Changelogs for full kiosk releases


Please be aware that as the times goes the stable releases may become affected by a known security vulnerabilities which are resolved in real time in the kiosk current branch. These issues remain unfixed in full releases until new kiosk version is out.

We encourage everybody to subscribe to an automatic updates service as it lets you be safe all the time.

27th of March 2023

Changes implemented in Porteus Kiosk 5.5.0:


Upgraded system components to latest version from Gentoo stable branch including Linux kernel 6.1.20, Google Chrome 108.0.5359.124 and Mozilla Firefox 102.9.0. Full list of packages used for creating this release can be found under this link.


Porteus Kiosk changes including Cloud and ThinClient variants:

  • Added possibility to enable watchdog timer in our systems. Watchdog is supposed to automatically restart the PC when a failing condition occurs. This is useful for unttended deployments, e.g. digital signage.
  • Added support for downloading components and system updates from the server mirrors. Nearest server is determined automatically by the system.
  • 'MD5' authentication protocol is supported now in 802.1x wired networks.
  • Added support for storage devices formatted with an exFAT filesystem.
  • Start the Xorg session on tty1/VT1 rather than traditionally on VT7 to avoid flipping between VTs. It results in a faster and smoother boot experience.
  • Resolved a bug where UEFI component was booting the old kiosk system installed on the hard drive rather than booting the new installation ISO from the removable device.
  • Allow 'zoommtg' protocol for Chrome by default otherwise zoom connections cannot be established using the web client.
  • Properly handle the URLs containing the '&' character when browser is started by another app (e.g. Zoom's authorization through Google) or from the command line.
  • 'homepage_append=' parameter will properly add requested info to homepage URLs which already have the query arguments, sample: "https://domain.com?argument=1" becomes "https://domain.com?argument=1&kiosk=hostname".
  • Disabled autoupdate of Chrome internal components (e.g. widevine plugin) as without persistence enabled it causes the updated components to be downloaded during every session restart.
  • Disabled 'Share this page' and 'Bookmark this tab' buttons in the Chrome URL's bar
  • Disabled 'show side panel' button on Chrome UI by default.
  • Updated depreciated Chrome policies and removed policies which are not used anymore.
  • Disabled autoupdate of the Firefox plugins. Without persistence enabled it causes the updated plugins to be downloaded during every session restart so its better to disable this function entirely.
  • Fixed a bug where Firefox would not open on an entire screen when running with navigation bar disabled and was restarted from Porteus Kiosk Server or over SSH ('killall firefox' command).
  • Disabled 'Open previous tabs' popup which appears in the Firefox browser when persistence is enabled and the kiosk PC is forcibly rebooted or powered off (unclean shutdown).
  • Hide the PDF download button in the Firefox's built in PDF viewer when downloads are disabled in the system.
  • Display remote config name in the Administration Panel of Porteus Kiosk Server also for PXE booted clients.
  • Other fixes and improvements.

  • Kernel config changes:

  • Compiled 'vmd' driver directly into kernel to allow booting from the NVME drives which are managed by the VDM controller.
  • Enabled hardware monitoring support for NVME bus so device temperatures can be viewed in the debug log or by executing the 'sensors' command over SSH.
  • Enabled bluetooth support, userspace still needs the firmware and bluetooth manager application for pairing devices (must be added through the ISO customization).
  • Added DRM driver for Hyper-V Gen2 VMs. Gen1 machines cause troubles and still default to the framebuffer driver. DRM driver offers much faster 2D scrolling and allows setting a custom screen resolution.
  • Enabled watchdog drivers.
  • Switched to voluntary kernel preemption.
  • Other changes.

  • Porteus Kiosk Server version "Premium" changes:

  • Added support for monitoring battery capacity of connected clients under "Client resources" tab in the Administration Panel.
  • Added 'Clone config' option in Remote Management tab of the Administration Panel. Use it if you are having troubles with the clipboard.
  • Send notifications to the clients from the guest account so sound alerts can play in customized builds with PulseAudio.
  • Added timestamps to email notifications which are sent by the Administration Panel so its possible to find when the event occured.
  • Disabled TLS versions 1.0 and 1.1 for stunnel as they use vulnerable ciphers.
  • Display the current resolution at the top of available resolutions in the 'monitor settings' application.
  • Other fixes and improvements.

  • Additional information about changes introduced in Porteus Kiosk 5.5.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    28th of March 2022

    Changes implemented in Porteus Kiosk 5.4.0:


    Upgraded system components to the latest version from Gentoo stable branch including Linux kernel 5.15.28, Mozilla Firefox 91.7.1 and Google Chrome 98.0.4758.102. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Added support for importing DER certificates through the 'import_certificates=' parameter.
  • Hardware video decode feature is now enabled for screensaver video and screensaver webpage functions.
  • Added support for dynamically generated remote configs. Kiosk identification and settings can be now passed through the URLs which contain an append parameters, e.g. 'kiosk_config=https://domain.com/kiosk-config.php?device=nuc&sound=0.3'.
  • Enabled OpenH264 plugin by default for the Firefox browser as it's needed for the WebRTC streams.
  • Added 'cec-client' utility for controlling the displays over HDMI interfaces.
  • Number of initial connections from the client to Porteus Kiosk Server has been reduced from 5 to 3. This optimization lowers the server overhead when multiple kiosks are booting at the same time ('rtc_wake=' parameter is used).
  • Switching to a secondary keyboard layout will no longer allow using key combinations which are blocked in the system by default.
  • If the GPU driver fails during the Xorg server initialization then fallback drivers are loaded in the following order: modesetting, fbdev, vesa until the desktop is started properly.
  • Firefox browser will open URLs which require domain authentication without asking for user confirmation.
  • Disabled 'Restore pages' Chrome notification which could appear when the kiosk is rebooted with full persistence enabled.
  • Native 'vboxvideo' driver is used instead of the 'vesafb' for displaying the splash screen when booting on the VirtualBox platform.
  • 'vesafb' driver is used for displaying the splash screen when the proprietary nVidia driver is available in the system (affects custom builds only).
  • Disabled 'share this page' button on Chrome's URL bar by default.
  • Kernel firmware symlinks are maintained according to the WHENCE file.
  • Other fixes and improvements.

  • Porteus Kiosk Server version "Premium" changes:

  • 'refresh client list' and 'export as CSV' functions of the Administration Panel have been optimized to execute up to 5 times faster.
  • Guest tools are started properly on VMware virtual machines.
  • Allow connecting to older SSH servers that do not support the newer RSA/SHA-256/SHA-512 signatures (needed for preserving compatibility with kiosk clients in version 3.6.0 and 3.7.0).
  • Never update the client ID number for already registered clients (affects 'client_id=automatic' parameter.)

  • All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    18th of October 2021

    Changes implemented in Porteus Kiosk 5.3.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 5.10.73, Mozilla Firefox 91.2.0 and Google Chrome 93.0.4577.82. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Libinput has become our default input driver as it provides native touch gestures support for the Firefox browser. Touchscreens which were calibrated under Porteus Kiosk version 5.2.0 or below will continue using the 'evdev' driver in order to preserve compatibility with existing configs.
  • Virtual keyboard extension can be enabled for Firefox and Chrome.
  • Added support for experimental hardware video decoding for both browsers.
  • Onscreen buttons can be relocated to a different position on the kiosk screen.
  • Removed Adobe Flash plugin from the system. Flash standalone applications can be still supported through our 'customized builds' service.
  • Updated 'dns_server=' parameter to work also for DHCP configurations.
  • Updated 'disable_zoom_controls=' parameter to control the 'pinch to zoom' touch gesture for the Firefox browser.
  • Allow accessing 'about:certificates' address in the Firefox browser so users could view the certificates of websites which are classified as untrusted.
  • Added 'sound open firmware' package which allows using an alternate sound driver on selected hardware.
  • Fixed scaling function for video outputs which work in the mirroring mode and having a similar name, e.g. DP1 and eDP1.
  • Disabled 'Reading List' feature in Chrome by default.
  • Disabled 'Caret browsing' feature by default for both browsers.
  • Removed 'star button' from the Firefox's URL bar to prevent bookmarking webpages with a single mouse click.
  • Blocked 'Ctrl+Shift+B' key combination as it allows toggling the bookmarks bar in the Firefox browser.
  • Blocked 'Ctrl+Shift+n' keyboard shortcut by default to prevent opening a new Chrome window in the incognito mode.
  • Blocked 'Alt+Shift+i' keyboard shortcut to prevent opening the feedback form under Chrome browser.
  • Updated Administration Panel in Porteus Kiosk Server variant "Basic".
  • Fixed alignment of columns in the 'Client Resources' tab of the Administration Panel.
  • Porteus Kiosk Server "Premium": close an old VNC connection to the client before starting a new one.
  • Other fixes and improvements.

  • Additional information about changes introduced in Porteus Kiosk 5.3.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    22nd of March 2021

    Changes implemented in Porteus Kiosk 5.2.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 5.10.25, Mozilla Firefox 78.8.0 and Google Chrome 87.0.4280.141. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Recompiled Remmina with CUPS support so its possible to redirect local printers to remote RDP sessions.
  • Disabled update notification on Chrome instances which are used to play the screensaver video.
  • Screensaver video is stopped before locking the session ("session_idle_action=lock" parameter). There is no point to play the video if nothing is visible on the kiosk screen.
  • Disabled possibility of dropping an URL on the bookmarks toolbar in order to add a new bookmark or change the position of existing bookmarks managed through the kiosk config.
  • Disabled possibility of dropping an URL on the home button in order to change the homepage which was set in the kiosk config.
  • Disabled possibility of dropping an URL on the tabs bar in order to open a new tab.
  • Blocked 'Shift+F9' key combination by default as it opens the "Storage Inspector" console in the Firefox browser.
  • Blocked 'Shift+F12' key combination by default as it gives an access to the "Accessibility Inspector" in the Firefox browser.
  • Porteus Kiosk Server "Premium": replaced "gpaste" with "parcellite" clipboard manager. Parcellite will be started only when VNC service is not activated otherwise it prevents copying data over VNC (clipboard content takes priority).
  • Porteus Kiosk Server "Premium": VNC connection is closed properly when the VNC session is finished.
  • Other fixes and improvements.

