[raspberry-vi] Re: Shutting down your Pi

• From: Tim Chase <raspberry-vi@xxxxxxxxxxxxxxxxx>
• To: raspberry-vi@xxxxxxxxxxxxx
• Date: Mon, 14 Oct 2013 13:04:18 -0500

On October 14, 2013, Georgina Joyce wrote:
> I personally prefer to use a long time trusted Unix structure that
> restricts the user from compromising the security of the system.  

The "sudo" application has been around a long time (roughly since
1980), and monitored rigorously for security issues.  If this were
some server where multiple users were logged in simultaneously, the
ability for one user to shutdown/reboot the system might have an
unfortunate impact on the others.  However, since the commands I gave
were fine-grained, only the one specified user could use only the
specified commands without a password.  I'm rather security conscious
even on my home machines, and this is the route I use (both at home
and on work machines I admin).

Alternatively, you might be able to add the desired user(s) to the
"wheel" group (generally reserved for folks who have administrative
responsibilities), then "chmod" and "chown" the halt/shutdown/reboot
binaries so that they are executable by wheel, and have the setuid
bit for root.  Something like

  $ echo $USER
  pi
  $ su -
  # cd /sbin
  # chown root:wheel shutdown reboot halt
  # chmod u+s,g+x,o-x shutdown reboot halt
  # adduser pi wheel
  # exit
  $

That's untested, but it should adhere more closely to the old-school
method of managing things with users/groups and permissions.

I suppose one get extravagant and wire up GPIO pins to a big
key-activated switch that, when triggered would launch a
shutdown/reboot daemon script, but that's a lot of work when a
non-graceful shutdown/restart can just be issued by pulling the plug.
(grins)

-tim



=========================================================== 
The raspberry-vi mailing list 
Archives: //www.freelists.org/archives/raspberry-vi
Administrative contact: <mike.ray@xxxxxxxxxxxxxx>
-----------------------------------------------------------
Raspberry Pi and the Raspberry Pi logo are trademarks of the Raspberry Pi 
Foundation.

This list is not affiliated to the Raspberry Pi Foundation and the views and 
attitudes expressed by the subscribers to this list do not reflect those of the 
Foundation.

Mike Ray, list creator, January 2013

• Follow-Ups:
  • [raspberry-vi] Re: Shutting down your Pi
    • From: Georgina Joyce
  • [raspberry-vi] Re: Shutting down your Pi
    • From: Mike Ray

• References:
  • [raspberry-vi] Shutting down your Pi
    • From: Georgina Joyce
  • [raspberry-vi] Re: Shutting down your Pi
    • From: Mike Ray
  • [raspberry-vi] Re: Shutting down your Pi
    • From: Georgina Joyce
  • [raspberry-vi] Re: Shutting down your Pi
    • From: Jason Miller
  • [raspberry-vi] Re: Shutting down your Pi
    • From: Georgina Joyce
  • [raspberry-vi] Re: Shutting down your Pi
    • From: Tim Chase

Other related posts:

• » [raspberry-vi] Shutting down your Pi- Georgina Joyce
• » [raspberry-vi] Re: Shutting down your Pi- Mike Ray
• » [raspberry-vi] Re: Shutting down your Pi- Jim Kutsch, KY2D
• » [raspberry-vi] Re: Shutting down your Pi- Georgina Joyce
• » [raspberry-vi] Re: Shutting down your Pi- Jason Miller
• » [raspberry-vi] Re: Shutting down your Pi- Georgina Joyce
• » [raspberry-vi] Re: Shutting down your Pi- Jason Miller
• » [raspberry-vi] Re: Shutting down your Pi- Tim Chase
• » [raspberry-vi] Re: Shutting down your Pi- Georgina Joyce
• » [raspberry-vi] Re: Shutting down your Pi - Tim Chase
• » [raspberry-vi] Re: Shutting down your Pi- Georgina Joyce
• » [raspberry-vi] Re: Shutting down your Pi- Mike Ray
• » [raspberry-vi] Re: Shutting down your Pi- Georgina Joyce

1. Home
2. raspberry-vi
3. Archive
4. 10-2013

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---