Non-root user can reboot machine from the command line
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
systemd (Ubuntu) |
Opinion
|
Undecided
|
Unassigned |
Bug Description
Open a gnome-terminal as your normal user and type 'reboot' and ENTER. The PC reboots immediately, losing all unsaved work for all users (this is the case on both my VM and laptop running Ubuntu 18.04, so I don't think it's a weird configuration issue).
In the old days, didn't you have to be root (or sudoed) for this command to work?
While we're on the subject, wouldn't it be nicer if the reboot command (ie when run as root) asked you to confirm before executing, pointing out that all unsaved work for all users will be lost?
Note that you can't reboot a server if you are logged in via ssh as a non-root user:
Failed to set wall message, ignoring: Interactive authentication required.
Failed to reboot system via logind: Interactive authentication required.
Failed to open /dev/initctl: Permission denied
Failed to talk to init daemon.
I am assuming this is a systemd issue, because reboot just links to systemctl, and systemctl can be executed by non-root users:
$ ll /sbin/reboot /bin/systemctl
-rwxr-xr-x 1 root root 182352 Dec 12 21:25 /bin/systemctl*
lrwxrwxrwx 1 root root 14 Dec 12 21:25 /sbin/reboot -> /bin/systemctl*
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 235-3ubuntu3
ProcVersionSign
Uname: Linux 4.13.0-32-generic x86_64
ApportVersion: 2.20.8-0ubuntu8
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Thu Feb 8 12:49:33 2018
InstallationDate: Installed on 2017-12-18 (51 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20171212)
Lsusb:
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
MachineType: innotek GmbH VirtualBox
ProcKernelCmdLine: BOOT_IMAGE=
SourcePackage: systemd
SystemdDelta:
[EXTENDED] /lib/systemd/
[EXTENDED] /lib/systemd/
2 overridden configuration files found.
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekG
dmi.product.family: Virtual Machine
dmi.product.name: VirtualBox
dmi.product.
dmi.sys.vendor: innotek GmbH
This is desktop policy decision that a logged in user can shut down the machine, this is expected behavior, and that's how / why clicking the power button in top right corner -> shutdown icon works. Ditto long clicking that shutdown icon works to suspend the machine too.
Being physical user on the physical display console, means one can pull the power cord too, no need for sudo to do that.
If you don't want regular users to be able to shutdown the machine, adjust the policy on your system accordingly.