I wanted to enable a "Guest Account" in GNOME, but there's currently no way to do it :( So figured out how do it myself.
I started by creating a guest user, with the default home directory
/home/guest.
sudo useradd -C "Guest" guestThen I wanted to allow passwordless login, I prepend this to
/etc/pam.d/gdm-password.
auth sufficient pam_succeed_if.so user ingroup guestThe next step was to log into the guest account and customise it, I changed the
themes added plugins and the most important thing was to hide lots of installed
applications. Hiding them is simple, but time consuming, copy the
/usr/share/applications/XXX.desktop into
${$XDG_DATA_HOME:=$HOME/.local/share}/applications/ and append
Hidden=true.
I don't want any future changes to be persistent, unfortunately it's not as
simple as making /home/guest read only. But there are still several
ways to do it, I made /home/guest/ a
tmpfs and populate it on each boot.
Move the customised home:
sudo cp -r --preserve=all /home/guest/. /usr/share/guest-factory
sudo rm -rf /home/guest/*And add the tmpfs to
/etc/fstab
echo "tmpfs /home/guest tmpfs noexec,nodev,nosuid,uid=guest,gid=guest 0 0" >> /etc/fstabAnd finally I needed to populate the guest home directory on every boot, so I
created a systemd unit and enabled it.
/etc/systemd/system/guest-setup.service
[Unit]
Description=Set up guest home directory
ConditionPathExists=/usr/share/guest-factory/
[Service]
Type=oneshot
ExecStart=/usr/bin/cp -r --preserve=all /usr/share/guest-factory/. /home/guest
[Install]
WantedBy=multi-user.target