Skip to main content
Ask Different

Return to Answer

Post Timeline

added 43 characters in body
Source Link
Harper - Reinstate Monica
Harper - Reinstate Monica
  • 2.1k
  • 13
  • 24

Easier, but sacrifices security

Create an admin account for him on the system.

Have him type

sudo -u his_short_user_name shutdown -h now

He then answers a password challenge with his password, and the system does a "somewhat hard" shutdown. This means apps will not be asked about saving application data, so your half finished Illustrator drawing is gone.

Better security

YouAt Terminal, you write a bit of perl, which you to wait for his shutdown request. You launch it after every reboot with sudo perl program_name. It waits for a signal from him, then issues the command as superuser, since you already gave it sudo when When you started it. You need to launch it after every rebootdo, becuase it'll challenge you for your password, and then run as superuser. When it comes time to shutdown, it's already authenticated so it just does it.

  my $signal_file = "/Users/(you)/Public/Drop Box/shutdown";
  unlink ($signal_file); 

  while (1) { 
    sleep(10);
    next if not -f $signal_file;
    system ”shutdown -h now";
  }

And your guest needs to simply touch '/Users/(you)/Public/Drop Box/shutdown' to trigger a shutdown. He doesn't need any special rights to do this. For instance you could publish your Public directory as a network share point, a perfectly reasonable thing to do from a security POV.

If you want to temporarily prevent a user from doing this, either kill the process (ctrl-C) or create a directory there called shutdown. Note that perl is testing for -f (presence of file).

Easier, but sacrifices security

Create an admin account for him on the system.

Have him type

sudo -u his_short_user_name shutdown -h now

He then answers a password challenge with his password, and the system does a "somewhat hard" shutdown. This means apps will not be asked about saving application data, so your half finished Illustrator drawing is gone.

Better security

You write a bit of perl, which you launch with sudo perl program_name. It waits for a signal from him, then issues the command as superuser, since you already gave it sudo when you started it. You need to launch it after every reboot, becuase it'll challenge you for your password.

  my $signal_file = "/Users/(you)/Public/Drop Box/shutdown";
  unlink ($signal_file); 

  while (1) { 
    sleep(10);
    next if not -f $signal_file;
    system ”shutdown -h now";
  }

And your guest needs to simply touch '/Users/(you)/Public/Drop Box/shutdown' to trigger a shutdown. He doesn't need any special rights to do this. For instance you could publish your Public directory as a network share point, a perfectly reasonable thing to do from a security POV.

If you want to temporarily prevent a user from doing this, create a directory there called shutdown. Note that perl is testing for -f (presence of file).

Easier, but sacrifices security

Create an admin account for him on the system.

Have him type

sudo -u his_short_user_name shutdown -h now

He then answers a password challenge with his password, and the system does a "somewhat hard" shutdown. This means apps will not be asked about saving application data, so your half finished Illustrator drawing is gone.

Better security

At Terminal, you write a bit of perl to wait for his shutdown request. You launch it after every reboot with sudo perl program_name. When you do, it'll challenge you for your password, and then run as superuser. When it comes time to shutdown, it's already authenticated so it just does it.

  my $signal_file = "/Users/(you)/Public/Drop Box/shutdown";
  unlink ($signal_file); 

  while (1) { 
    sleep(10);
    next if not -f $signal_file;
    system ”shutdown -h now";
  }

And your guest needs to simply touch '/Users/(you)/Public/Drop Box/shutdown' to trigger a shutdown. He doesn't need any special rights to do this. For instance you could publish your Public directory as a network share point, a perfectly reasonable thing to do from a security POV.

If you want to temporarily prevent a user from doing this, either kill the process (ctrl-C) or create a directory there called shutdown. Note that perl is testing for -f (presence of file).

added 2 characters in body
Source Link
Harper - Reinstate Monica
Harper - Reinstate Monica
  • 2.1k
  • 13
  • 24

Easier, but sacrifices security

Create an admin account for him on the system.

Have him type

sudo -u his_short_user_name shutdown -h now

He then answers a password challenge with his password, and the system does a "somewhat hard" shutdown. This means apps will not be asked about saving application data, so your half finished Illustrator drawing is gone.

