Bug#1026101: xfce4-session: xfce4 logout dialog disables shutdown when polkit demands auth
Package: xfce4-session
Version: 4.16.0-1
Severity: normal
X-Debbugs-Cc: avforbus@gmail.com
Dear Maintainer,
I have this pkla in my polkit directories:
[multiuser stop auth]
Identity=unix-user:*
Action=org.freedesktop.login1.power-off-multiple-sessions
ResultActive=auth_self_keep
the idea is, that when trying to shutdown while another account is open, the user will be prompted. she IS authorized to shutdown, only need to confirm that the implications are clear. showing a password dialog serves this perfectly.
(note: even if setting auth_admin, this bug is still an issue.)
now, when I select "log out" from xfce menu, the shutdown option is greyed out and disabled.
the expected behavior (which worked on 4.12.1-6) is that the option will be enabled, and an authorization agent will run (e.g. password dialog will open) if selected.
please review the following patch, which fixes the problem in my system:
--- xfce4-session-4.16.0.orig/xfce4-session/xfsm-shutdown.c
+++ xfce4-session-4.16.0/xfce4-session/xfsm-shutdown.c
@@ -234,10 +234,7 @@ xfsm_shutdown_try_restart (XfsmShutdown
if (shutdown->systemd != NULL)
{
- if (xfsm_systemd_try_restart (shutdown->systemd, NULL))
- {
- return TRUE;
- }
+ return (xfsm_systemd_try_restart (shutdown->systemd, NULL));
}
else if (shutdown->consolekit != NULL)
{
@@ -263,10 +260,7 @@ xfsm_shutdown_try_shutdown (XfsmShutdown
if (shutdown->systemd != NULL)
{
- if (xfsm_systemd_try_shutdown (shutdown->systemd, NULL))
- {
- return TRUE;
- }
+ return (xfsm_systemd_try_shutdown (shutdown->systemd, NULL));
}
else if (shutdown->consolekit != NULL)
{
@@ -417,8 +411,7 @@ xfsm_shutdown_can_restart (XfsmShutdown
if (shutdown->systemd != NULL)
{
- if (xfsm_systemd_can_restart (shutdown->systemd, can_restart, error))
- return TRUE;
+ return (xfsm_systemd_can_restart (shutdown->systemd, can_restart, error));
}
else if (shutdown->consolekit != NULL)
{
@@ -447,8 +440,7 @@ xfsm_shutdown_can_shutdown (XfsmShutdown
if (shutdown->systemd != NULL)
{
- if (xfsm_systemd_can_shutdown (shutdown->systemd, can_shutdown, error))
- return TRUE;
+ return (xfsm_systemd_can_shutdown (shutdown->systemd, can_shutdown, error));
}
else if (shutdown->consolekit != NULL)
{
@@ -478,10 +470,7 @@ xfsm_shutdown_can_suspend (XfsmShutdown
if (shutdown->systemd != NULL)
{
- if (xfsm_systemd_can_suspend (shutdown->systemd, can_suspend, auth_suspend, NULL))
- {
- return TRUE;
- }
+ return (xfsm_systemd_can_suspend (shutdown->systemd, can_suspend, auth_suspend, NULL));
}
else if (shutdown->consolekit != NULL)
{
@@ -514,10 +503,7 @@ xfsm_shutdown_can_hibernate (XfsmShutdow
if (shutdown->systemd != NULL)
{
- if (xfsm_systemd_can_hibernate (shutdown->systemd, can_hibernate, auth_hibernate, NULL))
- {
- return TRUE;
- }
+ return (xfsm_systemd_can_hibernate (shutdown->systemd, can_hibernate, auth_hibernate, NULL));
}
else if (shutdown->consolekit != NULL)
{
@@ -550,10 +536,7 @@ xfsm_shutdown_can_hybrid_sleep (XfsmShut
if (shutdown->systemd != NULL)
{
- if (xfsm_systemd_can_hybrid_sleep (shutdown->systemd, can_hybrid_sleep, auth_hybrid_sleep, NULL))
- {
- return TRUE;
- }
+ return (xfsm_systemd_can_hybrid_sleep (shutdown->systemd, can_hybrid_sleep, auth_hybrid_sleep, NULL));
}
else if (shutdown->consolekit != NULL)
{
--- xfce4-session-4.16.0.orig/xfce4-session/xfsm-systemd.c
+++ xfce4-session-4.16.0/xfce4-session/xfsm-systemd.c
@@ -157,7 +157,7 @@ xfsm_systemd_can_method (XfsmSystemd *s
if (dbus_ret != NULL)
{
g_variant_get (dbus_ret, "(&s)", &str);
- if (!strcmp (str, "yes"))
+ if (strcmp (str, "no")) // might be "yes" or "challenge"
*can_method = TRUE;
}
note: this patch solves another related problem too. without it, if I directly run "xfce4-session-logout -h", I am prompted for a password, but the shutdown is then carried out even if I fail to authorize! this is fixed in the above patch too, as the first available policy method is the only one that is used, even if it disallows the action. I assume that's the idea of a system that is configured to prevent unauthroized power action.
-- System Information:
Debian Release: 11.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable'), (100, 'bullseye-fasttrack'), (100, 'bullseye-backports-staging')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_IL, LC_CTYPE=en_IL (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages xfce4-session depends on:
ii libatk1.0-0 2.36.0-2
ii libc6 2.31-13+deb11u5
ii libcairo2 1.16.0-5
ii libgdk-pixbuf-2.0-0 2.42.2+dfsg-1+deb11u1
ii libglib2.0-0 2.66.8-1
ii libgtk-3-0 3.24.24-4+deb11u2
ii libice6 2:1.0.10-1
ii libpango-1.0-0 1.46.2-3
ii libpolkit-gobject-1-0 0.105-31+deb11u1
ii libsm6 2:1.2.3-1
ii libwnck-3-0 3.36.0-1
ii libx11-6 2:1.7.2-1
ii libxfce4ui-2-0 4.16.0-1
ii libxfce4util7 4.16.0-1
ii libxfconf-0-3 4.16.0-2
ii x11-xserver-utils 7.7+8
ii xfce4-settings 4.16.0-1
ii xfconf 4.16.0-2
Versions of packages xfce4-session recommends:
ii dbus-user-session [default-dbus-session-bus] 1.12.24-0+deb11u1
ii dbus-x11 [dbus-session-bus] 1.12.24-0+deb11u1
ii libpam-systemd [logind] 247.3-7+deb11u1
ii light-locker 1.8.0-3
ii systemd-sysv 247.3-7+deb11u1
ii upower 0.99.11-2
ii xfdesktop4 4.16.0-1
ii xfwm4 4.16.1-1
Versions of packages xfce4-session suggests:
pn fortunes-mod <none>
ii sudo 1.9.5p2-3
-- no debconf information
Reply to: