While it might be ok to modify the action-set associate with graphical reboot buttons or wrapper scripts, modifying the behaviors of the underlying commands would just be evil (a lot of sites automated processes would like break). There'd be more than a few admins out there who'd be coming for blood if someone decided it was a Good Idea(TM) to require an acknowledgement to an `init N` invocation.

While many operating systems (Solaris, Windows, etc.)  make you set a some kind of "force" flag for the shutdown/reboot wrapper commands, most admins I know, if they use those wrapper commands, at all, already habitually use those flags, any way. Then again, most of the ones I've encountered over the years *don't* use those commands because they don't want to be bothered to type an entire reboot string when `init N` is easier to type.

Hi Brian,

Having a checkpoint for reboot is not a good idea in all scenarios and IMO should not be implemented as a de-facto standard for the obvious reasons (a few of them are sighted by Duncan). A wrapper script should be the ideal approach here if you are concerned about "reboot" command.

On a side note, are you concerned about the use of "reboot" command by non-root users?

Thanks.

Aasuming you're using some type of configuration management, why not just oush out a small snippet with an alias like the one Rizvi mentioned? I put some small stuff in /etc/profile.d on all our boxes using Puppet.

Old automated jobs keep working, those who want it gets a confirmation prompt/timer, everybody wins.

There's several ways to reboot a system:

• You can use the `reboot` command - which doesn't require confirmation in current RHEL
• You can use `init 6` - which again, doesn't require confirmation, nor should it ever
• You can use the "shutdown" command - which does require a confirmation  by way  explicit flags to the command and, unless you've said "shutdown -r now", gives you plenty of time to cancel the reboot.

You haven't identified which method you propose changing. Personally, if someone made me have to do a supplementary acknowldegement of an `init 6` (or even add flags to scripts which have worked for over a decade), I'd probably be on a plane looking to track down anyone that was party to the change so that I could skin them and let them end their remaining time in a vat of tabasco. Chances are, there'd be a whole hoard of angry RHEL admins along with me for that ride. ;)

The reboot command, I don't really care about. I don't use it - I've administered too many differen *N*X flavors over the years - each with their own ideas of how it should work that it's not a reliable/universally-implemented method. That said, given that there already exists a "requires confirmation" method for rebooting RHEL - the `shutdown` command - it seems pointless to further nerf a system just to prevent a sloppy SA from performing a CLM.

Right, but what you're requesting is "provide functionality that already exists".

Overall, I'd say if one were to change the `reboot` command, change it in a way that's backwards-compatible. In other words, allow there to be an argument to reboot but not require an argument to the reboot command.