Robin Becker wrote:

Eric Crist wrote:
........

I'm sure nobody will mention this, so I will. On most systems with support ACPI, your colo provider can simply press the power button on the front of your server. FreeBSD's kernel will pick up the signal and shut down cleanly.

Once you're moved, they can press the same button to power the system on. There is *NO* need to give them login access to the box. Also, they could simply call you to have you shut it down.

......

many good ideas; thanks.

I guess since they ask for an ip based mechanism that I'll create a special user in the operator group and do the chmod trick on shutdown.

In truth, I thought this was the worst idea of 'em all (sorry to whoever posted it...). Group operator can read all your disks - it was created in the days when there really was an operator who did stuff like backups. Put yourself in it by all means, but give that to a stranger? Not me...

To add to the solutions, you could create a user in group operator with a new ssh key that specifically executed shutdown, since you use ssh keys already. I'd still take it away the moment the box was moved. Or just set their shell to shutdown. But no general purpose login.

Also, on my system, shutdown already is in group operator, but maybe I just did it by hand and forgot.

10 -r-sr-x---  1 root  operator  - 10200 Sep 30  2006 /sbin/shutdown*

--Alex

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to