Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Prevent OS X from shutting down System
I am constantly having to tell my 100+ users NOT to shut down their Macs. I'm wanting them to just logoff so I can do remote updates in the evenings and the weekends. There is a way to make the Mac a kiosk, which in turn disables the Shutdown, Restart, and Logout menus from the Apple menu. Unfortunately, there isn't a way to just disable Shutdown. So ... I decided to approach the situation from a different perspective. I modified the dict section of root's com.apple.loginwindow.plist to look like this:
<dict>
  <key>LogoutHook</key>
  <string>/sbin/newreboot</string>
  <key>PowerOffDisabled</key>
  <string>true</string>
</dict>
Essentially, this disables the "Reboot" and "Shutdown" buttons from the login window and runs the script /sbin/newreboot. The newreboot executable is just /sbin/reboot copied and renamed. Then I changed the permissions on /sbin/newreboot to 777. Renaming the executable and changing the permissions is essential. You must change the permissions for it to run as a loginhook and you must change the name or repair permissions will change it back to defaults.

This might work if you change the group on newreboot and set the gid, but I haven't played around with that. Changing the permissions to 777 works and but still keeps non-root users from ssh-ing into a box and rebooting it. I'm still working through this, so if someone finds a better, more efficient way of doing things, let me know...

[robg adds: Please, exercise extreme caution if you're going to try this or anything like this. Messing around with root's permissions and functionality is a good way to turn a healthy machine into one requiring some troubleshooting work!]
    •    
  • Currently 3.60 / 5
  You rated: 2 / 5 (5 votes cast)
 
[14,015 views]  

Prevent OS X from shutting down | 17 comments | Create New Account
Click here to return to the 'Prevent OS X from shutting down' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Prevent OS X from shutting down
Authored by: mewyn on Mar 15, '04 11:17:47AM

Well, I don't know if I'd do this. To have the system do it's automatic updates and such, what I would do is have the machine starutp automacically after it is guarenteed that everyone has gone home, at midnight or so. You can do that through the energy saver prefrences icon.



[ Reply to This | # ]
You should NEVER use 777
Authored by: sierratarn on Mar 15, '04 11:40:04AM

I'd be very careful about using the 777 permissions especially for something that you as the administrator or root user might run some day. 755 will instead give users the ability to execute without giving them write permissions. It would be trivial for any user to replace your newreboot binary with a shell script that would do some bad thing (cd /;rm -r *) that when you run as root will be bad. There should be no reason to use 777 for executables - its a bad bad idea. Use 755 instead! or 775 if you have a trusted group of people who need to administer the script. If you go the SUID rout it's an even worse idea as any user can then run the script and any do any evil they wish.



[ Reply to This | # ]
You should NEVER use 777
Authored by: sapridyne on Mar 15, '04 11:42:41AM

Cool -- good call. Thanks for the comment.



[ Reply to This | # ]
You should NEVER use 777--Try 555
Authored by: googoo on Mar 15, '04 11:46:16AM

If you check most executables in /sbin and elsewhere, the permissions are set to 555. This prevents even root from making changes without specifically enabling them.

-Mark



[ Reply to This | # ]
file permissions and flags
Authored by: sjk on Mar 15, '04 06:31:19PM

There are several ways root can modify a write-protected file without changing its permissions, such as with output redirection ("echo foo > file") or with a text editor (which may prompt to overwrite read-only permission).

You can set a file's immutable flag to keep it from being modified, moved, deleted or having its permissions changed. Setting a file's system immutable flag is the most extreme because it can only be unset when the system is in single-user mode.

The Locked checkbox in a Finder Info window sets/clears the user immutable flag. The chflags command can set/clear others.

See "man chflags" and "man 2 chflags" for basic info about the different file flags.

I don't recommend using these unless you *really* understand the possible consequences.



[ Reply to This | # ]
Prevent OS X from shutting down
Authored by: Puzo on Mar 15, '04 12:00:37PM

As much as I don't like the FruitMenu, I believe it will allow you to remove/add menu items selectively.



[ Reply to This | # ]
Prevent OS X from shutting down
Authored by: sapridyne on Mar 15, '04 12:19:25PM

Yeah, I knew it would, but I didn't want to depent on third-party software if I didn't need to



[ Reply to This | # ]
Prevent OS X from shutting down
Authored by: crummel on Mar 15, '04 12:32:52PM

I'd use "System Preferences - Users - Login Options - Hide the Sleep, Restart and Shut Down buttons".



[ Reply to This | # ]
Prevent OS X from shutting down
Authored by: sapridyne on Mar 15, '04 11:01:36PM

This only disables the buttons from the login window. Once logged in, the user can still go the Apple menu and choose "Shutdown" I was trying to prevent that.



[ Reply to This | # ]
fast user switching prevents....
Authored by: kaptaineric on Mar 15, '04 04:22:56PM

Enable fast user switching, log into the machine, and "switch" to the login window to allow other users login.

Users will not be able to reboot or shutdown the machine unless they have an admin username and password.



[ Reply to This | # ]
fast user switching prevents....
Authored by: sapridyne on Mar 15, '04 11:04:15PM

I thought about this, but if I ever had to reboot a machine remotely via SSH, I would not be able to login as an admin, then switch over. For the number of machines I admin, along with the size of the building, it wouldn't be realistic to approach the situation in this manner.

Nothing against your comment, just not practical for my situation.



[ Reply to This | # ]
Panther or Jaguar?
Authored by: ssevenup on Mar 15, '04 08:37:52PM

May I suggest that the author and the respondants specify what OS version they are dealing with? I am looking for a similar answer and already found a Jaguar difference. The Apple Developer article about using /etc/ttys to add a loginhook does not specify OS version. The switch to disable PowerOff and ShutDown fails to work for me in Jaguar and even prevents the LoginHook from working until I remove it.

--MM



---
Mark Moorcroft
ELORET Corp. - NASA/Ames RC
Sys. Admin.



[ Reply to This | # ]
Panther or Jaguar?
Authored by: sapridyne on Mar 15, '04 10:59:58PM

I'm using Panther... haven't tested it with Jaguar, though I don't think the com.apple.loginwindow.plist has changed between the two versions...



[ Reply to This | # ]
Panther or Jaguar?
Authored by: ssevenup on Mar 16, '04 01:01:58PM

Maybe not, but as I said the /etc/ttys -LoginHook arg to -PoweroffDisable does not work in Jaguar. If it does work when added to a plist or if the ttys arg and the plist essentially accomplish the same thing and have the same shortcomings it is important information to this "tip". And it's very important to my organization.

--MM



---
Mark Moorcroft
ELORET Corp. - NASA/Ames RC
Sys. Admin.



[ Reply to This | # ]
Panther or Jaguar?
Authored by: ssevenup on Mar 16, '04 01:13:00PM
I don't think the com.apple.loginwindow.plist has changed between the two versions
Actually upon rethinking my testing of late if you copy the plist from Panther to a Jaguar box the login panel will never load so you can never log in. Trust me, I was building an install script that had logic problem and did just that. There is a subtle difference between them.

--MM

---
Mark Moorcroft
ELORET Corp. - NASA/Ames RC
Sys. Admin.

[ Reply to This | # ]

Panther or Jaguar?
Authored by: ssevenup on Mar 16, '04 07:51:21PM
Actually upon rethinking my testing of late if you copy the plist from Panther to a Jaguar box the login panel will never load so you can never log in.
Sorry, possible foot in mouth situation... it is the /etc/ttys file that is definitely different between the two. In fact the -PowerOffDisable arg may have even been moved from loginpanel.plist to /etc/ttys in Panther? This would mean that those file are also different of course.

---
Mark Moorcroft
ELORET Corp. - NASA/Ames RC
Sys. Admin.

[ Reply to This | # ]

Panther or Jaguar?
Authored by: sapridyne on Mar 17, '04 12:37:18AM

Have you tried Mike Bombich's LoginWindow Manager? This modifies the file used to create logout hooks. I haven't played with any file but root's com.apple.loginwindow.plist file. You can use this to figure out which file it modifies in 10.2, then manually modify it yourself...

http://www.bombich.com/software/lwm.html

...Not sure if that helps or not...



[ Reply to This | # ]