Tests/Start up and Activation: Difference between revisions
No edit summary |
|||
Line 1: | Line 1: | ||
===Activation via USB stick=== |
===Activation via USB stick=== |
||
''Actions'' |
''Actions'' |
||
# |
# Get the laptop into secure mode and make sure that it doesn't have an ak tag. |
||
#* First, remove any ak or dk flags. |
|||
#* Then, enable-security on your laptop. |
|||
#* See instructions on adding and removing tags: [http://laptop.org/teamwiki/index.php/Team:Main_Page#How_to_change_Manufacturing_data How to change Manufacturing data] |
|||
# Boot the laptop without inserting the activation key, and ensure that the laptop fails to boot. |
# Boot the laptop without inserting the activation key, and ensure that the laptop fails to boot. |
||
#* Try whatever you want during boot up. |
|||
#* If the back door is supposed to be closed, try holding the x button while booting. (this should not disable security) |
|||
#* If you are able to get to the ok prompt, the laptop is not secure. |
#* If you are able to get to the ok prompt, the laptop is not secure. |
||
# |
|||
# Follow steps 20 through 25 of [[Guide_to_Secure_Install]] |
|||
# Shut down the laptop. |
# Shut down the laptop. |
||
# Boot the laptop. |
# Boot the laptop. |
Revision as of 15:54, 5 December 2007
Activation via USB stick
Actions
- Get the laptop into secure mode and make sure that it doesn't have an ak tag.
- First, remove any ak or dk flags.
- Then, enable-security on your laptop.
- See instructions on adding and removing tags: How to change Manufacturing data
- Boot the laptop without inserting the activation key, and ensure that the laptop fails to boot.
- Try whatever you want during boot up.
- If you are able to get to the ok prompt, the laptop is not secure.
- Shut down the laptop.
- Boot the laptop.
- Run a few activities.
- Shut down and boot.
- Do an olpc-update to the latest build.
- Shut down and boot.
Verify
- The laptop goes into secure mode after enabling security.
- Booting the laptop with the activation key activates the laptop, allowing it to boot without the key inserted anymore.
- The laptop can still function as normal and do updates via the web, while staying activated.
Activation Security scenario 1: Basic Activation
Uruguay has been planning for their delivery for months and has identified two country admins and a number of trusted deployment admins to activate laptops at the schools. These deployment admins are dispatched to the location where skids are being disassembled for shipment to individual schools, so they can collect serial numbers for the schools that they are responsible for.
Setup:
- The Deployment admin provides the list of valid serial numbers to the country admin.
- School server has been setup at the local schools.
- The country admin uploads the deployment admin's list serial numbers to the olpc global server and receives a set of activation codes. He creates a usb stick with these activation codes and sends it to the deployment admin.
Actions:
- At the school, the deployment admin connects the usb stick with the activation codes into the school server.
- Open an XO that was on the original list of serial numbers.
- Open an XO that was NOT on the original list of serial numbers; it should not come up working, or it will stop working after the activation grace period.
- At the second school, there is no school server set up yet. The trusted Admin has the activation codes on a memory stick, and inserts that stick into the first XO. Check to see if the XO comes up working.
- Insert the USB stick into an XO that was not on the original list. Check to see if the XO comes up working.
Verify:
- That an XO that was on the original list of serial numbers is able to find the server via the mesh and activate, and that it is usable right away. If a "grace" period of time was allowed (1 week without activation, for instance) then the original laptop will continue to work after that week.
- That an XO that was not on the original list of serial numbers does not come up working, or will stop working after the activation grace period.
- That the XO which the memory stick was inserted into comes up working and continues to work past the activation grace period.
- That an XO that was not on the original list does not activate even with the USB stick directly connected to it.
Activation Security scenario 2: Disable stolen XO
Maya's laptop was stolen from her home. It had been issued to her and the local school server had provided the initial activation when she got the laptop.
Setup:
- Activate an XO with a valid activation key through the server
Actions:
- The laptop is reported stolen to the school adminstrator. The admin uses the server UI to report the full name (or the serial number) of the stolen laptop.
- The OLPC global server adds this laptop to the 'Deactivate' list.
- Use Maya's laptop without access to the internet, and check to see if it still works.
- Connect Maya's laptop to the internet, and check to see if it is deactivated.
- Power the laptop off/on and check if it boots up.
Verify:
- That Maya's laptop will still work if it does not have access to the internet.
- That Maya's laptop does not work when it has access to the internet.
- That Maya's laptop will not boot up after being powered down once it is deactivated.
Activation Security scenario 3: Child moves to new School
Pari has a laptop she has been using for months. She moves to a new town or new school which also has an OLPC school server.
Setup:
- Pari's laptop is up and running; documents, browsing, books.
- Pari moves to a new school server.
Actions:
- Check to see if Pari's laptop is seen by the new server.
- Have Pari's teacher go into the school server interface and designate the new computer as having 'moved' to this school zone.
- Pari's laptop continues to work.
- Then, tell the school server not to allow this laptop.
Verify:
- Pari's laptop should be seen by the new server.
- That Pari's teacher is able to designate Pari's computer as having moved without any problems.
- That Pari's laptop continues to work.
- When the server is told to disallow the laptop, Pari's original school lease will expire and the laptop will deactivate.
Activation Security scenario 4: Server is replaced
The activation and lease information that is held on the local school server may be lost if the server is replaced. Need to ensure that any information the server keeps locally can be overruled by OLPC's global server (?).
Activation Security scenario 5: Lease Mechanism
Tom is a student who received a laptop from a school in Sau Paulo. After a month, his family moves to a town without laptops or internet connectivity. When the lease runs out (the minimum amount of time without connecting with a school server, the laptop should fail to boot.
Setup:
- Successfully activate Tom's XO with a school server.
- Set the lease period to a short time for this test (a few days or hours, if possible).
Actions:
- After the lease period, try to access the internet.
- Reboot Tom's XO.
Verify:
- That Tom's XO has no access to the internet or a school server for longer than his lease period.
- This machine should have been listed in the 'Deactivate' list, and get a deactivate message. (Does it have a local lease mechanism so it will stop working after some period of time, or only after the period of time + next connect to internet?)
- That, after having rebooted, Tom's XO no longer boots.
Start up scenario 1: Server support
Jose is a 6 year-old student at a school in Brazil is being issued his XO laptop today. The school has spent weeks preparing for this day. The school server is set up and has internet connectivity. All the laptops have been activated by the school server, which contains books and software specific for Jose's grade level. The teacher has a specific activity she asks all the children to work on.
Setup:
- School server setup with a school text book for content and appropriate activation keys for 5 XOs.
- Activate all 5 XOs
Actions:
- Designate one of the XOs as the teacher; boot it and select fullname(?), nickname, and XO color.
- On teacher's XO, download a book from the school server (need details on how to do this).
- On teacher's XO, open the book and share it (need details)
- For the other 4 XOs, turn them on, wait for boot up, and select fullname(?), nickname, and XO color. Designate one of the XOs as Jose. [Should two student nicknames the same?
- From Jose's XO, view the mesh network.
- From the mesh view, click on the teacher's shared book.
- From the other XOs, click on the teacher's shared book
- Turn the school server back off and on.
Verify:
- From Jose's XO, ensure that the mesh shows all other XOs
- Ensure that all XOs can access and read the teacher's shared book.
- From the school server, ensure that all 5 XOs have been registered.
- That, upon the appropriate event, the school server should force an archive or back up of the user data for all 5 machines.
- Upon appropriate event (turning off and back on again, or waiting a period of time), the school server should force an archive or back up of the user data for all 5 machines. (is this initiated by the server or XO?)
Start up scenario 2: No server support
Maria is a 10 year-old student in a school being issued XOs. This school just received their server but not set up or has no internet connectivity. Activation will occur via USB stick. The teacher is not prepared with activities or curriculum, but will allow the children time to explore the laptops on their own.
Setup:
- No school server, no Access Point (to start)
- Use a USB to activate 5 XOs (ensure that these are 'out of the box' XOs)
Actions:
- For all 5 XOs, turn them on, wait for boot up, and select fullname(?), nickname, and XO color. Designate one of the XOs as Maria.
- From Maria's XO, go to the mesh and designate 2 other XOs as 'friends'
- From Maria's XO, start a chat session with one of the friends
- Add an off-the-shelf wireless router (such as Linksys) with an uplink to the internet. No WEP key.
Verify:
- Ensure that the mesh shows all other XOs from each student XO.
- Ensure that, once the 2 XOs have been added as friends, the friends show up in the group mesh view, and all XOs continue to show up in neighborhood mesh view.
- That you are able to start the chat session.
- Ensure that Maria's XO can connect to the AP, and can now browse the internet
Start up scenario 3: Server added later
This is a continuation of scenario 2, where the Server is introduced into the school after the students have activated their laptops and started creating documents.
Setup:
- Five XOs are activated and have created shared documents, video and etoys programs.
Actions:
- Power on the school server.
Verify:
- That, upon powering on the server, it should find all the XOs and register them.
- That the XOs are able to access the internet through the school server.
- That the school server provides a back up of the student's files.
Start up scenario 4: Server start up
The server hardware and cables have arrived early at a large school in Uruguay. The local administrator takes the hardware out of the box and would like to set up the server and download the curriculum books and software that have been created ahead of time. There will be 3 radios (all active antennas? or 2 AAs and one embedded radio?)
Setup:
- Ensure uplink connection is available
Actions:
- Plug in the school server, keyboard, mouse, display, connect active antennas, connect uplink.
- Start Server UI for choosing content (?)
- Start an XO.
Verify:
- Ensure that the server boots up and provides diagnostic info: Connectivity to uplink, number of live radio channels (antennas), IP Address for uplink, number of wireless hosts... (what else do we want to show at start up?)
- Ensure the school server provides the appropriate backup and reporting
- Ensure the School server sees the XO when you start it and can provide content to it (automatically?)