Hey everyone

I was wondering if there is a piece of software I can use to make my system reset after every reboot.

My goal would be to make a guest user account on a computer I have, I would set up the network set up some basic programs and then make a "restoration point". Every time someone would reboot the computer everything has to go back to that restoration point and all the settings and temp files and caches and installs etc have to be wiped out. Basically undoing everything that person did.
I have searched here and on the net, but I can't really find a way how to do this. I am also not really sure how a piece of software like that would be called.

Thank you for your help!

Kind regards
Tinker

http://www.faronics.com/products/deep-freeze/

This. If you want to make permanent updates/changes, you 'unfreeze' it and make the changes. When it is 'frozen' nothing you do to the computer is saved.

We use the enterprise version to keep the users safe. It works wonderfully. Getting around the virus updates was the only problem we had.

A user's $HOME directory on a tmpfs filesystem would be gone after every reboot. Regardless of filesystem, most distributions delete the contents of the directory /tmp on boot.

One-time user-creation:

You would have to make sure that the user's $HOME is created on every boot. Then you could populate it with your "template" and change ownership to the user.

On every boot:

This assumes that /tmp is wiped on every boot, that there is no user "guest" already, and that your distribution creates a group "guest" along with the user. You can name the user as you wish in case of username collision. Add the new user to the groups he needs (audio/video/usb/plugdev...). The directory /etc/skel is the default for new user templates, but you do not have to use it. You can create your own template.

1 members found this post helpful.

Sounds like you might want a customized LiveCD that loads totally into memory. I have a similar setup on one of my computers (a fileserver that nobody ever logs into). It loads the LiveCD from harddisk rather than from a CD. Totally into memory. As it boots, I have created custom startup scripts that change the root password, set up the network, configure Samba for file sharing, run automated backups, etc. Mine is based on SysRescueCD (thus, only a basic GUI is supported - doesn't matter to me since I use commandline only on that server). But you should be able to do it using just about any LiveCD. Depends on what software you need installed and how sophisticated of a system you want to run.

With the LiveCD approach, especially a customized setup that loads off of harddisk and runs 100% from memory, your user could totally trash your system and it would be repaired perfectly upon reboot. Plus, it would run blazingly fast. But you would have issues with things like historical emails held in a local inbox, web browser bookmarks, etc., unless you took all that into account in your customizations and devised some way to save those in a permanent data store.

Thank you for the, I think I remember that name from on some public windows PC's. I didn't know they also made it for Linux. Will check it out.

This looks like a really good way, only problem is that my Linux knowledge is really minimal.
For example, do installed programs and changed settings also get saved in the $HOME directory?
Because I would like to allow the user to change settings even install programs. But only for the session.


Hey thank you for the idea, this is indeed a very good idea. The only problem is that it will only be one user account that has to be "wiped" after each use.
The other user accounts would have to function like normal ones, storing data etc. So I am not sure this will work for this situation, but I will keep it in mind.

You could create a virtual machine inside your main machine, and then turn the devious user loose in the VM. Restore the VM from a backup copy after they have logged out. It would take some scripting knowledge to make all this happen.

Unfortunately, that is probably the final nail in the coffin for the VM idea.

What you're wanting to do is force-fit this user into a sandbox where they can kick as much sand in their own face as they want, but they can't get anything into anybody else's sandbox or into the system sandbox. Totally isolated from everything else on your system. That is not a beginner concept as far as system administration goes. A VM is perfect for this. But passing this user transparently (and harmlessly) through your main system and into the the VM will take a little knowledge and skill. It will be cleaner if this user is logging in remotely, not sitting directly in front of the computer you want to protect. For the remote case, you could just set up the VM with it's own external IP address that the user would access it from. This is exactly how some software companies implement training for their products. Students remotely login to a VM. Oracle is one such company that does this, or at least they used to, last time I took one of their classes. Of course, that particular class was on creating and configuring VM's, so it was pretty obvious that we would be using them in that manner.

Changed settings yes, but installed programs - no. If you want to allow the user to tinker with the installed package set (which is system-wide), you have to go the sandbox/vm route.

Thank you both for your answer.
I also fear that my very limited knowledge about Linux will be a problem for this. On the other hand, "the guests" that will be using it have even less knowledge about it than me. So it doesn't have to be super secure.
But thank you very much for your input.

Well, if you won't have both normal users and this rogue user you want to control logged in AT THE SAME TIME, you can still use the LiveCD method. Normal users use the normal system. When the rogue comes over, you reboot it from the LiveCD and do not mount any of your hard disk partitions. Let them play in the LiveCD environment. Then when they leave, boot back to the normal system. You would probably want to make it so that the rogue could not easily reboot your computer, thus gaining access to your normal setup. You could implement this with a BIOS password or similar. Nothing will be 100% secure, especially when they have physical access to your computer. They could defeat BIOS passwords by taking your computer apart, removing the BIOS battery, shorting pins, etc. Or, even from the LiveCD environment, then could manually mount your hard disk partitions and nuke them. But this would take some knowledge and maliciousness on their part. Something you say they don't have (at least not the knowledge part). It would be good parctice to keep a complete backup of your system on an external hard disk (hidden away so the rogur couldn't find it), just in case they do breech all your efforts and manage to mangle your system. You could always do a bare-metal restore from that backup. But make sure you have a 100% solid backup, and know how to restore from it. Many people who don't have a lot of computer experience may be doing backups, thinking they are 100% protected, but when the rubber meets the road, they find their backups are incomplete, corrupted, or they don't know how to use them. So don't be like that - learn and practice in advance.