From owner-freebsd-questions Tue Oct 15 17:56:57 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2822037B401 for ; Tue, 15 Oct 2002 17:56:56 -0700 (PDT) Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id A46C643E4A for ; Tue, 15 Oct 2002 17:56:55 -0700 (PDT) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.12.6/8.12.5) id g9G0ustX056056; Tue, 15 Oct 2002 19:56:54 -0500 (CDT) (envelope-from dan) Date: Tue, 15 Oct 2002 19:56:54 -0500 From: Dan Nelson To: Andreas Ntaflos Cc: freebsd-questions@FreeBSD.ORG Subject: Re: strange reboot, permissions of /sbin/reboot Message-ID: <20021016005654.GA26061@dan.emsphone.com> References: <20021015230553.GA30542@Deadcell.ant> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021015230553.GA30542@Deadcell.ant> X-OS: FreeBSD 5.0-CURRENT X-message-flag: Outlook Error User-Agent: Mutt/1.5.1i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In the last episode (Oct 16), Andreas Ntaflos said: > Hello list, > Something strange just occured on a quite busy server running > FreeBSD 4.6-RC as of May 28. First, it seemed to have suddenly > rebooted, but not by a kernel trap or anything like it, the machine > has been up for over 120 days, running smoothly. We checked the > logs, seeing that it was rebooted by an ordinary user (all.log) > which comes quite strange to me. If a user logs in, su's to root, then runs reboot, the original login name will be recorded. > My questions are: what catches the execution of /sbin/reboot for > normal users and how could it happen that the normal user was not > caught in that case? Also, how come that the permissions on reboot > and shutdown are the way they are? The reboot binary checks to see if it is running as root, and if it isn't, it exits with an "Operation not permitted" error. -- Dan Nelson dnelson@allantgroup.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message