A.P. Lawrence

Information and Resources for Unix and Linux Systems
Bloggers and the self-employed

Get APLawrence.com by RSS

Home
Kerio
Sections
- MacOSX
- Linux
- Blogging
- Self-Employment
- Support
Contents
- Most Popular
- Browse All Topics
- Newest Articles
- Random Page
- Surveys
Tests
- Linux
- Mac OS X
- SCO Unix
- Perl
Resources
- Site Forum
- Write for this site
- Find a Consultant
- Contact Info
- RSS Feeds
- Store
- Advertise Here
- Disclaimer
Help
- About
- Rates
- Copyrights
- Contact
- Support

(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Kerio Reseller
Printer Friendly Version

2005/03/10 shutdown.allowed

On some systems, inittab contains a line that looks like this:

ca::ctrlaltdel:/sbin/shutdown -t3 -r now

That lets someone at the physical console reboot using only ctrl-alt-delete. No one even has to be logged in; physical access to the keyboard is all you need.

Hate these ads?

Modifying that line to add a -a

ca::ctrlaltdel:/sbin/shutdown -a -t3 -r now

changes the behavior. Now, someone has to be logged in and they have to be listed in /etc/shutdown.allow (one user per line).

If /etc/shutdown.allow doesn't exist, the -a does you no good - the machine will still reboot. However, even an empty shutdown.allow will prevent reboot - unless root is logged in (su - doesn't cut it; root must be logged in). There's no point in preventing root, as they could run shutdown directly anyway. If no one is logged in, ctrl-alt-delete won't work. If a user (other than root) is logged in, they have to be listed ion /etc/shutdown.allow.

It's interesting that "halt" is in /etc/pam.d but shutdown is not.

Psst - Wanna work for yourself?

Comments

Add your comments

Why no "Digg this!" etc.?

Phone and Email Support at Monthly rates

Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)

Printer Friendly Version

Views for this page
Today	This Week	This Month	This Year	Overall
3	5	3	587	2,654

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here

Printer Friendly Version

Psst - Wanna work for yourself?

My Troubleshooting E-Book

More:

- Security

- Linux

- Unix

Unix/Linux Consultants

UBB Computer Services Support for Openserver, Unixware and Linux. Windows integration with Unix/Linux servers. Hardware, Backup and Networking issues. Located near Sacramento CA, we provide onsite support throughout Northern CA and Nationwide via remote access. We are a SCO Authorized Partner and a Microlite BackupEdge Certified Reseller.

SCO, OpenServer, UnixWare, software, servers, security, networks, installation, administration, troubleshooting, maintenance, Watchguard, firewalls, VPNs, e-mail. Visit us at http://opensystemscomputing.com and www.go2unix.com.

http://www.vss3.com SCO/Caldera OpenServer, Unixware & Linux. Tarantella & Non-stop Clustering

Twitter

Nov 30 20:25
I have 37,000 words of a 50,000 word project. I'd like to finish it this week..
Nov 30 20:05
My wife made turkey sandwiches with stuffing and cranberry orange relish - I did not want to eat the last bite. Didn't want it to end!

Coming Attractions

My Favorites