only root can shutdown

rgiggs · 07-04-2004, 01:55 PM

hi,
in kde control center -> system administration -> login manager -> shutdown, i set it to allow all users to shutdown locally. still, only root can shutdown/reboot/halt...
what's wrong and how can i allow all users to shutdown/reboot/halt...?
thanks.

HuMJohn · 07-04-2004, 03:01 PM

Quote:

Originally posted by rgiggs
hi,
in kde control center -> system administration -> login manager -> shutdown, i set it to allow all users to shutdown locally. still, only root can shutdown/reboot/halt...
what's wrong and how can i allow all users to shutdown/reboot/halt...?
thanks.

Look at the man page for 'sudo' and 'sudoers'

ringwraith · 07-04-2004, 03:16 PM

If you are the only user on the machine and do not have to worry about security ;-)
chmod +s /sbin/halt

snop · 07-04-2004, 04:13 PM

To make kde shutdown for all users you must login using kdm instead of gdm (gdm is the default).

To do so you can edit /etc/rc.d/rc.4 and make the kdm part appear before the gdm one (or comment out the gdm part).

Hope this helps.

SnOp

P.D.: From kde you're probably configuring kdm this is why you can't see any effect when logging in.

rgiggs · 07-04-2004, 06:14 PM

i moved the kdm stuff before gdm in /etc/rc.d/rc.4, but i still can't reboot as a normal user.
other ideas?

rotvogel · 07-04-2004, 06:33 PM

Code:

chmod +s /sbin/shutdown

And add /sbin to your path if not already done. If you are the only user on the machine and do not have to worry about security ;-)

rgiggs · 07-04-2004, 06:42 PM

since two of you have suggested the chmod +s solution, i guess i'll go with that.
thanks.

btw:

Quote:

Originally posted by ringwraith
If you are the only user on the machine and do not have to worry about security ;-)

Quote:

Originally posted by rotvogel
If you are the only user on the machine and do not have to worry about security ;-)

you two said the exact same thing.

rgiggs · 07-04-2004, 06:55 PM

actually, chmod +s makes it so that any user can execute the command. i think it should be possible to specify that only certain non-root users can run the command, which is probablt more secure than chmod +s. if's it's possible, it'd like to know how to do it.

rotvogel · 07-04-2004, 07:11 PM

Create a shutdown group, change the group of these 2 commands to the newly created shutdown group, and take away world rights (750). Add users who are permitted to shutdown the machine to the shutdown group.

That's it I think.

rgiggs · 07-04-2004, 08:52 PM

i have tried that, but it didn't work. i think it makes sense that it doesn't work: we're only limiting read and exec access to these files to the user in the group (users not in the shutdown group won't have any kind of access to these files), and in the end, we're still not root. is that right or wrong?