On 04/01/16 07:16 PM, Michael Biebl wrote:
Am 04.01.2016 um 22:43 schrieb Gary Dale:
The link is to /bin/systemctl which is NOT world executable and is owned
by root:root. Therefore it should not be executable by anyone other than
root.
$ ls -al /bin/systemctl
-rwxr-xr-x 1 root root 651512 Jan
On Mon, Jan 04, 2016 at 08:03:48PM +0100, jdd wrote:
> https://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
>
> see
>
> 4.8 Restricting system reboots through the console
>
> mostly:
>
> If you want to restrict this, you must check the /etc/inittab so that the
> line that includ
On Mon 04 Jan 2016 at 16:43:05 (-0500), Gary Dale wrote:
> On 04/01/16 03:39 PM, to...@tuxteam.de wrote:
> >-BEGIN PGP SIGNED MESSAGE-
> >Hash: SHA1
> >
> >On Mon, Jan 04, 2016 at 03:25:02PM -0500, Gary Dale wrote:
> >>On 04/01/16 12:14 PM, to...@tuxteam.de wrote:
> >[...]
> >
> >>>Dunno ab
On Tue 05 Jan 2016 at 06:57:28 (+1000), Stuart Longland wrote:
>
> As for symlink behaviour, directory entities all occupy inodes, and a
> symbolic link is a special type of directory entity whose content points
> to another by name.
>
> A hard link is basically a directory entry that, rather tha
Am 05.01.2016 um 01:24 schrieb Brian:
> I have not tried policykit from experimental but believe the format of a
> localauthority file has changed to use JavaScript.
Correct.
Will present .pkla
> files continue to work with this version of policykit?
Not out of the box. There is an addon [1],
On Tue 05 Jan 2016 at 00:48:20 +0100, Michael Biebl wrote:
> Am 04.01.2016 um 23:36 schrieb Floris:
> >
> > Maybe there is a reason. Why is the default rule:
> >
> >
> > auth_admin_keep
> > auth_admin_keep
> > yes
> >
> >
> > instead of
> > ...
> > auth_admin_keep
> > ...
>
> The reasoni
Am 04.01.2016 um 22:43 schrieb Gary Dale:
> The link is to /bin/systemctl which is NOT world executable and is owned
> by root:root. Therefore it should not be executable by anyone other than
> root.
$ ls -al /bin/systemctl
-rwxr-xr-x 1 root root 651512 Jan 2 20:17 /bin/systemctl
systemctl is e
Am 04.01.2016 um 23:36 schrieb Floris:
> Op Mon, 04 Jan 2016 21:43:10 +0100 schreef Brian :
>
>> On Mon 04 Jan 2016 at 20:03:33 +0100, Floris wrote:
>>
>>> Op Mon, 04 Jan 2016 18:16:39 +0100 schreef Michael Biebl
>>> :
>>>
>>> >Am 04.01.2016 um 16:55 schrieb Floris:
>>> >>Dear list,
>>> >>
>>> >>O
Op Mon, 04 Jan 2016 21:43:10 +0100 schreef Brian :
On Mon 04 Jan 2016 at 20:03:33 +0100, Floris wrote:
Op Mon, 04 Jan 2016 18:16:39 +0100 schreef Michael Biebl
:
>Am 04.01.2016 um 16:55 schrieb Floris:
>>Dear list,
>>
>>Often there are multiple users working on my multiseat [1] system,
so
On 04/01/16 04:05 PM, Stuart Longland wrote:
On 05/01/16 06:30, Gary Dale wrote:
Possibly but I note that systemctl is owned by root:root so that typical
users can't execute it anyway. They get execute rights from the links.
Errm, no they wouldn't. Not if they were symlinks. Hardlinks, maybe.
On 04/01/16 03:39 PM, to...@tuxteam.de wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jan 04, 2016 at 03:25:02PM -0500, Gary Dale wrote:
On 04/01/16 12:14 PM, to...@tuxteam.de wrote:
[...]
Dunno about systemctl, but FWIW you can't change the permissions of
a symlink. It's alway
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jan 04, 2016 at 03:25:02PM -0500, Gary Dale wrote:
> On 04/01/16 12:14 PM, to...@tuxteam.de wrote:
[...]
> >Dunno about systemctl, but FWIW you can't change the permissions of
> >a symlink. It's always "all on".
> >
> >
> Interesting. Why do
On 05/01/16 06:30, Gary Dale wrote:
> Possibly but I note that systemctl is owned by root:root so that typical
> users can't execute it anyway. They get execute rights from the links.
Errm, no they wouldn't. Not if they were symlinks. Hardlinks, maybe.
> Systemctl seems to figure out what to do
On 05/01/16 06:25, Gary Dale wrote:
> Interesting. Why do they behave that way? Hard links don't (but
> replacing the symlink with a hardlink would fail if /bin & /sbin were on
> different devices. Also, I gather that systemctl looks at how it is
> called to determine the action it needs to take -
On Mon 04 Jan 2016 at 20:03:33 +0100, Floris wrote:
> Op Mon, 04 Jan 2016 18:16:39 +0100 schreef Michael Biebl :
>
On 04/01/16 03:19 PM, Stuart Longland wrote:
On 05/01/16 03:14, to...@tuxteam.de wrote:
On Mon, Jan 04, 2016 at 12:16:03PM -0500, Gary Dale wrote:
On 04/01/16 10:55 AM, Floris wrote:
Dear list,
Often there are multiple users working on my multiseat [1] system,
some of them are kids and they a
On 04/01/16 12:14 PM, to...@tuxteam.de wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jan 04, 2016 at 12:16:03PM -0500, Gary Dale wrote:
On 04/01/16 10:55 AM, Floris wrote:
Dear list,
Often there are multiple users working on my multiseat [1] system,
some of them are kids and th
On 05/01/16 03:14, to...@tuxteam.de wrote:
> On Mon, Jan 04, 2016 at 12:16:03PM -0500, Gary Dale wrote:
>> On 04/01/16 10:55 AM, Floris wrote:
>>> Dear list,
>>>
>>> Often there are multiple users working on my multiseat [1] system,
>>> some of them are kids and they are not paying attention if som
Hi Floris,
Am 04.01.2016 um 20:53 schrieb Floris:
> Op Mon, 04 Jan 2016 20:03:33 +0100 schreef Floris :
>
>> Op Mon, 04 Jan 2016 18:16:39 +0100 schreef Michael Biebl
>> :
>>
>>> Am 04.01.2016 um 16:55 schrieb Floris:
Dear list,
Often there are multiple users working on my multisea
Op Mon, 04 Jan 2016 20:03:33 +0100 schreef Floris :
Op Mon, 04 Jan 2016 18:16:39 +0100 schreef Michael Biebl
:
Am 04.01.2016 um 16:55 schrieb Floris:
Dear list,
Often there are multiple users working on my multiseat [1] system, some
of them are kids and they are not paying attention if som
Le 04/01/2016 20:03, jdd a écrit :
(but not only, see shutdown man page)
in kde control center, under login, there is a tab for shutdown
jdd
Is it possible that only root can shutdown/ reboot the computer if multiple
users are logged in and when there is only one user that user is able to
shutdown the computer?
time ago, the question was asked at each install. There is certainly an
option "who can shut down the computer", but do no
Op Mon, 04 Jan 2016 18:16:39 +0100 schreef Michael Biebl
:
Am 04.01.2016 um 16:55 schrieb Floris:
Dear list,
Often there are multiple users working on my multiseat [1] system, some
of them are kids and they are not paying attention if someone else is
logged in. They can shutdown the computer
On Mon 04 Jan 2016 at 16:55:56 +0100, Floris wrote:
> Often there are multiple users working on my multiseat [1] system, some of
> them are kids and they are not paying attention if someone else is logged
> in. They can shutdown the computer even if someone else is logged in and
> have an active s
Put each subaccount one per line into /etc/shutdown.deny then reboot.
On Mon, 4 Jan 2016, Floris wrote:
Date: Mon, 4 Jan 2016 10:55:56
From: Floris
To: "debian-user@lists.debian.org"
Subject: Prevent shutdown with systemctl
Resent-Date: Mon, 4 Jan 2016 15:56:13 + (UTC)
Resent-From: debia
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jan 04, 2016 at 12:16:03PM -0500, Gary Dale wrote:
> On 04/01/16 10:55 AM, Floris wrote:
> >Dear list,
> >
> >Often there are multiple users working on my multiseat [1] system,
> >some of them are kids and they are not paying attention if someo
Am 04.01.2016 um 16:55 schrieb Floris:
> Dear list,
>
> Often there are multiple users working on my multiseat [1] system, some
> of them are kids and they are not paying attention if someone else is
> logged in. They can shutdown the computer even if someone else is logged
> in and have an active
On 04/01/16 10:55 AM, Floris wrote:
Dear list,
Often there are multiple users working on my multiseat [1] system,
some of them are kids and they are not paying attention if someone
else is logged in. They can shutdown the computer even if someone else
is logged in and have an active session.
28 matches
Mail list logo
