GNOME for school
Im setting up a test computer for school that will be used by students and if it works good we will be switching to linux, if not M$ stays.
So I created 2user accounts. One is TEACHER and the other one is STUDENT which is stripped of almost all permissions. And I've also used PESSULUS to lock down the STUDENT account. But the problem is that when I log in as STUDENT I am still able to change the settings of aMSN or Nautilus,Crossover OFFICE-> MS OFFICE 2000 or the hidden file/folders under STUDENT's home dir. So I believe that I should do the following: I should set it up so when a user STUDENT logs out, his home directory gets restored to its original status (copied from some location in /usr/share/......). I think this is better than just locking access to config files, or at least it's what I'd prefer as a user. But unfortunetly I dont know how to achieve this? Am using UBUNTU DAPPER and latest GNOME. So please help me out here. |
Edit .bash_logout to do something and then chown it to root, maybe? And, possibly, also do the same with .bash_profile (so in case of hard session crash, maybe provoked, everything will be copied on login of the next user). And is it intentional not to have personal logins and possibility to store personal files (I mean, without risk of them being destroyed)?
|
Don't Lock them down
Hi BigDaddy,
I don't know what do you want to achieve from all this! Why do you think that if they (Students) play around with some config files the whole system is going to be messed up. They should get ample time and practice to play around. Some of them are the innovators and genius of the future, and just for some of them (those genius) you will have to allow them to do whatever all want. Let them see the world using their own eyes. Let them have some fun. and Let them innovate in MISTAKES which will lead them to a better understanding of the things. Still there is an overhead to you and it is to maintain messed up thing! As you mentioned earlier you should backup the whole home directory and if something goes wrong let the student who messed up try to recover it. If he/she is unable to that only then you should restore the directories. Please consider my request and let them find their ways, let them grow their own way. Hope you will not mind an advice not asked for. |
Quote:
Code:
mkdir ~/trial1 Quote:
Quote:
|
Did you check that the file is readable by user, but not writable?
I can mention that variant with .bashrc and .bash_profile is better. Or do you use smth different from bash as shell?? >So they must be very secure. 1.Just giving personal logins with some megabytes for each gives students isolated space. If you do it right, it will be rather hard to spoil life to anyone but the spoiler. 2.If you do ask such questions (no offence intended, just the fact), you won't get security... Only honesty of students can save your system. And will, if you won't seem too restrictive administrator. For example, your proposed system will not work if you do not take measures to catch run-away daemons left by students (intent to work around your system supposed). And there are fake-logins. |
Since you are already using Ubuntu, check out Edubuntu. I have not tried it, but it is supposedly specifically for schools. It might make your life easier.
--Ian |
Thanks!
Hello Bigdaddy,
Thanks for considering my request and I liked the account name too! |
The usual approach to this sort of thing is LTSP: see www.ltsp.org and more specifically www.k12ltsp.org.
Have a read. |
Hello,
Again you can set the config files (obviously related to the user only ) to be immutable. I thinks this should solve your problem |
Quote:
Quote:
Quote:
Quote:
|
Quote:
|
Quote:
|
Quote:
|
Quote:
|
Quote:
I tarred the STUDENT folder to /home/qhome.tar.gz. And chown it to TEACHER and gave executable permission to all. So then I put this script into GNOME->SESSIONS->STARTUP PROGRAMS: http://ubuntuforums.org/attachment.p...8&d=1147245541 Tell me what do U think? |
All times are GMT -5. The time now is 11:28 PM. |