Hauv kev siv hluav taws xob
Yog tias sudoers siv tau, tab sis tsis tshua muaj tshwm sim hauv kev xyaum, cov cai uas tso cai rau kev ua tiav ntawm qee qhov kev hais kom ua raws li UID ntawm txhua tus neeg siv tsis yog hauv paus, tus neeg tawm tsam uas muaj txoj cai los ua cov lus txib no tuaj yeem hla qhov kev txwv tsim thiab ua tiav cov lus txib nrog cov cai hauv paus. Txhawm rau hla qhov kev txwv, tsuas yog sim ua kom tiav cov lus txib teev tseg hauv cov chaw nrog UID "-1" lossis "4294967295", uas yuav ua rau nws ua tiav nrog UID 0.
Piv txwv li, yog tias muaj txoj cai nyob rau hauv qhov chaw uas muab rau ib tus neeg siv txoj cai los ua qhov program / usr / bin / id nyob rau hauv ib qho UID:
myhost ALL = (TAU, !root) /usr/bin/id
lossis ib qho kev xaiv uas tso cai rau kev tua tsuas yog rau ib tus neeg siv tshwj xeeb bob:
myhost bob = (TAG NRHO, !root) /usr/bin/id
Tus neeg siv tuaj yeem ua "sudo -u '#-1' id" thiab / usr / bin / id utility yuav raug tso tawm ua hauv paus, txawm tias muaj kev txwv tsis pub muaj nyob hauv cov chaw. Qhov teeb meem tshwm sim los ntawm kev saib xyuas qhov tshwj xeeb qhov tseem ceeb "-1" lossis "4294967295", uas tsis ua rau muaj kev hloov pauv hauv UID, tab sis txij li sudo nws tus kheej twb tau khiav hauv paus, yam tsis hloov UID, lub hom phiaj hais kom ua kuj yog. launched nrog cov cai hauv paus.
Hauv SUSE thiab openSUSE kev faib tawm, yam tsis tau qhia meej "NOPASSWD" hauv txoj cai, muaj qhov tsis zoo.
myhost ALL = (TAU, !root) NOPASSWD: /usr/bin/id
Qhov teeb meem kho nyob rau hauv kev tso tawm
Tau qhov twg los: opennet.ru