diff -NurpP --minimal linux-2.6.17.7-vs2.1.1-rc27.3/include/linux/vserver/context.h linux-2.6.17.7-vs2.1.1-rc27.4/include/linux/vserver/context.h
--- linux-2.6.17.7-vs2.1.1-rc27.3/include/linux/vserver/context.h	2006-07-09 17:07:13 +0200
+++ linux-2.6.17.7-vs2.1.1-rc27.4/include/linux/vserver/context.h	2006-07-30 03:19:01 +0200
@@ -42,6 +42,7 @@
 
 #define VXF_STATE_SETUP		(1ULL<<32)
 #define VXF_STATE_INIT		(1ULL<<33)
+#define VXF_STATE_ADMIN		(1ULL<<34)
 
 #define VXF_SC_HELPER		(1ULL<<36)
 #define VXF_REBOOT_KILL		(1ULL<<37)
@@ -52,9 +53,9 @@
 
 #define VXF_IGNEG_NICE		(1ULL<<52)
 
-#define VXF_ONE_TIME		(0x0003ULL<<32)
+#define VXF_ONE_TIME		(0x0007ULL<<32)
 
-#define VXF_INIT_SET		(VXF_STATE_SETUP|VXF_STATE_INIT)
+#define VXF_INIT_SET		(VXF_STATE_SETUP|VXF_STATE_INIT|VXF_STATE_ADMIN)
 
 
 /* context migration */
diff -NurpP --minimal linux-2.6.17.7-vs2.1.1-rc27.3/include/linux/vserver/network.h linux-2.6.17.7-vs2.1.1-rc27.4/include/linux/vserver/network.h
--- linux-2.6.17.7-vs2.1.1-rc27.3/include/linux/vserver/network.h	2006-07-30 03:14:46 +0200
+++ linux-2.6.17.7-vs2.1.1-rc27.4/include/linux/vserver/network.h	2006-07-30 03:19:01 +0200
@@ -16,13 +16,14 @@
 #define NXF_INFO_LOCK		0x00000001
 
 #define NXF_STATE_SETUP		(1ULL<<32)
+#define NXF_STATE_ADMIN		(1ULL<<34)
 
 #define NXF_SC_HELPER		(1ULL<<36)
 #define NXF_PERSISTENT		(1ULL<<38)
 
-#define NXF_ONE_TIME		(0x0001ULL<<32)
+#define NXF_ONE_TIME		(0x0005ULL<<32)
 
-#define NXF_INIT_SET		(0)
+#define NXF_INIT_SET		(NXF_STATE_ADMIN)
 
 
 /* address types */
diff -NurpP --minimal linux-2.6.17.7-vs2.1.1-rc27.3/kernel/vserver/signal.c linux-2.6.17.7-vs2.1.1-rc27.4/kernel/vserver/signal.c
--- linux-2.6.17.7-vs2.1.1-rc27.3/kernel/vserver/signal.c	2006-07-10 01:52:23 +0200
+++ linux-2.6.17.7-vs2.1.1-rc27.4/kernel/vserver/signal.c	2006-07-30 03:19:01 +0200
@@ -77,6 +77,10 @@ int vc_ctx_kill(struct vx_info *vxi, voi
 	if (copy_from_user (&vc_data, data, sizeof(vc_data)))
 		return -EFAULT;
 
+	/* special check to allow guest shutdown */
+	if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) && (vc_data.pid != 1))
+		return -EACCES;
+
 	return vx_info_kill(vxi, vc_data.pid, vc_data.sig);
 }
 
diff -NurpP --minimal linux-2.6.17.7-vs2.1.1-rc27.3/kernel/vserver/switch.c linux-2.6.17.7-vs2.1.1-rc27.4/kernel/vserver/switch.c
--- linux-2.6.17.7-vs2.1.1-rc27.3/kernel/vserver/switch.c	2006-07-30 02:54:33 +0200
+++ linux-2.6.17.7-vs2.1.1-rc27.4/kernel/vserver/switch.c	2006-07-30 03:19:49 +0200
@@ -413,17 +413,34 @@ long do_vserver(uint32_t cmd, uint32_t i
 		vxi = lookup_vx_info(id);
 		if (!vxi)
 			goto out;
+
+		if ((flags & VCF_ADMIN) &&
+			/* special case kill for shutdown */
+			(cmd != VCMD_ctx_kill) &&
+			/* can context be administrated? */
+			!vx_info_flags(vxi, VXF_STATE_ADMIN, 0)) {
+			ret = -EACCES;
+			goto out_vxi;
+		}
 	}
 	state = 7;
 	if (args & VCA_NXI) {
 		nxi = lookup_nx_info(id);
 		if (!nxi)
 			goto out_vxi;
+
+		if ((flags & VCF_ADMIN) &&
+			/* can context be administrated? */
+			!nx_info_flags(nxi, NXF_STATE_ADMIN, 0)) {
+			ret = -EACCES;
+			goto out_nxi;
+		}
 	}
 
 	state = 8;
 	ret = do_vcmd(cmd, id, vxi, nxi, data, compat);
 
+out_nxi:
 	if (args & VCA_NXI)
 		put_nx_info(nxi);
 out_vxi: