Setting up multiple users in Puppy

Under development: PCMCIA, wireless, etc.
Message
Author
User avatar
stevenbinion
Posts: 179
Joined: Fri 24 Aug 2007, 14:29
Location: Pittsburgh, PA - United States
Contact:

#41 Post by stevenbinion »

I'm glad I found this thread. will be quite useful.

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

#42 Post by Farwater »

Hi everyone!
Glad to meet you!

I'd like to continue describing the solution on multiple users proposed by monkeyweb. What'd like to show here is how to extend his idea to actually use all the programs like openoffice or sound mixer. And thus to create a truly usable second user account with fuctionality restricted only for security reasons. This is what I'm currently using on my puppy 3.01 installed onto my HD (not frugal).


Create a decent home directory for spot user

Code: Select all

mkdir /home/spot
Copy the user profile from root's template

Code: Select all

cp -R /root/* /hоmе/spot/
chown -Rh spot /home/spot

In /etc/init.d let's create an inituserspot script to initialize
the permissions for the whole spot group every time we boot up

Code: Select all

echo "echo '' > /tmp/xerrs.log ; chgrp -R spot /tmp ; chmod -R g+rw /tmp ; chgrp spot /etc/.XLOADED ; chmod g+rw /etc/.XLOADED" > /etc/init.d/inituserspot

Don't forget to make the script executable, of course

Code: Select all

chmod 755 /etc/init.d/inituserspot

And finally reboot and login as spot into a complete, but still secure working environment.

With this simple setup spot can work pretty much with all the programs installed in the system and modify any files in his directory and in /tmp/. What he can NOT is summarized below:

1. Modify the files in the directories which are not his, unless he was allowed explicitly.
2. Install/uninstall programs.
3. Mount/umount, create, delete and format file systems.
4. Start xterm or rxvt. ( although, he can leave X to a command line).
5. Switch off/reboot the system.


PS: Sorry if this method is already outdated :shock:
Last edited by Farwater on Tue 25 Mar 2008, 17:25, edited 3 times in total.

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

One more note to my previous post.

#43 Post by Farwater »

In my original post above I used the idea to change the user's permissions, however later I changed the code to focus on group permissions.

This way the whole group spot can now run X with applications. It means that now we are not limited by a single user any longer - we can add more !

So, let's add them! Currently I'm writing a script for generating X-applications capable user accounts automatically. The script is based on the method proposed above - just automated for our convenience.

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

Truly multiuser now, I guess

#44 Post by Farwater »

The script is ready.

The usage is as follows:

Code: Select all

onemorexuser USERNAME UID [ STUBDIR  [ HOMEDIR ] ]

The script accepts 2 mandatory arguments - the name of the user you'd like to create and his/her UID. The other two arguments are optional.

The third argument is the name of the directory you'd like to use as a template - in order not to leave him with just plain X server. The default value is /root

The fourth argument is the name of the home directory which will be created as a copy of STUBDIR. The default value is /home/USERNAME

So, everything is just really easy. You run the script as a root. Wait patiently until it copies the whole STUBDIR. After that it will prompt you for a password for the newly generated user. And that's it!

Code: Select all

Ctrl-Alt-Bcksp   ;  logout  ;   login USERNAME  ;  xwin
And you will see your shining desktop with all the applications ready!

Examples.

Code: Select all

onemorexuser  puppyuser  123  /puppyhome   /home/myself
will create a user puppyuser with UID=123 with home dir at /puppyhome copied from /home/myself

Code: Select all

onemorexuser  justme 124 
will create a user justme with UID=124 with home dir at /home/justme copied from /root

Code: Select all

onemorexuser  alsome  125  /home/me/secondme
will create a user alsome with UID=125 with home dir at /home/me/secondme copied from /root


Two more things are to be mentioned:

1. The users which it creates are real. I.e., they won't disappear after rebooting. To delete them you'll have to erase the records from /etc/passwd and /etc/shadow

2. All of the users created by the script belong to the same group spot GID=502. Through their membership in this group they share the ability to manipulate X, /usr/bin, etc., etc. You are free to add them to other groups, however, better don't delete them from 502.

For further details please see the code - its really simple and self-explaining.

The version has been tested on HD-full-install and USB-frugal.
With frugal the only problem I found was accessing openoffice from .sfs

Recently added:

xonemoreuser - the same program, but with GUI for X with GTK (standard).