Better security

You write a bit of perl, which you launch with sudo perl program_name. It waits for a signal from him, then issues the command as superuser, since you already gave it sudo when you started it. You need to launch it after every reboot, becuase it'll challenge you for your password.

  my $signal_file = "/Users/(you)/Public/Drop Box/shutdown";
  unlink ($signal_file); 

  while (1) { 
    sleep(10);
    next if not -f $signal_file;
    system ”shutdown -h now";
  }

And your guest needs to simply touch '/Users/(you)/Public/Drop Box/shutdownshutdown' to trigger a shutdown. He doesn't need any special rights to do this. For instance you could publish your Public directory as a network share point, a perfectly reasonable thing to do from a security POV.

If you want to temporarily prevent a user from doing this, create a directory there called shutdown. Note that perl is testing for -f (presence of file).

Easier, but sacrifices security

Create an admin account for him on the system.

Have him type

sudo -u his_short_user_name shutdown -h now

He then answers a password challenge with his password, and the system does a "somewhat hard" shutdown. This means apps will not be asked about saving application data, so your half finished Illustrator drawing is gone.

Better security

You write a bit of perl, which you launch with sudo perl program_name. It waits for a signal from him, then issues the command as superuser, since you already gave it sudo when you started it. You need to launch it after every reboot, becuase it'll challenge you for your password.

  my $signal_file = "/Users/(you)/Public/Drop Box/shutdown";
  unlink ($signal_file); 

  while (1) { 
    sleep(10);
    next if not -f $signal_file;
    system ”shutdown -h now";
  }

And your guest needs to simply touch /Users/(you)/Public/Drop Box/shutdown to trigger a shutdown. He doesn't need any special rights to do this. For instance you could publish your Public directory as a network share point, a perfectly reasonable thing to do from a security POV.

If you want to temporarily prevent a user from doing this, create a directory there called shutdown. Note that perl is testing for -f (presence of file).

Easier, but sacrifices security

Create an admin account for him on the system.

Have him type

sudo -u his_short_user_name shutdown -h now

He then answers a password challenge with his password, and the system does a "somewhat hard" shutdown. This means apps will not be asked about saving application data, so your half finished Illustrator drawing is gone.

Better security

You write a bit of perl, which you launch with sudo perl program_name. It waits for a signal from him, then issues the command as superuser, since you already gave it sudo when you started it. You need to launch it after every reboot, becuase it'll challenge you for your password.

  my $signal_file = "/Users/(you)/Public/Drop Box/shutdown";
  unlink ($signal_file); 

  while (1) { 
    sleep(10);
    next if not -f $signal_file;
    system ”shutdown -h now";
  }

And your guest needs to simply touch '/Users/(you)/Public/Drop Box/shutdown' to trigger a shutdown. He doesn't need any special rights to do this. For instance you could publish your Public directory as a network share point, a perfectly reasonable thing to do from a security POV.

If you want to temporarily prevent a user from doing this, create a directory there called shutdown. Note that perl is testing for -f (presence of file).

Source Link
Harper - Reinstate Monica
Harper - Reinstate Monica
  • 2.1k
  • 13
  • 24

Easier, but sacrifices security

Create an admin account for him on the system.

Have him type

sudo -u his_short_user_name shutdown -h now

He then answers a password challenge with his password, and the system does a "somewhat hard" shutdown. This means apps will not be asked about saving application data, so your half finished Illustrator drawing is gone.

Better security

You write a bit of perl, which you launch with sudo perl program_name. It waits for a signal from him, then issues the command as superuser, since you already gave it sudo when you started it. You need to launch it after every reboot, becuase it'll challenge you for your password.

  my $signal_file = "/Users/(you)/Public/Drop Box/shutdown";
  unlink ($signal_file); 

  while (1) { 
    sleep(10);
    next if not -f $signal_file;
    system ”shutdown -h now";
  }

And your guest needs to simply touch /Users/(you)/Public/Drop Box/shutdown to trigger a shutdown. He doesn't need any special rights to do this. For instance you could publish your Public directory as a network share point, a perfectly reasonable thing to do from a security POV.

If you want to temporarily prevent a user from doing this, create a directory there called shutdown. Note that perl is testing for -f (presence of file).