Firstly I wish to apologise if this question appears (and is solved) elsewhere on these forums, though I couldn't really find anything that tackles my specific problem.
I'm setting up a Linux server (Slackware 10.2) to which various dumb terminals connect via telnet. I've set it up so that only a specific non-root user (called "unisolv") is allowed to halt and reboot the server. I want this to only be allowed from the physical terminal, to negate the possibility that a user from one of the dumb terminals is able to shutdown the machine at will.
My /etc/sudoers file follows: (hostname = "jupiter")
Code:
Defaults requiretty
Defaults lecture=never
Host_Alias SERVER = jupiter
root ALL=(ALL) ALL
%wheel ALL=(ALL)ALL
# Allow user unisolv (only on localhost) to execute
# the following commands without requiring passwd.
unisolv SERVER = NOPASSWD:/sbin/shutdown -h,/sbin/shutdown -r
The problem is, the commands are executable from both the localhost aswell as remotely via telnet. I've tried changing the "SERVER" Host_Alias variable to the address on the local net (192.168.0.23) but the problem persists. When changing the same value to "localhost", I am not allowed to execute the commands, even from the local host.
"localhost" exists in /etc/hosts as 127.0.0.1 and is fully pingable.
To recap, what I want is for the shutdown command to be run through sudo by the user unisolv, but only on the physical localhost and NOT remotely via telnet etc.
Any help on this issue would be greatly appreciated.