Disable the reboot action taken place by pressing the “Ctrl+Alt+Del” Keys
Disable the reboot action taken place by pressing the “Ctrl+Alt+Del” Keys
When we use ctrl+alt+del key combination, it immediately reboot the linux machine. Anyone that has physical access of the keyboard or a Remote Console Application or a virtualized console can easily reboot the server with the help of
Ctrl+Alt+Delete keys combination . You should need to prevent the use of this on a production server and will prevent accidental reboots.
systemd starts ctrl-alt-del.target whenever Ctrl+Alt+Del key is pressed. This should be aliased (symlinked) to reboot.target.
Alias means it’s another name for same command, which will work the same way. You find ctrl-alt-del.target file in /usr/lib/systemd/system. You should disable Ctrl+Alt+Del key combinations by executing the below mentioned commands –
# systemctl mask ctrl-alt-del.target
# systemctl daemon-reload
OR
# ln -sf /dev/null /etc/systemd/system/ctrl-alt-del.target
Cross check the result of the above mentioned commands by using these command –
# cd /etc/systemd/system
# ls -ltr
Here you can see symlink of ctrl-alt-del.target pointing to /dev/null
When you mask any service, a symlink is created from /etc/systemd/system to /dev/null, leaving the original unit file elsewhere untouched and when you unmask any service the symlink is deleted.
Unit file of a masked service is a symlink to /dev/null. This makes it “impossible” to load the service, even if that service is required by any other enabled service.
/dev/null is considered as the Black Hole of Linux which discards anything written to it.
Things to remember –
/etc/systemd/system/ – Systemd unit files which are created by “systemctl enable” as well as unit files added for extending a service.
This directory takes precedence over the directory with runtime unit files.
/usr/lib/systemd/system/ – Systemd unit files distributed with installed RPM packages.
/run/systemd/system/ – Systemd unit files created at run time.
This directory takes precedence over the directory with installed service unit files.
Recent Comments