On 11 Feb 2011, at 10:03, Ger Hooton wrote:
> Q1: How can I find out how a machine was shutdown, was it from a
> command, power on/off button, pulling out the power lead? I have look
> in /var/log/messages and I see "shutdown: shutting down for system halt"
> Where can I get more details?
That looks like a clean shutdown i.e. not just powered off.
> Q2: How can I prevent non privileged users from doing a shutdown or
> restart
Keep them away from the machine. A non privileged user can't shutdown
the system from the command line, but if he has access to the machine he can hit Ctrl-Alt-Del which will usually either shut it down or reboot it - what it does is configurable via /etc/inittab, and you could make it so that Ctrl-Alt-Del does nothing. However, if somebody has access to the console they likely have access to the machine too, so could simply remove power.
The only truly secure computer is one which is powered off, in a locked room with armed guards. The first step towards reducing security is powering it on, and it's all down hill from there. If you must power it on :-) the first step in avoiding a further reduction in system security is continuing to restrict physical access to the machine.
Niall
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
