From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-163134-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 3FD4F138CC5
	for <garchives@archives.gentoo.org>; Mon, 23 Mar 2015 12:17:01 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 08438E0944;
	Mon, 23 Mar 2015 12:16:57 +0000 (UTC)
Received: from mail-oi0-f52.google.com (mail-oi0-f52.google.com [209.85.218.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id CA7FDE092E
	for <gentoo-user@lists.gentoo.org>; Mon, 23 Mar 2015 12:16:55 +0000 (UTC)
Received: by oier21 with SMTP id r21so138736185oie.1
        for <gentoo-user@lists.gentoo.org>; Mon, 23 Mar 2015 05:16:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :content-type;
        bh=NJUpRq/TXjliRpp/602uN5NNipO+w1QW+Mr6P36whss=;
        b=YasuYoIej3SVbdFHR37MaiUDHtgQhMvJ3HswXa6R9k0hM/vwzxPA8irAWqvhyCQFUz
         IO140S8EJ3qYAjkDyiE509XrMcTDSZG7bTV36OoCwqxzmX2z2lulP4fiNAE3nXdB2w8p
         tAc1I+ndrP9J0j/Bmc4Lk9wVDVU0vitlNpfVcBOoR1vUgkAtykiC08NO+zg32BsowTnh
         2HKsVB3oKAL11ttJfctgWAResHZO/y75GG7XKO4EXKIQy3CLsOSgIEzOrRYk09SYxNhQ
         FePPBMgy1Is4YvPX99jC+dgLrhKLX6HJjN4HYvBWm0QW42ECoGnIaOwvsJwR0RajpsjA
         5Z+Q==
X-Received: by 10.60.133.176 with SMTP id pd16mr6609658oeb.78.1427113015264;
 Mon, 23 Mar 2015 05:16:55 -0700 (PDT)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.76.79.3 with HTTP; Mon, 23 Mar 2015 05:16:25 -0700 (PDT)
In-Reply-To: <23787818.Bd5keXIqRP@wstn>
References: <20150321152656.a82a84b3e8a32c8b68554548@gmail.com>
 <2098241.ygyfAjpUPx@wstn> <CAGQH77fpLWRqxMAp_wBo_aGk9GE7km-s_GPbvsLmTugX40AAsg@mail.gmail.com>
 <23787818.Bd5keXIqRP@wstn>
From: Emanuele Rusconi <emarsk@gmail.com>
Date: Mon, 23 Mar 2015 13:16:25 +0100
Message-ID: <CAPife4=GL9QJQUeJtvZWutM7JT2VUbOjs7bdHd96-Hv71UM+hg@mail.gmail.com>
Subject: Re: [gentoo-user] How to poweroff the system from user?
To: gentoo-user@lists.gentoo.org
Content-Type: multipart/alternative; boundary=047d7b47287654497c0511f3a4c0
X-Archives-Salt: bfa298cf-9a11-41bb-974e-5138f8af05ce
X-Archives-Hash: f409565adc41aa031b300616c5e61985

--047d7b47287654497c0511f3a4c0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 23 March 2015 at 10:46, Peter Humphrey <peter@prh.myzen.co.uk> wrote:

> On Sunday 22 March 2015 14:36:36 Jc Garc=C3=ADa wrote:
> > 2015-03-22 4:30 GMT-06:00 Peter Humphrey <peter@prh.myzen.co.uk>:
> > > On Saturday 21 March 2015 16:20:17 Jc Garc=C3=ADa wrote:
> > >> > Interesting. But as I said ealier, I can reboot the system when I =
am
> > >> > a
> > >> > user by Ctrl+Alt+Delete. The user can reboot the system, but can't
> > >> > shut
> > >> > down? Strange
> > >>
> > >> It's not strange,  `man 2 reboot`. It's a defined behavior.
> > >
> > > I'm with German here. Being designed that way doesn't stop it being
> > > strange.
> > I see it as a last resource available for rebooting under any
> > circumstances( Similar to what you can do with Sysrq).
> >
> > > Consider: I'm an ordinary user sitting at a terminal. I'm not allowed
> to
> > > halt the machine, but I am allowed to reboot it into perhaps some qui=
te
> > > other configuration. Or I can keep rebooting it over and again,
> > > effectively preventing the machine from doing its job. How does that
> > > make sense?
> > It doesn't and that's why it's configurable, if you are in a high
> > security requiring environment, you disable it.
>
> The consensus seems to be that there's no point in trying to prevent a us=
er
> from rebooting the machine, and I'm happy to go along with that.
>
> The remaining question is: why is the user not allowed to halt it?
>
> --
> Rgds
> Peter.
>
>
>
Maybe some people here missed my post.

You CAN allow the user to halt: just substitute
ca:12345:ctrlaltdel:/sbin/shutdown -r now
with
ca:12345:ctrlaltdel:/sbin/shutdown -P now
in /etc/inittab and Ctrl-Alt-Del will shutdown instead of reboot.

In fact, Ctrl-Alt-Del can be set up to do whatever you want and will
have root privileges.

If this is a security hole for your use case, you can comment it or set
it to
ca:12345:ctrlaltdel: /bin/echo 'Hey, don't touch me there!'
, or you can disable it entirely in the kernel.
--
Emanuele

--047d7b47287654497c0511f3a4c0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">On 23 March 2015 at 10:46, Peter Humphrey <span dir=3D"ltr=
">&lt;<a href=3D"mailto:peter@prh.myzen.co.uk" target=3D"_blank">peter@prh.=
myzen.co.uk</a>&gt;</span> wrote:<br><div class=3D"gmail_extra"><div class=
=3D"gmail_quote"><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px =
0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div cla=
ss=3D""><div class=3D"h5">On Sunday 22 March 2015 14:36:36 Jc Garc=C3=ADa w=
rote:<br>
&gt; 2015-03-22 4:30 GMT-06:00 Peter Humphrey &lt;<a href=3D"mailto:peter@p=
rh.myzen.co.uk">peter@prh.myzen.co.uk</a>&gt;:<br>
&gt; &gt; On Saturday 21 March 2015 16:20:17 Jc Garc=C3=ADa wrote:<br>
&gt; &gt;&gt; &gt; Interesting. But as I said ealier, I can reboot the syst=
em when I am<br>
&gt; &gt;&gt; &gt; a<br>
&gt; &gt;&gt; &gt; user by Ctrl+Alt+Delete. The user can reboot the system,=
 but can&#39;t<br>
&gt; &gt;&gt; &gt; shut<br>
&gt; &gt;&gt; &gt; down? Strange<br>
&gt; &gt;&gt;<br>
&gt; &gt;&gt; It&#39;s not strange,=C2=A0 `man 2 reboot`. It&#39;s a define=
d behavior.<br>
&gt; &gt;<br>
&gt; &gt; I&#39;m with German here. Being designed that way doesn&#39;t sto=
p it being<br>
&gt; &gt; strange.<br>
&gt; I see it as a last resource available for rebooting under any<br>
&gt; circumstances( Similar to what you can do with Sysrq).<br>
&gt;<br>
&gt; &gt; Consider: I&#39;m an ordinary user sitting at a terminal. I&#39;m=
 not allowed to<br>
&gt; &gt; halt the machine, but I am allowed to reboot it into perhaps some=
 quite<br>
&gt; &gt; other configuration. Or I can keep rebooting it over and again,<b=
r>
&gt; &gt; effectively preventing the machine from doing its job. How does t=
hat<br>
&gt; &gt; make sense?<br>
&gt; It doesn&#39;t and that&#39;s why it&#39;s configurable, if you are in=
 a high<br>
&gt; security requiring environment, you disable it.<br>
<br>
</div></div>The consensus seems to be that there&#39;s no point in trying t=
o prevent a user<br>
from rebooting the machine, and I&#39;m happy to go along with that.<br>
<br>
The remaining question is: why is the user not allowed to halt it?<br>
<span class=3D""><font color=3D"#888888"><br>
--<br>
Rgds<br>
Peter.<br>
<br>
<br>
</font></span></blockquote></div><br></div><div class=3D"gmail_extra">Maybe=
 some people here missed my post.<br><br>You CAN allow the user to halt: ju=
st substitute<br>ca:12345:ctrlaltdel:/sbin/shutdown -r now<br>with<br>ca:12=
345:ctrlaltdel:/sbin/shutdown -P now<br>in /etc/inittab and Ctrl-Alt-Del wi=
ll shutdown instead of reboot.<br></div><div class=3D"gmail_extra"><br>In f=
act, Ctrl-Alt-Del can be set up to do whatever you want and will<br>have ro=
ot privileges.<br></div><div class=3D"gmail_extra"><br>If this is a securit=
y hole for your use case, you can comment it or set<br>it to<br>ca:12345:ct=
rlaltdel: /bin/echo &#39;Hey, don&#39;t touch me there!&#39;<br></div><div =
class=3D"gmail_extra">, or you can disable it entirely in the kernel.<br></=
div><div class=3D"gmail_extra">--<br></div><div class=3D"gmail_extra">Emanu=
ele<br></div></div>

--047d7b47287654497c0511f3a4c0--