Ubuntu
kdeutils package

klaptopdaemon has problems with rights in KDE 3.5.4 and 3.5.5 on Kubuntu

Bug #65659 reported by sputnik
2
Affects Status Importance Assigned to Milestone
kdeutils (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: klaptopdaemon

Only root ist able to change the profiles from "powersave" to "on demand" etc.

This means that the normal kicker-symbol is useless. One has to start a root-kicker-symbol to change.

On my laptop it is only possible to work concentrated in a calm mode of the fan. This means to start kcontrol and to enable the kicker-symbol for root after every startup of the system first.

Version in KDE 3.5.5 - 0.6.0-1ubuntu4

See original description
sputnik (sputnik)
description: updated
Revision history for this message
Sarah Kowalik (hobbsee-deactivatedaccount) wrote :

Is this still an issue with kde 3.5.7 on gutsy or feisty?

Changed in kdeutils:
status: New → Incomplete
Revision history for this message
sputnik (sputnik) wrote :

For Feisty: Yes. Nothing has changed.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for kdeutils (Ubuntu) because there has been no activity for 60 days.]

Revision history for this message
sputnik (sputnik) wrote :

Please reopen

Revision history for this message
sputnik (sputnik) wrote :

The key to this behaviour seems to be this text from the debian-helpfile. - However it would be great if Ubuntu could handle this smart!

klaptopdaemon and SUID permissions
----------------------------------

To allow ordinary users to control certain power management features,
klaptopdaemon's panel in the KDE Control Center has a button which prompts
the user to enter the root password (KDE Control Center --> Power Control
--> Laptop Battery, then the ACPI Config tab, then the Setup Helper
Application button). This button changes the permissions of
/usr/bin/klaptop_acpi_helper from "0755 root.root" to "6755 root.root",
and therefore grants all regular users extra power management abilities.
This has obvious security implications, and should not be done on any
system where all users are not trusted absolutely.

The standard klaptopdaemon changes the binary's permissions using chmod.
However, if an updated version of the Debian klaptopdaemon package
were then to be installed, it would reset the permissions, forcing the
sysadmin to reconfigure after each upgrade.

The Debian package has therefore been patched to use dpkg-statoverride to
permanently change the permissions of /usr/bin/klaptop_acpi_helper. The
override is removed and permissions reset if the package is removed or
purged. However, if the sysadmin wishes to remove the special permissions
of /usr/bin/klaptop_acpi_helper, they can do so at any time by issuing,
as root, the following commands:

dpkg-statoverride --remove /usr/bin/klaptop_acpi_helper
chown root:root /usr/bin/klaptop_acpi_helper
chmod 0755 /usr/bin/klaptop_acpi_helper

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.