View previous topic :: View next topic |
Author |
Message |
WildChild Apprentice
Joined: 14 Sep 2003 Posts: 171
|
Posted: Tue Sep 23, 2003 4:13 am Post subject: Solution to Gnome 2 shutdown/reboot command problem! |
|
|
Since I installed Gentoo 1.4 on my computer I was wondering why the reboot and the shutdown commands weren't working on Gnome 2. I searched all the day on this forum and on groups.google.com and finally I had an idea on how to merge all that I've seen in one clean solution:
First step:
For the first step I had to recompile gnome-session to specify my own "halt" and "reboot" commands. To do so, I modified the file "gnome-session-2.4.0.ebuild" to change the line:
G2CONF="${G2CONF} $(use_enable ipv6)"
into this:
G2CONF="${G2CONF} $(use_enable ipv6) --with-reboot-command=/usr/bin/reboot --with-halt-command=/usr/bin/halt"
This way I was able to specify my own commands that were created later.
after having modified the ebuild, just type:
emerge gnome-session
to recompile it and reinstall it.
Second step:
The second step was to install "sudo". While searching on this forum, every threads were talking about using "sudo" instead of setting the suid bit for security reason so I decided to use it for my solution.
After having installed "sudo", run "visudo" as root and add these lines into the configuration file:
%shutdown ALL=(root) NOPASSWD: /sbin/reboot.sh
%shutdown ALL=(root) NOPASSWD: /sbin/halt.sh
(Files reboot.sh and halt.sh were created by me too)
Third step:
After I installed "sudo", it was the time to create the /usr/bin/reboot and /usr/bin/halt files:
/usr/bin/reboot content:
#! /bin/sh
sudo /sbin/reboot.sh $*
/usr/bin/halt content:
#! /bin/sh
sudo /sbin/halt.sh $*
chmod 755 reboot halt
chgrp shutdown reboot halt <-- Probably not useful but I find this nicer
Fourth step:
Now this is time to create the /sbin/reboot.sh and /sbin/halt.sh files:
/sbin/reboot.sh content:
#! /bin/sh
/sbin/shutdown -r 0
/etc/init.d/xdm stop
/sbin/halt.sh content:
#! /bin/sh
/sbin/shutdown -h 0
/etc/init.d/xdm stop
chmod 744 reboot.sh halt.sh <-- We only want root to run these files (Normal users will access them using the /usr/bin/{reboot, halt} scripts that use sudo)
Fifth step:
This is the last step. Here we create the group "shutdown" and we have to add users who will have the right to reboot/shutdown the computer to this group:
groupadd shutdown
usermod -G shutdown,and,other,groups,the,user,should,be username
Now all the steps are done. Here I tested both the shutdown and reboot commands in the Gnome "Actions" menu and they worked really fine. (GDM were shut down cleanly showing my slient boot splash before rebooting )
I'm not sure if I made something wrong with security but I think this is OK. If you have any comments or questions, just ask |
|
Back to top |
|
|
charlieg Advocate
Joined: 30 Jul 2002 Posts: 2149 Location: Manchester UK
|
Posted: Tue Sep 23, 2003 9:58 am Post subject: |
|
|
Excellent! This has annoyed me for a while!
This should go into Documentation, Tips & Tricks - moderators? _________________ Want Free games?
Free Gamer - open source games list & commentary
Open source web-enabled rich UI platform: Vexi |
|
Back to top |
|
|
herbie Guru
Joined: 09 Oct 2002 Posts: 319 Location: London UK
|
Posted: Tue Sep 23, 2003 11:52 am Post subject: |
|
|
wow! that seems like an over compilcated way of doing it, why is recompiling gnome-session neccesary?
I got it to work by doing the following:
Code: | ln -sf /sbin/halt /usr/bin/halt
ln -sf /sbin/halt /usr/bin/reboot
ln -sf /sbin/halt /usr/bin/poweroff
chmod 4755 /sbin/halt |
a much simpler solution I think.
