[CentOS] How to restrict reboot/poweroff from non-admins?
johnny at centos.org
Wed Mar 28 15:11:00 UTC 2012
On 03/28/2012 09:47 AM, Phil Schaffner wrote:
> Johnny Hughes wrote on 03/28/2012 10:26 AM:
>> On 03/28/2012 09:03 AM, Phil Schaffner wrote:
>>> Timo Neuvonen wrote on 03/28/2012 09:17 AM:
>>>> I just noticed that CentOS (6.2) by default allows any user to
>>>> reboot/poweroff system without any admin rights, or without any further
>>>> questions, if using commands 'reboot' or 'poweroff'. But 'shutdown' still
>>>> requires admin rights.
>>>> What is the preferred way to restrict any regular user from rebooting /
>>>> powering off the system (by accident)?
>>>> IMHO, sudo should be required for this purpose (at least in a system with
>>>> shared remote access from multiple users, single-user laptops etc may be a
>>>> different case)
>>> OUCH! This seems to qualify as a CentOS bug. I confirm that a normal
>>> user can reboot or poweroff the system on 6.2. On RHEL:
>>> $ rpm -qa redhat-release\*
>>> $ poweroff
>>> poweroff: Need to be root
>>> $ reboot
>>> reboot: Need to be root
>> Make sure you are testing apples to apples
>> Test ssh access versus local console access, etc.
> Got me there. The access mode does seem to be the difference. I tested
> from the GUI on CentOS and via ssh on RHEL. Logged on to the console in
> a GUI on RHEL6 a user can reboot or poweroff, and presumably also halt.
> Seems to be the "console user" thing. So CentOS does match upstream.
I just did some research on this ... the files that need to be modified
to change this behavior are:
The files in CentOS are identical to upstream ... they are also
identical to each other and look like this:
auth sufficient pam_rootok.so
auth required pam_console.so
#auth include system-auth
account required pam_permit.so
I am sure those can be adjusted so console access by itself is not
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 262 bytes
Desc: OpenPGP digital signature
More information about the CentOS