Brian Nitz wrote: > Joerg Barfurth wrote: >>>> I'm not convinced we'd want Reboot (or >>>> Shutdown, Sleep, or Suspend) cluttering the Launch menu itself >>>> (although it should probably stay in the menu applet's "Desktop" >>>> menu for those who use that), but I'd agree it's certainly handy to >>>> have all those options in the login screen and the logout dialog, >>>> where permissions allow. >>>
>>> If it is okay to just add this to the spec, then that would obviously >>> be the easiest choice, and we can turn it on by default. Then, people >>> like the SunRay team can turn off this feature along with the rest >>> of the SRSS configuration/installation. >>> >> I'm not sure that is the right thing for SRSS to do. Normally SRSS >> install doesn't silently change settings all over the system. And it >> really shouldn't do so if this could clobber existing user settings. >> >> Additionally it may not be the right thing to do globally. If the >> system has a graphical console the console use may want to retain >> these items. On the other hand there are more ways to set up a >> multi-user system than SRSS. And there are more twists: In a zone >> sleep and suspend make no sense, shutdonw is farfetched, but reboot >> might make sense. >> >> Calum's comment has the key phrase: the best option would be to show >> these items only if the user has the necessary permission to do this >> things. (There should still be the option to switch off altogether.) >> > Wouldn't Role Based Access Control be useful here? Gnome would create > a gnome-shutdowner role at installation, it would be up to the sysadmin > to assign this role to users who are allowed to shutdown. Then patch > gdm to look for the gnome-shutdowner role before it presents the launch > menu shutdown option (and . We would also have to be able to turn off > the gdm login shutdown option independently from the launch menu > shutdown option. You don't want to use a role for this; what you need is an authorization. And there even appears to be a suitable one already: solaris.system.shutdown. This raises several issues: - I assume the gdm login screen shutdown option is offered in the greeter - before the user is authenticated. This makes authorizing this properly difficult. Effectively this can be only on (valid only for single-user computers) or off globally. - For the launch menu (or any other place where shutdown/reboot/suspend is offered to an authenticated user) you probably should rely on the existing solaris.system.shutdown authorization. - If there is an existing mechanism to allow ordinary users to shutdown the machine (for use on single-user machines), then that should probably be changed to an authorization-based mechanism if it isn't already. Ciao, J?rg -- Joerg Barfurth phone: +49 40 23646662 / x66662 Software Engineer mailto:joerg.barfurth at sun.com Desktop Technology http://reserv.ireland/twiki/bin/view/Argus/ Thin Client Software http://www.sun.com/software/sunray/ Sun Microsystems GmbH http://www.sun.com/software/javadesktopsystem/
