Home / ubuntu / Questions / 17187
Accepted
Rich
Asked: 2010-12-14 01:08:37 +0800 CST

Disabling shutdown command for all users, even root - consequences?

  • 772

I would like to disable the shutdown command for all users, even root, on an Ubuntu Server installation.

The reason I want to do this is to ensure that I don't get into the habit of shutting down the machine in this way, as I SSH into a lot of production machines at the same time as this one, and I don't want to accidentally shutdown one of the other machines by typing the command into the wrong window.

The server I want do disable shutdown on only runs inside VirtualBox on my Windows desktop, and I only use it for local testing so it is not a problem if I can't shut it down from the command line.

I have already mitigated the problem a bit by ensuring I have a different password on the VirtualBox image, but obviously if I am within the sudo 'window' on one of the production machines, I could still accidentally shut it down.

My questions are:

  1. How do I disable the shutdown command?
  2. If I do disable the shutdown command, are there any consequences that I should be made aware of? Most specifically, will it disable support for ACPI shutdown that is the equivalent of pressing the power button on a physical machine? Could it affect other generic applications?

For information, I just use this VirtualBox image for trying out shell scripts, running Tomcat and Java, and that kind of thing.

shutdown root sudo

6 Answers

  1. A much better approach to this problem is to install the molly-guard program on the boxes you don't want to shutdown, rather than trying to train yourself to never run shutdown.

    molly-guard attempts to prevent you from accidentally shutting down or rebooting machines. It does this by injecting a couple of checks before the existing commands: halt, reboot, shutdown, and poweroff.

    The typical configuration is that it asks you to type the hostname of the machine to confirm you are really on the right one.

    It is possible to add new scripts to /etc/molly-guard/run.d (as documented on the manpage, script files must follow naming expected by run-parts.

    If you really want to disable shutdown (and this is such a bizarre idea), just do

    chmod 0 /sbin/shutdown

    then if you need to use it, chmod it back to 0755.

    • 15
  2. Best Answer

    If you usually run the command as sudo shutdown, rather than sudo /sbin/shutdown, then you can just setup a global shell alias for "shutdown" to just echo a message to the terminal instead. The real executable will still be there for all other purposes.

    • 4

  3. To disable shutdown command just make the binary non executable i.e sudo chmod a-x /sbin/shutdown Also i dont think that it will effect any other shutdown method because as the man entry for shutdown says

    shutdown sends a request to the init daemon to bring the system down into the appropriate runlevel

    so any other command/script can do this even after disabling shutdown command for example I can still shutdown my system using shutdown from GNOME menu. Also you can still reboot your computer from command line using reboot command

    • 1

  4. The shutdown command is in /sbin/shutdown. You can disable it by doing this:

    sudo mv /sbin/shutdown /sbin/really-do-shutdown

    But: This means that almost none of the usual methods of shutting down the system will work any longer. Shutting down out of gnome on my test machine for this answer causes it to just log you out and throw you back to GDM.

    If you want to shut down your system afterwards, you have to do

    sudo init 0

    "Disabling" shutdown will affect every application that uses the command for anything. Since init 0 is not the recommended way of shutting down a system, all programs that have to shut down the system use shutdown for it, which won't work any more.

    • Applications can also throw exceptions due to the missing file, or the file being not executable, potentially causing them to crash even though a shutdown isn't necessary. This is an edge-case that you can work around by moving some binary, ideally executable file (not a shell script - that won't work) in it's place. For example:

      sudo cp /bin/ps /sbin/shutdown

      This is after you've moved the original out of the way safely.

    Now, all this is quite hacky, and I recommend against it, for the reasons outlined in João Pinto's comment. But I won't stop you from doing it. :-)

    Don't only make a back up of /sbin/shutdown, also, have a recovery plan in place in case it causes any trouble. Don't do this on a server that you can't get to, for example. And test your recovery plan beforehand, assuming that the system doesn't boot at all (it will boot of course - I've tested it - but please be on the safe side).

    • 1

  5. I think it should be take a other solution, Servers should have a ssh policy to disable shutdown and init 0 over ssh, or there must be a special dialog displayed on console like at Windows to enter the "why" and special "shutdown password". To this the powerbutton should be password protected on Server use.

    At moment we use a "physical key switch = 4Euros" instead of a Push Button.

    • 0

  6. I you want to disable shutdown command.

    cp /sbin/shutdown /sbin/shutdown-backup

    rm /sbin/shutdown

    this is because if someone tries to forcefully want to use this command, then also he cant

    now no one will be able to use shutdown command.

    it will display a message command not found install it.

    vim /etc/bash.bashrc

    Add a line in last of bash.bashrc

    alias shutdown="echo 'You are not allowed to use this command' "

    if you want it back(enabled). just copy it back

    cp /sbin/shutdown-backup /sbin/shutdown

    • 0