PDA

View Full Version : Why do you need root to shut down via CLI but not via GUI?



l-x-l
July 16th, 2009, 07:38 PM
OK... I'm a relative linux noob but one thing I don't get about linux & Ubuntu. Why do you need sudo privileges to shutdown/reboot a DESKTOP OS in CLI but in GUI those privileges aren't requested to perform the requested function?

I could understand in a server environment where you'd want to restrict that but on a desktop OS, why do u need sudo to do the following in CLI:

1. poweroff
2. reboot
3. sudo shutdown -h now
4. sudo shutdown -r now

I'm tempted to send in a paper-cut on it. Someone help me with the logic.

t4thfavor
July 16th, 2009, 07:44 PM
because if your sitting at your desktop, you usually know if others are using it. When I ssh into my desktop from work, and my wife is on the PC, I tend to want to have to think twice about rebooting my PC hence the password.

It gives you a second change to think about what you are doing, and you cannot accidentally select the command by pressing up arrow, and then enter.


With the GUI you get a prompt that tells you there are others logged onto the system, and you could possibly lose unsaved data.

Make sense?

l-x-l
July 16th, 2009, 07:56 PM
because if your sitting at your desktop, you usually know if others are using it. When I ssh into my desktop from work, and my wife is on the PC, I tend to want to have to think twice about rebooting my PC hence the password.

It gives you a second change to think about what you are doing, and you cannot accidentally select the command by pressing up arrow, and then enter.


With the GUI you get a prompt that tells you there are others logged onto the system, and you could possibly lose unsaved data.

Make sense?

Actually no it doesn't make sense. Instead of asking for a password why doesn't it just ask for confirmation with a "[Y/N/?]" prompt like other apps I've seen do. Why the requirement for a password to do such a mundane task?

Edit: Actually instead of just asking for confirmation, shouldn't you be informed that there are other users still logged on? Then if you want to proceed, ask for sudo privileges?

doas777
July 16th, 2009, 08:02 PM
linux is unix's younger. unix is a multi-user system that allows many people use it at once over terminal sessions. it would be really bad if some stupid user shutdown my session while rebooting the server I was connected to.

khelben1979
July 16th, 2009, 08:03 PM
On Debian Lenny I'm able to reboot the system without root priviliges if I reboot from graphical mode.

I wouldn't say that this is a Linux thing, it's about user priviliges.

l-x-l
July 16th, 2009, 08:23 PM
linux is unix's younger. unix is a multi-user system that allows many people use it at once over terminal sessions. it would be really bad if some stupid user shutdown my session while rebooting the server I was connected to.

I understand your point but if you re-read my initial post I made a concerted effort to highlight the word desktop. In a desktop environment like ubuntu (non-server edition) where 95% of the time the user knows if additional people are logged into their pc, why is their a requirement to provide sudo privileges via cli?

I did an experiment & logged into multiple GUI accounts on my laptop. When I tried to shutdown with multiple users logged in, it asks for sudo privileges. When only 1 user is logged in there's no requirement for sudo privilege to shutdown/reboot. This behavior makes sense.

Why can't this same behavior be replicated in the cli environment? Why can't the system check to see if others are logged in first before requesting sudo privileges in a desktop CLI environment?

Please don't flame me for asking. My question is one of consistency hence my suggestion of making a papercut request.

l-x-l
July 16th, 2009, 08:24 PM
On Debian Lenny I'm able to reboot the system without root priviliges if I reboot from graphical mode.

I wouldn't say that this is a Linux thing, it's about user priviliges.

Good to know. Thx.

t4thfavor
July 16th, 2009, 08:26 PM
We can reboot without root using graphical as well, just not from the CLI. Which I would imagine is the same on your Lenny install.

He's asking why we cannot do it from the CLI without root, and I am saying that its better to ask for root, then to let the user reboot on a whim. It's the same underlying system on both the server, and desktop OS's, so it just makes more sense to require root like you would on a server then to maintain two seperate base installs for the same OS.

If you argue about being noob friendly I will just say "Stay off the CLI".


plus, I am sure you could change permissions on poweroff, and shutdown to allow any old user to do it. Or you could just add yourself to the root group or whatever, and I bet it would never ask you again.



