openSuSE 11.1 and Xfce 4.4.3 xfsm-shutdown-helper

I have read numerous posts on the web regarding issues with being able to shutdown from an Xfce session but have yet to stumble upon an answer. Both my shutdown and restart buttons are enabled but when I click either of them they only result in a logout action. I see from the Xfce wiki that the default starting at version 4.4 is to use hal but I have tried to setup for both alternatives. I have added two lines to my /etc/sudoers file:

In the user alias area: User_Alias USRSHUTDOWN = ron
and at the bottom of the file: USRSHUTDOWN ALL=(root)NOPASSWD:/usr/lib/xfsm-shutdown-helper

I’ve tried a number of variants on the above scheme w/wo User_Alias, w/wo (root) all to no avail, all that happens is a logout when I select the shutdown button from the quit dialog. I have manually invoked xfsm-shutdown-helper from a command line and get the following:

/usr/lib/xfsm-shutdown-helper
XFSM_SUDO_DONE <cr>
FAILED

Looking into the hal approach and checking the /etc/dbus-1/system.d/hal.conf file I see a comment that anyone is allowed to invoke methods on the manager and device interfaces. While I don’t understand what the <policy context = “default”> statement actually means I’ll believe the comment and go with a special group does not need to exist to use the dbus/hal interface.

This just doesn’t seam like it should be hard so I assume I’m missing something obvious but being relatively new to unix and a first time Xfce user I’m at a loss. Help from anyone with some ideas/experience in this area would be greatly appreciated.

TIA
Ron

It is not a bug, it is a feature :slight_smile:
XFCE calls “xfsm-shutdown-helper” which calls “shutdown”. But, PolicyKit will not let “shutdown” shutdown unless the user is granted the authority.

For a “desktop” system that wants to protect itself from casual attacks (and “puzzled penguins”), but still grant the user control of their system, run the following as “root”:

USER=<your_userid>
polkit-auth --show-obtainable | while read OPT; do
polkit-auth --user $USER --grant $OPT
done

Where <your_userid> is the name of your unprivileged account.

in case somebody ever wonders, this worked for me, but i had to write my user name instead of user id.