Subject: operator shutdowns and su
To: None <>
From: Julio M. Merino Vidal <>
List: tech-userlevel
Date: 05/13/2006 13:12:58

This is something that wiz@ found and reported to me, but I do not
know what the proper fix could be.  [ I'm CCing him. ]

The mldonkey package in pkgsrc includes a rc.d script that launches
the mldonkey daemon as an unprivileged user.  In order to do that, it
defines the mldonkey_user variable which makes the rc.subr framework
call 'su' where appropriate.

This causes problems if you allow users in the 'operator' group to
shutdown the machine.  When they issue a shutdown, rc.subr will ask
mldonkey to stop by attempting to 'su' to the mldonkey_user.  This
stalls the shutdown process because 'su' needs a password to continue.

Of course this does not happen when running shutdown as root because
'su' does not need a password in that case.

Why does rc.subr try to change privileges to *_user during stop?

Which is the appropriate way to avoid this problem, if any?  It does
not appear in the base system because no rc.d script seems to be using
the *_user functionality, but there are several in pkgsrc that do.


Julio M. Merino Vidal <>
The Julipedia -