允许特定用户使用 nopasswd sudo

允许特定用户使用 nopasswd sudo

我正在尝试使用 NOPASSWD 将 scp 设置为特定用户。

alice ALL = (bob:ALL) NOPASSWD: /usr/bin/scp

正如我所理解的这个问题. 但是当我使用 visudo 保存时我仍然无法运行sudo -u bob /usr/bin/scp bob@scp_client:upload_this_file

命令中应包含哪些内容才能允许 alice 以 bob 身份(但不能以 root 身份)无密码执行 scp。

注:我确实看到了,而且我觉得我的 sudoers 文件中的所有内容都是正确的顺序,因为我知道命令的顺序,你可以学习这里

整个 visudo 文件:

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults    env_reset
Defaults    mail_badpass
Defaults    insults
Defaults    secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification
    # Dropped this as it doesn't really matter..

# User alias specification
    # Dropped this as it doesn't really matter..

# Cmnd alias specification
    # Dropped this as it doesn't really matter..

# User privilege specification
root    ALL=(ALL:ALL) ALL

# We have admin groups (Todo: make this smaller)
%admin ALL=(ALL) ALL
%sudo   ALL=(ALL:ALL) ALL

# Include the sudoers.d
#includedir /etc/sudoers.d

# One to rule all of them
alice ALL = (bob:ALL) NOPASSWD: /usr/bin/scp

答案1

看来sudo -u bob -- ssh bob@node
已经sudo成功传递了scp命令。

相关内容