Hello folks,

I pretend install Lubuntu 16.04 LTS in pc for any employer use this pc! I think create an user with, only, permission to read and write, 770.
This is the best scenario?
I think create this user through terminal, because I pretend create a script, and I don't where wizard has install on system for create and delete users!

I pretend disable Lubuntu Software Center, because I don't want which employers can install programs. This is the best shot?

I read, some here which, for a system more security, should change some relative with sudo and su! I can remember well about this! Any have an idea what can or should do relative with the su / sudo for the system be more security?

Only the first user has sudo right, all other users will have limited rights by default unless you explicitly elevate their rights.

Ok, but how should I create this users and assign your permissions? I need do this through terminal.

I need also which the root has option in menu lxpanel different has user common! For example, in root has label "Applications" with many programs, but he user_1_common hasn't this label, only has option "logout". this is possible?

thanks

You'd use "adduser", "addgroup", "passwd" and "gpasswd" to set up the users and groups. See the corresponding manual pages for the useful options.

That can be more difficult, depending on how locked down it has to be. There are several ways to create a kiosk but if you just want to remove certain programs from the LXDE menu, then just edit the menu for that one user's account.

However, you're implying that the someone will be logging in as root to the graphical interface. That's something that should never, ever happen. Instead, which tasks need to be carried out? List them and then customize /etc/sudoers so that an additional account can use just those tools. By default Lubuntu does not allow root logins. I'd recommend strongly keeping that default.