?
Solved

Script required to wipe Linux user dektop daily and log out set users

Posted on 2005-03-04
48
Medium Priority
?
391 Views
Last Modified: 2013-12-16
I have a number of students who keep f***ing with there profiles changing the desktops, icons, layout, wallpaper etc. This eventually causes there profile to load with lots of errors. Usually caused by them deleting images/files associated with there profile.
 
Understand that I cannot lock the profile down as its need r/w access.

Can someone provide me a script and tell me how to get it running/where to install it,  that will wipe the users profile every day restoring all basic settings, every time they log in and log selected users (students) out at a set time every day?

Regards

Mark Carey
0
Comment
Question by:markacarey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 18
  • 16
  • 8
  • +3
48 Comments
 
LVL 16

Expert Comment

by:manav_mathur
ID: 13459681
>that will wipe the users profile every day restoring all basic settings,
you can do the same in /etc/rc.d/rc.local   (Redhat)


Manav

0
 
LVL 16

Expert Comment

by:manav_mathur
ID: 13459739
I dunno if this works or not (havent tried yet), but you can put the followign lines of code into your rc.local script

for users in user1 user2
do
    mv /some/admin/path/.profile_basic /home/$users/.profile && chown $users: /home/$users/.profile
done

where.
/some/admin/path/.profile_basic

is a template script which will overwrite the .profile of every one of (user1, user2) when he *logs on* .
alternatively, put this into a script and schedule it as a root cronjob if you want to run it every morning.....

man crontab
man 5 cron

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13463022
assuming you have a sample profile in /home/sample then do:

 cd ~ && rm -rf * && (cd /home/sample&&tar cf - *)|tar xf -

place this in your shell's system wide resource configuration file (/etc/profile for sh and friends, /etc/csh.cshrc for csh and tcsh, usually)

this recreates the home directory at beginning of each login
# I'd suggest that you test first carefully
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 
LVL 7

Expert Comment

by:surya_prabhakar
ID: 13463314
every user when ever he logs some gui related files get created in his home directory .if you delete them the next time they log in all the files get created again restoring the defaults .
for gnome you have files like
.gconf, .gconfd, .gnome* , .gtk* etc  
and some silmilarly some files for KDE  .kde etc

we should not be deleting all the files .only few of them  

try this script and update me
-----------------------------------
#!/bin/bash
mkdir /tmp/profiles &> /dev/null
DEST="/tmp/profiles"

for i in `ls /home`
  do
    SRC=/home/$i
# you can customize and add more files too
    mv $SRC/.gcon* $DEST &> /dev/null
    mv $SRC/.gnome* $DEST &> /dev/null
    mv $SRC/.gtk* $DEST &> /dev/null
    mv $SRC/.kde* $DEST &> /dev/null
    mv $SRC/.ICE* $DEST &> /dev/null
# Instead of mv you can use rm -fr  if you dont want save
# these files .
    echo "cleaned .... $i"
  done

echo "Cleanng done"
------------------------------------------------------------------------


surya.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13463358
> we should not be deleting all the files
that was the requirement
and if people waste their home, you need to restore it from scratch, anything else is not reliable

BTW, my sugestion assumes that it should be done for *all* users, that's probably wrong (think of root)
Please make a if condition for the reuired users
0
 
LVL 7

Expert Comment

by:surya_prabhakar
ID: 13463404
alright alright !  I just forgot your presence :-)

But why do you need to screech off .profile files of the users when he says that  it causing problems with the GUI /icons and stuff .
If he wants to clean up every thing that can be done too but the genuine users who might have put some aliases or env variables in their profiles get punished .

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13463461
well, as pedantic as I am, I read "profile" not ".profile" in the question
anyway, .profile doesn't matter (at least as long as it is not misused for storing f***ing files ;-)
0
 

Author Comment

by:markacarey
ID: 13463763
All of the users are students that can have there desktop totally reset.  

Surya

Where do I place your script?   Does it go in - /etc/profile?

Presently all users are using /bin/bash as the default shell.  Should i be changing there default shell to something else for 'student users' like /bin/sl etc?
0
 
LVL 12

Expert Comment

by:mburdick
ID: 13464101
Never seen so many "reinvented wheels"

When a user is first created, they have little to no information in a home directory. Here's something that should cover what you need...

Modify your /etc/pam.d/login file as follows:

Find the first line that says "session required" and insert a line before it that says "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022". This will cause a user's home directory to be created when they log in if it doesn't exist.

Next step is to wipe out their directory with a "rm -rf" command when the user isn't logged in.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13465130
> Next step is to wipe out their directory with a "rm -rf" command when the user isn't logged in.
that's exactly what I suggested, just the difference: wipe when logs in (which seems more practical than cron)

> Surya
> Where do I place your script?   Does it go in - /etc/profile?
yes
but keep in mind that this suggestion *does not remove* the old homedir, and it needs to be costomized
my suggestion wipes out the old stuff and copies your skeleton in a generic way: only one place to change!
0
 
LVL 7

Expert Comment

by:surya_prabhakar
ID: 13465245
If you want to incinerate everything in the home directories of the users then go by what the other people are saying . I f you just want to remove the gui related files  and do a little house cleaning then you can follow my script . .

If you want to run the script on every reboot you can put it in /etc/rc.local .  save the script as file and put it in /root and then change the permissions to 755 and call it directly in /etc/rc.local .

You can also call this file in the cron depending on whic the machine would be powered on . I dont suggest calling in /etc/profile because /etc/profile is called when ever the guy opens a new shell .

surya.
0
 
LVL 38

Expert Comment

by:yuzh
ID: 13473118
Here's my way to apply standard desktop for students:

http:Q_21090956.html

You can write a little script to get rid of the students old settings, and appply the standard
desktop.

use "cron" to run the script once a day (eg, midnight)

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13474401
and how about student starting work at 23:55?
0
 
LVL 38

Expert Comment

by:yuzh
ID: 13474513
Good question ahoffmann, the script need to check if the user is currently logon to the system,
before go ahead to replace his/her desktop.

markacarey, you also need to have some policy about user login, eg, what happen if a user login and never logout. idel time > 2 day get kill etc.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13474544
> .. check if the user is currently logon ..
why?
simply do it at login, there the check is implicit, obvious somehow (except you allow multiple logins ;-)
0
 
LVL 38

Expert Comment

by:yuzh
ID: 13474556
>>simply do it at login, there the check is implicit, obvious somehow  ;-)

Good point!  But markacarey want to do it daily, what happen if someone login many times
a day, you do it every time when he/she login?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13474568
==>  (except you allow multiple logins ;-)
0
 
LVL 38

Expert Comment

by:yuzh
ID: 13474591
I allow multiple logins.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13474660
.. that get's nice when changing ~/.kde/* simultaneously ;-))
0
 

Author Comment

by:markacarey
ID: 13475131
The students are finding ways to stop office loading etc, which then allows them to surf for porn etc...  Need to be able to preserve the students work (Open office docs in home directory), whilst lossing there wall paper, etc and giving them the excuse of not being able to work.  

Which leads me onto another issue.  Firewall. (Will raise a seperate question).

If I can totally stop the students from making changes to there wallpaper, icons, screen saver, this would really also help, along with only allowing them to log in with one session and auto log off after 17:00 hrs.  However, would not like these rules applied to the staff?
0
 

Author Comment

by:markacarey
ID: 13475368
surya

Placed your script into /etc/rc.local as instructed, logged in as normal user, with none standard wall paper.  Logged out.  Logged in next day (today), wall paper the same?

Script did not work?

Regards

Mark
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13476399
ok, my suggestion http:#13463022 improved:

1. create a sample directory, lets say /home/sample
2. assuming that Open Office data is stored in ~/OpenOffice
3. add following script (inline or as call to another one) in /etc/profile or /etc/cshr.login (depending on user's login shell)
4. keep in mind that users will store their data in OpenOffice then ...

#! /bin/sh
tmp=/tmp/`uname -n`.$USER.$$
trap 1 2 3 10 12 13 15 16 17 30 31 _abort
function _abort
{
  echo silly attempt
}
tmp=/tmp/`uname -n`.$USER
test -d $tmp && echo multiple login attempt && logout && exit 1
touch $tmp/lock.$$
( cd $tmp && (cd ~ && tar cf - OpenOffice)|tar xf - )
\rm -rf `ls -a | egrep -v '^(\.|\.\.)$'` || logout
(cd $tmp&&tar cf - OpenOffice)|tar xf -
\rm -rf $tmp
exit 0
# to be improved in many ways
0
 

Author Comment

by:markacarey
ID: 13477627
Whats the purpose of the 'sample' directory?

users use /bash shell.  Should I be adding your script to bashrc file?

Open office is stored in /opt/openoffice

All the clients are ltsp thin clients does this make any difference as they look in /opt/ltsp during startup?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13478035
>  Whats the purpose of the 'sample' directory?
it's a clean user skeleton directory, containing all you need/want to give to the user

>   Should I be adding your script to bashrc file?
no
the user coud simply change that
use /etc/profile as I said

> Open office is stored in /opt/openoffice
don't know how you setup your users, but usually there is a small directory for each user, that's the directory I menat in my example
If you don't have such a local directory, you can omit that part.

> All the clients are ltsp thin clients does this make any difference as they look in /opt/ltsp during startup?
I'm not used to ltsp, but I guess that it makes no difference as long as each user has her/his own home directory
0
 

Author Comment

by:markacarey
ID: 13478319
Ok, Applied, all users gone home.

I can only vnc in.  Never been able to access as a standard user, unless you know a way? Otherwise won't be able to test until the morning...

Regards

Mark
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13478374
> Applied
hope you tested before ...
0
 

Author Comment

by:markacarey
ID: 13478542
No test server, and my terminal session is bombing out after putting in pw.

Something to do with bash, then it clears...

able to webmin into server.


Help...
0
 

Author Comment

by:markacarey
ID: 13478578
Also amended first line to #! /bin/bash, as this is the shell the users use?
0
 

Author Comment

by:markacarey
ID: 13478657
Amended profile back to orginal, can now log back in...

What do I now?
0
 

Author Comment

by:markacarey
ID: 13478681
Also tried file exactly as you stated, still stopped login?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13479963
please try my suggestion step by step manualy, I don't know your environment !!
0
 

Author Comment

by:markacarey
ID: 13480624
Do I add the sample directory to the individual users home area i.e. /home/usersx/sample  or /home/sample?
0
 

Author Comment

by:markacarey
ID: 13480759
Where's the master kept?

i.e. if i change a setting like the proxy server and need this to be set for all clients for next login...
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13480830
no, my sample directory is the master, no user should ever gain access to it
WHat is the problem in reading and understanding my suggestions? there're only simple commands ;-)
0
 

Author Comment

by:markacarey
ID: 13481097
No problem, just trying to understand better, sorry if bugging you.  Trying to learn as I go along.

Almost there.  Although, I reset settings back as discribed. I rebooted server, and the test account went back to default :-)

Reapplying your settings as discribed...
0
 
LVL 38

Expert Comment

by:yuzh
ID: 13482711
If you read my comment http:#13473118 including the link, it might help you understand a
bit more about the setup.

0
 

Author Comment

by:markacarey
ID: 13484942
Rebooted server and now just get a grub screen...

0
 

Author Comment

by:markacarey
ID: 13486446
Ahoffmann

How do I roll back from the grub prompt?

Would a rescue / grub-install improve or makes things worse?

 
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13487892
don't know what you mean ...
what have you change so that booting hangs/fails?
The suggestions according /home/user should not cause this.
0
 

Author Comment

by:markacarey
ID: 13489408
What about the script going into /etc/profile?
0
 
LVL 38

Expert Comment

by:yuzh
ID: 13492193
If you just simply "copy" the desktop files, it will case problem, the PATH in the sample file is wrong, and the permissions for the files needs to change as well. That's why I ask you to read
my link.

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13493434
> .. wrong .. permissions
damn, missed that (that the user needs read permission on /home/sample), yuzh is right
0
 

Author Comment

by:markacarey
ID: 13494771
Thanks yuzh (Will allocate additional points)

Change of question...  Will revisit above once system is restored back online...

Rebuilt server RH9.1. Kept existing "/" it is seen as /dev/hda5.  This contains all my user home directories and current DATA. It is vital i recover this data and copy across user accounts etc. ASAP.  

40Gb h/d
/ = 1Gb
swap = 500Mb
Boot = 100MB
Remaining is allocated to old "/"

System boots ok.  

How do i access the old "/" /dev/hda5 through new system? - Is it just a case of mounting the old "/" what is the correct syntax? I'm still learning linux, more used to GUI front ends, but I an old hand at MSDOS/PCDOS.

What files/directories do I need to copy across to new "/"?

Regards
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13495053
assuming your old / is on /dev/hdb1

  mkdir /old_slash && mount /dev/hdb1 /old_slash
0
 

Author Comment

by:markacarey
ID: 13495902
Assuming above works ok...

How do I get the existing user accounts working (over 250 users) working on the new build?  

What files/directories do I need to copy across?
0
 
LVL 38

Expert Comment

by:yuzh
ID: 13502283
>>How do I get the existing user accounts working
    You need to transfer at least the passwd shadow group files (eg, if you mount it on
/old, they should be in /old/etc dir), it depands on your Linux version, it is better to post
your OS version for this one.

   You might also need to transfter the user's data (home dirs) to a proper location (defined
in passwd, if you have change their desktop, the bad news are you need to change them back
to a working order as well.

   Do you have a full system backup before making the change, I think it is a good idea to just
restore from backup. If not, you need to learn from this lession, always perform a full backup
before making change to the system unless you are 110% sure what you are doing.

   I looks like we are sitting in different timezone, and hopefully other experts can help you out
in your daytime.

0
 

Author Comment

by:markacarey
ID: 13502754
Yuzh

My OS is RH 9.1.

What do you mean transfer to proper os location then transfer back?

you re dead right ref back up 'lessons learnt' I was lossing a little hair... I'm now looking for a transplant!!!

0
 
LVL 38

Accepted Solution

by:
yuzh earned 2000 total points
ID: 13503036
For user account, you need to transfer at least passwd, shadow, group and gshadow.
and please check old your nsswitch.conf file for passwd see if your system use NIS, LDAP
for user account as well

you can do:

grep -i passwd /old/etc/nsswitch.conf

>> You might also need to transfter the user's data (home dirs) to a proper location (defined
in passwd,

eg: your passwd file looks like:
fred:x:1016:1016:Fred Simth,,,:/home/fred:/bin/bash

fred's home dir should be /home/fred, if you have the old date in /old/home/fred, you need
to transfer it to the RIGHT place.

>>if you have change their desktop, the bad news are you need to change them back to a working order as well.

If you have run a script to put a dummy user's desktop files to user fred's account, the permissions will be wrong as I mention before, and their desktop files contains /home/dummy
instead of /home/fred that's why in http:Q_21090956.html#11781485 use a script chstr to change all the files to make it work for the user.

Hope I can make it clear this time.


0

Featured Post

WordPress Tutorial 2: Terminology

An important part of learning any new piece of software is understanding the terminology it uses. Thankfully WordPress uses fairly simple names for everything that make it easy to start using the software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month9 days, 15 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question