I've been pondering how best to set up a guest account in Crunchbang. This is how I was thinking it would function:
1. Mount in /home/guest in RAM
2. On guest login rsync basic settings and config files into /home/guest
3. On guest logout clear everything out of /home/guest
Therefore guests would be unable to change any configurations, browser settings etc - the user would be presented with the same desktop on each login.
I can do 1 easily enough in fstab but I'm unsure about where to insert code for 2 and 3. Has anyone set up anything like this on crunchbang? I know there are a few scripts with similar functionality in the Arch AUR repos but as this in theory seems pretty simple I'd like to work it out myself, just not sure where to insert scripts to execute post login and post logout.
Thanks in advance.
1.) Instead of using an own partition you can perhaps use an existing one:
mount | grep "^tmpfs"
Please post it. /run is cool ;-)
3.) clear with /usr/bin/cb-exit (line 17)
def logout_action(self,btn): self.disable_buttons() self.status.set_label("Exiting Openbox, please standby...") os.system("openbox --exit")
Check in front of last posted line the username and if the user is "guest" delete with
os.system ("rm -rf /home/guest")
I can not program python ... sorry.
Last edited by uname (2013-07-02 17:27:01)
just thinking aloud, wouldn't it be possible to make a guest folder on the hdd- with permissions not to write, for the configuration files.?
maybe make a group, guest. the folder is rwx for guest, but the dotfiles are root's.
just an idea
Thanks for your reply uname. Could you be more specific on how I would use /etc/skel? As I understand it these scripts are only executed when a new user is added so I'm not sure how I would get it to rsync config files into /home/guest everytime guest logged in.
wuxmedia - yes that would also work but I'd like to leave the guest account open enough so that the user could download files, configure the browser etc but lose all of these files and settings after logging out, kind of like a kiosk mode. Yes I'm probably just making things difficult for myself but I can't imagine its that hard to do.
this might help.
http://users.telenet.be/mydotcom/howto/ … ebterm.htm
the files in /etc/skel are simply 'default' values for a new user, adduser is in fact the script that copies them, i believe the way to go would be to make a specific 'guest' user, with their own group... this way you can lock down and target just that user.
user logs in from displaymanager, making sure guest is NOT in sudoers
specific files (browser, ob setup) are read, with read only permissions.
guest browses d/ls views things (temporary folder specified in browser, rw perms)...
guest logs out, rm temporary folder.
commands can be run in .bashlogout, not sure how effective they are. try it
Thanks for all the input. During my search for different methods of doing this I stumbled upon aufs which I didn't know anything about. What I ended up doing was creating the user guest in the usual place, creating the folders /home/.guest and /home/.rw then copying the automatically created files in /home/guest to /home/.guest. At boot /home/.rw is mounted as tmpfs and /home/guest is mounted under aufs with the branches /home/.rw (rw) and /home.guest (ro). I added this to cb-exit under def logout_action(self,btn):
os.system("umount /home/guest") os.system("rm -rf /home/.rw/") os.system("mount -t aufs -o br=/home/.rw:/home/.guest none /home/guest")
So on each logout files in tmpfs are removed and the mount is refreshed to its original state.
Also i inserted in /home/.guest/.bashrc the aliases:
alias findnew='find . -type f -printf "%-.22T+ %M %n %-8u %-8g %8s %Tx %.8TX %p\n" | sort | cut -f 2- -d " "'
To list the most recently modified files recursively from the directory it is executed in.
Whenever I am logged in as guest and I make a change to an application or config file that I want to become permanent I execute findnew, look for the relevant modified file(s) and rsync them to /home/.guest to make them permanent.