package provides a kiosk user account. This account is used to secure machines that people walk up to and use, such as those at libraries, banks, airports, information kiosks, and coffee shops. The kiosk user account is very limited: essentially, it only allows a user to log in and use Firefox
to browse Internet websites. Guest user is assigned to
, see Table 3.1, “SELinux User Capabilities”
. Any changes made while logged in with this account, such as creating files or changing settings, are lost when you log out.
To set up the kiosk account:
As root, install the xguest package. Install dependencies as required:
yum install xguest
In order to allow the kiosk account to be used by a variety of people, the account is not password-protected, and as such, the account can only be protected if SELinux is running in enforcing mode. Before logging in with this account, use the
getenforce utility to confirm that SELinux is running in enforcing mode:
You can only log in to this account using the GNOME Display Manager (GDM). Once the xguest package is installed, a
Guest account is added to the GDM login screen.