Re: [gdm-list] Re: gdm and the action menu when using a remote login (XDMCP)

From: Brian Cameron <Brian Cameron sun com>
To: Felix Schwarz <Felix Schwarz web de>
Cc: gdm-list gnome org
Subject: Re: [gdm-list] Re: gdm and the action menu when using a remote login (XDMCP)
Date: Wed, 14 Sep 2005 12:59:03 -0500


Felix:

This has been a somewhat controversal feature.  Quite a number of people
seem to want this feature, but it's not clear that GDM is the right way
to offer this functionality.  Allowing users to shutdown a machine
remotely from the login screen may be useful in some unique situations,
but most users don't want people shutting down their machines if they
turn on XDMCP.

I think it would be acceptable to add such a feature to GDM if it
were implemented in a secure way and was an optional feature that was
turned off by default.  This means that the themes and gdmlogin would
need to be smart enough to only show the system menu for remote
login if the feature is turned on.

This relates to the following bugs in bugzilla:

  http://bugzilla.gnome.org/show_bug.cgi?id=71239
  http://bugzilla.gnome.org/show_bug.cgi?id=150849

You'll notice that there is an existing patch with bug 150849.  However
there are problems with the patch.  It is not implemented in a fully
secure way and changes GDM so the default behavior is to allow remote
shutdown.  It might make sense to use this patch as a starting point,
or to help understand the problem.   If you can address the issues
mentioned in the bug report, then a patch could be accepted into
GDM CVS for general use.

It would make the feature a lot more secure if the user had to enter
the root password in order to access the system menu.  I believe
some distros patch the code so it works this way.

Note that bug 71239 highlights that some users want the ability to
add their own arbitrary commands to the system menu, so it might
make sense to do a redesign of the reboot/halt/shutdown commands
so that instead of being 3 specific commands users can run, GDM
could instead be given a list of arbitrary commands that would
be put into the system menu.

Brian

after having a quick look at the source code, I found greeter_system.c
and patched greeter_system_append_system_menu():

        /* should never be allowed by the UI */
        if ( ! GdmSystemMenu ||
            ve_string_empty (g_getenv ("GDM_IS_LOCAL")))
                return;

to allow the system menu even for remote connections. Clicking on the
actions button has no effect but F10 reveals shutdown and reboot.

After patching daemon/gdm.c, the system will shut down properly.

Two questions remain at last:

1. Why does the actions menu not pop up?

2. Obviously remote shutdown was disabled intentionally by the
authors. Are you feeling strongly against a configuration option to
allow remote shutdown without logging in? In this case I would stop
here and do not attempt to streamline my patches for inclusion into
mainline.

Follow-Ups:
- [gdm-list] Re: gdm and the action menu when using a remote login (XDMCP)
  - From: Felix Schwarz

References:
- [gdm-list] gdm and the action menu when using a remote login (XDMCP)
  - From: Felix Schwarz
- [gdm-list] Re: gdm and the action menu when using a remote login (XDMCP)
  - From: Felix Schwarz
- [gdm-list] Re: gdm and the action menu when using a remote login (XDMCP)
  - From: Felix Schwarz

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]