On 5/10/24 12:05, Lew Wolfgang wrote:
Hi Folks,
I've searched a bit but haven't found a satisfying answer to my issue.
The problem occurs when a non-root user connects to a server using xrdp. This user then has full authorization to halt/reboot the server using the KDE halt or reboot buttons, not exactly an ideal situation.
So how can I disable remote xrdp-connected users from rebooting or halting the server? This would also stop users from rebooting/halting the server when directly sitting at the console, which may not exist anyway.
Thanks to those folks who commented on this question. I found a partial solution after thinking about it a bit. Having buttons that can sleep, hibernate, reboot, and halt the system available to the user sitting in front of the console of a desktop makes perfect sense. The problem appears when a user connects to that desktop remotely. I remembered that I used the "Desktop" pattern when installing the server software! So I checked in yast2 under the Security Center and selected Network Server under the Preconfigured Security Configurations option. That fixed the problem! Either a window prompting for the root password appears, or the xrdp session closes. The server continues to run as desired. Having the buttons still there could be confusing to some users, but at least they can't crash the server. Regards, Lew