Re: [CentOS] How to restrict reboot/poweroff from non-admins?

Only console users (local users) are allowed to do that. It's configured using pam (I use Centos5.8 so forgive me if this is not the same for CentOS6). I tried to change settings in /etc/pam.d/ and that indeed works:

/etc/pam.d/poweroff /etc/pam.d/reboot /etc/pam.d/halt

I added as a second line : auth sufficient pam_rootok.so # prevent normal users to reboot auth required pam_deny.so ....

But still the user locally logged on to the machine (gnome session) can switch it off. So I think I also missed something.

I can't test it right now, but reading 'man pam.d' made me wonder if 'required' in the 'auth required pam_deny.so' in the example above should be replaced with 'requisite'.

-- TiN