You can easily remove write permission from that user's directory. If you 
go into their homedir and

 	chmod -R ugo-w .

You'll need to have privs to do that to that homedir, so either sudo or 
whatever you're using.

That'll remove write permissions while still allowing the user to read 
everything.

Of course, the user could always use a terminal to chmod u+w on that 
directory, since they are still the owner. If you want a failsafe method, 
you need to go in as root and make root the owner of his directory and 
THEN remove the write permission while granting read! So something like 
this:

 	chown -R root:root .
 	find . -type f -exec chmod 444 {} \;
 	find . -type d -exec chmod 555 {} \;

(Yeah I did that the lazy way).


HOWEVER, note that with both methods, this will also prevent that user 
from modifying anything. So no cache, no temporary files (in their 
homedir), no new bookmarks, no saving any kind of config file, and 
probably some other stuff peograms want to write in the homedir.

Of course, This might be exactly what you want. But it might have some 
unexpected side-effects. Best thing to do is login as your guest account, 
do the initial setup on any program you want to make sure will work, and 
then change the ownership/permissions.


On Mon, 21 Apr 2014, paul g wrote:

> Thank you for your reply.
> 
> 1. Is there a relatively simple way to prohibit 'visitor' from removing
> files/folders from their home directory? Such as .mozilla? etc. Which of
> course could end up ruining their account. [could a solution be removing
> 'visitors' write permissions? Hopefully 'visitor' would still be able to
> write a file to the Shared folder then correct?
> 
> 2. A while back I read a page on the 'ask ubuntu' website concerning
> 'prohibiting guest from emptying trash folder and deleting files' There were
> about 4 steps that semi worked as I recall. 'visitor' was unable to empty
> trash at the end. Though 'visitor' was still able to enter the file manager
> and delete files that way. I ended up reverting everything within 'visitors'
> account back to standard settings.
> 
> So if I remove the 'write permissions' from 'visitor' leave group alone so
> 'visitors' permissions would look like this: dr-xrwx--- 29 visitor visitor
> 4.0K Apr 18 19:22 visitor
> 
> Any ideas on this matter?
> 
> Attached to this email is a screenshot of the systems installed users
> permissions/groups on the computer as of now shown in the bash-terminal.
> 
> Thanks for your help.
> 
> > Date: Mon, 21 Apr 2014 17:43:04 -0500
> > From: tclug at freakzilla.com
> > To: tclug-list at mn-linux.org
> > Subject: Re: [tclug-list] A visitor account setup.
> >
> > On Mon, 21 Apr 2014, paul g wrote:
> >
> > > If I can ask why when user 'paul' is selected it does not show that
> 'paul is
> > > a member of paul's group'?
> > > is it because 'paul' is an administrator?
> >
> > "paul" is probably in many groups. There's really no need to create a
> > group specifically for "paul" since "paul" is a regular user, not a
> > special user. You're not going to create multiple users who have the same
> > special access as "paul" does.
> >
> > Groups are for combining roles, so you'll have "users", "administrators",
> > etc.
> > _______________________________________________
> > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> > tclug-list at mn-linux.org
> > http://mailman.mn-linux.org/mailman/listinfo/tclug-list
> 
>