Hello To do tests I made a new Arch Linux (x86_64) base installation running in qemu/kvm with systemd-210-3 and polkit-0.112-1 to discard any weird thing on my system.
I can reboot/poweroff/suspend/hibernate the system with a normal user logged from a local VT or remote SSH does not care. I can not disable this even with a set of polkit rules. I am sure that this works fine before (maybe systemd-204 age?) The weird thing here, is that If I ask to login1 about "Can*" methods it returns 'no'. Also system can be rebooted or poweroff if other users are logged on the system (i.e root on tty1). I have another question: If polkit is not installed at all, what is supposed to happens on these actions? Because I can reboot/poweroff/etc by default, is this right? Thanks in advance. [djgera@host322 ~]$ loginctl show-user djgera UID=1000 GID=1000 Name=djgera Timestamp=Sun 2014-03-09 19:29:33 ART TimestampMonotonic=16659804 RuntimePath=/run/user/1000 Service=user@1000.service Slice=user-1000.slice State=active IdleHint=no IdleSinceHint=0 IdleSinceHintMonotonic=0 Linger=no [djgera@host322 ~]$ loginctl show-session 1 Id=1 Name=djgera Timestamp=Sun 2014-03-09 19:29:33 ART TimestampMonotonic=16673677 VTNr=0 Remote=yes RemoteHost=192.168.0.77 Service=sshd Scope=session-1.scope Leader=166 Audit=1 Type=tty Class=user Active=yes State=active IdleHint=no IdleSinceHint=0 IdleSinceHintMonotonic=0 [djgera@host322 ~]$ gdbus call --system --dest org.freedesktop.login1 --object-path /org/freedesktop/login1 --method org.freedesktop.login1.Manager.CanReboot ('no',) [djgera@host322 ~]$ gdbus call --system --dest org.freedesktop.login1 --object-path /org/freedesktop/login1 --method org.freedesktop.login1.Manager.Reboot true () Connection to 192.168.0.218 closed by remote host. Connection to 192.168.0.218 closed. [djgera@host322 ~]$ reboot User root is logged in on tty1. Please retry operation after closing inhibitors and logging out other users. Alternatively, ignore inhibitors and users with 'systemctl reboot -i'. [djgera@host322 ~]$ gdbus call --system --dest org.freedesktop.login1 --object-path /org/freedesktop/login1 --method org.freedesktop.login1.Manager.Reboot true () Connection to 192.168.0.218 closed by remote host. Connection to 192.168.0.218 closed. [djgera@exequiel ~]$ ------------------------------------- /etc/polkit-1/rules.d/69-djgera.rules polkit.addRule(function(action, subject) { if (action.id == "org.freedesktop.login1.power-off" || action.id == "org.freedesktop.login1.power-off-ignore-inhibit" || action.id == "org.freedesktop.login1.power-off-multiple-sessions" || action.id == "org.freedesktop.login1.reboot" || action.id == "org.freedesktop.login1.reboot-ignore-inhibit" || action.id == "org.freedesktop.login1.reboot-multiple-sessions" || action.id == "org.freedesktop.login1.hibernate" || action.id == "org.freedesktop.login1.hibernate-ignore-inhibit" || action.id == "org.freedesktop.login1.hibernate-multiple-sessions" || action.id == "org.freedesktop.login1.suspend" || action.id == "org.freedesktop.login1.suspend-ignore-inhibit" || action.id == "org.freedesktop.login1.suspend-multiple-sessions") { return polkit.Result.NO; } }); ------------------------------------- -- Gerardo Exequiel Pozzi \cos^2\alpha + \sin^2\alpha = 1
signature.asc
Description: OpenPGP digital signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel