Summary: logout/halt/reboot as ordinary user, gnome logout button?
Below are my motivations for bringing this issue up:
- The intended use of the computers are for desktop applications.
- I don't want to give the root password away to other users on my
machines, in this case my family members.
- Mainly the kids use the computers for games, especially networked.
- I want to enable my family to use Linux instead of the other
OS. Therefore it is important that they can start the computer, run
it and shut down in a CONTROLLED way. Restart/shutdown are menu
entries in the other OS!!
- Since the user has direct access to the computer, he/she can turn
off the power switch. This is NOT a preferred way to shut down, you
know the possible consequences of this.
- GDM, XDM or KDM are not interesting, since then ALL users have to use the
graphical login. I prefer to go to X with startx, for other users
startx can be put in their login scripts. I know you can always go to
a virtual console with CTRL-ALT-Fx, x = 1,...,6. I dont prefer this
solution. It is much nicer to start X from the console, from there enabling
logging of errors etc.
- Sudo, super etc can be used but I would prefer logout/halt/reboot as a default
behavior IF you have CHOSEN to enable it during OS-install.
- I'm running Redhat 6.1, RawHide 19991210, Mandrake 6.1, SuSE 6.3 and
Debian 2.2 on four different machines. Unfortunately also the other
OS is present on three of them!!
Here is a short summary of the replies obtained on this issue and my comments.
- In rawhide/redhat 6.1 one can in the gnome panel either choose logout
(from X, halt or reboot as an ordinary user by just giving the user
password). As described by Owen Taylor at Redhat the commands halt and
reboot (located at /usr/bin not /sbin) are links to the program
consolehelper, which is part of the usermode package. Authentication
is using PAM. Full message is included last in this mail.
- According to the man page, the program consolehelper is a wrapper to
userhelper. Consolehelper is not suid root, userhelper is.
- The RedHat solution seem to be a very handy one. What about
implementing it also for other distributions, such as Debian, SuSe,
Mandrake etc. Or more conveniently, what about building it into gnome/kde.
- Some users want the opposite, only selected users should be able to
shutdown. What about just uninstalling the package enabling this
behavior? Also disabling CTRL-ALT-DELETE is possible by editing
/etc/inittab. But the problem remains: If the user has access to the
power-on button he/she can just turn off the power!!!
Thank you to the people who replied:
Owen Taylor <email@example.com>
Martin Fluch <firstname.lastname@example.org>
Jacob Berkman <email@example.com>
Bob Phan <firstname.lastname@example.org>
Sean Middleditch <email@example.com>
Jens Lautenbacher <firstname.lastname@example.org>
Lenz Grimmer <email@example.com>
Svante Signell <firstname.lastname@example.org> writes:
> I have been running redhat rawhide with enlightenment and gnome for
> some time now. Recently another machine got debian slink installed,
> upgraded to potato. In rawhide an ordinary user can log out of X,
> reboot or halt the computer, just by supplying the user password. How
> to enable this also in potato? (In potato the logout button in the
> gnome panel only enable you to exit from X!)
The shutdown/reboot functionality in the logout dialog
is based on a package called 'usermode' which build on top of
the PAM authentication system. usermode is a bit like
sudo in concept - it allows users to run certain commands
that they wouldn't normally have access to, based on
authentication through PAM. Usermode, however, is more useable in
GUI environments, more configurable in some ways (PAM is
almost infinitely configurable), and more transparent
to the user.
Potato does use PAM, at least in part, so it would be
possible to port usermode, though it wouldn't be
trivial, as Debian doesn't seem to be currently using the
pam-console part of PAM which is used to give special
privileges to users logged in at the console.
Actually, the dependence between gnome-session and usermode
for this facility is small - all gnome-session does is make
some simple checks to see if the facility is there, and
if it is there, adds the extra options and exec()'s a
given command upon logout instead of exiting. So it wouldn't
be at all hard to adapt to some other method of user