[S.u.S.E. Linux] shoutdown ?
hi, What is the best way to shutdown Linux by non-root user ? Cheers jae -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
CTRL-ALT-DEL On 17-Apr-98 Jaeha Lee wrote:
hi,
What is the best way to shutdown Linux by non-root user ?
Cheers jae
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
---------------------------------- <A HREF="http://homepages.skylink.net/~gecko/index.html"><A HREF="http://homepages.skylink.net/~gecko/index.html</A">http://homepages.skylink.net/~gecko/index.html</A</A>> -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS d+(-) s:+ a29 C++$ UL++>++++ P+++$ L++>++++ E? W+++$ N+(-) o? K- w+++$(--) O M-- V- PS-- PE++ Y++ PGP++ t+ 5 X R+ !tv b++++ DI+++ D++ G++>G+++ e h+ r* y+ ------END GEEK CODE BLOCK------ ---------------------------------- -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
gdb@freecar.com wrote:
CTRL-ALT-DEL
Hey, this is _not_ windooze!! ;-) Truly, it works fine. Unless you have to find the right mioment to switch off, otherwise it goes back to linux. If you want a "proper" way look for "sudoers". The manpages examples tell most of it.
On 17-Apr-98 Jaeha Lee wrote:
hi,
What is the best way to shutdown Linux by non-root user ?
Cheers jae
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- ========================================== __ _ Jürgen Braukmann e-mail: brauki@cww.de | / / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | / /__/ / _ \/ // /\ \/ / ========================================== /____/_/_//_/\_,_/ /_/\_\ -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
hi, I read man page about "sudoers", but too many things I don't understand. please can you give me simple example, I'm not on the network, it's truly stand-alone home PC. On Fri, 17 Apr 1998, Juergen Braukmann wrote:
gdb@freecar.com wrote:
CTRL-ALT-DEL
Hey, this is _not_ windooze!! ;-)
Truly, it works fine. Unless you have to find the right mioment to switch off, otherwise it goes back to linux. If you want a "proper" way look for "sudoers". The manpages examples tell most of it.
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
Jaeha Lee wrote:
hi,
I read man page about "sudoers", but too many things I don't understand. please can you give me simple example, I'm not on the network, it's truly stand-alone home PC.
OK, here we go. I give you my /etc/sudoers: --------------------------8<---------------------------------------- # sudoers file. # # This file MUST be edited with the 'visudo' command as root. # # See the man page for the details on how to write a sudoers file. # # Host alias specification Host_Alias LOCAL=slartibartfast # User alias specification User_Alias SYSTEM=braukman,dk4jb # Cmnd alias specification Cmnd_Alias DOWN=/sbin/halt # User privilege specification root ALL=(ALL) ALL SYSTEM LOCAL=DOWN # brauki is allowed to shutdown slartibartfast without giving his password: brauki slartibartfast=NOPASSWD:DOWN # and so might his alter ego braukman ;-) braukman slartibartfast=/sbin/halt NOPASSWD:ALL # --------------------------8<---------------------------------------- to shout down my system I issue a 'sudo /sbin/halt'. I am not asked to give my password, since I turned that off. that should do the trick. you must install the sudo-package first. an other tip to shut down a system is the following: create a user say... down modify /etc/passwd: [...] nobody:x:-2:-2:nobody:/tmp:/bin/bash brauki:x:500:100:Juergen Braukmann:/home/brauki:/bin/bash down:x:0:100:shutdownuseer:/tmp:/sbin/halt [...] ^^^^^^^^^^^ switch to another console log in as down and enjoy. ;-) (I have not tried that one, but I remember someone sugesting that...) Jürgen ps: I have just tried that, it works if you give "down" the uid 0 (root) it's a good idea, to have a password on that account, too ;-) in my opinion it comes next to ctrl-alt-del, the proper way is sudo. nice to be root and able to change messages already in /etc/mqueue ... ;-)) wq ^^ oupps.. wrong editor ;-) -- ========================================== __ _ Jürgen Braukmann e-mail: brauki@cww.de | / / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | / /__/ / _ \/ // /\ \/ / ========================================== /____/_/_//_/\_,_/ /_/\_\ -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
Thank you very much really !!! Cheers jae On Sat, 18 Apr 1998, Juergen Braukmann wrote:
Jaeha Lee wrote:
hi,
I read man page about "sudoers", but too many things I don't understand. please can you give me simple example, I'm not on the network, it's truly stand-alone home PC.
OK, here we go. I give you my /etc/sudoers:
--------------------------8<---------------------------------------- # sudoers file. # # This file MUST be edited with the 'visudo' command as root. # # See the man page for the details on how to write a sudoers file. #
# Host alias specification Host_Alias LOCAL=slartibartfast # User alias specification User_Alias SYSTEM=braukman,dk4jb # Cmnd alias specification Cmnd_Alias DOWN=/sbin/halt # User privilege specification root ALL=(ALL) ALL SYSTEM LOCAL=DOWN # brauki is allowed to shutdown slartibartfast without giving his password: brauki slartibartfast=NOPASSWD:DOWN # and so might his alter ego braukman ;-) braukman slartibartfast=/sbin/halt NOPASSWD:ALL # --------------------------8<----------------------------------------
to shout down my system I issue a 'sudo /sbin/halt'. I am not asked to give my password, since I turned that off. that should do the trick. you must install the sudo-package first.
an other tip to shut down a system is the following: create a user say... down
modify /etc/passwd:
[...] nobody:x:-2:-2:nobody:/tmp:/bin/bash brauki:x:500:100:Juergen Braukmann:/home/brauki:/bin/bash down:x:0:100:shutdownuseer:/tmp:/sbin/halt [...] ^^^^^^^^^^^ switch to another console log in as down and enjoy. ;-)
(I have not tried that one, but I remember someone sugesting that...)
Jürgen
ps: I have just tried that, it works if you give "down" the uid 0 (root)
it's a good idea, to have a password on that account, too ;-)
in my opinion it comes next to ctrl-alt-del, the proper way is sudo. nice to be root and able to change messages already in /etc/mqueue ... ;-))
wq ^^ oupps.. wrong editor ;-)
-- ========================================== __ _ Jürgen Braukmann e-mail: brauki@cww.de | / / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | / /__/ / _ \/ // /\ \/ / ========================================== /____/_/_//_/\_,_/ /_/\_\ -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
Anything else ? On Thu, 16 Apr 1998 gdb@freecar.com wrote:
CTRL-ALT-DEL
On 17-Apr-98 Jaeha Lee wrote:
hi,
What is the best way to shutdown Linux by non-root user ?
Cheers jae
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
---------------------------------- <A HREF="http://homepages.skylink.net/~gecko/index.html"><A HREF="http://homepages.skylink.net/~gecko/index.html</A">http://homepages.skylink.net/~gecko/index.html</A</A>> -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS d+(-) s:+ a29 C++$ UL++>++++ P+++$ L++>++++ E? W+++$ N+(-) o? K- w+++$(--) O M-- V- PS-- PE++ Y++ PGP++ t+ 5 X R+ !tv b++++ DI+++ D++ G++>G+++ e h+ r* y+ ------END GEEK CODE BLOCK------ ---------------------------------- -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
Has any setup Suse on a pc to just be a firewall? one ethernet in and one ethernet out? or is there a faq for firewalling out there.. thanks Mark Skinner -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
Look in either /usr/docs/howto or /usr/docs/howto/mini On 17-Apr-98 Mark Skinner wrote:
Has any setup Suse on a pc to just be a firewall? one ethernet in and one ethernet out? or is there a faq for firewalling out there.. thanks Mark Skinner
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
---------------------------------- <A HREF="http://homepages.skylink.net/~gecko/index.html"><A HREF="http://homepages.skylink.net/~gecko/index.html</A">http://homepages.skylink.net/~gecko/index.html</A</A>> -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS d+(-) s:+ a29 C++$ UL++>++++ P+++$ L++>++++ E? W+++$ N+(-) o? K- w+++$(--) O M-- V- PS-- PE++ Y++ PGP++ t+ 5 X R+ !tv b++++ DI+++ D++ G++>G+++ e h+ r* y+ ------END GEEK CODE BLOCK------ ---------------------------------- -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
The Gecko wrote:
Look in either /usr/docs/howto or /usr/docs/howto/mini
There is a firewall package included on our CDs. I'm currently working on a english version of our firewall howto. See <A HREF="http://www.suse.com/~bb/fw-howto/"><A HREF="http://www.suse.com/~bb/fw-howto/</A">http://www.suse.com/~bb/fw-howto/</A</A>> for the first draft. It's almost ready, but still needs spellchecking... Ciao, BB
Has any setup Suse on a pc to just be a firewall? one ethernet in and one ethernet out? or is there a faq for firewalling out there.. thanks Mark Skinner
-- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
---------------------------------- <A HREF="http://homepages.skylink.net/~gecko/index.html"><A HREF="http://homepages.skylink.net/~gecko/index.html</A">http://homepages.skylink.net/~gecko/index.html</A</A>> -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS d+(-) s:+ a29 C++$ UL++>++++ P+++$ L++>++++ E? W+++$ N+(-) o? K- w+++$(--) O M-- V- PS-- PE++ Y++ PGP++ t+ 5 X R+ !tv b++++ DI+++ D++ G++>G+++ e h+ r* y+ ------END GEEK CODE BLOCK------ ---------------------------------- -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
-- Bodo Bauer S.u.S.E., LLC fon +1-510-835 7873 bb@suse.de 458 Santa Clara Avenue fax +1-510-835 7875 <A HREF="http://www.suse.com"><A HREF="http://www.suse.com</A">http://www.suse.com</A</A>> Oakland CA, 94610 USA -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
Hello,
Has any setup Suse on a pc to just be a firewall? one ethernet in and one ethernet out? or is there a faq for firewalling out there..
You might take a look at "<A HREF="http://www.xos.nl/linux/ipfwadm/paper"><A HREF="http://www.xos.nl/linux/ipfwadm/paper</A">http://www.xos.nl/linux/ipfwadm/paper</A</A>>" ... Thomas -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
On Thu, Apr 16, 1998 at 05:16:15PM -0700, Mark Skinner wrote:
Has any setup Suse on a pc to just be a firewall? one ethernet in and one ethernet out? or is there a faq for firewalling out there..
There is a Firewall-HOWTO on sunsite (and alot of other places) <A HREF="http://sunsite.unc.edu/LDP/"><A HREF="http://sunsite.unc.edu/LDP/</A">http://sunsite.unc.edu/LDP/</A</A>> -- Andrew L. Davis Network Operations adavis@vprlnk.net ViperLink International -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
Mark Skinner wrote:
Has any setup Suse on a pc to just be a firewall? one ethernet in and one ethernet out? or is there a faq for firewalling out there.. thanks Mark Skinner
The most famous firewalls for Linux are the buildin capabilities managed with ipfwadm - no additional tools required - and FWTK and SOCKS. 1. SuSE Linux has the first type of firewall support buildin, which is usually maintained with - see: man ipfwadm * correct me, if I'm wrong * - - - But this is a type of packet filtering router and is suitable for dividing subnets or as a simple firewall, if the connection with internet is NOT 24 hours AND with a dynamic IP. If in use 24 hours with a leased line and a static IP - it's not secure enough. Two application level firewalls are 2. FWTK This is the most famous kit in the Linux community 3. SOCKS The other Application level Firewall (exactly: circuit level), called SOCKS5, look here: <A HREF="http://www.socks.nec.com/"><A HREF="http://www.socks.nec.com/</A">http://www.socks.nec.com/</A</A>> and <A HREF="http://www.socks5toolkit.nec.com/"><A HREF="http://www.socks5toolkit.nec.com/</A">http://www.socks5toolkit.nec.com/</A</A>> Performance diff.: Type 1 does not need as much computing power as type 2 or 3. The SOCKS5 package compiles and runs *smooth* on Linux (ELF) without any problems, it's easy of use and has features which gives you the ability for VPN. Now any apps can be socksified - not the restrictions as FWTK. The FWTK has some advantage in that there can be a setup more restrictive for the office staff, but both (SOCKS5 and FWTK) give high protection from outside. But SOCKS5 is much more flexible and user friendly. Additionally as I know from many other mailings, the SOCKS has a better performance than FWTK. The machine we use for SOCKS5 is a EPoX-mainboard, P166+ CyRIX, 32 MB RAM, AHA-2940 + 2 GB SCSI (one GIGA is enough also), two NE-2000 compatible cards and if 10 - 15 ? people are mailing and surfing, the load on the machine is pretty high sometimes... so for a bigger office I would consider a 200 Pro + and 64 MB RAM. The bastion host is dual homed with different IP on both network cards. To setup/install the cards, I reserved a small DOS- partition for the DOS tools of the cards, in Linux then, since Linux recognizes only one card alone, I enter parameters into lilo.conf (see HowTos for multiple ethernet...) Even it's a server, I recommend to install X-windows for the first time, you have a good control in several windows and SOCKS5 has additional abilities of graphical statistics... It'a good to be able to watch both cards and the output of the SOCKS5 server (debugging mode) plus machine load. (NOTE: X-Windows has vulnerabilities concerning security !!! - so the bastion host should run later without X. SOCKS5 has tools for logging and statistics running on another machine) Additionally on such a firewall can be installed a proxy server, wich caches content for your users. But with that I have no practical experience yet. Squid is famous and by reading mailings maybe best. SuSE comes with Squid preinstalled ! Very nice. I highly recommend to take a good book on firewalling ! Best Regards, Lu PS. I choosed SOCKS5 as bastion host for a company and we run it on top of Caldera OpenLinux Base, but there should be no difference in modern distributions today (SuSE, Caldera, RedHat, etc...) -- Ludwig Richter CGI consult <A HREF="http://www.cgicon.com/"><A HREF="http://www.cgicon.com/</A">http://www.cgicon.com/</A</A>> Lu@cgicon.com With Acknowledge: richter@cgicon.com _________________________________________________________ Sent with Netscape Communicator 4.04 on S.u.S.E.Linux 5.2 -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
participants (9)
-
adavis@hayson.vmarketing.com -
bb@suse.com -
brauki@cww.de -
gdb@freecar.com -
gecko@benham.net -
jae@student.unsw.EDU.AU -
mailinfo@cgicon.com -
mskinner@verio.net -
thko@wtal.de