-   Linux - General (
-   -   Shutdown requires password (

bluefire 02-04-2004 04:11 PM

Shutdown requires password
Under Mandrake I could shut down as any user from any of the window managers. However, under Debian I am required to log out to GDM, and then to enter the root password in order to shut down. This sucks, because I don't want the other users of the computer to know the root password, but I do want them to be able to shut down. I know this is the "proper" way for it to behave (understandable if it is, e.g., a network server, or something) but I want to change it back to the Mandrake way.

I'm guessing that chmodding shutdown is a bad idea; are there alternatives here? And how do I inform GDM and KDE that the two stage shutdown is no longer required?


vectordrake 02-04-2004 05:08 PM

Actually, that may be what is necessary (but there may be a GUI tool already installed that'll do it neatly, globally, and correctly. I have Mepis installed, so it Deb and I can shutdown as user (only logged in to X as root once since the install and won't be doing it again soon). I'll look at my configs for kdm and see if theres somethigg onvious there. Might try adding the user to the shutdown group

ovf 02-04-2004 09:07 PM

"chmod +s /sbin/shutdown" might help. I don't think it's a bad idea in this case.

Joey.Dale 02-04-2004 10:23 PM

read man sudo

synaptical 02-04-2004 10:43 PM

i used to have users be able to shutdown and reboot without them having other commands, but i forgot how i did it. (adding the user to wheel, maybe?) sudo would work, but that would give users access to many or even most root commands. however, there might be a way to modify sudo so users only have access to the commands you want them to have. i agree that chmodding the shutdown command wouldn't necessarily be a bad thing if you know what you are doing and are sure that's what you want.

vectordrake 02-04-2004 10:47 PM

There is another way, which is not too elegant, if this cannnot be solved for you (like we'll let that happen!). Users can exit to a console and then hit ctrl+alt+del. That will spawn a reboot sequence. The filesystem will be unmounted properly and they can shut down with the switch the second the messages say "rebooting"

Not the elegant answer, but it'll work.

maillion 02-05-2004 06:30 AM

shutdown can be called from init(8) when the magic keys CTRL-ALT-DEL
are pressed, by creating an appropriate entry in /etc/inittab.
means that everyone who has physical access to the console keyboard can
shut the system down. To prevent this, shutdown can check to see if an
authorized user is logged in on one of the virtual consoles. Otherwise it will write the message

shutdown: no authorized users logged in to the (physical) system console.

If shutdown is called with the -a argument (add this to the
invocation of shutdown in /etc/inittab), it checks to see if the file
/etc/shutdown.allow is present. It then compares the login names in that
file with the list of people that are logged in on a virtual console (from
/var/run/utmp). Only if one of those authorized users or root is logged
in, it will proceed.
The format of /etc/shutdown.allow is
one user name per line. Empty lines and comment lines (prefixed by a #)
are allowed. Currently there is a limit of 32 users in this file.

Note that if /etc/shutdown.allow is not present, the -a argument is

This is from the 'shutdown' man page, it says that you can set up a file that will keep the command limited to some users but not others. You could create the 'shutdown.allow' file with the users you will want to be able to shutdown, then create an alias named 'halt', or some other name, with the "shutdown -a" as the command to be aliased. I hope this helps.:cool:

All times are GMT -5. The time now is 07:01 AM.