primary user
chown -R "$PRIMARY_USER:$PRIMARY_USER" "$TARGET_DIR" 2>/dev/null || true
# Show completion notification and auto-reboot
broadcast_notification "Update complete. System will restart in 10 seconds..."
log_msg "Update completed successfully, rebooting system in 10 seconds"
sleep 10
# Unmount if we mounted it manually
if [ "$DEV" != "auto-mounted" ]; then
umount "$MOUNT_PATH" 2>/dev/null || udisksctl unmount -b "$DEV" 2>/dev/null || true
fi
# Keep lock file - it will be removed when USB is unplugged after reboot
reboot
else
log_msg "ERROR: Failed to copy APP directory from $MOUNT_PATH/APP to $TARGET_DIR"
# Show error notification
broadcast_notification "Update failed - could not copy files"
if [ "$DEV" != "auto-mounted" ]; then
umount "$MOUNT_PATH" 2>/dev/null || udisksctl unmount -b "$DEV" 2>/dev/null || true
fi
rm -f "$LOCK_FILE" # Remove lock on failure
fi
else
log_msg "No APP directory found on USB device at $MOUNT_PATH"
if [ "$DEV" != "auto-mounted" ]; then
umount "$MOUNT_PATH" 2>/dev/null || udisksctl unmount -b "$DEV" 2>/dev/null || true
fi
rm -f "$LOCK_FILE" # Remove lock if no APP directory
fi
else
log_msg "ERROR: Could not mount or access USB device"
rm -f "$LOCK_FILE" # Remove lock on mount failure
fi
fi
sleep 5
done
EOF
chmod +x "$SCRIPT_PATH"
# Verify the script was created successfully
if [ ! -f "$SCRIPT_PATH" ] || [ ! -x "$SCRIPT_PATH" ]; then
echo "ERROR: Failed to create or make executable: $SCRIPT_PATH"
exit 1
fi
echo "USB updater script created at: $SCRIPT_PATH"
cat >"$SERVICE_PATH" <<EOF
[Unit]
Description=USB Auto-Update Service for APP
After=multi-user.target
Wants=systemd-udevd.service
After=systemd-udevd.service
[Service]
Type=simple
ExecStart=$SCRIPT_PATH
Restart=always
RestartSec=5
User=root
Group=root
StandardOutput=journal
StandardError=journal
Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
[Install]
WantedBy=multi-user.target
EOF
# Verify the service file was created successfully
if [ ! -f "$SERVICE_PATH" ]; then
echo "ERROR: Failed to create systemd service file: $SERVICE_PATH"
exit 1
fi
echo "Systemd service file created at: $SERVICE_PATH"
systemctl daemon-reload
systemctl enable "$SERVICE_NAME"
systemctl restart "$SERVICE_NAME" || true
# Check service status
if systemctl is-active --quiet "$SERVICE_NAME"; then
echo "USB Auto-Update Service started successfully"
log_msg "USB Auto-Update Service started successfully"
else
echo "WARNING: USB Auto-Update Service may have failed to start"
echo "Check logs with: journalctl -u $SERVICE_NAME"
fi
echo "=== USB Auto-Update Service Installation Complete ==="
}
#!/bin/bash
set -eu
# Enable pipefail if supported
if set -o | grep -q pipefail; then
set -o pipefail
fi
# IMMEDIATE: Disable screen blanking and dimming for current session
# This ensures the screen stays active during script execution
echo "=== DISABLING SCREEN BLANKING FOR CURRENT SESSION ==="
# Get current user (works even when running with sudo)
CURRENT_USER=$(logname 2>/dev/null || echo "$SUDO_USER" || echo "$USER" || who am i | awk '{print $1}')
echo "Current user detected: $CURRENT_USER"
# Immediate X11 screen blanking disable (if running X11 session)
if command -v xset >/dev/null 2>&1 && [ -n "${DISPLAY:-}" ]; then
echo "Disabling X11 screen saver and DPMS for current session..."
xset s off 2>/dev/null || true
xset -dpms 2>/dev/null || true
xset s noblank 2>/dev/null || true
echo "X11 screen blanking disabled"
fi
# Immediate GNOME settings disable for current user session
if [ -n "$CURRENT_USER" ] && [ "$CURRENT_USER" != "root" ]; then
echo "Applying immediate GNOME power settings for user: $CURRENT_USER"
# Try to disable GNOME power management for current session
sudo -u "$CURRENT_USER" DISPLAY="${DISPLAY:-:0}" dbus-launch gsettings set org.gnome.desktop.session idle-delay 0 2>/dev/null || true
sudo -u "$CURRENT_USER" DISPLAY="${DISPLAY:-:0}" dbus-launch gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type 'nothing' 2>/dev/null || true
sudo -u "$CURRENT_USER" DISPLAY="${DISPLAY:-:0}" dbus-launch gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-type 'nothing' 2>/dev/null || true
sudo -u "$CURRENT_USER" DISPLAY="${DISPLAY:-:0}" dbus-launch gsettings set org.gnome.desktop.notifications show-banners false 2>/dev/null || true
echo "GNOME power settings applied for current session"
else
echo "Skipping GNOME settings (running as root or user not detected)"
fi
# Also try for root session if applicable
if [ "$USER" = "root" ] || [ "$(id -u)" -eq 0 ]; then
echo "Applying GNOME power settings for root session..."
DISPLAY="${DISPLAY:-:0}" dbus-launch gsettings set org.gnome.desktop.session idle-delay 0 2>/dev/null || true
DISPLAY="${DISPLAY:-:0}" dbus-launch gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type 'nothing' 2>/dev/null || true
DISPLAY="${DISPLAY:-:0}" dbus-launch gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-type 'nothing' 2>/dev/null || true
fi
echo "=== SCREEN BLANKING DISABLED - SCRIPT CAN NOW RUN UNATTENDED ==="
echo ""
# Function definitions for each section
section_1() {
##############################################
# SECTION 1: SYSTEM-WIDE POWER MANAGEMENT AND SCREEN BLANKING CONFIGURATION
##############################################
echo "=== SECTION 1: POWER MANAGEMENT AND HARD DISABLE SUSPEND/IDLE/BLANK (SYSTEM-WIDE) ==="
# Apply user-specific settings for current user
current_user=$(logname 2>/dev/null || echo "$SUDO_USER" || echo "$USER")
sudo -u "$current_user" dbus-run-session gsettings set org.gnome.desktop.session idle-delay 0 || true
sudo -u "$current_user" dbus-run-session gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type 'nothing' || true
sudo -u "$current_user" dbus-run-session gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-type 'nothing' || true
# 0.1 Block all systemd sleep targets (system-wide)
systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target || true # hard block
# 0.2 systemd-logind: ignore idle/lid/suspend/hibernate
install -d -m 0755 /etc/systemd/logind.conf.d
cat >/etc/systemd/logind.conf.d/99-kiosk-nosleep.conf <<'EOF'
[Login]
HandleLidSwitch=ignore
HandleLidSwitchDocked=ignore
HandleSuspendKey=ignore
HandleHibernateKey=ignore
IdleAction=ignore
IdleActionSec=0
EOF
systemctl daemon-reload || true
# Note: systemd-logind changes will take effect after next reboot/logout
# This daemon-reload does NOT interrupt current user sessions
# 0.3 Prevent tty console blanking (kernel)
if ! grep -q 'consoleblank=0' /etc/default/grub 2>/dev/null; then
sed -i 's/^\(GRUB_CMDLINE_LINUX_DEFAULT="[^"]*\)"/\1 consoleblank=0"/' /etc/default/grub || true # append
update-grub || true
fi
# 0.4 Disable X11 DPMS/screensaver globally (affects SDDM/X sessions)
install -d -m 0755 /etc/X11/xorg.conf.d
cat >/etc/X11/xorg.conf.d/10-nodpms.conf <<'EOF'
Section "ServerFlags"
Option "BlankTime" "0"
Option "StandbyTime" "0"
Option "SuspendTime" "0"
Option "OffTime" "0"
EndSection
Section "Extensions"
Option "DPMS" "Disable"
EndSection
EOF
# 0.5 SDDM greeter: kill DPMS even before login (X11 greeter path)
install -d -m 0755 /etc/sddm
cat >/etc/sddm/Xsetup <<'EOF'
#!/bin/sh
# Disable screen blanking/DPMS in the greeter
xset s off || true
xset -dpms || true
xset s noblank || true
EOF
chmod +x /etc/sddm/Xsetup
# 0.6 GNOME: system dconf defaults + locks (ensures org.gnome stays off)
install -d -m 0755 /etc/dconf/db/local.d /etc/dconf/db/local.d/locks
cat >/etc/dconf/db/local.d/00-kiosk-nosleep <<'EOF'
[org/gnome/desktop/session]
idle-delay=uint32 0
[org/gnome/settings-daemon/plugins/power]
sleep-inactive-ac-type='nothing'
sleep-inactive-battery-type='nothing'
sleep-inactive-ac-timeout=0
sleep-inactive-battery-timeout=0
[org/gnome/desktop/notifications]
show-banners=false
show-in-lock-screen=false
EOF
cat >/etc/dconf/db/local.d/locks/00-kiosk-nosleep <<'EOF'
/org/gnome/desktop/session/idle-delay
/org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-type
/org/gnome/settings-daemon/plugins/power/sleep-inactive-battery-type
/org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-timeout
/org/gnome/settings-daemon/plugins/power/sleep-inactive-battery-timeout
/org/gnome/desktop/notifications/show-banners
/org/gnome/desktop/notifications/show-in-lock-screen
EOF
dconf update || true # compile system database
# 0.7 KDE/Plasma: default profile (system-wide seed via /etc/xdg)
install -d -m 0755 /etc/xdg
cat >/etc/xdg/powermanagementprofilesrc <<'EOF'
[AC]
iconBrightness=100
idleDim=false
idleTime=0
suspendWhenInactive=false
[Battery]
idleDim=false
idleTime=0
suspendWhenInactive=false
[LowBattery]
idleDim=false
idleTime=0
suspendWhenInactive=false
EOF
# 0.8 Wayland/Plasma session kicker: ensure DPMS off for running sessions
install -d -m 0755 /etc/profile.d
cat >/etc/profile.d/99-nodpms.sh <<'EOF'
#!/bin/sh
# Best-effort: kill screen blanking for X11 clients if any; harmless on Wayland
if command -v xset >/dev/null 2>&1; then
(xset s off -dpms s noblank >/dev/null 2>&1 || true)
fi
EOF
chmod +x /etc/profile.d/99-nodpms.sh
echo "=== SECTION 1 COMPLETE ==="
}
# --- MODIFY: run_all_sections() to include section_0 ---
# Before: for i in $(seq 1 $MAX_SECTIONS); do
# After:
# (change start index to 0 so section_0 runs first)
section_2() {
##############################################
# SECTION 2: INITIAL SYSTEM SETUP
##############################################
echo "=== SECTION 2: INITIAL SYSTEM SETUP ==="
apt-get update -yq
apt-get upgrade -yq
apt-get update -yq
#wait for user input
#read -p "Press [Enter] key to continue... try gdm3, ssdm has issues with my app"
}
section_3() {
#######################################################
# SECTION 3: DESKTOP ENVIRONMENT INSTALLATION
#######################################################
echo "=== SECTION 3: DESKTOP ENVIRONMENT INSTALLATION ==="
# Pre-configure display manager selection to avoid interactive prompts
echo "gdm3 shared/default-x-display-manager select gdm3" | debconf-set-selections
# Install packages non-interactively
DEBIAN_FRONTEND=noninteractive apt install -yq kde-plasma-desktop chromium-browser xdotool unclutter sed curl libinput-tools net-tools ssh
systemctl enable ssh
echo "KDE Plasma desktop installed successfully"
}
section_4() {
##############################################
# SECTION 4: PHIDGET SETUP AND DEPENDENCIES
##############################################
echo "=== SECTION 4: PHIDGET SETUP AND DEPENDENCIES ==="
apt install -y chromium-browser sed xdotool unclutter
curl -fsSL https://www.phidgets.com/downloads/setup_linux | bash -
apt install -y libphidget22 phidget22networkserver
apt install -y libphidget22* phidget22*
apt install -y python3 npm nodejs
ifconfig
}
section_5() {
##############################################
# SECTION 5: TOUCHSCREEN CONFIGURATION
##############################################
echo "=== SECTION 5: TOUCHSCREEN CONFIGURATION ==="
#setup touchscreen
echo -e "usbtouchscreen\nusbhid" | tee /etc/modules-load.d/touchscreen.conf
modprobe usbtouchscreen
modprobe usbhid
lsmod | grep usb
lsmod | grep hid
lsmod | grep usb
lsmod | grep hid
dmesg | grep -i touch
}
section_6() {
##############################################
# SECTION 6: PHIDGET NETWORK SERVER SETUP
##############################################
echo "=== SECTION 6: PHIDGET NETWORK SERVER SETUP ==="
#setup phidget22networkserver
DEFAULT_PHIDGET_PORT_VAR=""
DEFAULT_WEB_PORT_VAR=""
SERVICE_NAME="phidget22networkserver"
INIT_PATH="/etc/init.d/$SERVICE_NAME"
#v1 (works???)
if [[ "$(id -u)" -ne 0 ]]; then
echo "Run this as root."
exit 1
fi
cat > "$INIT_PATH" <<'EOF'
#!/bin/sh
### BEGIN INIT INFO
# Provides: phidget22networkserver
# Required-Start: $network $remote_fs
# Required-Stop: $network $remote_fs
# Should-Start: avahi avahi-daemon
# Should-Stop: avahi avahi-daemon
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Phidget Network Server
# Description: Phidget network server for accessing Phidgets over the network.
### END INIT INFO
sudo phidget22networkserver -c /etc/phidgets/phidget22networkserver.pc -D
EOF
#add ipv6 to phidget config??? { port: 8080 }
chmod +x "$INIT_PATH"
sudo sed -i "s#docroot: '/var/phidgets/www'#docroot: '/home/recharjme/Desktop/APP'#" /etc/phidgets/phidget22networkserver.pc
update-rc.d "$SERVICE_NAME" defaults
service "$SERVICE_NAME" start
systemctl daemon-reload
systemctl enable "$SERVICE_NAME"
systemctl restart "$SERVICE_NAME"
echo "Phidget network server configured and started successfully"
# Service status check - non-blocking
systemctl is-active "$SERVICE_NAME" >/dev/null && echo "Service is running" || echo "Service failed to start"
#wait for user input
#read -p "Press [Enter] key to continue... this is usuially where shit breaks"
}
section_7() {
##############################################
# SECTION 7: KIOSK USER SETUP
##############################################
echo "=== SECTION 7: KIOSK USER SETUP ==="
# 1) Ensure kiosk exists
if ! id kiosk &>/dev/null; then adduser --disabled-password --gecos "" kiosk; fi
passwd -d kiosk || true
usermod -aG sudo kiosk
install -d -m 0755 /home/kiosk/.config/autostart
chown -R kiosk:kiosk /home/kiosk
#read -p "Press [Enter] key to continue... touch works now, configuring GDM for Plasma Wayland"
# Force Wayland in GDM for admin acct
sed -i 's/^#\?WaylandEnable=.*/WaylandEnable=true/' /etc/gdm3/custom.conf
grep WaylandEnable /etc/gdm3/custom.conf || true
#read -p "Press [Enter] key to continue... setting autologin for GDM3 (Plasma Wayland)"
sudo -u kiosk kwriteconfig6 --file startkderc --group General --key desktopSession empty
sudo -u kiosk kwriteconfig6 --file ksmserverrc --group General --key loginMode emptySession
# KDE/Plasma power management settings for kiosk user
# Comprehensive power and session management configuration to ensure kiosk stability
# Disable screen blanking and power management
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group AC --key DimDisplay false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group AC --key idleDim false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group AC --key idleTime 0
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group AC --key suspendWhenInactive false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group AC --key DPMSEnable false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group AC --key TurnOffDisplay 0
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group Battery --key DimDisplay false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group Battery --key idleDim false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group Battery --key idleTime 0
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group Battery --key suspendWhenInactive false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group Battery --key DPMSEnable false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group Battery --key TurnOffDisplay 0
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group LowBattery --key DimDisplay false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group LowBattery --key idleDim false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group LowBattery --key idleTime 0
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group LowBattery --key suspendWhenInactive false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group LowBattery --key DPMSEnable false
sudo -u kiosk kwriteconfig6 --file powermanagementprofilesrc --group LowBattery --key TurnOffDisplay 0
# Disable session management features that might interfere with kiosk
sudo -u kiosk kwriteconfig6 --file ksmserverrc --group General --key confirmLogout false
sudo -u kiosk kwriteconfig6 --file ksmserverrc --group General --key shutdownType 0
sudo -u kiosk kwriteconfig6 --file ksmserverrc --group General --key loginMode emptySession
# Disable KDE screen locker
sudo -u kiosk kwriteconfig6 --file kscreenlockerrc --group Daemon --key Autolock false
sudo -u kiosk kwriteconfig6 --file kscreenlockerrc --group Daemon --key LockOnResume false
sudo -u kiosk kwriteconfig6 --file kscreenlockerrc --group Daemon --key Timeout 0
# Disable KWin compositor effects that might interfere
sudo -u kiosk kwriteconfig6 --file kwinrc --group Compositing --key Enabled true
sudo -u kiosk kwriteconfig6 --file kwinrc --group Compositing --key GLCore true
# Disable desktop effects that might cause issues
sudo -u kiosk kwriteconfig6 --file kwinrc --group Plugins --key blurEnabled false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Plugins --key contrastEnabled false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Plugins --key slideEnabled false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Plugins --key fadeEnabled false
}
section_8() {
##############################################
# SECTION 8: GDM3 AUTOLOGIN CONFIGURATION
##############################################
echo "=== SECTION 8: GDM3 AUTOLOGIN CONFIGURATION ==="
# GDM3 Autologin to Plasma Wayland
if [ -f /etc/gdm3/custom.conf ]; then
awk '
BEGIN{inDaemon=0; hasALE=0; hasAL=0; hasDS=0}
/^\[daemon\]/{inDaemon=1; print; next}
/^\[/{ if(inDaemon && !(hasALE&&hasAL&&hasDS)){print "AutomaticLoginEnable=true\nAutomaticLogin=kiosk\nDefaultSession=plasma"}; inDaemon=0; print; next}
{
if(inDaemon){
if($0 ~ /^AutomaticLoginEnable=/){$0="AutomaticLoginEnable=true"; hasALE=1}
if($0 ~ /^AutomaticLogin=/){$0="AutomaticLogin=kiosk"; hasAL=1}
if($0 ~ /^DefaultSession=/){$0="DefaultSession=plasma"; hasDS=1}
}
print
}
END{
if(inDaemon && !(hasALE&&hasAL&&hasDS)){
print "AutomaticLoginEnable=true"
print "AutomaticLogin=kiosk"
print "DefaultSession=plasma"
}
}
' /etc/gdm3/custom.conf > /tmp/custom.conf && mv /tmp/custom.conf /etc/gdm3/custom.conf
# Make sure AccountsService maps kiosk -> plasma
install -d -m 0755 /var/lib/AccountsService/users
cat >/var/lib/AccountsService/users/kiosk <<'EOF'
[User]
XSession=plasma
SystemAccount=false
EOF
chmod 0644 /var/lib/AccountsService/users/kiosk
#systemctl restart gdm3
fi
}
section_9() {
##############################################
# SECTION 9: SDDM CONFIGURATION (ALTERNATIVE)
##############################################
echo "=== SECTION 9: SDDM CONFIGURATION (ALTERNATIVE) ==="
# Make sure /etc/sddm.conf exists
[ -f /etc/sddm.conf ] || touch /etc/sddm.conf
# Ensure autologin block exists and points to kiosk + plasma
if grep -q '^\[Autologin\]' /etc/sddm.conf; then
sed -i '/^\[Autologin\]/,/^\[/{s/^User.*/User=kiosk/;s/^Session.*/Session=plasma/}' /etc/sddm.conf
else
tee -a /etc/sddm.conf >/dev/null <<'EOF'
[Autologin]
User=kiosk
Session=plasma
EOF
fi
# Switch DM to SDDM
echo "sddm shared/default-x-display-manager select sddm" | sudo debconf-set-selections
sudo dpkg-reconfigure -fnoninteractive sddm
systemctl disable gdm3 || true
systemctl enable sddm
systemctl set-default graphical.target
#systemctl restart sddm
# Show resulting configs
[ -f /etc/gdm3/custom.conf ] && cat /etc/gdm3/custom.conf || true
[ -f /etc/sddm.conf ] && cat /etc/sddm.conf || true
#read -p "Press [Enter] key to continue... creating Chromium autostart"
}
section_10() {
##############################################
# SECTION 10: CHROMIUM KIOSK AUTOSTART SETUP
##############################################
echo "=== SECTION 10: CHROMIUM KIOSK AUTOSTART SETUP ==="
# Create Chromium kiosk autostart for Plasma session
APP_URL="http://localhost:8080"
# Create a wrapper script for delayed Chromium startup
cat >/home/kiosk/.config/autostart/chromium-kiosk-wrapper.sh <<'EOF'
#!/bin/bash
# Wait for desktop environment to fully load
sleep 5
# Launch Chromium in kiosk mode
/usr/bin/chromium-browser --ozone-platform=wayland --enable-features=UseOzonePlatform,WaylandWindowDecorations --no-first-run --no-default-browser-check --disable-session-crashed-bubble --disable-infobars --start-maximized --noerrdialogs --incognito --kiosk "http://localhost:8080" &
# Wait for Chromium to fully load, then refresh
sleep 5
# Send F5 key to refresh the page
DISPLAY=:0 xdotool key F5
EOF
chmod +x /home/kiosk/.config/autostart/chromium-kiosk-wrapper.sh
cat >/home/kiosk/.config/autostart/chromium-kiosk.desktop <<EOF
[Desktop Entry]
Type=Application
Name=Chromium Kiosk
Exec=/home/kiosk/.config/autostart/chromium-kiosk-wrapper.sh
X-GNOME-Autostart-enabled=true
X-KDE-AutostartScript=true
EOF
chown kiosk:kiosk /home/kiosk/.config/autostart/chromium-kiosk-wrapper.sh
chown kiosk:kiosk /home/kiosk/.config/autostart/chromium-kiosk.desktop
chmod 0644 /home/kiosk/.config/autostart/chromium-kiosk.desktop
}
section_11() {
#read -p "Press [Enter] key to continue... verifying Wayland toggles and kiosk autostart path"
##############################################
# SECTION 11: WAYLAND AND KIOSK VERIFICATION
##############################################
echo "=== SECTION 11: WAYLAND AND KIOSK VERIFICATION ==="
# Ensure WaylandEnable=false is commented if present
if grep -q '^WaylandEnable=false' /etc/gdm3/custom.conf; then
sed -i 's/^WaylandEnable=false/#WaylandEnable=false/' /etc/gdm3/custom.conf
fi
# Make sure APP_URL uses http (Phidget web piece typically)
sed -i 's#https://localhost:8080#http://localhost:8080#g' /home/kiosk/.config/autostart/chromium-kiosk.desktop
chown kiosk:kiosk /home/kiosk/.config/autostart/chromium-kiosk.desktop
}
section_12() {
#read -p "Press [Enter] key to continue... disabling touch gestures (GNOME keys; ignored on Plasma)"
##############################################
# SECTION 12: TOUCH GESTURE CONFIGURATION
##############################################
echo "=== SECTION 12: TOUCH GESTURE CONFIGURATION ==="
# Get current user
current_user=$(logname 2>/dev/null || echo "$SUDO_USER" || echo "$USER")
# Remove Wayland touch shortcuts for current user (GNOME dconf; harmless if schema missing)
sudo -u "$current_user" dbus-run-session gsettings set org.gnome.desktop.peripherals.touchpad three-finger-swipe-enabled false || true
sudo -u "$current_user" dbus-run-session gsettings set org.gnome.desktop.peripherals.touchpad pinch-to-zoom false || true
# Also apply to kiosk user if exists
if id kiosk &>/dev/null; then
sudo -u kiosk dbus-run-session gsettings set org.gnome.desktop.peripherals.touchpad three-finger-swipe-enabled false || true
sudo -u kiosk dbus-run-session gsettings set org.gnome.desktop.peripherals.touchpad pinch-to-zoom false || true
fi
}
section_13() {
#read -p "Press [Enter] key to continue... applying KWin tweaks"
echo "=== SECTION 13: KWIN TWEAKS AND FINAL KDE SETUP ==="
# Apply KWin global shortcuts cleanup and additional KDE settings for kiosk user
sudo -u kiosk kwriteconfig6 --file kwinrc --group "Global Shortcuts" --key _k_friendly_name "" || true
# Additional KDE settings for kiosk stability
# Disable KDE desktop effects and animations
sudo -u kiosk kwriteconfig6 --file kwinrc --group Effect-Blur --key Enabled false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Effect-DesktopGrid --key Enabled false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Effect-PresentWindows --key Enabled false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Effect-Zoom --key Enabled false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Effect-MouseClick --key Enabled false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Effect-MouseMark --key Enabled false
# Disable workspace switching and desktop switching
sudo -u kiosk kwriteconfig6 --file kwinrc --group Desktops --key Number 1
sudo -u kiosk kwriteconfig6 --file kwinrc --group Windows --key RollOverDesktops false
# Disable window snapping and edge actions
sudo -u kiosk kwriteconfig6 --file kwinrc --group Windows --key ElectricBorderDelay 0
sudo -u kiosk kwriteconfig6 --file kwinrc --group Windows --key ElectricBorderCooldown 0
sudo -u kiosk kwriteconfig6 --file kwinrc --group Windows --key ElectricBorderMaximize false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Windows --key ElectricBorderTiling false
# Disable window management features
sudo -u kiosk kwriteconfig6 --file kwinrc --group Windows --key FocusPolicy "ClickToFocus"
sudo -u kiosk kwriteconfig6 --file kwinrc --group Windows --key AutoRaise false
sudo -u kiosk kwriteconfig6 --file kwinrc --group Windows --key DelayFocusInterval 0
# Disable KDE notifications for kiosk user
sudo -u kiosk kwriteconfig6 --file plasmanotifyrc --group Notifications --key PopupPosition "TopRight"
sudo -u kiosk kwriteconfig6 --file plasmanotifyrc --group Notifications --key LowPriorityHistory false
sudo -u kiosk kwriteconfig6 --file plasmanotifyrc --group Notifications --key ShowInHistory false
# Disable Plasma desktop containment actions and widgets
sudo -u kiosk kwriteconfig6 --file plasma-org.kde.plasma.desktop-appletsrc --group Containments --key locked true
# Create autostart script to reload KWin and apply settings
install -d -m 0755 /home/kiosk/.config/autostart-scripts
chown kiosk:kiosk /home/kiosk/.config/autostart-scripts
cat > /home/kiosk/.config/autostart-scripts/reload-kwin.sh <<'EOF'
#!/bin/sh
# Wait for KDE to fully start
sleep 3
# Reload KWin configuration
(qdbus6 org.kde.KWin /KWin reconfigure || qdbus6 org.kde.KWin.Wayland /KWin reconfigure) || true
# Disable DPMS again in case it was re-enabled
xset s off -dpms s noblank >/dev/null 2>&1 || true
EOF
chmod +x /home/kiosk/.config/autostart-scripts/reload-kwin.sh
chown kiosk:kiosk /home/kiosk/.config/autostart-scripts/reload-kwin.sh
echo "KWin tweaks and KDE settings applied for kiosk user"
}
section_14() {
#read -p "Press [Enter] key to continue... stopping screen blanking for kiosk user (best effort for GNOME; harmless on Plasma)"
##############################################
# SECTION 14: POWER MANAGEMENT AND SCREEN BLANKING for kiosk user
##############################################
echo "=== SECTION 14: POWER MANAGEMENT AND SCREEN BLANKING FOR KIOSK USER ==="
# GNOME settings (for GNOME sessions - no-op if schema absent)
sudo -u kiosk dbus-run-session gsettings set org.gnome.desktop.session idle-delay 0 || true
sudo -u kiosk dbus-run-session gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type 'nothing' || true
sudo -u kiosk dbus-run-session gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-type 'nothing' || true
# KDE/Plasma specific settings for kiosk user (additional reinforcement)
# Ensure power management is completely disabled
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group AC --key icon ""
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group AC --key "Display Brightness" 100
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group AC --key "Dim display when idle" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group AC --key "Screen Energy Saving" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group AC --key "Suspend session" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group AC --key "Lock screen when suspending" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group Battery --key icon ""
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group Battery --key "Display Brightness" 100
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group Battery --key "Dim display when idle" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group Battery --key "Screen Energy Saving" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group Battery --key "Suspend session" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group Battery --key "Lock screen when suspending" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group LowBattery --key icon ""
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group LowBattery --key "Display Brightness" 100
