Ubuntu
xfce4-session package

systemd-inhibit authentication ignored by suspend request

Bug #1615612 reported by peterthevicar
264
This bug affects 2 people
Affects Status Importance Assigned to Milestone
xfce4-session (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

xubuntu 16.04

I sometimes run a media server (MediaTomb) with systemd-inhibit to prevent shutdown or suspend from accidentally killing the server.

If I forget that the server is running and click on the xfce log out button and choose the suspend option, the system correctly puts up an authentication dialog saying:

"Authentication is required for suspending the system while an application asked to inhibit it"

HOWEVER if I dismiss the authentication request (press [Esc]) the system suspends anyway.

A secondary issue is that the authentication dialog shows BELOW the log out dialog (see screenshot).

I've marked it as a security issue because a request for authentication is being ignored but you may well feel it's not a serious issue (being able to suspend a system when you're not allowed to doesn't sound catastrophic!) in which case do downgrade it.

HTH, Peter

~$ lsb_release
LSB Version: core-9.20160110ubuntu0.2-amd64:core-9.20160110ubuntu0.2-noarch:printing-9.20160110ubuntu0.2-amd64:printing-9.20160110ubuntu0.2-noarch:security-9.20160110ubuntu0.2-amd64:security-9.20160110ubuntu0.2-noarch
~$ apt-cache policy xfce4-power-manager
xfce4-power-manager:
  Installed: 1.4.4-4ubuntu2
~$ systemd-inhibit --list
     Who: NetworkManager (UID 0/root, PID 2559/NetworkManager)
    What: sleep
     Why: NetworkManager needs to turn off networks
    Mode: delay

     Who: mediatomb server (UID 0/root, PID 19323/systemd-inhibit)
    What: shutdown:sleep:handle-power-key:handle-suspend-key:handle-lid-switch
     Why: Prevent shutdown of media server
    Mode: block

     Who: xfce4-power-manager (UID 1000/peter, PID 3902/xfce4-power-man)
    What: handle-power-key:handle-suspend-key:handle-hibernate-key:handle-lid-switch
     Why: xfce4-power-manager handles these events
    Mode: block

3 inhibitors listed.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: xfce4-power-manager 1.4.4-4ubuntu2
ProcVersionSignature: Ubuntu 4.4.0-34.53-generic 4.4.15
Uname: Linux 4.4.0-34-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CurrentDesktop: XFCE
Date: Mon Aug 22 12:49:04 2016
InstallationDate: Installed on 2016-05-12 (101 days ago)
InstallationMedia: Xubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
SourcePackage: xfce4-power-manager
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
peterthevicar (peterbcs) wrote :
Emily Ratliff (emilyr)
Changed in xfce4-power-manager (Ubuntu):
status: New → Confirmed
Revision history for this message
Emily Ratliff (emilyr) wrote :

I was able to reproduce this bug (Ubuntu 16.04.1 + xfce). I used a test program rather than MediaTomb. When I tried to shutdown, I was presented an authentication popup as above and when I Esc'd out of it, I was logged out and the inhibited process was killed. The system did not shutdown.

Subscribing Xubuntu-developers, please have a look.

Changed in xfce4-power-manager (Ubuntu):
assignee: nobody → Xubuntu Developers (xubuntu-dev)
assignee: Xubuntu Developers (xubuntu-dev) → nobody
Seth Arnold (seth-arnold)
information type: Private Security → Public Security
Alberto Salvia Novella (es20490446e)
Changed in xfce4-power-manager (Ubuntu):
importance: Undecided → Low
Revision history for this message
Theo Linkspfeifer (lastonestanding) wrote :

Does this bug affect 18.04 also?

affects: xfce4-power-manager (Ubuntu) → xfce4-session (Ubuntu)
Revision history for this message
peterthevicar (peterbcs) wrote :

18.04 is actually slightly different. What happens now is that when you click on Suspend, the screen goes black, as though the screensaver had started. When you move the cursor etc, you get the unlock dialog, again as though returning from the screensaver. You are then faced with a blank window the same shape as the restart/logout/suspend dialog with the authentication request below and not selectable. You then need to use, e.g. Alt-TAB to select the authentication window and then use Alt-F4 to close it. So it's not good, but on the other hand it's not overriding the inhibit so from a security point of view it's better.
Best wishes, Peter

Revision history for this message
Theo Linkspfeifer (lastonestanding) wrote :

I have checked the Xfce bug tracker and found this report:

https://bugzilla.xfce.org/show_bug.cgi?id=10581

It describes the issue with the bad positioning of the authentication window.

So, the problem in 18.04 is that the restart/logout/suspend dialog remains visible/glitched after initiating the suspend process, correct?

Revision history for this message
peterthevicar (peterbcs) wrote :

Yes, that's the display issue; I suppose the only extra strangeness with this is that it goes straight into the screen-saver / lock. Either way I think we could call this one completed and the discussion can continue at 10581. Thanks for looking into it.

Revision history for this message
Theo Linkspfeifer (lastonestanding) wrote :

It is still not clear what has caused the inhibit bug, and what has fixed it. There have been no changes in xfce4-session, so it could have been something in systemd or polkit.

Regardless of that, I will mark this bug as fixed in xfce4-session.

Changed in xfce4-session (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.