A user read-only access account.

Note: As the filesystem is read only, some commands won't work, such as vi that requires write access into /var/tmp to create a temporary file.

To setup read-only access a "new root" directory such are "/var/read-only" is created,.Under this directory "/" is mounted as read-only.

Here is a diagram of the directory structure.

/
| | | |
var usr adm <etc>
|
read-only
|
/ (Note: this link is a read-only mount of /)
| | | |
var usr adm <etc> (Note: these directories are picked up even if they are separate mounted filesystems.)
|
read-only
(Note: no it doesn't get cyclic at this point)

When a user logs in, instead of running a shell such as /sbin/sh in the password file, readonlyshell which has suid privileges runs. It changes the root directory for the user to "/var/read-only", sets a couple of shell variables and changes directory to the "/" directory, now "/var/read-only". Lastly it runs a bash shell.

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow readonlyuser

readonlyuser Web Site

Other Useful Business Software
$300 Free Credits for Your Google Cloud Projects Icon
$300 Free Credits for Your Google Cloud Projects

Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
Start Free Trial
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of readonlyuser!

Additional Project Details

Operating Systems

Solaris

Intended Audience

System Administrators

User Interface

Command-line

Programming Language

C

Related Categories

C Systems Administration Software

Registered

2012-06-20