?
Solved

Non root users shutting down or halting Linux servers

Posted on 2008-10-30
7
Medium Priority
?
366 Views
Last Modified: 2013-12-16
After looking at various posts online, ive read about the possibility of non root users being able to issue init or shutdown commands that can halt, reboot or shutdown a Linux server. So i wanted to get some more input about this and some steps i read that can be done to prevent this, and whether they're necessary.

I have several RHEL4 servers that i want to make sure that non root users cant issue any init commands or shutdown commands or be able to ctrl+alt+backspace. I want only root and users in sudoers to be able to do this.

So to make sure that this can only be done with root or users in sudoers, will doing the following accomplish this?
changing /etc/inittab entry ca::ctrlaltdel:/sbin/shutdown -t3 -r now
to
ca::ctrlaltdel:ech0 Reboot/Shutdown is not possible at this time.

chmod /sbin/shutdown to 750
chmod /usr/bin/apmsleep to 750
removing everything in /etc/security/console.apps/

If there is any other steps that can be taken to prevent this, im all ears. Thanks in advance!
0
Comment
Question by:linuxpig
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 10

Accepted Solution

by:
kyleb84 earned 500 total points
ID: 22847619
You might want to change these as well:

- /usr/bin/halt
- /sbin/halt
- /usr/bin/reboot
- /sbin/reboot
- /sbin/poweroff
- /usr/bin/poweroff

0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22847639
Another of interest:

/sbin/telinit
0
 

Author Comment

by:linuxpig
ID: 22855593
So are these valid points i brought up, or is there no reason to be concerned because non root users cant perform these functions?
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22864227
Yes, they are valid points, but what I posted are a few more that you should take care of as well.

non root users can call:
- /usr/bin/halt
- /usr/bin/reboot
- /usr/bin/poweroff

All these will reboot/shutdown the PC.

A chmod would be required.
0

Featured Post

7 Extremely Useful Linux Commands for Beginners

Just getting started with Linux? Here's a quick start guide that has 7 commands that we believe will come in handy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month14 days, 8 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question