ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Systemd

    IT Discussion
    systemd init reboot poweroff linux
    3
    14
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stacksofplates @scottalanmiller
      last edited by

      @scottalanmiller said:

      What platforms have you tested this on? That's surprising. I'm going to go look now. How could that have been missed?

      Tested Fedora 23, CentOS 7, and Ubuntu 15.10

      1 Reply Last reply Reply Quote 1
      • S
        scottalanmiller
        last edited by

        Wow, that's crazy.

        1 Reply Last reply Reply Quote 2
        • S
          stacksofplates
          last edited by stacksofplates

          Apparently it won't let you if more than one person is in a shell session, but still.

          M 1 Reply Last reply Reply Quote 0
          • S
            scottalanmiller
            last edited by

            Something is still seriously wrong. Have you found any documentation talking about it?

            S 1 Reply Last reply Reply Quote 2
            • M
              markds @stacksofplates
              last edited by

              @johnhooks said:

              Apparently it won't let you if more than one person is in a shell session, but still.

              And what happens when you run "systemctl reboot -i"?

              In Debian both cases, give me "Failed to start reboot.target: Access denied"

              1 Reply Last reply Reply Quote 0
              • S
                scottalanmiller
                last edited by

                I did it as one unprivileged user on CentOS 7 and it asked me for the password of a different users, very odd.

                S 1 Reply Last reply Reply Quote 0
                • S
                  stacksofplates @scottalanmiller
                  last edited by

                  @scottalanmiller said:

                  Something is still seriously wrong. Have you found any documentation talking about it?

                  The only thing I saw was a post of someone defending systemd. She just added it at the bottom of the list of things like it was a feature.

                  https://www.linux.com/learn/tutorials/794615-systemd-runlevels-and-service-management

                  1 Reply Last reply Reply Quote 0
                  • S
                    stacksofplates @scottalanmiller
                    last edited by stacksofplates

                    @scottalanmiller said:

                    I did it as one unprivileged user on CentOS 7 and it asked me for the password of a different users, very odd.

                    ya I just tried one that I created. I guess I did try it from my account, which is in the wheel group. Still, why is it asking for a privileged user account password instead of just denying? Now all I have to do is correctly guess the users password, vs just being flat out denied and not able to elevate to root.

                    I think this is handled with polkit, but I haven't figured out how to change it yet.

                    S 1 Reply Last reply Reply Quote 1
                    • S
                      stacksofplates
                      last edited by stacksofplates

                      Here's what you get when you reboot that way. In /var/log/secure

                      Jan 23 08:30:57 ZeroTier polkitd[800]: Operator of unix-process:26388:3662705 successfully authenticated as unix-user:jhooks to gain TEMPORARY authorization for action org.freedesktop.login1.reboot for system-bus-name::1.41 [systemctl reboot] (owned by unix-user:test)

                      1 Reply Last reply Reply Quote 0
                      • S
                        scottalanmiller @stacksofplates
                        last edited by

                        @johnhooks said:

                        @scottalanmiller said:

                        I did it as one unprivileged user on CentOS 7 and it asked me for the password of a different users, very odd.

                        ya I just tried one that I created. I guess I did try it from my account, which is in the wheel group. Still, why is it asking for a privileged user account password instead of just denying? Now all I have to do is correctly guess the users password, vs just being flat out denied and not able to elevate to root.

                        I think this is handled with polkit, but I haven't figured out how to change it yet.

                        Asking for a password is normal, every used has the right to run su, it's just asking if your su is verified.

                        S 1 Reply Last reply Reply Quote 0
                        • S
                          stacksofplates @scottalanmiller
                          last edited by stacksofplates

                          @scottalanmiller said:

                          @johnhooks said:

                          @scottalanmiller said:

                          I did it as one unprivileged user on CentOS 7 and it asked me for the password of a different users, very odd.

                          ya I just tried one that I created. I guess I did try it from my account, which is in the wheel group. Still, why is it asking for a privileged user account password instead of just denying? Now all I have to do is correctly guess the users password, vs just being flat out denied and not able to elevate to root.

                          I think this is handled with polkit, but I haven't figured out how to change it yet.

                          Asking for a password is normal, every used has the right to run su, it's just asking if your su is verified.

                          Ah good point, I guess that's no different than su jhooks and then sudo reboot

                          1 Reply Last reply Reply Quote 0
                          • S
                            scottalanmiller
                            last edited by

                            Seems to be that way.

                            1 Reply Last reply Reply Quote 1
                            • 1 / 1
                            • First post
                              Last post