we add the following line to bashrc
file
alias reboot="echo you not allowed to do reboot on this machine - sorry"
so we get
more ~/.bashrc
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
alias reboot="echo you not allowed to do reboot on this machine - sorry"
then we did
source ~/.bashrc
and indeed when we do
reboot
we got
you not allowed to do reboot on this machine - sorry
but when we want to back to real reboot , we removed the line --> alias reboot="echo you not allowed to do reboot on this machine - sorry"
as the following:
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
and we refresh the bashrc
source ~/.bashrc
but we still get the old alias when we try to reboot:
you not allowed to do reboot on this machine - sorry
what we are missing here?
another example with function
echo '
function reboot
{
echo "ERROR reboot command not allowed on this machine"
return 1
}
' >>/root/.bashrc
with example above we cant to do unalias
alias reboot="echo you not allowed to do reboot on this machine - sorry"
? Is the really supposed to stop a root user from rebooting the system?unalias -a
and thenreboot
still works, or\reboot
, or/sbin/reboot
orinit 6
or a bunch of others. If you don't want someone to haveroot
privileges you can't give them access to theroot
account.reboot
for the root user? Would it not be better to limit the people who can become root? I mean, it looks as if you are setting up an interactive account for the root user. You might just as well set up a non-privileged account, which would automatically not be allowed to reboot, and then selectively give that account access to different commands withsudo
.