On Sat, Mar 21, 2015 at 4:32 PM, Philip Webb <purs...@ca.inter.net> wrote: > > I'ld say "Don't" : it's contrary to the principles of Unix, > which separate the roles of sysadmin (root) from those of ordinary users. >
There are a couple of schools of thought there. One that differs from what you suggested is that root isn't really a pure role - it is a uid you can log in as (which mostly makes the actions you take as root anonymous in a multi-admin environment). If you're into role-based access control then you really don't want people just switching to root all the time - you want to define roles and their specific requirements, and then assign those roles to users. Sudo is a simple tool for doing this, but stuff like consolekit/logind/policykit and so on are about giving more granular access to users. Likewise posix capabilities are all about making what traditionally is root much more granular. But, yes, the simple answer is to just log in as root to power off the system. That will almost certainly work for at least the next 20 years. Everything else is just added capabilities. -- Rich
