path: root/data/etc
diff options
authorCarsten Haitzler <raster@rasterman.com>2006-09-03 08:51:32 +0000
committerCarsten Haitzler <raster@rasterman.com>2006-09-03 08:51:32 +0000
commit34d6645d66fca6b5c16fa8c0e3ae4c49a884182d (patch)
tree3b3fc283481289134c5070a021e751ea396cd493 /data/etc
parent155f502a8c3e3790b66598f48c31bf4c54a419f9 (diff)
lots of freaky stuff.
1. cleaned up actions for restart and exit 2. made main menu cleaner in just using the actions 3. added ilits unselect calls for ilist smart and widget 4. patch for cpufreq to set all cpu clocks 5. fix battery module to handle broken acpi impl's that don't report drain rate 6. add e_sys subsystem - for executing system sensitive stuff like halt, reboot suspend, hibernate etc. this also covers exit, restart and logout. logout is currently dormant and just an action - not bound or in a menu. not complete anyway (no code for it). halt and reboot should probably use logout logic to shut down apps - i will recycle it. i added a suid root binary to do the actions - uses a system config (default one supplied that is secure - root will need to modify it to allow things). 7. fixed suid install hook for cpufreq 8. added sysconf dir to build for sys config file. 9. pants on SVN revision: 25395
Diffstat (limited to 'data/etc')
3 files changed, 63 insertions, 0 deletions
diff --git a/data/etc/.cvsignore b/data/etc/.cvsignore
new file mode 100644
index 000000000..9a4d3f774
--- /dev/null
+++ b/data/etc/.cvsignore
@@ -0,0 +1,3 @@
diff --git a/data/etc/Makefile.am b/data/etc/Makefile.am
new file mode 100644
index 000000000..13108007e
--- /dev/null
+++ b/data/etc/Makefile.am
@@ -0,0 +1,6 @@
+filesdir = $(sysconfdir)/enlightenment
+files_DATA = \
+EXTRA_DIST = $(files_DATA)
diff --git a/data/etc/sysactions.conf b/data/etc/sysactions.conf
new file mode 100644
index 000000000..72ff13fe6
--- /dev/null
+++ b/data/etc/sysactions.conf
@@ -0,0 +1,54 @@
+# This is a system configuration for allowing or denying certain users or
+# groups to be able to do certain actions that involve system restricted
+# actions such as halt, reboot, suspend, hibernate etc.
+# This file is read in order from top to bottom - the first rule to MATCH
+# will be used for a user or a group, and nothing after that is read.
+# You must put all the ACTION definitons BEFORE user and group rule matches.
+# Any action definitons after a rule match has been found will be ignored.
+# This allows actions to be re-defined for different user groups, so matches
+# so the command for an action can change for matches to the rules later on.
+# Any user or group NOT matched by an allow or a deny will be ALLOWED to
+# perform the action by default (system administrators should be aware of
+# this and implement whatever policies they see fit). Generally speaking
+# a user of a workstation, desktop or laptop is intended to have such abilities
+# to perform these actions, thus the default of allow. For multi-user systems
+# the system administrator is considerd capable enough to restrict what they
+# see they need to.
+# A WARNING to admins: do NOT allow access for users to this system remotely
+# UNLESS you fully trust them or you have locked down permissions to halt/reboot
+# suspend etc. here first. You have been warned.
+# action: halt /sbin/shutdown -h now
+# action: reboot /sbin/shutdown -r now
+# action: suspend /etc/acpi/sleep.sh force
+# action: hibernate /etc/acpi/hibernate.sh force
+# user: username allow: halt reboot suspend hibernate
+# group: groupname deny: *
+# group: * deny: *
+# user: * allow: suspend
+# user: billy allow: halt reboot
+# group: staff deny: halt suspend hibernate
+# etc.
+# user and group name can use glob matches (* == all for example) like the
+# shell. as can action names allowed or denied.
+action: halt /sbin/shutdown -h now
+action: reboot /sbin/shutdown -r now
+action: suspend /etc/acpi/sleep.sh force
+action: hibernate /etc/acpi/hibernate.sh force
+user: root allow: *
+group: operator allow: *
+group: staff allow: *
+user: * deny: *