How to implement user accounts in Puppy?

[Nevermore]

Hi all
i am planning to make a total switch from win Xp to puppylinux in my university computer..
however, i am using it with other ppl, and I NEED that a multiuser system of any sort is available:
they shouldn't be able to access my pup and i shouldn't access their.
how can i do that?
(the pup doesn't need to be enchrypted, just they shouldn't be able to mount easily, or maybe it shouldn't show at all)
of course at the startup i need a menu with different users..
how can i do that?
Thanks

[Flash]

This subject has come up several times before and been discussed at considerable length.

Puppy was originally designed to run from a live CD, so setting up for multiple users wasn't useful. I think some people have come up with ways to make multiple user accounts work from a hd install.

In my opinion the best solution is to give each user a multisession CD or DVD, if Puppy will run from a multisession disk on your computer. That way each user's stuff is completely isolated from other users, and also automatically protected from a hard drive crash, or virus or worm or rootkit infecting the common OS on the hard drive, etc.. You can't get more secure or private than multisession Puppy.

[Nevermore]

Thanks Flash
i was thinking if it is possible that i use a nonstandard name pup file (so that in auto it will take the standard one)
in this way i will prevent the other "dumb" user to access my pup dir..
what do u think?

[billstclair]

You could certainly have a different pup_save file for each user. If Puppy finds more than one on a volume, it asks which one to use. So you could have pup_save_bob.3fs, pup_save_joe.3fs, etc. Couple this with my startup password mechanism, and you can be reasonably secure.

My startup password mechanism will work only in Puppy 2.x. I add a line like the following to the beginning of /etc/rc.d/rc.sysinit :

Code: Select all

/etc/rc.d/requirepwd "Password: " 'fc127acace78ca50c1f695211a5cba83  -'

Where the string between the single quote characters is generated by:

Code: Select all

echo "password" | md5sum -

but with your password instead of "password".

Here's the contents of /etc/rc.d/requirepwd, which must be chmod'ed to 755 or something with the execute bit set for root:

Code: Select all

#!/bin/sh

# Two parameters:
# 1) prompt string
# 2) md5sum of the password. To compute it:
#    echo 'password' | md5sum

PROMPT=$1
MD5PWD=$2

trap 'nokill' 2

nokill()
{
echo "Ctrl-C won't work"
}

while :
do
  read -s -p "$PROMPT" pass
  echo ""
  p=`echo "$pass" | md5sum`
  if [ "$p" = "$MD5PWD" ]
  then
    exit 0
  fi
done

[Nevermore]

billstclair do u know if puppy accept this file format only?
or i can have a file like:
johndoe.3fs or john_doe.3fs

[richard.a]

billstclair do u know if puppy accept this file format only?
or i can have a file like:
johndoe.3fs or john_doe.3fs

I thought I would document this feature which I discovered by accident, not finding it anywhere else...

Providing your saved configuration files correspond to the naming format of pup_save*.3fs, there is no problem.

The * is interpreted in the standard way of "any character or characters, even none".

If there are more than one file which appear like the ones in the next section, then you will get a menu like the one below. The computer will pause, waiting for your input.

PLEASE CHOOSE WHICH SAVE FILE TO USE
0 none
1 pup_save.3fs
2 pup_save2.3fs
3 pup_save-202.3fs
4 pup_save_210.3fs
Please type a number then press ENTER key:

or

PLEASE CHOOSE WHICH SAVE FILE TO USE
0 none
1 pup_save.3fs
2 pup_saveXP.3fs
3 pup_savepeach.3fs
4 pup_savekitty.3fs
4 pup_save-DEFAULT.3fs
Please type a number then press ENTER key:

The way I have found to create template files is a very basic one, copied from my days doing CAD design of multiple floor (high-rise) buildings. Take the standard configuration (with all the apps you intend to use as "standard", and fix the configuration up.

Then exit and reboot, which will result in the basic pup_save.3fs being created or modified in this way.

NEVER use this template as a working file. Copy it elsewhere as a backup, but leave the original on the computer.

Then copy that file under a new name to the same directory - perhaps as pup_save2.3fs.

Without doing anything else, which will change the template you have created, reboot the computer and choose that new file to login with.

You can do that for different users or different purposes for the login -

Maybe you are writing a book?
Maybe you design graphics?
Or perhaps with Audacity you are digitising your old cassette tapes before they fall apart?


There is only one problem over the permitting of other users to use that menu choice when they fire it up. They CAN log in to your stuff, and because they are root, they can do untold damage.

So I don't recommend it for multiple users even though the suggestion was made.

This is particularly important with family members who are well known for harbouring grudges at times, lol!

I would very much like to set up a proper login menu for HDD installations of Puppy. Anyone help me please? I'm a user, not a guru

Just my thoughts.

[Nevermore]

you are absolutely right..
what i want is this:
puppy should login automatically into the "other" account, while log in on mine when i tell..
this way it should be prevented to have massive damage on my stuffs

[Pizzasgood]

What I do is set up a frugal install and make the bootloader require a password to boot my Pupfile. You can set them up to load multiple files, thus making multiple password-protected areas for everyone.

This won't be secure from anyone who knows the mount command, but it will keep Random Randall out.

Also, if they go to /mnt/home they could theoretically delete your pupfile.


I don't know how to set passwords with Grub since I haven't used it yet (it's on my to-do list though). I've been using Lilo since I already had it set up from my Vector install.

[richard.a]

What I do is set up a frugal install and make the bootloader require a password to boot my Pupfile. You can set them up to load multiple files, thus making multiple password-protected areas for everyone.

This won't be secure from anyone who knows the mount command, but it will keep Random Randall out.

Also, if they go to /mnt/home they could theoretically delete your pupfile.

True, and thanks.

I don't know how to set passwords with Grub since I haven't used it yet (it's on my to-do list though). I've been using Lilo since I already had it set up from my Vector install.

Not quite what I mean.

I'm quite familiar with KDE and to a lesser extent with Gnome although I have and use Sun's Java Desktop system which uses a customised Gnome that is now antique.

It is the login that distros that use either or both of those desktops that I was referring to. It has the security you probably need to use in either a business situation, or a multi-user environment like a family.

Is there one that is part of JWM that because there is no mention of it, I don't know anything about? If so, how does one configure it

Thanks for your response though mate

[Nevermore]

pizzas is there any script that would do the job?
i am planning to install puppy as an iso file on Vfat partition, i need that a bootloader is installed, and the init file copied as well..
i was wondering if anyone has ever made a script to automate that, since last time i spent 2 hours figuring how to edit grub config file..

[Pizzasgood]

Actually, I was replying to Nevermore and just offering a way to stick a password in there. Better systems (for keeping people out of a save-file) are in the works under the encryption thread. I've thought about trying that stuff out, but never got around to it. Looks like they're beating me to it now. GuestToo uploaded a demo tonight. If they get it worked out, I might use it in Pizzapup to see how well it works and how people like it.

Like I said, I don't know squat diddley about Grub yet. I've never seen anything about an automated process, but I don't see at least a third of what goes on here and totally missed two months over summer.

Sorry

[Nevermore]

thanks pizzas
but i prefer not to go under enchrypted FS to avoid any kind of problem that might arouse..
i just need my file to be not mounted directly and maybe even .HIDDEN..
ah pity that seems there are no news about grub, it was a very time consuming process, and last time i ended up in using the puppy windows installer, which i can't do now since i don't have windows installed at all..

[Rickrandom]

If you use the different pup_save file for each user, you can also use the password protected lock on the screen, which might be a good thing for each user anyway, and there is a simple script in the forum somewhere (I can't find it right now) that runs the screen lock as part of the boot. Thus if a user picks the wrong pup_save file (deliberately or accidentally) they won't get past the first screen.

I don't think this approach is truly secure, but it is probably reasonably foolproof.

You can probably set up a shared area on the hard drive, so users can make files available to others, but keep their own stuff in their own pup_save file.

[Nevermore]

thanks
that's exactly what i need, i'll go for it!

[richard.a]

If you use the different pup_save file for each user, you can also use the password protected lock on the screen, which might be a good thing for each user anyway, and there is a simple script in the forum somewhere (I can't find it right now) that runs the screen lock as part of the boot. Thus if a user picks the wrong pup_save file (deliberately or accidentally) they won't get past the first screen.

What a great idea. If you do discover where it is, please would you post it here?

Look forward to it.

[Flash]

Is this what you're looking for?