There are four kinds of situations to discuss:
1. Allow anyone (including those who do not have a system account at all) to reboot through the console
Keep Ca::ctrlaltdel:/sbin/shutdown-t3-r now in the/etc/inittab file
This line. So the whole nation can reboot your machine, as long as you hand over the console.
2. Allow all system users to reboot
Execute # >/etc/security/console.apps/reboot. This creates an empty file in the Console.apps directory, and the file name is the authorized application. The above path is for Mandrake systems, other systems I'm not sure. However, the truly elegant mandraker may not even rely on ">" to generate this file? They will use msec to control.
3. Allow the specified user to reboot
Suppose we want to let the user Zhizunbao have reboot permission, we rely on Uid/gid to complete the control:
# Groupadd reboot
# cd/usr/local
# mkdir reboot
# chown Root:reboot reboot/
# chmod reboot/
# CD reboot
# Cp/sbin/reboot.
# chmod 4755 reboot
# usermod-g Reboot Zhizunbao
Zhizunbao can now run/usr/local/reboot/reboot to restart the machine.
4. Enable password verification on a machine that does not have a normal user reboot
This is actually achieved by adding a shutdown account, the shell of the account is the/sbin/halt of the S-bit, and only a few maintenance personnel know the password. We are using the 4th package here.
How does Linux give an ordinary user reboot permission?