How can I privilage a user to sign in on my ubuntu server via ssh when a system shutdown is scheduled?

Question

I have scheduled a system reboot every night in my crontab with this line:

0 4 * * * /sbin/shutdown -r +5

I would like to be able to log in and cancel the reboot if I need the system to stay up at this time, but I need to log in before 4:00 to run shutdown -c after 4:00, because if i try to ssh after 4:00 it shows me a massage that only privileged users are allowed to sign in when a shutdown is scheduled.

How can I privilege my user to be able to ssh login after 4:00 to cancel the reboot at 4:05?

I guess there is some easy trick to do so but I am new to linux and currently learn everything and I don't find a solution on the internet.

Answer 1

Extract from the shutdown manpage:

   If the time argument is used, 5 minutes before the system goes down the /run/nologin file is created to ensure that
   further logins shall not be allowed.

On Linux system, PAM is responsible of the process of authenticating users. PAM is configured with /etc/pam.conf and /etc/pam.d/*.

The file (/run/nologin) is checked by the PAM module pam_nologin.so.

For example, on my Debian 12:

$ cat /etc/pam.d/login 
#
# The PAM configuration file for the Shadow `login' service
#

# Enforce a minimal delay in case of failure (in microseconds).
# (Replaces the `FAIL_DELAY' setting from login.defs)
# Note that other modules may require another minimal delay. (for example,
# to disable any delay, you should add the nodelay option to pam_unix)
auth       optional   pam_faildelay.so  delay=3000000

# Outputs an issue file prior to each login prompt (Replaces the
# ISSUE_FILE option from login.defs). Uncomment for use
# auth       required   pam_issue.so issue=/etc/issue

# Disallows other than root logins when /etc/nologin exists
# (Replaces the `NOLOGINS_FILE' option from login.defs)
auth       requisite  pam_nologin.so

So i guess that commenting out the line that declare pam_nologin.so as a requisite for auth should be enought.