manipulating tape drives -> means gid operator on device nodes). This group
is also used with group-access bit on the setuid-root shutdown command
(mode ug+x,u+s). Some people use this to shutdown/reboot their machines, but
use of that group is giving them disk read access also, which is wrong.
It would be a pain to re-gid all the device nodes, so instead let's renumber
the operator execution gid into group "_shutdown".
Users using this shutdown/reboot functionality will notice it no longer works,
and move themselves to the correct group.
Various choices discussed at large, this seems our best choice.
ok sthen
_syspatch:*:112:
_slaacd:*:115:
dialer:*:117:
+_shutdown:*:118:
nogroup:*:32766:
nobody:*:32767:
-# $OpenBSD: Makefile,v 1.3 1997/09/21 11:38:13 deraadt Exp $
+# $OpenBSD: Makefile,v 1.4 2023/06/19 13:05:25 deraadt Exp $
PROG= shutdown
MAN= shutdown.8
BINOWN= root
-BINGRP= operator
+BINGRP= _shutdown
BINMODE=4550
.include <bsd.prog.mk>
-.\" $OpenBSD: shutdown.8,v 1.43 2023/02/04 13:03:58 jsg Exp $
+.\" $OpenBSD: shutdown.8,v 1.44 2023/06/19 13:05:25 deraadt Exp $
.\" $NetBSD: shutdown.8,v 1.6 1995/03/18 15:01:07 cgd Exp $
.\"
.\" Copyright (c) 1988, 1991, 1993
.\"
.\" @(#)shutdown.8 8.1 (Berkeley) 6/5/93
.\"
-.Dd $Mdocdate: February 4 2023 $
+.Dd $Mdocdate: June 19 2023 $
.Dt SHUTDOWN 8
.Os
.Sh NAME
user mode at the indicated time after shutting down all system
services.
.Pp
+Users in the
+.Va _shutdown
+group can also run the
+.Nm
+command.
+Historically this permission was tied to the
+.Va operator
+group.
+.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl d
projects / openbsd / commitdiff