(c) 2007 by Flosse R. http://2blocksaway.com 
Fedora Core 6, making the Linux desktop for your parents (or the Linux desktop that does it all)

First off, there are plenty of "making a Linux PC ready for your grandmother" but I  would like to focus on a system, that is pretty much set and forget with a failsafe (regular backups!!) and everything ready for your mom and dad (read: any normal computer user)
to access the internet. Now you say : Windows can do that!, and my response is, yes but can you sleep at night? Before we go any further , we need to check WHAT is it that the regular home desktop user needs?

1. a graphical user-friendly interface, and if possible a graphical booting sequence, not scary text scrolling by
2. multimedia capabilities, but NOT 32 different players, one of each (music, movie, etc.) that can play it all (or almost)
3 Office programs with which they can open their old files and their friends files 
4. a safe environment, where THEY don't have to be on top of everything. The system should take care of itself with minimal intervention
5.did I mention multimedia and simplistic?
6 Browser plugins. Mom and dad watch EVERYTHING, that means, YouTube, Windows Media files, PDFs, Documents, Excel, EVERYTHING that can be found online
7 a way to regularly backup their data so that in the event of "someone" "accidently" deleting some important file, it can be recovered by you walking them through over the phone
8 regular backups on DVD/CD of their data in case of a harddrive failure

Granted, the last 2 are a bit tricky, especially the off-harddrive thing but it is doable. In fact all of this takes a standard productivity install of Fedora Core 6, a little time and bandwidth and 1 script!
On a side note, to make them switch easier, explain to them these things:
No more "bad software" or viruses
No more constant crashes and updates in the sense of having to be a guru to get everything running
And best of all, this is something different, something that makes them stand out among their friends.
From here on I generally choose the Use free space on selected Drive since I usually install this on a "clean" machine. However you can also remove all partitions or do a custom layout, however don't overdo the complexity, this is a system that, in case of a breakdown, you need to be able to re-create as it was , VERY FAST :)

Next select, the Office and Productivity installation. The reason for this is that the average user is not doing any Development and is not hosting a web server. Also select the Fedora Extras repository. Anything else you will add later when the machine is installed.

 You can customize the Software selection if you want, but generally the selection is pretty good and contains all the essential part for our goal.Click on next and watch while the installer calculates what is all needed and then starts downloading the packages. The total installation of the default Office and Productivity took 45 minutes on a 8 mbit ADSL line.


Once everything is installed the machine will reboot and the "firstboot" wizard will start, which allows you to configure the system.

After agreeing with the license agreement (which is essentially the GNU Public License, or in other words that its all free :)) You are taken to the Firewall selection screen.

This is where we want to select ENABLED and allowed ports only ssh, IF you even need that. If you do remote help for your parents then this is a good choice, if not, turn it off. The firewall (IPTables) is extremely good and they are quite well protected since there is no easy way for them to change the configuration (and they dont need to!). Of course you can add services IF you have the need that need to be accessed ON the machine. This is not meant for services that they can access. The firewall will allow them to access pretty much any service (Windows File sharing, printing etc.) but nothing can access this machine, and that is the way it should be.

The next screen we want to take a look at is SE Linux. This stands for Security Enhanced  and it  is basically a set of policies on what programs and users are allowed to do. For this purpose, the quick Settings that should be changed are shown on the screen below. Both the FTP and the MEMORY section should be completely de-selected. everything else is fine.

Up next , we want the machine to run the correct time so we enable the Network Time protocol. It polls the servers listed (*.fedora.pool.ntp.org ) on a regular basis when there is a internet connection. This will keep the time very accurate on the machine.

Great, now we create a user on the machine that will be user primarily. You can add more later but you need to create 1 generic user. This user will have no system rights. He/She only can work in their home directory but all applications will work perfectly fine. Before this screen you were asked to put a root password. This password is the one used to do administrative tasks, such as executing the script later on.

When the user is created and all the settings are done you are faced with a neat login screen (which can be customized btw.). Log in with the generic user you just created.

The problem now is that almost all applications that are needed are installed. But because of patent issues , or actually because Fedora does not want to risk getting into patent issues, not all multimedia things work. So we need to add them. this is now the "hard work", as it involves some more downloading and some small configuration adding. NOTE: If you are afraid of the command line (shell), don't worry this will be quick and simple. The script we are discussing, can be downloaded from HERE and then copied to the machine or you can just open a command line (APPLICATIONS -> ACCESSORIES -> TERMINAL) and at the prompt type su - and ENTER then enter the root password you gave during the installation. your shell should now start with a # sign. If you have downloaded the script and want to let it do its magic (which is all described in the following) just type 
wget http://blog.2blocksaway.com/files/setup.sh ; chmod a+x setup.sh; ./setup.sh  
and hit ENTER. This is a long line but it will download the script and execute it for you, which in turn downloads all the things and configures them for you so you do not have to do ANYTHING but log out when its done and log back in.

If you do not want to use the script, here is a step by step breakdown of what it actually does. The things that still need to be installed still are the following:
All the possible multimedia browser-plugins,
some more software and 
some more repositories so the machine can update itself when necessary and the regular backup.
First you will need to run (as root) from the command line this:
wget http://macromedia.rediris.es/macromedia-i386.repo ; mv macromedia-i386.repo /etc/yum.repos.d/
What it does, is it downloads and moves information about where to download the Flash plugin for the browser, to the appropriate location. Then you need to add another download repository (livna) with this command:
rpm -Uvh http://rpm.livna.org/livna-release-6.rpm
This downloads and installs the information about a repository for the necessary multimedia parts to your system. Next up we install Adobe Acrobat Reader. I know that everyone now screams: NO!!! its not free. True but this is not a perfect world and some companies create PDF's with Acrobat that can only be read with it. Believe me, I couldnt open a gift certificate I was sent with my normal PDF viewer in Mac OS X (Preview). 
rpm -ivh http://ardownload.adobe.com/pub/adobe/reader/unix/7x/7.0.9/enu/AdobeReader_enu-7.0.9-1.i386.rpm
NOTE: This will install the English version of Adobe Reader. I can supply a list of direct links of other languages if needs be.
Good, so now we have the download information added and Adobe Reader installed.  Only a couple of more things to do and you can hand the machine over to the user.
On the root command line type (or copy paste ) this:
echo -e "remove totem\n install totem-xine libdvdcss libdvdnav flash-plugin gstreamer-plugins-ugly gaim-libnotify f-spot\n run\n quit" | yum -y shell

Looks cryptic? Well here is the explanation:
You are feeding a set of options of what to remove and what to install then to yum, yum is the installer/updater for Fedora Core.  You are first removing totem, this is the default movie player and we want to keep it , but the version included does not support many formats. We next tell it to install a version of totem, that has DVD support and pretty much any media format support there is, this will also install the plugins necessary for the web-browser.  Next we get the flash plugin for the browser and all the possible audio codecs and instant messaging notification capabilities. Last but not least we install f-spot. F-Spot is a small but very good application to organize digital photos, very much like Apple's iPhoto. It is small and extremely easy to use for anyone. When you hit enter at the end of the line all of this will be done while you sit back and watch it configure the capabilities for your machine.


Now everything is installed but one plugin is not working yet for the web-browser, Java. Instead of going through the process of downloading Suns Java, we will enable the plugin that is shipped with fedora. Why download something twice and then reconfigure everything when one line will make it work anyway. The line is this:
ln -s /usr/lib/gcj-4.1.1/libgcjwebplugin.so ̈̂#/usr/lib/firefox-1.5.0.7/plugins/
That's it, if you open your web-browser now and type about:plugins in the address bar, you should see a nice list of everything (like in this shot)

Great so we are nearly done. All that is missing is the backup part. Everyone knows that teaching the average user to backup their files is pretty much a quest for life. So we add a simple script to the "cron" service which runs the script once every week. This script will backup all the home directories , so that any additional users are save too and puts it all into an archive on the disk. It then checks for archives older then 4 weeks and removes them. This way you have 4 weeks of backups and automatically get rid of the old ones. The script you need to copy to /etc/cron.d/cron weekly, is HERE, but again you can just type: 
wget http://blog.2blocksaway.com/files/backup-week.sh ; chmod a+x backup-week.sh; mv backup-week.sh /etc/cron.weekly/
which will do it all for you.

And that's it, if you log out and log back in, you have a perfectly save system for anyone that wants to use it. They can run all the applications and multimedia files they want and not break anything major.Plus they are among the "less vulnerable" targets on the web. One less Windows Zombie and Spyware client.
//Flosse