You need to use the sudo command to grant a permission to other users to shutdown your server. The sudo command allows a permitted user to execute a command as the superuser or another user, as specified in the /etc/sudoers file. Login as a root user and type the visudo command to edit the sudoers file.
Use Configuration
In this example, allow user rocky to shutdown computer (first login as a root user):
$ su -
# visudo
Append the following configuration to a file:
rocky server.example.com=/sbin/halt /sbin/reboot
Save file and close the file. Now, rocky user can halt server by typing the following command:
$ sudo /sbin/halt
Output:
Password:
Please note that at password prompt rocky need to type his own password.
Another option is add users to /etc/shutdown.allow access control file. shutdown command can see if an authorized user is logged in on one of the virtual consoles. If shutdown command is called with the -a argument , it checks to see if the file /etc/shutdown.allow is present. It then compares the login names in that file with the list of people that are logged in on a virtual console only if one of those authorized users or root is logged in, it will proceed. Otherwise, it will write the message
shutdown: no authorized users logged in
First login as a root user:
# echo rocky >> /etc/shutdown.allow
Alternatively, use a text editor such as vi to add a username to etc/shutdown.allow file (max 32 names are allowed at a time):
# vi /etc/shutdown.allow
Finally, rocky can login and type the following command:
rocky@server1 $ /sbin/shutdown -a -h 0
See also:
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 9 comments… read them below or add one }
Very Great Article….. Like it so Much..
Nice topic.
But in :
# touch /etc/shutdown.allow
# echo”username” >> /etc/shutdown.allow
The first line is useless. (touch)
Once again thanks for pointing it out :)
Yep – but then you typed it too quickly
echo”rokcy” >> /etc/shutdown.allow
should read
echo “rocky” >> /etc/shutdown.allow
and by the way, these quotes are useless here. I’ve never seen a user login that would require quoting, BTW.
echo rocky >> /etc/shutdown.allow
My bad :(
Well I share the easy part.
But again,
You still mispelled it – that’s r-o-c-k-y
not r-o—k—c—-y
breeze deeply. ;-))
I’m embarrassed to say that it took me forever to realize a typo :(
That’s great info. It works and thanks a lot.
at least in debian systems the shutdoen.allow only works for the alt+ctrl+del way of it.
still the user isn’t allowed to invoke /sbin/shutdown…