It doesn't require any command line options: all the customizations are done using menus and dialogs.

Please note that the final step (setting a password for the newly created users is propted automatically by the console version of the script only. If you are planning to use the GUI version, after adding each user please don't forget to setup a password for the user by typing in the console:

Code: Select all

passwd newusersname
, where newusersname is the name of the user you've just created with xonemoreuser.

Have fun! :)
Attachments
xonemoreuser-en.tar.gz
(2.59 KiB) Downloaded 878 times
xonemoreuser.jpg
(20.75 KiB) Downloaded 2082 times
onemorexuser.zip
(2.17 KiB) Downloaded 798 times
Last edited by Farwater on Mon 28 Apr 2008, 13:32, edited 7 times in total.

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

A bug in the script corrected !

#45 Post by Farwater »

I apologize before the one who already have downloaded the script. I found a small, but very nasty mistake in it which prevented users from writing into their own directories. It's not even a bug - it's just I forgot to add one more line to the current file.

Now the file is updated and I can assure you that it works properly !!!

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#46 Post by Pizzasgood »

Cool. I definitely want to make the next Pizzapup multi-user friendly, among other things, so I will come back to read this stuff in detail when I start working on that. For now I'm way to busy to think about multiuser, so I wanted to at least let you know there is interest in this and that it isn't being ignored. :)
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

#47 Post by Farwater »

Thanks for your encouragement, Pizzasgood! I'm glad to hear at least one positive response, since I'd also like to see puppy multiuser.

In the meanwhile I've fixed a couple of bugs, made it work more stable and predictabe. The new version of the script is available for download from the current post.
Last edited by Farwater on Thu 27 Mar 2008, 10:48, edited 1 time in total.

Auda
Posts: 131
Joined: Sun 08 May 2005, 20:08
Location: New Zealand ( Christchurchish )

#48 Post by Auda »

I have been waiting for a multi-user puppy since um well I'm using 109ce and haven't seen a good reason to change. Grafpup 2 was looking very good but unfortunatly had a few bugs, mounting drives was my main one, then Nathan F. stopped working on it and now I see that grafpup.com is no more. If you and pazzasgood get a bugfree multi-user pup working you will have a real winner.
Keep up the good work
Auda

User avatar
jcoder24
Posts: 604
Joined: Fri 06 May 2005, 12:33
Location: Barbados

#49 Post by jcoder24 »

Auda wrote:and now I see that grafpup.com is no more.
That's because it was moved to grafpup.org
Auda wrote:Grafpup 2 was looking very good but unfortunately had a few bugs, mounting drives was my main one, then Nathan F. stopped working on it
Nathan stopped working on it because of a change in profession which left/leaves him with virtually no time to work on it. However, I think grafpup is an excellent puplet (in some ways ahead of its time) that can hopefully be continued as a community project.

Auda
Posts: 131
Joined: Sun 08 May 2005, 20:08
Location: New Zealand ( Christchurchish )

#50 Post by Auda »

That's because it was moved to grafpup.org
I was doing a cleanout of old bookmarks on a seconadry computer and many grafpup.com ones came up, I had forgotten that the address has changed.
Nathan stopped working on it because of a change in profession which left/leaves him with virtually no time to work on it
I had heard that, its a shame that there isn't a note to officialy say so on his news page, it looks like an abandonded project with the last news dated August 13th, 2007
that can hopefully be continued as a community project.
That would be good is there any work being done on it ?

User avatar
jcoder24
Posts: 604
Joined: Fri 06 May 2005, 12:33
Location: Barbados

#51 Post by jcoder24 »

Auda wrote:That would be good is there any work being done on it ?
Not yet

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

#52 Post by Farwater »

Sorry for a noob's question. :oops: But I got stuck with enabling OOo for non-root users. No matter how (e.g. mount -o loop -w) hard I'm trying to remount the openoffice.org2.2.sfs file, still I can not modify the permissions of the files inside it.

So, my first question is: Is there a way to mount the .sfs in as writable for me to modify the GID of its /opt.

If not, then my second question is: Is copy-edit-CreateNewSFS for OOo the only way to change the permissions?

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

#53 Post by Farwater »

A separate question suddenly came into my mind. Maybe, what I'm doing now is more relevant to do on dingo rather than on 3.01?

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

A really updated version !

#54 Post by Farwater »

I updated the script (see the previous page of the forum) to its latest.

