User can shutdown system.
Hello,
I just defined a new user on the system. User has a UID of 502. He is using KDE on Centos5. This isn't a root user but when he goes to log out he gets a screen where he can do one of the following: Turn Off Computer End Current Session Restart Computer Cancel The user is logging in at the master terminal, not remotely. Because this user is just a general user and never as root, is there any way to not allow him to use any of the above options except Cancel and End Current Session? I never what such a user to turn off the machine or restart it. Thanks. |
assuming you use KDE as well...click into kde control center/System Admin/Login Mgr/
click on admin ....enter root password and go to shutdown tab allow shutdown...change from everyone to only root. Observe the pathway to the reboot command....it may be /usr/bin or /bin or /sbin etc click oK and exit. If you use KDE go into Konqueror in root mode and change the permissions of that reboot to rwx for root and r-- for group and others |
Quote:
find / -iname "*kdmrc*" Then look through kdmrc for lines similar to: AllowShutdown=All AllowShutdown=none AllowShutdown=username Some of these lines will apply to root, some to remote users, and some to local users. Figure out which one applies to local users and set: AllowShutdown=none ---------------------------- Steve Stites |
You might want to change the execution flags for several Linux commands such as reboot, shutdown, halt, init, and telinit, so that non-root users/groups cannot open up a console and run these commands manually.
(Some are links to actual programs.) Also check /etc/sudoers and don't forget suid/guid. There may be other commands also (anyone?). Not sure if you will have side-effects though. |
Quote:
|
Quote:
The options are to either change those settings specific to KDE (or Gnome) or to have X start in user mode (boot to runlevel 3, then have "startx" in your user login scripts). |
I believe in the original post the poster did not want a non-root user to be able to reboot/shutdown the system.
Disabling the options in KDE/Gnome (or whatever GUI) will only stop the user from selecting those options from the menu, it will not stop them from opening a terminal window and manually typing the commands. And that is what I was trying to address. Of course that will not stop someone from physically hitting the on/off/reset switch or even pulling the plug. |
they are all good replies, lets wait for the OP to reply?
|
Quote:
|
All times are GMT -5. The time now is 11:46 AM. |