1

Hi, I need an user group to only be allowed to use gthumb and read from only one folder/partition which I will decide.

Please can you let me know how to do this?

Flyk
  • 1,480

1 Answers1

0

Well, what you are asking is not as simple as you might imagine. To run gthumb you need to log in and run additional programs in the background, a graphical front end (X) at a minimum. You can use a minimal graphical front end such as fluxbox.

To be honest, IMO the easiest option might be to use the guest account. This has the advantage of being secured by apparmor, although it allows more access then what you want.

If that fails you can either use a custom apparmor profile or use a chroot/jail. These options will give you more control, but at the expense of you having to identify all the underlying applications and libraries that you need to allow to run a graphical front end and gthumb.

See: http://ubuntuforums.org/showpost.php?p=9799756&postcount=5

Or Simple & easy way to jail users

Community
  • 1
Panther
  • 102,067
  • hi, I understand the linux world is mostly composed by advanced users but i'm not one. I have followed "Simplest & Easy Way To Jail Users" and it does create an user with some degree of limitations but its not what I want and I don't really know how to achieve it nor do I have the time to learn it since I need this in about 20h. Please if you could provide step by step instruction on how I can create an user that can only use gthumb to read from a partition(which is a NAS RAID)nothing else. I need this set up on 3 ubuntu pcs so that clients can watch photos we upload on the nas at an event. –  Jul 30 '13 at 10:54
  • What you are asking is not easy and requires detailed knowledge + several hours to set up. – Panther Jul 30 '13 at 13:49
  • hi, thx for replaying.Sorry for asking too much.I kinda thought that there is an easy way to create a limited user with no privilege whatsoever and then individuate the dependencies needed to access gthumb and one machine over the network and give it to them. too bad.. let me know if there's anything you may add to help me. thx again :) –  Jul 30 '13 at 14:06