Solved

Non root users shutting down or halting Linux servers

Posted on 2008-10-30
7
364 Views
Last Modified: 2013-12-16
After looking at various posts online, ive read about the possibility of non root users being able to issue init or shutdown commands that can halt, reboot or shutdown a Linux server. So i wanted to get some more input about this and some steps i read that can be done to prevent this, and whether they're necessary.

I have several RHEL4 servers that i want to make sure that non root users cant issue any init commands or shutdown commands or be able to ctrl+alt+backspace. I want only root and users in sudoers to be able to do this.

So to make sure that this can only be done with root or users in sudoers, will doing the following accomplish this?
changing /etc/inittab entry ca::ctrlaltdel:/sbin/shutdown -t3 -r now
to
ca::ctrlaltdel:ech0 Reboot/Shutdown is not possible at this time.

chmod /sbin/shutdown to 750
chmod /usr/bin/apmsleep to 750
removing everything in /etc/security/console.apps/

If there is any other steps that can be taken to prevent this, im all ears. Thanks in advance!
0
Comment
Question by:linuxpig
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 10

Accepted Solution

by:
kyleb84 earned 125 total points
ID: 22847619
You might want to change these as well:

- /usr/bin/halt
- /sbin/halt
- /usr/bin/reboot
- /sbin/reboot
- /sbin/poweroff
- /usr/bin/poweroff

0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22847639
Another of interest:

/sbin/telinit
0
 

Author Comment

by:linuxpig
ID: 22855593
So are these valid points i brought up, or is there no reason to be concerned because non root users cant perform these functions?
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22864227
Yes, they are valid points, but what I posted are a few more that you should take care of as well.

non root users can call:
- /usr/bin/halt
- /usr/bin/reboot
- /usr/bin/poweroff

All these will reboot/shutdown the PC.

A chmod would be required.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question