How to: Allow Any User To Shutdown a Linux Server

Posted on in Categories CentOS, Debian Linux, FreeBSD, Gentoo Linux, Howto, Linux, RedHat/Fedora Linux, Sys admin, Tips, Ubuntu Linux last updated February 23, 2006

You need to use the sudo command to grant a permission to other users to shutdown your server. The sudo command allows a permitted user to execute a command as the superuser or another user, as specified in the /etc/sudoers file. Login as a root user and type the visudo command to edit the sudoers file.

Use Configuration

In this example, allow user rocky to shutdown computer (first login as a root user):
$ su -
# visudo

Append the following configuration to a file:
rocky server.example.com=/sbin/halt /sbin/reboot
Save file and close the file. Now, rocky user can halt server by typing the following command:
$ sudo /sbin/halt
Output:

Password:

Please note that at password prompt rocky need to type his own password.

Another option is add users to /etc/shutdown.allow access control file. shutdown command can see if an authorized user is logged in on one of the virtual consoles. If shutdown command is called with the -a argument , it checks to see if the file /etc/shutdown.allow is present. It then compares the login names in that file with the list of people that are logged in on a virtual console only if one of those authorized users or root is logged in, it will proceed. Otherwise, it will write the message

shutdown: no authorized users logged in

First login as a root user:
# echo rocky >> /etc/shutdown.allow
Alternatively, use a text editor such as vi to add a username to etc/shutdown.allow file (max 32 names are allowed at a time):
# vi /etc/shutdown.allow
Finally, rocky can login and type the following command:
[email protected] $ /sbin/shutdown -a -h 0

See also:

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

10 comment

  1. Yep – but then you typed it too quickly

    echo”rokcy” >> /etc/shutdown.allow

    should read

    echo “rocky” >> /etc/shutdown.allow

    and by the way, these quotes are useless here. I’ve never seen a user login that would require quoting, BTW.

    echo rocky >> /etc/shutdown.allow

  2. Looks this topics needs a revisit todat. My distro (SL 6.4) has user verion of poweroff, halt, reboot provide by usermode package. I can shutdown, reboot as a normal user (from the command line as well)

    $ which {poweroff,reboot,halt}
    /usr/bin/poweroff
    /usr/bin/reboot
    /usr/bin/halt
    rpm -qf $(which poweroff reboot halt)
    usermode-1.102-3.el6.x86_64
    usermode-1.102-3.el6.x86_64
    usermode-1.102-3.el6.x86_64

    As root

    # which {poweroff,reboot,halt}
    /sbin/poweroff
    /sbin/reboot
    /sbin/halt

    # rpm -qf $(which poweroff reboot halt)
    upstart-0.6.5-12.el6.x86_64
    upstart-0.6.5-12.el6.x86_64
    upstart-0.6.5-12.el6.x86_64

Leave a Comment