  • All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    12th of October 2020

    Changes implemented in Porteus Kiosk 5.1.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 5.4.70, Mozilla Firefox 78.3.1 and Google Chrome 85.0.4183.121. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Silent printing feature is available again for the Firefox browser after Mozilla developers fixed the bug which we have reported to them.
  • Its possible to wipe the guest's home folder from persistent partition using the 'persistence=wipe' parameter in remote kiosk config.
  • Enabled microphone and webcam redirection for the Citrix Workspace sessions by default.
  • Enabled EFI stub support in the kernel config which is needed to boot the kiosk on some HP PCs equipped with the EFI firmware.
  • Disabled 'irc://' and 'ircs://' handlers for the Firefox browser which in certain circumstances could allow an attacker to unlock default browser profile and run other applications in kiosk.
  • Broadcom and Realtek PHY drivers are compiled directly into the kernel to resolve PXE booting issues on some PCs.
  • Added VAAPI info to the debug log so its possible to find which video codecs could be hardware decoded by the GPU.
  • Driver supporting the USB audio devices is loaded with a delay to make sure such device uses the last sound card slot. This is to prevent breaking our 'default_sound_card=' parameter with a random slot assignment.
  • Ensure the Firefox profile folder is not symlinked to another folder when pushing managed bookmark file to it. Symlinked profile directory could lead to gaining root access and compromising the system.
  • Start the "hide mouse" process with a 5 second delay as the Xorg session must be is fully set.
  • 'shutdown_menu=' parameter: activate the lock function only when the session or root password is provided in the kiosk config (otherwise it's not possible to unlock the kiosk).
  • ThinClient: create PTY nodes during system boot as they are needed for Remmina SSH connection.
  • Citrix Workspace: disabled ctxusb daemon as some users experienced random session disconnects because of it.
  • Disabled Ctrl+Shift+d keyboard shortcut by default.
  • Disabled completion panel on the virtual keyboard as it could reveal passwords when user entered them during the kiosk session.
  • Porteus Kiosk Server "Premium": prevent double mounting the kiosk's client filesystem.
  • Other fixes and improvements.

  • All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    2nd of March 2020

    Changes implemented in Porteus Kiosk 5.0.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 5.4.23, Mozilla Firefox 68.5.0 and Google Chrome 80.0.3987.122. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Added support for setting mouse speed (acceleration) in the system.
  • Its possible to set different number of seconds for every browser tab which is displayed on the kiosk screen.
  • Added support for viewing TIFF files in the Firefox browser. TIFF files are converted to the PDF format first so its possible to open them directly in Firefox. This function requires 'enable_file_protocol=yes' parameter present in the kiosk config.
  • System clock is fetched every day from remote NTP server. It helps the kiosks which are not rebooted for a long time (e.g. 6 months) to retain correct system time.
  • Added virtual keyboard to the 'session password' window so its possible to start the kiosk session without physical keyboard attached to the PC.
  • Fixed Citrix standalone application by switching to latest 'selfservice' application which utilize the 'webkitgtk2' package.
  • Sound level is set for every audio device present in the kiosk and not just the primary one.
  • Give the user 60 seconds to perform an action in order to prevent shutting down the kiosk when 'halt_idle=' parameter is used.
  • Added '-noxdamage' flag to the x11vnc startup script to prevent VNC crashes on some kiosks.
  • Disabled 'browser reset prompt' by default in the Firefox browser. This prompt may appear when full persistence is enabled and the kiosk is not used for a longer time.
  • Fixed mouse events on ncurses apps (mc, alsamixer) when logging to the kiosk over SSH from the 'xterm-256color' terminals.
  • Ensure to kill only the browser process when screensaver webpage is running and Xorg session is restarted.
  • Remove Chrome's SingletonLock file by default to avoid 'Chrome profile' locked propmt when kiosk hostname is changed and full persistence is enabled.
  • Reuse Chrome profile in full for screensaver video/webpage purposes. Some extension installations can be forced through the global policies as we want to keep their settings in the new Chrome instance which is used to play the screensaver.
  • Hide the Firefox's tab bar when 'toggle_tabs=' parameter is used. Regression introduced after upgrading to Firefox 68.x.
  • Recompiled openssh package with support for obsolete keys. Many kiosk users still use older SSH clients which are not compatible with Ed25519 key.
  • Disabled 'Chrome update' popup which affected previous kiosk release.
  • Porteus Kiosk Server "Premium": include remote config name in the client list generated as the CSV file.
  • Porteus Kiosk Server "Premium": import environment variables (e.g. $DISPLAY) when generating debug log on the client side otherwise some important data wont be available in the report.
  • Other fixes and improvements.

  • Additional information about changes introduced in Porteus Kiosk 5.0.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    16th of September 2019

    Changes implemented in Porteus Kiosk 4.9.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 4.19.68, Mozilla Firefox 68.1.0 and Google Chrome 76.0.3809.100. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Added support for setting default zoom level in the Firefox and Chrome browsers.
  • Session idle function can lock the session instead of restarting it.
  • Its possible to select large mouse cursors theme for the system.
  • Screen locking button can be also present in the 'shutdown menu' if its enabled in the kiosk config.
  • Report remote config name to Porteus Kiosk Server so its easier to find which kiosk is pointed to which config.
  • Upgraded GRUB bootloader to latest version from git. This was needed to boot some CoffeLake and GeminiLake systems which supports EFI firmware only.
  • Resolved issues with parsing specific proxy pac files.
  • Added random delay to the PK Server tunnel initialization script. This is needed to lower the impact on Porteus Kiosk Server resources in case of large number of clients connecting to it at the same time (e.g. when server is rebooted or network is down temporarily).
  • Default to 'client_id=automatic' when 'client_id' parameter is missing, is set to a string instead of a number or the number Eis not in range 1024-65535.
  • Hide 'onscreen buttons' under the screensaver window when browser is restarted through the 'session_idle=' parameter.
  • 'refresh_webpage=' parameter: do not prevent restarting the session when 'session_idle_forced' parameter is enabled.
  • Added 'guest' user to the 'usb' and 'plugdev' groups so it's possible to connect to the mobile phones and photo cameras in order to download the files from them.
  • Added 'guest' user to the 'cdrom' group by default so its possible to play DVDs/Audio CDs in kiosk.
  • 'screensaver_video' parameter: applied a fix so it works properly on rotated screens.
  • Disabled 'Ctrl+Shift+N' key shortcut by default when Chrome works with navigation bar disabled to prevent opening a new browser instance in a new, normal mode window. This bug affected only kiosks with private mode enabled.
  • Disabled 'Ctrl+period' and 'Ctrl+semicolon' key shortcuts by default when Chrome has navigation bar disabled to prevent restarting the browser by the kiosk users.
  • Added '-nomodtweak' switch to the VNC service startup script in order to resolve 'Shift' key related problems.
  • 'homepage_append=mac' parameter: do not proceed with booting until IP address its assigned by DHCP server otherwise MAC address can not be determined.
  • 'screensaver video' parameter: detect screen size properly for the video outputs which are marked as 'primary' in the xrandr output.
  • 'additional_components=07-java.xzm' parameter: removed as Firefox 68 do not support java NPAPI plugin anymore.
  • 'managed_bookmarks' parameter: enable bookmarks toolbar even when when navigation bar is disabled in the Firefox browser.
  • Firefox: disabled hidden files from viewing through the file protocol.
  • Firefox: disabled middle mouse click by default when browser works with navigation bar disabled so its not possible to open new tabs when clicking on the hyperlinks.
  • 'silent_printing' parameter: make it available only for Chrome browser as this function is currently broken on Firefox.
  • 'disable_zoom_controls' parameter: disabled 'Ctrl+0' (zoom reset) keyboard shortcut, this is to prevent the case when zoom level is changed by the admin and kiosk users should not be able to reset it back to default value.
  • 'session_idle_forced' parameter: do not display 'session restart' warning as this parameter is used mostly for digital signage where system notifications are not needed.
  • 'session_idle' parameter: wait up to 30 seconds for the user to cancel session restart/lock, increase from 5 seconds.
  • 'homepage_check' parameter: restart network service approx every 10 minutes if homepage is not found.
  • 'client_id=automatic' parameter: ensure the targeted port on the server side is not already used by other kiosk or server process when registering new client ID.
  • 'client_id=automatic' parameter: execute 'grep' utility with a '-w' flag to properly find and reuse client IDs from deleted kiosks.
  • Citrix Receiver: xorg-server-1.20.x fullscreen issue seems to be fixed in latest version so we have removed our own tweaks for emulating the fullscreen mode.
  • Enabled dictionary on the xvkbd virtual keyboard by default.
  • Initrd: never clear the screen when booting with 'kernel_parameters=debug' parameter enabled. We need to see kernel oopses and crashes caused by drivers loaded later in the booting process by udev.
  • Kiosk wizard: properly list Access Points which contain spaces in SSID. This bug affected only fallback 'iw' utility which is used in environments with over hundred APs in range.
  • Kiosk wizard: moved 'Set time' utility from the wifi setup window to the final network configuration window as incorrect system time may affect also wired connections (kiosk may assume that SSL certificates expired on our domain and prevent connection).
  • Kernel config: set Hyper-V framebuffer to FullHD resolution by default as userspace can not control the screen size on Hyper-V virtual machines.
  • Cloud/ThinClient variants: do not remount the device automatically when 'Eject removable devices' button is pressed.
  • Other fixes and improvements.

  • Porteus Kiosk Server version "Premium" changes:

  • Added 'Remote config' column to the client list in the Administration Panel. It allows to quickly find which remote config the client is using.
  • Updated 'Client list' window for the 'Client resources monitoring' function. It supports now up to 5k clients, allows for filtering the client list by specific string and selecting a group of the clients with a 'ctrl/shift + mouse click'.
  • Added 'Config rules' button to the 'Add/Edit config' windows in the Administration Panel so its easier to find the rules which need to be followed when creating the config.
  • Email notifications: added an option for sending notification when new server version is released.
  • Added 'netstat' utility to the kiosk clients jail to allow for listing ports opened on the server. This is needed for proper 'client_id=automatic' calculation when new kiosks are registered.
  • Administration Panel: if screen width is lower than 1280 pixels then automatically set lower window size to match the screen resolution.
  • Display MAC addresses with low letters in the Administration Panel to keep the columns aligned properly in the client list.
  • Server wizard: added option to lock the server session after specific time of inactivity.

  • Additional information about changes introduced in Porteus Kiosk 4.9.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    21st of January 2019

    Changes implemented in Porteus Kiosk 4.8.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 4.19.16, Mozilla Firefox 52.9.0 and Google Chrome 70.0.3538.110. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Added support for the 'onscreen buttons' to the Firefox browser. This feature resolves the case when navigation bar is disabled, user enters a non whitelisted page and is not able to go back to previously viewed page. Other buttons like e.g. launch scanner application, unmount removable media which is mounted read-write, etc ccould be added to the buttons menu in a customized build.
  • Its possible to set default paper size for the printer. 'A4' and 'Letter' sizes are available in the wizard by default but other ones (you need to find which are supported by certain printer driver) are supported too by the 'paper_size=' parameter.
  • Added support for the 'fbdev' (framebuffer) DDX driver which in some cases - depending on the GPU card - offers higher screen resolution than the VESA driver.
  • Its possible to set a custom port number on which the VNC service will be listening. This feature is important for kiosks which are connected directly to the internet (e.g. through the dialup modems) and are not protected by the NAT or the firewall. Non default VNC port helps avoiding brute force attacks performed by the internet bots.
  • Added remote kiosk config name to the debug report. For security reasons we cant reveal full kiosk config location, however - config name should be enough for the admins to figure out which remote config the kiosk is currently using.
  • Set the timezone before the rsyslog and cron daemons are started.
  • Allow 'screensaver_webpage' to work with webpage stored on a local filesystem, e.g. 'screensaver_webpage=file:///opt/www/index.html'.
  • 'screensaver_video' and 'screensaver_webpage' parameters will properly handle URLs containing the '&' sign.
  • Added localization files from the 'libX11' package so Citrix Receiver could work correctly with non english keyboard layouts.
  • Remmina will remember connection passwords (SSH, VNC, RDP, etc) when persistence is set to full.
  • Fixed full persistence not working when kiosk was installed on some eMMC and NVME devices (/dev/mmcblk2 and /dev/nvme0n2 nodes respectively).
  • Fallback to the 'iw' utility for scanning for available wireless networks when there are 100+ Access Points in the range.
  • Wait up to 120 seconds for the gateway as some rare setups require starting the local dhcp server first and many times the kiosk is faster.
  • Wait 4 seconds before rotating the touch input as some screens are slow to initialize.
  • Fixed calibration not working for touch controllers containing '®' symbol in their name.
  • Fixed calibration not working for touch controllers containing additional spaces in their names. Example: "ELO Touch Solutions ELO Touch Solutions AccuTouch 2218" has two spaces between "Solutions" and "ELO" strings.
  • Run Citrix window in maximized mode instead of fullscreen as it causes 100% CPU usage with Xorg Server 1.20.x. Unfortunately all Citrix versions are affected with this bug and its several months old already so we are not sure when it will be fixed by upstream.
  • 'session_idle=' parameter must kill also the Ctirix session.
  • Delete caches folder when screensaver webpage and video is closed to free up the space in the RAM.
  • Start VNC service with 10 seconds delay to allow clipboard sharing between the host and the VNC clients.
  • Added support for xterm-256color terminals for ncurses based apps (alsamixer, Midnight Commander, etc) which could be run over SSH.
  • Added mc="mc -u" alias to disable subshell otherwise Midnight Commander application starts slowly on the ash shell.
  • Added wifi firmware needed for Surface Pro 2s laptops.
  • Initrd: do not search for the GPU driver if PCI bus in not available (Hyper-V Gen2 platform and some ARM boxes).
  • Busybox: added aliases support to the 'ash' shell.
  • Kiosk wizard: ask for confirmation when restarting the wizard, this is to prevent accidental restarts and losses of wizard choices. Make proxy.pac file working in case when it returns the 'DIRECT' connection (no proxy used).
  • Kernel config: enabled support for Hyper-V Gen2 platform.
  • Other fixes and improvements.

  • Porteus Kiosk Server version "Premium" changes:

  • Added "Test internet speed" to Actions in the Administration Panel so its possible to check how fast the client can download 100 MB file from porteus-kiosk.org website.
  • Replaced 'Last connected' column in the Administration Panel with 'Last active' which shows the date when kiosk was seen online for the last time.
  • Added conky applet to monitor failed SSH/VNC login attempts possibly caused by the internet bots.
  • Replaced 'parcellite' with 'gpaste' clipboard manager to resolve an issue with sharing the clipboard content over VNC protocol.
  • Fixed clipboard sharing between the host the the guest (Porteus Kiosk Server) for VMware Workstation.
  • Added history saving to the 'send notification' function.
  • Fixed rare case when under heavy load PK Server could assign the same client ID to two or more kiosks. This would happen only when multiple clients registered on the server for the first time with 'client_id=automatic' parameter, e.g. when server is migrated to a new hardware.
  • Ask for confirmation before clearing notification/custom-command history.
  • Display notification when 'client list' monitoring mode is enabled. This is to inform the admin that interaction with the clients is not possible until monitoring mode is disabled.
  • Exit menu is launched when server cant authorize on our domain or upgrade. This is to allow smooth server shutdown and ensure that server is not powered down forcibly which could damage the data.
  • Exclude swap file from server backups.

  • Additional information about changes introduced in Porteus Kiosk 4.8.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    18th of June 2018

    Changes implemented in Porteus Kiosk 4.7.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 4.14.50, Mozilla Firefox 52.8.1 and Google Chrome 66.0.3359.181. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Added support for refreshing browser webpage with defined time interval. This is useful for digital signage purposes.
  • Its possible to explicitly set the shutdown options which should be present in the kiosk shutdown menu. You can allow the users to e.g. reboot the kiosk or restart the session but they wont be able to shutdown the PC fully.
  • Screen rotation function has been split from more complex 'screen_settings' parameter. Handy if you want to just rotate the screen on different kiosk setups and want to avoid providing other screen attributes like vide output name, screen resolution, refresh rate or position.
  • Enabled "DRI3" and "TearFree" features on Intel DDX driver by default which should result in a smooth video playback and scrolling on rotated screens.
  • USB devices (e.g. smart cards) are redirected to Citrix session by default.
  • Added vorbis and speex codecs so Citrix Receiver can use them for compressing audio and lowering network usage.
  • ".ica" files are associated with Citrix Receiver in the Chrome browser. Standalone Citrix app opens now automatically after clicking on the ".ica" file.
  • Kiosk wizard: do not ask for the client ID, SSH and VNC details when pointing kiosk to existing remote config hosted on Porteus Kiosk Server. These details does not matter at the installation stage as kiosk will be reconfigured anyway as per remote config settings. Installation of multiple clients is much faster now.
  • Default to first proxy IP in case when multiple proxies are returned by the proxy PAC files.
  • 'haveged' daemon is started by default to remedy low-entropy conditions.
  • Latest 'freerdp' package allows connecting to recently upgraded Windows systems over RDP protocol.
  • System upgrade/reconfiguration notification is be visible all the time so users are aware that there is an action happening in the background.
  • Kernel config: enabled touchpad compatibility layer for older hardware, added support for DM-Crypt so its possible to encrypt partitions or files with cryptsetup, enabled retpoline support.
  • Enabled flashplayer by default for Chrome browser when 'screensaver_url=' parameter is used.
  • Replaced '--start-fullscreen' with '--kiosk' flag for Chrome screensaver to get rid of 'Press F11 to exit fullscreen' notification.
  • Made 'Cancel' button the same size as other buttons in the shutdown menu so its easier to press this button on touch monitors.
  • Kiosk wizard: repeat calibration twice for touch devices with swapped axes. This is needed to get accurate calibration data.
  • Unblock 'Ctrl + left mouse click' during installation so its possible to select multiple devices for calibration.
  • Kill old VNC connections before restarting vnc service.
  • Always rotate touch input if at least one screen is rotated.
  • Make stunnel daemon aware of 'proxy_exceptions=' parameter when connecting to PK Server.
  • Fixed 'managed_bookmarks=' parameter being ignored in the PCID section of remote config.
  • List SDIO devices in the debug report.
  • Other fixes and improvements.

  • Porteus Kiosk Server version "Premium" changes:

  • Implemented 'Send notification' action in the Administration Panel so its possible to send a message to multiple clients. You can define if notification message should disappear automatically after 5 seconds, only after an user click or be displayed in a loop until the kiosk is restarted. Its also possible to play a sound when notification appears on the screen.
  • 'Wake On LAN' function should also wake the kiosks which are in different subnets than Porteus Kiosk Server.
  • Added 'History' function to the 'Custom command' action so its possible to rerun previously executed commands.
  • Its possibile to insert additional info to the 'offline client' notification email.
  • Added option to export client list (with last stored data also for offline clients) to a CSV file.
  • Default firewall rules can be changed in the firewall editor.
  • Keep selected settings persistent in the screen configuration utulity.
  • Added 'Restore default resolution' button to the screen setup utility.
  • Fixed a bug which prevented creating and editing kiosk configs containing the 'Save' string.
  • Remove scripts from persistent storage related to server parameters as these parameters may be are no longer active in case when server was reconfigured.

  • Additional information about changes introduced in Porteus Kiosk 4.7.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    15th of January 2018

    Changes implemented in Porteus Kiosk 4.6.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 4.14.13, Mozilla Firefox 52.5.3 and Google Chrome 63.0.3239.132. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • VNC daemon can display a popup window prior to establishing a VNC connection and ask the kiosk user if incoming conneciton should be allowed, reject or allowed in a view-only mode. This is required in countries where unnoticed VNC connection are prohibited by law.
  • First run wizard has the ability to run virtual keyboard (xvkbd) which helps to configure the system for touchscreens or when no real keyboard is attached to the PC during the installation.
  • Intel and AMD microcodes are compiled directly into kernel so they loaded early in the booting process. This is a requirement for never CPUs.
  • Added 'search for printer model' function to the first run wizard.
  • When battery capacity reaches 10% then system plays a notification sound and displays a popup window which must be clicked to disappear.
  • Make full persistence working when kiosk is installed on NVME devices.
  • Compiled pinctrl drivers directly into kernel. If they are compiled as modules then it's not possible to initialize some MMC devices and boot from them.
  • Set window title in PS1 prompt. It helps finding to which kiosk you are connected over SSH as hostname is included in the PS1 variable.
  • Make sure that kernel version matches kernel modules version before performing system upgrade.
  • Remove 'new tab' button from Firefox interface when address bar is disabled.
  • Added 'show desktop' launcher to Server/Cloud/ThinClient systems by default.
  • Enabled 'strings' busybox applet.
  • Skip gateway check for modem connections.
  • For dialup connections default to first MAC address found (even from wired NIC) when reporting to PK Server as 'ppp0' interface does not have a MAC addess itself.
  • Switched i915 Mesa (3D) driver from gallium to classic version as gallium one causes Firefox tabs to crash on Intel Alviso (gen3) GPUs on certain websites.
  • Mirror the screens properly for AMD GPUs when 'screen_settings=' parameter is used.
  • Source (rather than execute) 'persistence' script in rc.S to make sure it completes before moving to runlevel 3 during system boot.
  • Copy modules to RAM one by one rather than in parallel, it should resolve occasional MD5 sum mismatches reported on some devices.
  • Disabled "Control + left mouse click" and "Control + Shift + left mouse click" shortcuts as they open URLs as new tabs. This is unwanted when navigation bar is disabled.
  • Disabled 'captive portals check' function for Firefox as it slows down booting for offline kiosks (browser waits till connection times out).
  • Determine IP address and MAC of default NIC just before sending data to PK Server as they may change.
  • Wait 20 seconds and if gateway is not found during boot then start network initialization script once again to catch all devices which are slow to initialize, e.g. usb wifi dongles.
  • Other fixes and improvements.

