Jedy Wang schrieb: >> In another mail in this thread I wrote: >> >> "One way to do that is to add a privileged helper that checks for the >> solaris.system.shutdown authorization and then sets the transient >> override (probably using method 1.1.3). It might be simplest to make >> that helper setuid 0, because a mechanism that uses a "Shutdown User" >> profile to do this via pfexec is harder to remove, if the issue gets >> fixed on the fast reboot or SMF end." > > Hi Joerg, > > Thanks for you advice. I think we do not need a new "helper" in this > case, because ConsoleKit can do this for us. It runs with root privilege > and it's easy to add new interfaces to it to support fast reboot. >
Wrt ConsoleKit: I share the concerns that it isn't entirely clear which DBus service should become the single, authoritative service to provide system reboot/shutdown (and suspend, etc) services. These interfaces look a bit out of place on ConsoleKit. The only reasons I can see for them being there is - ConsoleKit is the place where it is known that a user is 'on the console', i.e. that notion can be more clearly and flexibly expressed by combining the notion of ConsoleKit seats with PolicyKit (or isn't that going away in favor of 'polkit' nowadays?) rules than by using "logged in on '/dev/console'". (How does /dev/console ownership translate in times of VTs?) This would make these interfaces look misplaced in Solaris, as we are not using PolicyKit/polkit for these things (yet?). And it would indicate that ConsoleKit is in the game for checking authorization, but does not imply that it is the proper place to implement the functionality (and all the boot knobs - fast vs. bios, change of BE, etc). - GDM needs them and is based on ConsoleKit. That would make this mere convenience. GDM could easily make use of another service. It would be good to have a longer term architectural vision here, as that would determine how much of this should be exposed by ConsoleKit. And I don't know how much platform-specific interface would be acceptable for ConsoleKit. BTW: Is there any interaction between the gdm user and the 'Console User' status? The gdm user probably should never be considered the console owner, even if a greeter is running on the console. I hope that is the case .... - J?rg -- Joerg Barfurth phone: +49 40 23646662 / x66662 Software Engineer mailto:joerg.barfurth at sun.com Desktop Technology http://reserv.ireland/twiki/bin/view/Argus/ Thin Client Software http://www.sun.com/software/sunray/ Sun Microsystems GmbH http://www.sun.com/software/javadesktopsystem/