EDIT:

Open up a terminal, and type uptime

what do you see?


15:28:22 up 2 days, 5:07, 4 users, load average: 0.09, 0.21, 0.26

each terminal is considered a user, I'm not sure what significance that has, I just wanted to add it.

ddrichardson
July 16th, 2009, 08:28 PM
OK... I'm a relative linux noob but one thing I don't get about linux & Ubuntu. Why do you need sudo privileges to shutdown/reboot a DESKTOP OS in CLI but in GUI those privileges aren't requested to perform the requested function?

I could understand in a server environment where you'd want to restrict that but on a desktop OS, why do u need sudo to do the following in CLI:

1. poweroff
2. reboot
3. sudo shutdown -h now
4. sudo shutdown -r now

I'm tempted to send in a paper-cut on it. Someone help me with the logic.
You know, you can change that. Adding yourself to the power group is all it takes.

You needn't issue a password to do it from the GUI though, so not sure if its in papercut territory.

Edit: Should've actually checked on an Ubuntu box first as there appears not to be a power group. You can still sort it but would need to add a group.

l-x-l
July 16th, 2009, 08:34 PM
If you argue about being noob friendly I will just say "Stay off the CLI".


I'm not afraid of the CLI at all, in fact I love it. I've been spending a lot of time using the CLI to improve my overall Linux skills & to try to automate some tasks. Hence why I noticed the inconsistency between the GUI & CLI.

l-x-l
July 16th, 2009, 08:36 PM
You know, you can change that. Adding yourself to the power group is all it takes.

You needn't issue a password to do it from the GUI though, so not sure if its in papercut territory.

Edit: Should've actually checked on an Ubuntu box first as there appears not to be a power group. You can still sort it but would need to add a group.

Well maybe this isn't paper-cut territory but I noticed an inconsistency so that's why I asked here first. I also noticed that there isn't a "power" group.

ddrichardson
July 16th, 2009, 08:38 PM
Hence why I noticed the inconsistency between the GUI & CLI.
Thats because there isn't a GUI and a CLI (by the way they're called terms in the Linux world). There are umpteen of them so there are always going to be inconsistencies as different people see different methods as better or worse, I hope this stays the same as its Linux's greatest strength that anyone can tailor it to their own needs.

ddrichardson
July 16th, 2009, 08:43 PM
Well maybe this isn't paper-cut territory but I noticed an inconsistency so that's why I asked here first. I also noticed that there isn't a "power" group.
I didn't say it wasn't a paper cut - just that I wasn't sure because the majority of people will use the GUI.

khelben1979
July 16th, 2009, 08:43 PM
We can reboot without root using graphical as well, just not from the CLI. Which I would imagine is the same on your Lenny install.

That's right. And if I would add more users to my system I should be able to disable their permissions to do a reboot from graphical mode if I want to, but I would not be able to stop them from pulling out the power cable.. [-X :-D

doas777
July 16th, 2009, 08:46 PM
I understand your point but if you re-read my initial post I made a concerted effort to highlight the word desktop. In a desktop environment like ubuntu (non-server edition) where 95% of the time the user knows if additional people are logged into their pc, why is their a requirement to provide sudo privileges via cli?

I did an experiment & logged into multiple GUI accounts on my laptop. When I tried to shutdown with multiple users logged in, it asks for sudo privileges. When only 1 user is logged in there's no requirement for sudo privilege to shutdown/reboot. This behavior makes sense.

Why can't this same behavior be replicated in the cli environment? Why can't the system check to see if others are logged in first before requesting sudo privileges in a desktop CLI environment?

Please don't flame me for asking. My question is one of consistency hence my suggestion of making a papercut request.

good questions. the reason as I understand it, is that *nix is developed to use a "monolithic" kernel. everything that the kernel needs for all it's possible tasks is in there. as a result, there is no special kernel for Servers/cli-clients that is differant from the GUI. also X-Windows and gnome and whatnot, are used in remote terminal sessions everyday, so just because you are in gnome does not mean that you are on a single user system.

a shutdown involves changing hardware states; a task almost always reserved for root. some newer "user-space" technologies like the network-manager and fuse allow normal users to approximate some hardware features (like cd autoplay or dynamic selection of wifi connections) but something like a shutdown could not be localized to a single user.

in most cases, being able to shutdown a box against the admins will is considered a Denial of Service attack vector.

l-x-l
July 16th, 2009, 08:59 PM
doas777,

That's the most instructive answer I've heard thus far. Thanks.

bodhi.zazen
July 16th, 2009, 09:16 PM
It is "silly" on a single user system, but it is not so silly on a multiuser system.

