I just installed a Fedora Core 6 Linux.
For security reasons, I don't want to share my root password with too many people. I was thinking of creating a user/login, which will trigger a reboot once it is used.

Do you gurus out there think this is a good idea?
And how would I go about to make this work? How would the login of a user called 'reboot' make the box actually reboot?

Thanks in advance,

Koen

Just taking a stab at this ...

What I would try is to create a one-line script containing the reboot command. Make root the owner of the file, set the file permissions so that anyone can execute the file, and set the SUID bit so that the script runs as root.

Something like this:

Contents of /opt/public_reboot:

# chown root:root /opt/public_reboot (redundant if file is created by root)
# chmod 4755 /opt/public_reboot

If you want to restrict use of the script, you could add a new user group, e.g. "reboot", add the desired users to that group, and set the permissions of the script so that only users in that group can execute the file:

# chown root:reboot /opt/public_reboot
# chmod 4750 /opt/public_reboot

As for whether it's a good idea, I'm not sure. What if you're in the middle of doing some critical maintenance, and someone decides to reboot?

----
Edit

I just remembered that SUID doesn't work on shell scripts, for security reasons. The above approach should still usable if the script is changed to Perl. Or maybe sudo would be a better approach.

look at
/etc/sudoers

The kernel does not honour SUID scripts.

--

Heh.. sounds like a good security policy to me. A better solution would be to not give the root password to anyone else.

As for a solution to your problem.. don't you have CTRL+ALT+DEL ?

----
Edit

I've just seen Dave Lerner's edit

I agree. Look at the sudoers list and add users you want. This way, they can have certain access and privileges that you can define without having to give out your root password. They can use their own user password.