Default page

Your IP: 216.73.216.91
Server IP: 157.245.101.34
Server: Linux skvinfotech-website 5.4.0-131-generic #147-Ubuntu SMP Fri Oct 14 17:07:22 UTC 2022 x86_64
Server Software: Apache/2.4.41 (Ubuntu)
PHP Version: 7.4.33
Buat File | Buat Folder

Dir : ~/usr/share/help/C/system-admin-guide/

Edit File: lockdown-command-line.page

<credit type="author copyright">
 <name>Petr Kovar</name>
 <email>pknbe@volny.cz</email>
 <years>2014</years>
 </credit>
 <credit type="author copyright">
 <name>Ekaterina Gerasimova</name>
 <email>kittykat3756@gmail.com</email>
 <years>2014</years>
 </credit>
 <credit type="author copyright">
 <name>Jana Svarova</name>
 <email>jana.svarova@gmail.com</email>
 <years>2015</years>
 </credit>

<desc>Prevent users from accessing the command-line.</desc>
 </info>

<title>Disable command-line access</title>

To disable command-line access for your desktop user, you need to make
 configuration changes in a number of different contexts. Bear in mind that the
 following steps do not remove the desktop user's permissions to access a
 command line, but rather remove the ways that the desktop user could access
 the command line.

<list>
 <item>
 Set the <code>org.gnome.desktop.lockdown.disable-command-line</code>
 GSettings key, which prevents the user from accessing the terminal or
 specifying a command line to be executed (the <keyseq><key>Alt</key>
 <key>F2</key></keyseq> command prompt).
 </item>
 <item>
 Prevent users from accessing the <keyseq><key>Alt</key><key>F2</key>
 </keyseq> command prompt.
 </item>
 <item>
 Disable switching to virtual terminals (VTs) with the <keyseq>
 <key>Ctrl</key><key>Alt</key><key><var>function key</var></key></keyseq>
 shortcuts by modifying the X server configuration.
 </item>
 <item>
 Remove <app>Terminal</app> and all other terminal applications from
 the <gui>Activities</gui> overview in GNOME Shell. You will also need to
 prevent the user from installing a new terminal application.
 <comment>
 <cite>Petr Kovar</cite>
 We have yet to cover removing a menu item in this guide. We don’t
 want system admins having to modify .desktop files as those could be
 overwritten on system update.
 </comment>
 </item>
 </list>

<section id="command-prompt">
 <title>Disable the command prompt</title>

<steps>
 <include href="dconf-snippets.xml"
 xpointer="xpointer(/*/*[@xml:id='dconf-profile-user'])"
 xmlns="http://www.w3.org/2001/XInclude"/>
 <item>
 Create a <sys>local</sys> database for machine-wide settings in
 <file>/etc/dconf/db/local.d/00-lockdown</file>:
 <code># Specify the dconf path
[org/gnome/desktop/lockdown]

# Disable the command prompt
disable-command-line=true</code>
 </item>
 <item>
 Override the user’s setting and prevent the user from changing it in
 <file>/etc/dconf/db/local.d/locks/lockdown</file>:
 <code># List the keys used to configure lockdown
/org/gnome/desktop/lockdown/disable-command-line</code>
 </item>
 <include href="dconf-snippets.xml"
 xpointer="xpointer(/*/*[@xml:id='dconf-update'])"
 xmlns="http://www.w3.org/2001/XInclude"/>
 <include href="dconf-snippets.xml"
 xpointer="xpointer(/*/*[@xml:id='dconf-logoutin'])"
 xmlns="http://www.w3.org/2001/XInclude"/>
 </steps>
</section>

<section id="virtual-terminal">
 <title>Disable dropping to a virtual terminal</title>

Users can normally use the
 <keyseq><key>Ctrl</key><key>Alt</key><key><var>function
 key</var></key></keyseq> shortcuts (for example,
 <keyseq><key>Ctrl</key><key>Alt</key><key>F2</key></keyseq>) to switch from
 the GNOME desktop to a virtual terminal.

If the computer is running the X Window System, you can disable
 access to all virtual terminals by adding a <code>DontVTSwitch</code> option
 to the <code>Serverflags</code> section in an X configuration file in the
 <file>/etc/X11/xorg.conf.d/</file> directory.

<steps>
 <item>
 Create or edit an X configuration file in
 <file>/etc/X11/xorg.conf.d/</file>. For example,
 <file>/etc/X11/xorg.conf.d/10-xorg.conf</file>:
 <listing>
 <title><file>/etc/X11/xorg.conf.d/10-xorg.conf</file></title>
<code>Section "Serverflags"

Option "DontVTSwitch" "yes"

EndSection
</code>
 </listing>
 </item>
 <item>
 Restart the X server for the changes to take effect.
 </item>
 </steps>

</section>

</page>