A/UX: How Users Can Shut Down Without Root Access (9/94)


A system administrator at an A/UX site wants to give users the ability to power off their machines, but without giving them root access. Is the following procedure a suitable way to power down the machine? Here is what he did:

1) He modified the /mac/bin/Login file with ResEdit, changed the string
Guest to poweroff (STR# resource), and modified the dialogs accordingly.

2) He compiled the following C program and named the executable poweroff:

poweroff.c
#include <stdio.h>

main(argc, argv)
int argc;
char *argv[];

{
setuid(0);
argv[0] = "reboot";
execl("/etc/reboot", "reboot", "-h", 0); /* -- run reboot */
/* -- NOTREACHED */
}

3) Poweroff* was put in the /root directory and given these permissions:

# ls -l /root/poweroff
-rwsr-xr-x 1 root root 2373 Aug 17 18:20 /root/poweroff

4) An account called "poweroff" was added to /etc/passwd that executes
/root/poweroff when a user logs in under that name (or selects the

power-off radio button in the Login screen). For example:

# grep poweroff /etc/passwd
poweroff::8:1000:user shutdown account:/root:/root/poweroff

The only possible problem with this is that a user could log on to another user's machine and shut it down. Giving the user a power-off password makes this unsuitable for installations where there is limited network discipline.


Your C code seems to meet the customer's need: shutting down A/UX without being root.

This additional code can be included in the poweroff.c to prevent a remote user from shutting down the system:

char *ttyname();
char *p;
char *d="/dev/ttyC";

p=ttyname(0);
if (strncmp(p, d, 9) != 0) {
fprintf(stderr, "%s: not a CommandShell type of window\\n", argv[0]);
exit(1);
}


Article Change History:
23 Sep 1994 - Reviewed.
31 Aug 1992 - Reviewed.

Support Information Services
Published Date: Feb 18, 2012