Tonight I'm teaching a class in which all the students will be able to log into my server, create a database, download Drupal 7, install the site, and then go and look at the apache logs to see what they've done. The class is aimed at newbies, and I could just give everyone an account with full sudoers privileges on my server and hope that no one does anything nasty, but I'm not so dumb as to think that a clever student won't get bored and start poking around at other things.
So, how am I going to do this and keep everything safe for my own websites, and those of my clients, that sit on that server? Essentially, I have built sandboxes for the students to play in.
First off, I created users for each of the students using a format that identifies them as students of this class. I'm not bothering with their names at all, actually. Just giving them usernames like "student1", "student2", etc.
Each account has a home directory at the usual place (eg /home/student1) plus two more directories underneath that: web and log.