|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
||||
I use dwm rather than xfce but pressing the power button always works on my laptop, OpenBSD's acpi support is excellent
__________________
Are you infected with Wetiko? |
|
|||
How do I give the user permission to run the shutdown command? I have "permit nopass username cmd shutdown" in /etc/doas.conf, but not having to use doas would be fine.
|
|
||||
I use
Code:
# usermod -G operator name_of_user One benefit is it also gives the user shutdown privileges. |
|
||||
It also gives the user read access to drive devices, in order to conduct dump(8) backups. This bypasses filesystem read security, and should be carefully considered if the user runs untrusted code -- such as a browser running javascript from a website.
|
|
|||
Right, thanks. At the moment my doas.conf is:
permit persist :wheel permit nopass openbsd63user cmd mount permit nopass openbsd63user cmd umount permit nopass openbsd63user cmd find permit nopass openbsd63user cmd disklabel permit nopass openbsd63user cmd syspatch permit nopass openbsd63user cmd shutdown permit nopass openbsd63user cmd reboot permit nopass openbsd63user cmd ntpd Would you consider any of those to be an obvious security vulnerability (I was told off for using sudo in a screenshot that I posted on 4chan /g/ in BSD general and advised to switch to doas... someone commented that sudo is susceptible to subtle misconfiguration errors)? |
|
|||
You have to be very careful with your rules.
doas is a much smaller codebase that is setuid root than sudo is. That's one of the benefits. But either one could mistakenly give root access you didn't intend. Try Code:
doas find <some file that exists> -exec /bin/ksh \; |
|
|||
Quote:
I just knew I'd make a dumb mistake... |
|
|||
The README for Xfce4 has information on using consolekit/polkit to shutdown from the menu.
http://cvsweb.openbsd.org/cgi-bin/cv...kg/README-main Quote:
Edit: I recall that you also need to add your user to the operator group. Last edited by shep; 27th September 2018 at 08:00 PM. Reason: Operator group |
|
|||
Quote:
Code:
$ doas halt -p Code:
permit nopass username as root cmd halt args -p Last edited by johnR; 27th September 2018 at 11:23 AM. |
Tags |
hang, shutdown |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Barti asked about OpenBSD startup/shutdown | jggimi | OpenBSD General | 0 | 17th July 2012 04:17 PM |
OpenBSD Gnome/XFCE tools | Noobification | OpenBSD Packages and Ports | 7 | 23rd December 2010 09:36 PM |
HOWTO: Lightest XFCE - Making XFCE lighter and faster | vermaden | Guides | 27 | 2nd September 2010 12:24 PM |
openbsd shutdown | phill | OpenBSD General | 3 | 27th October 2009 12:27 PM |
Polkit Shutdown for XFCE in Freebsd 7.0 | shep | FreeBSD General | 1 | 18th May 2008 12:24 AM |