ConsoleKit Inhibit API
Summary
Make ConsoleKit follow the inhibit pattern for its shutdown apis.
Owner
- Name: William Jon McCann, Matthias Clasen
- Email: jmccann@redhat.com, mclasen@redhat.com
Current status
- Targeted release: Fedora 15
- Last updated: 2010-02-08
- Percentage of completion: 75%
An initial API proposal has been sent to the gdm mailing list here. The ConsoleKit part has been implemented here. The gnome-session part is under development here
Detailed Description
ConsoleKit offers an API for shutting down the system, with the Restart() and Stop() methods. These require different PolicyKit privileges, depending on the number of logged in users.
This api is very simple, but it has a number of problems:
- It does not even attempt to inform those other users about the impending shutdown, or give them a chance to save their documents.
- It forces the user to do all pre-shutdown preparations (e.g. saving open documents) before initiating the shutdown. This can lead to the user doing a full logout, closing all open apps, etc, only to find out at the end that he doesn't have the necessary privileges to initiate the shutdown.
- Similarly, if he decides to cancel the shutdown because other users are still logged in, it is already too late: he own session will proceed to log out after he cancelled the authentication dialog.
- It does not allow to block shutdown if an uninterruptible operation is under way, such as a software update or a system backup.
We need a better API, to satisfy the following goals:
- Inform the initiator that other users are logged in.
- Give all sessions a chance to close in an orderly fashion on Restart/Stop.
- Ensure that the initiator has sufficient privileges for the Reboot/Shutdown before starting to log him out of his session.
- Allow to inhibit Restart/Stop when uninterruptible operations are under way.
Desktop/Whiteboards/InhibitApis has some general musings about the type of api that might be good for this.
Benefit to Fedora
The multi-user experience of Fedora is improved and Fedora gains a Reboot/Shutdown UI that works with PolicyKit 1.0.
Scope
This feature requires addition of new API in ConsoleKit. gnome-session needs to be patched to use the new API, and needs some UI enhancements for multi-user scenarios.
Some system services may benefit from using the new ConsoleKit inhibit api: DeviceKit-disks, PackageKit, backup apps.
Test Plan
Restart/Stop the system with one or multiple users logged in. Repeat while a disk is formatted by DeviceKit-disks. Repeat while updates are being installed by PackageKit. Verify that the system behaves as expected and respects PolicyKit configuration.
User Experience
Here is how the user experience should look for a user initiating a reboot:
- Click Restart button
- Possibly get an auth dialog, depending on PolicyKit configuration
- Possibly get an inhibit dialog saying there are some other users logged in, and some apps in my own session inhibit the shutdown. The users will be displayed similarly to the gdm greeter, with their name and photo. The dialog has 'Cancel' and 'Restart anyway' buttons.
- Go through those apps and close them
- While doing that, the inhibit dialog updates the list of inhibiting applications and logged in users
- Wait a little longer for remaining users to log out
- After a while, the system restarts
Here is how the user experience should look for a user when a user in another session initiates a reboot:
- A dialog pops up, informing the user that the system is about to reboot. The dialog looks similar to the current inhibit dialog, listing the inhibing applications
- Go through those apps and save unusaved documents, then proceed to log out
- Briefly thereafter, the system restarts
Dependencies
None.
Contingency Plan
Stay with the current approach of making gnome-session work with PolicyKit 1 and the current ConsoleKit api. The user experience will be suboptimal.
Documentation
None yet.
Release Notes
None should be necessary.