Ubuntu-style temporary guest accounts

[GJones]

Not sure if this falls within the purview of "Slackware for slackers," but I'll put it out anyway...

One of the more interesting and less buggy features of Ubuntu 12.04 is the guest account. When you log in as a guest, Ubuntu creates a randomly named temporary user to log you in as. The user has its home directory in /tmp, is denied access to sudo and su, and is deleted (along with its data) when you log out. There's also an AppArmor profile to limit the new user. It's a bit like instant system rollback software on Windows - only less of a kludge.

The main problem is, this is all done by Ubuntu's LightDM login manager, which Salix doesn't have. And Salix doesn't have AppArmor either.

Even without AppArmor though, this could be a pretty nice feature. I'm thinking there could be a guest session script for GDM/KDM, which if made executable would create and log in a temporary user called guest-XXXXXX, where XXXXXX is a random number. The user would be a member of their own group and no other - thus, no access to other users' data.

Likewise, a "cleanup" script could run on boot to delete guest accounts and groups that were not removed, e.g. due to a power failure... The one aspect I'm foggy on is how to delete the account and its data *on logout.* I'm sure that could be done in a bash script or such, but unlike the other stuff I'm not sure how.

(... Why yes, I do in fact have plans to do this. When I get the spare time anyway. A good sysadmin could probably whip something up in a minute or so, but I'm not even a mediocre sysadmin. )

[JRD]

I'm pretty sure it could be done.

But the main thing is: for what purpose?
What is the good of having a random user created each time you want to log as guest? Why not using a guest-account configured for that purpose? And last question: what do you want to use a guest account for?

I'm not reluctant, but I delighted to do things if they have a meaning, not if they are possible.

[mimosa]

I recently visited a friend of mine who has Ubuntu. I didn't understand how the Guest account worked, and was rather frustrated, after spending a while putting Salix on a VM in it, to discover next time I switched the computer on that it had all gone. Also the account only gives you some small amount of space, so I had trouble with the VM, till I checked available space and created a virtual disk to fit in it.

I would just create a Guest account and not tell visitors the root password, if I was worried about people reading my files or accidentally deleting them. After all, there's nothing to stop anyone actually malicious from booting with a live CD and doing whatever they like.

[gapan]

The one aspect I'm foggy on is how to delete the account and its data *on logout.*

You can't. But you can run anything you want as soon as gdm is started, which is mostly the same. Just add anything you want at the end of /etc/gdm/Init/Default, just before the "exit 0" line.