diff --git a/src/base/registration/registration.py b/src/base/registration/registration.py index aa3c59b..690a3dc 100644 --- a/src/base/registration/registration.py +++ b/src/base/registration/registration.py @@ -559,6 +559,19 @@ class Registration: Util.execute(change_permisson.format(new_home_dir)) def change_permissions_for_local_users(self): + if self.disable_local_users is False: + content = Util.read_file('/etc/passwd') + change_permisson = "chmod -R 700 {}" + for p in pwd.getpwall(): + self.logger.info( + "User: '{0}' will change home directory of username".format(p.pw_name)) + if not sysx.shell_is_interactive(p.pw_shell): + continue + if p.pw_uid == 0: + continue + if p.pw_name in content: + Util.execute(change_permisson.format(p.pw_dir)) + add_user_conf_file = "/etc/adduser.conf" file_dir_mode = open(add_user_conf_file, 'r') file_data = file_dir_mode.read() diff --git a/src/plugins/local-user/add_user.py b/src/plugins/local-user/add_user.py index 252bcb4..db0fd75 100644 --- a/src/plugins/local-user/add_user.py +++ b/src/plugins/local-user/add_user.py @@ -33,7 +33,7 @@ class AddUser(AbstractPlugin): self.change_password = 'usermod -p {0} {1}' self.change_shell = 'usermod -s /bin/bash {}' self.change_owner = 'chown {0}.{0} {1}' - self.change_permission = 'chmod 755 {}' + self.change_permission = 'chmod 700 {}' self.desktop_path = '' self.xfce4_session = "/usr/bin/xfce4-session" diff --git a/src/plugins/local-user/edit_user.py b/src/plugins/local-user/edit_user.py index f55f799..a5aef24 100644 --- a/src/plugins/local-user/edit_user.py +++ b/src/plugins/local-user/edit_user.py @@ -36,7 +36,7 @@ class EditUser(AbstractPlugin): self.change_groups = 'usermod -G {0} {1}' self.remove_all_groups = 'usermod -G "" {}' self.change_owner = 'chown {0}.{0} {1}' - self.change_permission = 'chmod 755 {}' + self.change_permission = 'chmod 700 {}' self.logout_user = 'pkill -u {}' self.kill_all_process = 'killall -KILL -u {}'