On 03/28/2012 09:03 AM, Phil Schaffner wrote: > Timo Neuvonen wrote on 03/28/2012 09:17 AM: >> I just noticed that CentOS (6.2) by default allows any user to >> reboot/poweroff system without any admin rights, or without any further >> questions, if using commands 'reboot' or 'poweroff'. But 'shutdown' still >> requires admin rights. >> >> What is the preferred way to restrict any regular user from rebooting / >> powering off the system (by accident)? >> >> IMHO, sudo should be required for this purpose (at least in a system with >> shared remote access from multiple users, single-user laptops etc may be a >> different case) >> > OUCH! This seems to qualify as a CentOS bug. I confirm that a normal > user can reboot or poweroff the system on 6.2. On RHEL: > > $ rpm -qa redhat-release\* > redhat-release-server-6Server-6.2.0.3.el6.x86_64 > $ poweroff > poweroff: Need to be root > $ reboot > reboot: Need to be root > > Phil Make sure you are testing apples to apples Test ssh access versus local console access, etc. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20120328/148a072a/attachment-0005.sig>