我有一个deploy用户。我试图让它执行一些操作而不使用 sudo,这样我就可以输入密码。
这是我的visudo:
# /etc/sudoers
# This file MUST be edited with the 'visudo' command as root.
# See the man page for details on how to write a sudoers file.
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow members of group sudo to not need a password
# (Note that later entries override this, so you might need to move
# it further down)
# %sudo ALL=NOPASSWD: ALL
%team ALL=(ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# ubuntu user is default user in ec2-images.
# It needs passwordless sudo functionality.
ubuntu ALL=(ALL) NOPASSWD:ALL
Cmnd_Alias DEPLOY= /home/deploy/.rbenv/shims/foreman, /sbin/start, /sbin/stop, /sbin/restart, /bin/mv
deploy ALL=(ALL) NOPASSWD:DEPLOY
以下是deploy所属位置:
ec2 ~: groups deploy
deploy : deploy team
我尝试mv移动一些文件,/etc但没有成功。
我在使用 Ubuntu 10.04 LTS 64 位。
谢谢!
答案1
mv xxx /等
即使您在/etc/sudoers文件中指定了所执行的操作,您仍然需要在 mv 命令中运行 sudo。
但你应该要做的是允许 deploy 运行执行 mv 操作的特定脚本,但不允许任意 mv 命令。