7

The Linux desktop can perform several actions which is otherwise not available to the user when logged in from a terminal. Actions such as system shutdown, and changing system time are accessible only to a sudo user after entering the password. How does this work. Is there a root daemon running which takes command from the login user. Please guide me to the right answer.

I am running Ubuntu 13.10.

erch
  • 5,030
cnvzmxcvmcx
  • 527
  • 1
    There's no such thing as "the Linux desktop". What desktop environment are you using? – Mat Nov 30 '13 at 13:35
  • I am using Ubuntu 13.10 Unity (ubuntu-desktop) . I presumed the idea is same across distros, hence asked here instead of askubuntu. – cnvzmxcvmcx Nov 30 '13 at 13:40
  • It's not a matter of distro, it's a matter of which desktop environment you use - KDE might not do it the same way as Gnome does, nor as Unity does. (They might all use the same technique though.) – Mat Nov 30 '13 at 13:44
  • Probably the answers/comments on "how things work under the hood (a.k.a. GUI)" here -> http://unix.stackexchange.com/questions/101074/how-does-mounting-on-the-gui-work-under-the-hood, explained on the example of mount(ing) might help a bit in understanding. I, personally, chew heavily on them at the moment – erch Nov 30 '13 at 14:05
  • @Mat AFAIK they've all standardized on D-Bus now. – Gilles 'SO- stop being evil' Nov 30 '13 at 17:53

1 Answers1

6

Currently on Ubuntu, the actual shutdown is performed by console-kit-daemon, the ConsoleKit daemon, which runs with root privileges. The ConsoleKit daemon receives the shutdown request from the desktop panel application via D-Bus. The policy that allows unprivileged processes to speak to privileged processes is handled by polkit (formerly PolicyKit). You can emulate the ConsoleKit invocation via dbus-send if you wish. In particular, to tell ConsoleKit to perform a shutdown you can do:

dbus-send --system --print-reply --dest="org.freedesktop.ConsoleKit" \
/org/freedesktop/ConsoleKit/Manager org.freedesktop.ConsoleKit.Manager.Stop

On Ubuntu, ConsoleKit replaced the Hardware Abstraction Layer (HAL), a subsystem aimed to allow desktop applications to discover and use the hardware of the host system through a portable and abstract API, regardless of the type of the underlying hardware. HAL is today deprecated in most Linux distributions. The equivalent dbus-send invocation using HAL is:

dbus-send --print-reply --system --dest=org.freedesktop.Hal \ 
/org/freedesktop/Hal/devices/computer/org.freedesktop.Hal.Device.SystemPowerManagement.Shutdown

Currently, ConsoleKit is not actively maintained. The focus of the freedesktop.org project has shifted towards the built-in seat/user/session management of the systemd init system called systemd-logind. How this will affect distributions who adopted their own init systems, like upstart in Ubuntu, remains to be seen.

Thomas Nyman
  • 30,502