it-team/lmn-client
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improve exam-mode documentation

Browse source
This commit is contained in:
Raphael Dannecker 2026-02-14 16:32:47 +01:00
parent 4a254588cc
commit 02aac5ab15
1 changed files with 19 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

27
doc/exam_mode.md
View file

@ -2,12 +2,15 @@
## Description / use cases ## Description / use cases
Activating exam_mode provides following functionalities: **Activating Exam Mode: Functionalities**
* when -exam user logs in, firewalld.service will start and prevent communication between devices in the same local network
* home- and media-directory of -exam users will be renamed (on the next day) and removed (after some days). When a user logs in with the `-exam` designation, the following functionalities will be activated:
This is important due the fact, that -exam user will be new created (with new user-id) on exam-mode initialisation.
Without renaming/deleting the home- and media-directory, the -exam user couldn't log in twice on the same pc. * The `firewalld.service` will start, blocking all incoming traffic. Additionally, it will restrict outgoing traffic to the addresses specified in `exam_destination_allowed_ipv4`, if this variable is set. Communication is permitted with devices listed in `exam_teacherpc_ips`, including the teacher PCs. By default, the IP of the teacher PC is determined by the client's IP, with the last digit in the last octet specified by `exam_teacherpc_last_digit`.
Particularly important on machines with localhome
* The home and media directories of `-exam` users will be renamed the following day and removed after a certain period. This is crucial because the `-exam` user will be created anew (with a new user ID) upon the initialization of Exam Mode. Without renaming/deleting the home and media directories, the new `-exam` user would be unable to log in on the same PC, especially on machines with local home configurations.
## Requirements ## Requirements
@ -15,10 +18,18 @@ none
## Example ## Example
Per default, all hosts will get exam_mode. But we don't want exam_mode on teacher devices Per default, all hosts will get `exam_mode`. But we don't want `exam_mode` on teacher devices. In `exam_mode` the Networks `10.0.0.0/24`, `10.0.1.0/24`, `192.168.122.0/24/24` will be reachable.
inventory.yml inventory.yml
```
```yml
all:
vars:
exam_destination_allowed_ipv4:
- 10.0.0.0/24
- 10.0.1.0/24
- 192.168.122.0/24
teacherdevices: teacherdevices:
hosts: hosts:
10.0.14.[1..75] 10.0.14.[1..75]