I cannot do a shutdown without being prompted for root's password.
Linux - DesktopThis forum is for the discussion of all Linux Software used in a desktop context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I cannot do a shutdown without being prompted for root's password.
Running Fedora 17 with Gnome 3.x. I normally don't use the lock desktop feature, but the one time that I did recently, I was unable to shutdown the system. A dialog box popped up stating that there were others still logged into the system, therefore requiring me to enter root's password to proceed with the shutdown. For the most part this happens everytime that I want to powerdown, with the exception of a couple of times.
I have in the past cancelled out from the dialogue which will log me out. I then switched to another virtual console (Ctrl-Alt-F3), logged in as root and did a "who". I received back: unknown :0 date-time (:0)
root :tty3 date-time
Logged out of tty3 and went back to the log-in screen, clicked on the power icon at top right and selected the powerdown option, getting the same result. Cancel out again and then logged back in. Open a terminal (I use terminator) and again type "who" and got: scott :0 date-time (:0)
scott pts/0 date-time (:0)
I closed out the terminal (Ctrl-d) and again tried to powerdown. Sometimes it'll just powerdown, but mostly it'll pop up the dialog box asking for root's password.
Is there something else that I can use to determine what is happening? I normally do not have remote access enabled or tcp port 25 open, so I don't know what else to check. Even if they were turned on, wouldn't "who" show something if someone was in that way?
The problem here is simply user permissions. The shutdown binary is in /sbin/ which is your first indicator that this is not a binary that a normal user would have access to. If you do an "echo $PATH" as your "scott" user you'll see that /sbin/ isn't even in your path but it is in the root users path.
This is by design, the graphical desktops allow you to select the command which excutes the /sbin/shutdown -h now command with some other checks for users and the like. These user checks don't have anything to do with the actual shutdown command, this is something that is by design of the operating system.
You may be able to get around this by adding your user to your sudo file with a nopasswd statement:
Code:
scott ALL=(ALL) NOPASSWD:ALL
That will allow you to use sudo to execute commands with root privilages under your "scott" user, sudo basically means "substitute user and do" which is how your shutdown is being called now, however, the default sudo behaivor is to prompt for the password.
If you want more info on sudo or if this doesn't work there is an easy workaround that you can do via creating a bash script you place in your Desktop folder so you can just double-click it to shutdown the system.
The problem here is simply user permissions. The shutdown binary is in /sbin/ which is your first indicator that this is not a binary that a normal user would have access to. If you do an "echo $PATH" as your "scott" user you'll see that /sbin/ isn't even in your path but it is in the root users path.
This is by design, the graphical desktops allow you to select the command which excutes the /sbin/shutdown -h now command with some other checks for users and the like. These user checks don't have anything to do with the actual shutdown command, this is something that is by design of the operating system.
You may be able to get around this by adding your user to your sudo file with a nopasswd statement:
Code:
scott ALL=(ALL) NOPASSWD:ALL
That will allow you to use sudo to execute commands with root privilages under your "scott" user, sudo basically means "substitute user and do" which is how your shutdown is being called now, however, the default sudo behaivor is to prompt for the password.
If you want more info on sudo or if this doesn't work there is an easy workaround that you can do via creating a bash script you place in your Desktop folder so you can just double-click it to shutdown the system.
The problem though is that it's intermittent. Sometimes I can do a powerdown and other times the dialogue box pops up. This only started after I had "locked" my desktop and later "unlocked it". Before that, I never had any problems. I normally close all app windows from all workspaces then do a Ctrl-Alt-Del to bring up the dialogue for either reboot, powerdown, etc. It's behaving as though there are other users logged into the system even though there's not. At least "who" doesn't show anyone else, I'm not sure of any other way to see if there really is anyone else on the system.
If there is a user check for the shutdown command it is built into the GUI as it is not apart of the core shutdown system binary. You can create a workaround script with the below if you have added yourself to the sudoers file as previously noted.
Put the following into a file named 'shutdown.sh' in your Desktop folder. Path should be ~/Desktop/
Code:
#!/bin/bash
sudo /sbin/shutdown -h now
Then do the following:
Code:
chmod +x ~/Desktop/shutdown.sh
Now you will have a .sh file on your desktop called shutdown that will always shutdown your system when you run it. As far as the user check issue, I would have to say its a problem with the GUI and really isnt a solution with the exception of creating a bug report.
The problem here is simply user permissions. The shutdown binary is in /sbin/ which is your first indicator that this is not a binary that a normal user would have access to. If you do an "echo $PATH" as your "scott" user you'll see that /sbin/ isn't even in your path but it is in the root users path.
No, permissions are here not the problem, modern desktop system, especially Fedora, use DBus for shutting down, the shutdown command is not involved.
Warning:
Quote:
You may be able to get around this by adding your user to your sudo file with a nopasswd statement:
Code:
scott ALL=(ALL) NOPASSWD:ALL
That will allow you to use sudo to execute commands with root privilages under your "scott" user, sudo basically means "substitute user and do" which is how your shutdown is being called now, however, the default sudo behaivor is to prompt for the password.
Sorry I have to say this, but allowing password-less sudo access for all commands is a serious security problem and should never be done. This, sir, is IMHO bad advice. Don't do this.
Quote:
Originally Posted by hscast
The problem though is that it's intermittent. Sometimes I can do a powerdown and other times the dialogue box pops up. This only started after I had "locked" my desktop and later "unlocked it". Before that, I never had any problems. I normally close all app windows from all workspaces then do a Ctrl-Alt-Del to bring up the dialogue for either reboot, powerdown, etc. It's behaving as though there are other users logged into the system even though there's not. At least "who" doesn't show anyone else, I'm not sure of any other way to see if there really is anyone else on the system.
May it be possible that you have background processes that allow other users to login without being noticed by the who command, for example a FTP server or something similar? Or a backup process or something else?
No, permissions are here not the problem, modern desktop system, especially Fedora, use DBus for shutting down, the shutdown command is not involved.
Warning: Sorry I have to say this, but allowing password-less sudo access for all commands is a serious security problem and should never be done. This, sir, is IMHO bad advice. Don't do this.
May it be possible that you have background processes that allow other users to login without being noticed by the who command, for example a FTP server or something similar? Or a backup process or something else?
That sounds like a possibility, but I have not knowingly setup anything that would allow that. It seemed to start the day that I used the desktop lockout. Coincidence? Could very well be. Getting back to the idea of someone logging in in such a way that they're not noticed by "who", how would I see this? Is there a way to get a listing of such log-ins and determine what on my system changed to allow this?
The possibilities to login without being noticed is given by any server program that allows users to login with getting a shell, as said, for example a FTP server.
Usually FTP (or similar) servers are not installed and/or running by default on desktop system and you have to do that manually. If you don't have done this it is very unlikely that this is the problem here.
I would try to create a new user and look if that problem occurs also when you use that user. If so there seems to be a system-wide problem, if not it is a configuration problem for your user.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.