From owner-freebsd-hardware Fri Apr 28 10:42:10 2000 Delivered-To: freebsd-hardware@freebsd.org Received: from ren.sasknow.com (ren.sasknow.com [207.195.92.131]) by hub.freebsd.org (Postfix) with ESMTP id ECB8737B822 for ; Fri, 28 Apr 2000 10:42:03 -0700 (PDT) (envelope-from ryan@sasknow.com) Received: from localhost (ryan@localhost) by ren.sasknow.com (8.9.3/8.9.3) with ESMTP id LAA61554; Fri, 28 Apr 2000 11:42:44 -0600 (CST) (envelope-from ryan@sasknow.com) Date: Fri, 28 Apr 2000 11:42:44 -0600 (CST) From: Ryan Thompson To: Philippe Charron Cc: hardware@FreeBSD.ORG Subject: Re: someone has an idea ? In-Reply-To: <3909B215.CAC1563D@stella-net.fr> Message-ID: Organization: SaskNow Technologies [www.sasknow.com] MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hardware@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Philippe Charron wrote to hardware@FreeBSD.ORG: > Hello, > > Im a trying to do a FreeBSD box without any keyboard (this machine will > be a Squid, HTTP and FTP serveur for non specialist person that can't > handle with a Unix system). > > As the user can't shutdown properly the computer, he has to press the > power button to switch off the box. > This leads to problems with fsck and inode lost in the system. > > Does anyone have an idea to solve this problem ? Assuming the user isn't experienced enough to handle a full root login, what about the following: create another user with uid '0', gid '0', different password, name = halt, shell = /sbin/halt. Be sure to add /sbin/halt to /etc/shells and remake the password database if you don't use vipw. Note I haven't actually 'tried' this. :-) Then, all that must be done is--with an ssh client and root logins enabled--put a login icon on their desktop. At the prompts, they have to remember 'halt' and a password. Not rocket science. Of course, this is kind of a kludge. You could accomplish the same with a cgi web form (if Apache is running) that inputs a password for the 'halt' user. Then, that password is passed along to a cgi script (probably using expect(1)) that runs 'su halt -c /sbin/halt'... and make sure that you added /sbin/halt to /etc/shells! Then, rebooting the system is as easy as clicking on a hyperlink and entering a password. OR... The other option that I see is the following. Create a root run shell script that can be detached (&) that sleep(1)s for 20 or 30 seconds and looks for a flagfile. The flag file directory can be owned by a normal user (say, with ftp access) and when halt.flag is created, reboot the system. Below is a shell script that we use for things like restarting daemons, etc. I've modified it for you so that it will halt a system when /var/db/sysflags/halt is created. #!/bin/sh # # $Id: sysflagd,v 1.1 2000/01/18 17:33:11 ryan Exp ryan $ # # Synopsis: # Monitors for the existence of predetermined flag files and executes # commands as root. # # (C)2000 SaskNow Technologies # All Rights Reserved if [ ! -e /var/log/sysflagd.log ] ; then touch /var/log/sysflagd.log logger -i -p local0.info New log started fi logger -i -p local0.info Started on `date`, `hostname` while true ; do if [ -f /var/db/sysflags/halt ] ; then logger -ip local0.info System shutdown initiated rm /var/db/sysflags/halt /sbin/halt fi # Default sleep interval of 30 seconds sleep 30 done simply run the 'sysflagd' shell script as root like: # ./sysflagd & or add a script to /usr/local/etc/rc.d/ to start it at bootup. Then, creating that flagfile is as simple as creating the directory, chmod 755 to a regular user of choice, and make a batch file in windows that invokes microsoft's stock ``ftp'' program with a name and password and uploads that file. Create a shortcut to that, and anyone with that batch file can remote shutdown the machine. :-) You will probably want to tweak /etc/login.access to allow logins only from a specific host for the user. -- Ryan Thompson Systems Administrator, Accounts Phone: +1 (306) 664-1161 SaskNow Technologies http://www.sasknow.com #106-380 3120 8th St E Saskatoon, SK S7H 0W2 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hardware" in the body of the message