On Monday 10 January 2022 08:33:16 Michael wrote: > On Sunday 09 January 2022 10:35:55 am William Morder via tde-users wrote: > > [Whatever Software] now collects and > > shares our data. Even though it is used almost entirely offline, requires > > no connection for actual users working at home. > > Link: > https://serverfault.com/questions/550276/how-to-block-internet-access-to-ce >rtain-programs-on-linux > > I had an issue with the instructions in the above link. Including my > (programmer pidgin) notes as well, which should allow you to just > find/replace michael for your username. > > Best, > Michael > > > Block internet access > > :As root: > > iptables -L > cat /etc/group > groupadd nointernet > cat /etc/group > usermod -a -G nointernet michael > > > ll /usr/bin/no* > nano /usr/bin/nointernet > chmod +x /usr/bin/nointernet > ll /etc/network/if-pre-up.d > nano /etc/network/if-pre-up.d/iptables_nointernet_rule > ll /etc/network/if-pre-up.d/iptables_nointernet_rule > chmod +x /etc/network/if-pre-up.d/iptables_nointernet_rule > ll /etc/network/if-pre-up.d/iptables_nointernet_rule > ll /usr/bin/no* > cat /etc/network/if-pre-up.d/iptables_nointernet_rule > /etc/network/if-pre-up.d/iptables_nointernet_rule > > > # cat /etc/network/if-pre-up.d/iptables_nointernet_rule > #!/bin/bash > # iptables -A OUTPUT -m owner --gid-owner nointernet -j DROP > iptables -I OUTPUT 1 -m owner --gid-owner nointernet -j DROP > > # cat /usr/bin/nointernet > #!/bin/bash > COMMAND="$1" > shift > for arg; do > COMMAND="$COMMAND \"$arg\"" > done > sg nointernet "$COMMAND" > > :Menu Entry > > nointernet smplayer %U > > Notes: > NAME > sg - execute command as different group ID > > SYNOPSIS > sg [-] [group [-c ] command] > > DESCRIPTION > The sg command works similar to newgrp but accepts a command. The > command will be executed with the /bin/sh shell. With most shells you may > run sg from, you need to enclose multi-word commands in quotes. Another > difference between newgrp and sg is that some shells treat newgrp > specially, replacing themselves with a new instance of a shell that newgrp > creates. This doesn't happen with sg, so upon exit from a sg command you > are returned to your previous group ID. > Thanks, I'll give this a try. Bill ____________________________________________________ tde-users mailing list -- users@xxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxx Web mail archive available at https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@xxxxxxxxxxxxxxxxxx
