I noticed a strange behaviour (don't know if this is the wanted default). If I try ,from normal user shell, to run command like "reboot" or "shutdown -h now" system will reboot/shutdown. This happens on tty console, on xfce terminal and ssh session.
I've just created a normal user on my test system and when I try to reboot or halt the system when logged in via ssh I get:
$ reboot Failed to set wall message, ignoring: Interactive authentication required. Failed to reboot system via logind: Interactive authentication required. Failed to open initctl fifo: Permission denied Failed to talk to init daemon.
Which is correct behaviour.
However, a user logged in at the machine as GUI console session has always been able to halt or reboot the system.
Why on CentOS a normal user can shutdown the system without root privileges? I think that on any server normal user should not be able to shutdown the system without privileges.
If it's a desktop machine, then the console logged in user should be able to shutdown the machine - at least then it means they don't resort to pulling the plug. Presumably you don't allow users physically near a server?
That's why I asked if the user who was logged in via ssh was also logged in locally at the same time. That would at lest explain such behavior.
Regards, Simon