[Gllug] Poweroff madness

Jonathan Dye jonathan.dye at automationpartnership.com
Fri Jul 12 13:39:04 UTC 2002

> -----Original Message-----
> From: John HEARNS [mailto:john.hearns at cern.ch]
> Sent: 12 July 2002 14:31
> To: gllug at linux.co.uk
> Subject: [Gllug] Poweroff madness
> Yet again proving that I'm totally out of the loop,
> going gaga, and should be settled in a quiet corner
> with a BBC micro to play with.
> Someone pointed out on another mailing list I'm no
> that on an FTP session,  >!poweroff   works. 
> Ulp.
> I tried poweroff AS A NORMAL USER on a console
> on a Redhat box - and sure enough it worked.
> Can anyone please tell me the logic behind this?
> Surely, SURELY the default should be to prompt for
> the root password?
> OK on a desktop - but on a big server? 
> The offending line is in /etc/pam.d/poweroff:
> auth       sufficient	/lib/security/pam_rootok.so

If you are root then you can shutdown.

> auth       required	/lib/security/pam_console.so

If you are on the console then you can shut down (so not remotely)

> #auth       required	/lib/security/pam_stack.so service=system-auth
> account    required	/lib/security/pam_permit.so
> (same for halt and reboot)
> Yeah - I know. This is RTFM knowledge, and I'm behind the times.


This message has been checked for all known viruses by the 
MessageLabs Virus Scanning Service

Gllug mailing list  -  Gllug at linux.co.uk

More information about the GLLUG mailing list