From owner-freebsd-questions Wed Nov 11 09:21:11 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA09564 for freebsd-questions-outgoing; Wed, 11 Nov 1998 09:21:11 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA09558 for ; Wed, 11 Nov 1998 09:21:10 -0800 (PST) (envelope-from dan@dpcsys.com) Received: from localhost (dan@localhost) by java.dpcsys.com (8.9.1a/8.9.1) with SMTP id JAA15048; Wed, 11 Nov 1998 09:20:06 -0800 (PST) Date: Wed, 11 Nov 1998 09:20:06 -0800 (PST) From: Dan Busarow To: Steve Friedrich cc: "freebsd-questions@FreeBSD.ORG" , Tolpin Vladimir Subject: Re: Shutdown In-Reply-To: <199811111513.KAA01529@laker.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 11 Nov 1998, Steve Friedrich wrote: > I tried two different solutions: > 1. Add a user called shutdown and use vipw to change his shell from > /bin/sh to /sbin/halt. Use vipw to change the user ID to 0 > 2. Use chmod +x /sbin/shutdown to allow ordinary users execute > privilege. > > Solution 1 might allow users to Control-C their way to a root prompt. > Solution 2 seems best to me. Just add the users who should be able to shutdown the system to group operator. That's why /sbin/shutdown is setuid root Dan -- Dan Busarow 949 443 4172 Dana Point Communications, a California corporation dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message