Re: C8 Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 


Il 24/01/20 15:47, Simon Matter via CentOS ha scritto:

Il 24/01/20 15:11, Simon Matter via CentOS ha scritto:

Hi list,

I installed on my workstation C8.1 (1911) and performed a minimal
install and then installed XFCE from EPEL.

I noticed a strange behaviour (don't know if this is the wanted
default). If I try ,from normal user shell, to run command like
"reboot"
or "shutdown -h now" system will reboot/shutdown. This happens on tty
console, on xfce terminal and ssh session.

But can you describe exactly in which situation user x can shutdown? I
mean, if you say via ssh connection, is it that user x is at the same
time
also logged in into XFCE desktop on the same system? Or is it also true
if
the only login to the system at this time is via the ssh connection and
then user x is still able to shutdown?

I mean if user x runs the XFCE session remote on the system using ssh
X11
forwarding, NX or whatever, then user x should really NOT be able to
shutdown without providing the root password. That would be a nightmare
for multi user systems :-)

Regards,
Simon

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos

Hi Simon,

I tried on my system using XFCE, I tried with a fresh installation on vm
without X (using minimal and server installation), inside ssh
with/without user logged and from tty console.

Try to reproduce it. Install C8 on a VM using minimal installation,
login in as normal user an type reboot.

Well, I didn't install C8 yet but do you say that if do a fresh server
type install of C8 on a host, add an unprivileged user, login via ssh to
the user account on the host, you can reboot then?
This is what is happening to my C8 installation on VM or physical server. If you can confirm this, the only thing that remains to understand is if this is a bug or a default policy. If not, there is something wrong in my fresh installation but I cannot identify what. 


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux