[CentOS] allowing users to issue the "shutdown" command
Jeff
jlar310 at gmail.com
Sat Oct 17 01:37:38 UTC 2009
On Fri, Oct 16, 2009 at 7:19 PM, Buz Davis <buzdavis at earthlink.net> wrote:
> I am running CentOS 5.3 and have just the two accounts "root" and
> "buz". I would like to be able to issue "shutdown" from the account
> "buz", and thus created
> /etc/shutdown.allow with the single entry "buz" (without any quotes).
> I still
> get the error message "only root can do this" (or something similar)
> even if I include the '-a' option on the shutdown command. What am I
> missing ?
"man shutdown" on CentOS 5.3 says this...
ACCESS CONTROL
shutdown can be called from init(8) when the magic keys
CTRL-ALT-DEL are pressed, by creating an
appropriate entry in /etc/inittab. This means that everyone who
has physical access to the console
keyboard can shut the system down. To prevent this, shutdown
can check to see if an authorized user
is logged in on one of the virtual consoles. If shutdown is
called with the -a argument (add this
to the invocation of shutdown in /etc/inittab), it checks to
see if the file /etc/shutdown.allow is
present. It then compares the login names in that file with
the list of people that are logged in
on a virtual console (from /var/run/utmp). Only if one of
those authorized users or root is logged
in, it will proceed. Otherwise it will write the message
so maybe "shutdown -a" is all that is required.
--
Jeff
More information about the CentOS
mailing list