SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
1) I want to be able to run this as a regular user,
Code:
#!/bin/bash
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger
If I run a script with that it won't work!
Because I'm not able to run anything like that as regular user!
For now it works on root .bashrc like this,
Code:
function reboot_force() {
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger
}
I have this on my slackwarearm on RPi3 (and also in a laptop) and it would be nice using this as a regular user. Because my Pi sometimes hangs on due to firefox.
2) Being able to do this as regular user have any security concerns?
EDIT: I post it here because is not only arm related!
I'm not sure if you can do that as a normal user without using sudo. Whenever you give a user the ability to run commands as root, there's always security concerns, but there's ways to minimize those concerns by limiting what your user can run with sudo. The best way to do that would be to create a script that is only writeable by root with the commands you need to run, then give your user the ability to only execute that script using sudo.
You could create a script like /usr/bin/force-reboot containing your commands:
Code:
#!/bin/bash
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger
Then you would need to run visudo to allow your user to run sudo force-reboot with root permissions. By default, it will use the vi editor, but if you don't like it, you can override it with a different editor using EDITOR=nano visudo (replacing nano with a different editor if you don't like nano).
Then you would just add the below in that file (it doesn't need to be in any specific place). You can either choose to have to enter your user's password or no password (obviously requiring a password is a little more secure).
Code:
ag33k ALL=NOPASSWD: /usr/bin/force-reboot
If you want to restrict it to only work when your on your local machine (so it wouldn't work when you're ssh'ed in), you can change the "ALL" to localhost, and if you want to type your password, you would change NOPASSWD to PASSWD.
I'm not sure if you can do that as a normal user without using sudo. Whenever you give a user the ability to run commands as root, there's always security concerns, but there's ways to minimize those concerns by limiting what your user can run with sudo. The best way to do that would be to create a script that is only writeable by root with the commands you need to run, then give your user the ability to only execute that script using sudo.
You could create a script like /usr/bin/force-reboot containing your commands:
Code:
#!/bin/bash
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger
Then you would need to run visudo to allow your user to run sudo force-reboot with root permissions. By default, it will use the vi editor, but if you don't like it, you can override it with a different editor using EDITOR=nano visudo (replacing nano with a different editor if you don't like nano).
Then you would just add the below in that file (it doesn't need to be in any specific place). You can either choose to have to enter your user's password or no password (obviously requiring a password is a little more secure).
Code:
ag33k ALL=NOPASSWD: /usr/bin/force-reboot
If you want to restrict it to only work when your on your local machine (so it wouldn't work when you're ssh'ed in), you can change the "ALL" to localhost, and if you want to type your password, you would change NOPASSWD to PASSWD.
Thanks
Code:
# ls -lisah /usr/bin/force-reboot
1500248 4.0K -rwxr-xr-x 1 pi pi 126 Jan 5 01:14 /usr/bin/force-reboot
force-reboot
Code:
#!/bin/bash
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger
/etc/sudoers
Code:
pi ALL=NOPASSWD: /usr/bin/force-reboot
Output:
Code:
$ force-reboot
/usr/bin/force-reboot: line 5: /proc/sys/kernel/sysrq: Permission denied
/usr/bin/force-reboot: line 6: /proc/sysrq-trigger: Permission denied
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.