我刚刚使用安装了一些软件apt-get
,其所有者和组是“logger”。既然我使用安装了软件sudo
,为什么所有者和组不是“root”?我很确定大约一年前,我pi
用新名称重命名了 user logger
。这可能是造成这种情况的原因吗?如果是的话,为什么?
michael@rp3:~ $ ls -l /usr | grep local
drwxrwsr-x 12 root staff 4096 Dec 23 16:49 local
michael@rp3:~ $ ls -l /usr/local
total 32
drwxrwsr-x 2 root staff 4096 Dec 23 16:47 bin
drwxrwsr-x 2 root staff 4096 Apr 10 2017 etc
drwxrwsr-x 2 root staff 4096 Apr 10 2017 games
drwxrwsr-x 2 root staff 4096 Apr 10 2017 include
drwxrwsr-x 4 root staff 4096 Jun 4 2017 lib
lrwxrwxrwx 1 root staff 9 Apr 10 2017 man -> share/man
drwxrwsr-x 2 root staff 4096 Apr 10 2017 sbin
drwxrwsr-x 7 root staff 4096 Dec 23 15:20 share
drwxrwsr-x 2 root staff 4096 Apr 10 2017 src
michael@rp3:~ $ sudo apt-get install test-client
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
test-utils
The following NEW packages will be installed:
test-client test-utils
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/1,575 kB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] y
WARNING: The following packages cannot be authenticated!
test-utils test-client
Install these packages without verification? [y/N] y
Selecting previously unselected package test-utils.
(Reading database ... 41030 files and directories currently installed.)
Preparing to unpack .../test-utils_0.1.1-jessie_armhf.deb ...
Unpacking test-utils (0.1.1-jessie) ...
Selecting previously unselected package test-client.
Preparing to unpack .../test-client_0.1.2-jessie_armhf.deb ...
Unpacking test-client (0.1.2-jessie) ...
Setting up test-utils (0.1.1-jessie) ...
Setting up test-client (0.1.2-jessie) ...
michael@rp3:~ $ ls -l /usr/local
total 40
drwxrwxr-x 6 logger logger 4096 Dec 23 16:49 test-client
drwxrwxr-x 3 logger logger 4096 Dec 23 16:49 test-utils
drwxrwsr-x 2 root staff 4096 Dec 23 16:49 bin
drwxrwsr-x 2 root staff 4096 Apr 10 2017 etc
drwxrwsr-x 2 root staff 4096 Apr 10 2017 games
drwxrwsr-x 2 root staff 4096 Apr 10 2017 include
drwxrwsr-x 4 root staff 4096 Jun 4 2017 lib
lrwxrwxrwx 1 root staff 9 Apr 10 2017 man -> share/man
drwxrwsr-x 2 root staff 4096 Apr 10 2017 sbin
drwxrwsr-x 7 root staff 4096 Dec 23 15:20 share
drwxrwsr-x 2 root staff 4096 Apr 10 2017 src
michael@rp3:~ $ cat /etc/passwd | grep 'apt\|logger\|root\|michael'
root:x:0:0:root:/root:/bin/bash
michael:x:1001:1001:,,,:/home/michael:/bin/bash
_apt:x:109:65534::/nonexistent:/bin/false
logger:x:1000:1000:,,,:/home/logger:/bin/bash
michael@rp3:~ $ cat /etc/group | grep 'apt\|logger\|root\|michael'
root:x:0:
michael:x:1001:
wireshark:x:114:michael
logger:x:1000:
michael@rp3:~ $ sudo cat /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
michael ALL=(ALL:ALL) ALL
anton ALL=(ALL:ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
michael@rp3:~ $ ls -l /etc/sudoers.d
total 8
-r--r----- 1 root root 27 Oct 18 2016 010_pi-nopasswd
-r--r----- 1 root root 958 Jan 11 2016 README
michael@rp3:~ $ sudo cat /etc/sudoers.d/*
pi ALL=(ALL) NOPASSWD: ALL
#
# As of Debian version 1.7.2p1-1, the default /etc/sudoers file created on
# installation of the package now includes the directive:
#
# #includedir /etc/sudoers.d
#
# This will cause sudo to read and parse any files in the /etc/sudoers.d
# directory that do not end in '~' or contain a '.' character.
#
# Note that there must be at least one file in the sudoers.d directory (this
# one will do), and all files in this directory should be mode 0440.
#
# Note also, that because sudoers contents can vary widely, no attempt is
# made to add this directive to existing sudoers files on upgrade. Feel free
# to add the above directive to the end of your /etc/sudoers file to enable
# this functionality for existing installations if you wish!
#
# Finally, please note that using the visudo command is the recommended way
# to update sudoers content, since it protects against many failure modes.
# See the man page for visudo for more information.
#
michael@rp3:~ $
答案1
Debian 软件包可以在其 postinst 脚本中设置文件权限和所有权。
答案2
apt-get
,或者更确切地说dpkg
,使用记录为拥有包中各种文件的任何用户来安装包内容。这通常是root:root
,但可以是任何东西;您通常会root:games
在游戏包、root:www-data
网络服务器相关包中的某些目录等中看到。(所有权和权限也可以由维护者脚本设置,但这通常不是必需的。)
如果在 Raspberry Pi 风格的系统上手动创建一个包,而没有过多关注所有权(并且不使用fakeroot
),则完全有可能得到一个包含由pi:pi
数字标识的文件的包。在您的系统上,这些最终将属于logger:logger
.
您可以使用 来查看包中包含的所有权信息dpkg-deb -c
。