From: stud2@aifbaino.aifb.uni-karlsruhe.de (Norbert Kuck) Subject: Re: Packaging Linux Date: Tue, 24 Nov 1992 13:22:35 GMT
In article <1992Nov23.130900.28685@cam-orl.co.uk>, iwj@cam-orl.co.uk (Ian Jackson) writes:
> In article <By59LB.Mqy@watserv1.uwaterloo.ca> jjlawren@garfield.uwaterloo.ca writes:
> >I personally think that it is very simple to have a login for shutdown (I
> >do...why not for std release?) and then tell people...."when you are done
> >using the system for the day logout all users and login as shutdown...wait
> >10 seconds (for the message that its ok) and then turn off the machine."
Yeah, you're probably right with that. But IMHO there should be a consistent
way to do it being logged in already or not. And a login solution should not
arise any security problems, too. My favorite XENIX solution over the last
years was:
1) A command called 'ushut'. This is a C program with the suid-bit set, that
basically uses 'system ()' to execute the 'shutdown'-script with
root-permissions. You might want to build in a few security checks, too,
e.g. PATH, perms of the /etc/shutdown script and so on. I've never been
_really_ paranoid about that :-). Of course, 'ushut' should be executable
by everybody.
2) A login 'ushut' with ordinary perms and no password that has 'ushut' in
the profile. (I don't remember why, but with XENIX it didn't work with
'ushut' as login shell in passwd. I had to slightly change the XENIX
shutdown script, too, because it checks your identity with 'who am i', so
the suid-stuff doesn't work.
All you have to tell Joe User then is: Type 'ushut', wherever you are, and
the machine will come gracefully down. BTW, wouldn't it be possible to catch
Ctrl-Alt-Del somewhere and make it execute something like 'ushut' ? This
would definitely be the best solution for Joe DOS-User.
I couldn't try any of my XENIX constructions under Linux, because my machine
is currently down :-( but I don't see why it shouldn't work there as well.
ATB
Norbert Kuck
stud2@aifb.uni-karlsruhe.de