[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Lockdown of users

norbert wrote:

If when I create new users and their default profile is taken from /etc/skel/ could I make custom entries in /etc/skel/ and chown all the files to "admin" or "root" to prevent the little monsters from modifiing their desktop, specifically removing icon and launch bar ?

any normal files in a directory may be deleted by the owner of the directory regardless of who owns the said files.

An exception to this is if chattr -i has been used.. from the chattr man page

       A file with the `i' attribute cannot be modified: it  can-
       not  be deleted or renamed, no link can be created to this
       file and no data can be written to  the  file.   Only  the
       superuser  or a process possessing the CAP_LINUX_IMMUTABLE
       capability can set or clear this attribute

Be careful with this as a lot of stuff in the $HOME directory requires the user to be able to write to it.

I'm sure Gnome and gconf allow you to set these things in stone anyway which might be a better solution.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]