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group LowBattery --key "Dim display when idle" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group LowBattery --key "Screen Energy Saving" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group LowBattery --key "Suspend session" false
sudo -u kiosk kwriteconfig6 --file powerdevilrc --group LowBattery --key "Lock screen when suspending" false
# Additional KDE power settings
sudo -u kiosk kwriteconfig6 --file kdeglobals --group KDE --key SingleClick true
sudo -u kiosk kwriteconfig6 --file kdeglobals --group General --key BrowserApplication "chromium-browser.desktop"
# Create a KDE autostart script to ensure power settings stay disabled
cat > /home/kiosk/.config/autostart/kde-power-disable.desktop <<'EOF'
[Desktop Entry]
Type=Application
Name=KDE Power Disable
Exec=/bin/sh -c "kwriteconfig6 --file powermanagementprofilesrc --group AC --key idleTime 0; kwriteconfig6 --file powermanagementprofilesrc --group Battery --key idleTime 0; kwriteconfig6 --file powermanagementprofilesrc --group LowBattery --key idleTime 0"
X-GNOME-Autostart-enabled=true
X-KDE-AutostartScript=true
Hidden=false
EOF
chown kiosk:kiosk /home/kiosk/.config/autostart/kde-power-disable.desktop
chmod 0644 /home/kiosk/.config/autostart/kde-power-disable.desktop
echo "Power management settings applied for both GNOME and KDE for kiosk user"
}
section_15() {
##############################################
# SECTION 15: FINAL SYSTEM RESTART
##############################################
echo "=== SECTION 15: FINAL SYSTEM RESTART ==="
systemctl enable chromium-kiosk || true
systemctl disable gdm3 || true
systemctl enable sddm
systemctl set-default graphical.target
im-config -n none
sudo tee /etc/environment >/dev/null <<'EOF'
GTK_IM_MODULE=none
QT_IM_MODULE=none
XMODIFIERS=@im=none
EOF
}
section_16() {
echo "=== SECTION 16: remove notifs and enable auto updater ==="
# Placeholder for future sections
sudo snap remove snapd-desktop-integration
sudo snap remove snapd-desktop-integration-test
sudo -u kiosk im-config -n none || true
}
section_17() {
##############################################
# SECTION 17: DISABLE ERROR POPUPS (Apport, notifications)
##############################################
echo "=== SECTION 17: Disable error popups for kiosk user ==="
# Disable Apport (Ubuntu crash reporter)
sed -i 's/^enabled=1/enabled=0/' /etc/default/apport || true
systemctl disable apport.service || true
systemctl mask apport.service || true
systemctl stop apport.service || true
# Disable update-notifier crash reports
rm -f /var/crash/* || true
# For kiosk user: suppress all desktop notifications
sudo -u kiosk dbus-launch gsettings set org.gnome.desktop.notifications show-banners false || true
sudo -u kiosk dbus-launch gsettings set org.gnome.desktop.notifications show-in-lock-screen false || true
# Divert stderr of systemd services to logs only (no journal popups)
mkdir -p /etc/systemd/system.conf.d
cat >/etc/systemd/system.conf.d/no-notify.conf <<'EOF'
[Manager]
DefaultStandardError=journal
DefaultStandardOutput=journal
EOF
systemctl daemon-reexec || true
}
section_18() {
##############################################
# SECTION 18: USB AUTO-UPDATE SERVICE + EVENTUAL REBOOT
##############################################
echo "=== SECTION 18: USB AUTO-UPDATE SERVICE + Eventual Reboot ==="
apt install -y inotify-tools zenity udevil udisks2
SERVICE_NAME="usb-app-updater"
SERVICE_PATH="/etc/systemd/system/${SERVICE_NAME}.service"
SCRIPT_PATH="/usr/local/bin/${SERVICE_NAME}.sh"
cat >"$SCRIPT_PATH" <<'EOF'
#!/bin/bash
set -euo pipefail
MOUNT_POINT="/mnt/RECHARJME"
TARGET_DIR="/home/kiosk/Desktop/APP"
LOG_FILE="/var/log/usb-updater.log"
# Ensure log file exists and is writable
touch "$LOG_FILE" 2>/dev/null || LOG_FILE="/tmp/usb-updater.log"
# Function to log messages
log_msg() {
echo "$(date): $1" >> "$LOG_FILE"
}
# Function to get all logged-in users
get_all_logged_users() {
local users=()
# Method 1: Get users from who command (currently logged in)
while read -r user; do
[[ -n "$user" ]] && users+=("$user")
done < <(who | awk '{print $1}' | sort -u)
# Method 2: Get users from loginctl (active sessions)
while read -r user; do
[[ -n "$user" ]] && [[ ! " ${users[*]} " =~ " $user " ]] && users+=("$user")
done < <(loginctl --no-pager list-sessions --no-legend | awk '{print $3}' | sort -u)
# Method 3: If no users found, check for kiosk user specifically
if [ ${#users[@]} -eq 0 ] && id kiosk &>/dev/null; then
users+=("kiosk")
fi
# Method 4: If still no users, get first non-system user as fallback
if [ ${#users[@]} -eq 0 ]; then
local fallback_user=$(awk -F: '$3>=1000 && $3<65534 {print $1}' /etc/passwd | head -1 2>/dev/null || echo "")
[[ -n "$fallback_user" ]] && users+=("$fallback_user")
fi
# Return users as space-separated string
printf "%s\n" "${users[@]}"
}
# Function to get primary user for file ownership (first logged-in user)
get_primary_user() {
local all_users=($(get_all_logged_users))
if [ ${#all_users[@]} -gt 0 ]; then
echo "${all_users[0]}"
return 0
fi
return 1
}
# Function to show notification to all logged-in users
broadcast_notification() {
local message="$1"
local users=($(get_all_logged_users))
local notification_sent=false
log_msg "Broadcasting notification to ${#users[@]} user(s): ${users[*]}"
for user in "${users[@]}"; do
local user_uid=$(id -u "$user" 2>/dev/null || echo "")
if [ -z "$user_uid" ]; then
log_msg "Could not get UID for user $user, skipping"
continue
fi
# Set up environment for GUI applications
export XDG_RUNTIME_DIR="/run/user/$user_uid"
export DISPLAY=:0
# Try different notification methods
if sudo -u "$user" DISPLAY=:0 zenity --info --text="$message" --timeout=5 2>/dev/null; then
log_msg "Zenity notification sent to user $user"
notification_sent=true
elif sudo -u "$user" DISPLAY=:0 notify-send "USB Update" "$message" 2>/dev/null; then
log_msg "notify-send notification sent to user $user"
notification_sent=true
else
log_msg "Could not show notification to user $user"
fi
done
if [ "$notification_sent" = false ]; then
log_msg "Failed to send notification to any user"
fi
}
log_msg "USB Auto-Update Service started"
# Lock file to prevent concurrent updates
LOCK_FILE="/var/lock/usb-updater.lock"
while true; do
# FIRST: Check if there's a lock file - handle cleanup logic before doing any USB detection
if [ -f "$LOCK_FILE" ]; then
log_msg "Lock file exists, checking if USB key is still present"
# Quick check: is USB still present? (minimal detection for cleanup purposes)
USB_PRESENT=false
# Method 1: Check if already auto-mounted
if find /media /mnt /run/media -name "*RECHARJME*" -type d 2>/dev/null | head -1 | grep -q RECHARJME; then
USB_PRESENT=true
fi
# Method 2: Check device list if not auto-mounted
if [ "$USB_PRESENT" = false ] && lsblk -o LABEL -nr 2>/dev/null | grep -q "RECHARJME"; then
USB_PRESENT=true
fi
if [ "$USB_PRESENT" = false ]; then
log_msg "USB key removed, removing lock file"
rm -f "$LOCK_FILE"
else
log_msg "USB key still present with active lock, doing nothing"
fi
sleep 5
continue
fi
# SECOND: No lock file exists, do full USB detection for processing
DEV=""
MOUNT_PATH=""
# Method 1: Check if already auto-mounted by system
AUTO_MOUNT=$(find /media /mnt /run/media -name "*RECHARJME*" -type d 2>/dev/null | head -1)
if [ -n "$AUTO_MOUNT" ] && [ -d "$AUTO_MOUNT" ]; then
DEV="auto-mounted"
MOUNT_PATH="$AUTO_MOUNT"
log_msg "Found auto-mounted USB at: $MOUNT_PATH"
else
# Method 2: Find device by label and try to mount manually
DEV=$(lsblk -o LABEL,PATH -nr 2>/dev/null | awk '$1=="RECHARJME"{print $2; exit}')
if [ -n "$DEV" ]; then
MOUNT_PATH="$MOUNT_POINT"
log_msg "Found USB device: $DEV (not auto-mounted)"
fi
fi
# Process USB if found
if [ -n "$DEV" ] && [ "$DEV" != "auto-mounted" ]; then
log_msg "Found USB device: $DEV - starting update process"
elif [ -n "$AUTO_MOUNT" ]; then
log_msg "Found auto-mounted USB device at: $MOUNT_PATH - starting update process"
DEV="auto-mounted"
fi
if [ -n "$DEV" ]; then
# Create lock file
echo $$ > "$LOCK_FILE"
# Get all logged-in users and primary user for file ownership
ALL_USERS=($(get_all_logged_users))
PRIMARY_USER=$(get_primary_user)
if [ ${#ALL_USERS[@]} -eq 0 ] || [ -z "$PRIMARY_USER" ]; then
log_msg "Could not determine any logged-in users, skipping USB processing"
rm -f "$LOCK_FILE" # Remove lock if we can't process
sleep 5
continue
fi
log_msg "Logged-in users detected: ${ALL_USERS[*]}"
log_msg "Primary user (for file ownership): $PRIMARY_USER"
# Handle mounting if not already auto-mounted
MOUNTED=false
if [ "$DEV" != "auto-mounted" ]; then
# Create mount point if it doesn't exist
mkdir -p "$MOUNT_POINT" 2>/dev/null || {
log_msg "ERROR: Could not create mount point $MOUNT_POINT"
rm -f "$LOCK_FILE"
sleep 5
continue
}
# Try multiple mount methods
if mount "$DEV" "$MOUNT_POINT" 2>/dev/null; then
MOUNTED=true
log_msg "Successfully mounted $DEV to $MOUNT_POINT"
elif udisksctl mount -b "$DEV" 2>/dev/null; then
# udisksctl auto-mounts, find where it mounted
sleep 2
NEW_MOUNT=$(find /media /mnt /run/media -name "*RECHARJME*" -type d 2>/dev/null | head -1)
if [ -n "$NEW_MOUNT" ]; then
MOUNT_PATH="$NEW_MOUNT"
MOUNTED=true
log_msg "Successfully auto-mounted $DEV to $MOUNT_PATH via udisksctl"
fi
else
log_msg "ERROR: Failed to mount $DEV using both mount and udisksctl"
fi
else
MOUNTED=true # Already auto-mounted
fi
if [ "$MOUNTED" = true ] && [ -d "$MOUNT_PATH" ]; then
# Check if APP directory exists
if [ -d "$MOUNT_PATH/APP" ]; then
log_msg "Found APP directory at $MOUNT_PATH/APP, starting update process"
# Show update notification to all users
broadcast_notification "Updating APP..."
# Create backup directory if it doesn't exist
if ! mkdir -p "/home/$PRIMARY_USER/Desktop/BACKUPS" 2>/dev/null; then
log_msg "WARNING: Could not create backup directory, proceeding without backup"
fi
# Backup existing APP if it exists
if [ -d "$TARGET_DIR" ]; then
BACKUP_NAME="APP.backup.$(date +%s)"
if mv "$TARGET_DIR" "/home/$PRIMARY_USER/Desktop/BACKUPS/$BACKUP_NAME" 2>/dev/null; then
log_msg "Backed up existing APP to BACKUPS/$BACKUP_NAME"
else
log_msg "WARNING: Could not backup existing APP, removing it"
rm -rf "$TARGET_DIR" 2>/dev/null || true
fi
fi
# Copy new APP with detailed error handling
mkdir -p "$(dirname "$TARGET_DIR")" 2>/dev/null || {
log_msg "ERROR: Could not create parent directory for $TARGET_DIR"
if [ "$DEV" != "auto-mounted" ]; then
umount "$MOUNT_PATH" 2>/dev/null || udisksctl unmount -b "$DEV" 2>/dev/null || true
fi
rm -f "$LOCK_FILE"
continue
}
if cp -r "$MOUNT_PATH/APP" "$TARGET_DIR" 2>/dev/null; then
log_msg "Successfully copied APP to $TARGET_DIR"
# Set proper ownership to the primary user
chown -R "$PRIMARY_USER:$PRIMARY_USER" "$TARGET_DIR" 2>/dev/null || true
# Show completion notification and auto-reboot
broadcast_notification "Update complete. System will restart in 10 seconds..."
log_msg "Update completed successfully, rebooting system in 10 seconds"
sleep 10
# Unmount if we mounted it manually
if [ "$DEV" != "auto-mounted" ]; then
umount "$MOUNT_PATH" 2>/dev/null || udisksctl unmount -b "$DEV" 2>/dev/null || true
fi
# Keep lock file - it will be removed when USB is unplugged after reboot
reboot
else
log_msg "ERROR: Failed to copy APP directory from $MOUNT_PATH/APP to $TARGET_DIR"
# Show error notification
broadcast_notification "Update failed - could not copy files"
if [ "$DEV" != "auto-mounted" ]; then
umount "$MOUNT_PATH" 2>/dev/null || udisksctl unmount -b "$DEV" 2>/dev/null || true
fi
rm -f "$LOCK_FILE" # Remove lock on failure
fi
else
log_msg "No APP directory found on USB device at $MOUNT_PATH"
if [ "$DEV" != "auto-mounted" ]; then
umount "$MOUNT_PATH" 2>/dev/null || udisksctl unmount -b "$DEV" 2>/dev/null || true
fi
rm -f "$LOCK_FILE" # Remove lock if no APP directory
fi
else
log_msg "ERROR: Could not mount or access USB device"
rm -f "$LOCK_FILE" # Remove lock on mount failure
fi
fi
sleep 5
done
EOF
chmod +x "$SCRIPT_PATH"
# Verify the script was created successfully
if [ ! -f "$SCRIPT_PATH" ] || [ ! -x "$SCRIPT_PATH" ]; then
echo "ERROR: Failed to create or make executable: $SCRIPT_PATH"
exit 1
fi
echo "USB updater script created at: $SCRIPT_PATH"
cat >"$SERVICE_PATH" <<EOF
[Unit]
Description=USB Auto-Update Service for APP
After=multi-user.target
Wants=systemd-udevd.service
After=systemd-udevd.service
[Service]
Type=simple
ExecStart=$SCRIPT_PATH
Restart=always
RestartSec=5
User=root
Group=root
StandardOutput=journal
StandardError=journal
Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
[Install]
WantedBy=multi-user.target
EOF
# Verify the service file was created successfully
if [ ! -f "$SERVICE_PATH" ]; then
echo "ERROR: Failed to create systemd service file: $SERVICE_PATH"
exit 1
fi
echo "Systemd service file created at: $SERVICE_PATH"
systemctl daemon-reload
systemctl enable "$SERVICE_NAME"
systemctl restart "$SERVICE_NAME" || true
# Check service status
if systemctl is-active --quiet "$SERVICE_NAME"; then
echo "USB Auto-Update Service started successfully"
log_msg "USB Auto-Update Service started successfully"
else
echo "WARNING: USB Auto-Update Service may have failed to start"
echo "Check logs with: journalctl -u $SERVICE_NAME"
fi
echo "=== USB Auto-Update Service Installation Complete ==="
}
# Automatically detect the number of sections
get_max_section() {
declare -F | grep -o 'section_[0-9]\+' | grep -o '[0-9]\+' | sort -n | tail -1
}
MAX_SECTIONS=$(get_max_section)
# Main script execution logic
show_usage() {
echo "Usage: $0 [-s SECTION_NUMBER]"
echo ""
echo "Options:"
echo " -s SECTION_NUMBER Run only the specified section (1-$MAX_SECTIONS)"
echo " -h, --help Show this help message"
echo ""
echo "If no options are provided, all sections will be run in order."
echo ""
echo "Available sections:"
echo " 1 - Power Management and Screen Blanking for current user"
echo " 2 - Initial System Setup"
echo " 3 - Desktop Environment Installation"
echo " 4 - Phidget Setup and Dependencies"
echo " 5 - Touchscreen Configuration"
echo " 6 - Phidget Network Server Setup"
echo " 7 - Kiosk User Setup"
echo " 8 - GDM3 Autologin Configuration"
echo " 9 - SDDM Configuration (Alternative)"
echo " 10 - Chromium Kiosk Autostart Setup"
echo " 11 - Wayland and Kiosk Verification"
echo " 12 - Touch Gesture Configuration"
echo " 13 - KWin Tweaks and Final Setup"
echo " 14 - Power Management and Screen Blanking for kiosk user"
echo " 15 - Final System Restart"
echo " 16 - Remove notifications and enable auto updater"
echo " 17 - Disable error popups for kiosk user"
echo " 18 - USB Auto-Update Service and eventual reboot"
}
run_all_sections() {
echo "Running all sections in order..."
for i in $(seq 1 $MAX_SECTIONS); do
echo ""
echo "========================================="
echo "Starting Section $i"
echo "========================================="
section_$i
echo "Section $i completed."
done
echo ""
echo "All sections completed successfully!"
}
run_specific_section() {
local section_num=$1
if [[ $section_num -lt 1 || $section_num -gt $MAX_SECTIONS ]]; then
echo "Error: Section number must be between 1 and $MAX_SECTIONS"
exit 1
fi
echo "Running section $section_num only..."
echo "========================================="
echo "Starting Section $section_num"
echo "========================================="
section_$section_num
echo "Section $section_num completed successfully!"
}
# Initialize variables
SECTION_NUM=""
# Parse command line arguments
while [[ $# -gt 0 ]]; do
case $1 in
-s|--section)
if [[ -z "$2" ]] || [[ "$2" =~ ^-.*$ ]]; then
echo "Error: Option -s requires a section number"
show_usage
exit 1
fi
SECTION_NUM="$2"
shift 2
;;
-h|--help)
show_usage
exit 0
;;
-a|--all)
# -a flag just ensures we run all sections (default behavior)
SECTION_NUM=""
shift
;;
*)
echo "Error: Unknown option: $1"
show_usage
exit 1
;;
esac
done
# Execute based on arguments
if [[ -n "$SECTION_NUM" ]]; then
# Validate that section number is numeric
if ! [[ "$SECTION_NUM" =~ ^[0-9]+$ ]]; then
echo "Error: Section number must be an integer"
exit 1
fi
run_specific_section "$SECTION_NUM"
else
run_all_sections
fi
rm -rf /home/kiosk/.config/chromium/Default/Preferences
rm -rf /home/kiosk/.config/chromium/Singleton*
kwriteconfig6 --file startkderc --group General --key desktopSession empty
kwriteconfig6 --file ksmserverrc --group General --key loginMode emptySession