  • Porteus Kiosk Server version "Premium" changes:

  • Refreshing the client list in the Administration Panel is up to 10 times faster. Porteus Kiosk Server should be able to handle 5000 clients and more depending on it's hardware specification.
  • Porteus Kiosk Server gained support for real time monitoring of the client resources. Following data can be pulled from the clients: current usage of the CPU, RAM, swap, root (virtual filesystem), persistent partition, CPU temperature, downloaded/uploaded data and client uptime. Data are presented in the Administration Panel and updated every 2 seconds. Its possible to sort the client list by specific categories, e.g. highest CPU usage and select which clients and resources should be monitored.
  • Implemented email notification for Porteus Kiosk Server resources usage. Notification will be sent when CPU, RAM or root/storage partition usage crosses percentage defined by the admin.
  • "0 minutes" setting is supported now in the email notifications. Checks will be performed every 10 seconds and email notification should be send even when kiosk is rebooted or looses internet connection for a very short period.
  • Fixed sorting the client list by the 'Last connected' field.
  • Added Server ID to conky theme.
  • Fixed real time 'update homepage' function for the Chrome browser.
  • Removed flickering which occured when client list was refreshed.
  • Delete duplicated clients (compare PCID and MAC for each client and remove older ID) before Administration Panel starts.
  • If config name is not provided then default to 'kiosk-config.txt' when creating new configuration in the Admin Panel to avoid setting immune bit on the configs directory.

  • Additional information about changes introduced in Porteus Kiosk 4.6.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    4th of September 2017

    Changes implemented in Porteus Kiosk 4.5.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 4.12.10, Mozilla Firefox 52.3.0 and Google Chrome 60.0.3112.113. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Added support for EAP over LAN (802.1x) authentication on wired connections.
  • VNC and SSH daemons can be limited to listening on localhost interface only. This is useful from security point of view as nobody can access the kiosk on public network interface. Mind that you'll have to use another service: Porteus Kiosk Server, Guacamole, NoVNC, etc in order to tunnel VNC or SSH traffic to kiosk's localhost interface.
  • Its possible to calibrate multiple touchscreen devices which are connected to kiosk.
  • Cloud and ThinClient systems no longer expose shutdown options by default. Its required to explicitly enable shuttdown menu in kiosk configuration in order to allow restarting or powering off the PC by the users.
  • WPA supplicant will run on all available wireless network interfaces and not only the first one. This is handy if primary wifi card does not work properly (hardware failure, loosing connection, mising driver/firmware) and you want to use wifi dongle as replacement.
  • Network interfaces are presented in a dropdown list in the installation wizard. Its easier now to find interface names needed for static IP configuration.
  • Deactivate ACPI shutdown feature when burning the ISO on storage device during installation, reconfiguration and upgrade.
  • Tunneling service to Porteus Kiosk Server is started as a daemon rather than a script. When demonized the tunelling process can survive Xorg session restart or system runlevel change.
  • Parameter 'client_id=automatic' wont cause new ID to be assigned to the client when default NIC (MAC address) is changed.
  • Do not start the SSL tunnel to the server when kiosk is reconfiguring or upgrading. This is to ensure that nobody can interrupt the ISO reburning process.
  • Enabled 'setsid' busybox applet.
  • Enable capture channels for the microphone by default.
  • Toggle tabs function will not prevent restarting the browser when 'session_idle_forced=' parameter is used.
  • Keep bookmarks visible in Firefox browser when managed bookmarks are enabled and navigation bar is set to autohide.
  • Disabled system-tray applet for Remmina, this is needed for looping Remmina connections.
  • Do not override existing user.js file when adding Firefox preferences through the 'browser_preferences=' parameter.
  • Rotate touch with 2 seconds delay after rotating the screen otherwise some touchscreens wont rotate the touch input properly.
  • Full persistence: do not overwrite PepperFlash during kiosk boot as it may be upgraded in the background by Chrome.
  • Smartcard readers are redirected to the Ctirix session properly.
  • 'Device not ready' message is displayed on the screen not earlier than 10 seconds after boot.
  • Removed 16 characters password limit for the 'session_password=' parameter.
  • Added wifi firmware needed for Surface Pro 4 laptop. Touch support requires customized build as kernel patches are not mainlined yet.
  • Other fixes and improvements.

  • Porteus Kiosk Server version "Premium" changes:

  • Added support for email notifications. For now the only supported notification is when client goes offline for specific time period.
  • Added possibility to sort client list by categories (system/kernel version, browser, last connected time, etc) in the view settings of the Administration Panel.
  • If server session is protected with a password then its possible to lock the session through the exit menu.
  • Display usage bars in red color if CPU, RAM or storage goes to 90% or above in server's usage monitor.
  • Added client statistics to the conky widget: number of clients which are currently online, number of clients which are offline and total number of clients registered in the Administration Panel.
  • Delete PCID/MAC files properly when client is removed from the Administration Panel.
  • Server installations are no longer allowed on storage devices smaller than 2 GB.

  • Additional information about changes introduced in Porteus Kiosk 4.5.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    1st of June 2017

    Changes implemented in Porteus Kiosk 4.4.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 4.9.30, Mozilla Firefox 52.1.2 and Google Chrome 58.0.3029.110. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Online or offline webpage can be used as the screensaver. With the help of javascript such screensaver should be more configurable than static video or slideshow of images.
  • If screensaver idle time is set to '0' then screensaver should start immediately after boot - useful for digital signage.
  • Swap partition has been replaced by more flexible swap file. Swap file is created on a persistent partition and its possible to change its size on demand by adjusting the 'swapfile=' parameter value.
  • Custom printer name allows finding to which network printer the kiosk prints in case you have more than one printer available in the workplace.
  • Its possible to force booting the system from removable device even if second kiosk installation is available on the hard drive. Such configuration caused troubles in the past.
  • Added support for hosting SSL certificate directly on Porteus Kiosk Server through the 'import_certificates=server://certificate.crt' parameter.
  • Added proxy auto configuration support for stunnel so clients behind the proxy should be able to connect to Porteus Kiosk Server.
  • Enabled CloudPrinting feature by default for Cloud/ThinClient system variants utilizing Chrome browser.
  • Copy client files recursively and bind two ports with one SSH command when initializing tunnel to Porteus Kiosk Server. This is to avoid unnecessary connections and lower server overhead when multiple clients are starting at the same time.
  • All plugins for Chrome are enabled by default including "Widevine Content Decryption Module" so its possible to watch e.g. Netfilx movies.
  • Check if at least one video output is active in the VNC startup script, if not then create virtual mode with 1920x1080 size and assign it to first disconnected output. VNC service can work properly now on kiosks with no monitor attached.
  • Kernel config: compiled nvme driver directly into kernel so its possible to install kiosk on NVME devices, added support for loading Intel/AMD microcode by the kernel.
  • Enabled 'stat' busybox applet.
  • Added crippled 'java-config' utility to keep java plugin quiet in the logs.
  • Timeout connecting to the Porteus Kiosk Server after 60 seconds when trying to download files from it. Kiosk can still boot even is server in not accessible at the moment.
  • Use 'hp' backend for HP printers connected directly to kiosk. This backend is required for proprietary 'hp-plugin'.
  • Ignore lines starting with space/tabs in remote kiosk config as they break PCID sections.
  • Regenerate playlist and restart screensaver slideshow when online zip archive was updated.
  • Refresh 'ripples' screensaver every 10 minutes to avoid background picture distortions.
  • Process only connected displays for 'screen_settings=' parameter.
  • Display warning message and skip installation/reconfiguration/upgrade if generated kiosk ISO is larger than system partition (900 MB).
  • Fixed the case when 'persistence=none' parameter was preventing the booting media from being powered off.
  • Force opening Chrome on webpage(s) defined in the "RestoreOnStartupURLs" policy. This is to resolve an issue where Chrome started with a blank page when 'persistence=full' was enabled and kiosk was not shutdown cleanly, e.g. due to a power cut.
  • Fixed the case where parameter 'shared_printer=no' was still initializing shared printing.
  • Alt-Home and Alt-KP_Home keyboard shortcuts are allowed now when Chrome works with navigation bar disabled.
  • Other fixes and improvements.

  • Porteus Kiosk Server version "Premium" changes:

  • Added an info about client's last connection time to the Administration Panel
  • Added 'Reconnect client' to the actions list which allows reconnecting only selected client(s) rather than dropping all connections. Should be used in rare scenarios like updating client data in the Administration Panel (hostname, IP address, etc) or when VNC password file was not transferred on the server side.
  • Allow file selection dialogs by default for Chrome so its possible to upload files through the browser

  • Additional information about changes introduced in Porteus Kiosk 4.4.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    13th of March 2017

    Changes implemented in Porteus Kiosk 4.3.0:


    Upgraded system components to latest version from Gentoo stable branch including Linux kernel 4.9.14, Xorg Server 1.19.2, Mozilla Firefox 45.8.0, Adobe Flash 24.0.0.221 and Google Chrome 55.0.2883.87. Full list of packages used for creating this release can be found under this link.


    Porteus Kiosk changes including Cloud and ThinClient variants:

  • Parameter 'client_id=automatic' will automatically asign the client ID to the kiosk - no need for manual configuration per device. This parameter makes client installation easier and faster especially for large deployments.
  • Activated 'serial' backend for CUPS printing service by default. Some usb printers require it for direct connection.
  • If kiosk installation fails then debug info will be displayed in the browser in order to help identifying the problem, e.g. I/O errors on target device.
  • Added warning when there may be not enough RAM available on the PC to perform system installation. Kiosks with 512MB of RAM may fail the installation if large components (e.g. Java) are enabled in the wizard.
  • System reconfiguration/upgrade will be skipped if ISO is burned on non writable media.
  • System reconfiguration/upgrade will eb skipped if ISO was manually burned on a partition (e.g. /dev/sda1) while it should be burned on a device (e.g. /dev/sda).
  • Added OpenDNS as secondary DNS server in the installation wizard for static IP configurations. It will be used as a fallback to Google DNS.
  • If bookmark name is not defined in the 'managed_bookmarks=' parameter and the page title is not available then default to the raw URL for the bookmark name.
  • Set hostname before starting rsyslog so proper kiosk hostname is saved in the logs.
  • Dropped obsolete Chrome policies: DisableSpdy, DnsPrefetchingEnabled from default Chrome configuration.
  • Rotate /var/log/x11vnc.log every day so it wont grow in size too much.
  • Other fixes and improvements.

  • Porteus Kiosk Server version "Premium" changes:

  • Added 'Tools' menu to the Administration Panel with backup and restore utilities which allows to create and restore system snapshots containing all custom server files.
  • Its possible to filter client list by specific string, e.g. hostname, browser, kernel version.
  • Allow hiding the clients which are currently offline.
  • Display PCID, MAC and hostname in the client list also for the clients which are currently offline so its possible to identify each kiosk.
  • Display newest client logs on the top of the monitoring window and not the bottom.
  • Added an option to disable minitoring of the client logs.
  • Added function to view archived (rotated) client logs.
  • Automatically create backup files for the client configs which are edited directly on the server. Its possible to restore previous version of the config using 'Restore' button in the editing window.
  • Detach windows from the Administration Panel so its possible to copy data between viewed and edited files.
  • Open client's debug log in the browser which makes easier to search for specific info.
  • Always use numerical order for the client list (sort by client ID).
  • Fixed column sizes in the client list, also for older clients going back to 3.6.0 release which do not report kernel and browser version to the server.
  • Reduced the size of clients logs displayed in the Administration Panel from 1MB to last 1000 events (approx 300KB) as larger logs may affect server performance in case of many new entries addedd to the log at the same time.
  • Use 'Unknown' string instead of an empty value if client wont report its system version properly.
  • Calculate client VNC port which needs to be opened on the server side in more reliable way to avoid "not a RFB server" error.

