indicator-session menus are not policykit aware

Bug #474392 reported by Andrew Rigney
30
This bug affects 6 people
Affects Status Importance Assigned to Milestone
Session Menu
Confirmed
Low
Matthew Paul Thomas
indicator-session (Ubuntu)
Confirmed
Low
Unassigned
ltsp (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

indicator-session's shutdown, hibernate etc menus should check if the user has enough rights to invoke them, otherwise they should be hidden or grayed-out.
While some code for this already exists, it's not working correctly,
neither in 12.04 (consolekit)
nor in 14.04 (logind).

[Original description]
LTSP chroot client built with Ubuntu 9.10 Karmic shows Suspend, Hibernate, Restart and Shut Down in the logout menu 'indicator-applet-session'. These options should not be available to LTSP Clients. These options are not available with a 9.04 Jaunty built LTSP chroot. Previous bug fix that removed these items is bug #282610.

Revision history for this message
Oliver Grawert (ogra) wrote :

this is a buig in indicator session missing the patch from bug #282610

Changed in ltsp (Ubuntu):
status: New → Invalid
Changed in indicator-session (Ubuntu):
status: New → Confirmed
Revision history for this message
Andrew Rigney (ubuntultspadmin) wrote :

Has there been any resolution with this bug?

Changed in indicator-session (Ubuntu):
importance: Undecided → Low
Revision history for this message
Axel Beckert (xtaran) wrote :

Still present in Natty and very annoying as LTSP Thin Client users can shut down our terminal server. I wouldn't regard such a situation as priority low.

Revision history for this message
Axel Beckert (xtaran) wrote :

Oh, and IMHO this is a bug in LTSP in not providing proper configurations for ConsoleKit/PolicyKit. Indicator-Session just displays the stuff and is IMHO not where the real bug resides.

Revision history for this message
Evgeni Golov (evgeni) wrote :

Just my 2¢: indicator-session is just a gui, the user should not have the right to shutdown the machine in the first place (consolekit, policykit or whatever allows him to do so).

Revision history for this message
Alkis Georgopoulos (alkisg) wrote :

indicator-session should check if the user has the right to do those actions, and hide the menus if not.
The problem isn't LTSP specific, it also applies to ssh -X, xdmcp, nx, x2go and more.

I proposed an alternative approach in LP bug #491940, with a patch for gnome-session that made the indicator-session menus reboot/shutdown the LTSP client instead of the server. Unfortunately it never got accepted in Gnome, though a similar one was accepted in LXDE.

Revision history for this message
Lenin (gagarin) wrote :

what about the gui that appears with ctrl-alt-del allowing restart and poweroff?

Revision history for this message
Alkis Georgopoulos (alkisg) wrote :

That one is already policykit-aware, it grays out its options when the user has no reboot/shutdown rights.

Revision history for this message
Lenin (gagarin) wrote :

We now put the following file into /etc/polkit-1/localauthority/30-site.d/ch.ethz.phys.desktop.pkla
http://sid.ethz.ch/ch.ethz.phys.desktop.pkla
on the machines, and it works just fine.

Revision history for this message
Axel Beckert (xtaran) wrote : Re: [Bug 474392] Re: LTSP Clients show shutdown, hibernate in indicator-applet-session

Gürkan Sengün wrote:
> We now put the following file into
> /etc/polkit-1/localauthority/30-site.d/ch.ethz.phys.desktop.pkla
> http://sid.ethz.ch/ch.ethz.phys.desktop.pkla on the machines, and it
> works just fine.

... except that the indicator applet still shows the menu entries for
shutdown and restart (but they just log you out) while they are greyed
out in the dialog box you get when you press Ctrl-Alt-Delete.

So the fact that the menu entries are still shown is the remaining bug
in indicator-applet-session.

  Regards, Axel
--
 ,''`. | Axel Beckert <email address hidden>, http://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
  `- | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5

summary: - LTSP Clients show shutdown, hibernate in indicator-applet-session
+ indicator-session menus are not policykit aware
description: updated
Changed in indicator-session:
status: New → Confirmed
Revision history for this message
Alkis Georgopoulos (alkisg) wrote :

In Trusty, the relevant code has been rewritten to use logind instead of consolekit:
http://bazaar.launchpad.net/~indicator-applet-developers/indicator-session/trunk.14.04/revision/388

But note that when invoking org.freedesktop.login1.Manager->CanPowerOff() from a remote session, its output is:
"challenge"
instead of "yes" that an active (local) session produces.

That means that when indicator-session calls org.freedesktop.login1.Manager->PowerOff() with a "false" parameter to prevent prompting, then PowerOff() does nothing.

So, indicator-session should either
1) Hide the actions that return "challenge", or
2) Enable the prompt when the action specified "challenge".

(2) would allow remote users to shutdown the server, so I think everyone in this bug report prefer (1). :)

description: updated
Revision history for this message
Iain Lane (laney) wrote :

For anyone who might want to write a patch for this; I think the target areas are service.c:575 and backend-dbus/actions.c. You'll want to hook up CanReboot and CanPowerOff to the visibility functions, and hide Shut Down when that says you can't do it, AFAICS.

Changed in indicator-session:
assignee: nobody → Matthew Paul Thomas (mpt)
Changed in indicator-session:
importance: Undecided → Low
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.