locking down gnome.

Deepak Saxena deepak@csociety.purdue.edu
Wed, 22 Nov 2000 12:44:06 -0700 

create a "gnome" user/group.
you can use root, but it's probably cleaner not to

pseudo-code:

foreach USER
cd ~$USER/.gnome-desktop
chown -R gnome:gnome .

That will lock down the desktop.  They can read it, but they can't write to
it, so there's no way for them to add anything. 

You should be able to do the same sort of thing with the .gnome directory
by locking down config files.  You may have to play with that directory a
little since certain files have to be written to by Gnome at logout.
Thing like session management information and such.

I would create a default .gnome-desktop and .gnome directory structure
and then build a wrapper script around adduser so that they get automatically
installed into a new user's $HOME

~ Deepak

On Nov 22 2000, at 12:32, Icegryphon was caught saying:
> I will be having Multiple users on a workstation with gnome.
> Here is the problem I run in to. I need to make a user with a normal desktop
> on gnome (i.e. Home Dir, floppy, Trash.) And also have Netscape and to
> logout/shutdown. Now how do I configure a user so that they and only see those
> and can use those. I Don't want them to be able to remove or del any icons
> from their desktop. I don't want them to be able to add a panel or change the
> background or any options. Pretty much a basic system that would only be able
> to use netscape and their home directory and floppy.
> Is there any good software around for creating policies like in windows NT?
> Please E-mail your comments to me at Icegryphon@netscape.net
> rather then posting them.
> Thank you
> 
> ____________________________________________________________________
> Get your own FREE, personal Netscape WebMail account today at http://home.netscape.com/webmail
> 
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> 
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

-- 
Deepak Saxena - deepak@csociety.purdue.edu

I will not be pushed,filed,stamped,indexed,briefed,debriefed,or numbered!
My life is my own - No. 6