Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Solution to Gnome 2 shutdown/reboot command problem!
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
WildChild
Apprentice
Apprentice


Joined: 14 Sep 2003
Posts: 171

PostPosted: Tue Sep 23, 2003 4:13 am    Post subject: Solution to Gnome 2 shutdown/reboot command problem! Reply with quote

Since I installed Gentoo 1.4 on my computer I was wondering why the reboot and the shutdown commands weren't working on Gnome 2. I searched all the day on this forum and on groups.google.com and finally I had an idea on how to merge all that I've seen in one clean solution:

First step:
For the first step I had to recompile gnome-session to specify my own "halt" and "reboot" commands. To do so, I modified the file "gnome-session-2.4.0.ebuild" to change the line:
G2CONF="${G2CONF} $(use_enable ipv6)"
into this:
G2CONF="${G2CONF} $(use_enable ipv6) --with-reboot-command=/usr/bin/reboot --with-halt-command=/usr/bin/halt"
This way I was able to specify my own commands that were created later.

after having modified the ebuild, just type:
emerge gnome-session
to recompile it and reinstall it.

Second step:
The second step was to install "sudo". While searching on this forum, every threads were talking about using "sudo" instead of setting the suid bit for security reason so I decided to use it for my solution.

After having installed "sudo", run "visudo" as root and add these lines into the configuration file:

%shutdown ALL=(root) NOPASSWD: /sbin/reboot.sh
%shutdown ALL=(root) NOPASSWD: /sbin/halt.sh

(Files reboot.sh and halt.sh were created by me too)

Third step:
After I installed "sudo", it was the time to create the /usr/bin/reboot and /usr/bin/halt files:

/usr/bin/reboot content:
#! /bin/sh
sudo /sbin/reboot.sh $*

/usr/bin/halt content:
#! /bin/sh
sudo /sbin/halt.sh $*

chmod 755 reboot halt
chgrp shutdown reboot halt <-- Probably not useful but I find this nicer ;)

Fourth step:
Now this is time to create the /sbin/reboot.sh and /sbin/halt.sh files:

/sbin/reboot.sh content:
#! /bin/sh
/sbin/shutdown -r 0
/etc/init.d/xdm stop

/sbin/halt.sh content:
#! /bin/sh
/sbin/shutdown -h 0
/etc/init.d/xdm stop

chmod 744 reboot.sh halt.sh <-- We only want root to run these files (Normal users will access them using the /usr/bin/{reboot, halt} scripts that use sudo)

Fifth step:
This is the last step. Here we create the group "shutdown" and we have to add users who will have the right to reboot/shutdown the computer to this group:

groupadd shutdown
usermod -G shutdown,and,other,groups,the,user,should,be username

Now all the steps are done. Here I tested both the shutdown and reboot commands in the Gnome "Actions" menu and they worked really fine. (GDM were shut down cleanly showing my slient boot splash before rebooting :D )

I'm not sure if I made something wrong with security but I think this is OK. If you have any comments or questions, just ask :)
Back to top
View user's profile Send private message
charlieg
Advocate
Advocate


Joined: 30 Jul 2002
Posts: 2148
Location: Manchester UK

PostPosted: Tue Sep 23, 2003 9:58 am    Post subject: Reply with quote

Excellent! This has annoyed me for a while!

This should go into Documentation, Tips & Tricks - moderators?
_________________
Want Free games?
Free Gamer - open source games list & commentary

Open source web-enabled rich UI platform: Vexi
Back to top
View user's profile Send private message
herbie
Guru
Guru


Joined: 09 Oct 2002
Posts: 319
Location: London UK

PostPosted: Tue Sep 23, 2003 11:52 am    Post subject: Reply with quote

wow! that seems like an over compilcated way of doing it, why is recompiling gnome-session neccesary?

I got it to work by doing the following:
Code:
ln -sf /sbin/halt /usr/bin/halt
ln -sf /sbin/halt /usr/bin/reboot
ln -sf /sbin/halt /usr/bin/poweroff
chmod 4755 /sbin/halt


a much simpler solution I think.

Herbie.
Back to top
View user's profile Send private message
WildChild
Apprentice
Apprentice


Joined: 14 Sep 2003
Posts: 171

PostPosted: Tue Sep 23, 2003 12:03 pm    Post subject: Reply with quote

herbie wrote:
wow! that seems like an over compilcated way of doing it, why is recompiling gnome-session neccesary?

I got it to work by doing the following:
Code:
ln -sf /sbin/halt /usr/bin/halt
ln -sf /sbin/halt /usr/bin/reboot
ln -sf /sbin/halt /usr/bin/poweroff
chmod 4755 /sbin/halt


a much simpler solution I think.

Herbie.


I now this way it works but setting the suid bit on /sbin/halt is like a security threat. Everyone now has the right to use the reboot command. For the recompilation of gnome, I think usually it looks for the programs /sbin/halt and /sbin/reboot but we need to be root to access them so I wanted to make him access my own script which use sudo to access the commands like if we were root. For the "shutdown" group, it is to give the reboot/halt right only to specific users. And the "/etc/init.d/xdm stop" is to make gdm not to restart and freeze after having executed the halt/reboot commands so we can see correctly the shutdown messages (or bootsplash if we have one :))
Back to top
View user's profile Send private message
dubiousdave
n00b
n00b


Joined: 22 Jun 2003
Posts: 10
Location: Austin, Texas USA

PostPosted: Thu Sep 25, 2003 7:02 pm    Post subject: problem with the solution Reply with quote

WildChild, the problem with your solution is that you are running scripts with root access, which is also a security problem. Theoretically, a clever user could interrupt execution of the script and still have root access to do with as he/she pleases. You should, instead, have your script make sudo calls to the ELF binaries in /sbin, rather than calling the scripts themselves with sudo. That way the root access applies only to the actual shutdown/halt/reboot rather than to the whole shell environment of the script.
Back to top
View user's profile Send private message
c_kuzmanic
Guru
Guru


Joined: 18 Apr 2002
Posts: 488
Location: Los Angeles , California

PostPosted: Thu Sep 25, 2003 9:04 pm    Post subject: Reply with quote

The shutdown/logout button actually works, it might just take a minute or so for the dialog to come up...
Back to top
View user's profile Send private message
stormer
Tux's lil' helper
Tux's lil' helper


Joined: 20 May 2002
Posts: 122
Location: Canada

PostPosted: Fri Dec 12, 2003 8:14 pm    Post subject: Why not a real script Reply with quote

Since I am not always rebooting from X, and that gdm il already killed when I reboot from there, I prefered to build a PostSession script in gdm.

/etc/X11/gdm/PostSession/Default

here is the line I added:
Code:
# Fermeture immédiate de xdm (gdm) si le runlevel est à 0 ou 6
RUNLEVEL=$(/sbin/runlevel | cut -c3)
if test "$RUNLEVEL" = "0" || test "$RUNLEVEL" = "6"
  then
    sudo /etc/init.d/xdm stop
fi

_________________
Stormer :)


Last edited by stormer on Fri Dec 12, 2003 11:51 pm; edited 1 time in total
Back to top
View user's profile Send private message
stormer
Tux's lil' helper
Tux's lil' helper


Joined: 20 May 2002
Posts: 122
Location: Canada

PostPosted: Fri Dec 12, 2003 11:50 pm    Post subject: Also Reply with quote

To respond to dubiousdave :
I do both scrip:
/sbin/reboot.sh :
Code:
#!/bin/bash
sudo /sbin/reboot

/sbin/poweroff.sh :
Code:
#!/bin/bash
sudo /sbin/poweroff


then for the gnome-session to work whith them :
Code:
ln -s /sbin/reboot.sh /usr/bin/reboot
ln -s /sbin/poweroff.sh /usr/bin/poweroff


and also a restrivtive sudoers file:
Code:
%wheel ALL=(ALL) NOPASSWD: /sbin/poweroff
%wheel ALL=(ALL) NOPASSWD: /sbin/reboot
%wheel ALL=(ALL) NOPASSWD: /etc/init.d/xdm stop


Need help here, should I put this? :
Code:
%wheel ALL=(root) NOPASSWD: /sbin/poweroff
%wheel ALL=(root) NOPASSWD: /sbin/reboot
%wheel ALL=(root) NOPASSWD: /etc/init.d/xdm stop

_________________
Stormer :)
Back to top
View user's profile Send private message
Reformist
Guru
Guru


Joined: 06 Oct 2002
Posts: 323

PostPosted: Sat Jan 29, 2005 5:45 am    Post subject: Reply with quote

None of these are great solutions. Replacing the /sbin/halt and shutdown commands with something else, whether it be a script or link, makes maintaibility a nightmare. The next time you upgrade your base layout, those links/scripts will be overwritten and shutdown will then cease to work, meaning you will have to set it up again.

Modifying an ebuild and specifying the programs at compile time also is not flexible or maintaible for obvious reasons. The real solution is to make the shutdown related commands configurable through gconf, and then specify your script or the sudo command you use for shutdown.

I filed this feature request, not sure why it wasn't filed a lot sooner.
http://bugzilla.gnome.org/show_bug.cgi?id=165577
_________________
-Phil Crosby
Back to top
View user's profile Send private message
homme
n00b
n00b


Joined: 12 Apr 2005
Posts: 1

PostPosted: Tue Apr 12, 2005 1:06 pm    Post subject: Reply with quote

gnome-session-2.8 looks for the environment variables REBOOT_COMMAND and HALT_COMMAND during compilation. I added

# Environment variables used by gnome-session package to locate commands
REBOOT_COMMAND='/usr/bin/reboot'
HALT_COMMAND='/usr/bin/poweroff'

to my /etc/make.conf so that whenever I compile gnome-session my reboot and poweroff scripts are called.
Back to top
View user's profile Send private message
slycordinator
Advocate
Advocate


Joined: 31 Jan 2004
Posts: 3056
Location: Redmond, WA

PostPosted: Fri Oct 28, 2005 7:46 am    Post subject: Reply with quote

There's a much easier way to do this:

Add the following lines in /etc/sudoers:
Code:
%shutdown ALL=(root) NOPASSWD: /sbin/reboot
%shutdown ALL=(root) NOPASSWD: /sbin/shutdown -h now


Create the new "shutdown" group and add your user to it:
Code:
groupadd shutdown
gpasswd -a <user> shutdown


Then just create aliases in your favorite shell script setup file.

Since most of you will be using bash you can then add the following line to your ~/.bashrc file:
Code:
alias reboot="sudo /sbin/reboot
alias shutdown="sudo /sbin/shutdown -h now


And all the other major shells have a feature like this.
Back to top
View user's profile Send private message
apoorvkhurasia
n00b
n00b


Joined: 18 Jun 2006
Posts: 28
Location: New Delhi, India

PostPosted: Wed Jun 28, 2006 8:57 am    Post subject: Reply with quote

I have posted this problem before as a shutdown issue see this and I was somehow redirected here. I am not really into making shutdown/reboot work for everyone, so I went for sudo solutions, but turns out that there is some problem with sudo
Code:

sudo: can't open /etc/sudoers: Permission denied
chandraghanta ~ # sendmail: Cannot open mail:25

_________________
Registered Linux User #400426
"Contrawise", continued Tweedledee, "if it was so, it might be; and if it were so, it would be; but as it isn't, it ain't. That's logic." :Lewis Caroll, Alice's Adventures in Wonderland
Back to top
View user's profile Send private message
WildChild
Apprentice
Apprentice


Joined: 14 Sep 2003
Posts: 171

PostPosted: Wed Jun 28, 2006 1:05 pm    Post subject: Reply with quote

Anyway this problem has been solved since a long time in Gnome that now send commands to GDM which run as root and can shutdown/reboot the computer!
_________________
Codito, Ergo Sum
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum