HPE Community
Operating System - HP-UX
1827243 Members
2215 Online
109716 Solutions
New Discussion

Re: system shutdown

 
SOLVED
Go to solution
Jim Tropiano_1
Frequent Advisor

‎10-22-2005 01:18 PM

‎10-22-2005 01:18 PM

system shutdown

I am trying to write a script that will let some chosen non root user shutdown an Unix box.

I have written a script withe the permission rwsr-x--- sys_shut.sh

but the non root user cannot shutdown the system . Is there something I can do so that they will be able to. I do not want htem using sudo


0 Kudos
8 REPLIES 8
Sanjay Kumar Suri
Honored Contributor

‎10-22-2005 01:38 PM

‎10-22-2005 01:38 PM

Re: system shutdown

Check this thread to use setuid.

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=531151

sks
A rigid mind is very sure, but often wrong. A flexible mind is generally unsure, but often right.
0 Kudos
Patrick Wallek
Honored Contributor

‎10-22-2005 01:50 PM

‎10-22-2005 01:50 PM

Re: system shutdown

Actually you don't need to write a script for this.

Create the /etc/shutdown.allow file if it does not exist. Add the users that you want to allow to run the shutdown command to that file.

# cat /etc/shutdown.allow
root
user1
user2

# man shutdown

and go down to the FILES section of the man page for more information on the /etc/shutdown.allow file.

0 Kudos
James R. Ferguson
Acclaimed Contributor

‎10-22-2005 02:09 PM

‎10-22-2005 02:09 PM

Solution

Re: system shutdown

Hi Jim:

In addition to Patrick's guideline, you can also create an account (user) whose sole purpose is to cause your shutdown script to run.

In lieu of the normal shell program (the seventh [one-relative] field of '/etc/passwd') substitute your shutdown script. In that fashion, a successful login to the "shutdown" account will actually cause a system shutdown.

Regards!

...JRF...
0 Kudos
Devender Khatana
Honored Contributor

‎10-22-2005 02:49 PM

‎10-22-2005 02:49 PM

Re: system shutdown

Hi,

As suggested above the best solution will be to use /etc/shutdown.allow and list all the users requiring to execute shutdown the system.

The advantage will also be that the file ca be updated anytime for modifications.

HTH,
Devender
Impossible itself mentions "I m possible"
0 Kudos
Jim Tropiano_1
Frequent Advisor

‎10-24-2005 11:35 AM

‎10-24-2005 11:35 AM

Re: system shutdown

I look on the Hp-UX rp7420 running 11.11
There was a file in /etc called shutdown.allow. I added the user shutuser to the file and have the operator script su to this user to reboot system . Get User shutuser not allowed to shutdown this system (simon) -- exiting shutdown.
I have even signed on as this user and get the same thing. Now I am confused...
When I added root to the file I get this error message. User root not allowed to shutdown this system (simon) -- exiting shutdown.
But if delete root from file I can reboot. no problem.
0 Kudos
James R. Ferguson
Acclaimed Contributor

‎10-24-2005 11:43 AM

‎10-24-2005 11:43 AM

Re: system shutdown

Hi Jim:

You need to specify BOTH the system and the user in the '/etc/shutdown.allow' file. For example:

simon jim
simon root

This would allow user=jim to shutdown system=simon. It also allows 'root' to shutdown the server named 'simon'.

Regards!

...JRF...

0 Kudos
Muthukumar_5
Honored Contributor

‎10-24-2005 06:27 PM

‎10-24-2005 06:27 PM

Re: system shutdown

check permission of /etc/shutdown.allow file as,

-rw-r--r-- 1 bin bin 0 Nov 15 2000 /etc/shutdown.allow

# chmod 644 /etc/shutdown.allow
# chown bin:bin /etc/shutdown.allow

Put entries as

# /etc/shutdown.allow


+ is used to denote all hostname or users

# /etc/shutdown.allow
machine1 jim
machine2 +

It allows jim to shutdown a machine called machine1. All users are allowed to shutdown machine2.

Refere man 1m shutdown page, /etc/shutdown.allow part under FILE section.

-Muthu

jim is



Easy to suggest when don't know about the problem!
0 Kudos
Jim Tropiano_1
Frequent Advisor

‎10-25-2005 01:20 AM

‎10-25-2005 01:20 AM

Re: system shutdown

Thanks for the help. This has and will be place where I can get advice on Unix to point me in the right direction.

Thanks again.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.