Unlike windows, *unix is built from the ground up to be multi-user and is thus more secure.

This is one example as outlined by doas777.

I would add, if you are connected to the internet, you do not really have a single user system. The recent (and as of yet unpatched) FireFox 3.5 vulnerability is a classic example (this vulnerability allows shell access via malignant JavaScript).

CatKiller
July 16th, 2009, 10:29 PM
Why do you need sudo privileges to shutdown/reboot a DESKTOP OS in CLI but in GUI those privileges aren't requested to perform the requested function?

...

Someone help me with the logic.

I think you'll find that there isn't any. They both use different methods to achieve the same result, and so it would take a concerted effort to make them behave consistently. I shouldn't imagine that that will happen, not least of all because CLI-only users are going to want to keep the default as-is, and being able to turn on the computer but not shut it down again for a graphical-only user is just stupid. Historical factors and different use cases are what created this inconsistency and will probably mean that it will hang around for quite some time.

mcduck
July 16th, 2009, 10:36 PM
I understand your point but if you re-read my initial post I made a concerted effort to highlight the word desktop. In a desktop environment like ubuntu (non-server edition) where 95% of the time the user knows if additional people are logged into their pc, why is their a requirement to provide sudo privileges via cli?

I did an experiment & logged into multiple GUI accounts on my laptop. When I tried to shutdown with multiple users logged in, it asks for sudo privileges. When only 1 user is logged in there's no requirement for sudo privilege to shutdown/reboot. This behavior makes sense.

Why can't this same behavior be replicated in the cli environment? Why can't the system check to see if others are logged in first before requesting sudo privileges in a desktop CLI environment?

Please don't flame me for asking. My question is one of consistency hence my suggestion of making a papercut request.

There is no real difference between desktop version of Ubuntu and server version. They are one and the same OS, only giving you a slightly different setup from the installation.

It only makes sense that Ubuntu behaves the same way regardless of which installation CD you use as your starting point.

You simply can't divide Ubuntu systems to desktop or server machines, quite many people run server apps on desktop version, or desktops on server version, and both can be multiuser setups. In other words Ubuntu isn't a "desktop OS", not even if you install it from the desktop installer. It's OS for both desktop and server use and every Ubuntu install CD can be used to setup CLI-only server systemor desktop system with any of the available desktop environments and window managers. Or something taht combines all these things.

Anyway, the basic rule is that everything that affects the whole system is admin level task. And shutdown definitely affects the whole system and all it's users. Being able to shutdown/reboot from Gnome & KDE without a password is an exception created to help desktop users, but if you'll try any other window manager you'll notice that you need password to shutdown the machine.

battleTop
July 16th, 2009, 10:45 PM
OK... I'm a relative linux noob but one thing I don't get about linux & Ubuntu. Why do you need sudo privileges to shutdown/reboot a DESKTOP OS in CLI but in GUI those privileges aren't requested to perform the requested function?

I could understand in a server environment where you'd want to restrict that but on a desktop OS, why do u need sudo to do the following in CLI:

1. poweroff
2. reboot
3. sudo shutdown -h now
4. sudo shutdown -r now

I'm tempted to send in a paper-cut on it. Someone help me with the logic.

Well, if a hacker has gained access to your system via CLI, you don't want them shuting you down. The password is just another security layer that keeps you safer than you would be in Windows.

battleTop
July 16th, 2009, 10:48 PM
That's right. And if I would add more users to my system I should be able to disable their permissions to do a reboot from graphical mode if I want to, but I would not be able to stop them from pulling out the power cable.. [-X :-D

LMAO. Or just hold the power button down.

mcduck
July 16th, 2009, 10:50 PM
LMAO. Or just hold the power button down.

