Ubuntu
systemd package

Non-root user can reboot machine from the command line

Bug #1748095 reported by Rocko
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Opinion
Undecided
Unassigned

Bug Description

Open a gnome-terminal as your normal user and type 'reboot' and ENTER. The PC reboots immediately, losing all unsaved work for all users (this is the case on both my VM and laptop running Ubuntu 18.04, so I don't think it's a weird configuration issue).

In the old days, didn't you have to be root (or sudoed) for this command to work?

While we're on the subject, wouldn't it be nicer if the reboot command (ie when run as root) asked you to confirm before executing, pointing out that all unsaved work for all users will be lost?

Note that you can't reboot a server if you are logged in via ssh as a non-root user:

Failed to set wall message, ignoring: Interactive authentication required.
Failed to reboot system via logind: Interactive authentication required.
Failed to open /dev/initctl: Permission denied
Failed to talk to init daemon.

I am assuming this is a systemd issue, because reboot just links to systemctl, and systemctl can be executed by non-root users:

$ ll /sbin/reboot /bin/systemctl
-rwxr-xr-x 1 root root 182352 Dec 12 21:25 /bin/systemctl*
lrwxrwxrwx 1 root root 14 Dec 12 21:25 /sbin/reboot -> /bin/systemctl*

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 235-3ubuntu3
ProcVersionSignature: Ubuntu 4.13.0-32.35-generic 4.13.13
Uname: Linux 4.13.0-32-generic x86_64
ApportVersion: 2.20.8-0ubuntu8
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Thu Feb 8 12:49:33 2018
InstallationDate: Installed on 2017-12-18 (51 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20171212)
Lsusb:
 Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
 Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
 Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
MachineType: innotek GmbH VirtualBox
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.13.0-32-generic root=UUID=dd72d916-58fc-49a1-9798-feded5ce6eff ro quiet splash
SourcePackage: systemd
SystemdDelta:
 [EXTENDED] /lib/systemd/system/rc-local.service → /lib/systemd/system/rc-local.service.d/debian.conf
 [EXTENDED] /lib/systemd/system/user@.service → /lib/systemd/system/user@.service.d/timeout.conf

 2 overridden configuration files found.
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:rvnOracleCorporation:rnVirtualBox:rvr1.2:cvnOracleCorporation:ct1:cvr:
dmi.product.family: Virtual Machine
dmi.product.name: VirtualBox
dmi.product.version: 1.2
dmi.sys.vendor: innotek GmbH

See original description
Revision history for this message
Rocko (rockorequin) wrote :
description: updated
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

This is desktop policy decision that a logged in user can shut down the machine, this is expected behavior, and that's how / why clicking the power button in top right corner -> shutdown icon works. Ditto long clicking that shutdown icon works to suspend the machine too.

Being physical user on the physical display console, means one can pull the power cord too, no need for sudo to do that.

If you don't want regular users to be able to shutdown the machine, adjust the policy on your system accordingly.

Changed in systemd (Ubuntu):
status: New → Opinion
Revision history for this message
Rocko (rockorequin) wrote :

Doesn't the shutdown icon warn you if there are other users logged in who might lose work? So shouldn't the reboot command do the same thing if you are not root?

Revision history for this message
Rocko (rockorequin) wrote :

(And pulling the power cord on my laptop doesn't reboot or even shutdown the computer, so I don't think it's a good comparison. Holding the power button down for ten seconds is a better comparison, but it's still not a good one because reboot acts immediately, not after you confirm it by typing it in ten times or something.)

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

reboot command is SysV-init compatibility command and is specified as non-interactive.

Why are you typing reboot? seriously this is not something desktop users typically do, at all =)

Revision history for this message
Rocko (rockorequin) wrote :

I sometimes need to reboot a server that I'm logged into. In this case, I got the wrong gnome-terminal tab by mistake and rebooted my laptop instead, losing all my current work, which was an extremely suboptimal outcome.

I checked rebooting from another user when my first user logged in, and it didn't let me do it - it told me the command to try, however, which did require authentication. (Rebooting from the system menu didn't work at all, it just silently failed, but that's another matter.)

I agree typing reboot into a terminal is not something that desktop users typically do - in which case, why support it? Or at least why not make the user confirm it's what they actually want before rebooting?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.