Results 1 to 8 of 8

Thread: Limited User Account

  1. #1
    jon11848 NNTP User

    Default Limited User Account

    How can I create a user account with restricted access? I'm looking to create what might be called a "guest" account on other platforms. I basically want this user to only be able to access applications that I specify, and that is it. The user should also not be able to change any configuration settings and should definitely not be able to access a terminal prompt.

  2. #2
    Join Date
    Jun 2008
    Location
    The English Lake District. UK - GMT/BST
    Posts
    36,734
    Blog Entries
    20

    Default Re: Limited User Account

    All users are limited, in that they do not have admin rights. And any configuration a user changes will only apply to that user login. You can make further changes to user accounts in Yast as an admin.
    Leap 15.1_KDE
    My Articles Was I any help? If yes: Click the star below

  3. #3
    jon11848 NNTP User

    Default Re: Limited User Account

    Ok well let me rephrase my question:

    In the Yast admin panel, how can I remove a user's permission to access a certain program. For example, what if I don't want a certain user to access openoffice?

  4. #4
    Join Date
    Jun 2008
    Location
    Wales, MA
    Posts
    486

    Default Re: Limited User Account

    Start with the menu editor and delete any entry you don't want them to have access to. While it won't disallow access to applications via the command line it will keep 99% of the people from accessing them.

  5. #5
    Join Date
    Jun 2008
    Location
    Frisco, TX
    Posts
    1,233

    Default Re: Limited User Account

    On Mon, 2009-03-02 at 18:26 +0000, jon11848 wrote:
    > How can I create a user account with restricted access? I'm looking to
    > create what might be called a "guest" account on other platforms. I
    > basically want this user to only be able to access applications that I
    > specify, and that is it. The user should also not be able to change any
    > configuration settings and should definitely not be able to access a
    > terminal prompt.
    >
    >


    AppArmor may be your friend here. You can create a new bash program
    for example, and execute (profile) it under AppArmor's watch, accessing
    only the things you want the application to be able to access.

    Just a suggestion. I've used this to create some nice custom
    restricted enviroments.



  6. #6

    Default Re: Limited User Account

    I think what you are actually looking for is a deeper understanding of linux file permissions. Every file has an owner and belongs to one or more groups. For each of these it has three permission settings, read, write, and execute. Each file also has a separate permission set for everyone else. To properly tighten up the security of your system like you want it, you'll need to understand these settings and make changes to them to suit your needs.

    I wont get into any details because its a rather in depth subject, I couldn't explain it as good as the man pages, and you might get enough functionality out of one of the other suggestions, but if you want to take the time to do it properly, and you don't mind learning new things, check out the man and info pages for chmod and chown, and don't do anything on your system until you understand what you are doing. Experiment first with a live CD, or install an OS on a usb drive if you have one and boot into that. That way, you won't kill your system while you're learning.

    Once you properly understand permissions and groups, you'll be able to get exactly the functionality you are after, and you will have learned a valuable skill. Best of luck to you.

  7. #7

    Default Re: Limited User Account

    Search yast software managment for kiosktool it will do what you want.

  8. #8
    Join Date
    Jun 2008
    Location
    bc.ca
    Posts
    60

    Default Re: Limited User Account

    PC1 openSUSE_11.0_x86_64 / M$-WinXP, Athlon 64x2 5000+, ASUS M2N-SLI, 4G RAM, WD500G, GeForce 9800GT
    PC2 Ubuntu_9.04_x86_32 / M$-WinXP, C2Q E8400, ASROCK G31M-S, 2G RAM, Hitachi500G, GeForce 9600GSO

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •