Re: gnome-list digest, Vol 1 #274 - 13 msgs

From: Gordon Messmer <yinyang eburg com>
To: STiNG of DEATH <nsmail coldfusion 4mg com>
Cc: gnome-list gnome org
Subject: Re: gnome-list digest, Vol 1 #274 - 13 msgs
Date: Fri, 8 Sep 2000 21:52:56 -0700 (PDT)

On Sat, 9 Sep 2000, STiNG of DEATH wrote:

> I was
> wondering what kind of access control mechanisms are used to control
> what users can shutdown.

AFAIK, all of pam's facilities.  It's just kinda disappointing that they
aren't documented better :)

> I wonder if it is possible to allow/disallow local reboot/shutdown and
> remote reboot/shutdown based on an access control list or something
> similar.

Pam's access module should do the job.  I _think_ you can add a line like:

session    required	/lib/security/pam_access.so

to /etc/pam.d/{shutdown,halt,reboot,poweroff}.  Then, set up control rules
in /etc/security/access.conf.

> It seems this guessing of user permissions breaks sometimes
> it shouldn't (such as the situation above).

When you described the "situation above" it sounded like you thought it
was working properly, what's broke?  It's working exactly as
intended.  "usermode" is intended to give _local_ users a way to do things
like shutting down the system that would otherwise be messy when required.

MSG

Follow-Ups:
- Re: gnome-list digest, Vol 1 #274 - 13 msgs
  - From: STiNG of DEATH

References:
- Re: gnome-list digest, Vol 1 #274 - 13 msgs
  - From: STiNG of DEATH

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]