I’d like to set up two user accounts on the same machine, and have these two share part of the same Home folder.
In particular, I want to set up two user accounts that will be used only be me, a personal one and a work-related one; my concern is not to protect files from an account to the other, but to keep these two scopes separated.
I’d like each of these two accounts to share the basic system and desktop environments files and settings, in order to have a unified working environment, so if I change, I.E. some keyboard shortcuts or customize the way the system behaves, I don’t have to do that twice. The settings that I’d like to be shared include applications related to the DE (Dolphin file manager, the terminal emulator).
I’d like to keep separated all the “user” files and applications that generally speaking don’t fall under the “system” category. So, documents, pictures, etc… but also the settings of programs like Digikam that don’t natively support multiple user profiles.
I hope that all of this is clear. I can also settle on separate only the personal files and share all the settings (basically only the hidden files on the home folder).
Is it feasible to do so in a reasonable way? Or it will only result in a supreme mess?
Set up the two accounts then set a common group that allows full read/write/exc access maybe call it mygroup or some such set that group recursively to both home directories (chgrp command) add the group to each user set group permissions. Then both accounts should have full access to each others home. To share configuration select one acct as the controller and link (ln) the config directory in the second to the main. May need to do this in many palaces depending how tight you want to bind them.
Think the should work But in my opinion it would be much simpler to setup different activities in KDE rather the use two users. That is what activities are for.
Select the primary user - you will use his home folder;
Create include ACL lists selectively for the folders of interest;
Create exclude ACL lists for the private parts of the primary user home folder, you don’t want other users to rwx in them;
Substitute for each of the shared N-1 home_user_subfolder with a link to the corresponding primary home_user_subfolder.
Overall you may be involved in too much manual work to do.
Remember you have hidden subfolders too.
The above list of operations is safe, and you can always revert at any time to the normal practice with dedicated home folder and/or subfolders for each user, i.e. there won’t be unrecoverable mess as a result, if something goes wrong.
On 05/16/2017 03:56 AM, ZeroG wrote:
>
> Technically it is possible. Is it wise? Hm…
>
> How you can do it, however:
> 1. Create the N - requested users of your choice;
> 2. All users must share the same group;
> 3. Select the primary user - you will use his home folder;
> 4. Create include ACL lists selectively for the folders of interest;
> 5. Create exclude ACL lists for the private parts of the primary user
> home folder, you don’t want other users to rwx in them;
> 6. Substitute for each of the shared N-1 home_user_subfolder with a link
> to the corresponding primary home_user_subfolder.
> Overall you may be involved in too much manual work to do.
> Remember you have hidden subfolders too.
>
> The above list of operations is safe, and you can always revert at any
> time to the normal practice with dedicated home folder and/or subfolders
> for each user, i.e. there won’t be unrecoverable mess as a result, if
> something goes wrong.
>
>
Plan “B”:
Any reference to the name group1 is arbitrary, use whatever name you
want. These steps will need to be performed by root.
create a new group group1
add users needing shared access to files to this group
create directory /home/group1
chown root,group1 /home/group1
chmod 6770 /home/group1
This will allow users to create, read and modify files in this
directory. It will also cause any files created to be owned by
root:group1, all other users are not even allowed to view the contents
of /home/group1. It is not good practice to share “home” folders as
employees come and go and a new admin might accidentally delete the old
employees home folder not knowing it was shared by a group.
–
Ken
unix since 1989
linux since 1994
S.u.S.E./openSUSE since 1996
Thanks for your suggestions, I will try them as soon as I can.
Just to clarify, my intent was to create two user accounts for two different “envirinments”, not for two real persons. I’m willing to try this on my laptop, that is used only by me, I just want to separate the scopes and not get my personal files on the way while I’m working or the other way around. I don’t have any concern about other people causing a mess.
Thank you, I admit that I’ve not extensively used Activities until now, but it seems to me that this feature is mostly used to create different set of desktops, while keeping user files in common between one Activity and another.
It may seem overly nitpicking by me, but without the possibility to keep user files separated between a personal and a work scope means, I.E. that when you perform a search with KRunner, a lot of results, pertaining to the other scope, will get in the way, and similar behaviors.
But like I said, I’m not very familiar with Activities, so maybe I’m wrong; is there some kind of guide somewhere where I can learn more about this feature?
You are essential right but in your wants you want to share at least some things like programs and their configuration (ie desktop settings) in which case you need to set up links to one user to be the master for those type things. You really need to think out exactly what you want to share and what you don’t. I predict it will get very complicated
I have been doing what you want for the past ten years - running separate personal and business accounts. I use different email addresses for each and I don’t mind that the other one is not accessible; I would rather not deal with personal emails when I am working and work emails when I am not.
I have a small number of common files with write access to both users by setting the directory in which they reside to write access. Otherwise, I keep them quite separate using the standard permissions.
I set up mysql in a similar way with certain databases accessible to both users and the remainder only accessible to the relevant user.
The only thing you cannot to so is set up shortcuts on one user for use on both but I use so few non-standard shortcuts that it is trivial to set them up separately on both users.
Each time I have upgraded my hardware, restoring the separate users brings all their separate hidden files; so I only need to set up the non-standard shortcuts on both users. Everything else ‘just works.’
