What is DeCaf

DeCaf is a collection of pieces of software that, if put together, allow you to run an internet café, or something similar. It it based on the concept of “timecode” – 5 letter codes that customers buy and can use to access your workstation for a specified amount of time.



Setting up the server

  1. Install the decaf-db package. It automatically set up a database, if you let it. Remember the username you gave it.
  2. Configure postgresql to allow access from the workstations.

If you do not want to use the decaf-db package, you can set up the database yourself. You can find the database scheme in the decaf-doc package as file /usr/share/doc/decaf-doc/decaf-database-scheme.sql or under http://svn.debian.org/wsvn/decaf/trunk/doc/decaf-database-scheme.sql. Create a user with write permissions to the database.

From now on, we assume that the database has the name “decaf”, the user is called “decaf” and the database runs on the host “dbhost”.

Setting up a workstation

  1. Install the package decaf-workstation. If they are available in one of your apt repositories, run apt-get install decaf-workstation, otherwise download them from http//decaf.alioth.debian.org/ and install using dpkg -i.

  2. It will ask what system user account should be used for decaf, and optionally creates it, if it does not exist yet.
  3. It will also ask the database informations: host, database name, user and password
  4. The configuration file for DeCaf, /etc/decaf.conf will be created and protected with chmod 600 /etc/decaf.conf. For this example, it would contain these lines:

  5. Configure pam-mount. Create the directory /var/run/decaf/union-rw. In the file /etc/security/pam_mount.conf, change the unmount-list to:

    umount /bin/umount -l %(MNTPT)

    and add these lines

    volume decaf tmpfs - tmpfs /var/run/decaf/union-rw mode=700,uid=decaf - -
    volume decaf unionfs - unionfs /home/decaf dirs=/var/run/decaf/union-rw=rw:/home/decaf=ro - -
  6. Modify the pam setup for the desired login method, in this case, /etc/pam.d/gdm:

    auth    [ignore=reset system_err=reset default=done]        pam_decaf.so
    @include common-auth
    @include common-account
    @include common-session
    session  required   pam_mount.so
    @include common-password
  7. Done!

Handing out timecodes

System overview