> On Mar 22, 2015, at 17:58, Philip Webb <purs...@ca.inter.net> wrote: > > 150322 Peter Humphrey wrote: >> On Sunday 22 March 2015 13:04:44 Nikos Chantziaras wrote: >>>> I can reboot the system when I am a user by Ctrl+Alt+Delete. >>>> The user can reboot the system, but can't shut down ? Strange >>> The thinking is that you can unplug the machine >>> or press the hardware reset or power button or flip the PSU switch ... >>> Preventing a ctrl+alt+del reboot does not add anything to security. >>> Security doesn't apply to users with physical access to the machine. >>> However, this is just a default. You can easily disable reboot >>> on ctrl+alt+del by editing /etc/inittab and commenting-out this line: >>> ca:12345:ctrlaltdel:/sbin/shutdown -r now > > Testing my single-user box with the above line in inittab , > I find that if I enter 'A-^Del' , I exit X to the raw terminal ; > another 'A-^Del' then reboots the box. If I enter 'shutdown -r now' as user, > I get "shutdown: you must be root to do that!". 'cd /sbin ; ls -l shutdown' > shows '-rwxr-xr-x 1 root root 23192 May 17 2014 shutdown', > so that behaviour arises from the shutdown script, not the permissions. > > The 1st effect is explained in ~/.fluxbox/keys by > # exit fluxbox > Control Mod1 Delete :Exit > > However, the 2nd effect is not explained so easily : > 'A-^Del' reboots when entered at a raw terminal, > but 'shutdown -r now' does not, yet the former is defined as the latter > by the line above in my /etc/inittab . > > The cause seems to be that 'A-^Del' is intercepted by 'init' (Process 1), > which is owned by root, but 'shutdown -r now' is heard by Process 910 > -- 'bash' running in the raw terminal, which was started by 'init' -- , > which is owned by my user. > > So the behaviour is explained, but following my earlier msg, > which advised to follow proper Unix principles, > I should comment the 'A-^Del' line in inittab : > if the raw terminal can't react to 'su', it won't react to 'A-^Del' either, > so there's no justification in terms of escaping from an emergency.
When you press ctrl-alt-delete kernel recieves it and sends it to the program that has grabbed the keyboard. If this program doesn't trap the sequence it goes to the parent program. Like if you are running a terminal in X it first goes to the shell then terminal and then to X-server. Now usually X traps that and performs what ever action is configured. If you set X not to trap the key press it goes all the way down back to the kernel. When kernel receives it it generates hang-up signal and sends it to the PID 1 aka init. And then executes the command in inittab. ca:12345:ctrlaltdel:/bin/echo "shutdown" And then: kill -HUP 1 Will print "shutdown" to your console. If you write a small program that traps ctrl-alt-del and run that in terminal, the server will not reboot :) >>> pressing the reset button is far worse, since there's no clean shutdown, >>> unmounting filesystems after flushing caches, etc. > > Yes : that's forced only when the keyboard ceases to respond. > >>> Because of that, the default of allowing ctrl+alt+del for local users >>> makes more sense than disabling it. > > That doesn't follow : if you have multiple users, > you don't want some rogue user rebooting randomly ; > it makes sense only as a convenience on a single-user system. > It seems to be the default behaviour of 'inittab' > -- there no comment saying I set it myself, which I would have added -- , > which is not appropriate for Gentoo systems in general, > some of which are undoubtedly multi-user. On a multi-user system only the user sitting on the local terminal can press ctrl-alt-del and reboot the machine as he could also hit the server with a sledge hammer :) -- -Matti