Only if they are local users. ;)

Remote user would have quite hard time pulling the power cord or pushing the power button.

doorknob60
July 16th, 2009, 10:51 PM
That's just how Linux (and UNIX) works. The only reason you don't need root privilages to shutdown from the GUI is GDM is running with root privilages in the background, and when you click shutdown it tells GDM to shutdown. I don't use a Login Manager, and I can't do that (although there's workarounds with /etc/sudoers and using other pgorams). Gnome, KDE, XFCE, and LXDE all do that I'm pretty sure.

Friqenstein
July 16th, 2009, 10:58 PM
As many have already stated before, it's about security.
And as you keep pointing out Desktop OS is just that... a Desktop.
When you are in CLI you are NOT in your desktop. So why should you have the same access rights as a user in GUI mode?

Aside from that, most people who use the CLI use it because they prefer it to the GUI counter part. And as stated before, sudo helps even the most geeky of gurus from making the slightest mistakes.
And, aside from that, if someone logs in remotely (whether you know it or not) do you really want them to be able to shutdown your Desktop OS from their CLI environment? That seems kinda silly.

Sudo is there for a reason. If it is a complete over-the-head understanding, then perhaps the CLI is not for you. Not trying to be brash or harsh, just stating the facts. 'Keyboard Cowboys' will tell you they despise the GUI and can do faster with a keyboard and terminal that you can with multiple mouse clicks... while some think this is non-sense, others whole heartedly agree.

Aside from all of that, if you are only wanting to use a Single User Desktop OS, then why would you ever bother shutting down from the terminal anyway?

aysiu
July 16th, 2009, 11:01 PM
I think you need it in the GUI, too, but the popular GUIs (Gnome and KDE) have some kind of running service that starts up with root privileges allowing the user to have root privileges just for shut down and rebooting tasks.

A few years ago, Xfce did not have this built in, so you would have to manually edit the /etc/sudoers file to allow particular users to issue the shutdown command without a password.

In IceWM (and I think other window managers as well), you still have to do that /etc/sudoers fix; otherwise you can't shut down or reboot.

ieBrazil
July 16th, 2009, 11:02 PM
Man, I'll tell you as clearly as language may be possible: I DID NOT EVEN UNDERSTAND YOUR QUESTION. WHAT ARE YOU TALKING ABOUT??

Anyway, good luck!

I'm outta here.


ie



OK... I'm a relative linux noob but one thing I don't get about linux & Ubuntu. Why do you need sudo privileges to shutdown/reboot a DESKTOP OS in CLI but in GUI those privileges aren't requested to perform the requested function?

I could understand in a server environment where you'd want to restrict that but on a desktop OS, why do u need sudo to do the following in CLI:

1. poweroff
2. reboot
3. sudo shutdown -h now
4. sudo shutdown -r now

I'm tempted to send in a paper-cut on it. Someone help me with the logic.

ZankerH
July 16th, 2009, 11:05 PM
Real men run gdm as root.

:popcorn:

aysiu
July 16th, 2009, 11:09 PM
Real men run gdm as root.

:popcorn:
I thought GDM automatically runs as root. Isn't that why it's in /etc/init.d?

doas777
July 16th, 2009, 11:11 PM
looks like it:

~$ sudo ps -ef | grep gdm
root 4826 1 0 17:42 ? 00:00:00 /usr/sbin/gdm
root 4827 4826 0 17:42 ? 00:00:00 /usr/sbin/gdm
root 4832 4827 2 17:42 tty7 00:00:41 /usr/X11R6/bin/X :0 -br -audit 0 -auth /var/lib/gdm/:0.Xauth -nolisten tcp vt7

bash
July 16th, 2009, 11:12 PM
Actually you can shut down/reboot the computer without sudo from the CLI, if you issue the right dbus command. As this is what happens when you click on Shutdown/Reboot in the GUI.

mcduck
July 16th, 2009, 11:13 PM
I thought GDM automatically runs as root. Isn't that why it's in /etc/init.d?