Herbie. |
|
Back to top |
|
|
WildChild Apprentice
Joined: 14 Sep 2003 Posts: 171
|
Posted: Tue Sep 23, 2003 12:03 pm Post subject: |
|
|
herbie wrote: | wow! that seems like an over compilcated way of doing it, why is recompiling gnome-session neccesary?
I got it to work by doing the following:
Code: | ln -sf /sbin/halt /usr/bin/halt
ln -sf /sbin/halt /usr/bin/reboot
ln -sf /sbin/halt /usr/bin/poweroff
chmod 4755 /sbin/halt |
a much simpler solution I think.
Herbie. |
I now this way it works but setting the suid bit on /sbin/halt is like a security threat. Everyone now has the right to use the reboot command. For the recompilation of gnome, I think usually it looks for the programs /sbin/halt and /sbin/reboot but we need to be root to access them so I wanted to make him access my own script which use sudo to access the commands like if we were root. For the "shutdown" group, it is to give the reboot/halt right only to specific users. And the "/etc/init.d/xdm stop" is to make gdm not to restart and freeze after having executed the halt/reboot commands so we can see correctly the shutdown messages (or bootsplash if we have one ) |
|
Back to top |
|
|
dubiousdave n00b
Joined: 22 Jun 2003 Posts: 10 Location: Austin, Texas USA
|
Posted: Thu Sep 25, 2003 7:02 pm Post subject: problem with the solution |
|
|
WildChild, the problem with your solution is that you are running scripts with root access, which is also a security problem. Theoretically, a clever user could interrupt execution of the script and still have root access to do with as he/she pleases. You should, instead, have your script make sudo calls to the ELF binaries in /sbin, rather than calling the scripts themselves with sudo. That way the root access applies only to the actual shutdown/halt/reboot rather than to the whole shell environment of the script. |
|
Back to top |
|
|
c_kuzmanic Guru
Joined: 18 Apr 2002 Posts: 488 Location: Los Angeles , California
|
Posted: Thu Sep 25, 2003 9:04 pm Post subject: |
|
|
The shutdown/logout button actually works, it might just take a minute or so for the dialog to come up... |
|
Back to top |
|
|
stormer Tux's lil' helper
Joined: 20 May 2002 Posts: 122 Location: Canada
|
Posted: Fri Dec 12, 2003 8:14 pm Post subject: Why not a real script |
|
|
Since I am not always rebooting from X, and that gdm il already killed when I reboot from there, I prefered to build a PostSession script in gdm.
/etc/X11/gdm/PostSession/Default
here is the line I added:
Code: | # Fermeture immédiate de xdm (gdm) si le runlevel est à 0 ou 6
RUNLEVEL=$(/sbin/runlevel | cut -c3)
if test "$RUNLEVEL" = "0" || test "$RUNLEVEL" = "6"
then
sudo /etc/init.d/xdm stop
fi |
_________________ Stormer
Last edited by stormer on Fri Dec 12, 2003 11:51 pm; edited 1 time in total |
|
Back to top |
|
|
stormer Tux's lil' helper
Joined: 20 May 2002 Posts: 122 Location: Canada
|
Posted: Fri Dec 12, 2003 11:50 pm Post subject: Also |
|
|
To respond to dubiousdave :
I do both scrip:
/sbin/reboot.sh :
Code: | #!/bin/bash
sudo /sbin/reboot |
/sbin/poweroff.sh :
Code: | #!/bin/bash
sudo /sbin/poweroff |
then for the gnome-session to work whith them :
Code: | ln -s /sbin/reboot.sh /usr/bin/reboot
ln -s /sbin/poweroff.sh /usr/bin/poweroff |
and also a restrivtive sudoers file:
Code: | %wheel ALL=(ALL) NOPASSWD: /sbin/poweroff
%wheel ALL=(ALL) NOPASSWD: /sbin/reboot
%wheel ALL=(ALL) NOPASSWD: /etc/init.d/xdm stop |
Need help here, should I put this? :
Code: | %wheel ALL=(root) NOPASSWD: /sbin/poweroff
%wheel ALL=(root) NOPASSWD: /sbin/reboot
%wheel ALL=(root) NOPASSWD: /etc/init.d/xdm stop |
_________________ Stormer |
|
Back to top |
|
|
Reformist Guru
Joined: 06 Oct 2002 Posts: 323
|
Posted: Sat Jan 29, 2005 5:45 am Post subject: |
|
|
None of these are great solutions. Replacing the /sbin/halt and shutdown commands with something else, whether it be a script or link, makes maintaibility a nightmare. The next time you upgrade your base layout, those links/scripts will be overwritten and shutdown will then cease to work, meaning you will have to set it up again.
Modifying an ebuild and specifying the programs at compile time also is not flexible or maintaible for obvious reasons. The real solution is to make the shutdown related commands configurable through gconf, and then specify your script or the sudo command you use for shutdown.
I filed this feature request, not sure why it wasn't filed a lot sooner.
http://bugzilla.gnome.org/show_bug.cgi?id=165577 _________________ -Phil Crosby |
|
Back to top |
|
|
homme n00b
Joined: 12 Apr 2005 Posts: 1
|
Posted: Tue Apr 12, 2005 1:06 pm Post subject: |
|
|
gnome-session-2.8 looks for the environment variables REBOOT_COMMAND and HALT_COMMAND during compilation. I added
# Environment variables used by gnome-session package to locate commands
REBOOT_COMMAND='/usr/bin/reboot'
HALT_COMMAND='/usr/bin/poweroff'
to my /etc/make.conf so that whenever I compile gnome-session my reboot and poweroff scripts are called. |
|
Back to top |
|
|
slycordinator Advocate
Joined: 31 Jan 2004 Posts: 3065 Location: Korea
|
Posted: Fri Oct 28, 2005 7:46 am Post subject: |
|
|
There's a much easier way to do this:
Add the following lines in /etc/sudoers:
Code: | %shutdown ALL=(root) NOPASSWD: /sbin/reboot
%shutdown ALL=(root) NOPASSWD: /sbin/shutdown -h now |
Create the new "shutdown" group and add your user to it:
Code: | groupadd shutdown
gpasswd -a <user> shutdown |
Then just create aliases in your favorite shell script setup file.
Since most of you will be using bash you can then add the following line to your ~/.bashrc file:
Code: | alias reboot="sudo /sbin/reboot
alias shutdown="sudo /sbin/shutdown -h now |
And all the other major shells have a feature like this. |
|
Back to top |
|
|
apoorvkhurasia n00b
Joined: 18 Jun 2006 Posts: 28 Location: New Delhi, India
|
Posted: Wed Jun 28, 2006 8:57 am Post subject: |
|
|
I have posted this problem before as a shutdown issue see this and I was somehow redirected here. I am not really into making shutdown/reboot work for everyone, so I went for sudo solutions, but turns out that there is some problem with sudo
Code: |
sudo: can't open /etc/sudoers: Permission denied
chandraghanta ~ # sendmail: Cannot open mail:25
|
_________________ Registered Linux User #400426
"Contrawise", continued Tweedledee, "if it was so, it might be; and if it were so, it would be; but as it isn't, it ain't. That's logic." :Lewis Caroll, Alice's Adventures in Wonderland |
|
Back to top |
|
|
WildChild Apprentice
Joined: 14 Sep 2003 Posts: 171
|
Posted: Wed Jun 28, 2006 1:05 pm Post subject: |
|
|
Anyway this problem has been solved since a long time in Gnome that now send commands to GDM which run as root and can shutdown/reboot the computer! _________________ Codito, Ergo Sum |
|
Back to top |
|
|
|