  • Additional information about changes introduced in Porteus Kiosk 4.3.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelogs: link and link.

    5th of December 2016

    Changes implemented in Porteus Kiosk 4.2.0:


  • Upgraded all system components to latest version from Gentoo stable branch including Linux kernel 4.4.36, Xorg Server 1.18.4, Mozilla Firefox 45.5.1 and Google Chrome 54.0.2840.100. Full list of packages used for creating this release can be found under this link.
  • Client files: wallpaper, screensaver slideshow images, browser preferences, proxy pac config can be hosted directly on Porteus Kiosk Server - no need to use 3rd party web hosting service anymore. Clients must be configured with relevant parameters and utilize 'server://file_name' parameter value syntax.
  • Its possible to toggle between browser tabs at specific time interval. This feature is available only when navigation bar of the browser is disabled (kiosk works in digital signage mode).
  • Screensaver slideshow can display images in random order instead of alphabetic order.
  • 'C++' and 'C--' keyboard shortcuts are deactivated when 'disable_zoom_controls=yes' parameter is used.
  • Fixed 'vga_driver=modesetting' parameter which works properly now.
  • Recompiled xf86-video-intel driver without DRI3 support as it causes issues on older Intel Alviso (gen3) GPUs.
  • Make sure the SSH tunnel connection is established fully before trying to download remote config from Porteus Kiosk Server.
  • Other fixes and improvements.
  • Porteus Kiosk Server changes:
  • - allow rotating Server logs more often than once in a day

    - use Conky to monitor Server resources: CPU, RAM, storage and network utilization

    - removed 'grep' alias from /etc/bash/bashrc as grep applet from bysybox does not support '--colour=auto' option

    - make possible editing of the remote config through the Administration Panel

    - added parcellite utility which works as clipboard manager


    Additional information about the changes introduced in Porteus Kiosk 4.2.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    5th of September 2016

    Changes implemented in Porteus Kiosk 4.1.0:


  • Upgraded all system components to latest version from Gentoo stable branch including Linux kernel 4.4.19, Mozilla Firefox 45.3.0 and Google Chrome 52.0.2743.116. Full list of packages used for creating this release can be found under this link.
  • In this release we have introduced two new spins of our Porteus Kiosk system: variant Cloud and variant ThinClient
  • Kiosk config can be hosted directly on Porteus Kiosk Server - no need to use 3rd party web hosting service anymore. Clients must be configured with 'kiosk_config=' parameter and utilize 'server://config_name' protocol.
  • Its possible to define custom persistence level for the guest's home folder.
  • When enabled, password manager allows remembering logins and passwords to the websites.
  • Default search engine for the browser has been changed to the Google although its still possible to set DuckDuckGo if privacy is the top priority.
  • Linux kernel used in our system can be tweaked with the help of additional kernel parameters.
  • Its possible to control the slide duration (time between loading new image) for the screensaver slideshow.
  • Managed bookmarks allows to define the bookmark name.
  • DMPS is no longer forced to turn off the monitor after 10 minutes of inactivity and you may define the time after which the monitor goes off.
  • Session idle parameter will restart whole session (Xorg) for the variants Cloud and ThinClient.
  • Wizard: Added option to preserve persistent partition, perform a quick format or completely erease the hard drive before the installation.
  • Enabled bootsplash by default for the post installation ISO.
  • Clients behind the proxy can connect to Porteus Kiosk Server properly.
  • Rsyslog replaced metalog as default logging daemon - its more configurable and supports logging to remote destinations.
  • If association with Porteus Kiosk Server is enabled then bind remote rsyslog port locally (over SSL tunnel). System logs in severity warning and above will be logged on the Server side - this is useful for proactive support.
  • Screensaver slideshow will sort the pictures according to their filename
  • Session idle: notify the user in case when activity was detected and session wont be restarted.
  • If hostname is not specified and if Kiosk Server association is enabled then use client_id as hostname.
  • Automatically eject optical disc after successful installation.
  • Add '--disable-pinch' to Chrome flags if 'disable_zoom=yes' parameter is used.
  • Kiosk config can be hosted on FTP servers.
  • List touch devices in debug report.
  • If SSH service is enabled then allow login to Porteus Kiosk Server as kiosk user only from localhost interface (force using SSL tunnel).
  • When multiple homepages are defined and 'homepage_check=' parameter is enabled then query only first homepage to prevent "homepage is not available" message.
  • Fixed 'scheduled_actions=' parameter not working correctly when hour or minute was staring with '0' number (e.g. 09:04).
  • Make sure that authorized_keys file was copied correctly from Porteus Kiosk Server.
  • Fixed character conversion issue for Citrix Receiver.
  • Stunnel: reduced logging level from "warning" to "critical" to get rid of warning entries flooding the log when remote server is down.
  • Block 'Ctrl+p' key combination if printing component is not enabled.
  • Update DNS settings properly when dialup connection is used.
  • Session idle: prevent very first browser restart if no user activity is detected.
  • Blocked Shift+Enter key combination by default as it was opening a new Firefox window when user clicked on download link and then pressed Shift+Enter.
  • Do not mount removable device and start the browser if session is locked by the "session password" window.
  • Recompiled hplip package with scanner and fax support.
  • Make sure that ssh tunnel was established properly before forwarding client's data to the Server. This is to avoid 'password not found' error which could appear when establishing VNC connection from Administration Panel to the client.
  • Escape '?' character for Firefox's whitelist/blacklist functions so URLs containing this characters are handled correctly.
  • Do not start splash screen if 'debug' kernel parameter is used.
  • Disabled geolocation and OCSP services for Firefox as they make troubles for kiosks which uses proxies with authentication (long wait for a timeout when connecting to Mozilla services).
  • Keep cron logs in a separate file so they wont be flooding main system log.
  • Added following new packages: c_rehash, hicolor-icon-theme, json-c, libestr, liblogging, net-snmp, rsyslog, sane-backends, startup-notification.
  • Enabled new busybox applets: eject, mktemp.
  • Other fixes and improvements.
  • Porteus Kiosk Server changes:
  • - added 'Remote Management' tab to the Administration Panel for handling kiosk configs through the Server

    - added second tab for logging system events (warnings and above) from the kiosk clients.

    - added 'Reconnect' button which temporarily drops all client connections to the server. This is useful in case of having connection problems or to update clients data.

    - display browser version in the browser column of the Administration Panel

    - display client's kernel version in the Administration Panel

    - enabled startup notifications for the launchers

    - custom commands are preceded with 'nohup' so they continue executing even when ssh is disconnected

    - added back 'restart session' option (client must run latest kiosk version from automatic updates channel in order to support this feature properly)

    - added confirmation window to 'reboot/shutdown client' options

    - Administration Panel can be resized and maximized. Useful when you want to monitor many clients without scrolling the window.

    - added 'Help' button to the 'Client Logs' and 'Remote Management' tabs in the Administration Panel which points to the webpage which explains how these features work

    - removable devices are mounted with read-write access


    Extended information about the changes introduced in Porteus Kiosk 4.1.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    28th of May 2016

    Changes implemented in Porteus Kiosk 4.0.0:


  • Upgraded all system components to latest version from Gentoo stable branch including Linux kernel 4.4.11, Mozilla Firefox 45.1.1 and Google Chrome 50.0.2661.102. Full list of packages used for creating this release can be found under this link.
  • Kernel and userland packages are compiled for x86_64 architecture, that means Porteus Kiosk in current and future versions wont support 32bit CPUs anymore. If your PC does not have 64bit capable CPU then you still will be able to install last kiosk release in 32bit line: Porteus Kiosk 3.7.0.
  • Added support for setting default microphone in case you have multiple capture devices in the system.
  • Its possible to download screensaver slideshow ZIP archive every X minutes. This is useful if you need to update the slideshow often and want to do this quickly without rebooting the kiosk.
  • Import certificates function has been extended to support also Citrix Receiver certificates.
  • Added 'launch network wizard' applet to the first run wizard which allows to cancel waiting on the connection and repeat network setup procedure.
  • You may record a message to test selected capture device before installing the kiosk.
  • Display /media location in the filepicker left side panel so its easier to find where removable media were mounted.
  • Use 'uvesafb' driver to display splash screen during boot when native framebuffer driver is not available.
  • When booting fails show an info how to burn the kiosk ISO correctly on the usb sticks.
  • Fixed installation on SD cards which broke after switching to the GRUB bootloader.
  • Disabled 'horizontal overscroll' in Chrome as this feature may cause privacy concerns.
  • Added OpenGL info to the debug report.
  • 'persistence=session' parameter should not depend on 'disable_private_mode=yes'.
  • Allow for filepicker in Chrome when support for removable media is enabled.
  • Enable shared VNC access by default.
  • Enabled logging for x11vnc daemon.
  • Disabled access to four chrome:// facilities which slipped through our blacklist filter.
  • When in debug mode unset homepage_append parameter so debug report can be displayed in the browser correctly.
  • Keep screensaver window on top when browser works with navigation bar disabled and is restarted by 'browser_idle=' parameter.
  • Wizard: remote management 'test config' button downloads the config using wget and displays in gtkdialog window rather than the browser.
  • Wizard: display link quality info after AP name in the scanning result.
  • Kernel confg: enabled x86_64 architecture by default. Enabled drivers for hardware monitoring, PVSCSI SCSI Controller and added support for POSIX Message Queues.
  • Added following new packages: conky, cronbase, cronie, dosfstools, e2fsprogs, e2fsprogs-libs, fuse, gsimplecal, libertine, libpcre, lm_sensors, logrotate, mc, mesa-progs, metalog, ncurses, noto, popt, rsync, tint2, tslib, volumeicon, xcb-util, xev, xf86-input-tslib, xf86-video-fbdev, xfsprogs
  • Other fixes and improvements.
  • Porteus Kiosk Server changes:
  • - VNC viewer: lowered JPEG compression from 9 to 4 which helps slower connections and keeps image quality on relatively good level.

    - wait up to 5 seconds for VNC connections as sometimes they are slow to initialize

    - chroot kiosk user into /var/jail properly when making initial client -> server connection

    - reduced logging for stunnel to level 4 (warning) and disabled /var/log/stunnel.log. Metalog looks after stunnel messages now.


    Extended information about the changes introduced in Porteus Kiosk 4.0.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    29th of February 2016

    Changes implemented in Porteus Kiosk 3.7.0:


  • Upgraded all system components to latest version from Gentoo stable branch including Linux kernel 4.4.3, xorg-server 1.17.4, Mozilla Firefox 38.6.1 and Google Chrome 47.0.2526.111. We have moved early to kernel 4.4.x LTS line as we need better support for Intel Skylake processors. Full list of packages used for creating this release can be found under this link.
  • Kernel and userland packages are compiled for i586 architecture, that means Porteus Kiosk does not support i486 CPUs anymore.
  • Added support for RTC wake alarm which allows powering up the kiosk at certain hour:minute within each day of the week. PC motherboard must support this feature and 'Wake up events' must be enabled in the BIOS/EFI firmware in order to get this function working properly.
  • Its possible to protect the kiosk or server session with a password. Only authorized users can access the browser/administration panel and use the system.
  • Zoom controls and "pinch to zoom" touch gesture can be disabled to prevent the users from changing zoom level in the browser.
  • Added support for running custom command during system startup. It can be used for various purposes, e.g. configuring the touchpad, rsyncing offline content, displaying kiosk IP address.
  • In case of problems with the display its possible to use alternate 2D DDX driver: modesetting or vesa.
  • Import certificates function can load certificates directly from .crt and .pem files.
  • Porteus Kiosk Server changes:
  • - when version "Premium" is selected in the installation wizard then allow for setting following system parameters: time zone, keyboard layout, screen resolution, default sound card/sound volume, activate DPMS, disable UEFI support, additional fonts, allow accessing the server through the SSH and VNC protocols

    - increased support fo simultaneous VNC connections from 99 to 10k

    - handle VNC connections to the kiosk client properly when VNC access to the server is enabled

    - added 'Server docs' button to Administration Panel which opens the browser on http://porteus-kiosk.org/server.html (and server related documentation in the future)

    - added cifs package so its possible to mount SMB shares from server command line

    - check for server updates every 24h and display notification asking for reboot if new system version is found

    - added GUI option for sending custom command (e.g. notification) to the client

    - disabled VBox guest additions version check notification

  • Disabled system messages to make the kiosk booting process quieter. Warnings and errors are displayed only when something goes wrong. Notifications are displayed when kiosk reconfigures/upgrades itself.
  • Use 1MB for the block size when burning the ISO during installation/reconfiguration/upgrade making this operation significantly faster.
  • Added md5sum check of main system components after burning the ISO on the storage media. If md5sum does not match then burning is repeated up to 3 times.
  • Kiosk Wizard: added video tutorial button presenting how to save and load kiosk config/ISO from removable device,
  • PXE Boot: added statically linked SSL helper which allows downloading kiosk config or modules from SSL protected sites.
  • Wizard improvements: added possibility for restarting the main wizard window in case when configuration went wrong.
  • Kernel config: enabled i586 architecture by default, added support for Microsoft Hyper-V virtualization platform, enabled UVESA driver, CIFS protocol (Windows network shares), IP Multicast feature which is needed for receiving RTP/UDP video streams, compiled MPT drivers into kernel so its possible to install kiosk on SCSI/SAS hard drives in VMware and VirtualBox.
  • Enabled following busybox applets: gzip, gunzip, tty, zcat.
  • Added following new packages: attr, coreutils, fbv, libXv, libcap, liberation-fonts, libvncserver, openldap, wmctrl, v86d, xf86-video-amdgpu
  • Fixed kiosk client -> Porteus Kiosk Server communication when ssh services are working on non default ssh port.
  • Generate system report only once when debug mode is enabled.
  • Managed bookmarks: if bookmark title is not discovered automatically then use URL as a title instead of the generic 'Bookmark' name.
  • Eliminated a number of fault conditions when underscore sign was used in kiosk parameter values.
  • Kill the process which hides the mouse cursor properly when exiting screensaver slideshow/video.
  • Fixed touchscreen calibration/rotating for touch controllers which reports two input devices (e.g. PQLabs EN320006897).
  • Remote config: allow for [[GLOBAL]] and [[PCID]] strings with no space between the bracket and data.
  • 'browser_preferences=' parameter appends Firefox preferences to user.js instead of overwriting it.
  • Fixed time calculation in the screensaver script - it can run now continuously for 11 500 days.
  • Remove whitespaces at the end of the parameters in the kiosk config prior to parsing. This bug was breaking for example 'printer_connection=' parameter.
  • Kiosk Wizard: save manual edits to kiosk config when user clicks on the 'save config' button.
  • Run wget with '-U Mozilla' flag when doing the homepage check as some http servers reject connection when user agent is not set for the client.
  • Google Chrome: disable 'pinch to zoom' touch gesture by default when navigation bar is disabled.
  • Handle displays with dash in name (e.g. VGA-0) properly when 'screen_settings=' parameter is provided and screen positioning function is used.
  • Recompiled openbox without xinerama support so applications get maximized across all available screens in mulit seat setup (e.g. video wall).
  • Inject 'file:///tmp' to the whitelist automatically if 'screensaver_video=' parameter is used.
  • Start screensaver video with 'always on top' attribute so its not covered by restarted browser when 'browser_idle=' function is active.
  • Mozilla Firefox: disabled 'restore previous session' feature which shows up when session persistence is enabled and browser crashes or is restarted by the 'browser_idle=' parameter.
  • Other fixes and improvements.

  • Extended information about the changes introduced in Porteus Kiosk 3.7.0 can be found in this news post: link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    30th of November 2015

    Changes implemented in Porteus Kiosk 3.6.0:


  • Upgraded all system components to latest version from Gentoo stable branch including Linux kernel 4.1.13, Mozilla Firefox 38.4.0 and Google Chrome 46.0.2490.86_p1. Full list of packages used for creating this release can be found under this link.
  • Implemented support for Porteus Kiosk Server which allows monitoring, accessing and managing the clients even if they are placed behind a NAT, proxy or firewall.
  • Added support for injecting or replacing default browser preferences with a text file hosted on the network. For Firefox you may use all preferences listed in "about:config", Chrome policies can be found here: link.
  • Online video file can be used as a screensaver instead of the 'Ripples' screensaver or the slideshow.
  • Added support for session persistence which prevents wiping user data during browser restarts.
  • Right mouse click state (enabled/disabled) can be controlled through the wizard.
  • Its possible to share kiosk printer in the network so other PCs could use it.
  • Added opensource 3D drivers for playing online games and other WebGL usage.
  • Firefox: enabled mp4 (h264 codec) playback in the html5 "video" tag by default.
  • Added support for remote management when kiosk is booted over network.
  • Display OS version during PXE boot.
  • Added /etc/rc.d/local_net.d folder for local scripts which should be run once networking is initialized, e.g: start LAMP services, download file from the network, mount remote share.
  • Added /etc/rc.d/local_shutdown.d folder for local commands which should be executed during system reboot/shutdown, e.g: killing processes gracefully, stopping LAMP services, unmounting remote share or persistent storage.
  • Compare kernel and kernel modules version and stop booting when they do not match as networking would not be initialized anyway.
  • Display warning when battery reaches 10% and repeat every 60 secs until AC is connected.
  • Restart network service after 5 failed download attempts of the additional components.
  • Increased Kiosk Wizard window size
  • Wizard improvements: added new window which appears after setting up the network with 4 buttons: a) launch wizard (first run - no previous kiosk config exist), b) point device to existing remote kiosk configuration, c) load config from the network, d) load config from removable device, added possibility to test printing before burning the ISO, added support for nested configurations when loading the config from the network/removable device.
  • Kernel config: added support for VMware virtual machines and mounting NFS shares
  • Enabled following busybox applets: reset, time, arping, uptime, pgrep.
  • Added following new packages: elfutils, ffmpeg, libepoxy, libva, libva-intel-driver, libvdpau, llvm, mesa, sshpass, stunnel, xf86-video-sis, xf86-video-virtualbox, xf86-video-vmware
  • Run the screensaver slideshow with 'always on top' attribute so its never covered by other windows (e.g. browser could be automatically restarted through the browser_idle* parameter and cover the slideshow).
  • Improved compatibility of old wifi drivers and WPA2 Enterprise encryption scheme.
  • Blocked Shift+F8 key combination by default.
  • Start "scheduled tasks" with 40 sec delay to avoid situation when system is restarted twice within the same minute (kiosk reboots very fast).
  • Use default network interface instead of first one listed in /sys/class/net when determining MAC addres for the 'homepage_append=mac' function.
  • Fixed Google Chrome not starting during PXE boot.
  • Fixed the 'homepage check' function preventing the browser from starting in some rare cases.
  • Removed user agent parameter from wget flags ('-U Mozilla') as it breaks dropbox.com compatibility with remote management.
  • 'localhost' is resolved to '127.0.0.1' address properly.
  • Added 'localhost,127.0.0.1' to proxy exceptions by default to resolve printing problems when proxy is used.
  • Other fixes and improvements.

  • Extended information about the changes introduced in Porteus Kiosk 3.6.0 can be found in these news posts: link and link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    2nd of September 2015

    Changes implemented in Porteus Kiosk 3.5.0:


  • Upgraded all system components to latest version from Gentoo stable branch including Linux kernel 4.1.6, Mozilla Firefox 38.2.1 and Google Chrome 44.0.2403.157. Full list of packages used for creating this release can be found under this link.
  • Implemented support for nested configurations in remote management.
  • Added support for managed bookmarks which enables bookmarks bar in the browser with with predefined set of webpages.
  • SSL certificates can be imported automatically from provided URLs.
  • Slideshow of images can be used instead of default screensaver.
  • Video outputs can be disabled or set in certain position to create for example a 'video wall' for digital signage.
  • Touchscreen calibration can be performed directly through the wizard.
  • Implemented support for "static IP to address mappings" to resolve problems with non fully qualified domain names.
  • Mac address or hostname can be appended to the homepage url - useful for kiosk tracking purposes.
  • Homepage check function will check availiablity of the homepage prior to launching the browser. Predefined notification message is displayed when when the homepage is not available.
  • Added support for restarting the browser periodically when user activity is not detected.
  • Mouse cursor can be hidden after certain number of seconds.
  • Silent printing prevents the users from changing printing related settings.
  • Added support for proxy exceptions.
  • Wizard improvements: its possible to setup keyboard layout early as the very first step of kiosk configuration, MAC address of the wifi card is displayed in the wizard, its possible to setup hardware clock to current date/time, you can test additional functions (default sound card, sound volume level, shutdown menu, screen settings, screensaver ripples/slideshow) before creating final configuration, printers list is as split per manufacturers brand, its possible to generate short system report before installing the kiosk.
  • When private mode is disabled for Google Chrome then following functions are enabled by default: form autofilling, editing bookmarks (bookmark bar is always enabled), applications, spellcheck, sync, translate, signing into the profile.
  • Integrated Foomatic database with support for over 4k of new printer drivers and added extra drivers for thermal printers: Bematech, Bixolon, Sato, Star, Zebra.
  • Remote kiosk config is downloaded with PC ID string appended to the kiosk config URL.
  • Touchscreen input is rotated automatically to the position of the screen.
  • Automatically activate touch gestures in Chrome if touch capable device is found.
  • Save in real time to the kiosk config when doing manual edits in the wizard (*Save Edits* button is no longer needed).
  • Enabled native 'print preview' window for Chrome.
  • If support for removable media is enabled then whitelist 'file:///media' URL automatically.
  • Kernel config: added support for Virtio, namespaces (NET_NS, PID_NS, USER_NS) which are required for Google Chrome sandbox to work, enabled Tun/Tap driver, enabled userspace parallel port printer drivers.
  • EFI support: renamed bootx32.efi to bootia32.efi to make possible direct booting from isohybrid images (no need for EFI shell workaround).
  • Resolved PXE boot issues with gateway not being set by dhcpcd.
  • SSH keys are generated automatically with 'ssh-keygen -A' command
  • Blocked access to Firefox preferences through 'about:preferences#preferences' URL.
  • If kiosk is signed to the 'automatic updates' service then download components directly from such channel to avoid double reburn.
  • Fixed download progress not being displayed on slow networks (20 KB/s and below).
  • Do not download uefi.zip during installation if booting from UEFI ISO.
  • Apply proxy/proxypac settings immediately during installation so its possible to use browsers through proxy.
  • Blocked 'view-source:' protocol in Firefox which was giving an access to some system files (the ones readable by the user 'guest') despite of the 'file://' protocol being disabled. Blocked accessing the Firefox menu through the 'Alt' key when new browser window is opened with the tab dragging gesture.
  • Firefox tweaks: browser is started as maximized rather than fullscreen by default (this allows to launch HTML5 apps like pdf viewer, youtube video player and other in real fullscreen with no firefox navigation bar visible at the top), to restart the browser users must close its last tab - same as in Google Chrome, stop/refresh buttons are back in their original position (right side of the URL bar), disabled openh264 plugin which is needed only for video chats (Firefox Hello communication client) and would have to be downloaded during every browser restart due to license restrictions, disabled Enhanced Tiles by default, disabled HeartBeat rating system and Google SafeBrowsing service, when private mode is disabled then open new tab as 'about:newtab' rather than 'about:blank'.
  • Chrome tweaks: all preferences are managed now through the Group Policy Objects, master_preferences and chrome flags, locked down all browser settings (including chrome://*) so users can not change enything even when navigation bar is enabled, popup windows will open as maximized and decorated so its possible to close them, disabled developer tools, disabled following plugins by default: Chrome Remote Desktop Viewer, Native Client, Widevine Content Decryption Module, enabled controling of the 'file://' protocol through the 'enable_file_protocol=yes' kiosk setting, enabled blacklisting/whitelisting through the 'blacklist=' and 'whitelist=' kiosk settings.
  • Close 'shutdown menu' when going back from sleep.
  • Removed Chinese/Japanese/Korean layouts from the keyboard mapping list in the wizard as they need external input method application not supported in kiosk by default.
  • Other fixes and improvements.

  • Extended information about the changes introduced in Porteus Kiosk 3.5.0 can be found in these news posts: link and link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    1st of June 2015

    Changes implemented in Porteus Kiosk 3.4.0:


  • Upgraded all system components to latest version from Gentoo stable branch including linux kernel-3.18.14, mozilla-firefox-31.7.0 and google-chrome-43.0.2357.81. Full list of packages used for creating this release can be found under this link.
  • Added possibility of selecting Google Chrome as alternative browser to Mozilla Firefox. Please mind that supported features vary between the browsers.
  • Updated UEFI component to support PCs equipped with 32bit EFI firmware. Some 32bit EFI implementations do not support booting from isohybrid ISOs and its necessary to setup 'Internal EFI shell' as default for booting.
  • Kiosk Wizard offers now possibility of loading and saving the kiosk config on removable devices.
  • Its also possible to save the actual kiosk ISO generated by the wizard on the same removable device. This function should work much faster and be less confusing than uploading generated ISO to the online storage.
  • Set custom resolution on all active displays and not just the first one.
  • Inject PC ID to /etc/version when 'automatic updates' are enabled so its possible to identify the kiosk through this file.
  • If 'shutdown menu' feature is not enabled in the wizard then allow powering off the PC by pressing the power button. If user has a physical access to the PC then can force kiosk shutdown by holding the button for 5 secs anyway and its better to power off the machine gently.
  • Allow access to 'about:config' when in debug mode.
  • Run all 'user made' custom scripts from /etc/rc.d/local_cli.d (when in runlevel 3) and /etc/rc.d/local_gui.d (when in runlevel 4) during startup.
  • Automount ISO9660 and UDF formatted CDs and DVDs when 'removable devices' support is enabled in the wizard.
  • Switched to 'ripples' screensaver which looks nicer and does not leave any distortions on the screen when running for longer period.
  • Scale smaller screen automatically when second monitor is connected and there is a mismatch in resolution between internal/external outputs.
  • Disabled 'search for text when i start typing' in Firefox preferences so kiosk can work with bar code scanners out of the box.
  • Screensaver runs now in fullscreen mode rather than maximized+undecorated, this tweak allows to have all other applications decorated in kiosk.
  • Kernel config: added UDF filesystem support required for mounting of DVDs formatted with this fs, compiled XFS into kernel as this module is not loaded automatically when mounting device formatted with XFS filesystem, added many new drivers for better support of the tablets and x86 embedded/industrial devices.
  • Added following packages: google-chrome, ntfs3g, nspr, nss, pacparser, sqlite.
  • Scale only connected and initialized video outputs (skip cases when crtc cant be find).
  • No matter which option user selects in the wizard - keep navigation/address bar enabled when in debug mode.
  • When kiosk data is not found then display debug info and drop to the shell only after key press (wait 10 secs for it). If no action is taken by the user then shutdown the PC.
  • Whitelisted 'about:blank' by default so 'access denied' image is not shown on a new tab when URL filter is enabled.
  • Set default sound level to 90% as 75% may be too low in some cases.
  • Default to port 80 for PXE boot if PORT variable is missing in the 'http_server=' parameter passed by the bootloader.
  • Fixed handling of SSIDs with whitespaces in name.
  • Timeout after 10 secs when waiting on wifi interface so other NICs can be initialized by dhcpcd (wired connection can be used as a fallback for wifi).
  • Initialize brightness by default on all supported outputs to resolve 'dark screen' bug affecting some Intel GPUs.
  • Setup automatic proxy configuration separately for kiosk config and wallpaper URLs as they may be handled by the proxy exceptions.
  • Setup sound level later in the boot process to allow all sound devices initialize properly.
  • Fixed 'remote management' feature not working with UEFI PCs.
  • Firefox: fixed a bug which prevented having address bar disabled and navigation bar hidden at the same time.
  • Firefox: removed tiny white line displayed on top of the screen when navigation bar was disabled.
  • Restart vnc service automatically in case it crashes.
  • Changed default font size to 12 for system notification messages.
  • Fixed downloading of kiosk remote configs/wallpaper from some SSL protected sites (sslv3 alert handshake failure)
  • Export 'https_proxy=' and 'ftp_proxy=' environmental variables properly and apply settings from the proxy pac files to all applications which are proxy aware.
  • Further improvements to handling of the usb wifi dongles.
  • Clear boot screen early so system version is not visible when Xorg is restarted or when system goes down.
  • Run ntpdate even when clock is set to Factory and save the time to the hardware clock if ntpdate succeeded pulling date from the network.
  • Other fixes and improvements.

  • Extended information about the changes introduced in Porteus Kiosk 3.4.0 can be found in these news posts: link and link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    2nd of March 2015

    Changes implemented in Porteus Kiosk 3.3.0:


  • Upgraded all system components to latest version from Gentoo stable branch including linux kernel-3.18.8, xorg-server-1.16.4 and mozilla-firefox-31.5.0. Full list of packages used for creating this release can be found under this link.
  • Introduced Central Management which allows to control multiple kiosks from one configuration file stored on your server.
  • Implemented support for WPA2 Enterprise (EAP-PEAP) wireless authentication method and 2G/3G dialup connections. Special thanks to Danielle Otto from University of Wisconsin Whitevater and Dr Viral Bhatt for helping with implementation of these features.
  • Added support for automounting of removable devices formatted with FAT*, NTFS, XFS and ISO9660 filesystems under the /media folder. Internal volumes stays hidden, removable devices are mounted as 'read-only' and opened in a separate firefox tab. This feature allows to view or upload pictures/pdf/text files in kiosk. It's not possible to save anything on removable devices by default.
  • Implemented 'scheduled tasks' which allows to shutdown/reboot the PC or do any other atcion at certain day/hour/minute in the week.
  • Citrix Receiver is now available as an additional component in the wizard. Right mouse click is re-enabled when working with remote applications and stays disabled for other kiosk components.
  • Added an option to allow popup windows in firefox.
  • Its possible to disable 'private mode' for firefox so logins, passwords, cookies, caches, etc are saved during the session. Browser restart still brings a clean session.
  • Added an option to select default system soundcard. This feature comes useful for digital signage purposes when external display is connected to kiosk and you want to pass the sound through the HDMI or Display Port.
  • Added support for automatic proxy configuration through the PAC files.
  • Added possibility for setting custom NTP server which will be used for syncing PC hardware clock.
  • Introduced kiosk 'debug mode' which generates system report during startup.
  • Display EULA prior to activation of additional components in the wizard containing proprietary software (Adobe Flash, Citrix Receiver).
  • Display PC ID directly on the 'automatic updates' page in the wizard.
  • make_iso.sh script: show a warning about proper 'mkisofs' version needed for UEFI ISO creation.
  • Kernel config: added support for debug messages, printk, enabled PAT support which improves 2D/3D performance in some cases, enabled PPP protocol which is needed for 3g connections, enabled USB serial drivers, enabled support for more than 4 com ports which is needed for some touchscreen controllers, enabled usblp kernel module which is needed by some non standard CUPS drivers.
  • Enabled additional busybox applets: env, dirname, dmesg, fgrep, nohup, pkill, printenv, printf, pwd, realpath, seq, touch, uniq, usleep, which, whoami, xargs
  • Added following packages: ca-certificates, dbus-python, gmp, gnutls, icaclient, jimtcl, libevdev, libtasn1, libXxf86vm, nettle, ppp, python, rfkill, tofrodos, usb_modeswitch, wvdial, wvstreams
  • Fixed bug when wifi interface was named as eth1 (ipw220 driver) and kiosk could not initialize wireless connection.
  • Remove /var/log/Xorg.0.log during boot as it contains some important system information: kernel, Xorg, DDX driver version.
  • Fixed bug where homepage could not be set to a webpage chapter: homepage://some_url/#tag or when URL string contain ampersand '&' character.
  • Display notification during installation in case when never version of Porteus Kiosk ISO is available for download.
  • Allow HTML5 fullscreen api on all pages by default.
  • Set system localization to en-US.UTF8.
  • Do not create new ISO prior to installation but burn it 'on the fly'. This allows to install base kiosk ISO (no extra modules added) on a PCs with as little as 128MB of RAM.
  • Hide status bar when navigation bar is disabled.
  • Clear /tmp folder on each firefox restart to make sure that nothing persists there.
  • Unblock all wifi devices during boot with rfkill.
  • Disabled 'slow script' dialog window in firefox preferences.
  • Display a warning that kiosk needs to be reconfigured during last 10 days of the 'automatic updates' trial.
  • Set volume on all audio channels except for "*Mic*" and "*Boost*" to prevent a noise from the speakers.
  • Improved handling of network interfaces which are showing late in the system, e.g.: usb wifi dongle.
  • Save kiosk version in /etc/version so it can be checked through ssh or from URL bar if file:// protocol is enabled.
  • Enabled all firefox plugins (vlc, libreoffice, mozplugin, npica, etc) by default even if they are not available in kiosk.
  • Moved home button on the right side of the URL bar.
  • Allow insecure ntlm authentication which was disabled by upstream in firefox 30.x.
  • Reintroduced 'back/forward' buttons when address bar is disabled.
  • Do not accept VNC passwords longer than 8 characters (upstream limit) in the wizard and keep asking until shorter password is provided.
  • Check for Porteus Kiosk server accessibility before performing system update.
  • Rotate screen on all connected displays and not only on default one.
  • Switched to system proxy so all applications can use it and not only firefox.
  • Allowed outgoing traffic in the firewall on all ports by default. Incoming/forwarded traffic is still blocked as before. This is needed for proxy autoconfiguration service, browsing ftp shares, flovplayer video support, etc ...
  • Fixed listing of devices with spaces in name on the installation page in the wizard.
  • Fixed handling of WPA passwords containing spaces.
  • Fixed race condition between ssh/vnc services during kiosk startup.
  • Other fixes and improvements.

  • Extended information about the changes introduced in Porteus Kiosk 3.3.0 can be found in these news posts: link and link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    8th of December 2014

    Changes implemented in Porteus Kiosk 3.2.0:


  • Upgraded all system components to latest version from Gentoo stable branch including linux kernel-3.14.26, mozilla-firefox-31.3.0, adobe-flash-11.2.202.424, icedtea-bin-7.2.5.3, openssh-6.7_p1 etc. Full list of packages included in Porteus Kiosk 3.2.0 can be found under this link.
  • "IP filter" (iptables based) has been replaced with new "URL filter" which supports blacklist/whitelist functions, does not depend on the firewall and bases on a URL keyword (is flexible).
  • Added Wake On LAN function which allows the kiosks to be powered up remotely.
  • Input devices can be disabled to prevent user interaction with the PC - useful when kiosk works in a 'digital signage' mode.
  • Added possibility to rotate the screen on left, right or by a 180 degrees.
  • Added possibility to adjust default sound volume - when set to '0' the sound is muted completely.
  • Added UEFI component to ensure that Porteus Kiosk can be booted on PCs equipped with an EFI firmware instead of a traditional BIOS.
  • If swap support is not enabled in the wizard the system will spin down all block media (hd, CD, usb, SD/MMC cards) to save energy and make the kiosk environment friendly.
  • Added 'ntpdate' utlity to sync hardware clock with remote ntp server (pool.ntp.org) if timezone was enabled in the wizard.
  • Added dymo-cups-drivers, splix, xerox-drivers and hplip packages to the printing module doubling the number of drivers available in the kiosk wizard database.
  • Primary and secondary keyboard layouts have been extended with variants.
  • Added notification that keyboard layout was switched to 'layout:variant' and how to toggle between the layouts. Please mind that toggling shortcut has changed from 'Atl+Shift' to 'Ctrl+Space'. This comes handy when layout was switched by the user by accident.
  • Improved 'automatic updates' subscription which now can be performed directly on the wizard level.
  • Fixed a bug when wireless connection could not be establish in some cases.
  • Australis UI changes: moved refresh/stop buttons on the right side of the address bar, removed '100%' button from the zoom controls.
  • Firefox config: allowed java plugin by default so it wont ask for confirmation before running.
  • Disabled keyboard shortcuts introduced in firefox-31.x ESR line.
  • Refreshed kiosk wizard icon theme and updated descriptions to most of the functions.
  • Other fixes and improvements.

  • Extended information about the changes introduced in Porteus Kiosk 3.2.0 can be found in these news posts: link and link.

    All changes can be also tracked in the 'automatic updates' changelog: link

    16th of November 2014

    Changes implemented in Porteus Kiosk 3.1.3:


  • Make sure that only .xzm modules are mounted to /union (aufs) and not other files or folders.
  • Added support for basic authentication for the homepage, e.g: http://user:name@domain.com
  • Added libwacom and libgudev libraries required by the xf86-input-wacom driver.
  • Disabled updates of firefox addons by default, we have none in kiosk but this setting comes handy when ISO is customized manually.
  • Support custom sound level through /etc/rc.d/rc.sound.
  • Prefer gutenprint drivers for printing but also accept other ones if gutenprint driver is not available for selected printer.
  • Fixed handling of the lpd:// printer URI containing authorization string.
  • Automatic updates: display notification that unauthorized component has been added to the ISO and kiosk can't be upgraded.
  • Automatic updates: display notification about current OS version when there are no updates to download.
  • 17th of October 2014

    Changes implemented in Porteus Kiosk 3.1.2:


  • Updated make-iso.sh script to create 'eltorito EFI' images when efi component is present in the ISO.
  • PXE boot: improved compatibility with IIS and other http servers
  • Added quirk for loading 'broadcom' driver during PXE and normal boot when BCM57780 chipset is found.
  • Display kiosk version during boot.
  • Added a fix to clean the screen properly after counting (modules/seconds).
  • Kernel config: added FB_EFI support.
  • Kiosk wizard: added possibility for 3 months free trial of the 'automatic updates' commercial service.
  • Security fix: deactivated 'ctrl+l' keybinding by default. When firefox's 'address bar' is disabled the user could invoke an URL window by pressing 'ctrl+l' key combination and browse to other sites through it.
  • Switched to MAC based authorization for dhcpcd which is persistent (MAC never changes) unlike duid in kiosk.
  • Updated 'xzm download' function to resolve remaining md5sum issues. After this upgrade you should never experience them anymore (they may still occur only when there is something wrong with your connection).
  • Upgraded to mkisofs-3.01a24 for better UEFI compatibility.
  • 5th of August 2014

    Changes implemented in Porteus Kiosk 3.1.1:


  • Once kiosk is fully booted delete unneeded and potentially risky for the kiosk stability utilities like 'wget' or 'dd'.
  • Disabled 'Shift+left mouse button' combination to prevent opening new firefox windows when clicked on hyperlinks. This binding is especially dangerous when the navigation bar is disabled as there is no possibility to close any windows in this mode. Multiple firefox instances could slow down the kiosk or even make it unusable.
  • Disabled 'Ctrl+Shift+h' keybinding which displays firefox history menu (nothing there as kiosk runs in 'private mode' by default).
  • Disabled 'Ctrl+`' keybinding which allows to display previous kiosk notifications.
  • Export SSID as 'ssid_name=some-name' in the welcome wizard otherwise wifi networking wont be initialized.
  • Always put wifi interface up before scanning for available networks.
  • Alt+Ctrl+Del combination will kill only previous instance of the 'kiosk shutdown' utility and not every gtkdialog application (like e.g. welcome wizard).
  • Display wpa password and wep key on the welcome wizard config page.
  • Fixed non working hidden wifi SSIDs.
  • Added empty and non-executable /etc/rc.d/rc.local which can be used for running cli commands during boot.
  • Attended to fix a rare problem with md5sum mismatches caused by proxy which are caching and serving old kiosk components instead of letting the client download fresh ones from our server.

  • If md5sum problem is still not fixed then please contact support@porteus-kiosk.org for guidance.

    23rd of May 2014

    Changes implemented in Porteus Kiosk 3.1:


  • Upgraded all system components to latest stable version including linux kernel-3.12.20, xorg-server-1.15.0, busybox-1.22.1, mozilla-firefox-24.5.0, adobe-flash-11.2.202.359, etc. For full packages list please visit this link.
  • Rewritten 'Kiosk Wizard' into gtk and included directly in the kiosk ISO. Gtk version offers unique features over the web version which are explained on the kiosk wizard page.
  • Introduced an 'Automatic Updates' commercial service which turns the kiosk into a 'rolling release' distribution. More info can be found at this link.
  • Implemented several new functions in the wizard:
  • - Added printing support for local and remote printers.
    - Added possibility of removing address bar from the firefox's UI layout. Buttons are still visible so it's possible to navigate back and forth, zoom-in, zoom-out, print, etc but it's not possible to switch to any other webpage than the home page.
    - Added possibility of controlling numlock behavior during boot.
    - Added possibility of enabling incoming ICMP protocol. This is useful when you want to monitor remotely if kiosk is up and running with the help of the ping utility.
    - Disabled DPMS (you can enable it in the wizard) as it's better to keep monitor turned on during kiosk session by default.
    - Added customizable firefox user agent which may be helpful in forcing layouts on some websites which are set to support certain browsers only (like e.g IE6) or identifying kiosk session with an unique string.
    - Added possibility of editing the config file generated by the wizard manually.
    - Added installer to the wizard so it's possible to burn the base kiosk ISO on a CD but install it on hard drive or usb stick after finishing the configuration part.

  • Changes implemented in the ISO:
  • - Enhanced security with md5sum check of every kiosk component when 'automatic updates' service is enabled. If md5sum wont match the registered value then booting will stop with a message that kiosk has detected an unauthorized access to it's components.
    - Backported multithreaded squashfs patches from kernel-3.13.x to make the kiosk even faster.
    - Updated initrdpxe.xz with firmware which may be necessary to initialize some network controllers.
    - Updated the code responsible for PXE boot which is more verbose now and it should be easier to find the reason of a failure (like http server being down).
    - Removed 'Public Fox' addon and replaced it's functionality with home grown solutions. Porteus Kiosk 3.1 does not contain any 3rd party addon by default to eliminate risk that one day they may get outdated and incompatible with firefox.
    - Added 000-kernel.xzm (split from 01-core.xzm) which should make easier to update/downgrade just the kernel in kiosk.
    - Forced 'copy2ram' by default. Kiosk ISO is very small so should fit into RAM nicely and this feature is needed for 'automatic updates' service to make sure that upgrade process wont be interrupted by the kiosk session.
    - Kiosk ISO content was simplified with three folders only: /boot, /docs and /xzm.
    - PXE boot does not support /rootcopy functionality so this folder was removed. From now on all files must be kept in the xzm modules.
    - Swapped Xdialog messages to dunstify notifications which looks more attractive.
    - Added possibility of rebooting, suspending the PC and restarting X session to the kiosk's shutdown utility.

  • Other fixes and improvements.