I've understood that GDM itself runs as root, while the interface (gdmgreeter and gdmlogin) run as user "gdm".


edit: That's also what GDM documentation says:


The GDM daemon normally runs as root, as does the slave. However GDM should also have a dedicated user id and a group id which it uses for its graphical interfaces such as gdmgreeter and gdmlogin.
.
.
By default GDM assumes the user and the group are called "gdm".

http://projects.gnome.org/gdm/docs/2.14/security.html

Wiebelhaus
July 16th, 2009, 11:14 PM
OK... I'm a relative linux noob but one thing I don't get about linux & Ubuntu. Why do you need sudo privileges to shutdown/reboot a DESKTOP OS in CLI but in GUI those privileges aren't requested to perform the requested function?

I could understand in a server environment where you'd want to restrict that but on a desktop OS, why do u need sudo to do the following in CLI:

1. poweroff
2. reboot
3. sudo shutdown -h now
4. sudo shutdown -r now

I'm tempted to send in a paper-cut on it. Someone help me with the logic.

This is a very good question! One that improves the community discussion and I appreciate that , I think others have already done a fantastic job of answering your question.

sdlynx
July 16th, 2009, 11:28 PM
It gives you a second change to think about what you are doing, and you cannot accidentally select the command by pressing up arrow, and then enter.


you could technically because after sudo'ing once you don't need to type the password anymore

also I'm thinking maybe this is because that way a program that is running cannot shutdown your computer.

l-x-l
July 16th, 2009, 11:35 PM
Well, if a hacker has gained access to your system via CLI, you don't want them shuting you down. The password is just another security layer that keeps you safer than you would be in Windows.

Makes no sense. If a hacker has already gained access to your system what's to stop them from shutting it down. Getting access is the hard part.

MaxIBoy
July 16th, 2009, 11:49 PM
From what I understand, you do need root access to shut down in every case. It's just that there's a daemon which is already running as root, and when you send it the right signal, it has the permissions needed to shut down. It's like a voluntarily-installed rootkit.

It might be that one wants to stop a computer from being shut down (if it's a "shell account" server or a time-sharing machine, for example.) In that case, you edit the policies in policykit.

It's still kinda dumb to require different levels of authorization that way. That's why, on my computer, you need root access to shut down, doesn't matter how you do it.

l-x-l
July 16th, 2009, 11:51 PM
Sudo is there for a reason. If it is a complete over-the-head understanding, then perhaps the CLI is not for you. Not trying to be brash or harsh, just stating the facts.

What "facts" were stated from your sentence above? Did u read the post where I said I like using CLI? Do u even read before u post? Or are all your posts knee-jerk reactions?



'Keyboard Cowboys' will tell you they despise the GUI and can do faster with a keyboard and terminal that you can with multiple mouse clicks... while some think this is non-sense, others whole heartedly agree.


Why are you trying to derail the thread? My post wasn't about GUI vs CLI. You're free to start your own thread on that topic.



Aside from all of that, if you are only wanting to use a Single User Desktop OS, then why would you ever bother shutting down from the terminal anyway?

Again, did u even bother reading any of my posts before the knee jerk reactions? Who said I wanted to use a Single user Desktop OS? R.I.F. (Reading is Fundamental).

bodhi.zazen
July 16th, 2009, 11:53 PM
R.I.F. (Reading is Fundamental).

LOL to death :)

l-x-l
July 16th, 2009, 11:55 PM
That's just how Linux (and UNIX) works. The only reason you don't need root privilages to shutdown from the GUI is GDM is running with root privilages in the background, and when you click shutdown it tells GDM to shutdown.


I think you need it in the GUI, too, but the popular GUIs (Gnome and KDE) have some kind of running service that starts up with root privileges allowing the user to have root privileges just for shut down and rebooting tasks.


From what I understand, you do need root access to shut down in every case. It's just that there's a daemon which is already running as root, and when you send it the right signal, it has the permissions needed to shut down. It's like a voluntarily-installed rootkit.

