Return to BSD News archive
Xref: sserve comp.sys.sun.admin:48120 comp.unix.admin:29366 comp.unix.bsd:16636 comp.unix.shell:22773 comp.unix.solaris:38991 comp.unix.ultrix:25388 comp.unix.xenix:10633 comp.security.unix:13376 Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!news.sprintlink.net!news.bluesky.net!news.mathworks.com!uunet!in1.uu.net!tembel!not-for-mail From: shields@tembel.org (Michael Shields) Newsgroups: comp.sys.sun.admin,comp.unix.admin,comp.unix.bsd,comp.unix.shell,comp.unix.solaris,comp.unix.ultrix,comp.unix.xenix,comp.security.unix Subject: Re: Shutdown Account Followup-To: comp.unix.admin,comp.security.unix Date: 7 Jun 1995 06:24:31 -0000 Organization: Tembel's Hedonic Commune Lines: 26 Message-ID: <3r3gmv$qhr@yage.tembel.org> References: <3r2j7f$7p4@apakabar.cc.columbia.edu> NNTP-Posting-Host: yage.tembel.org NNTP-Posting-User: shields [Posted to Sun, generic Unix admin, BSD, shell (?), Solaris, Ultrix, Xenix, *and* security groups? Followups trimmed.] [`inet' distribution removed.] In article <3r2j7f$7p4@apakabar.cc.columbia.edu>, Chen Zhou <czen@inibara.cc.columbia.edu> wrote: > In order to let the non-unix personnel at work to gracefully > shutdown the system instead of having them just flip the power. I > created a uid=0 account named shutdown with a password, i had its shell > linked to /usr/etc/halt and I disabled root login from everywhere else > besides the console. You might want to use a wrapper that double-checks that it's being run from the console, and exec's halt without arguments. This adds redundant security, and also prevents anyone from su'ing to it when not on the console. Don't forget to syslog failures. > well, thanks much for the response. please also cc a copy of your post > to me via email at <czen@columbia.edu> Done; please reply in news. -- Shields.