Difference between revisions of "Parental Control"

From ArchWiki
Jump to: navigation, search
(logkeys section added)
(timeoutd)
(8 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[Category:Security (English)]]
+
[[Category:Security]]
 
{{Article summary start}}
 
{{Article summary start}}
 
{{Article summary text|Some tools and methods for parental control, protecting and limiting children's activity on the computer.}}
 
{{Article summary text|Some tools and methods for parental control, protecting and limiting children's activity on the computer.}}
Line 8: Line 8:
 
Homepage: https://launchpad.net/timekpr
 
Homepage: https://launchpad.net/timekpr
  
Package: [https://aur.archlinux.org/packages.php?ID=41435 timekpr]
+
Package: {{aur|timekpr}}
  
This program will control the computer usage of your user accounts. It runs as daemon. You can limit their daily usage based on a timed access duration and configure periods of day when they can log in. The program consist of a daemon which supervises the time allowed for any user, and a client in the traybar, that warns the users about their time running out. Administration is done in a graphical GTK GUI.
+
This program will control the computer usage of your user accounts. You can limit their daily usage based on a timed access duration and configure periods of day when they can log in. The program consist of a daemon which supervises the time allowed for any user, and a client in the traybar, that warns the users about their time running out. Administration is done in a graphical GTK GUI.
 +
 
 +
==Timeoutd==
 +
 
 +
Package: {{aur|timeoutd}}
 +
 
 +
A lightweight alternative to timekpr is timeoutd. It scans /var/run/utmp every minute and checks /etc/timeouts for an entry which matches a restricted user. Restrictions can be done on idle time, login time, maximum time, and time of day.
  
 
==Logkeys==
 
==Logkeys==
Line 16: Line 22:
 
Homepage: http://code.google.com/p/logkeys/
 
Homepage: http://code.google.com/p/logkeys/
  
Package: [https://aur.archlinux.org/packages.php?ID=37863 logkeys-svn] (I recommend using the -svn version, it is stable, and it includes the latest patch that allows logkeys work in Archlinux)
+
Package: {{aur|logkeys-svn}} (The -svn version is recommended. It is stable and includes the latest patch that allows logkeys to work in Archlinux)
  
This program logs every keypress into a logfile for later inspection. It runs as daemon. The logfile by default resides in /var/log, but it is recommended to move it to an encrypted partition as it will contain every password ever entered in the system. For supervision purposes I recommend using the --no-func-keys option. Also there is some keymaps in the [https://aur.archlinux.org/packages.php?ID=55547 logkeys-keymap-svn] package, use them with the --keymap option, this is necessary to log the keys properly if you use a localized non US keyboard.
+
This program logs every keypress into a logfile for later inspection. It runs as daemon. The logfile by default resides in {{ic|/var/log}}, but it is recommended to move it to an encrypted partition as it will contain every password ever entered in the system. For supervision purposes I recommend using the {{ic|--no-func-keys}} option. Also there is some keymaps in the {{aur|logkeys-keymap-svn}} package, use them with the {{ic|--keymap}} option, this is necessary to log the keys properly if you use a localized non US keyboard.
  
 
==Whitelist with Tinyproxy and Firehol==
 
==Whitelist with Tinyproxy and Firehol==
The following description will enable you to filter any user's access to the internet with a whitelist of url-s using Firehol and Tinyproxy. For this, the tinyproxy-git package will be used, because the community package was compiled without transparent-proxy mode.
+
The following description will enable you to filter any user's access to the internet with a whitelist of url-s using {{pkg|firehol}} and {{pkg|tinyproxy}} (or {{aur|tinyproxy-git}}).
 
+
The tinyproxy-git AUR package: http://aur.archlinux.org/packages.php?ID=44064
+
 
+
Firehol is in the community repo.
+
  
/etc/tinyproxy/tinyproxy.conf consists of the following changes:
+
{{ic|/etc/tinyproxy/tinyproxy.conf}} consists of the following changes:
 
  FilterURLs On
 
  FilterURLs On
 
  FilterDefaultDeny Yes
 
  FilterDefaultDeny Yes
 
  Filter "/etc/tinyproxy/whitelist"
 
  Filter "/etc/tinyproxy/whitelist"
/etc/tinyproxy/whitelist should hold the url-s that will be only allowed accessed by selected users. A silly example:
+
{{ic|/etc/tinyproxy/whitelist}} should hold the url's that will be only allowed accessed by selected users. A silly example:
 
  (www|wiki|static).archlinux.org
 
  (www|wiki|static).archlinux.org
 
  google.com
 
  google.com
/etc/firehol/firehol.conf should contain the following line:
+
{{ic|/etc/firehol/firehol.conf}} should contain the following line:
 
  transparent_proxy "80 443" 8888 "nobody root bin myaccount"
 
  transparent_proxy "80 443" 8888 "nobody root bin myaccount"
 
where myaccount is my account that should no be filtered by Tinyproxy.
 
where myaccount is my account that should no be filtered by Tinyproxy.

Revision as of 21:44, 29 October 2012

Summary help replacing me
Some tools and methods for parental control, protecting and limiting children's activity on the computer.

Timekpr

Homepage: https://launchpad.net/timekpr

Package: timekprAUR

This program will control the computer usage of your user accounts. You can limit their daily usage based on a timed access duration and configure periods of day when they can log in. The program consist of a daemon which supervises the time allowed for any user, and a client in the traybar, that warns the users about their time running out. Administration is done in a graphical GTK GUI.

Timeoutd

Package: timeoutdAUR

A lightweight alternative to timekpr is timeoutd. It scans /var/run/utmp every minute and checks /etc/timeouts for an entry which matches a restricted user. Restrictions can be done on idle time, login time, maximum time, and time of day.

Logkeys

Homepage: http://code.google.com/p/logkeys/

Package: logkeys-svnAUR (The -svn version is recommended. It is stable and includes the latest patch that allows logkeys to work in Archlinux)

This program logs every keypress into a logfile for later inspection. It runs as daemon. The logfile by default resides in /var/log, but it is recommended to move it to an encrypted partition as it will contain every password ever entered in the system. For supervision purposes I recommend using the --no-func-keys option. Also there is some keymaps in the logkeys-keymap-svnAUR package, use them with the --keymap option, this is necessary to log the keys properly if you use a localized non US keyboard.

Whitelist with Tinyproxy and Firehol

The following description will enable you to filter any user's access to the internet with a whitelist of url-s using firehol and tinyproxy (or tinyproxy-gitAUR).

/etc/tinyproxy/tinyproxy.conf consists of the following changes:

FilterURLs On
FilterDefaultDeny Yes
Filter "/etc/tinyproxy/whitelist"

/etc/tinyproxy/whitelist should hold the url's that will be only allowed accessed by selected users. A silly example:

(www|wiki|static).archlinux.org
google.com

/etc/firehol/firehol.conf should contain the following line:

transparent_proxy "80 443" 8888 "nobody root bin myaccount"

where myaccount is my account that should no be filtered by Tinyproxy.