Thanks for all these responses. Very informative & you can't learn this from a book.

aysiu
July 16th, 2009, 11:58 PM
P.S. When you shut down from Gnome, you aren't technically using
/sbin/shutdown -h now

You're invoking the command
/usr/bin/gnome-session-save --shutdown-dialog

doas777
July 17th, 2009, 12:01 AM
Makes no sense. If a hacker has already gained access to your system what's to stop them from shutting it down. Getting access is the hard part.

it is kinda server-centric isn't it. I think you'll find many more linux servers with ssh enabled, than you would ubuntu desktops with vino or xdmp enabled and directly connected to the Internet. if you were hacking linux, you would probably do it via a terminal over ssh or telnet or whatever.

if your managing a server with thousands of accounts, it's only a matter of time before some stupid user hands a hacker a password (cause they jsut had to click that "win a laptop for 5$" banner blinking in the corner). at that point it's a game of privledge escalation; the quest for root. everythign you can do to make getting root harder is a good thing.

l-x-l
July 17th, 2009, 12:12 AM
it is kinda server-centric isn't it. I think you'll find many more linux servers with ssh enabled, than you would ubuntu desktops with vino or xdmp enabled and directly connected to the Internet. if you were hacking linux, you would probably do it via a terminal over ssh or telnet or whatever.


It makes sense now . I don't run or admin a server so my experience is strictly as a end-user. But your explanation & others made me realize how flexible linux is & how many of it's features are for it's use in server environments.

MaxIBoy
July 17th, 2009, 12:31 AM
UNIX originally ran on time-sharing machines. Back then, a single computer cost so much that a university might only be able to buy two or three. A lot of college kids needed to be given access to one machine in order to complete their studies. Even into the era of personal computers, PCs weren't powerful enough (or they didn't have enough storage) for students to complete certain assignments. At the same time, the chances were pretty good that one of them would try to subvert the security of the system. As a result, people who had login accounts still needed to be treated with suspicion.

(This was all before my time. I know about this stuff the way I know about the battle of Gettysburg.)

earthpigg
July 17th, 2009, 12:32 AM
outstanding thread!

*goes off to load his Arch virtual machine and see what user slim (gdm equivelent, i think it stands for Simple LogIn Manager) runs as...*


ep@ep-9:~$ uptime
19:32:42 up 1 day, 19:33, 2 users, load average: 2.67, 2.46, 2.49
ep@ep-9:~$

one users is ep.
what would the other user be?

gdm (since that runs as its own group/user)? or root (since i have run things with sudo)?

cariboo
July 17th, 2009, 12:44 AM
Run w or who to see who the other user is.

Mehall
July 17th, 2009, 12:47 AM
outstanding thread!

*goes off to load his Arch virtual machine and see what user slim (gdm equivelent, i think it stands for Simple LogIn Manager) runs as...*


ep@ep-9:~$ uptime
19:32:42 up 1 day, 19:33, 2 users, load average: 2.67, 2.46, 2.49
ep@ep-9:~$

one users is ep.
what would the other user be?

gdm (since that runs as its own group/user)? or root (since i have run things with sudo)?

I don't know what the second user is, but SLiM works a bit differently, and doesn't allow you to simply have a non-root shutdown, as it doesn't have hal integration, whereas GDM and KDM DO have hal integration, and it is that (or the subsystem of the root-level user running the gdm daemon) that allows gdm and kdm users to shutdown without supplying a password.

earthpigg
July 17th, 2009, 12:57 AM
ep@ep-9:~$ who
ep tty7 2009-07-15 00:01 (:0)
ep pts/0 2009-07-16 19:55 (:0.0)

ep@ep-9:~$ w
19:55:41 up 1 day, 19:56, 2 users, load average: 2.73, 2.86, 2.76
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
ep tty7 :0 Wed00 43:55m 2:41m 1.34s x-session-manag
ep pts/0 :0.0 19:55 0.00s 0.12s 0.00s w

ep@ep-9:~$ uptime
19:55:42 up 1 day, 19:56, 2 users, load average: 2.73, 2.86, 2.76
ep@ep-9:~$

apparently, the first user is me... and the 2nd user is 'me running something to see who is logged in'.

any way to see who has logged in since the system booted?

bodhi.zazen
July 17th, 2009, 01:00 AM
last

lisati
July 17th, 2009, 01:00 AM
UNIX originally ran on time-sharing machines. Back then, a single computer cost so much that a university might only be able to buy two or three. A lot of college kids needed to be given access to one machine in order to complete their studies. Even into the era of personal computers, PCs weren't powerful enough (or they didn't have enough storage) for students to complete certain assignments. At the same time, the chances were pretty good that one of them would try to subvert the security of the system. As a result, people who had login accounts still needed to be treated with suspicion.

