LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-26-2002, 11:47 PM   #1
shassouneh
Member
 
Registered: Apr 2001
Location: Cheney, WA
Distribution: SuSE Linux Professional 9.2
Posts: 556

Rep: Reputation: 30
Giving Specific users access to the reboot command


Dear All,
Sorry if this is in the wrong forum, it just seems like the most suitable place to ask this.

I am a single user of my own machine, and I would like to give myself access to the reboot command, tather than su ing then doing it ot just doing ctrl-alt-del. This is a learning experience and I would like the satisfaction of knowing how to do it.

I have already tries chown <username> /sbin/.reboot and chmod 777 /sbin/reboot to no avail. Can anyone please help?

Thanx beforehand
 
Old 08-27-2002, 12:10 AM   #2
neo77777
LQ Addict
 
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704

Rep: Reputation: 55
You need to change permissions on /sbin/halt because /sbin/reboot is a symlink to halt
chmod 755 /sbin/halt should suffice
 
Old 08-27-2002, 12:36 AM   #3
shassouneh
Member
 
Registered: Apr 2001
Location: Cheney, WA
Distribution: SuSE Linux Professional 9.2
Posts: 556

Original Poster
Rep: Reputation: 30
tried but no

Nope. I did as u advised. First i exited the X server, and logged out completely. Logged in as root, and did a c

cd /sbin
chmod 755 halt
exit

then logged in as the regular user and typed in
reboot

and it said

must be superuser


Any ideas?
 
Old 08-27-2002, 02:55 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,374
Blog Entries: 54

Rep: Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872
It's either installing sudo, use PAM or try this:
open up /etc/inittab and look for the line where you CTRL+ALT+DEL, and add "-a" to shutdown args.
echo $LOGNAME >> /etc/shutdown.allow
now you're allowed to shutdown using the 3 finger salute.
If you're using PAM you can change the /etc/pam.d config for the shutdown service using allow lists. Add an "auth" line under the last auth statement w/o quotes: "auth required /lib/security/pam_listfile.so item=user sense=allow file=/etc/pam.d/shutdown.allow onerr=fail"
echo $LOGNAME >> /etc/pam.d/shutdown.allow.
Haven't tested the PAM solution for shutdown, but this works on other services so it should work with shutdown as well.
 
Old 08-27-2002, 07:45 PM   #5
shassouneh
Member
 
Registered: Apr 2001
Location: Cheney, WA
Distribution: SuSE Linux Professional 9.2
Posts: 556

Original Poster
Rep: Reputation: 30
unSpawn you kinda lost me. I do not with to shut down using ctr-alt-del. What I wish to do is simply allow a normal user, to use the reboot command without having to be root (superuser).
 
Old 08-27-2002, 09:11 PM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,374
Blog Entries: 54

Rep: Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872Reputation: 2872
Shutdown does what you ask it to do depending on the flag, "-h" for halt and "-r" for reboot, so...
 
Old 08-27-2002, 09:29 PM   #7
shassouneh
Member
 
Registered: Apr 2001
Location: Cheney, WA
Distribution: SuSE Linux Professional 9.2
Posts: 556

Original Poster
Rep: Reputation: 30
hmmm but how do i make a REGULAR user access the shutdown or even reboot commands?
 
Old 08-27-2002, 10:17 PM   #8
neo77777
LQ Addict
 
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704

Rep: Reputation: 55
did you ignore /sbin/halt hint, or SuSE has different setup?
Also look at sudo
 
Old 08-27-2002, 10:20 PM   #9
neo77777
LQ Addict
 
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704

Rep: Reputation: 55
Also what /etc/pam.d/halt looks like ?
 
Old 08-27-2002, 11:18 PM   #10
shassouneh
Member
 
Registered: Apr 2001
Location: Cheney, WA
Distribution: SuSE Linux Professional 9.2
Posts: 556

Original Poster
Rep: Reputation: 30
I quote myself
Quote:
Nope. I did as u advised. First i exited the X server, and logged out completely. Logged in as root, and did a c

cd /sbin
chmod 755 halt
exit

then logged in as the regular user and typed in
reboot

and it said

must be superuser
As for /etc/pam.d/halt, I will let you know as soon as I reboot to Linux. I'm running Winblows at the moment
 
Old 08-28-2002, 07:15 AM   #11
MartBrooks
Member
 
Registered: May 2002
Location: London
Distribution: Debian
Posts: 388

Rep: Reputation: 31
man sudo

Regards
 
Old 08-28-2002, 12:30 PM   #12
Sixpax
Member
 
Registered: Mar 2002
Distribution: Mandrake 8.1
Posts: 386

Rep: Reputation: 30
Check the man page on "shutdown" for /etc/shutdown.allow.
 
Old 03-23-2004, 07:27 PM   #13
landoB
LQ Newbie
 
Registered: Mar 2004
Distribution: Slackware
Posts: 3

Rep: Reputation: 0
Wink THE answer!!!

Hey, stop confusing this guy with the wrong answers!! i saw this post yesterday cuz I had the same issue and I found the solution!!

man sudoers

actually just go to /etc and edit sudoers. at the end of the file there should be 3 commented out lines to the tune of 'examples' and two examples beneath. change one to say (don't quote me on the syntax)

$:users allow:/sbin/shutdown -h now NOPASSWD:ALL

like i said look up 'man sudoers' to get the syntax right if my memory is wrong also to reboot just duplicate the line and replace '-h' with '-r'

you shouldn't have to even check the man pages if you're astute enough!!

BTW halt and reboot can only be run in runlevel 1 and 6, if they are called in ANY other runlevel it tels the system ./sbin/shutdown -h now

freakin lamerz
 
Old 03-23-2004, 08:27 PM   #14
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,785
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Quote:
freakin lamerz

Um, you answered a thread that is a year and a half old. I think they moved on.
 
Old 03-24-2004, 04:11 PM   #15
landoB
LQ Newbie
 
Registered: Mar 2004
Distribution: Slackware
Posts: 3

Rep: Reputation: 0
whateva

it's my hot body, i'll do what i want

um.. for the benefit of others.
i'm sick of round about answers on web forms. so i took matters into my own hands. besides, if it's so damn old... WTF!! why are you replying to me?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to make a specific command(s) work for specific users or group only naren_0101bits Linux - General 3 08-28-2005 05:22 PM
fstab: giving a user acct read-only access to specific partition doorbits Linux - General 4 05-18-2004 02:11 PM
Giving users access to the system... TCasp77 Slackware 5 02-28-2004 01:18 PM
Giving regular users access to certain root-only commands slickrcbd Linux - Newbie 4 12-24-2003 07:27 AM
family access to command poweroff & reboot pixelV Slackware 12 02-27-2003 03:18 PM


All times are GMT -5. The time now is 08:03 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration