DebianThis forum is for the discussion of Debian Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Shutdown wasn't designed to be run setuid. /etc/shutdown.allow is not used to find out who is executing shutdown, it ONLY checks who is currently logged in on (one of the) console(s).
Let me guess, you try to run that command via SSH? From the way it describe, it may not work with SSH remote login.
You can't shut down your system as a regular user using the Gnome System------>Shutdown GUI? If not then there's something weird going on with your system.
Sorry, my mistake, I skipped a few paragraph from the man page.
Quote:
shutdown can be called from init(8) when the magic keys CTRL-ALT-DEL are pressed, by creating an appropriate entry in /etc/inittab. This means that everyone who has physical access to the console keyboard can shut the system down. To prevent this, shutdown can check to see if an authorized user is logged in on one of the virtual consoles. If shutdown is called with the -a argument (add this to the invocation of shutdown in /etc/inittab), it checks to see if the file /etc/shutdown.allow is present. It then compares the login names in that file with the list of people that are logged in on a virtual console (from /var/run/utmp). Only if one of those authorized users or root is logged in, it will proceed. Otherwise it will write the message
shutdown: no authorized users logged in
to the (physical) system console.
So, what was done only meant for CTRL-ALT-DEL, not for execution of the command itself.
The common way where we allow a certain user to execute privilege command is via sudo.
Last edited by ghostdancer; 09-02-2007 at 10:47 AM.
Configuring sudo is pretty easy, there are numbers of guides on the internet.
Install sudo (apt-get install sudo, emerge sudo, yum install sudo, depends on your package manager)
Then edit /etc/sudoers with the visudo command (as root):
Code:
visudo
Add a line to the end of the file:
Code:
username ALL = /sbin/shutdown
Replace username with the user's name you want to allow shutdown.
I'm not 100% is the syntax right, I wrote from my head, but correct me if I'm wrong
Hmm, a dubious way to achieve this would be to add /sbin to the users path and chmod /sbin/shutdown to allow users execute it.
That won't help
normally /sbin/shutdown has already 755, so IS executable by every user...
others it was impossible to get the message:
shutdown: you must be root to do that!
if its not 755 you would get:
/sbin/shutdown: Permission denied
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.