When system is locked and I want to shutdown or hibernate it, I have to login again to be able to do it. It would be great if there was a possibility to do this from the lockscreen.
We used to have this. We removed it as it creates a security issue (a not-logged in user is able to interrupt the session of the running users).
Note that I am a user worried about security, but I see room for improvement here (also, in my opinion this is as unsecure as allowing users enter their session without password. The distinction is arbitrary to my eyes_. There could be a compromise here. So when one wants hits a turn-off/reboot buttong in the lock screen: 1. A message appears asking for the password to proceed 2. With focus on the text box to introduce the password 3. Once correctly introduced, the lock screen does not enter the session, but directs to plymouth. For people not really bothering about security, point 1. and 2. could be made optional (default settings keeping those steps). The rationale is: - Why does one want to enter the session to look for a shutdown/reboot button somewhere? - Why not to add the buttons directly to the screen locker and ask for the password just in there?
Sorry but i have to call bullshit on the "security issue". Anyone with physical access to the computer can just hold the poweroff button. Leave it as a simple configurable option if the community is divided. A common scenario for me: Laptop sometimes will wake up from suspend, often when i go home from work and the moment i realize is when it's getting hot in the bag. Some members have said "just enter the password", but having to balance the laptop on my knee while typing in 20+ characters of password is not fun so i just force it off.
(In reply to Meelis from comment #3) > A common scenario for me: Laptop sometimes will wake up from suspend, often > when i go home from work and the moment i realize is when it's getting hot > in the bag. Some members have said "just enter the password", but having to > balance the laptop on my knee while typing in 20+ characters of password is > not fun so i just force it off. A workaround: Lock Screen: Switch User -> Start New Session. The SDDM greeter will pop with the all options. No passwords asked to restart/shutdown... Workaround is working, at here, with: Plasma 5.12.5 / 5.12.90 KF 5.46.0
(In reply to Rog131 from comment #4) > A workaround: > > Lock Screen: Switch User -> Start New Session. The SDDM greeter will pop > with the all options. No passwords asked to restart/shutdown... > > Workaround is working, at here, with: > Plasma 5.12.5 / 5.12.90 > KF 5.46.0 A quick clip with the Beaver: https://youtu.be/DYeIajIejA8
I also disagree regarding the security issue stuff. @Rog131 makes it clear that it makes no sense. If you wanted that, to be consistent, you should also remove the ability to switch users. If another user can shutdown the system, you have the same risks. As suggested in this reddit thread (https://www.reddit.com/r/kde/comments/80bkgi/why_there_are_no_turnoff_restart_buttons_on_the/), if that's the concern the best way to address it would be to keep the buttons but query the user for his password.
In Kubuntu 18.10, it seems that installing polkit-kde* solves this issue.
The view of the KWin maintainers have changed on this last year in fact during the Plasma 2019 Sprint but did not have time to re-implement-it. Hibernate could be offered by default but Shutdown and Restart won't be accessible by default (or at least as long as there users logged-in) in Breeze. Sddm theme designer (or tinkerers) will be able to add them to their theme as they want.
I recall during our discussion in Valencia that we agreed restart and shutdown would be needed too--particularly for the case of PlaMo, where being able to shut down or reboot your phone from the lock screen is a requirement.
I want to suggest another way to solve this problem that sidesteps the password vs physical access issue. So ok, don`t show shutdown/etc buttons in the lockscreen since these can be clicked accidentally/maliciously. Since I think we call all agree that physical access to the power/sleep buttons computer give users the ability to force a shutdown, why not do it gracefully. Therefore if the user presses the shutdown/sleep buttons _while in the lock screen_, **respect** the behavior of these buttons as per the energy savings settings; ie, show the shutdown prompt or shutdown/reboot/sleep accordingly. So instead of entering a password, you just press a button which is much faster (and possibly an extra enter to confirm depending on power saving options as mentioned above). Also, shutdown buttons are generally designed to prevent accidental presses, which gives an extra layer of convenience. @avlas proposal is also viable for remote sessions, but I think it does not really address the issue. PD: On Kubuntu 20.04, kded5 5.68.0, the workaround described by @Rog131 still works, so I can still shutdown by clicking "switch user" then "shutdown". Also, installing polkit-* no longer provides a workaround.
That's already tracked with Bug 392798.
Isn't this mostly a duplicate of the significantly older Bug 336369, or is this supposed to be Bug 336369 + Bug 392798 ? Generally it seems like fragmentation of discussion isn't ideal as in the end whether the operation is initiated with a HID device or with an ACPI event, the problem is the security consideration. Regarding the security aspect, for those with not much imagination I'd recommend to envision a setup where only a keyboard and a mouse is available to the user, the host itself isn't in reach. There are other possible setups, and even if they aren't the most common, one of the charms of KDE is usually striking a quite okay balance between security and convenience with default settings, and covering a lot of use cases with settings. It's definitely interesting though that in this case there seems to be really just a regression in convenience instead of improvement in security: - Not sure if it's a result of me enabling hibernation with overly permissive configuration a while ago, but hibernate and sleep options are present for me by default which are not as bad as shutdown and restart, but can be still disruptive - Initiating user switching really still present restart and shutdown options as of Plasma 5.27.8, and they do work, so there was no security improvement, just some obfuscation I generally do agree with the idea that most setups are likely to be single user, so this is a low priority issue, but I can envision a single checkbox option controlling whether these controls should be available without authentication covering common needs: - Single user setups could have convenient controls - Multi-user / more secure setups would still need to login first, but would have the desired security It's likely a good idea though to revert the change that ended up being just security through obscurity, both confusing a lot of users thinking a feature is missing, and also giving the false sense of security.