Description of problem: No actions under the power menu in the lightdm-gtk greater Version-Release number of selected component (if applicable): lightdm-gtk-1.3.1-1.fc18.x86_64 How reproducible: everytime Steps to Reproduce: 1. boot into a Xfce livecd or an Xfce installation 2. click on the power icon in the upper rigth corner 3. Actual results: No actions Expected results: some actions (restart, shutdown, etc) Additional info:
After doing some research, I found out that actions is controlled by polkit autherization for org.freedesktop.consolekit.system.restart org.freedesktop.consolekit.system.stop org.freedesktop.upower.suspend org.freedesktop.upower.hibernate so I have made a polkit .rules file and put it into /etc/polkit-1/rules.d/ and now the power action appears in the power menu.
Created attachment 637444 [details] polkit .rules file for lightdm power action
Maybe it would be a good idea to put into the lightdm-gtk package :)
Excellent detective work! I'd been stumped on this for awhile (bug #857254), thanks.
Good, now can we please make it use the systemd-logind interfaces instead of the obsolete ConsoleKit ones for shutdown/restart? Changing that in the code should be fairly straightforward. Does LightDM use other ConsoleKit interfaces (e.g. for user switching) or just those 2?
Oh, and the .rules file probably should be in the core lightdm package, not in lightdm-gtk.
Created attachment 637917 [details] patch to switch to using logind, insted of ConsoleKit I have made a initial patch to use logind DBUS interface for reboot/shutdown instead of the ConsoleKit one. My C is rusty, so there might be some errors :) the main difference is that (Besides the method names) org.freedesktop.login1 CanRestart & CanPowerOff return a "yes" or "no" string, not a boolean like the ConsoleKit one. I have tried to make some handling for that, but it need to be reviewed, by someone with better C skills than me :)
No, that won't work as is, the Restart and PowerOff commands take an additional boolean argument which says whether interactive prompts through PolicyKit are to be allowed. Also note that CanRestart and CanPowerOff can return 3 values: "yes", "no" or "challenge". (That's why it's not a boolean.) "challenge" means the user will be prompted through PolicyKit. So you may also want to treat "challenge" as "yes" for the purpose of showing menu entries. Though then again, LightDM probably doesn't have a PolicyKit authentication agent running in its session, and settings should be such that no challenge is needed, so I guess treating "challenge" the same as "no" is probably the right thing to do here (and thus you'll also want to set the "interactive" argument to false in the Restart and PowerOff commands).
Thanks Tim, I'll try to take it from here. 1. Incorporate polkit.rules asap 2. Adapt your patch to make it upstreamable. Instead of replacing consolekit dbus queries, add logind query first, and fallback to consolekit on failure.
lightdm-1.4.0-2.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/lightdm-1.4.0-2.fc18
Created attachment 638822 [details] WIP login1 PowerOff/Reboot support what I have so far, only partially works: -gobject: Can* seems to return true (the buttons are shown), but PowerOff, Reboot does nothing -qt: Can* seems to return false (Shutdown/restart buttons are grey'd out) :(
heh, I can see an error in -gobject now (/org/freedesktop/login1/Manager is incorrect). retesting with /org/freedesktop/login1
Created attachment 638836 [details] WIP login1 PowerOff/Reboot support (no change. :( ) status: -gobject: Can* seems to return true (the buttons are shown), but PowerOff, Reboot does nothing -qt: Can* seems to return false (Shutdown/restart buttons are grey'd out)
OK, that patch seems to work for -gobject, *provided* you have the right polkit rules. I need to figure out why/how the dbus methods org.freedesktop.login1.Manager.Reboot org.freedesktop.login1.Manager.PowerOff end up mapping to polkit actions: org.freedesktop.login1.reboot-multiple-sessions org.freedesktop.login1.power-off-multiple-sessions I guess these were described on http://www.freedesktop.org/wiki/Software/systemd/logind thank heavens tim's sample .rules file logged the actions (to /var/log/secure) Now to go test -qt bindings too (I suspect we still have some sort of code failure going on there, polkit isn't logging anything when using using lightdm-kde)
Package lightdm-1.4.0-2.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing lightdm-1.4.0-2.fc18' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-17634/lightdm-1.4.0-2.fc18 then log in and leave karma (feedback).
Created attachment 639188 [details] updated polkit .rules file This .rules file will also give the lightdm user permission to all org.freedesktop.login1.* actions
(In reply to comment #14) > OK, that patch seems to work for -gobject, *provided* you have the right > polkit rules. I need to figure out why/how the dbus methods > > org.freedesktop.login1.Manager.Reboot > org.freedesktop.login1.Manager.PowerOff > > end up mapping to polkit actions: > org.freedesktop.login1.reboot-multiple-sessions > org.freedesktop.login1.power-off-multiple-sessions > > I guess these were described on > http://www.freedesktop.org/wiki/Software/systemd/logind > Looking in the logind polkit policy /usr/share/polkit-1/actions/org.freedesktop.login1.policy I seams like there is 3 actions for reboot (same for power off) <action id="org.freedesktop.login1.reboot"> <description>Reboot the system</description> </action> <action id="org.freedesktop.login1.reboot-multiple-sessions"> <description>Reboot the system while other users are logged in</description> </action> <action id="org.freedesktop.login1.reboot-ignore-inhibit"> <description>Reboot the system while an application asked to inhibit it</description> </action> But it don't say anything about why logind think there is multiple sessions and ask for the org.freedesktop.login1.reboot-multiple-sessions permission. The updated rules file, will allow it and make it work and it should be safe if we are not doing user switching, don't even know if lightdm is supporting that
Thanks, ahead of you :) http://pkgs.fedoraproject.org/cgit/lightdm.git/tree/lightdm.rules lightdm-1.4.0-3 has my initial attempt at including native org.freedesktop.login1 support, if you want to pull/test from koji (i wanted to get -2 out and in stable updates first before submitting it)
Oh, and here's the patch currently used, http://pkgs.fedoraproject.org/cgit/lightdm.git/tree/lightdm-1.4.0-systemd_login1_power.patch
Created attachment 640074 [details] secure.log output from lightdm-1.4.0-3 Look like something is not working as expected. Installed lightdm from koji, it looks like both logind & consolekit is called
Rats, I didn't see that in my own testing, so I must have messed something up. The patch as implemented tries to call the logind methods, and if the dbus reply is "invalid" (ie, only supposed to happen if logind isn't present or running), fallback to consolekit.
Just to rule out issues with the logind on my test system. # gdbus call --system --dest org.freedesktop.login1 --object-path /org/freedesktop/login1 --method org.freedesktop.login1.Manager.CanPowerOff Returns: ('yes',)
i'm unable to reproduce the problem. :-/ For fun you could try: 1. comment-out the consolekit related items from lightdm.rules 2. rpm -e --nodeps ConsoleKit To see if either of these makes shutdown/restart not work anymore (highlighting the fact that logind isn't being used properly)
I have tried on my main system, same issue $ rpm -qa lightdm\* lightdm-1.4.0-3.fc18.x86_64 lightdm-gobject-1.4.0-3.fc18.x86_64 lightdm-gtk-1.3.1-1.fc18.x86_64 if I comment out the consolekit part of the lightdm.rules, then restart/shutdown disappears from the power menu.
$ gdbus call --system --dest org.freedesktop.login1 --object-path /org/freedesktop/login1 --method org.freedesktop.login1.Manager.CanPowerOff ('yes',)
Both systems are fully updated system installed from a Xfce livecd.
$ sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28
Mind setting selinux in permissive, and retesting? My box happens to have selinux disabled at the moment (it's stuck in disabled mode no matter what I try, may have to re-install... but that's another story... :-/ )
$ sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: permissive Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28 $ sudo cat /var/log/secure | grep action= Nov 9 18:42:11 None polkitd[609]: /usr/share/polkit-1/rules.d/lightdm.rules:3: action=[Action id='org.freedesktop.upower.suspend'] Nov 9 18:42:11 None polkitd[609]: /usr/share/polkit-1/rules.d/lightdm.rules:3: action=[Action id='org.freedesktop.upower.hibernate'] Nov 9 18:42:11 None polkitd[609]: /usr/share/polkit-1/rules.d/lightdm.rules:3: action=[Action id='org.freedesktop.login1.reboot'] Nov 9 18:42:11 None polkitd[609]: /usr/share/polkit-1/rules.d/lightdm.rules:3: action=[Action id='org.freedesktop.consolekit.system.restart'] Nov 9 18:42:11 None polkitd[609]: /usr/share/polkit-1/rules.d/lightdm.rules:3: action=[Action id='org.freedesktop.login1.power-off'] Nov 9 18:42:11 None polkitd[609]: /usr/share/polkit-1/rules.d/lightdm.rules:3: action=[Action id='org.freedesktop.consolekit.system.stop'] Look like it does change any thing :(
*** Bug 857254 has been marked as a duplicate of this bug. ***
lightdm-1.4.0-2.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
lightdm-1.4.0-5.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/lightdm-1.4.0-5.fc18
lightdm-1.4.0-5.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.