From owner-freebsd-questions Wed Oct 10 19: 2:18 2001 Delivered-To: freebsd-questions@freebsd.org Received: from topaz.mdcc.cx (topaz.mdcc.cx [212.204.230.141]) by hub.freebsd.org (Postfix) with ESMTP id 8AED537B40A for ; Wed, 10 Oct 2001 19:02:14 -0700 (PDT) Received: from k7.mavetju.org (topaz.mdcc.cx [212.204.230.141]) by topaz.mdcc.cx (Postfix) with ESMTP id 809902B6AC; Thu, 11 Oct 2001 04:02:10 +0200 (CEST) Received: by k7.mavetju.org (Postfix, from userid 1001) id D4304439; Thu, 11 Oct 2001 12:01:55 +1000 (EST) Date: Thu, 11 Oct 2001 12:01:55 +1000 From: Edwin Groothuis To: Scott Gerhardt Cc: FreeBSD Subject: Re: Deny shutdown Message-ID: <20011011120155.C2865@k7.mavetju.org> Mail-Followup-To: Edwin Groothuis , Scott Gerhardt , FreeBSD References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from scott@gerhardt-it.com on Wed, Oct 10, 2001 at 05:05:09PM -0600 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Oct 10, 2001 at 05:05:09PM -0600, Scott Gerhardt wrote: > I would like to configure FreeBSD to disallow the following shutdown related > commands from all but the local console: Isn't this more an organisation problem than a operational problem? I mean, only the root user and the operator group can do these things. The easiest way (...) is to write a wrapper around it which checks these preconditions and then calls shutdown-thisistherealexecutable. It doesn't prevent people from calling shutdown-thisistherealexecutable, but it will prevent the obvious mistakes. Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Interested in MUDs? Visit Fatal Dimensions: ------------------+ http://www.FatalDimensions.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message