Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Allow users to halt system
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo
View previous topic :: View next topic  
Author Message
perry
Tux's lil' helper
Tux's lil' helper


Joined: 18 Nov 2002
Posts: 142
Location: Cornfields of Indiana

PostPosted: Tue Dec 31, 2002 8:02 pm    Post subject: Allow users to halt system Reply with quote

I have my tv card's remote working perfectly, except I want to be able to shutdown the system when I push the power button (say I'm watching tv at night..). How can I make it so that a user can halt the system?

Code:

perry@localhost sbin $ ls -l halt
-rwxr-xr-x    1 root     root         8780 Dec 23 11:56 halt
perry@localhost sbin $ ./halt
halt: must be superuser.


I'm using irexec (part of lirc) to make the call to halt... Searching the forums and Googling didn't lead me to any info that would help. Any ideas?
Back to top
View user's profile Send private message
Nitro
Bodhisattva
Bodhisattva


Joined: 08 Apr 2002
Posts: 661
Location: San Francisco

PostPosted: Tue Dec 31, 2002 8:10 pm    Post subject: Reply with quote

What you need is sudo(execute a command as another user). Emerge sudo, then look at the man page for sudo, and edit your /etc/sudoers file with visudo accordingly.

Then you will just need to execute something like: `sudo halt`

That will elevate you to root privs and then execute halt.

Let me know how it goes.
_________________
- Kyle Manna

Please, please SEARCH before posting.

There are three kinds of people in the world: those who can count, and those who can't.
Back to top
View user's profile Send private message
perry
Tux's lil' helper
Tux's lil' helper


Joined: 18 Nov 2002
Posts: 142
Location: Cornfields of Indiana

PostPosted: Tue Dec 31, 2002 11:31 pm    Post subject: Reply with quote

Ahhh... Ok. I forgot about the NOPASSWD option for sudo. I had tried to just pipe the password to sudo /sbin/halt, but that didn't work. Now I'm having a hard time writing the line for sudoers. I'm trying, as my only two uncommented lines in sudoers:

Code:

root    ALL=(ALL) ALL
perry localhost= NOPASSWD: /sbin/halt, /usr/bin/whoami, PASSWD: ALL


and it's still letting me run all commands as root w/o a password. whoami is in there just to test so I don't keep shutting the machine down ;) I also tried making two different entries, one w/ the NOPASSWD and one w/ PASSWD: ALL, as well as completely leaving out the PASSWD: ALL stuff.

I don't mind allowing myself to execute a command or two as root w/o a password, but I don't want it so that I can execute everything w/o a password...
Back to top
View user's profile Send private message
Nitro
Bodhisattva
Bodhisattva


Joined: 08 Apr 2002
Posts: 661
Location: San Francisco

PostPosted: Wed Jan 01, 2003 12:24 am    Post subject: Reply with quote

Flip around the order. The following works as expected on my box:
Code:
nitro   viper=PASSWD:ALL, NOPASSWD:/usr/bin/whoami

_________________
- Kyle Manna

Please, please SEARCH before posting.

There are three kinds of people in the world: those who can count, and those who can't.
Back to top
View user's profile Send private message
perry
Tux's lil' helper
Tux's lil' helper


Joined: 18 Nov 2002
Posts: 142
Location: Cornfields of Indiana

PostPosted: Wed Jan 01, 2003 4:41 pm    Post subject: Reply with quote

Ahh, that works! Thank ya much!
Back to top
View user's profile Send private message
darktux
Veteran
Veteran


Joined: 16 Nov 2002
Posts: 1086
Location: Coimbra, Portugal

PostPosted: Thu Jan 02, 2003 4:56 pm    Post subject: Reply with quote

Wrong wrong wrong....

Why use sudo?

Have you read the shutdown's manpage? Put the username in /etc/shutdown.allow and rad the output of shutdown -h..
_________________
Lego my ego, and I'll lego your knowledge

www.tuxslare.org - My reborn website :P
Back to top
View user's profile Send private message
Naan Yaar
Bodhisattva
Bodhisattva


Joined: 27 Jun 2002
Posts: 1549

PostPosted: Thu Jan 02, 2003 6:12 pm    Post subject: Reply with quote

shutdown.allow just lists a set of users, one of whom needs to be logged in on a console if a "shutdown -a" needs to work. It is used for shutdowns initiated by a "Ctrl-Alt-Del" sequence at a console.

You still need to be root to invoke /sbin/shutdown.
darktux wrote:
Wrong wrong wrong....

Why use sudo?

