Let's say that you have set up a multi-seat system for use in a school or library, allowing GDM to launch multiple X sessions to run simultaneously with different users/keyboards/monitors.
By default in Debian/Ubuntu in Gnome, you don't have to be root to shutdown or reboot. But this means any user can choose "reboot" or "shutdown" and kick off the other three users.
You have blocked physical access to the server so they can't simply push the power or reset buttons.
What is the correct way of disabling the "shutdown" and "reboot" functionality which is exposed to regular users through GDM/Gnome/whatever window manager you're using?
Best Answer
First, note that ConsoleKit's shutdown function considers "single user" and "multiple users" as two different situations – shutting down the system always requires administrator authentication if other users are logged in.
All such actions are managed by PolicyKit. If you want to adjust the policies, you can do so as described in polkit(8) –
/etc/polkit-1/rules.d/20-disallow-shutdown.rules:polkit.addRule(function(action, subject) { if ((action.id == "org.freedesktop.consolekit.system.stop" || action.id == "org.freedesktop.consolekit.system.restart") && subject.isInGroup("users")) { return subject.active ? polkit.Result.AUTH_ADMIN : polkit.Result.NO; } });PolicyKit 0.105 and earlier versions document this in pklocalauthority(8) –
/etc/polkit-1/localauthority/50-local.d/20-disallow-shutdown.pkla:The
Actions are listed in the ConsoleKit policy file or by runningpkaction.