Red Hat Bugzilla – Bug 18576
RHL7.0 Any user can reboot or halt
Last modified: 2006-02-21 13:47:47 EST
I just found an issue after installing RHL7.0 from your ISO image:
Any user can execute the halt or reboot commands, even logged from the
network, on a shell. Perhaps this only happens to me, or perhaps this is
an intended feature, but as it has puzzled me I thought I'd better report
it, just in case.
My system: K7-750 on ASUS-K7V RHL7.0 64MB 20MB-HD
If you need to know more just contact me. I'll be available during the
And if it is NOT a bug, sorry for the nuisance.
Manuel Moran. (Spain)
When the user is logged in remotely, are they also simultaneously logged in at
the console? The access checking does not check which terminal the user is on,
just that he or she is also logged in on the console.
YES! When the user is JUST logged in remotely but not from the console, halt and
reboot prompt for a password.
It seems like it is an intended feature. The change from the last version (6.2
in which they prompted always for password) made me think it was such a big bug.
This (quite serious) bug is still present in
Red Hat Linux - Limbo (beta 2) 7.3.93.
Instead of a reboot or halting the system, the "halt" or "reboot" program
should ask for the superuser password, when typed in by a regular user.
I quote from the manpage of halt:
"If you're not the superuser, you will get the message `must be superuser' "
This bug can be closed "NOTABUG". This has been asked repeatedly.
Since local users are able to pull the plug or push the power button
there is no use to disallow them to shutdown the box cleanly from the
The man page might need fixing to reflect that the above is not true
for local users due to the reasons I mentioned.
*** This bug has been marked as a duplicate of 17882 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.