Console Access; Disabling Shutdown Via Ctrl+Alt+Del - Red Hat ENTERPRISE LINUX 4 System Administration Manual
Hide thumbs
Also See for ENTERPRISE LINUX 4:
- Manual (410 pages) ,
- Administration manual (200 pages) ,
- Installation manual (110 pages)
Table of Contents
Advertisement
Chapter 27.
Console Access
When normal (non-root) users log into a computer locally, they are given two types of special
permissions:
1. They can run certain programs that they would not otherwise be able to run
2. They can access certain files (normally special device files used to access diskettes, CD-ROMs,
and so on) that they would not otherwise be able to access
Since there are multiple consoles on a single computer and multiple users can be logged into the
computer locally at the same time, one of the users has to essentially win the race to access the files.
The first user to log in at the console owns those files. Once the first user logs out, the next user who
logs in owns the files.
In contrast, every user who logs in at the console is allowed to run programs that accomplish tasks
normally restricted to the root user. If X is running, these actions can be included as menu items in a
graphical user interface. As shipped, the console-accessible programs include halt, poweroff, and
reboot.
27.1. Disabling Shutdown Via Ctrl+Alt+Del
By default, /etc/inittab specifies that your system is set to shutdown and reboot in response to a
Ctrl+Alt+Del key combination used at the console. To completely disable this ability, comment out
the following line in /etc/inittab by putting a hash mark (#) in front of it:
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
Alternatively, you may want to allow certain non-root users the right to shutdown or reboot the system
from the console using Ctrl+Alt+Del. You can restrict this privilege to certain users, by taking the
following steps:
1. Add the -a option to the /etc/inittab line shown above, so that it reads:
ca::ctrlaltdel:/sbin/shutdown -a -t3 -r now
The -a flag tells shutdown to look for the /etc/shutdown.allow file.
2. Create a file named shutdown.allow in /etc. The shutdown.allow file should list the
usernames of any users who are allowed to shutdown the system using Ctrl+Alt+Del. The
format of the shutdown.allow file is a list of usernames, one per line, like the following:
stephen
jack
sophie
According to this example shutdown.allow file, the users stephen, jack, and sophie are allowed
to shutdown the system from the console using Ctrl+Alt+Del. When that key combination is
used, the shutdown -a command in /etc/inittab checks to see if any of the users in /etc/
273
Advertisement
Table of Contents
Need help?
Do you have a question about the ENTERPRISE LINUX 4 and is the answer not in the manual?
Questions and answers