Re: Oh God! More helpful software :-).

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Nov 8, 2020 at 9:44 AM Mauricio Tavares <raubvogel@xxxxxxxxx> wrote:
On Sat, Nov 7, 2020 at 7:47 PM Samuel Sieb <samuel@xxxxxxxx> wrote:
>
> On 11/7/20 3:16 PM, jdow wrote:
> > On 20201107 13:21:47, Cameron Simpson wrote:
> >> On 06Nov2020 21:50, Tom Horsley<horsley1953@xxxxxxxxx>  wrote:
> >>> For as long as I can remember I've run dnf update in a root
> >>> xterm and when all the akmod activity and wot-not is finished,
> >>> I've run reboot from another terminal.
> >>>
> >>> Now, it won't reboot "because root is logged in".
> >>>
> >>> Gah! Who cares if root is logged in?
> >>>
> >>> Can I disable this helpful feature any way?
> >> Dunno, but maybe you can disable what it measures. Do your xterms make
> >> entries in wtmp (listed by "w" and "who")? Is so, ISTR that xterm has an
> >> option to not do that (look for "wtmp" in the manual IIRC). See if
> >> disabling that helps.
> >
> > Something sounds bass akwards here. IMAO only root or an account with
> > sudo privileges should be able to reboot the machine. And root should be
> > able to do this at any time.
>
> I think you're misunderstanding.  A root user is logged in and he's
> trying to reboot using his normal user.  The current console user is
> generally allowed to reboot the system.
> __

Since when is a non-root user allowed to reboot "from another
terminal" (quoted from original email) window?
______________________________

The keyword here is "local aka physical". If a non-root user is logged into a host on a local terminal most likely with a keyboard and mouse, not a psuedo terminal like an Xwindows Session or ssh. The user, even without sudo access or a member of an elevated priviledge group like the wheel group, can shutdown the host. To confirm my memory, just tested this by spinning up an F32 VM, getting on the terminal via virt-manager, logging in as a regular user and testing both the shutdown and reboot commands, the both worked. 

I think you will have to dig into the PAM config to restrict local users from issuing shutdown / reboot commands.

Regards,
-Jamie
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux