Hi list, I installed on my workstation C8.1 (1911) and performed a minimal install and then installed XFCE from EPEL. I noticed a strange behaviour (don't know if this is the wanted default). If I try ,from normal user shell, to run command like "reboot" or "shutdown -h now" system will reboot/shutdown. This happens on tty console, on xfce terminal and ssh session. My user is not in wheel and during install I have not enabled checkbox to give that user administration permission. I tried to create a new user with adduser but got the same problem. To solve this I modified polkit login1 policy on /usr/share/polkit-1/actions/org.freedesktop.login1.policy setting <allow_active>no</allow_active> for statement that concern reboot and shutdown/poweroff. Why on CentOS a normal user can shutdown the system without root privileges? I think that on any server normal user should not be able to shutdown the system without privileges. This is a bug or a wanted default? Thanks in advance.
> Hi list, > > I installed on my workstation C8.1 (1911) and performed a minimal > install and then installed XFCE from EPEL. > > I noticed a strange behaviour (don't know if this is the wanted > default). If I try ,from normal user shell, to run command like "reboot" > or "shutdown -h now" system will reboot/shutdown. This happens on tty > console, on xfce terminal and ssh session.But can you describe exactly in which situation user x can shutdown? I mean, if you say via ssh connection, is it that user x is at the same time also logged in into XFCE desktop on the same system? Or is it also true if the only login to the system at this time is via the ssh connection and then user x is still able to shutdown? I mean if user x runs the XFCE session remote on the system using ssh X11 forwarding, NX or whatever, then user x should really NOT be able to shutdown without providing the root password. That would be a nightmare for multi user systems :-) Regards, Simon
Il 24/01/20 15:11, Simon Matter via CentOS ha scritto:>> Hi list, >> >> I installed on my workstation C8.1 (1911) and performed a minimal >> install and then installed XFCE from EPEL. >> >> I noticed a strange behaviour (don't know if this is the wanted >> default). If I try ,from normal user shell, to run command like "reboot" >> or "shutdown -h now" system will reboot/shutdown. This happens on tty >> console, on xfce terminal and ssh session. > But can you describe exactly in which situation user x can shutdown? I > mean, if you say via ssh connection, is it that user x is at the same time > also logged in into XFCE desktop on the same system? Or is it also true if > the only login to the system at this time is via the ssh connection and > then user x is still able to shutdown? > > I mean if user x runs the XFCE session remote on the system using ssh X11 > forwarding, NX or whatever, then user x should really NOT be able to > shutdown without providing the root password. That would be a nightmare > for multi user systems :-) > > Regards, > Simon > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centosHi Simon, I tried on my system using XFCE, I tried with a fresh installation on vm without X (using minimal and server installation), inside ssh with/without user logged and from tty console. Try to reproduce it. Install C8 on a VM using minimal installation, login in as normal user an type reboot.
> I noticed a strange behaviour (don't know if this is the wanted > default). If I try ,from normal user shell, to run command like "reboot" > or "shutdown -h now" system will reboot/shutdown. This happens on tty > console, on xfce terminal and ssh session.I've just created a normal user on my test system and when I try to reboot or halt the system when logged in via ssh I get: $ reboot Failed to set wall message, ignoring: Interactive authentication required. Failed to reboot system via logind: Interactive authentication required. Failed to open initctl fifo: Permission denied Failed to talk to init daemon. Which is correct behaviour. However, a user logged in at the machine as GUI console session has always been able to halt or reboot the system.> > Why on CentOS a normal user can shutdown the system without root > privileges? I think that on any server normal user should not be able to > shutdown the system without privileges. >If it's a desktop machine, then the console logged in user should be able to shutdown the machine - at least then it means they don't resort to pulling the plug. Presumably you don't allow users physically near a server? P.
> >> I noticed a strange behaviour (don't know if this is the wanted >> default). If I try ,from normal user shell, to run command like "reboot" >> or "shutdown -h now" system will reboot/shutdown. This happens on tty >> console, on xfce terminal and ssh session. > > I've just created a normal user on my test system and when I try to > reboot or halt the system when logged in via ssh I get: > > $ reboot > Failed to set wall message, ignoring: Interactive authentication > required. > Failed to reboot system via logind: Interactive authentication > required. > Failed to open initctl fifo: Permission denied > Failed to talk to init daemon. > > Which is correct behaviour. > > However, a user logged in at the machine as GUI console session has > always been able to halt or reboot the system. > >> >> Why on CentOS a normal user can shutdown the system without root >> privileges? I think that on any server normal user should not be able to >> shutdown the system without privileges. >> > If it's a desktop machine, then the console logged in user should be > able to shutdown the machine - at least then it means they don't resort > to pulling the plug. Presumably you don't allow users physically near > a server?That's why I asked if the user who was logged in via ssh was also logged in locally at the same time. That would at lest explain such behavior. Regards, Simon
Il 24/01/20 15:44, Pete Biggs ha scritto:>> I noticed a strange behaviour (don't know if this is the wanted >> default). If I try ,from normal user shell, to run command like "reboot" >> or "shutdown -h now" system will reboot/shutdown. This happens on tty >> console, on xfce terminal and ssh session. > I've just created a normal user on my test system and when I try to > reboot or halt the system when logged in via ssh I get: > > $ reboot > Failed to set wall message, ignoring: Interactive authentication required. > Failed to reboot system via logind: Interactive authentication required. > Failed to open initctl fifo: Permission denied > Failed to talk to init daemon. > > Which is correct behaviour.Hi Pete, Yes this is what I expect, but I'm trying to understand why on a fresh installation on a VM, this happens on ssh without user logged in or from console as normal user? I tried the installation several times and with several ISO but nothing changed. On every fresh installation I have not installed other packages and not enabled networking. If you have the time, please can you try to install from 8.1 iso using minimal installation and try again? I know that you struggle to believe my problem but I don't know how to prove this.> However, a user logged in at the machine as GUI console session has > always been able to halt or reboot the system.This does not happen only on my xfce system but on system on VM without a GUI.> >> Why on CentOS a normal user can shutdown the system without root >> privileges? I think that on any server normal user should not be able to >> shutdown the system without privileges. >> > If it's a desktop machine, then the console logged in user should be > able to shutdown the machine - at least then it means they don't resort > to pulling the plug....> Presumably you don't allow users physically near > a server?No, but this happen also in ssh session. Thank you for your help.
