[sudo-users] Unprivledged user isn't able to reboot system via sudo

Simon K k_simon78 at yahoo.com
Wed Aug 1 03:24:33 EDT 2012

Hi Shawn,

Thanks a lot for your help . 

Okay i will try the workaround mentioned by you.

Thanks & Regards,
Simon K

 From: Shawn McMahon <syberghost at gmail.com>
To: Simon K <k_simon78 at yahoo.com>; "sudo-users at sudo.ws" <sudo-users at sudo.ws> 
Sent: Wednesday, 1 August 2012 1:33 AM
Subject: Re: [sudo-users] Unprivledged user isn't able to reboot system via sudo
On Tue, Jul 31, 2012 at 3:44 PM, Todd C. Miller
<Todd.Miller at courtesan.com> wrote:
> On Tue, 31 Jul 2012 14:09:34 +0800, Simon K wrote:
>> no i have not enabled
>> I/O logs ... my sudoers file is a very simple one i haven't included
>> any extra fields there... :-(
> I was able to reproduce this on an HP-UX machine.  What happens is
> that /sbin/reboot (which is run by /sbin/shutdown) sends a SIGTERM
> signal to all processes before it calls the reboot system call.
> When sudo receives the SIGTERM, it passes the signal to the command
> it is running (shutdown or reboot) which kills the reboot process
> before it has had a chance to actually reboot the machine.
> I don't have a good solution for this at the moment.

Until Todd thinks of a code fix, perhaps as a workaround you could
make a script that does something like:

echo "shutdown -r now" | at now

...and make a rule to run it. Do *NOT* just let them run "at" as root,
that would be Very Bad.

Put that in a file somewhere root controls (such as /usr/local/bin or
/usr/local/sbin), and then make a rule to do:

sh -c '/usr/local/sbin/shutdownwrapper'

More information about the sudo-users mailing list