View previous topic :: View next topic |
Author |
Message |
chazwurth n00b
Joined: 24 Aug 2003 Posts: 9 Location: Michigan
|
Posted: Tue Feb 01, 2005 4:31 pm Post subject: logout script to restore home directory |
|
|
Upon logout, I'd like a user account's home directory to be restored. I want everything in the directory to be overwritten by an 'authoritative' version of the directory. The user cannot have access to the authoritative copy of the directory, so the script will have to be run by root (remove the user's home dir, copy the new one over, change permissions, etc).
So my question is: how do I cause this script to be executed when the user in question logs out? Where do I put it? Is there a root-owned config file that is automatically called upon logout that I can just add these commands to? |
|
Back to top |
|
|
adaptr Watchman
Joined: 06 Oct 2002 Posts: 6730 Location: Rotterdam, Netherlands
|
Posted: Tue Feb 01, 2005 4:42 pm Post subject: |
|
|
If this is on a physical terminal, you could write a wrapper-script to start from init instead of just a getty.
This would have to run getty (which runs login) normally, and do whatever you want it to upon logout; then the script wil be restarted by init.
For logins of any kind you'd better write a cron job that checks whether the user is logged in, then do the stuff after they've logged out, setting nologin during those operations to make sure it won't be interrupted halfway through.
But when you say "restored", that's a little vague, for the following reason:
1. either you don't want the user to be able to change anything, even during their session, in which case you can simply set all their files to read-only, or
2. you want to present them with a kind of "mandatory profile" a la windows - which means they still need to be able to change settings and such.
I think the first one is the simplest. _________________ >>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
Back to top |
|
|
SerfurJ l33t
Joined: 10 Apr 2004 Posts: 824 Location: Texas
|
Posted: Tue Feb 01, 2005 4:51 pm Post subject: |
|
|
or maybe you could give the user an sudo permission and put something like this in /etc/profile (i haven't actually tried it):
Code: |
if [ $USER != "root" ]
then
alias logout="logout && sudo /root/bin/user-cleanup.sh"
fi
|
but the script doesn't have to be run by root to copy an "authoritative" copy over. the script could be run by the user and the files could be read only files owned by root with permissions of 644. the script would have to be owned by root and have permissions of 755.
Last edited by SerfurJ on Tue Feb 01, 2005 5:05 pm; edited 1 time in total |
|
Back to top |
|
|
chazwurth n00b
Joined: 24 Aug 2003 Posts: 9 Location: Michigan
|
Posted: Tue Feb 01, 2005 5:04 pm Post subject: |
|
|
Quote: |
But when you say "restored", that's a little vague, for the following reason:
1. either you don't want the user to be able to change anything, even during their session, in which case you can simply set all their files to read-only, or
2. you want to present them with a kind of "mandatory profile" a la windows - which means they still need to be able to change settings and such.
|
I want the user to be able to change things, have write access to the directory, etc, but I also want a 'clean' session on the next login.
Maybe a cron job is the way to go. |
|
Back to top |
|
|
adaptr Watchman
Joined: 06 Oct 2002 Posts: 6730 Location: Rotterdam, Netherlands
|
Posted: Tue Feb 01, 2005 5:08 pm Post subject: |
|
|
Quote: | I want the user to be able to change things, have write access to the directory, etc, but I also want a 'clean' session on the next login |
That's rather contradictory - what's the point of being able to write stuff if you're going to wipe it out again ? _________________ >>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
Back to top |
|
|
chazwurth n00b
Joined: 24 Aug 2003 Posts: 9 Location: Michigan
|
Posted: Tue Feb 01, 2005 5:10 pm Post subject: |
|
|
Quote: |
but the script doesn't have to be run by root to copy an "authoritative" copy over. the script could be run by the user and the files could be read only files owned by root with permissions of 644.
|
I didn't think about that. On the other hand, if all those files are read only, I guess I could just wipe out everything in the directory that isn't read only when the user logs out, thus removing anything the user added. This looks a lot less complicated if I make everything read-only, which ideally I'd rather not do. |
|
Back to top |
|
|
SerfurJ l33t
Joined: 10 Apr 2004 Posts: 824 Location: Texas
|
Posted: Tue Feb 01, 2005 5:48 pm Post subject: |
|
|
a clean copy of the files you want to be in /home/user/ could be put in /usr/home/ and made read only and owned by root, then copied over after wiping out the old files in the home directories (via the script). |
|
Back to top |
|
|
|