Hi list, I've installed C 7.1.1503 and I've noticed that simple user can run from bash shutdown -h now/reboot without getting special permission (sudo, su). The machine is a VM without GUI (tested also on physical machine). From reddit I've got a suggestion: removing/comment out "-session optional pam_systemd.so" in /etc/pam.d/system-auth the problem is solved. This is a bug? If not, why use this policy? There are security implication?
Thanks in advance.
On Thu, 22 Oct 2015, Alessandro Baggi wrote:
Hi list, I've installed C 7.1.1503 and I've noticed that simple user can run from bash shutdown -h now/reboot without getting special permission (sudo, su). The machine is a VM without GUI (tested also on physical machine). From reddit I've got a suggestion: removing/comment out "-session optional pam_systemd.so" in /etc/pam.d/system-auth the problem is solved. This is a bug?
No, that's the wrong way to solve it.
If not, why use this policy? There are security implication?
Permissions here are handled by policykit AFAIK.
/usr/share/polkit-1/actions/org.freedesktop.login1.policy likely to be of particular interest?
jh
Il 22/10/2015 10:49, John Hodrien ha scritto:
On Thu, 22 Oct 2015, Alessandro Baggi wrote:
Hi list, I've installed C 7.1.1503 and I've noticed that simple user can run from bash shutdown -h now/reboot without getting special permission (sudo, su). The machine is a VM without GUI (tested also on physical machine). From reddit I've got a suggestion: removing/comment out "-session optional pam_systemd.so" in /etc/pam.d/system-auth the problem is solved. This is a bug?
No, that's the wrong way to solve it.
If not, why use this policy? There are security implication?
Permissions here are handled by policykit AFAIK.
/usr/share/polkit-1/actions/org.freedesktop.login1.policy likely to be of particular interest?
jh _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Hi J, thank you for the suggestion. Why team make this possible? What is the purpose?
On Thu, 22 Oct 2015, Alessandro Baggi wrote:
Hi J, thank you for the suggestion. Why team make this possible? What is the purpose?
It's a nice flexible setup for a workstation situation. I can have CentOS installed on a workstation, and allow users to reboot it as long as there's noone else logged in. Works for me.
jh
On 10/22/2015 2:20 AM, John Hodrien wrote:
On Thu, 22 Oct 2015, Alessandro Baggi wrote:
Hi J, thank you for the suggestion. Why team make this possible? What is the purpose?
It's a nice flexible setup for a workstation situation. I can have CentOS installed on a workstation, and allow users to reboot it as long as there's noone else logged in. Works for me.
and its totally inappropriate for a shared server.
On Thu, 22 Oct 2015, John R Pierce wrote:
and its totally inappropriate for a shared server.
Which is why you wouldn't configure it for a shared server. I don't understand the problem though, as the defaults *don't* allow this do they?
/usr/share/polkit-1/actions/org.freedesktop.login1.policy:
<action id="org.freedesktop.login1.power-off"> <description>Power off the system</description> <message>Authentication is required for powering off the system. <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> <allow_active>yes</allow_active> </defaults> </action>
<action id="org.freedesktop.login1.reboot"> <description>Reboot the system</description> <message>Authentication is required for rebooting the system.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> <allow_active>yes</allow_active> </defaults> </action>
jh
-
Alessandro Baggi -
John Hodrien -
John R Pierce