Join Log in
Score:19
David Holland avatar Ubuntu

How do I prevent access to shutdown but not reboot?

in flag
David Holland

I have a ubuntu pc running as a plex server. How do I get it so that no one can shutdown the computer but only allow the user to reboot the machine? I know it is possible in windows but I am just wondering if it is possible on ubuntu.

2214
0 + 0
in flag
Austin Hemmelgarn
Note that to make it so nobody can power off the system, you need to completely restrict physical access to the machine. Anybody who can physically touch the system can either just pull the plug, or hard-poweroff by just holding the power button for a few seconds.
0
Reply
TooTea avatar
cn flag
TooTea
@AustinHemmelgarn Disconnecting the power button from the motherboard is a 1-minute job (together with setting the machine up to power on after AC loss). However, making it impossible to pull the plug might be harder and also illegal in some locales (for fire safety reasons).
2
Reply
in flag
Austin Hemmelgarn
@TooTea Disconnecting the power button internally doesn’t eliminate the requirement for physical security, even if you ignore the power cord issue. You would have to still prevent access to the inside of the case. And, for that matter, if you have a physical console, anybody with access to it can almost certainly shut down the system unless you have both the bootloader and emergency mode password protected.
0
Reply
TooTea avatar
cn flag
TooTea
@AustinHemmelgarn I would assume that any machine that's physically accessible to untrusted users already has a BIOS password and a lock on the case (I've also seen rivets in place of case screws, but that complicates maintenance somewhat).
0
Reply
Bryan Krause avatar
ke flag
Bryan Krause
@AustinHemmelgarn Most likely OP is primarily concerned with remote access; presumably they have a high level of trust over the users they are giving this level of privilege but would like to avoid the inconvenience of a user inadvertently (or perhaps as an otherwise harmless prank) shutting the machine down therefore requiring someone to have physical access to the machine to resolve the problem.
0
Reply
be flag
chepner
@TooTea I would assume that any untrusted user with physical access to the machine knows how to bypass the BIOS password and pick the lock.
1
Reply
wizzwizz4 avatar
de flag
wizzwizz4
@chepner I would assume that any untrusted user with physical access to the machine knows how to hit it repeatedly with a chair.
6
Reply
be flag
chepner
@wizzwizz4 That's the point. If they have physical access, all bets are off.
3
Reply
in flag
Austin Hemmelgarn
@BryanKrause Indeed, I agree from the context that that’s a reasonable assumption here, I just kind of feel obligated to point out the physical security aspect, because it’s something that is often either overlooked or evaluated based on incorrect assumptions by less experienced users.
0
Reply
Score:26
avatar Ubuntu
in flag
matigo

The most effective way to do this would be to mask the power off target like this:

sudo systemctl mask poweroff.target

Now it will be impossible for anyone to shut down the machine unless they hold down the power button or physically disconnect the machine from power.

Rebooting is unaffected by this mask.

In the event you need to shut the machine down in the future for maintenance or hardware replacement, you can unmask the target:

sudo systemctl unmask poweroff.target
0 + 0
Peter Cordes avatar
fr flag
Peter Cordes
I doubt this would affect the magic SysRq key stuff, like alt+sysrq+o to power off (https://en.wikipedia.org/wiki/Magic_SysRq_key), so if you have remote console access that looks to Linux like a real physical keyboard (e.g. via KVM-over-IP), you'd also want to secure the more interesting of those with `/etc/sysctl.d/10-magic-sysrq.conf`, if Ubuntu's default mask doesn't already prevent that (and perhaps unsafe reboots).
3
Reply
in flag
matigo
@PeterCordes ⇢ This is an interesting case that I've yet to encounter. Will need to do some studying. Thanks for the tip
0
Reply
David Holland avatar
in flag
David Holland
Bit late but I tried this and this is the one that worked.
0
Reply
Score:10
Chris Bouchard avatar Ubuntu
bd flag
Chris Bouchard

If you just need to give the power to reboot to non-admin users, you can add an entry for them in your sudoers file for reboot (and/or systemctl reboot, depending what you want them to run). Then they will be able to run sudo reboot (and/or sudo systemctl reboot). This answer assumes that they do not otherwise have access to sudo — i.e., that they are normal, non-admin users that are not part of the wheel group.

The sudoers file lives at /etc/sudoers, but you should not edit it directly. Rather, you should only edit it using visudo. You'll need to be root to edit it, so you'll run sudo visudo. The visudo command will verify the syntax of your edits, and you should always use this to avoid breaking your config and preventing yourself gaining root access in the future.

Then you can add the something like following lines to your sudoers file:

username ALL=(root): /usr/sbin/reboot
username ALL=(root): /usr/bin/systemctl reboot

where username is the user's username (or %groupname for a group), and where the paths are the actual paths to the commands on your system (check with which, e.g., which reboot.).

For more information, check out man sudoers, man sudo, and man visudo.

0 + 0
vn flag
Pablo Bianchi
You can also enable/disable non-root users ability to suspend/reboot [tweaking D-Bus config file](https://unix.stackexchange.com/q/749708/209677)
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.