Re: shutdown from within gnome

[Johannes Rohr <j.rohr@gmx.de>]

James Strandboge <jstrand1@rochester.rr.com> writes:

> On Wed, 2003-08-13 at 11:38, John R Lenton wrote:
>> On Wed, Aug 13, 2003 at 04:04:40PM +0200, Sven Luther wrote:
>> > On Wed, Aug 13, 2003 at 09:38:29AM -0300, John R Lenton wrote:
>> > > 
>> > > but now it's only "how do I get reboot to reboot" and not "how do I
>> > > get the logout dialog to ask for reboot". I know how to handle the
>> > > first, I didn't know how to handle the second.
>> > 
>> > And how do you do that ? I think it is the more difficult and
>> > problematic of the two.
>> 
>> you configure gnome-session with --with-halt-command=userhalt, and
>> make userhalt a setuid root program that calls /sbin/halt.
>
> The problem is that the /var/run/console stuff is redhat specfic (I
> haven't looked at it, but based on the begin of this thread, it is
> pam.d/reboot).  

Yes, they are using a modified pam which includes pam_console.so. It
allows any local user to shut down or reboot.

I've tried to get RedHats usermode package running on Debian, but
without RedHat's pam, it's useless.

> Once you know what redhat did, this certainly is easy, I am just
> trying to bring us back to the point that the bug report referenced
> is a distribution agnostic way for gnome-session to handle the
> shutdown options.  Of course, the distribution still has to come up
> with the method of authenticating the user.

Why not look at how KDM solves the same issue? Since KDE 2.2.x (?!?)
you can shutdown from the KDE logout prompt if KDE is running. So I
guess the KDE session manager somehow tells KDM to shutdown/reboot. So
you don't need any potentially vulnerable suid programs.

Thanks,

Johannes


-- 
~/.signature under construction