From owner-freebsd-stable@FreeBSD.ORG Fri Dec 10 07:28:00 2010 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3306B106564A for ; Fri, 10 Dec 2010 07:27:59 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: from mail-fx0-f49.google.com (mail-fx0-f49.google.com [209.85.161.49]) by mx1.freebsd.org (Postfix) with ESMTP id 7E8D18FC17 for ; Fri, 10 Dec 2010 07:27:59 +0000 (UTC) Received: by fxm19 with SMTP id 19so3169007fxm.36 for ; Thu, 09 Dec 2010 23:27:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=oGp2dHzaacC4I1iyp8KFiamB9JbLYFPlAl9ikEjPoZ0=; b=ne7EaHoyp4CsFYfdqi84D+vHe5G/iHcnic2wTx5gahXpo0gYe2OO0jicH+x/JrrQGJ 7tXTf/VP3OJ8ZoEXKH8hHVV8mdbwAONFOP3ni/vioJEmAEp1P8KUM3wN2NGE1X4Dju3q gaB4w4RFv1NUNRh16eVAS1PSldXLn3LEH53hA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=uEN4pBBsCE+JQBeY2lypbU1dNFMfciJdt6TYGt6MeABZxFsnuk9CXXZJWFjMBHhdeY YSe+s2k1AQVZmeF5Uw0oY3wG2qaehzP+c5/ntFi0zQ1Jv7iqaEAiyrD4Lleqa4yZnnwH qOObBw13UCcap6uST1MGNwS3/cl/RZNt0tmq4= MIME-Version: 1.0 Received: by 10.223.97.13 with SMTP id j13mr448717fan.146.1291966078381; Thu, 09 Dec 2010 23:27:58 -0800 (PST) Received: by 10.223.107.79 with HTTP; Thu, 9 Dec 2010 23:27:58 -0800 (PST) In-Reply-To: References: <20101210060335.BCDCC1CC12@ptavv.es.net> Date: Fri, 10 Dec 2010 01:27:58 -0600 Message-ID: From: Adam Vande More To: Rob Farmer Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-stable@freebsd.org Subject: Re: /sbin/reboot X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2010 07:28:00 -0000 On Fri, Dec 10, 2010 at 1:04 AM, Mark Andrews wrote: > When you have administered multi-user systems you learn to do things > gracefully unless you actually need to do things abbruptly. > Yes I of course I use shutdown -r on a multi-user system in the rare times I deal with one. However that's not much of a reason not to have reboot in the operator group, especially if you're like me in thinking the vast majority of installs are single user type systems. As the end of the day, it's pretty trivial to me one way or the other but I do think the current way is a POLA violation. On Fri, Dec 10, 2010 at 1:10 AM, Rob Farmer wrote: > I haven't thought about the situation in any detail, but nothing jumps > out at me from the manpage. > shutdown will also pass the -n flag to reboot or halt as the man page describes. Also the simplest DoS from shutdown -p/h. All I'm saying is that if you're comfortable with the privs operator gives to the user, there shouldn't be much qualms in granting reboot's functionality. Looks like just mksnap_ffs and shutdown have operator grouping by default. -- Adam Vande More