(This was all before my time. I know about this stuff the way I know about the battle of Gettysburg.)

Back in the 1980s, I worked for a company which hired out computer services on their network of mainframes to a number of local businesses. Security was paramount because they didn't want the "wrong" people accessing the "wrong" information. The way it was organized was that I couldn't take a walk of a few minutes from the building I worked in, visit someone I knew at another business who worked in another building, and log in as myself - the security system was smart enough to know that the login attempt was coming from a place that wasn't normally associated with the userid.
I only ever discovered one security vulnerability on that system - and that was by piecing together a snippet of technical information I overheard in the cafeteria with some other stuff I had read somewhere.

Skripka
July 17th, 2009, 01:05 AM
That's just how Linux (and UNIX) works. The only reason you don't need root privilages to shutdown from the GUI is GDM is running with root privilages in the background, and when you click shutdown it tells GDM to shutdown. I don't use a Login Manager, and I can't do that (although there's workarounds with /etc/sudoers and using other pgorams). Gnome, KDE, XFCE, and LXDE all do that I'm pretty sure.

And the Archers are the first to hit the nail on the head.

pelle.k
July 17th, 2009, 03:56 AM
why do u need sudo to do the following in CLI:
You can use gnome-power-cmd.

gnome-power-cmd shutdown/suspend/hibernate/reboot
If you run a CLI only enviroment, i'm pretty sure you would know how to modify policykit or /etc/sudoers to allow "normal" user accounts to shut down ;)

Mr. Picklesworth
July 17th, 2009, 04:40 AM
Eeeergh... The question is simply "why," folks.

At present, shutting down via GUI actually does require the same kind of superuser privileges you see with the raw shutdown command (which is implemented at a lower level). However, graphical desktop environments provide means to escalate privileges for the sake of user friendliness. This is often done via PolicyKit, or with existing, cautious daemons which have the needed permission taking orders by proxy.

This is all done via dbus, talking to a daemon at org.freedesktop.PowerManagement. There is a command line app called gnome-power-cmd which does the same magic you are used to on the gui.

Of course, that only happens if you are have the appropriate freedesktop power management interface on your dbus session bus, so if you are freshly logged in to a terminal (without gnome running at any level) it won't work. That one is a feature.

Edit:
'My bad, I missed the second page. Looks like people on this page read more closely ;)

toupeiro
July 17th, 2009, 08:03 AM
linux is unix's younger. unix is a multi-user system that allows many people use it at once over terminal sessions. it would be really bad if some stupid user shutdown my session while rebooting the server I was connected to.

TRUE STORY!

I run several shared servers, sometimes hosting more than 50 login sessions simultaneously. The last thing I want is people rebooting my boxes.

Eclipse.
July 17th, 2009, 01:54 PM
Eeeergh... The question is simply "why," folks.

At present, shutting down via GUI actually does require the same kind of superuser privileges you see with the raw shutdown command (which is implemented at a lower level). However, graphical desktop environments provide means to escalate privileges for the sake of user friendliness. This is often done via PolicyKit, or with existing, cautious daemons which have the needed permission taking orders by proxy.

This is all done via dbus, talking to a daemon at org.freedesktop.PowerManagement. There is a command line app called gnome-power-cmd which does the same magic you are used to on the gui.

Of course, that only happens if you are have the appropriate freedesktop power management interface on your dbus session bus, so if you are freshly logged in to a terminal (without gnome running at any level) it won't work. That one is a feature.



What he said. :)

l-x-l
July 17th, 2009, 02:49 PM
You can use gnome-power-cmd.

gnome-power-cmd shutdown/suspend/hibernate/reboot




This is all done via dbus, talking to a daemon at org.freedesktop.PowerManagement. There is a command line app called gnome-power-cmd which does the same magic you are used to on the gui.

Of course, that only happens if you are have the appropriate freedesktop power management interface on your dbus session bus, so if you are freshly logged in to a terminal (without gnome running at any level) it won't work. That one is a feature.



Thx.