I want to be able to give normal users the ability to reboot the machine, if a normal user tries to execute a reboot it will ask for the root password, which I don't want them to have.

Is it somehow possible to set up exemptions for some commands to not require root access?

Many thanks.

Yes, of course. For this kind of thing you use sudo. If it isn't already installed on your machine, just install it in the usual way.

sudo comes with a configuration file called /etc/sudoers. This allows you to give very fine-grained rights to users. You can allow some commands such as shutdown and reboot to be executed by a particular user without providing full root access. This can be done with a password (their own password, not the root one) or without. In fact sudo has a built in timer so that once a user password has been given, it will hold good for subsequent sudo commands within a small time span. All the user has to do is preface the command with the word "sudo".

One caveat. You must do all edits of sudoers with the visudo command. Never use an editor directly on this file or you could really screw up your system.

2 members found this post helpful.

Yes. This is the exact purpose of sudo. It allows you to grant users the ability to run certain programs as if they were the root user. They only have to know their own password and only have access to the specific commands you grant them.

https://www.linux.com/blog/how-use-s...x-introduction

1 members found this post helpful.

posted in error

Sudo: you're doing it wrong - PDF @ 171 pages.

Good stuff, Maynard.

2 members found this post helpful.

what's that got to do with the original question?
anyhow, try

I push the power button one time and it reboots usually. (may not be as asked)

^ doesn't that require the underlying command (e.g. systemctl reboot) to have superuser privileges granted?

deleted

you might want to try init 6.
works for me!

In my boxes it generates ACPI event and results in shutdown.

If this is a multiuser machine, i.e. a machine with more than one user using it concurrently (probably a server) I'd have to say that this would be a bad idea as any one user could effectively screw up the other users work by shutting it down.

OK, so you're probably talking about a shared desktop but I just felt I just had to add my to clarify.

Play Bonny!

On the use of visudo, if you aren't familiar with vi, use the command
EDITOR=nano visudo
(or whatever editor you like).

The power button triggers an acpi event and if you have acpid running with an event handler for the power button it will reboot / power off. The daemon is already running as root so you do not need to authenticate. YMMV as systemd opted to change the syntax of shutdown and many of those "handlers" didn't get the memo.

Then we get into normal command shutdown and did all the databases get closed first and such.

I think the first reply would be correct about sudo for most folks but not all.