From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,T_SCC_BODY_TEXT_LINE
	autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 32012 invoked from network); 28 May 2022 03:44:31 -0000
Received: from alyss.skarnet.org (95.142.172.232)
  by inbox.vuxu.org with ESMTPUTF8; 28 May 2022 03:44:31 -0000
Received: (qmail 15237 invoked by uid 89); 28 May 2022 03:44:54 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
Sender: <supervision@list.skarnet.org>
Precedence: bulk
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
List-Id: <supervision.list.skarnet.org>
Received: (qmail 15230 invoked from network); 28 May 2022 03:44:54 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=date:to:subject:message-id:user-agent:from;
        bh=2ik7xVoulWJsuNdR+cDW/sTHkGyehJWDUB3CTSTDGK0=;
        b=pDYig31VvYekIHVoM3f7JbVtZJjMqEVS0ndaXJ98Nfzg8K9kYBRBpnQEQ3adXX+GZd
         sLnYg33heDE7oI8MM4J3zcAvVxafythgpqkfYPrLlJChff7uBeTlrZ1aTZszzM2f8KOk
         eA/H9LSp2uSGSZmEIQyM4lWrIrqo3lxIfIB55j75jJ7C+drybHahiC3+yiQUn7oXp6JK
         Oiz6d9MHC8Qt3eMUd387h1EWcFz7hAdKPMPmcgmzMkjCTAHB2dpCzu8/HyGHmMtpUo2F
         Fx580706Tk64+KRG3BtolIkXQr37JvN87XdZeoGEddO5Nd3yQmk1nKObQu3r0p4bxnvq
         YarA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:to:subject:message-id:user-agent:from;
        bh=2ik7xVoulWJsuNdR+cDW/sTHkGyehJWDUB3CTSTDGK0=;
        b=rj2vNJ2N+9EdC2QCBHCVBaMxTxwelvdBhfHHOrl6lt4w3Md9Pd/Z60VIBHESbUHSkx
         U6hhCZfnyfsVEn4QFzsn0dIW5YNuxr+64ImRP2qqWj0FP81oudmYoWc+NCYGTIBqqEwe
         qG+pSjnDYnuqNv9bjszzGH9ZwcfSyD4KcqFEl/3VzUUTv9EmO6lnqgd/LUUaN/fQcYf+
         heEVbvgPNGxL9l+UjEimHcl2D/9wEDTIM+97rJyS2auHpxoG95pRhFcSgxA6i741uzd1
         tbonFeZt9t8mNoDt2wqzDnuzhboL/f6Al5tywwQghJzdPFOHT5xl5XI2PTeN/un7gpAS
         D3Nw==
X-Gm-Message-State: AOAM532svtzl5qXwoyEcCfxQmTEib0ztsFLXqeR66Valw2fS3cGT9AYH
	bStZfCyWHLq708TH69PpU/wxCx1tMBjWMw==
X-Google-Smtp-Source: ABdhPJw4xQ/r2M7vC+Y26nUigy0jpPv9n0YwgbGPYGrsxGzv+sHk5H8DKtgGtNh1UcAQaeifx83hFA==
X-Received: by 2002:a05:6a00:1a91:b0:518:7bca:d095 with SMTP id e17-20020a056a001a9100b005187bcad095mr36473318pfv.13.1653709465648;
        Fri, 27 May 2022 20:44:25 -0700 (PDT)
Date: Fri, 27 May 2022 21:44:32 -0600
To: supervision@list.skarnet.org
Subject: Unprivileged Shutdown?
Message-Id: <2NMWH7KWN9U8A.2QSU8NGDI39Q7@oak.localdomain>
User-Agent: mblaze/1.2-7-gbb3dacc
From: Dallin Dahl <dallinjdahl@gmail.com>

I have been using simple privilege escalation to poweroff the machine,
but looking through the source code for s6-linux-init-shutdownd and
friends, it appears the only constraint on interacting with the daemon
is the permissions on run-image/service/s6-linux-init-shutdownd/fifo.

The default appears to be:
600 root root
I've changed it on my system to be:
620 root power
and added my user to the power group.

This seems like the cleanest way to implement unprivileged
poweroff/reboot, but I'm concerned that it's not possible by default.
Is there a better way, or is it just meant to be done manually?

Thanks!
--Dallin