Red Hat Training
A Red Hat training course is available for Red Hat Enterprise Linux
13.8. Locking Down User Logout and User Switching
Follow these steps to prevent the user from logging out.
- Create the
/etc/dconf/profile/userprofile which contains the following lines:user-db:user system-db:local
localis the name of adconfdatabase. - Create the directory
/etc/dconf/db/local.d/if it does not already exist. - Create the key file
/etc/dconf/db/local.d/00-logoutto provide information for thelocaldatabase:[org/gnome/desktop/lockdown] # Prevent the user from user switching disable-log-out=true
- Override the user's setting and prevent the user from changing it in
/etc/dconf/db/local.d/locks/lockdown:# Lock this key to disable user logout /org/gnome/desktop/lockdown/disable-log-out
- Update the system databases:
#
dconf update - Users must log out and back in again before the system-wide settings take effect.
Important
Users can evade the logout lockdown by switching to a different user, which can thwart system administrator's intentions. That is the reason why it is recommended to disable "user switching" as well to prevent this scenario from occurring.
Procedure 13.8. Prevent the User form Switching to a Different User Account
- Create the
/etc/dconf/profile/userprofile which contains the following lines:user-db:user system-db:local
localis the name of adconfdatabase. - Create the directory
/etc/dconf/db/local.d/if it does not already exist. - Create the key file
/etc/dconf/db/local.d/00-user-switchingto provide information for thelocaldatabase:[org/gnome/desktop/lockdown] # Prevent the user from user switching disable-user-switching=true
- Override the user's setting and prevent the user from changing it in
/etc/dconf/db/local.d/locks/lockdown:# Lock this key to disable user switching /org/gnome/desktop/lockdown/disable-user-switching
- Update the system databases:
#
dconf update - Users must log out and back in again before the system-wide settings take effect.
