Clone user account but change privileges
I have a fully set up admin account on my system (15.04) I daily used.
For security reasons (I know I should have done this long ago, but better now than never), I want to switch over to use a restricted account for everyday work.
What I would like to achieve is to make an exact copy of my current admin profile, give it another name and set its privileges down to "restricted user" without losing any of my configurations, neither system- nor program-related ones.
Can this be done? How?
There are two parts to this question:
- Creating a user without admin privileges
- Creating a user who's a clone of another
Typically, an admin user on Ubuntu is an admin because they are in the sudo group. Membership in sudo gives you both sudoers and Polkit privileges by the default configuration:
$ grep %sudo /etc/sudoers
%sudo ALL=(ALL:ALL) ALL
$ grep sudo /etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf
AdminIdentities=unix-group:sudo;unix-group:admin
So, all we need to do is not add a new user to the sudo group. And that doesn't need anything special to accomplish.
The second part can be handled by either using the normal adduser command, and then copy everything in your home directory to theirs' using rsync or cp, or specifying your home directory as the skeleton directory to useradd. The first method would look like:
sudo adduser newuser
# answer all the questions
sudo rsync -aP ~bytecommander/ ~newuser
sudo chown newuser -R ~newuser
The second would like:
sudo useradd -mk ~bytecommander newuser
(In both cases, replace bytecommander with your username.)