On Fri, Feb 4, 2011 at 4:41 PM, Boyd Stephen Smith Jr. <b...@iguanasuicide.net> wrote: > In <201102041513.18513.debenv...@fuckaround.org>, Pol Hallen wrote: >> >>How is the best way to deny and allow by time and date of user/s >>poweroff/reboot system? > > You could try something involving a cron job switching between two separately > maintained /etc/sudoers files, one with permissions for /sbin/shutdown and one > without. > > I think your best bet might be SELinux or AppArmor. I don't really have any > experience with either, but I thought they could do time-based roles. Then > you could have a role which allowed the access required for /sbin/shutdown and > only allow certain users to switch into it at certain times, from what I've > heard.
In this case, PolicyKit might be more appropriate than SELinux or AppArmor. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/AANLkTimKOxOj82Q-o_Ph2kK=1jzigzicaxb9jca22...@mail.gmail.com
