Mounting a device to a folder hides the previous contents of the folder, and the contents of the tmpfs mount would be zilch. I am not really sure what /etc/skel is all about exactly, but I have heard that it is used as the initial state of newly created accounts. In order to make a permanent base config for the account, you could make a directory called /home/allbase and copy the config over from there when the computer boots by doing "cp -r /home/allbase/.* /home/all" in rc.local(in Slack). To set it up, you would just configure the account the way you want(can do this even in tmpfs mode) and copy all the hidden files over to the base by switching the directories.

You may have better luck using IceWM or TWM for desktop cause it is simpler and the system-wide config would be used in the all account without any copying of hidden files. If all the user would be allowed to do is browse with firefox, you could not use a WM at all!

A tutorial post seems like a cool idea, and I would probably not be able to do it cause I can't explain in a good way the first time around(as you have experienced).

Personally, I haven't actually done anything like this to my own box and have just been thinking about doing it. The greatest thing about Linux(and Slackware) is that things usually work the way I expect them to and so I can perform pretty deep thought experiments without actually touching my box.

How would I use no window manager at all for the all profile and still use Firefox (have it startup upon login)?

If you're getting annoyed with my questions, let me know BEFORE you get mad, please. :-) I really am trying my best to figure all this out, but it seems like so much of the available documentation on Linux doesn't apply exactly to Ubuntu, and therefore the documentation on Ubuntu is incomplete.

/home/all/.xinitrc
When you close down firefox, it logs out like normal WM's.

That .xinitrc thing has no effect in Ubuntu. I still haven't had time to try tmpfs, though. I can't seem to keep the all user from modifying stuff, though. I can delete the last GNOME panel, and then the all user can simply add a main menu to it, get to the config editor, and make some lasting change (I tried it) to the whole system, which tmpfs won't protect against. Can I load the whole freakin' computer to a tmpfs when it boots up, or something, so that all changes will be written to a temporary mount, and then when I reboot it'll revert to how it was before?

A normal user shouldn't have the priveledge to make any changes outside of their home directory, which would get refreshed every reboot. If a normal user can make such system-wide changes, then Ubuntu broke the permissions system natural to *nix. Use Slackware!

I'm not keen on Slackware; it's "for geeks only" (install doesn't track dependencies, etc.).

Just thought of something I'll try which might be simpler than tmpfs and /etc/skel/ and all that: I'll make every file in the user account's home directory read-only, along with the home directory itself so they can't create or delete files (for example, launchers on the desktop).

I'm hoping this will do the trick:

chmod -R 444 /home/all/

Lol, that definitely didn't work; that would be too easy! I couldn't even login all the way. Apparently it needs to write some to the user directory for normal use. Guess I'll have to try that tmpfs trickiness!

Amazing! I'm still a little thick-headed about exactly what tmpfs does, but it seems to be working! Here's what I did:

1. I'm now using Xandros, because it's easy to install and configure, and
runs KDE so I can use the KDE Kiosk Admin tool. I created an "all" account
and configured its profile with the Kiosk Admin tool (from the root
account) so that patrons can't bring up context menus, etc. from the "all"
account.
2. I added the tmpfs fstab entry. Here's my /etc/fstab file:

3. I rebooted the machine and played around to see how it works.

If I login as all and make changes (delete a Desktop shortcut, for
example), then reboot, the changes do not remain. If I only log out and
log in, the changes remain until I reboot. If I make changes with the KDE
Kiosk Admin tool as root and then reboot, changes remain (this is how I
want it anyway, yay).

As root, looking at my filesystems I see / and /home/all. The second is
obviously my tmpfs mount, which wasn't there before I added the fstab
entry. If I make changes in the /home/all mount as root and then reboot, changes do not remain.

What is confusing to me is that if I make changes as root to /home/all
under the normal / filesystem, the changes still do not remain when I
reboot. Shouldn't they remain, since they are "under" or "before" the
tmpfs mount? I assume the all profile is actually looking at the /home/all
tmpfs mount, rather than /home/all under the / filesystem, and that is why
changes don't stick when made from the all account. But why don't changes stick when made as root to the /home/all folder under the / filesystem?

I am getting one error message when I login as all since I added the fstab
entry:

This is probably a Xandros issue, not a Linux issue. I searched and didn't find any desktopwizard.cpp file in my filesystem.

tmpfs and the Kiosk Admin tool work fine by themselves, but when they are both affecting a Linux user account together, they battle. I tried dozens of possible combinations of configurations and they always mess each other up. So, I'm going to look for another solution. Thanks for this tmpfs idea, tuxdev; it does work as it should, when it's not fighting with the Kiosk Admin tool.

Make a bash script named deepfreeze with this content first.
-------------------------------------------------------------------------
#!/bin/bash
# Deepfreeze a la Linux
# Backup before use, Use At Your Own Risk
# Copyleft 2007 by A. Hardiena
# Translated by fortmunir

Xdialog --title "Deepfreeze ala Linux" \
--menubox " Welcome to Deepfreeze ala Linux." 17 65 3 \
"Install" "Install Deepfreeze" \
"Remove" "Remove Deepfreeze"
"Abort" "Abort Installer" 2>/tmp/checklist.tmp.$$

choice=`cat /tmp/checklist.tmp.$$
rm -f /tmp/checklist.tmp.$$

case $choice in
"Install"

ask=`mktemp -q /tmp/menu.XXXXXX`
header="Deepfreeze ala Linux"
size="9 60"
content="Home folder you want to protect."
Xdialog --title "$header" --inputbox "$content" $size 2> $ask
if [ ! $?= 0 ]; then exit 0
fi

directory=`cat $ask`
check=`cat /etc//rc.d/rc.local | grep `# Deepfreeze System'`
temporary=" Deepfreeze System"

if [ "$check" == "$temporary" ]; then
sed -i "/# Deepfreeze/d" /etc/rc.d/rc.local
rm /home/$directory.tar.gz
fi
# Processing Deepfreeze and put to /etc/rc.d/rc.local
cd /home/
rm $directory.tar.gz
tar -cf $directory.tar $directory
gzip --best $directory.tar
cat << EOF >> /etc/rc.d/rc.local
# Deepfreeze System
cd /home/ # Deepfreeze do not manual editing this line
rm -f /home/$directory # Deepfreeze do not manual editing this line
# Deepfreeze has ended here
EOF
# Check if autorecovery has errorr
if [ $? = 0 ]; then
content="Deepfreeze home $directory success."
else
content="Deepfreeze home $directory failed."
fi

Xdialog --title "Header" --magbox "$content" $size
;;
Remove)
ask=`mktemp -q /tmp/menu.XXXXXX`
header="Deepfreeze ala Linux"
size="9 60"
content="Home folder you want to protect."
Xdialog --title "$header" --inputbox "$content" $size 2> $ask

if [ ! $? = 0 ]; then
exit 0
fi

directory=`cat $ask`
------------------------------------------------------------------------


If your distro doesn't use rc.d but init.d, You should change position of rc.local from /etc/rc.d/ to the right directory.

The last step is change the mode
chmod +x deepfreeze

Just double cliks it to activate. Or type in your console sh deepfreeze


*************************************************************************
i got an error while executing that!

any sugestion!?