I can't resist it! Add a usb digital camera to the box and only allow people who are not logged in via ssh (and therefore known users) to shut the machine down by using the Ctrl+Alt+Del on a keyboard. Add a shutdown init script to the start of the process which takes a few snaps of the shutdownee. Silly but seems to meet your criteria (you never said you didn't want to add extra hardware). Other than something like this I cannot imagine any solution that would meet your requirements AND the companies (they obviously want anyone to be able to shut it down, but you want to know who did it and a terminal will never know unless each user has a login).
Niall Gerhard Schneider wrote: >On Wed, 2001-11-28 at 01:51, Olaf Meeuwissen wrote: > >>Dear .debs, >> >>I'm maintaining a (small-time) group server for our department. In >>order to satisfy company policy requirements I need to provide a way >>to shutdown the server in case of emergencies. Our network admin was >>kind enough to give me two alternatives: >> >> 1) provide an on-screen shutdown button >> > >Could be made rather easy by using a mouse and the special features of >gpm. > Special commands are toggled by triple-clicking the left > and right button -- an unlikely event during normal mouse > usage. The easiest way to triple-click is pressing one of > the buttons and triple-click the other one. When special > processing is toggled, a message appears on the console > (and the speaker beeps twice, if you have a speaker); if > the user releases all the buttons and presses one of them > again within three seconds, then the special command cor > responding to the button is executed. > > The default special commands are: > > left button > Reboot the system by signalling the init process > > middle button (if any) > Execute `/sbin/shutdown -h now' > > right button > Execute `/sbin/shutdown -r now' > >> 2) provide a shutdown user account (and document its usage) >> >>I didn't like either approach because they lack accountability: after >>a shutdown I can't tell *who* did it. >>BTW, the server has no screen for buttons, so 1) is not an option to >>begin with. You have to ssh in to do anything (exploit one of inetd, >>exim, samba or apache in some way may be an alternative ;-). >> >>I came up with a 'sudo /sbin/halt' for department members (and others >>on an as needed basis), but that was no good. Everyone has to be able >>to shut it down. I racked my brains but didn't come up with anything >>that provides accountability. Anyone any suggestions? >> > >If it's too hard to log the user, who made the shutdown, maybe it would >be enough to use sshd or netfilter to log the workstation which was >used. > >>Right now, I'm stuck with 2) and writing the password on the machine >>(or similar) *or* stay with what I have now and take my chances with >>people flicking the power switch. >>BTW, the server is not in a physically secure location, so I run the >>power switch thingy risk anyway. >> >>Suggestions, discussions of pros and cons welcome, >>-- >>Olaf Meeuwissen Epson Kowa Corporation, Research and Development >>GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97 976A 16C7 F27D 6BE3 7D90 >>LPIC-2 -- I hack, therefore I am -- BOFH >> >> >>-- >>To UNSUBSCRIBE, email to [EMAIL PROTECTED] >>with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >> >> >> > > > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
