HPE Community
Operating System - OpenVMS
1752480 Members
5661 Online
108788 Solutions
New Discussion юеВ

Security Privileges Required for Reboot

 
Pete Maurer
Advisor

тАО10-19-2006 05:36 AM

тАО10-19-2006 05:36 AM

Security Privileges Required for Reboot

I've been reviewing the 'HP OpenVMS Guide to System Security', but can't determine the
minimal privileges required to perform
a system reboot ???



0 Kudos
15 REPLIES 15
Volker Halle
Honored Contributor

тАО10-19-2006 05:37 AM

тАО10-19-2006 05:37 AM

Re: Security Privileges Required for Reboot

Pete,

have a look in SYS$SYSTEM:SHUTDOWN.COM

$privs = "AUDIT, CMKRNL, EXQUOTA, LOG_IO, NETMBX, OPER, SECURITY, " -
+ "SYSNAM, SYSPRV, TMPMBX, WORLD"
$saved_privs = f$setprv(privs)
$if .not. f$privilege(privs)
$then
$say ""
$say "%SHUTDOWN-F-NOPRIV, the following privileges are required:"
$say "-SHUTDOWN-F-NOPRIV, ''privs'"
$exit %x10360004
$endif

Volker.
0 Kudos
Steven Schweda
Honored Contributor

тАО10-19-2006 05:39 AM

тАО10-19-2006 05:39 AM

Re: Security Privileges Required for Reboot

SYS$SYSTEM:SHUTDOWN.COM looks authoritative.

$say f$fao("!/!/!_SHUTDOWN -- Perform an Orderly System Shutdown")
$privs = "AUDIT, CMKRNL, EXQUOTA, LOG_IO, NETMBX, OPER, SECURITY, " -
+ "SYSNAM, SYSPRV, TMPMBX, WORLD"
$saved_privs = f$setprv(privs)
$if .not. f$privilege(privs)
$then
$say ""
$say "%SHUTDOWN-F-NOPRIV, the following privileges are required:"
$say "-SHUTDOWN-F-NOPRIV, ''privs'"
$exit %x10360004
$endif
0 Kudos
Steven Schweda
Honored Contributor

тАО10-19-2006 05:41 AM

тАО10-19-2006 05:41 AM

Re: Security Privileges Required for Reboot

Looks like a consensus.
0 Kudos
Volker Halle
Honored Contributor

тАО10-19-2006 05:41 AM

тАО10-19-2006 05:41 AM

Re: Security Privileges Required for Reboot

Steven,

it always amazes me, how experienced OpenVMS people use to think and act alike ;-)

Volker.
0 Kudos
Andy Bustamante
Honored Contributor

тАО10-19-2006 05:45 AM

тАО10-19-2006 05:45 AM

Re: Security Privileges Required for Reboot


In addtion to Volker's response, if you can touch the console or system, you can reboot it.

If Availablity Manager or AMDS has control access enabled, you can crash a node, reboot depends on the value of AUTO_ACTION. No user id or privs required on the target node.

Andy
If you don't have time to do it right, when will you have time to do it over? Reach me at first_name + "." + last_name at sysmanager net
0 Kudos
Robert Gezelter
Honored Contributor

тАО10-19-2006 05:46 AM

тАО10-19-2006 05:46 AM

Re: Security Privileges Required for Reboot

Pete,

The privileges required are what will allow the privileges specified in the command extract that has previously been posted (e.g., AUDIT, CMKRNL, EXQUOTA, LOG_IO, NETMBX, OPER, SECURITY, SYSNAM, SYSPRV, TMPMBX, WORLD) to succeed.

While it is not mentioned, and I DO NOT RECOMMEND IT, SETPRIV (the ability to set any privilege bit) should also work (reference to the "OpenVMS Guide to System Security" to the effect that the SET PRIVILEGE command will succeed if SETPRIV is enabled).

- Bob Gezelter, http://www.rlgsc.com

0 Kudos
Steven Schweda
Honored Contributor

тАО10-19-2006 05:49 AM

тАО10-19-2006 05:49 AM

Re: Security Privileges Required for Reboot

SETPRIV -> SETPRV
0 Kudos
Volker Halle
Honored Contributor

тАО10-19-2006 05:55 AM

тАО10-19-2006 05:55 AM

Re: Security Privileges Required for Reboot

Andy,


reboot depends on the value of AUTO_ACTION


Please let me clarify this common misconception:

If a system crashes, it automatically reboots by default. This behaviour is controlled by the BUGREBOOT SYSGEN parameter (default = 1).

AUTO_ACTION only comes into play, if a HALT instruction or an error resulting in a CPU HALT (like kernel stack not valid) results in halting the current CPU:

If AUTO_ACTION is set to HALT, the CPU just HALTs. In case of an SMP system, this may cause a CPUSPINWAIT or CPUSANITY crash and reboot, if it's not the primary CPU.

If AUTO_ACTION is set to RESTART, the SRM firmware restarts the CPU and the system will take a bugcheck dump and reboot (depending on the setting of BUGREBOOT).

If AUTO_ACTION is set to BOOT, the system will just boot without creating a dump.

Volker.
0 Kudos
Robert Gezelter
Honored Contributor

тАО10-19-2006 05:58 AM

тАО10-19-2006 05:58 AM

Re: Security Privileges Required for Reboot

Steven,

Agreed, SETPRV. I was typing fast and not proof-reading enough.

- Bob Gezelter, http://www.rlgsc.com
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.