On 7/20/05, Richard Fish <[EMAIL PROTECTED]> wrote: > Mark Knecht wrote: > > >Hi, > > I'm trying to get my mythfrontend box to allow a user to shut the > >machine down without the use of a keyboard. We are only using remote > >controls. suso doesn't seem to be an option because it requires a > >password. (AFAICT) > > > > Is there some other way that I could make this work? > > > > > > > > 2 options: > > 1. Sudo can be setup to allow some commands to be run without a > password. I think this entry in /etc/sudoers should work: > > mythtv ALL = NOPASSWD: /sbin/shutdown
Yes, I have this working. My problem with this solution was slightly deeper. To get MythTV to execute this command I have to put 'sudo shutdown -h now' in a setup screen within the setup portion of mythfrontend. In a general sense I don't know how to do that without a keyboard being attached to the machine. So far I haven't found where MythTV stores this information so that I could edit it from an ssh login. Granted I can attach a keyboard for a few minutes when the machine is here at my house, but I'm hesitant to use a solution that I cannot fix via ssh when the machine is remote at my folks house. > > I have not tested this, so if something goes wrong, you'll have to try > and figure out "man sudoers". > > 2. Create a setuid (chmod 4711 /sbin/shutdown_by_anyone.sh) shell script > that runs shutdown. Be sure to export the PATH, and unset LD_PRELOAD > and LD_LIBRARY_PATH variables at the very beginning of the script. Also > make sure the interpreter line is "/bin/bash --". This doesn't fix all > of the security holes with setuid shell scripts, just the most common > and easiest to fix... I don't know how this is much of a security issue for me, but then again I don't know much about security, and I suppose it could be if someone plugs a keyboard in and wants to cause some harm. Shame on them, but good of you to consider it. Thanks, Mark -- gentoo-user@gentoo.org mailing list
