I have several versions of Solaris (Solaris 7 and 9).  Right now, the
only way to reboot or shut down
these systems, is to log in as root, and reboot.  But I don't want the
users to know the root password.

How do you reboot or shut down these systems without logging in as
root?  Thanks.

Michelle <serendipity1276@yahoo.com> writes:

> I have several versions of Solaris (Solaris 7 and 9).  Right now, the
> only way to reboot or shut down
> these systems, is to log in as root, and reboot.  But I don't want the
> users to know the root password.
>
> How do you reboot or shut down these systems without logging in as
> root?  Thanks.

% sudo shutdown

-Dave

In article <yeayy74j6juo.fsf@clamps.mit.edu>, dfn@mit.edu wrote:

> Michelle <serendipity1276@yahoo.com> writes:
> 
> > I have several versions of Solaris (Solaris 7 and 9).  Right now, the
> > only way to reboot or shut down
> > these systems, is to log in as root, and reboot.  But I don't want the
> > users to know the root password.
> >
> > How do you reboot or shut down these systems without logging in as
> > root?  Thanks.
> 
> % sudo shutdown
> 
> -Dave

A little more detail for Michelle:

setup sudo on your systems.  It runs on all the versions you have.  Add 
various users to the /etc/sudoers file on each system (sorry it's not a 
networked resource) which allows them to run the shutdown command.  Or 
write a script that shuts down each system in a consistent way.  I wrote 
something called "down" in my last contract that ran on all the versions 
of Solaris and HP/UX.  All the operators had to do was login to their 
accounts on each machine's console and type

sudo down

they were prompted for their own password, then the script ran as root, 
shutting down the system.

-- 
DeeDee, don't press that button!  DeeDee!  NO!  Dee...
[I filter all Goggle Groups posts, so any reply may be automatically by ignored]

Michael Vilain wrote:
> 
> setup sudo on your systems.  It runs on all the versions you have.  Add 
> various users to the /etc/sudoers file on each system (sorry it's not a 
> networked resource)

You can store your sudo configuration in LDAP.  On Solaris if you are using 
pam_ldap you have to compile against Sun's ldap libraries and not against 
OpenLDAP.  If you compile against OpenLDAP then the wrong libldap.so will be 
loaded when sudo calls pam_ldap.so, and authentication will fail.

You can also use RBAC and assign rights directly to users instead of to roles, 
and then your users can do a "pfexec shutdown" without having to type in a 
password.  (I think the direct assignment of rights to users is a feature in 
Solaris 10, and in Solaris 9 you can only assign rights to roles and projects, 
but don't quote me on that.)

Neal

On Jul 3, 11:55=A0am, Michelle <serendipity1...@yahoo.com> wrote:
> I have several versions of Solaris (Solaris 7 and 9). =A0Right now, the
> only way to reboot or shut down
> these systems, is to log in as root, and reboot. =A0But I don't want the
> users to know the root password.
>
> How do you reboot or shut down these systems without logging in as
> root? =A0Thanks.

su root -c "init 6"

On Jul 3, 4:55=A0pm, Michelle <serendipity1...@yahoo.com> wrote:
> I have several versions of Solaris (Solaris 7 and 9). =A0Right now, the
> only way to reboot or shut down
> these systems, is to log in as root, and reboot. =A0But I don't want the
> users to know the root password.
>
> How do you reboot or shut down these systems without logging in as
> root? =A0Thanks.

You could (and perhaps should) use RBAC on your Solaris 9 box,
unfortunately it wasn't released until Solaris 8 came along so you may
need to go with the sudo method on the other.
More info here --> http://docs.sun.com/app/docs/doc/817-0365/rbac-1?a=3Dvie=
w