Bug 1320245 - Cancelling shutdown from gui switches back to root session with no authentication requirement
Summary: Cancelling shutdown from gui switches back to root session with no authentica...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: gnome-session
Version: 6.7
Hardware: x86_64
OS: Linux
high
urgent
Target Milestone: rc
: ---
Assignee: Ray Strode [halfline]
QA Contact: Desktop QE
Lucie Maňásková
URL:
Whiteboard:
Depends On:
Blocks: 1269194 1363705
TreeView+ depends on / blocked
 
Reported: 2016-03-22 16:24 UTC by Joe Wright
Modified: 2017-04-12 19:13 UTC (History)
4 users (show)

Fixed In Version: gnome-session-2.28.0-24.el6
Doc Type: Bug Fix
Doc Text:
Cancelling shutdown from a GUI session now switches to running session Previously, the *policykit* credentials for shutting down the system were not obtained up front before logging out. Consequently, if the users cancelled the policykit authentication dialog, they were sent back to the login screen instead of the graphical user interface (GUI) session. With this update, the dialog for obtaining credentials appears up front before the logout starts. As a result, when the users cancel the authentication dialog, they are sent back to their session instead of the login screen.
Clone Of:
Environment:
Last Closed: 2017-03-21 11:54:24 UTC

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:0788 normal SHIPPED_LIVE gnome-session bug fix update 2017-03-21 12:50:09 UTC

Description Joe Wright 2016-03-22 16:24:53 UTC 
Description of problem:
user is logged out of gui after switching from a root gui session after trying to shutdown and cancelling the shutdown

Version-Release number of selected component (if applicable):
RHEL 6.7

How reproducible:
Verified in house on a 6.6 system

Steps to Reproduce:
- Have root log into the gnome desktop
- Switch to another user without elevated privileges
- Attempt to shutdown from the menu
- The user will be prompted for the root password
- Click cancel and the user will be logged out and immediately be switch to the root desktop   <<<<<< (The problem is here) ( I believe that I should have to authenticate to return to root's desktop session)



Actual results:
- user is logged out and switched back to the root session without authentication prompt

Expected results:
- I expect that the correct behavior is for the user to be put back on his/her own desktop and not root

Additional info:
Spoke with Ray Strode about this directly, he verified it is an issue
Comment 2 Ray Strode [halfline] 2016-03-22 16:32:57 UTC 
To be clear, we don't lock the screen for the root user in RHEL 6 (or earlier RHELs).  That's one of the reasons we post a warning dialog when a user logs in as root.

The bug here is that we log the user out when they shutdown, before we ask for the polkit password.  If they cancel the polkit password, we've already logged the user out so we can't perform the cancel.

We should get the polkit credentials first before doing the logout.

I don't think we should change the behavior of root locking in rhel 6 at this point. That behavior has existed since before RHEL 2.1.  See

https://wiki.gnome.org/Projects/GnomeScreensaver/FrequentlyAskedQuestions#Why_doesn.27t_my_screen_lock_when_I.27m_logged_in_as_root.3F

We did fix it for rhel 7, though.
Comment 7 Ray Strode [halfline] 2016-11-07 16:26:16 UTC 
I've done a build now with the changes mentioned in comment 2.
Comment 13 errata-xmlrpc 2017-03-21 11:54:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0788.html
Note You need to log in before you can comment on or make changes to this bug.