Hi back!

Since I am planning to install Slackware at school (where I teach) in order to start teaching students how to use Linux, I would like to know how to set certain restrictions to users so these students wont be able to modify some settings.

Of course, I will create a user for students. Which I will probably call "student". Since I have many students, I think I will create one user for all of them.I wont let them know root password so they don't modify system settings.

But, I would also like to set certain restrictions. For instance, I don't want them to be able to change the background, screen resolution, screen saver, etc.

How can I do that? Is it possible to block accessing this kind of settings?

Any advice or help will be appreciated.

Thanks,
Glore2002.-

Hi!

With everythings you want to restrict. I think you can mark root owner to the file which the setting will write (in user home directory).

Maybe Sabayon is for you:
http://www.gnome.org/projects/sabayon/

Yves.

I recognize the desire to control as much as possible to reduce your overhead and maintenance. Makes sense. Yet philosophically, will the students learn as much when they have both hands tied behind them? Under such an environment the students only learn control and predictive behaviors, not to think and to express themselves.

Setting file ownership to root:root would prevent mortal users from modifying any affected files, but you might find such an approach will result in many pop-up error messages.

After installation the typical system permissions will restrict all users except root from modifying files outside of their $HOME location and a few files stored in /var and /tmp. The inherent nature of a default 'nix system already provides pretty good security and protection. Therefore why not create individual accounts for each student? Let them explore configuring their desktop, let them make mistakes --- this is the normal way humans learn and a method in which there is immediate self-instructive feedback. The more they can customize their own settings, the more they can explore, the more they will be sold on using free/libre software.

To avoid maintenance issues when students totally mangle their user settings, create a skeleton set of files that can be copied quickly. These files typically are stored in /etc/skel. Create a nominal $HOME collection of files, then copy those files to /etc/skel. Use those files as the initial template for each new user account. If configured correctly, the files in /etc/skel will be copied to the home directory of each new account you create. When students destroy their configuration files beyond nominal repair, have them copy the default settings from /etc/skel. Create a half-page job-aid to instruct them how to provide their own remedy when they mangle their settings beyond nominal repair.

If the students are young then they are unlikely to make a total mess. You easily can restore default user settings. If the students are older, expect them to make mistakes --- both inadvertent and intended. Let the older students learn by performing their own troubleshooting. When they mangle their user settings, consider that another learning opportunity. How else for them to better learn the system and desktop environment than to troubleshoot their own mistakes?

I've taught computer classes and there is hardly a better teaching environment than letting students explore and make their own mistakes. The nature of any 'nix system allows great freedom in that approach because users can only destroy their own files. They cannot modify system files or files of other users.

Just a thought.

I agree with Woodsman. The linux system is set up to do almost exactly what you want by default. Give everyone their own user account and let them run with it.

Hi,

If this is a LAB environment then you should setup as such. But a learning LAB with the students maintaining the system(s) then they will learn more with a hands on experience.

If you have the HDD space to setup a LAB partition that any user can login to perform some minimal tasks or even perform work on said system then assign a username(s) for your system. A user name for each student. Then on another partition(s) you setup basically via your instructions. Then the students can perform the install & maintenance of that OS on these partition(s). If you keep a image of the basic LAB partition on a server then the means to restore would be easily done if a problem occurs.

As for the student installation partition(s) that would be their responsibility. A better way to teach and learn the system. I don't know to what level you plan on presenting the tasks or what level the students are at but you could setup a basic overview initially that would lead in to the build techniques of the system.

I would pre-check all hardware and that includes subsystems like hdd, inet or whatever you plan on a common instruction. I would do a install on one system to acquaint yourself to the install or any hooks or problems that might crop up. You will still have some gotchas but that will happen with any form of instruction.

Make sure you have all your documentation for the hardware, Distribution and teaching text. I think you will find your weak points. The students will test or try you whenever they can. Just turn that back onto them by performing tasks that will lead them into understanding. But be certain to answer their questions thoroughly, even if you have to source some alternative source other than the text such as google., answers.com or wiki.com.

I come from academia and we used this model for our Instrumentation LABS at the University level. You could lower the tasks complexity and allow more Instructor intervention. If you just do a cookbook install then no one benefits.

Good luck!

I think this is an extremely bad idea. It makes it impossible for students to take responsibility for their own accounts.

First, the students will be sharing a home directory and therefore able to delete, vandalize, or otherwise interfere with each other's work.

Secondly, it will be impossible for a student to set anything up to his or her preference by editing the appropriate dot files. What if one student wants to set the bash prompt one way and the other one wants to set it another way? One of the strenghs of Linux is that both can be accomodated, and I think the students should be able to see that.

Thirdly, if a student changes the Firefox start page to a porn site, will you know who it is?

I don't know how many students you have, but creating 200 accounts doesn't take that long even if you do it by hand. And of course, there are ways to automate it. If you won't spend a couple of hours (at most!) to give your students a vastly better education, then, well, what kind of teacher are you?

First: Thanks for your cooperation. I really appreciate it.

I am teaching at a primary and secondary level School (Ages: 10 to 18).
I will try the approach you were talking about: Creating accounts for different students. I can also create an account for each course (to begin with). While not the best solution it will be better than having only one account. My students don't always use the same computer. So, creating an account for each of them can be a little complicated.

Of course I want students to explore new things, make mistakes and learn how to solve problems. I've been doing this since 1988. Two of my goals when installing Linux on some of the computers are a) showing them that something exists besides win and 2) that they can also do things they want to do with Linux (Slackware) the same way or better. I always tell them I use and like Linux so much I want to show them why. Finally I would like them to tell me advantages and disadvantages of using both Operating Systems.

As you surely know or imagine, teaching Linux (at School levels) is not easy at all. Not because Linux is difficult in itself. It is difficult to teach something different to win. This has to do more with adults not willing to change or explore new things and marketting than with children. But I am persistant and want to keep doing this anyway at least to show them a new option. :-)

Under win we use a program called Deep Freeze which lets users explore and change things and when you restart the computer everything goes back to where it was. This is very useful to try new things, to avoid deleting important files, to avoid virus, spyware, etc. Whenever the computer is restarted, configuration resets. But this was win and in win is much easier to break important files than in Linux.

I thought something like this was possible with Slackware. But if not, having different users can also be an alternative. But, what happens if a user modifies her portion of the system and then he wants to go back where he was. Is there a way other than restore from backup to undo things?

As you know, I am relatively new to Linux and Slackware. That's why most of my questions (I hope not all of them) are for an extra-beginner-level user.

Thanks friends for all your help!
Glore2002.-

Install Linux on ONE of the computers and then lock it away. Set the other computers up to log into that computer remotely. Problem solved.

If you install Linux on every computer in the lab, just set up the accounts on one computer and then copy them.

"Her portion of the system" would be her home directory. She should be told from the start that she is responsible for the contents of her home directory. On the second day, perhaps, she should learn that her settings are stored in files and directories beginning with dots, and that she is responsible for backing them up if she so chooses.

As dugan already said, all the changes which a normal (non-root) user does are only on its $HOME and nowhere else, so there can be no system misconfiguration or anything like that. If you want the desktop settings restored, just delete that user's $HOME/.* files (and maybe then, keep a backup of all the settings files as you want them and restore them).

Of course, if you want something which the users can really mess with, why don't you try with a livecd? Slax would be great because you can configure it first and then just burn and put it in the tray and it's gonna be the same every time.

Hi,

You could setup with a remote server and verify your users. In my LABS the user setup was easy since everyone had a LAB seat assignment. That way everyone knew where their seat was. That way all equipment was inventoried to the position therefore the student was responsible for that equipment. No mixing of equipment nor sharing.

As for the local setup of the Linux, as I stated before if the seat was to be universal then you have that boot choice or verify to allow the user into the accounts. For the Individual setup then the user would have the ability or user services for his/her seat.

You should really look at seat assignment. No choice! I was at a private University and we do assignments not the student. Forget the social aspects. Be in charge of your LAB.

The social aspects will kill you if you allow it. The students will benefit from the assignment even if they don't get to sit with their buddy. You will find that students will be dependent but others will balance each other eventually. It can be unsettling at first but it does work.

If you are wanting to teach the admin/use of the systems then the picture changes somewhat. You as (root) could go in an break what you wish and assign the student at that station to resolve or correct the problem. I don't know your scope of intention, so it is hard to provide a finite example.

There are ways to allow you to teach OS. If you want to just instruct on how to install a OS then allow the user to setup and work for that session. Wipe it when done. The next session the system would be ready for that user to perform as you want for that session. If you are just instructing then after the first session is complete you would restore the system via saved image over the network. Ready for the next session. Things don't have to be static. You could setup via the network and prepare for future session with images. I don't know your activity or synopsis for the class.

We are just putting out some known scenarios that you could use.

LTSP could be for you too:
http://www.ltsp.org/

Yves.

Thank you! for all your valuable help.

I will take your advices. As I install Slackware at School, I'll tell you how things are working.

Glore2002.-