On 1/24/20 4:38 AM, Alessandro Baggi wrote:> Hi list, > > I installed on my workstation C8.1 (1911) and performed a minimal install and > then installed XFCE from EPEL. > > I noticed a strange behaviour (don't know if this is the wanted default). If I > try ,from normal user shell, to run command like "reboot" or "shutdown -h now" > system will reboot/shutdown. This happens on tty console, on xfce terminal and > ssh session. > > My user is not in wheel and during install I have not enabled checkbox to give > that user administration permission. I tried to create a new user with adduser > but got the same problem. > > To solve this I modified polkit login1 policy on > /usr/share/polkit-1/actions/org.freedesktop.login1.policy setting > <allow_active>no</allow_active> for statement that concern reboot and > shutdown/poweroff. > > Why on CentOS a normal user can shutdown the system without root privileges? I > think that on any server normal user should not be able to shutdown the system > without privileges. > > This is a bug or a wanted default?So, as you figured out from the polkit setting - "active" user's (i.e. with a "seat") have access to shut a machine down. Now to figure out who has a seat - and you use "loginctl" to see that. For e.g. from my non-privileged user logged into my CentOS 8.1 VM via ssh: $ loginctl SESSION UID USER SEAT TTY 1 ##### user it shows that I don't have a "seat" and so: $ shutdown -h now Failed to set wall message, ignoring: Connection timed out Failed to power off system via logind: Interactive authentication required. Failed to open initctl fifo: Permission denied Failed to talk to init daemon. as expected. Perhaps you can start tracking down with loginctl who has a seat and why. -- Orion Poplawski Manager of NWRA Technical Systems 720-772-5637 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane orion at nwra.com Boulder, CO 80301 https://www.nwra.com/
Il 24/01/20 23:00, Orion Poplawski ha scritto:> On 1/24/20 4:38 AM, Alessandro Baggi wrote: >> Hi list, >> >> I installed on my workstation C8.1 (1911) and performed a minimal install and >> then installed XFCE from EPEL. >> >> I noticed a strange behaviour (don't know if this is the wanted default). If I >> try ,from normal user shell, to run command like "reboot" or "shutdown -h now" >> system will reboot/shutdown. This happens on tty console, on xfce terminal and >> ssh session. >> >> My user is not in wheel and during install I have not enabled checkbox to give >> that user administration permission. I tried to create a new user with adduser >> but got the same problem. >> >> To solve this I modified polkit login1 policy on >> /usr/share/polkit-1/actions/org.freedesktop.login1.policy setting >> <allow_active>no</allow_active> for statement that concern reboot and >> shutdown/poweroff. >> >> Why on CentOS a normal user can shutdown the system without root privileges? I >> think that on any server normal user should not be able to shutdown the system >> without privileges. >> >> This is a bug or a wanted default? > So, as you figured out from the polkit setting - "active" user's (i.e. with a > "seat") have access to shut a machine down. Now to figure out who has a seat > - and you use "loginctl" to see that. For e.g. from my non-privileged user > logged into my CentOS 8.1 VM via ssh: > > $ loginctl > SESSION UID USER SEAT TTY > 1 ##### user > > it shows that I don't have a "seat" and so: > > $ shutdown -h now > Failed to set wall message, ignoring: Connection timed out > Failed to power off system via logind: Interactive authentication required. > Failed to open initctl fifo: Permission denied > Failed to talk to init daemon. > > as expected. Perhaps you can start tracking down with loginctl who has a seat > and why. >Hi, thank you very much for your suggestion, loginctl did help me to understand this "problem". I tried to run loginctl on my VM logging in with ssh and I get this: [testuser at localhost ~]$ loginctl SESSION?? UID USER?????? SEAT?? TTY ?????????? 3? 1000 testuser 1 sessions listed. and try to run reboot give me the expected behaviour. If I try from tty console I have a seat for testuser and can reboot the system. I don't know what I done in the other test... Thank you very much, I'm happy this is my mistake and not a centos bug. Thank you to all user that helped me.