reboot command confirmation

Latest response

There is a are you sure prompt for deleting a file, but rebooting the system, no confirmation at all.

I know it's been like this for years and for a few years I've not had any problems with it, but tonight I got stung again :(.

BK

Responses

Agreed. Adding something like molly-guard would definitely be nice

How would this work with remote reboots?  Scheduling a reboot from my Satellite for example (or func or other centralised admin tools).  If the system was to sit waiting for confirmation, my remote reboot becomes useless.  If the solution is then to add a -y flag which functions similar to `yum -y update`, admins would start including it every time they type reboot or shutdown - redering the change useless.

The confirmation for file deletion normally comes through using an alias of `rm -i` for `rm`, so it's not part of the default method of using rm.

D

While it might be ok to modify the action-set associate with graphical reboot buttons or wrapper scripts, modifying the behaviors of the underlying commands would just be evil (a lot of sites automated processes would like break). There'd be more than a few admins out there who'd be coming for blood if someone decided it was a Good Idea(TM) to require an acknowledgement to an `init N` invocation.

While many operating systems (Solaris, Windows, etc.)  make you set a some kind of "force" flag for the shutdown/reboot wrapper commands, most admins I know, if they use those wrapper commands, at all, already habitually use those flags, any way. Then again, most of the ones I've encountered over the years *don't* use those commands because they don't want to be bothered to type an entire reboot string when `init N` is easier to type.

We usually have this in our bashrc on all our installs; the "reboot" command then allows 7 seconds to cancel the reboot:

alias reboot='echo "Rebooting `hostname` in 5 secs. Press Ctrl+C to cancel";sleep 7 && reboot'
alias poweroff='echo "Shutting down `hostname` in 5 secs. Press Ctrl+C to cancel";sleep 7 && poweroff'

Hi Brian,

Having a checkpoint for reboot is not a good idea in all scenarios and IMO should not be implemented as a de-facto standard for the obvious reasons (a few of them are sighted by Duncan). A wrapper script should be the ideal approach here if you are concerned about "reboot" command.

On a side note, are you concerned about the use of "reboot" command by non-root users?

Thanks.

You've all hit all the main points IMO but the simple line of thought I see is why not get rid of the default alias for rm? Because is helpful and can save someones job. Reboot is no different. As to the code change argument, Linux wouldn't be great if people didn't change it to make it better, Redhat is the leader, here is a good example of change that others will follow. I personally like the timeout countdown with a control c cancel option that waits 60 second and prompts the user with what's going on. If is scripted, it should still work then with a one minute delay and if a silent option is needed add it along with a force option.

Simple stuff. Less oooops darn. I hate working with solaris machines, but the reboot command default, 60 second timeout, has saved my life twice!

BK

Aasuming you're using some type of configuration management, why not just oush out a small snippet with an alias like the one Rizvi mentioned? I put some small stuff in /etc/profile.d on all our boxes using Puppet.

Old automated jobs keep working, those who want it gets a confirmation prompt/timer, everybody wins.

Sorry, I didn't mean to make the posting as if I was looking for support, I'll certainly change the default on my machines, the discussion was about making it a default for rh 7.

Easy to do, should they or shouldn't they?

I say should.

BK

There's several ways to reboot a system:

  • You can use the `reboot` command - which doesn't require confirmation in current RHEL
  • You can use `init 6` - which again, doesn't require confirmation, nor should it ever
  • You can use the "shutdown" command - which does require a confirmation  by way  explicit flags to the command and, unless you've said "shutdown -r now", gives you plenty of time to cancel the reboot.

You haven't identified which method you propose changing. Personally, if someone made me have to do a supplementary acknowldegement of an `init 6` (or even add flags to scripts which have worked for over a decade), I'd probably be on a plane looking to track down anyone that was party to the change so that I could skin them and let them end their remaining time in a vat of tabasco. Chances are, there'd be a whole hoard of angry RHEL admins along with me for that ride. ;)

The reboot command, I don't really care about. I don't use it - I've administered too many differen *N*X flavors over the years - each with their own ideas of how it should work that it's not a reliable/universally-implemented method. That said, given that there already exists a "requires confirmation" method for rebooting RHEL - the `shutdown` command - it seems pointless to further nerf a system just to prevent a sloppy SA from performing a CLM.

Hi Tom,

Per title: reboot command confirmation, I'd only propose the reboot command.

I think telinit 6 or init 6 are cryptic enough already and you're already passing and arguement to tell it what to do.

The shutdown command requires further input (a time before doing shutdown), perhaps just requiring that same time variable needed for shutdown?

 

BK

Right, but what you're requesting is "provide functionality that already exists".

Overall, I'd say if one were to change the `reboot` command, change it in a way that's backwards-compatible. In other words, allow there to be an argument to reboot but not require an argument to the reboot command.

I completely agree. IMO if you are typing in reboot you should know what you or your users are doing.