1

my target is to use my Ubuntu "persistent" partition in read-only mode. In my boot menu, I would like to have ideally two optional commands, calling two different initrd.lz, one mounting casper in RW, the other mounting it just in a safe Read only mode. SO I can choose each time how to boot my system. In applications like home-banking I would like to browse internet with all my configurations and latest security updates, being also sure that all will be back as before after I shut down. Running just in live-mode, non persistent, I will instead need always to update all required security patches before connecting in internet....which is obviously a tedious procedure! In spite of my security paranoia, can someone help me? Alternative solutions are also well accepted! I changed the initrs.lz file, trying to mount casper in read-only mode...but I am a "beginner" and I failed. I also followed the suggestion in here: Mounting the persistence partition (casper-rw) read-only but it did not work...or I made something wrong! Thanks and cheers

nichtNox
  • 562
  • Maybe this link can help. You can upgrade to the daily iso file (of the latest LTS release) and have an updated system, and keep your home directory with this method. – sudodus Jun 17 '18 at 14:41
  • Thanks Sudodus for your reply. If I understand well the method, it is not much different in doing regularly update, and then copy back all your "private" data/settings. But also in this case I will not have a "read only" live session with my settings und all security updates at once. Or did I miss something? Thanks again – nichtNox Jun 17 '18 at 16:05
  • The method I suggest will help making it easier to upgrade a persistent live system by backup and restore of the /home directory. It does not make the casper-rw partition read-only, when it is used to make a persistent live system. -- But there is one menuentry in the grub menu [made by mkusb] to boot live-only: 'Try Ubuntu'. It means that you do not use the casper-rw partition, and that you have a clean system for banking. You can still have the casper-rw and usbdata partitions mounted in order to read and write data there, if you wish. – sudodus Jun 18 '18 at 03:50
  • With a persistent drive you can choose to add a guest user. The guest user is basically a Live session that starts fresh every boot. I recall there is a way to modify the live users setup... I have been trying for years to find a way to run a persistent drive in read only mode, you would think installing on a SD card then flipping the r/w switch would work but it doesn't, changing permissions does not work either. – C.S.Cameron Jun 18 '18 at 04:56
  • Thanks C.S.! I see that here I am not alone...I did try as well with SD and USB with physical switch, the system did not even boot for some reasons! I will try with the guest user, although I believe when your restart the next time the same guest user is still there, right? Cheers – nichtNox Jun 18 '18 at 06:23
  • This might help: https://askubuntu.com/questions/946919/add-guest-user-to-persistent-flash-drive – C.S.Cameron Jun 18 '18 at 16:38

2 Answers2

2

Guest User accounts for 16.04 and prior, are controlled by lightdm.conf.

enter image description here

For a grub2 booters with persistent casper-rw partitions, such as mkusb:

Open casper-rw/upper/etc/lightdm/lightdm.conf and change:

allow-guest=true

Now there will be a Guest account.

For Syslinux booters with persistent casper-rw files such as UNetbootin: First mount the casper-rw file:

sudo mkdir /media/casper

sudo mount -o loop casper-rw /media/casper/

Then edit casper/upper/etc/lightdm/lightdm.conf and change:

allow-guest=true

A guest account will be added to boot options.

For 17.04 Gnome, LightDM has been replaced by GDM and GDM does not include a Guest session.

The user can install LightDM in 17.04 Gnome using:

sudo apt install lightdm

The install process will ask to remove GDM.

17.04 Gnome reports as being unconfined when in a guest session, caution applies.

C.S.Cameron
  • 19,519
  • Many Thanks C.S. for the time spent in answering! It sound very good! – nichtNox Jun 19 '18 at 08:10
  • Thank you @John Doe, I think I recall that we can use a Admin account setup as basis for a guest account, Something about /etc/skel/ will post a link if I find it. I double checked lightdm with Ubuntu 18.04 and it works well. – C.S.Cameron Jun 19 '18 at 21:33
  • @John Doe, this may be useful: https://help.ubuntu.com/community/CustomizeGuestSession – C.S.Cameron Jun 19 '18 at 23:42
1

Follow Up

Modifying the Guest Account

You may use an existing User Account, or create a new User Account, to use as a Live basis for customizing the Guest Session.

Make a directory for guest session, if one does not already exist:

sudo mkdir /etc/guest-session

Create a symbolic link:

sudo ln -s /home/{NAME} /etc/guest-session/skel

Where {NAME} is the name of the User Account you wish to use as a basis.

Any changes made to the user account will appear in the guest account, wallpaper, installed programs, etc.

Any changes to the guest account will be deleted at end of the session.

I should mention that I have been using mkusb to make the bootable drives.

C.S.Cameron
  • 19,519