shutdown - bring the system down
/sbin/shutdown [-akrhPHfFnc] [-t sec] time [warning message]
shutdown brings the system down in a secure way. All logged-in users are notified that the system is going down, and login(1) is blocked. It is possible to shut the system down immediately or after a specified delay. All processes are first notified that the system is going down by the signal SIGTERM. This gives programs like vi(1) the time to save the file being edited, mail and news processing programs a chance to exit cleanly, etc. shutdown does its job by signalling the init process, asking it to change the runlevel. Runlevel 0 is used to halt the system, runlevel 6 is used to reboot the system, and runlevel 1 is used to put to system into a state where administrative tasks can be performed; this is the default if neither the -h or -r flag is given to shutdown. To see which actions are taken on halt or reboot see the appropriate entries for these runlevels in the file /etc/inittab.
The time argument can have different formats. First, it can be an absolute time in the format hh:mm, in which hh is the hour (1 or 2 digits) and mm is the minute of the hour (in two digits). Second, it can be in the format +m, in which m is the number of minutes to wait. The word now is an alias for +0.
-a Use /etc/shutdown.allow. -k Dont really shutdown; only send the warning messages to everybody. -r Reboot after shutdown. -h Halt or power off after shutdown. -P Halt action is to turn off the power. -H Modifier to the -h flag. Halt action is to halt or drop into boot monitor on systems that support it. Must be used with the -h flag. -f Skip fsck on reboot. -F Force fsck on reboot. -n [DEPRECATED] Dont call init(8) to do the shutdown but do it ourself. The use of this option is discouraged, and its results are not always what youd expect. -c Cancel a waiting shutdown. ("shutdown now" is no longer waiting.) With this option it is of course not possible to give the time argument, but you can enter explanatory message arguments on the command line that will be sent to all users. -t sec Tell init(8) to wait sec seconds between sending processes the warning and the kill signal, before changing to another runlevel. time When to shutdown. warning message Message to send to all users.
If shutdown is called with a delay, it will create the advisory file /etc/nologin which causes programs such as login(1) to not allow new user logins. This file is created five minutes before the shutdown sequence starts. Shutdown removes this file if it is stopped before it can signal init (i.e. it is cancelled or something goes wrong). It also removes it before calling init to change the runlevel.
The -f flag means reboot fast. This only creates an advisory file /fastboot which can be tested by the system when it comes up again. The boot rc file can test if this file is present, and decide not to run fsck(1) since the system has been shut down in the proper way. After that, the boot process should remove /fastboot.
The -F flag means force fsck. This only creates an advisory file /forcefsck which can be tested by the system when it comes up again. The boot rc file can test if this file is present, and decide to run fsck(1) with a special force flag so that even properly unmounted file systems get checked. After that, the boot process should remove /forcefsck.
The -n flag causes shutdown not to call init, but to kill all running processes itself. shutdown will then turn off quota, accounting, and swapping and unmount all file systems.
shutdown can be called from init(8) when the magic keys CTRL-ALT-DEL are pressed, by creating an appropriate entry in /etc/inittab. This means that everyone who has physical access to the console keyboard can shut the system down. To prevent this, shutdown can check to see if an authorized user is logged in on one of the virtual consoles. If shutdown is called with the -a argument (add this to the invocation of shutdown in /etc/inittab), it checks to see if the file /etc/shutdown.allow is present. It then compares the login names in that file with the list of people that are logged in on a virtual console (from /var/run/utmp). Only if one of those authorized users or root is logged in, it will proceed. Otherwise it will write the message
shutdown: no authorized users logged in
to the (physical) system console. The format of /etc/shutdown.allow is one user name per line. Empty lines and comment lines (prefixed by a #) are allowed. Currently there is a limit of 32 users in this file.
Note that if /etc/shutdown.allow is not present, the -a argument is ignored.
The -H option just sets the init environment variable INIT_HALT to HALT, and the -P option just sets that variable to POWEROFF. The shutdown script that calls halt(8) as the last thing in the shutdown sequence should check these environment variables and call halt(8) with the right options for these options to actually have any effect. Debian 3.1 (sarge) supports this.
/fastboot /etc/inittab /etc/init.d/halt /etc/init.d/reboot /etc/shutdown.allow
A lot of users forget to give the time argument and are then puzzled by the error message shutdown produces. The time argument is mandatory; in 90 percent of all cases this argument will be the word now.
Init can only capture CTRL-ALT-DEL and start shutdown in console mode. If the system is running the X window System, the X server processes all key strokes. Some X11 environments make it possible to capture CTRL-ALT-DEL, but what exactly is done with that event depends on that environment.
Shutdown wasnt designed to be run setuid. /etc/shutdown.allow is not used to find out who is executing shutdown, it ONLY checks who is currently logged in on (one of the) console(s).
Miquel van Smoorenburg, firstname.lastname@example.org
fsck(8), init(8), halt(8), poweroff(8), reboot(8)
|SHUTDOWN (8)||November 12, 2003|