User can shutdown machine even if others are logged in

In addition to the message, shutdown should only happen if the user shutting down the system has administrator privileges.

(My son just rebooted the system! Argh!)

Why is this marked as wishlist???

This should have importance high, as it can lead to serious data loss.

yes this could be marked as a concern if your computer acts as a firewall/router, and can lead to serious dataloss from unsaved work and jobs that are active can be killed by any user upon shutdown

In multi user mode, how can one user turn off the computer from his login, while other user is still logged in. ( and that too when the guest user is unprivileged)

Ideally it should logout (even on giving shutdown option) to the original locked screen of previous user.

This bug can cause serious data loss as already pointed out.

plus you can't setup ubuntu on machines in multi-user environments like offices, or cyber-cafes.

This bug should be given high priority.

The new Authorizations (policykit-gnome) system in hardy should fix this issue, but unfortunately it doesn't work. Setting Admin Authorization required to reboot/shutdown has no effect, the user is still able to reboot/shutdown.

Theoretically this should disable rebooting from within the desktop environment without authentication:

polkit-action --set-defaults-active org.freedesktop.hal.power-management.reboot auth_admin

However, it doesn't work. I also don't think this should be a "wishlist" item. It is a vital aspect of any multi-user system. Allowing unprivileged users to reboot or shut down a system breaks all Unix/Linux paradigms. I strongly urge for this bug to be elevated in status.

Imagine a lab full of systems that are used by the console users as well as by other users logging in from home or other systems via ssh. The console user can now completely destroy the work of any remotely logged in users. Please elevate the importance of this bug.

This all said - does anyone have a fix or workaround? I really need to keep desktop users from simply shutting down or rebooting machines. I know they can just push the power button, but I'd like to at least avoid accidental reboots/shutdowns!

Thanks!

Has anyone come up with a workaround for this? Who do I have to beg to upgrade this from "wishlist?" Having entire labs where students accidentally shut down the systems is extemely annoying. Thanks!

From what I understand it should function correctly once GDM has been updated to the new version 2.21.

>
> Ubuntu offers to shut down/restart the computer even if other users
> are logged in, so if user A has unsaved data open, and user B shuts
> down the computer, A loses data.
>
> There should at least be a message "X users are still logged in, do
> you really want to restart?".

As far as I can tell, policy kit is supposed to take care of this.
There are options to require an admin password when other users are
logged in or for any shutdown. Unfortunately, none of those are
currently being honored. I'm guessing this needs to be fixed upstream,
but it could be an Ubuntu-specific problem. We have lots of remote
logins to our lab systems and having the console user (even
accidentally) shut down or reboot the system causes a lot of havoc.

---
Markus A. Iturriaga Woelfel, IT Administrator
Electrical Engineering and Computer Science
University of Tennessee
203 Claxton Complex / 1122 Volunteer Blvd.
Knoxville, TN 37996-3450
<email address hidden> / (865) 974-3837

Definitely, this is serious security problem that should not be present on a LTS version. I can't understand why it is marked as "wishlist".

This is an Ubuntu problem, since it is not present on Debian Lenny.

For my private home system I find it quite annoying that intrepid requests my password for shutting down the system while I'm at the physical console. Since I can easily unplug the power I don't see much point in demanding a password for shutdown.

On Sun, 01 Feb 2009 00:39:43 -0000, "Henrik" <email address hidden> said:
> For my private home system I find it quite annoying that intrepid
> requests my password for shutting down the system while I'm at the
> physical console. Since I can easily unplug the power I don't see much
> point in demanding a password for shutdown.

On my Intrepid system, in System > Administration > Authorizations, the
setting for org.freedesktop.hal.power-management.shutdown is Yes for the
Active Console user, and I am rather confident I have not changed this
setting. Sounds like somebody changed it to Authentication on your
system, or perhaps this is a setting from an earlier version of Ubuntu
which wasn't properly u&#7765;dated when you upgraded. In any event,
this is clearly outside the scope of what is being discussed here.
Please file a separate bug if you want to report a different problem.
Thanks.

/* era */

--
If this were a real .signature, it would suck less. Well, maybe not.

On Sun, 01 Feb 2009 00:39:43 -0000, "Henrik" <email address hidden> said:
> For my private home system I find it quite annoying that intrepid
> requests my password for shutting down the system while I'm at the
> physical console. Since I can easily unplug the power I don't see much
> point in demanding a password for shutdown.

The idea here is to save accidental shutdowns. A child may not realize (as in my case) that something bad may happen if he shutdown the computer. A warning message will make the child think twice, and hopefully ask an adult for help...

I got hit by this too! I need to disable users ability to shut down the machine, but the authorizations-console doesn't do a thing. So how I'm gone do that?

I too can't understand why this is on a wishlist. This seems to be violation of Unix principles and allowing ohter users to accidently shut down this machine will result a data loss for me and others. On this machine there is no risk of intentional shut down so no need to glue buttons and cables :)

-Antti

That got fixed in Ubuntu 8.10. GNOME has used ConsoleKit for shutdown/reboot since then, which asks for the admin password when you try to shutdown with several users being logged in.

This is not fixed completely.

Steps:
1. Login into the system
2. Select "Switch user"
3. At the login screen, select Options -> Shutdown.
4. Anyone can shutdown the machine.

using 9.04

the issue is fixed in the karmic version

^ I don't know about that. I recently upgraded from 9.04 to 9.10 and I have the same problem!

If I try to shutdown from inside, it refuses if there are other users.
However, If I log out and shutdown from login screen, then ubuntu is absolutely fine with it !?!

This may be the worst flaw I've come across in Ubuntu! Please fix.

Reopening as "New" based on comment #19

could you not reopen old closed bugs? if you have an issue with new versions open a new bug, gdm has been rewritten and whatever was the bug there if there is one in lucid it's a different one and having a clean bug log will make work easier than hijacking a similar issues which has been deprecated