Features/ConsoleKitInhibitAPI

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
(Detailed Description)
(Current status)
 
(9 intermediate revisions by one user not shown)
Line 10: Line 10:
  
 
== Current status ==
 
== Current status ==
* Targeted release: [[Releases/12| Fedora 12]]  
+
* Targeted release: [[Releases/15| Fedora 15]]  
* Last updated: 2009-05-14
+
* Last updated: 2010-02-08
* Percentage of completion: 10%
+
* Percentage of completion: 75%
 +
 
 +
An initial API proposal has been sent to the gdm mailing list [http://mail.gnome.org/archives/gdm-list/2009-June/msg00007.html here]. The ConsoleKit part has been implemented [http://bugs.freedesktop.org/show_bug.cgi?id=24493 here]. The gnome-session part is under development [http://bugzilla.gnome.org/show_bug.cgi?id=585614 here]
  
 
== Detailed Description ==
 
== Detailed Description ==
Line 22: Line 24:
 
* It forces the user to do all pre-shutdown preparations (e.g. saving open documents) before initiating the shutdown. This can lead to the user doing a full logout, closing all open apps, etc, only to find out at the end that he doesn't have the necessary privileges to initiate the shutdown.
 
* It forces the user to do all pre-shutdown preparations (e.g. saving open documents) before initiating the shutdown. This can lead to the user doing a full logout, closing all open apps, etc, only to find out at the end that he doesn't have the necessary privileges to initiate the shutdown.
 
* Similarly, if he decides to cancel the shutdown because other users are still logged in, it is already too late: he own session will proceed to log out after he cancelled the authentication dialog.
 
* Similarly, if he decides to cancel the shutdown because other users are still logged in, it is already too late: he own session will proceed to log out after he cancelled the authentication dialog.
 +
* It does not allow to block shutdown if an uninterruptible operation is under way, such as a software update or a system backup.
 
   
 
   
 
We need a better API, to satisfy the following goals:
 
We need a better API, to satisfy the following goals:
Line 27: Line 30:
 
* Give all sessions a chance to close in an orderly fashion on Restart/Stop.
 
* Give all sessions a chance to close in an orderly fashion on Restart/Stop.
 
* Ensure that the initiator has sufficient privileges for the Reboot/Shutdown before starting to log him out of his session.
 
* Ensure that the initiator has sufficient privileges for the Reboot/Shutdown before starting to log him out of his session.
 +
* Allow to inhibit Restart/Stop when uninterruptible operations are under way.
  
 
[[Desktop/Whiteboards/InhibitApis]] has some general musings about the type of api that might be good for this.
 
[[Desktop/Whiteboards/InhibitApis]] has some general musings about the type of api that might be good for this.
Line 37: Line 41:
  
 
This feature requires addition of new API in ConsoleKit. gnome-session needs to be patched to use the new API, and needs some UI enhancements for multi-user scenarios.
 
This feature requires addition of new API in ConsoleKit. gnome-session needs to be patched to use the new API, and needs some UI enhancements for multi-user scenarios.
 +
 +
Some system services may benefit from using the new ConsoleKit inhibit api: DeviceKit-disks, PackageKit, backup apps.
  
 
== Test Plan ==
 
== Test Plan ==
  
# Get a pile of frozboz devices.
+
Restart/Stop the system with one or multiple users logged in.
# Run the latest frozboz testsuite on i386 and x86_64 platforms
+
Repeat while a disk is formatted by DeviceKit-disks.
# Work with Fedora QA to ensure that we have sufficient coverage
+
Repeat while updates are being installed by PackageKit.
 +
Verify that the system behaves as expected and respects
 +
PolicyKit configuration.
  
 
== User Experience ==
 
== User Experience ==
Line 66: Line 74:
 
== Contingency Plan ==
 
== Contingency Plan ==
  
Use the patch in [http://bugzilla.redhat.com/show_bug.cgi?id=497619 497619] to make gnome-session work with PolicyKit 1 and the current ConsoleKit api. The user experience will be suboptimal.
+
Stay with the current approach of making gnome-session work with PolicyKit 1 and the current ConsoleKit api. The user experience will be suboptimal.
  
 
== Documentation ==
 
== Documentation ==

Latest revision as of 13:48, 24 November 2010

Contents

[edit] ConsoleKit Inhibit API

[edit] Summary

Make ConsoleKit follow the inhibit pattern for its shutdown apis.

[edit] Owner

  • Name: William Jon McCann, Matthias Clasen
  • Email: jmccann@redhat.com, mclasen@redhat.com

[edit] Current status

  • Targeted release: Fedora 15
  • Last updated: 2010-02-08
  • Percentage of completion: 75%

An initial API proposal has been sent to the gdm mailing list here. The ConsoleKit part has been implemented here. The gnome-session part is under development here

[edit] Detailed Description

ConsoleKit offers an API for shutting down the system, with the Restart() and Stop() methods. These require different PolicyKit privileges, depending on the number of logged in users.

This api is very simple, but it has a number of problems:

  • It does not even attempt to inform those other users about the impending shutdown, or give them a chance to save their documents.
  • It forces the user to do all pre-shutdown preparations (e.g. saving open documents) before initiating the shutdown. This can lead to the user doing a full logout, closing all open apps, etc, only to find out at the end that he doesn't have the necessary privileges to initiate the shutdown.
  • Similarly, if he decides to cancel the shutdown because other users are still logged in, it is already too late: he own session will proceed to log out after he cancelled the authentication dialog.
  • It does not allow to block shutdown if an uninterruptible operation is under way, such as a software update or a system backup.

We need a better API, to satisfy the following goals:

  • Inform the initiator that other users are logged in.
  • Give all sessions a chance to close in an orderly fashion on Restart/Stop.
  • Ensure that the initiator has sufficient privileges for the Reboot/Shutdown before starting to log him out of his session.
  • Allow to inhibit Restart/Stop when uninterruptible operations are under way.

Desktop/Whiteboards/InhibitApis has some general musings about the type of api that might be good for this.

[edit] Benefit to Fedora

The multi-user experience of Fedora is improved and Fedora gains a Reboot/Shutdown UI that works with PolicyKit 1.0.

[edit] Scope

This feature requires addition of new API in ConsoleKit. gnome-session needs to be patched to use the new API, and needs some UI enhancements for multi-user scenarios.

Some system services may benefit from using the new ConsoleKit inhibit api: DeviceKit-disks, PackageKit, backup apps.

[edit] Test Plan

Restart/Stop the system with one or multiple users logged in. Repeat while a disk is formatted by DeviceKit-disks. Repeat while updates are being installed by PackageKit. Verify that the system behaves as expected and respects PolicyKit configuration.

[edit] User Experience

Here is how the user experience should look for a user initiating a reboot:

  1. Click Restart button
  2. Possibly get an auth dialog, depending on PolicyKit configuration
  3. Possibly get an inhibit dialog saying there are some other users logged in, and some apps in my own session inhibit the shutdown. The users will be displayed similarly to the gdm greeter, with their name and photo. The dialog has 'Cancel' and 'Restart anyway' buttons.
  4. Go through those apps and close them
  5. While doing that, the inhibit dialog updates the list of inhibiting applications and logged in users
  6. Wait a little longer for remaining users to log out
  7. After a while, the system restarts

Here is how the user experience should look for a user when a user in another session initiates a reboot:

  1. A dialog pops up, informing the user that the system is about to reboot. The dialog looks similar to the current inhibit dialog, listing the inhibing applications
  2. Go through those apps and save unusaved documents, then proceed to log out
  3. Briefly thereafter, the system restarts

[edit] Dependencies

None.

[edit] Contingency Plan

Stay with the current approach of making gnome-session work with PolicyKit 1 and the current ConsoleKit api. The user experience will be suboptimal.

[edit] Documentation

None yet.

[edit] Release Notes

None should be necessary.