How to implement a volatile "user profile"

I want to set up a Linux machine such that when a particular user, named student, logs out, their /home directory is wiped clean and reset.

Basically I want to perform these actions when the user logs out:

userdel student
rm -r /home/student
useradd -m student
echo student | passwd --stdin student

Is there a simpler way than deleting and recreating the user?

Note: The goal here is to wipe the contents of the user's home directory and repopulate the user's home directory from /etc/skel. I guess I'm just trying to work around file ownership problems that arise when copy /etc/skel over /home/student.

Edit: What I need to do is mimic the way that useradd -m copies the stuff from /etc/skel to /home/student and changes the owner, group, and permissions. How can I do what useradd -m does without having to delete and then recreate the user?

eleven81

Posted 2009-10-26T15:00:09.053

Reputation: 12 423

Post Locked. Please do not rollback changes made by moderators to posts. – BinaryMisfit – 2009-10-27T15:23:42.660

Answers

Maybe I'm missing something, but why delete and recreate the user at all, if all you want is to clean the home directory?

Can't you just do a

rsync -a --delete /etc/skel/ /home/student/

every time a user logs out?

Maybe also kill all the user processes if any are left, but that's it.

UPDATE: To change the owner of the files, you should simply run

chown -R student:student /home/student/*

after the rsync.

I doubt the permissions have to be changed, but if so, you're going to have to do it on a file by file basis, something like

chmod +x /home/student/bin/*

itsadok

Posted 2009-10-26T15:00:09.053

Reputation: 1 560

This preserves the owner, group, and permissions that are present on all of the files in /etc/skel. This causes problems because root owns most of those files, and as such, when the user logs in he and his processes don't own the files. When I run useradd -m, it sets the owner, group, and permissions as needed to make logging in actually work. – eleven81 – 2009-10-26T16:20:14.850

See my update. Is that what you wanted? – itsadok – 2009-10-27T12:06:29.563

I'll have to try that chown update later today. It looks very promising! – eleven81 – 2009-10-27T12:55:49.807

itsadok: I got it working with the rsync line and the chown -R line (minus the last slash and asterisk) just the way I wanted. I did not have to modify any of the permissions. Thank you, so very much! – eleven81 – 2009-10-27T18:06:46.480

itsadok: It seems that the rsync line does not copy the hidden directories (those whose names start with a .) from /etc/skel into /home/student. Any ideas? – eleven81 – 2009-10-27T19:15:03.190

Works for me. You should probably start another SU question for that, something must be wrong (read permissions, maybe?) – itsadok – 2009-10-28T06:06:16.207

Tagged with "bash", so I presume you're looking at a command-line login, instead of a GUI

student@pc:~$ cat .bash_logout 
if [ "$SHLVL" = 1 ]; then
    [ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q
fi
cd ~
rm -r ~/* ~/.[a-zA-Z1-9]*
cp -r /etc/skel/* /etc/skel/.[a-zA-Z1-9]* .

First 3 lines of the above are standard(at least on my Ubuntu machine) and the rest hasn't been tested. This route has the advantage of not needing to be performed exclusively as root.

Kevin M

Posted 2009-10-26T15:00:09.053

Reputation: 2 396

Except that it's also tagged "gdm". – Paused until further notice. – 2009-10-26T16:00:27.370

Preparation:

sudo mkdir /home/clean-homes/
sudo tar zcvf /home/clean-homes/$user.tar.gz ~user

I don't use GDM and so forget the format of the /usr/share/xsessions/*.desktop that it uses, but they're straightforward. Have yours invoke a script like

#! /bin/sh
cd
mkdir .old
mv * .* .old
rm -rf .old &
tar zxpPf /home/clean-homes/$USER.tar.gz
exec gnome-session  # or whatever

This has the new user do all the work of deleting the old files and of recreating the contents of the home directory, on login. This isn't a solution if you want the old files to be secured from the new user: in this case you should create multiple users [why don't you?], or advise people to run your 'clean-logout' script, or - if you have people locked into logging in with only your /usr/share/xsessions/*.desktops - rewrite the above script with absolute paths and without backgrounding the rm.

Don't rely on users emptying their own directories on logout. See: ctrl+alt+backspace, pkill gnome, and a physically accessible computer's power.

ayrnieu

Posted 2009-10-26T15:00:09.053

Reputation: 279

Ubuntu 8.10 and later comes standard with a "Guest session" option. This switches to a guest account with all the usual programs and directories in a virgin state. Any changes the guest makes are lost when the guest logs out. At any time you can switch to the normal session by just entering your password.

simplr

Posted 2009-10-26T15:00:09.053

Reputation: 236