The difference from the previous version:

1. X is fully configured according to individual preferences of users (including a personal xorg.conf !!! )

2. Terminals are accessible and fully functional for all the users.

3. Bugs cleaned.

In other words, it's ALMOST functionally complete!

The only incompleteness is represented by OOo on frugal, which can be automatically integrated once the developers of .sfs kindly change the restictive rwx------ rule to, at least, rwx--x--x.

Of course, I can rebuild the sfs myself, but what's the point? The next version of OOo may come out with the same rwx------. So, for now I decided to give up.



As usual, a few notes on the design.

Giving credits to Barry, I have to admit that the initial user-centric design
was an advantage in my work now, rather than a disadvantage. When everything is collected in /root it's very easy to create a copy of it, add to it a local copy of /etc (to $HOME/.etc) and substitute in xwin, .xinitrc and xorgwizard scripts all the instances of root to $HOME and all the instances of /etc to $HOME/.etc. Yes, it's THAT easy. :)

The script, was tested on both frugal usb and a full-hd-install with puppy 3.01.

Now, your comments on how it works on your systems are highly appreciated. ;)

User avatar
rarsa
Posts: 3053
Joined: Sun 29 May 2005, 20:30
Location: Kitchener, Ontario, Canada
Contact:

#55 Post by rarsa »

Farwater wrote:Is there a way to mount the .sfs in as writable for me to modify the GID of its /opt.
First of all, I'm sure that the work you are doing will make a lot of people happy.

Second, sfs files are read only, you cannot mount them rw, but...

an sfs file is no more than a particular folder packaged with the mksquashfs utility.

So here is what you can do:

1. Mount the sfs file in a subdirectory (not on /)
2. Copy all the contents to another folder
3. Modify the access rights or the content as you see fit
4. Create a new sfs file using the mksquash command (http://www.penguin-soft.com/penguin/man ... ashfs.html)
for example
mksquashfs <folder> <filename>.sfs


This is, you don't modify the source sfs file, but you create a new one with the modified contents.
[url]http://rarsa.blogspot.com[/url] Covering my eclectic thoughts
[url]http://www.kwlug.org/blog/48[/url] Covering my Linux How-to

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

#56 Post by Farwater »

Rarsa, thanks a lot for your encouragement! I´ll keep working on this topic, since I can see that people are interested in it!

With .sfs, knowing that, practically, one can not change the image, I just had a sightest hope (a dream) that there might be a magical trick in the world which would allow me to make a non-invasive (or, at least, a slightly invasive) change of the permissions. ;) Unfortunately, such silver bullet, apparently, does not exist in this world. :( Thank you for your reply anyway!

But, I guess, you would agree with my opinion that I better NOT rebuild an official sfs released not by me. ;)

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

#57 Post by Farwater »

Updated the current version of the script. The only difference is that now it handles the error case when user specifies no arguments. All the rest is the same. Still works fine so far.

aladin
Posts: 4
Joined: Fri 04 Apr 2008, 22:42

I ran the script

#58 Post by aladin »

Farwater wrote:Updated the current version of the script. The only difference is that now it handles the error case when user specifies no arguments. All the rest is the same. Still works fine so far.
Hi, I ran the script and get the new user directory created , password set, but I wander how to set the puppy after boot because puppy doen't show a logon process.

I still have X11 running in root , without been able to enter my new Userid

Did I miss something ? What init to configure in order not to havs the X started as before ?

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

#59 Post by Farwater »

Hi aladin,
It´s quite easy.

Edit /etc/inittab. You have 4 lines there. Make the second line identical to the third one (can copy-paste it). Save the file.
The commited change will result in prompting you for a login name and password every time you start puppy from now on.

To login as a different user immediatly you need to leave X to the prompt and type there:

Code: Select all

login myname
,where myname is the name of the user you´ve just created.
After entering the password you will login as myname
After that you will be able to start X again with something like

Code: Select all

xwin jwm
Please note that during your first login as a new user puppy will ask you to configure X. Only once. It´s OK, since from now on it will maintain personal display settings for each new X user.

If something still doesn´t work, please do not hesitate to ask me, since I´ll be really glad to improve what should be improved there.

User avatar
Farwater
Posts: 28
Joined: Mon 24 Mar 2008, 17:02
Location: Singapore

#60 Post by Farwater »

I've added a GUI version of the script to run it from X. Please see my original post for details.

Post Reply