While searching the web, I found a lot of methods to create a new Guest account that will be used by our students. We don’t want to use the standard OS X account because we need a different name and a few of customization. This Guest account needs to be cleared every time that a user login to be sure that our students don’t get the files of the precedent user.
I noticed that the only working way to do this was to use the “Login/Logout Hooks” of OS X. The problem is that the login hooks are “officially” deprecated by Apple since Mac OS X 10.4 and the LaunchAgent need to be used to replace the hooks. Launchd is a great tool, but it’s not easy to create a login script (if someone has an idea, you can leave a comment!). The deprecated hooks are always working in recent versions of OS X (included 10.9), so why not using this a bit yet?
With Absolute Manage we put all our preferences and settings for applications in the Templates directories, so I chose to use as reference the official templates directorie used by OS X to generate the “standard” Guest account (/System/Library/User Template/Non_localized/).
A login hook will be executed as root, based on this it’s possible to copy the template every time that a user open a session. The current user will be returned as the variable $1, so we can execute the script as root with hook and use the $1 to propagate the correct permissions to the new home directory.
Below you can find the used script to prepare a new home directory every time that a user logs in (change the USER variable by your user short name):
#!/bin/bash USER="student" GROUP="staff" if [ $1 == "$USER" ]; then /bin/rm -rf /Users/"$1" /usr/bin/ditto /System/Library/User\ Template/Non_localized /Users/"$USER" /usr/sbin/chown -R "$1":"$GROUP" /Users/"$USER" fi exit
To install the login hook you need to edit the root LoginWindow preference file:
sudo defaults write /var/root/Library/Preferences/com.apple.loginwindow LoginHook /path/to/your/script.sh
In this example, we took the official Users Template, but you can use a custom home built only for this script or to mix the two possibilities by adding more ditto command in the same script.