0

While I tried 'reboot' through normal user (non-root), it went through. I tried 'shutdown' through same user, it also went through after scheduling the shutdown.

But when i tried sudo shutdown through same user, it didnt work.

error:

[rj@localhost ~]$ sudo shutdown
[sudo] password for rj: 
rj is not in the sudoers file.  This incident will be reported.

Questions - How come a normal user do reboot or shutdown? Is it not a security concern ?

Question - if 'shutdown' is working, than why not 'sudo shutdown' ?

Request to pls explain.

cas
  • 1
  • 7
  • 119
  • 185
Rahul
  • 1
  • The version of CentOS might be important here, but on a CentOS7 machine, ```which shutdown``` reveals that it's a symlink to /bin/systemctl. – spuck May 28 '21 at 16:33

2 Answers2

1

I suspect "sudo anything" would fail. The error message says there is no entry in the sudoers file authorizing rj to use sudo.

That is, the command did not fail because sudo doesn't like shutdown. What it doesn't like is folks who aren't defined as sudo users trying to use sudo.

As to whether or not it is good for unprivileged users to be able to execute shutdown, I yield to better informed opinion.

robert netzlof
  • 11
  • 1
  • 1
0

As Robert netzlof said, shutdown did not fail, sudo failed.

It is a really bad idea to allow normal users to access the shutdown command; only root normally has access to that command, as it should be. That being said, it is possible to allow normal users to perform the shutdown command by creating a shutdown group and adding users to that group.

You can run the groups command to see who is in the current "shutdown" group (whatever it may be called).

Please see this post

Shōgun8
  • 695
  • 5
  • 16