Parental Control

From ArchWiki
Revision as of 23:38, 21 February 2014 by SanskritFritz (talk | contribs) (OpenDNS Parental Control: using ddclient)
Jump to: navigation, search

Template:Article summary start Template:Article summary text Template:Article summary end



Package: timekprAUR

This program will control the computer usage of your user accounts. You can limit their daily usage based on a timed access duration and configure periods of day when they can log in. The program consist of a daemon which supervises the time allowed for any user, and a client in the traybar, that warns the users about their time running out. Administration is done in a graphical GTK GUI.


Package: timeoutdAUR

A lightweight alternative to timekpr is timeoutd. It scans /var/run/utmp every minute and checks /etc/timeouts for an entry which matches a restricted user. Restrictions can be done on idle time, login time, maximum time, and time of day.



Package: logkeys-svnAUR (The -svn version is recommended. It is stable and includes the latest patch that allows logkeys to work in Archlinux)

This program logs every keypress into a logfile for later inspection. It runs as daemon. The logfile by default resides in /var/log, but it is recommended to move it to an encrypted partition as it will contain every password ever entered in the system. For supervision purposes I recommend using the --no-func-keys option. Also there is some keymaps in the logkeys-keymap-svnAUR package, use them with the --keymap option, this is necessary to log the keys properly if you use a localized non US keyboard.

Whitelist with Tinyproxy and Firehol

The following description will enable you to filter any user's access to the internet with a whitelist of url-s using firehol and tinyproxy (or tinyproxy-gitAUR).

/etc/tinyproxy/tinyproxy.conf consists of the following changes:

FilterURLs On
FilterDefaultDeny Yes
Filter "/etc/tinyproxy/whitelist"

/etc/tinyproxy/whitelist should hold the url's that will be only allowed accessed by selected users. A silly example:


/etc/firehol/firehol.conf should contain the following line:

transparent_proxy "80 443" 8888 "nobody root bin myaccount"

where myaccount is my account that should no be filtered by Tinyproxy.

OpenDNS Parental Control

OpenDNS provides free DNS services that can be used as alternative to your ISP's default servers. What's more, they provide blacklist filtering capabilities by registering. Different levels of filtering is possible. Read more about it on their home page.

If you have dynamic IP address, it is a good idea to keep it updated on OpenDNS. Just use community/ddclient and edit /etc/ddclient/ddclient.conf like this:

# account-configuration