LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices


Reply
  Search this Thread
Old 09-02-2007, 08:39 AM   #1
cryincold
Member
 
Registered: Sep 2007
Location: Zhuhai, China
Distribution: Debian, etch
Posts: 40

Rep: Reputation: 15
Smile why can't i execute shutdown as a normal user?


I have already add my user name to /etc/shutdown.allow . and i set the option -a to use /etc/shutdown.allow.

but i still can't execute /sbin/shutdown to shutdown my system.

i don't know why.

anyone could give me a help?

tks in advance.
 
Old 09-02-2007, 09:36 AM   #2
JSkywalker
Member
 
Registered: Aug 2007
Distribution: openSUSE
Posts: 102

Rep: Reputation: 24
can you please post the error message you get?
or do you not get an error message?

and what linux-distro + version are you running?
 
Old 09-02-2007, 10:23 AM   #3
cryincold
Member
 
Registered: Sep 2007
Location: Zhuhai, China
Distribution: Debian, etch
Posts: 40

Original Poster
Rep: Reputation: 15
Smile

JSKywalker, Tku for your reply.

Quote:
Originally Posted by JSkywalker View Post
can you please post the error message you get?
or do you not get an error message?

and what linux-distro + version are you running?
//////////// TERMINAL ///////
cryincold@nice:~$ /sbin/shutdown -a -h now
shutdown: you must be root to do that!

cryincold@nice:~$ cat /etc/shutdown.allow
cryincold

cryincold@nice:~$ uname -a
Linux nice.org 2.6.18-5-486 #1 Sun Aug 12 21:23:09 UTC 2007 i686 GNU/Linux
/////////////////////////////////////

I use debian etch.
 
Old 09-02-2007, 10:33 AM   #4
ghostdancer
Member
 
Registered: Apr 2002
Distribution: Slackware
Posts: 266

Rep: Reputation: 30
From the shutdown man page:

Quote:
Shutdown wasn't designed to be run setuid. /etc/shutdown.allow is not used to find out who is executing shutdown, it ONLY checks who is currently logged in on (one of the) console(s).
Let me guess, you try to run that command via SSH? From the way it describe, it may not work with SSH remote login.
 
Old 09-02-2007, 10:39 AM   #5
adilbhilai
LQ Newbie
 
Registered: May 2007
Distribution: RHEL 5.1 & Fedora 16
Posts: 29

Rep: Reputation: 15
/sbin/shutdown cmd can be executed by SuperUser only i.e. ROOT.

Last edited by adilbhilai; 09-02-2007 at 10:40 AM.
 
Old 09-02-2007, 10:41 AM   #6
Fadoksi
Member
 
Registered: Apr 2006
Location: Finland
Distribution: Ubuntu, Gentoo, Debian
Posts: 88

Rep: Reputation: 15
Well, you could install sudo and use that. It's probably in your distributions package manager.
 
Old 09-02-2007, 10:41 AM   #7
adilbhilai
LQ Newbie
 
Registered: May 2007
Distribution: RHEL 5.1 & Fedora 16
Posts: 29

Rep: Reputation: 15
cryincold is not a super user.................
 
Old 09-02-2007, 10:43 AM   #8
hitest
Guru
 
Registered: Mar 2004
Location: Canada
Distribution: Void, Slackware
Posts: 7,341

Rep: Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744
You can't shut down your system as a regular user using the Gnome System------>Shutdown GUI? If not then there's something weird going on with your system.
 
Old 09-02-2007, 10:43 AM   #9
adilbhilai
LQ Newbie
 
Registered: May 2007
Distribution: RHEL 5.1 & Fedora 16
Posts: 29

Rep: Reputation: 15
Quote:
Originally Posted by Fadoksi View Post
Well, you could install sudo and use that. It's probably in your distributions package manager.
yeah ! Sudo will do it.
 
Old 09-02-2007, 10:45 AM   #10
ghostdancer
Member
 
Registered: Apr 2002
Distribution: Slackware
Posts: 266

Rep: Reputation: 30
Sorry, my mistake, I skipped a few paragraph from the man page.

Quote:
shutdown can be called from init(8) when the magic keys CTRL-ALT-DEL are pressed, by creating an appropriate entry in /etc/inittab. This means that everyone who has physical access to the console keyboard can shut the system down. To prevent this, shutdown can check to see if an authorized user is logged in on one of the virtual consoles. If shutdown is called with the -a argument (add this to the invocation of shutdown in /etc/inittab), it checks to see if the file /etc/shutdown.allow is present. It then compares the login names in that file with the list of people that are logged in on a virtual console (from /var/run/utmp). Only if one of those authorized users or root is logged in, it will proceed. Otherwise it will write the message

shutdown: no authorized users logged in

to the (physical) system console.
So, what was done only meant for CTRL-ALT-DEL, not for execution of the command itself.

The common way where we allow a certain user to execute privilege command is via sudo.

Last edited by ghostdancer; 09-02-2007 at 10:47 AM.
 
Old 09-02-2007, 10:56 AM   #11
makuyl
Senior Member
 
Registered: Dec 2004
Location: Helsinki
Distribution: Debian Sid
Posts: 1,107

Rep: Reputation: 54
Hmm, a dubious way to achieve this would be to add /sbin to the users path and chmod /sbin/shutdown to allow users execute it.

Sudo is indeed the better way: http://www.debian-administration.org/articles/33
Btw, the sudoers man page has very good examples.
 
Old 09-02-2007, 01:08 PM   #12
Fadoksi
Member
 
Registered: Apr 2006
Location: Finland
Distribution: Ubuntu, Gentoo, Debian
Posts: 88

Rep: Reputation: 15
Configuring sudo is pretty easy, there are numbers of guides on the internet.

Install sudo (apt-get install sudo, emerge sudo, yum install sudo, depends on your package manager)
Then edit /etc/sudoers with the visudo command (as root):
Code:
visudo
Add a line to the end of the file:
Code:
username   ALL = /sbin/shutdown
Replace username with the user's name you want to allow shutdown.
I'm not 100% is the syntax right, I wrote from my head, but correct me if I'm wrong
 
Old 09-02-2007, 01:46 PM   #13
utanja
Member
 
Registered: Apr 2004
Location: Europe:Salzburg Austria USA:Orlando,Florida;
Distribution: Debian
Posts: 643

Rep: Reputation: 32
i use sudo halt......it ask for password and then shuts down...
 
Old 09-02-2007, 03:03 PM   #14
JSkywalker
Member
 
Registered: Aug 2007
Distribution: openSUSE
Posts: 102

Rep: Reputation: 24
Quote:
Originally Posted by makuyl View Post
Hmm, a dubious way to achieve this would be to add /sbin to the users path and chmod /sbin/shutdown to allow users execute it.
That won't help

normally /sbin/shutdown has already 755, so IS executable by every user...
others it was impossible to get the message:
shutdown: you must be root to do that!

if its not 755 you would get:
/sbin/shutdown: Permission denied
 
Old 09-02-2007, 03:38 PM   #15
makuyl
Senior Member
 
Registered: Dec 2004
Location: Helsinki
Distribution: Debian Sid
Posts: 1,107

Rep: Reputation: 54
Oops, you're right. So the dubious way would be "chmod u+s /sbin/shutdown"
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
can normal user use shutdown command? sorno Linux - Newbie 2 07-30-2005 06:11 AM
how to execute firewall script as normal user robthebob Linux - Security 5 01-11-2005 04:36 PM
can normal user do shutdown? TheOneAndOnlySM Slackware 12 12-17-2003 11:10 PM
Normal User Restart and Shutdown InsaneBob Linux - Software 2 08-23-2003 05:47 PM
normal user can't execute files in cd..? doublefailure Linux - Hardware 0 09-11-2002 01:04 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 06:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration