Guest Account - allow access to media content?

OK, here’s the scenario. I like Garuda’s use of the temporary guest account. I changed my users Guest accounts GID & UID to 1001 and changed my user account to 1000 to be consistent with my predefined user accounts on other computers. That’s not the issue, as that is being changed in upcoming Garuda editions.

In the Guest account the user is not permitted to view any files in other users home directories. I like all my external drives mounted in the default location /run/media/$USER/ name_of_drive.

The problem being this is an HTPC computer with the media files located on swappable external drives. When the guest account is active the user can not view any movies etc stored on the media drives. This kind of defeats the purpose of the Guest account if I can’t leave a guest to watch media on my home theater computer.

So, I did some searching and the only method I found to circumvent the Guest account security was to use a bind mount as thist apparently sidesteps the ACL’s. So I mounted the media drive I wanted to give access to via fstab (still using /run/media/$USER/). Then I put a bind mount in fstab to /media/video/movies and it worked.

Problem was the whole drive was visible to the Guest user with full read/write/delete permissions. So, the default way is too restrictive, and my workaround is too permissive.

Anyone have any other ideas on how to give permissions to only read from a specified media folder on the guest account. I do not want the guest account to be able read other non specified directories, and the specified directories require read only permissions. I tried playing with the permissions on the folder, but it made no difference using the bind mount method.

Information on this subject is extremely scanty on the internet unless my SearchFu has failed me.



Maybe something like:

  1. Put the shared directory in a location accessible to both accounts (e.g. under /media);
  2. Add both users to a common group (e.g. users, or a new one);
  3. Set the directory group (chgrp) to the above group and set permissions to allow group read.

I’ll give it a try later, thanks for the suggestions.


I see the opposite.
While you use a user specific mount point, you expect it to be shareable by default.
For security reasons, the default guest cannot access other users’ resources.
As proposed, use a more universal mount point.
And since you want to fine-grain the guest account to your personal POV, I would strongly suggest you create and use a user and a group for that purpose. The standard guest account is limited and is a special account.

Welcome to Garuda BTW :stuck_out_tongue:


Thank you @petsam, so nice to see some old familiar friends on the Garuda forum. I hope you are well.

It is so good to hear from you again. Nice to see the Greek flag flying on the Garuda forum.

Cheers my friend. :beers: