Re: SOLVED: [gentoo-user] System shutdown from within Xfce

2006-01-04 Thread Michael Kjorling 
On 2006-01-04 11:09 -0600, [EMAIL PROTECTED] wrote:
>> I can now shut down and reboot from within the GUI, and it doesn't
>> seem to have opened any obvious other security holes.
> 
> well, except ANY user in your wheel group can shut down your
> box.not saying that's a bad thing, but you need to know who all
> is in it...

Yes, I am perfectly aware of that and it is also what I want. Of
course my account is the only one besides root that is in the wheel
group, but that's my own headache. :)
 
-- 
Michael Kjörling, [EMAIL PROTECTED] - http://michael.kjorling.com/
* ASCII Ribbon Campaign: Against HTML Mail, Proprietary Attachments *
* . No bird soars too high if he soars with his own wings . *


pgp43RWBEZyvc.pgp
Description: PGP signature

Re: SOLVED: [gentoo-user] System shutdown from within Xfce

2006-01-04 Thread John Jolet 


On Jan 4, 2006, at 11:23 AM, Michael Kjorling wrote:


On 2006-01-04 11:09 -0600, [EMAIL PROTECTED] wrote:

I can now shut down and reboot from within the GUI, and it doesn't
seem to have opened any obvious other security holes.


well, except ANY user in your wheel group can shut down your
box.not saying that's a bad thing, but you need to know who all
is in it...


Yes, I am perfectly aware of that and it is also what I want. Of
course my account is the only one besides root that is in the wheel
group, but that's my own headache. :)

sorry, too much time spent pointing out the obvious to management  
lately :)

--
Michael Kjörling, [EMAIL PROTECTED] - http://michael.kjorling.com/
* ASCII Ribbon Campaign: Against HTML Mail, Proprietary Attachments *
* . No bird soars too high if he soars with his own wings . *



--
gentoo-user@gentoo.org mailing list

Re: SOLVED: [gentoo-user] System shutdown from within Xfce

2006-01-04 Thread John Jolet 


On Jan 4, 2006, at 10:53 AM, Michael Kjorling wrote:


On 2006-01-04 08:07 -0600, [EMAIL PROTECTED] wrote:

what you put was let wheel group run the shutdown command as
vukyou want to replace vuk with root.


There we go, thank you! For the benefit of the archives, this is what
I got in the end and which works (\t is tab):

%wheel\tALL=(root)\tNOPASSWD: /usr/libexec/xfsm-shutdown-helper

I can now shut down and reboot from within the GUI, and it doesn't
seem to have opened any obvious other security holes.

well, except ANY user in your wheel group can shut down your  
box.not saying that's a bad thing, but you need to know who all  
is in it...



--
Michael Kjörling, [EMAIL PROTECTED] - http://michael.kjorling.com/
* ASCII Ribbon Campaign: Against HTML Mail, Proprietary Attachments *
* . No bird soars too high if he soars with his own wings . *



--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] System shutdown from within Xfce

2006-01-04 Thread John Jolet 


On Jan 4, 2006, at 7:43 AM, <[EMAIL PROTECTED]> wrote:

You have to set yourself up to be able do shutdown and reboot if  
desired.  Do this in the sudoers file.  I don't have my setup where  
I can reach it at this moment but if you need I can post it later  
tonight.



what you wanted was %wheel  (root)  shutdowncommand

what you put was let wheel group run the shutdown command as  
vukyou want to replace vuk with root.




From: Michael Kjorling <[EMAIL PROTECTED]>
Date: 2006/01/04 Wed AM 08:26:16 EST
To: gentoo-user@lists.gentoo.org
Subject: [gentoo-user] System shutdown from within Xfce




--
gentoo-user@gentoo.org mailing list



--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] System shutdown from within Xfce

2006-01-04 Thread brettholcomb 
You have to set yourself up to be able do shutdown and reboot if desired.  Do 
this in the sudoers file.  I don't have my setup where I can reach it at this 
moment but if you need I can post it later tonight.

> 
> From: Michael Kjorling <[EMAIL PROTECTED]>
> Date: 2006/01/04 Wed AM 08:26:16 EST
> To: gentoo-user@lists.gentoo.org
> Subject: [gentoo-user] System shutdown from within Xfce
> 
> 

-- 
gentoo-user@gentoo.org mailing list

[gentoo-user] System shutdown from within Xfce

2006-01-04 Thread Michael Kjorling 
I run Xfce 4.2.3.2 and want to be able to shut down my system from
within X. At the moment I have to log in as root and then issue a
shutdown command, but Xfce is supposed to support doing this through
the GUI.

Looking around turned up the Xfce documentation and specifically
,
which says I need sudo and the right to execute xfsm-shutdown-helper
as root. OK, so I emerged app-admin/sudo and added the following line
at the end of /etc/sudoers using visudo:

%wheel  vuk=/usr/libexec/xfsm-shutdown-helper   NOPASSWD

(Those are tabs.) My system is named vuk, I am a member of the wheel
group, and /etc/hosts says:

vuk ~ # grep vuk /etc/hosts
127.0.0.1   vuk.kjorling.com vuk localhost
::1 ip6-localhost vuk ip6-loopback
vuk ~ # 

Still, trying "sudo /usr/libexec/xfsm-shutdown-helper" from the
command line gives me:

[EMAIL PROTECTED] ~ $ sudo /usr/libexec/xfsm-shutdown-helper
Password: (trying the root password)
Sorry, try again.
Password: (^C)
sudo: 1 incorrect password attempt
[EMAIL PROTECTED] ~ $ sudo /usr/libexec/xfsm-shutdown-helper
Password: (trying my own password)
Sorry, user michael is not allowed to execute 
'/usr/libexec/xfsm-shutdown-helper' as root on vuk.
[EMAIL PROTECTED] ~ $ 

...and the options to shut down or reboot are still grayed out in the
Xfce quit dialog box.

I checked /etc/group and did not find any obvious group I should add
myself to (say, `sudoers' or something like that). I use PAM and
/etc/pam.d/sudo (autogenerated) uses system-auth for auth, account,
password and session.

Am I missing something here?

-- 
Michael Kjörling, [EMAIL PROTECTED] - http://michael.kjorling.com/
* ASCII Ribbon Campaign: Against HTML Mail, Proprietary Attachments *
* . No bird soars too high if he soars with his own wings . *


pgpjIsoxBCjfw.pgp
Description: PGP signature