Login or Register to Ask a Question and Join Our Community


Fedora

The user 'sync' and 'shutdown'

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Fedora The user 'sync' and 'shutdown'
# 8  
Old 09-26-2011
Quote:
Originally Posted by vistastar
Is this a privilege control method that let some non-root users can shutdown the system using the 'shutdonw' user's password?
Quote:
Originally Posted by Corona688
Perhaps it's because the 'shutdown' user belongs to the root group(group 0)?
Quote:
On my fedora15 any non-root user can shutdown the system, why? The shutdown command is a soft link to consolehelper command.
What are the permissions on consolehelper?
Quote:
Also, there is a /sbin/shutdown.
As opposed to what?
# 9  
Old 09-27-2011
Code:
[alien@fedora~]:)ls -l /sbin/shutdown
lrwxrwxrwx. 1 root root 16  9月  5 20:40 /sbin/shutdown -> ../bin/systemctl
[alien@fedora~]:)ls -l /bin/systemctl
-rwxr-xr-x. 1 root root 165632  4月 30 10:51 /bin/systemctl
lrwxrwxrwx. 1 root root 13  9月  5 20:40 /usr/bin/poweroff -> consolehelper
[alien@fedora~]:(ls -l /usr/bin/poweroff
lrwxrwxrwx. 1 root root 13  9月  5 20:40 /usr/bin/poweroff -> consolehelper
[alien@fedora~]:)ls -l /usr/bin/reboot
lrwxrwxrwx. 1 root root 13  9月  5 20:40 /usr/bin/reboot -> consolehelper
[alien@fedora~]:)ls -l /usr/bin/consolehelper
-rwxr-xr-x. 1 root root 6488  4月  1 05:24 /usr/bin/consolehelper

PS: the user 'shutdown' is not in any group.
# 10  
Old 09-30-2011
first google hit for 'man consolehelper':

Quote:
consolehelper(8) - Linux man page
Name
consolehelper - A wrapper that helps console users run system programs
Synopsis
progname [ options ]
Description
consolehelper is a tool that makes it easy for console users to run system programs, doing authentication via PAM (which can be set up to trust all console users or to ask for a password at the system administrator's discretion). When possible, the authentication is done graphically; otherwise, it is done within the text console from which consolehelper was started.

It is intended to be completely transparent. This means that the user will never run the consolehelper program directly. Instead, programs like /sbin/shutdown are paired with a link from /usr/bin/shutdown to /usr/bin/consolehelper. Then when non-root users (specifically, users without /sbin in their path, or /sbin after /usr/bin) call the "shutdown" program, consolehelper will be invoked to authenticate the action and then invoke /sbin/shutdown. (consolehelper itself has no priviledges; it calls the userhelper(8) program do the real work.)

consolehelper requires that a PAM configuration for every managed program exist. So to make /sbin/foo or /usr/sbin/foo managed, you need to create a link from /usr/bin/foo to /usr/bin/consolehelper and create the file /etc/pam.d/foo, normally using the pam_console(8) PAM module.
So it uses special PAM settings to decide who's allowed to shutdown and so forth.

This is a Redhat-specific thing.
# 11  
Old 10-01-2011
Thank you very much.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to shutdown Linux box with user confirmation?

Hi Guru's Am looking for linux reboot command which get executed after user confirmation .Can someone please help me with this.:confused::confused::confused: (6 Replies)
Discussion started by: kapil514
6 Replies

2. Red Hat

How to know which user has restarted or shutdown the redhat box?

hi guys! I like to know which user has rebooted or shutdown a redhat box ? the thing is wanted to know the exact user name who has done this action, ofcourse an admin privileged user only can do this. from a list of admin privileged user to find the exact one. i used to go with last... (4 Replies)
Discussion started by: redhatlbug
4 Replies

3. Red Hat

User shutdown detected - cssd(16694)CRS-1603:CSSD.

User shutdown detected - cssd(16694)CRS-1603:CSSD. Can you help me with this error in redhat linux server (1 Reply)
Discussion started by: karthik9358
1 Replies

4. Red Hat

User Account Sync

Hi All, I want to know is there any way where if i add a user in a centos machine the can be replicated to another centos automatically. As i have setup DRBD with heartbeat for apache webserver everything is working fine but the only thing im stuck in is about system account for ftp. Can any... (3 Replies)
Discussion started by: search4u2003
3 Replies

5. UNIX for Dummies Questions & Answers

Help with sync

Folks; I have 2 SUSE DNS servers, one will be the master and one will be the slave. we normally update the master when adding any new servers to the DNS list. I'm looking for a way to sync both servers every night, so the slave is updated nightly. I thought of using "rsync" with cron to sync... (1 Reply)
Discussion started by: Katkota
1 Replies

6. UNIX for Dummies Questions & Answers

Script to force Oracle database shutdown when shutdown immediate does not work

I have Oracle 9i R2 on AIX 5.2. My Database is running in shared server mode (MTS). Sometimes when I shutdown the database it shutsdown cleanly in 4-5 mints and sometimes it takes good 15-20 minutes and then I get some ora-600 errors and only way to shutdown is by opening another session and... (7 Replies)
Discussion started by: aixhp
7 Replies

7. Solaris

Sync to Green vs. Separate Sync

Hi all....I have a Sun Ultra2 that I want to use with my PC monitor. I have purchased an adapter that does not work and I was told I need to change my video card setting (if I can) to Separate Sync.....my Monitor product number ends in 1343......I am running SunOS 5.7 ......anyone have any ideas? ... (0 Replies)
Discussion started by: psantinello
0 Replies

8. UNIX for Advanced & Expert Users

sync and preserve user login

I am neither advanced nor expert. I have synced two linux machines, from Debian to Fedora. I brought whole "home" directory. Which directory or files should bring to Fedora in order to have same user login and password? (2 Replies)
Discussion started by: kumarrana
2 Replies

9. UNIX for Advanced & Expert Users

Workstations are not sync

What's the idea of Unsyncron SUN WS's ? one of our client had a problem & my supervisor told me that this causes of unsynchron WS's i mean maybe the setting of one is not compatible with other ..... Any Suggestion would be helpful Rgrds, nikk (1 Reply)
Discussion started by: nikk
1 Replies

10. Post Here to Contact Site Administrators and Moderators

TODO: Sync User Tables Between Databases

Need to eventually sync the MY.UNIX userdata to the forums database (and others). Suggestions on the best approach welcome. (0 Replies)
Discussion started by: Neo
0 Replies
Login or Register to Ask a Question