On a quest to understand functional programming better

Prevent Production Server Shutdowns Using Visudo

| Comments

Ever been granted sudo powers in a production server and accidentally ran sudo shutdown -h now because you think you’re shutting down your own computer? Well, I have (technically, it wasn’t a production server, but it’s running somewhere and I can’t turn it back on myself), and it’s pretty embarassing because I’d have to walk up to the Ops guy and ask him to reboot the server.

So, if you have been given sudo powers, make sure you use them wisely and defensively. Thanks to this example, I’ve finally found out how to reliably limit yourself from accidentally using those commands: by preventing yourself to run those commands before thinking twice.

  • First, open up the /etc/sudoers file using visudo (do NOT use any other text editor because visudo has a basic syntax check to make sure you do not destroy your sudoers file).
$ sudo visudo
  • Go to the part where it has a lot of Cmnd_Alias snippets, and add the following:
## Shutdown
Cmnd_Alias SHUTDOWN = /sbin/shutdown, /sbin/halt, /sbin/poweroff
  • Go to the “main part”, which is supposed to be the part where you give out permissions to run certain commands to users. It should have something like root ALL=(ALL) ALL. Add the following line (replace username with the username you use to log in to the server):
root    ALL=(ALL)   ALL
username    ALL=(ALL)   ALL, !SHUTDOWN
  • Now, when you do sudo shutdown -h now, it should stop you from doing so. If you really need to shutdown the server for any reasons, you have to go to visudo to allow yourself to shutdown the server, so this will force you to think twice before shutting it down. Neat, huh?