Date: Mon, 18 Dec 2017 20:19:58 +0000 From: Ben Woods <woodsb02@gmail.com> To: rank1seeker@gmail.com Cc: hackers@freebsd.org Subject: Re: Operator group and reboot cmd Message-ID: <CAOc73CD_fxATSUmqBKAxafL8eA5tVeg-L_NfyhTKMzXmJYNidg@mail.gmail.com> In-Reply-To: <20171218145303.00007fb2@gmail.com> References: <20171218145303.00007fb2@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 19 Dec 2017 at 2:53 am, <rank1seeker@gmail.com> wrote: > 11.1 REL-p6 > > As a non-root user and member of operator group, I was able to issue a > poweroff and shutdown commands (group set to operator), but not a > reboot (group set to wheel) command (Operation not permitted). > > I was able to reboot by: > $ shutdown -r now > > But to use reboot, cmd I had to: > # chgrp 5 /sbin/reboot > # chmod 4554 /sbin/reboot > Shouldn't this be set by default install? > # exit > > $ reboot I suspect this is deliberate because the reboot command does not give processes a proper chance to exit cleanly. Therefore, it makes sense if only those in the wheel group can use this big hammer, whilst operators must follow the proper shutdown model. >From the reboot man page: https://man.freebsd.org/reboot “Normally, the shutdown(8) utility is used when the system needs to be halted or restarted, giving users advance warning of their impending doom and cleanly terminating specific programs.” Regards, Ben -- -- From: Benjamin Woods woodsb02@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOc73CD_fxATSUmqBKAxafL8eA5tVeg-L_NfyhTKMzXmJYNidg>