# Allowing regular users to suspend machine

## OdinsDream

I recently purchased a laptop, and got gentoo running on it. The keyboard has a function to suspend and resume the machine. This worked just fine for quite awhile. I emerge'd apmd recently, though, and now this button only turns off the screen, and doesn't cause the machine to suspend.

I can now only suspend the machine with apm -s as root. If possible, I'd like to get the button functionality back. If this isn't possible, then can I at least allow non-root users to execute apm -s?

----------

## masseya

I'm not particularly sure if this will apply to your situation, but it was a really innovative solution to a particular problem.  I have a friend who wanted to let his roommates use his laptop.  He decided that they would need a way to turn it off, but didn't want to give them the root password.  He created a user named halt with a dumb password and added the halt command in the login script of the user.  Everytime you login as that user the machine shuts off.   :Smile:   Perhaps you could do something similar?

----------

## zhenlin

There is a halt user in the gentoo baselayout:

halt:x:7:0:halt:/sbin:/sbin/halt

But isn't this a slight security risk? 

ssh halt@random.gentoo.org

Password: halt

Broadcast message from root at 12:40:28 AM

The system is going down NOW!

----------

## woboz

Not sure how to fix the buttons.  

Although sudo would work for allowing some users that ability to run certain commands only root could normally run.

----------

## OdinsDream

The button issue is quite annoying... but it's not crucial.

I've heard mention of "suid" and how to let regular users execute a program. How can I apply this to apm? 

The above solution isn't ideal, as I don't want to log out of the machine. However, giving everyone access to execute apm commands would be fine, I'm the only one who uses this machine anyway, as it's a laptop.

----------

## masseya

 *zhenlin wrote:*   

> There is a halt user in the gentoo baselayout:
> 
> halt:x:7:0:halt:/sbin:/sbin/halt
> 
> But isn't this a slight security risk? 
> ...

 

Do you know anyone who runs sshd on their laptop?  Otherwise, yeah, I'd say that's a huge security risk.  I certianly wouldn't do that on a desktop machine that runs sshd or on a server.

----------

## OdinsDream

 *Tristam29 wrote:*   

>  *zhenlin wrote:*   There is a halt user in the gentoo baselayout:
> 
> halt:x:7:0:halt:/sbin:/sbin/halt
> 
> But isn't this a slight security risk? 
> ...

 

While I'm not running sshd right now, I do run it while I'm at home... it's much easier to maintain the different machines from any one place that way.

----------

## masseya

You can always use a secure password for your halt user.  Then it's just as secure as your other users.  The downside is that now you can't tell a bunch of people how to turn off your machine easily.

----------

## sisyphus

I seem to remember that it is possible to have apmd run scripts when certain events occur. Since apmd is running as root, it can do whatever.

One of these events could certainly be pressing the suspend button.

I'll have a dig around tonight when I get home and try and figure out if its really possible.

----------

## OdinsDream

It's strange, Sometimes the suspend button (which is a keysequence... FN + F4) will cause the machine to suspend. Other times it only turns off the LCD (which is already a function of FN+F3)

So, I'm not too sure... Perhaps I can use xbindkeys to assign the keypress to appropriate commands, but is there a console equivalent to this tool?

----------

## sisyphus

Hmm. Fn-F2 is a Toshiba so I guess it's not at Tosh  :Smile: 

Did some reading, looks like this stuff should work out of the box with apmd. I did a little experiment with "showkey -s" and it seems that fn-[key] combinations don't actually make it to the OS as keypresses. In other words, the hardware is presumably sending an APM event instead (same when you shut the lid!). Have a quick shufty in your BIOS and make sure that the settings are as they should be. You should be able to configure the behaviour of such buttons and the lid button so that the BIOS sends appropriate messages to the OS.

What's the laptop manufacturer\model?

----------

## OdinsDream

IBM Thinkpad T21.

These things used to work... I'll check the BIOS and see what I can find. Thanks.

----------

## OdinsDream

Ok I'm just an idiot, linux is smarter than me...

...the button will suspend the machine if it's running on battery power. If it's on AC power, it will just blank the screen and spin down the harddisk.

...the reason it worked before was these events were being handled by the BIOS. When I installed apmd it began intercepting these events, and doing the appropriate things. Per it's default configuration, it won't suspend the machine if it's running on AC power and gets a system event. Manual suspension via apm -s of course still works, cause linux is awesome. The button works no matter which user is logged in.

----------

## sisyphus

Nice one mate  :Smile: 

Just to make you feel better. When I last has Slack on my Tec8K I spent a week or two thinking I had no sound (loads of errors from the OPLSA3 modules fooled me) until I finally figured out that....

You ... Have ... To ... Turn ... The ... VOLUME ... UP...   :Embarassed: 

Glad it's playin' nice. Gentoo on laptops really does the business.

----------

