[CentOS] non-privaledged reboot ???

Sun Jul 8 20:40:02 UTC 2007
René Standfest <centos at standfest.net>

Scott Ehrlich schrieb am 08.07.2007 21:01:

> On Sun, 8 Jul 2007, René Standfest wrote:
> 
>> Matt Shields schrieb am 08.07.2007 14:32:
>>
>>> On 7/8/07, Ignacio Vazquez-Abrams <ivazqueznet at gmail.com> wrote:
>>>> On Sat, 2007-07-07 at 22:51 -0700, Robert - eLists wrote:
>>>>> Greetings
>>>>>
>>>>> On centos 5, if I ssh in as a regular non-superuser account and go to the
>>>>> sbin dir to issue a reboot command, it wont do it as says you must be
>>>>> superuser
>>>>>
>>>>> If you are on the console logged in as a non-superuser account and do the
>>>>> same thing, it will reboot.
>>>>>
>>>>> Is this a feature, or a bug?
>>>> If you're at the console you can usually just push the reset or power
>>>> button *anyways*, so it's a non-bug. I believe you can edit the
>>>> appropriate entries in /etc/pam.d if you really want to change this.
>>> Not necessarily true.  Lots of people use remote KVM's :)  So just
>>> because someone has access to the console does not mean they have
>>> physical access to the server.
>> That's true, but you can push CRTL-ALT-DEL and the computer reboots, even if
>> you're not logged in.
> 
> Can't C-A-D be filesystem trapped to prevent the system from rebooting 
> with that key combo?   If so, that could negate that option if the fs is 
> configued as such.

You can change the behavior ov C-A-D in /etc/inittab. I changed it to
	ca::crtlaltdel:/bin/echo "Nix da!"
to prevent a reboot if I push the keycombo faulty.

Greets
René
-- 
GEEKCODE: GIT$ d- s+: a- C+++ UL++++$ P+ L++ E--- W+++ N+ !o K- w+ O-
 M-- V- PS+ PE Y+ PGP++ t++ 5++ X+ R tv+ b DI D++ G e+ h--- r++ y+++
      PGP-Key and more available at http://www.standfest.net
           My Blog is at http://www.gaudidiecher.de