LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Auto Shutdown Script in centos (https://www.linuxquestions.org/questions/linux-newbie-8/auto-shutdown-script-in-centos-4175617780/)

Waiyan Lynn 11-16-2017 08:16 PM

Auto Shutdown Script in centos
 
hi,

How can I make my centOS6 automatically shut down after the specific local user log in?

!!! 11-16-2017 11:05 PM

Welcome to LQ. web-research the 'shell' field, at the end of /etc/passwd entries.
Or like .bashrc login scripts.

Tell us a bit about your computers, Linux experience/interests/goals, Google knowledge.

Turbocapitalist 11-17-2017 12:03 AM

Yes, more information is needed. How is that user going to log in? At the console or via SSH?

ondoho 11-18-2017 03:41 AM

Quote:

Originally Posted by !!! (Post 5781609)
Welcome to LQ. web-research the 'shell' field, at the end of /etc/passwd entries.

that sounds like a genius idea: shell=/bin/poweroff or sth like that.
at least a literal answer to op's question.
however i wonder what the bigger picture here is; it seems weird to shut down a machine after logging in?

!!! 11-19-2017 01:14 AM

Thanks for the +1 ;)

I vaguely remember some site where there was a 'shutdown' user account,
which shutdown the computer when someone (with pwd) logged into that acnt.
(The person may have had NO other login/access/reason to use computer;
just the lights-turner-outer:D)

Oh, p.s., web-search: linux "shutdown account" find a lot:
https://askubuntu.com/questions/1374...utdown-account

http://forums.justlinux.com/showthre...count-question
Hey, WHO deleted the shutdown user from Linux's /etc/passwd??? LP? :D
(I'm glad I doNOT have an /etc/passwd file in my distro-of-choice:party:)


OP never came back. ('real'? That's why my last sentence in #2:idea:)

Waiyan Lynn 11-20-2017 04:30 AM

Quote:

Originally Posted by Turbocapitalist (Post 5781616)
Yes, more information is needed. How is that user going to log in? At the console or via SSH?

I want to use that user account via ssh. My centos is running over hyper-v. I want to shut down the system whenever I log in with that username and password automatically. I've tried like this https://askubuntu.com/questions/1374...utdown-account but still can't access to that shutdown account and saying Access denied.

Turbocapitalist 11-20-2017 04:44 AM

Quote:

Originally Posted by Waiyan Lynn (Post 5782815)
I want to use that user account via ssh. My centos is running over hyper-v. I want to shut down the system whenever I log in with that username and password automatically. I've tried like this https://askubuntu.com/questions/1374...utdown-account but still can't access to that shutdown account and saying Access denied.

1. Can you log in with that user using SSH keys?

2. Once logged in can you run the script using sudo and then the machine shuts down?

If not work on those two steps. If so, then prepend the key found in that account's ~/.ssh/authorized_keys file with command="/usr/bin/sudo /path/to/script", using the right paths and script name of course.

Waiyan Lynn 11-20-2017 08:30 PM

Quote:

Originally Posted by Turbocapitalist (Post 5782825)
1. Can you log in with that user using SSH keys?

2. Once logged in can you run the script using sudo and then the machine shuts down?

If not work on those two steps. If so, then prepend the key found in that account's ~/.ssh/authorized_keys file with command="/usr/bin/sudo /path/to/script", using the right paths and script name of course.

Sry for the wrong link. I've tried this https://www.cyberciti.biz/tips/shutd...ux-server.html
and it is perfectly shut down when I log in from the console but can't log in from the ssh and keep saying Access Denied. Thank you so much for your replies.

giis 11-20-2017 09:27 PM

You want to disable the account completely ? Something usermod -s /sbin/nologin username will prevent access. Any specific reason you want to him login and the shutdown vm?

Waiyan Lynn 11-20-2017 09:32 PM

Quote:

Originally Posted by giis (Post 5783194)
You want to disable the account completely ? Something usermod -s /sbin/nologin username will prevent access. Any specific reason you want to him login and the shutdown vm?

I don't want to disable that account. I want some users to shut down the system by logging into that account without giving them any root permissions

giis 11-20-2017 10:07 PM

Quote:

Originally Posted by Waiyan Lynn (Post 5783197)
I don't want to disable that account. I want some users to shut down the system by logging into that account without giving them any root permissions

Okay, Simply adding shutdown command into "~/.bash_profile" will help your case?

Turbocapitalist 11-21-2017 02:02 AM

Quote:

Originally Posted by giis (Post 5783209)
Okay, Simply adding shutdown command into "~/.bash_profile" will help your case?

Those settings quite easily circumvented.

Weiyan, about getting the key-based login, if you can log into the server with the account shutdown using the password, then on the client:

Code:

ssh-keygen -t ed25519 -f ~/.ssh/shutdown-server.ed25519 -C 'waiyan from client'

ssh-copy-id -i ~/.ssh/shutdown-server.ed25519 shutdown@server.example.com

Then test the key

Code:

ssh -i ~/.ssh/shutdown-server.ed25519 shutdown@server.example.com
If that works, then follow the sudoers modification in your guide. Though I would say to allow more options so you could have another key reboot or do a timed shutdown. So on the server add this to /etc/sudoers:

Code:

shutdown ALL=(root:root) NOPASSWD: /sbin/shutdown
Then you should be able to log in with the key and manually run things like sudo /sbin/shutdown -k +5 'yer done get out'

Then if that works, on the shutdown account on the server modify the key in ~/.ssh/authorized_keys
so that it automatically runs shutdown

before:

Code:

ssh-ed25519 AAAAC3Nza...00sbl/Q waiyan from client
after:

Code:

command="/sbin/shutdown -h +1 'yer done. get out.'" ssh-ed25519 AAAAC3Nza...00sbl/Q waiyan from client
Then if that works you can use a Match clause in sshd_config to eliminate the password login for that user.


All times are GMT -5. The time now is 02:54 AM.