Bug 17862

Summary: consolekit doesn't allow shutdown or restart if not built with policykit
Product: ConsoleKit Reporter: Gilles Dartiguelongue <gilles.dartiguelongue>
Component: DaemonAssignee: william.jon.mccann
Status: RESOLVED NOTABUG QA Contact:
Severity: normal    
Priority: medium CC: pachoramos1, remi
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: consolekit-0.3.0-shutdown.patch

Description Gilles Dartiguelongue 2008-10-01 15:01:49 UTC 
Created attachment 19333 [details] [review]
consolekit-0.3.0-shutdown.patch

Hi there,

consolekit is 2.24 (released on 25th september) used by gnome-session session manager to shutdown/restart computer. 

Problem is that it now requires policykit or it miserably fails by not showing buttons expected by the user at all. This is a giant regression (why would I be forbidden to shutdown my own self personnal computer I ask ???) and so Rémi Cardona and I took some work time this morning to figure out the issue.

Besides some strange (to say the least) ways of gnome-session, consolekit actually doesn't allow user to shutdown if policykit or rbac support isn't enabled. There is a nice warning message btw, but then why goto out and just skip the interesting part ?

Here is a nice patch (against git master/HEAD) that just drops the goto since I believe there is no point in (dis)enabling policykit for just one package and that it should be on or off but a system wide setting. Thanks for considering.
Comment 1 william.jon.mccann 2008-10-02 11:04:14 UTC 
Your intention is that in your distro any user will be able to reboot or power-off the computer at any time?

That seems a bit crazy to me.
Comment 2 Gilles Dartiguelongue 2008-10-02 11:52:28 UTC 
(In reply to comment #1)
> Your intention is that in your distro any user will be able to reboot or
> power-off the computer at any time?

_IF_ one wishes it, yes let them do what they want.

Policykit is good for a lot of use cases but those are imho more oriented for large deployments/multiseats and the like, but for computer with merely one user eventually doing a fast-user-switch for 15 minutes to lend the box to say his/her {girl,boy}friend, I don't see the point of putting a _complex_ policy system in place. How often do you see people messing with policy in say win XP or even mac os ? (this probably also has to do with defaults, but well I hope you see the point)

> That seems a bit crazy to me.

Ah well, I'm probably crazy indeed. ;)
Comment 3 Rémi Cardona 2008-10-03 04:17:38 UTC 
(In reply to comment #1)
> Your intention is that in your distro any user will be able to reboot or
> power-off the computer at any time?

The thing is, we went from a standalone GDM setup where users could easily turn the computer off, to a more complicated setup involving GDM, PolicyKit, ConsoleKit and probably others, with a complexity blown by 2 orders of magnitude.

> That seems a bit crazy to me.

From a security point of view, it most certainly is. But from a features point of view, it's a significant improvement.

Or is there another way to achieve the same results?

Thanks
Comment 4 william.jon.mccann 2009-02-11 15:30:16 UTC 
I think at least on Linux we are going to continue to rely on PolicyKit as an authorization framework.  If you don't want to be prompted then you can set the policy accordingly.
Comment 5 Mart Raudsepp 2009-02-12 06:24:35 UTC 
You have patches that allow Gentoo users to have USE=-policykit IF they so CHOOSE themselves. Please review the patch and consider applying it, so we don't have to keep carrying this patch for eternity. We are not requesting any patch creation work from upstream at this point. Thank you.
Comment 6 Gilles Dartiguelongue 2009-02-12 06:37:10 UTC 
to be more precise we just ask to keep a path that is not dependent on a security mecanism that might be unwanted on a machine where you are root and the only user anyway (although I don't want to run my gnome as root).
Comment 7 william.jon.mccann 2009-02-12 10:55:21 UTC 
I think we are going to continue to rely on PolicyKit for an authorization framework, at least on Linux.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.