When normal (non-root) users log into a computer locally, they are given two types of special permissions:
They can run certain programs that they would not otherwise be able to run
They can access certain files (normally special device files used to access diskettes, CD-ROMs, and so on) that they would not otherwise be able to access
Since there are multiple consoles on a single computer and multiple users can be logged into the computer locally at the same time, one of the users has to "win" the race to access the files. The first user to log in at the console owns those files. Once the first user logs out, the next user who logs in owns the files.
In contrast, every user who logs in at the console is allowed to run programs that accomplish tasks normally restricted to the root user. If X is running, these actions can be included as menu items in a graphical user interface. As shipped, the console-accessible programs include halt, poweroff, and reboot.
By default, /etc/inittab specifies that your system
is set to shutdown and reboot the system in response to a
ca::ctrlaltdel:/sbin/shutdown -t3 -r now |
Alternatively, you may just want to allow certain non-root users the
right to shutdown the system from the console using
Add the -a option to the /etc/inittab line shown above, so that it reads:
ca::ctrlaltdel:/sbin/shutdown -a -t3 -r now |
The -a flag tells shutdown to look for the /etc/shutdown.allow file.
Create a file named shutdown.allow in
/etc. The
shutdown.allow file should list the usernames
of any users who are allowed to shutdown the system using
stephen jack sophie |
According to this example shutdown.allow file,
stephen, jack, and sophie are allowed to shutdown the system from the
console using
For more information on shutdown.allow see the shutdown man page.