[gentoo-user] How to shutdown Gentoo box properly?

Discussion:

(too old to reply)

Alex Stark

21 years ago

Hello, Gentoo users! :)

One more newbie wants to hear your advise :)

I got the question that seems not to be covered well by official docs.
When I want to shutdown my Gentoo box, I had to:
# su
# poweroff

Then, I emerged sudo and now I successfully do:
$ sudo /usr/sbin/poweroff
(I can't just write $sudo poweroff - the path to /usr/sbin is not set
for users)

The questions are:
0) How to add the /usr/sbin to PATH for all non-roots correctly?

1) Do I do everything right?

2) How can I allow to poweroff to anyone not using sudo?
(I found that it is default behavior in Mandrake to allow poweroff to
any user and... it seemed convenient to me)

3) Are any security flaws if I do allow to reboot the box to anyone?
(It is not server - "the others" is actually dear wife who is more new
to linux than me)

4) May be it would be great to write a how-to addition for desktop
users - "The true way to shut down the Gentoo box"

--
WBR,
Alex Stark

--
gentoo-***@gentoo.org mailing list

collin

21 years ago

Permalink

Why not just use an executable shell script?
Something like:
#! /bin/sh
init 0

or init 6 to reboot

-----Original Message-----
From: Alex Stark [mailto:***@yandex.ru]
Sent: Thursday, May 27, 2004 9:33 AM
To: gentoo-***@lists.gentoo.org
Subject: [gentoo-user] How to shutdown Gentoo box properly?

Hello, Gentoo users! :)

One more newbie wants to hear your advise :)

I got the question that seems not to be covered well by official docs.
When I want to shutdown my Gentoo box, I had to:
# su
# poweroff

Then, I emerged sudo and now I successfully do:
$ sudo /usr/sbin/poweroff
(I can't just write $sudo poweroff - the path to /usr/sbin is not set
for users)

The questions are:
0) How to add the /usr/sbin to PATH for all non-roots correctly?

1) Do I do everything right?

2) How can I allow to poweroff to anyone not using sudo?
(I found that it is default behavior in Mandrake to allow poweroff to
any user and... it seemed convenient to me)

3) Are any security flaws if I do allow to reboot the box to anyone?
(It is not server - "the others" is actually dear wife who is more new
to linux than me)

4) May be it would be great to write a how-to addition for desktop
users - "The true way to shut down the Gentoo box"
--
WBR,
Alex Stark

--
gentoo-***@gentoo.org mailing list

--
gentoo-***@gentoo.org mailing list

Mark Knecht

21 years ago

Permalink

Take my inpts with a grain of salt...

Alex Stark wrote:
<SNIP>

Post by Alex Stark
0) How to add the /usr/sbin to PATH for all non-roots correctly?

I'm not sure that's a good idea.

Post by Alex Stark
2) How can I allow to poweroff to anyone not using sudo?
(I found that it is default behavior in Mandrake to allow poweroff to
any user and... it seemed convenient to me)

A different path to the same result. Edit /etc/inittab. Change the line
that handles alt-ctrl-del from shutdown -r now to shutdown -h now. Then
Alt-Ctrl-Del does a nice power down. Granted this may only work for
systems that allow you to leave X. Not sure about that. Depends on what
you want to trap.

Post by Alex Stark
3) Are any security flaws if I do allow to reboot the box to anyone?
(It is not server - "the others" is actually dear wife who is more new
to linux than me)

If you have a floppy drive then someone could pretty easily start doing
other stuff to your machine.

Good luck,
Mark

--
gentoo-***@gentoo.org mailing list

Alex Stark

21 years ago

Permalink

Hello, Mark.

Post by Alex Stark
3) Are any security flaws if I do allow to reboot the box to anyone?
(It is not server - "the others" is actually dear wife who is more new
to linux than me)

Mark Knecht> If you have a floppy drive then someone
Mark Knecht> could pretty easily start doing
Mark Knecht> other stuff to your machine.
If anyone have physical access to Gentoo box - there is no way to
protect it from being used in a "wrong way".
For example, anyone can:
- to press Reset and reboot :)
- to boot from Gentoo CD (or any other), then do #chroot and #passwd,
so taking root privileges

Even if boot from CD or Floppy is disabled in BIOS, it is still
possible to reset it!

--
WBR,
Alex Stark

--
gentoo-***@gentoo.org mailing list

Norbert Kamenicky

21 years ago

Permalink

Alex Stark wrote:

-snip-

Post by Alex Stark
If anyone have physical access to Gentoo box - there is no way to
protect it from being used in a "wrong way".
- to press Reset and reboot :)
- to boot from Gentoo CD (or any other), then do #chroot and #passwd,
so taking root privileges
Even if boot from CD or Floppy is disabled in BIOS, it is still
possible to reset it!

Seems u never heard about encrypted device/filesystem ...

noro

--
gentoo-***@gentoo.org mailing list

Neil Bothwick

21 years ago

Permalink

Post by Norbert Kamenicky

Post by Alex Stark
Even if boot from CD or Floppy is disabled in BIOS, it is still
possible to reset it!

Seems u never heard about encrypted device/filesystem ...

Or disconnecting the reset button.

--
Neil Bothwick

Tagline unfunny. Steal anyway? [Y/n]

Norbert Kamenicky

21 years ago

Permalink

Post by Neil Bothwick

Post by Norbert Kamenicky

Post by Alex Stark
Even if boot from CD or Floppy is disabled in BIOS, it is still
possible to reset it!

Seems u never heard about encrypted device/filesystem ...

Or disconnecting the reset button.

It's not a solution ... u can off/on electricity.

--
gentoo-***@gentoo.org mailing list

Neil Bothwick

21 years ago

Permalink

Post by Norbert Kamenicky
It's not a solution ... u can off/on electricity.

That still doesn't give you access to the system if the BIOS is password
protected and only allows booting in one way. You may be able to stop
it, but not change how it works when it's on.

Of course, any computer at such risk of physical intrusion would be in a
locked room.

--
Neil Bothwick

The application "assimilation" has caused a General Protection Fault
and must exit immediately.

Harald Arnesen

21 years ago

Permalink

Post by Neil Bothwick

Post by Norbert Kamenicky
It's not a solution ... u can off/on electricity.

That still doesn't give you access to the system if the BIOS is password
protected and only allows booting in one way. You may be able to stop
it, but not change how it works when it's on.

I think most bioses still have a backdoor password. At least they did a
few years back.

--
Hilsen Harald.

--
gentoo-***@gentoo.org mailing list

Andrew Farmer

21 years ago

Permalink

Post by Neil Bothwick

Post by Norbert Kamenicky
It's not a solution ... u can off/on electricity.

That still doesn't give you access to the system if the BIOS is password
protected and only allows booting in one way. You may be able to stop
it, but not change how it works when it's on.

If an attacker has physical access to the machine, you're screwed no
matter what you do. For example, an attacker could reset the BIOS (by
opening the machine up and removing the backup battery temporarily). If
you've set the bootloader to require a password, that can still be
bypassed easily by sticking the drive into another machine.

The only ways to get any sort of protection on a machine to which an
attacker has physical access are:

1. Wire the machine up with explosives wired up to a hardware watchdog
card. Not recommended, and probably prohibited in your country. (No
matter where you live.)

2. Require the entry of a passphrase on boot (to mount an encrypted
volume). Secure, but dangerous (one bad bit can now corrupt up to a few
Kb of data), and the machine now requires your interaction to boot up.

/* Andrew Farmer */

Norberto Bensa

21 years ago

Permalink

Post by Andrew Farmer
1. Wire the machine up with explosives wired up to a hardware watchdog
card. Not recommended, and probably prohibited in your country. (No
matter where you live.)
2. Require the entry of a passphrase on boot (to mount an encrypted
volume). Secure, but dangerous (one bad bit can now corrupt up to a few
Kb of data), and the machine now requires your interaction to boot up.

There's no such thing as a human-made secure system. If the data is there, it
can be retrieved. It can take a while, but it can be done. Period.

Regards,
Norberto

--
gentoo-***@gentoo.org mailing list

Peter Ruskin

21 years ago

Permalink

Post by Alex Stark
Hello, Gentoo users! :)
One more newbie wants to hear your advise :)
I got the question that seems not to be covered well by official
# su
# poweroff
$ sudo /usr/sbin/poweroff
(I can't just write $sudo poweroff - the path to /usr/sbin is not set
for users)

Mandrake puts poweroff in /usr/sbin; gentoo puts it in /sbin:
$ ll /sbin/poweroff
lrwxrwxrwx 1 root root 4 May 27 13:17 /sbin/poweroff -> halt

...

Edit /etc/sudoers (with the 'visudo' command as root). Try adding:
%users ALL = NOPASSWD: /sbin/poweroff
%users localhost=/sbin/poweroff
--
Peter
========================================================================
Gentoo Linux: Portage 2.0.50-r6. kernel-2.6.5-gentoo-r1.
i686 AMD Athlon(tm) XP 3200+. gcc(GCC): 3.3.2.
KDE: 3.2.2. Qt: 3.3.2.
========================================================================

--
gentoo-***@gentoo.org mailing list

Persson

21 years ago

Permalink

Post by Alex Stark
0) How to add the /usr/sbin to PATH for all non-roots correctly?

I think you can do this in the usual way, eg putting it into shell
initialization files.

Post by Alex Stark
2) How can I allow to poweroff to anyone not using sudo?
(I found that it is default behavior in Mandrake to allow poweroff to
any user and... it seemed convenient to me)

I edited the action for ctrlaltdel in /etc/inittab, making it shutting down
the machine instead of "simply" rebooting (since the former happens much
often than the latter...linux is not windows!).
So, at the end of the day I can log off and shutdown with the "three finger
salute". And, I can't check from here (I'm using slackware now), but I think
that other customizable keys exist (for example I remember seeing a
ctrl+up_arrow, or something like that, in debian).

Greetings,

--
gentoo-***@gentoo.org mailing list

Simon Roby

21 years ago

Permalink

Post by Alex Stark
2) How can I allow to poweroff to anyone not using sudo?
(I found that it is default behavior in Mandrake to allow poweroff to
any user and... it seemed convenient to me)

Three convenient solutions:

1) You can use a login manager under X (xdm, gdm, kdm, etc). There will be a
nice option to reboot or shutdown.

2) ctrl-alt-delete on the VC initiates a reboot. You can change it
in /etc/inittab to a shutdown if you want.

3) If you have ACPI running in your kernel, emerge acpid, add it to your boot
runlevel, and run it. If it works, you'll be able to cleanly shutdown by
pressing the power button on your computer.

Post by Alex Stark
3) Are any security flaws if I do allow to reboot the box to anyone?
(It is not server - "the others" is actually dear wife who is more new
to linux than me)

As long as it can only be done locally, no (all three of the solutions I gave
you above require physical access to the computer).

--
gentoo-***@gentoo.org mailing list

Alex Stark

21 years ago

Permalink

Hello, Simon.

Thanks, these are the good solutions!

Post by Alex Stark
2) How can I allow to poweroff to anyone not using sudo?

Simon Roby> Three convenient solutions:
Simon Roby> 1) You can use a login manager under X (xdm,
Simon Roby> gdm, kdm, etc). There will be a
Simon Roby> nice option to reboot or shutdown.
This is the simplest, but I do not currently use any login manager -
Sometimes I do not need X, so if I need to kill respawning X - it is
not so easy and takes to write #kill :)

Simon Roby> 2) ctrl-alt-delete on the VC initiates a
Simon Roby> reboot. You can change it
Simon Roby> in /etc/inittab to a shutdown if you want.
Yes, but my own windows habits can make all badly :)

Simon Roby> 3) If you have ACPI running in your kernel,
Simon Roby> emerge acpid, add it to your boot
Simon Roby> runlevel, and run it. If it works, you'll be
Simon Roby> able to cleanly shutdown by
Simon Roby> pressing the power button on your computer.
That's what I exactly did yesterday, but poweroff button didn't work
to me. All related docs were overlooked, but I didn't find solution
yet.

Thanks one more time, Simon!

--
WBR,
Alex Stark

--
gentoo-***@gentoo.org mailing list

Hemmann, Volker Armin

21 years ago

Permalink

Hi,

Post by Alex Stark
Hello, Gentoo users! :)
One more newbie wants to hear your advise :)
I got the question that seems not to be covered well by official docs.
# su
# poweroff

what is wrong with shutdown -h now?
If you are putting your users in /etc/shutdown.allow, they should be able to
do a shutdown without sudo.
man shutdown:

<If shutdown is called with the -a argument (add this to the invocation of
shutdown in /etc/inittab), it checks to see if the file /etc/shutdown.allow
is present. It then compares the login names in that file with the list of
people that are logged in on a virtual console (from /var/run/utmp). Only
if one of those authorized users or root is logged in, it will proceed.
Otherwise it will write the message

shutdown: no authorized users logged in
If there are only trustworthy users, this should be enough, and if they are
not, sudo should not help you much IMHO. And if you have a graphical login,
everybody can shutdown your box, at default.

Glück Auf
Volker

--
Conclusions
In a straight-up fight, the Empire squashes the Federation like a bug. Even
with its numerical advantage removed, the Empire would still squash the
Federation like a bug. Accept it. -Michael Wong

--
gentoo-***@gentoo.org mailing list

Alex Stark

21 years ago

Permalink

Hello, Volker.

Post by Hemmann, Volker Armin
what is wrong with shutdown -h now?

HVA> If you are putting your users in /etc/shutdown.allow, they should be able to
HVA> do a shutdown without sudo.
Yes, but I'm too get used to do often Ctrl-Alt-Dels in Windows, so there is
kind of danger to poweroff the box just by mistake. :)

HVA> man shutdown:
HVA> <If shutdown is called with the -a argument (add this to the invocation of
HVA> shutdown in /etc/inittab), it checks to see if the file /etc/shutdown.allow
HVA> is present. It then compares the login names in that file with the list of
HVA> people that are logged in on a virtual console (from /var/run/utmp). Only
HVA> if one of those authorized users or root is logged in, it will proceed.
HVA> Otherwise it will write the message
HVA> shutdown: no authorized users logged in
HVA> If there are only trustworthy users, this should be enough, and if they are
HVA> not, sudo should not help you much IMHO. And if you have a graphical login,
HVA> everybody can shutdown your box, at default.
That is! This is great and is a really good idea!
I could not guess that it is possible to look at man shutdown,
so thank you very much!

Perhaps, it would be useful to put this note into official docs...
And to create an empty /etc/shutdown.allow file with explanations
taken from man.

Should I post this assumption to bugs?

--
WBR,
Alex Stark

--
gentoo-***@gentoo.org mailing list