On 26/06/14 13:33, Svante Signell wrote: > Of course with the additional check that the students are logged in to > that box locally, did I forget to mention that?
Apparently yes. So you'll still need some solution to "is this user local?" - either an implementation of the systemd-logind API (preferred, at this point, if you want anything you didn't write to talk to it), an implementation of the ConsoleKit API, something else that uses a PAM module as its basis for tracking who is logged in locally/remotely, or something involving utmp/wtmp/other traditions. utmp(5) says "many system programs (foolishly) depend on its integrity" so be very careful with security implications if you go that way. I wouldn't want anything relying on utmp for its security on my systems. > Another point is of course is that if you are locally connected to > your/somebody else's computer nothing is hindering you from pushing the > on/off button or pull the plug (except physically). Is shutting off a > computer really a problem, normally multi-available ones are always on? That's valid, and is exactly the rationale for a recent systemd version (post-wheezy, I think) changing its default policy to "locally-logged-in users may power off even if there are other users logged in; non-local users must authenticate as root-equivalent". Recent GNOME will give you an "are you sure?" prompt if there are other users logged in, but no more than that. Earlier systemd versions matched the previous behaviour with ConsoleKit, which was "a local user may power off without root-equivalent authentication, but only if they are the only one logged-in". The reason I say "its default policy" is that the reason PolicyKit has that name is that apps only provide a *default* policy, and distributors and sysadmins can override it with an alternative policy (more lenient, more strict, group-based, time-based, whatever) if the default is unacceptable for their environment. A "kiosk" or shared-computer-lab installation might override logind's default policy with one requiring root-equivalence to power off, for instance. tl;dr: these frameworks were not invented just to troll you, they do have a purpose :-) S -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53ac17ad.3090...@debian.org