I want to create a user account on my computer that is very restricted.
On Arch Linux I just didn’t make that user root, also I made sure
nix wasn’t in that users
PATH, additionally I didn’t put that user into
I was totally fine that I had to install software for that user manually and globally using
Now as I have switched to nixOS, I still have that user not in
allowed-users, but I’d be happy if that user where able to manage whitelisted software on their own.
I’d be fine with
nix-env only as a starting point (they will probably only install an office, a browser and some games) though if I could perhaps convince them to use
home-manager later on, I’d be happy if that works as well.
Plus points if it is possible to deny logins without my (or my wifes) explicit consens when not in the main usage time.
More pluspoints if I could tell NetworkManager that this user should use a different proxy and DNS than all the other accounts on the computer, without touching any existing user sessions in the background…
Any hints on making this possible and there fore a user accound “child safe”?