RHEL 7 systemd: How to prevent root from rebooting until a prescribed action is taken
Environment
- Red Hat Enterprise Linux 7
Issue
- We don't want root to be able to casually reboot or poweroff the system
Instead, the root user must be required to run a specific command to allow reboots
Resolution
Option 0: Open a support case and ask for BZ 1269726
-
There is an RFE open to extend systemd's "inhibitor lock" feature to root-owned processes; however, very few customers have asked for this feature so no development resources have yet been committed
Option 1: Create a custom service that must be manually disabled to allow shutdown
-
Create a new unit file:
/etc/systemd/system/reboot-guard.service[Unit] Description=Reboot Guard [Service] ExecStart=/bin/true [Install] RequiredBy=shutdown.target -
Create another new unit file:
/etc/systemd/system/start-reboot-guard.service[Unit] Description=Start Reboot Guard [Service] ExecStart=/bin/systemctl enable reboot-guard [Install] WantedBy=multi-user.target -
Execute:
systemctl daemon-reload -
Execute:
systemctl enable reboot-guard start-reboot-guard -
Attempt to reboot or shutdown and notice that it fails, e.g.:
[root]# systemctl reboot Failed to issue method call: Transaction contains conflicting jobs 'stop' and 'start' for reboot.target. Probably contradicting requirement dependencies configured. [root]# shutdown -h now Failed to issue method call: Transaction contains conflicting jobs 'stop' and 'start' for poweroff.target. Probably contradicting requirement dependencies configured. Broadcast message from root@example.com on pts/1 (Mon 2015-08-17 13:37:10 EDT): The system is going down for power-off NOW!Note however that legacy tools (
shutdown,reboot,poweroff, andhalt) will still broadcast the wall message, despite the expected and desired failure -
To allow shutdowns, execute:
systemctl disable reboot-guard
Example:[root]# systemctl poweroff Failed to issue method call: Transaction contains conflicting jobs 'stop' and 'start' for poweroff.target. Probably contradicting requirement dependencies configured. [root]# systemctl disable reboot-guard.service rm '/etc/systemd/system/shutdown.target.requires/reboot-guard.service' [root]# systemctl poweroff Broadcast message from root@example.com on pts/1 (Mon 2015-08-17 13:37:50 EDT): The system is going down for system halt NOW! [ OK ] Started Show Plymouth Power Off Screen. [ OK ] Started Restore /run/initramfs. [ OK ] Stopped LSB: Bring up/down networking. Stopping Network Manager... [ OK ] Stopped Network Manager. ... [ OK ] Reached target Unmount All Filesystems. [ OK ] Stopped target Local File Systems (Pre). Stopping Remount Root and Kernel File Systems... [ OK ] Stopped Remount Root and Kernel File Systems. [ OK ] Reached target Shutdown. Cannot finalize remaining file systems and devices, giving up. dracut Warning: Killing all remaining processes Powering off. [ 4653.288570] Power down. -
Note that at startup
start-reboot-guard.servicewill automatically re-enablereboot-guard.service
Option 2: Use reboot-guard, an UNSUPPORTED third-party application that prevents shutdown under specific configurable conditions
-
The author of this article created an application that can be run directly or as a systemd service
-
It is written in Python, open source (GPLv3), and available on GitHub:
reboot-guard: Block systemd-initiated poweroff/reboot/halt until configurable condition checks pass
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.