Linux - EnterpriseThis forum is for all items relating to using Linux in the Enterprise.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
By-default ... root has full access to the server either from direct console or through other utilities such as ssh , telnet etc. I want that root(default) user ,when telnet to linux server , could not shutdown it from the remote location but if he wants to make shutdown , he should come to the server and enter shutdown or other commands to shutdown.
in other words, I want root should be denied access to shutdown from the remote location but he can do it only from the server
In general, do not allow login access to "root" via any means (telnet, ssh, etc...). Require login access to be through a normal username, one that is validated to use sudo or su.
You could also move the "shutdown" command somewhere else and place a script there that checks the output of the "who" command for the absence of string "pts/" before passing the command to the renamed version of shutdown. Note that this trick will work only until the user learns where the new location is at. Also, it does nothing to protect "reboot" or "init 6".
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.