亚洲av成人无遮挡网站在线观看,少妇性bbb搡bbb爽爽爽,亚洲av日韩精品久久久久久,兔费看少妇性l交大片免费,无码少妇一区二区三区

Chinaunix

標(biāo)題: RHEL中sudo的問(wèn)題 [打印本頁(yè)]
作者: Gchaeg    時(shí)間: 2013-05-31 13:19
標(biāo)題: RHEL中sudo的問(wèn)題
    在學(xué)習(xí)Linux系統(tǒng)過(guò)程中(我是依據(jù)鳥哥私房菜)看到默認(rèn)情況下下sudo命令只能對(duì)root用戶有用?墒俏以跊]有修改任何配置文件的情況下普通用戶也可以使用sudo命令的,不知道是什么原因?qū)е碌,還忘群內(nèi)高手給予釋疑,謝謝。
   系統(tǒng)為RHEL 6.2 ,內(nèi)核為:2.6.32-220.el6.i686

/etc/sudoers的默認(rèn)配置文件:

## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the 'visudo' command.

## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhaps using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias     FILESERVERS = fs1, fs2
# Host_Alias     MAILSERVERS = smtp, smtp2

## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem


## Command Aliases
## These are groups of related commands...

## Networking
# Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool

## Installation and management of software
# Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum

## Services
# Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig

## Updating the locate database
# Cmnd_Alias LOCATE = /usr/bin/updatedb

## Storage
# Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount

## Delegating permissions
# Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp

## Processes
# Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall

## Drivers
# Cmnd_Alias DRIVERS = /sbin/modprobe

# Defaults specification

#
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
#         You have to run "ssh -t hostname sudo <cmd>".
#
Defaults    requiretty

#
# Refuse to run if unable to disable echo on the tty. This setting should also be
# changed in order to be able to use sudo without a tty. See requiretty above.
#
Defaults   !visiblepw

#
# Preserving HOME has security implications since many programs
# use it when searching for configuration files.
#
Defaults    always_set_home

Defaults    env_reset
Defaults    env_keep =  "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS"
Defaults    env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults    env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults    env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults    env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"

#
# Adding HOME to env_keep may enable a user to run unrestricted
# commands via sudo.
#
# Defaults   env_keep += "HOME"

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin

## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
##         user        MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root        ALL=(ALL)         ALL

## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
# %wheel        ALL=(ALL)        ALL

## Same thing without a password
# %wheel        ALL=(ALL)        NOPASSWD: ALL

## Allows members of the users group to mount and unmount the
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d

謝謝!
作者: su8610    時(shí)間: 2013-05-31 13:24
只有這一行root        ALL=(ALL)         ALL,沒有其他的了,其他用戶應(yīng)該都用不了sudo,如果執(zhí)行sudo的話,會(huì)提示 user not in sudoer list的。
作者: chenyx    時(shí)間: 2013-05-31 13:31
沒有配置sudo,應(yīng)該是不行的.
樓主將命令運(yùn)行的結(jié)果貼一下
作者: swenzhao    時(shí)間: 2013-05-31 13:35
你執(zhí)行sudo命令時(shí)帶參數(shù)了嗎?
作者: Gchaeg    時(shí)間: 2013-05-31 13:51
謝謝各位的解答,由于我的粗心大意才給大家?guī)?lái)這么多麻煩。
我直接執(zhí)行sudo是會(huì)有提示的(我以為會(huì)不讓執(zhí)行sudo命令)
而后我又輸入了錯(cuò)誤的語(yǔ)法,誤以為普通用戶是可以執(zhí)行sudo的,對(duì)不起,麻煩各位了,謝謝!
以后學(xué)習(xí)看書的時(shí)候我會(huì)仔細(xì)的。
作者: lbseraph    時(shí)間: 2013-05-31 13:52
LZ用普通用戶運(yùn)行什么命令了?如果是非root也能執(zhí)行的命令。。。還是把你普通用戶運(yùn)行sudo的完整輸出貼出來(lái)看眼吧~
作者: wenhq    時(shí)間: 2013-05-31 13:56
樓主你的錯(cuò)誤能帶來(lái)大家更大的疑惑。我看完你的第一個(gè)帖子也再懷疑sudo。那么差勁么?
不過(guò)ubuntu里的sudo是默認(rèn)打開的。
作者: chenyx    時(shí)間: 2013-05-31 13:59
@wenhqubuntu那個(gè)是系統(tǒng)安裝的時(shí)候定義的用戶,默認(rèn)就加到sudo組了,在sudo的配置里面有sudo組的定義,所以默認(rèn)那個(gè)用戶就可以.
你要是再新建一個(gè)用戶的話,sudo就不行了
作者: chenyx    時(shí)間: 2013-05-31 14:01
@Gchaeg你需要關(guān)注命令的輸出,其實(shí)你的那個(gè)命令的錯(cuò)誤輸出已經(jīng)能說(shuō)明很多問(wèn)題了
作者: wenhq    時(shí)間: 2013-05-31 14:02
回復(fù) 8# chenyx


    en.thanks.
作者: Gchaeg    時(shí)間: 2013-05-31 14:04
恩,我以后會(huì)多看錯(cuò)誤提示的,謝謝各位。



歡迎光臨 Chinaunix (http://www.72891.cn/) Powered by Discuz! X3.2