Bug 94895

Summary: Consider allow_inactive=yes for change-own-user-data
Product: accountsservice Reporter: Alkis Georgopoulos <alkisg>
Component: generalAssignee: Matthias Clasen <mclasen>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: medium CC: alkisg, marius.vollmer, rstrode, stefw
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: Allow remote/inactive users to change their own data.

Description Alkis Georgopoulos 2016-04-11 17:14:30 UTC 
Currently, data/org.freedesktop.accounts.policy.in specifies that a user must be active in order to set his own data.

X2go, LTSP etc users are considered remote, i.e. inactive, and they are not allowed to change their own user data without authentication.
This results in a different behaviour when they e.g. try to change their language in the `gnome-control-center user-accounts`.

Furthermore, in some distributions it has been observed that change-own-user-data authentication dialogs popup when changing VTs or when switching users or sometimes even with just gnome-screensaver, possibly because the distribution is trying to update the user data (e.g. to notify the UI that he has new mails) when the user's vt was not active.

Therefore I'd like to ask you to consider setting <allow_inactive>yes</allow_inactive> for change-own-user-data.

Ubuntu bug report: https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1512002

Thanks!
Comment 1 Alkis Georgopoulos 2016-05-20 14:40:00 UTC 
Ubuntu ended up accepting this patch:

https://bugs.launchpad.net/ubuntu/+source/policykit-1-gnome/+bug/1512002/comments/44
- <allow_any>auth_self</allow_any>
- <allow_inactive>auth_self</allow_inactive>
+ <allow_any>yes</allow_any>
+ <allow_inactive>yes</allow_inactive>

...so that it works both for inactive local sessions, and for remote sessions like LTSP/ssh.

Could you please merge it upstream, or comment if it's not appropriate for some reason?

Thank you!
Comment 2 Ray Strode [halfline] 2016-05-20 15:21:09 UTC 
seems okay to me.
Comment 3 Ray Strode [halfline] 2016-05-20 15:21:30 UTC 
can you attach a git formatted patch and i'll push it?
Comment 4 Alkis Georgopoulos 2016-05-20 17:47:12 UTC 
Created attachment 123943 [details] [review]
Allow remote/inactive users to change their own data.

I'm not very familiar with git, I hope the attached patch is OK.

Thank you!

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.