Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!mit-eddie!uw-beaver!tektronix!tekcrl!terryl
From: terryl@tekcrl.CRL.TEK.COM
Newsgroups: comp.unix.questions
Subject: Re: halt not by root
Keywords: halt ! not root
Message-ID: <3079@tekcrl.CRL.TEK.COM>
Date: 21 Sep 88 18:26:40 GMT
References: <1128@usfvax2.EDU>
Reply-To: terryl@tekcrl.CRL.TEK.COM
Organization: Tektronix, Inc., Beaverton,  OR.
Lines: 19

In article <1128@usfvax2.EDU> ssi@usfvax2.EDU (Ssi) writes:
>I run a Sun file server with clients. My question is
>how can I give halt(8) permission to users other than
>root. We shut the system down at night and root is
>at home.


     Pick a group (take my group, please!!! (-:) and make /etc/halt have
that group as its groupership; then, make /etc/halt owned by root and set-
user-id to root, but executable ONLY by the above mentioned group, i.e.
mode 4710, so no mere mortal can execute it. Then, put your trusted users
into the above mentioned group so they can halt the system when root is
away.

     For the more paranoid among us, you can have a C program that is
set-user-id to root to do a little more verification about whether or not
the user can really halt the machine, and after such verification, can
call reboot(8) directly, or fork off /etc/halt for a clean shutdown of the
system.....