Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Mail Systems
Eclipse Documentation

How To Guides
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Problem Solutions
Privacy Policy




5.6. Disable console program access

In a safe environment where we are sure that console is secured because passwords for BIOS and LILO are set and all physical power and reset switches on the system are disabled it may be advantageous to entirely disable all console-equivalent access to programs like shutdown, reboot, and halt for regular users on your server. To do this, run the following command:
             [root@deep] /#rm -f /etc/security/console.apps/<servicename>
Where <servicename> is the name of the program to which you wish to disable console-equivalent access. Unless you use xdm, however, be careful not to remove the xserver file or no one but root will be able to start the X server. If you always use xdm to start the X server, root is the only user that needs to start X, in which case you might actually want to remove the xserver file.

Example 5-2. Disable console-equivalent access

             [root@deep] /# rm -f  /etc/security/console.apps/halt
             [root@deep] /# rm -f  /etc/security/console.apps/poweroff
             [root@deep] /# rm -f  /etc/security/console.apps/reboot
             [root@deep] /# rm -f  /etc/security/console.apps/shutdown
             [root@deep] /# rm -f  /etc/security/console.apps/xserver   (1) 

if removed, root will be the only user able to start X.
This will disable console-equivalent access to programs halt, poweroff, reboot, and shutdown. Once again, the program xserver apply only is you are installed the Xwindow interface on your system.

Note: If you are following our setup installation, the Xwindow interface is not installed on your server and all the files described above will not appear in the /etc/security directory, so can safely ignore the above steps.

  Published under the terms of the Open Publication License Design by Interspire