Implement Proper Guest Login on Ubuntu with no password
Ubuntu seems to make it very difficult to create a proper 'guest' account (one with unprivileged temporary access to the system) with no password.
https:/
Guest accounts are useful when a friend wants to use the computer e.g. to access the Internet, or to upload pictures from his/her camera, or use the printer. Guest accounts are very useful also for cybercafes.
* Guest accounts should be stateless, i.e. when the guest logs out, any file on the system belonging to the guest (data or configuration) is deleted, returning the guest account to its pristine initial state for the next guest login. (no need to worry about leaving personal files behind or using trojans/malwares from past sessions)
* Guest accounts should not allow the guest to access any file belonging to any other account -- no access to folders under /home (use AppArmor?)
*The only files the guest account should be able to access is a temporary homedir for the login session inside /tmp and the public files in /tmp, /usr, /lib, /etc and so on. (what about /mnt and /media?)
Currently, the closer to such feature seems to create a guest account and manually replace its password hash at /etc/shadow for U6aMy0wojraho, which is somewhat cumbersome and neither implement a temporary file system for the guest nor restrict access to /home.
http://
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Superseded
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Scott James Remnant (Canonical)
Related branches
Related bugs
Sprints
Whiteboard
Couldn't you do this by just running "sudo rm -R /home/Guest/"
Or all the files or non-essential config files?
Or maybe "recreate" the user each time, because when it does that, it follows a template (somewhere)
that tells it what the user needs. Or maybe even a WebDav type of thing, where a users home is on a network disk?
I think this is more then doable -> Ubuntu should integrate this on the install, with the main users account (alongside)
That, and make the login screen more fitted for multiple users -> rather then type your name, why not click it?