Wanting to force users to save in MNT directory

[Guest tommyrot]

Hi Folks,

 

I'm rolling out Mandriva in a public Library, and I want to avoid confusion by locking users into only saving to the MNT directory (i.e. making this the only directory available).

 

Is this do-able? I'm trialling the new Mandriva Special Edition product.

[alexpank]

This should be fairly easy to do, depending on how your users are logging in. For example, if you only have one user per computer (i.e. each library user doesn't have to log in before they use the machine), you could just set up your permissions so that that user only has access to the /mnt directory, and all other directories are accessable only by root or by an admin.

 

On the other hand, if you have multiple users (unlikely in a public library, now that I think about it...), you could whack them all into a group which has access to /mnt and nothing else, with admin/root being able to access everything else.

 

You can set this up through the CLI - I would tell you how, but I suck at it, especially adding users - or through MCC. I'm at uni now so I can't tell you exactly how to do it, but I think it's in System > Users

 

Hope this helps a little (and that someone can furnish the details of adding uses through the CLI!)

 

Alex

 

BTW, it might be an idea to restrict their write permissions to just /mnt/floppy or something like that, rather than giving them the whole of /mnt to muck around with.

[alexpank]

Just read through the posts again and noticed that I only half answered your question. What you need to set up your permissions is chmod, a lovely little utility for changing read, write and execute permissions for files, and possibly chown, for changing who owns all the files.

 

Basically, what you want to do is give all the files you don't want accessed to root or an admin or something like that:

chown [I]admin[/I] *

You can either do this for each directory, or go to the root directory and do

chown -R [I]admin[/I] *

Only thing is, this might stuff up some of your permissions and ownerships that are already set up. I can't remember exactly, but I think when you install Mandrake, everything except the /home directories is set up to be protected from being written to by ordinary users. If that's the case, then all you should need to do is use chmod to let them get to /mnt:

chmod -r a+rw /mnt

 

Now, that's a bit more complete (but possibly incorrect or inadvisable - you might want to check out the man pages for chmod and chown to make sure that that's what you really want to do for your system, and failing that, it might be an idea to give someone a bit more knowledgeable than me the chance to run in and say "What the heck did you tell him to do that for, you nincompoop?!?"

 

 

Alex

(still on waterwings)

[Guest tommyrot]

Thanks heaps Alex, I just needed someone to nudge me in the right direction - I'll investigate chmod and play around with your suggestions.

 

You're right in that I only need a single user - imaginatively called "library user" currently, although once I get a bit more clever I'll try setting up additional "special needs users" etc.

[pmpatrick]

I'm not sure that will give you the desired result. Some user programs may need to write to cache or some temp directory in order to run properly, eg browsers. Kde has a kiosk mode which allows for great control just for situations like yours:

 

http://www.linuxjournal.com/article/7718

 

http://extragear.kde.org/apps/kiosktool/

 

Also, I've read articles in the past on libraries that have done this kind of rollout; I'm sure if you contacted one of them they would be helpful.

[Guest tommyrot]

Cool! thanks for that, I'll play around with the kiosk.