Re: Prevent shutdown with systemctl
On Tue 05 Jan 2016 at 00:48:20 +0100, Michael Biebl wrote:
> Am 04.01.2016 um 23:36 schrieb Floris:
> >
> > Maybe there is a reason. Why is the default rule:
> >
> > <action id="org.freedesktop.login1.power-off-multiple-sessions">
> > <allow_any>auth_admin_keep</allow_any>
> > <allow_inactive>auth_admin_keep</allow_inactive>
> > <allow_active>yes</allow_active>
> > </defaults>
> >
> > instead of
> > ...
> > <allow_active>auth_admin_keep</allow_active>
> > ...
>
> The reasoning here is, that someone who is active and local has physical
> access, so could shutdown the system via other means anyway (pull the plug).
I see the argument, it is explained more fully at
https://lists.debian.org/debian-devel/2015/08/msg00354.html ,
but am not completely persuaded by the "annoyance" factor. In the early
days of systemd the default was indeed auth_admin_keep for active users.
I have not tried policykit from experimental but believe the format of a
localauthority file has changed to use JavaScript. Will present .pkla
files continue to work with this version of policykit?
Reply to: