monline

LTSP uses a FUSE-based filesystem (LTSPFS) for providing access to devices that are attached to the thin client, but are used on the terminal server in the user's session. The creators of LTSPFS took an unconventional approach: users cannot (and are not supposed to) manually eject these LTSPFS mounts, the system does this on it's own after 5 seconds of inactivity (at least it's 5s in Karmic). This is meant to make use of USB devices more comfortable. Unfortunately LTSPFS does not provide any means to the user to detect whether the device is still in use or not. My small modification comes here in play.

Googling in the subject and reading the user manual of TrueCrypt you get the feeling that TrueCrypt is only usable with root privileges, thus normal users are left in the cold. However, this is only partly true. The system administrator can set things up so that normal users are able to mount TrueCrypt volumes too and without opening up serious security holes.

For some time I had a problem with USB drives on my LTSP client: the attached devices did not unmount automatically and of course if I just plugged the drive from the USB slot, some changes (file modifications or deletions, etc.) were lost. Sometimes a little filesystem corruption could occur too. Just the basic stuff that can happen if you plug a removable device without unmounting it first. The more I had to use USB drives, the more frustrating this bug became. Finally I took the time to track it down and found the problem.

This is a short how-to for creating an USB boot device, which enables you to boot a Debian/Ubuntu ISO image from your USB drive.
The summary of instructions is ...

Having a bootable DOS partition on an USB drive can be necessary for flashing the BIOS of your motherboard or RAID controller (since most recent PCs come without a floppy drive). However the official way to do this requires you to have already a DOS bootable partition. Fortunately there're a couple of solutions in case you've only a running linux system. The linked page has the best description of the qemu+FreeDOS method (the one that I prefer) and lists various other approaches as well. To keep the instructions safe, I made a copy of them here.

"UNetbootin allows you to create bootable Live USB drives for a variety of Linux distributions from Windows or Linux, without requiring you to burn a CD. You can either let it download one of the many distributions supported out-of-the-box for you, or supply your own Linux .iso file if you've already downloaded one or your preferred distribution isn't on the list."

UNetbootin supports (at least at the moment) a lot more distributions than LiLi. However LiLi is a lot more user-friendly (meaning that is has a lot fewer options and a lot fewer chances for users to break the process ).

"LiLi is a free and open source software for Windows that allows you to create a portable and bootable USB stick running Linux (various distributions are supported). Also offers an exclusive option of automatic virtualization to launch directly this Linux in Windows without any configuration nor installation (using a portable version of VirtualBox 3.0)."

Many utilities (eg. firmware patches for CD/DVD drives, RAID controllers, etc.) require you to boot into DOS. However a lot of configurations (especially servers) come with only an optical drive, so you cannot use a floppy to boot into DOS. Not even to talk about the capacity of a floppy disk ... a RAID controller firmware might not even fit onto a single 1.44MB floppy disk. Fortunately newer motherboards already support booting from an USB device, but putting DOS (or something equivalent) onto an USB drive and make it bootable is not a trivial task.

Now this is something. A linux based security suite integrated into an USB stick! It works by installing a low-level driver into the PC's OS (of course this is a Windows only stuff ) and redirecting all network traffic through this driver, which filters the data through the appliance's security mechanisms. They say that this unit provides an all-in-one solution: firewall, spam-filter, anti-virus, bla-bla-bla ... Actually the only problem with this is that the whole stuff is only as secure as the Windows (driver) architecture allows. And I don't trust that too much. :-> I'm not naive: most probably Mac OS X is not much safer from a technical POV, but it's got a lot smaller user base and thus is a less attacked platform. And on the other hand, it's working a lot better and that's a significant aspect from a user's POV.