[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
בעניין: p.s. (was: Re: Shutdown by a user)
Hi,
You can shutdown by a user, by building a special program for that purpose.
This program will use the 'setuid' command with userid root, and the
shutdown
command with it's flags can be hard coded, or get the flags as parameters.
1. Compile the following code as 'root':
main{}
{
setuid (0);
system ("/bin/echo Hello, starting shutdown process...");
system ("/sbin/shutdown -h now");
exit (0);
}
#gcc -o myshut myshut.c
2. Set the sticky bit in the executable.
#chmod u+s myshut
3. That's all. Invoking 'myshut' by any user will issue the work...
Regards,
Avi Koski
-----הודעה מקורית-----
מאת: guy keren <choo@actcom.co.il>
אל: N Sakthivel <svel@plasma.ernet.in>
עותק: ILUG <linux-il@linux.org.il>
תאריך: שבת 22 יולי 2000 00:45
נושא: Re: p.s. (was: Re: Shutdown by a user)
>
>On Fri, 21 Jul 2000, N Sakthivel wrote:
>
>> 1. I have a linux cluster without keyboard and Mouse. So,
>> the need arises to use to 'shutdown' command from a node
>> in the network.
>
>ok. no ctrl+alt+del.
>
>> 2. RedHat 6.2 has /etc/pam.d/shutdown,which allows the user to
>> shutdown the machine after getting the passwd.
>>
>> 3. But I want in RH. 5.2, in which I don't have the file
>> in /etc/pam.d/shutdown.
>>
>> Q!! My Question is: If I copy the /etc/pam.d/shutdown from RH6.2, whether
>> it will work.
>
>no, since the shutdown binary must be compiled with support for PAM - and
>it probably wasn't. it might be that replacing the shutdown binary would
>work, but you should be carefull with such replacements (plus, very likely
>that shutdown uses other commands on the way, which might be incompatible
>between rh 5.2 and rh 6.2.
>
>> > an important note - if you let your user run the 'shutdown' command,
they
>> > will be able to bring the system into single user mode and immediatly
have
>> > a root shell. this is not a good idea. and this is the default setting
on
>> > redhat 6.0... is it the same on redhat 6.2?
>>
>> Question: Do you say the option of using 'linux single' from LILO prompt.
>
>no. i refered to running 'shutdown now'. at least on my redhat 6.0 system,
>it brings you down into single user mode, no password checking, and no
>rebooting done along the way.
>
>so, i think the right solution is what shaul karl mentioned - use 'sudo'
>to allow users to run only the exact command that will actually reboot the
>system (such as 'shutdown -r', as shaul wrote in his email).
>
>guy
>
>"For world domination - press 1,
> or dial 0, and please hold, for the creator." -- nob o. dy
>
>
>=================================================================
>To unsubscribe, send mail to linux-il-request@linux.org.il with
>the word "unsubscribe" in the message body, e.g., run the command
>echo unsubscribe | mail linux-il-request@linux.org.il
>
>
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il