selectively denying the same user access to the same actions
Antoine Martin
antoine at nagafix.co.uk
Mon Oct 26 12:38:39 PDT 2009
Hi,
In a virtual desktop environment, the same user may have both a full
desktop (ie on display :0) and many other desktops via Xvnc.
How can I ensure that only the main desktop is allowed to
reboot/shutdown the box?
It looks to me like PolicyKit cannot make the distinction based on where
the client is when the request is made? (or am I missing something?)
There is also the problem that the virtual desktops being launched may
be anything from a full Gnome/KDE desktop to lean matchbox/fluxbox.
Those may not be PolicyKit aware either...
If PolicyKit is not the right tool for this problem, can you suggest
which way to look for solutions?
Thanks
Antoine
More information about the polkit-devel
mailing list