[KLUG Members] Kiosk / Lightweight Workstation Recommendations

Jeremy Leonard lists at elite4god.com
Tue Dec 13 11:33:01 EST 2005

Previous message: [KLUG Members] Kiosk / Lightweight Workstation Recommendations
Next message: [KLUG Members] Kiosk / Lightweight Workstation Recommendations
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew Thompson wrote:

>>>And even after removing launchers from the 
>>>panel(s) who knows if you "really" have everything locked down? Another 
>>>big challenge here is blowing away the user directory after logout and 
>>>recreating a clean user directory with the bare minimum dot config files 
>>>et al.
>>>      
>>>
>>rm -fR /home/tempuser
>>cp -pR /home/skel /home/tempuser
>>chown -R tempuser.nobody /home/tempuser
>>
>>You can put it right in the GDM login script so that part runs as root.
>>    
>>
>
>If you do that, you might want to consider a cp from /root/skel instead
>of /home/skel. That might reduce the chances of someone getting in and
>mucking with the model user directory.
>
>  
>
I'd use pam_mkhomedir to create the dir on login and the script to just 
delete it on logout.

By default it uses /etc/skel. But you can give it any path you'd like.

Add:

session  required       pam_mkhomedir.so skel=/etc/skel umask=022

to the top of your /etc/pam.d/gdm  file.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.kalamazoolinux.org/pipermail/members/attachments/20051213/b04a659a/attachment.html

Previous message: [KLUG Members] Kiosk / Lightweight Workstation Recommendations
Next message: [KLUG Members] Kiosk / Lightweight Workstation Recommendations
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list