Re: shutdown from gnome logout dialog

To: Xavier Bestel <xavier.bestel@free.fr>
Cc: debian-gtk-gnome@lists.debian.org
Subject: Re: shutdown from gnome logout dialog
From: Thomas Morin <t0m@free.fr>
Date: Tue, 16 Sep 2003 09:34:08 +0200
Message-id: <[🔎] 1063697648.3f66bcf081841@webmail.treizh.net>
In-reply-to: <[🔎] 1063658244.5705.8.camel@bip.parateam.prv>
References: <[🔎] 3F660DBF.6000107@free.fr> <[🔎] 1063658244.5705.8.camel@bip.parateam.prv>

Selon Xavier Bestel <xavier.bestel@free.fr>:
 | Le lun 15/09/2003 à 21:06, Thomas Morin a écrit :
 | 
 | > Here is the principle I propose :
 | >   - at logout, gnome-session proposes the reboot and halt options to the
 | user
 | >   - if halt [or reboot] is chosen, a $HOME/.gdm-halt file [or
 | .gdm-reboot]
 | >     file is created
 | >   - in the gdm PostSession script (which is run by gdm as root), the
 | >     existence of those files is tested
 | >   - if one of them exists and if the configuration allows, shutdown
 | >     (or reboot) of the workstation is triggered
 | 
 | I see a problem with this approach: in the case of an NFS-mounted home
 | directory, several bad things can happen (like root not being able to
 | delete the user-owned .gdm-* files, or two computers rebooting when they
 | mount the same NFS directory).

That's right.

 | Perhaps there should be a mean to
 | communicate with a precise session only.

Well this wasn't meant to be a clean and definitive solution. As suggested
by gdm maintainer (<jirka@5z.com>), the solution is to use the gdm socket
created in /tmp, which is already use as a communication link between gdm and
gdmflexiserver, and which uses the X MIT cookie as an authentication token.

But this is too late for Gnome 2.4, that's why I made this hack, which I
wouldn't consider good enough for a multiserver/multiuser/multidisplay setup 
(I would suggest a Debconf question about enabling it or not, suggesting NOT
to use it in a multi(server|user|display) setup).

But I think the problem you highlight can be solved if we use /tmp instead of
/home : securely create a subdir in /tmp ( /tmp/.$USER-ask-gdm/ ) and put the
halt or reboot files in this dir. I think we can assume /tmp isn't shared by
two servers right ? This (I think) solves the problem of risking shutting down
more than one server.

Another problem that might occur : halt file is created from one session
logout, another session (same user, same server) logs out, and server is shot
down by the second session gdm, and not by the first. 
This can happen if:
 1 - user creates the halt file without logging out  
     => "user error"
 2 - halt file is created but the session is not closed (gnome-session 
   bug or interruption by a dialog about a soft that's not session 
   managed etc.)
     => not very likely to happen IMHO
 3 - race condition between the two logouts 
     => the server will be shutdown anyway

To avoid the problem, we can include the DISPLAY in the subdir name.

What would you think about those improvements ?
Do they solve the problems for you ?

Cheers,

-Thomas

Reply to:

Follow-Ups:
- Re: shutdown from gnome logout dialog
  - From: Sven Luther <sven.luther@wanadoo.fr>

References:
- shutdown from gnome logout dialog
  - From: Thomas Morin <t0m@free.fr>
- Re: shutdown from gnome logout dialog
  - From: Xavier Bestel <xavier.bestel@free.fr>

Prev by Date: Re: shutdown from gnome logout dialog
Next by Date: Re: shutdown from gnome logout dialog
Previous by thread: Re: shutdown from gnome logout dialog
Next by thread: Re: shutdown from gnome logout dialog
Index(es):
- Date
- Thread