It's unclear to me whether this case is for the new GDM and ConsoleKit,
or for what has already been put back. In any case, here's the whole
story.
1. Background: mechanisms to invoke regular (slow) reboot and fast reboot
1.1 One time
1.1.1 Rebooting with "-p" or "-f" option
# reboot -p /* Regular reboot */
# reboot -f /* Fast reboot */
1.1.2 Adding transient property group
The transient property group only exists for and affects
the next reboot.
/*
* Set Fast Reboot by default for next reboot only
*/
# svccfg -s "system/boot-config:default" addpg config_ovr P
# svccfg -s "system/boot-config:default" \
setprop config_ovr/fastreboot_default=boolean: true
/*
* Disable Fast Reboot by default for next reboot only
*/
# svccfg -s "system/boot-config:default" addpg config_ovr P
# svccfg -s "system/boot-config:default" \
setprop config_ovr/fastreboot_default=boolean: false
After adding the property group and setting the property
value, "reboot" or "init 6" will do fast reboot (or not)
depending on the setting.
1.1.3 Using interface provided by libscf
int scf_fastreboot_default_set_transient(boolean_t val);
To invoke:
/*
* Set Fast Reboot by default for next reboot only
*/
scf_fastreboot_default_set_transient(B_TRUE);
/*
* Disable Fast Reboot by default for next reboot only
*/
scf_fastreboot_default_set_transient(B_FALSE);
"reboot" and "init 6" after calling the above functions
will do fast reboot by default (if true) or not (if
false).
Option 1.1.1 requires solaris.system.shutdown authorization, which
a ConsoleUser has; options 1.1.2 and 1.1.2 requires all Solaris
authorizations. There is no mechanism in the current SMF framework
to grant such service-based authorization. To add such support
requires additional framework in SMF, whose design is in progress,
but will not be available for the next OpenSolaris release.
There's actually no ETA for the framework at this point.
1.2 Persistent
1.2.1 Disable Fast Reboot
# svccfg -s "system/boot-config:default" \
setprop config/fastreboot_default=false
# svcadm refresh boot-config
1.2.2 Enable Fast Reboot
# svccfg -s "system/boot-config:default" \
setprop config/fastreboot_default=false
# svcadm refresh boot-config
These options require solaris.system.shutdown authorization, which a
ConsoleUser has.
2. Options for GDM
2.1 With unmodified HAL
Currently GDM uses the interfaces provided by HAL. hald runs
as a privileged process and checks for required
authorizations. If the caller has sufficient authorization to,
say reboot, it will invoke hal-system-power-reboot-sunos.sh.
A straightforward implementation would to to add a
hal-system-power-reboot-regular-sunos.sh
which calls the 1.1.2 interfaces to do regular reboot, and
hal-system-power-reboot-fast-sunos.sh
to do fast reboot.
However it has been communicated to me that HAL will be EOL'ed
and replaced by ConsoleKit, therefore there's no point of
making changes in HAL. Without modifying HAL, and without the
additional framework in SMF, the only option we have was to set
the properties directly. It's definitely not the desirable
solution, but one that we can quickly put in place for the
meantime.
2.2 With ConsoleKit
We should modify ConsoleKit to implement option 1.1.2.
I have looked at the ConsoleKit briefly, and this was what I
suggested. (Brian didn't think I understood ConsoleKit's
constrains when I made the suggestion.) I believe implementing
1.1.2 (or 1.1.3 if ConsoleKit would rather call a library
interface) is the correct long term solution.
============================================================
Date: Wed, 05 Aug 2009 14:45:10 -0700
From sherry.moore at sun.com Wed Aug 5 14:42:11 2009
From: Sherry Moore <sherry.moore at sun.com>
To: Brian Cameron <Brian.Cameron at sun.com>, Calum.Benson at sun.com,
Lin.Guo at sun.com, darren.kenny at sun.com, Jedy.Wang at
sun.com
Cc: Truong Nguyen <Truong.Q.Nguyen at sun.com>
Subject: Extending ConsoleKit to support menu selection and setting
Hi guys,
I looked at the ConsoleKit code, and these are the additions I think
need to be made:
src/ck-manager.{h,c}:
Add
ck_manager_menu_set_fastreboot_default
which calls
svccfg -s "system/boot-config:default"
addpg config_ovr P
svccfg -s "system/boot-config:default" \
setprop config_ovr/fastreboot_default=boolean: true
ck_manager_menu_selection
which calls
bootadm list-menu
ck_manager_menu_set
which calls
bootadm set-menu n
data/org.freedesktop.consolekit.policy:
Add
org.freedesktop.consolekit.system.set-fastreboot-default
org.freedesktop.consolekit.system.menu-select
org.freedesktop.consolekit.system.menu-set
On the GDM side, I can't find the actual file that issues the following
command.
dbus-send --system --dest=org.freedesktop.ConsoleKit \
--type=method_call --print-reply --reply-timeout=2000 \
/org/freedesktop/ConsoleKit/Manager \
org.freedesktop.ConsoleKit.Manager.Restart
I imagine the guts of the code will look something like this:
message = dbus_message_new_method_call("org.freedesktop.ConsoleKit",
"/org/freedesktop/ConsoleKit/Manager",
"org.freedesktop.ConsoleKit.Manager",
"Set-Fastreboot-Deault");
val = TRUE;
dbus_message_append_args(message, DBUS_TYPE_BOOLEAN, &val,
DBUS_TYPE_INVALID);
...
============================================================
I am not having much success buildng gdm and consolekit in my build
environments therefore it's difficult for me to experiment. I would be
happy to help resolve the issues if someone can help me build these
software components.
Thanks,
Sherry
On Mon, Aug 24, 2009 at 12:43:57PM +0100, Darren J Moffat wrote:
> Jedy Wang wrote:
>>> But it does have the ability to change the system default - that
>>> seems wrong.
>> Hi Darren,
>>
>> Yes, it can change the value of an existing property. But to make the
>> option only affect the system once, a new property
>> (config/fastreboot_over? I think) has to be created, and gnome-panel
>> does not have the privilege to create the property.
>
> Terminology is important here gnome-panel is not running with privilege.
> It is the user that gnome-panel is running as that has the
> authorisation to change the property.
>
> svc:/system/boot-config:default
>
> has:
>
> general/action_authorization astring solaris.system.shutdown
> general/value_authorization astring solaris.system.shutdown
>
> If the user is on /dev/console then they will have that authorisation
> granted to them via the "Console User" RBAC profile.
>
> The fact that a new property has to be created strongly hints to me that
> there is some architecture problem here. It might be with this case it
> might be with the fast reboot case. Or it could even be something with
> SMF.
>
> Ticking or unticking the box should be equivalent to running "reboot -f"
> or "reboot -p".
>
> This might be easier to resolve if there was away for init(1M) to pass
> the reboot intent (fast or prom) of what kind of reboot we want - in
> addition to having an SMF property for the default.
>
>>> Does this work at all if the user doesn't have "Primary
>>> Administrator" profile assigned and only has "Console User" ?
>>
>> I think it works if the user doesn't have "Primary Administrator"
>> profile assigned and only has "Console User" ? Sherry, is this correct?
>
> It will work because of the above. However, I think changing the system
> wide default is the wrong thing to do. It certainly isn't what I would
> expect of this behaviour. I expect it to be a one time change if I tick
> or untick that box.
>
> --
> Darren J Moffat
--
Sherry Moore, Solaris Core Kernel http://blogs.sun.com/sherrym
