Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!mit-eddie!uw-beaver!tektronix!tekcrl!terryl From: terryl@tekcrl.CRL.TEK.COM Newsgroups: comp.unix.questions Subject: Re: halt not by root Keywords: halt ! not root Message-ID: <3079@tekcrl.CRL.TEK.COM> Date: 21 Sep 88 18:26:40 GMT References: <1128@usfvax2.EDU> Reply-To: terryl@tekcrl.CRL.TEK.COM Organization: Tektronix, Inc., Beaverton, OR. Lines: 19 In article <1128@usfvax2.EDU> ssi@usfvax2.EDU (Ssi) writes: >I run a Sun file server with clients. My question is >how can I give halt(8) permission to users other than >root. We shut the system down at night and root is >at home. Pick a group (take my group, please!!! (-:) and make /etc/halt have that group as its groupership; then, make /etc/halt owned by root and set- user-id to root, but executable ONLY by the above mentioned group, i.e. mode 4710, so no mere mortal can execute it. Then, put your trusted users into the above mentioned group so they can halt the system when root is away. For the more paranoid among us, you can have a C program that is set-user-id to root to do a little more verification about whether or not the user can really halt the machine, and after such verification, can call reboot(8) directly, or fork off /etc/halt for a clean shutdown of the system.....