From owner-freebsd-hackers@freebsd.org  Mon Dec 18 20:20:11 2017
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0220DE841B9
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Mon, 18 Dec 2017 20:20:11 +0000 (UTC)
 (envelope-from woodsb02@gmail.com)
Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id D37876DE19
 for <freebsd-hackers@freebsd.org>; Mon, 18 Dec 2017 20:20:10 +0000 (UTC)
 (envelope-from woodsb02@gmail.com)
Received: by mailman.ysv.freebsd.org (Postfix)
 id CFDE3E841B8; Mon, 18 Dec 2017 20:20:10 +0000 (UTC)
Delivered-To: hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id CF65AE841B7
 for <hackers@mailman.ysv.freebsd.org>; Mon, 18 Dec 2017 20:20:10 +0000 (UTC)
 (envelope-from woodsb02@gmail.com)
Received: from mail-ua0-x22a.google.com (mail-ua0-x22a.google.com
 [IPv6:2607:f8b0:400c:c08::22a])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 86FE76DE18
 for <hackers@freebsd.org>; Mon, 18 Dec 2017 20:20:10 +0000 (UTC)
 (envelope-from woodsb02@gmail.com)
Received: by mail-ua0-x22a.google.com with SMTP id i4so11512900uab.5
 for <hackers@freebsd.org>; Mon, 18 Dec 2017 12:20:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=2Dvjsd/ujt9sdv+8B5CpjSm7U8uCb9I1jfFj6E1u/fA=;
 b=jzVHe1/tl6pIiCuHumSZ1V8/zLu+p9F8ru5XVx5MW3r3jcambmFnBG8sVud3quLjza
 RI+cHeHrC5pBwDB5igHoJ6JAuI7EOqYrQBuYGBUm99Mxj58jig/SRuRohETHz+LX76ce
 nlxO/WRR2m6H5oLRC0XtOLiPFnJUFVJSz5Iu8KwSoLcYn8Tn+APC2VcBnIvgjfoaGDJC
 5L1GsdbRdZRHDFgV3hhfPS6bMX0Un/+18n0CbQobzADohKc/+JtMmPKcxWGu0/67bDTh
 92Q7bMjlQ5nnVpG/kPTq9vCeHuDiqHlisDH6rfvuJJwuK07GZWOFefsn31okk2u3h3nT
 jNIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=2Dvjsd/ujt9sdv+8B5CpjSm7U8uCb9I1jfFj6E1u/fA=;
 b=GA/+JUX1XH2tjaivhUE5dSeJew8177OLHOwX52KAt35HxVJqAIhCk+o57bEY7noJkM
 L9EkyoRRxRn9u9+ehHDvwX2O0irB8NijU8hJr+FnAX4eVFMVz++qr3YNxSH4ZbLbjEQH
 yjJk44bBKftI4Gvi0N8DBKmpTHweKAOdd7x+rAldNsaIsAN3BYWosCcWjgBVq9mN+Yx2
 KDdKTSj2jEUqp/elT60r4LBKqVnLxcqgujIQOofKk/oLK1ILlAl2XJXCp5Itzj4Z/ymt
 wjbb4aWrhXJabGCJtkSJRhmPHm3jvu3ngU3NNQpl9GHxHoY9iCsogfTXotp0O+GwhY6A
 9j0A==
X-Gm-Message-State: AKGB3mIy7rrqDUaucR5GF95jVjhroOShuWZaE+mzWUSeYxYoEf65f3hb
 B0MJz7b5M0mux0YOuEM9x44WvaNk7dgyPiB5Io8=
X-Google-Smtp-Source: ACJfBov3FYhe+ya7MOC7CrZbwvIjnPodLYm81WonPYSlBZSWyI8tZexm+sYJ/66nsAKZOZOThBl3izx4rKktxllZOd4=
X-Received: by 10.159.42.203 with SMTP id d11mr1078678uaj.74.1513628409552;
 Mon, 18 Dec 2017 12:20:09 -0800 (PST)
MIME-Version: 1.0
References: <20171218145303.00007fb2@gmail.com>
In-Reply-To: <20171218145303.00007fb2@gmail.com>
From: Ben Woods <woodsb02@gmail.com>
Date: Mon, 18 Dec 2017 20:19:58 +0000
Message-ID: <CAOc73CD_fxATSUmqBKAxafL8eA5tVeg-L_NfyhTKMzXmJYNidg@mail.gmail.com>
Subject: Re: Operator group and reboot cmd
To: rank1seeker@gmail.com
Cc: hackers@freebsd.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.25
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Dec 2017 20:20:11 -0000

On Tue, 19 Dec 2017 at 2:53 am, <rank1seeker@gmail.com> wrote:

> 11.1 REL-p6
>
> As a non-root user and member of operator group, I was able to issue a
> poweroff and shutdown commands (group set to operator), but not a
> reboot (group set to wheel) command (Operation not permitted).
>
> I was able to reboot by:
> $ shutdown -r now
>
> But to use reboot, cmd I had to:
> # chgrp 5 /sbin/reboot
> # chmod 4554 /sbin/reboot
>     Shouldn't this be set by default install?
> # exit
>
> $ reboot


I suspect this is deliberate because the reboot command does not give
processes a proper chance to exit cleanly. Therefore, it makes sense if
only those in the wheel group can use this big hammer, whilst operators
must follow the proper shutdown model.

>From the reboot man page:
https://man.freebsd.org/reboot

=E2=80=9CNormally, the shutdown(8) utility is used when the system needs to=
 be halted
or restarted, giving users advance warning of their impending doom and
cleanly terminating specific programs.=E2=80=9D


Regards,

Ben

--=20

--
From: Benjamin Woods
woodsb02@gmail.com