- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Is it possible to give a user shutdown/reboot perm...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 06:08 AM
11-14-2003 06:08 AM
Although I'm specifying no passwd in the sudo file, I'm still being prompted for a password.
Here's the telcom specific entry:
TELCOM ALL = NOPASSWD: KILL,LPSTAT,CLEAR,FIND,LS,IPCS,IPCRM,CANCEL,PASSWD,LPADMIN
I can only guess that I've added this incorrectly, or I've left out something else.
Thanks-
Stace
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 06:12 AM
11-14-2003 06:12 AM
Re: Is it possible to give a user shutdown/reboot perms via sudo?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 06:27 AM
11-14-2003 06:27 AM
Re: Is it possible to give a user shutdown/reboot perms via sudo?
However, I'm being prompted for a password, which is what I'm trying to get around.
Any ideas?
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 06:28 AM
11-14-2003 06:28 AM
Re: Is it possible to give a user shutdown/reboot perms via sudo?
That's thin ice you're walking on.
If a normal user dicovered that they can sudo/shutdown w/o a PW......well I wouldn't want to think about that.
The user should be added to shutdown.allow at most as Patrick points out & then you'd at least have a sudo log to *try* to determine who shutdown the system as long as you don't allow direct logins as telcom.
BUT if you have multiple people allowed to su to telcom, then you might never be able to definitively determine just who ran the shutdown - just candidates. If direct logins are allowed - all you'll have is IPs at best.
I'm a firm believer that VERY destructive utils should be root-only - not even sudo should be allowed & I can't think of a more destructive util than shutdown - except for maybe
rm -rf /
My $0.02,
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 06:30 AM
11-14-2003 06:30 AM
Re: Is it possible to give a user shutdown/reboot perms via sudo?
Otherwise, as long the user you are logged in as is a member of the TELCOM User_Alias, what you've written here looks correct.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 06:33 AM
11-14-2003 06:33 AM
Re: Is it possible to give a user shutdown/reboot perms via sudo?
My bad, I didn't explain myself very well.
This user telcom is the *only* user (other than root, of course) that I want to allow to shutdown/reboot. They wouldn't be su'ing, I only did it that way because I was too lazy to go ask someone what the telcom passwd was.
The reason I don't want to add telcom to shutdown.allow, is that I wouldn't be able to trace who did the shutdown/reboot, whereas if they do it via sudo, it will get logged.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 06:37 AM
11-14-2003 06:37 AM
Re: Is it possible to give a user shutdown/reboot perms via sudo?
I understand, but even with an su there would still be a log - see /etc/shutdownlog.
This will record the *true* user that ran it.
IF you use su to gain root - and you should - take a look in there & you'll see what I mean.
HTH,
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 07:15 AM
11-14-2003 07:15 AM
Re: Is it possible to give a user shutdown/reboot perms via sudo?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2003 07:30 AM
11-14-2003 07:30 AM
SolutionI think the thought that you want to do this w/o a PW is the very dangerous part of this process. One should always HAVE to issue a PW to get to this "power" level.
Rgds,
Jeff