Re: gnome-list digest, Vol 1 #274 - 13 msgs

On Sat, 9 Sep 2000, STiNG of DEATH wrote:

> I was
> wondering what kind of access control mechanisms are used to control
> what users can shutdown.

AFAIK, all of pam's facilities.  It's just kinda disappointing that they
aren't documented better :)

> I wonder if it is possible to allow/disallow local reboot/shutdown and
> remote reboot/shutdown based on an access control list or something
> similar.

Pam's access module should do the job.  I _think_ you can add a line like:

session    required	/lib/security/

to /etc/pam.d/{shutdown,halt,reboot,poweroff}.  Then, set up control rules
in /etc/security/access.conf.

> It seems this guessing of user permissions breaks sometimes
> it shouldn't (such as the situation above).

When you described the "situation above" it sounded like you thought it
was working properly, what's broke?  It's working exactly as
intended.  "usermode" is intended to give _local_ users a way to do things
like shutting down the system that would otherwise be messy when required.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]