1

I'd like to set a password for the guest account. How can I do this? (This question is not answered under the similar question in this forum, see below.)

The last time this was asked on this forum it was suggested that there was no reason to set a password on guest as it was equivalent to set up a new, regular account with a password. It seems to me that this is not the same thing. The guest account is secure by default, limits access to the file system and is self-cleaning, regular accounts are not. By self-cleaning I mean that it leaves no loose files, no internet history, no potential viruses (I know, Linux has none), etc. since it all takes place in temporary space.

It is good to have the guest account protected, too, in some situations. For example, if you live in a group house and have a common computer you may want to share freely with people you know but otherwise limit expensive internet access. Not everyone has the same situation.

One suggestion last time was to "Open a terminal ... Then type passwd and the user name. So it should be passwd guest" This didn't work in my hands, even with sudo. Linux replied "user 'guest' does not exist" Am I doing something wrong?

If Ubuntu is not designed to allow a password on the guest account then, in the spirit of Linux, if you think this is a reasonable thing to do, let's look for a workaround.

Anyone?

(I'm a newbie, so let me know where I'm being naive.)

guest
  • 19
  • 1
  • 3

2 Answers2

3

The Guest Account exists as a created-then-destroyed-on-logout account that is limited in what it can do and exists without a password. That is the purpose of a "guest account" - limited access, automatically-destroyed-on-logout. It is not designed to run with a password.

You can create a "guest" account that you can keep as a normal user (not a guest user) by making a user named "guest" and setting a password on that, though, and then potentially restricting their access. You can then disable the normal "guest account". (The guest account system however will never have a password.)

Thomas Ward
  • 74,764
  • Thanks, Thomas, but please re-read the question. A guest account is really a different animal and a nice and useful animal that could be enhanced by access control (taming?). – guest Dec 10 '13 at 16:43
  • @guest Your question is at the beginning of your post: "I'd like to set a password for the guest account. How can I do this?" My first paragraph answers this. It is already pretty regulated, is there a reason you're asking how to set a password on this already-regulated account which isn't designed or capable of having a password? As outlined in questions like this the actual question you need to ask yourself is the use case for the guest login. – Thomas Ward Dec 10 '13 at 16:49
  • @guest ... and if you really DO need to set a PW on the guest user, the solution is to create a user named "guest", set it to have the same restrictive permissions as the created-and-destroyed guest account system, and then disable the guest account that is built-in. However if you are having to set a PW for the guest user, then why even allow guests access to the system in the first place? Even though you outline your use case here, the easier solution is to create a 'guest' account that you can set a PW on. Rather than using the 'guest account' built-in system. – Thomas Ward Dec 10 '13 at 16:52
  • Thanks again, Thomas. It's the unique created/destroyed behavior I'm after: Check my second and third paragraphs in the initial question. I don't think a regular account is the same thing. If it's not straightforward to set a password on guest then I'm hoping someone will know a clever not-too-painful workaround. P.S. I saw the previous question and tried to add this there but could not. – guest Dec 10 '13 at 17:00
  • 1
    @guest then you've obviously missed the point. There is no way with the current system to set that up and require a password, at least not that I know of. The problem is that you want a created/destroyed account that is always set with a specific password and requires the password before its created. As I understand the system, that capability does not exist. (I may be wrong, however, but that's the understanding of the system so far) – Thomas Ward Dec 10 '13 at 17:04
  • Yes, that is my question: whether "that capability does not exist". I don't know the mechanism. If 'guest' always exists somewhere then we should be able to set a password. If guest is created on the fly somewhere then we should be able to set a password on it in the same mechanism. In the second case it would be a pre-set password, likely stored in a configuration file. If there is a straightforward way, great, if not, workaround any-clever-one? – guest Dec 10 '13 at 17:12
  • 1
    @guest you're stuck with only creating another user and then using PAM to lock down that user account, that's your only "workaround" and "solution" to creating a guest user that has a password. Other workarounds would require manually compiling PAM and the guest accounts functionality with a lot of other code in there to add the functionality you're asking for, I think. – Thomas Ward Dec 10 '13 at 17:25
  • It's still not clear to me that the self-erasing guest itself can't be adapted. It also seems too early to rule out a workaround. I think this is an interesting question and that a solution can add real value. Does anyone want to throw in here, probably as another answer as the discussion is getting too long to read? – guest Dec 10 '13 at 17:57
2

One suggestion last time was to "Open a terminal ... Then type passwd and the user name. So it should be passwd guest" This didn't work in my hands, even with sudo. Linux replied "user 'guest' does not exist" Am I doing something wrong?

That is because the guest user is only present when the guest account is used. It is created when you login as guest and it is deleted when you logout.

As others said, the guest account cannot be made easily password protected. To see why, just open the /usr/sbin/guest-account script. This is the script which is used for setting up or removing the guest account on login/logout. It contains the following code:

if PWSTAT=`passwd -S "$USER"` 2>/dev/null; then
if [ "`echo \"$PWSTAT\" | cut -f2 -d\ `" != "L" ]; then
  echo "User account $USER already exists and is not locked"
  exit 1
fi

The above snippet shows that before the script sets up the guest environment it checks whether there is a user named guest in the system. If it finds such a user it checks whether it has a locked account. If it doesn't have a locked account then the script exits with error and the guest login will fail. So even if you decide to make a permanent guest user and setup a password for him, you will fail, because it won't have a locked account.

What you can do is to investigate the script to know what is done in the setup and in the cleanup. Add a guest user to your system with a password. Write a script which mimics the guest-account script in the way you like. Then just use the /etc/lightdm/lightdm.conf file's session-startup-script and session-cleanup-script sections to specify your newly written script as the script which should run for this guest user. (for instructions with the lightdm.conf file look here ). But note that lightdm has a bug (?) and because of that the session-cleanup script fails to run when you directly shutdown from the account, so the guest should always log-out before shutdown.

falconer
  • 15,026
  • 3
  • 48
  • 68
  • Do note, @guest, that neither of these answers here solves your problem, as you would still need to know how to modify the system to do what you want. – Thomas Ward Dec 10 '13 at 18:29
  • falconer, thanks for posting your answer, I agree that for your suggestion modifying the guest-account script isn't a good idea, and just as a point of fact, I don't think a passworded guest-account system is in any way sane because it defeats the purpose of the system. – Thomas Ward Dec 10 '13 at 18:30
  • Thanks, falconer. As I am new it will take me a little while to parse this. Naively, though, it seems to apply to setting up a separate permanent account named 'guest', which I hope to avoid (it seems safer to follow the managed code where possible). I'd like instead to set a password on the pre-existing system managed guest account. (continued below) – guest Dec 10 '13 at 18:44
  • Naively again, having been pointed to the guest-account script (thanks) it seems that something could be created to run after this which sets up a password or something which the script calls could do it. One line, for example, seems to call . /etc/guest-session/prefs.sh (where it exists). Something shoehorned in here? The idea in general, again, is that there might be a reasonable workaround and that it might be fun and useful to find. – guest Dec 10 '13 at 18:45
  • @thomas: The very spirit of linux seems to be bending and extending it; it is linux sanity, perhaps an odd sort, to do so. Taming the guest account with a password does not defeat its purpose (a quick, secure, low access, self-cleaning loanable account) but rather extends it by allowing some control on highly shared computers, sort of like a password on a coffee shop wifi. It is a good. Can you think of anything that will help? – guest Dec 10 '13 at 18:53
  • @guest other than setting up your own user for this, or heavily modifying the scripts, or creating your own scripts to create customized guest-account stuff? Nope. – Thomas Ward Dec 10 '13 at 18:59
  • As I wrote in the answer I'm against the modifying of the system-script. But if you really would like to do that then you would have to substitute the whole password checking if-branch with a real passwd check. Remove the adduser branch. Also remove some checks in the remove_account() function and remove the deluser command. And likely some other modifications would also be needed, because I've just run through the code now. – falconer Dec 10 '13 at 19:01
  • I agree, modifying the system script is a bad idea. It could be changed to work better or to plug an emergent security hole, etc., all of which we would miss. That said, could you comment on the above concerning the . /etc/guest-session/prefs.sh. As it follows an existence check (If ... there is a prefs.sh) it seems like it's an optional file which could be modified without undue system pain? (Again, I'm ubuntu naive.) If not, someone out there might spot a similar or completely different trick: 10,000 eyes (perhaps a few fewer on this question). – guest Dec 10 '13 at 19:11
  • Yes prefs.sh could be created for setting up some goodies for the guest, but you can't use it for creating a password, because the password checking should be way before that, at the beginning of the script. (And the remove_account() function would still need to be modified anyway.) – falconer Dec 10 '13 at 19:44
  • @guest: I made an attempt with the line 'echo "$USER:guestpw"|chpasswd' in prefs.sh. It sets a password, but you are still not prompted for it. :( Not sure about the reason. Possibly it's related to https://launchpad.net/bugs/1038881 - falconer: Actually I don't think the password check would take place in /usr/sbin/guest-account, since add_account() merely prepares the temporary account. I think the actual start of the guest session happens when /usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper is called. – Gunnar Hjalmarsson Dec 10 '13 at 20:42
  • @GunnarHjalmarsson Yes, of course I fooled myself. :( I meant that the guest login doesn't compare the typed in guest password with the stored one, so one should implement a check in the script. Of course that's impossible because lightdm doesn't ask for a password for the guest section, so there is nothing to compare to. LOL. Sorry guys. guest you have to stick to the second option if you really want to implement this. – falconer Dec 10 '13 at 21:03