Re: How to restrict reboot/poweroff from non-admins?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

> Only console users (local users) are allowed to do that. It's configured
> using pam (I use Centos5.8 so forgive me if this is not the same for
> CentOS6). I tried to change settings in /etc/pam.d/ and that indeed works:
>
> /etc/pam.d/poweroff
> /etc/pam.d/reboot
> /etc/pam.d/halt
>
> I added as a second line :
> auth       sufficient   pam_rootok.so
> # prevent normal users to reboot
> auth       required     pam_deny.so
> ....
>
> But still the user locally logged on to the machine (gnome session) can
> switch it off. So I think I also missed something.

I can't test it right now, but reading 'man pam.d' made me wonder if
'required'  in the 'auth required pam_deny.so' in the example above
should be replaced with  'requisite'.

--
TiN 


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux