Commit a2448ebd authored by legton's avatar legton

Merge branch 'issue/466' into 'develop'

SCRUM#466: Allow guests to shutdown only when no one else is logged in

See merge request !33
parents bf10f424 8b648107
Pipeline #18258 passed with stages
in 7 minutes and 37 seconds
le-multiterminal (1.1.0) unstable; urgency=medium
* Allow guests to hibernate/poweroff/reboot/suspend only when no one else is
logged in (Closes: #466)
* Add lightdm cleanup script to ensure that the logind session is closed
* debian/control: New uploader
* debian/install: Add rules to install the lightdm config file and the
session cleanup script
-- Lucas Sulzbach <lesuporte@c3sl.ufpr.br> Thu, 25 Oct 2018 08:38:10 -0300
le-multiterminal (1.0.2) unstable; urgency=medium
* Fix Linter errors
......
......@@ -2,7 +2,7 @@ Source: le-multiterminal
Section: misc
Priority: optional
Maintainer: C3SL <contato@c3sl.ufpr.br>
Uploaders: Stephanie Briere Americo <sba16@c3sl.ufpr.br>, Diego Pasqualin <dpasqualin@c3sl.ufpr.br>
Uploaders: Stephanie Briere Americo <sba16@c3sl.ufpr.br>, Diego Pasqualin <dpasqualin@c3sl.ufpr.br>, Daniel Bissani Furlin <dbf15@inf.ufpr.br>, Lucas Sulzbach <ls17@c3sl.ufpr.br>
Build-Depends: debhelper (>=9), libx11-dev, libcairo2-dev
Standards-Version: 3.9.8
Vcs-Git: https://gitlab.c3sl.ufpr.br/le6/le-multiterminal.git
......
etc/X11/xorg.conf.d/97-proinfo-monitores.conf etc/X11/xorg.conf.d/
etc/X11/xorg.conf.d/98-proinfo-urbano.conf etc/X11/xorg.conf.d/
etc/le-multiterminal/readme etc/le-multiterminal/
etc/lightdm/lightdm.conf etc/lightdm/
etc/polkit-1/localauthority/50-local.d/90-restrict-guest-permissions.pkla etc/polkit-1/localauthority/50-local.d/
lib/systemd/system/le-multiterminal.service lib/systemd/system/
lib/systemd/system/xorg-daemon.service lib/systemd/system/
......@@ -10,6 +11,7 @@ lib/udev/rules.d/71-seat-usb.rules lib/udev/rules.d/
lib/udev/rules.d/73-seat-attach-assistant.rules lib/udev/rules.d/
usr/lib/find-devices usr/lib/
usr/lib/window-acess usr/lib/
usr/sbin/cleanup-sessions usr/sbin/
usr/sbin/detect-keyboard usr/sbin/
usr/sbin/multiseat-controller usr/sbin/
usr/sbin/multiterminal usr/sbin/
......
#
# General configuration
#
# start-default-seat = True to always start one seat if none are defined in the configuration
# greeter-user = User to run greeter as
# minimum-display-number = Minimum display number to use for X servers
# minimum-vt = First VT to run displays on
# lock-memory = True to prevent memory from being paged to disk
# user-authority-in-system-dir = True if session authority should be in the system location
# guest-account-script = Script to be run to setup guest account
# logind-check-graphical = True to on start seats that are marked as graphical by logind
# log-directory = Directory to log information to
# run-directory = Directory to put running state in
# cache-directory = Directory to cache to
# sessions-directory = Directory to find sessions
# remote-sessions-directory = Directory to find remote sessions
# greeters-directory = Directory to find greeters
# backup-logs = True to move add a .old suffix to old log files when opening new ones
#
[LightDM]
#start-default-seat=true
#greeter-user=lightdm
#minimum-display-number=0
#minimum-vt=7
#lock-memory=true
#user-authority-in-system-dir=false
#guest-account-script=guest-account
#logind-check-graphical=false
#log-directory=/var/log/lightdm
#run-directory=/var/run/lightdm
#cache-directory=/var/cache/lightdm
#sessions-directory=/usr/share/lightdm/sessions:/usr/share/xsessions:/usr/share/wayland-sessions
#remote-sessions-directory=/usr/share/lightdm/remote-sessions
#greeters-directory=/usr/share/lightdm/greeters:/usr/share/xgreeters
#backup-logs=true
#
# Seat configuration
#
# Seat configuration is matched against the seat name glob in the section, for example:
# [Seat:*] matches all seats and is applied first.
# [Seat:seat0] matches the seat named "seat0".
# [Seat:seat-thin-client*] matches all seats that have names that start with "seat-thin-client".
#
# type = Seat type (xlocal, xremote, unity)
# pam-service = PAM service to use for login
# pam-autologin-service = PAM service to use for autologin
# pam-greeter-service = PAM service to use for greeters
# xserver-command = X server command to run (can also contain arguments e.g. X -special-option)
# xmir-command = Xmir server command to run (can also contain arguments e.g. Xmir -special-option)
# xserver-config = Config file to pass to X server
# xserver-layout = Layout to pass to X server
# xserver-allow-tcp = True if TCP/IP connections are allowed to this X server
# xserver-share = True if the X server is shared for both greeter and session
# xserver-hostname = Hostname of X server (only for type=xremote)
# xserver-display-number = Display number of X server (only for type=xremote)
# xdmcp-manager = XDMCP manager to connect to (implies xserver-allow-tcp=true)
# xdmcp-port = XDMCP UDP/IP port to communicate on
# xdmcp-key = Authentication key to use for XDM-AUTHENTICATION-1 (stored in keys.conf)
# unity-compositor-command = Unity compositor command to run (can also contain arguments e.g. unity-system-compositor -special-option)
# unity-compositor-timeout = Number of seconds to wait for compositor to start
# greeter-session = Session to load for greeter
# greeter-hide-users = True to hide the user list
# greeter-allow-guest = True if the greeter should show a guest login option
# greeter-show-manual-login = True if the greeter should offer a manual login option
# greeter-show-remote-login = True if the greeter should offer a remote login option
# user-session = Session to load for users
# allow-user-switching = True if allowed to switch users
# allow-guest = True if guest login is allowed
# guest-session = Session to load for guests (overrides user-session)
# session-wrapper = Wrapper script to run session with
# greeter-wrapper = Wrapper script to run greeter with
# guest-wrapper = Wrapper script to run guest sessions with
# display-setup-script = Script to run when starting a greeter session (runs as root)
# display-stopped-script = Script to run after stopping the display server (runs as root)
# greeter-setup-script = Script to run when starting a greeter (runs as root)
# session-setup-script = Script to run when starting a user session (runs as root)
# session-cleanup-script = Script to run when quitting a user session (runs as root)
# autologin-guest = True to log in as guest by default
# autologin-user = User to log in with by default (overrides autologin-guest)
# autologin-user-timeout = Number of seconds to wait before loading default user
# autologin-session = Session to load for automatic login (overrides user-session)
# autologin-in-background = True if autologin session should not be immediately activated
# exit-on-failure = True if the daemon should exit if this seat fails
#
[Seat:*]
#type=xlocal
#pam-service=lightdm
#pam-autologin-service=lightdm-autologin
#pam-greeter-service=lightdm-greeter
#xserver-command=X
#xmir-command=Xmir
#xserver-config=
#xserver-layout=
#xserver-allow-tcp=false
#xserver-share=true
#xserver-hostname=
#xserver-display-number=
#xdmcp-manager=
#xdmcp-port=177
#xdmcp-key=
#unity-compositor-command=unity-system-compositor
#unity-compositor-timeout=60
#greeter-session=example-gtk-gnome
#greeter-hide-users=false
#greeter-allow-guest=true
#greeter-show-manual-login=false
#greeter-show-remote-login=true
#user-session=default
#allow-user-switching=true
#allow-guest=true
#guest-session=
#session-wrapper=lightdm-session
#greeter-wrapper=
#guest-wrapper=
#display-setup-script=
#display-stopped-script=
#greeter-setup-script=
#session-setup-script=
session-cleanup-script=/usr/sbin/cleanup-sessions
#autologin-guest=false
#autologin-user=
#autologin-user-timeout=0
#autologin-in-background=false
#autologin-session=
#exit-on-failure=false
#
# XDMCP Server configuration
#
# enabled = True if XDMCP connections should be allowed
# port = UDP/IP port to listen for connections on
# listen-address = Host/address to listen for XDMCP connections (use all addresses if not present)
# key = Authentication key to use for XDM-AUTHENTICATION-1 or blank to not use authentication (stored in keys.conf)
# hostname = Hostname to report to XDMCP clients (defaults to system hostname if unset)
#
# The authentication key is a 56 bit DES key specified in hex as 0xnnnnnnnnnnnnnn. Alternatively
# it can be a word and the first 7 characters are used as the key.
#
[XDMCPServer]
#enabled=false
#port=177
#listen-address=
#key=
#hostname=
#
# VNC Server configuration
#
# enabled = True if VNC connections should be allowed
# command = Command to run Xvnc server with
# port = TCP/IP port to listen for connections on
# listen-address = Host/address to listen for VNC connections (use all addresses if not present)
# width = Width of display to use
# height = Height of display to use
# depth = Color depth of display to use
#
[VNCServer]
#enabled=false
#command=Xvnc
#port=5900
#listen-address=
#width=1024
#height=768
#depth=8
......@@ -20,7 +20,7 @@
[Prevents guest users from making changes and turning off the machine]
Identity=unix-user:guest*
Action=org.freedesktop.login1.*;org.freedesktop.NetworkManager.*
Action=org.freedesktop.NetworkManager.*;org.freedesktop.login1.hibernate-multiple-sessions;org.freedesktop.login1.power-off-multiple-sessions;org.freedesktop.login1.reboot-multiple-sessions;org.freedesktop.login1.suspend-multiple-sessions
ResultAny=no
ResultInactive=no
ResultActive=no
#!/bin/bash
# Copyright (C) 2017 Centro de Computacao Cientifica e Software Livre
# Departamento de Informatica - Universidade Federal do Parana - C3SL/UFPR
#
# This file is part of le-multiterminal
#
# le-multiterminal is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
# USA.
#### Description: A lightdm cleanup script to prevent undesirable polkitd behavior.
#### Problem: The closure of a lightdm desktop session sometimes does not mean that its
#### respective user logind session is closed as well. This means that one might not be
#### able to log out of a seat despite the closure of his desktop session, screwing with
#### multiseat policies.
#### Workaround: Force the termination of any normal user (non-lightdm) logind session
#### with a "closing" state.
#### Written by: Lucas Sulzbach - ls17@c3sl.ufpr.br on 2018.
while read -r SESSION
do
STATUS=$(loginctl session-status "${SESSION}" --no-pager | awk '$1~/State/ {print $2}')
# echo "Session ${SESSION} is ${STATUS}"
if [[ "${STATUS}" == "closing" ]]; then
loginctl terminate-session "${SESSION}"
fi
done < <(loginctl list-sessions | awk '$3!~/lightdm/ && $4~/seat/ {print $1}')
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment