Date: Mon, 18 Dec 2017 20:19:58 +0000 From: Ben Woods <woodsb02@gmail.com> To: rank1seeker@gmail.com Cc: hackers@freebsd.org Subject: Re: Operator group and reboot cmd Message-ID: <CAOc73CD_fxATSUmqBKAxafL8eA5tVeg-L_NfyhTKMzXmJYNidg@mail.gmail.com> In-Reply-To: <20171218145303.00007fb2@gmail.com> References: <20171218145303.00007fb2@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 19 Dec 2017 at 2:53 am, <rank1seeker@gmail.com> wrote: > 11.1 REL-p6 > > As a non-root user and member of operator group, I was able to issue a > poweroff and shutdown commands (group set to operator), but not a > reboot (group set to wheel) command (Operation not permitted). > > I was able to reboot by: > $ shutdown -r now > > But to use reboot, cmd I had to: > # chgrp 5 /sbin/reboot > # chmod 4554 /sbin/reboot > Shouldn't this be set by default install? > # exit > > $ reboot I suspect this is deliberate because the reboot command does not give processes a proper chance to exit cleanly. Therefore, it makes sense if only those in the wheel group can use this big hammer, whilst operators must follow the proper shutdown model. >From the reboot man page: https://man.freebsd.org/reboot =E2=80=9CNormally, the shutdown(8) utility is used when the system needs to= be halted or restarted, giving users advance warning of their impending doom and cleanly terminating specific programs.=E2=80=9D Regards, Ben --=20 -- From: Benjamin Woods woodsb02@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOc73CD_fxATSUmqBKAxafL8eA5tVeg-L_NfyhTKMzXmJYNidg>