by Anthony Ewel » Mon, 03 Mar 2003 10:05:44
Not to ask too stupid of a question, but what
governs who can shutdown their computer? (I have
always had root privileges and it has never been
an issue. Now I have to give some non-root users
shutdown privileges and other no privileges.)
Many thanks,
--Tony
--
-------------------------
I Fish. Therefore, I am.
-------------------------
by Davi » Mon, 03 Mar 2003 11:02:02
> Not to ask too stupid of a question, but what
> governs who can shutdown their computer? (I have
> always had root privileges and it has never been
> an issue. Now I have to give some non-root users
> shutdown privileges and other no privileges.)
--
Confucius: He who play in root, eventually kill tree.
Registered with the Linux Counter. http://counter.li.org
Slackware 9.0-beta Linux 2.4.20tbls i686 (GCC) 3.2.2
Uptime: 10 days, 4:22, 1 user, load average: 1.01, 1.10, 1.10
by Frank Neurat » Mon, 03 Mar 2003 15:06:13
> Not to ask too stupid of a question, but what
> governs who can shutdown their computer? (I have
> always had root privileges and it has never been
> an issue. Now I have to give some non-root users
> shutdown privileges and other no privileges.)
> Many thanks,
> --Tony
Frank
by Adam » Mon, 03 Mar 2003 17:17:31
>> Hi All,
>> Not to ask too stupid of a question, but what
>> governs who can shutdown their computer? (I have
>> always had root privileges and it has never been
>> an issue. Now I have to give some non-root users
>> shutdown privileges and other no privileges.)
>> Many thanks,
>> --Tony
> This concerns a security issue, since when someone can reboot a system, he
> could use a boot-CD/-floppy (if enabled in the BIOS), could introduce
> parameter to the boot manager etc.
by Jem Berke » Mon, 03 Mar 2003 18:08:21
or just take your hard driveQuote:> True, but someone who has physical access to the machine anyway could
> just hit the reset or power button to boot with a floppy.
--
Jem Berkes
http://www.pc-tools.net/
Windows, Linux & UNIX software
by Wojtek Walcza » Mon, 03 Mar 2003 18:50:18
Take a look at sudo: <http://www.courtesan.com/sudo/>.Quote:> Not to ask too stupid of a question, but what
> governs who can shutdown their computer? (I have
> always had root privileges and it has never been
> an issue. Now I have to give some non-root users
> shutdown privileges and other no privileges.)
--
[ ] gminick (at) underground.org.pl http://gminick.linuxsecurity.pl/ [ ]
[ "Po prostu lubie poranna samotnosc, bo wtedy kawa smakuje najlepiej." ]
by Robert Tinsle » Mon, 03 Mar 2003 22:27:52
--
http://www.thepoacher.net/contact
by Robert Tinsle » Mon, 03 Mar 2003 22:33:59
From shutdown(8):
: If shut-
: down is called with the -a argument (add this to the invocation of
: shutdown in /etc/inittab), it checks to see if the file /etc/shut-
: down.allow is present. It then compares the login names in that file
: with the list of people that are logged in on a virtual console (from
: /var/run/utmp). Only if one of those authorized users or root is logged
: in, it will proceed. Otherwise it will write the message
:
: shutdown: no authorized users logged in
--
http://www.thepoacher.net/contact
by Jerry Peter » Tue, 04 Mar 2003 05:45:32
# Cmnd alias specification
Cmnd_Alias LP=/usr/sbin/lpc,/usr/bin/lprm
Cmnd_Alias SHUT=/sbin/shutdown,/sbin/halt,/sbin/reboot,/sbin/telinit
Cmnd_Alias CDROM=/usr/local/sbin/cdrom,/usr/local/sbin/cdr
# User specification
root ALL=ALL
xxx ALL=(root)NOPASSWD:LP,(root)NOPASSWD:SHUT,(root)NOPASSWD:CDROM
Jerry
by Alessandro Sell » Tue, 04 Mar 2003 20:11:44
|Date: Sat, 01 Mar 2003 17:05:44 -0800
|Subject: shutdown permissions
|
|Hi All,
|
| Not to ask too stupid of a question, but what
|governs who can shutdown their computer? (I have
|always had root privileges and it has never been
|an issue. Now I have to give some non-root users
|shutdown privileges and other no privileges.)
|
I think the easiest setup you can deploy, is having a "shutdown" group on your
system and issue # chgrp shutdown /sbin/shutdown ; chmod 4750 /sbin/shutdown
Now, if shutdown is the only command able to reboot/shutdown your system,
only users belonging to the "shutdown" group can do it.
Sandro
--
Bellum se ipsum alet
La guerra nutre se stessa
Livio, Ab urbe condita, XXXIV,9
We have a standalone PC at home running both Suse 7.1 Linux and Windows
ME. We use KDE on Linux, with the default graphical login manager.
Since this is at home, it would be nice if pushing the "shutdown" button
on the graphical login manager would allow anyone to shut the machine
down. Unfortunately, I can't figure out how to do this. Pushing this
button requires entering the root password before shutdown will occur.
/etc/shutdown.allow sounded like a good possibility, but it doesn't seem
to do
the job. The man page implies that you have to be logged in and have
permission in the shutdown.allow file. No one is logged in when the
graphical login manager is up.
Any suggestions of what to do or what to read to figure this out will be
greatly appreciated.
Steve Smith
2. Epson printer in WordPerfect for Linux
3. User's shutdown permissions for RH 5.2 ?
4. AUGH!! Mandrake 7.1 Installation Errors (partitions)
5. giving user shutdown permission
6. hostname
7. How do I grant shutdown permissions to users ?
8. How to place a comma in 'a{b,c,d}e' metanotation
11. How to give users permission to shutdown?
12. Permissions changes after "shutdown"?