shutdown user and accountability
Dear .debs,
I'm maintaining a (small-time) group server for our department. In
order to satisfy company policy requirements I need to provide a way
to shutdown the server in case of emergencies. Our network admin was
kind enough to give me two alternatives:
1) provide an on-screen shutdown button
2) provide a shutdown user account (and document its usage)
I didn't like either approach because they lack accountability: after
a shutdown I can't tell *who* did it.
BTW, the server has no screen for buttons, so 1) is not an option to
begin with. You have to ssh in to do anything (exploit one of inetd,
exim, samba or apache in some way may be an alternative ;-).
I came up with a 'sudo /sbin/halt' for department members (and others
on an as needed basis), but that was no good. Everyone has to be able
to shut it down. I racked my brains but didn't come up with anything
that provides accountability. Anyone any suggestions?
Right now, I'm stuck with 2) and writing the password on the machine
(or similar) *or* stay with what I have now and take my chances with
people flicking the power switch.
BTW, the server is not in a physically secure location, so I run the
power switch thingy risk anyway.
Suggestions, discussions of pros and cons welcome,
--
Olaf Meeuwissen Epson Kowa Corporation, Research and Development
GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97 976A 16C7 F27D 6BE3 7D90
LPIC-2 -- I hack, therefore I am -- BOFH
Reply to: