disable shutdown or reboot in linux

How to Disable Shutdown & Reboot Commands in Linux

Many Linux systems allow even regular users who are not system administrators to shutdown or reboot system using shutdown/halt/reboot commands. This may be insecure for many system administrators, especially if you are running servers with multiple users on it. In such cases, it is advisable to disable shutdown & reboot for non-admin users in Linux.


How to Disable Shutdown & Reboot Commands in Linux

Here are the steps to disable shutdown & reboot in Linux. Basically, we first open /etc/sudoers file in text editor.

$ vi /etc/sudoers

In this file, we can specify the different users who are not allowed to shutdown or reboot.

For example, add the following lines to your /etc/sudoers file to prevent user ubuntu from shutting down or rebooting.

Cmnd_Alias     SHUTDOWN = /sbin/shutdown,/sbin/reboot,/sbin/halt,/sbin/poweroff

# User privilege specification
ubuntu   ALL=(ALL:ALL) ALL, !SHUTDOWN

Save and close the file to apply changes.

Now run shutdown or reboot commands and you will get a message saying “Sorry, user ubuntu is not allowed to …” indicating that this user does not have the permission to shutdown or reboot your system.

Alternatively, you can also run chmod command to remove executable permission on shutdown and reboot commands, for all users except root user.

# chmod o-x /sbin/shutdown
# chmod o-x /sbin/reboot
# chmod o-x /sbin/halt
# chmod o-x /sbin/poweroff

Please note, since the above commands /sbin/shutdown, /sbin/reboot, /sbin/halt, /sbin/poweroff are only symbolic links to /sbin/systemctl, you may need to remove executable permission for non-root and non-owner users to this file also.

# chmod o-x /sbin/systemctl

If you want to revert the above changes, just replace – with + in above commands.

# chmod o+x /sbin/shutdown
# chmod o+x /sbin/reboot
# chmod o+x /sbin/halt
# chmod o+x /sbin/poweroff

In this article, we have learnt a simple yet powerful method to secure your system by preventing unauthorized users from shutting down or rebooting your system. It is also useful in preventing accidental shutdowns & reboots by regular users.

It is important for system administrators to regularly monitor the permissions available to their users. By default, many Linux systems allow regular users to be able to shutdown or reboot their system. In case of multi-user systems that run servers, this can pose a problem. So it is advisable to check if your Linux system also allows this to happen and disable shutdowns & reboots for non-root users.

Also read:

How to Convert Files to UTF8 Encoding in Linux
How to Reduce Inode Usage in Linux
How to Use Port Knocking to Secure SSH in Linux
How to Disable & Enable Line Numbers in Vim
How to Read Audit Logs in Linux

Leave a Reply

Your email address will not be published.