Ssh – How to prevent shutdown when an SSH user is logged in

mandrivapamshutdownsshUbuntu

I'm administrating a networked environment and I had an interesting situation arise yesterday. When a host is required to shutdown by a regular user, it refuses to do so if other users are logged in locally. This, however, is not the case when other users are logged in via SSH. If one user is logged in locally and one user is logged in via SSH and the locally logged in user attempts shutdown it succeeds without even a warning and the other user's SSH connection is abruptly terminated.
My question is, is there a way to prevent this like the policy does for local users? I have already looked at the man page for sshd_config and couldn't find anything that seems related.

EDIT (Additional info.):

There are 4 OS's on the network: Mandriva 2009, Mandriva 2010.2, Mandriva 2011 and Ubuntu 11.04. The specific case I'm referring to had the SSH user on a Mandriva 2009 host and the local user on a Mandriva 2011 host.

Mandriva 2009 hosts use the GNOME 2.28 environment, 2010.2 hosts use GNOME 2.32, 2011 hosts use KDE Plasma and the Ubuntu 11.04 hosts use Unity.

Update

As I noted in this question, I have looked into polkit actions under /usr/share/polkit-1/actions/ and found (in the file org.freedesktop.consolekit.policy) an action called org.freedesktop.consolekit.system.stop-multiple-users that throws the message

System policy prevents stopping the system when other users are logged in

I'm thinking (due to the org.freedesktop.* naming convention) that this is some kind of signal sent to the DM via D-BUS. I think that if I can find out what signal triggers this polkit action, I should be able to modify its behavior. Any ideas?

Update 2

I tried a little experiment today and it gave me very strange results. I tried logging in via SSH to one box and made sure no other users were logged in on any VTs. If I choose to Shutdown from the "Actions" menu of GDM, I get the long-awaited policy message informing me that it's impossible to do so without authentication as other users are logged in. However, if I use GDM to locally log in and choose to shut down the box from GNOME's menu, the SSH session is clobbered as before. How is this possible? Is the behavior different when I initiate a shutdown request from GDM than when I initiate it from within a gnome-session? Does that tell anybody anything that can help me solve the problem?

Best Answer

I would write a small program that checked for any active SSH connections via netstat and/or ps. Drop it in place of the shutdown command.

If no one else is using the machine, call shutdown when the user tries to. If someone is using the machine, simply warn the user who issued the shutdown command.

Netstat will give you output like this, and it's pretty easy to look for .ssh in the output.

netstat -a
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address        State
tcp        0     52  10.5.6.xx.ssh          10.6.6.yy.51400        ESTABLISHED
tcp        0      0  *.ssh                  *.*                    LISTEN
udp        0      0  *.syslog               *.*

ps will give you output like this, but it's a bit harder because you have to make sure not to worry about outbound connections. Netstat is probably the right way to go.

  ps -e | grep ssh
      10084366 ?        00:00:07 /opt/sbin/sshd
        282647 ?        00:00:00 /opt/sbin/sshd
Related Question