Chikina Lab banner
Chikina Lab

Secure Agent User Setup on Linux

A guide to creating an isolated Linux user for running AI agents, with scoped access to a specific folder, shared conda environments, and a clean terminal experience.

Customize for your setup

Enter your details below and all commands on this page will update automatically.

e.g. jsmith, alice
The folder the agent should have full access to, e.g. /home/jsmith/projects/agent-work

Overview

The goal is to create a user called agent that:

  • Has no password (only accessible via sudo from your main user)
  • Has full read/write access to {{WORKSPACE}} only
  • Cannot list or read any other part of your home directory
  • Can use your existing mambaforge conda environments without copying them
  • Has a bright color-coded terminal so that you don't get confused what user you are

1. Create the Agent User

Create the user with a bash shell but no password, then lock the account so it can only be accessed via sudo.

sudo useradd -m -s /bin/bash agent
sudo usermod -L agent
  • -m creates a home directory at /home/agent
  • -s /bin/bash gives a real shell (required for interactive use)
  • -L locks the password, preventing direct login

2. Allow Passwordless sudo Switch

Configure sudo so you can switch to agent without being prompted for a password.

sudo visudo

Add this line at the bottom:

{{USER}} ALL=(agent) NOPASSWD: ALL

Save and exit. Now you can switch to the agent user without any password prompt.

3. Add a Convenient Alias

Add an alias to your own .bashrc so switching to the agent is a single word:

echo "alias agent='sudo -u agent bash --login'" >> /home/{{USER}}/.bashrc
source /home/{{USER}}/.bashrc

Now just type agent to open an interactive session as the agent user.

4. Create a Shared Group for Workspace Access

Use a dedicated group shared between both users.

sudo groupadd agents-group
sudo usermod -aG agents-group {{USER}}
sudo usermod -aG agents-group agent

5. Set Filesystem Permissions

This is the core of the isolation. The agent can traverse the path to the workspace but cannot list or read anything else along the way.

# Your home dir: group can traverse only, no world access
chmod o= /home/{{USER}}
chmod o+x /home/{{USER}}

# Each parent directory of the workspace: group traverse only
{{PARENT_PERMS}}

# Workspace folder: full group read/write/execute, no world permissions
sudo chgrp -R agents-group {{WORKSPACE}}
sudo chmod -R g+rwx,o-rwx {{WORKSPACE}}

Lock Down All Other Home Directories

Ensure nothing else in your home is world-readable. Run this once as a sweep:

find /home/{{USER}} -maxdepth 1 -type d ! -name '{{USER}}' -exec chmod o-rwx {} +

This strips world permissions from every folder directly under your home in one command. Re-run it if you create new folders in the future.

What this means in practice:

Path agent access
/home/{{USER}}/Traverse only — cannot list contents
/home/{{USER}}/Documents, etc.No access
Traverse only — cannot list contents
{{WORKSPACE}}/Full read/write

6. Symlink Workspace into Agent's Home

Rather than having the agent navigate a long path, create a symlink in the agent's home directory:

sudo ln -s {{WORKSPACE}} /home/agent/workspace

The agent user now sees ~/workspace as a clean entry point.

7. Give Agent Access to Mambaforge Environments

Grant read and execute access to your conda envs (no write, so the agent cannot modify them). In this case they live in the mambaforge directory. Check your setup.

chmod o+x /home/{{USER}}/mambaforge
chmod o+x /home/{{USER}}/mambaforge/envs
chmod -R o+rx /home/{{USER}}/mambaforge/envs

8. Configure the Agent's .bashrc

Set up conda initialization, a custom prompt, and file coloring by editing the agent's .bashrc as root:

sudo nano /home/agent/.bashrc

Add the following:

# Initialize conda
source /home/{{USER}}/mambaforge/etc/profile.d/conda.sh

# Colored prompt: bright pink username, bright yellow host and path
PS1='\[\e[1;95m\]agent\[\e[0m\]@\[\e[1;93m\]\h\[\e[0m\]:\[\e[1;93m\]\w\[\e[0m\]\$ '

# Enable file/directory color highlighting
alias ls='ls --color=auto'
# Go to the right directory on login
cd ~/workspace

9. Ensure Bash Profile Sources .bashrc

So that --login sessions pick up everything in .bashrc:

sudo bash -c 'echo "source ~/.bashrc" >> /home/agent/.bash_profile'

10. Verify Everything Works

Switch to the agent and run these checks:

agent

# Confirm correct user
whoami                        # should print: agent

# Confirm conda works
conda info

# Confirm workspace is accessible
ls ~/workspace

# Confirm you cannot escape into personal files
ls /home/{{USER}}             # should be: Permission denied

# Confirm no ugly green background on directories
ls ~/workspace

Day-to-Day Usage

# Switch to agent (from your main user)
agent

# New project folders under the workspace automatically inherit group permissions
# If you ever need to reset permissions on the whole folder:
sudo chmod -R g+rwx,o-rwx {{WORKSPACE}}