Re: Removing system items from Leave menu in Plasma 5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 17/04/15 18:20, Rex Dieter wrote:

Roderick Johnstone wrote:


After reading up a bit on the policykit docs I have tried two things,
neither of which have worked:

1) Edited /usr/share/polkit-1/actions/org.freedesktop.login1.policy and
changed the line in the <action id="org.freedesktop.login1.reboot">
section from:
   <allow_active>yes</allow_active>
to
   <allow_active>no</allow_active>

ie expecting my test account to be disallowed from running the reboot
option.


I would have expected this to work too, but the policykit daemon may not
parse this initial config after startup (try rebooting after making the
change?)

Unfortunately, this will disallow *everyone* from rebooting, possibly
including root, so be careful.

This isn't the way to go though, see below.


2) Added a file: 52-org.freedesktop.login1.xray.rules to
/etc/polkit-1/rules.d/ which contains:
polkit.addRule(function(action, subject) {
          if (action.id == "org.freedesktop.login1.reboot" &&
                  !subject.isInGroup("admin")) {
                  return polkit.Result.AUTH_ADMIN;
          }
});

ie expecting my test account to be prompted for a root password in this
case.

In both cases my test account can just restart the system.

Right, you followed something like
https://ask.fedoraproject.org/en/question/35143/how-can-i-configure-polkit-policy/
by putting a  snippet into  /etc/polkit-1/rules.d/


Yes.


This is the prefered way to do it.  Not sure why it didn't work for you,
maybe try configuring to deny access first and see if that works?
So, after some testing what I'm finding is that if I log into the KDE session as my testing user and type reboot at a konsole prompt I get a window inviting me to enter the root password.
This the the expected behaviour for how I have the system configured at the moment, and I can change it if I alter my rule.
On the other hand, if I select reboot from the Application Launcher Leave menu, it just reboots straight away.
Maybe the Leave menu items are using a different polkit action or somehow bypassing polkit? 

Any ideas?

Thanks.

Roderick
_______________________________________________
kde mailing list
kde@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/kde
New to KDE4? - get help from http://userbase.kde.org
[Index of Archives]     [KDE Users]     [Fedora General Discussion]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Maintainers]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Announce]     [Fedora Package Review]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Triage]     [Coolkey]     [Yum Users]     [Yosemite Forum]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]

  Powered by Linux