[sudo-users] Unprivledged user isn't able to reboot system via sudo

Todd C. Miller Todd.Miller at courtesan.com
Mon Jul 30 10:15:27 EDT 2012

Do you have I/O logging enabled for the user running shutdown?
In other words, are log_output or log_input enabled in sudoers?

If so, it is possible that when reboot sends a SIGTERM to the running
sudo process, sudo in turn could kill the reboot process and thus
it would not reach the actual reboot system call.

If that is the case, you might want something like:

Defaults!/sbin/reboot !log_output, !log_input
Defaults!/sbin/shutdown !log_output, !log_input

It may be that only the reboot line is needed.

 - todd

More information about the sudo-users mailing list