Have you read the shutdown's manpage? Put the username in /etc/shutdown.allow and rad the output of shutdown -h..
Back to top
View user's profile Send private message
darktux
Veteran
Veteran


Joined: 16 Nov 2002
Posts: 1086
Location: Coimbra, Portugal

PostPosted: Thu Jan 02, 2003 8:38 pm    Post subject: Reply with quote

Quote:
shutdown is called with the -a argument (add this to the
invocation of shutdown in /etc/inittab), it checks to see
if the file /etc/shutdown.allow is present. It then com­
pares the login names in that file with the list of people
that are logged in on a virtual console (from
/var/run/utmp). Only if one of those authorized users or
root is logged in, it will proceed. Otherwise it will
write the message


root doesn't need to invoke the command.... I've used this method with my father, so that he could shutdown the computer without having the user root loged in...
_________________
Lego my ego, and I'll lego your knowledge

www.tuxslare.org - My reborn website :P
Back to top
View user's profile Send private message
Naan Yaar
Bodhisattva
Bodhisattva


Joined: 27 Jun 2002
Posts: 1549

PostPosted: Thu Jan 02, 2003 10:48 pm    Post subject: Reply with quote

I assume he did a "Ctrl-Alt-Del" from a console? If this is the case, init traps it and invokes shutdown. init is running as root. The issue described here is different.

Are you saying that you can invoke the shutdown command as non-root?
darktux wrote:
...
root doesn't need to invoke the command.... I've used this method with my father, so that he could shutdown the computer without having the user root loged in...
Back to top
View user's profile Send private message
darktux
Veteran
Veteran


Joined: 16 Nov 2002
Posts: 1086
Location: Coimbra, Portugal

PostPosted: Fri Jan 03, 2003 1:47 pm    Post subject: Reply with quote

Not only me, but the man page too...... I've used to do this with my LFS system, so...... :twisted:

Oh, I've just remembered... A friend of mind also was searching for the same thing so he went to the irc channel and they said to him the same thing you're saying with SUDO... I've told him this way, and he is now a happy man :lol:
_________________
Lego my ego, and I'll lego your knowledge

www.tuxslare.org - My reborn website :P
Back to top
View user's profile Send private message
Naan Yaar
Bodhisattva
Bodhisattva


Joined: 27 Jun 2002
Posts: 1549

PostPosted: Fri Jan 03, 2003 3:46 pm    Post subject: Reply with quote

If shutdown is not setuid root, it cannot be executed by a regular user. This is a code snippet from the top of main in shutdown.c in gentoo:
Code:

  realuid = getuid();
  setuid(geteuid());

  if (getuid() != 0) {
        fprintf(stderr, "shutdown: you must be root to do that!\n");
        exit(1);
  }


/etc/shutdown.allow has nothing to do with validating the user invoking the shutdown. You need to read the man page carefully.

[EDIT]Fix typo. Thanks, Jukka.[/EDIT]
darktux wrote:
Not only me, but the man page too...... I've used to do this with my LFS system, so...... :twisted:

Oh, I've just remembered... A friend of mind also was searching for the same thing so he went to the irc channel and they said to him the same thing you're saying with SUDO... I've told him this way, and he is now a happy man :lol:


Last edited by Naan Yaar on Fri Jan 03, 2003 5:49 pm; edited 1 time in total
Back to top
View user's profile Send private message
jukka
Apprentice
Apprentice


Joined: 06 Jun 2002
Posts: 249
Location: Zurich, Switzerland

PostPosted: Fri Jan 03, 2003 5:39 pm    Post subject: Reply with quote

Naan Yaar wrote:
If shutdown does not have the sticky bit set, it cannot be executed by a regular user.

s/sticky/set user id/
Back to top
View user's profile Send private message
carrett
Apprentice
Apprentice


Joined: 22 Mar 2003
Posts: 273

PostPosted: Tue Apr 08, 2003 5:27 pm    Post subject: from gnome?? Reply with quote

i can sudo shutdown -h now

but still when i click gnome mian menu->logout->shutdown i'm just taken to the gdm login screen. what do i need to do to let a non-root shutdown the computer this way?
_________________
I'm against picketing, but I don't know how to show it.
Back to top
View user's profile Send private message
Jarjar
Apprentice
Apprentice


Joined: 21 Jul 2002
Posts: 265
Location: Sweden

PostPosted: Tue Apr 08, 2003 6:29 pm    Post subject: Reply with quote

chmod u+s /sbin/shutdown should work.
_________________
[Server etc. | C2D 2.2 @ 3.0 GHz / 4 GB RAM / 3x1 TB + 1x2 TB SATA disks + 1.5 TB ext. | Gentoo]
[Laptop | Macbook Pro 15" / Core i7 (Sandy) Quad 2.2 GHz / 16 GB RAM / Samsung 840 250 GB SSD + 1 TB + 2 TB HDD / 6750M 1 GB / OS X, Win 7]
Back to top
View user's profile Send private message
carrett
Apprentice
Apprentice


Joined: 22 Mar 2003
Posts: 273

PostPosted: Wed Apr 09, 2003 1:10 am    Post subject: Reply with quote

Code:
carrett@duder carrett $ ls -l /sbin/shutdown
-rwsr-xr-x    1 root     root        18648 Apr  2 14:33 /sbin/shutdown


Quote:
chmod u+s /sbin/shutdown should work.


i did it, but i still can't shut the computer down...do i need to do somethin' else? i'm trying to shutdown as non root by clicking

gnome-main-menu->logout->shut down->OK
_________________
I'm against picketing, but I don't know how to show it.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum