SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
ok, i need to know how or where do i see the logs for when was the last time computer was rebooted/shutdown and by what user.
Also i need to change the permissions for reboot shutdown, so that only root can reboot or shutdown the PC, no other user should be able to reboot or shutdown using any command or the shutdown option in gnome menu, one should not even be able to shutdown the computer from the login screen without logging on as root. how do i go about this?
For example, suppose I wanted to add a group of users who are allowed to shut down the machine.
So I first want to add a group called "shutdown" (run these commands while root)
groupadd shutdown
Then I need to edit the /etc/group file to add users to the "shutdown" group.
I just tack the usernames at the end of the shutdown line, separated by commas, e.g.
shutdown:x:407:user1,user2,...
Whatever users I put there will be able to shut down the computer (so choose wisely).
Now I need to configure sudo to allow members of the "shutdown" group to actually
invoke the assorted shutdown commands provided in linux. Run visudo and add
the following lines
This allows the "shutdown" group to run /sbin/reboot, /sbin/halt, and /sbin/shutdown
AS IF THEY WERE ROOT. The only caveat is that the users must run the commands
with the command sudo in front, e.g.
sudo /sbin/halt
This is always a bit of a pain (and users never remember), so I can create the
following script called "/usr/bin/reboot" (and similar scripts for halt and shutdown)
#! /bin/sh
sudo /sbin/reboot $*
Remember to make these scripts executable! To make this slightly more secure,
I might want to change the ownership of these scripts to the "shutdown" group
And there is also a option of using /etc/shutdown.allow but not very useful.
So within Gnome there should be a config in the home dirs
like ~/.config/menu.xml this file can be edited for the allow or not allow.
will tell you when a reboot/shudown happened, but not the user.
If you want to allow only root to reboot/shutdown the box then remove the suid bit of /sbin/halt
Code:
chmod -s /sbin/halt
and disable Ctrl-Alt-Del (edit /etc/inittab and comment out the line: ca::ctrlaltdel:/sbin/shutdown -t5 -r now)
ok, i made the files /etc/halt /etc/reboot and /etc/shutdown chmod 700, so after this only root can use these commands, furthermore i did comment out
"ca::ctrlaltdel:/sbin/shutdown -t5 -r now"
in inittab
but users were still able to reboot from the menu, although they cannot issue the reboot/halt command, so finally i made the permissions of rc.6,rc.0 as 700, but no help. i think i need more help.
Your using Gnome right? So the login manager is gdm? If you look around your system there should be a configuration file for it. I've got kde installed and there is a file called kdmrc in /opt/kde/share/config/kdm which is the configuration file for kdm. The default is for ALL users to be able to shut the system down, which you can change to root. So there should be a similar file for configuring gdm. Try man gdm.
hi, i have done everything member odcheck suggested, to create a new group called 'shutdown', and add my user to it via the /etc/group file, i then added the exact same 3 lines as stated by odcheck to the sudoers file, but i cant issue 'sudo /sbin/shutdown', (even though i can issue 'sudo /sbin/reboot' and 'sudo /sbin/halt'), i get this error message 'sorry, user is not allowed to execute '/sbin/shutdown' as root on darkstar' , can anyone advise?
Last edited by mobilemonkey; 06-06-2007 at 01:39 PM.
thanks simcox1 it was the /usr/bin/shutdown script that needed the '-h now' option & argument (it now reads 'sudo /sbin/shutdown -h now'),it seems the sudoers file can just use '/sbin/shutdown'. thanks to odcheck aswell for helping with the original post. now i can shutdown as a normal user
just while i remember, is there a way to turn off the annoying beep i get when i execute the scripts?
Last edited by mobilemonkey; 06-06-2007 at 03:30 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.