Disable python versions for certain users without uninstalling python

chown the non-public version(s) to a specif group, make it executable only by that group (chmod 754 ...), and add the allowed users to that group.

But keep in mind that there are system utilities that rely on specific python versions, so you will likely break something: in my Ubuntu 16.04, /usr/bin contains 106 files with a python.* shebang, of which 47 have a python3 shebang.

I want the users to use that new version and have no access to older versions.

Don't.

There's a reason Ubuntu comes with two versions of Python. It's that some utilities are written in Python2, and can not run in Python 3. Others are written in Python 3, and can not run in Python 2.

In addition Python 2 is still widely used for all kinds of tasks, and the majority of Python code out there is probably still Python 2.

Python 2.7 will be supported with bug fixes until at least 2020.

I did this by using the acl permissions. I just removed access to wrong python versions for my target user group. simple as that, nothing is broken(can't believe anyone suggested this).

Install acl

sudo apt-get install acl

Remount system disk with acl support

Edit fstab:

sudo nano /etc/fstab

Add "acl" support if not there already, for example changing from

UUID=abc-123-456-789 / ext4 defaults 1 1

To:

UUID=abc-123-456-789 / ext4 defaults,acl 1 1

Remount the root:

sudo mount -o remount /

Set access rights

Create symbolic link for python3 so that both python and python3 works for my target user group:

sudo ln -s /usr/local/bin/python /usr/local/bin/python3

Update acl permissions so that access is removed from system python versions for user group "blocked":

setfacl -m g:blocked:- -R /usr/bin/python2
setfacl -m g:blocked:- -R /usr/bin/python3
setfacl -m g:blocked:- -R /usr/bin/python3.5m