Best way to remove shutdown command, but keep reboot

Solution 1:

You should be using a systemd-based Linux distribution. In this case, you ought to be able to mask the poweroff target, so that systemd will refuse to execute it (and power off). e.g.:

systemctl mask poweroff.target

This makes it utterly impossible to shutdown the system, other than by rebooting. See that nothing happens:

Debian9 animated demo

In this case, this VM's virtual power switch doesn't even work to shutdown the system anymore. But it still reboots perfectly well.

To undo the change, of course, just unmask the target. Then you can shutdown the system.

systemctl unmask poweroff.target

Solution 2:

There are a few ways to achieve this . One would be working with a regular non-privileged account which will require running the command with sudo and entering a password. Then you can append the follwing to /etc/sudoers (by running visudo):

## user is allowed to execute reboot -r only
jdoe ALL=NOPASSWD: /sbin/shutdown -r *

Also, to disable sudo credentials caching , add the following as well :

Defaults timestamp_timeout=0

This will prevent credentials caching incase you invoked a command with sudo before.

Example:

[root@ops ~]# su - jdoe
[jdoe@ops ~]$ sudo shutdown -c
[sudo] password for jdoe:
[jdoe@ops ~]$ sudo shutdown -r +10
Shutdown scheduled for Mon 2018-09-03 18:51:13 IDT, use 'shutdown -c' to cancel.
[jdoe@ops ~]$ sudo shutdown -H
[sudo] password for jdoe:
^[[A[jdoe@ops ~]$ sudo shutdown -c
[sudo] password for jdoe:

Notice how in the above example I was not required to enter my password when running sudo shutdown -r +10 , but for the rest I was . If you want to remove the need for typing sudo before the command (sudo shutdown -r +10), add the following to your .bash_profile or .bashrc:

alias shutdown="sudo shutdown"

Example:

[jdoe@ops ~]$ source ~/.bash_profile
[jdoe@ops ~]$ shutdown -r +10
Shutdown scheduled for Mon 2018-09-03 19:03:14 IDT, use 'shutdown -c' to cancel.
[jdoe@ops ~]$ shutdown -c
[sudo] password for jdoe:

Note that it's best practice to work with a non-privileged account and escalate with sudo when required.


Solution 3:

There is a tool called molly-guard that requires you to state the hostname of the machine you want to shut down or reboot.

In case you're not using Debian, it should be trivial to compile this from source, given that the program is rather primitive.


Solution 4:

To prevent mishaps RHEL based distributions already set up aliases for rm , cp and mv which can be somewhat more destructive when performed by the root user.

You could add your own, for instance:

#/root/.bashrc
alias poweroff='echo  "poweroff: Command disabled - THINK before you type.
  Use /usr/sbin/poweroff if you really want to drive to the DC to restore power."'

Solution 5:

Rename the shutdown executable to something impossible to invoke accidentally.

Then alias shutdown to be (whatever) -r