Re: /etc/shutdown.allow is not recognized by shutdown -a ?
Hello Sven,
On Wednesday, September 26, 2001 at 4:32:57 PM,
you wrote (at least in part):
> Hello, ...
> I want some logged in users to be able to shutdown the box, and the manpage of
> shutdown suggest adding the user names to /etc/shutdown.allow and using the -a
> option to shutdown.
> But this does not work, i only get the :
> shutdown: you must be root to do that!
> message as response.
> Is this supposed to work ? Am i missing something ? Did anyone manage to make
> it work ?
shutdown -a only checks if a user named in /etc/shutdown.allow _is logged in_
on a console.
you nevertheless have to be root or have root-rights to execute shutdown.
I good example for shutdown -a is /etc/inittab.
the line with 'ctrlaltdel' can use this so a validated user has to be logged
in on a tty to be able to reboot the machine via <Ctrl>+<Alt>+<Del>
my poor and quick testing showed me it could be possible to combine 'fakeroot'
and 'shutdown'. Beside this I _know_ 'sudo' in combination with 'shutdown' does
work.
> As context, this is the first step in having gnome ask to logout or halt when
> login out from the foot menu, which together with automatic login in gdm is a
> very nice feature for a single user desktop system for newbies.
I don't know if 'fakeroot' or 'sudo' even would help wiht this issue, as i
don't know if 'gnome logged in' count's the same as 'tty logged in'. I do know
'ssh logged in' doesn't!
As you want using automated login which opens _possible_ security holes (or
toches security issues) I'd not use 'shutdown -a' for logout but only
'fakeroot/sudo shutdown' ... If I switch on the machine and am logged in, the
check with '-a' if a valid /shutdown-allowed user is logged in is obsolete :-)
--
Best regards
Peter
Reply to: