From owner-freebsd-questions@FreeBSD.ORG Sat Oct 25 10:22:54 2008 Return-Path: Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7042C1065675 for ; Sat, 25 Oct 2008 10:22:54 +0000 (UTC) (envelope-from joeb@a1poweruser.com) Received: from mail-03.name-services.com (mail-03.name-services.com [69.64.155.195]) by mx1.freebsd.org (Postfix) with ESMTP id 5A0C68FC12 for ; Sat, 25 Oct 2008 10:22:54 +0000 (UTC) (envelope-from joeb@a1poweruser.com) Received: from laptop ([202.69.173.231]) by mail-03.name-services.com with Microsoft SMTPSVC(6.0.3790.3959); Sat, 25 Oct 2008 03:22:50 -0700 From: "joeb" To: "en0f" , "freebsd-questions@FreeBSD. ORG" Date: Sat, 25 Oct 2008 18:23:23 +0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <4902C1B4.30207@bokey.mine.nu> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 X-OriginalArrivalTime: 25 Oct 2008 10:22:50.0811 (UTC) FILETIME=[A24D78B0:01C9368B] X-Sender: joeb@a1poweruser.com Cc: Subject: RE: restrict gnome desktop user. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: joeb@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Oct 2008 10:22:54 -0000 -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of en0f Sent: Saturday, October 25, 2008 2:50 PM To: freebsd-questions@FreeBSD. ORG Subject: Re: restrict gnome desktop user. joeb wrote: > How do it configure gnome to restrict users to their home directory? > I don't want them to be able see any system directories or other users? Dont know about gnome per se but you can use chroot/jails to restrict users to see only stuffs you want them to see for any environment. Just build the chroot and copy over the gnome-specific binaries to its chrooted-equivalent (copy or link /usr/bin/gnome-panel to /home/chrooted/johndoe/usr/bin/gnome-panel). I do not know of any tools that does this automatically and also I do not know how gdm will work out. e.g - Normal /home/johndoe/ | |___ .bashrc |___ .sig chrooted /home/chroot/johndoe/ | |__ bin/ |__ usr/ -- en0f _______________________________________________ WOW this sure seems to be over kill putting each user in a jail. There must be some other way at the user id level or from gnome it self to do this.