GNOME Bugzilla – Bug 343194
users-admin should warn the user of what he's doing when unselecting the administration group
Last modified: 2009-12-13 22:08:59 UTC
That bug has been described on https://launchpad.net/distros/ubuntu/+source/gnome-system-tools/+bug/25947 "When you haven't activated the possibility to login as a root user under the security tab of the settings of the Gnome Login Manager and/or you haven't given the root user a real password, replacing the randomly created, you won't be able to make administrative tasks under the graphical enivoronment ... I think the point is simply that if you have no users in the sudo group, you can't do anything as root anymore. I'm not about to try it out now, but I would imagine logging in to recovery mode would get around the problem. A nice solution would be to check if the sudo group has any members left whenever: * Trying to delete a user * Trying to remove a user from a group If the action would leave the sudo group empty, deny the action."
Still an issue with 2.15.4
Created attachment 92854 [details] [review] Provides many helpful warnings when about to "criple" your own account This patch warns when the user who started the app is about to remove their own admin privs. It also prevents the user from deleting themselves. By "user" I mean the user who invoked sudo/gksu/gksudo to start the app (because, of course, the app runs as root). NOTE: this will not work if invoked by su because su does not set the env var SUDO_UID. I have created a new file called gst-common.[ch] which has the routine to get the user's id who invoked sudo/gksu/gksudo because I figured other apps may need that function in the future so it is in a common place. I also had to alter the make file (I hope I did it right) to build it. Also, there is a FIXME which would want to check if a user is currently logged on before deleting. I have layed the framework for that by using a dialog box that asks if you would like to kick the current user before deletion. (I figure if I was an admin deleting someones account and they were on my system I would want them off fast). The methods for checking if a user is logged on vary between OSes so we should use something like oobs_user_check_logged_in, and oobs_user_kill_all_pids.
Created attachment 92894 [details] [review] Provides warning when removing self from admin users This patch provides a warning when removing yourself from the admin group. It can only work if you start the users-admin from sudo, gksu, or gksudo, because it sets the env var SUDO_UID. It will not work from SU. My other patch also warned when removing deleting your account but I will handle that differently in another patch. So this simply warns if a user is about to remove themselves from the admin group.
I suspect that nice patch is sadly obsolete now that we're using PolicyKit. Can you confirm we need another way of solving that bug? Thanks, and sorry for that!
We should still be able to take some parts of the patch, adapting it to work with OobsSelfConfig.
Fix with dea27ce554add6ece8116dfac4c926d701528f1d: Add checks when removing admins or admin rights When deleting an user, check that it's not the only amdin account left. If that's the case, show an error dialog and block deletion. When removing admin rights from an account, warn if the selected user is the current one (i.e. the one corresponding to OobsSelfConfig). Refuse to remove the admin rights of the last admin left on the system. This is supported either when moving from a profile implying admin membership to a non-admin one, or when unselecting the admin privilege in the privileges table. People can still lose admin rights when tweaking groups membership, but they must know what they are doing...